refinerycms-authentication 1.0.11 → 2.0.0

data/config/locales/zh-TW.yml

@@ -1,69 +1,69 @@
 zh-TW:
-  plugins:
-    refinery_users:
-      title: 使用者
-      description: 管理使用者
-  admin:
+  refinery:
+    plugins:
+      refinery_users:
+        title: 使用者
+        description: 管理使用者
+    admin:
+      users:
+        delete: 永遠移除這位使用者
+        edit: 編輯這位使用者
+        update:
+          cannot_remove_user_plugin_from_current_user: 您無法從目前登入的帳號移除 '使用者' 插件.
+        form:
+          blank_password_keeps_current: 密碼處空白可維持現在的密碼
+          plugin_access: 插件存取權限
+          role_access: 角色存取權限
+          enable_all: 全部開啟
+        actions:
+          create_new_user: 新增使用者
+        user:
+          email_user: 發送電子郵件給這個使用者
+          preview: '(%{who}) 加入 %{created_at}'
+    sessions:
+      new:
+        hello_please_sign_in: 您好! 請登入
+        sign_in: 登入
+        forgot_password: 我忘記了密碼
     users:
-      delete: 永遠移除這位使用者
-      edit: 編輯這位使用者
-      update:
-        cannot_remove_user_plugin_from_current_user: 您無法從目前登入的帳號移除 '使用者' 插件.
-      form:
-        blank_password_keeps_current: 密碼處空白可維持現在的密碼
-        plugin_access: 插件存取權限
-        role_access: 角色存取權限
-        enable_all: 全部開啟
-      actions:
-        create_new_user: 新增使用者
-      user:
-        email_user: 發送電子郵件給這個使用者
-        preview: '(%{who}) 加入 %{created_at}'
-  sessions:
-    new:
-      hello_please_sign_in: 您好! 請登入
-      sign_in: 登入
-      forgot_password: 我忘記了密碼
-  users:
-    setup_website_name_html: "先給這個網站一個名字吧. <a href='%{link}' name='%{title}'>到這裡</a>來編輯您的網站名稱"
-    new:
-      fill_form: 在底下填入您的資料好繼續之後的流程.
-      sign_up: 登入
-    create:
-      welcome: '歡迎使用 Refinery, %{who}'
-    forgot:
-      email_address: 電子郵件地址
-      enter_email_address: 請為您的帳號輸入電子郵件地址
-      reset_password: 重設密碼
-      blank_email: 您沒有輸入電子郵件地址.
-      email_not_associated_with_account_html: "抱歉, '%{email}' 不是任何帳號的電子郵件地址.<br />您確定輸入了正確的電子郵件地址嗎?"
-      email_reset_sent: 一封附上可重設您密碼的連結的電子郵件已經寄給您
-      password_encryption: "因為 Refinery 有些密碼加密演算法的改變, 所以您必須重設您的密碼, 如此您的密碼會比以往更安全地儲存著."
-    reset:
-      code_invalid: "很抱歉, 但這個重設碼過期或是失效了. 如果您遇到問題, 試著複製貼上您電子郵件上的網址到您的瀏覽器或是重新啟動重設密碼的流程."
-      successful: "成功地重設 '%{email}' 的密碼"
-      pick_new_password_for: "為 %{email} 挑選新的密碼"
-      reset_password: 重設密碼
-  user_mailer:
-    reset_notification:
-      subject: 重設您的密碼的連結
-      reset_request_received_for: '請求重設 %{username} 的密碼'
-      visit_this_url: 到這個網址來設定新的密碼
-      remain_same_if_no_action: '如果您不做任何動作, 您的密碼將會維持不變'
+      new:
+        fill_form: 在底下填入您的資料好繼續之後的流程.
+        sign_up: 登入
+      create:
+        welcome: '歡迎使用 Refinery, %{who}'
+      forgot:
+        email_address: 電子郵件地址
+        enter_email_address: 請為您的帳號輸入電子郵件地址
+        reset_password: 重設密碼
+        blank_email: 您沒有輸入電子郵件地址.
+        email_not_associated_with_account_html: "抱歉, '%{email}' 不是任何帳號的電子郵件地址.<br />您確定輸入了正確的電子郵件地址嗎?"
+        email_reset_sent: 一封附上可重設您密碼的連結的電子郵件已經寄給您
+        password_encryption: "因為 Refinery 有些密碼加密演算法的改變, 所以您必須重設您的密碼, 如此您的密碼會比以往更安全地儲存著."
+      reset:
+        code_invalid: "很抱歉, 但這個重設碼過期或是失效了. 如果您遇到問題, 試著複製貼上您電子郵件上的網址到您的瀏覽器或是重新啟動重設密碼的流程."
+        successful: "成功地重設 '%{email}' 的密碼"
+        pick_new_password_for: "為 %{email} 挑選新的密碼"
+        reset_password: 重設密碼
+    user_mailer:
+      reset_notification:
+        subject: 重設您的密碼的連結
+        reset_request_received_for: '請求重設 %{username} 的密碼'
+        visit_this_url: 到這個網址來設定新的密碼
+        remain_same_if_no_action: '如果您不做任何動作, 您的密碼將會維持不變'
+    roles:
+      superuser: 管理者
+      refinery: Refinery
   devise:
     failure:
       unauthenticated: 您必須登入之後才能繼續.
       invalid: '抱歉, 您輸入的帳號或是密碼不正確.'
     sessions:
       signed_in: 登入成功.
-  roles:
-    superuser: 管理者
-    refinery: Refinery
   activerecord:
     models:
-      user: 使用者
+      refinery/user: 使用者
     attributes:
-      user:
+      refinery/user:
         login: 登入
         username: 使用者名稱
         password: 密碼

data/config/routes.rb

@@ -1,29 +1,35 @@
-::Refinery::Application.routes.draw do
+Refinery::Core::Engine.routes.draw do
+  begin
+    devise_for :refinery_user,
+               :class_name => 'Refinery::User',
+               :path => 'refinery/users',
+               :controllers => { :registrations => 'refinery/users' },
+               :skip => [:registrations],
+               :path_names => { :sign_out => 'logout',
+                                :sign_in => 'login',
+                                :sign_up => 'register' }
 
-  # Add Devise necessary routes.
-  # For Devise routes, see: https://github.com/plataformatec/devise
-  devise_for :users, :controllers => {
-    :sessions => 'sessions',
-    :registrations => 'users',
-    :passwords => 'passwords'
-  }, :path_names => {
-    :sign_out => 'logout',
-    :sign_in => 'login',
-    :sign_up => 'register'
-  }
-
-  # Override Devise's default after login redirection route.  This will pushed a logged in user to the dashboard.
-  get 'refinery', :to => 'admin/dashboard#index', :as => :refinery_root
-  get 'refinery', :to => 'admin/dashboard#index', :as => :user_root
-
-  # Override Devise's other routes for convenience methods.
-  #get 'refinery/login', :to => "sessions#new", :as => :new_user_session
-  #get 'refinery/login', :to => "sessions#new", :as => :refinery_login
-  #get 'refinery/logout', :to => "sessions#destroy", :as => :destroy_user_session
-  #get 'refinery/logout', :to => "sessions#destroy", :as => :logout
+    # Override Devise's other routes for convenience methods.
+    devise_scope :refinery_user do
+      get '/refinery/login', :to => "sessions#new", :as => :new_refinery_user_session
+      get '/refinery/logout', :to => "sessions#destroy", :as => :destroy_refinery_user_session
+      get '/refinery/users/register' => 'users#new', :as => :new_refinery_user_registration
+      post '/refinery/users/register' => 'users#create', :as => :refinery_user_registration
+    end
+  rescue RuntimeError => exc
+    if exc.message =~ /ORM/
+      # We don't want to complain on a fresh installation.
+      if (ARGV || []).exclude?('--fresh-installation')
+        puts "---\nYou can safely ignore the following warning if you're currently installing Refinery as Devise support files have not yet been copied to your application:\n\n"
+        puts exc.message
+        puts '---'
+      end
+    else
+      raise exc
+    end
+  end
 
-  scope(:path => 'refinery', :as => 'admin', :module => 'admin') do
+  namespace :admin, :path => 'refinery' do
     resources :users, :except => :show
   end
-
 end

data/db/migrate/20100913234705_create_refinerycms_authentication_schema.rb

@@ -1,43 +1,43 @@
 class CreateRefinerycmsAuthenticationSchema < ActiveRecord::Migration
-  def self.up
+  def change
     # Postgres apparently requires the roles_users table to exist before creating the roles table.
-    create_table ::RolesUsers.table_name, :id => false, :force => true do |t|
-      t.integer "user_id"
-      t.integer "role_id"
+    create_table :refinery_roles_users, :id => false do |t|
+      t.integer :user_id
+      t.integer :role_id
     end
 
-    create_table ::Role.table_name, :force => true do |t|
-      t.string "title"
-    end
+    add_index :refinery_roles_users, [:role_id, :user_id]
+    add_index :refinery_roles_users, [:user_id, :role_id]
 
-    create_table ::UserPlugin.table_name, :force => true do |t|
-      t.integer "user_id"
-      t.string  "name"
-      t.integer "position"
+    create_table :refinery_roles do |t|
+      t.string :title
     end
 
-    add_index ::UserPlugin.table_name, ["name"], :name => "index_#{::UserPlugin.table_name}_on_title"
-    add_index ::UserPlugin.table_name, ["user_id", "name"], :name => "index_unique_#{::UserPlugin.table_name}", :unique => true
-
-    create_table ::User.table_name, :force => true do |t|
-      t.string   "login",             :null => false
-      t.string   "email",             :null => false
-      t.string   "crypted_password",  :null => false
-      t.string   "password_salt",     :null => false
-      t.string   "persistence_token"
-      t.datetime "created_at"
-      t.datetime "updated_at"
-      t.string   "perishable_token"
+    create_table :refinery_user_plugins do |t|
+      t.integer :user_id
+      t.string  :name
+      t.integer :position
     end
 
-    add_index ::User.table_name, ["id"], :name => "index_#{::User.table_name}_on_id"
-  end
+    add_index :refinery_user_plugins, :name
+    add_index :refinery_user_plugins, [:user_id, :name], :unique => true
 
-  def self.down
-    [::User].reject{|m|
-      !(defined?(m) and m.respond_to?(:table_name))
-    }.each do |model|
-      drop_table model.table_name
+    create_table :refinery_users do |t|
+      t.string    :username,            :null => false
+      t.string    :email,               :null => false
+      t.string    :encrypted_password,  :null => false
+      t.datetime  :current_sign_in_at
+      t.datetime  :last_sign_in_at
+      t.string    :current_sign_in_ip
+      t.string    :last_sign_in_ip
+      t.integer   :sign_in_count
+      t.datetime  :remember_created_at
+      t.string    :reset_password_token
+      t.datetime  :reset_password_sent_at
+
+      t.timestamps
     end
+
+    add_index :refinery_users, :id
   end
 end

data/lib/refinery/authenticated_system.rb

@@ -0,0 +1,40 @@
+module Refinery
+  module AuthenticatedSystem
+    # Store the URI of the current request in the session.
+    #
+    # We can return to this location by calling #redirect_back_or_default.
+    def store_location
+      session[:return_to] = request.fullpath.sub("//", "/")
+    end
+
+    # Redirect to the URI stored by the most recent store_location call or
+    # to the passed default.
+    def redirect_back_or_default(default)
+      redirect_to(session[:return_to] || default)
+      session[:return_to] = nil
+    end
+
+    # This just defines the devise method for after sign in to support
+    # extension namespace isolation...
+    def after_sign_in_path_for(resource_or_scope)
+      scope = Devise::Mapping.find_scope!(resource_or_scope)
+      home_path = "#{scope}_root_path"
+      respond_to?(home_path, true) ? refinery.send(home_path) : refinery.admin_root_path
+    end
+
+    def after_sign_out_path_for(resource_or_scope)
+      refinery.root_path
+    end
+
+    def refinery_user?
+      refinery_user_signed_in? && current_refinery_user.has_role?(:refinery)
+    end
+
+    protected :store_location, :redirect_back_or_default, :refinery_user?
+
+    def self.included(base)
+      base.send :helper_method, :current_refinery_user, :current_user_session,
+        :refinery_user_signed_in?, :refinery_user? if base.respond_to? :helper_method
+    end
+  end
+end

data/lib/refinery/authentication/configuration.rb

@@ -0,0 +1,9 @@
+module Refinery
+  module Authentication
+    include ActiveSupport::Configurable
+
+    config_accessor :superuser_can_assign_roles
+
+    self.superuser_can_assign_roles = false
+  end
+end

data/lib/refinery/authentication/engine.rb

@@ -0,0 +1,36 @@
+module Refinery
+  module Authentication
+    class Engine < ::Rails::Engine
+      include Refinery::Engine
+
+      isolate_namespace Refinery
+      engine_name :refinery_authentication
+
+      config.autoload_paths += %W( #{config.root}/lib )
+
+      initializer "register refinery_user plugin" do
+        Refinery::Plugin.register do |plugin|
+          plugin.pathname = root
+          plugin.name = 'refinery_users'
+          plugin.version = %q{2.0.0}
+          plugin.menu_match = %r{refinery/users$}
+          plugin.activity = {
+            :class_name => :'refinery/user',
+            :title => 'username'
+          }
+          plugin.url = { :controller => '/refinery/admin/users' }
+        end
+      end
+
+      before_inclusion do
+        [Refinery::ApplicationController, Refinery::AdminController, ::ApplicationHelper].each do |c|
+          c.send :include, Refinery::AuthenticatedSystem
+        end
+      end
+
+      config.after_initialize do
+        Refinery.register_extension(Refinery::Authentication)
+      end
+    end
+  end
+end

data/lib/refinery/authentication.rb

@@ -0,0 +1,29 @@
+require 'refinerycms-core'
+require 'devise'
+require 'friendly_id'
+
+module Refinery
+  autoload :AuthenticatedSystem, 'refinery/authenticated_system'
+
+  class << self
+    attr_accessor :authentication_login_field
+    def authentication_login_field
+      @authentication_login_field ||= 'login'
+    end
+  end
+
+  module Authentication
+    require 'refinery/authentication/engine'
+    require 'refinery/authentication/configuration'
+
+    class << self
+      def factory_paths
+        @factory_paths ||= [ root.join("spec/factories").to_s ]
+      end
+
+      def root
+        @root ||= Pathname.new(File.expand_path('../../../', __FILE__))
+      end
+    end
+  end
+end

data/lib/refinerycms-authentication.rb

@@ -1,54 +1 @@
-require 'devise'
-require 'refinerycms-core'
-require 'friendly_id'
-
-module Refinery
-  module Authentication
-
-    class Engine < ::Rails::Engine
-
-      initializer 'serve static assets' do |app|
-        app.middleware.insert_after ::ActionDispatch::Static, ::ActionDispatch::Static, "#{root}/public"
-      end
-
-      config.autoload_paths += %W( #{config.root}/lib )
-
-      config.after_initialize do
-        ::Refinery::Plugin.register do |plugin|
-          plugin.pathname = root
-          plugin.name = 'refinery_users'
-          plugin.version = %q{1.0.0}
-          plugin.menu_match = /(refinery|admin)\/users$/
-          plugin.activity = {
-            :class => User,
-            :title => 'username'
-          }
-          plugin.url = {:controller => '/admin/users'}
-        end
-      end
-
-      refinery.before_inclusion do
-        [::Refinery::ApplicationController, ::Refinery::ApplicationHelper].each do |c|
-          c.send :require, File.expand_path('../authenticated_system', __FILE__)
-          c.send :include, AuthenticatedSystem
-        end
-      end
-    end
-
-    class << self
-      attr_accessor :root
-      def root
-        @root ||= Pathname.new(File.expand_path('../../', __FILE__))
-      end
-    end
-  end
-
-  class << self
-    attr_accessor :authentication_login_field
-    def authentication_login_field
-      @authentication_login_field ||= 'login'
-    end
-  end
-end
-
-::Refinery.engines << 'authentication'
+require 'refinery/authentication'

data/refinerycms-authentication.gemspec

@@ -1,121 +1,26 @@
 # Encoding: UTF-8
-# DO NOT EDIT THIS FILE DIRECTLY! Instead, use lib/gemspec.rb to generate it.
+$:.push File.expand_path('../../core/lib', __FILE__)
+require 'refinery/version'
+
+version = Refinery::Version.to_s
 
 Gem::Specification.new do |s|
+  s.platform          = Gem::Platform::RUBY
   s.name              = %q{refinerycms-authentication}
-  s.version           = %q{1.0.11}
-  s.summary           = %q{Authentication engine for Refinery CMS}
-  s.description       = %q{The default authentication engine for Refinery CMS}
-  s.date              = %q{2012-05-18}
+  s.version           = version
+  s.summary           = %q{Authentication extension for Refinery CMS}
+  s.description       = %q{The default authentication extension for Refinery CMS}
   s.email             = %q{info@refinerycms.com}
   s.homepage          = %q{http://refinerycms.com}
   s.rubyforge_project = %q{refinerycms}
-  s.authors           = ['Resolve Digital', 'Philip Arndt', 'David Jones', 'Steven Heidel', 'Uģis Ozols']
+  s.authors           = ['Philip Arndt', 'Uģis Ozols', 'David Jones', 'Steven Heidel']
   s.license           = %q{MIT}
   s.require_paths     = %w(lib)
-  s.executables       = %w()
 
-  s.add_dependency 'refinerycms-core',            '= 1.0.11'
-  s.add_dependency 'activerecord',                '~> 3.0.10'
-  s.add_dependency 'devise',                      '~> 1.4.3'
-  s.add_dependency 'friendly_id_globalize3',      '~> 3.2.1'
+  s.files             = `git ls-files`.split("\n")
+  s.test_files        = `git ls-files -- spec/*`.split("\n")
+  s.executables       = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
 
-  s.files             = [
-    'app',
-    'app/controllers',
-    'app/controllers/admin',
-    'app/controllers/admin/users_controller.rb',
-    'app/controllers/passwords_controller.rb',
-    'app/controllers/sessions_controller.rb',
-    'app/controllers/users_controller.rb',
-    'app/helpers',
-    'app/helpers/sessions_helper.rb',
-    'app/helpers/users_helper.rb',
-    'app/mailers',
-    'app/mailers/user_mailer.rb',
-    'app/models',
-    'app/models/role.rb',
-    'app/models/roles_users.rb',
-    'app/models/user.rb',
-    'app/models/user_plugin.rb',
-    'app/views',
-    'app/views/admin',
-    'app/views/admin/users',
-    'app/views/admin/users/_actions.html.erb',
-    'app/views/admin/users/_form.html.erb',
-    'app/views/admin/users/_records.html.erb',
-    'app/views/admin/users/_user.html.erb',
-    'app/views/admin/users/_users.html.erb',
-    'app/views/admin/users/edit.html.erb',
-    'app/views/admin/users/index.html.erb',
-    'app/views/admin/users/new.html.erb',
-    'app/views/layouts',
-    'app/views/layouts/login.html.erb',
-    'app/views/passwords',
-    'app/views/passwords/edit.html.erb',
-    'app/views/passwords/new.html.erb',
-    'app/views/sessions',
-    'app/views/sessions/new.html.erb',
-    'app/views/user_mailer',
-    'app/views/user_mailer/reset_notification.html.erb',
-    'app/views/user_mailer/reset_notification.text.plain.erb',
-    'app/views/users',
-    'app/views/users/new.html.erb',
-    'config',
-    'config/locales',
-    'config/locales/bg.yml',
-    'config/locales/cs.yml',
-    'config/locales/da.yml',
-    'config/locales/de.yml',
-    'config/locales/el.yml',
-    'config/locales/en.yml',
-    'config/locales/es.yml',
-    'config/locales/fi.yml',
-    'config/locales/fr.yml',
-    'config/locales/it.yml',
-    'config/locales/jp.yml',
-    'config/locales/lolcat.yml',
-    'config/locales/lt.yml',
-    'config/locales/lv.yml',
-    'config/locales/nb.yml',
-    'config/locales/nl.yml',
-    'config/locales/pl.yml',
-    'config/locales/pt-BR.yml',
-    'config/locales/rs.yml',
-    'config/locales/ru.yml',
-    'config/locales/sk.yml',
-    'config/locales/sl.yml',
-    'config/locales/sv.yml',
-    'config/locales/vi.yml',
-    'config/locales/zh-CN.yml',
-    'config/locales/zh-TW.yml',
-    'config/routes.rb',
-    'db',
-    'db/migrate',
-    'db/migrate/20100913234705_create_refinerycms_authentication_schema.rb',
-    'db/migrate/20100929035252_add_missing_indexes_to_roles_users.rb',
-    'db/migrate/20101206013505_change_to_devise_users_table.rb',
-    'db/migrate/20110106184757_add_remember_created_at_to_users.rb',
-    'db/migrate/20110325213325_remove_password_salt_from_users.rb',
-    'features',
-    'features/lost_password.feature',
-    'features/manage_users.feature',
-    'features/step_definitions',
-    'features/step_definitions/lost_password.rb',
-    'features/step_definitions/user_steps.rb',
-    'features/support',
-    'features/support/factories.rb',
-    'features/support/paths.rb',
-    'lib',
-    'lib/authenticated_system.rb',
-    'lib/gemspec.rb',
-    'lib/generators',
-    'lib/generators/refinerycms_authentication_generator.rb',
-    'lib/refinerycms-authentication.rb',
-    'license.md',
-    'refinerycms-authentication.gemspec',
-    'spec',
-    'spec/models',
-    'spec/models/user_spec.rb'
-  ]
+  s.add_dependency 'devise',            '~> 2.0.0'
+  s.add_dependency 'refinerycms-core',  version
 end

data/spec/controllers/refinery/admin/users_controller_spec.rb

@@ -0,0 +1,73 @@
+require "spec_helper"
+
+describe Refinery::Admin::UsersController do
+  login_refinery_superuser
+
+  shared_examples_for "new, create, update, edit and update actions" do
+    it "should load roles" do
+      Refinery::Role.should_receive(:all).once{ [] }
+      get :new
+    end
+
+    it "should load plugins" do
+      plugins = Refinery::Plugins.new
+      plugins.should_receive(:in_menu).once{ [] }
+
+      Refinery::Plugins.should_receive(:registered).at_least(1).times{ plugins }
+      get :new
+    end
+  end
+
+  describe "#new" do
+    it "should render the new template" do
+      get :new
+      response.should be_success
+      response.should render_template("refinery/admin/users/new")
+    end
+
+    it_should_behave_like "new, create, update, edit and update actions"
+  end
+
+  describe "#create" do
+    it "should create a new user with valid params" do
+      user = Refinery::User.new :username => "bob"
+      user.should_receive(:save).once{ true }
+      Refinery::User.should_receive(:new).once.with(instance_of(HashWithIndifferentAccess)){ user }
+      post :create, :user => {}
+      response.should be_redirect
+    end
+
+    it_should_behave_like "new, create, update, edit and update actions"
+
+    it "should re-render #new if there are errors" do
+      user = Refinery::User.new :username => "bob"
+      user.should_receive(:save).once{ false }
+      Refinery::User.should_receive(:new).once.with(instance_of(HashWithIndifferentAccess)){ user }
+      post :create, :user => {}
+      response.should be_success
+      response.should render_template("refinery/admin/users/new")
+    end
+  end
+
+  describe "#edit" do
+    it "should render the edit template" do
+      Refinery::User.should_receive(:find).at_least(1).times{ @refinery_superuser }
+      get :edit, :id => "1"
+      response.should be_success
+      response.should render_template("refinery/admin/users/edit")
+    end
+
+    it_should_behave_like "new, create, update, edit and update actions"
+  end
+
+  describe "#update" do
+    it "should update a user" do
+      user = FactoryGirl.create(:refinery_user)
+      Refinery::User.should_receive(:find).at_least(1).times{ user }
+      put "update", :id => user.id.to_s, :user => {}
+      response.should be_redirect
+    end
+
+    it_should_behave_like "new, create, update, edit and update actions"
+  end
+end