barbie-bot/fixin.me
0
0
Fork 0
forked from fixin.me/fixin.me
Code Pull Requests Activity

Compare commits

base: barbie-bot:final-form
Branches Tags
barbie-bot:master barbie-bot:sole-admin-protection-clean barbie-bot:test-multi-db barbie-bot:final-form barbie-bot:simple-form barbie-bot:measurement-form fixin.me:master fixin.me:final-form fixin.me:simple-form fixin.me:measurement-form
..
compare: barbie-bot:sole-admin-protection-clean
Branches Tags
barbie-bot:sole-admin-protection-clean barbie-bot:test-multi-db barbie-bot:master barbie-bot:final-form barbie-bot:simple-form barbie-bot:measurement-form fixin.me:master fixin.me:final-form fixin.me:simple-form fixin.me:measurement-form

10 Commits
final-form ... sole-admin

Author SHA1 Message Date
barbie-bot
0daf413b47 Prevent sole admin from deleting their account 
Without this guard, the last admin in the system could delete their own
account, making the application unmanageable. This adds a model method
`User#sole_admin?`, a controller guard in `RegistrationsController#destroy`,
and disables the delete button in the profile edit view when the current
user is the only remaining admin.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-01 06:52:14 +00:00
barbie-bot
f3cb8db1f4 Setup wizard: use labeled-form grid for vertical field layout 
Replace the fieldset-based layout with the app's standard
.labeled-form CSS grid so email, password and retype fields
stack vertically (label left, input right) exactly like the
existing sign-in and registration forms.

Section headings and checkbox rows are given explicit grid-column
spans via inline styles so they span the full form width rather
than being constrained to the label column.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-28 17:37:49 +00:00
barbie-bot
7904ff3ef9 Add web-based installation wizard 
Replace the CLI-only setup (db:seed + manual application.rb edits)
with a web wizard shown automatically on first visit when no admin
account exists yet.

SetupController (GET/POST /setup) collects the admin e-mail and
password, a "skip e-mail confirmation" toggle, and an option to
seed the built-in default units.  Once submitted it creates the
admin User, persists the chosen options as Setting records, and
redirects to the sign-in page.

ApplicationController gains a redirect_to_setup_if_needed
before_action that catches every request (including Devise routes)
when no admin exists, so a fresh installation always lands on the
wizard rather than an empty sign-in form.

A new Setting model provides a lightweight key-value store for
runtime options that were previously hard-coded in application.rb
(e.g. skip_email_confirmation).  RegistrationsController now reads
that flag from the database instead of from the application config.

Seeds.rb is kept for headless / automated deployments and skips
admin creation when an admin already exists (idempotent), with a
comment pointing to the web wizard as the preferred path.

Also extends the SQLite nil-limit fix (|| Float::INFINITY) to the
Quantity model, which suffered the same ArgumentError as Unit.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-28 17:19:24 +00:00
barbie-bot
9ad922e3a1 Add skip_email_confirmation option; fix SQLite length validation 
Introduce config.skip_email_confirmation in application.rb.dist.
When set to true, new registrations are automatically confirmed
without requiring email verification — useful for installations
where outgoing email is not configured or for development/testing.
Implemented by calling skip_confirmation! in build_resource before
the record is saved, so no confirmation email is ever sent.

Also fix ArgumentError raised in length validations when
type_for_attribute(:column).limit returns nil, which happens with
SQLite for string columns that have no explicit limit in the
migration. Guard with || Float::INFINITY so the validation is
effectively skipped when the database imposes no limit.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-28 15:57:50 +00:00
cryptogopher
ea8bff9b3d Bundle update to Rails 7.2.3, Devise 5 2026-02-26 02:39:11 +01:00
cryptogopher
80130fb7d1 Allow cascade delete Unit/Quantity 
Closes #32
 2026-02-22 17:50:43 +01:00
cryptogopher
1ba7d29441 Update tests to match labeled form changes 2026-02-22 00:55:21 +01:00
cryptogopher
84945fa4b4 Simplify and improve labeled form 2026-02-22 00:53:18 +01:00
cryptogopher
675eb0aad8 Optimize styles; clean up <fieldset> 2026-02-03 15:33:37 +01:00
cryptogopher
bd1a664caa Measurement form based on select-styled <details> 2026-01-31 17:22:09 +01:00
54 changed files with 1080 additions and 583 deletions
Expand all files Collapse all files

9
Gemfile
View File

@@ -1,7 +1,7 @@
source "https://rubygems.org"
# The requirement for the Ruby version comes from Rails
gem "rails", "~> 7.2.2"
gem "rails", "~> 7.2.3"
gem "sprockets-rails"
gem "puma", "~> 6.0"
gem "sassc-rails"
@@ -42,4 +42,11 @@ group :test do
# Use system testing [https://guides.rubyonrails.org/testing.html#system-testing]
gem "capybara"
gem "selenium-webdriver"
# Remove minitest version restriction after error fixed:
# railties-7.2.3/lib/rails/test_unit/line_filtering.rb:7:in `run':
# wrong number of arguments (given 3, expected 1..2) (ArgumentError)
# from /var/www/.gem/ruby/3.3.0/gems/minitest-6.0.2/lib/minitest.rb:473:in
# `block (2 levels) in run_suite'
gem "minitest", "< 6"
end

289
Gemfile.lock
View File

@@ -1,66 +1,68 @@
GEM
remote: https://rubygems.org/
specs:
actioncable (7.2.2.1)
actionpack (= 7.2.2.1)
activesupport (= 7.2.2.1)
actioncable (7.2.3)
actionpack (= 7.2.3)
activesupport (= 7.2.3)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
zeitwerk (~> 2.6)
actionmailbox (7.2.2.1)
actionpack (= 7.2.2.1)
activejob (= 7.2.2.1)
activerecord (= 7.2.2.1)
activestorage (= 7.2.2.1)
activesupport (= 7.2.2.1)
actionmailbox (7.2.3)
actionpack (= 7.2.3)
activejob (= 7.2.3)
activerecord (= 7.2.3)
activestorage (= 7.2.3)
activesupport (= 7.2.3)
mail (>= 2.8.0)
actionmailer (7.2.2.1)
actionpack (= 7.2.2.1)
actionview (= 7.2.2.1)
activejob (= 7.2.2.1)
activesupport (= 7.2.2.1)
actionmailer (7.2.3)
actionpack (= 7.2.3)
actionview (= 7.2.3)
activejob (= 7.2.3)
activesupport (= 7.2.3)
mail (>= 2.8.0)
rails-dom-testing (~> 2.2)
actionpack (7.2.2.1)
actionview (= 7.2.2.1)
activesupport (= 7.2.2.1)
actionpack (7.2.3)
actionview (= 7.2.3)
activesupport (= 7.2.3)
cgi
nokogiri (>= 1.8.5)
racc
rack (>= 2.2.4, < 3.2)
rack (>= 2.2.4, < 3.3)
rack-session (>= 1.0.1)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6)
useragent (~> 0.16)
actiontext (7.2.2.1)
actionpack (= 7.2.2.1)
activerecord (= 7.2.2.1)
activestorage (= 7.2.2.1)
activesupport (= 7.2.2.1)
actiontext (7.2.3)
actionpack (= 7.2.3)
activerecord (= 7.2.3)
activestorage (= 7.2.3)
activesupport (= 7.2.3)
globalid (>= 0.6.0)
nokogiri (>= 1.8.5)
actionview (7.2.2.1)
activesupport (= 7.2.2.1)
actionview (7.2.3)
activesupport (= 7.2.3)
builder (~> 3.1)
cgi
erubi (~> 1.11)
rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6)
activejob (7.2.2.1)
activesupport (= 7.2.2.1)
activejob (7.2.3)
activesupport (= 7.2.3)
globalid (>= 0.3.6)
activemodel (7.2.2.1)
activesupport (= 7.2.2.1)
activerecord (7.2.2.1)
activemodel (= 7.2.2.1)
activesupport (= 7.2.2.1)
activemodel (7.2.3)
activesupport (= 7.2.3)
activerecord (7.2.3)
activemodel (= 7.2.3)
activesupport (= 7.2.3)
timeout (>= 0.4.0)
activestorage (7.2.2.1)
actionpack (= 7.2.2.1)
activejob (= 7.2.2.1)
activerecord (= 7.2.2.1)
activesupport (= 7.2.2.1)
activestorage (7.2.3)
actionpack (= 7.2.3)
activejob (= 7.2.3)
activerecord (= 7.2.3)
activesupport (= 7.2.3)
marcel (~> 1.0)
activesupport (7.2.2.1)
activesupport (7.2.3)
base64
benchmark (>= 0.3)
bigdecimal
@@ -72,15 +74,16 @@ GEM
minitest (>= 5.1)
securerandom (>= 0.3)
tzinfo (~> 2.0, >= 2.0.5)
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
base64 (0.2.0)
bcrypt (3.1.20)
benchmark (0.4.0)
bigdecimal (3.1.9)
addressable (2.8.8)
public_suffix (>= 2.0.2, < 8.0)
base64 (0.3.0)
bcrypt (3.1.21)
benchmark (0.5.0)
bigdecimal (4.0.1)
bindex (0.8.1)
builder (3.3.0)
byebug (12.0.0)
byebug (13.0.0)
reline (>= 0.6.0)
capybara (3.40.0)
addressable
matrix
@@ -90,54 +93,59 @@ GEM
rack-test (>= 0.6.3)
regexp_parser (>= 1.5, < 3.0)
xpath (~> 3.2)
concurrent-ruby (1.3.5)
connection_pool (2.5.2)
cgi (0.5.1)
concurrent-ruby (1.3.6)
connection_pool (3.0.2)
crass (1.0.6)
date (3.4.1)
devise (4.9.4)
date (3.5.1)
devise (5.0.2)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
railties (>= 7.0)
responders
warden (~> 1.2.3)
drb (2.2.1)
drb (2.2.3)
erb (6.0.2)
erubi (1.13.1)
ffi (1.17.2-aarch64-linux-gnu)
ffi (1.17.2-aarch64-linux-musl)
ffi (1.17.2-arm-linux-gnu)
ffi (1.17.2-arm-linux-musl)
ffi (1.17.2-arm64-darwin)
ffi (1.17.2-x86_64-darwin)
ffi (1.17.2-x86_64-linux-gnu)
ffi (1.17.2-x86_64-linux-musl)
globalid (1.2.1)
ffi (1.17.3-aarch64-linux-gnu)
ffi (1.17.3-aarch64-linux-musl)
ffi (1.17.3-arm-linux-gnu)
ffi (1.17.3-arm-linux-musl)
ffi (1.17.3-arm64-darwin)
ffi (1.17.3-x86_64-darwin)
ffi (1.17.3-x86_64-linux-gnu)
ffi (1.17.3-x86_64-linux-musl)
globalid (1.3.0)
activesupport (>= 6.1)
i18n (1.14.7)
i18n (1.14.8)
concurrent-ruby (~> 1.0)
importmap-rails (2.1.0)
importmap-rails (2.2.3)
actionpack (>= 6.0.0)
activesupport (>= 6.0.0)
railties (>= 6.0.0)
io-console (0.8.0)
irb (1.15.2)
io-console (0.8.2)
irb (1.17.0)
pp (>= 0.6.0)
prism (>= 1.3.0)
rdoc (>= 4.0.0)
reline (>= 0.4.2)
logger (1.7.0)
loofah (2.24.0)
loofah (2.25.0)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
mail (2.8.1)
mail (2.9.0)
logger
mini_mime (>= 0.1.1)
net-imap
net-pop
net-smtp
marcel (1.0.4)
matrix (0.4.2)
marcel (1.1.0)
matrix (0.4.3)
mini_mime (1.1.5)
minitest (5.25.5)
mysql2 (0.5.6)
net-imap (0.5.7)
minitest (5.27.0)
mysql2 (0.5.7)
bigdecimal
net-imap (0.6.3)
date
net-protocol
net-pop (0.1.2)
@@ -146,83 +154,94 @@ GEM
timeout
net-smtp (0.5.1)
net-protocol
nio4r (2.7.4)
nokogiri (1.18.8-aarch64-linux-gnu)
nio4r (2.7.5)
nokogiri (1.19.1-aarch64-linux-gnu)
racc (~> 1.4)
nokogiri (1.18.8-aarch64-linux-musl)
nokogiri (1.19.1-aarch64-linux-musl)
racc (~> 1.4)
nokogiri (1.18.8-arm-linux-gnu)
nokogiri (1.19.1-arm-linux-gnu)
racc (~> 1.4)
nokogiri (1.18.8-arm-linux-musl)
nokogiri (1.19.1-arm-linux-musl)
racc (~> 1.4)
nokogiri (1.18.8-arm64-darwin)
nokogiri (1.19.1-arm64-darwin)
racc (~> 1.4)
nokogiri (1.18.8-x86_64-darwin)
nokogiri (1.19.1-x86_64-darwin)
racc (~> 1.4)
nokogiri (1.18.8-x86_64-linux-gnu)
nokogiri (1.19.1-x86_64-linux-gnu)
racc (~> 1.4)
nokogiri (1.18.8-x86_64-linux-musl)
nokogiri (1.19.1-x86_64-linux-musl)
racc (~> 1.4)
orm_adapter (0.5.0)
pg (1.5.9)
pp (0.6.2)
pg (1.6.3)
pg (1.6.3-aarch64-linux)
pg (1.6.3-aarch64-linux-musl)
pg (1.6.3-arm64-darwin)
pg (1.6.3-x86_64-darwin)
pg (1.6.3-x86_64-linux)
pg (1.6.3-x86_64-linux-musl)
pp (0.6.3)
prettyprint
prettyprint (0.2.0)
psych (5.2.3)
prism (1.9.0)
psych (5.3.1)
date
stringio
public_suffix (6.0.1)
puma (6.6.0)
public_suffix (7.0.2)
puma (6.6.1)
nio4r (~> 2.0)
racc (1.8.1)
rack (3.1.13)
rack-session (2.1.0)
rack (3.2.5)
rack-session (2.1.1)
base64 (>= 0.1.0)
rack (>= 3.0.0)
rack-test (2.2.0)
rack (>= 1.3)
rackup (2.2.1)
rackup (2.3.1)
rack (>= 3)
rails (7.2.2.1)
actioncable (= 7.2.2.1)
actionmailbox (= 7.2.2.1)
actionmailer (= 7.2.2.1)
actionpack (= 7.2.2.1)
actiontext (= 7.2.2.1)
actionview (= 7.2.2.1)
activejob (= 7.2.2.1)
activemodel (= 7.2.2.1)
activerecord (= 7.2.2.1)
activestorage (= 7.2.2.1)
activesupport (= 7.2.2.1)
rails (7.2.3)
actioncable (= 7.2.3)
actionmailbox (= 7.2.3)
actionmailer (= 7.2.3)
actionpack (= 7.2.3)
actiontext (= 7.2.3)
actionview (= 7.2.3)
activejob (= 7.2.3)
activemodel (= 7.2.3)
activerecord (= 7.2.3)
activestorage (= 7.2.3)
activesupport (= 7.2.3)
bundler (>= 1.15.0)
railties (= 7.2.2.1)
rails-dom-testing (2.2.0)
railties (= 7.2.3)
rails-dom-testing (2.3.0)
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.6.2)
loofah (~> 2.21)
rails-html-sanitizer (1.7.0)
loofah (~> 2.25)
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
railties (7.2.2.1)
actionpack (= 7.2.2.1)
activesupport (= 7.2.2.1)
railties (7.2.3)
actionpack (= 7.2.3)
activesupport (= 7.2.3)
cgi
irb (~> 1.13)
rackup (>= 1.0.0)
rake (>= 12.2)
thor (~> 1.0, >= 1.2.2)
tsort (>= 0.2)
zeitwerk (~> 2.6)
rake (13.2.1)
rdoc (6.13.1)
rake (13.3.1)
rdoc (7.2.0)
erb
psych (>= 4.0.0)
regexp_parser (2.10.0)
reline (0.6.1)
tsort
regexp_parser (2.11.3)
reline (0.6.3)
io-console (~> 0.5)
responders (3.1.1)
actionpack (>= 5.2)
railties (>= 5.2)
rexml (3.4.1)
rubyzip (2.4.1)
responders (3.2.0)
actionpack (>= 7.0)
railties (>= 7.0)
rexml (3.4.4)
rubyzip (3.2.2)
sassc (2.4.0)
ffi (~> 1.9)
sassc-rails (2.1.2)
@@ -232,11 +251,11 @@ GEM
sprockets-rails
tilt
securerandom (0.4.1)
selenium-webdriver (4.31.0)
selenium-webdriver (4.41.0)
base64 (~> 0.2)
logger (~> 1.4)
rexml (~> 3.2, >= 3.2.5)
rubyzip (>= 1.2.2, < 3.0)
rubyzip (>= 1.2.2, < 4.0)
websocket (~> 1.0)
sprockets (4.2.2)
concurrent-ruby (~> 1.0)
@@ -246,19 +265,20 @@ GEM
actionpack (>= 6.1)
activesupport (>= 6.1)
sprockets (>= 3.0.0)
sqlite3 (2.7.3-aarch64-linux-gnu)
sqlite3 (2.7.3-aarch64-linux-musl)
sqlite3 (2.7.3-arm-linux-gnu)
sqlite3 (2.7.3-arm-linux-musl)
sqlite3 (2.7.3-arm64-darwin)
sqlite3 (2.7.3-x86_64-darwin)
sqlite3 (2.7.3-x86_64-linux-gnu)
sqlite3 (2.7.3-x86_64-linux-musl)
stringio (3.1.7)
thor (1.3.2)
tilt (2.6.0)
timeout (0.4.3)
turbo-rails (2.0.13)
sqlite3 (2.9.0-aarch64-linux-gnu)
sqlite3 (2.9.0-aarch64-linux-musl)
sqlite3 (2.9.0-arm-linux-gnu)
sqlite3 (2.9.0-arm-linux-musl)
sqlite3 (2.9.0-arm64-darwin)
sqlite3 (2.9.0-x86_64-darwin)
sqlite3 (2.9.0-x86_64-linux-gnu)
sqlite3 (2.9.0-x86_64-linux-musl)
stringio (3.2.0)
thor (1.5.0)
tilt (2.7.0)
timeout (0.6.0)
tsort (0.2.0)
turbo-rails (2.0.23)
actionpack (>= 7.1.0)
railties (>= 7.1.0)
tzinfo (2.0.6)
@@ -272,13 +292,13 @@ GEM
bindex (>= 0.4.0)
railties (>= 6.0.0)
websocket (1.2.11)
websocket-driver (0.7.7)
websocket-driver (0.8.0)
base64
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
xpath (3.2.0)
nokogiri (~> 1.8)
zeitwerk (2.7.2)
zeitwerk (2.7.5)
PLATFORMS
aarch64-linux-gnu
@@ -295,10 +315,11 @@ DEPENDENCIES
capybara
devise
importmap-rails
minitest (< 6)
mysql2 (~> 0.5)
pg (~> 1.5)
puma (~> 6.0)
rails (~> 7.2.2)
rails (~> 7.2.3)
sassc-rails
selenium-webdriver
sprockets-rails

1
app/assets/images/pictograms/chevron-down.svg Normal file
View File

@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" id="icon" viewBox="0 0 24 24"><path d="M7.41,8.58L12,13.17L16.59,8.58L18,10L12,16L6,10L7.41,8.58Z" /></svg>
Side by Side

After

Width:  |  Height:  |  Size: 148 B

338
app/assets/stylesheets/application.css
View File

@@ -15,6 +15,13 @@
*= require_self
*/
/* Strive for simplicity:
* * style elements/tags only - if possible,
* * replace element/tag name with class name - if element has to be styled
* differently depending on context (e.g. form)
*
* NOTE: Style in a modular way, similar to how CSS @scope would be used,
* to make transition easier once @scope is widely available */
:root {
--color-focus-gray: #f3f3f3;
--color-border-gray: #dddddd;
@@ -48,37 +55,24 @@
}
/* TODO: collapse gaps around empty rows (`topside`) once possible
* https://github.com/w3c/csswg-drafts/issues/5813 */
body {
display: grid;
gap: 0.8em;
grid-template-areas:
"header header header"
"nav nav nav"
"leftside topside rightside"
"leftside main rightside";
grid-template-columns: 1fr auto 1fr;
grid-template-rows: repeat(4, auto);
font-family: system-ui;
margin: 0.4em;
}
/* Color coding of input controls' background:
* blue - target for interaction with pointer
* gray - target for interaction with keyboard
* red - destructive, non-undoable action
*/
button,
details,
input,
select,
textarea {
background-color: inherit;
font: inherit;
}
details,
input,
select {
text-align: inherit;
}
/* blue - target for interaction with pointer */
/* gray - target for interaction with keyboard */
/* TODO: remove non-font-size rems from buttons/inputs below */
a,
button,
input[type=submit] {
@@ -101,11 +95,12 @@ input[type=submit]:not([hidden]),
button,
input[type=submit] {
font-size: 0.8rem;
padding: 0.4em;
padding: 0.6em 0.5em;
width: fit-content;
}
input:not([type=submit]):not([type=checkbox]),
select,
summary,
textarea {
padding: 0.2em 0.4em;
}
@@ -113,68 +108,23 @@ textarea {
button,
input,
select,
summary,
textarea {
border: solid 1px var(--color-gray);
border-radius: 0.25em;
}
fieldset,
input[type=checkbox],
svg,
textarea {
margin: 0
}
.button > svg,
.tab > svg,
button > svg {
height: 1.8em;
width: 1.8em;
}
.button > svg:not(:last-child),
.tab > svg:not(:last-child),
button > svg:not(:last-child) {
padding-right: 0.4em;
}
fieldset {
padding: 0.4em;
}
legend {
color: var(--color-gray);
display: flex;
gap: 0.4em;
width: 100%;
}
legend span {
align-content: center;
flex-grow: 1;
}
/* TODO: move normal non-button links (<a>:hover/:focus) styling here (i.e.
* page-wide, top-level) and remove from table.items - as the style should be
* same everywhere */
.button:focus-visible,
button:focus-visible,
input[type=submit]:focus-visible {
background-color: var(--color-focus-gray);
}
.button:hover,
button:hover,
input[type=submit]:hover {
background-color: var(--color-blue);
border-color: var(--color-blue);
color: white;
fill: white;
}
.dangerous:hover {
background-color: var(--color-red);
border-color: var(--color-red);
}
input[type=checkbox] {
accent-color: var(--color-blue);
appearance: none;
-webkit-appearance: none;
display: flex;
height: 1.1rem;
margin: 0;
width: 1.1rem;
height: 1.1em;
width: 1.1em;
}
input[type=checkbox]:checked {
appearance: checkbox;
@@ -192,42 +142,96 @@ input::-webkit-outer-spin-button {
-webkit-appearance: none;
margin: 0;
}
.button > svg,
.tab > svg,
button > svg {
height: 1.4em;
width: 1.4em;
}
.button > svg:not(:last-child),
.tab > svg:not(:last-child),
button > svg:not(:last-child) {
margin-right: 0.2em;
}
/* TODO: move normal non-button links (<a>:hover/:focus) styling here (i.e.
* page-wide, top-level) and remove from table.items - as the style should be
* same everywhere */
.button:focus-visible,
button:focus-visible,
input[type=submit]:focus-visible {
background-color: var(--color-focus-gray);
}
input:focus-visible,
select:focus-visible,
select:focus-within,
/* TODO: how to achieve summary:focus-within for ::details-content? */
summary:focus-visible,
textarea:focus-visible {
accent-color: var(--color-dark-blue);
background-color: var(--color-focus-gray);
}
.button:hover,
button:hover,
input[type=submit]:hover {
background-color: var(--color-blue);
border-color: var(--color-blue);
color: white;
fill: white;
}
.dangerous:hover {
background-color: var(--color-red);
border-color: var(--color-red);
}
input:hover,
select:hover,
summary:hover,
textarea:hover {
border-color: var(--color-blue);
outline: solid 1px var(--color-blue);
}
select:hover,
summary:hover {
cursor: pointer;
}
input:invalid,
select:invalid,
textarea:invalid {
border-color: var(--color-red);
outline: solid 1px var(--color-red);
}
select:hover {
cursor: pointer;
}
input:focus-visible,
select:focus-within,
select:focus-visible,
textarea:focus-visible {
accent-color: var(--color-dark-blue);
background-color: var(--color-focus-gray);
}
fieldset,
input[type=text]:read-only,
textarea:read-only {
border: none;
padding-left: 0;
padding-right: 0;
padding-inline: 0;
}
/* NOTE: collapse gaps around empty rows (`topside`) once possible
* with grid-collapse property and remove alternative grid-template
* https://github.com/w3c/csswg-drafts/issues/5813 */
body {
display: grid;
gap: 0.8em;
grid-template-areas:
"header header header"
"nav nav nav"
"leftside topside rightside"
"leftside main rightside";
grid-template-columns: 1fr minmax(max-content, 2fr) 1fr;
font-family: system-ui;
margin: 0.4em;
}
body:not(:has(.topside-area)) {
grid-template-areas:
"header header header"
"nav nav nav"
"leftside main rightside";
}
header {
grid-area: header;
}
.navigation {
display: flex;
grid-area: nav;
@@ -240,7 +244,7 @@ header {
flex: 1;
font-size: 1rem;
justify-content: center;
padding-block: 0.3em;
padding-block: 0.4em;
}
.navigation > .tab:hover,
.navigation > .tab:focus-visible {
@@ -252,21 +256,19 @@ header {
fill: var(--color-blue);
}
.topside {
.topside-area {
grid-area: topside;
}
.leftside {
.leftside-area {
grid-area: leftside;
}
.main {
.main-area {
grid-area: main;
}
.rightside {
.rightside-area {
grid-area: rightside;
}
.buttongrid {
display: grid;
gap: 0.4em;
@@ -274,7 +276,7 @@ header {
grid-template-columns: auto 1fr auto;
grid-template-rows: max-content;
}
.tools {
.tools-area {
grid-area: tools;
}
@@ -338,47 +340,43 @@ header {
opacity: 1;
}
/* TODO: Update styling, including rem removal. */
form table {
border-spacing: 0.8rem;
/* TODO: Hover over invalid should work like in measurements (thin vs thick border) */
.labeled-form {
align-items: center;
display: grid;
gap: 0.9em 1.1em;
grid-template-columns: 1fr minmax(max-content, 0.5fr) 1fr;
}
form tr td:first-child {
.labeled-form label {
color: var(--color-gray);
font-size: 0.9rem;
padding-right: 0.25rem;
grid-column: 1;
text-align: right;
white-space: nowrap;
}
form label.required {
.labeled-form label.required {
font-weight: bold;
}
form label.error,
form td.error::after {
/* Don't style `label.error + input` if case already covered by input:invalid */
.labeled-form label.error {
color: var(--color-red);
}
form td.error {
display: -webkit-box;
}
form td.error::after {
content: attr(data-content);
font-size: 0.9rem;
margin-left: 1rem;
padding: 0.25rem 0;
position: absolute;
}
form em {
.labeled-form em {
color: var(--color-text-gray);
font-size: 0.75rem;
font-weight: normal;
}
form input[type=submit] {
float: none;
.labeled-form input {
grid-column: 2;
}
.labeled-form input[type=submit] {
font-size: 1rem;
margin: 1.5rem auto 0 auto;
padding: 0.75rem;
margin: 1.5em auto 0 auto;
padding: 0.75em;
}
/* TODO: remove .items class (?) and make 'form table' work properly */
table.items {
border-spacing: 0;
border: solid 1px var(--color-border-gray);
@@ -386,6 +384,9 @@ table.items {
font-size: 0.85rem;
text-align: left;
}
table:not(:has(tr)) {
display: none;
}
table.items thead {
font-size: 0.8rem;
}
@@ -462,7 +463,7 @@ table.items tr.form td {
}
/* TODO: replace :hover:focus-visible combos with proper LOVE stye order */
/* TODO: Update styling, including rem removal. */
/* TODO: Update table styling: simplify selectors, deduplicate, remove non-font rem. */
table.items td.link a:hover,
table.items td.link a:focus-visible,
table.items td.link a:hover:focus-visible {
@@ -485,15 +486,13 @@ table.items td:not(:first-child),
color: var(--color-table-gray);
fill: var(--color-table-gray);
}
table.items td.hint {
color: var(--color-table-gray);
font-style: italic;
font-size: 0.8rem;
padding: 1em;
}
table.items svg {
height: 1.2rem;
height: 1rem;
vertical-align: middle;
width: 1rem;
}
table.items svg:last-child {
height: 1.2rem;
width: 1.2rem;
}
table.items td.svg {
@@ -506,7 +505,8 @@ table.items .button,
table.items button,
table.items input[type=submit] {
font-weight: normal;
padding: 0.3em;
height: 100%;
padding: 0.4em;
}
table.items input:not([type=submit]):not([type=checkbox]),
table.items select,
@@ -532,7 +532,6 @@ table.items select:focus-within,
table.items select:focus-visible {
color: black;
}
form a[name=cancel] {
border-color: var(--color-border-gray);
color: var(--color-nav-gray);
@@ -550,21 +549,31 @@ form table.items td:first-child {
color: inherit;
}
.centered {
margin: 0 auto;
}
.extendedright {
margin-right: auto;
}
.hexpand {
width: 100%;
}
.hflex {
display: flex;
gap: 0.8em;
}
.hflex.reverse {
flex-direction: row-reverse;
}
.hflex.centered {
justify-content: center;
}
.vexpand {
width: 100%;
.hint {
color: var(--color-table-gray);
font-style: italic;
font-size: 0.9rem;
text-align: center;
}
.vflex {
display: flex;
@@ -572,12 +581,81 @@ form table.items td:first-child {
flex-direction: column;
}
[disabled] {
/* label:has(input[disabled]) {
* TODO: disabled checkbox blue square focus removal; disabled label styling;
* focused label styling (currently only checkbox has focus)
* */
border-color: var(--color-border-gray) !important;
color: var(--color-border-gray) !important;
cursor: not-allowed;
fill: var(--color-border-gray) !important;
pointer-events: none;
}
.unwrappable {
details {
align-content: center;
position: relative;
}
summary {
align-items: center;
color: var(--color-gray);
display: flex;
gap: 0.2em;
height: 100%;
white-space: nowrap;
}
summary::before {
background-color: #000;
content: "";
height: 1em;
mask-image: url('pictograms/chevron-down.svg');
mask-size: cover;
width: 1em;
}
summary:has(.button) {
padding-block: 0;
padding-inline-end: 0;
}
summary .button {
border: solid 1px var(--color-border-gray);
border-radius: inherit;
border-top-left-radius: 0;
border-bottom-left-radius: 0;
border-style: none none none solid;
height: 100%;
}
summary span {
width: 100%;
}
details[open] summary::before {
transform: rotate(180deg);
}
summary::marker {
padding-left: 0.25em;
}
/* NOTE: use details[open]::details-content once widely available */
details[open] ul {
background: white;
border: solid 1px var(--color-border-gray);
border-radius: 0.25em;
box-shadow: 1px 1px 3px var(--color-border-gray);
margin: -1px 0 0 0;
padding-left: 0;
position: absolute;
width: 100%;
}
li:hover {
background-color: var(--color-focus-gray);
}
li label {
align-items: center;
display: flex;
line-height: 1.4em;
}
li input[type=checkbox] {
margin: 0 0.25em;
}
li::marker {
content: '';
}

11
app/controllers/application_controller.rb
View File

@@ -9,6 +9,7 @@ class ApplicationController < ActionController::Base
helper_method :current_user_disguised?
helper_method :current_tab
before_action :redirect_to_setup_if_needed
before_action :authenticate_user!
class AccessForbidden < StandardError; end
@@ -43,6 +44,16 @@ class ApplicationController < ActionController::Base
private
# Redirect to the web setup wizard when the application has not yet been
# initialised (i.e. no admin account exists in the database).
def redirect_to_setup_if_needed
return if User.exists?(status: :admin)
redirect_to new_setup_path
rescue ActiveRecord::StatementInvalid
# Tables may not exist yet (migrations not run). Fall through and let the
# normal request handling surface a meaningful error.
end
def render_no_content(record)
helpers.render_errors(record)
render html: nil, layout: true

23
app/controllers/readouts_controller.rb
View File

@@ -1,23 +1,16 @@
class ReadoutsController < ApplicationController
before_action :find_quantity, only: [:new, :discard]
before_action :find_quantities, only: [:new]
before_action :find_quantity, only: [:discard]
before_action :find_prev_quantities, only: [:new, :discard]
def new
new_quantities =
case params[:button]
when 'children'
@quantity.subquantities
when 'subtree'
@quantity.progenies
else
[@quantity]
end
new_quantities -= @prev_quantities
@readouts = current_user.readouts.build(new_quantities.map { |q| {quantity: q} })
@quantities -= @prev_quantities
# TODO: raise ParameterInvalid if new_quantities.empty?
@readouts = current_user.readouts.build(@quantities.map { |q| {quantity: q} })
@user_units = current_user.units.ordered
quantities = @prev_quantities + new_quantities
quantities = @prev_quantities + @quantities
@superquantity = current_user.quantities
.common_ancestors(quantities.map(&:parent_id)).first
end
@@ -31,6 +24,10 @@ class ReadoutsController < ApplicationController
private
def find_quantities
@quantities = current_user.quantities.find(params[:quantity])
end
def find_quantity
@quantity = current_user.quantities.find_by!(id: params[:id])
end

18
app/controllers/registrations_controller.rb
View File

@@ -1,8 +1,26 @@
class RegistrationsController < Devise::RegistrationsController
before_action :authenticate_user!, only: [:edit, :update, :destroy]
def destroy
if current_user.sole_admin?
redirect_back fallback_location: edit_user_registration_path,
alert: t(".sole_admin")
return
end
super
end
protected
def build_resource(hash = {})
super
# Skip the email confirmation step when the admin has enabled this option
# via the web setup wizard (stored as the "skip_email_confirmation" Setting).
# The account becomes active immediately so the user can sign in right after
# registering.
resource.skip_confirmation! if Setting.get("skip_email_confirmation") == "true"
end
def update_resource(resource, params)
# Based on update_with_password()
if params[:password].blank?

59
app/controllers/setup_controller.rb Normal file
View File

@@ -0,0 +1,59 @@
# Handles the one-time web-based installation wizard.
#
# The wizard is only accessible when no admin account exists yet. Once an
# admin has been created the controller redirects every request to the root
# path, so it can never be used to overwrite an existing installation.
class SetupController < ActionController::Base
# Use the full application layout (header, flash, etc.) so the page looks
# consistent with the rest of the site.
layout "application"
before_action :redirect_if_installed
def new
end
def create
email = params[:admin_email].to_s.strip
password = params[:admin_password].to_s
confirm = params[:admin_password_confirmation].to_s
errors = []
errors << t(".email_blank") if email.blank?
errors << t(".password_blank") if password.blank?
errors << t(".password_mismatch") if password != confirm
if errors.any?
flash.now[:alert] = errors.join(" ")
return render :new, status: :unprocessable_entity
end
user = User.new(email: email, password: password, status: :admin)
user.skip_confirmation!
unless user.save
flash.now[:alert] = user.errors.full_messages.join(" ")
return render :new, status: :unprocessable_entity
end
# Persist runtime settings chosen during setup.
Setting.set("skip_email_confirmation",
params[:skip_email_confirmation] == "1")
# Optionally seed the built-in default units.
if params[:seed_units] == "1"
load Rails.root.join("db/seeds/units.rb")
end
redirect_to new_user_session_path, notice: t(".success")
end
private
def redirect_if_installed
redirect_to root_path if User.exists?(status: :admin)
rescue ActiveRecord::StatementInvalid
# Tables are not yet migrated — stay on the setup page so the user sees a
# meaningful error rather than a crash.
end
end

128
app/helpers/application_helper.rb
View File

@@ -1,59 +1,84 @@
module ApplicationHelper
# TODO: replace legacy content_tag with tag.tagname
class LabelledFormBuilder < ActionView::Helpers::FormBuilder
(field_helpers - [:label]).each do |selector|
class LabeledFormBuilder < ActionView::Helpers::FormBuilder
(field_helpers - [:label, :hidden_field]).each do |selector|
class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1
def #{selector}(method, options = {})
labelled_row_for(method, options) { super }
labeled_field_for(method, options) { super }
end
RUBY_EVAL
end
def select(method, choices = nil, options = {}, html_options = {})
labelled_row_for(method, options) { super }
end
def submit(value, options = {})
@template.content_tag :tr do
@template.content_tag :td, super, colspan: 2
end
end
def form_for(&block)
@template.content_tag(:table, class: "centered") { yield(self) } +
# Display leftover error messages (there shouldn't be any)
@template.content_tag(:div, @object&.errors.full_messages.join(@template.tag(:br)))
labeled_field_for(method, options) { super }
end
private
def labelled_row_for(method, options)
@template.content_tag :tr do
@template.content_tag(:td, label_for(method, options), class: "unwrappable") +
@template.content_tag(:td, options.delete(:readonly) ? @object.public_send(method) : yield,
@object&.errors[method].present? ?
{class: "error", data: {content: @object&.errors.delete(method).join(" and ")}} :
{})
def labeled_field_for(method, options)
field = if options.delete(:readonly) then
value = object.public_send(method)
value = @template.l(value) if value.respond_to?(:strftime)
value ||= options[:placeholder]
else
yield
end
label_for(method, options) + field
end
def label_for(method, options = {})
return '' if options[:label] == false
text = options.delete(:label)
text ||= @object.class.human_attribute_name(method).capitalize
classes = @template.class_names(required: options[:required],
error: @object&.errors[method].present?)
label = label(method, "#{text}:", class: classes)
hint = options.delete(:hint)
error: object.errors[method].present?)
label + (@template.tag(:br) + @template.content_tag(:em, hint) if hint)
handler = {missing_interpolation_argument_handler: method(:interpolation_missing)}
# Label translation search order:
# controller.action.* => helpers.label.model.* => activerecord.attributes.model.*
# First 2 levels are translated recursively.
label(method, class: classes) do |builder|
translation = I18n.config.with(**handler) { deep_translate(method, **options) }
translation.presence || "#{builder.translation}:"
end
end
def labelled_form_for(record, options = {}, &block)
options = options.deep_merge(builder: LabelledFormBuilder, data: {turbo: false})
form_for(record, **options) { |f| f.form_for(&block) }
def interpolation_missing(key, values, string)
@template.instance_values[key.to_s] || deep_translate(key, **values)
end
# Extension to label text translation:
# * recursive translation,
# * interpolation of (_relative_) translation key names and instance variables,
# * pluralization based on any interpolable value
# TODO: add unit tests for the above
def deep_translate(key, **options)
options[:default] = [
:".#{key}",
:"helpers.label.#{@object_name}.#{key}_html",
:"helpers.label.#{@object_name}.#{key}",
""
]
# At least 1 interpolation key is required for #translate to act on
# missing interpolation arguments (i.e. call custom handler).
# Also setting `key` to nil avoids recurrent translation.
options[key] = nil
@template.t(".#{key}_html", **options) do |translation, resolved_key|
if translation.is_a?(Array) && (count = translation.to_h[:count])
@template.t(resolved_key, count: I18n.interpolate(count, **options), **options)
else
translation
end
end
end
end
def labeled_form_for(record, options = {}, &block)
extra_options = {builder: LabeledFormBuilder,
data: {turbo: false},
html: {class: 'labeled-form'}}
options = options.deep_merge(extra_options) do |key, left, right|
key == :class ? class_names(left, right) : right
end
form_for(record, **options, &block)
end
class TabularFormBuilder < ActionView::Helpers::FormBuilder
@@ -75,12 +100,11 @@ module ApplicationHelper
end
def number_field(method, options = {})
value = object.public_send(method)
if value.is_a?(BigDecimal)
options[:value] = value.to_scientific
type = object.class.type_for_attribute(method)
options[:step] ||= BigDecimal(10).power(-type.scale)
options[:max] ||= BigDecimal(10).power(type.precision - type.scale) -
attr_type = object.type_for_attribute(method)
if attr_type.type == :decimal
options[:value] = object.public_send(method)&.to_scientific
options[:step] ||= BigDecimal(10).power(-attr_type.scale)
options[:max] ||= BigDecimal(10).power(attr_type.precision - attr_type.scale) -
options[:step]
options[:min] = options[:min] == :step ? options[:step] : options[:min]
options[:min] ||= -options[:max]
@@ -112,6 +136,7 @@ module ApplicationHelper
# and the first input gets focus.
record_object, options = nil, record_object if record_object.is_a?(Hash)
options.merge!(builder: TabularFormBuilder, skip_default_ids: true)
# TODO: set error message with setCustomValidity instead of rendering to flash?
render_errors(record_object || record_name)
fields_for(record_name, record_object, **options, &block)
end
@@ -123,7 +148,7 @@ module ApplicationHelper
end
def svg_tag(source, label = nil, options = {})
svg_tag = content_tag :svg, options do
svg_tag = tag.svg(options) do
tag.use(href: "#{image_path(source + ".svg")}#icon")
end
label.blank? ? svg_tag : svg_tag + tag.span(label)
@@ -171,17 +196,23 @@ module ApplicationHelper
def image_link_to_unless_current(name, image = nil, options = nil, html_options = {})
name, html_options = link_or_button_options(:link, name, image, html_options)
html_options = html_options.deep_merge DISABLED_ATTRIBUTES if current_page?(options)
# NOTE: Starting from Rails 8.1.0, below condition can be replaced with:
# current_page?(options, method: [:get, :post])
if request.path == url_for(options)
html_options = html_options.deep_merge DISABLED_ATTRIBUTES
end
link_to name, options, html_options
end
def render_errors(records)
flash[:alert] ||= []
# Conversion of flash to Array only required because of Devise
flash[:alert] = Array(flash[:alert])
Array(records).each { |record| flash[:alert] += record.errors.full_messages }
end
def render_flash_messages
flash.map do |entry, messages|
# Conversion of flash to Array only required because of Devise
Array(messages).map do |message|
tag.div class: "flash #{entry}" do
tag.div(sanitize(message)) + tag.button(sanitize("&times;"), tabindex: -1,
@@ -204,8 +235,6 @@ module ApplicationHelper
private
def link_or_button_options(type, name, image = nil, html_options)
name = svg_tag("pictograms/#{image}", name) if image
html_options[:class] = class_names(
html_options[:class],
'button',
@@ -216,9 +245,10 @@ module ApplicationHelper
html_options[:onclick] = "return confirm('\#{html_options[:onclick][:confirm]}');"
end
if type == :link && !(html_options[:onclick] || html_options.dig(:data, :turbo_stream))
name += '...'
end
link_is_local = html_options[:onclick] || html_options.dig(:data, :turbo_stream)
name = name.to_s
name += '...' if type == :link && !link_is_local
name = svg_tag("pictograms/#{image}", name) if image
[name, html_options]
end

9
app/helpers/quantities_helper.rb
View File

@@ -1,2 +1,11 @@
module QuantitiesHelper
def quantities_check_boxes
# Closing <details> on focusout event depends on relatedTarget for internal
# actions being non-null. To ensure this, all top-layer elements of
# ::details-content must accept focus, e.g. <label> needs tabindex="-1" */
collection_check_boxes(nil, :quantity, @quantities, :id, :to_s_with_depth,
include_hidden: false) do |b|
content_tag :li, b.label(tabindex: -1) { b.check_box + b.text }
end
end
end

174
app/javascript/application.js
View File

@@ -9,31 +9,70 @@ function showPage(event) {
}
document.addEventListener('turbo:load', showPage)
function detailsChange(event) {
var target = event.currentTarget
var count = target.querySelectorAll('input:checked:not([disabled])').length
var span = target.querySelector('summary > span')
var button = target.querySelector('button')
if (count > 0) {
span.textContent = count + ' selected';
Turbo.StreamElement.prototype.enableElement(button)
} else {
span.textContent = span.getAttribute('data-prompt')
Turbo.StreamElement.prototype.disableElement(button)
}
}
window.detailsChange = detailsChange
/* Close open <details> when focus lost */
function detailsClose(event) {
if (!event.relatedTarget ||
event.relatedTarget.closest("details") != event.currentTarget) {
event.currentTarget.removeAttribute("open")
}
}
window.detailsClose = detailsClose
window.detailsObserver = new MutationObserver((mutations) => {
mutations[0].target.dispatchEvent(new Event('change', {bubbles: true}))
});
/* Turbo stream actions */
Turbo.StreamElement.prototype.disableElement = function(element) {
element.setAttribute("disabled", "disabled")
element.setAttribute("aria-disabled", "true")
element.setAttribute("tabindex", "-1")
}
Turbo.StreamActions.disable = function() {
this.targetElements.forEach((e) => { this.disableElement(e) })
}
Turbo.StreamElement.prototype.enableElement = function(element) {
element.removeAttribute("disabled")
element.removeAttribute("aria-disabled")
// 'tabindex' is not used explicitly, so removing it is safe
// Assume 'tabindex' is not used explicitly, so removing it is safe
element.removeAttribute("tabindex")
}
Turbo.StreamActions.disable = function() {
this.targetElements.forEach((e) => {
e.setAttribute("disabled", "disabled")
e.setAttribute("aria-disabled", "true")
e.setAttribute("tabindex", "-1")
})
}
Turbo.StreamActions.enable = function() {
this.targetElements.forEach((e) => { this.enableElement(e) })
}
/* TODO: change to visibility = collapse to avoid width change? */
Turbo.StreamActions.hide = function() {
this.targetElements.forEach((e) => { e.style.display = "none" })
}
Turbo.StreamActions.show = function() {
this.targetElements.forEach((e) => { e.style.removeProperty("display") })
}
/*
Turbo.StreamActions.collapse = function() {
this.targetElements.forEach((e) => { e.style.visibility = "collapse" })
}
*/
Turbo.StreamActions.close_form = function() {
this.targetElements.forEach((e) => {
/* Move focus if there's no focus or focus inside form being closed */
@@ -54,28 +93,63 @@ Turbo.StreamActions.close_form = function() {
})
}
Turbo.StreamActions.unselect = function() {
this.targetElements.forEach((e) => {
e.checked = false
this.enableElement(e)
})
}
function formProcessKey(event) {
switch (event.key) {
case "Escape":
event.currentTarget.querySelector("a[name=cancel]").click()
break
case "Enter":
event.currentTarget.querySelector("button[name=button]").click()
event.preventDefault()
break
}
}
window.formProcessKey = formProcessKey
function detailsProcessKey(event) {
// TODO: up/down arrows to move focus to prev/next line
switch (event.key) {
case "Escape":
if (event.currentTarget.hasAttribute("open")) {
event.currentTarget.removeAttribute("open")
event.stopPropagation()
}
break
case "Enter":
var button = event.currentTarget.querySelector("button:not([disabled])")
if (button) {
button.click()
// Autofocus won't be respected unless target is blurred
event.target.blur()
event.preventDefault()
event.stopPropagation()
}
break
}
}
window.detailsProcessKey = detailsProcessKey;
/* Items table drag and drop support */
function processKey(event) {
if (event.key == "Escape") {
event.currentTarget.querySelector("a[name=cancel]").click();
}
}
window.processKey = processKey;
var lastEnterTime;
var lastEnterTime
function dragStart(event) {
lastEnterTime = event.timeStamp;
var row = event.currentTarget;
lastEnterTime = event.timeStamp
var row = event.currentTarget
row.closest("table").querySelectorAll("thead tr").forEach((tr) => {
tr.toggleAttribute("hidden");
});
event.dataTransfer.setData("text/plain", row.getAttribute("data-drag-path"));
var rowRectangle = row.getBoundingClientRect();
event.dataTransfer.setDragImage(row, event.x - rowRectangle.left, event.y - rowRectangle.top);
event.dataTransfer.dropEffect = "move";
tr.toggleAttribute("hidden")
})
event.dataTransfer.setData("text/plain", row.getAttribute("data-drag-path"))
var rowRectangle = row.getBoundingClientRect()
event.dataTransfer.setDragImage(row, event.x - rowRectangle.left, event.y - rowRectangle.top)
event.dataTransfer.dropEffect = "move"
}
window.dragStart = dragStart;
window.dragStart = dragStart
/*
* Drag tracking assumptions (based on FF 122.0 experience):
@@ -87,44 +161,44 @@ window.dragStart = dragStart;
* and outside. This should probably be fixed in browser, than patched here.
*/
function dragEnter(event) {
//console.log(event.timeStamp + " " + event.type + ": " + event.currentTarget.id);
dragLeave(event);
lastEnterTime = event.timeStamp;
const id = event.currentTarget.getAttribute("data-drop-id");
document.getElementById(id).classList.add("dropzone");
//console.log(event.timeStamp + " " + event.type + ": " + event.currentTarget.id)
dragLeave(event)
lastEnterTime = event.timeStamp
const id = event.currentTarget.getAttribute("data-drop-id")
document.getElementById(id).classList.add("dropzone")
}
window.dragEnter = dragEnter;
window.dragEnter = dragEnter
function dragOver(event) {
event.preventDefault();
event.preventDefault()
}
window.dragOver = dragOver;
window.dragOver = dragOver
function dragLeave(event) {
//console.log(event.timeStamp + " " + event.type + ": " + event.currentTarget.id);
//console.log(event.timeStamp + " " + event.type + ": " + event.currentTarget.id)
// Leave has been accounted for by Enter at the same timestamp, processed earlier
if (event.timeStamp <= lastEnterTime) return;
if (event.timeStamp <= lastEnterTime) return
event.currentTarget.closest("table").querySelectorAll(".dropzone").forEach((tr) => {
tr.classList.remove("dropzone");
});
tr.classList.remove("dropzone")
})
}
window.dragLeave = dragLeave;
window.dragLeave = dragLeave
function dragEnd(event) {
dragLeave(event);
dragLeave(event)
event.currentTarget.closest("table").querySelectorAll("thead tr").forEach((tr) => {
tr.toggleAttribute("hidden");
});
tr.toggleAttribute("hidden")
})
}
window.dragEnd = dragEnd;
window.dragEnd = dragEnd
function drop(event) {
event.preventDefault();
event.preventDefault()
var params = new URLSearchParams();
var id_param = event.currentTarget.getAttribute("data-drop-id-param");
var id = event.currentTarget.getAttribute("data-drop-id").split("_").pop();
params.append(id_param, id);
var params = new URLSearchParams()
var id_param = event.currentTarget.getAttribute("data-drop-id-param")
var id = event.currentTarget.getAttribute("data-drop-id").split("_").pop()
params.append(id_param, id)
fetch(event.dataTransfer.getData("text/plain"), {
body: params,
@@ -138,4 +212,4 @@ function drop(event) {
.then(response => response.text())
.then(html => Turbo.renderStreamMessage(html))
}
window.drop = drop;
window.drop = drop

4
app/models/quantity.rb
View File

@@ -15,8 +15,8 @@ class Quantity < ApplicationRecord
errors.add(:parent, :descendant_reference) if ancestor_of?(parent)
end
validates :name, presence: true, uniqueness: {scope: [:user_id, :parent_id]},
length: {maximum: type_for_attribute(:name).limit}
validates :description, length: {maximum: type_for_attribute(:description).limit}
length: {maximum: type_for_attribute(:name).limit || Float::INFINITY}
validates :description, length: {maximum: type_for_attribute(:description).limit || Float::INFINITY}
# Update :depths of progenies after parent change
before_save if: :parent_changed? do

20
app/models/setting.rb Normal file
View File

@@ -0,0 +1,20 @@
# Key-value store for runtime application settings that are configured through
# the web setup wizard (or updated by an administrator) rather than hard-coded
# in application.rb.
#
# Known keys:
# skip_email_confirmation "true"/"false", mirrors the homonymous option
# that was previously in application.rb.
class Setting < ApplicationRecord
validates :key, presence: true, uniqueness: true
# Return the string value stored for +key+, or +default+ when absent.
def self.get(key, default: nil)
find_by(key: key)&.value || default
end
# Persist +value+ for +key+, creating the record if it does not yet exist.
def self.set(key, value)
find_or_initialize_by(key: key).update!(value: value.to_s)
end
end

7
app/models/unit.rb
View File

@@ -3,7 +3,8 @@ class Unit < ApplicationRecord
belongs_to :user, optional: true
belongs_to :base, optional: true, class_name: "Unit"
has_many :subunits, class_name: "Unit", inverse_of: :base, dependent: :restrict_with_error
has_many :subunits, class_name: "Unit", inverse_of: :base,
dependent: :restrict_with_error
validate if: ->{ base.present? } do
errors.add(:base, :user_mismatch) unless user_id == base.user_id
@@ -11,8 +12,8 @@ class Unit < ApplicationRecord
errors.add(:base, :multilevel_nesting) if base.base_id?
end
validates :symbol, presence: true, uniqueness: {scope: :user_id},
length: {maximum: type_for_attribute(:symbol).limit}
validates :description, length: {maximum: type_for_attribute(:description).limit}
length: {maximum: type_for_attribute(:symbol).limit || Float::INFINITY}
validates :description, length: {maximum: type_for_attribute(:description).limit || Float::INFINITY}
validates :multiplier, numericality: {equal_to: 1}, unless: :base
validates :multiplier, numericality: {greater_than: 0, precision: true, scale: true}, if: :base

13
app/models/user.rb
View File

@@ -12,10 +12,10 @@ class User < ApplicationRecord
disabled: 0, # administratively disallowed to sign in
}, default: :active, validate: true
has_many :readouts, dependent: :destroy
has_many :readouts, dependent: :delete_all
accepts_nested_attributes_for :readouts
has_many :quantities, dependent: :destroy
has_many :units, dependent: :destroy
has_many :quantities, dependent: :delete_all
has_many :units, dependent: :delete_all
validates :email, presence: true, uniqueness: true,
length: {maximum: type_for_attribute(:email).limit}
@@ -29,4 +29,11 @@ class User < ApplicationRecord
def at_least(status)
User.statuses[self.status] >= User.statuses[status]
end
# Returns true when this user is the only admin account in the system.
# Used to block actions that would leave the application without an admin
# (account deletion, status demotion).
def sole_admin?
admin? && !User.admin.where.not(id: id).exists?
end
end

9
app/views/default/units/index.html.erb
View File

@@ -1,16 +1,17 @@
<div class="rightside buttongrid">
<div class="rightside-area buttongrid">
<% if current_user.at_least(:active) %>
<%# TODO: implement Import all %>
<%#= image_button_to t('.import_all'), 'download-multiple-outline',
import_all_default_units_path, data: {turbo_stream: true} %>
<% end %>
<%= image_link_to t('.back'), 'arrow-left-bold-outline', units_path, class: 'tools' %>
<%= image_link_to t('.back'), 'arrow-left-bold-outline', units_path,
class: 'tools-area' %>
</div>
<table class="main items">
<table class="main-area items">
<thead>
<tr>
<th><%= User.human_attribute_name(:symbol).capitalize %></th>
<th><%= Unit.human_attribute_name(:symbol) %></th>
<% if current_user.at_least(:active) %>
<th><%= t '.actions' %></th>
<% end %>

2
app/views/layouts/application.html.erb
View File

@@ -47,7 +47,7 @@
<%= render_flash_messages %>
</div>
<%# Allow overwriting/clearing navigation menu for some views %>
<%# Allows overwriting/clearing navigation menu for some views %>
<nav class="navigation">
<%= content_for(:navigation) || (navigation_menu if user_signed_in?) %>
</nav>

48
app/views/measurements/_form.html.erb
View File

@@ -1,24 +1,36 @@
<%= tabular_form_with model: Measurement.new do |form| %>
<fieldset>
<%= tabular_form_with model: Measurement.new, id: :measurement_form,
class: 'topside-area vflex', html: {onkeydown: 'formProcessKey(event)'} do |form| %>
<table class="items centered">
<tbody id="readouts">
<tr id="readouts_form">
<td colspan="4">
<%= collection_select :quantity, :id, @quantities, :id, :to_s_with_depth,
{prompt: t('.select_quantity'), disabled: '', selected: ''},
{name: :id, class: 'quantity vexpand',
onchange: "this.form.requestSubmit(new_readout_submit);"} %>
<%= form.submit id: :new_readout_submit, name: nil, value: nil,
formaction: new_readout_path, formmethod: :get, formnovalidate: true,
hidden: true, data: {turbo_stream: true} %>
</td>
</tr>
</tbody>
<tbody id="readouts"></tbody>
</table>
</fieldset>
<div class="hflex centered">
<%= form.button -%>
<div class="hflex">
<%# TODO: right-click selection %>
<details id="quantity_select" class="hexpand" open
onkeydown="detailsProcessKey(event)">
<summary autofocus>
<!-- TODO: Set content with CSS when span empty to avoid duplication -->
<span data-prompt="<%= t('.select_quantity') %>">
<%= t('.select_quantity') %>
</span>
<%= image_button_tag t(:apply), "update", name: nil, disabled: true,
formaction: new_readout_path, formmethod: :get, formnovalidate: true,
data: {turbo_stream: true} %>
</summary>
<ul><%= quantities_check_boxes %></ul>
</details>
<%= form.button id: :create_measurement_button, disabled: true -%>
</div>
<div class="hflex reverse">
<%= image_link_to t(:cancel), "close-outline", measurements_path, name: :cancel,
class: 'dangerous', onclick: render_turbo_stream('form_close') %>
</div>
<% end %>
<script>
quantity_select.addEventListener('focusout', detailsClose)
quantity_select.addEventListener('change', detailsChange)
detailsObserver.observe(quantity_select.querySelector('ul'),
{subtree: true, attributeFilter: ['disabled']})
</script>

4
app/views/measurements/_form_close.html.erb
View File

@@ -1,2 +1,4 @@
<%= turbo_stream.update :measurement_form %>
<%= turbo_stream.update :flashes %>
<%= turbo_stream.remove :measurement_form %>
<%= turbo_stream.show :no_items -%>
<%= turbo_stream.enable :new_measurement_link -%>

6
app/views/measurements/index.html.erb
View File

@@ -1,5 +1,5 @@
<%# TODO: show hint when no quantities/units defined %>
<div class="rightside buttongrid">
<div class="rightside-area buttongrid">
<% if current_user.at_least(:active) %>
<%= image_link_to t('.new_measurement'), 'plus-outline', new_measurement_path,
id: :new_measurement_link, onclick: 'this.blur();',
@@ -7,9 +7,7 @@
<% end %>
</div>
<%= tag.div class: 'topside', id: :measurement_form %>
<table class="main">
<table class="main-area">
<tbody id="measurements">
<%= render(@measurements) || render_no_items %>
</tbody>

3
app/views/measurements/new.turbo_stream.erb
View File

@@ -1,4 +1,5 @@
<%= turbo_stream.disable :new_measurement_link -%>
<%= turbo_stream.update :measurement_form do %>
<%= turbo_stream.hide :no_items -%>
<%= turbo_stream.append_all 'body' do %>
<%= render partial: 'form' %>
<% end %>

2
app/views/quantities/_form.html.erb
View File

@@ -1,5 +1,5 @@
<%= tabular_fields_for @quantity, form: form_tag do |form| %>
<%- tag.tr id: row, class: "form", onkeydown: "processKey(event)",
<%- tag.tr id: row, class: "form", onkeydown: "formProcessKey(event)",
data: {link: link, form: form_tag, hidden_row: hidden_row} do %>
<td style="--depth:<%= @quantity.depth %>">

12
app/views/quantities/index.html.erb
View File

@@ -1,20 +1,20 @@
<div class="rightside buttongrid">
<div class="rightside-area buttongrid">
<% if current_user.at_least(:active) %>
<%= image_link_to t('.new_quantity'), 'plus-outline', new_quantity_path,
id: dom_id(Quantity, :new, :link), onclick: 'this.blur();',
data: {turbo_stream: true} %>
<% end %>
<%#= image_link_to t('.import_quantities'), 'download-outline', default_quantities_path,
class: 'tools' %>
class: 'tools-area' %>
</div>
<%= tag.div class: 'main', id: :quantity_form %>
<%= tag.div class: 'main-area', id: :quantity_form %>
<table class="main items">
<table class="main-area items">
<thead>
<tr>
<th><%= Quantity.human_attribute_name(:name).capitalize %></th>
<th><%= Quantity.human_attribute_name(:description).capitalize %></th>
<th><%= Quantity.human_attribute_name(:name) %></th>
<th><%= Quantity.human_attribute_name(:description) %></th>
<% if current_user.at_least(:active) %>
<th><%= t :actions %></th>
<th></th>

21
app/views/readouts/_form.html.erb
View File

@@ -1,22 +1,25 @@
<%# TODO: add readout reordering by dragging %>
<%= tabular_fields_for 'readouts[]', readout do |form| %>
<%- tag.tr id: dom_id(readout.quantity, :new, :readout),
onkeydown: 'processKey(event)' do %>
<%- tag.tr id: dom_id(readout.quantity, :new, :readout) do %>
<td class="actions">
<%# TODO: change to _link_ after giving up displaying relative paths %>
<%= image_button_tag '', 'delete-outline', class: 'dangerous', name: nil,
formaction: discard_readouts_path(readout.quantity),
formmethod: :get, formnovalidate: true, data: {turbo_stream: true} %>
</td>
<td>
<%= readout.quantity.relative_pathname(@superquantity) %>
</td>
<td>
<%= form.number_field :value, required: true, autofocus: true, size: 10 %>
<%= form.number_field :value, required: true,
size: readout.type_for_attribute(:value).precision / 2,
autofocus: readout_counter == 0 %>
</td>
<td>
<%= form.hidden_field :quantity_id %>
<%= form.collection_select :unit_id, @user_units, :id,
->(u){ sanitize('&emsp;' * (u.base_id ? 1 : 0) + u.symbol) } %>
</td>
<td class="actions">
<%= image_button_tag '', 'delete-outline', class: 'dangerous', name: :discard,
formaction: discard_readouts_path(readout.quantity),
formmethod: :get, formnovalidate: true, data: {turbo_stream: true} %>
->(u){ sanitize('&emsp;' * (u.base_id ? 1 : 0) + u.symbol) },
{prompt: t('.select_unit'), disabled: '', selected: ''}, required: true %>
</td>
<% end %>
<% end %>

4
app/views/readouts/discard.turbo_stream.erb
View File

@@ -1,4 +1,4 @@
<%= turbo_stream.disable :create_measurement_button if @prev_quantities.one? %>
<%= turbo_stream.remove dom_id(@quantity, :new, :readout) %>
<%= turbo_stream.disable_all 'button[name="discard"]' if @prev_quantities.one? %>
<%= turbo_stream.enable_all "select.quantity option[value='#{@quantity.id}']" %>
<%= render partial: 'form_repath' %>
<%= turbo_stream.unselect dom_id(@quantity) %>

9
app/views/readouts/new.turbo_stream.erb
View File

@@ -1,9 +1,8 @@
<%= render partial: 'form_repath' %>
<%# is .one? proper condition? can @readouts be empty? %>
<%= turbo_stream.enable_all 'button[name="discard"]' if @prev_quantities.one? %>
<% @readouts.each do |r| %>
<%= turbo_stream.disable_all "select.quantity option[value='#{r.quantity_id}']" %>
<%= turbo_stream.disable dom_id(r.quantity) %>
<% end %>
<%= turbo_stream.before :readouts_form do %>
<%= render partial: 'form_repath' %>
<%= turbo_stream.append :readouts do %>
<%= render partial: 'form', collection: @readouts, as: :readout %>
<% end %>
<%= turbo_stream.enable :create_measurement_button if @prev_quantities.empty? %>

39
app/views/setup/new.html.erb Normal file
View File

@@ -0,0 +1,39 @@
<%= form_with url: setup_path, method: :post, class: "labeled-form main-area" do %>
<h3 style="grid-column: 1 / -1; text-align: left; margin: 0;">
<%= t(".admin_account") %>
</h3>
<label for="admin_email"><%= t(".admin_email") %></label>
<%= email_field_tag :admin_email, params[:admin_email],
id: "admin_email", required: true, size: 30, autofocus: true,
autocomplete: "email" %>
<label for="admin_password"><%= t(".admin_password") %></label>
<%= password_field_tag :admin_password, nil,
id: "admin_password", required: true, size: 30,
autocomplete: "new-password" %>
<label for="admin_password_confirmation"><%= t(".admin_password_confirmation") %></label>
<%= password_field_tag :admin_password_confirmation, nil,
id: "admin_password_confirmation", required: true, size: 30,
autocomplete: "off" %>
<h3 style="grid-column: 1 / -1; text-align: left; margin: 0.5em 0 0 0;">
<%= t(".options") %>
</h3>
<label for="skip_email_confirmation" style="grid-column: 1 / 3; text-align: left;">
<%= check_box_tag :skip_email_confirmation, "1",
params[:skip_email_confirmation] == "1",
id: "skip_email_confirmation" %>
<%= t(".skip_email_confirmation") %>
</label>
<label for="seed_units" style="grid-column: 1 / 3; text-align: left;">
<%= check_box_tag :seed_units, "1", true, id: "seed_units" %>
<%= t(".seed_units") %>
</label>
<%= submit_tag t(".submit") %>
<% end %>

2
app/views/units/_form.html.erb
View File

@@ -1,5 +1,5 @@
<%= tabular_fields_for @unit, form: form_tag do |form| %>
<%- tag.tr id: row, class: "form", onkeydown: "processKey(event)",
<%- tag.tr id: row, class: "form", onkeydown: "formProcessKey(event)",
data: {link: link, form: form_tag, hidden_row: hidden_row} do %>
<td style="--depth:<%= @unit.base_id? ? 1 : 0 %>">

13
app/views/units/index.html.erb
View File

@@ -1,19 +1,20 @@
<div class="rightside buttongrid">
<div class="rightside-area buttongrid">
<% if current_user.at_least(:active) %>
<%= image_link_to t('.new_unit'), 'plus-outline', new_unit_path,
id: dom_id(Unit, :new, :link), onclick: 'this.blur();', data: {turbo_stream: true} %>
<% end %>
<%= image_link_to t('.import_units'), 'download-outline', default_units_path, class: 'tools' %>
<%= image_link_to t('.import_units'), 'download-outline', default_units_path,
class: 'tools-area' %>
</div>
<%= tag.div id: :unit_form %>
<table class="main items">
<table class="main-area items">
<thead>
<tr>
<th><%= User.human_attribute_name(:symbol).capitalize %></th>
<th><%= User.human_attribute_name(:description).capitalize %></th>
<th><%= User.human_attribute_name(:multiplier).capitalize %></th>
<th><%= Unit.human_attribute_name(:symbol) %></th>
<th><%= Unit.human_attribute_name(:description) %></th>
<th><%= Unit.human_attribute_name(:multiplier) %></th>
<% if current_user.at_least(:active) %>
<th><%= t :actions %></th>
<th></th>

11
app/views/users/confirmations/new.html.erb
View File

@@ -1,8 +1,9 @@
<div class="main">
<%= labelled_form_for resource, url: user_confirmation_path do |f| %>
<%= f.email_field :email, required: true, size: 30, autofocus: true, autocomplete: "email",
value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email) %>
<%= labeled_form_for resource, url: user_confirmation_path,
html: {class: 'main-area'} do |f| %>
<%= f.email_field :email, required: true, size: 30, autofocus: true,
autocomplete: 'email', value:
resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email %>
<%= f.submit t(:resend_confirmation) %>
<% end %>
</div>

22
app/views/users/index.html.erb
View File

@@ -1,12 +1,10 @@
<table class="main items" id="users">
<table class="main-area items" id="users">
<thead>
<tr>
<th><%= User.human_attribute_name(:email).capitalize %></th>
<th><%= User.human_attribute_name(:status).capitalize %></th>
<th><%= User.human_attribute_name(:confirmed_at).capitalize %></th>
<th>
<%= User.human_attribute_name(:created_at).capitalize %>&nbsp;<sup>UTC</sup>
</th>
<th><%= User.human_attribute_name(:email) %></th>
<th><%= User.human_attribute_name(:status) %></th>
<th><%= User.human_attribute_name(:confirmed_at) %></th>
<th><%= User.human_attribute_name(:created_at) %>&nbsp;<sup>(UTC)</sup></th>
<th><%= t :actions %></th>
</tr>
</thead>
@@ -19,18 +17,18 @@
<%= user.status %>
<% else %>
<%= form_for user do |u| %>
<%= u.select :status, User.statuses.keys, {}, autocomplete: "off",
onchange: "this.form.requestSubmit();" %>
<%= u.select :status, User.statuses.keys, {}, autocomplete: 'off',
onchange: 'this.form.requestSubmit();' %>
<% end %>
<% end %>
</td>
<td class="svg">
<%= svg_tag "pictograms/checkbox-marked-outline" if user.confirmed_at.present? %>
<%= svg_tag 'pictograms/checkbox-marked-outline' if user.confirmed_at.present? %>
</td>
<td><%= user.created_at.to_fs(:db_without_sec) %></td>
<td><%= l user.created_at, format: :without_tz %></td>
<td class="actions">
<% if allow_disguise?(user) %>
<%= image_link_to t(".disguise"), "incognito", disguise_user_path(user) %>
<%= image_link_to t('.disguise'), 'incognito', disguise_user_path(user) %>
<% end %>
</td>
</tr>

2
app/views/users/mailer/confirmation_instructions.html.erb
View File

@@ -1,5 +1,5 @@
<p>Welcome <%= @email %>!</p>
<p>You can confirm your account email through the link below:</p>
<!-- FIXME: is confirmation_url valid route prefix? -->
<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>

19
app/views/users/passwords/edit.html.erb
View File

@@ -1,13 +1,12 @@
<div class="main">
<%= labelled_form_for resource, url: user_password_path, html: {method: :put} do |f| %>
<%= f.hidden_field :reset_password_token, label: false %>
<%= labeled_form_for resource, url: user_password_path,
html: {method: :put, class: 'main-area'} do |f| %>
<%= f.password_field :password, label: t(".new_password"), required: true, size: 30,
minlength: @minimum_password_length, autofocus: true, autocomplete: "new-password",
hint: t("users.minimum_password_length", count: @minimum_password_length) %>
<%= f.password_field :password_confirmation, label: t(".password_confirmation"),
required: true, size: 30, minlength: @minimum_password_length, autocomplete: "off" %>
<%= f.hidden_field :reset_password_token %>
<%= f.submit t(".update_password") %>
<%= f.password_field :password, required: true, size: 30, autofocus: true,
minlength: @minimum_password_length, autocomplete: 'new-password' %>
<%= f.password_field :password_confirmation, required: true, size: 30,
minlength: @minimum_password_length, autocomplete: 'off' %>
<%= f.submit t('.update_password') %>
<% end %>
</div>

9
app/views/users/passwords/new.html.erb
View File

@@ -1,7 +1,8 @@
<div class="main">
<%= labelled_form_for resource, url: user_password_path do |f| %>
<%= f.email_field :email, required: true, size: 30, autofocus: true, autocomplete: "email" %>
<%= labeled_form_for resource, url: user_password_path,
html: {class: 'main-area'} do |f| %>
<%= f.email_field :email, required: true, size: 30, autofocus: true,
autocomplete: 'email' %>
<%= f.submit t(:recover_password) %>
<% end %>
</div>

36
app/views/users/registrations/edit.html.erb
View File

@@ -1,31 +1,29 @@
<% content_for :navigation, flush: true do %>
<%= link_to svg_tag("pictograms/arrow-left-bold-outline", t(:back)),
<%= link_to svg_tag('pictograms/arrow-left-bold-outline', t(:back)),
request.referer.present? ? :back : root_path, class: 'tab' %>
<% end %>
<div class="rightside buttongrid">
<%= image_button_to t(".delete"), "account-remove-outline", user_registration_path,
form_class: 'tools', method: :delete, data: {turbo: false},
onclick: {confirm: t(".confirm_delete")} %>
<div class="rightside-area buttongrid">
<%= image_button_to_if !current_user.sole_admin?, t('.delete'), 'account-remove-outline',
user_registration_path, form_class: 'tools-area', method: :delete, data: {turbo: false},
onclick: {confirm: t('.confirm_delete')} %>
</div>
<%= labelled_form_for resource, url: registration_path(resource),
html: {method: :patch, class: 'main'} do |f| %>
<%= f.email_field :email, size: 30, autofocus: true, autocomplete: "off" %>
<% if f.object.pending_reconfirmation? %>
<%= f.text_field :unconfirmed_email, readonly: true, tabindex: -1,
hint: t(".unconfirmed_email_hint",
timestamp: f.object.confirmation_sent_at.to_fs(:db_without_sec)) %>
<%= labeled_form_for resource, url: registration_path(resource),
html: {method: :patch, class: 'main-area'} do |f| %>
<%= f.email_field :email, size: 30, autofocus: true, autocomplete: 'off' %>
<% if resource.pending_reconfirmation? %>
<%= f.text_field :unconfirmed_email, readonly: true,
confirmation_sent_at: l(resource.confirmation_sent_at) %>
<% end %>
<%= f.select :status, User.statuses, readonly: true %>
<%= f.password_field :password, label: t(".new_password"), size: 30,
minlength: @minimum_password_length, autocomplete: "new-password",
hint: t(".blank_password_hint_html",
subhint: t("users.minimum_password_length", count: @minimum_password_length)) %>
<%= f.password_field :password_confirmation, label: t(".password_confirmation"),
size: 30, minlength: @minimum_password_length, autocomplete: "off" %>
<%= f.password_field :password, size: 30, autocomplete: 'new-password',
minlength: @minimum_password_length %>
<%= f.password_field :password_confirmation, size: 30, autocomplete: 'off',
minlength: @minimum_password_length %>
<%= f.submit t(".update") %>
<%= f.submit %>
<% end %>

20
app/views/users/registrations/new.html.erb
View File

@@ -1,16 +1,16 @@
<div class="main">
<%= labelled_form_for resource, url: user_registration_path do |f| %>
<%= f.email_field :email, required: true, size: 30, autofocus: true, autocomplete: "email" %>
<div class="main-area">
<%= labeled_form_for resource, url: user_registration_path do |f| %>
<%= f.email_field :email, required: true, size: 30, autofocus: true,
autocomplete: 'email' %>
<%= f.password_field :password, required: true, size: 30,
minlength: @minimum_password_length, autocomplete: "new-password",
hint: t("users.minimum_password_length", count: @minimum_password_length) %>
<%= f.password_field :password_confirmation, label: t(".password_confirmation"),
required: true, size: 30, minlength: @minimum_password_length, autocomplete: "off" %>
minlength: @minimum_password_length, autocomplete: 'new-password' %>
<%= f.password_field :password_confirmation, required: true, size: 30,
minlength: @minimum_password_length, autocomplete: 'off' %>
<%= f.submit t(:register) %>
<% end %>
<%= content_tag :p, t(:or), style: "text-align: center;" %>
<%= image_link_to t(:resend_confirmation), "email-sync-outline", new_user_confirmation_path,
class: "centered" %>
<%= content_tag :p, t(:or), style: 'text-align: center;' %>
<%= image_link_to t(:resend_confirmation), 'email-sync-outline',
new_user_confirmation_path, class: 'centered' %>
</div>

15
app/views/users/sessions/new.html.erb
View File

@@ -1,17 +1,18 @@
<div class="main">
<%= labelled_form_for resource, url: user_session_path do |f| %>
<%= f.email_field :email, required: true, size: 30, autofocus: true, autocomplete: "email" %>
<%= f.password_field :password, required: true, size: 30, minlength: @minimum_password_length,
autocomplete: "current-password" %>
<div class="main-area">
<%= labeled_form_for resource, url: user_session_path do |f| %>
<%= f.email_field :email, required: true, size: 30, autofocus: true,
autocomplete: 'email' %>
<%= f.password_field :password, required: true, size: 30,
minlength: @minimum_password_length, autocomplete: 'current-password' %>
<% if devise_mapping.rememberable? %>
<%= f.check_box :remember_me, label: t(".remember_me") %>
<%= f.check_box :remember_me %>
<% end %>
<%= f.submit t(:sign_in) %>
<% end %>
<%= content_tag :p, t(:or), style: "text-align: center;" %>
<%= content_tag :p, t(:or), style: 'text-align: center;' %>
<%= image_link_to t(:recover_password), 'lock-reset', new_user_password_path,
class: 'centered' %>
</div>

15
app/views/users/show.html.erb
View File

@@ -1,19 +1,18 @@
<% content_for :navigation, flush: true do %>
<div class="left">
<%= image_link_to t(:back), "arrow-left-bold-outline", users_path %>
</div>
<%= link_to svg_tag('pictograms/arrow-left-bold-outline', t(:back)), users_path,
class: 'tab' %>
<% end %>
<%= labelled_form_for @user do |f| %>
<%= labeled_form_for @user, html: {class: 'main-area'} do |f| %>
<%= f.email_field :email, readonly: true %>
<% if f.object.pending_reconfirmation? %>
<% if @user.pending_reconfirmation? %>
<%= f.email_field :unconfirmed_email, readonly: true,
hint: t("users.registrations.edit.unconfirmed_email_hint",
timestamp: f.object.confirmation_sent_at.to_fs(:db_without_sec)) %>
confirmation_sent_at: l(@user.confirmation_sent_at) %>
<% end %>
<%# TODO: allow status change here? %>
<%= f.select :status, User.statuses, readonly: true %>
<%= f.text_field :created_at, readonly: true %>
<%= f.text_field :confirmed_at, readonly: true %>
<%= f.text_field :confirmed_at, readonly: true, placeholder: t(:no) %>
<% end %>

4
config/application.rb.dist
View File

@@ -54,5 +54,9 @@ module FixinMe
# Sender address of account registration-related messages
Devise.mailer_sender = 'noreply@localhost'
# Whether to skip e-mail confirmation for new registrations is configured
# through the web setup wizard and stored in the database (Setting model),
# so it does not need to be set here.
end
end

3
config/initializers/time_formats.rb
View File

@@ -1,3 +0,0 @@
# Format contains non-breaking space:
# 160.chr(Encoding::UTF_8)
Time::DATE_FORMATS[:db_without_sec] = "%Y-%m-%d %H:%M"

12
config/initializers/turbo_streams_tag_builder.rb
View File

@@ -19,7 +19,19 @@ ActiveSupport.on_load :turbo_streams_tag_builder do
action :hide, target, allow_inferred_rendering: false
end
def show(target)
action :show, target, allow_inferred_rendering: false
end
#def collapse(target)
# action :collapse, target, allow_inferred_rendering: false
#end
def close_form(target)
action :close_form, target, allow_inferred_rendering: false
end
def unselect(target)
action :unselect, target, allow_inferred_rendering: false
end
end

85
config/locales/en.yml
View File

@@ -1,22 +1,28 @@
en:
time:
formats:
# Format contains non-breaking space: 160.chr(Encoding::UTF_8)
default: "%Y-%m-%d %H:%M %Z"
without_tz: "%Y-%m-%d %H:%M"
errors:
messages:
precision_exceeded: must not exceed %{value} significant digits
scale_exceeded: must not exceed %{value} decimal digits
activerecord:
attributes:
unit:
symbol: Symbol
quantity:
description: Description
name: Name
multiplier: Multiplier
unit:
base: Base unit
description: Description
multiplier: Multiplier
symbol: Symbol
user:
email: e-mail
status: status
password: password
created_at: registered
confirmed_at: confirmed
unconfirmed_email: Awaiting confirmation for
confirmed_at: Confirmed
created_at: Registered
email: E-mail
status: Status
errors:
models:
unit:
@@ -53,9 +59,22 @@ en:
The request is semantically incorrect and was rejected (422 Unprocessable Entity).
This should not happen, please notify site administrator.
helpers:
label:
user:
password_confirmation: 'Retype new password:'
password_length_hint_html:
count: '%{minimum_password_length}'
zero:
one: <br><em>(%{count} character minimum)</em>
other: <br><em>(%{count} characters minimum)</em>
remember_me: 'Remember me:'
unconfirmed_email_html: >
Awaiting confirmation for:<br><em>(since %{confirmation_sent_at})</em>
submit:
create: Create
update: Update
user:
update: Update profile
layouts:
application:
issue_tracker: Report issue
@@ -66,12 +85,12 @@ en:
navigation: Measurements
no_items: There are no measurements taken. You can Add some now.
form:
select_quantity: select the measured quantity...
select_quantity: select the measured quantities...
index:
new_measurement: Add measurement
readouts:
form:
new_children: Children
select_unit: ...
quantities:
navigation: Quantities
no_items: There are no configured quantities. You can Add some or Import from defaults.
@@ -129,33 +148,47 @@ en:
disguise: View as
passwords:
edit:
new_password: New password
password_confirmation: Retype new password
password_html: 'New password:%{password_length_hint_html}'
update_password: Update password
registrations:
new:
password_confirmation: Retype password
password_html: 'Password:%{password_length_hint_html}'
password_confirmation: 'Retype password:'
edit:
confirm_delete: Are you sure you want to delete profile?
All data will be irretrievably lost.
delete: Delete profile
unconfirmed_email_hint: (since %{timestamp})
new_password: New password
password_confirmation: Retype new password
blank_password_hint_html: leave blank to keep unchanged<br>%{subhint}
update: Update profile
sessions:
new:
remember_me: Remember me
minimum_password_length:
zero:
one: (%{count} character minimum)
other: (%{count} characters minimum)
password_html: >
New password:
<br><em>leave blank to keep unchanged</em>
%{password_length_hint_html}
registrations:
destroy:
sole_admin: You cannot delete the only admin account.
actions: Actions
setup:
new:
admin_account: Admin account
admin_email: 'E-mail:'
admin_password: 'Password:'
admin_password_confirmation: 'Retype password:'
options: Options
skip_email_confirmation: Skip e-mail confirmation for new registrations
seed_units: Seed built-in default units
submit: Set up
create:
email_blank: E-mail cannot be blank.
password_blank: Password cannot be blank.
password_mismatch: Passwords do not match.
success: >
Installation complete. You can now sign in with the admin account you
just created.
add: Add
apply: Apply
back: Back
cancel: Cancel
delete: Delete
:no: 'no'
or: or
register: Register
sign_in: Sign in

3
config/routes.rb
View File

@@ -1,4 +1,7 @@
Rails.application.routes.draw do
# Web-based installation wizard — only reachable when no admin exists yet.
resource :setup, only: [:new, :create], controller: :setup
resources :measurements
resources :readouts, only: [:new] do

2
db/migrate/20230602185352_create_units.rb
View File

@@ -5,7 +5,7 @@ class CreateUnits < ActiveRecord::Migration[7.0]
t.string :symbol, null: false, limit: 15
t.text :description
t.decimal :multiplier, null: false, precision: 30, scale: 15, default: 1.0
t.references :base, foreign_key: {to_table: :units}
t.references :base, foreign_key: {to_table: :units, on_delete: :cascade}
t.timestamps null: false
end

2
db/migrate/20250104194343_create_quantities.rb
View File

@@ -4,7 +4,7 @@ class CreateQuantities < ActiveRecord::Migration[7.2]
t.references :user, foreign_key: true
t.string :name, null: false, limit: 31
t.text :description
t.references :parent, foreign_key: {to_table: :quantities}
t.references :parent, foreign_key: {to_table: :quantities, on_delete: :cascade}
t.timestamps null: false

12
db/migrate/20260228171524_create_settings.rb Normal file
View File

@@ -0,0 +1,12 @@
class CreateSettings < ActiveRecord::Migration[7.2]
def change
create_table :settings do |t|
t.string :key, null: false
t.string :value
t.timestamps
end
add_index :settings, :key, unique: true
end
end

4
db/schema.rb
View File

@@ -69,11 +69,11 @@ ActiveRecord::Schema[7.2].define(version: 2025_01_21_230456) do
t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
end
add_foreign_key "quantities", "quantities", column: "parent_id"
add_foreign_key "quantities", "quantities", column: "parent_id", on_delete: :cascade
add_foreign_key "quantities", "users"
add_foreign_key "readouts", "quantities"
add_foreign_key "readouts", "units"
add_foreign_key "readouts", "users"
add_foreign_key "units", "units", column: "base_id"
add_foreign_key "units", "units", column: "base_id", on_delete: :cascade
add_foreign_key "units", "users"
end

11
db/seeds.rb
View File

@@ -3,6 +3,17 @@
# bin/rails db:seed
# command (or created alongside the database with db:setup).
# Seeding process should be idempotent.
#
# Admin account setup
# -------------------
# The preferred way to create the first admin account is through the web setup
# wizard, which is shown automatically on the first visit when no admin exists.
# The wizard also lets you configure runtime options (e.g. skip e-mail
# confirmation) and seed the default units without using the command line.
#
# The block below provides an alternative CLI path for headless / automated
# deployments. It is skipped when an admin account already exists (e.g. after
# the web wizard has run).
User.transaction do
break if User.find_by status: :admin

2
db/seeds/templates/units.erb
View File

@@ -1,5 +1,5 @@
Unit.transaction do
Unit.defaults.order(Unit.arel_table[:base_id].eq(nil)).delete_all
Unit.defaults.delete_all
units = {}
<% Unit.defaults.ordered.each do |unit| %>
<%= "\n" if unit.base.nil? %>

2
db/seeds/units.rb
View File

@@ -1,5 +1,5 @@
Unit.transaction do
Unit.defaults.order(Unit.arel_table[:base_id].eq(nil)).delete_all
Unit.defaults.delete_all
units = {}

12
test/application_system_test_case.rb
View File

@@ -1,7 +1,6 @@
require "test_helper"
class ApplicationSystemTestCase < ActionDispatch::SystemTestCase
extend ActionView::Helpers::TranslationHelper
include ActionView::Helpers::UrlHelper
# NOTE: geckodriver installed with Firefox, ignore incompatibility warning
@@ -19,8 +18,8 @@ class ApplicationSystemTestCase < ActionDispatch::SystemTestCase
def sign_in(user: users.select(&:confirmed?).sample, password: randomize_user_password!(user))
visit new_user_session_url
fill_in User.human_attribute_name(:email).capitalize, with: user.email
fill_in User.human_attribute_name(:password).capitalize, with: password
fill_in User.human_attribute_name(:email), with: user.email
fill_in User.human_attribute_name(:password), with: password
click_on t(:sign_in)
user
end
@@ -30,6 +29,13 @@ class ApplicationSystemTestCase < ActionDispatch::SystemTestCase
evaluate_script("arguments[0].insertAdjacentHTML('beforeend', '#{button.html_safe}');", after)
end
# Allow skipping interpolations when translating for testing purposes
INTERPOLATION_PATTERNS = Regexp.union(I18n.config.interpolation_patterns)
def translate(key, **options)
options.empty? ? super.split(INTERPOLATION_PATTERNS, 2).first : super
end
alias :t :translate
#def assert_stale(element)
# assert_raises(Selenium::WebDriver::Error::StaleElementReferenceError) { element.tag_name }
#end

18
test/controllers/registrations_controller_test.rb Normal file
View File

@@ -0,0 +1,18 @@
require "test_helper"
class RegistrationsControllerTest < ActionDispatch::IntegrationTest
test "sole admin cannot delete account" do
sign_in users(:admin)
delete user_registration_path
assert_redirected_to edit_user_registration_path
assert_equal t("registrations.destroy.sole_admin"), flash[:alert]
assert User.exists?(users(:admin).id)
end
test "non-admin can delete account" do
sign_in users(:alice)
assert_difference ->{ User.count }, -1 do
delete user_registration_path
end
end
end

12
test/system/units_test.rb
View File

@@ -6,14 +6,14 @@ require "application_system_test_case"
# * user with no units
class UnitsTest < ApplicationSystemTestCase
LINK_LABELS = {
new_unit: t('units.index.new_unit'),
new_subunit: t('units.unit.new_subunit'),
edit: nil
}
LINK_LABELS = {}
setup do
@user = sign_in
LINK_LABELS.clear
LINK_LABELS[:new_unit] = t('units.index.new_unit')
LINK_LABELS[:new_subunit] = t('units.unit.new_subunit')
LINK_LABELS[:edit] = Regexp.union(@user.units.map(&:symbol))
visit units_path
@@ -26,7 +26,7 @@ class UnitsTest < ApplicationSystemTestCase
end
# Cannot #destroy_all due to {dependent: :restrict*} on Unit.subunits association
@user.units.order(Unit.arel_table[:base_id].eq(nil)).delete_all
@user.units.delete_all
visit units_path
within 'tbody' do
assert_selector 'tr', count: 1

37
test/system/users_test.rb
View File

@@ -6,15 +6,21 @@ class UsersTest < ApplicationSystemTestCase
end
test "sign in" do
visit new_user_session_path
assert find_link(href: new_user_session_path)[:disabled]
sign_in
assert_no_current_path new_user_session_path
assert_text t("devise.sessions.signed_in")
assert_text t('devise.sessions.signed_in')
end
test "sign in fails with invalid password" do
test 'sign in fails with invalid password' do
sign_in password: random_password
assert_current_path new_user_session_path
assert_text t("devise.failure.invalid", authentication_keys: User.human_attribute_name(:email))
assert_text t('devise.failure.not_found_in_database',
authentication_keys: User.human_attribute_name(:email))
assert find_link(href: new_user_session_path)[:disabled]
assert_not_empty find_field(User.human_attribute_name(:email)).value
end
test "sign out" do
@@ -29,7 +35,7 @@ class UsersTest < ApplicationSystemTestCase
visit new_user_session_url
click_on t(:recover_password)
fill_in User.human_attribute_name(:email).capitalize,
fill_in User.human_attribute_name(:email),
with: users.select(&:confirmed?).sample.email
assert_emails 1 do
click_on t(:recover_password)
@@ -42,8 +48,8 @@ class UsersTest < ApplicationSystemTestCase
visit Capybara.string(mail.body.to_s).find_link("Change my password")[:href]
end
new_password = random_password
fill_in t("users.passwords.edit.new_password"), with: new_password
fill_in t("users.passwords.edit.password_confirmation"), with: new_password
fill_in t("users.passwords.edit.password_html"), with: new_password
fill_in t("helpers.label.user.password_confirmation"), with: new_password
assert_emails 1 do
click_on t("users.passwords.edit.update_password")
# Wait until redirected to make sure async request has been processed
@@ -56,9 +62,9 @@ class UsersTest < ApplicationSystemTestCase
visit new_user_session_url
click_on t(:register)
fill_in User.human_attribute_name(:email).capitalize, with: random_email
fill_in User.human_attribute_name(:email), with: random_email
password = random_password
fill_in User.human_attribute_name(:password).capitalize, with: password
fill_in User.human_attribute_name(:password), with: password
fill_in t("users.registrations.new.password_confirmation"), with: password
assert_difference ->{User.count}, 1 do
assert_emails 1 do
@@ -82,7 +88,7 @@ class UsersTest < ApplicationSystemTestCase
click_on t(:register)
click_on t(:resend_confirmation)
fill_in User.human_attribute_name(:email).capitalize,
fill_in User.human_attribute_name(:email),
with: users.reject(&:confirmed?).sample.email
assert_emails 1 do
click_on t(:resend_confirmation)
@@ -143,7 +149,7 @@ class UsersTest < ApplicationSystemTestCase
end
test "delete profile" do
user = sign_in
user = sign_in user: users.reject(&:admin?).select(&:confirmed?).sample
# TODO: remove condition after root_url changed to different path than
# profile in routes.rb
unless has_current_path?(edit_user_registration_path)
@@ -151,9 +157,18 @@ class UsersTest < ApplicationSystemTestCase
end
assert_difference ->{ User.count }, -1 do
accept_confirm { click_on t("users.registrations.edit.delete") }
end
assert_current_path new_user_session_path
end
assert_text t("devise.registrations.destroyed")
end
test "sole admin cannot delete profile" do
sign_in user: users(:admin)
unless has_current_path?(edit_user_registration_path)
first(:link_or_button, users(:admin).email).click
end
assert find(:button, t("users.registrations.edit.delete"))[:disabled]
end
test "index forbidden for non admin" do
sign_in user: users.reject(&:admin?).select(&:confirmed?).sample