RubyGems - solidus_auth_devise - Versions diffs - 2.2.0 → 2.5.2 - Mend

solidus_auth_devise 2.2.0 → 2.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

checksums.yaml +4 -4
data/.gem_release.yml +3 -8
data/.github/stale.yml +17 -0
data/.gitignore +12 -8
data/.rubocop.yml +2 -0
data/CHANGELOG.md +350 -163
data/Gemfile +20 -22
data/{LICENSE.md → LICENSE} +2 -2
data/README.md +4 -28
data/Rakefile +2 -0
data/app/mailers/spree/user_mailer.rb +4 -2
data/app/models/spree/user.rb +21 -19
data/app/overrides/spree/admin/users/edit/_add_reset_password_form.html.erb.deface +20 -0
data/bin/console +17 -0
data/bin/rails +12 -4
data/bin/setup +8 -0
data/config/initializers/devise.rb +11 -3
data/config/initializers/warden.rb +4 -2
data/config/locales/en.yml +3 -1
data/config/locales/it.yml +4 -4
data/config/routes.rb +5 -11
data/db/default/users.rb +10 -8
data/db/migrate/20101026184949_create_users.rb +9 -7
data/db/migrate/20101026184950_rename_columns_for_devise.rb +3 -0
data/db/migrate/20101214150824_convert_user_remember_field.rb +2 -0
data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb +2 -0
data/db/migrate/20120605211305_make_users_email_index_unique.rb +4 -2
data/db/migrate/20140904000425_add_deleted_at_to_users.rb +2 -0
data/db/migrate/20141002154641_add_confirmable_to_users.rb +2 -0
data/db/migrate/20190125170630_add_reset_password_token_index_to_spree_users.rb +4 -2
data/db/migrate/20200417153503_add_unconfirmed_email_to_spree_users.rb +7 -0
data/db/seeds.rb +2 -0
data/lib/controllers/backend/spree/admin/user_passwords_controller.rb +5 -3
data/lib/controllers/backend/spree/admin/user_sessions_controller.rb +11 -8
data/lib/controllers/frontend/spree/user_confirmations_controller.rb +2 -0
data/lib/controllers/frontend/spree/user_passwords_controller.rb +4 -1
data/lib/controllers/frontend/spree/user_registrations_controller.rb +4 -0
data/lib/controllers/frontend/spree/user_sessions_controller.rb +2 -0
data/lib/controllers/frontend/spree/users_controller.rb +17 -14
data/lib/decorators/backend/controllers/spree/admin/base_controller_decorator.rb +20 -0
data/lib/decorators/backend/controllers/spree/admin/orders/customer_details_controller_decorator.rb +22 -0
data/lib/{controllers/frontend → decorators/frontend/controllers}/spree/checkout_controller_decorator.rb +29 -19
data/lib/generators/solidus/auth/install/install_generator.rb +16 -4
data/lib/generators/solidus/auth/install/templates/config/initializers/devise.rb +2 -0
data/lib/solidus/auth.rb +2 -0
data/lib/solidus_auth_devise.rb +12 -12
data/lib/spree/auth/devise.rb +2 -7
data/lib/spree/auth/engine.rb +51 -36
data/lib/spree/auth/version.rb +1 -1
data/{app/models → lib}/spree/auth_configuration.rb +2 -0
data/lib/spree/authentication_helpers.rb +5 -11
data/lib/tasks/auth.rake +3 -1
data/lib/views/backend/spree/admin/shared/_navigation_footer.html.erb +3 -3
data/lib/views/backend/spree/admin/user_passwords/edit.html.erb +4 -4
data/lib/views/backend/spree/admin/user_passwords/new.html.erb +5 -7
data/lib/views/backend/spree/admin/user_sessions/authorization_failure.html.erb +1 -1
data/lib/views/backend/spree/admin/user_sessions/new.html.erb +9 -9
data/lib/views/backend/spree/layouts/admin/_login_nav.html.erb +4 -4
data/lib/views/frontend/spree/checkout/registration.html.erb +4 -4
data/lib/views/frontend/spree/shared/_login.html.erb +4 -4
data/lib/views/frontend/spree/shared/_login_bar_items.html.erb +3 -3
data/lib/views/frontend/spree/shared/_user_form.html.erb +3 -3
data/lib/views/frontend/spree/user_passwords/edit.html.erb +4 -4
data/lib/views/frontend/spree/user_passwords/new.html.erb +5 -7
data/lib/views/frontend/spree/user_registrations/new.html.erb +3 -3
data/lib/views/frontend/spree/user_sessions/authorization_failure.html.erb +1 -1
data/lib/views/frontend/spree/user_sessions/new.html.erb +2 -2
data/lib/views/frontend/spree/users/edit.html.erb +2 -2
data/lib/views/frontend/spree/users/show.html.erb +13 -13
data/solidus_auth_devise.gemspec +40 -35
data/spec/controllers/spree/admin/base_controller_spec.rb +53 -0
data/spec/controllers/spree/admin/user_passwords_controller_spec.rb +2 -0
data/spec/controllers/spree/base_controller_spec.rb +53 -0
data/spec/controllers/spree/checkout_controller_spec.rb +5 -9
data/spec/controllers/spree/products_controller_spec.rb +5 -8
data/spec/controllers/spree/user_passwords_controller_spec.rb +4 -3
data/spec/controllers/spree/user_registrations_controller_spec.rb +3 -2
data/spec/controllers/spree/user_sessions_controller_spec.rb +14 -0
data/spec/controllers/spree/users_controller_spec.rb +2 -2
data/spec/factories/confirmed_user.rb +5 -3
data/spec/features/account_spec.rb +4 -3
data/spec/features/admin/password_reset_spec.rb +66 -10
data/spec/features/admin/products_spec.rb +2 -1
data/spec/features/admin/sign_in_spec.rb +2 -1
data/spec/features/admin/sign_out_spec.rb +2 -1
data/spec/features/admin_permissions_spec.rb +2 -1
data/spec/features/change_email_spec.rb +3 -2
data/spec/features/checkout_spec.rb +14 -37
data/spec/features/confirmation_spec.rb +4 -3
data/spec/features/order_spec.rb +2 -1
data/spec/features/password_reset_spec.rb +23 -10
data/spec/features/sign_in_spec.rb +2 -1
data/spec/features/sign_out_spec.rb +4 -3
data/spec/features/sign_up_spec.rb +2 -1
data/spec/mailers/user_mailer_spec.rb +2 -1
data/spec/models/order_spec.rb +2 -1
data/spec/models/user_spec.rb +15 -9
data/spec/spec_helper.rb +13 -9
data/spec/support/ability.rb +3 -1
data/spec/support/authentication_helpers.rb +2 -0
data/spec/support/confirm_helpers.rb +21 -10
data/spec/support/email.rb +2 -0
data/spec/support/features/fill_addresses_fields.rb +29 -0
data/spec/support/preferences.rb +10 -2
data/spec/support/spree.rb +2 -0
metadata +305 -212
data/.travis.yml +0 -18
data/app/overrides/auth_admin_login_navigation_bar.rb +0 -10
data/app/overrides/auth_shared_login_bar.rb +0 -10
data/lib/assets/javascripts/spree/backend/solidus_auth.js +0 -1
data/lib/assets/javascripts/spree/frontend/solidus_auth.js +0 -1
data/lib/assets/stylesheets/spree/backend/solidus_auth.css +0 -3
data/lib/assets/stylesheets/spree/frontend/solidus_auth.css +0 -3
data/lib/controllers/backend/spree/admin/admin_controller_decorator.rb +0 -11
data/lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb +0 -15
data/spec/features/admin/orders_spec.rb +0 -30

data/db/migrate/20101026184949_create_users.rb CHANGED

@@ -1,17 +1,19 @@
+# frozen_string_literal: true
 class CreateUsers < SolidusSupport::Migration[4.2]
   def up
     unless table_exists?("spree_users")
-      create_table "spree_users", :force => true do |t|
-        t.string   "crypted_password",          :limit => 128
-        t.string   "salt",                      :limit => 128
+      create_table "spree_users", force: true do |t|
+        t.string   "crypted_password",          limit: 128
+        t.string   "salt",                      limit: 128
         t.string   "email"
         t.string   "remember_token"
         t.string   "remember_token_expires_at"
         t.string   "persistence_token"
         t.string   "single_access_token"
         t.string   "perishable_token"
-        t.integer  "login_count",                              :default => 0, :null => false
-        t.integer  "failed_login_count",                       :default => 0, :null => false
+        t.integer  "login_count",                              default: 0, null: false
+        t.integer  "failed_login_count",                       default: 0, null: false
         t.datetime "last_request_at"
         t.datetime "current_login_at"
         t.datetime "last_login_at"
@@ -20,8 +22,8 @@ class CreateUsers < SolidusSupport::Migration[4.2]
         t.string   "login"
         t.integer  "ship_address_id"
         t.integer  "bill_address_id"
-        t.datetime "created_at",                                              :null => false
-        t.datetime "updated_at",                                              :null => false
+        t.datetime "created_at",                                              null: false
+        t.datetime "updated_at",                                              null: false
         t.string   "openid_identifier"
       end
     end

data/db/migrate/20101026184950_rename_columns_for_devise.rb CHANGED

@@ -1,6 +1,9 @@
+# frozen_string_literal: true
 class RenameColumnsForDevise < SolidusSupport::Migration[4.2]
   def up
     return if column_exists?(:spree_users, :password_salt)
     rename_column :spree_users, :crypted_password, :encrypted_password
     rename_column :spree_users, :salt, :password_salt
     rename_column :spree_users, :remember_token_expires_at, :remember_created_at

data/db/migrate/20101214150824_convert_user_remember_field.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class ConvertUserRememberField < SolidusSupport::Migration[4.2]
   def up
     remove_column :spree_users, :remember_created_at

data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class AddResetPasswordSentAtToSpreeUsers < SolidusSupport::Migration[4.2]
   def change
     Spree::User.reset_column_information

data/db/migrate/20120605211305_make_users_email_index_unique.rb CHANGED

@@ -1,9 +1,11 @@
+# frozen_string_literal: true
 class MakeUsersEmailIndexUnique < SolidusSupport::Migration[4.2]
   def up
-    add_index "spree_users", ["email"], :name => "email_idx_unique", :unique => true
+    add_index "spree_users", ["email"], name: "email_idx_unique", unique: true
   end
   def down
-    remove_index "spree_users", :name => "email_idx_unique"
+    remove_index "spree_users", name: "email_idx_unique"
   end
 end

data/db/migrate/20140904000425_add_deleted_at_to_users.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class AddDeletedAtToUsers < SolidusSupport::Migration[4.2]
   def change
     add_column :spree_users, :deleted_at, :datetime

data/db/migrate/20141002154641_add_confirmable_to_users.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class AddConfirmableToUsers < SolidusSupport::Migration[4.2]
   def change
     add_column :spree_users, :confirmation_token, :string

data/db/migrate/20190125170630_add_reset_password_token_index_to_spree_users.rb CHANGED

@@ -1,8 +1,10 @@
+# frozen_string_literal: true
 class AddResetPasswordTokenIndexToSpreeUsers < SolidusSupport::Migration[4.2]
   # We're not using the standard Rails index name because somebody could have
-  # already added that index to the table. By using a custom name we ensure
+  #  already added that index to the table. By using a custom name we ensure
   # that the index can effectively be added and removed via migrations/rollbacks
-  # without having any impact on such installations. The index name is Rails
+  #  without having any impact on such installations. The index name is Rails
   # standard name + "_solidus_auth_devise"; the length is 61 chars which is
   # still OK for Sqlite, mySQL and Postgres.
   def custom_index_name

data/db/migrate/20200417153503_add_unconfirmed_email_to_spree_users.rb ADDED

@@ -0,0 +1,7 @@
+class AddUnconfirmedEmailToSpreeUsers < SolidusSupport::Migration[5.1]
+  def change
+    unless column_exists?(:spree_users, :unconfirmed_email)
+      add_column :spree_users, :unconfirmed_email, :string
+    end
+  end
+end

data/db/seeds.rb CHANGED

@@ -1 +1,3 @@
+# frozen_string_literal: true
 require_relative 'default/users.rb'

data/lib/controllers/backend/spree/admin/user_passwords_controller.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Spree::Admin::UserPasswordsController < Devise::PasswordsController
   helper 'spree/base'
@@ -20,9 +22,10 @@ class Spree::Admin::UserPasswordsController < Devise::PasswordsController
   def create
     self.resource = resource_class.send_reset_password_instructions(params[resource_name])
+    set_flash_message(:notice, :send_instructions) if is_navigational_format?
     if resource.errors.empty?
-      set_flash_message(:notice, :send_instructions) if is_navigational_format?
-      respond_with resource, location: spree.admin_login_path
+      respond_with resource, location: admin_user_path(resource)
     else
       respond_with_navigational(resource) { render :new }
     end
@@ -39,5 +42,4 @@ class Spree::Admin::UserPasswordsController < Devise::PasswordsController
       super
     end
   end
 end

data/lib/controllers/backend/spree/admin/user_sessions_controller.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Spree::Admin::UserSessionsController < Devise::SessionsController
   helper 'spree/base'
@@ -19,7 +21,7 @@ class Spree::Admin::UserSessionsController < Devise::SessionsController
         }
         format.js {
           user = resource.record
-          render json: {ship_address: user.ship_address, bill_address: user.bill_address}.to_json
+          render json: { ship_address: user.ship_address, bill_address: user.bill_address }.to_json
         }
       end
     else
@@ -32,12 +34,13 @@ class Spree::Admin::UserSessionsController < Devise::SessionsController
   end
   private
-    def accurate_title
-      I18n.t('spree.login')
-    end
-    def redirect_back_or_default(default)
-      redirect_to(session["spree_user_return_to"] || default)
-      session["spree_user_return_to"] = nil
-    end
+  def accurate_title
+    I18n.t('spree.login')
+  end
+  def redirect_back_or_default(default)
+    redirect_to(session["spree_user_return_to"] || default)
+    session["spree_user_return_to"] = nil
+  end
 end

data/lib/controllers/frontend/spree/user_confirmations_controller.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Spree::UserConfirmationsController < Devise::ConfirmationsController
   helper 'spree/base', 'spree/store'

data/lib/controllers/frontend/spree/user_passwords_controller.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Spree::UserPasswordsController < Devise::PasswordsController
   helper 'spree/base', 'spree/store'
@@ -16,8 +18,9 @@ class Spree::UserPasswordsController < Devise::PasswordsController
   def create
     self.resource = resource_class.send_reset_password_instructions(params[resource_name])
+    set_flash_message(:notice, :send_instructions) if is_navigational_format?
     if resource.errors.empty?
-      set_flash_message(:notice, :send_instructions) if is_navigational_format?
       respond_with resource, location: spree.login_path
     else
       respond_with_navigational(resource) { render :new }

data/lib/controllers/frontend/spree/user_registrations_controller.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Spree::UserRegistrationsController < Devise::RegistrationsController
   helper 'spree/base', 'spree/store'
@@ -25,6 +27,7 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
   end
   protected
   def translation_scope
     'devise.user_registrations'
   end
@@ -34,6 +37,7 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
   end
   private
   def spree_user_params
     params.require(:spree_user).permit(Spree::PermittedAttributes.user_attributes | [:email])
   end

data/lib/controllers/frontend/spree/user_sessions_controller.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Spree::UserSessionsController < Devise::SessionsController
   helper 'spree/base', 'spree/store'

data/lib/controllers/frontend/spree/users_controller.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Spree::UsersController < Spree::StoreController
   skip_before_action :set_current_order, only: :show, raise: false
   prepend_before_action :load_object, only: [:show, :edit, :update]
@@ -24,7 +26,7 @@ class Spree::UsersController < Spree::StoreController
   end
   def update
-    if @user.update_attributes(user_params)
+    if @user.update(user_params)
       spree_current_user.reload
       if params[:user][:password].present?
@@ -40,20 +42,21 @@ class Spree::UsersController < Spree::StoreController
   end
   private
-    def user_params
-      params.require(:user).permit(Spree::PermittedAttributes.user_attributes | [:email])
-    end
-    def load_object
-      @user ||= Spree::User.find_by(id: spree_current_user&.id)
-      authorize! params[:action].to_sym, @user
-    end
+  def user_params
+    params.require(:user).permit(Spree::PermittedAttributes.user_attributes | [:email])
+  end
-    def authorize_actions
-      authorize! params[:action].to_sym, Spree::User.new
-    end
+  def load_object
+    @user ||= Spree::User.find_by(id: spree_current_user&.id)
+    authorize! params[:action].to_sym, @user
+  end
-    def accurate_title
-      I18n.t('spree.my_account')
-    end
+  def authorize_actions
+    authorize! params[:action].to_sym, Spree::User.new
+  end
+  def accurate_title
+    I18n.t('spree.my_account')
+  end
 end

data/lib/decorators/backend/controllers/spree/admin/base_controller_decorator.rb ADDED

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+module Spree
+  module Admin
+    module BaseControllerDecorator
+      protected
+      def model_class
+        const_name = controller_name.classify
+        if Spree.const_defined?(const_name, false)
+          return "Spree::#{const_name}".constantize
+        end
+        nil
+      end
+      ::Spree::Admin::BaseController.prepend self
+    end
+  end
+end

data/lib/decorators/backend/controllers/spree/admin/orders/customer_details_controller_decorator.rb ADDED

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+module Spree::Admin::Orders::CustomerDetailsControllerDecorator
+  def self.prepended(base)
+    base.before_action :check_authorization
+  end
+  private
+  def check_authorization
+    load_order
+    session[:access_token] ||= params[:token]
+    resource = @order
+    action = params[:action].to_sym
+    action = :edit if action == :show # show route renders :edit for this controller
+    authorize! action, resource, session[:access_token]
+  end
+  Spree::Admin::Orders::CustomerDetailsController.prepend self
+end

data/lib/{controllers/frontend → decorators/frontend/controllers}/spree/checkout_controller_decorator.rb RENAMED

@@ -1,27 +1,32 @@
-Spree::CheckoutController.class_eval do
-  prepend_before_action :check_registration,
-    except: [:registration, :update_registration]
-  prepend_before_action :check_authorization
+# frozen_string_literal: true
-  # This action builds some associations on the order, ex. addresses, which we
-  # don't to build or save here.
-  skip_before_action :setup_for_current_state, only: [:registration, :update_registration]
+module Spree
+  module CheckoutControllerDecorator
+    def self.prepended(base)
+      base.before_action :check_registration, except: [:registration, :update_registration]
+      base.before_action :check_authorization
-  def registration
-    @user = Spree::User.new
-  end
+      # This action builds some associations on the order, ex. addresses, which we
+      # don't to build or save here.
+      base.skip_before_action :setup_for_current_state, only: [:registration, :update_registration]
+    end
-  def update_registration
-    if params[:order][:email] =~ Devise.email_regexp && current_order.update_attributes(email: params[:order][:email])
-      redirect_to spree.checkout_path
-    else
-      flash[:registration_error] = t(:email_is_invalid, scope: [:errors, :messages])
+    def registration
       @user = Spree::User.new
-      render 'registration'
     end
-  end
-  private
+    def update_registration
+      if params[:order][:email] =~ Devise.email_regexp && current_order.update(email: params[:order][:email])
+        redirect_to spree.checkout_path
+      else
+        flash[:registration_error] = t(:email_is_invalid, scope: [:errors, :messages])
+        @user = Spree::User.new
+        render 'registration'
+      end
+    end
+    private
     def order_params
       params.
         fetch(:order, {}).
@@ -39,6 +44,7 @@ Spree::CheckoutController.class_eval do
     # Introduces a registration step whenever the +registration_step+ preference is true.
     def check_registration
       return unless registration_required?
       store_location
       redirect_to spree.checkout_registration_path
     end
@@ -53,7 +59,7 @@ Spree::CheckoutController.class_eval do
     end
     def guest_authenticated?
-      current_order.try!(:email).present? &&
+      current_order&.email.present? &&
         Spree::Config[:allow_guest_checkout]
     end
@@ -61,6 +67,10 @@ Spree::CheckoutController.class_eval do
     # are redirected to the tokenized order url unless authenticated as a registered user.
     def completion_route
       return spree.order_path(@order) if spree_current_user
       spree.token_order_path(@order, @order.guest_token)
     end
+    ::Spree::CheckoutController.prepend self
+  end
 end

data/lib/generators/solidus/auth/install/install_generator.rb CHANGED

@@ -1,10 +1,15 @@
+# frozen_string_literal: true
 module Solidus
   module Auth
     module Generators
       class InstallGenerator < Rails::Generators::Base
+        class_option :auto_run_migrations, type: :boolean, default: false
+        class_option :skip_migrations, type: :boolean, default: false
         def self.source_paths
-          paths = self.superclass.source_paths
-          paths << File.expand_path('../templates', __FILE__)
+          paths = superclass.source_paths
+          paths << File.expand_path('templates', __dir__)
           paths.flatten
         end
@@ -13,11 +18,18 @@ module Solidus
         end
         def add_migrations
-          run 'bundle exec rake railties:install:migrations FROM=solidus_auth_devise'
+          run 'bundle exec rake railties:install:migrations FROM=solidus_auth'
         end
         def run_migrations
-          run 'bundle exec rake db:migrate'
+          return if options[:skip_migrations]
+          run_migrations = options[:auto_run_migrations] || ['', 'y', 'Y'].include?(ask('Would you like to run the migrations now? [Y/n]'))
+          if run_migrations
+            run 'bundle exec rake db:migrate'
+          else
+            puts 'Skipping rake db:migrate, don\'t forget to run it!' # rubocop:disable Rails/Output
+          end
         end
       end
     end

data/lib/generators/solidus/auth/install/templates/config/initializers/devise.rb CHANGED

@@ -1 +1,3 @@
+# frozen_string_literal: true
 Devise.secret_key = SecureRandom.hex(50).inspect