devise_invitable 1.7.4 → 1.7.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: a5b47a00992074a2cb6a0ae940340430bafdc284
-  data.tar.gz: 9348350b9aa008acd22e87b0bd8bf881ec09e190
+SHA256:
+  metadata.gz: 51e6d03ee4dd325ebd51b67efc8efb5916b30031842c5bd327f6597bdc149b96
+  data.tar.gz: 5fa1f5d1470086846959e4cf20a4d1161db9bd9a6030f82de8941e62db2bc157
 SHA512:
-  metadata.gz: b7739cf3d0121a6cbd492eabbd6d7ff9c5d2e1cc4016fcc9dae654be285569a034cc881d8672bc6feec407f2b24c85fad98b281a2b79d84fc1eb9986320580d9
-  data.tar.gz: 95e436f92ccc7c8828121fc4c7c4ac65d5808bfccb19da4463419939ce48ca6206d13fdb01cc99f47788340731c24f538d0cbfb4a14b954eb6e043350e0b3b18
+  metadata.gz: 2f522400741c8c5668a51ec81864739d8cc4d295912e58f7b060b2532f3b1110290db2a0b4201d0522baa163b485c6ba53f225128d9b4288007f428e2ab0918b
+  data.tar.gz: fe2b630bb65a1e30a939cd2c3b0cf2a6b86488e2acc728792935fdf358e73c414c3e5a06a82c8ce7a003e10c7614251ba085cc4b797ddfd9480da1b28a28cbf1

data/{CHANGELOG → CHANGELOG.md}

@@ -1,22 +1,41 @@
-= 1.7.2
+## 1.7.5
+- Add add_taken_error ([#768](https://github.com/scambra/devise_invitable/pull/768))
+- Add invitation_taken? ([#769](https://github.com/scambra/devise_invitable/pull/769))
+- Rollback invitation_token and invitation_accepted_at if saving failed ([#758](https://github.com/scambra/devise_invitable/pull/758))
+- Don't overwrite confirmed_at ([#761](https://github.com/scambra/devise_invitable/pull/761))
+- Check model responds to confirmed_at= ([#756](https://github.com/scambra/devise_invitable/pull/756))
+- Cleanup mailer views ([#753](https://github.com/scambra/devise_invitable/pull/753))
+
+## 1.7.4
+- Fix invitation_period_valid? with no timestamp ([#743](https://github.com/scambra/devise_invitable/pull/743))
+- fix for ActionController::UnfilteredParameters error on rails 5.2 ([commit](https://github.com/scambra/devise_invitable/commit/481c6b019a41ed913514464e5d5637d7bbf0618b))
+
+## 1.7.3
+- Fix `after_{invite,accept}_path_for` ([#737](https://github.com/scambra/devise_invitable/pull/737))
+- Hide invitable attributes from `#inspect` ([#736](https://github.com/scambra/devise_invitable/pull/736))
+- Generate migration template with version for rails >= 5 ([commit](https://github.com/scambra/devise_invitable/commit/3c44886964a8b3f44ad39c7b0aedd93db45b5815))
+- Set `@accepting_invitation` to false after accepting ([#710](https://github.com/scambra/devise_invitable/pull/710))
+- Override `send_password_change_notification` to handle accepting invitation ([#718](https://github.com/scambra/devise_invitable/pull/718))
+
+## 1.7.2
 - Sign out before accepting the invitation if the user logged in
 
-= 1.7.1
+## 1.7.1
 - Allow to set invited_by_* options on model
 - created_by_invite scope and test method checks invitation_created_at, because invitation_sent_at can be nil if skip_invitation is used
 
-= 1.7.0
+## 1.7.0
 
 - Drop devise < 4 support
 - Fix tests for devise 4.2
 
-= 1.6.1
+## 1.6.1
 
 - Support 2 arguments on after_invite_path_for, inviter and invitee
 - Support mongoid 6.0 (use :optional on invited_by relation)
 - Support devise 4.1
 
-= 1.6.0
+## 1.6.0
 
 - Support devise 4.0 and rails 5.0
 - Add before/after invitation_created callbacks
@@ -25,38 +44,38 @@
 - Ruby 1.9 not supported anymore
 - Adds :require_password_on_accepting config option, and ensure invitation is not accepted if password is required and removed from form
 
-= 1.5.5
+## 1.5.5
 
 - Add optional options hash to invite! methods, they will be used for send_devise_notification call
 
-= 1.5.4
+## 1.5.4
 
 - Ensure that all invited user passwords conform to a format
 - Call set_minimum_password_length (if exists) on accept invitation as devise does
 - Controllers inheriting from Devise::InvitationsController will now use 'devise.invitations' translations
-  when using Devise >= 3.5. See https://github.com/plataformatec/devise/pull/3407 for more details.
+  when using Devise >## 3.5. See https://github.com/plataformatec/devise/pull/3407 for more details.
 - Add invitation due date to mailer
 
-= 1.5.3
+## 1.5.3
 
 - Fix #585, avoid generating new password if there already is a encrypted one
 - Give error if trying to register with a registered email
 
-= 1.5.2
+## 1.5.2
 
 - Fix #571, accept invitation when password changes only if reset_password_token was present
 - Add support for setting invited_by foreign key
 - Set random initial password for invited users
 - Don't override password while User.invite!
 
-= 1.5.1
+## 1.5.1
 
 - Fix #562 Avoid using after_password_reset
 - Fix #564
 
 Compare: https://github.com/scambra/devise_invitable/compare/v1.5.0...v1.5.1
 
-= 1.5.0
+## 1.5.0
 
 Override valid_password? and unauthenticated_message instead of active_for_authentication? and inactive_message, active_for_authentication? doesn't work for default behavior of invited users without password
 
@@ -67,7 +86,7 @@ Override valid_password? and unauthenticated_message instead of active_for_authe
 
 Compare: https://github.com/scambra/devise_invitable/compare/v1.4.2...v1.5.0
 
-= 1.4.2
+## 1.4.2
 
 - Add option to allow controlling of auto sign in functionality for security
 - Add intermediate method in active_for_authentication? for more flexibility
@@ -77,7 +96,7 @@ Compare: https://github.com/scambra/devise_invitable/compare/v1.4.2...v1.5.0
 
 Compare: https://github.com/scambra/devise_invitable/compare/v1.4.1...v1.4.2
 
-= 1.4.1
+## 1.4.1
 
 - Begin testing against devise 3.4
 - Use current_inviter to get redirect path after invite
@@ -85,14 +104,14 @@ Compare: https://github.com/scambra/devise_invitable/compare/v1.4.1...v1.4.2
 
 Compare: https://github.com/scambra/devise_invitable/compare/v1.4.0...v1.4.1
 
-= 1.4.0
+## 1.4.0
 
 Override active_for_authentication? and inactive_message instead of valid_password?
 To use counter_cache, invited_by_counter_cache must be set, no more checking of invitations_count to enable counter cache
 
 Compare: https://github.com/scambra/devise_invitable/compare/v1.3.6...v1.4.0
 
-= 1.3.6
+## 1.3.6
 
 - Regenerate invitation token each time even if "skip_invitation" was true
 - Add passing a block to instance #invite! method
@@ -100,14 +119,14 @@ Compare: https://github.com/scambra/devise_invitable/compare/v1.3.6...v1.4.0
 
 Compare: https://github.com/scambra/devise_invitable/compare/v1.3.5...v1.3.6
 
-= 1.3.5
+## 1.3.5
 
 No notes yet, contributions welcome.
 
-= 1.3.0
+## 1.3.0
 
 Now devise 3.1 compatible, @token must be used instead of @resource.invitation_token in mail views
 
-= 1.2.0
+## 1.2.0
 
 Add invitation_created_at column which is set when invitation is created even when sending is skipped. This new field is used to check invitation period valid

data/README.rdoc

@@ -248,7 +248,7 @@ the value is temporarily available when you invite a user and will be decrypted
 
 When <tt>skip_invitation</tt> is used, you must also then set the <tt>invitation_sent_at</tt> field when the user is sent their
 token. Failure to do so will yield <tt>Invalid invitation token</tt> error when the user attempts to accept the invite.
-You can set it like so:
+You can set column, or call <tt>deliver_invitation</tt> to sent invitation and set column:
 
   user.deliver_invitation
 
@@ -321,9 +321,9 @@ A pair of scopes to find those users that have accepted, and those that have not
 Since the invitations controller take care of all the creation/acceptation of an invitation, in most cases you wouldn't call the <tt>invite!</tt> and <tt>accept_invitation!</tt> methods directly.
 Instead, in your views, put a link to <tt>new_user_invitation_path</tt> or <tt>new_invitation_path(:user)</tt> or even <tt>/users/invitation/new</tt> to prepare and send an invitation (to a user in this example).
 
-After an invitation is created and sent, the inviter will be redirected to after_invite_path_for(inviter, invitee), which is stored path or the same path as after_sign_in_path_for by default.
+After an invitation is created and sent, the inviter will be redirected to after_invite_path_for(inviter, invitee), which is the same path as signed_in_root_path by default.
 
-After an invitation is accepted, the invitee will be redirected to after_accept_path_for(resource), which is the same path as after_sign_in_path_for by default. If you want to override the path, override invitations controller and define after_accept_path_for method. This is useful in the common case that a user is invited to a specific location in your application. More on {Devise's README}[https://github.com/plataformatec/devise], "Controller filters and helpers" section.
+After an invitation is accepted, the invitee will be redirected to after_accept_path_for(resource), which is the same path as signed_in_root_path by default. If you want to override the path, override invitations controller and define after_accept_path_for method. This is useful in the common case that a user is invited to a specific location in your application. More on {Devise's README}[https://github.com/plataformatec/devise], "Controller filters and helpers" section.
 
 The invitation email includes a link to accept the invitation that looks like this:  <tt>/users/invitation/accept?invitation_token=abcd123</tt>. When clicked, the invited must set a password in order to accept its invitation. Note that if the invitation_token is not present or not valid, the invited is redirected to after_sign_out_path_for(resource_name).
 

data/app/controllers/devise/invitations_controller.rb

@@ -37,7 +37,6 @@ class Devise::InvitationsController < DeviseController
 
   # GET /resource/invitation/accept?invitation_token=abcdef
   def edit
-    sign_out send("current_#{resource_name}") if send("#{resource_name}_signed_in?")
     set_minimum_password_length
     resource.invitation_token = params[:invitation_token]
     render :edit

data/app/views/devise/mailer/invitation_instructions.html.erb

@@ -8,4 +8,4 @@
   <p><%= t("devise.mailer.invitation_instructions.accept_until", due_date: l(@resource.invitation_due_at, format: :'devise.mailer.invitation_instructions.accept_until_format')) %></p>
 <% end %>
 
-<p><%= t("devise.mailer.invitation_instructions.ignore").html_safe %></p>
+<p><%= t("devise.mailer.invitation_instructions.ignore") %></p>

data/app/views/devise/mailer/invitation_instructions.text.erb

@@ -8,4 +8,4 @@
   <%= t("devise.mailer.invitation_instructions.accept_until", due_date: l(@resource.invitation_due_at, format: :'devise.mailer.invitation_instructions.accept_until_format')) %>
 <% end %>
 
-<%= strip_tags t("devise.mailer.invitation_instructions.ignore") %>
+<%= t("devise.mailer.invitation_instructions.ignore") %>

data/config/locales/en.yml

@@ -22,7 +22,7 @@ en:
         someone_invited_you: "Someone has invited you to %{url}, you can accept it through the link below."
         accept: "Accept invitation"
         accept_until: "This invitation will be due in %{due_date}."
-        ignore: "If you don't want to accept the invitation, please ignore this email.<br />\nYour account won't be created until you access the link above and set your password."
+        ignore: "If you don't want to accept the invitation, please ignore this email. Your account won't be created until you access the link above and set your password."
   time:
     formats:
       devise:

data/lib/devise_invitable/models.rb

@@ -95,12 +95,21 @@ module Devise
           @accepting_invitation = true
           run_callbacks :invitation_accepted do
             self.accept_invitation
-            self.confirmed_at = self.invitation_accepted_at if self.respond_to?(:confirmed_at)
+            self.confirmed_at ||= self.invitation_accepted_at if self.respond_to?(:confirmed_at=)
             self.save
-          end.tap { @accepting_invitation = false }
+          end.tap do |saved|
+            self.rollback_accepted_invitation if !saved
+            @accepting_invitation = false
+          end
         end
       end
 
+      def rollback_accepted_invitation
+        self.invitation_token = self.invitation_token_was
+        self.invitation_accepted_at = nil
+        self.confirmed_at = nil if self.respond_to?(:confirmed_at=)
+      end
+
       # Verify wheather a user is created by invitation, irrespective to invitation status
       def created_by_invite?
         invitation_created_at.present?
@@ -218,6 +227,14 @@ module Devise
         time + self.class.invite_for
       end
 
+      def add_taken_error(key)
+        errors.add(key, :taken)
+      end
+    
+      def invitation_taken?
+        !invited_to_sign_up?
+      end
+
       protected
 
         def block_from_invitation?
@@ -300,9 +317,9 @@ module Devise
           invitable.valid? if self.validate_on_invite
           if invitable.new_record?
             invitable.clear_errors_on_valid_keys if !self.validate_on_invite
-          elsif !invitable.invited_to_sign_up? || !self.resend_invitation
+          elsif invitable.invitation_taken? || !self.resend_invitation
             invite_key_array.each do |key|
-              invitable.errors.add(key, :taken)
+              invitable.add_taken_error(key)
             end
           end
 

data/lib/devise_invitable/version.rb

@@ -1,3 +1,3 @@
 module DeviseInvitable
-  VERSION = '1.7.4'
+  VERSION = '1.7.5'
 end

data/test/models/invitable_test.rb

@@ -228,9 +228,13 @@ class InvitableTest < ActiveSupport::TestCase
     assert user.invitation_token.present?
     assert_nil user.invitation_accepted_at
     user.accept_invitation!
+    assert_nil user.invitation_token
+    assert user.invitation_accepted_at.present?
+    assert user.invitation_accepted?
     user.reload
     assert_nil user.invitation_token
     assert user.invitation_accepted_at.present?
+    assert user.invitation_accepted?
   end
 
   test 'should not clear invitation token or set accepted_at if record is invalid' do
@@ -245,6 +249,17 @@ class InvitableTest < ActiveSupport::TestCase
     assert_nil user.invitation_accepted_at
   end
 
+  test 'should not require reloading if invalid' do
+    user = User.invite!(:email => "valid@email.com")
+    assert user.invitation_token.present?
+    assert_nil user.invitation_accepted_at
+    user.attributes = { :password => '123456789', :password_confirmation => '987654321' }
+    user.accept_invitation!
+    assert user.invitation_token.present?
+    assert_nil user.invitation_accepted_at
+    assert !user.invitation_accepted?
+  end
+
   test 'should clear invitation token while resetting the password' do
     user = User.invite!(:email => "valid@email.com")
     assert user.invited_to_sign_up?

data/test/orm/active_record.rb

@@ -1,4 +1,8 @@
 ActiveRecord::Migration.verbose = false
 ActiveRecord::Base.logger = Logger.new(nil)
 
-ActiveRecord::Migrator.migrate(File.expand_path("../../rails_app/db/migrate/", __FILE__))
+if defined? ActiveRecord::MigrationContext # rails >= 5.2
+  ActiveRecord::MigrationContext.new(File.expand_path("../../rails_app/db/migrate/", __FILE__)).migrate
+else
+  ActiveRecord::Migrator.migrate(File.expand_path("../../rails_app/db/migrate/", __FILE__))
+end

data/test/rails_app/config/application.rb

@@ -23,6 +23,7 @@ module RailsApp
     config.action_mailer.default_url_options = { :host => "localhost:3000" }
     if DEVISE_ORM == :active_record && Rails.version.start_with?('5')
       config.active_record.maintain_test_schema = false
+      config.active_record.sqlite3.represent_boolean_as_integer = true if config.active_record.sqlite3
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_invitable
 version: !ruby/object:Gem::Version
-  version: 1.7.4
+  version: 1.7.5
 platform: ruby
 authors:
 - Sergio Cambra
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-04-09 00:00:00.000000000 Z
+date: 2018-10-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -60,7 +60,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- CHANGELOG
+- CHANGELOG.md
 - LICENSE
 - README.rdoc
 - app/controllers/devise/invitations_controller.rb
@@ -164,7 +164,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.3.6
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.10
+rubygems_version: 2.7.7
 signing_key: 
 specification_version: 4
 summary: An invitation strategy for Devise