plutonium 0.45.3 → 0.47.0

data/lib/generators/pu/gem/active_shrine/active_shrine_generator.rb

@@ -23,9 +23,65 @@ module Pu
 
         generate "active_shrine:install"
         template "config/initializers/shrine.rb", force: true
+
+        disable_active_storage_railtie
+        include_active_shrine_model_in_application_record
       rescue => e
         exception "#{self.class} failed:", e
       end
+
+      private
+
+      # Active Storage and active_shrine both define `has_one_attached`. Active
+      # Storage is loaded by `require "rails/all"`, so it wins by default and
+      # `has_one_attached :foo` quietly creates Active Storage attachments
+      # (which fail at runtime because the table doesn't exist). Replace
+      # `rails/all` with explicit framework requires that exclude
+      # active_storage/engine.
+      def disable_active_storage_railtie
+        return unless File.exist?("config/application.rb")
+        unless File.read("config/application.rb").include?(%(require "rails/all"))
+          say_status :warn,
+            "config/application.rb does not use `require \"rails/all\"`; skipping Active Storage railtie removal. " \
+            "Ensure active_storage/engine is NOT required, or `has_one_attached` will resolve to Active Storage instead of active_shrine.",
+            :yellow
+          return
+        end
+
+        gsub_file "config/application.rb",
+          /^require "rails\/all"$/,
+          <<~RUBY.strip
+            require "rails"
+            # Active Storage is intentionally excluded — file uploads use active_shrine.
+            %w[
+              active_record/railtie
+              active_model/railtie
+              active_job/railtie
+              action_controller/railtie
+              action_view/railtie
+              action_mailer/railtie
+              action_cable/engine
+              rails/test_unit/railtie
+            ].each { |railtie| require railtie }
+          RUBY
+
+        # Strip per-environment active_storage.service config since the railtie
+        # is gone.
+        Dir.glob("config/environments/*.rb").each do |env_file|
+          gsub_file env_file,
+            /^\s*config\.active_storage\.service\s*=.*\n/,
+            ""
+        end
+      end
+
+      # Include ActiveShrine::Model on ApplicationRecord so the gem's
+      # `has_one_attached` / `has_many_attached` macros are available everywhere.
+      def include_active_shrine_model_in_application_record
+        return unless File.exist?("app/models/application_record.rb")
+        return if File.read("app/models/application_record.rb").include?("ActiveShrine::Model")
+
+        inject_into_class "app/models/application_record.rb", "ApplicationRecord", "  include ActiveShrine::Model\n"
+      end
     end
   end
 end

data/lib/generators/pu/invites/install_generator.rb

@@ -186,7 +186,7 @@ module Pu
   def current_membership
     return unless entity_scope && user
 
-    @current_membership ||= #{membership_model}.find_by(#{entity_association_name}: entity_scope, user: user)
+    @current_membership ||= #{membership_model}.find_by(#{entity_association_name}: entity_scope, #{user_association_name}: user)
   end
         RUBY
 
@@ -382,6 +382,13 @@ module Pu
         PlutoniumGenerators::Generator.derive_association_name(membership_model, entity_model)
       end
 
+      # Returns the association name for user on the membership model.
+      # Same logic as entity_association_name but for the user side.
+      # e.g., RestaurantStaffUser -> StaffUser uses :staff_user (not :user)
+      def user_association_name
+        PlutoniumGenerators::Generator.derive_association_name(membership_model, user_model)
+      end
+
       def entity_in_package?
         options[:dest] != "main_app"
       end

data/lib/generators/pu/lib/plutonium_generators/concerns/actions.rb

@@ -472,6 +472,49 @@ module PlutoniumGenerators
         end
       end
 
+      #
+      # Injects helper methods into a Plutonium Concerns::Controller file,
+      # merging with any existing `included do` and `private` sections.
+      #
+      # ActiveSupport::Concern only permits ONE `included do` block per concern,
+      # so we cannot naively append a new block when multiple generators need to
+      # register helper_methods in the same file.
+      #
+      # @param file [String] path to the concerns/controller.rb file
+      # @param helper_methods [Array<Symbol>] names to expose via `helper_method`
+      # @param methods [String] method definitions (already indented to 6 spaces)
+      #
+      def inject_into_concerns_controller(file, helper_methods:, methods:)
+        helper_list = Array(helper_methods).map { |m| ":#{m}" }.join(", ")
+
+        in_root do
+          # 1. helper_method declaration: merge into existing `included do` block,
+          #    otherwise create a new block right after the `# add concerns above.` marker.
+          content = File.read(file)
+          if (match = content.match(/^(?<indent>[ \t]*)included do\n/))
+            indent = match[:indent]
+            inject_into_file file,
+              "#{indent}  helper_method #{helper_list}\n",
+              after: /^[ \t]*included do\n/
+          else
+            block = "\n      included do\n        helper_method #{helper_list}\n      end\n"
+            inject_into_file file, block, after: /# add concerns above\.\n/
+          end
+
+          # 2. Method definitions: append into the existing `private` section if any,
+          #    otherwise create one just before the closing `    end`s of the concern.
+          content = File.read(file)
+          trimmed_methods = methods.sub(/\A\n+/, "").chomp
+          if content.match?(/^[ \t]*private\n/)
+            inject_into_file file, "\n#{trimmed_methods}\n", after: /^[ \t]*private\n/
+          else
+            inject_into_file file,
+              "\n      private\n\n#{trimmed_methods}\n",
+              before: /^    end\n  end\nend\s*\z/
+          end
+        end
+      end
+
       def file_includes?(path, check)
         destination = File.expand_path(path, destination_root)
         return false unless File.exist?(destination)

data/lib/generators/pu/profile/concerns/profile_arguments.rb

@@ -7,15 +7,21 @@ module Pu
         extend ActiveSupport::Concern
 
         included do
-          argument :name, type: :string, default: "Profile", required: false, banner: "NAME"
+          argument :name, type: :string, required: false, banner: "NAME"
           argument :attributes, type: :array, default: [], banner: "field[:type] field[:type]"
         end
 
-        # Normalize arguments: if name contains ":", treat it as an attribute
+        # Normalize arguments: if name is omitted, default to "{UserModel}Profile";
+        # if name looks like an attribute (contains ":"), treat it as an attribute
+        # and still default the profile name to "{UserModel}Profile".
         def normalize_arguments
-          if name.include?(":")
+          default_name = "#{options[:user_model] || "User"}Profile"
+          if name.nil?
+            @profile_name = default_name
+            @profile_attributes = attributes
+          elsif name.include?(":")
             @profile_attributes = [name, *attributes]
-            @profile_name = "Profile"
+            @profile_name = default_name
           else
             @profile_name = name
             @profile_attributes = attributes

data/lib/generators/pu/profile/conn_generator.rb

@@ -10,7 +10,7 @@ module Pu
 
       desc "Connect a Profile resource to a portal and configure the profile_url helper"
 
-      argument :name, type: :string, default: "Profile", required: false, banner: "RESOURCE"
+      argument :name, type: :string, required: false, banner: "RESOURCE"
 
       class_option :dest, type: :string,
         desc: "Destination portal"
@@ -106,14 +106,7 @@ module Pu
       end
 
       def add_profile_url_helper
-        content = <<-RUBY.chomp
-
-      included do
-        helper_method :profile_url
-      end
-
-      private
-
+        methods = <<-RUBY
       # Returns the URL to the user's profile page.
       def profile_url
         profile = current_user.#{profile_association}
@@ -124,15 +117,19 @@ module Pu
         end
       end
         RUBY
-        inject_into_file concerns_controller_path, content, after: /# add concerns above\.\n/
+        inject_into_concerns_controller concerns_controller_path,
+          helper_methods: [:profile_url],
+          methods: methods
       end
 
       def profile_association
-        resource_class_name.demodulize.underscore
+        # The install generator always exposes the profile as `:profile` on the
+        # user model (via class_name:), regardless of the underlying class name.
+        "profile"
       end
 
       def resource_class_name
-        name.camelize
+        (name.presence || "#{options[:user_model]}Profile").camelize
       end
 
       def user_table

data/lib/generators/pu/profile/install_generator.rb

@@ -37,10 +37,13 @@ module Pu
       end
 
       def add_user_association
+        # Always expose the association as `:profile` on the user model so that
+        # `current_user.profile` works regardless of the underlying class name
+        # (e.g. UserProfile, StaffUserProfile, AccountSettings).
         association = if dest_package?
-          "  has_one :#{file_name}, class_name: \"#{namespaced_class_name}\", dependent: :destroy\n"
+          "  has_one :profile, class_name: \"#{namespaced_class_name}\", dependent: :destroy\n"
         else
-          "  has_one :#{file_name}, dependent: :destroy\n"
+          "  has_one :profile, class_name: \"#{class_name}\", dependent: :destroy\n"
         end
         inject_into_file user_model_path, association,
           before: /^\s*# add has_one associations above\.\n/

data/lib/generators/pu/rodauth/templates/app/rodauth/account_rodauth_plugin.rb.tt

@@ -285,6 +285,9 @@ class <%= account_path.classify %>RodauthPlugin < RodauthPlugin
 <% end -%>
 <% if verify_account? -%>
 
+    # Redirect to login page after requesting account verification email.
+    verify_account_email_sent_redirect { login_path }
+
     # Redirect to wherever login redirects to after account verification.
     verify_account_redirect { login_redirect }
 <% end -%>

data/lib/generators/pu/saas/portal_generator.rb

@@ -70,14 +70,7 @@ module Pu
       end
 
       def add_entity_url_helper
-        content = <<-RUBY
-
-      included do
-        helper_method :entity_url, :user_entities
-      end
-
-      private
-
+        methods = <<-RUBY
       # Returns the URL to the current entity's show page.
       def entity_url
         resource_url_for(current_scoped_entity)
@@ -88,7 +81,9 @@ module Pu
         @user_entities ||= current_user.#{entity_table.pluralize}
       end
         RUBY
-        inject_into_file concerns_controller_path, content, after: /# add concerns above\.\n/
+        inject_into_concerns_controller concerns_controller_path,
+          helper_methods: [:entity_url, :user_entities],
+          methods: methods
       end
 
       def add_entity_link_to_header

data/lib/generators/pu/saas/welcome/templates/app/views/welcome/onboarding.html.erb.tt

@@ -23,7 +23,7 @@
   <%% end %>
 <% if profile? -%>
 
-  <%%= f.fields_for :profile, @profile do |pf| %>
+  <%%= fields_for :profile, @profile do |pf| %>
     <div>
       <%%= pf.label :name, "Your Name", class: "block mb-2 text-sm font-medium text-[var(--pu-text)]" %>
       <%%= pf.text_field :name,
@@ -34,7 +34,7 @@
   <%% end %>
 <% end -%>
 
-  <%%= f.fields_for :<%= entity_table %>, @<%= entity_table %> do |ef| %>
+  <%%= fields_for :<%= entity_table %>, @<%= entity_table %> do |ef| %>
     <div>
       <%%= ef.label :name, "Workspace Name", class: "block mb-2 text-sm font-medium text-[var(--pu-text)]" %>
       <%%= ef.text_field :name,

data/lib/generators/pu/test/install/install_generator.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+require_relative "../../lib/plutonium_generators"
+
+module Pu
+  module Test
+    class InstallGenerator < Rails::Generators::Base
+      include PlutoniumGenerators::Generator
+
+      source_root File.expand_path("templates", __dir__)
+
+      desc "Install Plutonium::Testing scaffolding"
+
+      def install
+        add_require_to_test_helper
+        copy_support_file
+      end
+
+      private
+
+      def add_require_to_test_helper
+        helper = "test/test_helper.rb"
+        return unless File.exist?(helper)
+        line = %(require "plutonium/testing")
+        return if File.read(helper).include?(line)
+        append_to_file helper, "\n#{line}\n"
+      end
+
+      def copy_support_file
+        copy_file "plutonium_testing.rb", "test/support/plutonium_testing.rb"
+      end
+    end
+  end
+end

data/lib/generators/pu/test/install/templates/plutonium_testing.rb.tt

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+# Plutonium::Testing project hooks.
+#
+# Override authentication for non-Rodauth setups by defining a top-level helper
+# that gets included into integration tests:
+#
+# module PlutoniumTestingOverrides
+#   def sign_in_for_tests(account, portal:)
+#     # your custom auth flow here
+#   end
+# end
+#
+# ActiveSupport::TestCase.include(PlutoniumTestingOverrides)

data/lib/generators/pu/test/scaffold/scaffold_generator.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require_relative "../../lib/plutonium_generators"
+
+module Pu
+  module Test
+    class ScaffoldGenerator < Rails::Generators::NamedBase
+      include PlutoniumGenerators::Generator
+
+      source_root File.expand_path("templates", __dir__)
+
+      desc "Scaffold Plutonium::Testing tests for a resource across one or more portals"
+
+      class_option :portals, type: :array, required: true,
+        desc: "Portals to scaffold tests for (e.g. admin,org)"
+      class_option :concerns, type: :array, default: %w[crud policy definition],
+        desc: "Concerns to include (crud,policy,definition,nested,model,interaction)"
+      class_option :parent, type: :string, desc: "Parent association for nested resources"
+      class_option :dest, type: :string, default: "main_app",
+        desc: "main_app or package name"
+
+      def scaffold
+        options[:portals].each { |portal| scaffold_for_portal(portal) }
+      end
+
+      private
+
+      CONCERN_MAP = {
+        "crud" => "ResourceCrud",
+        "policy" => "ResourcePolicy",
+        "definition" => "ResourceDefinition",
+        "model" => "ResourceModel",
+        "interaction" => "ResourceInteraction",
+        "nested" => "NestedResource",
+        "portal_access" => "PortalAccess"
+      }.freeze
+
+      def concern_module_name(concern)
+        CONCERN_MAP.fetch(concern) { concern.camelize }
+      end
+
+      def scaffold_for_portal(portal)
+        @portal = portal
+        @resource_class = name
+        @file_name = name.underscore.tr("/", "_")
+        @class_name = "#{portal.camelize}Portal::#{name.tr("::", "")}Test"
+        @concerns = options[:concerns]
+        @parent = options[:parent]
+        target_dir = (options[:dest] == "main_app") ? "test/integration" : "packages/#{options[:dest]}/test/integration"
+        target = "#{target_dir}/#{portal}_portal/#{@file_name}_test.rb"
+        template "integration_test.rb.tt", target
+      end
+    end
+  end
+end

data/lib/generators/pu/test/scaffold/templates/integration_test.rb.tt

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class <%= @class_name %> < ActionDispatch::IntegrationTest
+<% @concerns.each do |c| -%>
+  include Plutonium::Testing::<%= concern_module_name(c) %>
+<% end -%>
+
+  resource_tests_for <%= @resource_class %>,
+    portal: :<%= @portal %><% if @parent %>,
+    parent: :<%= @parent %><% end %>
+
+  setup do
+    # TODO: replace with your factories.
+    @account = nil
+    login_as(@account)
+  end
+
+<% if @concerns.include?("crud") -%>
+  def create_resource!
+    <%= @resource_class %>.create!(
+      # TODO: fill in valid attributes
+    )
+  end
+
+  def valid_create_params
+    {} # TODO
+  end
+
+  def valid_update_params
+    {} # TODO
+  end
+<% end -%>
+<% if @concerns.include?("policy") -%>
+
+  def policy_roles
+    {<%= @portal %>: -> { @account }}
+  end
+
+  def policy_record
+    create_resource!
+  end
+
+  def policy_matrix
+    {
+      index: %i[<%= @portal %>],
+      show: %i[<%= @portal %>],
+      create: %i[<%= @portal %>],
+      update: %i[<%= @portal %>],
+      destroy: %i[<%= @portal %>]
+    }
+  end
+<% end -%>
+<% if @concerns.include?("nested") && @parent -%>
+
+  def parent_record!
+    # TODO: return the current tenant for this test
+  end
+
+  def other_parent_record!
+    # TODO: return a sibling tenant
+  end
+<% end -%>
+end

data/lib/plutonium/core/controller.rb

@@ -87,11 +87,17 @@ module Plutonium
       #
       # @return [Hash] args to pass to `url_for`
       #
-      def resource_url_args_for(*args, action: nil, parent: nil, association: nil, package: nil, **kwargs)
+      def resource_url_args_for(*args, action: nil, parent: nil, association: nil, package: nil, interaction: nil, **kwargs)
         element = args.first
 
         raise ArgumentError, "parent is required when using symbol association name" if element.is_a?(Symbol) && parent.nil?
 
+        if interaction
+          raise ArgumentError, "cannot pass both `interaction:` and `action:`" if action
+          action = interactive_action_type_for(element, ids: kwargs[:ids])
+          kwargs[:interactive_action] = interaction
+        end
+
         # For nested resources, use named route helpers to avoid Rails param recall ambiguity
         if parent.present?
           assoc_name = if element.is_a?(Symbol)
@@ -137,6 +143,17 @@ module Plutonium
 
       private
 
+      # Determine the interactive action type for the given element.
+      # Records → :interactive_record_action, classes/symbols with :ids → :interactive_bulk_action,
+      # otherwise :interactive_resource_action.
+      def interactive_action_type_for(element, ids: nil)
+        if element.is_a?(Class) || element.is_a?(Symbol) || element.nil?
+          ids.present? ? :interactive_bulk_action : :interactive_resource_action
+        else
+          :interactive_record_action
+        end
+      end
+
       def build_nested_resource_url_args(element, parent:, association_name:, route_config:, action: nil, **kwargs)
         prefix = Plutonium::Routing::NESTED_ROUTE_PREFIX
         is_singular = route_config[:route_type] == :resource

data/lib/plutonium/engine.rb

@@ -5,17 +5,30 @@ module Plutonium
     extend ActiveSupport::Concern
 
     class_methods do
-      attr_reader :scoped_entity_class, :scoped_entity_strategy, :scoped_entity_param_key, :scoped_entity_route_key
+      attr_reader :scoped_entity_strategy, :scoped_entity_param_key, :scoped_entity_route_key
 
+      # Store the entity class *by name* and resolve it lazily on every call.
+      # Capturing the class object directly causes stale references after Rails
+      # autoreload: the constant is reloaded but @scoped_entity_class still
+      # points at the previous (now-orphaned) class object, which then fails
+      # type checks against freshly reloaded instances.
       def scope_to_entity(entity_class, strategy: :path, param_key: nil, route_key: nil)
-        @scoped_entity_class = entity_class
+        @scoped_entity_class_name = entity_class.is_a?(Class) ? entity_class.name : entity_class.to_s
         @scoped_entity_strategy = strategy
-        @scoped_entity_param_key = param_key || :"#{entity_class.model_name.singular_route_key}_scope"
-        @scoped_entity_route_key = route_key || entity_class.model_name.singular.to_sym
+        # param_key / route_key are derived from the class once at declaration
+        # time — they're stable strings and don't depend on the live class
+        # identity, so caching them is safe.
+        resolved = @scoped_entity_class_name.constantize
+        @scoped_entity_param_key = param_key || :"#{resolved.model_name.singular_route_key}_scope"
+        @scoped_entity_route_key = route_key || resolved.model_name.singular.to_sym
+      end
+
+      def scoped_entity_class
+        @scoped_entity_class_name&.constantize
       end
 
       def scoped_to_entity?
-        scoped_entity_class.present?
+        @scoped_entity_class_name.present?
       end
 
       def dom_id

data/lib/plutonium/testing/auth_helpers.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module Plutonium
+  module Testing
+    module AuthHelpers
+      extend ActiveSupport::Concern
+
+      def login_as(account, portal: nil)
+        portal ||= current_portal
+        if respond_to?(:sign_in_for_tests)
+          sign_in_for_tests(account, portal: portal)
+        else
+          default_rodauth_login(account, portal: portal)
+        end
+        instance_variable_set(:"@__current_account_#{portal}", account)
+      end
+
+      def sign_out(portal: nil)
+        portal ||= current_portal
+        post logout_path_for(portal)
+        follow_redirect! if response.redirect?
+        instance_variable_set(:"@__current_account_#{portal}", nil)
+      end
+
+      def current_account(portal: nil)
+        portal ||= current_portal
+        instance_variable_get(:"@__current_account_#{portal}")
+      end
+
+      def with_portal(portal)
+        prev = @__portal_override
+        @__portal_override = portal
+        yield
+      ensure
+        @__portal_override = prev
+      end
+
+      private
+
+      def default_rodauth_login(account, portal:)
+        post login_path_for(portal), params: {email: account.email, password: "password123"}
+        follow_redirect! if response.redirect?
+      end
+
+      def login_path_for(portal)
+        "/#{account_table_for(portal)}/login"
+      end
+
+      def logout_path_for(portal)
+        "/#{account_table_for(portal)}/logout"
+      end
+
+      def account_table_for(portal)
+        case portal
+        when :admin then "admins"
+        when :user, :org then "users"
+        else portal.to_s.pluralize
+        end
+      end
+    end
+  end
+end

data/lib/plutonium/testing/dsl.rb

@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+module Plutonium
+  module Testing
+    module DSL
+      extend ActiveSupport::Concern
+
+      class PortalNotFound < StandardError; end
+
+      DEFAULT_ACTIONS = %i[index show new create edit update destroy].freeze
+
+      class_methods do
+        def resource_tests_for(resource_class, portal:, path_prefix: nil, parent: nil,
+          actions: DEFAULT_ACTIONS, skip: [],
+          associated_with: nil, sgid_routing: false, has_cents: [])
+          @resource_tests_config = {
+            resource: resource_class,
+            portal: portal,
+            path_prefix: path_prefix || resolve_portal_path_prefix(portal),
+            parent: parent,
+            actions: actions,
+            skip: skip,
+            associated_with: associated_with,
+            sgid_routing: sgid_routing,
+            has_cents: has_cents
+          }
+        end
+
+        def resource_tests_config
+          @resource_tests_config or raise "resource_tests_for not called on #{name}"
+        end
+
+        private
+
+        def resolve_portal_path_prefix(portal_sym)
+          engine_name = "#{portal_sym.to_s.camelize}Portal::Engine"
+          engine_const = engine_name.safe_constantize
+          unless engine_const
+            raise PortalNotFound, "Could not resolve portal :#{portal_sym} (looked for #{engine_name})"
+          end
+
+          mount = find_engine_mount(engine_const)
+          unless mount
+            raise PortalNotFound, "Engine #{engine_const} is not mounted in routes"
+          end
+
+          mount.path.spec.to_s.sub(/\(\.:format\)\z/, "").chomp("/")
+        end
+
+        def find_engine_mount(engine_const)
+          Rails.application.routes.routes.find do |route|
+            matches_engine?(route.app, engine_const)
+          end
+        end
+
+        def matches_engine?(app, engine_const)
+          return true if app == engine_const
+          return false unless app.respond_to?(:app)
+          return false if app.app == app
+          matches_engine?(app.app, engine_const)
+        end
+      end
+
+      def current_portal
+        @__portal_override || self.class.resource_tests_config.fetch(:portal)
+      end
+
+      def current_path_prefix
+        self.class.resource_tests_config.fetch(:path_prefix)
+      end
+    end
+  end
+end