plutonium 0.42.0 → 0.43.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cb19ed41e9f34ec8325aae0659a5db7533c163ed68c98ed0f8fcbd0868b21f93
-  data.tar.gz: 6c4f9d70ac8840b61a3c41f9f7ff721f8be3ab1d5d57c3142525e15b72042009
+  metadata.gz: c6775aec4947b991b03ae8a90d29761106765bf7a960153b938298d366a5c5b0
+  data.tar.gz: bc7efa2d03feaa76610d747a182c9bf4e045c55a0af8ea21b743390b19061b5e
 SHA512:
-  metadata.gz: 8079e42372a54b1bf3c1de34efc94bc6fe559d725571b5c40971faccb55df7b63ff9831c4e1830c95663c94317bf77a8b9b6fd3b4ea12724a16a52d80deb2066
-  data.tar.gz: 794c3b42b783652814bea1a226e14ccf45fadb8c6e8bc8643e88606164d10324ebda15518d31e58d4c1d2084c07fd7a3c6d0c95cfc50261ccd76925b1a157fbf
+  metadata.gz: 3e5686e8560df32a8913be75ac08d7ce0df8543810982322843435c55dd1606b0412f619732613fa55c9252867b3a6f3553fd4d0ff10f08633b9c7bfb519cad2
+  data.tar.gz: 205ee9f10dbffd3e0437b48aa04b1c9f61d0ab6ee67ee208e084f318021b0816fbc01b1b143a455a02a907cbb5e246b0ac25ec5e7dd75c7e08ebfcce5dc4fc31

data/.claude/skills/plutonium-controller/SKILL.md

@@ -265,9 +265,46 @@ end
 
 Controllers automatically:
 - Scope all queries to the entity
-- Exclude entity field from forms
+- Exclude entity field from forms (detected by association class)
+- Inject entity value on create/update
 - Provide `current_scoped_entity` method
 
+### Association Detection
+
+Plutonium auto-detects which `belongs_to` association points to the scoped entity class. This works even when `param_key` differs from the association name:
+
+```ruby
+# Portal config
+scope_to_entity Competition::Team, param_key: :team
+
+# Model (association name differs from param_key)
+class Match < ApplicationRecord
+  belongs_to :competition_team  # Plutonium finds this by class
+end
+```
+
+### Multiple Associations to Same Class
+
+If a model has multiple associations to the scoped entity class, Plutonium raises an error:
+
+```
+Match has multiple associations to Competition::Team: home_team, away_team.
+Plutonium cannot auto-detect which one to use for entity scoping.
+Override `scoped_entity_association` in your controller to specify the association.
+```
+
+Resolve by overriding `scoped_entity_association`:
+
+```ruby
+class MatchesController < ::ResourceController
+  private
+
+  def scoped_entity_association
+    :home_team  # Return the association name as a symbol
+  end
+end
+```
+
 ## Authorization Verification
 
 Controllers verify authorization was performed:

data/.claude/skills/plutonium-definition/SKILL.md

@@ -170,6 +170,20 @@ end
 | `input` blocks | Yes | Yes | Yes |
 | Page title procs | Yes | Yes (current_record!) | Yes |
 
+## Form Configuration
+
+```ruby
+class PostDefinition < ResourceDefinition
+  # Controls "Save and add another" / "Update and continue editing" buttons
+  # nil (default) = auto-detect (hidden for singular resources, shown for plural)
+  # true = always show
+  # false = always hide
+  submit_and_continue false
+end
+```
+
+Singular resources (e.g., `resource :profile` routes or `has_one` nested) auto-hide this button since creating "another" doesn't make sense.
+
 ## Page Customization
 
 ```ruby

data/.claude/skills/plutonium-forms/SKILL.md

@@ -327,12 +327,27 @@ end
 
 ## Form Actions
 
+### Submit and Continue Button
+
+Forms include a secondary button ("Create and add another" for new records, "Update and continue editing" for existing). Control this in your definition:
+
+```ruby
+class PostDefinition < ResourceDefinition
+  # nil (default) = auto-detect (hidden for singular resources, shown for plural)
+  # true = always show
+  # false = always hide
+  submit_and_continue false
+end
+```
+
+Singular resources (e.g., `resource :profile` routes or `has_one` nested) auto-hide this button.
+
 ### Default Actions
 
 ```ruby
 def render_actions
   actions_wrapper {
-    # "Create and add another" / "Update and continue editing" button
+    # "Create and add another" / "Update and continue editing" button (if enabled)
     # Primary submit button
     render submit_button
   }

data/.claude/skills/plutonium-profile/SKILL.md

@@ -0,0 +1,276 @@
+---
+name: plutonium-profile
+description: Plutonium user profile - account settings page with Rodauth security links
+---
+
+# Plutonium User Profile
+
+Plutonium provides a Profile resource generator for managing Rodauth account settings. The profile resource allows users to:
+- View and edit their profile information
+- Access Rodauth security features (change password, 2FA, etc.)
+- Manage their account settings in one place
+
+## Quick Setup
+
+Use the setup generator to create and connect the profile in one command:
+
+```bash
+rails g pu:profile:setup date_of_birth:date bio:text \
+    --dest=competition \
+    --portal=competition_portal
+```
+
+## Step-by-Step Installation
+
+### Install the Profile Resource
+
+```bash
+rails generate pu:profile:install --dest=main_app
+```
+
+**Options:**
+
+| Option | Default | Description |
+|--------|---------|-------------|
+| `--dest=DESTINATION` | (prompts) | Target package or main_app |
+| `--user-model=NAME` | User | Rodauth user model name |
+
+**With custom fields:**
+
+```bash
+rails g pu:profile:install \
+    bio:text \
+    avatar:attachment \
+    'timezone:string?' \
+    --dest=customer
+```
+
+**With custom name:**
+
+```bash
+rails g pu:profile:install AccountSettings \
+    bio:text \
+    --dest=main_app
+```
+
+## What Gets Created
+
+The generator creates a standard Plutonium resource:
+
+```
+app/models/[package/]profile.rb              # Profile model
+db/migrate/xxx_create_profiles.rb            # Migration
+app/controllers/[package/]profiles_controller.rb
+app/policies/[package/]profile_policy.rb
+app/definitions/[package/]profile_definition.rb
+```
+
+And modifies:
+- **User model**: Adds `has_one :profile, dependent: :destroy`
+- **Definition**: Injects custom ShowPage with SecuritySection
+
+## The SecuritySection Component
+
+The generator injects a custom `ShowPage` that renders `Plutonium::Profile::SecuritySection`:
+
+```ruby
+class ProfileDefinition < Plutonium::Resource::Definition
+  class ShowPage < ShowPage
+    private
+
+    def render_after_content
+      render Plutonium::Profile::SecuritySection.new
+    end
+  end
+end
+```
+
+The `SecuritySection` component dynamically checks which Rodauth features are enabled and displays links for:
+
+| Feature | Label | Description |
+|---------|-------|-------------|
+| `change_password` | Change Password | Update account password |
+| `change_login` | Change Email | Update email address |
+| `otp` | Two-Factor Authentication | Set up TOTP |
+| `recovery_codes` | Recovery Codes | View/regenerate backup codes |
+| `webauthn` | Security Keys | Manage passkeys |
+| `active_sessions` | Active Sessions | View/manage sessions |
+| `close_account` | Close Account | Delete account |
+
+Only enabled Rodauth features are displayed.
+
+## After Generation
+
+### 1. Run Migrations
+
+```bash
+rails db:migrate
+```
+
+### 2. Connect to Portal
+
+Use the profile connect generator to register as a singular resource and configure the `profile_url` helper:
+
+```bash
+rails g pu:profile:conn --dest=customer_portal
+```
+
+This:
+- Registers the Profile as a singular resource (`/profile` instead of `/profiles/:id`)
+- Adds `profile_url` helper to enable the "Profile" link in the user menu
+
+### 3. Create Profile Automatically
+
+Users need a profile created. Add a callback or use `find_or_create`:
+
+```ruby
+# Option A: Callback on User
+class User < ApplicationRecord
+  after_create :create_profile!
+
+  private
+
+  def create_profile!
+    create_profile
+  end
+end
+
+# Option B: In controller or before_action
+def current_profile
+  @current_profile ||= current_user.profile || current_user.create_profile
+end
+```
+
+## Customization
+
+### Adding Profile Fields
+
+Add fields during generation:
+
+```bash
+rails g pu:profile:install \
+    bio:text \
+    avatar:attachment \
+    website:string \
+    'company:string?' \
+    --dest=main_app
+```
+
+Or add to the migration manually before running.
+
+### Customizing the Definition
+
+Edit the generated definition:
+
+```ruby
+# app/definitions/profile_definition.rb
+class ProfileDefinition < Plutonium::Resource::Definition
+  # Form configuration
+  form do |f|
+    f.field :bio
+    f.field :avatar
+    f.field :website
+  end
+
+  # Display configuration
+  display do |d|
+    d.field :bio
+    d.field :avatar
+    d.field :website
+  end
+
+  class ShowPage < ShowPage
+    private
+
+    def render_after_content
+      render Plutonium::Profile::SecuritySection.new
+    end
+  end
+end
+```
+
+### Custom Security Section
+
+Override the SecuritySection or create your own:
+
+```ruby
+class ProfileDefinition < Plutonium::Resource::Definition
+  class ShowPage < ShowPage
+    private
+
+    def render_after_content
+      render CustomSecuritySection.new
+    end
+  end
+end
+```
+
+### Adding Custom Actions
+
+Add profile-specific actions:
+
+```ruby
+class ProfileDefinition < Plutonium::Resource::Definition
+  action :export_data,
+    interaction: Profile::ExportDataInteraction
+
+  action :verify_email,
+    interaction: Profile::VerifyEmailInteraction,
+    category: :secondary
+end
+```
+
+## Profile Link in Header
+
+To add a profile link to the resource header, the `profile_url` helper is available via `Plutonium::Auth::Rodauth`:
+
+```ruby
+# In your controller or view
+if respond_to?(:profile_url)
+  link_to "Profile", profile_url
+end
+```
+
+This helper is automatically available when Profile is connected to a portal.
+
+## Troubleshooting
+
+### "User model not found"
+
+Ensure the User model exists at `app/models/user.rb` with the marker comment:
+
+```ruby
+class User < ApplicationRecord
+  # add has_one associations above.
+end
+```
+
+### "Definition path not found"
+
+If using a package destination, ensure the package exists:
+
+```bash
+# Check available packages
+ls packages/
+```
+
+### Profile Not Loading
+
+Ensure the Profile is connected to your portal:
+
+```bash
+rails g pu:res:conn Profile --dest=my_portal --singular
+```
+
+And the user has a profile:
+
+```ruby
+current_user.profile || current_user.create_profile
+```
+
+## Related Skills
+
+- `plutonium-rodauth` - Authentication configuration
+- `plutonium-definition` - Customizing the profile definition
+- `plutonium-views` - Custom pages and components
+- `plutonium-connect-resource` - Connecting resources to portals

data/.claude/skills/plutonium-views/SKILL.md

@@ -346,12 +346,34 @@ Available kit methods:
 - `TabList(items:)`
 - `EmptyCard(message)`
 - `ActionButton(action, url:)`
-- `DynaFrameHost()` / `DynaFrameContent()`
+- `DynaFrameHost(src:, loading:)` - Lazy-loading turbo frame
+- `DynaFrameContent(content) { |frame| ... }` - Frame-aware content wrapper
 - `TableSearchBar()`
 - `TableScopesBar()`
 - `TableInfo(pagy)`
 - `TablePagination(pagy)`
 
+## DynaFrameContent Pattern
+
+`DynaFrameContent` enables frame-aware rendering. For turbo-frame requests, only the content is rendered inside the frame. For regular requests, the full page renders with header/footer.
+
+```ruby
+# How Page::Base uses DynaFrameContent
+def view_template(&block)
+  DynaFrameContent(page_content(block)) do |frame|
+    render_header        # Skipped for frame requests
+    frame.render_content # Always rendered (in turbo-frame for frame requests)
+    render_footer        # Skipped for frame requests
+  end
+end
+```
+
+This pattern means:
+- **Regular page load**: Full page with header, content, footer
+- **Turbo-frame request**: Only `<turbo-frame id="...">` with content inside
+
+All pages automatically inherit this behavior. No special handling needed for modals or frame navigation.
+
 ## Custom Components
 
 ### Creating a Phlex Component

data/CHANGELOG.md

@@ -1,3 +1,39 @@
+## [0.43.0] - 2026-03-05
+
+### 🚀 Features
+
+- *(generators)* Add TypeSpec API specification generator
+- *(forms)* Make submit_and_continue button configurable
+- *(generators)* Add package destination and namespace handling to invites
+- *(controller)* Auto-detect entity association by class
+- *(generators)* Add profile generators for user settings pages
+- *(auth)* Add profile_url helper method to rodauth module
+
+### 🐛 Bug Fixes
+
+- *(ui)* Support custom primary keys and optional timestamps
+- *(routing)* Handle singular resources and entity scoping correctly
+- *(generators)* Improve robustness and package support
+- *(resource)* Handle class reloading in associated_with scope
+- *(ui)* Show profile link in user menu only when profile_url defined
+- *(generators)* Fix invites templates and null attribute handling
+
+### 🚜 Refactor
+
+- *(ui)* Extract breadcrumb rendering methods and add tests
+
+### 📚 Documentation
+
+- Add profile guide and update skill documentation
+
+### 🧪 Testing
+
+- Add OrgPortal fixture for entity scoping tests
+- Add tests for routing, authorization, and display helpers
+
+### ⚙️ Miscellaneous Tasks
+
+- Add profile_url stub to controller template and test fixtures
 ## [0.42.0] - 2026-02-14
 
 ### 🚀 Features