RubyGems - plutonium - Versions diffs - 0.50.0 → 0.51.0 - Mend

plutonium 0.50.0 → 0.51.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (132) hide show

checksums.yaml +4 -4
data/.claude/skills/plutonium/SKILL.md +85 -102
data/.claude/skills/plutonium-app/SKILL.md +572 -0
data/.claude/skills/plutonium-auth/SKILL.md +163 -300
data/.claude/skills/plutonium-behavior/SKILL.md +838 -0
data/.claude/skills/plutonium-resource/SKILL.md +1176 -0
data/.claude/skills/plutonium-tenancy/SKILL.md +655 -0
data/.claude/skills/plutonium-testing/SKILL.md +6 -5
data/.claude/skills/plutonium-ui/SKILL.md +900 -0
data/CHANGELOG.md +27 -2
data/Rakefile +2 -1
data/app/assets/plutonium.css +1 -11
data/app/assets/plutonium.js +1009 -1214
data/app/assets/plutonium.js.map +3 -3
data/app/assets/plutonium.min.js +52 -51
data/app/assets/plutonium.min.js.map +3 -3
data/docs/.vitepress/config.ts +37 -27
data/docs/getting-started/index.md +22 -29
data/docs/getting-started/installation.md +37 -80
data/docs/getting-started/tutorial/index.md +4 -5
data/docs/guides/adding-resources.md +66 -377
data/docs/guides/authentication.md +94 -463
data/docs/guides/authorization.md +124 -370
data/docs/guides/creating-packages.md +94 -296
data/docs/guides/custom-actions.md +121 -441
data/docs/guides/index.md +22 -42
data/docs/guides/multi-tenancy.md +116 -187
data/docs/guides/nested-resources.md +103 -431
data/docs/guides/search-filtering.md +123 -240
data/docs/guides/testing.md +5 -4
data/docs/guides/theming.md +157 -407
data/docs/guides/troubleshooting.md +5 -3
data/docs/guides/user-invites.md +106 -425
data/docs/guides/user-profile.md +76 -243
data/docs/index.md +1 -1
data/docs/reference/app/generators.md +517 -0
data/docs/reference/app/index.md +158 -0
data/docs/reference/app/packages.md +146 -0
data/docs/reference/app/portals.md +377 -0
data/docs/reference/auth/accounts.md +230 -0
data/docs/reference/auth/index.md +88 -0
data/docs/reference/auth/profile.md +185 -0
data/docs/reference/behavior/controllers.md +395 -0
data/docs/reference/behavior/index.md +22 -0
data/docs/reference/behavior/interactions.md +341 -0
data/docs/reference/behavior/policies.md +417 -0
data/docs/reference/index.md +56 -49
data/docs/reference/resource/actions.md +423 -0
data/docs/reference/resource/definition.md +508 -0
data/docs/reference/resource/index.md +50 -0
data/docs/reference/resource/model.md +348 -0
data/docs/reference/resource/query.md +305 -0
data/docs/reference/tenancy/entity-scoping.md +361 -0
data/docs/reference/tenancy/index.md +36 -0
data/docs/reference/tenancy/invites.md +393 -0
data/docs/reference/tenancy/nested-resources.md +267 -0
data/docs/reference/testing/index.md +287 -0
data/docs/reference/ui/assets.md +400 -0
data/docs/reference/ui/components.md +165 -0
data/docs/reference/ui/displays.md +104 -0
data/docs/reference/ui/forms.md +284 -0
data/docs/reference/ui/index.md +30 -0
data/docs/reference/ui/layouts.md +106 -0
data/docs/reference/ui/pages.md +189 -0
data/docs/reference/ui/tables.md +117 -0
data/docs/superpowers/specs/2026-05-09-typeahead-endpoint-design.md +203 -0
data/docs/superpowers/specs/2026-05-12-skill-compaction-design.md +99 -0
data/docs/superpowers/specs/2026-05-13-docs-restructure-design.md +186 -0
data/gemfiles/rails_7.gemfile.lock +1 -1
data/gemfiles/rails_8.0.gemfile.lock +1 -1
data/gemfiles/rails_8.1.gemfile.lock +1 -1
data/lib/generators/pu/core/update/update_generator.rb +0 -20
data/lib/generators/pu/invites/install_generator.rb +1 -0
data/lib/plutonium/definition/base.rb +1 -1
data/lib/plutonium/definition/{views.rb → index_views.rb} +21 -20
data/lib/plutonium/helpers/turbo_helper.rb +11 -0
data/lib/plutonium/helpers/turbo_stream_actions_helper.rb +14 -0
data/lib/plutonium/resource/controller.rb +1 -0
data/lib/plutonium/resource/controllers/crud_actions.rb +19 -1
data/lib/plutonium/resource/controllers/typeahead.rb +180 -0
data/lib/plutonium/resource/policy.rb +7 -0
data/lib/plutonium/routing/mapper_extensions.rb +15 -0
data/lib/plutonium/ui/component/methods.rb +4 -0
data/lib/plutonium/ui/form/base.rb +6 -2
data/lib/plutonium/ui/form/components/json.rb +58 -0
data/lib/plutonium/ui/form/components/resource_select.rb +62 -8
data/lib/plutonium/ui/form/components/secure_association.rb +98 -22
data/lib/plutonium/ui/form/concerns/typeahead_attributes.rb +83 -0
data/lib/plutonium/ui/form/resource.rb +0 -4
data/lib/plutonium/ui/grid/resource.rb +1 -1
data/lib/plutonium/ui/layout/base.rb +1 -0
data/lib/plutonium/ui/page/base.rb +0 -7
data/lib/plutonium/ui/page/index.rb +4 -4
data/lib/plutonium/ui/table/resource.rb +1 -1
data/lib/plutonium/version.rb +1 -1
data/lib/plutonium.rb +8 -0
data/lib/tasks/release.rake +15 -1
data/package.json +10 -10
data/src/css/slim_select.css +4 -0
data/src/js/controllers/slim_select_controller.js +61 -0
data/src/js/turbo/turbo_actions.js +33 -0
data/yarn.lock +553 -543
metadata +44 -33
data/.claude/skills/plutonium-assets/SKILL.md +0 -512
data/.claude/skills/plutonium-controller/SKILL.md +0 -396
data/.claude/skills/plutonium-create-resource/SKILL.md +0 -303
data/.claude/skills/plutonium-definition/SKILL.md +0 -1223
data/.claude/skills/plutonium-entity-scoping/SKILL.md +0 -317
data/.claude/skills/plutonium-forms/SKILL.md +0 -465
data/.claude/skills/plutonium-installation/SKILL.md +0 -331
data/.claude/skills/plutonium-interaction/SKILL.md +0 -413
data/.claude/skills/plutonium-invites/SKILL.md +0 -408
data/.claude/skills/plutonium-model/SKILL.md +0 -440
data/.claude/skills/plutonium-nested-resources/SKILL.md +0 -360
data/.claude/skills/plutonium-package/SKILL.md +0 -198
data/.claude/skills/plutonium-policy/SKILL.md +0 -456
data/.claude/skills/plutonium-portal/SKILL.md +0 -410
data/.claude/skills/plutonium-views/SKILL.md +0 -651
data/docs/reference/assets/index.md +0 -496
data/docs/reference/controller/index.md +0 -412
data/docs/reference/definition/actions.md +0 -462
data/docs/reference/definition/fields.md +0 -383
data/docs/reference/definition/index.md +0 -326
data/docs/reference/definition/query.md +0 -351
data/docs/reference/generators/index.md +0 -648
data/docs/reference/interaction/index.md +0 -449
data/docs/reference/model/features.md +0 -248
data/docs/reference/model/index.md +0 -218
data/docs/reference/policy/index.md +0 -456
data/docs/reference/portal/index.md +0 -379
data/docs/reference/views/forms.md +0 -411
data/docs/reference/views/index.md +0 -544

data/docs/reference/controller/index.md DELETED Viewed

@@ -1,412 +0,0 @@
-# Controller Reference
-Complete reference for resource controllers.
-## Overview
-Controllers handle HTTP requests and responses. Plutonium provides a controller module with CRUD actions built-in. You rarely need to customize controllers - definitions handle UI configuration and policies handle authorization.
-## Base Class
-```ruby
-# app/controllers/resource_controller.rb (generated during install)
-class ResourceController < ApplicationController
-  include Plutonium::Resource::Controller
-end
-# app/controllers/posts_controller.rb (generated per resource)
-class PostsController < ::ResourceController
-  # Empty - all CRUD actions inherited
-end
-```
-For portals:
-```ruby
-# packages/admin_portal/app/controllers/admin_portal/resource_controller.rb
-module AdminPortal
-  class ResourceController < ::ResourceController
-    include AdminPortal::Concerns::Controller
-  end
-end
-# packages/admin_portal/app/controllers/admin_portal/posts_controller.rb
-module AdminPortal
-  class PostsController < ResourceController
-    # Portal-specific customizations
-  end
-end
-```
-## Built-in Actions
-| Action | HTTP Method | Path | Purpose |
-|--------|-------------|------|---------|
-| `index` | GET | `/posts` | List with pagination, search, filters, sorting |
-| `show` | GET | `/posts/:id` | Show record |
-| `new` | GET | `/posts/new` | New record form |
-| `create` | POST | `/posts` | Create record |
-| `edit` | GET | `/posts/:id/edit` | Edit record form |
-| `update` | PATCH/PUT | `/posts/:id` | Update record |
-| `destroy` | DELETE | `/posts/:id` | Delete record |
-Plus interactive action routes for custom operations defined in definitions.
-## Key Methods
-### Resource Access
-```ruby
-resource_class          # The model class (e.g., Post)
-resource_record!        # Current record (raises RecordNotFound if not found)
-resource_record?        # Current record (nil if not found)
-resource_params         # Permitted params for create/update
-current_parent          # Parent record for nested routes
-```
-### Authorization
-```ruby
-authorize_current!(record, to: :action?)   # Check permission
-current_policy                             # Policy for current resource
-permitted_attributes                       # Allowed attributes for action
-current_authorized_scope                   # Scoped records user can access
-authorized_resource_scope(Post)            # Authorized scope for a different resource
-policy_for(record)                         # Get policy for any record
-allowed_to?(:edit?, record)                # Check if action is allowed
-```
-### Definition Access
-```ruby
-current_definition      # Definition for current resource
-```
-### UI Building
-```ruby
-build_form              # Build form component
-build_detail            # Build show/detail component
-build_collection        # Build table component
-```
-### URL Generation
-```ruby
-resource_url_for(@post)                                # URL for record
-resource_url_for(@post, action: :edit)                 # Edit URL
-resource_url_for(Post)                                 # Index URL
-resource_url_for(Post, parent: @user)                  # Nested index URL
-# Interactions (sugar over `action: :interactive_*_action, interactive_action: ...`)
-resource_url_for(@post, interaction: :publish)         # Record action
-resource_url_for(Post, interaction: :import)           # Resource (class-level) action
-resource_url_for(Post, interaction: :archive, ids: [1, 2])  # Bulk action
-```
-## Customization Hooks
-All customization is done by overriding private methods.
-### Redirect Hooks
-```ruby
-class PostsController < ::ResourceController
-  private
-  # Where to go after create/update: "show" (default), "edit", "new", "index"
-  def preferred_action_after_submit
-    "edit"
-  end
-  # Custom URL after create/update (overrides preferred_action_after_submit)
-  def redirect_url_after_submit
-    resource_url_for(resource_class)
-  end
-  # Custom URL after destroy
-  def redirect_url_after_destroy
-    resource_url_for(resource_class)
-  end
-end
-```
-### Parameter Hooks
-```ruby
-class PostsController < ::ResourceController
-  private
-  # Modify params before create/update
-  def resource_params
-    params = super
-    params[:tags] = params[:tags].split(",") if params[:tags].is_a?(String)
-    params
-  end
-end
-```
-### Query Hooks
-```ruby
-class PostsController < ::ResourceController
-  private
-  # Customize the index query
-  def filtered_resource_collection
-    base = current_authorized_scope
-    base = base.featured if params[:featured]
-    current_query_object.apply(base, raw_resource_query_params)
-  end
-end
-```
-### Presentation Hooks
-Control whether parent/entity fields appear in forms and displays:
-```ruby
-class PostsController < ::ResourceController
-  private
-  # Show parent field in displays (default: false)
-  def present_parent?
-    true
-  end
-  # Include parent field in forms (default: same as present_parent?)
-  def submit_parent?
-    true
-  end
-  # Show scoped entity in displays (default: false)
-  def present_scoped_entity?
-    true
-  end
-  # Include scoped entity in forms (default: same as present_scoped_entity?)
-  def submit_scoped_entity?
-    true
-  end
-end
-```
-## Lifecycle Callbacks
-Use standard Rails callbacks:
-```ruby
-class PostsController < ::ResourceController
-  before_action :check_quota, only: [:create]
-  private
-  def check_quota
-    if current_user.posts.count >= 100
-      redirect_to resource_url_for(resource_class), alert: "Post limit reached"
-    end
-  end
-end
-```
-## Custom Actions
-For most custom operations, use Interactive Actions in definitions. When you need a custom controller action:
-```ruby
-class PostsController < ::ResourceController
-  def publish
-    authorize_current!(resource_record!, to: :publish?)
-    resource_record!.update!(published: true)
-    redirect_to resource_url_for(resource_record!), notice: "Published!"
-  end
-end
-```
-### Routes for Custom Actions
-```ruby
-# In portal routes or config/routes.rb
-register_resource Post do
-  member do
-    post :publish, as: :publish  # Always use as: option!
-  end
-end
-```
-::: warning Always Name Custom Routes
-Always use the `as:` option when defining custom routes. This ensures `resource_url_for` can generate correct URLs, especially for nested resources.
-:::
-## Authorization
-### Automatic Authorization
-Authorization is checked automatically for standard CRUD actions via `authorize_current!`.
-### Authorization Verification
-Controllers verify authorization was performed after every action:
-```ruby
-# These run after every action
-verify_authorize_current        # Ensures authorize_current! was called
-verify_current_authorized_scope # Ensures scope was loaded (except new/create)
-```
-### Skip Authorization Verification
-```ruby
-class PostsController < ::ResourceController
-  skip_verify_authorize_current only: [:preview]
-  skip_verify_current_authorized_scope only: [:preview]
-  def preview
-    # Handle authorization manually or skip it
-  end
-end
-```
-## Nested Resources
-Parent records are automatically resolved:
-```ruby
-# Route: /users/:user_id/nested_posts/:id
-class PostsController < ::ResourceController
-  # current_parent returns the User
-  # resource_record! returns the Post scoped to that User
-end
-```
-Parent fields are automatically excluded from forms/displays. Override with presentation hooks.
-### Parent-Related Methods
-```ruby
-current_parent       # The parent record (e.g., User)
-parent_route_param   # The route param key (e.g., :user_id)
-parent_input_param   # The association name (e.g., :user)
-```
-## Entity Scoping (Multi-tenancy)
-When a portal is scoped to an entity:
-```ruby
-# packages/customer_portal/lib/engine.rb
-module CustomerPortal
-  class Engine < Rails::Engine
-    include Plutonium::Portal::Engine
-    config.after_initialize do
-      scope_to_entity Organization
-    end
-  end
-end
-```
-Controllers automatically:
-- Scope all queries to the entity
-- Exclude entity field from forms (detected by association class)
-- Inject entity value on create/update
-- Provide `current_scoped_entity` method
-### Association Detection
-Plutonium auto-detects which `belongs_to` association points to the scoped entity class. This works even when `param_key` differs from the association name:
-```ruby
-# Portal config
-scope_to_entity Competition::Team, param_key: :team
-# Model (association name differs from param_key)
-class Match < ApplicationRecord
-  belongs_to :competition_team  # Plutonium finds this by class
-end
-```
-### Multiple Associations to Same Class
-If a model has multiple associations to the scoped entity class, Plutonium raises an error:
-```
-Match has multiple associations to Competition::Team: home_team, away_team.
-Plutonium cannot auto-detect which one to use for entity scoping.
-Override `scoped_entity_association` in your controller to specify the association.
-```
-Resolve by overriding `scoped_entity_association`:
-```ruby
-class MatchesController < ::ResourceController
-  private
-  def scoped_entity_association
-    :home_team  # Return the association name as a symbol
-  end
-end
-```
-## Specifying Resource Class
-The resource class is inferred from the controller name. Override if needed:
-```ruby
-class LegacyPostsController < ::ResourceController
-  controller_for Post
-end
-```
-## Response Formats
-Controllers respond to multiple formats:
-- HTML (default)
-- JSON (via RABL templates)
-- Turbo Stream (for Hotwire)
-## Error Handling
-```ruby
-class PostsController < ::ResourceController
-  rescue_from ActiveRecord::RecordNotFound do
-    redirect_to resource_url_for(resource_class), alert: "Post not found"
-  end
-  rescue_from ActionPolicy::Unauthorized do
-    redirect_to resource_url_for(resource_class), alert: "Not authorized"
-  end
-end
-```
-## Portal-Specific Controllers
-Each portal can have its own controller override:
-```ruby
-# packages/admin_portal/app/controllers/admin_portal/posts_controller.rb
-module AdminPortal
-  class PostsController < ResourceController
-    private
-    def preferred_action_after_submit
-      "index"  # Admin prefers list view
-    end
-  end
-end
-```
-## Best Practices
-1. **Keep controllers thin** - Use definitions for UI, policies for auth, interactions for logic
-2. **Don't override CRUD actions** - Customize via hooks (`resource_params`, `redirect_url_after_submit`)
-3. **Use interactive actions** - For custom operations, define in definition with interaction
-4. **Let authorization work** - Don't skip verification without good reason
-5. **Trust the framework** - Most customization belongs in definitions or policies
-## Related
-- [Definition Reference](/reference/definition/) - UI configuration
-- [Policy Reference](/reference/policy/) - Authorization
-- [Actions Reference](/reference/definition/actions) - Interactive actions