alchemy-devise 1.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 2f664a74c83a46d4bdf13818b908920cf7c2cce4
+  data.tar.gz: f8ac7952a6e5b557e3e0eb3b347e7e6034bad0d5
+SHA512:
+  metadata.gz: f471962c57a4a487a68a64c51aa34c69c12e36c15a04ff524688cdc029da868ed346f2e4253b8d386e2a556a01a03fb06929a1980dad252746afe1815118d0a3
+  data.tar.gz: 0171f59a9621bc95d5bf746527f5d2e541aac892cfd9bc95f061d6c218c9e45b7ed99b8bad3cc9b7c112807491bc122558d910680e59474d652c3ae7d3ac852c

data/Rakefile

@@ -0,0 +1,39 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'AlchemyDevise'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+  rdoc.rdoc_files.include('app/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+require 'rspec/core'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => ['alchemy:spec:prepare', :spec]
+
+Bundler::GemHelper.install_tasks
+
+namespace :alchemy do
+  namespace :spec do
+
+    desc "Prepares database for testing Alchemy"
+    task :prepare do
+      system 'cd spec/dummy && RAILS_ENV=test bundle exec rake db:drop db:create db:migrate:reset alchemy:db:seed && cd -'
+    end
+
+  end
+end

data/app/assets/stylesheets/alchemy/custom.scss

@@ -0,0 +1,2 @@
+@import 'alchemy/users';
+@import 'alchemy/login';

data/app/assets/stylesheets/alchemy/login.scss

@@ -0,0 +1,55 @@
+div#alchemy_greeting {
+  width: 370px;
+  margin-right: auto;
+  margin-left: auto;
+  padding: 2*$default-padding;
+  margin-top: -4em;
+  text-align: center;
+
+  p {
+    margin-top: 1em;
+    margin-bottom: 1em;
+  }
+
+  h1 {
+    margin-top: 1em;
+    margin-bottom: 0;
+    font-size: 1.2em;
+  }
+}
+
+div.login_signup_box {
+  width: 390px;
+  padding: 4*$default-padding;
+  border: $default-border;
+  background-color: $medium-gray;
+  @extend .rounded-border;
+  margin: 2em auto;
+
+  input[type="text"], input.thin_border { width: 250px }
+}
+
+html.no-js {
+  div.login_signup_box, div#alchemy_greeting h1 {
+    display: none;
+  }
+}
+
+#login_box {
+  height: 310px;
+  width: 394px;
+  margin-top: -200px;
+  margin-left: -197px;
+  position: absolute;
+  top: 50%;
+  left: 50%;
+}
+
+#login table tbody tr td.label {
+  width: 155px;
+  text-align: right;
+}
+
+form#login.new_user_session {
+  text-align: right;
+}

data/app/assets/stylesheets/alchemy/users.scss

@@ -0,0 +1,44 @@
+td#user_roles {
+  padding: 9px 0;
+
+  label {
+    @include inline-block;
+    white-space: nowrap;
+    min-width: 40%;
+  }
+}
+
+.icon {
+
+  &.user {
+    background-position: 0 -104px;
+
+    &.female {
+      background-position: -128px -104px;
+    }
+  }
+
+  &.user_add {
+    background-position: -96px -104px;
+  }
+
+  &.user_delete {
+    background-position: -32px -104px;
+
+    &.female {
+      background-position: -160px -104px;
+    }
+  }
+
+  &.user_edit {
+    background-position: -64px -104px;
+
+    &.female {
+      background-position: -192px -104px;
+    }
+  }
+}
+
+span.module.users {
+  background-position: -80px 0;
+}

data/app/controllers/alchemy/admin/users_controller.rb

@@ -0,0 +1,81 @@
+module Alchemy
+  module Admin
+    class UsersController < ResourcesController
+
+      filter_access_to [:edit, :update, :destroy], :attribute_check => true, :load_method => :load_user, :model => Alchemy::User
+      filter_access_to [:index, :new, :create], :attribute_check => false
+
+      before_filter :set_roles_and_genders, :except => [:index, :destroy]
+
+      handles_sortable_columns do |c|
+        c.default_sort_value = :login
+      end
+
+      def index
+        if !params[:query].blank?
+          users = User.where([
+           "login LIKE ? OR email LIKE ? OR firstname LIKE ? OR lastname LIKE ?",
+           "%#{params[:query]}%",
+           "%#{params[:query]}%",
+           "%#{params[:query]}%",
+           "%#{params[:query]}%"
+         ])
+        else
+          users = User.scoped
+        end
+        @users = users.page(params[:page] || 1).per(per_page_value_for_screen_size).order(sort_order)
+      end
+
+      def create
+        @user = User.create(params[:user])
+        render_errors_or_redirect(
+          @user,
+          admin_users_path,
+          _t("User created", :name => @user.name)
+        )
+      end
+
+      def update
+        # User is fetched via before filter
+        params[:user].delete(:alchemy_roles) unless permitted_to?(:update_roles)
+        if params[:user][:password].present?
+          @user.update_attributes(params[:user])
+        else
+          @user.update_without_password(params[:user])
+        end
+        render_errors_or_redirect(
+          @user,
+          admin_users_path,
+          _t("User updated", :name => @user.name)
+        )
+      end
+
+      def destroy
+        # User is fetched via before filter
+        name = @user.name
+        if @user.destroy
+          flash[:notice] = _t("User deleted", :name => name)
+        end
+        respond_to do |format|
+          format.html { redirect_to admin_users_path }
+          format.js do
+            @redirect_url = admin_users_path
+            render action: 'redirect'
+          end
+        end
+      end
+
+      private
+
+      def load_user
+        @user = User.find(params[:id])
+      end
+
+      def set_roles_and_genders
+        @user_roles = User::ROLES.map { |role| [User.human_rolename(role), role] }
+        @user_genders = User.genders_for_select
+      end
+
+    end
+  end
+end

data/app/controllers/alchemy/base_controller_extension.rb

@@ -0,0 +1,12 @@
+Alchemy::BaseController.class_eval do
+  before_filter :store_user_request_time
+
+  private
+
+  # Stores the users request time.
+  def store_user_request_time
+    if alchemy_user_signed_in?
+      current_alchemy_user.store_request_time!
+    end
+  end
+end

data/app/controllers/alchemy/passwords_controller.rb

@@ -0,0 +1,31 @@
+module Alchemy
+  class PasswordsController < ::Devise::PasswordsController
+    include Ferret::Search
+    helper 'Alchemy::Admin::Base', 'Alchemy::Pages'
+
+    before_filter { enforce_ssl if ssl_required? && !request.ssl? }
+    before_filter :set_translation
+
+    layout 'alchemy/login'
+
+    private
+
+    # Override for Devise method
+    def new_session_path(resource_name)
+      alchemy.login_path
+    end
+
+    def edit_password_url(resource, options={})
+      alchemy.edit_password_url(options)
+    end
+
+    def after_sign_in_path_for(resource_or_scope)
+      if permitted_to?(:index, :alchemy_admin_dashboard)
+        alchemy.admin_dashboard_path
+      else
+        alchemy.root_path
+      end
+    end
+
+  end
+end

data/app/controllers/alchemy/user_sessions_controller.rb

@@ -0,0 +1,68 @@
+module Alchemy
+  class UserSessionsController < ::Devise::SessionsController
+    # Necessary because this controller is also used for general login.
+    include Ferret::Search
+    helper 'Alchemy::Admin::Base', 'Alchemy::Pages'
+
+    before_filter(except: 'destroy') { enforce_ssl if ssl_required? && !request.ssl? }
+    before_filter :set_translation
+    before_filter :check_user_count, :only => :new
+
+    layout 'alchemy/login'
+
+    def new
+      super
+    end
+
+    def create
+      authenticate_user!
+      if alchemy_user_signed_in?
+        store_screen_size
+        if session[:redirect_path].blank?
+          redirect_path = admin_dashboard_path
+        else
+          # We have to strip double slashes from beginning of path, because of strange rails/rack bug.
+          redirect_path = session[:redirect_path].gsub(/^\/{2,}/, '/')
+        end
+        redirect_to redirect_path, :notice => t(:signed_in, :scope => 'devise.sessions')
+      else
+        super
+      end
+    end
+
+    def leave
+      render layout: !request.xhr?
+    end
+
+    def destroy
+      current_alchemy_user.try(:unlock_pages!)
+      cookies.clear
+      session.clear
+      super
+    end
+
+    private
+
+    def check_user_count
+      if User.count == 0
+        redirect_to signup_path
+      else
+        return true
+      end
+    end
+
+    def store_screen_size
+      session[:screen_size] = params[:user_screensize]
+    end
+
+    # Ovewriting the default of Devise
+    def after_sign_out_path_for(resource_or_scope)
+      if request.referer.blank? || request.referer.to_s =~ /admin/
+        root_path
+      else
+        request.referer
+      end
+    end
+
+  end
+end

data/app/controllers/alchemy/users_controller.rb

@@ -0,0 +1,46 @@
+module Alchemy
+  class UsersController < BaseController
+
+    before_filter { enforce_ssl if ssl_required? && !request.ssl? }
+    before_filter :set_translation
+    before_filter :check_user_count
+    before_filter :load_genders
+
+    layout 'alchemy/admin'
+
+    helper 'Alchemy::Admin::Base'
+
+    def new
+      @signup = true
+      @user = User.new(:alchemy_roles => 'admin')
+    end
+
+    def create
+      @user = User.new(params[:user])
+      if @user.save
+        flash[:notice] = _t('Successfully signup admin user')
+        sign_in :user, @user
+        redirect_to admin_dashboard_path
+      else
+        @signup = true
+        render :new
+      end
+    rescue Errno::ECONNREFUSED => e
+      flash[:error] = _t(:signup_mail_delivery_error)
+      redirect_to admin_dashboard_path
+    end
+
+    private
+
+    def load_genders
+      @user_genders = User.genders_for_select
+    end
+
+    def check_user_count
+      if User.count > 0
+        redirect_to admin_dashboard_path
+      end
+    end
+
+  end
+end

data/app/mailers/alchemy/notifications.rb

@@ -0,0 +1,33 @@
+module Alchemy
+  class Notifications < ActionMailer::Base
+
+    default(from: Config.get(:mailer)['mail_from'])
+
+    def registered_user_created(user)
+      @user = user
+      @url = login_url
+      mail(
+        to: user.email,
+        subject: I18n.t("Your user credentials")
+      )
+    end
+
+    def alchemy_user_created(user)
+      @user = user
+      @url = admin_url
+      mail(
+        to: user.email,
+        subject: I18n.t("Your Alchemy Login")
+      )
+    end
+
+    def reset_password_instructions(user, opts={})
+      @user = user
+      mail(
+        to: user.email,
+        subject: I18n.t("Reset password instructions")
+      )
+    end
+
+  end
+end

data/app/models/alchemy/user.rb

@@ -0,0 +1,178 @@
+require 'userstamp'
+require 'acts-as-taggable-on'
+
+module Alchemy
+  class User < ActiveRecord::Base
+
+    DEVISE_MODULES = [
+      :database_authenticatable,
+      :trackable,
+      :validatable,
+      :timeoutable,
+      :recoverable
+    ]
+    # If the app uses an old encryption it uses the devise-encryptable gem
+    # therefore we have to load the devise module
+    if (::Devise::Models::Encryptable rescue false)
+      DEVISE_MODULES.push(:encryptable)
+    end
+    devise *DEVISE_MODULES
+
+    acts_as_taggable
+    acts_as_tagger
+
+    attr_accessible(
+      :alchemy_roles,
+      :firstname,
+      :lastname,
+      :login,
+      :email,
+      :gender,
+      :language,
+      :password,
+      :password_confirmation,
+      :send_credentials,
+      :tag_list
+    )
+
+    attr_accessor :send_credentials
+
+    has_many :folded_pages
+
+    validates_uniqueness_of :login
+    validates_presence_of :alchemy_roles
+
+    # Unlock all locked pages before destroy.
+    before_destroy :unlock_pages!
+
+    after_save :deliver_welcome_mail, if: -> { send_credentials == '1' }
+
+    scope :admins,     -> { where(arel_table[:alchemy_roles].matches('%admin%')) }
+    scope :logged_in,  -> { where('last_request_at > ?', logged_in_timeout.seconds.ago) }
+    scope :logged_out, -> { where('last_request_at is NULL or last_request_at <= ?', logged_in_timeout.seconds.ago) }
+
+    ROLES = Config.get(:user_roles)
+
+    class << self
+      def human_rolename(role)
+        I18n.t("user_roles.#{role}")
+      end
+
+      def genders_for_select
+        [
+          [I18n.t('male'), 'male'],
+          [I18n.t('female'), 'female']
+        ]
+      end
+
+      def logged_in_timeout
+        Config.get(:auto_logout_time).minutes.to_i
+      end
+    end
+
+    def role_symbols
+      alchemy_roles.map(&:to_sym)
+    end
+
+    def role
+      alchemy_roles.first
+    end
+
+    def alchemy_roles
+      read_attribute(:alchemy_roles).split(' ')
+    end
+
+    def alchemy_roles=(roles_string)
+      if roles_string.is_a? Array
+        write_attribute(:alchemy_roles, roles_string.join(' '))
+      elsif roles_string.is_a? String
+        write_attribute(:alchemy_roles, roles_string)
+      end
+    end
+
+    def add_role(role)
+      self.alchemy_roles = self.alchemy_roles.push(role.to_s).uniq
+    end
+
+    # Returns true if the user ahs admin role
+    def is_admin?
+      has_role? 'admin'
+    end
+    alias_method :admin?, :is_admin?
+
+    # Returns true if the user has the given role.
+    def has_role?(role)
+      alchemy_roles.include? role.to_s
+    end
+
+    # Calls unlock on all locked pages
+    def unlock_pages!
+      pages_locked_by_me.map(&:unlock!)
+    end
+
+    # Returns all pages locked by user.
+    #
+    # A page gets locked, if the user requests to edit the page.
+    #
+    def pages_locked_by_me
+      Page.where(:locked => true).where(:locked_by => self.id).order(:updated_at)
+    end
+    alias_method :locked_pages, :pages_locked_by_me
+
+    # Returns the firstname and lastname as a string
+    #
+    # If both are blank, returns the login
+    #
+    # @option options :flipped (false)
+    #   Flip the firstname and lastname
+    #
+    def fullname(options = {})
+      if lastname.blank? && firstname.blank?
+        login
+      else
+        options = {:flipped => false}.merge(options)
+        fullname = options[:flipped] ? "#{lastname}, #{firstname}" : "#{firstname} #{lastname}"
+        fullname.squeeze(" ").strip
+      end
+    end
+    alias_method :name, :fullname
+
+    # Returns true if the last request not longer ago then the logged_in_time_out
+    def logged_in?
+      raise "Can not determine the records login state because there is no last_request_at column" if !respond_to?(:last_request_at)
+      !last_request_at.nil? && last_request_at > logged_in_timeout.seconds.ago
+    end
+
+    # Opposite of logged_in?
+    def logged_out?
+      !logged_in?
+    end
+
+    def human_roles_string
+      alchemy_roles.map do |role|
+        self.class.human_rolename(role)
+      end.to_sentence
+    end
+
+    def store_request_time!
+      update_column(:last_request_at, Time.now)
+    end
+
+    private
+
+    def logged_in_timeout
+      self.class.logged_in_timeout
+    end
+
+    # Delivers a welcome mail depending from user's role.
+    #
+    def deliver_welcome_mail
+      if has_role?('author') || has_role?('editor') || has_role?('admin')
+        Notifications.alchemy_user_created(self).deliver
+      else
+        Notifications.registered_user_created(self).deliver
+      end
+    end
+
+  end
+end