solidus_auth_devise 2.4.0 → 2.5.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of solidus_auth_devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.gem_release.yml +3 -8
- data/.github/stale.yml +17 -0
- data/.gitignore +12 -8
- data/.rubocop.yml +1 -325
- data/CHANGELOG.md +35 -7
- data/Gemfile +16 -19
- data/{LICENSE.md → LICENSE} +2 -2
- data/app/models/spree/user.rb +2 -0
- data/bin/console +17 -0
- data/bin/rails +12 -4
- data/bin/setup +8 -0
- data/db/migrate/20200417153503_add_unconfirmed_email_to_spree_users.rb +7 -0
- data/lib/{controllers/backend → decorators/backend/controllers}/spree/admin/base_controller_decorator.rb +0 -0
- data/lib/{controllers/backend → decorators/backend/controllers}/spree/admin/orders/customer_details_controller_decorator.rb +0 -0
- data/lib/{controllers/frontend → decorators/frontend/controllers}/spree/checkout_controller_decorator.rb +0 -0
- data/lib/generators/solidus/auth/install/install_generator.rb +11 -1
- data/lib/solidus_auth_devise.rb +11 -5
- data/lib/spree/auth/devise.rb +0 -7
- data/lib/spree/auth/engine.rb +46 -35
- data/lib/spree/auth/version.rb +1 -1
- data/lib/views/backend/spree/admin/user_sessions/new.html.erb +2 -2
- data/solidus_auth_devise.gemspec +29 -35
- data/spec/controllers/spree/admin/base_controller_spec.rb +53 -0
- data/spec/controllers/spree/base_controller_spec.rb +53 -0
- data/spec/features/admin/password_reset_spec.rb +3 -3
- data/spec/features/checkout_spec.rb +7 -32
- data/spec/features/confirmation_spec.rb +2 -3
- data/spec/models/user_spec.rb +13 -8
- data/spec/spec_helper.rb +10 -8
- data/spec/support/confirm_helpers.rb +19 -10
- data/spec/support/features/fill_addresses_fields.rb +29 -0
- metadata +302 -280
- data/lib/assets/javascripts/spree/backend/solidus_auth.js +0 -1
- data/lib/assets/javascripts/spree/frontend/solidus_auth.js +0 -1
- data/lib/assets/stylesheets/spree/backend/solidus_auth.css +0 -3
- data/lib/assets/stylesheets/spree/frontend/solidus_auth.css +0 -3
- data/spec/features/admin/orders_spec.rb +0 -31
data/Gemfile
CHANGED
@@ -1,32 +1,29 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
source
|
3
|
+
source 'https://rubygems.org'
|
4
|
+
git_source(:github) { |repo| "https://github.com/#{repo}.git" }
|
4
5
|
|
5
6
|
branch = ENV.fetch('SOLIDUS_BRANCH', 'master')
|
6
|
-
gem
|
7
|
+
gem 'solidus', github: 'solidusio/solidus', branch: branch
|
7
8
|
|
8
9
|
# Needed to help Bundler figure out how to resolve dependencies,
|
9
|
-
# otherwise it takes forever to resolve them
|
10
|
-
|
11
|
-
|
12
|
-
else
|
13
|
-
gem 'rails', '~> 5.0'
|
14
|
-
end
|
15
|
-
|
16
|
-
group :test do
|
17
|
-
gem 'rails-controller-testing', '~> 1.0'
|
18
|
-
gem 'factory_bot', '> 4.10.0'
|
19
|
-
end
|
10
|
+
# otherwise it takes forever to resolve them.
|
11
|
+
# See https://github.com/bundler/bundler/issues/6677
|
12
|
+
gem 'rails', '>0.a'
|
20
13
|
|
21
14
|
case ENV['DB']
|
22
15
|
when 'mysql'
|
23
|
-
gem 'mysql2'
|
24
|
-
when '
|
25
|
-
gem 'pg'
|
16
|
+
gem 'mysql2'
|
17
|
+
when 'postgresql'
|
18
|
+
gem 'pg'
|
19
|
+
else
|
20
|
+
gem 'sqlite3'
|
26
21
|
end
|
27
22
|
|
28
|
-
|
29
|
-
gem 'pry-rails', '~> 0.3.9'
|
30
|
-
end
|
23
|
+
gem 'rails-controller-testing', group: :test
|
31
24
|
|
32
25
|
gemspec
|
26
|
+
|
27
|
+
# Use a local Gemfile to include development dependencies that might not be
|
28
|
+
# relevant for the project or for other contributors, e.g.: `gem 'pry-debug'`.
|
29
|
+
eval_gemfile 'Gemfile-local' if File.exist? 'Gemfile-local'
|
data/{LICENSE.md → LICENSE}
RENAMED
@@ -1,4 +1,4 @@
|
|
1
|
-
Copyright (c)
|
1
|
+
Copyright (c) 2020 Solidus Team
|
2
2
|
All rights reserved.
|
3
3
|
|
4
4
|
Redistribution and use in source and binary forms, with or without modification,
|
@@ -9,7 +9,7 @@ are permitted provided that the following conditions are met:
|
|
9
9
|
* Redistributions in binary form must reproduce the above copyright notice,
|
10
10
|
this list of conditions and the following disclaimer in the documentation
|
11
11
|
and/or other materials provided with the distribution.
|
12
|
-
* Neither the name
|
12
|
+
* Neither the name Solidus nor the names of its contributors may be used to
|
13
13
|
endorse or promote products derived from this software without specific
|
14
14
|
prior written permission.
|
15
15
|
|
data/app/models/spree/user.rb
CHANGED
data/bin/console
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
# frozen_string_literal: true
|
4
|
+
|
5
|
+
require "bundler/setup"
|
6
|
+
require "solidus_auth_devise"
|
7
|
+
|
8
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
9
|
+
# with your gem easier. You can also use a different console, if you like.
|
10
|
+
$LOAD_PATH.unshift(*Dir["#{__dir__}/../app/*"])
|
11
|
+
|
12
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
13
|
+
# require "pry"
|
14
|
+
# Pry.start
|
15
|
+
|
16
|
+
require "irb"
|
17
|
+
IRB.start(__FILE__)
|
data/bin/rails
CHANGED
@@ -1,7 +1,15 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
|
3
|
-
|
4
|
-
ENGINE_PATH = File.expand_path('../../lib/spree/auth/engine', __FILE__)
|
3
|
+
# frozen_string_literal: true
|
5
4
|
|
6
|
-
|
7
|
-
|
5
|
+
app_root = 'spec/dummy'
|
6
|
+
|
7
|
+
unless File.exist? "#{app_root}/bin/rails"
|
8
|
+
system "bin/rake", app_root or begin # rubocop:disable Style/AndOr
|
9
|
+
warn "Automatic creation of the dummy app failed"
|
10
|
+
exit 1
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
Dir.chdir app_root
|
15
|
+
exec 'bin/rails', *ARGV
|
data/bin/setup
ADDED
File without changes
|
File without changes
|
File without changes
|
@@ -4,6 +4,9 @@ module Solidus
|
|
4
4
|
module Auth
|
5
5
|
module Generators
|
6
6
|
class InstallGenerator < Rails::Generators::Base
|
7
|
+
class_option :auto_run_migrations, type: :boolean, default: false
|
8
|
+
class_option :skip_migrations, type: :boolean, default: false
|
9
|
+
|
7
10
|
def self.source_paths
|
8
11
|
paths = superclass.source_paths
|
9
12
|
paths << File.expand_path('templates', __dir__)
|
@@ -19,7 +22,14 @@ module Solidus
|
|
19
22
|
end
|
20
23
|
|
21
24
|
def run_migrations
|
22
|
-
|
25
|
+
return if options[:skip_migrations]
|
26
|
+
|
27
|
+
run_migrations = options[:auto_run_migrations] || ['', 'y', 'Y'].include?(ask('Would you like to run the migrations now? [Y/n]'))
|
28
|
+
if run_migrations
|
29
|
+
run 'bundle exec rake db:migrate'
|
30
|
+
else
|
31
|
+
puts 'Skipping rake db:migrate, don\'t forget to run it!' # rubocop:disable Rails/Output
|
32
|
+
end
|
23
33
|
end
|
24
34
|
end
|
25
35
|
end
|
data/lib/solidus_auth_devise.rb
CHANGED
@@ -1,7 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require
|
6
|
-
require
|
7
|
-
require
|
3
|
+
require 'solidus_core'
|
4
|
+
require 'solidus_support'
|
5
|
+
require 'deface'
|
6
|
+
require 'devise'
|
7
|
+
require 'devise-encryptable'
|
8
|
+
require 'cancan'
|
9
|
+
|
10
|
+
require 'spree/auth/devise'
|
11
|
+
require 'spree/auth/version'
|
12
|
+
require 'spree/auth/engine'
|
13
|
+
require 'spree/authentication_helpers'
|
data/lib/spree/auth/devise.rb
CHANGED
@@ -1,10 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'spree/core'
|
4
|
-
require 'devise'
|
5
|
-
require 'devise-encryptable'
|
6
|
-
require 'cancan'
|
7
|
-
|
8
3
|
module Spree
|
9
4
|
module Auth
|
10
5
|
def self.config
|
@@ -12,5 +7,3 @@ module Spree
|
|
12
7
|
end
|
13
8
|
end
|
14
9
|
end
|
15
|
-
|
16
|
-
require 'spree/auth/engine'
|
data/lib/spree/auth/engine.rb
CHANGED
@@ -6,6 +6,8 @@ require 'devise-encryptable'
|
|
6
6
|
module Spree
|
7
7
|
module Auth
|
8
8
|
class Engine < Rails::Engine
|
9
|
+
include SolidusSupport::EngineExtensions
|
10
|
+
|
9
11
|
isolate_namespace Spree
|
10
12
|
engine_name 'solidus_auth'
|
11
13
|
|
@@ -18,65 +20,74 @@ module Spree
|
|
18
20
|
end
|
19
21
|
|
20
22
|
config.to_prepare do
|
21
|
-
|
22
|
-
|
23
|
-
auth.prepare_backend if SolidusSupport.backend_available?
|
24
|
-
auth.prepare_frontend if SolidusSupport.frontend_available?
|
23
|
+
Spree::Auth::Engine.prepare_backend if SolidusSupport.backend_available?
|
24
|
+
Spree::Auth::Engine.prepare_frontend if SolidusSupport.frontend_available?
|
25
25
|
|
26
|
-
ApplicationController.
|
26
|
+
ApplicationController.include Spree::AuthenticationHelpers
|
27
27
|
end
|
28
28
|
|
29
|
-
def self.
|
30
|
-
|
31
|
-
lib/assets/javascripts/spree/backend/solidus_auth.js
|
32
|
-
lib/assets/javascripts/spree/backend/solidus_auth.css
|
33
|
-
]
|
29
|
+
def self.redirect_back_on_unauthorized?
|
30
|
+
return false unless Spree::Config.respond_to?(:redirect_back_on_unauthorized)
|
34
31
|
|
35
|
-
|
36
|
-
|
32
|
+
if Spree::Config.redirect_back_on_unauthorized
|
33
|
+
true
|
34
|
+
else
|
35
|
+
Spree::Deprecation.warn <<-WARN.strip_heredoc, caller
|
36
|
+
Having Spree::Config.redirect_back_on_unauthorized set
|
37
|
+
to `false` is deprecated and will not be supported in Solidus 3.0.
|
38
|
+
Please change this configuration to `true` and be sure that your
|
39
|
+
application does not break trying to redirect back when there is
|
40
|
+
an unauthorized access.
|
41
|
+
WARN
|
42
|
+
|
43
|
+
false
|
37
44
|
end
|
45
|
+
end
|
38
46
|
|
47
|
+
def self.prepare_backend
|
39
48
|
Spree::Admin::BaseController.unauthorized_redirect = -> do
|
40
49
|
if try_spree_current_user
|
41
50
|
flash[:error] = I18n.t('spree.authorization_failure')
|
42
|
-
|
51
|
+
|
52
|
+
if Spree::Auth::Engine.redirect_back_on_unauthorized?
|
53
|
+
redirect_back(fallback_location: spree.admin_unauthorized_path)
|
54
|
+
else
|
55
|
+
redirect_to spree.admin_unauthorized_path
|
56
|
+
end
|
43
57
|
else
|
44
58
|
store_location
|
45
|
-
|
59
|
+
|
60
|
+
if Spree::Auth::Engine.redirect_back_on_unauthorized?
|
61
|
+
redirect_back(fallback_location: spree.admin_login_path)
|
62
|
+
else
|
63
|
+
redirect_to spree.admin_login_path
|
64
|
+
end
|
46
65
|
end
|
47
66
|
end
|
48
67
|
end
|
49
68
|
|
50
|
-
def self.prepare_frontend
|
51
|
-
Rails.application.config.assets.precompile += %w[
|
52
|
-
lib/assets/javascripts/spree/frontend/solidus_auth.js
|
53
|
-
lib/assets/javascripts/spree/frontend/solidus_auth.css
|
54
|
-
]
|
55
|
-
|
56
|
-
Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/frontend/*/*_decorator*.rb")) do |c|
|
57
|
-
Rails.configuration.cache_classes ? require(c) : load(c)
|
58
|
-
end
|
59
69
|
|
70
|
+
def self.prepare_frontend
|
60
71
|
Spree::BaseController.unauthorized_redirect = -> do
|
61
72
|
if try_spree_current_user
|
62
73
|
flash[:error] = I18n.t('spree.authorization_failure')
|
63
|
-
|
74
|
+
|
75
|
+
if Spree::Auth::Engine.redirect_back_on_unauthorized?
|
76
|
+
redirect_back(fallback_location: spree.unauthorized_path)
|
77
|
+
else
|
78
|
+
redirect_to spree.unauthorized_path
|
79
|
+
end
|
64
80
|
else
|
65
81
|
store_location
|
66
|
-
|
82
|
+
|
83
|
+
if Spree::Auth::Engine.redirect_back_on_unauthorized?
|
84
|
+
redirect_back(fallback_location: spree.login_path)
|
85
|
+
else
|
86
|
+
redirect_to spree.login_path
|
87
|
+
end
|
67
88
|
end
|
68
89
|
end
|
69
90
|
end
|
70
|
-
|
71
|
-
if SolidusSupport.backend_available?
|
72
|
-
paths["app/controllers"] << "lib/controllers/backend"
|
73
|
-
paths["app/views"] << "lib/views/backend"
|
74
|
-
end
|
75
|
-
|
76
|
-
if SolidusSupport.frontend_available?
|
77
|
-
paths["app/controllers"] << "lib/controllers/frontend"
|
78
|
-
paths["app/views"] << "lib/views/frontend"
|
79
|
-
end
|
80
91
|
end
|
81
92
|
end
|
82
93
|
end
|
data/lib/spree/auth/version.rb
CHANGED
@@ -10,11 +10,11 @@
|
|
10
10
|
<div id="password-credentials">
|
11
11
|
<p>
|
12
12
|
<%= f.label :email, I18n.t('spree.email') %><br />
|
13
|
-
<%= f.email_field :email, class: 'title', tabindex: 1 %>
|
13
|
+
<%= f.email_field :email, class: 'title', tabindex: 1, autocomplete: 'username' %>
|
14
14
|
</p>
|
15
15
|
<p>
|
16
16
|
<%= f.label :password, I18n.t('spree.password') %><br />
|
17
|
-
<%= f.password_field :password, class: 'title', tabindex: 2 %>
|
17
|
+
<%= f.password_field :password, class: 'title', tabindex: 2, autocomplete: 'current-password' %>
|
18
18
|
</p>
|
19
19
|
</div>
|
20
20
|
<p>
|
data/solidus_auth_devise.gemspec
CHANGED
@@ -1,25 +1,33 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
$:.
|
3
|
+
$:.push File.expand_path('lib', __dir__)
|
4
4
|
require 'spree/auth/version'
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
|
-
s.platform
|
8
|
-
s.name
|
9
|
-
s.version
|
10
|
-
s.summary
|
11
|
-
s.
|
12
|
-
|
13
|
-
s.author
|
14
|
-
s.email
|
15
|
-
|
16
|
-
|
17
|
-
s.
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
s.
|
7
|
+
s.platform = Gem::Platform::RUBY
|
8
|
+
s.name = "solidus_auth_devise"
|
9
|
+
s.version = Spree::Auth::VERSION
|
10
|
+
s.summary = "Provides authentication and authorization services for use with Solidus by using Devise and CanCan."
|
11
|
+
s.license = 'BSD-3-Clause'
|
12
|
+
|
13
|
+
s.author = 'Solidus Team'
|
14
|
+
s.email = 'contact@solidus.io'
|
15
|
+
s.homepage = 'https://github.com/solidusio/solidus_auth_devise'
|
16
|
+
|
17
|
+
if s.respond_to?(:metadata)
|
18
|
+
s.metadata["homepage_uri"] = s.homepage if s.homepage
|
19
|
+
s.metadata["source_code_uri"] = s.homepage if s.homepage
|
20
|
+
end
|
21
|
+
|
22
|
+
s.required_ruby_version = '~> 2.4'
|
23
|
+
|
24
|
+
s.files = Dir.chdir(File.expand_path(__dir__)) do
|
25
|
+
`git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
26
|
+
end
|
27
|
+
s.test_files = Dir['spec/**/*']
|
28
|
+
s.bindir = "exe"
|
29
|
+
s.executables = s.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
30
|
+
s.require_paths = ["lib"]
|
23
31
|
|
24
32
|
solidus_version = [">= 2.6", "< 3"]
|
25
33
|
|
@@ -29,28 +37,14 @@ Gem::Specification.new do |s|
|
|
29
37
|
secret_token is undefined or not available, secret_key_base will be used instead.
|
30
38
|
".strip.gsub(/ +/, ' ')
|
31
39
|
|
40
|
+
s.add_dependency "deface", "~> 1.0"
|
32
41
|
s.add_dependency "devise", '~> 4.1'
|
33
42
|
s.add_dependency "devise-encryptable", "0.2.0"
|
43
|
+
s.add_dependency "paranoia", "~> 2.4"
|
34
44
|
s.add_dependency "solidus_core", solidus_version
|
35
|
-
s.add_dependency "solidus_support", "
|
36
|
-
s.add_dependency "deface", "~> 1.0"
|
45
|
+
s.add_dependency "solidus_support", "~> 0.5"
|
37
46
|
|
38
|
-
s.add_development_dependency "capybara", "~> 2.14"
|
39
|
-
s.add_development_dependency "capybara-screenshot"
|
40
|
-
s.add_development_dependency "coffee-rails"
|
41
|
-
s.add_development_dependency "database_cleaner", "~> 1.6"
|
42
|
-
s.add_development_dependency "ffaker"
|
43
|
-
s.add_development_dependency "gem-release", "~> 2.0"
|
44
|
-
s.add_development_dependency "github_changelog_generator", "~> 1.14"
|
45
|
-
s.add_development_dependency "rspec-rails", "~> 4.0.0.beta2"
|
46
|
-
s.add_development_dependency "rubocop", "~> 0.71"
|
47
|
-
s.add_development_dependency "rubocop-performance", "~> 1.4"
|
48
|
-
s.add_development_dependency "rubocop-rails", "~> 2.2"
|
49
|
-
s.add_development_dependency "sass-rails"
|
50
|
-
s.add_development_dependency "selenium-webdriver", "~> 3.142"
|
51
|
-
s.add_development_dependency "shoulda-matchers", "~> 3.1"
|
52
|
-
s.add_development_dependency "simplecov", "~> 0.14"
|
53
47
|
s.add_development_dependency "solidus_backend", solidus_version
|
48
|
+
s.add_development_dependency "solidus_dev_support", ">= 0.3.0"
|
54
49
|
s.add_development_dependency "solidus_frontend", solidus_version
|
55
|
-
s.add_development_dependency "sqlite3"
|
56
50
|
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
RSpec.describe Spree::Admin::BaseController, type: :controller do
|
6
|
+
describe '#unauthorized_redirect' do
|
7
|
+
controller(described_class) do
|
8
|
+
def index; authorize!(:read, :something); end
|
9
|
+
end
|
10
|
+
|
11
|
+
before do
|
12
|
+
stub_spree_preferences(Spree::Config, redirect_back_on_unauthorized: true)
|
13
|
+
end
|
14
|
+
|
15
|
+
context "when user is logged in" do
|
16
|
+
before { sign_in(create(:user)) }
|
17
|
+
|
18
|
+
context "when http_referrer is not present" do
|
19
|
+
it "redirects to unauthorized path" do
|
20
|
+
get :index
|
21
|
+
expect(response).to redirect_to(spree.admin_unauthorized_path)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
context "when http_referrer is present" do
|
26
|
+
before { request.env['HTTP_REFERER'] = '/redirect' }
|
27
|
+
|
28
|
+
it "redirects back" do
|
29
|
+
get :index
|
30
|
+
expect(response).to redirect_to('/redirect')
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
context "when user is not logged in" do
|
36
|
+
context "when http_referrer is not present" do
|
37
|
+
it "redirects to login path" do
|
38
|
+
get :index
|
39
|
+
expect(response).to redirect_to(spree.admin_login_path)
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
context "when http_referrer is present" do
|
44
|
+
before { request.env['HTTP_REFERER'] = '/redirect' }
|
45
|
+
|
46
|
+
it "redirects back" do
|
47
|
+
get :index
|
48
|
+
expect(response).to redirect_to('/redirect')
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|