devise_invitable 1.1.6 → 1.1.7

data/README.rdoc

@@ -32,12 +32,14 @@ Replace MODEL by the class name you want to add DeviseInvitable, like User, Admi
 
 Follow the walkthrough for Devise and after it's done, follow this walkthrough.
 
+== Devise Configuration
 Add :invitable to the <tt>devise</tt> call in your model (we’re assuming here you already have a User model with some Devise modules):
 
   class User < ActiveRecord::Base
     devise :database_authenticatable, :confirmable, :invitable
   end
 
+== ActiveRecord Migration
 Add t.invitable to your Devise model migration:
 
   create_table :users do
@@ -67,6 +69,25 @@ or for a model that already exists, define a migration to add DeviseInvitable to
 
   # Allow null encrypted_password
   change_column :users, :encrypted_password, :string, :null => true
+  # Allow null password_salt (add it if you are using Devise's encryptable module)
+  change_column :users, :password_salt, :string, :null => true
+
+== Mongoid Field Definitions
+If you are using Mongoid, define the following fields and indexes within your invitable model:
+
+  field :invitation_token, type: String
+  field :invitation_sent_at, type: Time
+  field :invitation_accepted_at, type: Time
+  field :invitation_limit, type: Integer
+
+  index( {invitation_token: 1}, {:background => true} )
+  index( {invitation_by_id: 1}, {:background => true} )
+
+You do not need to define a belongs_to relationship, as DeviseInvitable does this on your behalf:
+  belongs_to :invited_by, :polymorphic => true
+
+Remember to create indexes within the MongoDB database after deploying your changes.
+  rake db:mongoid:create_indexes
 
 == Model configuration
 
@@ -153,6 +174,9 @@ You can add :skip_invitation to attributes hash if skip_invitation is added to a
   User.invite!(:email => "new_user@example.com", :name => "John Doe", :skip_invitation => true)
   # => the record will be created, but the invitation email will not be sent
 
+Skip_invitation skips sending the email, but sets invitation_token, so invited_to_sign_up? on the
+resulting user returns true.
+
 You can send an invitation to an existing user if your workflow creates them separately:
 
   user = User.find(42)

data/app/controllers/devise/invitations_controller.rb

@@ -2,7 +2,8 @@ class Devise::InvitationsController < DeviseController
 
   before_filter :authenticate_inviter!, :only => [:new, :create]
   before_filter :has_invitations_left?, :only => [:create]
-  before_filter :require_no_authentication, :only => [:edit, :update]
+  before_filter :require_no_authentication, :only => [:edit, :update, :destroy]
+  before_filter :resource_from_invitation_token, :only => [:edit, :destroy]
   helper_method :after_sign_in_path_for
 
   # GET /resource/invitation/new
@@ -25,12 +26,7 @@ class Devise::InvitationsController < DeviseController
 
   # GET /resource/invitation/accept?invitation_token=abcdef
   def edit
-    if params[:invitation_token] && self.resource = resource_class.to_adapter.find_first( :invitation_token => params[:invitation_token] )
-      render :edit
-    else
-      set_flash_message(:alert, :invitation_token_invalid)
-      redirect_to after_sign_out_path_for(resource_name)
-    end
+    render :edit
   end
 
   # PUT /resource/invitation
@@ -46,6 +42,13 @@ class Devise::InvitationsController < DeviseController
       respond_with_navigational(resource){ render :edit }
     end
   end
+  
+  # GET /resource/invitation/remove?invitation_token=abcdef
+  def destroy
+    resource.destroy
+    set_flash_message :notice, :invitation_removed
+    redirect_to after_sign_out_path_for(resource_name)
+  end
 
   protected
   def current_inviter
@@ -59,5 +62,13 @@ class Devise::InvitationsController < DeviseController
       respond_with_navigational(resource) { render :new }
     end
   end
+  
+  def resource_from_invitation_token
+    unless params[:invitation_token] && self.resource = resource_class.to_adapter.find_first(params.slice(:invitation_token))
+      set_flash_message(:alert, :invitation_token_invalid)
+      redirect_to after_sign_out_path_for(resource_name)
+    end
+  end
+  
 end
 

data/app/controllers/devise_invitable/registrations_controller.rb

@@ -7,7 +7,7 @@ class DeviseInvitable::RegistrationsController < Devise::RegistrationsController
       self.resource = resource_class.where(:email => hash[:email], :encrypted_password => '').first
       if self.resource
         self.resource.attributes = hash
-        self.resource.accept_invitation!
+        self.resource.accept_invitation
       end
     end
     self.resource ||= super

data/config/locales/en.yml

@@ -5,6 +5,7 @@ en:
       invitation_token_invalid: 'The invitation token provided is not valid!'
       updated: 'Your password was set successfully. You are now signed in.'
       no_invitations_remaining: "No invitations remaining"
+      invitation_removed: 'Your invitation was removed.'
       new:
         header: "Send invitation"
         submit_button: "Send an invitation"

data/lib/devise_invitable/model.rb

@@ -36,13 +36,17 @@ module Devise
 
         include ActiveSupport::Callbacks
         define_callbacks :invitation_accepted
+        before_update :generate_confirmation_token, :if => :confirmation_required_for_invited?
+        after_update :send_on_create_confirmation_instructions, :if => :confirmation_required_for_invited?
 
         attr_writer :skip_password
 
-        scope :invitation_not_accepted, lambda { where(:invitation_accepted_at => nil) }
+        scope :active, lambda { where(:confirmation_token => nil) }
         if defined?(Mongoid) && self < Mongoid::Document
+          scope :invitation_not_accepted, lambda { where(:invitation_accepted_at => nil, :confirmation_token.ne => nil) }
           scope :invitation_accepted, lambda { where(:invitation_accepted_at.ne => nil) }
         else
+          scope :invitation_not_accepted, lambda { where(arel_table[:confirmation_token].not_eq(nil)).where(:invitation_accepted_at => nil) }
           scope :invitation_accepted, lambda { where(arel_table[:invitation_accepted_at].not_eq(nil)) }
 
           [:before_invitation_accepted, :after_invitation_accepted].each do |callback_method|
@@ -71,12 +75,17 @@ module Devise
       end
 
       # Accept an invitation by clearing invitation token and and setting invitation_accepted_at
-      # Confirms it if model is confirmable
+      def accept_invitation
+        self.invitation_accepted_at = Time.now.utc
+        self.invitation_token = nil
+      end
+
+      # Accept an invitation by clearing invitation token and and setting invitation_accepted_at
+      # Saves the model and confirms it if model is confirmable, running invitation_accepted callbacks
       def accept_invitation!
         if self.invited_to_sign_up? && self.valid?
-          self.invitation_accepted_at = Time.now.utc
           run_callbacks :invitation_accepted do
-            self.invitation_token = nil
+            self.accept_invitation
             self.confirmed_at = self.invitation_accepted_at if self.respond_to?(:confirmed_at)
             self.save(:validate => false)
           end
@@ -120,7 +129,7 @@ module Devise
         end
 
         generate_invitation_token if self.invitation_token.nil?
-        self.invitation_sent_at = Time.now.utc
+        self.invitation_sent_at = Time.now.utc unless @skip_invitation
         self.invited_by = invited_by if invited_by
 
         # Call these before_validate methods since we aren't validating on save
@@ -163,6 +172,10 @@ module Devise
           !@skip_password && super
         end
 
+        def confirmation_required_for_invited?
+          respond_to?(:confirmation_required?) && confirmation_required? && invitation_accepted?
+        end
+
         # Deliver the invitation email
         def deliver_invitation
           send_devise_notification(:invitation_instructions)

data/lib/devise_invitable/routes.rb

@@ -6,6 +6,7 @@ module ActionDispatch::Routing
       resource :invitation, :only => [:new, :create, :update],
         :path => mapping.path_names[:invitation], :controller => controllers[:invitations] do
         get :edit, :path => mapping.path_names[:accept], :as => :accept
+        get :destroy, :path => mapping.path_names[:remove], :as => :remove
       end
     end
 

data/lib/devise_invitable/version.rb

@@ -1,3 +1,3 @@
 module DeviseInvitable
-  VERSION = '1.1.6'
+  VERSION = '1.1.7'
 end

data/lib/generators/active_record/templates/migration.rb

@@ -6,7 +6,7 @@ class DeviseInvitableAddTo<%= table_name.camelize %> < ActiveRecord::Migration
       t.datetime   :invitation_accepted_at
       t.integer    :invitation_limit
       t.references :invited_by, :polymorphic => true
-      t.index      :invitation_token # for invitable
+      t.index      :invitation_token, :unique => true # for invitable
       t.index      :invited_by_id
     end
 

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: devise_invitable
 version: !ruby/object:Gem::Version 
-  hash: 31
+  hash: 29
   prerelease: 
   segments: 
   - 1
   - 1
-  - 6
-  version: 1.1.6
+  - 7
+  version: 1.1.7
 platform: ruby
 authors: 
 - Sergio Cambra
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2013-02-21 00:00:00 Z
+date: 2013-04-01 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: bundler
@@ -162,3 +162,4 @@ specification_version: 3
 summary: An invitation strategy for Devise
 test_files: []
 
+has_rdoc: