casein 5.3.2.0 → 5.4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.rdoc +6 -6
- data/Rakefile +5 -4
- data/app/controllers/casein/admin_user_sessions_controller.rb +12 -14
- data/app/controllers/casein/admin_users_controller.rb +49 -50
- data/app/controllers/casein/casein_controller.rb +26 -24
- data/app/controllers/casein/password_resets_controller.rb +18 -21
- data/app/helpers/casein/casein_helper.rb +146 -155
- data/app/mailers/casein/casein_notification.rb +26 -27
- data/app/models/casein.rb +2 -0
- data/app/models/casein/admin_user.rb +50 -21
- data/app/models/casein/admin_user_session.rb +5 -3
- data/config/initializers/will_paginate.rb +12 -8
- data/config/routes.rb +10 -11
- data/lib/casein.rb +10 -8
- data/lib/casein/engine.rb +13 -14
- data/lib/casein/version.rb +4 -2
- data/lib/casein/version.rb.orig +10 -0
- data/lib/generators/casein/install/install_generator.rb +36 -35
- data/lib/generators/casein/install/templates/app/helpers/casein/config_helper.rb +8 -8
- data/lib/generators/casein/install/templates/db/migrate/casein_create_admin_users.rb +4 -4
- data/lib/generators/casein/scaffold/scaffold_generator.rb +31 -30
- data/lib/railties/tasks.rake +10 -12
- metadata +40 -39
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5593657521856e0cc5c485ccadfd5da19a32a1c5
|
|
4
|
+
data.tar.gz: 94a2463ffd23fd6a5bdae71b31bb72aaedaf87a5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 76fdbb218db0cde4dfbd6bc45178fdd3d7bbd73c2b6e00d2e2ccbfd5b005eae4a14e6cd2dc29d280fd67bed0a189ecdc00e10d2c4171ae6b7a96def67f7efde0
|
|
7
|
+
data.tar.gz: 233a733c1c0668aa5436d3cdb4c337d0f0eb05835cda7ea3ebc01730604fa1495fb9b98d452fb931fb1b57e7d0dd6e912c646bb1dbb546412d904007fe66940d
|
data/README.rdoc
CHANGED
|
@@ -10,16 +10,16 @@ Screenshots at: http://www.caseincms.com
|
|
|
10
10
|
|
|
11
11
|
==Requirements
|
|
12
12
|
|
|
13
|
-
This version of Casein is designed for Ruby on Rails 5.x and Ruby 2.3.
|
|
13
|
+
This version of Casein is designed for Ruby on Rails 5.x and Ruby 2.3.3 or later.
|
|
14
14
|
|
|
15
15
|
Casein 5.1.1.5 was the last gem release compatible with Rails 4.x.
|
|
16
16
|
|
|
17
|
-
==What’s New in 5.
|
|
17
|
+
==What’s New in 5.4.0
|
|
18
18
|
|
|
19
|
-
*
|
|
20
|
-
*
|
|
21
|
-
*
|
|
22
|
-
*
|
|
19
|
+
* Bug fix for breaking AuthLogic changes
|
|
20
|
+
* Updates minimum version of Ruby to 2.3.3
|
|
21
|
+
* Some gem dependencies have been updated, including a bump to AuthLogic 5.0.x
|
|
22
|
+
* Codebase tidying up
|
|
23
23
|
|
|
24
24
|
Thanks to @brchristian for this release.
|
|
25
25
|
|
data/Rakefile
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
begin
|
|
2
4
|
require 'bundler/setup'
|
|
3
5
|
rescue LoadError
|
|
@@ -18,16 +20,15 @@ end
|
|
|
18
20
|
Bundler::GemHelper.install_tasks
|
|
19
21
|
|
|
20
22
|
begin
|
|
21
|
-
APP_RAKEFILE=File.expand_path('
|
|
23
|
+
APP_RAKEFILE = File.expand_path('spec/rails_test_app/Rakefile', __dir__)
|
|
22
24
|
load 'rails/tasks/engine.rake'
|
|
23
25
|
|
|
24
26
|
Bundler::GemHelper.install_tasks
|
|
25
|
-
Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each{|f| load f}
|
|
27
|
+
Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each { |f| load f }
|
|
26
28
|
require 'rspec/core'
|
|
27
29
|
require 'rspec/core/rake_task'
|
|
28
30
|
RSpec::Core::RakeTask.new(:spec)
|
|
29
31
|
rescue LoadError => ex
|
|
30
|
-
puts
|
|
32
|
+
puts 'RSpec tasks were unavailable'
|
|
31
33
|
puts "*** #{ex}"
|
|
32
34
|
end
|
|
33
|
-
|
|
@@ -1,15 +1,16 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Casein
|
|
2
4
|
class AdminUserSessionsController < Casein::CaseinController
|
|
3
|
-
|
|
4
|
-
skip_before_action :authorise, only: [:new, :create]
|
|
5
|
+
skip_before_action :authorise, only: %i[new create]
|
|
5
6
|
before_action :requires_no_session_user, except: [:destroy]
|
|
6
|
-
|
|
7
|
+
|
|
7
8
|
layout 'casein_auth'
|
|
8
|
-
|
|
9
|
+
|
|
9
10
|
def new
|
|
10
11
|
@admin_user_session = Casein::AdminUserSession.new
|
|
11
12
|
end
|
|
12
|
-
|
|
13
|
+
|
|
13
14
|
def create
|
|
14
15
|
@admin_user_session = Casein::AdminUserSession.new(casein_admin_user_session_params.to_h)
|
|
15
16
|
if @admin_user_session.save
|
|
@@ -18,23 +19,20 @@ module Casein
|
|
|
18
19
|
render action: :new
|
|
19
20
|
end
|
|
20
21
|
end
|
|
21
|
-
|
|
22
|
+
|
|
22
23
|
def destroy
|
|
23
24
|
current_admin_user_session.destroy
|
|
24
25
|
redirect_back_or_default new_casein_admin_user_session_url
|
|
25
26
|
end
|
|
26
27
|
|
|
27
|
-
|
|
28
|
-
|
|
28
|
+
private
|
|
29
|
+
|
|
29
30
|
def requires_no_session_user
|
|
30
|
-
if current_user
|
|
31
|
-
redirect_to controller: :casein, action: :index
|
|
32
|
-
end
|
|
31
|
+
redirect_to controller: :casein, action: :index if current_user
|
|
33
32
|
end
|
|
34
|
-
|
|
33
|
+
|
|
35
34
|
def casein_admin_user_session_params
|
|
36
35
|
params.require(:casein_admin_user_session).permit(:login, :password, :remember_me)
|
|
37
36
|
end
|
|
38
|
-
|
|
39
37
|
end
|
|
40
|
-
end
|
|
38
|
+
end
|
|
@@ -1,95 +1,95 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'securerandom'
|
|
2
4
|
|
|
3
5
|
module Casein
|
|
4
6
|
class AdminUsersController < Casein::CaseinController
|
|
7
|
+
before_action :needs_admin, except: %i[show destroy update update_password]
|
|
8
|
+
before_action :needs_admin_or_current_user, only: %i[show destroy update update_password]
|
|
5
9
|
|
|
6
|
-
before_action :needs_admin, except: [:show, :destroy, :update, :update_password]
|
|
7
|
-
before_action :needs_admin_or_current_user, only: [:show, :destroy, :update, :update_password]
|
|
8
|
-
|
|
9
10
|
def index
|
|
10
|
-
@casein_page_title =
|
|
11
|
+
@casein_page_title = 'Users'
|
|
11
12
|
@users = Casein::AdminUser.order(sort_order(:login)).paginate page: params[:page]
|
|
12
13
|
end
|
|
13
|
-
|
|
14
|
+
|
|
14
15
|
def new
|
|
15
|
-
@casein_page_title =
|
|
16
|
-
|
|
17
|
-
|
|
16
|
+
@casein_page_title = 'Add a new user'
|
|
17
|
+
@casein_admin_user = Casein::AdminUser.new
|
|
18
|
+
@casein_admin_user.time_zone = Rails.configuration.time_zone
|
|
18
19
|
end
|
|
19
|
-
|
|
20
|
-
def create
|
|
21
20
|
|
|
21
|
+
def create
|
|
22
22
|
generate_random_password if params[:generate_random_password]
|
|
23
23
|
|
|
24
24
|
@casein_admin_user = Casein::AdminUser.new casein_admin_user_params
|
|
25
|
-
|
|
25
|
+
|
|
26
26
|
if @casein_admin_user.save
|
|
27
|
-
flash[:notice] = "An email has been sent to
|
|
27
|
+
flash[:notice] = "An email has been sent to #{@casein_admin_user.name} with the new account details"
|
|
28
28
|
redirect_to casein_admin_users_path
|
|
29
29
|
else
|
|
30
|
-
flash.now[:warning] =
|
|
30
|
+
flash.now[:warning] = 'There were problems when trying to create a new user'
|
|
31
31
|
render action: :new
|
|
32
32
|
end
|
|
33
33
|
end
|
|
34
|
-
|
|
34
|
+
|
|
35
35
|
def show
|
|
36
|
-
|
|
37
|
-
|
|
36
|
+
@casein_admin_user = Casein::AdminUser.find params[:id]
|
|
37
|
+
@casein_page_title = @casein_admin_user.name + ' > View user'
|
|
38
38
|
end
|
|
39
|
-
|
|
39
|
+
|
|
40
40
|
def update
|
|
41
41
|
@casein_admin_user = Casein::AdminUser.find params[:id]
|
|
42
|
-
@casein_page_title = @casein_admin_user.name
|
|
42
|
+
@casein_page_title = "#{@casein_admin_user.name} > Update user"
|
|
43
43
|
|
|
44
44
|
if @casein_admin_user.update_attributes casein_admin_user_params
|
|
45
|
-
flash[:notice] = @casein_admin_user.name
|
|
45
|
+
flash[:notice] = "#{@casein_admin_user.name} has been updated"
|
|
46
46
|
else
|
|
47
|
-
flash.now[:warning] =
|
|
47
|
+
flash.now[:warning] = 'There were problems when trying to update this user'
|
|
48
48
|
render action: :show
|
|
49
49
|
return
|
|
50
50
|
end
|
|
51
|
-
|
|
51
|
+
|
|
52
52
|
if @session_user.is_admin?
|
|
53
53
|
redirect_to casein_admin_users_path
|
|
54
54
|
else
|
|
55
55
|
redirect_to controller: :casein, action: :index
|
|
56
56
|
end
|
|
57
57
|
end
|
|
58
|
-
|
|
58
|
+
|
|
59
59
|
def update_password
|
|
60
60
|
@casein_admin_user = Casein::AdminUser.find params[:id]
|
|
61
|
-
@casein_page_title = @casein_admin_user.name
|
|
62
|
-
|
|
61
|
+
@casein_page_title = "#{@casein_admin_user.name} > Update password"
|
|
62
|
+
|
|
63
63
|
if @casein_admin_user.valid_password? params[:form_current_password]
|
|
64
64
|
if params[:casein_admin_user][:password].blank? && params[:casein_admin_user][:password_confirmation].blank?
|
|
65
|
-
flash[:warning] =
|
|
65
|
+
flash[:warning] = 'New password cannot be blank'
|
|
66
66
|
elsif @casein_admin_user.update_attributes casein_admin_user_params
|
|
67
|
-
flash[:notice] =
|
|
67
|
+
flash[:notice] = 'Your password has been changed'
|
|
68
68
|
else
|
|
69
|
-
flash[:warning] =
|
|
69
|
+
flash[:warning] = 'There were problems when trying to change your password'
|
|
70
70
|
end
|
|
71
71
|
else
|
|
72
|
-
flash[:warning] =
|
|
72
|
+
flash[:warning] = 'The current password is incorrect'
|
|
73
73
|
end
|
|
74
|
-
|
|
74
|
+
|
|
75
75
|
redirect_to action: :show
|
|
76
76
|
end
|
|
77
|
-
|
|
77
|
+
|
|
78
78
|
def reset_password
|
|
79
79
|
@casein_admin_user = Casein::AdminUser.find params[:id]
|
|
80
|
-
@casein_page_title = @casein_admin_user.name
|
|
81
|
-
|
|
80
|
+
@casein_page_title = "#{@casein_admin_user.name} > Reset password"
|
|
81
|
+
|
|
82
82
|
if params[:generate_random_password].blank? && params[:casein_admin_user][:password].blank? && params[:casein_admin_user][:password_confirmation].blank?
|
|
83
|
-
flash[:warning] =
|
|
83
|
+
flash[:warning] = 'New password cannot be blank'
|
|
84
84
|
else
|
|
85
85
|
generate_random_password if params[:generate_random_password]
|
|
86
|
-
@casein_admin_user.notify_of_new_password = true unless
|
|
86
|
+
@casein_admin_user.notify_of_new_password = true unless @casein_admin_user.id == @session_user.id && params[:generate_random_password].blank?
|
|
87
87
|
|
|
88
88
|
if @casein_admin_user.update_attributes casein_admin_user_params
|
|
89
|
-
|
|
90
|
-
flash[:notice] = "
|
|
91
|
-
else
|
|
92
|
-
flash[:notice] =
|
|
89
|
+
if @casein_admin_user.notify_of_new_password
|
|
90
|
+
flash[:notice] = "Password has been reset and #{@casein_admin_user.name} has been notified by email"
|
|
91
|
+
else
|
|
92
|
+
flash[:notice] = 'Your password has been reset'
|
|
93
93
|
end
|
|
94
94
|
else
|
|
95
95
|
flash[:warning] = "There were problems when trying to reset this user's password"
|
|
@@ -98,27 +98,26 @@ module Casein
|
|
|
98
98
|
|
|
99
99
|
redirect_to action: :show
|
|
100
100
|
end
|
|
101
|
-
|
|
101
|
+
|
|
102
102
|
def destroy
|
|
103
103
|
user = Casein::AdminUser.find params[:id]
|
|
104
104
|
if user.is_admin? == false || Casein::AdminUser.has_more_than_one_admin
|
|
105
105
|
user.destroy
|
|
106
|
-
flash[:notice] = user.name
|
|
106
|
+
flash[:notice] = "#{user.name} has been deleted"
|
|
107
107
|
end
|
|
108
108
|
redirect_to casein_admin_users_path
|
|
109
109
|
end
|
|
110
110
|
|
|
111
111
|
private
|
|
112
112
|
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
113
|
+
def generate_random_password
|
|
114
|
+
random_password = random_string = SecureRandom.hex
|
|
115
|
+
params[:casein_admin_user] = {} if params[:casein_admin_user].blank?
|
|
116
|
+
params[:casein_admin_user].merge! ({ password: random_password, password_confirmation: random_password })
|
|
117
|
+
end
|
|
118
118
|
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
119
|
+
def casein_admin_user_params
|
|
120
|
+
params.require(:casein_admin_user).permit(:login, :name, :email, :time_zone, :access_level, :password, :password_confirmation)
|
|
121
|
+
end
|
|
123
122
|
end
|
|
124
|
-
end
|
|
123
|
+
end
|
|
@@ -1,76 +1,78 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'authlogic'
|
|
2
4
|
|
|
3
5
|
module Casein
|
|
4
6
|
class CaseinController < ApplicationController
|
|
5
|
-
|
|
6
7
|
require 'casein/casein_helper'
|
|
7
8
|
include Casein::CaseinHelper
|
|
8
9
|
|
|
9
|
-
|
|
10
|
-
|
|
10
|
+
require 'casein/config_helper'
|
|
11
|
+
include Casein::ConfigHelper
|
|
11
12
|
|
|
12
13
|
layout 'casein_main'
|
|
13
|
-
|
|
14
|
+
|
|
14
15
|
helper_method :current_admin_user_session, :current_user
|
|
15
16
|
before_action :authorise
|
|
16
17
|
before_action :set_time_zone
|
|
17
|
-
|
|
18
|
-
ActionView::Base.field_error_proc = proc { |input, instance| "#{input}".html_safe }
|
|
19
18
|
|
|
20
|
-
|
|
21
|
-
|
|
19
|
+
ActionView::Base.field_error_proc = proc { |input, _instance| input.to_s.html_safe }
|
|
20
|
+
|
|
21
|
+
def index
|
|
22
|
+
redirect_to casein_config_dashboard_url
|
|
22
23
|
end
|
|
23
24
|
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
25
|
+
def blank
|
|
26
|
+
@casein_page_title = 'Welcome'
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
private
|
|
27
30
|
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
def authorise
|
|
31
|
+
def authorise
|
|
31
32
|
unless current_user
|
|
32
33
|
session[:return_to] = request.fullpath
|
|
33
34
|
redirect_to new_casein_admin_user_session_url
|
|
34
|
-
|
|
35
|
+
false
|
|
35
36
|
end
|
|
36
37
|
end
|
|
37
|
-
|
|
38
|
+
|
|
38
39
|
def set_time_zone
|
|
39
40
|
Time.zone = current_user.time_zone if current_user
|
|
40
41
|
end
|
|
41
|
-
|
|
42
|
+
|
|
42
43
|
def current_admin_user_session
|
|
43
44
|
return @current_admin_user_session if defined?(@current_admin_user_session)
|
|
45
|
+
|
|
44
46
|
@current_admin_user_session = Casein::AdminUserSession.find
|
|
45
47
|
end
|
|
46
48
|
|
|
47
49
|
def current_user
|
|
48
50
|
return @session_user if defined?(@session_user)
|
|
49
|
-
|
|
51
|
+
|
|
52
|
+
@session_user = current_admin_user_session&.admin_user
|
|
50
53
|
end
|
|
51
|
-
|
|
54
|
+
|
|
52
55
|
def needs_admin
|
|
53
56
|
unless @session_user.is_admin?
|
|
54
57
|
redirect_to controller: :casein, action: :index
|
|
55
58
|
end
|
|
56
59
|
end
|
|
57
|
-
|
|
60
|
+
|
|
58
61
|
def needs_admin_or_current_user
|
|
59
62
|
unless @session_user.is_admin? || params[:id].to_i == @session_user.id
|
|
60
63
|
redirect_to controller: :casein, action: :index
|
|
61
64
|
end
|
|
62
65
|
end
|
|
63
|
-
|
|
66
|
+
|
|
64
67
|
def redirect_back_or_default(default)
|
|
65
68
|
redirect_to(session[:return_to] || default)
|
|
66
69
|
session[:return_to] = nil
|
|
67
70
|
end
|
|
68
71
|
|
|
69
72
|
def sort_order(default)
|
|
70
|
-
column = (params[:c] || default.to_s).gsub(/[\s;'\"]/,'')
|
|
73
|
+
column = (params[:c] || default.to_s).gsub(/[\s;'\"]/, '')
|
|
71
74
|
direction = params[:d] == 'down' ? 'DESC' : 'ASC'
|
|
72
75
|
{ column => direction }
|
|
73
76
|
end
|
|
74
|
-
|
|
75
77
|
end
|
|
76
|
-
end
|
|
78
|
+
end
|
|
@@ -1,26 +1,25 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Casein
|
|
2
4
|
class PasswordResetsController < Casein::CaseinController
|
|
3
|
-
|
|
4
5
|
skip_before_action :authorise
|
|
5
|
-
before_action :load_user_using_perishable_token, only: [
|
|
6
|
+
before_action :load_user_using_perishable_token, only: %i[edit update]
|
|
6
7
|
|
|
7
8
|
layout 'casein_auth'
|
|
8
|
-
|
|
9
|
+
|
|
9
10
|
def create
|
|
10
11
|
users = Casein::AdminUser.where(email: params[:recover_email]).all
|
|
11
12
|
|
|
12
|
-
if users.
|
|
13
|
-
users.each
|
|
14
|
-
user.send_password_reset_instructions
|
|
15
|
-
end
|
|
13
|
+
if !users.empty?
|
|
14
|
+
users.each(&:send_password_reset_instructions)
|
|
16
15
|
|
|
17
16
|
if users.length > 1
|
|
18
|
-
flash[:notice] = "Multiple accounts were found. Emails have been sent to
|
|
17
|
+
flash[:notice] = "Multiple accounts were found. Emails have been sent to #{params[:recover_email]} with instructions on how to reset your passwords"
|
|
19
18
|
else
|
|
20
|
-
flash[:notice] = "An email has been sent to
|
|
19
|
+
flash[:notice] = "An email has been sent to #{params[:recover_email]} with instructions on how to reset your password"
|
|
21
20
|
end
|
|
22
21
|
else
|
|
23
|
-
flash[:warning] =
|
|
22
|
+
flash[:warning] = 'There is no user with that email'
|
|
24
23
|
end
|
|
25
24
|
|
|
26
25
|
redirect_to new_casein_admin_user_session_url
|
|
@@ -31,34 +30,32 @@ module Casein
|
|
|
31
30
|
end
|
|
32
31
|
|
|
33
32
|
def update
|
|
34
|
-
|
|
35
33
|
if params[:casein_admin_user][:password].empty? || params[:casein_admin_user][:password_confirmation].empty?
|
|
36
|
-
flash.now[:warning] =
|
|
34
|
+
flash.now[:warning] = 'A field has been left empty'
|
|
37
35
|
else
|
|
38
|
-
|
|
36
|
+
|
|
39
37
|
@reset_user.password = params[:casein_admin_user][:password]
|
|
40
38
|
@reset_user.password_confirmation = params[:casein_admin_user][:password_confirmation]
|
|
41
|
-
|
|
39
|
+
|
|
42
40
|
if @reset_user.save
|
|
43
|
-
flash[:notice] =
|
|
41
|
+
flash[:notice] = 'Password successfully updated'
|
|
44
42
|
redirect_to new_casein_admin_user_session_url
|
|
45
43
|
return
|
|
46
44
|
end
|
|
47
45
|
end
|
|
48
|
-
|
|
46
|
+
|
|
49
47
|
render action: :edit
|
|
50
48
|
end
|
|
51
49
|
|
|
52
|
-
|
|
53
|
-
|
|
50
|
+
private
|
|
51
|
+
|
|
54
52
|
def load_user_using_perishable_token
|
|
55
|
-
|
|
56
53
|
@reset_user = Casein::AdminUser.find_using_perishable_token params[:token]
|
|
57
|
-
|
|
54
|
+
|
|
58
55
|
unless @reset_user
|
|
59
56
|
flash[:warning] = "Your account could not be located. This can happen if you wait more than 10 minutes to click the link or if you select 'Forgotten Password' multiple times, which invalidates all previous reset links."
|
|
60
57
|
redirect_to new_casein_admin_user_session_url
|
|
61
58
|
end
|
|
62
59
|
end
|
|
63
60
|
end
|
|
64
|
-
end
|
|
61
|
+
end
|