alchemy-devise 1.1.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2f664a74c83a46d4bdf13818b908920cf7c2cce4
-  data.tar.gz: f8ac7952a6e5b557e3e0eb3b347e7e6034bad0d5
+  metadata.gz: 3886a8e19ee775f3fb20d7bf77175b073bb718a0
+  data.tar.gz: 1c535e7e01e5b41f09391e571135235827652071
 SHA512:
-  metadata.gz: f471962c57a4a487a68a64c51aa34c69c12e36c15a04ff524688cdc029da868ed346f2e4253b8d386e2a556a01a03fb06929a1980dad252746afe1815118d0a3
-  data.tar.gz: 0171f59a9621bc95d5bf746527f5d2e541aac892cfd9bc95f061d6c218c9e45b7ed99b8bad3cc9b7c112807491bc122558d910680e59474d652c3ae7d3ac852c
+  metadata.gz: 502f382ed855aadf4643e05b2ea60b66ea8499b9c462806e09e784fea63d60b19d871a8476bd1df0a030972954229cff808c6c75c8685198c01471c2169ba3ca
+  data.tar.gz: d4b8b2c782f6105f5f979e0aa3556be86c139697efbcd5026a927ce9721ac21934d53df55a419a9c4c7577d49a5b8f833609e7234fa5a916bb24f4aa6388b4b6

data/app/assets/stylesheets/alchemy/login.scss

@@ -1,35 +1,28 @@
 div#alchemy_greeting {
-  width: 370px;
-  margin-right: auto;
-  margin-left: auto;
-  padding: 2*$default-padding;
-  margin-top: -4em;
-  text-align: center;
-
-  p {
-    margin-top: 1em;
-    margin-bottom: 1em;
-  }
+  width: 424px;
+  margin: -4em auto 0 auto;
 
-  h1 {
-    margin-top: 1em;
-    margin-bottom: 0;
-    font-size: 1.2em;
+  img {
+    margin-left: 158px;
   }
 }
 
+#logo {
+  width: 240px;
+  height: 70px;
+}
+
 div.login_signup_box {
   width: 390px;
   padding: 4*$default-padding;
   border: $default-border;
   background-color: $medium-gray;
-  @extend .rounded-border;
+  @extend %rounded-border;
   margin: 2em auto;
-
-  input[type="text"], input.thin_border { width: 250px }
 }
 
 html.no-js {
+
   div.login_signup_box, div#alchemy_greeting h1 {
     display: none;
   }

data/app/assets/stylesheets/alchemy/users.scss

@@ -1,10 +1,8 @@
-td#user_roles {
-  padding: 9px 0;
+form {
 
-  label {
-    @include inline-block;
-    white-space: nowrap;
-    min-width: 40%;
+  &.user_roles .checkbox {
+    display: inline-block;
+    width: 50%;
   }
 }
 

data/app/controllers/alchemy/admin/users_controller.rb

@@ -2,18 +2,21 @@ module Alchemy
   module Admin
     class UsersController < ResourcesController
 
-      filter_access_to [:edit, :update, :destroy], :attribute_check => true, :load_method => :load_user, :model => Alchemy::User
-      filter_access_to [:index, :new, :create], :attribute_check => false
+      before_action :set_roles_and_genders, except: [:index, :destroy]
 
-      before_filter :set_roles_and_genders, :except => [:index, :destroy]
+      load_and_authorize_resource class: Alchemy::User,
+        only: [:edit, :update, :destroy]
+
+      authorize_resource class: Alchemy::User,
+        only: [:index, :new, :create]
 
       handles_sortable_columns do |c|
         c.default_sort_value = :login
       end
 
       def index
-        if !params[:query].blank?
-          users = User.where([
+        if params[:query].present?
+          @users = User.where([
            "login LIKE ? OR email LIKE ? OR firstname LIKE ? OR lastname LIKE ?",
            "%#{params[:query]}%",
            "%#{params[:query]}%",
@@ -21,13 +24,17 @@ module Alchemy
            "%#{params[:query]}%"
          ])
         else
-          users = User.scoped
+          @users = User.all
         end
-        @users = users.page(params[:page] || 1).per(per_page_value_for_screen_size).order(sort_order)
+        @users = @users.page(params[:page] || 1).per(per_page_value_for_screen_size).order(sort_order)
+      end
+
+      def new
+        @user = User.new(send_credentials: true)
       end
 
       def create
-        @user = User.create(params[:user])
+        @user = User.create(user_params)
         render_errors_or_redirect(
           @user,
           admin_users_path,
@@ -37,11 +44,10 @@ module Alchemy
 
       def update
         # User is fetched via before filter
-        params[:user].delete(:alchemy_roles) unless permitted_to?(:update_roles)
         if params[:user][:password].present?
-          @user.update_attributes(params[:user])
+          @user.update_attributes(user_params)
         else
-          @user.update_without_password(params[:user])
+          @user.update_without_password(user_params)
         end
         render_errors_or_redirect(
           @user,
@@ -54,28 +60,30 @@ module Alchemy
         # User is fetched via before filter
         name = @user.name
         if @user.destroy
-          flash[:notice] = _t("User deleted", :name => name)
-        end
-        respond_to do |format|
-          format.html { redirect_to admin_users_path }
-          format.js do
-            @redirect_url = admin_users_path
-            render action: 'redirect'
-          end
+          flash[:notice] = _t("User deleted", name: name)
         end
+        do_redirect_to admin_users_path
       end
 
       private
 
-      def load_user
-        @user = User.find(params[:id])
-      end
-
       def set_roles_and_genders
         @user_roles = User::ROLES.map { |role| [User.human_rolename(role), role] }
         @user_genders = User.genders_for_select
       end
 
+      def user_params
+        params.require(:user).permit(*secure_attributes)
+      end
+
+      def secure_attributes
+        if can?(:update_role, Alchemy::User)
+          User::PERMITTED_ATTRIBUTES + [{alchemy_roles: []}]
+        else
+          User::PERMITTED_ATTRIBUTES
+        end
+      end
+
     end
   end
 end

data/app/controllers/alchemy/base_controller_extension.rb

@@ -1,5 +1,5 @@
 Alchemy::BaseController.class_eval do
-  before_filter :store_user_request_time
+  before_action :store_user_request_time
 
   private
 

data/app/controllers/alchemy/passwords_controller.rb

@@ -1,10 +1,10 @@
 module Alchemy
   class PasswordsController < ::Devise::PasswordsController
-    include Ferret::Search
-    helper 'Alchemy::Admin::Base', 'Alchemy::Pages'
+    include Locale
+
+    before_action { enforce_ssl if ssl_required? && !request.ssl? }
 
-    before_filter { enforce_ssl if ssl_required? && !request.ssl? }
-    before_filter :set_translation
+    helper 'Alchemy::Admin::Base', 'Alchemy::Pages'
 
     layout 'alchemy/login'
 
@@ -19,8 +19,8 @@ module Alchemy
       alchemy.edit_password_url(options)
     end
 
-    def after_sign_in_path_for(resource_or_scope)
-      if permitted_to?(:index, :alchemy_admin_dashboard)
+    def after_resetting_password_path_for(resource)
+      if can? :index, :alchemy_admin_dashboard
         alchemy.admin_dashboard_path
       else
         alchemy.root_path

data/app/controllers/alchemy/user_sessions_controller.rb

@@ -1,12 +1,11 @@
 module Alchemy
   class UserSessionsController < ::Devise::SessionsController
-    # Necessary because this controller is also used for general login.
-    include Ferret::Search
-    helper 'Alchemy::Admin::Base', 'Alchemy::Pages'
+    include Locale
+
+    before_action(except: 'destroy') { enforce_ssl if ssl_required? && !request.ssl? }
+    before_action :check_user_count, :only => :new
 
-    before_filter(except: 'destroy') { enforce_ssl if ssl_required? && !request.ssl? }
-    before_filter :set_translation
-    before_filter :check_user_count, :only => :new
+    helper 'Alchemy::Admin::Base', 'Alchemy::Pages'
 
     layout 'alchemy/login'
 
@@ -16,13 +15,13 @@ module Alchemy
 
     def create
       authenticate_user!
-      if alchemy_user_signed_in?
+      if user_signed_in?
         store_screen_size
         if session[:redirect_path].blank?
           redirect_path = admin_dashboard_path
         else
           # We have to strip double slashes from beginning of path, because of strange rails/rack bug.
-          redirect_path = session[:redirect_path].gsub(/^\/{2,}/, '/')
+          redirect_path = session[:redirect_path].gsub(/\A\/{2,}/, '/')
         end
         redirect_to redirect_path, :notice => t(:signed_in, :scope => 'devise.sessions')
       else
@@ -30,10 +29,6 @@ module Alchemy
       end
     end
 
-    def leave
-      render layout: !request.xhr?
-    end
-
     def destroy
       current_alchemy_user.try(:unlock_pages!)
       cookies.clear
@@ -46,8 +41,6 @@ module Alchemy
     def check_user_count
       if User.count == 0
         redirect_to signup_path
-      else
-        return true
       end
     end
 
@@ -55,7 +48,7 @@ module Alchemy
       session[:screen_size] = params[:user_screensize]
     end
 
-    # Ovewriting the default of Devise
+    # Overwriting the default of Devise
     def after_sign_out_path_for(resource_or_scope)
       if request.referer.blank? || request.referer.to_s =~ /admin/
         root_path

data/app/controllers/alchemy/users_controller.rb

@@ -1,33 +1,34 @@
 module Alchemy
   class UsersController < BaseController
+    include Locale
 
-    before_filter { enforce_ssl if ssl_required? && !request.ssl? }
-    before_filter :set_translation
-    before_filter :check_user_count
-    before_filter :load_genders
-
-    layout 'alchemy/admin'
+    before_action { enforce_ssl if ssl_required? && !request.ssl? }
+    before_action :check_user_count
+    before_action :load_genders
 
     helper 'Alchemy::Admin::Base'
 
+    layout 'alchemy/admin'
+
     def new
       @signup = true
-      @user = User.new(:alchemy_roles => 'admin')
+      @user = User.new(send_credentials: true)
     end
 
     def create
-      @user = User.new(params[:user])
+      @user = User.new(user_params)
+      @user.alchemy_roles = %w(admin)
       if @user.save
         flash[:notice] = _t('Successfully signup admin user')
         sign_in :user, @user
-        redirect_to admin_dashboard_path
+        redirect_to admin_pages_path
       else
         @signup = true
         render :new
       end
     rescue Errno::ECONNREFUSED => e
       flash[:error] = _t(:signup_mail_delivery_error)
-      redirect_to admin_dashboard_path
+      redirect_to admin_pages_path
     end
 
     private
@@ -42,5 +43,13 @@ module Alchemy
       end
     end
 
+    def user_params
+      params.require(:user).permit(*secure_attributes)
+    end
+
+    def secure_attributes
+      User::PERMITTED_ATTRIBUTES
+    end
+
   end
 end

data/app/mailers/alchemy/notifications.rb

@@ -3,7 +3,7 @@ module Alchemy
 
     default(from: Config.get(:mailer)['mail_from'])
 
-    def registered_user_created(user)
+    def member_created(user)
       @user = user
       @url = login_url
       mail(

data/app/models/alchemy/user.rb

@@ -3,7 +3,18 @@ require 'acts-as-taggable-on'
 
 module Alchemy
   class User < ActiveRecord::Base
-
+    PERMITTED_ATTRIBUTES = [
+      :firstname,
+      :lastname,
+      :login,
+      :email,
+      :gender,
+      :language,
+      :password,
+      :password_confirmation,
+      :send_credentials,
+      :tag_list
+    ]
     DEVISE_MODULES = [
       :database_authenticatable,
       :trackable,
@@ -21,20 +32,6 @@ module Alchemy
     acts_as_taggable
     acts_as_tagger
 
-    attr_accessible(
-      :alchemy_roles,
-      :firstname,
-      :lastname,
-      :login,
-      :email,
-      :gender,
-      :language,
-      :password,
-      :password_confirmation,
-      :send_credentials,
-      :tag_list
-    )
-
     attr_accessor :send_credentials
 
     has_many :folded_pages
@@ -136,6 +133,7 @@ module Alchemy
       end
     end
     alias_method :name, :fullname
+    alias_method :alchemy_display_name, :fullname
 
     # Returns true if the last request not longer ago then the logged_in_time_out
     def logged_in?
@@ -170,7 +168,7 @@ module Alchemy
       if has_role?('author') || has_role?('editor') || has_role?('admin')
         Notifications.alchemy_user_created(self).deliver
       else
-        Notifications.registered_user_created(self).deliver
+        Notifications.member_created(self).deliver
       end
     end
 

data/app/views/alchemy/admin/users/_fields.html.erb

@@ -0,0 +1,25 @@
+<%= f.input :gender,
+  collection: @user_genders,
+  prompt: _t('Please choose'),
+  input_html: {class: 'alchemy_selectbox'} %>
+<%= f.input :firstname %>
+<%= f.input :lastname %>
+<%= f.input :login, autofocus: true %>
+<%= f.input :email %>
+<%= f.input :language, collection: translations_for_select, include_blank: false, input_html: {class: 'alchemy_selectbox'} %>
+<%= f.input :password %>
+<%= f.input :password_confirmation %>
+<% if can? :update_role, @user %>
+  <%= f.input :alchemy_roles,
+    collection: Alchemy::User::ROLES.map { |role| [Alchemy::User.human_rolename(role), role] },
+    input_html: {multiple: true, class: 'alchemy_selectbox'},
+    as: 'select' %>
+<% end %>
+<% unless @signup %>
+  <div class="input tag_list">
+    <%= f.label :tag_list %>
+    <%= render 'alchemy/admin/partials/autocomplete_tag_list', f: f, object: @user %>
+  </div>
+<% end %>
+<%= f.input :send_credentials, as: 'boolean' %>
+<%= f.submit _t(:save) %>

data/app/views/alchemy/admin/users/_user.html.erb

@@ -1,5 +1,5 @@
 <tr class="<%= cycle('even', 'odd') %>">
-  <td class="icon"><%= content_tag 'span', '', :class => "icon user#{user.gender == 'female' ? ' female' : ' male'}" %></td>
+  <td class="icon"><%= content_tag 'span', '', class: "icon user#{user.gender == 'female' ? ' female' : ' male'}" %></td>
   <td>
     <%= render_icon(user.logged_in? ? 'online' : 'offline') %>
   </td>
@@ -8,32 +8,27 @@
   <td><%= user.lastname %></td>
   <td class="email"><%= user.email %></td>
   <td><%= _t(user.language, scope: 'translations', default: _t(:unknown)) %></td>
-  <td><%= user.last_sign_in_at.present? ? l(user.last_sign_in_at, :format => :default) : _t(:unknown) %></td>
+  <td><%= user.last_sign_in_at.present? ? l(user.last_sign_in_at, format: :default) : _t(:unknown) %></td>
   <td class="role"><%= user.human_roles_string %></td>
   <td class="tools">
-    <% permitted_to?(:destroy, :alchemy_admin_users) do %>
-    <%= link_to_confirmation_window(
-      '',
-      _t(:confirm_to_delete_user),
-      alchemy.admin_user_path(user),
-      :title => _t(:delete_user),
-      :class => "icon user_delete#{user.gender == 'female' ? ' female' : ' male'}"
-    ) %>
-    <% end %>
-    <% permitted_to?(:edit, :alchemy_admin_users) do %>
-    <%= link_to_overlay_window(
-      '',
-      alchemy.edit_admin_user_path(user),
-      {
-        :title => _t(:edit_user),
-        :overflow => true,
-        :size => '420x580'
-      },
-      {
-        :class => "icon user_edit#{user.gender == 'female' ? ' female' : ' male'}",
-        :title => _t(:edit_user)
+  <% if can?(:destroy, user) %>
+    <%= delete_button alchemy.admin_user_path(user), {
+      message: _t(:confirm_to_delete_user),
+      title: _t(:delete_user),
+      icon: "user_delete#{user.gender == 'female' ? ' female' : ' male'}"
+    } %>
+  <% end %>
+  <% if can?(:edit, user) %>
+    <%= link_to_dialog '',
+      alchemy.edit_admin_user_path(user), {
+        title: _t(:edit_user),
+        overflow: true,
+        size: '430x560'
+      }, {
+        class: "icon user_edit#{user.gender == 'female' ? ' female' : ' male'}",
+        title: _t(:edit_user)
       }
-    ) %>
-    <% end %>
+    %>
+  <% end %>
   </td>
 </tr>

data/app/views/alchemy/admin/users/edit.html.erb

@@ -1,6 +1,3 @@
-<div id="user_edit">
-  <%= form_for [:admin, @user], :remote => true do |f| %>
-    <div id="errors"></div>
-    <%= render :partial => 'table', :locals => {:f => f} %>
-  <% end %>
-</div>
+<%= alchemy_form_for [:admin, @user] do |f| %>
+  <%= render 'fields', f: f %>
+<% end %>

data/app/views/alchemy/admin/users/index.html.erb

@@ -5,12 +5,12 @@
       label: _t(:create_user),
       url: alchemy.new_admin_user_path,
       title: _t(:create_user),
-      hotkey: 'alt-n',
-      overlay_options: {
+      hotkey: 'alt+n',
+      dialog_options: {
         title: _t(:create_user),
-        size: "420x580"
+        size: "430x560"
       },
-      if_permitted_to: [:new, :alchemy_admin_users]
+      if_permitted_to: [:create, Alchemy::User]
     }
   ]
 ) %>
@@ -39,13 +39,13 @@
       <th>
         <%= sortable_column(Alchemy::User.human_attribute_name('last_sign_in_at'), column: :last_sign_in_at) %>
       </th>
-      <th class="role"><%= Alchemy::User.human_attribute_name('alchemy_roles') %></th>
+      <th class="role"><%= Alchemy::User.human_attribute_name('roles') %></th>
       <th class="tools"></th>
     </tr>
     <%= render partial: 'alchemy/admin/users/user', collection: @users %>
   </table>
 
-  <%= paginate @users %>
+  <%= paginate @users, theme: 'alchemy' %>
 
 <% elsif params[:query] %>
 

data/app/views/alchemy/admin/users/new.html.erb

@@ -1,6 +1,3 @@
-<div id="user_edit">
-  <%= form_for [:admin, @user], :remote => true do |f| %>
-    <div id="errors"></div>
-    <%= render :partial => 'table', :locals => {:f => f} %>
-  <% end %>
-</div>
+<%= alchemy_form_for [:admin, @user] do |f| %>
+  <%= render 'fields', f: f %>
+<% end %>

data/app/views/alchemy/passwords/edit.html.erb

@@ -1,35 +1,23 @@
 <div id="login_box">
   <div id="alchemy_greeting">
-    <%= image_tag("alchemy/alchemy-logo.png", :style => "width: 240px; height: 70px") %>
+    <%= image_tag("alchemy/alchemy-logo.svg", style: "width: 240px; height: 70px") %>
   </div>
   <div class="login_signup_box">
-    <% if @user.errors.blank? %>
+  <% if @user.errors.blank? %>
     <%= render_message do %>
       <h1><%= _t 'Password reset' %></h1>
       <p><%= _t 'Please enter a new password' %></p>
     <% end %>
-    <% else %>
+  <% else %>
     <div id="errors" style="display: block">
       <%= devise_error_messages! %>
     </div>
-    <% end %>
-    <%= form_for(:user, :url => password_path, :html => { :method => :put }) do |f| %>
-      <table>
-        <tr>
-          <td class="label"><%= f.label :password, _t("New password") %></td>
-          <td class="input"><%= f.password_field :password, :autofocus => true %></td>
-        </tr>
-        <tr>
-          <td class="label"><%= f.label :password_confirmation, _t("Confirm new password") %></td>
-          <td class="input"><%= f.password_field :password_confirmation %></td>
-        </tr>
-        <tr>
-          <td colspan="2" class="submit">
-            <%= f.hidden_field :reset_password_token %>
-            <%= f.button _t("Change password") %>
-          </td>
-        </tr>
-      </table>
+  <% end %>
+    <%= alchemy_form_for resource, as: resource_name, url: update_password_path, method: 'patch' do |f| %>
+      <%= f.hidden_field :reset_password_token %>
+      <%= f.input :password, autofocus: true, label: _t("New password") %>
+      <%= f.input :password_confirmation, label: _t("Confirm new password") %>
+      <%= f.submit _t("Change password") %>
     <% end %>
   </div>
 </div>

data/app/views/alchemy/passwords/new.html.erb

@@ -1,30 +1,21 @@
 <div id="login_box">
   <div id="alchemy_greeting">
-    <%= image_tag("alchemy/alchemy-logo.png", :style => "width: 240px; height: 70px") %>
+    <%= image_tag("alchemy/alchemy-logo.svg", style: "width: 240px; height: 70px") %>
   </div>
   <div class="login_signup_box">
-    <% if @user.errors.blank? %>
+  <% if @user.errors.blank? %>
     <%= render_message do %>
       <h1><%= _t 'Password reset' %></h1>
       <p><%= _t 'Please enter your email address' %></p>
     <% end %>
-    <% else %>
+  <% else %>
     <div id="errors" style="display: block">
       <%= devise_error_messages! %>
     </div>
-    <% end %>
-    <%= form_for(:user, :url => reset_password_path, :html => { :method => :post }) do |f| %>
-      <table>
-        <tr>
-          <td class="label"><%= f.label :email %></td>
-          <td class="input"><%= f.email_field :email, :autofocus => true %></td>
-        </tr>
-        <tr>
-          <td colspan="2" class="submit">
-            <%= f.button _t("Send reset instructions") %>
-          </td>
-        </tr>
-      </table>
+  <% end %>
+    <%= alchemy_form_for :user, url: reset_password_path, html: {method: 'post'} do |f| %>
+      <%= f.input :email, autofocus: true %>
+      <%= f.submit _t("Send reset instructions") %>
     <% end %>
   </div>
 </div>

data/app/views/alchemy/user_sessions/new.html.erb

@@ -1,37 +1,18 @@
 <div id="login_box">
   <div id="alchemy_greeting">
-    <%= image_tag("alchemy/alchemy-logo.png", :style => "width: 240px; height: 70px") %>
+    <%= image_tag 'alchemy/alchemy-logo.svg', id: 'logo' %>
   </div>
   <div class="login_signup_box">
-    <%= form_for :user, :url => {:action => :create}, :html => { :id => "login" } do |f| %>
-      <%= f.error_messages %>
-      <table>
-        <tr>
-          <td class="label">
-            <%= f.label :login %>
-          </td>
-          <td class="input">
-            <%= f.text_field :login, :class => 'thin_border', :autofocus => true %>
-          </td>
-        </tr>
-        <tr>
-          <td class="label">
-            <%= f.label :password %>
-          </td>
-          <td class="input">
-            <%= f.password_field :password, :class => 'thin_border' %>
-            <p class="foot_note">
-              <%= link_to _t('Forgot your password?'), new_password_path %>
-            </p>
-          </td>
-        </tr>
-        <tr>
-          <td colspan="2" class="submit">
-            <%= hidden_field_tag 'user_screensize' %>
-            <%= f.button _t(:login), :class => 'button', :name => nil %>
-          </td>
-        </tr>
-      </table>
+    <%= alchemy_form_for :user, url: {action: 'create'}, id: 'login' do |f| %>
+      <%= f.input :login, autofocus: true %>
+      <%= f.input :password %>
+      <p class="foot_note">
+        <%= link_to _t('Forgot your password?'), new_password_path %>
+      </p>
+      <div class="submit">
+        <%= hidden_field_tag 'user_screensize' %>
+        <button><%= _t(:login) %></button>
+      </div>
     <% end %>
   </div>
 </div>

data/app/views/alchemy/users/new.html.erb

@@ -1,14 +1,13 @@
 <div id="alchemy_greeting">
-  <%= image_tag("alchemy/alchemy-logo.png") %>
-  <h1><%= _t('Welcome to Alchemy') %></h1>
-  <p>
-    <%= _t("Please Signup") %>
-  </p>
+  <%= image_tag 'alchemy/alchemy-logo.svg', id: 'logo' %>
 </div>
 
 <div id="user_signup" class="login_signup_box">
-  <%= form_for @user, :url => alchemy.signup_path do |f| %>
-    <%= f.error_messages %>
-    <%= render :partial => 'alchemy/admin/users/table', :locals => {:f => f} %>
+  <%= render_message do %>
+    <h1><%= _t('Welcome to Alchemy') %></h1>
+    <p><%= _t("Please Signup") %></p>
+  <% end %>
+  <%= alchemy_form_for @user do |f| %>
+    <%= render 'alchemy/admin/users/fields', f: f %>
   <% end %>
 </div>

data/config/initializers/alchemy.rb

@@ -1,6 +1,9 @@
+require 'alchemy/devise/ability'
+
 Alchemy::Modules.register_module({
   name: 'users',
   engine_name: 'alchemy',
+  position: 4.1,
   navigation: {
     name: 'modules.users',
     controller: 'alchemy/admin/users',
@@ -17,3 +20,4 @@ Alchemy::Modules.register_module({
 Alchemy.user_class_name = 'Alchemy::User'
 Alchemy.login_path = '/admin/login'
 Alchemy.logout_path = '/admin/logout'
+Alchemy.register_ability Alchemy::Devise::Ability

data/config/locales/alchemy.nl.yml

@@ -0,0 +1,41 @@
+nl:
+  alchemy:
+    confirm_to_delete_user: "Wilt u deze gebruiker zeker verwijderen?"
+    create_user: "Nieuwe gebruiker aanmaken"
+    delete_user: "Deze gebruiker verwijderen"
+    edit_user: "Eigenschappen van de gebruiker aanpassen"
+    modules:
+      user_sessions: "Aanmelden"
+      users: "Gebruikers"
+    "No users found": "Geen gebruikers gevonden"
+
+  activerecord:
+    models:
+      alchemy/user:
+        one: Gebruiker
+        other: Gebruikers
+
+    attributes:
+      alchemy/user:
+        email: "Email"
+        firstname: "Voornaam"
+        gender: "Geslacht"
+        language: "Taal"
+        lastname: "Achternaam"
+        last_sign_in_at: "Laatst aangemeld op"
+        login: "Gebruikersnaam"
+        name: "Naam"
+        password: "Wachtwoord"
+        password_confirmation: "Bevestiging wachtwoord"
+        alchemy_roles: "Gebruikersrollen"
+        send_credentials: "Email met gegevens versturen"
+        tag_list: Tags
+
+    errors:
+      models:
+        alchemy/user:
+          attributes:
+            email:
+              invalid: "Is geen valide e-mailadres"
+            alchemy_roles:
+              blank: "Er moet tenminste één rol worden geselecteerd."

data/config/locales/devise.nl.yml

@@ -0,0 +1,58 @@
+
+nl:
+  devise:
+    confirmations:
+      confirmed: Je account is bevestigd.
+      send_instructions: Je ontvangt via e-mail instructies hoe je je account kan bevestigen.
+      send_paranoid_instructions: Als we je e-mail adres terugvinden in onze database, zal je binnen enkele ogenblikken een e-mail ontvangen met de instructies  hoe je je account kan bevestigen.
+    failure:
+      already_authenticated: Je bent reeds aangemeld.
+      inactive: Je account is nog niet geactiveerd.
+      invalid: Ongeldig e-mail of wachtwoord.
+      last_attempt: 
+      locked: Je account is vergrendeld.
+      not_found_in_database: Ongeldige email of wachtwoord.
+      timeout: Je sessie is verlopen, meld je opnieuw aan om door te gaan.
+      unauthenticated: Je dient je aan te melden of in te schrijven om door te gaan.
+      unconfirmed: Je dient eerst je account te bevestigen.
+    mailer:
+      confirmation_instructions:
+        subject: Bevestiging
+      reset_password_instructions:
+        subject: Wachtwoord resetten
+      unlock_instructions:
+        subject: Ontgrendelinstructies
+    omniauth_callbacks:
+      failure: We konden je niet aanmelden op je %{kind} omdat "%{reason}".
+      success: Je bent succesvol ingelogd op je %{kind} account.
+    passwords:
+      no_token: Deze pagina is alleen bereikbaar via een wachtwoord reset e-mail. Als je wel via een wachtwoord reset email komt, zorg er dan voor dat je de volledige URL gebruikt.
+      send_instructions: Je ontvangt via e-mail instructies hoe je je wachtwoord moet resetten.
+      send_paranoid_instructions: Als we je e-mail adres terugvinden in onze database, zal je binnen enkele ogenblikken via e-mail een link ontvangen om je paswoord te resetten.
+      updated: Je wachtwoord is gewijzigd. Je bent nu aangemeld.
+      updated_not_active: Je wachtwoord werd met succes gewijzigd.
+    registrations:
+      destroyed: Je account is verwijderd, wellicht tot ziens!
+      signed_up: Je bent inschreven.
+      signed_up_but_inactive: Je bent ingeschreven, maar we konden je niet inloggen omdat je account nog niet is geactiveerd.
+      signed_up_but_locked: Je bent ingeschreven, maar we konden je niet inloggen omdat je account is gelocked.
+      signed_up_but_unconfirmed: Een e-mail met een confirmatie link is naar je e-mail adres gestuurd. Open de link in je browser om je account te activeren.
+      update_needs_confirmation: Je account is geüpdatet, maar we moeten je e-mail adres nog valideren. Een e-mail met een confirmatie link is naar je e-mail adres gestuurd. Open de link in je browser om je e-mail adres te confirmeren.
+      updated: Je account gegevens zijn opgeslagen.
+    sessions:
+      signed_in: Je bent succesvol ingelogd.
+      signed_out: Je bent succesvol uitgelogd.
+    unlocks:
+      send_instructions: Je ontvangt via e-mail instructies hoe je je account kan unlocken.
+      send_paranoid_instructions: Als we je e-mail adres terugvinden in onze database, zal je binnen enkele ogenblikken via e-mail, de instructies ontvangen hoe je je account kan unlocken.
+      unlocked: Je account is ge-unlocked. Je kan nu weer inloggen.
+  errors:
+    messages:
+      already_confirmed: is reeds bevestigd
+      confirmation_period_expired: moet binnen %{period} worden bevestigd, a.u.b. plaats een nieuw verzoek
+      expired: is verlopen, vraag een nieuwe aan
+      not_found: niet gevonden
+      not_locked: is niet gesloten
+      not_saved:
+        one: '1 error verhinderde het opslaan van deze %{resource}:'
+        other: '%{count} errors verhinderde het opslaan van deze %{resource}:'

data/config/locales/simple_form.de.yml

@@ -0,0 +1,6 @@
+de:
+  simple_form:
+    labels:
+      user:
+        login: Benutzername
+        password: Passwort

data/config/locales/simple_form.en.yml

@@ -0,0 +1,6 @@
+en:
+  simple_form:
+    labels:
+      user:
+        login: Login
+        password: Password

data/config/locales/simple_form.nl.yml

@@ -0,0 +1,6 @@
+nl:
+  simple_form:
+    labels:
+      user:
+        login: Gebruikersnaam
+        password: Wachtwoord

data/config/routes.rb

@@ -17,7 +17,7 @@ Alchemy::Engine.routes.draw do
     get '/admin/passwords' => 'passwords#new', :as => :new_password
     get '/admin/passwords/:id/edit/:reset_password_token' => 'passwords#edit', :as => :edit_password
     post '/admin/passwords' => 'passwords#create', :as => :reset_password
-    put '/admin/passwords' => 'passwords#update', :as => :update_password
+    patch '/admin/passwords' => 'passwords#update', :as => :update_password
   end
 
   namespace :admin do

data/db/migrate/20131225232042_add_alchemy_roles_to_alchemy_users.rb

@@ -4,12 +4,12 @@ class AddAlchemyRolesToAlchemyUsers < ActiveRecord::Migration
     if column_exists?(:alchemy_users, :roles)
       remove_index :alchemy_users, name: "index_alchemy_users_on_roles"
       rename_column :alchemy_users, :roles, :alchemy_roles
-      change_column :alchemy_users, :alchemy_roles, :string, default: "registered"
+      change_column :alchemy_users, :alchemy_roles, :string, default: "member"
     end
 
     # Creating :alchemy_roles column for new apps.
     unless column_exists?(:alchemy_users, :alchemy_roles)
-      add_column :alchemy_users, :alchemy_roles, :string, default: "registered"
+      add_column :alchemy_users, :alchemy_roles, :string, default: "member"
     end
 
     unless index_exists?(:alchemy_users, :alchemy_roles, name: "index_alchemy_users_on_alchemy_roles")

data/lib/alchemy/devise/ability.rb

@@ -0,0 +1,22 @@
+module Alchemy
+  module Devise
+    class Ability
+      include CanCan::Ability
+
+      def initialize(user)
+        return if user.nil?
+        if user.has_role?(:member) || user.has_role?(:author) || user.has_role?(:editor)
+          can [:read, :update], Alchemy.user_class, id: user.id
+        end
+        if user.has_role?(:editor) || user.has_role?(:admin)
+          can :index, [:alchemy_admin_users]
+          can :read, Alchemy.user_class
+        end
+        if user.has_role?(:admin)
+          can :manage, Alchemy.user_class
+        end
+      end
+
+    end
+  end
+end

data/lib/alchemy/devise/engine.rb

@@ -7,11 +7,6 @@ module Alchemy
       isolate_namespace Alchemy
       engine_name 'alchemy_devise'
 
-      initializer "alchemy_devise.add_authorization_rules" do
-        rules = File.join(File.dirname(__FILE__), '../../..', 'config/authorization_rules.rb')
-        Alchemy::Auth::Engine.get_instance.load(rules)
-      end
-
       config.to_prepare do
         require_relative '../../../app/controllers/alchemy/base_controller_extension.rb'
       end

data/lib/alchemy/devise/version.rb

@@ -1,5 +1,5 @@
 module Alchemy
   module Devise
-    VERSION = "1.1.0"
+    VERSION = "2.0.0"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: alchemy-devise
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Thomas von Deyen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-16 00:00:00.000000000 Z
+date: 2014-07-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: alchemy_cms
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.9.0
+        version: 3.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.9.0
+        version: 3.0.0
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -42,16 +42,16 @@ dependencies:
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: '2.99'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: '2.99'
 - !ruby/object:Gem::Dependency
   name: capybara
   requirement: !ruby/object:Gem::Requirement
@@ -98,33 +98,38 @@ files:
 - app/controllers/alchemy/users_controller.rb
 - app/mailers/alchemy/notifications.rb
 - app/models/alchemy/user.rb
-- app/views/alchemy/admin/users/_table.html.erb
+- app/views/alchemy/admin/users/_fields.html.erb
 - app/views/alchemy/admin/users/_user.html.erb
 - app/views/alchemy/admin/users/edit.html.erb
 - app/views/alchemy/admin/users/index.html.erb
 - app/views/alchemy/admin/users/new.html.erb
 - app/views/alchemy/notifications/alchemy_user_created.de.text.erb
 - app/views/alchemy/notifications/alchemy_user_created.en.text.erb
-- app/views/alchemy/notifications/registered_user_created.de.text.erb
-- app/views/alchemy/notifications/registered_user_created.en.text.erb
+- app/views/alchemy/notifications/member_created.de.text.erb
+- app/views/alchemy/notifications/member_created.en.text.erb
 - app/views/alchemy/notifications/reset_password_instructions.de.text.erb
 - app/views/alchemy/notifications/reset_password_instructions.en.text.erb
 - app/views/alchemy/passwords/edit.html.erb
 - app/views/alchemy/passwords/new.html.erb
 - app/views/alchemy/user_sessions/new.html.erb
 - app/views/alchemy/users/new.html.erb
-- config/authorization_rules.rb
 - config/initializers/alchemy.rb
 - config/initializers/devise.rb
 - config/locales/alchemy.de.yml
 - config/locales/alchemy.en.yml
+- config/locales/alchemy.nl.yml
 - config/locales/devise.de.yml
 - config/locales/devise.en.yml
+- config/locales/devise.nl.yml
+- config/locales/simple_form.de.yml
+- config/locales/simple_form.en.yml
+- config/locales/simple_form.nl.yml
 - config/routes.rb
 - config/spring.rb
 - db/migrate/20131015124700_create_alchemy_users.rb
 - db/migrate/20131225232042_add_alchemy_roles_to_alchemy_users.rb
 - lib/alchemy/devise.rb
+- lib/alchemy/devise/ability.rb
 - lib/alchemy/devise/engine.rb
 - lib/alchemy/devise/version.rb
 homepage: http://alchemy-cms.com

data/app/views/alchemy/admin/users/_table.html.erb

@@ -1,69 +0,0 @@
-<table>
-  <tr>
-    <td class="label"><%= f.label 'gender' %></td>
-    <td class="select"><%= f.select 'gender', options_for_select(@user_genders, @user.gender), {:prompt => _t('Please choose')}, :class => 'alchemy_selectbox long', :autofocus => true -%></td>
-  </tr>
-  <tr>
-    <td class="label"><%= f.label 'firstname' %></td>
-    <td class="input"><%= f.text_field 'firstname', :class => 'thin_border long' %></td>
-  </tr>
-  <tr>
-    <td class="label"><%= f.label 'lastname' %></td>
-    <td class="input"><%= f.text_field 'lastname', :class => 'thin_border long' %></td>
-  </tr>
-  <tr>
-    <td class="label mandatory"><%= f.label 'login' %></td>
-    <td class="input"><%= f.text_field 'login', :class => 'thin_border long', :required => true, :autofocus => true %></td>
-  </tr>
-  <tr>
-    <td class="label mandatory"><%= f.label 'email' %></td>
-    <td class="input"><%= f.email_field 'email', :class => 'thin_border long', :required => true %></td>
-  </tr>
-  <tr>
-    <td class="label"><%= f.label 'language' %></td>
-    <td class="select"><%= f.select 'language', translations_for_select, {}, {:class => 'alchemy_selectbox long'} %></td>
-  </tr>
-  <tr>
-    <td class="label mandatory"><%= f.label 'password' %></td>
-    <td class="input mandatory"><%= f.password_field 'password', :class => 'thin_border long', :autocomplete => "off", :required => action_name == 'signup' %></td>
-  </tr>
-  <tr>
-    <td class="label mandatory"><%= f.label 'password_confirmation' %></td>
-    <td class="input"><%= f.password_field 'password_confirmation', :class => 'thin_border long', :autocomplete => "off", :required => action_name == 'signup' %></td>
-  </tr>
-  <% if @signup %>
-  <%= f.hidden_field :alchemy_roles %>
-  <% elsif permitted_to? :update_roles %>
-  <tr>
-    <td class="label"><%= f.label 'alchemy_roles' %></td>
-    <td id="user_roles">
-    <% Alchemy::User::ROLES.each do |role| %>
-      <label>
-        <%= check_box_tag 'user[alchemy_roles][]', role, @user.has_role?(role) %>
-        <%= Alchemy::User.human_rolename(role) %>
-      </label>
-    <% end %>
-    </td>
-  </tr>
-  <% end %>
-  <% unless @signup %>
-  <tr>
-    <td class="label"><%= f.label :tag_list %></td>
-    <td class="input">
-      <%= render 'alchemy/admin/partials/autocomplete_tag_list', :f => f, :object => @user %>
-    </td>
-  </tr>
-  <% end %>
-  <tr>
-    <td>&nbsp;</td>
-    <td class="checkbox long">
-      <%= f.check_box(:send_credentials, checked: @user.new_record?) %>
-      <%= f.label(:send_credentials) %>
-    </td>
-  </tr>
-  <tr>
-    <td class="submit" colspan="2">
-      <%= f.button _t(:save), :class => 'button' %>
-    </td>
-  </tr>
-</table>

data/config/authorization_rules.rb

@@ -1,30 +0,0 @@
-authorization do
-  role :registered do
-    has_permission_on :alchemy_admin_users, :to => [:edit, :update] do
-      if_attribute :id => is {user.id}
-    end
-  end
-
-  role :author do
-    includes :registered
-    has_permission_on :alchemy_admin_users, :to => [:index]
-  end
-
-  role :editor do
-    includes :author
-  end
-
-  role :admin do
-    includes :editor
-    has_permission_on :alchemy_admin_users, :to => [:manage, :update_roles]
-  end
-end
-
-privileges do
-  # default privilege hierarchies to facilitate RESTful Rails apps
-  privilege :manage,  :includes => [:create, :read, :update, :delete]
-  privilege :read,    :includes => [:index, :show]
-  privilege :create,  :includes => :new
-  privilege :update,  :includes => :edit
-  privilege :delete,  :includes => :destroy
-end