Initial commit: Add logistics and order_detail message types

- Add Logistics component with progress tracking
- Add OrderDetail component for order information
- Support data-driven steps and actions
- Add blue color scale to widget SCSS
- Fix node overflow and progress bar rendering issues
- Add English translations for dashboard components

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

spec/controllers/super_admin/access_tokens_controller_spec.rb

@@ -0,0 +1,24 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin access tokens API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+  let!(:platform_app) { create(:platform_app) }
+
+  describe 'GET /super_admin/access_tokens' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      it 'shows the list of access tokens' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/access_tokens'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include(platform_app.access_token.token)
+      end
+    end
+  end
+end

spec/controllers/super_admin/account_users_controller_spec.rb

@@ -0,0 +1,22 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin Account Users API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/account_users/new' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/account_users/new'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      it 'shows the account user create page' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/account_users/new'
+        expect(response).to have_http_status(:success)
+      end
+    end
+  end
+end

spec/controllers/super_admin/accounts_controller_spec.rb

@@ -0,0 +1,79 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin accounts API', type: :request do
+  include ActiveJob::TestHelper
+
+  let!(:super_admin) { create(:super_admin) }
+  let!(:account) { create(:account) }
+
+  describe 'GET /super_admin/accounts' do
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        get '/super_admin/accounts'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated user' do
+      it 'shows the list of accounts' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/accounts'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include('New account')
+        expect(response.body).to include(account.name)
+      end
+    end
+  end
+
+  describe 'POST /super_admin/accounts/{account_id}/reset_cache' do
+    before do
+      create(:label, account: account)
+      create(:inbox, account: account)
+      create(:team, account: account)
+    end
+
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        post "/super_admin/accounts/#{account.id}/reset_cache"
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated user' do
+      it 'shows the list of accounts' do
+        expect(account.cache_keys.keys).to contain_exactly(:inbox, :label, :team)
+        sign_in(super_admin, scope: :super_admin)
+
+        now_timestamp = Time.now.utc.to_i
+        post "/super_admin/accounts/#{account.id}/reset_cache"
+        expect(response).to have_http_status(:redirect)
+        expect(flash[:notice]).to eq('Cache keys cleared')
+
+        range = now_timestamp..(now_timestamp + 10)
+        expect(account.reload.cache_keys.values.all? { |v| range.cover?(v.to_i) }).to be(true)
+      end
+    end
+  end
+
+  describe 'DELETE /super_admin/accounts/{account_id}' do
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        delete "/super_admin/accounts/#{account.id}"
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated user' do
+      it 'Deletes the account' do
+        total_accounts = Account.count
+        sign_in(super_admin, scope: :super_admin)
+
+        perform_enqueued_jobs(only: DeleteObjectJob) do
+          delete "/super_admin/accounts/#{account.id}"
+        end
+
+        expect(Account.count).to eq(total_accounts - 1)
+      end
+    end
+  end
+end

spec/controllers/super_admin/agent_bots_controller_spec.rb

@@ -0,0 +1,67 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin agent-bots API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/agent_bots' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/agent_bots'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      let!(:agent_bot) { create(:agent_bot) }
+
+      it 'shows the list of users' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/agent_bots'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include(agent_bot.name)
+      end
+    end
+  end
+
+  describe 'DELETE /super_admin/agent_bots/:id/destroy_avatar' do
+    let!(:agent_bot) { create(:agent_bot, :with_avatar) }
+
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        delete "/super_admin/agent_bots/#{agent_bot.id}/avatar", params: { attachment_id: agent_bot.avatar.id }
+        expect(response).to have_http_status(:redirect)
+        expect(agent_bot.reload.avatar).to be_attached
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      it 'destroys the avatar' do
+        sign_in(super_admin, scope: :super_admin)
+        delete "/super_admin/agent_bots/#{agent_bot.id}/avatar", params: { attachment_id: agent_bot.avatar.id }
+        expect(response).to have_http_status(:redirect)
+        expect(agent_bot.reload.avatar).not_to be_attached
+      end
+    end
+  end
+
+  describe 'DELETE /super_admin/agent_bots/:id' do
+    let!(:agent_bot) { create(:agent_bot) }
+
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        delete "/super_admin/agent_bots/#{agent_bot.id}"
+        expect(response).to have_http_status(:redirect)
+        expect(AgentBot.find_by(id: agent_bot.id)).to be_present
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      it 'deletes the agent bot' do
+        sign_in(super_admin, scope: :super_admin)
+        delete "/super_admin/agent_bots/#{agent_bot.id}"
+        expect(response).to have_http_status(:redirect)
+        expect(AgentBot.find_by(id: agent_bot.id)).to be_nil
+      end
+    end
+  end
+end

spec/controllers/super_admin/app_config_controller_spec.rb

@@ -0,0 +1,47 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin Application Config API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/app_config' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/app_config'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      let!(:config) { create(:installation_config, { name: 'FB_APP_ID', value: 'TESTVALUE' }) }
+
+      it 'shows the app_config page' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/app_config?config=facebook'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include(config.value)
+      end
+    end
+  end
+
+  describe 'POST /super_admin/app_config' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        post '/super_admin/app_config', params: { app_config: { TESTKEY: 'TESTVALUE' } }
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an aunthenticated super admin' do
+      it 'shows the app_config page' do
+        sign_in(super_admin, scope: :super_admin)
+        post '/super_admin/app_config?config=facebook', params: { app_config: { FB_APP_ID: 'FB_APP_ID' } }
+
+        expect(response).to have_http_status(:found)
+        expect(response).to redirect_to(super_admin_settings_path)
+
+        config = GlobalConfig.get('FB_APP_ID')
+        expect(config['FB_APP_ID']).to eq('FB_APP_ID')
+      end
+    end
+  end
+end

spec/controllers/super_admin/devise/sessions_controller_spec.rb

@@ -0,0 +1,12 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin', type: :request do
+  describe '/super_admin' do
+    it 'renders the login page' do
+      with_modified_env LOGRAGE_ENABLED: 'true' do
+        get '/super_admin/sign_in'
+        expect(response).to have_http_status(:ok)
+      end
+    end
+  end
+end

spec/controllers/super_admin/installation_configs_controller_spec.rb

@@ -0,0 +1,42 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin Installation Config API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/installation_configs/new' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/installation_configs/new'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      let(:config) { create(:installation_config, { name: 'TESTCONFIG', value: 'TESTVALUE', locked: false }) }
+
+      before do
+        config
+      end
+
+      it 'shows the installation_configs create page' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/installation_configs/new'
+        expect(response).to have_http_status(:success)
+      end
+
+      it 'shows the installation_configs edit page' do
+        sign_in(super_admin, scope: :super_admin)
+        editable_config = InstallationConfig.editable.first
+        get "/super_admin/installation_configs/#{editable_config.id}/edit"
+        expect(response).to have_http_status(:success)
+      end
+
+      it 'shows the installation_configs list page' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/installation_configs'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include(config.name)
+      end
+    end
+  end
+end

spec/controllers/super_admin/instance_statuses_controller_spec.rb

@@ -0,0 +1,24 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin Instance status', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/instance_status' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/instance_status'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      it 'shows the instance_status page' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/instance_status'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include('Chatwoot version')
+        expect(response.body).to include(GIT_HASH)
+      end
+    end
+  end
+end

spec/controllers/super_admin/platform_apps_controller_spec.rb

@@ -0,0 +1,48 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin platform app API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/platform_apps' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/platform_apps'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      let!(:platform_app) { create(:platform_app) }
+
+      it 'shows the list of users' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/platform_apps'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include(platform_app.name)
+      end
+    end
+  end
+
+  describe 'DELETE /super_admin/platform_apps/:id' do
+    let!(:platform_app) { create(:platform_app) }
+    let(:access_token) { platform_app.access_token }
+
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        delete "/super_admin/platform_apps/#{platform_app.id}", params: { _method: :delete }
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      it 'deletes the platform app' do
+        sign_in(super_admin, scope: :super_admin)
+        expect do
+          delete "/super_admin/platform_apps/#{platform_app.id}", params: { _method: :delete }
+        end.to change(PlatformApp, :count).by(-1)
+        expect(response).to have_http_status(:redirect)
+        expect(response).to redirect_to(super_admin_platform_apps_path)
+      end
+    end
+  end
+end

spec/controllers/super_admin/users_controller_spec.rb

@@ -0,0 +1,103 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin Users API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/users' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/users'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      let!(:user) { create(:user) }
+      let!(:params) do
+        { user: {
+          name: 'admin@example.com',
+          display_name: 'admin@example.com',
+          email: 'admin@example.com',
+          password: 'Password1!',
+          confirmed_at: '2023-03-20 22:32:41',
+          type: 'SuperAdmin'
+        } }
+      end
+
+      it 'shows the list of users' do
+        sign_in(super_admin, scope: :super_admin)
+        get '/super_admin/users'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include('New user')
+        expect(response.body).to include(CGI.escapeHTML(user.name))
+      end
+
+      it 'creates the new super_admin record' do
+        sign_in(super_admin, scope: :super_admin)
+
+        post '/super_admin/users', params: params
+
+        expect(response).to redirect_to("http://www.example.com/super_admin/users/#{User.last.id}")
+        expect(SuperAdmin.last.email).to eq('admin@example.com')
+
+        post '/super_admin/users', params: params
+        expect(response).to redirect_to('http://www.example.com/super_admin/users/new')
+      end
+    end
+  end
+
+  describe 'DELETE /super_admin/users/:id/avatar' do
+    let!(:user) { create(:user, :with_avatar) }
+
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        delete "/super_admin/users/#{user.id}/avatar", params: { attachment_id: user.avatar.id }
+        expect(response).to have_http_status(:redirect)
+        expect(user.reload.avatar).to be_attached
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      it 'destroys the avatar' do
+        sign_in(super_admin, scope: :super_admin)
+        delete "/super_admin/users/#{user.id}/avatar", params: { attachment_id: user.avatar.id }
+        expect(response).to have_http_status(:redirect)
+        expect(user.reload.avatar).not_to be_attached
+      end
+    end
+  end
+
+  describe 'PATCH /super_admin/users/:id' do
+    let!(:user) { create(:user) }
+    let(:request_path) { "/super_admin/users/#{user.id}" }
+
+    before { sign_in(super_admin, scope: :super_admin) }
+
+    it 'skips reconfirmation when confirmed_at is provided' do
+      ActiveJob::Base.queue_adapter.enqueued_jobs.clear
+      patch request_path, params: { user: { email: 'updated@example.com', confirmed_at: Time.current } }
+
+      expect(response).to have_http_status(:redirect)
+      expect(user.reload.email).to eq('updated@example.com')
+      expect(user.reload.unconfirmed_email).to be_nil
+
+      mail_jobs = ActiveJob::Base.queue_adapter.enqueued_jobs.select do |job|
+        job[:job].to_s == 'ActionMailer::MailDeliveryJob'
+      end
+      expect(mail_jobs.count).to eq(0)
+    end
+
+    it 'does not skip reconfirmation when confirmed_at is blank' do
+      ActiveJob::Base.queue_adapter.enqueued_jobs.clear
+      patch request_path, params: { user: { email: 'updated-again@example.com' } }
+
+      expect(response).to have_http_status(:redirect)
+      expect(user.reload.unconfirmed_email).to eq('updated-again@example.com')
+
+      mail_jobs = ActiveJob::Base.queue_adapter.enqueued_jobs.select do |job|
+        job[:job].to_s == 'ActionMailer::MailDeliveryJob'
+      end
+      expect(mail_jobs.count).to be >= 1
+    end
+  end
+end