mirror of
https://github.com/we-promise/sure.git
synced 2026-04-13 17:14:05 +00:00
cade5b22f7
* Document admin-only reset auth in OpenAPI docs The DELETE /api/v1/users/reset endpoint now requires admin role (ensure_admin). Update the rswag spec to: - Set default user role to admin so the 200 test passes - Add a 403 response case for non-admin users with read_write scope - Clarify the description notes admin requirement - Add SuccessMessage schema and users paths to openapi.yaml https://claude.ai/code/session_01Tj8ToLRmVg5HLmHwq9KKDY * Consolidate duplicate 403 responses for reset endpoint OpenAPI keys responses by status code, so two 403 blocks caused the first (insufficient scope) to be silently overwritten by the second (non-admin). Merge into a single 403 whose description covers both causes: requires read_write scope and admin role. The test exercises the read-only key path which hits 403 via scope check. https://claude.ai/code/session_01Tj8ToLRmVg5HLmHwq9KKDY * Em-dash out of messages. * Fix tests * Fix tests --------- Co-authored-by: Claude <noreply@anthropic.com>
113 lines
5.3 KiB
Plaintext
113 lines
5.3 KiB
Plaintext
<div class="space-y-4">
|
|
<div>
|
|
<h2 class="font-medium mb-1"><%= t(".title") %></h2>
|
|
<% if ENV["ASSISTANT_TYPE"].present? %>
|
|
<p class="text-sm text-secondary"><%= t(".env_notice", type: ENV["ASSISTANT_TYPE"]) %></p>
|
|
<% else %>
|
|
<p class="text-secondary text-sm mb-4"><%= t(".description") %></p>
|
|
<% end %>
|
|
</div>
|
|
|
|
<% effective_type = ENV["ASSISTANT_TYPE"].presence || Current.family.assistant_type %>
|
|
|
|
<%= styled_form_with model: Current.family,
|
|
url: settings_hosting_path,
|
|
method: :patch,
|
|
class: "space-y-4",
|
|
data: {
|
|
controller: "auto-submit-form",
|
|
"auto-submit-form-trigger-event-value": "change"
|
|
} do |form| %>
|
|
<%= form.select :assistant_type,
|
|
options_for_select(
|
|
[
|
|
[t(".type_builtin"), "builtin"],
|
|
[t(".type_external"), "external"]
|
|
],
|
|
effective_type
|
|
),
|
|
{ label: t(".type_label") },
|
|
{ disabled: ENV["ASSISTANT_TYPE"].present?,
|
|
data: { "auto-submit-form-target": "auto" } } %>
|
|
<% end %>
|
|
<% if effective_type == "external" %>
|
|
<div class="flex items-center gap-2 text-sm mb-4">
|
|
<% if Assistant::External.configured? %>
|
|
<span class="inline-block w-2 h-2 rounded-full bg-success"></span>
|
|
<span class="text-secondary"><%= t(".external_configured") %></span>
|
|
<% else %>
|
|
<span class="inline-block w-2 h-2 rounded-full bg-destructive"></span>
|
|
<span class="text-secondary"><%= t(".external_not_configured") %></span>
|
|
<% end %>
|
|
</div>
|
|
|
|
<% if ENV["EXTERNAL_ASSISTANT_URL"].present? && ENV["EXTERNAL_ASSISTANT_TOKEN"].present? %>
|
|
<p class="text-sm text-secondary"><%= t(".env_configured_external") %></p>
|
|
<% end %>
|
|
|
|
<% if Assistant::External.configured? && !ENV["EXTERNAL_ASSISTANT_URL"].present? %>
|
|
<div class="flex items-center justify-between p-3 rounded-lg border border-primary">
|
|
<div>
|
|
<p class="text-sm font-medium text-primary"><%= t(".disconnect_title") %></p>
|
|
<p class="text-xs text-secondary"><%= t(".disconnect_description") %></p>
|
|
</div>
|
|
<%= button_to t(".disconnect_button"),
|
|
disconnect_external_assistant_settings_hosting_path,
|
|
method: :delete,
|
|
class: "bg-red-600 fg-inverse text-sm font-medium rounded-lg px-4 py-2 whitespace-nowrap",
|
|
data: { turbo_confirm: {
|
|
title: t(".confirm_disconnect.title"),
|
|
body: t(".confirm_disconnect.body"),
|
|
accept: t(".disconnect_button"),
|
|
acceptClass: "w-full bg-red-600 fg-inverse rounded-xl text-center p-[10px] border mb-2"
|
|
}} %>
|
|
</div>
|
|
<% end %>
|
|
|
|
<%= styled_form_with model: Setting.new,
|
|
url: settings_hosting_path,
|
|
method: :patch,
|
|
class: "space-y-4",
|
|
data: {
|
|
controller: "auto-submit-form",
|
|
"auto-submit-form-trigger-event-value": "blur"
|
|
} do |form| %>
|
|
<%= form.text_field :external_assistant_url,
|
|
label: t(".url_label"),
|
|
placeholder: t(".url_placeholder"),
|
|
value: Assistant::External.config.url,
|
|
autocomplete: "off",
|
|
autocapitalize: "none",
|
|
spellcheck: "false",
|
|
inputmode: "url",
|
|
disabled: ENV["EXTERNAL_ASSISTANT_URL"].present?,
|
|
data: { "auto-submit-form-target": "auto" } %>
|
|
<p class="text-xs text-secondary mt-1"><%= t(".url_help") %></p>
|
|
|
|
<%= form.password_field :external_assistant_token,
|
|
label: t(".token_label"),
|
|
placeholder: t(".token_placeholder"),
|
|
value: (Assistant::External.config.token.present? ? "********" : nil),
|
|
autocomplete: "off",
|
|
autocapitalize: "none",
|
|
spellcheck: "false",
|
|
inputmode: "text",
|
|
disabled: ENV["EXTERNAL_ASSISTANT_TOKEN"].present?,
|
|
data: { "auto-submit-form-target": "auto" } %>
|
|
<p class="text-xs text-secondary mt-1"><%= t(".token_help") %></p>
|
|
|
|
<%= form.text_field :external_assistant_agent_id,
|
|
label: t(".agent_id_label"),
|
|
placeholder: t(".agent_id_placeholder"),
|
|
value: Assistant::External.config.agent_id,
|
|
autocomplete: "off",
|
|
autocapitalize: "none",
|
|
spellcheck: "false",
|
|
inputmode: "text",
|
|
disabled: ENV["EXTERNAL_ASSISTANT_AGENT_ID"].present?,
|
|
data: { "auto-submit-form-target": "auto" } %>
|
|
<p class="text-xs text-secondary mt-1"><%= t(".agent_id_help") %></p>
|
|
<% end %>
|
|
<% end %>
|
|
</div>
|