Initial commit: Add logistics and order_detail message types

- Add Logistics component with progress tracking
- Add OrderDetail component for order information
- Support data-driven steps and actions
- Add blue color scale to widget SCSS
- Fix node overflow and progress bar rendering issues
- Add English translations for dashboard components

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

enterprise/app/models/concerns/agentable.rb

@@ -0,0 +1,56 @@
+module Concerns::Agentable
+  extend ActiveSupport::Concern
+
+  def agent
+    Agents::Agent.new(
+      name: agent_name,
+      instructions: ->(context) { agent_instructions(context) },
+      tools: agent_tools,
+      model: agent_model,
+      temperature: temperature.to_f || 0.7,
+      response_schema: agent_response_schema
+    )
+  end
+
+  def agent_instructions(context = nil)
+    enhanced_context = prompt_context
+
+    if context
+      state = context.context[:state] || {}
+      conversation_data = state[:conversation] || {}
+      contact_data = state[:contact] || {}
+      enhanced_context = enhanced_context.merge(
+        conversation: conversation_data,
+        contact: contact_data
+      )
+    end
+
+    Captain::PromptRenderer.render(template_name, enhanced_context.with_indifferent_access)
+  end
+
+  private
+
+  def agent_name
+    raise NotImplementedError, "#{self.class} must implement agent_name"
+  end
+
+  def template_name
+    self.class.name.demodulize.underscore
+  end
+
+  def agent_tools
+    []  # Default implementation, override if needed
+  end
+
+  def agent_model
+    InstallationConfig.find_by(name: 'CAPTAIN_OPEN_AI_MODEL')&.value.presence || LlmConstants::DEFAULT_MODEL
+  end
+
+  def agent_response_schema
+    Captain::ResponseSchema
+  end
+
+  def prompt_context
+    raise NotImplementedError, "#{self.class} must implement prompt_context"
+  end
+end

enterprise/app/models/concerns/captain_tools_helpers.rb

@@ -0,0 +1,76 @@
+# Provides helper methods for working with Captain agent tools including
+# tool resolution, text parsing, and metadata retrieval.
+module Concerns::CaptainToolsHelpers
+  extend ActiveSupport::Concern
+
+  # Regular expression pattern for matching tool references in text.
+  # Matches patterns like [Tool name](tool://tool_id) following markdown link syntax.
+  TOOL_REFERENCE_REGEX = %r{\[[^\]]+\]\(tool://([^/)]+)\)}
+
+  class_methods do
+    # Returns all built-in agent tools with their metadata.
+    # Only includes tools that have corresponding class files and can be resolved.
+    #
+    # @return [Array<Hash>] Array of tool hashes with :id, :title, :description, :icon
+    def built_in_agent_tools
+      @built_in_agent_tools ||= load_agent_tools
+    end
+
+    # Resolves a tool class from a tool ID.
+    # Converts snake_case tool IDs to PascalCase class names and constantizes them.
+    #
+    # @param tool_id [String] The snake_case tool identifier
+    # @return [Class, nil] The tool class if found, nil if not resolvable
+    def resolve_tool_class(tool_id)
+      class_name = "Captain::Tools::#{tool_id.classify}Tool"
+      class_name.safe_constantize
+    end
+
+    # Returns an array of all built-in tool IDs.
+    # Convenience method that extracts just the IDs from built_in_agent_tools.
+    #
+    # @return [Array<String>] Array of built-in tool IDs
+    def built_in_tool_ids
+      @built_in_tool_ids ||= built_in_agent_tools.map { |tool| tool[:id] }
+    end
+
+    private
+
+    # Loads agent tools from the YAML configuration file.
+    # Filters out tools that cannot be resolved to actual classes.
+    #
+    # @return [Array<Hash>] Array of resolvable tools with metadata
+    # @api private
+    def load_agent_tools
+      tools_config = YAML.load_file(Rails.root.join('config/agents/tools.yml'))
+
+      tools_config.filter_map do |tool_config|
+        tool_class = resolve_tool_class(tool_config['id'])
+
+        if tool_class
+          {
+            id: tool_config['id'],
+            title: tool_config['title'],
+            description: tool_config['description'],
+            icon: tool_config['icon']
+          }
+        else
+          Rails.logger.warn "Tool class not found for ID: #{tool_config['id']}"
+          nil
+        end
+      end
+    end
+  end
+
+  # Extracts tool IDs from text containing tool references.
+  # Parses text for (tool://tool_id) patterns and returns unique tool IDs.
+  #
+  # @param text [String] Text to parse for tool references
+  # @return [Array<String>] Array of unique tool IDs found in the text
+  def extract_tool_ids_from_text(text)
+    return [] if text.blank?
+
+    tool_matches = text.scan(TOOL_REFERENCE_REGEX)
+    tool_matches.flatten.uniq
+  end
+end

enterprise/app/models/concerns/safe_endpoint_validatable.rb

@@ -0,0 +1,84 @@
+module Concerns::SafeEndpointValidatable
+  extend ActiveSupport::Concern
+
+  FRONTEND_HOST = URI.parse(ENV.fetch('FRONTEND_URL', 'http://localhost:3000')).host.freeze
+  DISALLOWED_HOSTS = ['localhost', /\.local\z/i].freeze
+
+  included do
+    validate :validate_safe_endpoint_url
+  end
+
+  private
+
+  def validate_safe_endpoint_url
+    return if endpoint_url.blank?
+
+    uri = parse_endpoint_uri
+    return errors.add(:endpoint_url, 'must be a valid URL') unless uri
+
+    validate_endpoint_scheme(uri)
+    validate_endpoint_host(uri)
+    validate_not_ip_address(uri)
+    validate_no_unicode_chars(uri)
+  end
+
+  def parse_endpoint_uri
+    # Strip Liquid template syntax for validation
+    # Replace {{ variable }} with a placeholder value
+    sanitized_url = endpoint_url.gsub(/\{\{[^}]+\}\}/, 'placeholder')
+    URI.parse(sanitized_url)
+  rescue URI::InvalidURIError
+    nil
+  end
+
+  def validate_endpoint_scheme(uri)
+    return if uri.scheme == 'https'
+
+    errors.add(:endpoint_url, 'must use HTTPS protocol')
+  end
+
+  def validate_endpoint_host(uri)
+    if uri.host.blank?
+      errors.add(:endpoint_url, 'must have a valid hostname')
+      return
+    end
+
+    if uri.host == FRONTEND_HOST
+      errors.add(:endpoint_url, 'cannot point to the application itself')
+      return
+    end
+
+    DISALLOWED_HOSTS.each do |pattern|
+      matched = if pattern.is_a?(Regexp)
+                  uri.host =~ pattern
+                else
+                  uri.host.downcase == pattern
+                end
+
+      next unless matched
+
+      errors.add(:endpoint_url, 'cannot use disallowed hostname')
+      break
+    end
+  end
+
+  def validate_not_ip_address(uri)
+    # Check for IPv4
+    if /\A\d+\.\d+\.\d+\.\d+\z/.match?(uri.host)
+      errors.add(:endpoint_url, 'cannot be an IP address, must be a hostname')
+      return
+    end
+
+    # Check for IPv6
+    return unless uri.host.include?(':')
+
+    errors.add(:endpoint_url, 'cannot be an IP address, must be a hostname')
+  end
+
+  def validate_no_unicode_chars(uri)
+    return unless uri.host
+    return if /\A[\x00-\x7F]+\z/.match?(uri.host)
+
+    errors.add(:endpoint_url, 'hostname cannot contain non-ASCII characters')
+  end
+end

enterprise/app/models/concerns/toolable.rb

@@ -0,0 +1,116 @@
+module Concerns::Toolable
+  extend ActiveSupport::Concern
+
+  def tool(assistant)
+    custom_tool_record = self
+    # Convert slug to valid Ruby constant name (replace hyphens with underscores, then camelize)
+    class_name = custom_tool_record.slug.underscore.camelize
+
+    # Always create a fresh class to reflect current metadata
+    tool_class = Class.new(Captain::Tools::HttpTool) do
+      description custom_tool_record.description
+
+      custom_tool_record.param_schema.each do |param_def|
+        param param_def['name'].to_sym,
+              type: param_def['type'],
+              desc: param_def['description'],
+              required: param_def.fetch('required', true)
+      end
+    end
+
+    # Register the dynamically created class as a constant in the Captain::Tools namespace.
+    # This is required because RubyLLM's Tool base class derives the tool name from the class name
+    # (via Class#name). Anonymous classes created with Class.new have no name and return empty strings,
+    # which causes "Invalid 'tools[].function.name': empty string" errors from the LLM API.
+    # By setting it as a constant, the class gets a proper name (e.g., "Captain::Tools::CatFactLookup")
+    # which RubyLLM extracts and normalizes to "cat-fact-lookup" for the LLM API.
+    # We refresh the constant on each call to ensure tool metadata changes are reflected.
+    Captain::Tools.send(:remove_const, class_name) if Captain::Tools.const_defined?(class_name, false)
+    Captain::Tools.const_set(class_name, tool_class)
+
+    tool_class.new(assistant, self)
+  end
+
+  def build_request_url(params)
+    return endpoint_url if endpoint_url.blank? || endpoint_url.exclude?('{{')
+
+    render_template(endpoint_url, params)
+  end
+
+  def build_request_body(params)
+    return nil if request_template.blank?
+
+    render_template(request_template, params)
+  end
+
+  def build_auth_headers
+    return {} if auth_none?
+
+    case auth_type
+    when 'bearer'
+      { 'Authorization' => "Bearer #{auth_config['token']}" }
+    when 'api_key'
+      if auth_config['location'] == 'header'
+        { auth_config['name'] => auth_config['key'] }
+      else
+        {}
+      end
+    else
+      {}
+    end
+  end
+
+  def build_basic_auth_credentials
+    return nil unless auth_type == 'basic'
+
+    [auth_config['username'], auth_config['password']]
+  end
+
+  def build_metadata_headers(state)
+    {}.tap do |headers|
+      add_base_headers(headers, state)
+      add_conversation_headers(headers, state[:conversation]) if state[:conversation]
+      add_contact_headers(headers, state[:contact]) if state[:contact]
+    end
+  end
+
+  def add_base_headers(headers, state)
+    headers['X-Chatwoot-Account-Id'] = state[:account_id].to_s if state[:account_id]
+    headers['X-Chatwoot-Assistant-Id'] = state[:assistant_id].to_s if state[:assistant_id]
+    headers['X-Chatwoot-Tool-Slug'] = slug if slug.present?
+  end
+
+  def add_conversation_headers(headers, conversation)
+    headers['X-Chatwoot-Conversation-Id'] = conversation[:id].to_s if conversation[:id]
+    headers['X-Chatwoot-Conversation-Display-Id'] = conversation[:display_id].to_s if conversation[:display_id]
+  end
+
+  def add_contact_headers(headers, contact)
+    headers['X-Chatwoot-Contact-Id'] = contact[:id].to_s if contact[:id]
+    headers['X-Chatwoot-Contact-Email'] = contact[:email].to_s if contact[:email].present?
+    headers['X-Chatwoot-Contact-Phone'] = contact[:phone_number].to_s if contact[:phone_number].present?
+  end
+
+  def format_response(raw_response_body)
+    return raw_response_body if response_template.blank?
+
+    response_data = parse_response_body(raw_response_body)
+    render_template(response_template, { 'response' => response_data, 'r' => response_data })
+  end
+
+  private
+
+  def render_template(template, context)
+    liquid_template = Liquid::Template.parse(template, error_mode: :strict)
+    liquid_template.render(context.deep_stringify_keys, registers: {}, strict_variables: true, strict_filters: true)
+  rescue Liquid::SyntaxError, Liquid::UndefinedVariable, Liquid::UndefinedFilter => e
+    Rails.logger.error("Liquid template error: #{e.message}")
+    raise "Template rendering failed: #{e.message}"
+  end
+
+  def parse_response_body(body)
+    JSON.parse(body)
+  rescue JSON::ParserError
+    body
+  end
+end