propel_authentication 0.2.1 → 0.3.1

data/lib/generators/propel_authentication/templates/auth/tokens_controller.rb.tt

@@ -1,7 +1,4 @@
-class <%= auth_controller_class_name('tokens') %> < ApplicationController
-  <%- unless api_only_app? -%>
-  include RackSessionDisable
-  <%- end -%>
+class <%= auth_controller_class_name('tokens') %> < Api::BaseController
   include PropelAuthenticationConcern
 
   before_action :authenticate_user, only: [:show, :refresh]
@@ -42,7 +39,7 @@ class <%= auth_controller_class_name('tokens') %> < ApplicationController
       render json: { error: 'Invalid credentials' }, status: :unauthorized
     end
   rescue ActionController::ParameterMissing
-    render json: { error: 'Missing required parameters' }, status: :unprocessable_entity
+    render json: { error: 'Missing required parameters' }, status: :bad_request
   end
 
   # DELETE <%= auth_route_prefix %>/logout
@@ -69,7 +66,7 @@ class <%= auth_controller_class_name('tokens') %> < ApplicationController
     token = params[:token]
     
     if token.blank?
-      render json: { error: 'Token is required' }, status: :unprocessable_entity
+      render json: { error: 'Token is required' }, status: :unprocessable_content
       return
     end
     
@@ -107,7 +104,7 @@ class <%= auth_controller_class_name('tokens') %> < ApplicationController
 
   def validate_login_parameters
     unless params[:user].present? && params[:user][:email_address].present? && params[:user][:password].present?
-      render json: { error: 'Email address and password are required' }, status: :unprocessable_entity
+      render json: { error: 'Email address and password are required' }, status: :unprocessable_content
     end
   end
 end

data/lib/generators/propel_authentication/templates/core/configuration_methods.rb

@@ -50,11 +50,14 @@ module PropelAuthentication
 
 
     # Single method to determine all authentication configuration
-    # Handles namespace, version, and auth_scope with consistent priority logic
+    # Handles namespace, version, auth_scope, and tenancy options with consistent priority logic
     def determine_configuration
       @auth_namespace = determine_config_value(:namespace, nil)
       @auth_version = determine_config_value(:version, nil) 
       @auth_scope = determine_config_value(:auth_scope, nil)
+      @tenancy_enabled = determine_tenancy_enabled
+      @organization_required = determine_organization_required
+      @agency_required = determine_agency_required
     end
 
     # Generic configuration value determination with consistent priority
@@ -187,5 +190,39 @@ module PropelAuthentication
       
       path_parts.join('/')
     end
+
+    # Determine tenancy_enabled configuration
+    # Priority: 1) Command line option, 2) Default (true)
+    def determine_tenancy_enabled
+      return options[:tenancy_enabled] unless options[:tenancy_enabled].nil?
+      true  # Default to enabled
+    end
+
+    # Determine organization_required configuration  
+    # Priority: 1) Command line option, 2) Default (true)
+    def determine_organization_required
+      return options[:organization_required] unless options[:organization_required].nil?
+      true  # Default to required
+    end
+
+    # Determine agency_required configuration  
+    # Priority: 1) Command line option, 2) Default (true)
+    def determine_agency_required
+      return options[:agency_required] unless options[:agency_required].nil?
+      true  # Default to required
+    end
+
+    # Accessor methods for templates
+    def tenancy_enabled?
+      @tenancy_enabled
+    end
+
+    def organization_required?
+      @organization_required
+    end
+
+    def agency_required?
+      @agency_required
+    end
   end
 end 

data/lib/generators/propel_authentication/templates/db/migrate/create_agencies.rb

@@ -2,15 +2,17 @@ class CreateAgencies < ActiveRecord::Migration[8.0]
   def change
     create_table :agencies do |t|
       t.string :name, null: false
+      <% if PropelAuthentication.configuration.organization_required? %>
       t.references :organization, null: false, foreign_key: true
+      <% end %>
       t.string :phone_number
       t.string :address
       t.string :time_zone
       if ActiveRecord::Base.connection.adapter_name.downcase.starts_with?('postgresql')
-        t.jsonb :meta, default: {}
+        t.jsonb :metadata, default: {}
         t.jsonb :settings, default: {}
       else
-        t.json :meta, default: {}
+        t.json :metadata, default: {}
         t.json :settings, default: {}
       end
 

data/lib/generators/propel_authentication/templates/db/migrate/create_agents.rb

@@ -1,8 +1,13 @@
 class CreateAgents < ActiveRecord::Migration[8.0]
   def change
     create_table :agents do |t|
-      t.references :user, null: false, foreign_key: true
+      <% if PropelAuthentication.configuration.organization_required? %>
+      t.references :organization, null: false, foreign_key: true
+      <% end %>
+      <% if PropelAuthentication.configuration.agency_required? %>
       t.references :agency, null: false, foreign_key: true
+      <% end %>
+      t.references :user, null: false, foreign_key: true
       t.string :role, null: false, default: 'agent'
       t.string :title
       t.timestamps

data/lib/generators/propel_authentication/templates/db/migrate/create_organizations.rb

@@ -4,11 +4,13 @@ class CreateOrganizations < ActiveRecord::Migration[8.0]
       t.string :name, null: false
       t.string :website
       t.string :time_zone
+      t.string :logo
+      t.string :slug
       if ActiveRecord::Base.connection.adapter_name.downcase.starts_with?('postgresql')
-        t.jsonb :meta, default: {}
+        t.jsonb :metadata, default: {}
         t.jsonb :settings, default: {}
       else
-        t.json :meta, default: {}
+        t.json :metadata, default: {}
         t.json :settings, default: {}
       end
 

data/lib/generators/propel_authentication/templates/db/migrate/create_users.rb

@@ -23,13 +23,15 @@ class CreateUsers < ActiveRecord::Migration[8.0]
       t.datetime :locked_at
 
       # Multi-tenant association
+      <% if PropelAuthentication.configuration.organization_required? %>
       t.references :organization, null: false, foreign_key: true
+      <% end %>
 
       if ActiveRecord::Base.connection.adapter_name.downcase.starts_with?('postgresql')
-        t.jsonb :meta, default: {}
+        t.jsonb :metadata, default: {}
         t.jsonb :settings, default: {}
       else
-        t.json :meta, default: {}
+        t.json :metadata, default: {}
         t.json :settings, default: {}
       end
 

data/lib/generators/propel_authentication/templates/db/propel_seeds.rb.tt

@@ -0,0 +1,145 @@
+# This file should ensure the existence of records required to run the application in every environment (production,
+# development, test). The code here should be idempotent so that it can be executed at any point in every environment.
+# The data can then be loaded with the bin/rails db:seed command (or created alongside the database with db:setup).
+#
+# Example:
+#
+#   ["Action", "Comedy", "Drama", "Horror"].each do |genre_name|
+#     MovieGenre.find_or_create_by!(name: genre_name)
+#   end
+
+# Create comprehensive tenancy structure for authentication testing
+puts "🏢 Creating test organization structure..."
+
+organization = Organization.find_or_create_by!(name: 'Test Organization') do |org|
+  org.website = 'https://test.example.com'
+  org.time_zone = 'UTC'
+end
+
+# Create agencies for proper tenancy structure
+<% if PropelAuthentication.configuration.agency_required? -%>
+<% if PropelAuthentication.configuration.organization_required? -%>
+# Full tenancy mode: agencies belong to organization
+main_agency = Agency.find_or_create_by!(name: 'Main Department', organization: organization) do |agency|
+  agency.phone_number = '+1-555-0101'
+  agency.address = '123 Main Street'
+end
+
+support_agency = Agency.find_or_create_by!(name: 'Support Department', organization: organization) do |agency|
+  agency.phone_number = '+1-555-0102'
+  agency.address = '123 Support Street'
+end
+<% else -%>
+# Simple mode: agencies are standalone
+main_agency = Agency.find_or_create_by!(name: 'Main Department') do |agency|
+  agency.phone_number = '+1-555-0101'
+  agency.address = '123 Main Street'
+end
+
+support_agency = Agency.find_or_create_by!(name: 'Support Department') do |agency|
+  agency.phone_number = '+1-555-0102'
+  agency.address = '123 Support Street'
+end
+<% end -%>
+<% end -%>
+
+# Create test users with proper confirmations
+<% if PropelAuthentication.configuration.organization_required? -%>
+# Full tenancy mode: users belong to organization
+user = User.find_or_create_by!(email_address: 'test@example.com') do |u|
+  u.username = 'testuser'
+  u.email_address = 'test@example.com'
+  u.password = 'password123'
+  u.password_confirmation = 'password123'
+  u.organization = organization
+  u.first_name = 'Test'
+  u.last_name = 'User'
+  u.confirmed_at = 1.week.ago  # Confirmed user for easier testing
+end
+
+admin_user = User.find_or_create_by!(email_address: 'admin@example.com') do |u|
+  u.username = 'adminuser'
+  u.email_address = 'admin@example.com'
+  u.password = 'password123'
+  u.password_confirmation = 'password123'
+  u.organization = organization
+  u.first_name = 'Admin'
+  u.last_name = 'User'
+  u.confirmed_at = 1.week.ago  # Confirmed admin for easier testing
+end
+<% else -%>
+# Simple mode: users are standalone
+user = User.find_or_create_by!(email_address: 'test@example.com') do |u|
+  u.username = 'testuser'
+  u.email_address = 'test@example.com'
+  u.password = 'password123'
+  u.password_confirmation = 'password123'
+  u.first_name = 'Test'
+  u.last_name = 'User'
+  u.confirmed_at = 1.week.ago  # Confirmed user for easier testing
+end
+
+admin_user = User.find_or_create_by!(email_address: 'admin@example.com') do |u|
+  u.username = 'adminuser'
+  u.email_address = 'admin@example.com'
+  u.password = 'password123'
+  u.password_confirmation = 'password123'
+  u.first_name = 'Admin'
+  u.last_name = 'User'
+  u.confirmed_at = 1.week.ago  # Confirmed admin for easier testing
+end
+<% end -%>
+
+# Create agent associations for agency access (CRITICAL for tenancy validation)
+<% if PropelAuthentication.configuration.agency_required? -%>
+<% if PropelAuthentication.configuration.organization_required? -%>
+# Full tenancy mode: agents belong to both organization and agency
+Agent.find_or_create_by!(user: user, agency: main_agency, organization: organization) do |agent|
+  agent.role = 'member'
+end
+
+Agent.find_or_create_by!(user: admin_user, agency: main_agency, organization: organization) do |agent|
+  agent.role = 'manager'
+end
+
+Agent.find_or_create_by!(user: admin_user, agency: support_agency, organization: organization) do |agent|
+  agent.role = 'admin'
+end
+<% else -%>
+# Simple mode: agents still need organization even if users don't require it
+Agent.find_or_create_by!(user: user, agency: main_agency, organization: organization) do |agent|
+  agent.role = 'member'
+end
+
+Agent.find_or_create_by!(user: admin_user, agency: main_agency, organization: organization) do |agent|
+  agent.role = 'manager'
+end
+
+Agent.find_or_create_by!(user: admin_user, agency: support_agency, organization: organization) do |agent|
+  agent.role = 'admin'
+end
+<% end -%>
+<% end -%>
+
+<% if PropelAuthentication.configuration.organization_required? -%>
+puts "✅ Created test organization: #{organization.name}"
+<% if PropelAuthentication.configuration.agency_required? -%>
+puts "✅ Created agencies: #{Agency.where(organization: organization).pluck(:name).join(', ')}"
+<% end -%>
+puts "✅ Created test user: #{user.email_address} (password: password123) - Organization: #{user.organization.name}"
+puts "✅ Created admin user: #{admin_user.email_address} (password: password123) - Organization: #{admin_user.organization.name}"
+puts "✅ Created agent associations for proper tenancy access"
+puts ""
+puts "🎯 Test user agency access: #{user.agency_ids}"
+puts "🎯 Admin user agency access: #{admin_user.agency_ids}"
+<% else -%>
+puts "✅ Created agencies: #{Agency.pluck(:name).join(', ')}"
+puts "✅ Created test user: #{user.email_address} (password: password123)"
+puts "✅ Created admin user: #{admin_user.email_address} (password: password123)"
+puts "✅ Created agent associations for agency access"
+puts ""
+puts "🎯 Test user agency access: #{user.agency_ids}"
+puts "🎯 Admin user agency access: #{admin_user.agency_ids}"
+<% end -%>
+puts ""
+puts "🚀 You can now test login with POST /api/v1/login"

data/lib/generators/propel_authentication/templates/doc/signup_flow.md

@@ -12,12 +12,17 @@ The signup flow creates:
 
 ## Configuration
 
-Agency tenancy can be enabled/disabled in `config/initializers/propel_api.rb`:
+Multi-tenancy settings can be configured in `config/initializers/propel_authentication.rb`:
 
 ```ruby
-PropelApi.configure do |config|
-  config.agency_tenancy = true  # Enable agency-level tenancy
-  # config.agency_tenancy = false # Disable for organization-only tenancy
+PropelAuthentication.configure do |config|
+  # Multi-tenancy master switch
+  config.tenancy_enabled = true        # Enable/disable entire tenancy system
+  
+  # Individual tenancy model requirements
+  config.organization_required = true  # Users must belong to organizations
+  config.agency_required = true        # Enable agency-level tenancy within orgs
+  # config.agency_required = false     # Disable for organization-only tenancy
 end
 ```
 

data/lib/generators/propel_authentication/templates/fixtures/agencies.yml.erb

@@ -0,0 +1,23 @@
+marketing_agency:
+  name: "Marketing Solutions"
+  organization: acme_org
+  created_at: <%= 10.days.ago %>
+  updated_at: <%= 2.days.ago %>
+
+sales_agency:
+  name: "Sales Department"
+  organization: acme_org
+  created_at: <%= 9.days.ago %>
+  updated_at: <%= 2.days.ago %>
+
+tech_agency:
+  name: "Tech Solutions"
+  organization: tech_startup
+  created_at: <%= 8.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+support_agency:
+  name: "Support Team"
+  organization: tech_startup
+  created_at: <%= 7.days.ago %>
+  updated_at: <%= 1.day.ago %>

data/lib/generators/propel_authentication/templates/fixtures/agents.yml.erb

@@ -0,0 +1,71 @@
+john_marketing_agent:
+  user: john_user
+<% if PropelAuthentication.configuration.organization_required? -%>
+  organization: acme_org
+<% end -%>
+<% if PropelAuthentication.configuration.agency_required? -%>
+  agency: marketing_agency
+<% end -%>
+  role: "manager"
+  created_at: <%= 8.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+confirmed_sales_agent:
+  user: confirmed_user
+<% if PropelAuthentication.configuration.organization_required? -%>
+  organization: acme_org
+<% end -%>
+<% if PropelAuthentication.configuration.agency_required? -%>
+  agency: sales_agency
+<% end -%>
+  role: "analyst"
+  created_at: <%= 7.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+locked_marketing_agent:
+  user: locked_user
+<% if PropelAuthentication.configuration.organization_required? -%>
+  organization: acme_org
+<% end -%>
+<% if PropelAuthentication.configuration.agency_required? -%>
+  agency: marketing_agency
+<% end -%>
+  role: "coordinator"
+  created_at: <%= 6.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+jane_tech_agent:
+  user: jane_user
+<% if PropelAuthentication.configuration.organization_required? -%>
+  organization: tech_startup
+<% end -%>
+<% if PropelAuthentication.configuration.agency_required? -%>
+  agency: tech_agency
+<% end -%>
+  role: "developer"
+  created_at: <%= 5.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+expired_support_agent:
+  user: expired_confirmation_user
+<% if PropelAuthentication.configuration.organization_required? -%>
+  organization: tech_startup
+<% end -%>
+<% if PropelAuthentication.configuration.agency_required? -%>
+  agency: support_agency
+<% end -%>
+  role: "specialist"
+  created_at: <%= 4.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+locked_sales_agent:
+  user: locked_user
+<% if PropelAuthentication.configuration.organization_required? -%>
+  organization: acme_org
+<% end -%>
+<% if PropelAuthentication.configuration.agency_required? -%>
+  agency: sales_agency
+<% end -%>
+  role: "trainee"
+  created_at: <%= 3.days.ago %>
+  updated_at: <%= 1.day.ago %>

data/lib/generators/propel_authentication/templates/fixtures/invitations.yml.erb

@@ -0,0 +1,9 @@
+pending_invitation:
+  email_address: "newuser@example.com"
+  first_name: "New"
+  last_name: "User"
+  organization: acme_org
+  inviter: john_user
+  status: "pending"
+  created_at: <%= 3.days.ago %>
+  updated_at: <%= 3.days.ago %>

data/lib/generators/propel_authentication/templates/fixtures/organizations.yml.erb

@@ -0,0 +1,21 @@
+acme_org:
+  name: "Acme Corporation"
+  website: "https://acme-corp.com"
+  time_zone: "UTC"
+  logo: "https://acme-corp.com/logo.png"
+  slug: "acme-corporation"
+  metadata: { org_type: "enterprise", industry: "technology", size: "large" }
+  settings: { theme: "corporate", timezone: "EST", features: "premium" }
+  created_at: <%= 30.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+tech_startup:
+  name: "Tech Startup Inc"
+  website: "https://techstartup.io"
+  time_zone: "America/New_York"
+  logo: "https://techstartup.io/logo.png"
+  slug: "tech-startup-inc"
+  metadata: { org_type: "startup", industry: "software", size: "small" }
+  settings: { theme: "modern", timezone: "PST", features: "basic" }
+  created_at: <%= 15.days.ago %>
+  updated_at: <%= 2.days.ago %>

data/lib/generators/propel_authentication/templates/fixtures/users.yml.erb

@@ -0,0 +1,77 @@
+john_user:
+  email_address: "john@example.com"
+  username: "john_doe"
+  first_name: "John"
+  last_name: "Doe"
+  password_digest: "<%= BCrypt::Password.create('password123') %>"
+  organization: acme_org
+  status: "active"
+  confirmed_at: null
+  confirmation_token: "<%= SecureRandom.hex(32) %>"
+  confirmation_sent_at: <%= 1.hour.ago %>
+  metadata: { user_type: "admin", department: "engineering", priority: "high" }
+  settings: { theme: "dark", language: "en", notifications: true }
+  created_at: <%= 7.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+jane_user:
+  email_address: "jane@example.com"
+  username: "jane_smith"
+  first_name: "Jane"
+  last_name: "Smith"
+  password_digest: "<%= BCrypt::Password.create('password123') %>"
+  organization: tech_startup
+  status: "active"
+  confirmed_at: null
+  failed_login_attempts: 0
+  locked_at: null
+  metadata: { user_type: "manager", department: "marketing", priority: "high" }
+  settings: { theme: "light", language: "en", notifications: false }
+  created_at: <%= 5.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+confirmed_user:
+  email_address: "confirmed@example.com"
+  username: "confirmed_user"
+  first_name: "Confirmed"
+  last_name: "User"
+  password_digest: "<%= BCrypt::Password.create('password123') %>"
+  organization: acme_org
+  status: "active"
+  confirmed_at: <%= 7.days.ago %>
+  metadata: { user_type: "employee", department: "sales", priority: "medium" }
+  settings: { theme: "auto", language: "es", notifications: true }
+  created_at: <%= 14.days.ago %>
+  updated_at: <%= 1.day.ago %>
+
+locked_user:
+  email_address: "locked@example.com"
+  username: "locked_user"
+  first_name: "Locked"
+  last_name: "User"
+  password_digest: "<%= BCrypt::Password.create('password123') %>"
+  organization: acme_org
+  status: "active"
+  confirmed_at: <%= 10.days.ago %>
+  failed_login_attempts: 5
+  locked_at: <%= 1.hour.ago %>
+  metadata: { user_type: "employee", department: "support", priority: "low" }
+  settings: { theme: "light", language: "en", notifications: false }
+  created_at: <%= 20.days.ago %>
+  updated_at: <%= 1.hour.ago %>
+
+expired_confirmation_user:
+  email_address: "expired@example.com"
+  username: "expired_user"
+  first_name: "Expired"
+  last_name: "User"
+  password_digest: "<%= BCrypt::Password.create('password123') %>"
+  organization: tech_startup
+  status: "active"
+  confirmed_at: null
+  confirmation_token: "<%= SecureRandom.hex(32) %>"
+  confirmation_sent_at: <%= 25.hours.ago %>
+  metadata: { user_type: "test", department: "qa", priority: "low" }
+  settings: { theme: "dark", language: "fr", notifications: false }
+  created_at: <%= 30.days.ago %>
+  updated_at: <%= 25.hours.ago %>

data/lib/generators/propel_authentication/templates/models/agency.rb.tt

@@ -1,13 +1,19 @@
 class Agency < ApplicationRecord
   # Multi-tenant associations
+<% if PropelAuthentication.configuration.organization_required? -%>
   belongs_to :organization
+<% end -%>
+<% if PropelAuthentication.configuration.agency_required? -%>
   has_many :agents, dependent: :destroy
+<% end -%>
 
   validates :name, presence: true
 <% if @rendering_engine == 'json_facet' -%>
 
   # Facets
-  json_facet :short, fields: [:id, :name]
-  json_facet :details, fields: [:id, :name, :organization_id, :created_at, :updated_at]
+  json_facet :short, 
+    fields: [:id, :name]
+  json_facet :details, 
+    fields: [:id, :name, :organization_id, :created_at, :updated_at]
 <% end -%>
 end 

data/lib/generators/propel_authentication/templates/models/agent.rb.tt

@@ -1,13 +1,24 @@
 class Agent < ApplicationRecord
   # Multi-tenant associations
+<% if PropelAuthentication.configuration.organization_required? -%>
+  belongs_to :organization
+<% end -%>
+<% if PropelAuthentication.configuration.agency_required? -%>
   belongs_to :agency
+<% end -%>
   belongs_to :user
 
+<% if PropelAuthentication.configuration.agency_required? -%>
   validates :user_id, uniqueness: { scope: :agency_id }
+<% else -%>
+  validates :user_id, uniqueness: { scope: :organization_id }
+<% end -%>
 <% if @rendering_engine == 'json_facet' -%>
 
   # Facets
-  json_facet :short, fields: [:id, :title]
-  json_facet :details, fields: [:id, :title, :role, :organization_id, :created_at, :updated_at]
+  json_facet :short, 
+    fields: [:id, :title]
+  json_facet :details, 
+    fields: [:id, :title, :role, :organization_id, :created_at, :updated_at]
 <% end -%>
 end 

data/lib/generators/propel_authentication/templates/models/invitation.rb.tt

@@ -99,9 +99,11 @@ class Invitation < ApplicationRecord
         update!(status: :accepted)
         
         # Create agent relationship if needed
+        agency = self.organization.agencies.first || self.organization.agencies.create!(name: 'Default Agency')
         Agent.create!(
           user: user,
-          agency: self.organization.agencies.first || self.organization.agencies.create!(name: 'Default Agency')
+          agency: agency,
+          organization: self.organization
         )
         
         user

data/lib/generators/propel_authentication/templates/models/organization.rb.tt

@@ -2,11 +2,24 @@ class Organization < ApplicationRecord
   # Multi-tenant associations
   has_many :users, dependent: :destroy
   has_many :agencies, dependent: :destroy
+<% if PropelAuthentication.configuration.agency_required? -%>
+  has_many :agents, dependent: :destroy
+<% end -%>
 
   validates :name, presence: true
 <% if @rendering_engine == 'json_facet' -%>
   # Facets
-  json_facet :short, fields: [:id, :name, :website, :time_zone]
-  json_facet :details, fields: [:id, :name, :website, :time_zone, :meta, :settings, :created_at, :updated_at]
+  json_facet :short, 
+    fields: 
+      [
+        :id, :name, :website, :time_zone, :logo, :slug
+      ]
+  json_facet :details, 
+    fields: 
+      [
+        :id, :name, :website, :time_zone, :logo, :slug, 
+        :created_at, :updated_at,
+        :metadata, :settings
+      ]
 <% end -%>
 end 

data/lib/generators/propel_authentication/templates/models/user.rb.tt

@@ -21,6 +21,22 @@ class User < ApplicationRecord
   # include Statusable
 
   # Facets
-  json_facet :short, fields: [:id, :email_address, :username, :phone_number, :first_name, :middle_name, :last_name, :time_zone, :status]
-  json_facet :details, fields: [:id, :email_address, :username, :phone_number, :first_name, :middle_name, :last_name, :time_zone, :confirmation_sent_at, :unconfirmed_email_address, :confirmed_at, :status, :last_login_at, :failed_login_attempts, :locked_at, :organization_id, :meta, :settings, :created_at, :updated_at], include: [:organization]
+  json_facet :short, 
+    fields: 
+      [
+        :id, :email_address, :username, :phone_number, 
+        :first_name, :middle_name, :last_name, 
+        :time_zone, :status
+      ]
+  json_facet :details, 
+    fields: 
+      [
+        :id, :email_address, :username, :phone_number, 
+        :first_name, :middle_name, :last_name, 
+        :time_zone, :status, 
+        :confirmation_sent_at, :unconfirmed_email_address, :confirmed_at,
+        :last_login_at, :failed_login_attempts, :locked_at, 
+        :created_at, :updated_at,
+        :organization_id, :metadata, :settings 
+      ], include: [:organization]
 end