sidonath-authlogic_rpx 1.0.4b → 1.0.4em

data/Manifest

@@ -3,11 +3,14 @@ MIT-LICENSE
 Manifest
 README.rdoc
 Rakefile
-authlogic_rpx.gemspec
+generators/add_authlogic_rpx_migration/USAGE
+generators/add_authlogic_rpx_migration/add_authlogic_rpx_migration_generator.rb
+generators/add_authlogic_rpx_migration/templates/migration.rb
 init.rb
 lib/authlogic_rpx.rb
 lib/authlogic_rpx/acts_as_authentic.rb
 lib/authlogic_rpx/helper.rb
+lib/authlogic_rpx/rpx_identifier.rb
 lib/authlogic_rpx/session.rb
 lib/authlogic_rpx/version.rb
 rails/init.rb

data/README.rdoc

@@ -34,9 +34,9 @@ The demonstration Rails application is where you can see Authlogic_RPX in action
 Three gems are required: authlogic, grosser-rpx_now, and authlogic_rpx. Install these as appropriate to your environment and preferences.
 
 Currently tested versions:
-* authlogic 2.1.2,2.1.1
-* rpx_now 0.6.6
-* authlogic_rpx 1.0.4
+* authlogic 2.1.3,2.1.2,2.1.1
+* rpx_now 0.6.11,0.6.6
+* authlogic_rpx 1.1.0
 
 
 === 1. Direct gem installation
@@ -50,9 +50,9 @@ Currently tested versions:
 
 Include in config/environment.rb:
   
-  config.gem 'authlogic', :version => '>= 2.1.1'
-  config.gem 'rpx_now', :version => '>= 0.6.6', :source => 'http://gemcutter.org'
-  config.gem 'authlogic_rpx', :version => '>= 1.0.4', :source => 'http://gemcutter.org'
+  config.gem 'authlogic', :version => '>= 2.1.3'
+  config.gem 'rpx_now', :version => '>= 0.6.11', :source => 'http://gemcutter.org'
+  config.gem 'authlogic_rpx', :version => '>= 1.1.0', :source => 'http://gemcutter.org'
 
 Then to install, run from the command line:
 
@@ -63,9 +63,9 @@ Then to install, run from the command line:
 
 Include in RAILS_ROOT/.gems:
   
-  authlogic --version '>= 2.1.1'
-  rpx_now --version '>= 0.6.6' --source gemcutter.org
-  authlogic_rpx --version '>= 1.0.4' --source gemcutter.org
+  authlogic --version '>= 2.1.3'
+  rpx_now --version '>= 0.6.11' --source gemcutter.org
+  authlogic_rpx --version '>= 1.1.0' --source gemcutter.org
 
 
 == Using Authlogic RPX
@@ -89,47 +89,52 @@ The main steps for enabling Authlogic RPX:
 
 === 1. Enable RPX for your user model
 
-The user model will have a has_many relationship with a new model, called RPXIdentifier. Create a migration which creates a table for this model.
+The user model will have a has_many relationship with a new model, called RPXIdentifier. 
+A generator is provider to create the necessary migration:
 
-You may need to remove database constraints on other fields if they will be unused in the RPX case (e.g. crypted_password and password_salt to make password authentication optional).
+  ruby script/generate add_authlogic_rpx_migration
+  
+You may need to customise the migration file to remove database constraints on other fields if they will be unused in the RPX case
+(e.g. crypted_password and password_salt to make password authentication optional).
 
-If you are using auto-registration, you must also remove any database constraints for fields that will be automatically mapped (see notes in "3. Add custom user profile mapping during auto-registration")
+If you are using auto-registration, you must also remove any database constraints for fields that will be automatically mapped
+(see notes in "3. Add custom user profile mapping during auto-registration")
 
-  class CreateRPXIdentifiers < ActiveRecord::Migration
+  class AddAuthlogicRpxMigration < ActiveRecord::Migration
     def self.up
       create_table :rpx_identifiers do |t|
-         t.string  :identifier
-         t.integer :user_id
-
-         t.index   :identifier, :user_id
-         t.index   :user_id, :identifier
-
-         t.timestamps
-      end
-
-      [:crypted_password, :password_salt].each do |field|
-        change_column :users, field, :string, :default => nil, :null => true
+        t.string  :identifier
+        t.integer :user_id
+        t.timestamps
       end
+      add_index :rpx_identifiers, :identifier, :unique => true, :null => false
+      add_index :rpx_identifiers, :user_id, :unique => false, :null => false
+      
+      # == Customisation may be required here ==
+      # You may need to remove database constraints on other fields if they will be unused in the RPX case
+      # (e.g. crypted_password and password_salt to make password authentication optional). 
+      # If you are using auto-registration, you must also remove any database constraints for fields that will be automatically mapped
+      # e.g.:
+      #change_column :users, :crypted_password, :string, :default => nil, :null => true
+      #change_column :users, :password_salt, :string, :default => nil, :null => true
+      
     end
-
+    
     def self.down
       drop_table :rpx_identifiers
-
-      [:crypted_password, :password_salt].each do |field|
-        User.all(:conditions => "#{field} is NULL").each { |user| user.update_attribute(field, "") if user.send(field).nil? }
-        change_column :users, field, :string, :default => "", :null => false
-      end
+      
+      # == Customisation may be required here ==
+      # Restore user model database constraints as appropriate
+      # e.g.:
+      #[:crypted_password, :password_salt].each do |field|
+      #  User.all(:conditions => "#{field} is NULL").each { |user| user.update_attribute(field, "") if user.send(field).nil? }
+      #  change_column :users, field, :string, :default => "", :null => false
+      #end
+  
     end
   end
 
-The RPXIdentifier model should look like this
-
-  class RPXIdentifier < ActiveRecord::Base
-    belongs_to :user
-    validates_presence_of :identifier
-    validates_presence_of :user_id
-  end
-
+NB: The RPXIdentifier model is included in the authlogic_rpx gem and does not need to be added to your project.
 
 The user model then needs to be tagged with "acts_as_authentic". authlogic_rpx automatically adds to the user model the relationship with RPXIdentifiers.
 
@@ -137,6 +142,9 @@ The user model then needs to be tagged with "acts_as_authentic". authlogic_rpx a
     acts_as_authentic do |c|
       c.my_config_option = my_value # for available options see documentation in: Authlogic::ActsAsAuthentic
     end # block optional
+    
+    # enable Authlogic_RPX account merging (false by default, if this statement is not present)
+    account_merge_enabled true
 
     # not needed -- this relationship is automatically added by authlogic_rpx
     # has_many :rpx_identifiers, :class_name => 'RPXIdentifier'
@@ -177,6 +185,15 @@ For example, to disable auto-registration and enable extended info:
 
 {See the source for the sample user_session.rb}[http://github.com/tardate/rails-authlogic-rpx-sample/blob/master/app/models/user_session.rb].
 
+==== Upgrading from Authlogic_RPX v1.0.4 or earlier
+
+In Authlogic_RPX v1.0.4 and earlier, the rpx_identifier was stored in the user model. 
+From 1.1.0, this has been extracted to a separate table (rpx_identifiers). 
+
+When upgrading an application using 1.0.4 or earlier to 1.1.0, it is NOT necessary to migrate the rpx_identifiers. 
+Also DO NOT remove the legacy rpx_identifier column from your existing user model. 
+The Authlogic_RPX code will migrate users to the new database structure as and when they login.
+
 === 3. Add custom user profile mapping (optional)
 
 Authlogic_rpx provides three hooks for mapping information from the RPX profile into your application's user model:
@@ -258,14 +275,12 @@ In the map_rpx_data_each_login procedure, you will be writing to fields of the "
 
 map_added_rpx_data maps additional fields from the RPX response into the user object during the "add RPX to existing account" process.
 
-By default, it only maps the rpx_identifier field. If you have other fields you want to map, you can provide your own implementation of the map_added_rpx_data method in the User model (NOT UserSession, unlike for map_rpx_data and map_rpx_data_each_login).
-
-NB: If you override this method, you will be responsible for also mapping the rpx_identifier.
+Override this in your user model to perform field mapping as may be desired. 
+Provide your own implementation of the map_added_rpx_data method in the User model (NOT UserSession, unlike for map_rpx_data and map_rpx_data_each_login).
 
 In the map_added_rpx_data procedure, you will be writing to fields of the "self" object, pulling data from the rpx_data parameter. For example:
 
 	def map_added_rpx_data( rpx_data )
-		self.rpx_identifiers.create( :identifier => rpx_data['profile']['identifier'] )
 
 		# map some additional fields, e.g. photo_url
 		self.photo_url = rpx_data['profile']['photo'] if photo_url.blank?

data/lib/authlogic_rpx.rb

@@ -2,6 +2,7 @@ require "authlogic_rpx/version"
 require "authlogic_rpx/acts_as_authentic"
 require "authlogic_rpx/session"
 require "authlogic_rpx/helper"
+require "authlogic_rpx/rpx_identifier"
 
 ActiveRecord::Base.send(:include, AuthlogicRpx::ActsAsAuthentic)
 Authlogic::Session::Base.send(:include, AuthlogicRpx::Session)

data/lib/authlogic_rpx/acts_as_authentic.rb

@@ -24,13 +24,39 @@ module AuthlogicRpx
 				rw_config(:map_id, value, false)
 			end
 			alias_method :map_id=, :map_id
+
+			# account_merge_enabled is used to enable merging of accounts.
+			#
+			# * <tt>Default:</tt> false
+			# * <tt>Accepts:</tt> boolean
+			def account_merge_enabled(value=false)
+				account_merge_enabled_value(value)
+			end
+			def account_merge_enabled_value(value=nil)
+				rw_config(:account_merge_enabled,value,false)
+			end      
+			alias_method :account_merge_enabled=,:account_merge_enabled
+			
 			
+						
 			# Name of this method is defined in find_by_rpx_identifier_method
 			# method in session.rb
 			def find_by_rpx_identifier(id)
 				identifier = RPXIdentifier.find_by_identifier(id)
-				return nil if identifier.nil?
-				identifier.user
+				if identifier.nil?
+				  if self.column_names.include? 'rpx_identifier'
+				    # check for authentication using <=1.0.4, migrate identifier to rpx_identifiers table
+				    user = self.find( :first, :conditions => [ "rpx_identifier = ?", id ] )
+				    unless user.nil?
+				      user.rpx_identifiers.create( :identifier => id )
+				    end
+				    return user
+				  else
+				    return nil
+				  end
+				else
+				  identifier.user
+				end
 			end
 			
 		end
@@ -40,7 +66,7 @@ module AuthlogicRpx
 			# Set up some simple validations
 			def self.included(klass)
 				klass.class_eval do
-					has_many :rpx_identifiers, :class_name => 'RPXIdentifier'
+					has_many :rpx_identifiers, :class_name => 'RPXIdentifier', :dependent => :destroy
 
 					validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_rpx?)
 					validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_rpx?)
@@ -49,6 +75,10 @@ module AuthlogicRpx
 					after_create :map_rpx_identifier
 					attr_writer :creating_new_record_from_rpx
 				end
+
+				RPXIdentifier.class_eval do
+					belongs_to klass.name.downcase.to_sym
+				end
 			end
 
 			# support a block given to the save
@@ -88,24 +118,65 @@ module AuthlogicRpx
 			#
 			def adding_rpx_identifier
 				return true unless session_class && session_class.controller
-				added_rpx_data = session_class.controller.session['added_rpx_data']	
+				added_rpx_data = session_class.controller.session['added_rpx_data']
 				unless added_rpx_data.blank?
 					session_class.controller.session['added_rpx_data'] = nil
+  				rpx_id = added_rpx_data['profile']['identifier']
+  				rpx_provider_name	= added_rpx_data['profile']['providerName']
+					unless self.rpx_identifiers.find_by_identifier( rpx_id )
+					RAILS_DEFAULT_LOGGER.info "account_merge_enabled? = #{account_merge_enabled?}"
+					  # identifier not already set for this user
+					  another_user = self.class.find_by_rpx_identifier( rpx_id )
+					  if another_user
+					    return false unless account_merge_enabled?
+					    # another user already has this id registered
+					    # merge all IDs from another_user to self, with application callbacks before/after
+					    before_merge_rpx_data( another_user, self )
+				      self.rpx_identifiers << another_user.rpx_identifiers
+				      after_merge_rpx_data( another_user, self )
+					  else
+					    self.rpx_identifiers.create( :identifier => rpx_id, :provider_name => rpx_provider_name )
+					  end
+				  end
 					map_added_rpx_data( added_rpx_data ) 
 				end
 				return true
-			end
-			
+			end			
+						
 			# map_added_rpx_data maps additional fields from the RPX response into the user object during the "add RPX to existing account" process.
 			# Override this in your user model to perform field mapping as may be desired
 			# See https://rpxnow.com/docs#profile_data for the definition of available attributes
 			#
-			# By default, it only creates a new RPXIdentifier for the user.
+			# "self" at this point is the user model. Map details as appropriate from the rpx_data structure provided.
 			#
 			def map_added_rpx_data( rpx_data )
-			  self.rpx_identifiers.create( :identifier => rpx_data['profile']['identifier'] )
+
+			end
+
+			# determines if account merging is enabled
+			def account_merge_enabled?
+				self.class.account_merge_enabled_value
 			end
+						
+			# before_merge_rpx_data provides a hook for application developers to perform data migration prior to the merging of user accounts.
+			# This method is called just before authlogic_rpx merges the user registration for 'from_user' into 'to_user'
+			# Authlogic_RPX is responsible for merging registration data.
+			#
+			# By default, it does not merge any other details (e.g. application data ownership)
+			#
+			def before_merge_rpx_data( from_user, to_user )
 			
+			end
+			
+			# after_merge_rpx_data provides a hook for application developers to perform account clean-up after authlogic_rpx has
+			# migrated registration details.
+			#
+			# By default, does nothing. It could, for example, be used to delete or disable the 'from_user' account
+			#
+			def after_merge_rpx_data( from_user, to_user )
+			
+			end
+											    
 			# experimental - a feature of RPX paid accounts and not properly developed/tested yet
 			def map_id?
 				self.class.map_id

data/lib/authlogic_rpx/session.rb

@@ -144,6 +144,7 @@ module AuthlogicRpx
 				end
 				
 				rpx_id = @rpx_data['profile']['identifier']
+				rpx_provider_name = @rpx_data['profile']['providerName']
 				if rpx_id.blank?
 					errors.add_to_base("Authentication failed. Please try again.")
 					return false
@@ -162,7 +163,7 @@ module AuthlogicRpx
 						# user objects invoke each other upon save
 						self.new_registration = true
 						self.attempted_record.creating_new_record_from_rpx = true
-						self.attempted_record.rpx_identifiers.build(:identifier => rpx_id)
+						self.attempted_record.rpx_identifiers.build(:identifier => rpx_id, :provider_name => rpx_provider_name )
 						self.attempted_record.save_without_session_maintenance
 					else
 						errors.add_to_base("We did not find any accounts with that login. Enter your details and create an account.")

data/lib/authlogic_rpx/version.rb

@@ -40,8 +40,8 @@ module AuthlogicRpx
     end
 
     MAJOR = 1
-    MINOR = 0
-    TINY  = 4
+    MINOR = 1
+    TINY  = 0
 
     # The current version as a Version instance
     CURRENT = new(MAJOR, MINOR, TINY)

data/sidonath-authlogic_rpx.gemspec

@@ -2,7 +2,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{sidonath-authlogic_rpx}
-  s.version = "1.0.4b"
+  s.version = "1.0.4em"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.authors = ["Paul Gallagher / tardate", "John J. Bachir / jjb", "Damir Zekic / sidonath"]

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: sidonath-authlogic_rpx
 version: !ruby/object:Gem::Version 
-  version: 1.0.4b
+  version: 1.0.4em
 platform: ruby
 authors: 
 - Paul Gallagher / tardate