devise_invitable 0.3.2 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (58) hide show
  1. data/README.rdoc +142 -52
  2. data/app/controllers/devise/invitations_controller.rb +24 -7
  3. data/config/locales/en.yml +5 -3
  4. data/lib/devise_invitable/controllers/helpers.rb +2 -2
  5. data/lib/devise_invitable/mailer.rb +12 -5
  6. data/lib/devise_invitable/model.rb +85 -38
  7. data/lib/devise_invitable/rails.rb +2 -1
  8. data/lib/devise_invitable/routes.rb +8 -5
  9. data/lib/devise_invitable/schema.rb +27 -2
  10. data/lib/devise_invitable/version.rb +3 -0
  11. data/lib/devise_invitable.rb +38 -13
  12. data/lib/generators/active_record/devise_invitable_generator.rb +13 -0
  13. data/lib/generators/active_record/templates/migration.rb +25 -0
  14. data/lib/generators/devise_invitable/devise_invitable_generator.rb +20 -0
  15. data/lib/generators/devise_invitable/install_generator.rb +49 -0
  16. data/lib/generators/devise_invitable/views_generator.rb +1 -1
  17. data/lib/generators/mongoid/devise_invitable_generator.rb +8 -0
  18. metadata +53 -136
  19. data/.document +0 -5
  20. data/.gitignore +0 -22
  21. data/Gemfile +0 -3
  22. data/Gemfile.lock +0 -108
  23. data/Rakefile +0 -55
  24. data/VERSION +0 -1
  25. data/devise_invitable.gemspec +0 -136
  26. data/test/integration/invitable_test.rb +0 -109
  27. data/test/integration_tests_helper.rb +0 -58
  28. data/test/mailers/invitation_test.rb +0 -62
  29. data/test/model_tests_helper.rb +0 -41
  30. data/test/models/invitable_test.rb +0 -188
  31. data/test/models_test.rb +0 -31
  32. data/test/rails_app/app/controllers/admins_controller.rb +0 -6
  33. data/test/rails_app/app/controllers/application_controller.rb +0 -3
  34. data/test/rails_app/app/controllers/home_controller.rb +0 -4
  35. data/test/rails_app/app/controllers/users_controller.rb +0 -12
  36. data/test/rails_app/app/helpers/application_helper.rb +0 -2
  37. data/test/rails_app/app/models/user.rb +0 -4
  38. data/test/rails_app/app/views/home/index.html.erb +0 -0
  39. data/test/rails_app/app/views/layouts/application.html.erb +0 -15
  40. data/test/rails_app/config/application.rb +0 -45
  41. data/test/rails_app/config/boot.rb +0 -13
  42. data/test/rails_app/config/database.yml +0 -22
  43. data/test/rails_app/config/environment.rb +0 -5
  44. data/test/rails_app/config/environments/development.rb +0 -26
  45. data/test/rails_app/config/environments/production.rb +0 -49
  46. data/test/rails_app/config/environments/test.rb +0 -35
  47. data/test/rails_app/config/initializers/backtrace_silencers.rb +0 -7
  48. data/test/rails_app/config/initializers/devise.rb +0 -142
  49. data/test/rails_app/config/initializers/inflections.rb +0 -10
  50. data/test/rails_app/config/initializers/mime_types.rb +0 -5
  51. data/test/rails_app/config/initializers/secret_token.rb +0 -7
  52. data/test/rails_app/config/initializers/session_store.rb +0 -8
  53. data/test/rails_app/config/locales/en.yml +0 -5
  54. data/test/rails_app/config/routes.rb +0 -4
  55. data/test/rails_app/config.ru +0 -4
  56. data/test/routes_test.rb +0 -20
  57. data/test/test_helper.rb +0 -29
  58. /data/app/views/devise/mailer/{invitation.html.erb → invitation_instructions.html.erb} +0 -0
data/README.rdoc CHANGED
@@ -1,95 +1,188 @@
1
- = devise_invitable
1
+ = DeviseInvitable
2
2
 
3
3
  It adds support to devise[http://github.com/plataformatec/devise] for send invitations by email (it requires to be authenticated) and accept the invitation setting the password.
4
4
 
5
- DeviseInvitable currently only support rails 3, if you want to use it with rails 2.3 you must install version 0.2.3
5
+ DeviseInvitable currently only support Rails 3, if you want to use it with Rails 2.3 you must install version {0.2.3}[http://rubygems.org/gems/devise_invitable/versions/0.2.3]
6
6
 
7
- == Installation
7
+ == Installation for Rails ~> 3.0 and Devise ~> 1.1
8
8
 
9
- Install devise_invitable gem, it should install dependencies (such as devise and warden):
9
+ Install DeviseInvitable gem, it will also install dependencies (such as devise and warden):
10
10
 
11
- sudo gem install devise_invitable
11
+ gem install devise_invitable
12
12
 
13
- Configure devise_invitable inside your app (and devise if you weren't using them):
13
+ Add DeviseInvitable to your Gemfile (and Devise if you weren't using them):
14
14
 
15
- gem 'devise'
16
- gem 'devise_invitable'
15
+ gem 'devise', '~> 1.1.3'
16
+ gem 'devise_invitable', '~> 0.3.4'
17
17
 
18
- == Basic Usage
18
+ === Automatic installation
19
19
 
20
- Follow the walkthrough for devise with the following modifications.
20
+ Run the following generator to add DeviseInvitable’s configuration option in the Devise configuration file (config/initializers/devise.rb):
21
21
 
22
- Add t.invitable to the migration:
22
+ rails generate devise_invitable:install
23
+
24
+ When you are done, you are ready to add DeviseInvitable to any of your Devise models using the following generator:
25
+
26
+ rails generate devise_invitable MODEL
27
+
28
+ Replace MODEL by the class name you want to add DeviseInvitable, like User, Admin, etc. This will add the :invitable flag to your model's Devise modules. The generator will also create a migration file (if your ORM support them). Continue reading this file to understand exactly what the generator produces and how to use it.
29
+
30
+ === Manual installation
31
+
32
+ Follow the walkthrough for Devise and after it's done, follow this walkthrough.
33
+
34
+ Add :invitable to the <tt>devise</tt> call in your model (we’re assuming here you already have a User model with some Devise modules):
35
+
36
+ class User < ActiveRecord::Base
37
+ devise :database_authenticatable, :confirmable, :invitable
38
+ end
39
+
40
+ Add t.invitable to your Devise model migration:
23
41
 
24
42
  create_table :users do
25
43
  ...
26
44
  t.invitable
27
45
  ...
28
46
  end
29
- add_index :users, :invitation_token # for invitable
47
+ add_index :users, :invitation_token
30
48
 
31
- Add :invitable to the devise line in your model:
49
+ or for a model that already exists, define a migration to add DeviseInvitable to your model:
32
50
 
33
- class User < ActiveRecord::Base
34
- devise ..., :invitable
51
+ change_table :users do |t|
52
+ t.string :invitation_token, :limit => 60
53
+ t.datetime :invitation_sent_at
54
+ t.index :invitation_token
35
55
  end
36
56
 
37
- If you are using devise :all, you can add :invitable to config.all in devise initializer:
38
- Devise.setup do |config|
39
- ...
40
- config.all = [..., :invitable]
41
- ...
42
- end
57
+ # Allow null encrypted_password
58
+ change_column_null :users, :encrypted_password, true
59
+ # Allow null password_salt (add it if you are using Devise's encryptable module)
60
+ change_column_null :users, :password_salt, true
43
61
 
44
62
  == Model configuration
45
63
 
46
- DeviseInvitable adds a new configuration option, :invite_for. It's the time a invitation is valid for. Default value is nil, which means invitation doesn't expire.
64
+ DeviseInvitable adds three new configuration options:
65
+
66
+ * invite_for: The period the generated invitation token is valid, after this period, the invited resource won't be able to accept the invitation. When invite_for is 0 (the default), the invitation won't expire.
67
+
68
+ You can set this configuration option in the Devise initializer as follow:
69
+
70
+ # ==> Configuration for :invitable
71
+ # The period the generated invitation token is valid, after
72
+ # this period, the invited resource won't be able to accept the invitation.
73
+ # When invite_for is 0 (the default), the invitation won't expire.
74
+ # config.invite_for = 2.weeks
75
+
76
+ or directly as parameters to the <tt>devise</tt> method:
77
+
78
+ devise :database_authenticatable, :confirmable, :invitable, :invite_for => 2.weeks
79
+
80
+ * invitation_limit: The number of invitations users can send. The default value of nil means users can send as many invites as they want. A setting of 0 means they can't send invitations. A setting n > 0 means they can send n invitations.
81
+
82
+ * invite_key: The key to be used to check existing users when sending an invitation. The key must be an unique field. The default value is looking for users by email.
83
+
84
+ For more details, see <tt>config/initializers/devise.rb</tt> (after you invoked the "devise_invitable:install" generator described above).
47
85
 
48
86
  == Configuring views
49
87
 
50
- All of the views are packaged inside the gem. If you'd like to customize the views, invoke the the following generator and it will copy all views to your application:
88
+ All the views are packaged inside the gem. If you'd like to customize the views, invoke the following generator and it will copy all the views to your application:
51
89
 
52
- # rails generate devise_invitable:views
90
+ rails generate devise_invitable:views
53
91
 
54
- == Controller filters
92
+ You can also use the generator to generate scoped views:
55
93
 
56
- It adds authenticate_resource! filter to restrict who can send invitations. You can override this method in your ApplicationController. Default behavior is require authentication of the same resource_name, so if you only have a model with devise it will allow to all authenticated users to send invitations.
94
+ rails generate devise_invitable:views users
57
95
 
58
- You have to configure mailer as it's required for confirmable and recoverable.
96
+ Please refer to {Devise's README}[http://github.com/plataformatec/devise] for more information about views.
59
97
 
60
- == I18n
98
+ == Usage
99
+
100
+ === Send an invitation
61
101
 
62
- It uses two flash messages, :send_instructions and :updated, which are translated as other flash messages from devise.
102
+ To send an invitation to a user, use the <tt>invite!</tt> class method. <tt>:email</tt> must be present in the parameters hash. You can also include other attributes in the hash. The record will not be validated.
63
103
 
64
- == Sending an invitation
104
+ User.invite!(:email => "new_user@example.com", :name => "John Doe")
105
+ # => an invitation email will be sent to new_user@example.com
65
106
 
66
- To invite a user use invite class model. You must set email in the attributes hash:
107
+ If you want to create the invitation but not send it, you can set <tt>skip_invitation</tt> to true.
67
108
 
68
- User.invite!(:email => 'new_user@example.com')
109
+ User.invite!(:email => "new_user@example.com", :name => "John Doe") do |u|
110
+ u.skip_invitation = true
111
+ end
112
+ # => the record will be created, but the invitation email will not be sent
69
113
 
70
- To accept an invitation with a token use accept_invitation! class model. You must set invitiation_token attribute, and you can include other attributes in the hash, which will be updated in the record.
114
+ You can add :skip_invitation to attributes hash if skip_invitation is added to attr_accessible.
71
115
 
72
- User.accept_invitation!(:invitation_token => params[:invitation_token])
116
+ User.invite!(:email => "new_user@example.com", :name => "John Doe", :skip_invitation => true)
117
+ # => the record will be created, but the invitation email will not be sent
73
118
 
74
- Invitations controller implement this. You can go to /users/invitation/new to send an invitation and an email will be sent with a link to accept the invitation with a URL like /users/invitation/accept?invitation_token=...
119
+ === Accept an invitation
75
120
 
76
- == Adding Invitable to a running application
121
+ To accept an invitation with a token use the <tt>accept_invitation!</tt> class method. <tt>:invitation_token</tt> must be present in the parameters hash. You can also include other attributes in the hash.
77
122
 
78
- Define a migration to add invitable to your model:
123
+ User.accept_invitation!(:invitation_token => params[:invitation_token], :password => "ad97nwj3o2", :name => "John Doe")
79
124
 
80
- change_table :your_table do |t|
81
- t.string :invitation_token, :limit => 20
82
- t.datetime :invitation_sent_at
83
- t.index :invitation_token
125
+ == Integration in a Rails application
126
+
127
+ Since the invitations controller take care of all the creation/acceptation of an invitation, in most cases you wouldn't call the <tt>invite!</tt> and <tt>accept_invitation!</tt> methods directly.
128
+ Instead, in your views, put a link to <tt>new_user_invitation_path</tt> or <tt>new_invitation_path(:user)</tt> or even <tt>/users/invitation/new</tt> to prepare and send an invitation (to a user in this example).
129
+ After an invitation is created and sent, the inviter will be redirected to after_sign_in_path_for(resource_name).
130
+
131
+ The invitation email includes a link to accept the invitation that looks like this: <tt>/users/invitation/accept?invitation_token=abcd123</tt>. When clicked, the invited must set a password in order to accept its invitation. Note that if the invitation_token is not present or not valid, the invited is redirected to after_sign_out_path_for(resource_name).
132
+ You can also overwrite after_sign_in_path_for and after_sign_out_path_for to customize your redirect hooks. More on {Devise's README}[http://github.com/plataformatec/devise], "Controller filters and helpers" section.
133
+
134
+ The controller sets the invited_by_id attribute for the new user to the current user. This will let you easily keep track of who invited who.
135
+
136
+ == Controller filter
137
+
138
+ InvitationsController uses authenticate_inviter! filter to restrict who can send invitations. You can override this method in your ApplicationController.
139
+
140
+ Default behavior requires authentication of the same resource as the invited one. For example, if your model User is invitable, it will allow all authenticated users to send invitations to other users.
141
+
142
+ You would have a User model which is configured as invitable and an Admin model which is not. If you want to allow only admins to send invitations, simply overwrite the authenticate_inviter! method as follow:
143
+
144
+ class ApplicationController < ActionController::Base
145
+ protected
146
+ def authenticate_inviter!
147
+ authenticate_admin!
148
+ end
84
149
  end
85
150
 
86
- # Allow null encrypted_password and password_salt
87
- change_column :your_table, :encrypted_password, :string, :null => true
88
- change_column :your_table, :password_salt, :string, :null => true
151
+ == I18n
152
+
153
+ DeviseInvitable uses flash messages with I18n with the flash keys <tt>:send_instructions</tt>, <tt>:invitation_token_invalid</tt> and <tt>:updated</tt>. To customize your app, you can modify the generated locale file:
154
+
155
+ en:
156
+ devise:
157
+ invitations:
158
+ send_instructions: 'An invitation email has been sent to %{email}.'
159
+ invitation_token_invalid: 'The invitation token provided is not valid!'
160
+ updated: 'Your password was set successfully. You are now signed in.'
161
+
162
+ You can also create distinct messages based on the resource you've configured using the singular name given in routes:
163
+
164
+ en:
165
+ devise:
166
+ invitations:
167
+ user:
168
+ send_instructions: 'A new user invitation has been sent to %{email}.'
169
+ invitation_token_invalid: 'Your invitation token is not valid!'
170
+ updated: 'Welcome on board! You are now signed in.'
171
+
172
+ The DeviseInvitable mailer uses the same pattern as Devise to create mail subject messages:
173
+
174
+ en:
175
+ devise:
176
+ mailer:
177
+ invitation_instructions:
178
+ subject: 'You got an invitation!'
179
+ user_subject: 'You got a user invitation!'
180
+
181
+ Take a look at the generated locale file (in <tt>config/locales/devise_invitable.en.yml</tt>) to check all available messages.
89
182
 
90
- Add :invitable to the devise line of your model, or to config.all in devise initializer if your model uses devise :all.
183
+ == Other ORMs
91
184
 
92
- Override authenticate_resource! filter if you need to customize who can send invitations as it's explained in controller filters section.
185
+ DeviseInvitable supports ActiveRecord and Mongoid, like Devise.
93
186
 
94
187
  == Contributors
95
188
 
@@ -97,17 +190,14 @@ Check them all at:
97
190
 
98
191
  http://github.com/scambra/devise_invitable/contributors
99
192
 
100
- Special thanks to http://github.com/rymai:"rymai" for rails3 support, his fork was a great help.
193
+ Special thanks to rymai[http://github.com/rymai] for the Rails 3 support, his fork was a great help.
101
194
 
102
195
  == Note on Patches/Pull Requests
103
196
 
104
197
  * Fork the project.
105
198
  * Make your feature addition or bug fix.
106
- * Add tests for it. This is important so I don't break it in a
107
- future version unintentionally.
108
- * Commit, do not mess with rakefile, version, or history.
109
- (if you want to have your own version, that is fine but
110
- bump version in a commit by itself I can ignore when I pull)
199
+ * Add tests for it. This is important so I don't break it in a future version unintentionally.
200
+ * Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
111
201
  * Send me a pull request. Bonus points for topic branches.
112
202
 
113
203
  == Copyright
@@ -1,7 +1,8 @@
1
1
  class Devise::InvitationsController < ApplicationController
2
2
  include Devise::Controllers::InternalHelpers
3
3
 
4
- before_filter :authenticate_resource!, :only => [:new, :create]
4
+ before_filter :authenticate_inviter!, :only => [:new, :create]
5
+ before_filter :has_invitations_left?, :only => [:create]
5
6
  before_filter :require_no_authentication, :only => [:edit, :update]
6
7
  helper_method :after_sign_in_path_for
7
8
 
@@ -13,11 +14,11 @@ class Devise::InvitationsController < ApplicationController
13
14
 
14
15
  # POST /resource/invitation
15
16
  def create
16
- self.resource = resource_class.invite!(params[resource_name])
17
+ self.resource = resource_class.invite!(params[resource_name], current_inviter)
17
18
 
18
19
  if resource.errors.empty?
19
- set_flash_message :notice, :send_instructions
20
- redirect_to after_update_path_for(resource_name)
20
+ set_flash_message :notice, :send_instructions, :email => self.resource.email
21
+ redirect_to after_sign_in_path_for(resource_name)
21
22
  else
22
23
  render_with_scope :new
23
24
  end
@@ -25,9 +26,12 @@ class Devise::InvitationsController < ApplicationController
25
26
 
26
27
  # GET /resource/invitation/accept?invitation_token=abcdef
27
28
  def edit
28
- self.resource = resource_class.new
29
- resource.invitation_token = params[:invitation_token]
30
- render_with_scope :edit
29
+ if params[:invitation_token] && self.resource = resource_class.first(:conditions => { :invitation_token => params[:invitation_token] })
30
+ render_with_scope :edit
31
+ else
32
+ set_flash_message(:alert, :invitation_token_invalid)
33
+ redirect_to after_sign_out_path_for(resource_name)
34
+ end
31
35
  end
32
36
 
33
37
  # PUT /resource/invitation
@@ -41,4 +45,17 @@ class Devise::InvitationsController < ApplicationController
41
45
  render_with_scope :edit
42
46
  end
43
47
  end
48
+
49
+ protected
50
+ def current_inviter
51
+ @current_inviter ||= authenticate_inviter!
52
+ end
53
+
54
+ def has_invitations_left?
55
+ unless current_inviter.nil? || current_inviter.has_invitations_left?
56
+ build_resource
57
+ set_flash_message :alert, :no_invitations_remaining
58
+ render_with_scope :new
59
+ end
60
+ end
44
61
  end
@@ -1,8 +1,10 @@
1
1
  en:
2
2
  devise:
3
3
  invitations:
4
- send_instructions: 'An email with instructions about how to set the password has been sent.'
4
+ send_instructions: 'An invitation email has been sent to %{email}.'
5
+ invitation_token_invalid: 'The invitation token provided is not valid!'
5
6
  updated: 'Your password was set successfully. You are now signed in.'
7
+ no_invitations_remaining: "No invitations remaining"
6
8
  mailer:
7
- invitiation:
8
- subject: 'Invitation'
9
+ invitation_instructions:
10
+ subject: 'Invitation instructions'
@@ -1,7 +1,7 @@
1
1
  module DeviseInvitable::Controllers::Helpers
2
2
  protected
3
- def authenticate_resource!
4
- send(:"authenticate_#{resource_name}!")
3
+ def authenticate_inviter!
4
+ send(:"authenticate_#{resource_name}!", true)
5
5
  end
6
6
  end
7
7
  ActionController::Base.send :include, DeviseInvitable::Controllers::Helpers
@@ -1,7 +1,14 @@
1
- module DeviseInvitable::Mailer
2
-
3
- # Deliver an invitation when is requested
4
- def invitation(record)
5
- setup_mail(record, :invitation)
1
+ module DeviseInvitable
2
+ module Mailer
3
+
4
+ # Deliver an invitation email
5
+ def invitation_instructions(record)
6
+ setup_mail(record, :invitation_instructions)
7
+ end
8
+
9
+ def invitation(record)
10
+ ActiveSupport::Deprecation.warn('invitation has been renamed to invitation_instructions')
11
+ invitation_instructions(record)
12
+ end
6
13
  end
7
14
  end
@@ -1,29 +1,36 @@
1
1
  module Devise
2
2
  module Models
3
- # Invitable is responsible to send emails with invitations.
4
- # When an invitation is sent to an email, an account is created for it.
5
- # An invitation has a link to set the password, as reset password from recoverable.
3
+ # Invitable is responsible for sending invitation emails.
4
+ # When an invitation is sent to an email address, an account is created for it.
5
+ # Invitation email contains a link allowing the user to accept the invitation
6
+ # by setting a password (as reset password from Devise's recoverable module).
6
7
  #
7
8
  # Configuration:
8
9
  #
9
- # invite_for: the time you want the user will have to confirm the account after
10
- # is invited. When invite_for is zero, the invitation won't expire.
11
- # By default invite_for is 0.
10
+ # invite_for: The period the generated invitation token is valid, after
11
+ # this period, the invited resource won't be able to accept the invitation.
12
+ # When invite_for is 0 (the default), the invitation won't expire.
12
13
  #
13
14
  # Examples:
14
15
  #
15
- # User.find(1).invited? # true/false
16
- # User.invite!(:email => 'someone@example.com') # send invitation
17
- # User.accept_invitation!(:invitation_token => '...') # accept invitation with a token
18
- # User.find(1).accept_invitation! # accept invitation
19
- # User.find(1).invite! # reset invitation status and send invitation again
16
+ # User.find(1).invited? # => true/false
17
+ # User.invite!(:email => 'someone@example.com') # => send invitation
18
+ # User.accept_invitation!(:invitation_token => '...') # => accept invitation with a token
19
+ # User.find(1).accept_invitation! # => accept invitation
20
+ # User.find(1).invite! # => reset invitation status and send invitation again
20
21
  module Invitable
21
22
  extend ActiveSupport::Concern
22
23
 
24
+ attr_accessor :skip_invitation
25
+
26
+ included do
27
+ belongs_to :invited_by, :polymorphic => true
28
+ end
29
+
23
30
  # Accept an invitation by clearing invitation token and confirming it if model
24
31
  # is confirmable
25
32
  def accept_invitation!
26
- if self.invited?
33
+ if self.invited? && self.valid?
27
34
  self.invitation_token = nil
28
35
  self.save
29
36
  end
@@ -34,26 +41,33 @@ module Devise
34
41
  persisted? && invitation_token.present?
35
42
  end
36
43
 
37
- # Send invitation by email
38
- def send_invitation
39
- ::Devise.mailer.invitation(self).deliver
44
+ # Return true if this user has invitations left to send
45
+ def has_invitations_left?
46
+ if self.class.invitation_limit.present?
47
+ if invitation_limit
48
+ return invitation_limit > 0
49
+ else
50
+ return self.class.invitation_limit > 0
51
+ end
52
+ else
53
+ return true
54
+ end
40
55
  end
41
56
 
42
57
  # Reset invitation token and send invitation again
43
58
  def invite!
44
59
  if new_record? || invited?
45
- self.skip_confirmation! if self.new_record? and self.respond_to? :skip_confirmation!
46
- generate_invitation_token
47
- save(:validate=>false)
48
- send_invitation
60
+ @skip_password = true
61
+ self.skip_confirmation! if self.new_record? && self.respond_to?(:skip_confirmation!)
62
+ generate_invitation_token if self.invitation_token.nil?
63
+ self.invitation_sent_at = Time.now.utc
64
+ if save(:validate => self.class.validate_on_invite)
65
+ self.invited_by.decrement_invitation_limit! if self.invited_by
66
+ !!deliver_invitation unless @skip_invitation
67
+ end
49
68
  end
50
69
  end
51
70
 
52
- def resend_invitation!
53
- ActiveSupport::Deprecation.warn('resend_invitation! has been renamed to invite!')
54
- self.invite!
55
- end
56
-
57
71
  # Verify whether a invitation is active or not. If the user has been
58
72
  # invited, we need to calculate if the invitation time has not expired
59
73
  # for this user, in other words, if the invitation is still valid.
@@ -61,7 +75,34 @@ module Devise
61
75
  invited? && invitation_period_valid?
62
76
  end
63
77
 
78
+ # Only verify password when is not invited
79
+ def valid_password?(password)
80
+ super unless invited?
81
+ end
82
+
64
83
  protected
84
+ def decrement_invitation_limit!
85
+ if self.class.invitation_limit.present?
86
+ self.invitation_limit ||= self.class.invitation_limit
87
+ self.decrement!(:invitation_limit)
88
+ end
89
+ end
90
+
91
+ # Overriding the method in Devise's :validatable module so password is not required on inviting
92
+ def password_required?
93
+ !@skip_password && super
94
+ end
95
+
96
+ # Deliver the invitation email
97
+ def deliver_invitation
98
+ ::Devise.mailer.invitation_instructions(self).deliver
99
+ end
100
+
101
+ # Clear invitation token when reset password token is cleared too
102
+ def clear_reset_password_token
103
+ self.invitation_token = nil if invited?
104
+ super
105
+ end
65
106
 
66
107
  # Checks if the invitation for the user is within the limit time.
67
108
  # We do this by calculating if the difference between today and the
@@ -89,8 +130,7 @@ module Devise
89
130
  # Generates a new random token for invitation, and stores the time
90
131
  # this token is being generated
91
132
  def generate_invitation_token
92
- self.invitation_token = Devise.friendly_token
93
- self.invitation_sent_at = Time.now.utc
133
+ self.invitation_token = self.class.invitation_token
94
134
  end
95
135
 
96
136
  module ClassMethods
@@ -98,33 +138,32 @@ module Devise
98
138
  # user and send invitation to it. If user is found, returns the user with an
99
139
  # email already exists error.
100
140
  # Attributes must contain the user email, other attributes will be set in the record
101
- def invite!(attributes={})
102
- invitable = find_or_initialize_with_error_by(:email, attributes.delete(:email))
141
+ def invite!(attributes={}, invited_by=nil, &block)
142
+ invitable = find_or_initialize_with_error_by(invite_key, attributes.delete(invite_key))
103
143
  invitable.attributes = attributes
144
+ invitable.invited_by = invited_by
104
145
 
105
146
  if invitable.new_record?
106
- invitable.errors.clear if invitable.email.match Devise.email_regexp
147
+ invitable.errors.clear if invitable.email.try(:match, Devise.email_regexp)
107
148
  else
108
- invitable.errors.add(:email, :taken) unless invitable.invited?
149
+ invitable.errors.add(invite_key, :taken) unless invitable.invited?
109
150
  end
110
151
 
111
- invitable.invite! if invitable.errors.empty?
152
+ if invitable.errors.empty?
153
+ yield invitable if block_given?
154
+ invitable.invite!
155
+ end
112
156
  invitable
113
157
  end
114
158
 
115
- def send_invitation(attributes = {})
116
- ActiveSupport::Deprecation.warn('send_invitation has been renamed to invite!')
117
- self.invite!(attributes)
118
- end
119
-
120
159
  # Attempt to find a user by it's invitation_token to set it's password.
121
160
  # If a user is found, reset it's password and automatically try saving
122
161
  # the record. If not user is found, returns a new user containing an
123
162
  # error in invitation_token attribute.
124
163
  # Attributes must contain invitation_token, password and confirmation
125
164
  def accept_invitation!(attributes={})
126
- invitable = find_or_initialize_with_error_by(:invitation_token, attributes[:invitation_token])
127
- invitable.errors.add(:invitation_token, :invalid) if attributes[:invitation_token] && !invitable.new_record? && !invitable.valid_invitation?
165
+ invitable = find_or_initialize_with_error_by(:invitation_token, attributes.delete(:invitation_token))
166
+ invitable.errors.add(:invitation_token, :invalid) if invitable.invitation_token && invitable.persisted? && !invitable.valid_invitation?
128
167
  if invitable.errors.empty?
129
168
  invitable.attributes = attributes
130
169
  invitable.accept_invitation!
@@ -132,7 +171,15 @@ module Devise
132
171
  invitable
133
172
  end
134
173
 
174
+ # Generate a token checking if one does not already exist in the database.
175
+ def invitation_token
176
+ generate_token(:invitation_token)
177
+ end
178
+
135
179
  Devise::Models.config(self, :invite_for)
180
+ Devise::Models.config(self, :validate_on_invite)
181
+ Devise::Models.config(self, :invitation_limit)
182
+ Devise::Models.config(self, :invite_key)
136
183
  end
137
184
  end
138
185
  end
@@ -2,9 +2,10 @@ module DeviseInvitable
2
2
  class Engine < ::Rails::Engine
3
3
 
4
4
  ActiveSupport.on_load(:action_controller) { include DeviseInvitable::Controllers::UrlHelpers }
5
- ActiveSupport.on_load(:action_view) { include DeviseInvitable::Controllers::UrlHelpers }
5
+ ActiveSupport.on_load(:action_view) { include DeviseInvitable::Controllers::UrlHelpers }
6
6
 
7
7
  config.after_initialize do
8
+ require 'devise/mailer'
8
9
  Devise::Mailer.send :include, DeviseInvitable::Mailer
9
10
  end
10
11
 
@@ -1,10 +1,13 @@
1
1
  module ActionDispatch::Routing
2
2
  class Mapper
3
- protected
4
- def devise_invitation(mapping, controllers)
5
- resource :invitation, :only => [:new, :create, :update], :path => mapping.path_names[:invitation], :controller => controllers[:invitations] do
6
- get :edit, :path => mapping.path_names[:accept], :as => :accept
7
- end
3
+
4
+ protected
5
+ def devise_invitation(mapping, controllers)
6
+ resource :invitation, :only => [:new, :create, :update],
7
+ :path => mapping.path_names[:invitation], :controller => controllers[:invitations] do
8
+ get :edit, :path => mapping.path_names[:accept], :as => :accept
8
9
  end
10
+ end
11
+
9
12
  end
10
13
  end
@@ -1,9 +1,34 @@
1
1
  module DeviseInvitable
2
2
  module Schema
3
- # Creates invitation_token and invitation_sent_at.
3
+ # Add invitation_token and invitation_sent_at columns in the resource's database table.
4
+ #
5
+ # Examples
6
+ #
7
+ # # For a new resource migration:
8
+ # create_table :the_resources do
9
+ # t.database_authenticatable :null => false # you need at least this
10
+ # t.invitable
11
+ # ...
12
+ # end
13
+ # add_index :the_resources, :invitation_token # for invitable
14
+ #
15
+ # # or if the resource's table already exists, define a migration and put this in:
16
+ # change_table :the_resources do |t|
17
+ # t.string :invitation_token, :limit => 60
18
+ # t.datetime :invitation_sent_at
19
+ # t.index :invitation_token # for invitable
20
+ # end
21
+ #
22
+ # # And allow encrypted_password to be null:
23
+ # change_column :the_resources, :encrypted_password, :string, :null => true
24
+ # # the following line is only if you use Devise's encryptable module!
25
+ # change_column :the_resources, :password_salt, :string, :null => true
4
26
  def invitable
5
- apply_devise_schema :invitation_token, String, :limit => 20
27
+ apply_devise_schema :invitation_token, String, :limit => 60
6
28
  apply_devise_schema :invitation_sent_at, DateTime
29
+ apply_devise_schema :invitation_limit, Integer
30
+ apply_devise_schema :invited_by_id, Integer
31
+ apply_devise_schema :invited_by_type, String
7
32
  end
8
33
  end
9
34
  end
@@ -0,0 +1,3 @@
1
+ module DeviseInvitable
2
+ VERSION = '0.4.0'
3
+ end