Merge branch 'release/0.14.0'

.env.example

@@ -5,7 +5,7 @@ APP_BASE_URL="localhost:3000"
 
 # Mailer Configuration
 EMAIL_DELIVERY_METHOD='letter_opener'
-MAILER_SENDER="info@miru.saeloun.com"
+DEFAULT_MAILER_SENDER="info@miru.so"
 REPLY_TO_EMAIL="[email protected]"
 
 # SendGrid Email Configuration
@@ -55,4 +55,4 @@ DB_USER=
 DB_PASS=
 
 # Cable
-WEBSOCKET_URL="ws://localhost:3000/cable"
+WEBSOCKET_URL="ws://localhost:3000/cable"

.ruby-version

@@ -1 +1 @@
-3.2.0
+3.2.1

Dockerfile.local

@@ -1,5 +1,5 @@
 #syntax=docker/dockerfile:1
-FROM ruby:3.2.0-slim AS base
+FROM ruby:3.2.1-slim AS base
 
 ARG NODE_VERSION=16.4.2
 

Dockerfile.test

@@ -1,5 +1,5 @@
 #syntax=docker/dockerfile:1
-FROM ruby:3.2.0-slim AS base
+FROM ruby:3.2.1-slim AS base
 
 ARG NODE_VERSION=16.4.2
 

Gemfile

@@ -3,7 +3,7 @@
 source "https://rubygems.org"
 git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 
-ruby "3.2.0"
+ruby "3.2.1"
 
 # Bundle edge Rails instead: gem "rails", github: "rails/rails", branch: "main"
 gem "rails", "~> 7.0.4"
@@ -222,3 +222,6 @@ gem "strong_migrations"
 # Error tracking: https://docs.sentry.io/platforms/ruby/guides/rails/
 gem "sentry-rails"
 gem "sentry-ruby"
+
+# https://github.com/grosser/parallel_tests
+gem "parallel_tests", group: [:development, :test]

Gemfile.lock

@@ -158,8 +158,6 @@ GEM
     database_cleaner-core (2.0.1)
     date (3.3.3)
     debug (1.7.1)
-      irb (>= 1.5.0)
-      reline (>= 0.3.1)
     devise (4.8.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
@@ -251,9 +249,6 @@ GEM
     image_processing (1.12.2)
       mini_magick (>= 4.9.5, < 5)
       ruby-vips (>= 2.0.17, < 3)
-    io-console (0.6.0)
-    irb (1.6.2)
-      reline (>= 0.3.0)
     jbuilder (2.11.5)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
@@ -335,6 +330,8 @@ GEM
     pagy (5.10.1)
       activesupport
     parallel (1.22.1)
+    parallel_tests (4.2.0)
+      parallel
     parser (3.2.0.0)
       ast (~> 2.4.1)
     pg (1.4.5)
@@ -398,8 +395,6 @@ GEM
       tilt
     redis (4.8.0)
     regexp_parser (2.6.2)
-    reline (0.3.2)
-      io-console (~> 0.5)
     responders (3.1.0)
       actionpack (>= 5.2)
       railties (>= 5.2)
@@ -601,6 +596,7 @@ DEPENDENCIES
   omniauth-google-oauth2 (~> 1.0)
   omniauth-rails_csrf_protection (~> 1.0)
   pagy (~> 5.10)
+  parallel_tests
   pg
   puma (~> 5.0)
   pundit (~> 2.2)
@@ -642,7 +638,7 @@ DEPENDENCIES
   webpacker
 
 RUBY VERSION
-   ruby 3.2.0p0
+   ruby 3.2.1p31
 
 BUNDLED WITH
    2.3.26

README.md

@@ -35,7 +35,7 @@ git clone https://github.com/saeloun/miru-web.git
    your project as you `cd` into the directory follow
    [this](https://github.com/nvm-sh/nvm#deeper-shell-integration))
 
-3. Install ruby 3.2.0
+3. Install ruby 3.2.1
 
 ```
 rvm install $(cat .ruby-version)
@@ -113,6 +113,28 @@ add `EMAIL_DELIVERY_METHOD='letter_opener_web'` to `.env`)
 2. Run `bin/rails db:migrate RAILS_ENV=test`
 3. Run `bundle exec rspec`
 
+### Running Tests in Parallel
+
+Change `database.yml` to embed `TEST_ENV_NUMBER`
+
+```yaml
+test:
+  database: miru_web_test_<%= ENV['TEST_ENV_NUMBER'] %>
+```
+
+```ruby
+# Setup parallel specs
+bundle exec rake parallel:create
+
+# Copy Schema for new changes on branches
+bundle exec rake parallel:prepare
+
+# Run migrations if needed 
+bundle exec rake parallel:migrate
+
+# Run all specs in parallel
+RAILS_ENV=test bundle exec rake parallel:spec
+```
 #### Coverage
 
 1. Run `COVERAGE=true bundle exec rspec`

app/controllers/concerns/authenticable.rb

@@ -4,30 +4,20 @@ module Authenticable
   extend ActiveSupport::Concern
 
   included do
-    before_action :authenticate_token
-  end
-
-  def authenticate_token
-    return render json: { status: 401, notice: "Invalid Token." }, status: 401 if current_user.blank?
+    before_action :authenticate_user_using_x_auth_token
   end
 
   private
 
-    def current_user
-      @current_user ||= User.find_by(token:)
-    end
-
-    def bearer_token
-      pattern = /^Bearer /
-      header = request.headers["Authorization"]
-      header.gsub(pattern, "") if header && header.match(pattern)
-    end
+    def authenticate_user_using_x_auth_token
+      user_email = request.headers["X-Auth-Email"].presence
+      auth_token = request.headers["X-Auth-Token"].presence
+      user = user_email && User.find_by(email: user_email)
 
-    def token
-      if bearer_token.present?
-        @_token = bearer_token
-      elsif params[:auth_token].present?
-        @_token = params[:auth_token]
+      if user && auth_token && Devise.secure_compare(user.token, auth_token)
+        sign_in user, store: false
+      else
+        render json: { error: I18n.t("devise.failure.unauthenticated") }, status: :unauthorized
       end
     end
 end

app/controllers/internal_api/v1/application_controller.rb

@@ -4,6 +4,7 @@ class InternalApi::V1::ApplicationController < ActionController::API
   include PunditConcern
   include ActionController::MimeResponds
   include ErrorHandler
+  include Authenticable
   include CurrentCompanyConcern
   include Pagy::Backend
   include SetCurrentDetails

app/controllers/internal_api/v1/companies_controller.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class InternalApi::V1::CompaniesController < InternalApi::V1::ApplicationController
+  skip_before_action :authenticate_user_using_x_auth_token, only: :create
+
   def index
     authorize current_company
     render :index, locals: { current_company:, client_list: current_company.client_list }, status: :ok

app/controllers/internal_api/v1/expenses_controller.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+class InternalApi::V1::ExpensesController < ApplicationController
+  before_action :set_expense, only: :show
+
+  def index
+    authorize Expense
+
+    expenses = Expenses::FetchService.new(current_company, params).process
+
+    render :index, locals: expenses
+  end
+
+  def create
+    authorize Expense
+
+    expense = current_company.expenses.create!(expense_params)
+
+    render :create, locals: {
+      expense: Expense::ShowPresenter.new(expense).process
+    }
+  end
+
+  def show
+    authorize @expense
+
+    render :show, locals: { expense: Expense::ShowPresenter.new(@expense).process }
+  end
+
+  private
+
+    def expense_params
+      params.require(:expense).permit(
+        :amount, :date, :description, :expense_type, :expense_category_id, :vendor_id, :receipts
+      )
+    end
+
+    def set_expense
+      @expense = Expense.find(params[:id])
+    end
+end

app/controllers/internal_api/v1/invoices_controller.rb

@@ -7,7 +7,6 @@ class InternalApi::V1::InvoicesController < InternalApi::V1::ApplicationControll
   def index
     authorize Invoice
     data = Invoices::IndexService.new(params, current_company).process
-
     render :index, locals: {
       invoices: data[:invoices_query],
       pagination_details: data[:pagination_details],

app/controllers/internal_api/v1/payment_settings_controller.rb

@@ -24,12 +24,6 @@ def stripe_connected_account
     end
 
     def save_stripe_settings
-      current_company.payments_providers.create(
-        {
-          name: "stripe",
-          connected: true,
-          enabled: true,
-          accepted_payment_methods: [ "card" ]
-        }) if stripe_connected_account.present? && stripe_connected_account.details_submitted
+      PaymentProviders::CreateStripeProviderService.process(current_company)
     end
 end

app/controllers/internal_api/v1/payments/providers_controller.rb

@@ -33,12 +33,6 @@ def stripe_connected_account
     end
 
     def save_stripe_settings
-      current_company.payments_providers.create(
-        {
-          name: "stripe",
-          connected: true,
-          enabled: true,
-          accepted_payment_methods: [ "card" ]
-        }) if stripe_connected_account.present? && stripe_connected_account.details_submitted
+      PaymentProviders::CreateStripeProviderService.process(current_company)
     end
 end

app/controllers/internal_api/v1/reports/outstanding_overdue_invoices_controller.rb

@@ -16,7 +16,9 @@ def index
 
     def clients
       @_clients ||= current_company.clients.order("name asc").includes(:invoices).map do |client|
-                      client.outstanding_and_overdue_invoices
+                      client
+                        .outstanding_and_overdue_invoices
+                        .merge({ name: client.name, logo: client.logo_url })
                     end
     end
 end

app/controllers/internal_api/v1/timezones_controller.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class InternalApi::V1::TimezonesController < InternalApi::V1::ApplicationController
+  skip_before_action :authenticate_user_using_x_auth_token
+
   def index
     authorize :index, policy_class: TimezonePolicy
 

app/controllers/internal_api/v1/users/confirmations_controller.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+class InternalApi::V1::Users::ConfirmationsController < Devise::ConfirmationsController
+  respond_to :json
+
+  def create
+    self.resource = resource_class.send_confirmation_instructions(resource_params)
+    if successfully_sent?(resource)
+      render json: { notice: I18n.t("confirmation.send_instructions", email: resource.email) }, status: :ok
+    else
+      respond_with_error(resource)
+    end
+  end
+
+  private
+
+    def respond_with_error(resource)
+      if resource.errors.any?
+        resource.errors.full_messages.each do |message|
+          render json: { error: message }, status: :unprocessable_entity
+        end
+      end
+    end
+end

app/controllers/internal_api/v1/users/passwords_controller.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+class InternalApi::V1::Users::PasswordsController < Devise::PasswordsController
+  respond_to :json
+
+  def create
+    self.resource = resource_class.send_reset_password_instructions(resource_params)
+    if successfully_sent?(resource)
+      render json: { notice: I18n.t("password.create.success") }, status: :ok
+    else
+      respond_with_error(resource)
+    end
+  end
+
+  def update
+    user = User.reset_password_by_token(password_params)
+    if user.errors.empty?
+      render json: { notice: I18n.t("password.update.success") }, status: :ok
+    else
+      respond_with_error(user)
+    end
+  end
+
+  private
+
+    def password_params
+      params.require(:user).permit(:reset_password_token, :password, :password_confirmation)
+    end
+
+    def respond_with_error(resource)
+      if resource.errors.any?
+        resource.errors.full_messages.each do |message|
+          render json: { error: message }, status: :unprocessable_entity
+        end
+      end
+    end
+end

app/controllers/internal_api/v1/users/registrations_controller.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class InternalApi::V1::Users::RegistrationsController < Devise::RegistrationsController
+  respond_to :json
+
+  def respond_with(user, _opts = {})
+    if user.errors.present?
+      render json: { error: user.errors }, status: :unprocessable_entity
+    else
+      render json: { notice: I18n.t("devise.registrations.signed_up") }, status: :ok
+    end
+  end
+end