RubyGems - propel_authentication - Versions diffs - 0.2.1 → 0.3.1 - Mend

propel_authentication 0.2.1 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

data/lib/generators/propel_authentication/templates/propel_authentication.rb.tt CHANGED Viewed

@@ -44,7 +44,9 @@ module PropelAuthentication
                   :support_email,
                   :enable_email_notifications,
                   :enable_sms_notifications,
-                  :agency_tenancy,
+                  :tenancy_enabled,
+                  :organization_required,
+                  :agency_required,
                   :require_organization_id,
                   :require_user_id,
                   :namespace,
@@ -105,9 +107,13 @@ module PropelAuthentication
       @enable_email_notifications = true
       @enable_sms_notifications = false # Requires SMS provider configuration
-      # Tenancy configuration
-      # Controls whether multi-agency tenancy is enabled within organizations
-      @agency_tenancy = true  # Enable agency-level tenancy by default
+      # Tenancy configuration - hierarchical structure
+      # Master switch: enables/disables entire multi-tenancy system
+      @tenancy_enabled = <%= tenancy_enabled? %>  # <%= tenancy_enabled? ? 'Enable' : 'Disable' %> multi-tenancy system
+      # Individual tenancy model requirements (only effective when tenancy_enabled = true)
+      @organization_required = <%= organization_required? %>  # <%= organization_required? ? 'Require' : 'Optional' %> organization association
+      @agency_required = <%= agency_required? %>  # <%= agency_required? ? 'Enable' : 'Disable' %> agency-level tenancy
       # API tenancy requirements (for PropelApi integration)
       # Controls whether APIs require explicit tenancy context in requests
@@ -120,6 +126,19 @@ module PropelAuthentication
       @version = nil
       @auth_scope = nil
     end
+    # Helper methods for template conditionals
+    def tenancy_enabled?
+      @tenancy_enabled
+    end
+    def organization_required?
+      @tenancy_enabled && @organization_required
+    end
+    def agency_required?
+      @tenancy_enabled && @agency_required
+    end
   end
 end
@@ -141,11 +160,19 @@ PropelAuthentication.configure do |config|
   # User registration settings
   config.allow_registration = true
-  # Multi-tenancy settings
+  # Multi-tenancy settings - hierarchical configuration
+  # Master switch: enables/disables entire multi-tenancy system
+  # When false: Single-tenant mode (no tenancy models required)
+  config.tenancy_enabled = <%= tenancy_enabled? %>
+  # Individual tenancy model requirements (only effective when tenancy_enabled = true)
+  # Controls whether users must belong to organizations
+  config.organization_required = <%= organization_required? %>
   # Controls whether agency-level tenancy is enabled within organizations
   # When true: Organization -> Agency -> Resources structure
   # When false: Organization -> Resources structure (simpler)
-  config.agency_tenancy = true
+  config.agency_required = <%= agency_required? %>
   # API tenancy requirements (for PropelApi integration)
   # Controls whether clients must provide explicit tenancy context in API requests

data/lib/generators/propel_authentication/templates/test/controllers/auth/lockable_integration_test.rb.tt CHANGED Viewed

@@ -11,7 +11,7 @@ class <%= controller_namespace('tokens') %>LockableIntegrationTest < ActionDispa
       organization: @organization
     )
     # Create agent association for agency access (required for real-time agency lookup)
-    Agent.create!(user: @user, agency: @agency, role: "member")
+    Agent.create!(user: @user, agency: @agency, organization: @organization, role: "member")
   end
   # CRITICAL: Real API integration with lockable functionality
@@ -148,7 +148,7 @@ class <%= controller_namespace('tokens') %>LockableIntegrationTest < ActionDispa
     post '<%= auth_route_prefix %>/unlock', params: {}
-    assert_response :unprocessable_entity, "Missing token should return 422"
+    assert_response :unprocessable_content, "Missing token should return 422"
     json = JSON.parse(response.body)
     assert_match(/token.*required/i, json['error'], "Should indicate token is required")

data/lib/generators/propel_authentication/templates/test/controllers/auth/password_reset_integration_test.rb.tt CHANGED Viewed

@@ -13,7 +13,7 @@ class <%= controller_namespace('passwords') %>PasswordResetIntegrationTest < Act
       last_name: "User"
     )
     # Create agent association for agency access (required for real-time agency lookup)
-    Agent.create!(user: @user, agency: @agency, role: "member")
+    Agent.create!(user: @user, agency: @agency, organization: @organization, role: "member")
   end
   # POST <%= auth_route_prefix %>/reset - Request Password Reset Tests
@@ -39,7 +39,7 @@ class <%= controller_namespace('passwords') %>PasswordResetIntegrationTest < Act
     post '<%= auth_route_prefix %>/reset', params: { email_address: "invalid-email-format" }
     # VERIFY VALIDATION ERROR: Should return validation error
-    assert_response :unprocessable_entity, "Invalid email_address format should be rejected"
+    assert_response :unprocessable_content, "Invalid email_address format should be rejected"
     response_json = JSON.parse(response.body)
     assert_match(/email.*invalid/i, response_json['error'], "Should indicate email_address format error")
@@ -65,7 +65,7 @@ class <%= controller_namespace('passwords') %>PasswordResetIntegrationTest < Act
     post '<%= auth_route_prefix %>/reset', params: {}
     # VERIFY PARAMETER VALIDATION: Should return parameter error
-    assert_response :unprocessable_entity, "Missing email_address should return validation error"
+    assert_response :unprocessable_content, "Missing email_address should return validation error"
     response_json = JSON.parse(response.body)
     assert_match(/email.*required/i, response_json['error'], "Should indicate email_address is required")
@@ -181,7 +181,7 @@ class <%= controller_namespace('passwords') %>PasswordResetIntegrationTest < Act
     }
     # VERIFY VALIDATION: Should return validation error
-    assert_response :unprocessable_entity, "Mismatched passwords should be rejected"
+    assert_response :unprocessable_content, "Mismatched passwords should be rejected"
     response_json = JSON.parse(response.body)
     assert_match(/password.*confirmation.*match/i, response_json['error'], "Should indicate password mismatch")
@@ -205,7 +205,7 @@ class <%= controller_namespace('passwords') %>PasswordResetIntegrationTest < Act
     }
     # VERIFY VALIDATION: Should return validation error
-    assert_response :unprocessable_entity, "Weak password should be rejected"
+    assert_response :unprocessable_content, "Weak password should be rejected"
     response_json = JSON.parse(response.body)
     assert_match(/password.*too short/i, response_json['error'], "Should indicate password strength issue")
@@ -226,7 +226,7 @@ class <%= controller_namespace('passwords') %>PasswordResetIntegrationTest < Act
       password_confirmation: "newpassword123"
     }
-    assert_response :unprocessable_entity, "Missing token should be rejected"
+    assert_response :unprocessable_content, "Missing token should be rejected"
     # TEST MISSING PASSWORD
     patch '<%= auth_route_prefix %>/reset', params: {
@@ -234,7 +234,7 @@ class <%= controller_namespace('passwords') %>PasswordResetIntegrationTest < Act
       password_confirmation: "newpassword123"
     }
-    assert_response :unprocessable_entity, "Missing password should be rejected"
+    assert_response :unprocessable_content, "Missing password should be rejected"
     # TEST MISSING CONFIRMATION
     patch '<%= auth_route_prefix %>/reset', params: {
@@ -242,7 +242,7 @@ class <%= controller_namespace('passwords') %>PasswordResetIntegrationTest < Act
       password: "newpassword123"
     }
-    assert_response :unprocessable_entity, "Missing password confirmation should be rejected"
+    assert_response :unprocessable_content, "Missing password confirmation should be rejected"
   end
   test "should clear failed login attempts on successful password reset" do
@@ -356,7 +356,7 @@ class <%= controller_namespace('passwords') %>PasswordResetIntegrationTest < Act
     get '<%= auth_route_prefix %>/reset', params: {}
     # VERIFY PARAMETER VALIDATION: Should return parameter error
-    assert_response :unprocessable_entity, "Missing token should return validation error"
+    assert_response :unprocessable_content, "Missing token should return validation error"
     response_json = JSON.parse(response.body)
     assert_match(/token.*required/i, response_json['error'], "Should indicate token is required")

data/lib/generators/propel_authentication/templates/test/controllers/auth/signup_controller_test.rb.tt CHANGED Viewed

@@ -111,7 +111,7 @@ class <%= controller_namespace('signup') %>SignupControllerTest < ActionDispatch
          params: invalid_params,
          as: :json
-    assert_response :unprocessable_entity
+    assert_response :unprocessable_content
     response_body = JSON.parse(response.body)
     assert_includes response_body.keys, 'error'
   end
@@ -123,7 +123,7 @@ class <%= controller_namespace('signup') %>SignupControllerTest < ActionDispatch
          params: invalid_params,
          as: :json
-    assert_response :unprocessable_entity
+    assert_response :unprocessable_content
     response_body = JSON.parse(response.body)
     assert_includes response_body.keys, 'error'
   end
@@ -136,7 +136,7 @@ class <%= controller_namespace('signup') %>SignupControllerTest < ActionDispatch
          params: invalid_params,
          as: :json
-    assert_response :unprocessable_entity
+    assert_response :unprocessable_content
     response_body = JSON.parse(response.body)
     assert_includes response_body.keys, 'details'
     assert_includes response_body['details'].keys, 'email_address'
@@ -150,7 +150,7 @@ class <%= controller_namespace('signup') %>SignupControllerTest < ActionDispatch
          params: invalid_params,
          as: :json
-    assert_response :unprocessable_entity
+    assert_response :unprocessable_content
     response_body = JSON.parse(response.body)
     assert_includes response_body.keys, 'details'
   end
@@ -172,7 +172,7 @@ class <%= controller_namespace('signup') %>SignupControllerTest < ActionDispatch
          params: duplicate_params,
          as: :json
-    assert_response :unprocessable_entity
+    assert_response :unprocessable_content
     response_body = JSON.parse(response.body)
     assert_includes response_body.keys, 'details'
     assert_includes response_body['details'].keys, 'email_address'
@@ -186,7 +186,7 @@ class <%= controller_namespace('signup') %>SignupControllerTest < ActionDispatch
          params: @valid_signup_params,
          as: :json
-    assert_response :unprocessable_entity
+    assert_response :unprocessable_content
     response_body = JSON.parse(response.body)
     assert_equal 'MISSING_AGENCY_DATA', response_body['code']
   end

data/lib/generators/propel_authentication/templates/test/controllers/auth/tokens_controller_test.rb.tt CHANGED Viewed

@@ -51,9 +51,9 @@ class <%= controller_namespace('tokens') %>TokensControllerTest < ActionDispatch
     @agency = Agency.create!(name: "Main Agency", organization: @organization)
     @rival_agency = Agency.create!(name: "Rival Agency", organization: @rival_organization)
-    Agent.create!(user: @valid_user, agency: @agency, role: "member")
-    Agent.create!(user: @other_user, agency: @rival_agency, role: "member")
-    Agent.create!(user: @inactive_user, agency: @agency, role: "member")
+    Agent.create!(user: @valid_user, agency: @agency, organization: @organization, role: "member")
+    Agent.create!(user: @other_user, agency: @rival_agency, organization: @rival_organization, role: "member")
+    Agent.create!(user: @inactive_user, agency: @agency, organization: @organization, role: "member")
   end
   test "POST <%= auth_route_prefix %>/login with valid credentials returns JWT token and user data" do
@@ -232,7 +232,7 @@ class <%= controller_namespace('tokens') %>TokensControllerTest < ActionDispatch
     }
     # VERIFY PARAMETER VALIDATION: Check required field enforcement
-    assert_response :unprocessable_entity, "Missing required parameters should return unprocessable_entity"
+    assert_response :bad_request, "Missing required parameters should return bad_request"
     response_json = JSON.parse(response.body)
     assert response_json["error"].present?, "Should return validation error message"
   end

data/lib/generators/propel_authentication/test/generators/authentication/controllers/tokens_controller_test.rb CHANGED Viewed

@@ -72,7 +72,7 @@ class TokensControllerTest < ActionDispatch::IntegrationTest
       }
     }, as: :json
-    assert_response :unprocessable_entity
+    assert_response :unprocessable_content
     response_body = JSON.parse(response.body)
     assert response_body.key?("error"), "Should return error message"

data/lib/generators/propel_authentication/test/generators/authentication/install_generator_test.rb CHANGED Viewed

@@ -151,7 +151,7 @@ class Propel::Authentication::InstallGeneratorTest < Rails::Generators::TestCase
       assert_match(/t\.references :organization/, migration)
       # JSON fields for flexible data storage
-      assert_match(/t\.jsonb :meta, default: {}/, migration)
+      assert_match(/t\.jsonb :metadata, default: {}/, migration)
       assert_match(/t\.jsonb :settings, default: {}/, migration)
       # Proper indexes for JWT authentication performance

data/lib/generators/propel_authentication/test/integration/multi_version_generator_test.rb CHANGED Viewed

@@ -16,32 +16,31 @@ class MultiVersionGeneratorTest < Rails::Generators::TestCase
     super
   end
-  test "generator creates dynamic controller structure with proper namespace configuration" do
-    run_generator ["--namespace=api", "--version=v1"]
+  test "generator creates dynamic API versioning structure" do
+    run_generator ["--configurable-versioning"]
-    # Verify direct controllers are created with proper class names (no inheritance)
-    assert_file "app/controllers/api/v1/tokens_controller.rb" do |content|
-      assert_match(/class Api::V1::TokensController < ApplicationController/, content)
-      assert_match(/POST \/api\/v1\/login/, content)
+    # Verify base controllers are created
+    assert_file "app/controllers/api/auth/base_tokens_controller.rb" do |content|
+      assert_match(/class Api::Auth::BaseTokensController < ApplicationController/, content)
+      assert_match(/POST \/api\/\{version\}\/auth\/login/, content)
       assert_match(/def create/, content)
       assert_match(/def show/, content)
       assert_match(/def destroy/, content)
       assert_match(/def unlock/, content)
     end
-    assert_file "app/controllers/api/v1/passwords_controller.rb" do |content|
-      assert_match(/class Api::V1::PasswordsController < ApplicationController/, content)
-      assert_match(/POST \/api\/v1\/reset/, content)
+    assert_file "app/controllers/api/auth/base_passwords_controller.rb" do |content|
+      assert_match(/class Api::Auth::BasePasswordsController < ApplicationController/, content)
+      assert_match(/POST \/api\/\{version\}\/auth\/reset/, content)
       assert_match(/def create/, content)
       assert_match(/def show/, content)
       assert_match(/def update/, content)
     end
-    # Verify routes are created with proper namespacing and as: options
+    # Verify runtime configurable routes are created
     assert_file "config/routes.rb" do |content|
-      assert_match(/namespace :api/, content)
-      assert_match(/namespace :v1/, content)
-      assert_match(/post 'login', to: 'tokens#create', as: :login/, content)
+      assert_match(/# Runtime configurable API versioning routes/, content)
+      assert_match(/api_version = PropelAccess\.configuration\.api_version/, content)
       assert_match(/namespace :api do/, content)
       assert_match(/namespace api_version do/, content)
       assert_match(/namespace :auth do/, content)

data/lib/propel_authentication.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module PropelAuthentication
-  VERSION = "0.2.1"
+  VERSION = "0.3.1"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: propel_authentication
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.1
 platform: ruby
 authors:
 - Propel Team
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2025-09-02 00:00:00.000000000 Z
+date: 2025-09-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -50,14 +50,34 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: 3.1.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: 3.1.2
+- !ruby/object:Gem::Dependency
+  name: noticed
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 description: A self-extracting generator that creates a JWT-based authentication system
   with agencies, agents, password resets, email confirmation, and account locking
   for Rails applications.
@@ -90,8 +110,13 @@ files:
 - lib/generators/propel_authentication/templates/db/migrate/create_invitations.rb
 - lib/generators/propel_authentication/templates/db/migrate/create_organizations.rb
 - lib/generators/propel_authentication/templates/db/migrate/create_users.rb
-- lib/generators/propel_authentication/templates/db/seeds.rb
+- lib/generators/propel_authentication/templates/db/propel_seeds.rb.tt
 - lib/generators/propel_authentication/templates/doc/signup_flow.md
+- lib/generators/propel_authentication/templates/fixtures/agencies.yml.erb
+- lib/generators/propel_authentication/templates/fixtures/agents.yml.erb
+- lib/generators/propel_authentication/templates/fixtures/invitations.yml.erb
+- lib/generators/propel_authentication/templates/fixtures/organizations.yml.erb
+- lib/generators/propel_authentication/templates/fixtures/users.yml.erb
 - lib/generators/propel_authentication/templates/models/agency.rb.tt
 - lib/generators/propel_authentication/templates/models/agent.rb.tt
 - lib/generators/propel_authentication/templates/models/invitation.rb.tt

data/lib/generators/propel_authentication/templates/db/seeds.rb DELETED Viewed

@@ -1,75 +0,0 @@
-# This file should ensure the existence of records required to run the application in every environment (production,
-# development, test). The code here should be idempotent so that it can be executed at any point in every environment.
-# The data can then be loaded with the bin/rails db:seed command (or created alongside the database with db:setup).
-#
-# Example:
-#
-#   ["Action", "Comedy", "Drama", "Horror"].each do |genre_name|
-#     MovieGenre.find_or_create_by!(name: genre_name)
-#   end
-# Create comprehensive tenancy structure for authentication testing
-puts "🏢 Creating test organization structure..."
-organization = Organization.find_or_create_by!(name: 'Test Organization') do |org|
-  org.website = 'https://test.example.com'
-  org.time_zone = 'UTC'
-end
-# Create agencies for proper tenancy structure
-main_agency = Agency.find_or_create_by!(name: 'Main Department', organization: organization) do |agency|
-  agency.phone_number = '+1-555-0101'
-  agency.address = '123 Main Street'
-end
-support_agency = Agency.find_or_create_by!(name: 'Support Department', organization: organization) do |agency|
-  agency.phone_number = '+1-555-0102'
-  agency.address = '123 Support Street'
-end
-# Create test users with proper confirmations
-user = User.find_or_create_by!(email_address: 'test@example.com') do |u|
-  u.username = 'testuser'
-  u.email_address = 'test@example.com'
-  u.password = 'password123'
-  u.password_confirmation = 'password123'
-  u.organization = organization
-  u.first_name = 'Test'
-  u.last_name = 'User'
-  u.confirmed_at = 1.week.ago  # Confirmed user for easier testing
-end
-admin_user = User.find_or_create_by!(email_address: 'admin@example.com') do |u|
-  u.username = 'adminuser'
-  u.email_address = 'admin@example.com'
-  u.password = 'password123'
-  u.password_confirmation = 'password123'
-  u.organization = organization
-  u.first_name = 'Admin'
-  u.last_name = 'User'
-  u.confirmed_at = 1.week.ago  # Confirmed admin for easier testing
-end
-# Create agent associations for agency access (CRITICAL for tenancy validation)
-Agent.find_or_create_by!(user: user, agency: main_agency) do |agent|
-  agent.role = 'member'
-end
-Agent.find_or_create_by!(user: admin_user, agency: main_agency) do |agent|
-  agent.role = 'manager'
-end
-Agent.find_or_create_by!(user: admin_user, agency: support_agency) do |agent|
-  agent.role = 'admin'
-end
-puts "✅ Created test organization: #{organization.name}"
-puts "✅ Created agencies: #{Agency.where(organization: organization).pluck(:name).join(', ')}"
-puts "✅ Created test user: #{user.email_address} (password: password123)"
-puts "✅ Created admin user: #{admin_user.email_address} (password: password123)"
-puts "✅ Created agent associations for proper tenancy access"
-puts ""
-puts "🎯 Test user agency access: #{user.agency_ids}"
-puts "🎯 Admin user agency access: #{admin_user.agency_ids}"
-puts ""
-puts "🚀 You can now test login with POST /api/v1/login"