Merge branch 'table-component' of https://github.com/yshmarov/moneygun into table-component

Author: yshmarov

Gemfile

@@ -71,15 +71,23 @@ end
 # active record
 gem "sqids" # for obfuscating IDs
 
-# authentication and authorization
+# authentication
 gem "devise", "~> 4.9"
 gem "devise_invitable", "~> 2.0"
+
+# oauth
+gem "omniauth-google-oauth2"
+gem "omniauth-github"
+gem "omniauth-rails_csrf_protection" # for omniauth 2.0
+
+# authorization
 gem "pundit", "~> 2.3"
 
 # frontend
 gem "view_component"
 gem "inline_svg", "~> 1.9"
 gem "active_link_to", "~> 1.0"
+gem "turbo_power", "~> 0.7.0"
 
 # admin
 gem "avo", ">= 3.2"
@@ -89,5 +97,3 @@ gem "ransack", "~> 4.2"
 gem "pay", "~> 8.0"
 gem "stripe", "~> 13.0"
 gem "profitable"
-
-gem "turbo_power", "~> 0.7.0"

Gemfile.lock

@@ -158,6 +158,12 @@ GEM
     erubi (1.13.1)
     et-orbi (1.2.11)
       tzinfo
+    faraday (2.13.1)
+      faraday-net_http (>= 2.0, < 3.5)
+      json
+      logger
+    faraday-net_http (3.4.0)
+      net-http (>= 0.5.0)
     ffi (1.17.2-aarch64-linux-gnu)
     ffi (1.17.2-arm-linux-gnu)
     ffi (1.17.2-arm64-darwin)
@@ -169,6 +175,7 @@ GEM
       raabro (~> 1.4)
     globalid (1.2.1)
       activesupport (>= 6.1)
+    hashie (5.0.0)
     highline (3.1.2)
       reline
     i18n (1.14.7)
@@ -203,6 +210,8 @@ GEM
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
     json (2.12.2)
+    jwt (2.10.1)
+      base64
     kamal (2.6.1)
       activesupport (>= 7.0)
       base64 (~> 0.2)
@@ -247,6 +256,10 @@ GEM
       stimulus-rails
       turbo-rails
     msgpack (1.8.0)
+    multi_xml (0.7.2)
+      bigdecimal (~> 3.1)
+    net-http (0.6.0)
+      uri
     net-imap (0.5.8)
       date
       net-protocol
@@ -275,6 +288,32 @@ GEM
       racc (~> 1.4)
     nokogiri (1.18.8-x86_64-linux-gnu)
       racc (~> 1.4)
+    oauth2 (2.0.11)
+      faraday (>= 0.17.3, < 4.0)
+      jwt (>= 1.0, < 4.0)
+      logger (~> 1.2)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0, >= 2.0.3)
+      version_gem (>= 1.1.8, < 3)
+    omniauth (2.1.3)
+      hashie (>= 3.4.6)
+      rack (>= 2.2.3)
+      rack-protection
+    omniauth-github (2.0.1)
+      omniauth (~> 2.0)
+      omniauth-oauth2 (~> 1.8)
+    omniauth-google-oauth2 (1.2.1)
+      jwt (>= 2.9.2)
+      oauth2 (~> 2.0)
+      omniauth (~> 2.0)
+      omniauth-oauth2 (~> 1.8)
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
+    omniauth-rails_csrf_protection (1.0.2)
+      actionpack (>= 4.2)
+      omniauth (~> 2.0)
     orm_adapter (0.5.0)
     ostruct (0.6.1)
     pagy (9.3.4)
@@ -310,6 +349,10 @@ GEM
     raabro (1.4.0)
     racc (1.8.1)
     rack (3.1.15)
+    rack-protection (4.1.1)
+      base64 (>= 0.1.0)
+      logger (>= 1.6.0)
+      rack (>= 3.0.0, < 4)
     rack-session (2.1.1)
       base64 (>= 0.1.0)
       rack (>= 3.0.0)
@@ -412,6 +455,9 @@ GEM
     simplecov-html (0.13.1)
     simplecov_json_formatter (0.1.4)
     smart_properties (1.17.0)
+    snaky_hash (2.0.3)
+      hashie (>= 0.1.0, < 6)
+      version_gem (>= 1.1.8, < 3)
     solid_cable (3.0.8)
       actioncable (>= 7.2)
       activejob (>= 7.2)
@@ -469,6 +515,7 @@ GEM
     unicode-emoji (4.0.4)
     uri (1.0.3)
     useragent (0.16.11)
+    version_gem (1.1.8)
     view_component (3.23.2)
       activesupport (>= 5.2.0, < 8.1)
       concurrent-ruby (~> 1)
@@ -514,6 +561,9 @@ DEPENDENCIES
   kamal
   mission_control-jobs
   nested_scaffold!
+  omniauth-github
+  omniauth-google-oauth2
+  omniauth-rails_csrf_protection
   pay (~> 8.0)
   pg (~> 1.1)
   profitable

app/assets/images/svg/github.svg

@@ -1,7 +1,12 @@
 class SearchController < ApplicationController
   def index
     @organizations = if params[:query].present?
-      current_user.organizations.where("name ILIKE ?", "%#{params[:query]}%")
+      # Combine user's organizations + public/restricted organizations
+      Organization.where(id: [
+        current_user.organizations.pluck(:id),
+        Organization.not_privacy_setting_private.pluck(:id)
+      ].flatten.uniq)
+      .where("name ILIKE ?", "%#{params[:query]}%")
     else
       Organization.none
     end

app/assets/images/svg/google.svg

@@ -0,0 +1,18 @@
+class Users::ConnectedAccountsController < ApplicationController
+  before_action :set_connected_account, only: %i[destroy]
+
+  def index
+    @connected_accounts = current_user.connected_accounts
+  end
+
+  def destroy
+    @connected_account.destroy
+    redirect_to user_connected_accounts_path, notice: I18n.t("connected_accounts.destroy.success")
+  end
+
+  private
+
+  def set_connected_account
+    @connected_account = current_user.connected_accounts.find(params[:id])
+  end
+end

app/controllers/search_controller.rb

@@ -0,0 +1,25 @@
+class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  Devise.omniauth_configs.keys.each do |provider|
+    define_method provider do
+      handle_auth provider
+    end
+  end
+
+  private
+
+  def handle_auth(kind)
+    user = User.from_omniauth(request.env["omniauth.auth"])
+    if user.persisted?
+      session[:new_user] = true if user.saved_change_to_id?
+      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", kind: kind
+      sign_in_and_redirect user, event: :authentication
+    else
+      session["devise.auth_data"] = request.env["omniauth.auth"].except(:extra)
+      redirect_to new_user_registration_url, alert: user.errors.full_messages.join("\n")
+    end
+  end
+
+  def failure
+    redirect_to new_user_registration_url, alert: I18n.t("devise.omniauth_callbacks.failure")
+  end
+end

app/controllers/users/connected_accounts_controller.rb

@@ -16,22 +16,26 @@ def privacy_setting_options(key)
         display_text: "Invite only",
         description_text: "People can join your server directly with an invite",
         # icon_path: "svg/lock.svg"
-        icon_path: "🔐"
+        icon_path: "🔒"
       }
     when "restricted"
       {
         display_text: "Apply to join",
         description_text: "People must submit an application to be approved to join",
         # icon_path: "svg/envelope.svg"
-        icon_path: "📨"
+        icon_path: "📩"
       }
     when "public"
       {
         display_text: "Discoverable",
         description_text: "Anyone can join your server directly through Server Discovery",
         # icon_path: "svg/globe.svg"
-        icon_path: "🌐"
+        icon_path: "🌍"
       }
     end
   end
+
+  def privacy_setting_icon(key)
+    tag.span privacy_setting_options(key)[:icon_path], class: "text-lg", alt: key, title: key
+  end
 end

app/controllers/users/omniauth_callbacks_controller.rb

@@ -1,8 +1,12 @@
 module UserHelper
   def user_avatar(user)
-    tag.div class: "du-avatar du-avatar-placeholder" do
-      tag.div class: "bg-neutral text-neutral-content w-8 rounded-full" do
-        tag.span user.email[0..1].upcase, class: "text-xs"
+    if user.connected_accounts.any? && user.connected_accounts.first.image_url.present?
+      image_tag user.connected_accounts.first.image_url, alt: user.connected_accounts.first.name, class: "w-8 h-8 rounded-full"
+    else
+      tag.div class: "du-avatar du-avatar-placeholder" do
+        tag.div class: "bg-neutral text-neutral-content w-8 rounded-full" do
+          tag.span user.email[0..1].upcase, class: "text-xs"
+        end
       end
     end
   end

app/helpers/organizations_helper.rb

@@ -3,8 +3,29 @@ module User::Authentication
 
   included do
     # Include default devise modules. Others available are:
-    # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
+    # :confirmable, :lockable, :timeoutable, :trackable
     devise :invitable, :database_authenticatable, :registerable,
-           :recoverable, :rememberable, :validatable
+           :recoverable, :rememberable, :validatable,
+           :omniauthable, omniauth_providers: Devise.omniauth_configs.keys
+
+    has_many :connected_accounts, dependent: :destroy
+  end
+
+  class_methods do
+    def from_omniauth(auth_payload)
+      email = auth_payload.info&.email
+      email ||= auth_payload.uid if auth_payload.provider == "saml"
+
+      user = User.where(email: email).first_or_initialize do |user|
+        user.email = email
+        user.password = Devise.friendly_token[0, 20] if user.password.blank?
+      end
+
+      if user.save
+        ConnectedAccount.create_or_update_from_omniauth(auth_payload, user)
+      end
+
+      user
+    end
   end
 end