plutonium 0.43.1 → 0.44.0

data/lib/generators/pu/saas/welcome/templates/app/controllers/authenticated_controller.rb.tt

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class AuthenticatedController < ApplicationController
+<% if rodauth? -%>
+  include Plutonium::Auth::Rodauth(:<%= rodauth_config %>)
+
+  before_action { rodauth.require_authentication }
+<% else -%>
+  before_action :require_authenticated
+
+  private
+
+  def require_authenticated
+    # TODO: Implement based on your authentication system
+    redirect_to "/login" unless current_user
+  end
+<% end -%>
+end

data/lib/generators/pu/saas/welcome/templates/app/controllers/welcome_controller.rb.tt

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+class WelcomeController < AuthenticatedController
+  layout "welcome"
+
+  def index
+    entities = current_user.<%= entity_table.pluralize %>.to_a
+    if entities.none?
+      @<%= entity_table %> = <%= entity_model %>.new
+<% if profile? -%>
+      @profile = current_user.profile || current_user.build_profile
+<% end -%>
+      render :onboarding
+    elsif entities.one?
+      redirect_to portal_root_path(entities.first)
+    else
+      @entities = entities
+      render :select_entity
+    end
+  end
+
+  def new_entity
+    @<%= entity_table %> = <%= entity_model %>.new
+<% if profile? -%>
+    @profile = current_user.profile || current_user.build_profile
+<% end -%>
+    render :onboarding
+  end
+
+  def onboard
+    @<%= entity_table %> = <%= entity_model %>.new(<%= entity_table %>_params)
+<% if profile? -%>
+    @profile = current_user.profile || current_user.build_profile
+    @profile.assign_attributes(profile_params)
+
+    if @<%= entity_table %>.valid? && @profile.valid?
+<% else -%>
+    if @<%= entity_table %>.valid?
+<% end -%>
+      ActiveRecord::Base.transaction do
+        @<%= entity_table %>.save!
+        <%= membership_model %>.create!(<%= entity_table %>: @<%= entity_table %>, <%= user_table %>: current_user, role: :owner)
+<% if profile? -%>
+        @profile.save!
+<% end -%>
+      end
+      redirect_to portal_root_path(@<%= entity_table %>), notice: "Welcome! Your workspace is ready."
+    else
+      render :onboarding, status: :unprocessable_entity
+    end
+  end
+
+  private
+
+  def <%= entity_table %>_params
+    params.require(:<%= entity_table %>).permit(:name)
+  end
+<% if profile? -%>
+
+  def profile_params
+    params.require(:profile).permit(:name)
+  end
+<% end -%>
+
+  def portal_root_path(<%= entity_table %>)
+    <%= portal_engine %>::Engine.routes.url_helpers.<%= entity_table %>_root_path(<%= entity_table %>: <%= entity_table %>)
+  end
+  helper_method :portal_root_path
+end

data/lib/generators/pu/saas/welcome/templates/app/views/layouts/welcome.html.erb.tt

@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Welcome</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <meta name="csrf-param" content="authenticity_token" />
+  <meta name="csrf-token" content="<%%= form_authenticity_token %>" />
+  <%%= stylesheet_link_tag "application", "data-turbo-track": "reload" %>
+  <%%= javascript_importmap_tags %>
+</head>
+<body class="antialiased min-h-screen bg-[var(--pu-body)]">
+  <main class="p-4 min-h-screen flex flex-col items-center justify-center gap-2 px-6 py-8 mx-auto lg:py-0">
+    <%% if flash.any? %>
+      <%% flash.each do |type, message| %>
+        <div class="fixed z-50 top-16 inset-x-0 mx-auto flex items-center w-full max-w-md p-4 rounded-[var(--pu-radius-lg)]"
+             style="box-shadow: var(--pu-shadow-md); background: <%%= type == 'alert' ? 'var(--color-danger-50)' : 'var(--color-success-50)' %>; color: <%%= type == 'alert' ? 'var(--color-danger-600)' : 'var(--color-success-600)' %>"
+             role="alert">
+          <div class="ms-3 text-sm font-normal"><%%= message %></div>
+        </div>
+      <%% end %>
+    <%% end %>
+
+    <!-- Main content card -->
+    <div class="w-full sm:max-w-md bg-[var(--pu-card-bg)] border border-[var(--pu-card-border)] rounded-[var(--pu-radius-lg)]"
+         style="box-shadow: var(--pu-shadow-lg)">
+      <div class="p-6 space-y-4 md:space-y-6 sm:p-8">
+        <%%= yield %>
+      </div>
+    </div>
+  </main>
+</body>
+</html>

data/lib/generators/pu/saas/welcome/templates/app/views/welcome/onboarding.html.erb.tt

@@ -0,0 +1,51 @@
+<h1 class="text-lg font-bold leading-tight tracking-tight text-[var(--pu-text)] md:text-xl text-center">
+  Welcome! Let's get you set up.
+</h1>
+
+<%%= form_with(url: welcome_onboard_path, method: :post, class: "space-y-4 md:space-y-6") do |f| %>
+<% if profile? -%>
+  <%% if @<%= entity_table %>.errors.any? || @profile.errors.any? %>
+<% else -%>
+  <%% if @<%= entity_table %>.errors.any? %>
+<% end -%>
+    <div class="p-4 rounded-[var(--pu-radius-lg)] bg-[color:var(--color-danger-50)] text-[color:var(--color-danger-600)]">
+      <ul class="list-disc list-inside text-sm">
+        <%% @<%= entity_table %>.errors.full_messages.each do |message| %>
+          <li><%%= message %></li>
+        <%% end %>
+<% if profile? -%>
+        <%% @profile.errors.full_messages.each do |message| %>
+          <li><%%= message %></li>
+        <%% end %>
+<% end -%>
+      </ul>
+    </div>
+  <%% end %>
+<% if profile? -%>
+
+  <%%= f.fields_for :profile, @profile do |pf| %>
+    <div>
+      <%%= pf.label :name, "Your Name", class: "block mb-2 text-sm font-medium text-[var(--pu-text)]" %>
+      <%%= pf.text_field :name,
+          class: "pu-input w-full",
+          placeholder: "e.g. Jane Smith",
+          autofocus: true %>
+    </div>
+  <%% end %>
+<% end -%>
+
+  <%%= f.fields_for :<%= entity_table %>, @<%= entity_table %> do |ef| %>
+    <div>
+      <%%= ef.label :name, "Workspace Name", class: "block mb-2 text-sm font-medium text-[var(--pu-text)]" %>
+      <%%= ef.text_field :name,
+          class: "pu-input w-full",
+          placeholder: "e.g. Acme Corp",
+<% unless profile? -%>
+          autofocus: true,
+<% end -%>
+          required: true %>
+    </div>
+  <%% end %>
+
+  <%%= f.submit "Get Started", class: "w-full pu-btn pu-btn-md pu-btn-primary" %>
+<%% end %>

data/lib/generators/pu/saas/welcome/templates/app/views/welcome/select_entity.html.erb.tt

@@ -0,0 +1,22 @@
+<h1 class="text-lg font-bold leading-tight tracking-tight text-[var(--pu-text)] md:text-xl text-center">
+  Select a Workspace
+</h1>
+
+<div class="space-y-2">
+  <%% @entities.each do |<%= entity_table %>| %>
+    <a href="<%%= portal_root_path(<%= entity_table %>) %>"
+       class="flex items-center gap-3 w-full p-4 text-left bg-[var(--pu-surface-alt)] border border-[var(--pu-border)] rounded-[var(--pu-radius-lg)] hover:border-[var(--color-primary-500)] hover:bg-[var(--pu-surface)] transition-colors">
+      <div class="flex-1">
+        <p class="font-medium text-[var(--pu-text)]"><%%= <%= entity_table %>.name %></p>
+      </div>
+      <%%= render Phlex::TablerIcons::ChevronRight.new(class: "w-5 h-5 text-[var(--pu-text-muted)]") %>
+    </a>
+  <%% end %>
+</div>
+
+<div class="pt-2">
+  <a href="<%%= welcome_onboard_path %>"
+     class="w-full block pu-btn pu-btn-md pu-btn-outline text-center">
+    Create New Workspace
+  </a>
+</div>

data/lib/generators/pu/saas/welcome_generator.rb

@@ -0,0 +1,197 @@
+# frozen_string_literal: true
+
+require "rails/generators/base"
+require_relative "../lib/plutonium_generators"
+
+module Pu
+  module Saas
+    class WelcomeGenerator < ::Rails::Generators::Base
+      include PlutoniumGenerators::Generator
+      include PlutoniumGenerators::Concerns::RodauthRedirects
+
+      source_root File.expand_path("welcome/templates", __dir__)
+
+      desc "Generate a post-login welcome flow with onboarding and entity selection"
+
+      class_option :user_model, type: :string, required: true,
+        desc: "The user model name (e.g., User)"
+
+      class_option :entity_model, type: :string, required: true,
+        desc: "The entity model name (e.g., Organization)"
+
+      class_option :portal, type: :string, required: true,
+        desc: "The portal engine name (e.g., CustomerPortal)"
+
+      class_option :membership_model, type: :string,
+        desc: "The membership model name (defaults to <Entity><User>)"
+
+      class_option :rodauth, type: :string, default: "user",
+        desc: "Rodauth configuration name"
+
+      class_option :profile, type: :boolean, default: false,
+        desc: "Include profile setup in onboarding"
+
+      def start
+        validate_requirements
+        create_authenticated_controller
+        create_welcome_controller
+        create_views
+        add_routes
+        configure_rodauth
+        show_instructions
+      rescue => e
+        exception "#{self.class} failed:", e
+      end
+
+      private
+
+      def validate_requirements
+        errors = []
+
+        unless File.exist?(user_model_path)
+          errors << "User model not found: #{user_model_path.relative_path_from(Rails.root)}"
+        end
+
+        unless File.exist?(entity_model_path)
+          errors << "Entity model not found: #{entity_model_path.relative_path_from(Rails.root)}"
+        end
+
+        if File.exist?(user_model_path)
+          user_content = File.read(user_model_path)
+          unless user_content.include?("has_many :#{entity_table.pluralize}")
+            errors << "User model missing 'has_many :#{entity_table.pluralize}' — run the membership generator first"
+          end
+        end
+
+        if errors.any?
+          errors.each { |e| say_status :error, e, :red }
+          raise Thor::Error, "Required files missing:\n  - #{errors.join("\n  - ")}"
+        end
+      end
+
+      def create_authenticated_controller
+        template "app/controllers/authenticated_controller.rb",
+          "app/controllers/authenticated_controller.rb"
+      end
+
+      def create_welcome_controller
+        template "app/controllers/welcome_controller.rb",
+          "app/controllers/welcome_controller.rb"
+      end
+
+      def create_views
+        template "app/views/layouts/welcome.html.erb",
+          "app/views/layouts/welcome.html.erb"
+
+        template "app/views/welcome/select_entity.html.erb",
+          "app/views/welcome/select_entity.html.erb"
+
+        template "app/views/welcome/onboarding.html.erb",
+          "app/views/welcome/onboarding.html.erb"
+      end
+
+      def add_routes
+        routes_file = "config/routes.rb"
+        routes_content = File.read(Rails.root.join(routes_file))
+
+        if routes_content.include?("# Welcome & onboarding")
+          say_status :skip, "Welcome routes already present", :yellow
+          return
+        end
+
+        route_code = <<-RUBY
+
+  # Welcome & onboarding
+  get "welcome", to: "welcome#index"
+  get "welcome/onboard", to: "welcome#new_entity", as: :welcome_onboard
+  post "welcome/onboard", to: "welcome#onboard"
+        RUBY
+
+        # Remove the standalone invites welcome route if it exists,
+        # since the main WelcomeController now handles /welcome
+        if routes_content.include?('get "welcome", to: "invites/welcome#index"')
+          gsub_file routes_file,
+            /\n\s*# Welcome route \(handled by invites.*\n\s*get "welcome", to: "invites\/welcome#index"\n/,
+            "\n"
+        end
+
+        inject_into_file routes_file,
+          route_code,
+          before: /^end\s*\z/
+      end
+
+      def configure_rodauth
+        return unless rodauth?
+
+        update_rodauth_redirects("app/rodauth/#{rodauth_config}_rodauth_plugin.rb")
+      end
+
+      def show_instructions
+        say "\n"
+        say "=" * 79
+        say "\n"
+        say "Welcome flow installed successfully!"
+        say "\n"
+        say "Next steps:"
+        say "\n"
+        say "1. Run migrations (if you haven't already):"
+        say "   rails db:migrate"
+        say "\n"
+        say "2. Customize the onboarding view to match your app:"
+        say "   app/views/welcome/onboarding.html.erb"
+        say "\n"
+        if profile?
+          say "3. Ensure your User model has a `profile` association:"
+          say "   has_one :profile"
+          say "\n"
+        end
+        say "=" * 79
+        say "\n"
+      end
+
+      def user_model
+        options[:user_model].camelize
+      end
+
+      def user_table
+        options[:user_model].underscore
+      end
+
+      def entity_model
+        options[:entity_model].camelize
+      end
+
+      def entity_table
+        options[:entity_model].underscore
+      end
+
+      def portal_engine
+        options[:portal].camelize
+      end
+
+      def membership_model
+        options[:membership_model] || "#{entity_model}#{user_model}"
+      end
+
+      def rodauth_config
+        options[:rodauth]
+      end
+
+      def rodauth?
+        rodauth_config.present?
+      end
+
+      def profile?
+        options[:profile]
+      end
+
+      def entity_model_path
+        Rails.root.join("app/models/#{entity_table}.rb")
+      end
+
+      def user_model_path
+        Rails.root.join("app/models/#{user_table}.rb")
+      end
+    end
+  end
+end

data/lib/plutonium/auth/sequel_adapter.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require "sequel/core"
-
 module Plutonium
   module Auth
     # Provides runtime detection of the database adapter for Sequel configuration.
@@ -26,6 +24,7 @@ module Plutonium
         # @return [Sequel::Database] configured Sequel database connection
         # @raise [RuntimeError] if the Sequel adapter initialization fails
         def db
+          require "sequel/core"
           adapter = sequel_adapter
           begin
             if RUBY_ENGINE == "jruby"

data/lib/plutonium/core/controller.rb

@@ -145,7 +145,10 @@ module Plutonium
         end
 
         # Build the named helper: e.g., "blogging_post_nested_post_metadata_path"
-        parent_singular = parent.model_name.singular
+        # For plural parent resources (resources :posts), nested routes use the singular member name (post_nested_...)
+        # For singular parent resources (resource :entities), nested routes use the route name as-is (entities_nested_...)
+        parent_is_singular_route = current_engine.routes.singular_resource_route?(parent.model_name.plural)
+        parent_prefix = parent_is_singular_route ? parent.model_name.plural : parent.model_name.singular
         nested_resource_name = "#{prefix}#{association_name}"
 
         # Determine if this is a collection action (no specific record)
@@ -158,12 +161,10 @@ module Plutonium
         #   - :new action uses singular (new_blogging_post_nested_comment)
         #   - member actions (show/edit/update/destroy) use singular (blogging_post_nested_comment)
         is_collection_action = action == :index || action == :create || (no_record && action != :new)
-        helper_base = if is_singular
-          "#{parent_singular}_#{nested_resource_name}"
-        elsif is_collection_action
-          "#{parent_singular}_#{nested_resource_name}"
+        helper_base = if is_singular || is_collection_action
+          "#{parent_prefix}_#{nested_resource_name}"
         else
-          "#{parent_singular}_#{nested_resource_name.to_s.singularize}"
+          "#{parent_prefix}_#{nested_resource_name.to_s.singularize}"
         end
 
         # Only add helper prefix for actions that have named route helpers (new, edit)
@@ -173,10 +174,19 @@ module Plutonium
         else "#{action}_"
         end
 
-        helper_name = :"#{helper_suffix}#{helper_base}_path"
+        # Add entity scope prefix for path-based entity scoping
+        entity_prefix = if scoped_to_entity? && scoped_entity_strategy == :path
+          "#{scoped_entity_param_key}_"
+        end
+
+        helper_name = :"#{helper_suffix}#{entity_prefix}#{helper_base}_path"
 
         # Build the arguments for the helper
-        helper_args = [parent.to_param]
+        helper_args = []
+        # Add entity scope param for path-based entity scoping
+        helper_args << current_scoped_entity.to_param if entity_prefix
+        # Singular parent resources (resource :entity) have no :id param in the route
+        helper_args << parent.to_param unless parent_is_singular_route
         # Include element ID for plural routes (has_many) when we have a record instance
         # Skip ID for collection actions (:index, :create) which don't need a member ID
         unless is_singular || no_record || is_collection_action

data/lib/plutonium/core/controllers/association_resolver.rb

@@ -61,21 +61,34 @@ module Plutonium
         #
         # For Blogging::Comment, returns [:blogging_comments, :comments]
         # For Comment, returns [:comments]
+        # For Blogging::PostDetail, returns [:blogging_post_details, :post_details, :blogging_post_detail, :post_detail]
+        #
+        # Tries both plural (has_many) and singular (has_one) forms.
         #
         # @param klass [Class] The target class
         # @return [Array<Symbol>] Candidate association names in priority order
         def association_candidates_for(klass)
           candidates = []
 
-          # Full namespaced name: Blogging::Comment => :blogging_comments
-          full_name = klass.model_name.plural.to_sym
-          candidates << full_name
+          # Full namespaced name (plural): Blogging::Comment => :blogging_comments
+          full_plural = klass.model_name.plural.to_sym
+          candidates << full_plural
 
-          # Demodulized name: Blogging::Comment => :comments
+          # Demodulized name (plural): Blogging::Comment => :comments
           demodulized = klass.name.demodulize
           if demodulized != klass.name
-            short_name = demodulized.underscore.pluralize.to_sym
-            candidates << short_name unless candidates.include?(short_name)
+            short_plural = demodulized.underscore.pluralize.to_sym
+            candidates << short_plural unless candidates.include?(short_plural)
+          end
+
+          # Full namespaced name (singular): Blogging::PostDetail => :blogging_post_detail
+          full_singular = klass.model_name.singular.to_sym
+          candidates << full_singular unless candidates.include?(full_singular)
+
+          # Demodulized name (singular): Blogging::PostDetail => :post_detail
+          if demodulized != klass.name
+            short_singular = demodulized.underscore.to_sym
+            candidates << short_singular unless candidates.include?(short_singular)
           end
 
           candidates

data/lib/plutonium/core/controllers/authorizable.rb

@@ -24,11 +24,22 @@ module Plutonium
           end
 
           options[:with] ||= ::ActionPolicy.lookup(resource, namespace: authorization_namespace)
+          options[:context] = (options[:context] || {}).deep_merge(current_policy_context)
           relation ||= resource.all
 
           authorized_scope(relation, **options)
         end
 
+        # Returns the base policy context available to all controllers.
+        # Resource controllers extend this with parent/association context.
+        #
+        # @return [Hash] context containing entity_scope
+        def current_policy_context
+          {
+            entity_scope: entity_scope_for_authorize
+          }
+        end
+
         def entity_scope_for_authorize
           # Use the instance variable directly to avoid circular dependency.
           # When authorizing the scoped entity itself (in fetch_current_scoped_entity),

data/lib/plutonium/invites/concerns/cancel_invite.rb

@@ -17,7 +17,9 @@ module Plutonium
         extend ActiveSupport::Concern
 
         included do
-          presents label: "Cancel Invitation", icon: "outline/x-circle"
+          presents label: "Cancel Invitation", icon: Phlex::TablerIcons::CircleX
+
+          attribute :resource
         end
 
         def execute

data/lib/plutonium/invites/concerns/invite_token.rb

@@ -151,14 +151,6 @@ module Plutonium
           raise NotImplementedError, "#{self.class}#create_membership_for must be implemented to create the membership record"
         end
 
-        # Alias method for the entity association.
-        # Override if your entity association has a different name.
-        #
-        # @return [Object] the entity record
-        def entity
-          raise NotImplementedError, "#{self.class}#entity must be implemented or an entity association must exist"
-        end
-
         private
 
         def extract_domain(email)

data/lib/plutonium/invites/concerns/invite_user.rb

@@ -57,7 +57,7 @@ module Plutonium
         # Override to specify the invite model class
         # @return [Class]
         def invite_class
-          Invites::UserInvite
+          ::Invites::UserInvite
         end
 
         # Override to specify the membership model class

data/lib/plutonium/resource/controller.rb

@@ -7,7 +7,7 @@ module Plutonium
     # Controller module to handle resource actions and concerns
     module Controller
       extend ActiveSupport::Concern
-      include Pagy::Backend
+      include Pagy::Method
       include Plutonium::Core::Controller
       include Plutonium::Resource::Controllers::Defineable
       include Plutonium::Resource::Controllers::Authorizable
@@ -17,8 +17,7 @@ module Plutonium
       include Plutonium::Resource::Controllers::InteractiveActions
 
       included do
-        # https://github.com/ddnexus/pagy/blob/master/docs/extras/headers.md#headers
-        after_action { pagy_headers_merge(@pagy) if @pagy }
+        after_action { response.headers.merge!(@pagy.headers_hash) if @pagy }
 
         helper_method :current_parent, :current_nested_association, :resource_record!, :resource_record?, :resource_param_key, :resource_class
 

data/lib/plutonium/resource/controllers/authorizable.rb

@@ -109,15 +109,14 @@ module Plutonium
         end
 
         # Returns the policy context for the current resource
-        # Separates parent scoping (nested routes) from entity scoping (multi-tenancy)
+        # Extends the base context with parent scoping from nested routes
         #
         # @return [Hash] context containing parent, parent_association, and entity_scope
         def current_policy_context
-          {
+          super.merge(
             parent: current_parent,
-            parent_association: current_nested_association,
-            entity_scope: entity_scope_for_authorize
-          }
+            parent_association: current_nested_association
+          )
         end
 
         # Authorizes the current action for the given record of the current resource

data/lib/plutonium/resource/controllers/crud_actions/index_action.rb

@@ -8,7 +8,7 @@ module Plutonium
           private
 
           def setup_index_action!
-            @pagy, @resource_records = pagy filtered_resource_collection
+            @pagy, @resource_records = pagy(:offset, filtered_resource_collection)
           end
 
           def filtered_resource_collection

data/lib/plutonium/resource/controllers/presentable.rb

@@ -59,6 +59,8 @@ module Plutonium
           return @scoped_entity_association if defined?(@scoped_entity_association)
 
           matching_assocs = resource_class.reflect_on_all_associations(:belongs_to).select do |assoc|
+            next false if assoc.polymorphic?
+
             assoc.klass.name == scoped_entity_class.name
           rescue NameError
             false

data/lib/plutonium/ui/table/components/pagy_info.rb

@@ -5,8 +5,6 @@ module Plutonium
     module Table
       module Components
         class PagyInfo < Plutonium::UI::Component::Base
-          include Pagy::Frontend
-
           def initialize(pagy, per_page_options: [5, 10, 20, 50, 100])
             @pagy = pagy
             @per_page_options = (per_page_options + [@pagy.limit]).uniq.sort
@@ -57,11 +55,7 @@ module Plutonium
           end
 
           def page_url(limit)
-            original_limit = @pagy.vars[:limit]
-            @pagy.vars[:limit] = limit
-            pagy_url_for(@pagy, @pagy.page)
-          ensure
-            @pagy.vars[:limit] = original_limit
+            @pagy.page_url(@pagy.page, limit: limit, client_max_limit: limit)
           end
         end
       end