Enchance/event invites (#1074)

This pull request introduces significant improvements to the event
invitation workflow, debugging guidelines, and UI enhancements for
person selection. The main changes include a new searchable person
selector in the frontend, expanded controller logic for inviting
existing users, improved debugging documentation, and more robust
handling of invitation notifications and authorization.

**Event Invitation Workflow Improvements**

* Added an `available_people` endpoint to
`Events::InvitationsController` to provide a filtered, searchable list
of people eligible for invitation, excluding those already invited and
those without email addresses. This endpoint supports search queries and
returns results formatted for frontend consumption.
* Updated invitation creation logic to support inviting existing users
by ID, automatically populating email and locale from the selected
person.
* Improved invitation destruction and creation responses to support
Turbo Streams, updating the UI dynamically and displaying flash
messages.
[[1]](diffhunk://#diff-f5bce0fdefe4021e576bd0afd9c7aa69a1fc93d255ac43b4677b6cd4a494d03eR38-R52)
[[2]](diffhunk://#diff-f5bce0fdefe4021e576bd0afd9c7aa69a1fc93d255ac43b4677b6cd4a494d03eR134-R140)
* Enhanced notification logic to distinguish between invitations for
existing users (using in-app notifications) and invitations by email
(using mailers).

**Frontend Enhancements**

* Added a new Stimulus controller `person_search_controller.js` that
replaces a standard select box with a live-search input for person
selection, calling the new backend endpoint and updating the select
based on user choice.
* Added new invitation-related styles in `invitations.scss` and imported
them in the main stylesheet.
[[1]](diffhunk://#diff-e0c8019729fad32b5ea701ddce7b7c208a2b77a40b6e4c9b082059a3c1169627R1-R5)
[[2]](diffhunk://#diff-5499b5855ee11d3be02ebb1d25ee68dbe0331c7a2fc94250b73f716f42b803c6R34)

**Debugging and Development Guidelines**

* Updated documentation in `.github/copilot-instructions.md` and
`AGENTS.md` to clarify that Rails console and runner should not be used
for debugging. Instead, debugging should be performed through
comprehensive tests and log analysis, with specific tips for using RSpec
and temporary debug output.
[[1]](diffhunk://#diff-227c2c26cb2ee0ce0f46a320fc48fbcbdf21801a57f59161b1d0861e8aad55f5R95-R107)
[[2]](diffhunk://#diff-227c2c26cb2ee0ce0f46a320fc48fbcbdf21801a57f59161b1d0861e8aad55f5L105-R122)
[[3]](diffhunk://#diff-a54ff182c7e8acf56acfd6e4b9c3ff41e2c41a31c9b211b2deb9df75d9a478f9R22-R32)
[[4]](diffhunk://#diff-a54ff182c7e8acf56acfd6e4b9c3ff41e2c41a31c9b211b2deb9df75d9a478f9L32-R43)

**Authorization and Notification Handling**

* Improved authorization logic in `EventsController` and
`ApplicationController`, ensuring proper handling for unauthenticated
users and integrating invitation token authorization and notification
reading.
[[1]](diffhunk://#diff-ffc530a02a78834a7cc82d089dee80fa08f52d911015abfa0c563543b9fce194R6-R8)
[[2]](diffhunk://#diff-ffc530a02a78834a7cc82d089dee80fa08f52d911015abfa0c563543b9fce194R31-R35)
[[3]](diffhunk://#diff-353dd41f0d149f307449a2697955bbe8d70e73ea85c77b4a42ee9751273ba960R161-R169)

Author: rsmithlal

.github/copilot-instructions.md

@@ -92,6 +92,19 @@ This repository contains the **Better Together Community Engine** (an isolated R
 
 ## Coding Guidelines
 
+### Debugging and Development Practices
+- **Never use Rails console or runner for debugging** - These commands don't support our test-driven development approach
+- **Debug through comprehensive tests**: Write detailed test scenarios to reproduce, understand, and verify fixes for issues
+- **Use test-driven debugging workflow**:
+  - Create specific tests that reproduce the problematic behavior
+  - Add debugging assertions in tests to verify intermediate state
+  - Trace through code by reading files and using grep search
+  - Validate fixes by ensuring tests pass
+- **Leverage RSpec debugging tools**: Use `--format documentation` for detailed output, `fit` for focused testing, `puts` for temporary debug output in tests
+- **Analyze logs and error messages**: Examine Rails logs, test output, and stack traces for debugging information
+- **Read code systematically**: Use file reading tools to understand code paths and data flow
+- **Temporary debug output**: Add debug statements in application code if needed, but remove before committing
+
 ### Docker Environment Usage
 - **All database-dependent commands must use `bin/dc-run`**: This includes tests, generators, and any command that connects to PostgreSQL, Redis, or Elasticsearch
 - **Dummy app commands use `bin/dc-run-dummy`**: For Rails commands that need the dummy app context (console, migrations specific to dummy app)
@@ -102,10 +115,11 @@ This repository contains the **Better Together Community Engine** (an isolated R
   - RuboCop: `bin/dc-run bundle exec rubocop`
   - **IMPORTANT**: Never use `rspec -v` - this displays version info, not verbose output. Use `--format documentation` for detailed output.
 - **Examples of commands requiring `bin/dc-run-dummy`**:
-  - Rails console: `bin/dc-run-dummy rails console`
+  - Rails console: `bin/dc-run-dummy rails console` (for administrative tasks only, NOT for debugging)
   - Dummy app migrations: `bin/dc-run-dummy rails db:migrate`
   - Dummy app database operations: `bin/dc-run-dummy rails db:seed`
 - **Commands that don't require bin/dc-run**: File operations, documentation generation (unless database access needed), static analysis tools that don't connect to services
+- **CRITICAL**: Rails console and runner are NOT debugging tools in this project - use comprehensive test suites instead
 
 ### Security Requirements
 - **Run Brakeman before generating code**: `bin/dc-run bundle exec brakeman --quiet --no-pager` 

.rubocop.yml

@@ -13,8 +13,21 @@ plugins:
   - rubocop-rspec_rails
   - rubocop-capybara
   - rubocop-factory_bot
+
+# Disable all RSpec cops that affect test quality but not production code
+RSpec/ExampleLength:
+  Enabled: false
 RSpec/MultipleExpectations:
   Enabled: false
+RSpec/MultipleMemoizedHelpers:
+  Enabled: false
+RSpec/ContextWording:
+  Enabled: false
+RSpec/MessageSpies:
+  Enabled: false
+RSpec/LetSetup:
+  Enabled: false
+
 Style/StringLiterals:
   Exclude:
     - 'db/migrate/*'

AGENTS.md

@@ -19,6 +19,17 @@ Instructions for GitHub Copilot and other automated contributors working in this
   - test: `community_engine_test`
 - Use `DATABASE_URL` to connect (overrides fallback host in `config/database.yml`).
 
+## Debugging Guidelines
+- **Never use Rails console or runner for debugging** - These commands don't align with our test-driven development approach
+- **Use comprehensive test suites instead**: Write detailed tests to understand and verify system behavior
+- **Debug through tests**: Create specific test scenarios to reproduce and validate fixes for issues
+- **Use log analysis**: Examine Rails logs, test output, and error messages for debugging information
+- **Add temporary debugging assertions in tests**: Use `expect()` statements to verify intermediate state in tests
+- **Use RSpec debugging tools**: Use `--format documentation` for detailed test output, `fit` for focused testing
+- **Trace through code by reading files**: Use file reading and grep search to understand code paths
+- **Add debug output in application code temporarily** if needed, but remove before committing
+- **Validate fixes through test success**: Confirm that issues are resolved by having tests pass
+
 ## Commands
 - **Tests:** `bin/dc-run bin/ci`
   (Equivalent: `bin/dc-run bash -c "cd spec/dummy && bundle exec rspec"`)
@@ -29,7 +40,7 @@ Instructions for GitHub Copilot and other automated contributors working in this
   - Multiple specific lines: `bin/dc-run bundle exec rspec spec/file1_spec.rb:123 spec/file2_spec.rb:456`
   - **Important**: RSpec does NOT support hyphenated line numbers (e.g., `spec/file_spec.rb:123-456` is INVALID)
   - **Do NOT use `-v` flag**: The `-v` flag displays RSpec version information, NOT verbose output. Use `--format documentation` for detailed test descriptions.
-- **Rails Console:** `bin/dc-run-dummy rails console` (runs console in the dummy app context)
+- **Rails Console:** `bin/dc-run-dummy rails console` (for administrative tasks only - NOT for debugging. Use comprehensive tests for debugging instead)
 - **Rails Commands in Dummy App:** `bin/dc-run-dummy rails [command]` for any Rails commands that need the dummy app environment
 - **Lint:** `bin/dc-run bundle exec rubocop`
 - **Security:** `bin/dc-run bundle exec brakeman --quiet --no-pager` and `bin/dc-run bundle exec bundler-audit --update`

app/assets/javascripts/better_together/controllers/person_search_controller.js

@@ -0,0 +1,154 @@
+import { Controller } from "@hotwired/stimulus"
+
+export default class extends Controller {
+  static targets = ["select", "input"]
+  static values = {
+    searchUrl: String,
+    searchDelay: { type: Number, default: 300 }
+  }
+
+  connect() {
+    this.setupPersonSearch()
+  }
+
+  setupPersonSearch() {
+    const select = this.selectTarget
+
+    // Convert select to a searchable input
+    this.createSearchInput(select)
+
+    // Hide the original select
+    select.style.display = 'none'
+  }
+
+  createSearchInput(select) {
+    const searchContainer = select.parentElement
+
+    // Create search input
+    const searchInput = document.createElement('input')
+    searchInput.type = 'text'
+    searchInput.className = 'form-control person-search-input'
+    searchInput.placeholder = select.options[0]?.text || 'Search for people...'
+    searchInput.setAttribute('data-person-search-target', 'input')
+
+    // Create results dropdown
+    const resultsDropdown = document.createElement('div')
+    resultsDropdown.className = 'person-search-results'
+    resultsDropdown.style.cssText = `
+      position: absolute;
+      top: 100%;
+      left: 0;
+      right: 0;
+      background: white;
+      border: 1px solid #ced4da;
+      border-top: none;
+      border-radius: 0 0 0.375rem 0.375rem;
+      max-height: 200px;
+      overflow-y: auto;
+      z-index: 1000;
+      display: none;
+    `
+
+    // Insert elements
+    searchContainer.style.position = 'relative'
+    searchContainer.insertBefore(searchInput, select)
+    searchContainer.appendChild(resultsDropdown)
+
+    // Setup event listeners
+    let searchTimeout
+    searchInput.addEventListener('input', (e) => {
+      clearTimeout(searchTimeout)
+      searchTimeout = setTimeout(() => {
+        this.performSearch(e.target.value, resultsDropdown, select)
+      }, this.searchDelayValue)
+    })
+
+    searchInput.addEventListener('focus', () => {
+      if (searchInput.value) {
+        this.performSearch(searchInput.value, resultsDropdown, select)
+      }
+    })
+
+    // Hide dropdown when clicking outside
+    document.addEventListener('click', (e) => {
+      if (!searchContainer.contains(e.target)) {
+        resultsDropdown.style.display = 'none'
+      }
+    })
+  }
+
+  async performSearch(query, resultsDropdown, select) {
+    if (query.length < 2) {
+      resultsDropdown.style.display = 'none'
+      return
+    }
+
+    try {
+      const response = await fetch(`${this.searchUrlValue}?search=${encodeURIComponent(query)}`, {
+        headers: {
+          'Accept': 'application/json',
+          'X-Requested-With': 'XMLHttpRequest'
+        }
+      })
+
+      if (!response.ok) throw new Error('Search failed')
+
+      const people = await response.json()
+      this.displayResults(people, resultsDropdown, select)
+    } catch (error) {
+      console.error('Person search error:', error)
+      resultsDropdown.innerHTML = '<div class="p-2 text-danger">Search failed</div>'
+      resultsDropdown.style.display = 'block'
+    }
+  }
+
+  displayResults(people, resultsDropdown, select) {
+    if (people.length === 0) {
+      resultsDropdown.innerHTML = '<div class="p-2 text-muted">No people found</div>'
+      resultsDropdown.style.display = 'block'
+      return
+    }
+
+    const resultsHtml = people.map(person => `
+      <div class="person-result p-2 border-bottom"
+           style="cursor: pointer; display: flex; align-items: center;"
+           data-person-id="${person.id}"
+           data-person-name="${person.name}">
+        <div class="me-2" style="width: 32px; height: 32px; background-color: #dee2e6; border-radius: 50%; display: flex; align-items: center; justify-content: center;">
+          <i class="fas fa-user text-muted"></i>
+        </div>
+        <div>
+          <div class="fw-medium">${person.name}</div>
+          <small class="text-muted">@${person.slug}</small>
+        </div>
+      </div>
+    `).join('')
+
+    resultsDropdown.innerHTML = resultsHtml
+    resultsDropdown.style.display = 'block'
+
+    // Add click handlers to results
+    resultsDropdown.querySelectorAll('.person-result').forEach(result => {
+      result.addEventListener('click', () => {
+        this.selectPerson(result, select)
+        resultsDropdown.style.display = 'none'
+      })
+    })
+  }
+
+  selectPerson(resultElement, select) {
+    const personId = resultElement.dataset.personId
+    const personName = resultElement.dataset.personName
+
+    // Update the hidden select
+    select.innerHTML = `<option value="${personId}" selected>${personName}</option>`
+    select.value = personId
+
+    // Update the search input
+    const searchInput = this.inputTarget
+    searchInput.value = personName
+
+    // Trigger change event for form handling
+    select.dispatchEvent(new Event('change', { bubbles: true }))
+  }
+}

app/assets/stylesheets/better_together/application.scss

@@ -31,6 +31,7 @@
 @use 'conversations';
 @use 'forms';
 @use 'image-galleries';
+@use 'invitations';
 @use 'maps';
 @use 'metrics';
 @use 'navigation';

app/assets/stylesheets/better_together/invitations.scss

@@ -0,0 +1,5 @@
+
+.profile-image.invitee {
+  width: 32px;
+  height: 32px;
+}

app/controllers/better_together/application_controller.rb

@@ -158,7 +158,13 @@ def user_not_authorized(exception) # rubocop:todo Metrics/AbcSize, Metrics/Metho
         ]
       else
         flash[:error] = message # Use flash for regular redirects
-        redirect_back(fallback_location: home_page_path)
+
+        # For unauthenticated users, redirect to login
+        if current_user.nil?
+          redirect_to new_user_session_path(locale: I18n.locale)
+        else
+          redirect_back(fallback_location: home_page_path)
+        end
       end
     end
     # rubocop:enable Metrics/MethodLength