solidus_auth_devise 2.1.0 → 2.5.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of solidus_auth_devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.circleci/config.yml +35 -0
- data/.gem_release.yml +5 -0
- data/.github/stale.yml +17 -0
- data/.gitignore +12 -8
- data/.rubocop.yml +2 -0
- data/CHANGELOG.md +315 -138
- data/Gemfile +21 -15
- data/{LICENSE.md → LICENSE} +2 -2
- data/README.md +47 -3
- data/Rakefile +2 -0
- data/app/mailers/spree/user_mailer.rb +4 -2
- data/app/models/spree/user.rb +25 -19
- data/app/overrides/spree/admin/users/edit/_add_reset_password_form.html.erb.deface +20 -0
- data/bin/console +17 -0
- data/bin/rails +12 -4
- data/bin/setup +8 -0
- data/config/initializers/devise.rb +11 -6
- data/config/initializers/warden.rb +4 -2
- data/config/locales/en.yml +4 -1
- data/config/locales/fr.yml +1 -1
- data/config/locales/it.yml +4 -4
- data/config/routes.rb +8 -12
- data/db/default/users.rb +10 -8
- data/db/migrate/20101026184949_create_users.rb +9 -7
- data/db/migrate/20101026184950_rename_columns_for_devise.rb +3 -1
- data/db/migrate/20101214150824_convert_user_remember_field.rb +2 -0
- data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb +2 -0
- data/db/migrate/20120605211305_make_users_email_index_unique.rb +4 -2
- data/db/migrate/20140904000425_add_deleted_at_to_users.rb +2 -0
- data/db/migrate/20141002154641_add_confirmable_to_users.rb +2 -0
- data/db/migrate/20190125170630_add_reset_password_token_index_to_spree_users.rb +34 -0
- data/db/migrate/20200417153503_add_unconfirmed_email_to_spree_users.rb +7 -0
- data/db/seeds.rb +2 -0
- data/lib/controllers/backend/spree/admin/user_passwords_controller.rb +7 -3
- data/lib/controllers/backend/spree/admin/user_sessions_controller.rb +12 -9
- data/lib/controllers/frontend/spree/user_confirmations_controller.rb +2 -0
- data/lib/controllers/frontend/spree/user_passwords_controller.rb +4 -1
- data/lib/controllers/frontend/spree/user_registrations_controller.rb +4 -0
- data/lib/controllers/frontend/spree/user_sessions_controller.rb +4 -2
- data/lib/controllers/frontend/spree/users_controller.rb +20 -15
- data/lib/decorators/backend/controllers/spree/admin/base_controller_decorator.rb +20 -0
- data/lib/decorators/backend/controllers/spree/admin/orders/customer_details_controller_decorator.rb +22 -0
- data/lib/{controllers/frontend → decorators/frontend/controllers}/spree/checkout_controller_decorator.rb +29 -19
- data/lib/generators/solidus/auth/install/install_generator.rb +16 -4
- data/lib/generators/solidus/auth/install/templates/config/initializers/devise.rb +3 -1
- data/lib/solidus/auth.rb +2 -0
- data/lib/solidus_auth_devise.rb +12 -12
- data/lib/spree/auth/devise.rb +2 -7
- data/lib/spree/auth/engine.rb +53 -38
- data/lib/spree/auth/version.rb +7 -0
- data/{app/models → lib}/spree/auth_configuration.rb +2 -0
- data/lib/spree/authentication_helpers.rb +5 -11
- data/lib/tasks/auth.rake +3 -1
- data/lib/views/backend/spree/admin/shared/_navigation_footer.html.erb +13 -6
- data/lib/views/backend/spree/admin/user_passwords/edit.html.erb +4 -4
- data/lib/views/backend/spree/admin/user_passwords/new.html.erb +5 -7
- data/lib/views/backend/spree/admin/user_sessions/authorization_failure.html.erb +1 -1
- data/lib/views/backend/spree/admin/user_sessions/new.html.erb +9 -9
- data/lib/views/backend/spree/layouts/admin/_login_nav.html.erb +4 -4
- data/lib/views/frontend/spree/checkout/registration.html.erb +4 -4
- data/lib/views/frontend/spree/shared/_login.html.erb +4 -4
- data/lib/views/frontend/spree/shared/_login_bar_items.html.erb +3 -3
- data/lib/views/frontend/spree/shared/_user_form.html.erb +3 -3
- data/lib/views/frontend/spree/user_passwords/edit.html.erb +4 -4
- data/lib/views/frontend/spree/user_passwords/new.html.erb +5 -7
- data/lib/views/frontend/spree/user_registrations/new.html.erb +3 -3
- data/lib/views/frontend/spree/user_sessions/authorization_failure.html.erb +1 -1
- data/lib/views/frontend/spree/user_sessions/new.html.erb +2 -2
- data/lib/views/frontend/spree/users/edit.html.erb +2 -2
- data/lib/views/frontend/spree/users/show.html.erb +12 -12
- data/solidus_auth_devise.gemspec +37 -29
- data/spec/controllers/spree/admin/base_controller_spec.rb +53 -0
- data/spec/controllers/spree/admin/user_passwords_controller_spec.rb +14 -0
- data/spec/controllers/spree/base_controller_spec.rb +53 -0
- data/spec/controllers/spree/checkout_controller_spec.rb +6 -10
- data/spec/controllers/spree/products_controller_spec.rb +5 -8
- data/spec/controllers/spree/user_passwords_controller_spec.rb +4 -3
- data/spec/controllers/spree/user_registrations_controller_spec.rb +3 -2
- data/spec/controllers/spree/user_sessions_controller_spec.rb +14 -0
- data/spec/controllers/spree/users_controller_spec.rb +26 -8
- data/spec/factories/confirmed_user.rb +6 -4
- data/spec/features/account_spec.rb +4 -3
- data/spec/features/admin/password_reset_spec.rb +66 -10
- data/spec/features/admin/products_spec.rb +2 -1
- data/spec/features/admin/sign_in_spec.rb +2 -1
- data/spec/features/admin/sign_out_spec.rb +2 -1
- data/spec/features/admin_permissions_spec.rb +2 -1
- data/spec/features/change_email_spec.rb +3 -2
- data/spec/features/checkout_spec.rb +14 -37
- data/spec/features/confirmation_spec.rb +6 -10
- data/spec/features/order_spec.rb +2 -1
- data/spec/features/password_reset_spec.rb +23 -10
- data/spec/features/sign_in_spec.rb +2 -1
- data/spec/features/sign_out_spec.rb +4 -3
- data/spec/features/sign_up_spec.rb +2 -1
- data/spec/mailers/user_mailer_spec.rb +2 -1
- data/spec/models/order_spec.rb +2 -1
- data/spec/models/user_spec.rb +15 -11
- data/spec/spec_helper.rb +13 -9
- data/spec/support/ability.rb +3 -1
- data/spec/support/authentication_helpers.rb +2 -0
- data/spec/support/confirm_helpers.rb +23 -10
- data/spec/support/email.rb +2 -0
- data/spec/support/features/fill_addresses_fields.rb +29 -0
- data/spec/support/preferences.rb +10 -2
- data/spec/support/spree.rb +2 -0
- metadata +309 -212
- data/.travis.yml +0 -24
- data/app/overrides/auth_admin_login_navigation_bar.rb +0 -10
- data/app/overrides/auth_shared_login_bar.rb +0 -10
- data/circle.yml +0 -6
- data/lib/assets/javascripts/spree/backend/solidus_auth.js +0 -1
- data/lib/assets/javascripts/spree/frontend/solidus_auth.js +0 -1
- data/lib/assets/stylesheets/spree/backend/solidus_auth.css +0 -3
- data/lib/assets/stylesheets/spree/frontend/solidus_auth.css +0 -3
- data/lib/controllers/backend/spree/admin/admin_controller_decorator.rb +0 -11
- data/lib/controllers/backend/spree/admin/admin_orders_controller_decorator.rb +0 -20
- data/lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb +0 -15
- data/spec/features/admin/orders_spec.rb +0 -30
data/db/default/users.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# see last line where we create an admin if there is none, asking for email and password
|
2
4
|
def prompt_for_admin_password
|
3
5
|
if ENV['ADMIN_PASSWORD']
|
@@ -31,20 +33,20 @@ def create_admin_user
|
|
31
33
|
email = 'admin@example.com'
|
32
34
|
else
|
33
35
|
puts 'Create the admin user (press enter for defaults).'
|
34
|
-
#name = prompt_for_admin_name unless name
|
36
|
+
# name = prompt_for_admin_name unless name
|
35
37
|
email = prompt_for_admin_email
|
36
38
|
password = prompt_for_admin_password
|
37
39
|
end
|
38
40
|
attributes = {
|
39
|
-
:
|
40
|
-
:
|
41
|
-
:
|
42
|
-
:
|
41
|
+
password: password,
|
42
|
+
password_confirmation: password,
|
43
|
+
email: email,
|
44
|
+
login: email
|
43
45
|
}
|
44
46
|
|
45
47
|
load 'spree/user.rb'
|
46
48
|
|
47
|
-
if Spree::User.
|
49
|
+
if Spree::User.find_by(email: email)
|
48
50
|
puts "\nWARNING: There is already a user with the email: #{email}, so no account changes were made. If you wish to create an additional admin user, please run rake spree_auth:admin:create again with a different email.\n\n"
|
49
51
|
else
|
50
52
|
admin = Spree::User.new(attributes)
|
@@ -55,7 +57,7 @@ def create_admin_user
|
|
55
57
|
admin.generate_spree_api_key!
|
56
58
|
puts "Done!"
|
57
59
|
else
|
58
|
-
puts "There
|
60
|
+
puts "There were some problems with persisting a new admin user:"
|
59
61
|
admin.errors.full_messages.each do |error|
|
60
62
|
puts error
|
61
63
|
end
|
@@ -66,7 +68,7 @@ end
|
|
66
68
|
if Spree::User.admin.empty?
|
67
69
|
create_admin_user
|
68
70
|
else
|
69
|
-
puts 'Admin user has already been
|
71
|
+
puts 'Admin user has already been created.'
|
70
72
|
puts 'Would you like to create a new admin user? (yes/no)'
|
71
73
|
if ["yes", "y"].include? STDIN.gets.strip.downcase
|
72
74
|
create_admin_user
|
@@ -1,17 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class CreateUsers < SolidusSupport::Migration[4.2]
|
2
4
|
def up
|
3
5
|
unless table_exists?("spree_users")
|
4
|
-
create_table "spree_users", :
|
5
|
-
t.string "crypted_password", :
|
6
|
-
t.string "salt", :
|
6
|
+
create_table "spree_users", force: true do |t|
|
7
|
+
t.string "crypted_password", limit: 128
|
8
|
+
t.string "salt", limit: 128
|
7
9
|
t.string "email"
|
8
10
|
t.string "remember_token"
|
9
11
|
t.string "remember_token_expires_at"
|
10
12
|
t.string "persistence_token"
|
11
13
|
t.string "single_access_token"
|
12
14
|
t.string "perishable_token"
|
13
|
-
t.integer "login_count", :
|
14
|
-
t.integer "failed_login_count", :
|
15
|
+
t.integer "login_count", default: 0, null: false
|
16
|
+
t.integer "failed_login_count", default: 0, null: false
|
15
17
|
t.datetime "last_request_at"
|
16
18
|
t.datetime "current_login_at"
|
17
19
|
t.datetime "last_login_at"
|
@@ -20,8 +22,8 @@ class CreateUsers < SolidusSupport::Migration[4.2]
|
|
20
22
|
t.string "login"
|
21
23
|
t.integer "ship_address_id"
|
22
24
|
t.integer "bill_address_id"
|
23
|
-
t.datetime "created_at", :
|
24
|
-
t.datetime "updated_at", :
|
25
|
+
t.datetime "created_at", null: false
|
26
|
+
t.datetime "updated_at", null: false
|
25
27
|
t.string "openid_identifier"
|
26
28
|
end
|
27
29
|
end
|
@@ -1,6 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class RenameColumnsForDevise < SolidusSupport::Migration[4.2]
|
2
4
|
def up
|
3
5
|
return if column_exists?(:spree_users, :password_salt)
|
6
|
+
|
4
7
|
rename_column :spree_users, :crypted_password, :encrypted_password
|
5
8
|
rename_column :spree_users, :salt, :password_salt
|
6
9
|
rename_column :spree_users, :remember_token_expires_at, :remember_created_at
|
@@ -31,7 +34,6 @@ class RenameColumnsForDevise < SolidusSupport::Migration[4.2]
|
|
31
34
|
rename_column :spree_users, :remember_created_at, :remember_token_expires_at
|
32
35
|
rename_column :spree_users, :password_salt, :salt
|
33
36
|
rename_column :spree_users, :encrypted_password, :crypted_password
|
34
|
-
add_column :spree_users, :unlock_token, :string
|
35
37
|
add_column :spree_users, :openid_identifier, :string
|
36
38
|
end
|
37
39
|
end
|
@@ -1,9 +1,11 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class MakeUsersEmailIndexUnique < SolidusSupport::Migration[4.2]
|
2
4
|
def up
|
3
|
-
add_index "spree_users", ["email"], :
|
5
|
+
add_index "spree_users", ["email"], name: "email_idx_unique", unique: true
|
4
6
|
end
|
5
7
|
|
6
8
|
def down
|
7
|
-
remove_index "spree_users", :
|
9
|
+
remove_index "spree_users", name: "email_idx_unique"
|
8
10
|
end
|
9
11
|
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class AddResetPasswordTokenIndexToSpreeUsers < SolidusSupport::Migration[4.2]
|
4
|
+
# We're not using the standard Rails index name because somebody could have
|
5
|
+
# already added that index to the table. By using a custom name we ensure
|
6
|
+
# that the index can effectively be added and removed via migrations/rollbacks
|
7
|
+
# without having any impact on such installations. The index name is Rails
|
8
|
+
# standard name + "_solidus_auth_devise"; the length is 61 chars which is
|
9
|
+
# still OK for Sqlite, mySQL and Postgres.
|
10
|
+
def custom_index_name
|
11
|
+
'index_spree_users_on_reset_password_token_solidus_auth_devise'
|
12
|
+
end
|
13
|
+
|
14
|
+
def default_index_exists?
|
15
|
+
index_exists?(:spree_users, :reset_password_token)
|
16
|
+
end
|
17
|
+
|
18
|
+
def custom_index_exists?
|
19
|
+
index_exists?(:spree_users, :reset_password_token, name: custom_index_name)
|
20
|
+
end
|
21
|
+
|
22
|
+
def up
|
23
|
+
Spree::User.reset_column_information
|
24
|
+
if Spree::User.column_names.include?('reset_password_token') && !default_index_exists? && !custom_index_exists?
|
25
|
+
add_index :spree_users, :reset_password_token, unique: true, name: custom_index_name
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def down
|
30
|
+
if custom_index_exists?
|
31
|
+
remove_index :spree_users, name: custom_index_name
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
data/db/seeds.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class Spree::Admin::UserPasswordsController < Devise::PasswordsController
|
2
4
|
helper 'spree/base'
|
3
5
|
|
@@ -8,6 +10,8 @@ class Spree::Admin::UserPasswordsController < Devise::PasswordsController
|
|
8
10
|
helper 'spree/admin/navigation'
|
9
11
|
layout 'spree/layouts/admin'
|
10
12
|
|
13
|
+
skip_before_action :require_no_authentication, only: [:create]
|
14
|
+
|
11
15
|
# Overridden due to bug in Devise.
|
12
16
|
# respond_with resource, location: new_session_path(resource_name)
|
13
17
|
# is generating bad url /session/new.user
|
@@ -18,9 +22,10 @@ class Spree::Admin::UserPasswordsController < Devise::PasswordsController
|
|
18
22
|
def create
|
19
23
|
self.resource = resource_class.send_reset_password_instructions(params[resource_name])
|
20
24
|
|
25
|
+
set_flash_message(:notice, :send_instructions) if is_navigational_format?
|
26
|
+
|
21
27
|
if resource.errors.empty?
|
22
|
-
|
23
|
-
respond_with resource, location: spree.admin_login_path
|
28
|
+
respond_with resource, location: admin_user_path(resource)
|
24
29
|
else
|
25
30
|
respond_with_navigational(resource) { render :new }
|
26
31
|
end
|
@@ -37,5 +42,4 @@ class Spree::Admin::UserPasswordsController < Devise::PasswordsController
|
|
37
42
|
super
|
38
43
|
end
|
39
44
|
end
|
40
|
-
|
41
45
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class Spree::Admin::UserSessionsController < Devise::SessionsController
|
2
4
|
helper 'spree/base'
|
3
5
|
|
@@ -14,12 +16,12 @@ class Spree::Admin::UserSessionsController < Devise::SessionsController
|
|
14
16
|
if spree_user_signed_in?
|
15
17
|
respond_to do |format|
|
16
18
|
format.html {
|
17
|
-
flash[:success] =
|
19
|
+
flash[:success] = I18n.t('spree.logged_in_succesfully')
|
18
20
|
redirect_back_or_default(after_sign_in_path_for(spree_current_user))
|
19
21
|
}
|
20
22
|
format.js {
|
21
23
|
user = resource.record
|
22
|
-
render json: {ship_address: user.ship_address, bill_address: user.bill_address}.to_json
|
24
|
+
render json: { ship_address: user.ship_address, bill_address: user.bill_address }.to_json
|
23
25
|
}
|
24
26
|
end
|
25
27
|
else
|
@@ -32,12 +34,13 @@ class Spree::Admin::UserSessionsController < Devise::SessionsController
|
|
32
34
|
end
|
33
35
|
|
34
36
|
private
|
35
|
-
def accurate_title
|
36
|
-
Spree.t(:login)
|
37
|
-
end
|
38
37
|
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
38
|
+
def accurate_title
|
39
|
+
I18n.t('spree.login')
|
40
|
+
end
|
41
|
+
|
42
|
+
def redirect_back_or_default(default)
|
43
|
+
redirect_to(session["spree_user_return_to"] || default)
|
44
|
+
session["spree_user_return_to"] = nil
|
45
|
+
end
|
43
46
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class Spree::UserPasswordsController < Devise::PasswordsController
|
2
4
|
helper 'spree/base', 'spree/store'
|
3
5
|
|
@@ -16,8 +18,9 @@ class Spree::UserPasswordsController < Devise::PasswordsController
|
|
16
18
|
def create
|
17
19
|
self.resource = resource_class.send_reset_password_instructions(params[resource_name])
|
18
20
|
|
21
|
+
set_flash_message(:notice, :send_instructions) if is_navigational_format?
|
22
|
+
|
19
23
|
if resource.errors.empty?
|
20
|
-
set_flash_message(:notice, :send_instructions) if is_navigational_format?
|
21
24
|
respond_with resource, location: spree.login_path
|
22
25
|
else
|
23
26
|
respond_with_navigational(resource) { render :new }
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class Spree::UserRegistrationsController < Devise::RegistrationsController
|
2
4
|
helper 'spree/base', 'spree/store'
|
3
5
|
|
@@ -25,6 +27,7 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
|
|
25
27
|
end
|
26
28
|
|
27
29
|
protected
|
30
|
+
|
28
31
|
def translation_scope
|
29
32
|
'devise.user_registrations'
|
30
33
|
end
|
@@ -34,6 +37,7 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
|
|
34
37
|
end
|
35
38
|
|
36
39
|
private
|
40
|
+
|
37
41
|
def spree_user_params
|
38
42
|
params.require(:spree_user).permit(Spree::PermittedAttributes.user_attributes | [:email])
|
39
43
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class Spree::UserSessionsController < Devise::SessionsController
|
2
4
|
helper 'spree/base', 'spree/store'
|
3
5
|
|
@@ -16,7 +18,7 @@ class Spree::UserSessionsController < Devise::SessionsController
|
|
16
18
|
if spree_user_signed_in?
|
17
19
|
respond_to do |format|
|
18
20
|
format.html do
|
19
|
-
flash[:success] =
|
21
|
+
flash[:success] = I18n.t('spree.logged_in_succesfully')
|
20
22
|
redirect_back_or_default(after_sign_in_path_for(spree_current_user))
|
21
23
|
end
|
22
24
|
format.js { render success_json }
|
@@ -44,7 +46,7 @@ class Spree::UserSessionsController < Devise::SessionsController
|
|
44
46
|
private
|
45
47
|
|
46
48
|
def accurate_title
|
47
|
-
|
49
|
+
I18n.t('spree.login')
|
48
50
|
end
|
49
51
|
|
50
52
|
def redirect_back_or_default(default)
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class Spree::UsersController < Spree::StoreController
|
2
4
|
skip_before_action :set_current_order, only: :show, raise: false
|
3
5
|
prepend_before_action :load_object, only: [:show, :edit, :update]
|
@@ -24,34 +26,37 @@ class Spree::UsersController < Spree::StoreController
|
|
24
26
|
end
|
25
27
|
|
26
28
|
def update
|
27
|
-
if @user.
|
29
|
+
if @user.update(user_params)
|
30
|
+
spree_current_user.reload
|
31
|
+
|
28
32
|
if params[:user][:password].present?
|
29
33
|
# this logic needed b/c devise wants to log us out after password changes
|
30
34
|
unless Spree::Auth::Config[:signout_after_password_change]
|
31
35
|
bypass_sign_in(@user)
|
32
36
|
end
|
33
37
|
end
|
34
|
-
redirect_to spree.account_url, notice:
|
38
|
+
redirect_to spree.account_url, notice: I18n.t('spree.account_updated')
|
35
39
|
else
|
36
40
|
render :edit
|
37
41
|
end
|
38
42
|
end
|
39
43
|
|
40
44
|
private
|
41
|
-
def user_params
|
42
|
-
params.require(:user).permit(Spree::PermittedAttributes.user_attributes | [:email])
|
43
|
-
end
|
44
45
|
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
end
|
46
|
+
def user_params
|
47
|
+
params.require(:user).permit(Spree::PermittedAttributes.user_attributes | [:email])
|
48
|
+
end
|
49
49
|
|
50
|
-
|
51
|
-
|
52
|
-
|
50
|
+
def load_object
|
51
|
+
@user ||= Spree::User.find_by(id: spree_current_user&.id)
|
52
|
+
authorize! params[:action].to_sym, @user
|
53
|
+
end
|
53
54
|
|
54
|
-
|
55
|
-
|
56
|
-
|
55
|
+
def authorize_actions
|
56
|
+
authorize! params[:action].to_sym, Spree::User.new
|
57
|
+
end
|
58
|
+
|
59
|
+
def accurate_title
|
60
|
+
I18n.t('spree.my_account')
|
61
|
+
end
|
57
62
|
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Spree
|
4
|
+
module Admin
|
5
|
+
module BaseControllerDecorator
|
6
|
+
protected
|
7
|
+
|
8
|
+
def model_class
|
9
|
+
const_name = controller_name.classify
|
10
|
+
if Spree.const_defined?(const_name, false)
|
11
|
+
return "Spree::#{const_name}".constantize
|
12
|
+
end
|
13
|
+
|
14
|
+
nil
|
15
|
+
end
|
16
|
+
|
17
|
+
::Spree::Admin::BaseController.prepend self
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
data/lib/decorators/backend/controllers/spree/admin/orders/customer_details_controller_decorator.rb
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Spree::Admin::Orders::CustomerDetailsControllerDecorator
|
4
|
+
def self.prepended(base)
|
5
|
+
base.before_action :check_authorization
|
6
|
+
end
|
7
|
+
|
8
|
+
private
|
9
|
+
|
10
|
+
def check_authorization
|
11
|
+
load_order
|
12
|
+
session[:access_token] ||= params[:token]
|
13
|
+
|
14
|
+
resource = @order
|
15
|
+
action = params[:action].to_sym
|
16
|
+
action = :edit if action == :show # show route renders :edit for this controller
|
17
|
+
|
18
|
+
authorize! action, resource, session[:access_token]
|
19
|
+
end
|
20
|
+
|
21
|
+
Spree::Admin::Orders::CustomerDetailsController.prepend self
|
22
|
+
end
|
@@ -1,27 +1,32 @@
|
|
1
|
-
|
2
|
-
prepend_before_action :check_registration,
|
3
|
-
except: [:registration, :update_registration]
|
4
|
-
prepend_before_action :check_authorization
|
1
|
+
# frozen_string_literal: true
|
5
2
|
|
6
|
-
|
7
|
-
|
8
|
-
|
3
|
+
module Spree
|
4
|
+
module CheckoutControllerDecorator
|
5
|
+
def self.prepended(base)
|
6
|
+
base.before_action :check_registration, except: [:registration, :update_registration]
|
7
|
+
base.before_action :check_authorization
|
9
8
|
|
10
|
-
|
11
|
-
|
12
|
-
|
9
|
+
# This action builds some associations on the order, ex. addresses, which we
|
10
|
+
# don't to build or save here.
|
11
|
+
base.skip_before_action :setup_for_current_state, only: [:registration, :update_registration]
|
12
|
+
end
|
13
13
|
|
14
|
-
|
15
|
-
if params[:order][:email] =~ Devise.email_regexp && current_order.update_attributes(email: params[:order][:email])
|
16
|
-
redirect_to spree.checkout_path
|
17
|
-
else
|
18
|
-
flash[:registration_error] = t(:email_is_invalid, scope: [:errors, :messages])
|
14
|
+
def registration
|
19
15
|
@user = Spree::User.new
|
20
|
-
render 'registration'
|
21
16
|
end
|
22
|
-
end
|
23
17
|
|
24
|
-
|
18
|
+
def update_registration
|
19
|
+
if params[:order][:email] =~ Devise.email_regexp && current_order.update(email: params[:order][:email])
|
20
|
+
redirect_to spree.checkout_path
|
21
|
+
else
|
22
|
+
flash[:registration_error] = t(:email_is_invalid, scope: [:errors, :messages])
|
23
|
+
@user = Spree::User.new
|
24
|
+
render 'registration'
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
private
|
29
|
+
|
25
30
|
def order_params
|
26
31
|
params.
|
27
32
|
fetch(:order, {}).
|
@@ -39,6 +44,7 @@ Spree::CheckoutController.class_eval do
|
|
39
44
|
# Introduces a registration step whenever the +registration_step+ preference is true.
|
40
45
|
def check_registration
|
41
46
|
return unless registration_required?
|
47
|
+
|
42
48
|
store_location
|
43
49
|
redirect_to spree.checkout_registration_path
|
44
50
|
end
|
@@ -53,7 +59,7 @@ Spree::CheckoutController.class_eval do
|
|
53
59
|
end
|
54
60
|
|
55
61
|
def guest_authenticated?
|
56
|
-
current_order
|
62
|
+
current_order&.email.present? &&
|
57
63
|
Spree::Config[:allow_guest_checkout]
|
58
64
|
end
|
59
65
|
|
@@ -61,6 +67,10 @@ Spree::CheckoutController.class_eval do
|
|
61
67
|
# are redirected to the tokenized order url unless authenticated as a registered user.
|
62
68
|
def completion_route
|
63
69
|
return spree.order_path(@order) if spree_current_user
|
70
|
+
|
64
71
|
spree.token_order_path(@order, @order.guest_token)
|
65
72
|
end
|
73
|
+
|
74
|
+
::Spree::CheckoutController.prepend self
|
75
|
+
end
|
66
76
|
end
|