- Rename SaasAdminController to Admin::AuditController
- Override require_authentication to support bearer tokens alongside
session auth, allowing API access to audit console
- Add migration for audits1984_auditor_tokens table
- Add controller tests for authentication scenarios including staff
validation on token-based access
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Shows total, 7-day, and 24-hour counts of paid accounts based on
subscription created_at. Excludes comped accounts and avoids
double-counting accounts with multiple subscriptions.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Before, we were relying on just changing the cards_count in account, but this
could create problems where the system to calculate the next card number fails due
to the unique constraint.
Instead:
- Always let you create drafts when pressing "Add card"
- Prevent creations of published cards via API
- Prevent publication of cards in all cases when the limit is exceeded
To keep as much of this as we can in the `fizzy-saas` gem, this PR
opts to store console/audits models in a separate database, and so:
- the gem contains the migrations and the database config
- the app contains a separate schema file distinctly for SaaS concerns
- Rails' current behavior prevents us from easily keeping this file in the gem
Also note that the stock `audits1984` schema is updated to reference
the auditor via a UUID foreign key.
Finally, in order for the database schema file to be located in the
gem directory (and not the application directory), it's necessary to
monkeypatch `AR::DatabaseTasks.schema_dump_path` to support absolute
paths. This functionality has been proposed upstream in
https://github.com/rails/rails/pull/56290 but is awaiting a decision
from the core team.
ref: https://app.fizzy.do/5986089/cards/2469
ref: #17