devise_invitable 1.7.5 → 2.0.5
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise_invitable might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +24 -0
- data/README.rdoc +98 -111
- data/app/controllers/devise/invitations_controller.rb +41 -40
- data/app/controllers/devise_invitable/registrations_controller.rb +11 -11
- data/app/views/devise/invitations/edit.html.erb +14 -8
- data/app/views/devise/invitations/new.html.erb +11 -7
- data/app/views/devise/mailer/invitation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/invitation_instructions.text.erb +1 -1
- data/config/locales/ar.yml +23 -0
- data/config/locales/da.yml +41 -0
- data/config/locales/de.yml +31 -0
- data/config/locales/es.yml +31 -0
- data/config/locales/et.yml +23 -0
- data/config/locales/fa.yml +31 -0
- data/config/locales/fr.yml +34 -0
- data/config/locales/it.yml +31 -0
- data/config/locales/ja.yml +31 -0
- data/config/locales/ko.yml +24 -0
- data/config/locales/nl.yml +32 -0
- data/config/locales/no.yml +17 -0
- data/config/locales/pl.yml +31 -0
- data/config/locales/pt-BR.yml +23 -0
- data/config/locales/pt.yml +23 -0
- data/config/locales/ru.yml +23 -0
- data/config/locales/tr.yml +24 -0
- data/config/locales/ua.yml +31 -0
- data/config/locales/vi.yml +25 -0
- data/config/locales/zh-HK.yml +31 -0
- data/config/locales/zh-TW.yml +31 -0
- data/lib/devise_invitable.rb +5 -4
- data/lib/devise_invitable/controllers/helpers.rb +3 -4
- data/lib/devise_invitable/inviter.rb +4 -3
- data/lib/devise_invitable/mailer.rb +1 -1
- data/lib/devise_invitable/mapping.rb +6 -5
- data/lib/devise_invitable/models.rb +29 -27
- data/lib/devise_invitable/models/authenticatable.rb +7 -1
- data/lib/devise_invitable/parameter_sanitizer.rb +18 -18
- data/lib/devise_invitable/routes.rb +5 -5
- data/lib/devise_invitable/version.rb +1 -1
- data/lib/generators/active_record/devise_invitable_generator.rb +3 -3
- data/lib/generators/active_record/templates/migration.rb +0 -1
- data/lib/generators/devise_invitable/devise_invitable_generator.rb +4 -8
- data/lib/generators/devise_invitable/install_generator.rb +11 -14
- data/lib/generators/devise_invitable/templates/simple_form_for/invitations/edit.html.erb +10 -6
- data/lib/generators/devise_invitable/templates/simple_form_for/invitations/new.html.erb +10 -6
- data/lib/generators/devise_invitable/views_generator.rb +6 -6
- data/test/functional/registrations_controller_test.rb +24 -25
- data/test/generators/views_generator_test.rb +7 -6
- data/test/generators_test.rb +3 -2
- data/test/integration/invitation_remove_test.rb +8 -8
- data/test/integration/invitation_test.rb +46 -46
- data/test/integration_tests_helper.rb +8 -9
- data/test/model_tests_helper.rb +5 -5
- data/test/models/invitable_test.rb +126 -110
- data/test/models_test.rb +3 -3
- data/test/orm/active_record.rb +2 -2
- data/test/orm/mongoid.rb +2 -2
- data/test/rails_app/app/controllers/admins_controller.rb +4 -3
- data/test/rails_app/app/controllers/application_controller.rb +11 -10
- data/test/rails_app/app/controllers/free_invitations_controller.rb +12 -9
- data/test/rails_app/app/controllers/users_controller.rb +2 -2
- data/test/rails_app/app/models/admin.rb +7 -10
- data/test/rails_app/app/models/octopussy.rb +4 -4
- data/test/rails_app/app/models/user.rb +20 -20
- data/test/rails_app/app/views/admins/new.html.erb +9 -5
- data/test/rails_app/app/views/devise/sessions/new.html.erb +14 -6
- data/test/rails_app/app/views/free_invitations/new.html.erb +9 -5
- data/test/rails_app/app/views/layouts/application.html.erb +3 -4
- data/test/rails_app/app/views/users/invitations/new.html.erb +15 -9
- data/test/rails_app/config/application.rb +6 -6
- data/test/rails_app/config/boot.rb +2 -2
- data/test/rails_app/config/credentials.yml.enc +1 -0
- data/test/rails_app/config/initializers/devise.rb +4 -3
- data/test/rails_app/config/initializers/secret_token.rb +3 -1
- data/test/rails_app/config/initializers/session_store.rb +1 -1
- data/test/rails_app/config/initializers/wrap_parameters.rb +1 -1
- data/test/rails_app/config/master.key +1 -0
- data/test/rails_app/config/routes.rb +3 -3
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -2
- data/test/routes_test.rb +4 -4
- data/test/test_helper.rb +6 -19
- metadata +46 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0517f954240bfc3c1fd255df0d502d5fdbd461d4e695cd0c5ec725854af50dcf
|
4
|
+
data.tar.gz: 239b887a32e66dbc38fbf1e04625def2f1dea325fcc6d20af0e1befd066dd000
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 957006ebe6e94715459f941b52004a1002e72005e9344baca46679398bc34e360604e3a8a205d9099a4ff5015be597c1c02a89055137db6c12f10ecf03949db7
|
7
|
+
data.tar.gz: 17200aa6cf76d5abf07de1e4c0987f197140087a7a3210df0bf948a6098602eeeab05d65983cc69ef2185f2de741813ebc778a28d476a86bc5b1527bbd918f4c
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,27 @@
|
|
1
|
+
## 2.0.5
|
2
|
+
- Fix NoMethodError in random_password when validatable is not used ([#850](https://github.com/scambra/devise_invitable/pull/850))
|
3
|
+
|
4
|
+
## 2.0.4
|
5
|
+
- Fix devise deprecations ([#842](https://github.com/scambra/devise_invitable/pull/842))
|
6
|
+
- Update translations ([#844](https://github.com/scambra/devise_invitable/pull/844), [#845](https://github.com/scambra/devise_invitable/pull/845))
|
7
|
+
- Fix/enforce initial password length to follow devise ([#848](https://github.com/scambra/devise_invitable/pull/848))
|
8
|
+
|
9
|
+
## 2.0.3
|
10
|
+
- Add locales ([#834](https://github.com/scambra/devise_invitable/pull/834), [#835](https://github.com/scambra/devise_invitable/pull/835))
|
11
|
+
- Remove index on invitations_count column ([#830](https://github.com/scambra/devise_invitable/pull/830))
|
12
|
+
|
13
|
+
## 2.0.2
|
14
|
+
- Fix ruby 2.7 deprecation warning
|
15
|
+
|
16
|
+
## 2.0.1
|
17
|
+
- Use per-model allow_insecure_sign_in_after_accept ([#790](https://github.com/scambra/devise_invitable/pull/790))
|
18
|
+
|
19
|
+
## 2.0.0
|
20
|
+
- Remove deprecated devise_error_messages! from templates ([#786](https://github.com/scambra/devise_invitable/pull/785))
|
21
|
+
- Drop Devise < 4.6 support ([#786](https://github.com/scambra/devise_invitable/pull/786))
|
22
|
+
- Drop Rails 4.2 support ([#785](https://github.com/scambra/devise_invitable/pull/785))
|
23
|
+
- Drop Ruby 2.1 support
|
24
|
+
|
1
25
|
## 1.7.5
|
2
26
|
- Add add_taken_error ([#768](https://github.com/scambra/devise_invitable/pull/768))
|
3
27
|
- Add invitation_taken? ([#769](https://github.com/scambra/devise_invitable/pull/769))
|
data/README.rdoc
CHANGED
@@ -1,27 +1,27 @@
|
|
1
1
|
= DeviseInvitable
|
2
|
-
{<img src="https://badge.fury.io/rb/devise_invitable.svg"/>}[http://badge.fury.io/rb/devise_invitable] {<img src="https://travis-ci.org/scambra/devise_invitable.
|
2
|
+
{<img src="https://badge.fury.io/rb/devise_invitable.svg"/>}[http://badge.fury.io/rb/devise_invitable] {<img src="https://travis-ci.org/scambra/devise_invitable.svg"/>}[https://travis-ci.org/scambra/devise_invitable] {<img src="https://codeclimate.com/github/scambra/devise_invitable/badges/gpa.svg"/>}[https://codeclimate.com/github/scambra/devise_invitable]
|
3
3
|
|
4
|
-
It adds support to
|
4
|
+
It adds support to Devise[https://github.com/plataformatec/devise] for sending invitations by email (it requires to be authenticated) and accept the invitation setting the password.
|
5
5
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
6
|
+
== Requirements
|
7
|
+
|
8
|
+
The latest version of DeviseInvitable works with Devise >= 4.6.
|
9
|
+
|
10
|
+
If you want to use devise_invitable with earlier Devise releases (4.0 <= x < 4.6), use version 1.7.5.
|
10
11
|
|
11
12
|
== Installation
|
12
13
|
|
13
|
-
Install DeviseInvitable gem
|
14
|
+
Install DeviseInvitable gem:
|
14
15
|
|
15
16
|
gem install devise_invitable
|
16
17
|
|
17
|
-
Add DeviseInvitable to your Gemfile
|
18
|
+
Add DeviseInvitable to your Gemfile:
|
18
19
|
|
19
|
-
gem '
|
20
|
-
gem 'devise_invitable', '~> 1.7.0'
|
20
|
+
gem 'devise_invitable', '~> 2.0.0'
|
21
21
|
|
22
22
|
=== Automatic installation
|
23
23
|
|
24
|
-
Run the following generator to add DeviseInvitable’s configuration option in the Devise configuration file (config/initializers/devise.rb):
|
24
|
+
Run the following generator to add DeviseInvitable’s configuration option in the Devise configuration file (<tt>config/initializers/devise.rb</tt>):
|
25
25
|
|
26
26
|
rails generate devise_invitable:install
|
27
27
|
|
@@ -29,21 +29,21 @@ When you are done, you are ready to add DeviseInvitable to any of your Devise mo
|
|
29
29
|
|
30
30
|
rails generate devise_invitable MODEL
|
31
31
|
|
32
|
-
Replace MODEL by the class name you want to add DeviseInvitable, like User
|
32
|
+
Replace MODEL by the class name you want to add DeviseInvitable, like <tt>User</tt>, <tt>Admin</tt>, etc. This will add the <tt>:invitable</tt> flag to your model's Devise modules. The generator will also create a migration file (if your ORM supports them).
|
33
33
|
|
34
34
|
=== Manual installation
|
35
35
|
|
36
36
|
Follow the walkthrough for Devise and after it's done, follow this walkthrough.
|
37
37
|
|
38
38
|
== Devise Configuration
|
39
|
-
Add
|
39
|
+
Add <tt>:invitable</tt> to the <tt>devise</tt> call in your model (we’re assuming here you already have a User model with some Devise modules):
|
40
40
|
|
41
41
|
class User < ActiveRecord::Base
|
42
42
|
devise :database_authenticatable, :confirmable, :invitable
|
43
43
|
end
|
44
44
|
|
45
45
|
== ActiveRecord Migration
|
46
|
-
Add t.invitable to your Devise model migration:
|
46
|
+
Add <tt>t.invitable</tt> to your Devise model migration:
|
47
47
|
|
48
48
|
create_table :users do
|
49
49
|
...
|
@@ -57,7 +57,7 @@ Add t.invitable to your Devise model migration:
|
|
57
57
|
t.string :invited_by_type
|
58
58
|
...
|
59
59
|
end
|
60
|
-
add_index :users, :invitation_token, :
|
60
|
+
add_index :users, :invitation_token, unique: true
|
61
61
|
|
62
62
|
or for a model that already exists, define a migration to add DeviseInvitable to your model:
|
63
63
|
|
@@ -69,22 +69,17 @@ or for a model that already exists, define a migration to add DeviseInvitable to
|
|
69
69
|
add_column :users, :invitation_limit, :integer
|
70
70
|
add_column :users, :invited_by_id, :integer
|
71
71
|
add_column :users, :invited_by_type, :string
|
72
|
-
add_index :users, :invitation_token, :
|
73
|
-
|
74
|
-
# Allow null encrypted_password
|
75
|
-
change_column_null :users, :encrypted_password, :string, true
|
76
|
-
# Allow null password_salt (add it if you are using Devise's encryptable module)
|
77
|
-
change_column_null :users, :password_salt, :string, true
|
72
|
+
add_index :users, :invitation_token, unique: true
|
78
73
|
end
|
79
74
|
|
80
|
-
If you previously used devise_invitable with a
|
75
|
+
If you previously used devise_invitable with a <tt>:limit</tt> on <tt>:invitation_token</tt>, remove it:
|
81
76
|
|
82
77
|
def up
|
83
|
-
change_column :users, :invitation_token, :string, :
|
78
|
+
change_column :users, :invitation_token, :string, limit: nil
|
84
79
|
end
|
85
80
|
|
86
81
|
def down
|
87
|
-
change_column :users, :invitation_token, :string, :
|
82
|
+
change_column :users, :invitation_token, :string, limit: 60
|
88
83
|
end
|
89
84
|
|
90
85
|
== Mongoid Field Definitions
|
@@ -96,11 +91,11 @@ If you are using Mongoid, define the following fields and indexes within your in
|
|
96
91
|
field :invitation_accepted_at, type: Time
|
97
92
|
field :invitation_limit, type: Integer
|
98
93
|
|
99
|
-
index( {invitation_token: 1}, {:
|
100
|
-
index( {invitation_by_id: 1}, {:
|
94
|
+
index( { invitation_token: 1 }, { background: true} )
|
95
|
+
index( { invitation_by_id: 1 }, { background: true} )
|
101
96
|
|
102
|
-
You do not need to define a belongs_to relationship, as DeviseInvitable does this on your behalf:
|
103
|
-
belongs_to :invited_by, :
|
97
|
+
You do not need to define a <tt>belongs_to</tt> relationship, as DeviseInvitable does this on your behalf:
|
98
|
+
belongs_to :invited_by, polymorphic: true
|
104
99
|
|
105
100
|
Remember to create indexes within the MongoDB database after deploying your changes.
|
106
101
|
rake db:mongoid:create_indexes
|
@@ -109,39 +104,39 @@ Remember to create indexes within the MongoDB database after deploying your chan
|
|
109
104
|
|
110
105
|
DeviseInvitable adds some new configuration options:
|
111
106
|
|
112
|
-
* invite_for
|
107
|
+
* <tt>invite_for</tt>: The period the generated invitation token is valid. After this period, the invited resource won't be able to accept the invitation. When <tt>invite_for</tt> is <tt>0</tt> (the default), the invitation won't expire.
|
113
108
|
|
114
109
|
You can set this configuration option in the Devise initializer as follow:
|
115
110
|
|
116
111
|
# ==> Configuration for :invitable
|
117
|
-
# The period the generated invitation token is valid
|
118
|
-
# this period, the invited resource won't be able to accept the invitation.
|
112
|
+
# The period the generated invitation token is valid.
|
113
|
+
# After this period, the invited resource won't be able to accept the invitation.
|
119
114
|
# When invite_for is 0 (the default), the invitation won't expire.
|
120
115
|
# config.invite_for = 2.weeks
|
121
116
|
|
122
117
|
or directly as parameters to the <tt>devise</tt> method:
|
123
118
|
|
124
|
-
devise :database_authenticatable, :confirmable, :invitable, :
|
119
|
+
devise :database_authenticatable, :confirmable, :invitable, invite_for: 2.weeks
|
125
120
|
|
126
|
-
* invitation_limit
|
121
|
+
* <tt>invitation_limit</tt>: The number of invitations users can send. The default value of <tt>nil</tt> means users can send as many invites as they want, there is no limit for any user, <tt>invitation_limit</tt> column is not used. A setting of <tt>0</tt> means they can't send invitations. A setting <tt>n > 0</tt> means they can send <tt>n</tt> invitations. You can change <tt>invitation_limit</tt> column for some users so they can send more or less invitations, even with global <tt>invitation_limit = 0</tt>.
|
127
122
|
|
128
|
-
* invite_key
|
123
|
+
* <tt>invite_key</tt>: The key to be used to check existing users when sending an invitation. You can use multiple keys. This value must be a hash with the invite key as hash keys, and values that respond to the <tt>===</tt> operator (including procs and regexes). The default value is looking for users by email and validating with <tt>Devise.email_regexp</tt>.
|
129
124
|
|
130
|
-
* validate_on_invite
|
125
|
+
* <tt>validate_on_invite</tt>: force a record to be valid before being actually invited.
|
131
126
|
|
132
|
-
* resend_invitation
|
127
|
+
* <tt>resend_invitation</tt>: resend invitation if user with invited status is invited again. Enabled by default.
|
133
128
|
|
134
|
-
* invited_by_class_name
|
129
|
+
* <tt>invited_by_class_name</tt>: the class name of the inviting model. If this is <tt>nil</tt>, polymorphic association is used.
|
135
130
|
|
136
|
-
* invited_by_foreign_key
|
131
|
+
* <tt>invited_by_foreign_key</tt>: the foreign key to the inviting model (only used if <tt>invited_by_class_name</tt> is set, otherwise <tt>:invited_by_id</tt>)
|
137
132
|
|
138
|
-
* invited_by_counter_cache
|
133
|
+
* <tt>invited_by_counter_cache</tt>: the column name used for counter_cache column. If this is <tt>nil</tt> (default value), the <tt>invited_by</tt> association is declared without <tt>counter_cache</tt>.
|
139
134
|
|
140
|
-
* allow_insecure_sign_in_after_accept
|
135
|
+
* <tt>allow_insecure_sign_in_after_accept</tt>: automatically sign in the user after they set a password. Enabled by default.
|
141
136
|
|
142
|
-
* require_password_on_accepting
|
137
|
+
* <tt>require_password_on_accepting</tt>: require password when user accepts the invitation. Enabled by default. Disable if you don't want to ask or enforce to set password while accepting, because is set when user is invited or it will be set later.
|
143
138
|
|
144
|
-
For more details, see <tt>config/initializers/devise.rb</tt> (after you invoked the
|
139
|
+
For more details, see <tt>config/initializers/devise.rb</tt> (after you invoked the <tt>devise_invitable:install</tt> generator described above).
|
145
140
|
|
146
141
|
== Configuring views
|
147
142
|
|
@@ -153,7 +148,7 @@ You can also use the generator to generate scoped views:
|
|
153
148
|
|
154
149
|
rails generate devise_invitable:views users
|
155
150
|
|
156
|
-
Then turn scoped views on in config/initializers/devise.rb
|
151
|
+
Then turn scoped views on in <tt>config/initializers/devise.rb</tt>:
|
157
152
|
|
158
153
|
config.scoped_views = true
|
159
154
|
|
@@ -161,7 +156,7 @@ Please refer to {Devise's README}[https://github.com/plataformatec/devise] for m
|
|
161
156
|
|
162
157
|
== Configuring controllers
|
163
158
|
|
164
|
-
To change the controller's behavior, create a controller that inherits from <tt>Devise::InvitationsController</tt>. The available methods are: new
|
159
|
+
To change the controller's behavior, create a controller that inherits from <tt>Devise::InvitationsController</tt>. The available methods are: <tt>new</tt>, <tt>create</tt>, <tt>edit</tt>, and <tt>update</tt>. Refer to the {original controllers source}[https://github.com/scambra/devise_invitable/blob/master/app/controllers/devise/invitations_controller.rb] before editing any of these actions. Your controller might now look something like this:
|
165
160
|
|
166
161
|
class Users::InvitationsController < Devise::InvitationsController
|
167
162
|
def update
|
@@ -173,9 +168,9 @@ To change the controller's behavior, create a controller that inherits from <tt>
|
|
173
168
|
end
|
174
169
|
end
|
175
170
|
|
176
|
-
Now just tell Devise that you want to use your controller, the controller above is 'users/invitations'
|
171
|
+
Now just tell Devise that you want to use your controller, the controller above is <tt>'users/invitations'</tt>, so our routes.rb would have this line:
|
177
172
|
|
178
|
-
devise_for :users, :
|
173
|
+
devise_for :users, controllers: { invitations: 'users/invitations' }
|
179
174
|
|
180
175
|
be sure that you generate the views and put them into the controller that you generated, so for this example it would be:
|
181
176
|
|
@@ -186,33 +181,31 @@ To change behaviour of inviting or accepting users, you can simply override two
|
|
186
181
|
class Users::InvitationsController < Devise::InvitationsController
|
187
182
|
private
|
188
183
|
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
u.skip_invitation = true
|
184
|
+
# This is called when creating invitation.
|
185
|
+
# It should return an instance of resource class.
|
186
|
+
def invite_resource
|
187
|
+
# skip sending emails on invite
|
188
|
+
super { |user| user.skip_invitation = true }
|
195
189
|
end
|
196
|
-
end
|
197
190
|
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
191
|
+
# This is called when accepting invitation.
|
192
|
+
# It should return an instance of resource class.
|
193
|
+
def accept_resource
|
194
|
+
resource = resource_class.accept_invitation!(update_resource_params)
|
195
|
+
# Report accepting invitation to analytics
|
196
|
+
Analytics.report('invite.accept', resource.id)
|
197
|
+
resource
|
198
|
+
end
|
206
199
|
end
|
207
200
|
|
208
201
|
== Strong Parameters
|
209
202
|
|
210
|
-
When you customize your own views, you may end up adding new attributes to forms. Rails 4 moved the parameter sanitization from the model to the controller, causing DeviseInvitable to handle this concern at the controller as well. Read about it in {
|
203
|
+
When you customize your own views, you may end up adding new attributes to forms. Rails 4 moved the parameter sanitization from the model to the controller, causing DeviseInvitable to handle this concern at the controller as well. Read about it in {Devise README}[https://github.com/plataformatec/devise#strong-parameters]
|
211
204
|
|
212
205
|
There are just two actions in DeviseInvitable that allows any set of parameters to be passed down to the model, therefore requiring sanitization. Their names and the permited parameters by default are:
|
213
206
|
|
214
|
-
* invite (Devise::InvitationsController#create) - Permits only the authentication keys (like email)
|
215
|
-
* accept_invitation (Devise::InvitationsController#update) - Permits invitation_token plus password and password_confirmation
|
207
|
+
* <tt>invite</tt> (Devise::InvitationsController#create) - Permits only the authentication keys (like <tt>email</tt>)
|
208
|
+
* <tt>accept_invitation</tt> (Devise::InvitationsController#update) - Permits <tt>invitation_token</tt> plus <tt>password</tt> and <tt>password_confirmation</tt>.
|
216
209
|
|
217
210
|
Here is an example of what your application controller might need to include in order to add these parameters to the invitation view:
|
218
211
|
|
@@ -220,9 +213,9 @@ Here is an example of what your application controller might need to include in
|
|
220
213
|
|
221
214
|
protected
|
222
215
|
|
223
|
-
|
224
|
-
|
225
|
-
|
216
|
+
def configure_permitted_parameters
|
217
|
+
devise_parameter_sanitizer.permit(:accept_invitation, keys: [:first_name, :last_name, :phone])
|
218
|
+
end
|
226
219
|
|
227
220
|
|
228
221
|
== Usage
|
@@ -231,45 +224,43 @@ Here is an example of what your application controller might need to include in
|
|
231
224
|
|
232
225
|
To send an invitation to a user, use the <tt>invite!</tt> class method. <b>Note: This will create a user, and send an email for the invite.</b> <tt>:email</tt> must be present in the parameters hash. You can also include other attributes in the hash. The record will not be validated.
|
233
226
|
|
234
|
-
User.invite!(:
|
227
|
+
User.invite!(email: 'new_user@example.com', name: 'John Doe')
|
235
228
|
# => an invitation email will be sent to new_user@example.com
|
236
229
|
|
237
|
-
If you want to create the invitation but not send it, you can set <tt>skip_invitation</tt> to true
|
230
|
+
If you want to create the invitation but not send it, you can set <tt>skip_invitation</tt> to <tt>true</tt>.
|
238
231
|
|
239
|
-
user = User.invite!(:
|
232
|
+
user = User.invite!(email: 'new_user@example.com', name: 'John Doe') do |u|
|
240
233
|
u.skip_invitation = true
|
241
234
|
end
|
242
235
|
# => the record will be created, but the invitation email will not be sent
|
243
236
|
|
244
|
-
When generating the <tt>accept_user_invitation_url</tt> yourself, you must use the <tt>raw_invitation_token</tt
|
245
|
-
|
237
|
+
When generating the <tt>accept_user_invitation_url</tt> yourself, you must use the <tt>raw_invitation_token</tt>.
|
238
|
+
This value is temporarily available when you invite a user and will be decrypted when received.
|
246
239
|
|
247
|
-
accept_user_invitation_url(:
|
240
|
+
accept_user_invitation_url(invitation_token: user.raw_invitation_token)
|
248
241
|
|
249
|
-
When <tt>skip_invitation</tt> is used, you must also then set the <tt>invitation_sent_at</tt> field when the user is sent their
|
250
|
-
|
251
|
-
You can set column, or call <tt>deliver_invitation</tt> to sent invitation and set column:
|
242
|
+
When <tt>skip_invitation</tt> is used, you must also then set the <tt>invitation_sent_at</tt> field when the user is sent their token. Failure to do so will yield "Invalid invitation token" error when the user attempts to accept the invite.
|
243
|
+
You can set the column, or call <tt>deliver_invitation</tt> to send the invitation and set the column:
|
252
244
|
|
253
245
|
user.deliver_invitation
|
254
246
|
|
255
247
|
You can add <tt>:skip_invitation</tt> to attributes hash if <tt>skip_invitation</tt> is added to <tt>attr_accessible</tt>.
|
256
248
|
|
257
|
-
User.invite!(:
|
249
|
+
User.invite!(email: 'new_user@example.com', name: 'John Doe', skip_invitation: true)
|
258
250
|
# => the record will be created, but the invitation email will not be sent
|
259
251
|
|
260
252
|
<tt>skip_invitation</tt> skips sending the email, but sets <tt>invitation_token</tt>, so <tt>invited_to_sign_up?</tt> on the
|
261
|
-
resulting user returns true
|
253
|
+
resulting user returns <tt>true</tt>.
|
262
254
|
|
263
255
|
To check if a particular user is created by invitation, irrespective to state of invitation one can use <tt>created_by_invite?</tt>
|
264
256
|
|
265
257
|
**Warning**
|
266
258
|
|
267
|
-
When using skip_invitation you must send the email with the user object instance that generated the tokens, as
|
268
|
-
user.raw_invitation_token is available only to the instance and is not persisted in the database.
|
259
|
+
When using <tt>skip_invitation</tt> you must send the email with the user object instance that generated the tokens, as <tt>user.raw_invitation_token</tt> is available only to the instance and is not persisted in the database.
|
269
260
|
|
270
261
|
You can also set <tt>invited_by</tt> when using the <tt>invite!</tt> class method:
|
271
262
|
|
272
|
-
User.invite!({:
|
263
|
+
User.invite!({ email: 'new_user@example.com' }, current_user) # current_user will be set as invited_by
|
273
264
|
|
274
265
|
=== Sending an invitation after user creation
|
275
266
|
|
@@ -284,12 +275,11 @@ To find by invitation token use the <tt>find_by_invitation_token</tt> class meth
|
|
284
275
|
|
285
276
|
user = User.find_by_invitation_token(params[:invitation_token], true)
|
286
277
|
|
287
|
-
|
288
278
|
=== Accept an invitation
|
289
279
|
|
290
280
|
To accept an invitation with a token use the <tt>accept_invitation!</tt> class method. <tt>:invitation_token</tt> must be present in the parameters hash. You can also include other attributes in the hash.
|
291
281
|
|
292
|
-
User.accept_invitation!(:
|
282
|
+
User.accept_invitation!(invitation_token: params[:invitation_token], password: 'ad97nwj3o2', name: 'John Doe')
|
293
283
|
|
294
284
|
=== Callbacks
|
295
285
|
|
@@ -306,7 +296,7 @@ A callback event is fired before and after an invitation is created (User#invite
|
|
306
296
|
# ...
|
307
297
|
end
|
308
298
|
|
309
|
-
The callbacks support all options and arguments available to the standard callbacks provided by
|
299
|
+
The callbacks support all options and arguments available to the standard callbacks provided by ActiveRecord.
|
310
300
|
|
311
301
|
=== Scopes
|
312
302
|
|
@@ -318,33 +308,34 @@ A pair of scopes to find those users that have accepted, and those that have not
|
|
318
308
|
|
319
309
|
== Integration in a Rails application
|
320
310
|
|
321
|
-
Since the invitations controller
|
311
|
+
Since the invitations controller takes care of all the creation/acceptation of an invitation, in most cases you wouldn't call the <tt>invite!</tt> and <tt>accept_invitation!</tt> methods directly.
|
322
312
|
Instead, in your views, put a link to <tt>new_user_invitation_path</tt> or <tt>new_invitation_path(:user)</tt> or even <tt>/users/invitation/new</tt> to prepare and send an invitation (to a user in this example).
|
323
313
|
|
324
|
-
After an invitation is created and sent, the inviter will be redirected to after_invite_path_for(inviter, invitee)
|
314
|
+
After an invitation is created and sent, the inviter will be redirected to <tt>after_invite_path_for(inviter, invitee)</tt>, which is the same path as <tt>signed_in_root_path</tt> by default.
|
325
315
|
|
326
|
-
After an invitation is accepted, the invitee will be redirected to after_accept_path_for(resource)
|
316
|
+
After an invitation is accepted, the invitee will be redirected to <tt>after_accept_path_for(resource)</tt>, which is the same path as <tt>signed_in_root_path</tt> by default. If you want to override the path, override invitations controller and define <tt>after_accept_path_for</tt> method. This is useful in the common case that a user is invited to a specific location in your application. More on {Devise's README}[https://github.com/plataformatec/devise], "Controller filters and helpers" section.
|
327
317
|
|
328
|
-
The invitation email includes a link to accept the invitation that looks like this:
|
318
|
+
The invitation email includes a link to accept the invitation that looks like this: <tt>/users/invitation/accept?invitation_token=abcd123</tt>. When clicked, the invited must set a password in order to accept its invitation. Note that if the <tt>invitation_token</tt> is not present or not valid, the invited is redirected to <tt>after_sign_out_path_for(resource_name)</tt>.
|
329
319
|
|
330
|
-
The controller sets the invited_by_id attribute for the new user to the current user. This will let you easily keep track of who invited
|
320
|
+
The controller sets the <tt>invited_by_id</tt> attribute for the new user to the current user. This will let you easily keep track of who invited whom.
|
331
321
|
|
332
322
|
== Controller filter
|
333
323
|
|
334
|
-
InvitationsController uses authenticate_inviter
|
324
|
+
InvitationsController uses <tt>authenticate_inviter!</tt> filter to restrict who can send invitations. You can override this method in your <tt>ApplicationController</tt>.
|
335
325
|
|
336
|
-
Default behavior requires authentication of the same resource as the invited one. For example, if your model User is invitable, it will allow all authenticated users to send invitations to other users.
|
326
|
+
Default behavior requires authentication of the same resource as the invited one. For example, if your model <tt>User</tt> is invitable, it will allow all authenticated users to send invitations to other users.
|
337
327
|
|
338
|
-
You would have a User model which is configured as invitable and an Admin model which is not. If you want to allow only admins to send invitations, simply overwrite the authenticate_inviter
|
328
|
+
You would have a <tt>User</tt> model which is configured as invitable and an <tt>Admin</tt> model which is not. If you want to allow only admins to send invitations, simply overwrite the <tt>authenticate_inviter!</tt> method as follow:
|
339
329
|
|
340
330
|
class ApplicationController < ActionController::Base
|
341
|
-
|
342
|
-
|
343
|
-
|
344
|
-
|
331
|
+
protected
|
332
|
+
|
333
|
+
def authenticate_inviter!
|
334
|
+
authenticate_admin!(force: true)
|
335
|
+
end
|
345
336
|
end
|
346
337
|
|
347
|
-
And include DeviseInvitable::Inviter module into Admin model:
|
338
|
+
And include <tt>DeviseInvitable::Inviter</tt> module into <tt>Admin</tt> model:
|
348
339
|
|
349
340
|
class Admin < ActiveRecord::Base
|
350
341
|
devise :database_authenticatable, :validatable
|
@@ -353,15 +344,15 @@ And include DeviseInvitable::Inviter module into Admin model:
|
|
353
344
|
|
354
345
|
== Has many invitations
|
355
346
|
|
356
|
-
If you want to get all records invited by a resource, you should define has_many association in the model allowed to send invitations.
|
347
|
+
If you want to get all records invited by a resource, you should define <tt>has_many</tt> association in the model allowed to send invitations.
|
357
348
|
|
358
349
|
For the default behavior, define it like this:
|
359
350
|
|
360
|
-
has_many :invitations, :
|
351
|
+
has_many :invitations, class_name: self.to_s, as: :invited_by
|
361
352
|
|
362
353
|
For the previous example, where admins send invitations to users, define it like this:
|
363
354
|
|
364
|
-
has_many :invitations, :
|
355
|
+
has_many :invitations, class_name: 'User', as: :invited_by
|
365
356
|
|
366
357
|
== I18n
|
367
358
|
|
@@ -395,9 +386,9 @@ The DeviseInvitable mailer uses the same pattern as Devise to create mail subjec
|
|
395
386
|
subject: 'You got an invitation!'
|
396
387
|
user_subject: 'You got a user invitation!'
|
397
388
|
|
398
|
-
Take a look at the generated locale file
|
389
|
+
Take a look at the {generated locale file}[https://github.com/scambra/devise_invitable/blob/master/config/locales/en.yml] to check all available messages.
|
399
390
|
|
400
|
-
|
391
|
+
Check out wiki[https://github.com/scambra/devise_invitable/wiki/I18n] for translations.
|
401
392
|
|
402
393
|
=== Use with sub schema
|
403
394
|
If you are using sub schema in you application, you need to make sure that you are prioritizing your sub schema scheme over Warden in Rack.
|
@@ -406,7 +397,7 @@ For instance, if you are using the Apartment gem go inside your <tt>config/appli
|
|
406
397
|
module YourSite
|
407
398
|
class Application < Rails::Application
|
408
399
|
...
|
409
|
-
Rails.application.config.middleware.insert_before
|
400
|
+
Rails.application.config.middleware.insert_before Warden::Manager, Apartment::Elevators::Subdomain
|
410
401
|
end
|
411
402
|
end
|
412
403
|
|
@@ -422,14 +413,10 @@ https://github.com/scambra/devise_invitable/wiki
|
|
422
413
|
|
423
414
|
== Testing
|
424
415
|
|
425
|
-
To
|
416
|
+
To run tests:
|
426
417
|
|
427
|
-
|
428
|
-
|
429
|
-
rvm gemset use devise_invitable
|
430
|
-
gem install bundler
|
431
|
-
bundle
|
432
|
-
rake test DEVISE_ORM=active_record
|
418
|
+
bundle install
|
419
|
+
bundle exec rake test
|
433
420
|
|
434
421
|
== Contributors
|
435
422
|
|
@@ -449,4 +436,4 @@ Special thanks to rymai[https://github.com/rymai] for the Rails 3 support, his f
|
|
449
436
|
|
450
437
|
== Copyright
|
451
438
|
|
452
|
-
Copyright (c)
|
439
|
+
Copyright (c) 2019 Sergio Cambra. See LICENSE for details.
|