af-devise 2.1.2

data/lib/devise/mapping.rb

@@ -0,0 +1,172 @@
+module Devise
+  # Responsible for handling devise mappings and routes configuration. Each
+  # resource configured by devise_for in routes is actually creating a mapping
+  # object. You can refer to devise_for in routes for usage options.
+  #
+  # The required value in devise_for is actually not used internally, but it's
+  # inflected to find all other values.
+  #
+  #   map.devise_for :users
+  #   mapping = Devise.mappings[:user]
+  #
+  #   mapping.name #=> :user
+  #   # is the scope used in controllers and warden, given in the route as :singular.
+  #
+  #   mapping.as   #=> "users"
+  #   # how the mapping should be search in the path, given in the route as :as.
+  #
+  #   mapping.to   #=> User
+  #   # is the class to be loaded from routes, given in the route as :class_name.
+  #
+  #   mapping.modules  #=> [:authenticatable]
+  #   # is the modules included in the class
+  #
+  class Mapping #:nodoc:
+    attr_reader :singular, :scoped_path, :path, :controllers, :path_names,
+                :class_name, :sign_out_via, :format, :used_routes, :used_helpers, :failure_app
+
+    alias :name :singular
+
+    # Receives an object and find a scope for it. If a scope cannot be found,
+    # raises an error. If a symbol is given, it's considered to be the scope.
+    def self.find_scope!(duck)
+      case duck
+      when String, Symbol
+        return duck
+      when Class
+        Devise.mappings.each_value { |m| return m.name if duck <= m.to }
+      else
+        Devise.mappings.each_value { |m| return m.name if duck.is_a?(m.to) }
+      end
+
+      raise "Could not find a valid mapping for #{duck.inspect}"
+    end
+
+    def self.find_by_path!(path, path_type=:fullpath)
+      Devise.mappings.each_value { |m| return m if path.include?(m.send(path_type)) }
+      raise "Could not find a valid mapping for path #{path.inspect}"
+    end
+
+    def initialize(name, options) #:nodoc:
+      @scoped_path = options[:as] ? "#{options[:as]}/#{name}" : name.to_s
+      @singular = (options[:singular] || @scoped_path.tr('/', '_').singularize).to_sym
+
+      @class_name = (options[:class_name] || name.to_s.classify).to_s
+      @klass = Devise.ref(@class_name)
+
+      @path = (options[:path] || name).to_s
+      @path_prefix = options[:path_prefix]
+
+      @sign_out_via = options[:sign_out_via] || Devise.sign_out_via
+      @format = options[:format]
+
+      default_failure_app(options)
+      default_controllers(options)
+      default_path_names(options)
+      default_used_route(options)
+      default_used_helpers(options)
+    end
+
+    # Return modules for the mapping.
+    def modules
+      @modules ||= to.respond_to?(:devise_modules) ? to.devise_modules : []
+    end
+
+    # Gives the class the mapping points to.
+    def to
+      @klass.get
+    end
+
+    def strategies
+      @strategies ||= STRATEGIES.values_at(*self.modules).compact.uniq.reverse
+    end
+
+    def no_input_strategies
+      self.strategies & Devise::NO_INPUT
+    end
+
+    def routes
+      @routes ||= ROUTES.values_at(*self.modules).compact.uniq
+    end
+
+    def authenticatable?
+      @authenticatable ||= self.modules.any? { |m| m.to_s =~ /authenticatable/ }
+    end
+
+    def fullpath
+      "/#{@path_prefix}/#{@path}".squeeze("/")
+    end
+
+    # Create magic predicates for verifying what module is activated by this map.
+    # Example:
+    #
+    #   def confirmable?
+    #     self.modules.include?(:confirmable)
+    #   end
+    #
+    def self.add_module(m)
+      class_eval <<-METHOD, __FILE__, __LINE__ + 1
+        def #{m}?
+          self.modules.include?(:#{m})
+        end
+      METHOD
+    end
+
+    private
+
+    def default_failure_app(options)
+      @failure_app = options[:failure_app] || Devise::FailureApp
+      if @failure_app.is_a?(String)
+        ref = Devise.ref(@failure_app)
+        @failure_app = lambda { |env| ref.get.call(env) }
+      end
+    end
+
+    def default_controllers(options)
+      mod = options[:module] || "devise"
+      @controllers = Hash.new { |h,k| h[k] = "#{mod}/#{k}" }
+      @controllers.merge!(options[:controllers]) if options[:controllers]
+      @controllers.each { |k,v| @controllers[k] = v.to_s }
+    end
+
+    def default_path_names(options)
+      @path_names = Hash.new { |h,k| h[k] = k.to_s }
+      @path_names[:registration] = ""
+      @path_names.merge!(options[:path_names]) if options[:path_names]
+    end
+
+    def default_constraints(options)
+      @constraints = Hash.new
+      @constraints.merge!(options[:constraints]) if options[:constraints]
+    end
+
+    def default_defaults(options)
+      @defaults = Hash.new
+      @defaults.merge!(options[:defaults]) if options[:defaults]
+    end
+
+    def default_used_route(options)
+      singularizer = lambda { |s| s.to_s.singularize.to_sym }
+
+      if options.has_key?(:only)
+        @used_routes = self.routes & Array(options[:only]).map(&singularizer)
+      elsif options[:skip] == :all
+        @used_routes = []
+      else
+        @used_routes = self.routes - Array(options[:skip]).map(&singularizer)
+      end
+    end
+
+    def default_used_helpers(options)
+      singularizer = lambda { |s| s.to_s.singularize.to_sym }
+
+      if options[:skip_helpers] == true
+        @used_helpers = @used_routes
+      elsif skip = options[:skip_helpers]
+        @used_helpers = self.routes - Array(skip).map(&singularizer)
+      else
+        @used_helpers = self.routes
+      end
+    end
+  end
+end

data/lib/devise/models.rb

@@ -0,0 +1,128 @@
+module Devise
+  module Models
+    class MissingAttribute < StandardError
+      def initialize(attributes)
+        @attributes = attributes
+      end
+
+      def message
+        "The following attribute(s) is (are) missing on your model: #{@attributes.join(", ")}"
+      end
+    end
+
+    # Creates configuration values for Devise and for the given module.
+    #
+    #   Devise::Models.config(Devise::Authenticatable, :stretches, 10)
+    #
+    # The line above creates:
+    #
+    #   1) An accessor called Devise.stretches, which value is used by default;
+    #
+    #   2) Some class methods for your model Model.stretches and Model.stretches=
+    #      which have higher priority than Devise.stretches;
+    #
+    #   3) And an instance method stretches.
+    #
+    # To add the class methods you need to have a module ClassMethods defined
+    # inside the given class.
+    #
+    def self.config(mod, *accessors) #:nodoc:
+      class << mod; attr_accessor :available_configs; end
+      mod.available_configs = accessors
+
+      accessors.each do |accessor|
+        mod.class_eval <<-METHOD, __FILE__, __LINE__ + 1
+          def #{accessor}
+            if defined?(@#{accessor})
+              @#{accessor}
+            elsif superclass.respond_to?(:#{accessor})
+              superclass.#{accessor}
+            else
+              Devise.#{accessor}
+            end
+          end
+
+          def #{accessor}=(value)
+            @#{accessor} = value
+          end
+        METHOD
+      end
+    end
+
+    def self.check_fields!(klass)
+      failed_attributes = []
+      instance = klass.new
+
+      klass.devise_modules.each do |mod|
+        constant = const_get(mod.to_s.classify)
+
+        if constant.respond_to?(:required_fields)
+          constant.required_fields(klass).each do |field|
+            failed_attributes << field unless instance.respond_to?(field)
+          end
+        else
+          ActiveSupport::Deprecation.warn "The module #{mod} doesn't implement self.required_fields(klass). " \
+            "Devise uses required_fields to warn developers of any missing fields in their models. " \
+            "Please implement #{mod}.required_fields(klass) that returns an array of symbols with the required fields."
+        end
+      end
+
+      if failed_attributes.any?
+        fail Devise::Models::MissingAttribute.new(failed_attributes)
+      end
+    end
+
+    # Include the chosen devise modules in your model:
+    #
+    #   devise :database_authenticatable, :confirmable, :recoverable
+    #
+    # You can also give any of the devise configuration values in form of a hash,
+    # with specific values for this model. Please check your Devise initializer
+    # for a complete description on those values.
+    #
+    def devise(*modules)
+      options = modules.extract_options!.dup
+
+      selected_modules = modules.map(&:to_sym).uniq.sort_by do |s|
+        Devise::ALL.index(s) || -1  # follow Devise::ALL order
+      end
+
+      devise_modules_hook! do
+        include Devise::Models::Authenticatable
+        selected_modules.each do |m|
+          if m == :encryptable && !(defined?(Devise::Models::Encryptable))
+            warn "[DEVISE] You're trying to include :encryptable in your model but it is not bundled with the Devise gem anymore. Please add `devise-encryptable` to your Gemfile to proceed.\n"
+          end
+
+          mod = Devise::Models.const_get(m.to_s.classify)
+
+          if mod.const_defined?("ClassMethods")
+            class_mod = mod.const_get("ClassMethods")
+            extend class_mod
+
+            if class_mod.respond_to?(:available_configs)
+              available_configs = class_mod.available_configs
+              available_configs.each do |config|
+                next unless options.key?(config)
+                send(:"#{config}=", options.delete(config))
+              end
+            end
+          end
+
+          include mod
+        end
+
+        self.devise_modules |= selected_modules
+        options.each { |key, value| send(:"#{key}=", value) }
+      end
+    end
+
+    # The hook which is called inside devise.
+    # So your ORM can include devise compatibility stuff.
+    def devise_modules_hook!
+      yield
+    end
+  end
+end
+
+require 'devise/models/authenticatable'

data/lib/devise/models/authenticatable.rb

@@ -0,0 +1,268 @@
+require 'devise/hooks/activatable'
+
+module Devise
+  module Models
+    # Authenticatable module. Holds common settings for authentication.
+    #
+    # == Options
+    #
+    # Authenticatable adds the following options to devise_for:
+    #
+    #   * +authentication_keys+: parameters used for authentication. By default [:email].
+    #
+    #   * +request_keys+: parameters from the request object used for authentication.
+    #     By specifying a symbol (which should be a request method), it will automatically be
+    #     passed to find_for_authentication method and considered in your model lookup.
+    #
+    #     For instance, if you set :request_keys to [:subdomain], :subdomain will be considered
+    #     as key on authentication. This can also be a hash where the value is a boolean expliciting
+    #     if the value is required or not.
+    #
+    #   * +http_authenticatable+: if this model allows http authentication. By default true.
+    #     It also accepts an array specifying the strategies that should allow http.
+    #
+    #   * +params_authenticatable+: if this model allows authentication through request params. By default true.
+    #     It also accepts an array specifying the strategies that should allow params authentication.
+    #
+    #   * +skip_session_storage+: By default Devise will store the user in session.
+    #     You can skip storage for http and token auth by appending values to array:
+    #     :skip_session_storage => [:token_auth] or :skip_session_storage => [:http_auth, :token_auth],
+    #     by default is set to :skip_session_storage => [:http_auth].
+    #
+    # == active_for_authentication?
+    #
+    # After authenticating a user and in each request, Devise checks if your model is active by
+    # calling model.active_for_authentication?. This method is overwriten by other devise modules. For instance,
+    # :confirmable overwrites .active_for_authentication? to only return true if your model was confirmed.
+    #
+    # You overwrite this method yourself, but if you do, don't forget to call super:
+    #
+    #   def active_for_authentication?
+    #     super && special_condition_is_valid?
+    #   end
+    #
+    # Whenever active_for_authentication? returns false, Devise asks the reason why your model is inactive using
+    # the inactive_message method. You can overwrite it as well:
+    #
+    #   def inactive_message
+    #     special_condition_is_valid? ? super : :special_condition_is_not_valid
+    #   end
+    #
+    module Authenticatable
+      extend ActiveSupport::Concern
+
+      BLACKLIST_FOR_SERIALIZATION = [:encrypted_password, :reset_password_token, :reset_password_sent_at,
+        :remember_created_at, :sign_in_count, :current_sign_in_at, :last_sign_in_at, :current_sign_in_ip,
+        :last_sign_in_ip, :password_salt, :confirmation_token, :confirmed_at, :confirmation_sent_at,
+        :remember_token, :unconfirmed_email, :failed_attempts, :unlock_token, :locked_at, :authentication_token]
+
+      included do
+        class_attribute :devise_modules, :instance_writer => false
+        self.devise_modules ||= []
+
+        before_validation :downcase_keys
+        before_validation :strip_whitespace
+      end
+
+      def self.required_fields(klass)
+        []
+      end
+
+      # Check if the current object is valid for authentication. This method and
+      # find_for_authentication are the methods used in a Warden::Strategy to check
+      # if a model should be signed in or not.
+      #
+      # However, you should not overwrite this method, you should overwrite active_for_authentication?
+      # and inactive_message instead.
+      def valid_for_authentication?
+        block_given? ? yield : true
+      end
+
+      def unauthenticated_message
+        :invalid
+      end
+
+      def active_for_authentication?
+        true
+      end
+
+      def inactive_message
+        :inactive
+      end
+
+      def authenticatable_salt
+      end
+
+      def headers_for(name)
+        {}
+      end
+
+      array = %w(serializable_hash)
+      # to_xml does not call serializable_hash on 3.1
+      array << "to_xml" if Rails::VERSION::STRING[0,3] == "3.1"
+
+      array.each do |method|
+        class_eval <<-RUBY, __FILE__, __LINE__
+          # Redefine to_xml and serializable_hash in models for more secure defaults.
+          # By default, it removes from the serializable model all attributes that
+          # are *not* accessible. You can remove this default by using :force_except
+          # and passing a new list of attributes you want to exempt. All attributes
+          # given to :except will simply add names to exempt to Devise internal list.
+          def #{method}(options=nil)
+            options ||= {}
+            options[:except] = Array(options[:except])
+
+            if options[:force_except]
+              options[:except].concat Array(options[:force_except])
+            else
+              options[:except].concat BLACKLIST_FOR_SERIALIZATION
+            end
+            super(options)
+          end
+        RUBY
+      end
+
+      protected
+
+      def devise_mailer
+        Devise.mailer
+      end
+
+      # This is an internal method called every time Devise needs
+      # to send a notification/mail. This can be overriden if you
+      # need to customize the e-mail delivery logic. For instance,
+      # if you are using a queue to deliver e-mails (delayed job,
+      # sidekiq, resque, etc), you must add the delivery to the queue
+      # just after the transaction was committed. To achieve this,
+      # you can override send_devise_notification to store the
+      # deliveries until the after_commit callback is triggered:
+      #
+      #     class User
+      #       devise :database_authenticatable, :confirmable
+      #
+      #       after_commit :send_pending_notifications
+      #
+      #       protected
+      #
+      #       def send_devise_notification(notification)
+      #         pending_notifications << notification
+      #       end
+      #
+      #       def send_pending_notifications
+      #         pending_notifications.each do |n|
+      #           devise_mailer.send(n, self).deliver
+      #         end
+      #       end
+      #
+      #       def pending_notifications
+      #         @pending_notifications ||= []
+      #       end
+      #     end
+      #
+      def send_devise_notification(notification)
+        devise_mailer.send(notification, self).deliver
+      end
+
+      def downcase_keys
+        self.class.case_insensitive_keys.each { |k| self[k].try(:downcase!) }
+      end
+
+      def strip_whitespace
+        self.class.strip_whitespace_keys.each { |k| self[k].try(:strip!) }
+      end
+
+      module ClassMethods
+        Devise::Models.config(self, :authentication_keys, :request_keys, :strip_whitespace_keys,
+          :case_insensitive_keys, :http_authenticatable, :params_authenticatable, :skip_session_storage)
+
+        def serialize_into_session(record)
+          [record.to_key, record.authenticatable_salt]
+        end
+
+        def serialize_from_session(key, salt)
+          record = to_adapter.get(key)
+          record if record && record.authenticatable_salt == salt
+        end
+
+        def params_authenticatable?(strategy)
+          params_authenticatable.is_a?(Array) ?
+            params_authenticatable.include?(strategy) : params_authenticatable
+        end
+
+        def http_authenticatable?(strategy)
+          http_authenticatable.is_a?(Array) ?
+            http_authenticatable.include?(strategy) : http_authenticatable
+        end
+
+        # Find first record based on conditions given (ie by the sign in form).
+        # This method is always called during an authentication process but
+        # it may be wrapped as well. For instance, database authenticatable
+        # provides a `find_for_database_authentication` that wraps a call to
+        # this method. This allows you to customize both database authenticatable
+        # or the whole authenticate stack by customize `find_for_authentication.` 
+        #
+        # Overwrite to add customized conditions, create a join, or maybe use a
+        # namedscope to filter records while authenticating.
+        # Example:
+        #
+        #   def self.find_for_authentication(conditions={})
+        #     conditions[:active] = true
+        #     super
+        #   end
+        #
+        # Finally, notice that Devise also queries for users in other scenarios
+        # besides authentication, for example when retrieving an user to send
+        # an e-mail for password reset. In such cases, find_for_authentication
+        # is not called.
+        def find_for_authentication(conditions)
+          find_first_by_auth_conditions(conditions)
+        end
+
+        def find_first_by_auth_conditions(conditions)
+          to_adapter.find_first devise_param_filter.filter(conditions)
+        end
+
+        # Find an initialize a record setting an error if it can't be found.
+        def find_or_initialize_with_error_by(attribute, value, error=:invalid) #:nodoc:
+          find_or_initialize_with_errors([attribute], { attribute => value }, error)
+        end
+
+        # Find an initialize a group of attributes based on a list of required attributes.
+        def find_or_initialize_with_errors(required_attributes, attributes, error=:invalid) #:nodoc:
+          attributes = attributes.slice(*required_attributes)
+          attributes.delete_if { |key, value| value.blank? }
+
+          if attributes.size == required_attributes.size
+            record = find_first_by_auth_conditions(attributes)
+          end
+
+          unless record
+            record = new
+
+            required_attributes.each do |key|
+              value = attributes[key]
+              record.send("#{key}=", value)
+              record.errors.add(key, value.present? ? error : :blank)
+            end
+          end
+
+          record
+        end
+
+        protected
+
+        def devise_param_filter
+          @devise_param_filter ||= Devise::ParamFilter.new(case_insensitive_keys, strip_whitespace_keys)
+        end
+
+        # Generate a token by looping and ensuring does not already exist.
+        def generate_token(column)
+          loop do
+            token = Devise.friendly_token
+            break token unless to_adapter.find_first({ column => token })
+          end
+        end
+      end
+    end
+  end
+end