3 |
4 |
13 |
17 |
18 |
19 |
51 |
--------------------------------------------------------------------------------
/app/controllers/concerns/inertia_csrf.rb:
--------------------------------------------------------------------------------
1 | require 'active_support/concern'
2 |
3 | # Store the CSRF token in a non-session cookie so Axios can access it
4 | # Name it as XSRF-TOKEN, because this is the Axios default
5 | #
6 | # More info: https://pragmaticstudio.com/tutorials/rails-session-cookies-for-api-authentication
7 | #
8 | module InertiaCsrf
9 | extend ActiveSupport::Concern
10 |
11 | included do
12 | before_action :set_csrf_cookie
13 |
14 | rescue_from ActionController::InvalidAuthenticityToken do
15 | redirect_back_or_to '/', notice: 'The page expired, please try again.'
16 | end
17 | end
18 |
19 | # Rails uses HTTP_X_CSRF_TOKEN, but axios sends HTTP_X_XSRF_TOKEN (different name, X instead of C)
20 | # By overriding `request_authenticity_tokens` we can tell Rails to check HTTP_X_XSRF_TOKEN, too
21 | # Source: https://github.com/rails/rails/blob/v6.0.3.2/actionpack/lib/action_controller/metal/request_forgery_protection.rb#L305-L308
22 | def request_authenticity_tokens
23 | super << request.headers['HTTP_X_XSRF_TOKEN']
24 | end
25 |
26 | private
27 |
28 | def set_csrf_cookie
29 | cookies['XSRF-TOKEN'] = {
30 | value: form_authenticity_token,
31 | same_site: 'Strict',
32 | }
33 | end
34 | end
35 |
--------------------------------------------------------------------------------
/config/storage.yml:
--------------------------------------------------------------------------------
1 | test:
2 | service: Disk
3 | root: <%= Rails.root.join("tmp/storage") %>
4 |
5 | local:
6 | service: Disk
7 | root: <%= Rails.root.join("storage") %>
8 | # Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
9 | # amazon:
10 | # service: S3
11 | # access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
12 | # secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
13 | # region: us-east-1
14 | # bucket: your_own_bucket-<%= Rails.env %>
15 |
16 | # Remember not to checkin your GCS keyfile to a repository
17 | # google:
18 | # service: GCS
19 | # project: your_project
20 | # credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
21 | # bucket: your_own_bucket-<%= Rails.env %>
22 |
23 | # Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
24 | # microsoft:
25 | # service: AzureStorage
26 | # storage_account_name: your_account_name
27 | # storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
28 | # container: your_container_name-<%= Rails.env %>
29 |
30 | # mirror:
31 | # service: Mirror
32 | # primary: local
33 | # mirrors: [ amazon, google, microsoft ]
34 |
--------------------------------------------------------------------------------
/bin/setup:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | require 'fileutils'
3 |
4 | APP_ROOT = File.expand_path('..', __dir__)
5 |
6 | def system!(*args)
7 | system(*args, exception: true)
8 | end
9 |
10 | FileUtils.chdir APP_ROOT do
11 | # This script is a way to set up or update your development environment automatically.
12 | # This script is idempotent, so that you can run it at any time and get an expectable outcome.
13 | # Add necessary setup steps to this file.
14 |
15 | puts '== Installing dependencies =='
16 | system('bundle check') || system!('bundle install')
17 | system! 'gem install foreman'
18 | system! 'gem install syntax_tree'
19 |
20 | # Install JavaScript dependencies
21 | system! 'bin/yarn'
22 |
23 | # puts "\n== Copying sample files =="
24 | # unless File.exist?('config/database.yml')
25 | # FileUtils.cp 'config/database.yml.sample', 'config/database.yml'
26 | # end
27 |
28 | puts "\n== Preparing database =="
29 | system! 'bin/rails db:prepare'
30 |
31 | puts "\n== Removing old logs and tempfiles =="
32 | system! 'bin/rails log:clear tmp:clear'
33 |
34 | unless ARGV.include?('--skip-server')
35 | puts "\n== Restarting application server =="
36 | STDOUT.flush # flush the output before exec(2) so that it displays
37 | exec 'bin/rails restart'
38 | end
39 | end
40 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Error.vue:
--------------------------------------------------------------------------------
1 |
2 |
14 | {{ errors[0] }}
15 |
16 |
5 |
6 |
7 |
14 |
15 |
16 |
17 |
50 |
--------------------------------------------------------------------------------
/app/javascript/styles/form.css:
--------------------------------------------------------------------------------
1 | .form-label {
2 | @apply mb-2 block select-none text-gray-700;
3 | }
4 |
5 | .form-input,
6 | .form-textarea,
7 | .form-select {
8 | @apply relative block w-full appearance-none rounded-sm border border-gray-200 bg-white p-2 text-left font-sans leading-normal text-gray-700 focus:border-indigo-400 focus:ring-3;
9 | }
10 | .form-input::placeholder,
11 | .form-textarea::placeholder,
12 | .form-select::placeholder {
13 | @apply text-gray-500 opacity-100;
14 | }
15 |
16 | .form-select {
17 | @apply pr-6;
18 | background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAQCAYAAAAMJL+VAAAABGdBTUEAALGPC/xhBQAAAQtJREFUOBG1lEEOgjAQRalbGj2OG9caOACn4ALGtfEuHACiazceR1PWOH/CNA3aMiTaBDpt/7zPdBKy7M/DCL9pGkvxxVp7KsvyJftL5rZt1865M+Ucq6pyyF3hNcI7Cuu+728QYn/JQA5yKaempxuZmQngOwEaYx55nu+1lQh8GIatMGi+01NwBcEmhxBqK4nAPZJ78K0KKFAJmR3oPp8+Iwgob0Oa6+TLoeCvRx+mTUYf/FVBGTPRwDkfLxnaSrRwcH0FWhNOmrkWYbE2XEicqgSa1J0LQ+aPCuQgZiLnwewbGuz5MGoAhcIkCQcjaTBjMgtXGURMVHC1wcQEy0J+Zlj8bKAnY1/UzDe2dbAVqfXn6wAAAABJRU5ErkJggg==');
19 | background-size: 0.7rem;
20 | background-repeat: no-repeat;
21 | background-position: right 0.7rem center;
22 | }
23 | .form-select::-ms-expand {
24 | @apply opacity-0;
25 | }
26 |
27 | .form-input.error,
28 | .form-textarea.error,
29 | .form-select.error {
30 | @apply border-red-500 focus:ring-3 focus:ring-red-200;
31 | }
32 |
33 | .form-error {
34 | @apply mt-2 text-sm text-red-700;
35 | }
36 |
--------------------------------------------------------------------------------
/app/javascript/Shared/SelectInput.vue:
--------------------------------------------------------------------------------
1 |
2 | 8 | {{ title }} 9 |
10 |11 | {{ description }} 12 |
13 |
3 |
4 |
14 |
18 |
19 |
20 |
63 |
--------------------------------------------------------------------------------
/app/javascript/Shared/TextInput.vue:
--------------------------------------------------------------------------------
1 |
2 |
15 | {{ errors[0] }}
16 |
17 |
3 |
4 |
14 |
18 |
19 |
20 |
59 |
--------------------------------------------------------------------------------
/app/javascript/styles/application.css:
--------------------------------------------------------------------------------
1 | @import '../styles/form.css' layer(base);
2 | @import '../styles/buttons.css' layer(base);
3 | @import '../styles/transitions.css' layer(base);
4 |
5 | @import 'tailwindcss' source('../..');
6 |
7 | @theme {
8 | --color-indigo-100: #e6e8ff;
9 | --color-indigo-300: #b2b7ff;
10 | --color-indigo-400: #7886d7;
11 | --color-indigo-500: #6574cd;
12 | --color-indigo-600: #5661b3;
13 | --color-indigo-800: #2f365f;
14 | --color-indigo-900: #191e38;
15 |
16 | --font-sans: 'Cerebri Sans', ui-sans-serif, system-ui, sans-serif,
17 | 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol', 'Noto Color Emoji';
18 | }
19 |
20 | /*
21 | The default border color has changed to `currentColor` in Tailwind CSS v4,
22 | so we've added these compatibility styles to make sure everything still
23 | looks the same as it did with Tailwind CSS v3.
24 |
25 | If we ever want to remove these styles, we need to add an explicit border
26 | color utility to any element that depends on these defaults.
27 | */
28 | @layer base {
29 | *,
30 | ::after,
31 | ::before,
32 | ::backdrop,
33 | ::file-selector-button {
34 | border-color: var(--color-gray-200, currentColor);
35 | }
36 | }
37 |
38 | @utility btn-indigo {
39 | @apply whitespace-nowrap rounded-sm bg-indigo-600 px-6 py-3 text-sm font-bold text-white;
40 | &:hover {
41 | @apply bg-orange-500;
42 | }
43 | &:focus {
44 | @apply bg-orange-500;
45 | }
46 | }
47 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Dashboard/Index.vue:
--------------------------------------------------------------------------------
1 |
2 |
15 | {{ errors[0] }}
16 |
17 |
3 |
4 | 5 | Dashboard 6 |
7 |8 | Hey there! Welcome to Ping CRM, a demo app designed to help illustrate how 9 | 13 | Inertia.js 14 | 15 | works with 16 | 20 | Ruby on Rails . 21 |
22 | 23 |24 | Version 25 | 26 | {{ git.commit_sha }} 27 | 28 | − 29 | {{ relativeCommitTime }} 30 |
31 | 32 | 33 | 34 | 57 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # PingCRM on Rails 2 | 3 | A demo application built with Ruby on Rails and Vue.js 3 to illustrate how **[Inertia.js](https://inertiajs.com/)** works. 4 | 5 |  6 | 7 | This is a port of the [original PingCRM written in Laravel/PHP](https://github.com/inertiajs/pingcrm) to Ruby on Rails. Now it's possible to dive into the beautiful world of **Inertia.js** without having to install PHP ;-) 8 | 9 | There is a hosted installation of this demo available at https://pingcrm.ledermann.dev. Login with: 10 | 11 | - **Username:** johndoe@example.com 12 | - **Password:** secret 13 | 14 | ## Lighthouse performance audit 15 | 16 |  17 | 18 | ## Installation 19 | 20 | Clone the repo locally: 21 | 22 | ``` 23 | git clone https://github.com/ledermann/pingcrm.git 24 | ``` 25 | 26 | Setup (install dependencies, create and seed database): 27 | 28 | ``` 29 | cd pingcrm 30 | bin/setup 31 | ``` 32 | 33 | Start it: 34 | 35 | ``` 36 | bin/dev 37 | ``` 38 | 39 | You're ready to go! Visit PingCRM in your browser (http://localhost:3000), and login with: 40 | 41 | - **Username:** johndoe@example.com 42 | - **Password:** secret 43 | 44 | ## Running tests 45 | 46 | To run the PingCRM tests, run: 47 | 48 | ``` 49 | rails test:system 50 | ``` 51 | 52 | ## Requirements 53 | 54 | - Ruby 3.4 55 | - Ruby on Rails 8.1 56 | - PostgreSQL 57 | 58 | ## Credits 59 | 60 | - Original work by Jonathan Reinink (@reinink) and contributors 61 | - Port to Ruby on Rails by Georg Ledermann (@ledermann) 62 | -------------------------------------------------------------------------------- /app/javascript/Pages/Users/New.vue: -------------------------------------------------------------------------------- 1 | 2 |
3 |
4 | 5 | 9 | Users 10 | 11 | / Create 12 |
13 |
14 |
15 |
27 |
28 |
29 |
30 |
31 |
61 |
--------------------------------------------------------------------------------
/test/system/login_test.rb:
--------------------------------------------------------------------------------
1 | require 'application_system_test_case'
2 |
3 | class LoginTest < ApplicationSystemTestCase
4 | setup do
5 | @account = create(:account)
6 | @user = create(:user, account: @account, owner: true)
7 | end
8 |
9 | test 'Login with valid credentials will be successful' do
10 | visit '/login'
11 | assert_selector 'h1', text: 'Welcome Back!'
12 |
13 | fill_in 'Email', with: @user.email
14 | fill_in 'Password', with: @user.password
15 | click_on 'Login'
16 |
17 | # Wait for the login form to disappear (indicating successful login)
18 | assert_no_selector 'h1', text: 'Welcome Back!'
19 |
20 | # Now check for the content on the dashboard
21 | assert_selector 'div', text: 'Hey there!'
22 |
23 | click_on 'John Doe'
24 | click_on 'Logout'
25 |
26 | # Wait for dashboard to disappear and login page to appear
27 | assert_no_selector 'div', text: 'Hey there!'
28 | assert_selector 'div', text: 'Welcome Back!'
29 | end
30 |
31 | test 'Login with invalid credentials will fail' do
32 | visit '/login'
33 |
34 | fill_in 'Email', with: @user.email
35 | fill_in 'Password', with: 'invalid'
36 | click_on 'Login'
37 |
38 | assert_selector 'div', text: I18n.t('devise.failure.invalid')
39 | end
40 |
41 | test 'Redirect to login for Inertia requests, too' do
42 | sign_in @user
43 | visit '/organizations'
44 |
45 | # Signout user, e.g. in a second browser window
46 | sign_out @user
47 |
48 | # Click a link that requires authentication
49 | click_on 'Contacts'
50 |
51 | assert_current_path('/login')
52 | end
53 | end
54 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Contacts/New.vue:
--------------------------------------------------------------------------------
1 |
2 |
18 |
23 | Create User
24 |
25 |
26 |
3 |
4 | 5 | 9 | Contacts 10 | 11 | / Create 12 |
13 |
14 |
19 |
31 |
32 |
33 |
34 |
35 |
65 |
--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3.7'
2 |
3 | services:
4 | db:
5 | hostname: db.${APP_HOST}
6 | environment:
7 | - POSTGRES_PASSWORD
8 | networks:
9 | - internal
10 | image: postgres:18-alpine
11 | restart: always
12 | healthcheck:
13 | test: ['CMD-SHELL', 'pg_isready -U postgres']
14 | interval: 30s
15 | timeout: 30s
16 | retries: 3
17 |
18 | app:
19 | hostname: app.${APP_HOST}
20 | image: ghcr.io/ledermann/pingcrm:latest
21 | volumes:
22 | - ${APP_VOLUME_PATH}:/app/storage
23 | environment:
24 | - APP_HOST
25 | - DB_HOST=db
26 | - DB_PASSWORD=${POSTGRES_PASSWORD}
27 | - DB_USER=postgres
28 | - SECRET_KEY_BASE
29 | - TZ
30 | - PLAUSIBLE_URL
31 | deploy:
32 | update_config:
33 | order: start-first
34 | replicas: 1
35 | labels:
36 | - traefik.enable=true
37 | - traefik.port=3000
38 | - traefik.docker.network=traefik_traefik-net
39 | - traefik.frontend.rule=Host:${APP_HOST}
40 | - traefik.frontend.redirect.entryPoint=https
41 | - traefik.frontend.redirect.permanent=true
42 | - traefik.frontend.headers.STSSeconds=31536000
43 | - traefik.frontend.headers.STSIncludeSubdomains=true
44 | - traefik.frontend.headers.STSPreload=true
45 | networks:
46 | - traefik_traefik-net
47 | - internal
48 | links:
49 | - db
50 | restart: always
51 | healthcheck:
52 | test: ['CMD-SHELL', 'nc -z 127.0.0.1 3000 || exit 1']
53 | interval: 1m
54 | start_period: 1m
55 |
56 | networks:
57 | internal:
58 | driver_opts:
59 | encrypted: ''
60 | traefik_traefik-net:
61 | external: true
62 |
--------------------------------------------------------------------------------
/app/javascript/entrypoints/application.js:
--------------------------------------------------------------------------------
1 | // This file is automatically compiled by Vite, along with any other files
2 | // present in this directory. You're encouraged to place your actual application logic in
3 | // a relevant structure within app/javascript and only use these pack files to reference
4 | // that code so it'll be compiled.
5 |
6 | import '~/styles/application.css';
7 |
8 | import { createApp, h } from 'vue';
9 |
10 | import { router, createInertiaApp } from '@inertiajs/vue3';
11 | import { init, track } from '@plausible-analytics/tracker';
12 | const plausibleUrl = document.querySelector(
13 | 'meta[name="plausible-url"]',
14 | ).content;
15 | if (plausibleUrl) {
16 | init({
17 | domain: document.querySelector('meta[name="app-host"]').content,
18 | endpoint: `${plausibleUrl}/api/event`,
19 | origin: globalThis.location.origin,
20 | autoCapturePageviews: false,
21 | outboundLinks: true,
22 | });
23 |
24 | router.on('navigate', () => {
25 | track('pageview', {});
26 | });
27 | }
28 |
29 | import * as Routes from '@/routes.js';
30 |
31 | const pages = import.meta.glob('../Pages/**/*.vue', { eager: true });
32 |
33 | createInertiaApp({
34 | resolve: (name) => {
35 | const component = pages[`../Pages/${name}.vue`];
36 | if (!component)
37 | throw new Error(
38 | `Unknown page ${name}. Is it located under Pages with a .vue extension?`,
39 | );
40 |
41 | return component;
42 | },
43 |
44 | title: (title) => (title ? `${title} - Ping CRM` : 'Ping CRM'),
45 |
46 | setup({ el, App, props, plugin }) {
47 | const vueApp = createApp({
48 | render: () => h(App, props),
49 | });
50 | vueApp.config.globalProperties.$routes = Routes;
51 | vueApp.use(plugin).mount(el);
52 | },
53 | });
54 |
--------------------------------------------------------------------------------
/.github/workflows/dedupe.yml:
--------------------------------------------------------------------------------
1 | name: Dedupe Yarn Dependencies
2 |
3 | on:
4 | pull_request_target:
5 | types: [opened, synchronize]
6 | branches: [main]
7 | paths:
8 | - 'yarn.lock'
9 |
10 | permissions:
11 | contents: write
12 | pull-requests: write
13 |
14 | jobs:
15 | dedupe:
16 | runs-on: ubuntu-latest
17 |
18 | steps:
19 | - uses: actions/checkout@v6
20 | with:
21 | token: ${{ secrets.PAT }}
22 | fetch-depth: 0
23 | ref: ${{ github.head_ref }}
24 |
25 | - name: Setup Node.js
26 | uses: actions/setup-node@v6
27 | with:
28 | node-version-file: 'package.json'
29 | cache: 'yarn'
30 |
31 | - name: Install dependencies (immutable)
32 | run: yarn install --immutable
33 |
34 | - name: Dedupe
35 | run: yarn dedupe
36 |
37 | - name: Commit and push if yarn.lock changed
38 | id: dedupe-check
39 | run: |
40 | git config user.name "ledermann-bot"
41 | git config user.email "ledermann-bot@users.noreply.github.com"
42 |
43 | if ! git diff --quiet; then
44 | git add yarn.lock
45 | git commit -m 'chore: yarn dedupe'
46 | git push origin HEAD:${{ github.head_ref }}
47 | echo "performed=true" >> $GITHUB_OUTPUT
48 | else
49 | echo "performed=false" >> $GITHUB_OUTPUT
50 | fi
51 |
52 | - name: Comment on PR - Dedupe performed
53 | if: steps.dedupe-check.outputs.performed == 'true'
54 | uses: actions/github-script@v8
55 | with:
56 | script: |
57 | github.rest.issues.createComment({
58 | issue_number: context.issue.number,
59 | owner: context.repo.owner,
60 | repo: context.repo.repo,
61 | body: '🧹 **Yarn dedupe performed** - Duplicate dependencies have been removed from yarn.lock'
62 | })
63 |
--------------------------------------------------------------------------------
/db/seeds.rb:
--------------------------------------------------------------------------------
1 | # This file should ensure the existence of records required to run the application in every environment (production,
2 | # development, test). The code here should be idempotent so that it can be executed at any point in every environment.
3 | # The data can then be loaded with the bin/rails db:seed command (or created alongside the database with db:setup).
4 | #
5 | # Example:
6 | #
7 | # ["Action", "Comedy", "Drama", "Horror"].each do |genre_name|
8 | # MovieGenre.find_or_create_by!(name: genre_name)
9 | # end
10 |
11 | require 'faker'
12 |
13 | account = Account.create!(name: 'Acme Corporation')
14 |
15 | account.users.create!(
16 | first_name: 'John',
17 | last_name: 'Doe',
18 | email: 'johndoe@example.com',
19 | password: 'secret',
20 | owner: true,
21 | )
22 |
23 | 5.times do
24 | account.users.create!(
25 | first_name: Faker::Name.first_name,
26 | last_name: Faker::Name.last_name,
27 | email: Faker::Internet.unique.email,
28 | password: 'secret',
29 | owner: false,
30 | )
31 | end
32 |
33 | organizations =
34 | Array.new(100) do
35 | account.organizations.create!(
36 | name: Faker::Company.unique.name,
37 | email: Faker::Internet.unique.email,
38 | phone: Faker::PhoneNumber.phone_number,
39 | address: Faker::Address.street_address,
40 | city: Faker::Address.city,
41 | region: Faker::Address.state,
42 | country: 'US',
43 | postal_code: Faker::Address.postcode,
44 | )
45 | end
46 |
47 | 100.times do
48 | account.contacts.create!(
49 | organization: organizations.sample,
50 | first_name: Faker::Name.first_name,
51 | last_name: Faker::Name.last_name,
52 | email: Faker::Internet.unique.email,
53 | phone: Faker::PhoneNumber.phone_number,
54 | address: Faker::Address.street_address,
55 | city: Faker::Address.city,
56 | region: Faker::Address.state,
57 | country: 'US',
58 | postal_code: Faker::Address.postcode,
59 | )
60 | end
61 |
--------------------------------------------------------------------------------
/app/javascript/Shared/Dropdown.vue:
--------------------------------------------------------------------------------
1 |
2 |
29 |
30 |
31 |
80 |
--------------------------------------------------------------------------------
/config/puma.rb:
--------------------------------------------------------------------------------
1 | # This configuration file will be evaluated by Puma. The top-level methods that
2 | # are invoked here are part of Puma's configuration DSL. For more information
3 | # about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html.
4 | #
5 | # Puma starts a configurable number of processes (workers) and each process
6 | # serves each request in a thread from an internal thread pool.
7 | #
8 | # You can control the number of workers using ENV["WEB_CONCURRENCY"]. You
9 | # should only set this value when you want to run 2 or more workers. The
10 | # default is already 1. You can set it to `auto` to automatically start a worker
11 | # for each available processor.
12 | #
13 | # The ideal number of threads per worker depends both on how much time the
14 | # application spends waiting for IO operations and on how much you wish to
15 | # prioritize throughput over latency.
16 | #
17 | # As a rule of thumb, increasing the number of threads will increase how much
18 | # traffic a given process can handle (throughput), but due to CRuby's
19 | # Global VM Lock (GVL) it has diminishing returns and will degrade the
20 | # response time (latency) of the application.
21 | #
22 | # The default is set to 3 threads as it's deemed a decent compromise between
23 | # throughput and latency for the average Rails application.
24 | #
25 | # Any libraries that use a connection pool or another resource pool should
26 | # be configured to provide at least as many connections as the number of
27 | # threads. This includes Active Record's `pool` parameter in `database.yml`.
28 | threads_count = ENV.fetch('RAILS_MAX_THREADS', 3)
29 | threads threads_count, threads_count
30 |
31 | # Specifies the `port` that Puma will listen on to receive requests; default is 3000.
32 | port ENV.fetch('PORT', 3000)
33 |
34 | # Allow puma to be restarted by `bin/rails restart` command.
35 | plugin :tmp_restart
36 |
37 | # Specify the PID file. Defaults to tmp/pids/server.pid in development.
38 | # In other environments, only set the PID file if requested.
39 | pidfile ENV['PIDFILE'] if ENV['PIDFILE']
40 |
--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
1 | # To get started with Dependabot version updates, you'll need to specify which
2 | # package ecosystems to update and where the package manifests are located.
3 | # Please see the documentation for all configuration options:
4 | # https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
5 |
6 | version: 2
7 | updates:
8 | - package-ecosystem: bundler
9 | directory: '/'
10 | schedule:
11 | interval: daily
12 | time: '01:00'
13 | timezone: Europe/Berlin
14 | open-pull-requests-limit: 10
15 | versioning-strategy: lockfile-only
16 | allow:
17 | - dependency-type: direct
18 | - dependency-type: indirect
19 | labels:
20 | - 'dependencies'
21 | - 'ruby'
22 | groups:
23 | rails:
24 | patterns:
25 | - 'actioncable'
26 | - 'actionmailbox'
27 | - 'actionmailer'
28 | - 'actionpack'
29 | - 'actiontext'
30 | - 'actionview'
31 | - 'activejob'
32 | - 'activemodel'
33 | - 'activerecord'
34 | - 'activestorage'
35 | - 'activesupport'
36 | - 'rails'
37 | - 'railties'
38 | - 'globalid'
39 | - 'i18n'
40 | - 'mail'
41 | - 'rack'
42 | - 'rackup'
43 | rubocop:
44 | patterns:
45 | - 'rubocop*'
46 |
47 | - package-ecosystem: npm
48 | directory: '/'
49 | schedule:
50 | interval: daily
51 | time: '01:00'
52 | timezone: Europe/Berlin
53 | open-pull-requests-limit: 10
54 | versioning-strategy: auto
55 | labels:
56 | - 'dependencies'
57 | - 'javascript'
58 | groups:
59 | tailwindcss:
60 | patterns:
61 | - '@tailwindcss/vite'
62 | - 'tailwindcss'
63 |
64 | - package-ecosystem: 'github-actions'
65 | directory: '/'
66 | schedule:
67 | interval: 'daily'
68 | time: '01:00'
69 | timezone: Europe/Berlin
70 | labels:
71 | - 'dependencies'
72 | - 'gh-action'
73 |
--------------------------------------------------------------------------------
/app/models/user.rb:
--------------------------------------------------------------------------------
1 | class User < ApplicationRecord
2 | belongs_to :account
3 |
4 | has_many :contacts, through: :account
5 | has_many :organizations, through: :account
6 | has_many :users, through: :account
7 |
8 | has_one_attached :photo
9 |
10 | # Include default devise modules. Others available are:
11 | # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
12 | # :registerable, :recoverable, :validatable
13 | devise :database_authenticatable, :rememberable
14 |
15 | validates :first_name, :last_name, :email, presence: true
16 | validates :email, uniqueness: true
17 | validate :photo_is_web_image
18 |
19 | include SoftDelete
20 |
21 | scope :order_by_name, -> { order(:last_name, :first_name) }
22 |
23 | scope :role_filter,
24 | ->(name) {
25 | case name
26 | when 'user'
27 | where(owner: false)
28 | when 'owner'
29 | where(owner: true)
30 | else
31 | all
32 | end
33 | }
34 |
35 | scope :search,
36 | ->(query) {
37 | if query.present?
38 | where(
39 | 'first_name ILIKE :query OR
40 | last_name ILIKE :query OR
41 | email ILIKE :query',
42 | query: "%#{query}%",
43 | )
44 | else
45 | all
46 | end
47 | }
48 |
49 | def name
50 | "#{last_name}, #{first_name}"
51 | end
52 |
53 | # ensure user account is active
54 | def active_for_authentication?
55 | super && !deleted_at
56 | end
57 |
58 | # provide a custom message for a deleted account
59 | def inactive_message
60 | deleted_at ? :deleted : super
61 | end
62 |
63 | def demo?
64 | email == 'johndoe@example.com'
65 | end
66 |
67 | private
68 |
69 | def photo_is_web_image
70 | return unless photo.attached?
71 | if photo.content_type.in?(
72 | Rails.application.config.active_storage.web_image_content_types,
73 | )
74 | return
75 | end
76 |
77 | errors.add(:photo, 'Must be a .JPG, .PNG or .GIF file')
78 | end
79 | end
80 |
--------------------------------------------------------------------------------
/app/javascript/Shared/SearchFilter.vue:
--------------------------------------------------------------------------------
1 |
2 |
22 |
27 | Create Contact
28 |
29 |
30 |
3 |
52 |
53 |
54 |
71 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Users/Form.vue:
--------------------------------------------------------------------------------
1 |
2 |
54 |
55 |
56 |
86 |
--------------------------------------------------------------------------------
/app/javascript/Shared/FileInput.vue:
--------------------------------------------------------------------------------
1 |
2 |
4 |
10 |
11 |
33 |
43 |
44 |
51 |
12 | Filter
13 |
22 |
23 |
24 |
25 |
29 |
31 |
32 |
3 |
4 |
39 |
40 |
41 |
87 |
--------------------------------------------------------------------------------
/config/initializers/content_security_policy.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Define an application-wide content security policy.
4 | # See the Securing Rails Applications Guide for more information:
5 | # https://guides.rubyonrails.org/security.html#content-security-policy-header
6 |
7 | Rails.application.configure do
8 | config.content_security_policy do |policy|
9 | policy.font_src :self
10 | policy.img_src(*%i[self data].compact)
11 | policy.object_src :none
12 | policy.form_action :self
13 | policy.manifest_src :self
14 | policy.default_src :none
15 |
16 | if Rails.env.development?
17 | policy.connect_src :self,
18 | # Allow @vite/client to hot reload changes
19 | "ws://#{ViteRuby.config.host_with_port}"
20 |
21 | policy.script_src :self,
22 | # Allow @vite/client to hot reload JavaScript changes
23 | "http://#{ViteRuby.config.host_with_port}",
24 | # Allow Inertia.js to display error modal
25 | :unsafe_inline
26 |
27 | policy.style_src :self,
28 | # Allow @vite/client to hot reload CSS changes
29 | :unsafe_inline
30 | else
31 | policy.connect_src(*[:self, ENV.fetch('PLAUSIBLE_URL', nil)].compact)
32 | policy.script_src(*[:self].compact)
33 | policy.style_src :self,
34 | # Allow @inertiajs/progress to display progress bar
35 | "'sha256-YfWBLaAD17kgcjrajLlty6AH2yMikIiscRhC6OENK74='"
36 | end
37 |
38 | policy.base_uri :self
39 |
40 | # Specify URI for violation reports
41 | # policy.report_uri "/csp-violation-report-endpoint"
42 | end
43 |
44 | # # Generate session nonces for permitted importmap, inline scripts, and inline styles.
45 | # config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
46 | # config.content_security_policy_nonce_directives = %w(script-src style-src)
47 | #
48 | # # Automatically add `nonce` to `javascript_tag`, `javascript_include_tag`, and `stylesheet_link_tag`
49 | # # if the corresponding directives are specified in `content_security_policy_nonce_directives`.
50 | # # config.content_security_policy_nonce_auto = true
51 | #
52 | # # Report violations without enforcing the policy.
53 | # # config.content_security_policy_report_only = true
54 | end
55 |
--------------------------------------------------------------------------------
/config/environments/test.rb:
--------------------------------------------------------------------------------
1 | # The test environment is used exclusively to run your application's
2 | # test suite. You never need to work with it otherwise. Remember that
3 | # your test database is "scratch space" for the test suite and is wiped
4 | # and recreated between test runs. Don't rely on the data there!
5 |
6 | Rails.application.configure do
7 | # Settings specified here will take precedence over those in config/application.rb.
8 |
9 | # While tests run files are not watched, reloading is not necessary.
10 | config.enable_reloading = false
11 |
12 | # Eager loading loads your entire application. When running a single test locally,
13 | # this is usually not necessary, and can slow down your test suite. However, it's
14 | # recommended that you enable it in continuous integration systems to ensure eager
15 | # loading is working properly before deploying your code.
16 | config.eager_load = ENV['CI'].present?
17 |
18 | # Configure public file server for tests with cache-control for performance.
19 | config.public_file_server.headers = {
20 | 'cache-control' => 'public, max-age=3600',
21 | }
22 |
23 | # Show full error reports.
24 | config.consider_all_requests_local = true
25 | config.cache_store = :null_store
26 |
27 | # Render exception templates for rescuable exceptions and raise for other exceptions.
28 | config.action_dispatch.show_exceptions = :rescuable
29 |
30 | # Disable request forgery protection in test environment.
31 | config.action_controller.allow_forgery_protection = false
32 |
33 | # Store uploaded files on the local file system in a temporary directory.
34 | config.active_storage.service = :test
35 |
36 | # Tell Action Mailer not to deliver emails to the real world.
37 | # The :test delivery method accumulates sent emails in the
38 | # ActionMailer::Base.deliveries array.
39 | config.action_mailer.delivery_method = :test
40 |
41 | # Set host to be used by links generated in mailer templates.
42 | config.action_mailer.default_url_options = { host: 'example.com' }
43 |
44 | # Print deprecation notices to the stderr.
45 | config.active_support.deprecation = :stderr
46 |
47 | # Raises error for missing translations.
48 | # config.i18n.raise_on_missing_translations = true
49 |
50 | # Annotate rendered view with file names.
51 | # config.action_view.annotate_rendered_view_with_filenames = true
52 |
53 | # Raise error when a before_action's only/except options reference missing actions.
54 | config.action_controller.raise_on_missing_callback_actions = true
55 | end
56 |
--------------------------------------------------------------------------------
/app/javascript/Shared/Logo.vue:
--------------------------------------------------------------------------------
1 |
2 |
10 |
11 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Organizations/Form.vue:
--------------------------------------------------------------------------------
1 |
2 |
63 |
64 |
65 |
93 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Auth/Login.vue:
--------------------------------------------------------------------------------
1 |
2 |
5 |
12 |
35 |
13 |
20 |
21 |
22 |
34 |
23 | {{ modelValue.name }}
24 | ({{ filesize(modelValue.size) }})
25 |
26 |
33 |
36 | {{ errors[0] }}
37 |
38 |
3 |
4 |
5 |
54 |
55 |
56 |
57 |
87 |
--------------------------------------------------------------------------------
/app/javascript/Shared/Pagination.vue:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
32 |
33 |
34 |
93 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Contacts/Edit.vue:
--------------------------------------------------------------------------------
1 |
2 |
9 | …
10 |
11 |
17 | {{ link.label }}
18 |
19 |
28 | {{ link.label }}
29 |
30 |
31 |
3 |
4 | 5 | 9 | Contacts 10 | 11 | / 12 | {{ form.contact.first_name }} {{ form.contact.last_name }} 13 |
14 |
18 |
23 |
44 |
45 |
46 |
47 |
48 |
97 |
--------------------------------------------------------------------------------
/config/environments/development.rb:
--------------------------------------------------------------------------------
1 | require 'active_support/core_ext/integer/time'
2 |
3 | Rails.application.configure do
4 | # Settings specified here will take precedence over those in config/application.rb.
5 |
6 | # Make code changes take effect immediately without server restart.
7 | config.enable_reloading = true
8 |
9 | # Do not eager load code on boot.
10 | config.eager_load = false
11 |
12 | # Show full error reports.
13 | config.consider_all_requests_local = true
14 |
15 | # Enable server timing.
16 | config.server_timing = true
17 |
18 | # Enable/disable Action Controller caching. By default Action Controller caching is disabled.
19 | # Run rails dev:cache to toggle Action Controller caching.
20 | if Rails.root.join('tmp', 'caching-dev.txt').exist?
21 | config.action_controller.perform_caching = true
22 | config.action_controller.enable_fragment_cache_logging = true
23 | config.public_file_server.headers = {
24 | 'cache-control' => "public, max-age=#{2.days.to_i}",
25 | }
26 | else
27 | config.action_controller.perform_caching = false
28 | end
29 |
30 | # Change to :null_store to avoid any caching.
31 | config.cache_store = :memory_store
32 |
33 | # Store uploaded files on the local file system (see config/storage.yml for options).
34 | config.active_storage.service = :local
35 |
36 | # Don't care if the mailer can't send.
37 | config.action_mailer.raise_delivery_errors = false
38 |
39 | # Make template changes take effect immediately.
40 | config.action_mailer.perform_caching = false
41 |
42 | # Set localhost to be used by links generated in mailer templates.
43 | config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
44 |
45 | # Print deprecation notices to the Rails logger.
46 | config.active_support.deprecation = :log
47 |
48 | # Raise an error on page load if there are pending migrations.
49 | config.active_record.migration_error = :page_load
50 |
51 | # Highlight code that triggered database queries in logs.
52 | config.active_record.verbose_query_logs = true
53 |
54 | # Append comments with runtime information tags to SQL queries in logs.
55 | config.active_record.query_log_tags_enabled = true
56 |
57 | # Highlight code that enqueued background job in logs.
58 | config.active_job.verbose_enqueue_logs = true
59 |
60 | # Highlight code that triggered redirect in logs.
61 | config.action_dispatch.verbose_redirect_logs = true
62 |
63 | # Raises error for missing translations.
64 | # config.i18n.raise_on_missing_translations = true
65 |
66 | # Annotate rendered view with file names.
67 | config.action_view.annotate_rendered_view_with_filenames = true
68 |
69 | # Raise error when a before_action's only/except options reference missing actions.
70 | config.action_controller.raise_on_missing_callback_actions = true
71 |
72 | # Apply autocorrection by RuboCop to files generated by `bin/rails generate`.
73 | # config.generators.apply_rubocop_autocorrect_after_generate!
74 |
75 | config.hosts.clear
76 | end
77 |
--------------------------------------------------------------------------------
/config/application.rb:
--------------------------------------------------------------------------------
1 | require_relative 'boot'
2 |
3 | require 'rails'
4 | # Pick the frameworks you want:
5 | require 'active_model/railtie'
6 | # require "active_job/railtie"
7 | require 'active_record/railtie'
8 | require 'active_storage/engine'
9 | require 'action_controller/railtie'
10 | require 'action_mailer/railtie'
11 | # require "action_mailbox/engine"
12 | # require "action_text/engine"
13 | require 'action_view/railtie'
14 | # require "action_cable/engine"
15 | require 'rails/test_unit/railtie'
16 |
17 | # Require the gems listed in Gemfile, including any gems
18 | # you've limited to :test, :development, or :production.
19 | Bundler.require(*Rails.groups)
20 |
21 | module Pingcrm
22 | class Application < Rails::Application
23 | # Initialize configuration defaults for originally generated Rails version.
24 | config.load_defaults 8.1
25 |
26 | # Please, add to the `ignore` list any other `lib` subdirectories that do
27 | # not contain `.rb` files, or that should not be reloaded or eager loaded.
28 | # Common ones are `templates`, `generators`, or `middleware`, for example.
29 | config.autoload_lib(ignore: %w[assets tasks])
30 |
31 | # Configuration for the application, engines, and railties goes here.
32 | #
33 | # These settings can be overridden in specific environments using the files
34 | # in config/environments, which are processed later.
35 | #
36 | # config.time_zone = "Central Time (US & Canada)"
37 | # config.eager_load_paths << Rails.root.join("extras")
38 |
39 | config.active_storage.variant_processor = :vips
40 |
41 | # To allow Inertia.js handle backend exceptions, we need to register an
42 | # exceptions_app to show the exceptions via the `Error` Vue component.
43 | # This app needs to be a middleware. To keep things simple we define an
44 | # anonymous controller with a `show` method. This allows us to use
45 | # `render inertia: ...`
46 | #
47 | # The exception app will be used if `consider_all_requests_local` is set to false,
48 | # which is by default in production only
49 | #
50 | # More details about exceptions_app:
51 | # https://guides.rubyonrails.org/configuring.html#rails-general-configuration
52 | # https://github.com/rails/rails/blob/6-0-stable/actionpack/lib/action_dispatch/middleware/public_exceptions.rb
53 | #
54 | config.exceptions_app = ->(env) do
55 | Class
56 | .new(ActionController::Base) do # rubocop:disable Rails/ApplicationController
57 | def show
58 | # Get the status code from the path, which is /500 or /404 etc.
59 | status = request.path_info.delete_prefix('/').to_i
60 |
61 | render inertia: 'Error',
62 | props: {
63 | status:,
64 | }, # Make the status code available to the Vue component
65 | status: # Return the same status code in the request header
66 | end
67 | end
68 | .action(:show)
69 | .call(env)
70 | end
71 | end
72 | end
73 |
--------------------------------------------------------------------------------
/test/system/contacts_test.rb:
--------------------------------------------------------------------------------
1 | require 'application_system_test_case'
2 |
3 | class ContactsTest < ApplicationSystemTestCase
4 | setup do
5 | @account = create(:account)
6 | @user = create(:user, account: @account, owner: true)
7 | end
8 |
9 | test 'list all contacts and allows to paginate and search' do
10 | sign_in @user
11 |
12 | contacts = create_list(:contact, 15, account: @account).sort_by(&:name)
13 |
14 | visit '/contacts'
15 |
16 | assert_selector 'h1', text: 'Contacts'
17 | assert_selector 'table tbody tr', count: 10
18 | contacts
19 | .first(10)
20 | .each { |contact| assert_selector 'table', text: contact.last_name }
21 |
22 | click_on 'Next'
23 | assert_selector 'table tbody tr', count: 5
24 | contacts
25 | .last(5)
26 | .each { |contact| assert_selector 'table', text: contact.last_name }
27 |
28 | contacts.first.update! last_name: 'AAA'
29 | fill_in 'search', with: 'AAA'
30 |
31 | assert_selector 'h1', text: 'Contacts'
32 | assert_selector 'table tbody tr', count: 1
33 | assert_selector 'table', text: 'AAA'
34 | end
35 |
36 | test 'cannot view deleted contacts by default, but allows to change filter' do
37 | sign_in @user
38 | contacts = create_list(:contact, 5, account: @account)
39 | contacts.first.soft_delete!
40 |
41 | visit '/contacts'
42 |
43 | assert_selector 'h1', text: 'Contacts'
44 | assert_selector 'table tbody tr', count: 4
45 |
46 | click_on 'Filter'
47 | select 'With Trashed', from: 'Trashed:'
48 |
49 | assert_selector 'h1', text: 'Contacts'
50 | assert_selector 'table tbody tr', count: 5
51 | end
52 |
53 | test 'can add contact' do
54 | sign_in @user
55 |
56 | visit '/contacts'
57 | click_on 'Create Contact'
58 |
59 | assert_selector 'form'
60 | assert_selector 'button', text: 'Create Contact'
61 |
62 | fill_in 'First name:', with: 'Jane'
63 | fill_in 'Last name:', with: 'Doe'
64 | click_on 'Create Contact'
65 | assert_selector 'div', text: 'Contact created.'
66 | end
67 |
68 | test 'can edit contact' do
69 | sign_in @user
70 | contact = create(:contact, account: @account)
71 |
72 | visit "/contacts/#{contact.id}/edit"
73 |
74 | assert_selector 'form'
75 | assert_selector 'button', text: 'Update Contact'
76 | fill_in 'First name:', with: 'Jane'
77 | fill_in 'Last name:', with: 'Doe'
78 | click_on 'Update Contact'
79 |
80 | assert_selector 'div', text: 'Contact updated.'
81 | end
82 |
83 | test 'can delete an contact' do
84 | sign_in @user
85 | contact = create(:contact, account: @account)
86 |
87 | visit "/contacts/#{contact.id}/edit"
88 |
89 | assert_selector 'button', text: 'Delete Contact'
90 | accept_confirm { click_on 'Delete Contact' }
91 |
92 | assert_selector 'div', text: 'Contact deleted.'
93 | end
94 |
95 | test 'cannot do anything without login' do
96 | visit '/contacts'
97 |
98 | assert_selector 'div', text: 'Welcome Back!'
99 | end
100 | end
101 |
--------------------------------------------------------------------------------
/config/database.yml:
--------------------------------------------------------------------------------
1 | # PostgreSQL. Versions 9.3 and up are supported.
2 | #
3 | # Install the pg driver:
4 | # gem install pg
5 | # On macOS with Homebrew:
6 | # gem install pg -- --with-pg-config=/usr/local/bin/pg_config
7 | # On macOS with MacPorts:
8 | # gem install pg -- --with-pg-config=/opt/local/lib/postgresql84/bin/pg_config
9 | # On Windows:
10 | # gem install pg
11 | # Choose the win32 build.
12 | # Install PostgreSQL and put its /bin directory on your path.
13 | #
14 | # Configure Using Gemfile
15 | # gem 'pg'
16 | #
17 | default: &default
18 | adapter: postgresql
19 | encoding: unicode
20 | # For details on connection pooling, see Rails configuration guide
21 | # https://guides.rubyonrails.org/configuring.html#database-pooling
22 | pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
23 |
24 | # Connect on a TCP socket. Omitted by default since the client uses a
25 | # domain socket that doesn't need configuration. Windows does not have
26 | # domain sockets, so uncomment these lines.
27 | host: <%= ENV['DB_HOST'] %>
28 |
29 | # The specified database role being used to connect to postgres.
30 | # To create additional roles in postgres see `$ createuser --help`.
31 | # When left blank, postgres will use the default role. This is
32 | # the same name as the operating system user that initialized the database.
33 | username: <%= ENV['DB_USER'] %>
34 |
35 | # The password associated with the postgres role (username).
36 | password: <%= ENV['DB_PASSWORD'] %>
37 |
38 | # The TCP port the server listens on. Defaults to 5432.
39 | # If your server runs on a different port number, change accordingly.
40 | #port: 5432
41 | # Schema search path. The server defaults to $user,public
42 | #schema_search_path: myapp,sharedapp,public
43 | # Minimum log levels, in increasing order:
44 | # debug5, debug4, debug3, debug2, debug1,
45 | # log, notice, warning, error, fatal, and panic
46 | # Defaults to warning.
47 | #min_messages: notice
48 |
49 | development:
50 | <<: *default
51 | database: pingcrm_development
52 |
53 | # Warning: The database defined as "test" will be erased and
54 | # re-generated from your development database when you run "rake".
55 | # Do not set this db to the same as development or production.
56 | test:
57 | <<: *default
58 | database: pingcrm_test
59 |
60 | # As with config/credentials.yml, you never want to store sensitive information,
61 | # like your database password, in your source code. If your source code is
62 | # ever seen by anyone, they now have access to your database.
63 | #
64 | # Instead, provide the password as a unix environment variable when you boot
65 | # the app. Read https://guides.rubyonrails.org/configuring.html#configuring-a-database
66 | # for a full rundown on how to provide these environment variables in a
67 | # production deployment.
68 | #
69 | # On Heroku and other platform providers, you may have a full connection URL
70 | # available as an environment variable. For example:
71 | #
72 | # DATABASE_URL="postgres://myuser:mypass@localhost/somedatabase"
73 | #
74 | # You can use this database configuration with:
75 | #
76 | # production:
77 | # url: <%= ENV['DATABASE_URL'] %>
78 | #
79 | production:
80 | <<: *default
81 | database: pingcrm_production
82 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Users/Edit.vue:
--------------------------------------------------------------------------------
1 |
2 |
26 |
35 |
40 | Update Contact
41 |
42 |
43 |
3 |
4 |
5 | ![Photo]()
21 |
22 | 6 | 10 | Users 11 | 12 | / 13 | {{ form.user.first_name }} {{ form.user.last_name }} 14 |
15 |
26 |
27 |
49 |
50 |
51 |
52 |
53 |
109 |
--------------------------------------------------------------------------------
/bin/bundle:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'bundle' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | require "rubygems"
12 |
13 | m = Module.new do
14 | module_function
15 |
16 | def invoked_as_script?
17 | File.expand_path($0) == File.expand_path(__FILE__)
18 | end
19 |
20 | def env_var_version
21 | ENV["BUNDLER_VERSION"]
22 | end
23 |
24 | def cli_arg_version
25 | return unless invoked_as_script? # don't want to hijack other binstubs
26 | return unless "update".start_with?(ARGV.first || " ") # must be running `bundle update`
27 | bundler_version = nil
28 | update_index = nil
29 | ARGV.each_with_index do |a, i|
30 | if update_index && update_index.succ == i && a =~ Gem::Version::ANCHORED_VERSION_PATTERN
31 | bundler_version = a
32 | end
33 | next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/
34 | bundler_version = $1 || ">= 0.a"
35 | update_index = i
36 | end
37 | bundler_version
38 | end
39 |
40 | def gemfile
41 | gemfile = ENV["BUNDLE_GEMFILE"]
42 | return gemfile if gemfile && !gemfile.empty?
43 |
44 | File.expand_path("../../Gemfile", __FILE__)
45 | end
46 |
47 | def lockfile
48 | lockfile =
49 | case File.basename(gemfile)
50 | when "gems.rb" then gemfile.sub(/\.rb$/, gemfile)
51 | else "#{gemfile}.lock"
52 | end
53 | File.expand_path(lockfile)
54 | end
55 |
56 | def lockfile_version
57 | return unless File.file?(lockfile)
58 | lockfile_contents = File.read(lockfile)
59 | return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/
60 | Regexp.last_match(1)
61 | end
62 |
63 | def bundler_version
64 | @bundler_version ||= begin
65 | env_var_version || cli_arg_version ||
66 | lockfile_version || "#{Gem::Requirement.default}.a"
67 | end
68 | end
69 |
70 | def load_bundler!
71 | ENV["BUNDLE_GEMFILE"] ||= gemfile
72 |
73 | # must dup string for RG < 1.8 compatibility
74 | activate_bundler(bundler_version.dup)
75 | end
76 |
77 | def activate_bundler(bundler_version)
78 | if Gem::Version.correct?(bundler_version) && Gem::Version.new(bundler_version).release < Gem::Version.new("2.0")
79 | bundler_version = "< 2"
80 | end
81 | gem_error = activation_error_handling do
82 | gem "bundler", bundler_version
83 | end
84 | return if gem_error.nil?
85 | require_error = activation_error_handling do
86 | require "bundler/version"
87 | end
88 | return if require_error.nil? && Gem::Requirement.new(bundler_version).satisfied_by?(Gem::Version.new(Bundler::VERSION))
89 | warn "Activating bundler (#{bundler_version}) failed:\n#{gem_error.message}\n\nTo install the version of bundler this project requires, run `gem install bundler -v '#{bundler_version}'`"
90 | exit 42
91 | end
92 |
93 | def activation_error_handling
94 | yield
95 | nil
96 | rescue StandardError, LoadError => e
97 | e
98 | end
99 | end
100 |
101 | m.load_bundler!
102 |
103 | if m.invoked_as_script?
104 | load Gem.bin_path("bundler", "bundle")
105 | end
106 |
--------------------------------------------------------------------------------
/test/system/organizations_test.rb:
--------------------------------------------------------------------------------
1 | require 'application_system_test_case'
2 |
3 | class OrganizationsTest < ApplicationSystemTestCase
4 | setup do
5 | @account = create(:account)
6 | @user = create(:user, account: @account, owner: true)
7 | end
8 |
9 | test 'list all organizations and allows to paginate and search' do
10 | sign_in @user
11 | organizations =
12 | create_list(:organization, 15, account: @account).sort_by(&:name)
13 |
14 | visit '/organizations'
15 |
16 | assert_selector 'h1', text: 'Organizations'
17 | assert_selector 'table tbody tr', count: 10
18 | organizations
19 | .first(10)
20 | .each { |organization| assert_selector 'table', text: organization.name }
21 |
22 | click_on 'Next'
23 | assert_selector 'table tbody tr', count: 5
24 | organizations
25 | .last(5)
26 | .each { |organization| assert_selector 'table', text: organization.name }
27 |
28 | organizations.first.update! name: 'Some Big Fancy Company Name'
29 | fill_in 'search', with: 'Some Big Fancy Company Name'
30 |
31 | assert_selector 'h1', text: 'Organizations'
32 | assert_selector 'table tbody tr', count: 1
33 | assert_selector 'table', text: organizations.first.name
34 | end
35 |
36 | test 'cannot view deleted organizations by default, but allows to change filter' do
37 | sign_in @user
38 | organizations = create_list(:organization, 5, account: @account)
39 | organizations.first.soft_delete!
40 |
41 | visit '/organizations'
42 |
43 | assert_selector 'h1', text: 'Organizations'
44 | assert_selector 'table tbody tr', count: 4
45 |
46 | click_on 'Filter'
47 | select 'With Trashed', from: 'Trashed:'
48 |
49 | assert_selector 'h1', text: 'Organizations'
50 | assert_selector 'table tbody tr', count: 5
51 | end
52 |
53 | test 'can add organization' do
54 | sign_in @user
55 |
56 | visit '/organizations'
57 | click_on 'Create Organization'
58 |
59 | assert_selector 'form'
60 | assert_selector 'button', text: 'Create Organization'
61 |
62 | within 'form' do
63 | fill_in 'Name:', with: 'The new organization'
64 | click_on 'Create Organization'
65 | end
66 | assert_selector 'div', text: 'Organization created.'
67 | end
68 |
69 | test 'can edit organization' do
70 | sign_in @user
71 | organization = create(:organization, account: @account)
72 |
73 | visit "/organizations/#{organization.id}/edit"
74 |
75 | assert_selector 'form'
76 | assert_selector 'button', text: 'Update Organization'
77 | fill_in 'Name:', with: 'The updated organization'
78 | click_on 'Update Organization'
79 |
80 | assert_selector 'div', text: 'Organization updated.'
81 | end
82 |
83 | test 'can delete an organization' do
84 | sign_in @user
85 | organization = create(:organization, account: @account)
86 |
87 | visit "/organizations/#{organization.id}/edit"
88 |
89 | assert_selector 'button', text: 'Delete Organization'
90 | accept_confirm { click_on 'Delete Organization' }
91 |
92 | assert_selector 'div', text: 'Organization deleted.'
93 | end
94 |
95 | test 'cannot do anything without login' do
96 | visit '/organizations'
97 |
98 | assert_selector 'div', text: 'Welcome Back!'
99 | end
100 | end
101 |
--------------------------------------------------------------------------------
/test/system/users_test.rb:
--------------------------------------------------------------------------------
1 | require 'application_system_test_case'
2 |
3 | class UsersTest < ApplicationSystemTestCase
4 | setup do
5 | @account = create(:account)
6 | @owner = create(:user, account: @account, owner: true)
7 | @user = create(:user, account: @account, owner: false)
8 | end
9 |
10 | test 'list all users and allows to search' do
11 | sign_in @user
12 | users = create_list(:user, 15, account: @account).sort_by(&:name)
13 |
14 | visit '/users'
15 |
16 | assert_selector 'h1', text: 'Users'
17 | assert_selector 'table tbody tr', count: 15 + 2
18 | users.each { |user| assert_selector 'table', text: user.name }
19 |
20 | users.first.update! last_name: 'Turing'
21 | fill_in 'search', with: 'Turing'
22 |
23 | assert_selector 'h1', text: 'Users'
24 | assert_selector 'table tbody tr', count: 1
25 | assert_selector 'table', text: users.first.name
26 | end
27 |
28 | test 'Owner can add user' do
29 | sign_in @owner
30 |
31 | visit '/users'
32 | click_on 'Create User'
33 |
34 | assert_selector 'form'
35 | assert true, find_field('Owner:').value
36 |
37 | assert_selector 'button', text: 'Create User'
38 | fill_in 'First name:', with: 'Jonathan'
39 | fill_in 'Last name:', with: 'Smith'
40 | fill_in 'Email:', with: 'john@smith.com'
41 | click_on 'Create User'
42 | assert_selector 'div', text: 'User created.'
43 | end
44 |
45 | test 'Non-owner cannot add user' do
46 | sign_in @user
47 |
48 | visit '/users'
49 | assert_no_selector 'button', text: 'Create User'
50 |
51 | visit '/users/new'
52 | assert_selector 'div', text: 'Forbidden'
53 | end
54 |
55 | test 'Owner can edit user' do
56 | sign_in @owner
57 |
58 | visit "/users/#{@user.id}/edit"
59 |
60 | assert_selector 'form'
61 | assert_selector 'button', text: 'Update User'
62 | fill_in 'First name:', with: 'Jonathan'
63 | click_on 'Update User'
64 |
65 | assert_selector 'div', text: 'User updated.'
66 | end
67 |
68 | test 'Non-owner cannot edit user' do
69 | sign_in @user
70 |
71 | visit "/users/#{@user.id}/edit"
72 |
73 | assert_selector 'form'
74 | assert_no_selector 'button', text: 'Update User'
75 | end
76 |
77 | test 'Owner can delete a user' do
78 | sign_in @owner
79 |
80 | visit "/users/#{@user.id}/edit"
81 |
82 | assert_selector 'button', text: 'Delete User'
83 | accept_confirm { click_on 'Delete User' }
84 |
85 | assert_selector 'div', text: 'User deleted.'
86 | end
87 |
88 | test 'Non-owner cannot delete a user' do
89 | sign_in @user
90 |
91 | visit "/users/#{@user.id}/edit"
92 |
93 | assert_no_selector 'button', text: 'Delete User'
94 | end
95 |
96 | test 'cannot view deleted users by default, but allows to change filter' do
97 | sign_in @owner
98 | @user.soft_delete!
99 |
100 | visit '/users'
101 |
102 | assert_selector 'h1', text: 'Users'
103 | assert_no_selector 'table tbody tr', text: @user.email
104 |
105 | click_on 'Filter'
106 | select 'With Trashed', from: 'Trashed:'
107 | select 'User', from: 'Role:'
108 |
109 | assert_selector 'table tbody tr', text: @user.email
110 | end
111 |
112 | test 'cannot do anything without login' do
113 | visit '/users'
114 |
115 | assert_selector 'div', text: 'Welcome Back!'
116 | end
117 | end
118 |
--------------------------------------------------------------------------------
/.rubocop.yml:
--------------------------------------------------------------------------------
1 | plugins:
2 | - rubocop-performance
3 | - rubocop-rails
4 | - rubocop-capybara
5 | - rubocop-factory_bot
6 |
7 | AllCops:
8 | TargetRubyVersion: 3.4
9 | Exclude:
10 | - bin/**/*
11 | - coverage/**/*
12 | - db/schema.rb
13 | - log/**/*
14 | - node_modules/**/*
15 | - public/**/*
16 | - tmp/**/*
17 | - vendor/**/*
18 | EnabledByDefault: true
19 |
20 | ### Rails
21 |
22 | Rails/FilePath:
23 | EnforcedStyle: arguments
24 |
25 | Rails/SkipsModelValidations:
26 | Enabled: false
27 |
28 | Rails/SchemaComment:
29 | Enabled: false
30 |
31 | Rails/I18nLocaleTexts:
32 | Enabled: false
33 |
34 | Rails/Env:
35 | Enabled: false
36 |
37 | Rails/EnvironmentVariableAccess:
38 | AllowReads: true
39 |
40 | ### Bundler
41 |
42 | Bundler/OrderedGems:
43 | Enabled: false
44 |
45 | Bundler/GemVersion:
46 | Enabled: false
47 |
48 | ### Metrics
49 |
50 | Metrics/AbcSize:
51 | Max: 35
52 |
53 | Metrics/BlockLength:
54 | Max: 140
55 |
56 | Metrics/MethodLength:
57 | Max: 30
58 |
59 | Metrics/ClassLength:
60 | Max: 120
61 |
62 | ### Style
63 |
64 | Style/BlockComments:
65 | Exclude:
66 | - 'spec/spec_helper.rb'
67 |
68 | Style/FrozenStringLiteralComment:
69 | Enabled: false
70 |
71 | Style/SymbolArray:
72 | Enabled: false
73 |
74 | Style/MixinUsage:
75 | Enabled: false
76 |
77 | Style/Documentation:
78 | Enabled: false
79 |
80 | Style/ClassAndModuleChildren:
81 | Enabled: false
82 |
83 | Style/Lambda:
84 | EnforcedStyle: literal
85 |
86 | Style/LambdaCall:
87 | Enabled: false
88 |
89 | Style/MethodCallWithArgsParentheses:
90 | Enabled: false
91 |
92 | Style/MissingElse:
93 | Enabled: false
94 |
95 | Style/Copyright:
96 | Enabled: false
97 |
98 | Style/InlineComment:
99 | Enabled: false
100 |
101 | Style/StringHashKeys:
102 | Enabled: false
103 |
104 | Style/MethodCalledOnDoEndBlock:
105 | Enabled: false
106 |
107 | Style/DocumentationMethod:
108 | Enabled: false
109 |
110 | Style/DisableCopsWithinSourceCodeDirective:
111 | Enabled: false
112 |
113 | Style/ConstantVisibility:
114 | Enabled: false
115 |
116 | Style/IfUnlessModifier:
117 | Enabled: false
118 |
119 | Style/StringLiterals:
120 | EnforcedStyle: single_quotes
121 |
122 | Style/StringLiteralsInInterpolation:
123 | EnforcedStyle: single_quotes
124 |
125 | Style/QuotedSymbols:
126 | EnforcedStyle: single_quotes
127 |
128 | Style/RequireOrder:
129 | Enabled: false
130 |
131 | Style/TrailingCommaInArrayLiteral:
132 | Enabled: false
133 |
134 | Style/TrailingCommaInArguments:
135 | Enabled: false
136 |
137 | Style/TrailingCommaInHashLiteral:
138 | Enabled: false
139 |
140 | Style/EmptyMethod:
141 | EnforcedStyle: expanded
142 |
143 | Style/MultilineIfModifier:
144 | Enabled: false
145 |
146 | ### Layout
147 |
148 | Layout:
149 | Enabled: false
150 |
151 | Layout/LineLength:
152 | Max: 190
153 | AllowedPatterns: ['\A#'] # Allow long comments
154 |
155 | # Lint
156 |
157 | Lint/ConstantResolution:
158 | Enabled: false
159 |
160 | Lint/NumberConversion:
161 | Enabled: false
162 |
163 | # Performance
164 |
165 | Performance/ChainArrayAllocation:
166 | Enabled: false
167 |
168 | Performance/OpenStruct:
169 | Enabled: false
170 |
171 | # FactoryBot
172 |
173 | FactoryBot/ExcessiveCreateList:
174 | MaxAmount: 15
175 |
176 | # Capybara:
177 |
178 | Capybara/AmbiguousClick:
179 | Enabled: false
180 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Contacts/Form.vue:
--------------------------------------------------------------------------------
1 |
2 |
85 |
86 |
87 |
119 |
--------------------------------------------------------------------------------
/app/javascript/Shared/MainMenu.vue:
--------------------------------------------------------------------------------
1 |
2 |
104 |
105 |
106 |
128 |
--------------------------------------------------------------------------------
/Gemfile:
--------------------------------------------------------------------------------
1 | source 'https://rubygems.org'
2 |
3 | ruby '~> 3.4'
4 |
5 | # Full-stack web application framework. (https://rubyonrails.org)
6 | gem 'rails', '~> 8.1.0'
7 |
8 | # Pg is the Ruby interface to the PostgreSQL RDBMS (https://github.com/ged/ruby-pg)
9 | gem 'pg', '>= 0.18', '< 2.0'
10 |
11 | # A Ruby/Rack web server built for parallelism. (https://puma.io)
12 | gem 'puma', '>= 5.0'
13 |
14 | # Use Vite in Rails and bring joy to your JavaScript experience (https://github.com/ElMassimo/vite_ruby)
15 | gem 'vite_rails'
16 |
17 | # Create JSON structures via a Builder-style DSL (https://github.com/rails/jbuilder)
18 | gem 'jbuilder'
19 |
20 | # High-level wrapper for processing images for the web with ImageMagick or libvips. (https://github.com/janko/image_processing)
21 | gem 'image_processing', '~> 1.2'
22 |
23 | # Boot large ruby/rails apps faster (https://github.com/Shopify/bootsnap)
24 | gem 'bootsnap', require: false
25 |
26 | # Brings Rails named routes to javascript (http://github.com/railsware/js-routes)
27 | gem 'js-routes'
28 |
29 | # Tame Rails' multi-line logging into a single line per request (https://github.com/roidrage/lograge)
30 | gem 'lograge'
31 |
32 | group :development, :test do
33 | # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
34 | # Debugging functionality for Ruby (https://github.com/ruby/debug)
35 | gem 'debug', platforms: %i[mri windows], require: 'debug/prelude'
36 |
37 | # Security vulnerability scanner for Ruby on Rails. (https://brakemanscanner.org)
38 | gem 'brakeman', require: false
39 |
40 | # Patch-level verification for Bundler (https://github.com/rubysec/bundler-audit)
41 | gem 'bundler-audit', require: false
42 |
43 | # Automatic Ruby code style checking tool. (https://github.com/rubocop/rubocop)
44 | gem 'rubocop', require: false
45 |
46 | # Automatic performance checking tool for Ruby code. (https://github.com/rubocop/rubocop-performance)
47 | gem 'rubocop-performance', require: false
48 |
49 | # Automatic Rails code style checking tool. (https://github.com/rubocop/rubocop-rails)
50 | gem 'rubocop-rails', require: false
51 |
52 | # Code style checking for Capybara test files (https://github.com/rubocop/rubocop-capybara)
53 | gem 'rubocop-capybara', require: false
54 |
55 | # Code style checking for factory_bot files (https://github.com/rubocop/rubocop-factory_bot)
56 | gem 'rubocop-factory_bot', require: false
57 |
58 | # factory_bot_rails provides integration between factory_bot and rails 5.0 or newer (https://github.com/thoughtbot/factory_bot_rails)
59 | gem 'factory_bot_rails'
60 | end
61 |
62 | group :development do
63 | # A debugging tool for your Ruby on Rails applications. (https://github.com/rails/web-console)
64 | gem 'web-console'
65 | end
66 |
67 | group :test do
68 | # Capybara aims to simplify the process of integration testing Rack applications, such as Rails, Sinatra or Merb (https://github.com/teamcapybara/capybara)
69 | gem 'capybara'
70 |
71 | # Selenium is a browser automation tool for automated testing of webapps and more (https://selenium.dev)
72 | gem 'selenium-webdriver'
73 | end
74 |
75 | # Timezone Data for TZInfo (https://tzinfo.github.io)
76 | gem 'tzinfo-data', platforms: %i[windows jruby]
77 |
78 | # Inertia.js adapter for Rails (https://github.com/inertiajs/inertia-rails)
79 | gem 'inertia_rails', '>= 1.2.2'
80 |
81 | # Easily generate fake data (https://github.com/faker-ruby/faker)
82 | gem 'faker', require: false
83 |
84 | # The best pagination ruby gem (https://github.com/ddnexus/pagy)
85 | gem 'pagy'
86 |
87 | # Flexible authentication solution for Rails with Warden (https://github.com/heartcombo/devise)
88 | gem 'devise'
89 |
90 | # A fast JSON parser and serializer. (http://www.ohler.com/oj)
91 | gem 'oj'
92 |
93 | # Simple authorization solution for Rails. (https://github.com/CanCanCommunity/cancancan)
94 | gem 'cancancan'
95 |
--------------------------------------------------------------------------------
/app/controllers/organizations_controller.rb:
--------------------------------------------------------------------------------
1 | class OrganizationsController < ApplicationController
2 | # Let CanCanCan load and authorize the instance variables
3 | load_and_authorize_resource
4 |
5 | def index
6 | pagy, paged_organizations =
7 | pagy(
8 | @organizations
9 | .search(params[:search])
10 | .trash_filter(params[:trashed])
11 | .order(:name),
12 | )
13 |
14 | render inertia: 'Organizations/Index',
15 | props: {
16 | organizations:
17 | jbuilder do |json|
18 | json.data(
19 | paged_organizations,
20 | :id,
21 | :name,
22 | :phone,
23 | :city,
24 | :deleted_at,
25 | )
26 | json.meta pagy_metadata(pagy)
27 | end,
28 | filters: params.slice(:search, :trashed),
29 | }
30 | end
31 |
32 | def edit
33 | render inertia: 'Organizations/Edit',
34 | props: {
35 | organization:
36 | jbuilder do |json|
37 | json.(
38 | @organization,
39 | :id,
40 | :name,
41 | :email,
42 | :phone,
43 | :address,
44 | :city,
45 | :region,
46 | :country,
47 | :postal_code,
48 | :deleted_at,
49 | )
50 | end,
51 | contacts: -> {
52 | jbuilder do |json|
53 | json.array! @organization.contacts.order_by_name,
54 | :id,
55 | :name,
56 | :phone,
57 | :city,
58 | :deleted_at
59 | end
60 | },
61 | }
62 | end
63 |
64 | def create
65 | if @organization.update(organization_params)
66 | redirect_to organizations_path, notice: 'Organization created.'
67 | else
68 | redirect_to organizations_path, inertia: { errors: @organization.errors }
69 | end
70 | end
71 |
72 | def update
73 | if @organization.update(organization_params)
74 | redirect_to edit_organization_path(@organization),
75 | notice: 'Organization updated.'
76 | else
77 | redirect_to edit_organization_path(@organization),
78 | inertia: {
79 | errors: @organization.errors,
80 | }
81 | end
82 | end
83 |
84 | def destroy
85 | if @organization.soft_delete
86 | if can? :edit, @organization
87 | redirect_to edit_organization_path(@organization),
88 | notice: 'Organization deleted.'
89 | else
90 | redirect_to organizations_path, notice: 'Organization deleted.'
91 | end
92 | else
93 | redirect_to edit_organization_path(@organization),
94 | alert: 'Organization cannot be deleted!'
95 | end
96 | end
97 |
98 | def restore
99 | if @organization.restore
100 | redirect_to edit_organization_path(@organization),
101 | notice: 'Organization restored.'
102 | else
103 | redirect_to edit_organization_path(@organization),
104 | alert: 'Organization cannot be restored!'
105 | end
106 | end
107 |
108 | private
109 |
110 | # Only allow a list of trusted parameters through.
111 | def organization_params
112 | params.fetch(:organization, {}).permit(
113 | :name,
114 | :email,
115 | :phone,
116 | :address,
117 | :city,
118 | :region,
119 | :country,
120 | :postal_code,
121 | )
122 | end
123 | end
124 |
--------------------------------------------------------------------------------
/app/controllers/contacts_controller.rb:
--------------------------------------------------------------------------------
1 | class ContactsController < ApplicationController
2 | # Let CanCanCan load and authorize the instance variables
3 | load_and_authorize_resource
4 |
5 | def index
6 | pagy, paged_contacts =
7 | pagy(
8 | @contacts
9 | .includes(:organization)
10 | .search(params[:search])
11 | .trash_filter(params[:trashed])
12 | .order_by_name,
13 | )
14 |
15 | render inertia: 'Contacts/Index',
16 | props: {
17 | contacts:
18 | jbuilder do |json|
19 | json.data(paged_contacts) do |contact|
20 | json.(contact, :id, :name, :phone, :city, :deleted_at)
21 | if contact.organization
22 | json.organization(contact.organization, :name)
23 | end
24 | end
25 | json.meta pagy_metadata(pagy)
26 | end,
27 | filters: params.slice(:search, :trashed),
28 | }
29 | end
30 |
31 | def new
32 | render inertia: 'Contacts/New',
33 | props: {
34 | organizations: -> {
35 | jbuilder do |json|
36 | json.array! current_user.organizations.order(:name), :id, :name
37 | end
38 | },
39 | }
40 | end
41 |
42 | def edit
43 | render inertia: 'Contacts/Edit',
44 | props: {
45 | contact:
46 | jbuilder do |json|
47 | json.(
48 | @contact,
49 | :id,
50 | :first_name,
51 | :last_name,
52 | :organization_id,
53 | :email,
54 | :phone,
55 | :address,
56 | :city,
57 | :region,
58 | :country,
59 | :postal_code,
60 | :deleted_at,
61 | )
62 | end,
63 | organizations: -> {
64 | jbuilder do |json|
65 | json.array! current_user.organizations.order(:name), :id, :name
66 | end
67 | },
68 | }
69 | end
70 |
71 | def create
72 | if @contact.update(contact_params)
73 | redirect_to contacts_path, notice: 'Contact created.'
74 | else
75 | redirect_to new_contact_path, inertia: { errors: @contact.errors }
76 | end
77 | end
78 |
79 | def update
80 | if @contact.update(contact_params)
81 | redirect_to edit_contact_path(@contact), notice: 'Contact updated.'
82 | else
83 | redirect_to edit_contact_path(@contact),
84 | inertia: {
85 | errors: @contact.errors,
86 | }
87 | end
88 | end
89 |
90 | def destroy
91 | if @contact.soft_delete
92 | if can? :edit, @contact
93 | redirect_to edit_contact_path(@contact), notice: 'Contact deleted.'
94 | else
95 | redirect_to contacts_path, notice: 'Contact deleted.'
96 | end
97 | else
98 | redirect_to edit_contact_path(@contact),
99 | alert: 'Contact cannot be deleted!'
100 | end
101 | end
102 |
103 | def restore
104 | if @contact.restore
105 | redirect_to edit_contact_path(@contact), notice: 'Contact restored.'
106 | else
107 | redirect_to edit_contact_path(@contact),
108 | alert: 'Contact cannot be restored!'
109 | end
110 | end
111 |
112 | private
113 |
114 | # Only allow a list of trusted parameters through.
115 | def contact_params
116 | params.fetch(:contact, {}).permit(
117 | :organization_id,
118 | :first_name,
119 | :last_name,
120 | :email,
121 | :phone,
122 | :address,
123 | :city,
124 | :region,
125 | :country,
126 | :postal_code,
127 | )
128 | end
129 | end
130 |
--------------------------------------------------------------------------------
/app/controllers/users_controller.rb:
--------------------------------------------------------------------------------
1 | class UsersController < ApplicationController
2 | # Let CanCanCan load and authorize the instance variables
3 | load_and_authorize_resource
4 |
5 | def index
6 | @users =
7 | @users
8 | .search(params[:search])
9 | .trash_filter(params[:trashed])
10 | .role_filter(params[:role])
11 | .order_by_name
12 |
13 | render inertia: 'Users/Index',
14 | props: {
15 | users:
16 | jbuilder do |json|
17 | json.array! @users do |user|
18 | json.(user, :id, :email, :name, :owner, :deleted_at)
19 | json.photo(
20 | if user.photo.attached?
21 | polymorphic_url(
22 | user.photo.variant(resize_to_fill: [64, 64]),
23 | )
24 | end,
25 | )
26 | json.can { json.edit_user can?(:edit, user) }
27 | end
28 | end,
29 | can: {
30 | create_user: can?(:create, User),
31 | },
32 | filters: params.slice(:search, :trashed, :role),
33 | }
34 | end
35 |
36 | def new
37 | render inertia: 'Users/New',
38 | props: {
39 | user:
40 | jbuilder do |json|
41 | json.(@user, :email, :first_name, :last_name, :owner)
42 | end,
43 | }
44 | end
45 |
46 | def edit
47 | render inertia: 'Users/Edit',
48 | props: {
49 | user:
50 | jbuilder do |json|
51 | json.(
52 | @user,
53 | :id,
54 | :email,
55 | :first_name,
56 | :last_name,
57 | :owner,
58 | :deleted_at,
59 | )
60 | json.photo(
61 | if @user.photo.attached?
62 | polymorphic_url(
63 | @user.photo.variant(resize_to_fill: [64, 64]),
64 | )
65 | end,
66 | )
67 | end,
68 | can: {
69 | edit_user: can?(:update, @user),
70 | },
71 | }
72 | end
73 |
74 | def create
75 | if @user.update(user_params)
76 | redirect_to users_path, notice: 'User created.'
77 | else
78 | redirect_to new_user_path, inertia: { errors: @user.errors }
79 | end
80 | end
81 |
82 | def update
83 | if @user.demo?
84 | redirect_to edit_user_path(@user),
85 | alert: 'Updating the demo user is not allowed.'
86 | return
87 | end
88 |
89 | if @user.update(user_params)
90 | redirect_to edit_user_path(@user), notice: 'User updated.'
91 | else
92 | redirect_to edit_user_path(@user), inertia: { errors: @user.errors }
93 | end
94 | end
95 |
96 | def destroy
97 | if @user.demo?
98 | redirect_to edit_user_path(@user),
99 | alert: 'Deleting the demo user is not allowed.'
100 | return
101 | end
102 |
103 | if @user.soft_delete
104 | redirect_to edit_user_path(@user), notice: 'User deleted.'
105 | else
106 | redirect_to edit_user_path(@user), alert: 'User cannot be deleted!'
107 | end
108 | end
109 |
110 | def restore
111 | if @user.restore
112 | redirect_to edit_user_path(@user), notice: 'User restored.'
113 | else
114 | redirect_to edit_user_path(@user), alert: 'User cannot be restored!'
115 | end
116 | end
117 |
118 | private
119 |
120 | # Only allow a list of trusted parameters through.
121 | def user_params
122 | params
123 | .fetch(:user, {})
124 | .permit(:first_name, :last_name, :email, :owner, :password, :photo)
125 | .tap { |p| p.delete(:photo) if p[:photo].blank? }
126 | end
127 | end
128 |
--------------------------------------------------------------------------------
/.github/workflows/push.yml:
--------------------------------------------------------------------------------
1 | name: Continuous integration
2 | on: push
3 |
4 | concurrency:
5 | group: ${{ github.workflow }}-${{ github.ref }}
6 | cancel-in-progress: true
7 |
8 | jobs:
9 | test:
10 | runs-on: ubuntu-latest
11 |
12 | services:
13 | postgres:
14 | image: postgres:18-alpine
15 | ports: ['5432:5432']
16 | env:
17 | POSTGRES_PASSWORD: postgres
18 |
19 | env:
20 | DB_HOST: localhost
21 | DB_USER: postgres
22 | DB_PASSWORD: postgres
23 | RAILS_ENV: test
24 |
25 | steps:
26 | - uses: actions/checkout@v6
27 |
28 | - name: Set up Ruby
29 | uses: ruby/setup-ruby@v1
30 | with:
31 | bundler-cache: true
32 |
33 | - name: Lint with RuboCop
34 | run: bin/rubocop --parallel
35 |
36 | - name: Scan for common Rails security vulnerabilities using static analysis
37 | run: bin/brakeman --no-pager
38 |
39 | - name: Setup Node.js
40 | uses: actions/setup-node@v6
41 | with:
42 | cache: yarn
43 |
44 | - name: Install Yarn packages
45 | run: bin/yarn install --immutable
46 |
47 | - name: Lint with ESLint
48 | run: bin/yarn lint
49 |
50 | - name: Compile assets
51 | run: bin/rails assets:precompile
52 |
53 | - name: Run Tests
54 | run: |
55 | bundle exec rake db:prepare
56 | bundle exec rake test
57 | bundle exec rake test:system
58 |
59 | deploy:
60 | runs-on: ubuntu-latest
61 | if: github.ref == 'refs/heads/master'
62 | needs: test
63 |
64 | steps:
65 | - uses: actions/checkout@v6
66 | with:
67 | fetch-depth: 0
68 |
69 | - name: Fetch tag annotations
70 | # https://github.com/actions/checkout/issues/290
71 | run: git fetch --tags --force
72 |
73 | - name: Docker meta
74 | id: meta
75 | uses: docker/metadata-action@v5
76 | with:
77 | # list of Docker images to use as base name for tags
78 | images: |
79 | ghcr.io/ledermann/pingcrm
80 | # generate Docker tags based on the following events/attributes
81 | tags: |
82 | type=ref,event=branch
83 | type=ref,event=pr
84 | type=semver,pattern={{version}}
85 | type=semver,pattern={{major}}.{{minor}}
86 | type=semver,pattern={{major}}
87 | type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }}
88 |
89 | - name: Set up QEMU
90 | uses: docker/setup-qemu-action@v3
91 |
92 | - name: Set up Docker Buildx
93 | uses: docker/setup-buildx-action@v3
94 |
95 | - name: Login to GitHub Container Registry
96 | uses: docker/login-action@v3
97 | with:
98 | registry: ghcr.io
99 | username: ${{ github.repository_owner }}
100 | password: ${{ secrets.GITHUB_TOKEN }}
101 |
102 | - name: Set ENV values
103 | run: |
104 | echo "COMMIT_TIME=$(git show -s --format=%cI $GITHUB_SHA)" >> $GITHUB_ENV
105 | echo "COMMIT_VERSION=$(git describe --always)" >> $GITHUB_ENV
106 |
107 | - name: Build and push
108 | uses: docker/build-push-action@v6
109 | with:
110 | context: .
111 | platforms: linux/amd64,linux/arm64
112 | provenance: false
113 | push: true
114 | tags: ${{ steps.meta.outputs.tags }}
115 | labels: ${{ steps.meta.outputs.labels }}
116 | build-args: |
117 | COMMIT_SHA=${{ github.sha }}
118 | COMMIT_TIME=${{ env.COMMIT_TIME }}
119 | COMMIT_VERSION=${{ env.COMMIT_VERSION }}
120 | COMMIT_BRANCH=${{ github.head_ref || github.ref_name }}
121 | cache-from: type=gha
122 | cache-to: type=gha,mode=max
123 |
124 | - name: Send webhook to start deployment
125 | env:
126 | DEPLOY_HOOK: ${{ secrets.DEPLOY_HOOK }}
127 | if: env.DEPLOY_HOOK != null
128 | run: curl -X POST ${{ env.DEPLOY_HOOK }}
129 |
--------------------------------------------------------------------------------
/config/environments/production.rb:
--------------------------------------------------------------------------------
1 | require 'active_support/core_ext/integer/time'
2 |
3 | Rails.application.configure do
4 | # Settings specified here will take precedence over those in config/application.rb.
5 |
6 | # Code is not reloaded between requests.
7 | config.enable_reloading = false
8 |
9 | # Eager load code on boot for better performance and memory savings (ignored by Rake tasks).
10 | config.eager_load = true
11 |
12 | # Full error reports are disabled.
13 | config.consider_all_requests_local = false
14 |
15 | # Turn on fragment caching in view templates.
16 | config.action_controller.perform_caching = true
17 |
18 | # Cache assets for far-future expiry since they are all digest stamped.
19 | config.public_file_server.headers = {
20 | 'Cache-Control' => 'public, s-maxage=31536000, max-age=31536000, immutable',
21 | 'X-Content-Type-Options' => 'nosniff',
22 | 'Expires' => 1.year.from_now.to_fs(:rfc822),
23 | }
24 |
25 | # Enable serving of images, stylesheets, and JavaScripts from an asset server.
26 | # config.asset_host = "http://assets.example.com"
27 |
28 | # Store uploaded files on the local file system (see config/storage.yml for options).
29 | config.active_storage.service = :local
30 |
31 | # Assume all access to the app is happening through a SSL-terminating reverse proxy.
32 | config.assume_ssl = true
33 |
34 | # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
35 | config.force_ssl = true
36 |
37 | # Skip http-to-https redirect for the default health check endpoint.
38 | # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } }
39 |
40 | # Log to STDOUT with the remote ip as a default log tag.
41 | config.log_tags = %i[remote_ip]
42 | config.logger = ActiveSupport::TaggedLogging.logger($stdout)
43 | config.lograge.enabled = true
44 |
45 | # Change to "debug" to log everything (including potentially personally-identifiable information!).
46 | config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info')
47 |
48 | # Prevent health checks from clogging up the logs.
49 | config.silence_healthcheck_path = '/up'
50 |
51 | # Don't log any deprecations.
52 | config.active_support.report_deprecations = false
53 |
54 | # Replace the default in-process memory cache store with a durable alternative.
55 | # config.cache_store = :mem_cache_store
56 |
57 | # Replace the default in-process and non-durable queuing backend for Active Job.
58 | # config.active_job.queue_adapter = :resque
59 |
60 | # Ignore bad email addresses and do not raise email delivery errors.
61 | # Set this to true and configure the email server for immediate delivery to raise delivery errors.
62 | # config.action_mailer.raise_delivery_errors = false
63 |
64 | # Set host to be used by links generated in mailer templates.
65 | config.action_mailer.default_url_options = { host: 'example.com' }
66 |
67 | # Specify outgoing SMTP server. Remember to add smtp/* credentials via bin/rails credentials:edit.
68 | # config.action_mailer.smtp_settings = {
69 | # user_name: Rails.application.credentials.dig(:smtp, :user_name),
70 | # password: Rails.application.credentials.dig(:smtp, :password),
71 | # address: "smtp.example.com",
72 | # port: 587,
73 | # authentication: :plain
74 | # }
75 |
76 | # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
77 | # the I18n.default_locale when a translation cannot be found).
78 | config.i18n.fallbacks = true
79 |
80 | # Do not dump schema after migrations.
81 | config.active_record.dump_schema_after_migration = false
82 |
83 | # Compress HTTP responses
84 | config.middleware.insert_after ActionDispatch::Static, Rack::Deflater
85 |
86 | # Only use :id for inspections in production.
87 | config.active_record.attributes_for_inspect = [:id]
88 |
89 | # Enable DNS rebinding protection and other `Host` header attacks.
90 | # config.hosts = [
91 | # "example.com", # Allow requests from example.com
92 | # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com`
93 | # ]
94 | config.hosts = [ENV.fetch('APP_HOST', nil)]
95 |
96 | # Skip DNS rebinding protection for the default health check endpoint.
97 | config.host_authorization = { exclude: ->(request) { request.path == '/up' } }
98 | end
99 |
--------------------------------------------------------------------------------
/app/javascript/Shared/Modal.vue:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
31 |
40 |
45 | Update User
46 |
47 |
48 |
5 |
16 |
20 |
21 |
32 |
72 |
73 |
74 |
75 |
146 |
--------------------------------------------------------------------------------
/config/locales/devise.en.yml:
--------------------------------------------------------------------------------
1 | # Additional translations at https://github.com/plataformatec/devise/wiki/I18n
2 |
3 | en:
4 | devise:
5 | confirmations:
6 | confirmed: 'Your email address has been successfully confirmed.'
7 | send_instructions: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
8 | send_paranoid_instructions: 'If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes.'
9 | failure:
10 | already_authenticated: 'You are already signed in.'
11 | inactive: 'Your account is not activated yet.'
12 | invalid: 'These credentials do not match our records.'
13 | locked: 'Your account is locked.'
14 | deleted: 'Your account does not exist anymore!'
15 | last_attempt: 'You have one more attempt before your account is locked.'
16 | not_found_in_database: 'Invalid %{authentication_keys} or password.'
17 | timeout: 'Your session expired. Please sign in again to continue.'
18 | unauthenticated: 'You need to sign in before continuing.'
19 | unconfirmed: 'You have to confirm your email address before continuing.'
20 | mailer:
21 | confirmation_instructions:
22 | subject: 'Confirmation instructions'
23 | reset_password_instructions:
24 | subject: 'Reset password instructions'
25 | unlock_instructions:
26 | subject: 'Unlock instructions'
27 | email_changed:
28 | subject: 'Email Changed'
29 | password_change:
30 | subject: 'Password Changed'
31 | omniauth_callbacks:
32 | failure: 'Could not authenticate you from %{kind} because "%{reason}".'
33 | success: 'Successfully authenticated from %{kind} account.'
34 | passwords:
35 | no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
36 | send_instructions: 'You will receive an email with instructions on how to reset your password in a few minutes.'
37 | send_paranoid_instructions: 'If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes.'
38 | updated: 'Your password has been changed successfully. You are now signed in.'
39 | updated_not_active: 'Your password has been changed successfully.'
40 | registrations:
41 | destroyed: 'Bye! Your account has been successfully cancelled. We hope to see you again soon.'
42 | signed_up: 'Welcome! You have signed up successfully.'
43 | signed_up_but_inactive: 'You have signed up successfully. However, we could not sign you in because your account is not yet activated.'
44 | signed_up_but_locked: 'You have signed up successfully. However, we could not sign you in because your account is locked.'
45 | signed_up_but_unconfirmed: 'A message with a confirmation link has been sent to your email address. Please follow the link to activate your account.'
46 | update_needs_confirmation: 'You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirmation link to confirm your new email address.'
47 | updated: 'Your account has been updated successfully.'
48 | updated_but_not_signed_in: 'Your account has been updated successfully, but since your password was changed, you need to sign in again'
49 | sessions:
50 | signed_in: ''
51 | signed_out: ''
52 | already_signed_out: ''
53 | unlocks:
54 | send_instructions: 'You will receive an email with instructions for how to unlock your account in a few minutes.'
55 | send_paranoid_instructions: 'If your account exists, you will receive an email with instructions for how to unlock it in a few minutes.'
56 | unlocked: 'Your account has been unlocked successfully. Please sign in to continue.'
57 | errors:
58 | messages:
59 | already_confirmed: 'was already confirmed, please try signing in'
60 | confirmation_period_expired: 'needs to be confirmed within %{period}, please request a new one'
61 | expired: 'has expired, please request a new one'
62 | not_found: 'not found'
63 | not_locked: 'was not locked'
64 | not_saved:
65 | one: '1 error prohibited this %{resource} from being saved:'
66 | other: '%{count} errors prohibited this %{resource} from being saved:'
67 |
--------------------------------------------------------------------------------
/app/javascript/Shared/Icon.vue:
--------------------------------------------------------------------------------
1 |
2 |
18 |
27 |
36 |
45 |
54 |
63 |
75 |
84 |
93 |
102 |
111 |
120 |
121 |
122 |
132 |
--------------------------------------------------------------------------------
/app/javascript/Layouts/Main.vue:
--------------------------------------------------------------------------------
1 |
2 |
17 |
18 |
19 |
37 |
38 |
39 |
71 |
43 |
70 |
46 |
67 |
68 | 47 | {{ title }} 48 |
49 | 50 | 66 |
5 |
104 |
6 |
103 |
7 |
90 |
10 |
11 |
18 |
19 |
26 |
27 |
28 |
33 |
34 |
29 |
31 |
32 |
37 |
45 |
46 |
88 |
89 |
38 | {{ $page.props.auth.user.account.name }}
39 |
40 |
47 |
60 |
61 |
62 |
50 | {{ $page.props.auth.user.first_name }}
51 | {{
52 | $page.props.auth.user.last_name
53 | }}
54 |
55 |
63 |
68 | My Profile
69 |
70 |
75 | Manage Users
76 |
77 |
83 | Logout
84 |
85 |
86 |
87 |
91 |
102 |
98 |
101 |
3 |
100 |
101 |
102 |
119 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Organizations/Edit.vue:
--------------------------------------------------------------------------------
1 |
2 |
7 |
33 |
8 |
15 |
19 |
32 |
16 | {{ $page.props.flash.success }}
17 |
18 |
37 |
65 |
38 |
47 |
51 |
64 |
48 | {{ $page.props.flash.alert }}
49 |
50 |
69 |
99 |
70 |
79 |
85 |
98 |
80 | There is one form error.
81 | There are {{ Object.keys($page.props.errors).length }} form
82 | errors.
83 |
84 |
3 |
4 | 5 | 9 | Organizations 10 | 11 | / 12 | {{ form.organization.name }} 13 |
14 |
22 |
26 |
47 |
48 |
29 |
38 |
43 | Update Organization
44 |
45 |
46 | 49 | Contacts 50 |
51 |
52 |
53 |
54 |
123 |
124 |
125 |
126 |
127 |
180 |
--------------------------------------------------------------------------------
/app/javascript/Pages/Organizations/Index.vue:
--------------------------------------------------------------------------------
1 |
2 | | 56 | Name 57 | | 58 |59 | City 60 | | 61 |62 | Phone 63 | | 64 ||
|---|---|---|---|
|
73 |
77 | {{ contact.name }}
78 | |
85 | 86 | 91 | {{ contact.city }} 92 | 93 | | 94 |95 | 100 | {{ contact.phone }} 101 | 102 | | 103 |
104 |
109 | |
115 |
| 118 | No contacts found. 119 | | 120 ||||
3 |
4 | 5 | Organizations 6 |
7 |
8 |
13 |
14 |
27 |
28 |
29 |
32 |
37 |
39 |
40 |
41 |
42 |
43 |
115 |
116 | | 45 | Name 46 | | 47 |48 | City 49 | | 50 |51 | Phone 52 | | 53 ||
|---|---|---|---|
|
62 |
66 | {{ organization.name }}
67 | |
74 | 75 | 81 | {{ organization.city }} 82 | 83 | | 84 |85 | 91 | {{ organization.phone }} 92 | 93 | | 94 |
95 |
101 | |
107 |
| 110 | No organizations found. 111 | | 112 ||||