solidus_auth_devise 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of solidus_auth_devise might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fdc058e59afb482f83388e1873d1a431adb0c82e
4
- data.tar.gz: c1b6defab1f7469a5eabf71e906b4afdb097fb87
3
+ metadata.gz: fb97d2596201f6b868061b6064d27ab4ea0df410
4
+ data.tar.gz: b05459072856d24460abed0bd7adc90a2d258113
5
5
  SHA512:
6
- metadata.gz: 342e347a661b1bb4237db893e2affc82b576f4ae0c93d5cdc2a03d4c80b3ee92be071a9ffea555f52b5b8dd7f54a6f4627e8b3e6600e0594795ed7cacc704364
7
- data.tar.gz: d35c102bbf92ffe67ba025c7f063c3aecd61e78ea41dc6d24190b5705c75b93508ca05e7f465dc1320a82083c8915cb3c82bed6124f14be8ed075204c86e5b80
6
+ metadata.gz: 636e4dd8e7aed3bd4309a8075c5b6831bdcf5063a406290ed8b46079cc31fd5305989b94d5ac5805264bc4147ca09786012cba274a102e45a36c19ad19bd3930
7
+ data.tar.gz: d109430fe560ecae80f6172192a0b8181cbcaa5f51770f56f67a6f81f6f024be0a2cf2e1d8d001d970d090a92f09779d79e486cadab4a9ebda6cc7fa9cbea9f5
data/Gemfile CHANGED
@@ -1,6 +1,6 @@
1
1
  source "https://rubygems.org"
2
2
 
3
- gem "solidus", github: "solidusio/solidus", branch: "master"
3
+ gem "solidus", git: "git@github.com:solidusio/solidus.git", branch: "master"
4
4
 
5
5
  group :development, :test do
6
6
  gem "pry-rails"
data/README.md CHANGED
@@ -35,14 +35,14 @@ Devise.setup do |config|
35
35
  end
36
36
  ```
37
37
 
38
- Using in an existing Rails application
39
- --------------------------------------
38
+ Using in an existing application
39
+ --------------------------------
40
40
 
41
- If you are installing Solidus inside of a host application in which you want your own permission setup, you can do this using solidus_auth_devise's `register_ability` method.
41
+ If you are installing Solidus inside of a host application in which you want your own permission setup, you can do this using the `register_ability` method.
42
42
 
43
43
  First create your own CanCan Ability class following the CanCan documentation.
44
44
 
45
- For example: app/models/super_abilities.rb
45
+ For example: `app/models/super_abilities.rb`
46
46
 
47
47
  ```ruby
48
48
  class SuperAbilities
@@ -63,15 +63,11 @@ Spree::Ability.register_ability(SuperAbilities)
63
63
 
64
64
  Inside of your host application you can then use CanCan like you normally would.
65
65
  ```erb
66
- <% if can? :show SomeRailsObject %>
66
+ <% if can? :stop Bullet %>
67
67
  ...
68
68
  <% end %>
69
69
  ```
70
70
 
71
- ### Adding Permissions to Gems
72
-
73
- This methodology can also be used by gems that extend spree and want/need to add permissions.
74
-
75
71
  Testing
76
72
  -------
77
73
 
data/circle.yml ADDED
@@ -0,0 +1,6 @@
1
+ machine:
2
+ ruby:
3
+ version: 2.1.5
4
+ test:
5
+ pre:
6
+ - bundle exec rake test_app
@@ -3,15 +3,12 @@ class Spree::Admin::UserPasswordsController < Devise::PasswordsController
3
3
 
4
4
  include Spree::Core::ControllerHelpers::Auth
5
5
  include Spree::Core::ControllerHelpers::Common
6
- include Spree::Core::ControllerHelpers::SSL
7
6
  include Spree::Core::ControllerHelpers::Store
8
7
 
9
8
  helper 'spree/admin/navigation'
10
9
  helper 'spree/admin/tables'
11
10
  layout 'spree/layouts/admin'
12
11
 
13
- ssl_required
14
-
15
12
  # Overridden due to bug in Devise.
16
13
  # respond_with resource, :location => new_session_path(resource_name)
17
14
  # is generating bad url /session/new.user
@@ -3,15 +3,12 @@ class Spree::Admin::UserSessionsController < Devise::SessionsController
3
3
 
4
4
  include Spree::Core::ControllerHelpers::Auth
5
5
  include Spree::Core::ControllerHelpers::Common
6
- include Spree::Core::ControllerHelpers::SSL
7
6
  include Spree::Core::ControllerHelpers::Store
8
7
 
9
8
  helper 'spree/admin/navigation'
10
9
  helper 'spree/admin/tables'
11
10
  layout 'spree/layouts/admin'
12
11
 
13
- ssl_required :new, :create, :destroy, :update
14
-
15
12
  def create
16
13
  authenticate_spree_user!
17
14
 
@@ -8,11 +8,8 @@ class Spree::UserConfirmationsController < Devise::ConfirmationsController
8
8
  include Spree::Core::ControllerHelpers::Auth
9
9
  include Spree::Core::ControllerHelpers::Common
10
10
  include Spree::Core::ControllerHelpers::Order
11
- include Spree::Core::ControllerHelpers::SSL
12
11
  include Spree::Core::ControllerHelpers::Store
13
12
 
14
- ssl_required
15
-
16
13
  protected
17
14
 
18
15
  def after_confirmation_path_for(resource_name, resource)
@@ -8,11 +8,8 @@ class Spree::UserPasswordsController < Devise::PasswordsController
8
8
  include Spree::Core::ControllerHelpers::Auth
9
9
  include Spree::Core::ControllerHelpers::Common
10
10
  include Spree::Core::ControllerHelpers::Order
11
- include Spree::Core::ControllerHelpers::SSL
12
11
  include Spree::Core::ControllerHelpers::Store
13
12
 
14
- ssl_required
15
-
16
13
  # Overridden due to bug in Devise.
17
14
  # respond_with resource, :location => new_session_path(resource_name)
18
15
  # is generating bad url /session/new.user
@@ -47,6 +44,10 @@ class Spree::UserPasswordsController < Devise::PasswordsController
47
44
 
48
45
  protected
49
46
 
47
+ def translation_scope
48
+ 'devise.user_passwords'
49
+ end
50
+
50
51
  def new_session_path(resource_name)
51
52
  spree.send("new_#{resource_name}_session_path")
52
53
  end
@@ -8,65 +8,38 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
8
8
  include Spree::Core::ControllerHelpers::Auth
9
9
  include Spree::Core::ControllerHelpers::Common
10
10
  include Spree::Core::ControllerHelpers::Order
11
- include Spree::Core::ControllerHelpers::SSL
12
11
  include Spree::Core::ControllerHelpers::Store
13
12
 
14
- ssl_required
15
13
  before_filter :check_permissions, :only => [:edit, :update]
16
14
  skip_before_filter :require_no_authentication
17
15
 
18
- # GET /resource/sign_up
19
- def new
20
- super
21
- @user = resource
22
- end
23
-
24
- # POST /resource/sign_up
25
16
  def create
26
- @user = build_resource(spree_user_params)
17
+ build_resource(spree_user_params)
27
18
  if resource.save
28
19
  set_flash_message(:notice, :signed_up)
29
- sign_in(:spree_user, @user)
20
+ sign_in(:spree_user, resource)
30
21
  session[:spree_user_signup] = true
31
22
  associate_user
32
23
  respond_with resource, location: after_sign_up_path_for(resource)
33
24
  else
34
25
  clean_up_passwords(resource)
35
- render :new
26
+ respond_with(resource) do |format|
27
+ format.html { render :new }
28
+ end
36
29
  end
37
30
  end
38
31
 
39
- # GET /resource/edit
40
- def edit
41
- super
42
- end
43
-
44
- # PUT /resource
45
- def update
46
- super
47
- end
48
-
49
- # DELETE /resource
50
- def destroy
51
- super
32
+ protected
33
+ def translation_scope
34
+ 'devise.user_registrations'
52
35
  end
53
36
 
54
- # GET /resource/cancel
55
- # Forces the session data which is usually expired after sign
56
- # in to be expired now. This is useful if the user wants to
57
- # cancel oauth signing in/up in the middle of the process,
58
- # removing all OAuth session data.
59
- def cancel
60
- super
37
+ def check_permissions
38
+ authorize!(:create, resource)
61
39
  end
62
40
 
63
- protected
64
- def check_permissions
65
- authorize!(:create, resource)
66
- end
67
-
68
41
  private
69
- def spree_user_params
70
- params.require(:spree_user).permit(Spree::PermittedAttributes.user_attributes)
71
- end
42
+ def spree_user_params
43
+ params.require(:spree_user).permit(Spree::PermittedAttributes.user_attributes)
44
+ end
72
45
  end
@@ -7,47 +7,57 @@ class Spree::UserSessionsController < Devise::SessionsController
7
7
  include Spree::Core::ControllerHelpers::Auth
8
8
  include Spree::Core::ControllerHelpers::Common
9
9
  include Spree::Core::ControllerHelpers::Order
10
- include Spree::Core::ControllerHelpers::SSL
11
10
  include Spree::Core::ControllerHelpers::Store
12
11
 
13
- ssl_required :new, :create, :destroy, :update
14
- ssl_allowed :login_bar
15
-
16
12
  def create
17
13
  authenticate_spree_user!
18
14
 
19
15
  if spree_user_signed_in?
20
16
  respond_to do |format|
21
- format.html {
17
+ format.html do
22
18
  flash[:success] = Spree.t(:logged_in_succesfully)
23
19
  redirect_back_or_default(after_sign_in_path_for(spree_current_user))
24
- }
25
- format.js {
26
- render :json => {:user => spree_current_user,
27
- :ship_address => spree_current_user.ship_address,
28
- :bill_address => spree_current_user.bill_address}.to_json
29
- }
20
+ end
21
+ format.js { render success_json }
30
22
  end
31
23
  else
32
24
  respond_to do |format|
33
- format.html {
25
+ format.html do
34
26
  flash.now[:error] = t('devise.failure.invalid')
35
27
  render :new
36
- }
37
- format.js {
38
- render :json => { error: t('devise.failure.invalid') }, status: :unprocessable_entity
39
- }
28
+ end
29
+ format.js do
30
+ render json: { error: t('devise.failure.invalid') },
31
+ status: :unprocessable_entity
32
+ end
40
33
  end
41
34
  end
42
35
  end
43
36
 
37
+ protected
38
+
39
+ def translation_scope
40
+ 'devise.user_sessions'
41
+ end
42
+
44
43
  private
45
- def accurate_title
46
- Spree.t(:login)
47
- end
48
44
 
49
- def redirect_back_or_default(default)
50
- redirect_to(session["spree_user_return_to"] || default)
51
- session["spree_user_return_to"] = nil
52
- end
45
+ def accurate_title
46
+ Spree.t(:login)
47
+ end
48
+
49
+ def redirect_back_or_default(default)
50
+ redirect_to(session["spree_user_return_to"] || default)
51
+ session["spree_user_return_to"] = nil
52
+ end
53
+
54
+ def success_json
55
+ {
56
+ json: {
57
+ user: spree_current_user,
58
+ ship_address: spree_current_user.ship_address,
59
+ bill_address: spree_current_user.bill_address
60
+ }.to_json
61
+ }
62
+ end
53
63
  end
@@ -1,5 +1,4 @@
1
1
  class Spree::UsersController < Spree::StoreController
2
- ssl_required
3
2
  skip_before_filter :set_current_order, :only => :show
4
3
  prepend_before_filter :load_object, :only => [:show, :edit, :update]
5
4
  prepend_before_filter :authorize_actions, :only => :new
@@ -25,9 +25,6 @@ module Spree
25
25
  end
26
26
 
27
27
  def self.activate
28
- Dir.glob(File.join(File.dirname(__FILE__), '../../app/**/*_decorator*.rb')) do |c|
29
- Rails.configuration.cache_classes ? require(c) : load(c)
30
- end
31
28
  if Spree::Auth::Engine.backend_available?
32
29
  Rails.application.config.assets.precompile += [
33
30
  'lib/assets/javascripts/spree/backend/solidus_auth.js',
@@ -1,12 +1,12 @@
1
1
  <% @body_id = 'signup' %>
2
2
 
3
- <%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
3
+ <%= render 'spree/shared/error_messages', target: resource %>
4
4
 
5
5
  <div id="new-customer">
6
6
  <h6><%= Spree.t(:new_customer) %></h6>
7
7
 
8
8
  <div data-hook="signup">
9
- <%= form_for resource, :as => :spree_user, :url => spree.registration_path(@user) do |f| %>
9
+ <%= form_for resource, :as => :spree_user, :url => spree.registration_path(resource) do |f| %>
10
10
  <div data-hook="signup_inside_form">
11
11
  <%= render :partial => 'spree/shared/user_form', :locals => { :f => f } %>
12
12
  <p><%= f.submit Spree.t(:create), :class => 'button primary' %></p>
@@ -3,7 +3,7 @@
3
3
  Gem::Specification.new do |s|
4
4
  s.platform = Gem::Platform::RUBY
5
5
  s.name = "solidus_auth_devise"
6
- s.version = "1.0.0"
6
+ s.version = "1.1.0"
7
7
  s.summary = "Provides authentication and authorization services for use with Solidus by using Devise and CanCan."
8
8
  s.description = s.summary
9
9
 
@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
21
21
  solidus_version = [">= 1.0.0.pre", "< 2"]
22
22
 
23
23
  s.add_dependency "solidus_core", solidus_version
24
- s.add_dependency "devise", "~> 3.2.3"
24
+ s.add_dependency "devise", '~> 3.5.1'
25
25
  s.add_dependency "devise-encryptable", "0.1.2"
26
26
 
27
27
  s.add_dependency "json"
@@ -3,11 +3,66 @@ RSpec.describe Spree::UserRegistrationsController, type: :controller do
3
3
  before { @request.env['devise.mapping'] = Devise.mappings[:spree_user] }
4
4
 
5
5
  context '#create' do
6
- before { allow(controller).to receive(:after_sign_up_path_for).and_return(spree.root_path(thing: 7)) }
6
+ before do
7
+ allow(controller).to receive(:after_sign_up_path_for) do
8
+ spree.root_path(thing: 7)
9
+ end
10
+ end
11
+
12
+ let(:password_confirmation) { 'foobar123' }
13
+
14
+ subject do
15
+ spree_post(:create,
16
+ spree_user: {
17
+ email: 'foobar@example.com',
18
+ password: 'foobar123',
19
+ password_confirmation: password_confirmation
20
+ })
21
+ end
22
+
23
+ context 'when user created successfuly' do
24
+ it 'saves the user' do
25
+ expect { subject }.to change { Spree::User.count }.from(0).to(1)
26
+ end
27
+
28
+ it 'sets flash message' do
29
+ subject
30
+ expect(flash[:notice]).to eq('Welcome! You have signed up successfully.')
31
+ end
32
+
33
+ it 'signs in user' do
34
+ expect(controller.warden).to receive(:set_user)
35
+ subject
36
+ end
37
+
38
+ it 'sets spree_user_signup session' do
39
+ subject
40
+ expect(session[:spree_user_signup]).to be true
41
+ end
42
+
43
+ it 'tries to associate user with current_order' do
44
+ expect(controller).to receive(:associate_user)
45
+ subject
46
+ end
47
+
48
+ it 'redirects to after_sign_up path' do
49
+ subject
50
+ expect(response).to redirect_to spree.root_path(thing: 7)
51
+ end
52
+ end
53
+
54
+ context 'when user not valid' do
55
+ let(:password_confirmation) { 'foobard123' }
56
+
57
+ it 'resets password fields' do
58
+ expect(controller).to receive(:clean_up_passwords)
59
+ subject
60
+ end
7
61
 
8
- it 'redirects to after_sign_up_path_for' do
9
- spree_post :create, { spree_user: { email: 'foobar@example.com', password: 'foobar123', password_confirmation: 'foobar123' } }
10
- expect(response).to redirect_to spree.root_path(thing: 7)
62
+ it 'renders new view' do
63
+ subject
64
+ expect(:response).to render_template(:new)
65
+ end
11
66
  end
12
67
  end
13
68
  end
@@ -1,32 +1,46 @@
1
1
  RSpec.describe Spree::UserSessionsController, type: :controller do
2
-
3
2
  let(:user) { create(:user) }
4
3
 
5
4
  before { @request.env['devise.mapping'] = Devise.mappings[:spree_user] }
6
5
 
7
6
  context "#create" do
8
- context "using correct login information" do
7
+ let(:format) { :html }
8
+ let(:password) { 'secret' }
9
+
10
+ subject do
11
+ spree_post(:create,
12
+ spree_user: {
13
+ email: user.email,
14
+ password: password
15
+ },
16
+ format: format)
17
+ end
18
+
19
+ context "when using correct login information" do
9
20
  it 'properly assigns orders user from guest_token' do
10
21
  order1 = create(:order, guest_token: 'ABC', user_id: nil, created_by_id: nil)
11
22
  order2 = create(:order, guest_token: 'ABC', user_id: 200)
12
23
  request.cookie_jar.signed[:guest_token] = 'ABC'
13
- spree_post :create, spree_user: { email: user.email, password: 'secret' }
24
+
25
+ subject
14
26
 
15
27
  expect(order1.reload.user_id).to eq user.id
16
28
  expect(order1.reload.created_by_id).to eq user.id
17
29
  expect(order2.reload.user_id).to eq 200
18
30
  end
19
31
 
20
- context "and html format is used" do
32
+ context "when html format is requested" do
21
33
  it "redirects to default after signing in" do
22
- spree_post :create, spree_user: { email: user.email, password: 'secret' }
34
+ subject
23
35
  expect(response).to redirect_to spree.root_path
24
36
  end
25
37
  end
26
38
 
27
- context "and js format is used" do
39
+ context "when js format is requested" do
40
+ let(:format) { :js }
41
+
28
42
  it "returns a json with ship and bill address" do
29
- spree_post :create, spree_user: { email: user.email, password: 'secret' }, format: 'js'
43
+ subject
30
44
  parsed = ActiveSupport::JSON.decode(response.body)
31
45
  expect(parsed).to have_key("user")
32
46
  expect(parsed).to have_key("ship_address")
@@ -35,18 +49,21 @@ RSpec.describe Spree::UserSessionsController, type: :controller do
35
49
  end
36
50
  end
37
51
 
38
- context "using incorrect login information" do
39
- context "and html format is used" do
52
+ context "when using incorrect login information" do
53
+ let(:password) { 'wrong' }
54
+
55
+ context "when html format is requested" do
40
56
  it "renders new template again with errors" do
41
- spree_post :create, spree_user: { email: user.email, password: 'wrong' }
42
- expect(response).to render_template('new')
57
+ subject
58
+ expect(response).to render_template(:new)
43
59
  expect(flash[:error]).to eq I18n.t(:'devise.failure.invalid')
44
60
  end
45
61
  end
46
62
 
47
- context "and js format is used" do
48
- it "returns a json with the error" do
49
- spree_post :create, spree_user: { email: user.email, password: 'wrong' }, format: 'js'
63
+ context "when js format is requested" do
64
+ let(:format) { :js }
65
+ it "returns json with the error" do
66
+ subject
50
67
  parsed = ActiveSupport::JSON.decode(response.body)
51
68
  expect(parsed).to have_key("error")
52
69
  end
@@ -11,6 +11,7 @@ RSpec.feature 'Checkout', :js, type: :feature do
11
11
 
12
12
  given!(:zone) { create(:zone) }
13
13
  given!(:address) { create(:address, state: state, country: country) }
14
+ given!(:payment_method){ create :check_payment_method }
14
15
 
15
16
  background do
16
17
  @product = create(:product, name: 'RoR Mug')
@@ -23,12 +24,6 @@ RSpec.feature 'Checkout', :js, type: :feature do
23
24
  end
24
25
 
25
26
  context 'without payment being required' do
26
- background do
27
- # So that we don't have to setup payment methods just for the sake of it
28
- allow_any_instance_of(Spree::Order).to receive(:has_available_payment).and_return(true)
29
- allow_any_instance_of(Spree::Order).to receive(:payment_required?).and_return(false)
30
- end
31
-
32
27
  scenario 'allow a visitor to checkout as guest, without registration' do
33
28
  Spree::Auth::Config.set(registration_step: true)
34
29
  click_link 'RoR Mug'
@@ -52,6 +47,7 @@ RSpec.feature 'Checkout', :js, type: :feature do
52
47
  select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
53
48
  check 'order_use_billing'
54
49
 
50
+ click_button 'Save and Continue'
55
51
  click_button 'Save and Continue'
56
52
  click_button 'Save and Continue'
57
53
  click_button 'Place Order'
@@ -83,6 +79,7 @@ RSpec.feature 'Checkout', :js, type: :feature do
83
79
  select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
84
80
  check 'order_use_billing'
85
81
 
82
+ click_button 'Save and Continue'
86
83
  click_button 'Save and Continue'
87
84
  click_button 'Save and Continue'
88
85
  click_button 'Place Order'
@@ -154,6 +151,7 @@ RSpec.feature 'Checkout', :js, type: :feature do
154
151
  select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
155
152
  check 'order_use_billing'
156
153
 
154
+ click_button 'Save and Continue'
157
155
  click_button 'Save and Continue'
158
156
  click_button 'Save and Continue'
159
157
  click_button 'Place Order'
@@ -8,7 +8,7 @@ RSpec.describe Spree::User, type: :model do
8
8
  end
9
9
 
10
10
  it 'generates the reset password token' do
11
- user = build(:user)
11
+ user = create(:user)
12
12
  expect(Spree::UserMailer).to receive(:reset_password_instructions).with(user, anything, {}).and_return(double(deliver: true))
13
13
  user.send_reset_password_instructions
14
14
  expect(user.reset_password_token).not_to be_nil
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: solidus_auth_devise
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Solidus Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-05-26 00:00:00.000000000 Z
11
+ date: 2015-06-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: solidus_core
@@ -36,14 +36,14 @@ dependencies:
36
36
  requirements:
37
37
  - - "~>"
38
38
  - !ruby/object:Gem::Version
39
- version: 3.2.3
39
+ version: 3.5.1
40
40
  type: :runtime
41
41
  prerelease: false
42
42
  version_requirements: !ruby/object:Gem::Requirement
43
43
  requirements:
44
44
  - - "~>"
45
45
  - !ruby/object:Gem::Version
46
- version: 3.2.3
46
+ version: 3.5.1
47
47
  - !ruby/object:Gem::Dependency
48
48
  name: devise-encryptable
49
49
  requirement: !ruby/object:Gem::Requirement
@@ -280,13 +280,13 @@ files:
280
280
  - LICENSE.md
281
281
  - README.md
282
282
  - Rakefile
283
- - app/controllers/metal_decorator.rb
284
283
  - app/mailers/spree/user_mailer.rb
285
284
  - app/models/spree/auth_configuration.rb
286
285
  - app/models/spree/user.rb
287
286
  - app/overrides/auth_shared_login_bar.rb
288
287
  - app/overrides/spree/admin/shared/_header/auth_admin_login_navigation_bar.html.erb.deface
289
288
  - bin/rails
289
+ - circle.yml
290
290
  - config/initializers/devise.rb
291
291
  - config/initializers/warden.rb
292
292
  - config/locales/de.yml
@@ -1,6 +0,0 @@
1
- # For the API
2
- ActionController::Metal.class_eval do
3
- def spree_current_user
4
- @spree_current_user ||= env['warden'].user
5
- end
6
- end