Initial commit: Add logistics and order_detail message types

- Add Logistics component with progress tracking
- Add OrderDetail component for order information
- Support data-driven steps and actions
- Add blue color scale to widget SCSS
- Fix node overflow and progress bar rendering issues
- Add English translations for dashboard components

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

app/controllers/platform/api/v1/account_users_controller.rb

@@ -0,0 +1,29 @@
+class Platform::Api::V1::AccountUsersController < PlatformController
+  before_action :set_resource
+  before_action :validate_platform_app_permissible
+
+  def index
+    render json: @resource.account_users
+  end
+
+  def create
+    @account_user = @resource.account_users.find_or_initialize_by(user_id: account_user_params[:user_id])
+    @account_user.update!(account_user_params)
+    render json: @account_user
+  end
+
+  def destroy
+    @resource.account_users.find_by(user_id: account_user_params[:user_id])&.destroy!
+    head :ok
+  end
+
+  private
+
+  def set_resource
+    @resource = Account.find(params[:account_id])
+  end
+
+  def account_user_params
+    params.permit(:user_id, :role)
+  end
+end

app/controllers/platform/api/v1/accounts_controller.rb

@@ -0,0 +1,50 @@
+class Platform::Api::V1::AccountsController < PlatformController
+  def index
+    @resources = @platform_app.platform_app_permissibles
+                              .where(permissible_type: 'Account')
+                              .includes(:permissible)
+                              .map(&:permissible)
+  end
+
+  def show; end
+
+  def create
+    @resource = Account.create!(account_params)
+    update_resource_features
+    @resource.save!
+    @platform_app.platform_app_permissibles.find_or_create_by(permissible: @resource)
+  end
+
+  def update
+    @resource.assign_attributes(account_params)
+    update_resource_features
+    @resource.save!
+  end
+
+  def destroy
+    DeleteObjectJob.perform_later(@resource)
+    head :ok
+  end
+
+  private
+
+  def set_resource
+    @resource = Account.find(params[:id])
+  end
+
+  def account_params
+    permitted_params.except(:features)
+  end
+
+  def update_resource_features
+    return if permitted_params[:features].blank?
+
+    permitted_params[:features].each do |key, value|
+      value.present? ? @resource.enable_features(key) : @resource.disable_features(key)
+    end
+  end
+
+  def permitted_params
+    params.permit(:name, :locale, :domain, :support_email, :status, features: {}, limits: {}, custom_attributes: {})
+  end
+end

app/controllers/platform/api/v1/agent_bots_controller.rb

@@ -0,0 +1,46 @@
+class Platform::Api::V1::AgentBotsController < PlatformController
+  before_action :set_resource, except: [:index, :create]
+  before_action :validate_platform_app_permissible, except: [:index, :create]
+
+  def index
+    @resources = @platform_app.platform_app_permissibles.where(permissible_type: 'AgentBot').all
+  end
+
+  def show; end
+
+  def create
+    @resource = AgentBot.new(agent_bot_params.except(:avatar_url))
+    @resource.save!
+    process_avatar_from_url
+    @platform_app.platform_app_permissibles.find_or_create_by(permissible: @resource)
+  end
+
+  def update
+    @resource.update!(agent_bot_params.except(:avatar_url))
+    process_avatar_from_url
+  end
+
+  def destroy
+    @resource.destroy!
+    head :ok
+  end
+
+  def avatar
+    @resource.avatar.purge if @resource.avatar.attached?
+    @resource
+  end
+
+  private
+
+  def set_resource
+    @resource = AgentBot.find(params[:id])
+  end
+
+  def agent_bot_params
+    params.permit(:name, :description, :account_id, :outgoing_url, :avatar, :avatar_url)
+  end
+
+  def process_avatar_from_url
+    ::Avatar::AvatarFromUrlJob.perform_later(@resource, params[:avatar_url]) if params[:avatar_url].present?
+  end
+end

app/controllers/platform/api/v1/users_controller.rb

@@ -0,0 +1,57 @@
+class Platform::Api::V1::UsersController < PlatformController
+  # ref: https://stackoverflow.com/a/45190318/939299
+  # set resource is called for other actions already in platform controller
+  # we want to add login and token to that chain as well
+  before_action(only: [:login, :token]) { set_resource }
+  before_action(only: [:login, :token]) { validate_platform_app_permissible }
+
+  def show; end
+
+  def create
+    @resource = (User.from_email(user_params[:email]) || User.new(user_params))
+    @resource.skip_confirmation!
+    @resource.save!
+    @platform_app.platform_app_permissibles.find_or_create_by!(permissible: @resource)
+  end
+
+  def login
+    render json: { url: @resource.generate_sso_link }
+  end
+
+  def token; end
+
+  def update
+    @resource.assign_attributes(user_update_params)
+
+    # We are using devise's reconfirmable flow for changing emails
+    # But in case of platform APIs we don't want user to go through this extra step
+    @resource.skip_reconfirmation! if user_update_params[:email].present?
+    @resource.save!
+  end
+
+  def destroy
+    DeleteObjectJob.perform_later(@resource)
+    head :ok
+  end
+
+  private
+
+  def user_custom_attributes
+    return @resource.custom_attributes.merge(user_params[:custom_attributes]) if user_params[:custom_attributes]
+
+    @resource.custom_attributes
+  end
+
+  def user_update_params
+    # we want the merged custom attributes not the original one
+    user_params.except(:custom_attributes).merge({ custom_attributes: user_custom_attributes })
+  end
+
+  def set_resource
+    @resource = User.find(params[:id])
+  end
+
+  def user_params
+    params.permit(:name, :display_name, :email, :password, custom_attributes: {})
+  end
+end