Commit Graph

793 Commits

Author SHA1 Message Date
David Heinemeier Hansson 65d04f681a DRY up the public controllers by introducing a shared base class 2025-11-03 15:56:25 +01:00
David Heinemeier Hansson 393e5fd3d4 Don't want to ship with this wart
cc @monorkin
2025-11-03 15:30:44 +01:00
David Heinemeier Hansson 42ebdf9ac1 More natural conditional 2025-11-03 15:29:20 +01:00
David Heinemeier Hansson 9913853cc6 Remove anemic concern 2025-11-03 15:27:12 +01:00
David Heinemeier Hansson 3116cea6a1 Stick with turbo stream templates for everything 2025-11-03 15:18:04 +01:00
David Heinemeier Hansson 3ed5c53b31 Use existing CollectionScoped
It enforces access restrictions on collections too
2025-11-03 15:12:38 +01:00
David Heinemeier Hansson 8d28c25a7b Unnecessary 2025-11-03 15:06:41 +01:00
David Heinemeier Hansson ed9259fa1a Ivar not used 2025-11-03 15:04:03 +01:00
David Heinemeier Hansson 995dcfe8e6 Simplify setup and pull query-prevention into model 2025-11-03 15:00:15 +01:00
David Heinemeier Hansson 2bf95f5b9a Just stick to default 2025-11-03 14:49:01 +01:00
David Heinemeier Hansson f9ff13cdc4 Add http caching for user events 2025-11-03 14:25:32 +01:00
David Heinemeier Hansson b05e7c04e1 Ensure you can only delete your own avatar or else you have to be admin 2025-11-03 14:21:48 +01:00
David Heinemeier Hansson 4c2f3ef0b8 Style 2025-11-03 14:21:25 +01:00
David Heinemeier Hansson 3ec9308345 Always bang for exceptions 2025-11-03 14:21:06 +01:00
David Heinemeier Hansson aeb23b691c Always use templates for turbo streaming to stay consistentn 2025-11-03 13:46:34 +01:00
David Heinemeier Hansson 0a9e1620a0 No longer needed 2025-11-03 13:46:22 +01:00
Jorge Manrubia da6d1011fd Replace card replacement with stream actions to prevent flickering when managing steps 2025-11-03 10:59:24 +01:00
Jorge Manrubia 9d4dd3b00e Remove "save as draft"
Removes the creating status completely as well as the abandoned cards system. It will
always resume drafts if they exist, for a given collection and user.

https://app.box-car.com/5986089/cards/2489
2025-11-03 09:32:29 +01:00
Jorge Manrubia ebe1617f42 Format 2025-11-03 09:29:43 +01:00
David Heinemeier Hansson 9caf39ad2c Use modern strong params syntax 2025-11-02 20:26:12 +01:00
David Heinemeier Hansson 39dc2b6ab9 Prefer explicit turbo stream templates 2025-11-02 20:22:15 +01:00
David Heinemeier Hansson cf503bfba3 Prefer templates for turbo streams in all but the very simplest cases
(And probably even then)
2025-11-02 20:20:01 +01:00
David Heinemeier Hansson 3ccc93294f Style 2025-11-02 18:13:23 +01:00
David Heinemeier Hansson 3ff7a88294 Style 2025-11-02 18:11:00 +01:00
David Heinemeier Hansson fd61b4426c Conventional to do includes first 2025-11-02 18:09:30 +01:00
David Heinemeier Hansson 828ac5d2c1 Conventional order of actions 2025-11-02 18:08:49 +01:00
David Heinemeier Hansson 43069b1ea4 Extract Users::JoinsController from overloaded UsersController
Good code smell is when the before_action callbacks stack up but can't
be shared across actions
2025-11-02 17:49:25 +01:00
David Heinemeier Hansson bced7405df Extract events loading from overloaded UsersController 2025-11-02 17:31:28 +01:00
David Heinemeier Hansson 6a62df470c No longer used 2025-11-02 16:34:29 +01:00
David Heinemeier Hansson 877e62dec5 No CR when there are only two statements 2025-11-02 16:30:49 +01:00
David Heinemeier Hansson 02bd57089d Use before_action to pull up account assignment 2025-11-02 16:04:44 +01:00
David Heinemeier Hansson c834cce504 Simplify join code creation and validation and test controller
cc @monorkin
2025-11-02 15:58:33 +01:00
David Heinemeier Hansson 2c9845eb62 No need to hide that the top-level entropy is tied to the Account 2025-11-02 15:24:55 +01:00
David Heinemeier Hansson 0af74bfa11 Style 2025-11-02 14:17:46 +01:00
David Heinemeier Hansson 7052d6ecec Fix style 2025-11-02 13:54:46 +01:00
David Heinemeier Hansson b3474ec97d Rename Entropy::Configuration to just Entropy 2025-11-02 13:11:41 +01:00
David Heinemeier Hansson d29e4dcdcf No CR when there are only two statements in total 2025-11-02 12:49:54 +01:00
David Heinemeier Hansson e6459cede3 Use existing authorization method 2025-11-02 08:34:06 +01:00
Stanko K.R. 49d865ffd1 Delete scoped session tokens when encountered 2025-10-31 19:00:37 +01:00
Stanko K.R. 085c7fee2e Fix Rubocop offenses 2025-10-31 16:35:44 +01:00
Stanko K.R. ece9008459 Remove dead code 2025-10-31 16:28:08 +01:00
Stanko K.R. dd583206ee Allow changes to the Account name 2025-10-31 16:26:08 +01:00
Stanko K.R. 452c6a8373 Rework the email change flow to tie to memberships 2025-10-31 16:26:08 +01:00
Stanko Krtalić 98755844a1 Remove the internal API
* Bind sessions to identities
* Remove references to the identity token
* Move email changes to identity
* Move account menu into a turbo-frame
* Create tenants from a tenanted route
2025-10-31 16:26:08 +01:00
Jason Zimdars 5652e5699f Update design, logo, and copy 2025-10-31 16:26:08 +01:00
Stanko K.R. 201c3e27d3 Update tests for the Internal API 2025-10-31 16:26:08 +01:00
Stanko K.R. 79b012f319 Add Join Codes 2025-10-31 16:24:30 +01:00
Stanko K.R. c8843360fe Clean up and simplify magic links 2025-10-31 16:23:38 +01:00
Stanko K.R. 5cef4ffeb0 Add sign in flow using magic links 2025-10-31 16:22:12 +01:00
Mike Dalessio 1277cc065b Introduce untenanted Identity and Membership models
The new integration test shows the desired user-facing behavior, which
is to make it easy to login without a tenanted URL and to jump between
tenants.

Note that we track two things in the identity_token cookie: a signed
id, and the updated_at for the underlying Identity object. This allows
us to effectively cache on the Identity without having to hit the
database, by using an Identity::Mock object that is compatible with
etag and cache methods.
2025-10-31 16:22:12 +01:00