saucy 0.10.0 → 0.10.1

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+0.10.1
+
+Add admin reporting area at /admin/ to view accounts + users
+* Added admin_reporting.feature stories
+* Introduce admin_username and admin_password configuration options, for http auth protection
+
 0.10.0
 
 Bump to a newer version of Clearance.

data/app/controllers/admin/accounts_controller.rb

@@ -0,0 +1,14 @@
+class Admin::AccountsController < Admin::BaseController
+  def index
+    @accounts = Account.all
+  end
+
+  def search
+    @accounts = Account.search params[:query]
+    render :index
+  end
+
+  def show
+    @account = Account.find_by_keyword params[:id]
+  end
+end

data/app/controllers/admin/base_controller.rb

@@ -0,0 +1,15 @@
+class Admin::BaseController < ApplicationController
+  layout 'admin'
+  before_filter :authenticate_admin
+
+  def show
+  end
+
+  protected
+
+  def authenticate_admin
+    authenticate_or_request_with_http_basic do |user_name, password|
+      user_name == Saucy::Configuration.admin_username && password == Saucy::Configuration.admin_password
+    end
+  end
+end

data/app/controllers/admin/users_controller.rb

@@ -0,0 +1,14 @@
+class Admin::UsersController < Admin::BaseController
+  def index
+    @users = User.all
+  end
+
+  def search
+    @users = User.search params[:query]
+    render :index
+  end
+
+  def show
+    @user = User.find params[:id]
+  end
+end

data/app/views/admin/accounts/_account.html.erb

@@ -0,0 +1,15 @@
+<tr>
+  <td><%= account.id %></td>
+  <td><%= link_to account.name, admin_account_path(account) %></td>
+  <td><%= account.plan.name %></td>
+  <td><%= account.activated? %></td>
+  <td><%= link_to account.customer_token, "https://www.braintreegateway.com/merchants/#{Braintree::Configuration.merchant_id}/customers/#{account.customer_token}" %></td>
+  <td>
+    <% if account.subscription_token? %>
+      <%= link_to account.subscription_token, "https://www.braintreegateway.com/merchants/#{Braintree::Configuration.merchant_id}/subscriptions/#{account.subscription_token}" %>
+    <% else %>
+      N/A
+    <% end %>
+  </td>
+  <td><%= account.created_at %></td>
+</tr>

data/app/views/admin/accounts/index.html.erb

@@ -0,0 +1,19 @@
+<h2>Accounts</h2>
+
+<%= form_tag search_admin_accounts_path, :method => :get do %>
+  <%= text_field_tag :query, params[:query], :placeholder => 'Search' %>
+  <%= submit_tag 'Search', :name => nil %>
+<% end -%>
+
+<table>
+  <tr>
+    <th>ID</th>
+    <th>Account Name</th>
+    <th>Plan</th>
+    <th>Activated?</th>
+    <th>Customer Token</th>
+    <th>Subscription Token</th>
+    <th>Creation Date</th>
+  </tr>
+  <%= render :partial => 'admin/accounts/account', :collection => @accounts %>
+</table>

data/app/views/admin/accounts/show.html.erb

@@ -0,0 +1,49 @@
+<h2>Account Detail</h2>
+
+<table>
+  <tr>
+    <th>ID</th>
+    <th>Account Name</th>
+    <th>Plan</th>
+    <th>Activated?</th>
+    <th>Customer Token</th>
+    <th>Subscription Token</th>
+    <th>Creation Date</th>
+  </tr>
+  <%= render :partial => 'admin/accounts/account', :object => @account %>
+</table>
+
+<h3>Projects</h3>
+<% unless @account.projects.empty? -%>
+  <table>
+    <tr>
+      <th>ID</th>
+      <th>Project Name</th>
+      <th>Creation Date</th>
+    </tr>
+    <% @account.projects.each do |project| -%>
+      <tr>
+        <td><%= project.id %></td>
+        <td><%= project.name %></td>
+        <td><%= project.created_at %></td>
+      </tr>
+    <% end -%>
+  </table>
+<% else -%>
+  <p><em>This account has no projects.</em></p>
+<% end -%>
+
+<h3>Users</h3>
+<% unless @account.users.empty? -%>
+  <table>
+    <tr>
+      <th>ID</th>
+      <th>User Name</th>
+      <th>Email</th>
+      <th>Creation Date</th>
+    </tr>
+    <%= render :partial => 'admin/users/user', :collection => @account.users %>
+  </table>
+<% else -%>
+  <p><em>This account has no users.</em></p>
+<% end -%>

data/app/views/admin/base/show.html.erb

@@ -0,0 +1,10 @@
+<h3><%= link_to 'Accounts', admin_accounts_path %></h3>
+
+<h3><%= link_to 'Users', admin_users_path %></h3>
+
+<h2>TODO</h2>
+
+<ul>
+  <li>Link to tender and/or some way for tender to link back to this thing</li>
+  <li>Saucy configuration for http basic auth - ship w/ defaults? seems dangerous.</li>
+</ul>

data/app/views/admin/users/_user.html.erb

@@ -0,0 +1,6 @@
+<tr>
+  <td><%= user.id %></td>
+  <td><%= link_to user.name, admin_user_path(user) %></td>
+  <td><%= user.email %></td>
+  <td><%= user.created_at %></td>
+</tr>

data/app/views/admin/users/index.html.erb

@@ -0,0 +1,16 @@
+<h2>Users</h2>
+
+<%= form_tag search_admin_users_path, :method => :get do %>
+  <%= text_field_tag :query, params[:query], :placeholder => 'Search' %>
+  <%= submit_tag 'Search', :name => nil %>
+<% end -%>
+
+<table>
+  <tr>
+    <th>ID</th>
+    <th>User Name</th>
+    <th>Email</th>
+    <th>Creation Date</th>
+  </tr>
+  <%= render :partial => 'admin/users/user', :collection => @users %>
+</table>

data/app/views/admin/users/show.html.erb

@@ -0,0 +1,49 @@
+<h2>User Detail</h2>
+
+<table>
+  <tr>
+    <th>ID</th>
+    <th>User Name</th>
+    <th>Email</th>
+    <th>Creation Date</th>
+  </tr>
+  <%= render :partial => 'admin/users/user', :object => @user %>
+</table>
+
+<h3>Projects</h3>
+<% unless @user.projects.empty? -%>
+  <table>
+    <tr>
+      <th>ID</th>
+      <th>Project Name</th>
+      <th>Creation Date</th>
+    </tr>
+    <% @user.projects.each do |project| -%>
+      <tr>
+        <td><%= project.id %></td>
+        <td><%= project.name %></td>
+        <td><%= project.created_at %></td>
+      </tr>
+    <% end -%>
+  </table>
+<% else -%>
+  <p><em>This user has no projects.</em></p>
+<% end -%>
+
+<h3>Accounts</h3>
+<% unless @user.accounts.empty? -%>
+  <table>
+    <tr>
+      <th>ID</th>
+      <th>Account Name</th>
+      <th>Plan</th>
+      <th>Activated?</th>
+      <th>Customer Token</th>
+      <th>Subscription Token</th>
+      <th>Creation Date</th>
+    </tr>
+    <%= render :partial => 'admin/accounts/account', :collection => @user.accounts %>
+  </table>
+<% else -%>
+  <p><em>This user has no account.</em></p>
+<% end -%>

data/app/views/layouts/admin.html.erb

@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8" />
+    <title><%= yield(:pagetitle) %></title>
+    <link rel="stylesheet" href="/saucy/stylesheets/flutie.css" />
+    <link rel="stylesheet" href="/saucy/stylesheets/screen.css" />
+  </head>
+  <body>
+    <div id="container">
+      <header>
+        <h1><%= link_to 'Admin', admin_path %></h1>
+      </header>
+      <div id="main" role="main">
+        <%= yield %>
+      </div>
+      <footer>
+      </footer>
+    </div>
+  </body>
+</html>

data/config/routes.rb

@@ -16,4 +16,14 @@ Rails.application.routes.draw do
   end
 
   resource :profile, :only => [:edit, :update]
+  
+  namespace :admin do
+    resources :accounts, :only => [:index, :show] do
+      get :search, :on => :collection
+    end
+    resources :users, :only => [:index, :show] do
+      get :search, :on => :collection
+    end
+    match "/" => "base#show"
+  end
 end

data/lib/generators/saucy/features/features_generator.rb

@@ -28,6 +28,8 @@ DESC
 
       def create_paths
         paths = <<-PATHS
+    when 'the admin page'
+      admin_path
     when 'the list of accounts'
       accounts_path
     when 'the list of plans page'

data/lib/generators/saucy/features/templates/features/admin_reporting.feature

@@ -0,0 +1,65 @@
+Feature: Viewing reports
+  As a product manager
+  I want to be able to locate account details, user details
+  So I can perform support tasks successfully
+
+  Scenario: Viewing the reports dashboard
+    Given I authenticate as the site owner
+    When I go to the admin page
+    Then I should see "Admin"
+
+  Scenario: Viewing the accounts listing
+    Given an account exists with a name of "Test"
+    And I authenticate as the site owner
+    When I go to the admin page
+    And I follow "Accounts"
+    Then I should see "Test"
+
+  Scenario: Viewing an account
+    Given an account exists with a name of "Test"
+    And I authenticate as the site owner
+    When I go to the admin page
+    And I follow "Accounts"
+    And I follow "Test"
+    Then I should see "Test"
+    And I should see "Projects"
+    And I should see "Users"
+
+  Scenario: Searching to find an account
+    Given an account exists with a name of "Test"
+    And an account exists with a name of "Fun"
+    And I authenticate as the site owner
+    When I go to the admin page
+    And I follow "Accounts"
+    And I fill in "query" with "Fun"
+    And I press "Search"
+    Then I should see "Fun"
+    And I should not see "Test"
+
+  Scenario: Viewing the users listing
+    Given a user exists with a name of "Test"
+    And I authenticate as the site owner
+    When I go to the admin page
+    And I follow "Users"
+    Then I should see "Test"
+
+  Scenario: Viewing an user
+    Given a user exists with a name of "Test"
+    And I authenticate as the site owner
+    When I go to the admin page
+    And I follow "Users"
+    And I follow "Test"
+    Then I should see "Test"
+    And I should see "Projects"
+    And I should see "Accounts"
+
+  Scenario: Searching to find an user
+    Given a user exists with a name of "Test"
+    And an user exists with a name of "Fun"
+    And I authenticate as the site owner
+    When I go to the admin page
+    And I follow "Users"
+    And I fill in "query" with "Fun"
+    And I press "Search"
+    Then I should see "Fun"
+    And I should not see "Test"

data/lib/generators/saucy/features/templates/step_definitions/session_steps.rb

@@ -29,3 +29,10 @@ Given /^I am signed in$/ do
   user = Factory(:user)
   When %{I sign in as "#{user.email}"}
 end
+
+When /^I authenticate as the site owner$/ do
+  name, password = Saucy::Configuration.admin_username, Saucy::Configuration.admin_password
+  # This is done differently in various capybara versions, you may need to change it to
+  # page.driver.browser.basic_authorize - or - page.driver.basic_auth
+  page.driver.basic_authorize name, password
+end

data/lib/saucy/account.rb

@@ -88,6 +88,11 @@ module Saucy
     end
 
     module ClassMethods
+      def search(query)
+        return [] if query.nil?
+        where ['accounts.keyword like :query or accounts.name like :query', { :query => "%#{query}%" }]
+      end
+
       def deliver_new_unactivated_notifications
         new_unactivated.each do |account|
           BillingMailer.new_unactivated(account).deliver

data/lib/saucy/configuration.rb

@@ -6,11 +6,16 @@ module Saucy
     cattr_accessor :manager_email_address
     cattr_accessor :support_email_address
     cattr_accessor :merchant_account_id
+    cattr_accessor :admin_username
+    cattr_accessor :admin_password
 
     def initialize
       @@manager_email_address = 'manager@example.com'
       @@support_email_address = 'support@example.com'
-      @@layouts = Layouts.new
+      @@layouts               = Layouts.new
+      @@admin_username        = 'admin'
+      @@admin_password        = 'admin'
     end
+
   end
 end

data/lib/saucy/engine.rb

@@ -23,6 +23,10 @@ module Saucy
       ActionView::Base.send :include, LimitsHelper
     end
 
+    initializer 'static assets' do |app|
+      app.middleware.insert_after ::ActionDispatch::Static, ::ActionDispatch::Static, "#{root}/public"
+    end
+
     initializer 'coupons.helper' do |app|
       ActionView::Base.send :include, CouponsHelper
     end
@@ -36,4 +40,3 @@ module Saucy
     end 
   end
 end
-

data/lib/saucy/user.rb

@@ -22,6 +22,10 @@ module Saucy
     end
 
     module ClassMethods
+      def search(query)
+        return [] if query.nil?
+        where ['users.email like :query or users.name like :query', { :query => "%#{query}%" }]
+      end
       def by_name
         order('users.name')
       end

data/spec/controllers/admin/accounts_controller_spec.rb

@@ -0,0 +1,50 @@
+require 'spec_helper'
+
+describe Admin::AccountsController, "routes" do
+  it { should route(:get, "/admin/accounts").to(:action => :index) }
+  it { should route(:get, "/admin/accounts/123").to(:action => :show, :id => 123) }
+end
+
+describe Admin::AccountsController, "get index without http auth" do
+  before { get :index }
+  it { should respond_with(:unauthorized) }
+end
+
+describe Admin::AccountsController, "get index with http auth" do
+  before do
+    http_basic_auth_sign_in 'admin', 'admin'
+    get :index
+  end
+  it { should respond_with(:success) }
+  it { should render_template(:index) }
+end
+
+describe Admin::AccountsController, "get search without http auth" do
+  before { get :search }
+  it { should respond_with(:unauthorized) }
+end
+
+describe Admin::AccountsController, "get search with http auth" do
+  before do
+    http_basic_auth_sign_in 'admin', 'admin'
+    get :search
+  end
+  it { should respond_with(:success) }
+  it { should render_template(:index) }
+end
+
+describe Admin::AccountsController, "get show without http auth" do
+  let(:account) { Factory(:account) }
+  before { get :show, :id => account.to_param }
+  it { should respond_with(:unauthorized) }
+end
+
+describe Admin::AccountsController, "get show with http auth" do
+  let(:account) { Factory(:account) }
+  before do
+    http_basic_auth_sign_in 'admin', 'admin'
+    get :show, :id => account.to_param
+  end
+  it { should respond_with(:success) }
+  it { should render_template(:show) }
+end

data/spec/controllers/admin/base_controller_spec.rb

@@ -0,0 +1,19 @@
+require 'spec_helper'
+
+describe Admin::BaseController, "routes" do
+  it { should route(:get, "/admin").to(:action => :show) }
+end
+
+describe Admin::BaseController, "get show without http auth" do
+  before { get :show }
+  it { should respond_with(:unauthorized) }
+end
+
+describe Admin::BaseController, "get show with http auth" do
+  before do
+    http_basic_auth_sign_in 'admin', 'admin'
+    get :show
+  end
+  it { should respond_with(:success) }
+  it { should render_template(:show) }
+end

data/spec/controllers/admin/users_controller_spec.rb

@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe Admin::UsersController, "routes" do
+  it { should route(:get, "/admin/users").to(:action => :index) }
+  it { should route(:get, "/admin/users/123").to(:action => :show, :id => 123) }
+end
+
+describe Admin::UsersController, "get index without http auth" do
+  before { get :index }
+  it { should respond_with(:unauthorized) }
+end
+
+describe Admin::UsersController, "get index with http auth" do
+  before do
+    http_basic_auth_sign_in 'admin', 'admin'
+    get :index
+  end
+  it { should respond_with(:success) }
+  it { should render_template(:index) }
+end
+
+describe Admin::UsersController, "get search without http auth" do
+  before { get :search }
+  it { should respond_with(:unauthorized) }
+end
+
+describe Admin::UsersController, "get search with http auth" do
+  before do
+    http_basic_auth_sign_in 'admin', 'admin'
+    get :search
+  end
+  it { should respond_with(:success) }
+  it { should render_template(:index) }
+end
+
+describe Admin::UsersController, "get show without http auth" do
+  let(:user) { Factory(:user) }
+  before { get :show, :id => user.to_param }
+  it { should respond_with(:unauthorized) }
+end
+
+describe Admin::UsersController, "get show with http auth" do
+  let(:user) { Factory(:user) }
+  before do
+    http_basic_auth_sign_in 'admin', 'admin'
+    get :show, :id => user.to_param
+  end
+  before { get :show, :id => user.to_param }
+  it { should respond_with(:success) }
+  it { should render_template(:show) }
+end

data/spec/models/account_spec.rb

@@ -215,6 +215,18 @@ describe Account do
 
     unactivated.each { |account| account.reload.should be_asked_to_activate }
   end
+  
+  it "searches records for keyword and name" do
+    name = Factory :account, :name => 'match'
+    keyword = Factory :account, :keyword => 'match'
+    nope = Factory :account
+    
+    Account.search('match').should == [name, keyword]
+  end
+  
+  it "should return nothing for nil search" do
+    Account.search(nil).should == []
+  end
 end
 
 describe Account, "with coupon" do

data/spec/models/user_spec.rb

@@ -68,5 +68,16 @@ describe User, "valid" do
 
     User.by_name.map(&:name).should == %w(abc def ghi)
   end
-end
 
+  it "searches records for email and name" do
+    name = Factory :user, :email => 'match@example.com'
+    keyword = Factory :user, :name => 'match match'
+    nope = Factory :user
+    
+    User.search('match').should == [name, keyword]
+  end
+  
+  it "should return nothing for nil search" do
+    User.search(nil).should == []
+  end
+end

data/spec/support/authentication_helpers.rb

@@ -6,6 +6,10 @@ module AuthenticationHelpers
   def sign_in
     sign_in_as(Factory(:user))
   end
+  
+  def http_basic_auth_sign_in(user, pass)
+    request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(user, pass)
+  end
 
   def sign_out
     controller.current_user = nil

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: saucy
 version: !ruby/object:Gem::Version 
-  hash: 55
+  hash: 53
   prerelease: 
   segments: 
   - 0
   - 10
-  - 0
-  version: 0.10.0
+  - 1
+  version: 0.10.1
 platform: ruby
 authors: 
 - thoughtbot, inc.
@@ -20,7 +20,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-06-29 00:00:00 -04:00
+date: 2011-06-30 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -151,6 +151,9 @@ files:
 - config/locales/en.yml
 - config/routes.rb
 - app/controllers/accounts_controller.rb
+- app/controllers/admin/accounts_controller.rb
+- app/controllers/admin/base_controller.rb
+- app/controllers/admin/users_controller.rb
 - app/controllers/billings_controller.rb
 - app/controllers/invitations_controller.rb
 - app/controllers/memberships_controller.rb
@@ -173,6 +176,13 @@ files:
 - app/views/accounts/edit.html.erb
 - app/views/accounts/index.html.erb
 - app/views/accounts/new.html.erb
+- app/views/admin/accounts/_account.html.erb
+- app/views/admin/accounts/index.html.erb
+- app/views/admin/accounts/show.html.erb
+- app/views/admin/base/show.html.erb
+- app/views/admin/users/_user.html.erb
+- app/views/admin/users/index.html.erb
+- app/views/admin/users/show.html.erb
 - app/views/billing_mailer/completed_trial.text.erb
 - app/views/billing_mailer/expiring_trial.text.erb
 - app/views/billing_mailer/new_unactivated.text.erb
@@ -186,6 +196,7 @@ files:
 - app/views/invitation_mailer/invitation.text.erb
 - app/views/invitations/new.html.erb
 - app/views/invitations/show.html.erb
+- app/views/layouts/admin.html.erb
 - app/views/layouts/saucy.html.erb
 - app/views/limits/_meter.html.erb
 - app/views/memberships/edit.html.erb
@@ -248,6 +259,7 @@ files:
 - features/step_definitions/saucy_steps.rb
 - features/support/env.rb
 - features/support/file.rb
+- lib/generators/saucy/features/templates/features/admin_reporting.feature
 - lib/generators/saucy/features/templates/features/edit_profile.feature
 - lib/generators/saucy/features/templates/features/edit_project_permissions.feature
 - lib/generators/saucy/features/templates/features/edit_user_permissions.feature
@@ -264,6 +276,9 @@ files:
 - lib/generators/saucy/features/templates/features/trial_plans.feature
 - lib/generators/saucy/features/templates/README
 - spec/controllers/accounts_controller_spec.rb
+- spec/controllers/admin/accounts_controller_spec.rb
+- spec/controllers/admin/base_controller_spec.rb
+- spec/controllers/admin/users_controller_spec.rb
 - spec/controllers/application_controller_spec.rb
 - spec/controllers/invitations_controller_spec.rb
 - spec/controllers/memberships_controller_spec.rb
@@ -296,7 +311,7 @@ files:
 - spec/support/clearance_matchers.rb
 - spec/support/notifications.rb
 - spec/views/accounts/_account.html.erb_spec.rb
-has_rdoc: false
+has_rdoc: true
 homepage: http://github.com/thoughtbot/saucy
 licenses: []