* Bind sessions to identities
* Remove references to the identity token
* Move email changes to identity
* Move account menu into a turbo-frame
* Create tenants from a tenanted route
The new integration test shows the desired user-facing behavior, which
is to make it easy to login without a tenanted URL and to jump between
tenants.
Note that we track two things in the identity_token cookie: a signed
id, and the updated_at for the underlying Identity object. This allows
us to effectively cache on the Identity without having to hit the
database, by using an Identity::Mock object that is compatible with
etag and cache methods.
Up from the previous 5 seconds. It's still short enough that the pages
shouldn't feel stale, but it further reduces the number of requests that
will reach the app.
Also moved this into a shared concern so we can adjust the caching rule
in one place.
In order to control routing dynamically, we need to expose some Beamer
information to the proxy.
The `beamer_writer` value is used by the proxy to keep track of which
node should receive write requests. When it changes due to a failover,
the proxy will update after seeing a new value in this header. We
provide this to the proxy in the `X-Writer` response header.
The `beamer_last_txn` value will be used to control writer pinning.
Setting it in the cookie here is the first stage of this. The second
stage will be to catch situations where a reader gets a request where
this header value is set to a large value than the reader has seen; when
that happens if means there's a risk of reading stale data, so rather
than serve the request we should request the proxy to reproxy it back to
the writer.
We also set `X-Kamal-Target` in the response to match the
`X-Kamal-Target` that was set in the request; this lets us see which
proxy target served each request, which is useful for diagnostics.
- New untenanted Identity and Membership models
- New `identity_token` cookie with path "/" holds state across tenants
We're not sure whether the untenanted database will be sqlite or
MySQL, and so I've been careful to minimize
- database reads, placing them behind etags and caching
- database writes, only writing when a new Session is created (login)
Note that we track two things in the identity_token cookie: a signed
id, and the updated_at for the underlying Identity object. This allows
us to effectively cache on the Identity without having to hit the
database, by using an Identity::Mock object that is compatible with
etag and cache methods.
The new integration test shows the desired user-facing behavior, which
is to make it easy to login without a tenanted URL and to jump between
tenants.
- the untenanted "login_help" page shows all linked memberships
- the jump menu shows all linked memberships (except the current)
Also introduced a utility script to populate existing employee
Identities, grouping accounts by email address.
- Unify terms with the settings form so that terms are saved normally in the same form.
- Fix filter normalization since it was sometimes failing to match the saved filters due to using quotes around number strings.
* Make Fizzy Ask invisible but usable by staff
* Remove unused span
* Prevent non-staff users from creating or browsing messages
* Extract staff-only into a mixin
* Keep existing markup, use the utility class we already have
---------
Co-authored-by: Jason Zimdars <jz@37signals.com>
We want to filter in the same screen for cards/events but not when viewing a card or from other screens. This adds a controller action to flag the actions where this is supported