solidus_auth_devise 2.3.0 → 2.5.3

data/Gemfile

@@ -1,30 +1,29 @@
 # frozen_string_literal: true
 
-source "https://rubygems.org"
+source 'https://rubygems.org'
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 
 branch = ENV.fetch('SOLIDUS_BRANCH', 'master')
-gem "solidus", github: "solidusio/solidus", branch: branch
-
-group :test do
-  if branch == 'master' || branch >= "v2.0"
-    gem 'rails-controller-testing', '~> 1.0'
-  else
-    gem "rails_test_params_backport"
-  end
-
-  gem 'factory_bot', (branch < 'v2.5' ? '4.10.0' : '> 4.10.0')
-end
-
-if ENV['DB'] == 'mysql'
-  gem 'mysql2', '~> 0.4.10'
+gem 'solidus', github: 'solidusio/solidus', branch: branch
+
+# Needed to help Bundler figure out how to resolve dependencies,
+# otherwise it takes forever to resolve them.
+# See https://github.com/bundler/bundler/issues/6677
+gem 'rails', '>0.a'
+
+case ENV['DB']
+when 'mysql'
+  gem 'mysql2'
+when 'postgresql'
+  gem 'pg'
 else
-  gem 'pg', '~> 0.21'
+  gem 'sqlite3'
 end
 
-group :development, :test do
-  gem 'pry-rails', '~> 0.3.9'
-end
-
-gem 'deface', '~> 1.3', require: false
+gem 'rails-controller-testing', group: :test
 
 gemspec
+
+# Use a local Gemfile to include development dependencies that might not be
+# relevant for the project or for other contributors, e.g.: `gem 'pry-debug'`.
+eval_gemfile 'Gemfile-local' if File.exist? 'Gemfile-local'

data/{LICENSE.md → LICENSE}

@@ -1,4 +1,4 @@
-Copyright (c) 2014, Spree Commerce, Inc. and other contributors
+Copyright (c) 2020 Solidus Team
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -9,7 +9,7 @@ are permitted provided that the following conditions are met:
     * Redistributions in binary form must reproduce the above copyright notice,
       this list of conditions and the following disclaimer in the documentation
       and/or other materials provided with the distribution.
-    * Neither the name Spree nor the names of its contributors may be used to
+    * Neither the name Solidus nor the names of its contributors may be used to
       endorse or promote products derived from this software without specific
       prior written permission.
 

data/README.md

@@ -98,45 +98,4 @@ bundle exec rake
 
 ## Releasing a new version
 
-#### 1. Bump gem version and push to RubyGems
-
-We use [gem-release](https://github.com/svenfuchs/gem-release) to release this
-extension with ease.
-
-Supposing you are on the master branch and you are working on a fork of this
-extension, `upstream` is the main remote and you have write access to it, you
-can simply run:
-
-```bash
-gem bump --version minor --tag --release
-```
-
-This command will:
-
-- bump the gem version to the next minor (changing the `version.rb` file)
-- commit the change and push it to upstream master
-- create a git tag
-- push the tag to the upstream remote
-- release the new version on RubyGems
-
-Or you can run these commands individually:
-
-```bash
-gem bump --version minor
-gem tag
-gem release
-```
-
-#### 2. Publish the updated CHANGELOG
-
-After the release is done we can generate the updated CHANGELOG
-using
-[github-changelog-generator](https://github.com/github-changelog-generator/github-changelog-generator)
-by running the following command:
-
-
-```bash
-bundle exec github_changelog_generator solidusio/solidus_auth_devise --token YOUR_GITHUB_TOKEN
-git commit -am 'Update CHANGELOG'
-git push upstream master
-```
+Please refer to the dedicated [page](https://github.com/solidusio/solidus/wiki/How-to-release-extensions) on Solidus wiki.

data/app/models/spree/user.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'paranoia'
+
 module Spree
   class User < Spree::Base
     include UserMethods
@@ -46,6 +48,8 @@ module Spree
     end
 
     def scramble_email_and_password
+      return true if destroyed?
+
       self.email = SecureRandom.uuid + "@example.net"
       self.login = email
       self.password = SecureRandom.hex(8)

data/app/overrides/spree/admin/users/edit/_add_reset_password_form.html.erb.deface

@@ -0,0 +1,20 @@
+<!--
+  insert_before "fieldset#admin_user_edit_api_key"
+  original "904c52ff702412d1dc8d55ff44d87d7f581f6675"
+-->
+
+<% if @user != try_spree_current_user %>
+  <fieldset class="no-border-bottom" data-hook="admin_user_reset_password">
+    <legend><%= t(:'spree.forgot_password') %></legend>
+
+    <%= form_for [:admin, @user], as: :spree_user, url: admin_reset_password_path, method: :post do |f| %>
+      <%= f.hidden_field :email, value: @user.email %>
+
+      <% if can?(:update, @user) %>
+        <div class="align-center">
+          <%= f.submit Spree.user_class.human_attribute_name(:reset_password), class: "button primary" %>
+        </div>
+      <% end %>
+    <% end %>
+  </fieldset>
+<% end %>

data/bin/console

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "solidus_auth_devise"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+$LOAD_PATH.unshift(*Dir["#{__dir__}/../app/*"])
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/rails

@@ -1,7 +1,15 @@
 #!/usr/bin/env ruby
 
-ENGINE_ROOT = File.expand_path('../..', __FILE__)
-ENGINE_PATH = File.expand_path('../../lib/spree/auth/engine', __FILE__)
+# frozen_string_literal: true
 
-require 'rails/all'
-require 'rails/engine/commands'
+app_root = 'spec/dummy'
+
+unless File.exist? "#{app_root}/bin/rails"
+  system "bin/rake", app_root or begin # rubocop:disable Style/AndOr
+    warn "Automatic creation of the dummy app failed"
+    exit 1
+  end
+end
+
+Dir.chdir app_root
+exec 'bin/rails', *ARGV

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+gem install bundler --conservative
+bundle update
+bundle exec rake clobber

data/config/locales/it.yml

@@ -1,8 +1,8 @@
+---
 it:
   spree:
-    admin:
-      tab:
-        users: Utenti
+    admin_login: Login Amministrazione
+    change_my_password: Cambia la password
   devise:
     confirmations:
       confirmed: Il tuo account è stato correttamente confermato. Ora sei collegato.
@@ -65,9 +65,9 @@ it:
       signed_out: Uscito correttamente.
   errors:
     messages:
-      email_is_invalid: L'indirizzo email non può essere vuoto
       already_confirmed: è stato già confermato
       confirmation_period_expired: deve essere confermato entro %{period}, richiedi una nuova conferma
+      email_is_invalid: L'indirizzo email non può essere vuoto
       expired: è scaduto, si prega di richiederne uno nuovo
       not_found: non trovato
       not_locked: non era bloccato

data/db/migrate/20200417153503_add_unconfirmed_email_to_spree_users.rb

@@ -0,0 +1,7 @@
+class AddUnconfirmedEmailToSpreeUsers < SolidusSupport::Migration[5.1]
+  def change
+    unless column_exists?(:spree_users, :unconfirmed_email)
+      add_column :spree_users, :unconfirmed_email, :string
+    end
+  end
+end

data/lib/controllers/backend/spree/admin/user_passwords_controller.rb

@@ -25,7 +25,7 @@ class Spree::Admin::UserPasswordsController < Devise::PasswordsController
     set_flash_message(:notice, :send_instructions) if is_navigational_format?
 
     if resource.errors.empty?
-      respond_with resource, location: spree.admin_login_path
+      respond_with resource, location: admin_user_path(resource)
     else
       respond_with_navigational(resource) { render :new }
     end

data/lib/controllers/frontend/spree/users_controller.rb

@@ -28,14 +28,17 @@ class Spree::UsersController < Spree::StoreController
   def update
     if @user.update(user_params)
       spree_current_user.reload
+      redirect_url = spree.account_url
 
       if params[:user][:password].present?
         # this logic needed b/c devise wants to log us out after password changes
-        unless Spree::Auth::Config[:signout_after_password_change]
+        if Spree::Auth::Config[:signout_after_password_change]
+          redirect_url = spree.login_url
+        else
           bypass_sign_in(@user)
         end
       end
-      redirect_to spree.account_url, notice: I18n.t('spree.account_updated')
+      redirect_to redirect_url, notice: I18n.t('spree.account_updated')
     else
       render :edit
     end

data/lib/{controllers/backend → decorators/backend/controllers}/spree/admin/orders/customer_details_controller_decorator.rb

@@ -1,7 +1,9 @@
 # frozen_string_literal: true
 
-Spree::Admin::Orders::CustomerDetailsController.class_eval do
-  before_action :check_authorization
+module Spree::Admin::Orders::CustomerDetailsControllerDecorator
+  def self.prepended(base)
+    base.before_action :check_authorization
+  end
 
   private
 
@@ -15,4 +17,6 @@ Spree::Admin::Orders::CustomerDetailsController.class_eval do
 
     authorize! action, resource, session[:access_token]
   end
+
+  Spree::Admin::Orders::CustomerDetailsController.prepend self
 end

data/lib/generators/solidus/auth/install/install_generator.rb

@@ -4,6 +4,9 @@ module Solidus
   module Auth
     module Generators
       class InstallGenerator < Rails::Generators::Base
+        class_option :auto_run_migrations, type: :boolean, default: false
+        class_option :skip_migrations, type: :boolean, default: false
+
         def self.source_paths
           paths = superclass.source_paths
           paths << File.expand_path('templates', __dir__)
@@ -15,11 +18,18 @@ module Solidus
         end
 
         def add_migrations
-          run 'bundle exec rake railties:install:migrations FROM=solidus_auth_devise'
+          run 'bundle exec rake railties:install:migrations FROM=solidus_auth'
         end
 
         def run_migrations
-          run 'bundle exec rake db:migrate'
+          return if options[:skip_migrations]
+
+          run_migrations = options[:auto_run_migrations] || ['', 'y', 'Y'].include?(ask('Would you like to run the migrations now? [Y/n]'))
+          if run_migrations
+            run 'bundle exec rake db:migrate'
+          else
+            puts 'Skipping rake db:migrate, don\'t forget to run it!' # rubocop:disable Rails/Output
+          end
         end
       end
     end

data/lib/solidus_auth_devise.rb

@@ -1,15 +1,13 @@
 # frozen_string_literal: true
 
-require "spree_core"
-require "solidus_support"
-require "spree/auth/devise"
-require "spree/authentication_helpers"
+require 'solidus_core'
+require 'solidus_support'
+require 'deface'
+require 'devise'
+require 'devise-encryptable'
+require 'cancan'
 
-if SolidusSupport.solidus_gem_version < Gem::Version.new('2.5.x')
-  begin
-    require "deface"
-  rescue LoadError
-    warn "deface is required to run solidus_auth_devise with solidus versions < 2.5. Please add deface to your Gemfile"
-    raise
-  end
-end
+require 'spree/auth/devise'
+require 'spree/auth/version'
+require 'spree/auth/engine'
+require 'spree/authentication_helpers'

data/lib/spree/auth/devise.rb

@@ -1,10 +1,5 @@
 # frozen_string_literal: true
 
-require 'spree/core'
-require 'devise'
-require 'devise-encryptable'
-require 'cancan'
-
 module Spree
   module Auth
     def self.config
@@ -12,5 +7,3 @@ module Spree
     end
   end
 end
-
-require 'spree/auth/engine'

data/lib/spree/auth/engine.rb

@@ -6,10 +6,14 @@ require 'devise-encryptable'
 module Spree
   module Auth
     class Engine < Rails::Engine
+      include SolidusSupport::EngineExtensions
+
       isolate_namespace Spree
       engine_name 'solidus_auth'
 
       initializer "spree.auth.environment", before: :load_config_initializers do |_app|
+        require 'spree/auth_configuration'
+
         Spree::Auth::Config = Spree::AuthConfiguration.new
       end
 
@@ -18,65 +22,74 @@ module Spree
       end
 
       config.to_prepare do
-        auth = Spree::Auth::Engine
-
-        auth.prepare_backend  if SolidusSupport.backend_available?
-        auth.prepare_frontend if SolidusSupport.frontend_available?
+        Spree::Auth::Engine.prepare_backend if SolidusSupport.backend_available?
+        Spree::Auth::Engine.prepare_frontend if SolidusSupport.frontend_available?
 
-        ApplicationController.send :include, Spree::AuthenticationHelpers
+        ApplicationController.include Spree::AuthenticationHelpers
       end
 
-      def self.prepare_backend
-        Rails.application.config.assets.precompile += %w[
-          lib/assets/javascripts/spree/backend/solidus_auth.js
-          lib/assets/javascripts/spree/backend/solidus_auth.css
-        ]
+      def self.redirect_back_on_unauthorized?
+        return false unless Spree::Config.respond_to?(:redirect_back_on_unauthorized)
+
+        if Spree::Config.redirect_back_on_unauthorized
+          true
+        else
+          Spree::Deprecation.warn <<-WARN.strip_heredoc, caller
+            Having Spree::Config.redirect_back_on_unauthorized set
+            to `false` is deprecated and will not be supported in Solidus 3.0.
+            Please change this configuration to `true` and be sure that your
+            application does not break trying to redirect back when there is
+            an unauthorized access.
+          WARN
 
-        Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/backend/*/*/*_decorator*.rb")) do |c|
-          Rails.configuration.cache_classes ? require(c) : load(c)
+          false
         end
+      end
 
+      def self.prepare_backend
         Spree::Admin::BaseController.unauthorized_redirect = -> do
           if try_spree_current_user
             flash[:error] = I18n.t('spree.authorization_failure')
-            redirect_to spree.admin_unauthorized_path
+
+            if Spree::Auth::Engine.redirect_back_on_unauthorized?
+              redirect_back(fallback_location: spree.admin_unauthorized_path)
+            else
+              redirect_to spree.admin_unauthorized_path
+            end
           else
             store_location
-            redirect_to spree.admin_login_path
+
+            if Spree::Auth::Engine.redirect_back_on_unauthorized?
+              redirect_back(fallback_location: spree.admin_login_path)
+            else
+              redirect_to spree.admin_login_path
+            end
           end
         end
       end
 
-      def self.prepare_frontend
-        Rails.application.config.assets.precompile += %w[
-          lib/assets/javascripts/spree/frontend/solidus_auth.js
-          lib/assets/javascripts/spree/frontend/solidus_auth.css
-        ]
-
-        Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/frontend/*/*_decorator*.rb")) do |c|
-          Rails.configuration.cache_classes ? require(c) : load(c)
-        end
 
+      def self.prepare_frontend
         Spree::BaseController.unauthorized_redirect = -> do
           if try_spree_current_user
             flash[:error] = I18n.t('spree.authorization_failure')
-            redirect_to spree.unauthorized_path
+
+            if Spree::Auth::Engine.redirect_back_on_unauthorized?
+              redirect_back(fallback_location: spree.unauthorized_path)
+            else
+              redirect_to spree.unauthorized_path
+            end
           else
             store_location
-            redirect_to spree.login_path
+
+            if Spree::Auth::Engine.redirect_back_on_unauthorized?
+              redirect_back(fallback_location: spree.login_path)
+            else
+              redirect_to spree.login_path
+            end
           end
         end
       end
-
-      if SolidusSupport.backend_available?
-        paths["app/controllers"] << "lib/controllers/backend"
-        paths["app/views"] << "lib/views/backend"
-      end
-
-      if SolidusSupport.frontend_available?
-        paths["app/controllers"] << "lib/controllers/frontend"
-        paths["app/views"] << "lib/views/frontend"
-      end
     end
   end
 end