solidus_auth_devise 1.5.0 → 1.6.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of solidus_auth_devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +5 -1
- data/CHANGELOG.md +9 -1
- data/Gemfile +4 -0
- data/app/models/spree/auth_configuration.rb +2 -0
- data/app/overrides/auth_admin_login_navigation_bar.rb +11 -0
- data/config/routes.rb +10 -2
- data/lib/spree/auth/devise.rb +0 -6
- data/lib/spree/auth/engine.rb +0 -9
- data/solidus_auth_devise.gemspec +2 -2
- data/spec/controllers/spree/checkout_controller_spec.rb +14 -14
- data/spec/controllers/spree/products_controller_spec.rb +2 -2
- data/spec/controllers/spree/user_passwords_controller_spec.rb +4 -4
- data/spec/controllers/spree/user_registrations_controller_spec.rb +1 -1
- data/spec/controllers/spree/user_sessions_controller_spec.rb +1 -1
- data/spec/controllers/spree/users_controller_spec.rb +4 -4
- metadata +9 -9
- data/app/overrides/spree/admin/shared/_header/auth_admin_login_navigation_bar.html.erb.deface +0 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 59657ee853e6da1a3dc473ab72d480314ca4af04
|
4
|
+
data.tar.gz: 5453c9c17ae5cc87cd6f37bd31265e341d643b2e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0858cd10ce944dc24381e6acf4837fee98246b438fbe59f4f6055870ef2838638616458399ebb48e815c39d8cd07281070f0a4511095eeb2ecda1d851491c01d
|
7
|
+
data.tar.gz: abe7d73b5778f7d37273622b54cd6909d2bdea7bfd495de98f2175153c5d9e975161c155c3631e5d84a3f4720cf6cf8605c7693289d1c93b58b4bbcea3ab1eb9
|
data/.travis.yml
CHANGED
@@ -1,16 +1,20 @@
|
|
1
1
|
sudo: false
|
2
2
|
language: ruby
|
3
3
|
rvm:
|
4
|
-
- 2.1
|
4
|
+
- 2.3.1
|
5
5
|
env:
|
6
6
|
matrix:
|
7
7
|
- SOLIDUS_BRANCH=v1.0 DB=postgres
|
8
8
|
- SOLIDUS_BRANCH=v1.1 DB=postgres
|
9
9
|
- SOLIDUS_BRANCH=v1.2 DB=postgres
|
10
10
|
- SOLIDUS_BRANCH=v1.3 DB=postgres
|
11
|
+
- SOLIDUS_BRANCH=v1.4 DB=postgres
|
12
|
+
- SOLIDUS_BRANCH=v2.0 DB=postgres
|
11
13
|
- SOLIDUS_BRANCH=master DB=postgres
|
12
14
|
- SOLIDUS_BRANCH=v1.0 DB=mysql
|
13
15
|
- SOLIDUS_BRANCH=v1.1 DB=mysql
|
14
16
|
- SOLIDUS_BRANCH=v1.2 DB=mysql
|
15
17
|
- SOLIDUS_BRANCH=v1.3 DB=mysql
|
18
|
+
- SOLIDUS_BRANCH=v1.4 DB=mysql
|
19
|
+
- SOLIDUS_BRANCH=v2.0 DB=mysql
|
16
20
|
- SOLIDUS_BRANCH=master DB=mysql
|
data/CHANGELOG.md
CHANGED
@@ -1,4 +1,12 @@
|
|
1
|
-
##
|
1
|
+
## Master (unreleased)
|
2
|
+
|
3
|
+
## Solidus Auth Devise v1.6.0 (2016-08-23)
|
4
|
+
|
5
|
+
* Loading of routes can be disabled through config (#71)
|
6
|
+
|
7
|
+
* Support for Solidus 2.0 and Rails 5.0
|
8
|
+
|
9
|
+
* Remove load-time manipulation of the Devise secret key (#67)
|
2
10
|
|
3
11
|
## Solidus Auth Devise v1.5.0 (2016-07-18)
|
4
12
|
|
data/Gemfile
CHANGED
@@ -3,6 +3,10 @@ source "https://rubygems.org"
|
|
3
3
|
branch = ENV.fetch('SOLIDUS_BRANCH', 'master')
|
4
4
|
gem "solidus", github: "solidusio/solidus", branch: branch
|
5
5
|
|
6
|
+
if branch == 'master' || branch >= "v2.0"
|
7
|
+
gem "rails-controller-testing", group: :test
|
8
|
+
end
|
9
|
+
|
6
10
|
gem 'pg'
|
7
11
|
gem 'mysql2'
|
8
12
|
|
@@ -3,5 +3,7 @@ module Spree
|
|
3
3
|
preference :registration_step, :boolean, default: true
|
4
4
|
preference :signout_after_password_change, :boolean, default: true
|
5
5
|
preference :confirmable, :boolean, default: false
|
6
|
+
preference :draw_frontend_routes, :boolean, default: true
|
7
|
+
preference :draw_backend_routes, :boolean, default: true
|
6
8
|
end
|
7
9
|
end
|
@@ -0,0 +1,11 @@
|
|
1
|
+
override_required = !Spree.respond_to?(:solidus_version) || Spree.solidus_version < '1.2'
|
2
|
+
if override_required
|
3
|
+
Deface::Override.new(
|
4
|
+
virtual_path: "spree/admin/shared/_header",
|
5
|
+
name: "auth_admin_login_navigation_bar",
|
6
|
+
insert_before: "[data-hook='admin_login_navigation_bar'], #admin_login_navigation_bar[data-hook]",
|
7
|
+
partial: "spree/layouts/admin/login_nav",
|
8
|
+
disabled: false,
|
9
|
+
original: '841227d0aedf7909d62237d8778df99100087715'
|
10
|
+
)
|
11
|
+
end
|
data/config/routes.rb
CHANGED
@@ -1,5 +1,9 @@
|
|
1
1
|
Spree::Core::Engine.routes.draw do
|
2
|
-
if
|
2
|
+
if (
|
3
|
+
Spree::Auth::Engine.frontend_available? &&
|
4
|
+
Spree::Auth::Config.draw_frontend_routes
|
5
|
+
)
|
6
|
+
|
3
7
|
devise_for(:spree_user, {
|
4
8
|
class_name: 'Spree::User',
|
5
9
|
controllers: {
|
@@ -34,7 +38,11 @@ Spree::Core::Engine.routes.draw do
|
|
34
38
|
resource :account, controller: 'users'
|
35
39
|
end
|
36
40
|
|
37
|
-
if
|
41
|
+
if (
|
42
|
+
Spree::Auth::Engine.backend_available? &&
|
43
|
+
Spree::Auth::Config.draw_backend_routes
|
44
|
+
)
|
45
|
+
|
38
46
|
namespace :admin do
|
39
47
|
devise_for(:spree_user, {
|
40
48
|
class_name: 'Spree::User',
|
data/lib/spree/auth/devise.rb
CHANGED
@@ -3,18 +3,12 @@ require 'devise'
|
|
3
3
|
require 'devise-encryptable'
|
4
4
|
require 'cancan'
|
5
5
|
|
6
|
-
Devise.secret_key = SecureRandom.hex(50)
|
7
|
-
|
8
6
|
module Spree
|
9
7
|
module Auth
|
10
|
-
mattr_accessor :default_secret_key
|
11
|
-
|
12
8
|
def self.config(&block)
|
13
9
|
yield(Spree::Auth::Config)
|
14
10
|
end
|
15
11
|
end
|
16
12
|
end
|
17
13
|
|
18
|
-
Spree::Auth.default_secret_key = Devise.secret_key
|
19
|
-
|
20
14
|
require 'spree/auth/engine'
|
data/lib/spree/auth/engine.rb
CHANGED
@@ -15,15 +15,6 @@ module Spree
|
|
15
15
|
Spree.user_class = "Spree::User"
|
16
16
|
end
|
17
17
|
|
18
|
-
initializer "solidus_auth_devise.check_secret_token" do
|
19
|
-
if Spree::Auth.default_secret_key == Devise.secret_key
|
20
|
-
puts "[WARNING] You are not setting Devise.secret_key within your application!"
|
21
|
-
puts "You must set this in config/initializers/devise.rb. Here's an example:"
|
22
|
-
puts " "
|
23
|
-
puts %Q{Devise.secret_key = "#{SecureRandom.hex(50)}"}
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
18
|
config.to_prepare do
|
28
19
|
auth = Spree::Auth::Engine
|
29
20
|
|
data/solidus_auth_devise.gemspec
CHANGED
@@ -3,7 +3,7 @@
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.platform = Gem::Platform::RUBY
|
5
5
|
s.name = "solidus_auth_devise"
|
6
|
-
s.version = "1.
|
6
|
+
s.version = "1.6.0"
|
7
7
|
s.summary = "Provides authentication and authorization services for use with Solidus by using Devise and CanCan."
|
8
8
|
s.description = s.summary
|
9
9
|
|
@@ -18,7 +18,7 @@ Gem::Specification.new do |s|
|
|
18
18
|
s.require_path = "lib"
|
19
19
|
s.requirements << "none"
|
20
20
|
|
21
|
-
solidus_version = [">= 1.0.6", "<
|
21
|
+
solidus_version = [">= 1.0.6", "< 3"]
|
22
22
|
|
23
23
|
s.add_dependency "solidus_core", solidus_version
|
24
24
|
s.add_dependency "devise", '~> 4.1'
|
@@ -20,14 +20,14 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
20
20
|
before { allow(controller).to receive(:spree_current_user) { user } }
|
21
21
|
|
22
22
|
it 'proceeds to the first checkout step' do
|
23
|
-
|
23
|
+
get :edit, { state: 'address' }
|
24
24
|
expect(response).to render_template :edit
|
25
25
|
end
|
26
26
|
end
|
27
27
|
|
28
28
|
context 'when not authenticated as guest' do
|
29
29
|
it 'redirects to registration step' do
|
30
|
-
|
30
|
+
get :edit, { state: 'address' }
|
31
31
|
expect(response).to redirect_to spree.checkout_registration_path
|
32
32
|
end
|
33
33
|
end
|
@@ -36,7 +36,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
36
36
|
before { order.email = 'guest@solidus.io' }
|
37
37
|
|
38
38
|
it 'proceeds to the first checkout step' do
|
39
|
-
|
39
|
+
get :edit, { state: 'address' }
|
40
40
|
expect(response).to render_template :edit
|
41
41
|
end
|
42
42
|
|
@@ -50,7 +50,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
50
50
|
end
|
51
51
|
|
52
52
|
it 'redirects to registration step' do
|
53
|
-
|
53
|
+
get :edit, { state: 'address' }
|
54
54
|
expect(response).to redirect_to spree.checkout_registration_path
|
55
55
|
end
|
56
56
|
end
|
@@ -67,14 +67,14 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
67
67
|
before { allow(controller).to receive(:spree_current_user) { user } }
|
68
68
|
|
69
69
|
it 'proceeds to the first checkout step' do
|
70
|
-
|
70
|
+
get :edit, { state: 'address' }
|
71
71
|
expect(response).to render_template :edit
|
72
72
|
end
|
73
73
|
end
|
74
74
|
|
75
75
|
context 'when authenticated as guest' do
|
76
76
|
it 'proceeds to the first checkout step' do
|
77
|
-
|
77
|
+
get :edit, { state: 'address' }
|
78
78
|
expect(response).to render_template :edit
|
79
79
|
end
|
80
80
|
end
|
@@ -96,7 +96,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
96
96
|
|
97
97
|
it 'redirects to the tokenized order view' do
|
98
98
|
request.cookie_jar.signed[:guest_token] = 'ABC'
|
99
|
-
|
99
|
+
post :update, { state: 'confirm' }
|
100
100
|
expect(response).to redirect_to spree.token_order_path(order, 'ABC')
|
101
101
|
expect(flash.notice).to eq Spree.t(:order_processed_successfully)
|
102
102
|
end
|
@@ -110,7 +110,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
110
110
|
end
|
111
111
|
|
112
112
|
it 'redirects to the standard order view' do
|
113
|
-
|
113
|
+
post :update, { state: 'confirm' }
|
114
114
|
expect(response).to redirect_to spree.order_path(order)
|
115
115
|
end
|
116
116
|
end
|
@@ -121,13 +121,13 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
121
121
|
it 'does not check registration' do
|
122
122
|
allow(controller).to receive(:check_authorization)
|
123
123
|
expect(controller).not_to receive(:check_registration)
|
124
|
-
|
124
|
+
get :registration
|
125
125
|
end
|
126
126
|
|
127
127
|
it 'checks if the user is authorized for :edit' do
|
128
128
|
expect(controller).to receive(:authorize!).with(:edit, order, token)
|
129
129
|
request.cookie_jar.signed[:guest_token] = token
|
130
|
-
|
130
|
+
get :registration, {}
|
131
131
|
end
|
132
132
|
end
|
133
133
|
|
@@ -138,12 +138,12 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
138
138
|
controller.stub :check_authorization
|
139
139
|
order.stub update_attributes: true
|
140
140
|
controller.should_not_receive :check_registration
|
141
|
-
|
141
|
+
put :update_registration, { order: { email: 'foo@example.com' } }
|
142
142
|
end
|
143
143
|
|
144
144
|
it 'renders the registration view if unable to save' do
|
145
145
|
allow(controller).to receive(:check_authorization)
|
146
|
-
|
146
|
+
put :update_registration, { order: { email: 'invalid' } }
|
147
147
|
expect(flash[:registration_error]).to eq I18n.t(:email_is_invalid, scope: [:errors, :messages])
|
148
148
|
expect(response).to render_template :registration
|
149
149
|
end
|
@@ -151,7 +151,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
151
151
|
it 'redirects to the checkout_path after saving' do
|
152
152
|
allow(order).to receive(:update_attributes) { true }
|
153
153
|
allow(controller).to receive(:check_authorization)
|
154
|
-
|
154
|
+
put :update_registration, { order: { email: 'jobs@spreecommerce.com' } }
|
155
155
|
expect(response).to redirect_to spree.checkout_path
|
156
156
|
end
|
157
157
|
|
@@ -159,7 +159,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
159
159
|
request.cookie_jar.signed[:guest_token] = token
|
160
160
|
allow(order).to receive(:update_attributes) { true }
|
161
161
|
expect(controller).to receive(:authorize!).with(:edit, order, token)
|
162
|
-
|
162
|
+
put :update_registration, { order: { email: 'jobs@spreecommerce.com' } }
|
163
163
|
end
|
164
164
|
end
|
165
165
|
end
|
@@ -7,7 +7,7 @@ RSpec.describe Spree::ProductsController, type: :controller do
|
|
7
7
|
allow(controller).to receive(:before_save_new_order)
|
8
8
|
allow(controller).to receive(:spree_current_user) { user }
|
9
9
|
allow(user).to receive(:has_spree_role?) { true }
|
10
|
-
|
10
|
+
get :show, id: product.to_param
|
11
11
|
expect(response.status).to eq(200)
|
12
12
|
end
|
13
13
|
|
@@ -15,7 +15,7 @@ RSpec.describe Spree::ProductsController, type: :controller do
|
|
15
15
|
allow(controller).to receive(:before_save_new_order)
|
16
16
|
allow(controller).to receive(:spree_current_user) { user }
|
17
17
|
allow(user).to receive(:has_spree_role?) { false }
|
18
|
-
|
18
|
+
get :show, id: product.to_param
|
19
19
|
expect(response.status).to eq(404)
|
20
20
|
end
|
21
21
|
end
|
@@ -7,14 +7,14 @@ RSpec.describe Spree::UserPasswordsController, type: :controller do
|
|
7
7
|
describe 'GET edit' do
|
8
8
|
context 'when the user token has not been specified' do
|
9
9
|
it 'redirects to the new session path' do
|
10
|
-
|
10
|
+
get :edit
|
11
11
|
expect(response).to redirect_to(
|
12
12
|
'http://test.host/user/spree_user/sign_in'
|
13
13
|
)
|
14
14
|
end
|
15
15
|
|
16
16
|
it 'flashes an error' do
|
17
|
-
|
17
|
+
get :edit
|
18
18
|
expect(flash[:alert]).to include(
|
19
19
|
"You can't access this page without coming from a password reset " +
|
20
20
|
'email'
|
@@ -24,7 +24,7 @@ RSpec.describe Spree::UserPasswordsController, type: :controller do
|
|
24
24
|
|
25
25
|
context 'when the user token has been specified' do
|
26
26
|
it 'does something' do
|
27
|
-
|
27
|
+
get :edit, reset_password_token: token
|
28
28
|
expect(response.code).to eq('200')
|
29
29
|
end
|
30
30
|
end
|
@@ -33,7 +33,7 @@ RSpec.describe Spree::UserPasswordsController, type: :controller do
|
|
33
33
|
context '#update' do
|
34
34
|
context 'when updating password with blank password' do
|
35
35
|
it 'shows error flash message, sets spree_user with token and re-displays password edit form' do
|
36
|
-
|
36
|
+
put :update, { spree_user: { password: '', password_confirmation: '', reset_password_token: token } }
|
37
37
|
expect(assigns(:spree_user).kind_of?(Spree::User)).to eq true
|
38
38
|
expect(assigns(:spree_user).reset_password_token).to eq token
|
39
39
|
expect(flash[:error]).to eq I18n.t(:cannot_be_blank, scope: [:devise, :user_passwords, :spree_user])
|
@@ -9,14 +9,14 @@ RSpec.describe Spree::UsersController, type: :controller do
|
|
9
9
|
context '#load_object' do
|
10
10
|
it 'redirects to signup path if user is not found' do
|
11
11
|
allow(controller).to receive(:spree_current_user) { nil }
|
12
|
-
|
12
|
+
put :update, { user: { email: 'foobar@example.com' } }
|
13
13
|
expect(response).to redirect_to spree.login_path
|
14
14
|
end
|
15
15
|
end
|
16
16
|
|
17
17
|
context '#create' do
|
18
18
|
it 'creates a new user' do
|
19
|
-
|
19
|
+
post :create, { user: { email: 'foobar@example.com', password: 'foobar123', password_confirmation: 'foobar123' } }
|
20
20
|
expect(assigns[:user].new_record?).to be false
|
21
21
|
end
|
22
22
|
end
|
@@ -24,14 +24,14 @@ RSpec.describe Spree::UsersController, type: :controller do
|
|
24
24
|
context '#update' do
|
25
25
|
context 'when updating own account' do
|
26
26
|
it 'performs update' do
|
27
|
-
|
27
|
+
put :update, { user: { email: 'mynew@email-address.com' } }
|
28
28
|
expect(assigns[:user].email).to eq 'mynew@email-address.com'
|
29
29
|
expect(response).to redirect_to spree.account_url(only_path: true)
|
30
30
|
end
|
31
31
|
end
|
32
32
|
|
33
33
|
it 'does not update roles' do
|
34
|
-
|
34
|
+
put :update, user: { spree_role_ids: [role.id] }
|
35
35
|
expect(assigns[:user].spree_roles).to_not include role
|
36
36
|
end
|
37
37
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: solidus_auth_devise
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Solidus Team
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-08-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: solidus_core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: 1.0.6
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: '
|
22
|
+
version: '3'
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: 1.0.6
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: '
|
32
|
+
version: '3'
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: devise
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -109,7 +109,7 @@ dependencies:
|
|
109
109
|
version: 1.0.6
|
110
110
|
- - "<"
|
111
111
|
- !ruby/object:Gem::Version
|
112
|
-
version: '
|
112
|
+
version: '3'
|
113
113
|
type: :development
|
114
114
|
prerelease: false
|
115
115
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -119,7 +119,7 @@ dependencies:
|
|
119
119
|
version: 1.0.6
|
120
120
|
- - "<"
|
121
121
|
- !ruby/object:Gem::Version
|
122
|
-
version: '
|
122
|
+
version: '3'
|
123
123
|
- !ruby/object:Gem::Dependency
|
124
124
|
name: solidus_frontend
|
125
125
|
requirement: !ruby/object:Gem::Requirement
|
@@ -129,7 +129,7 @@ dependencies:
|
|
129
129
|
version: 1.0.6
|
130
130
|
- - "<"
|
131
131
|
- !ruby/object:Gem::Version
|
132
|
-
version: '
|
132
|
+
version: '3'
|
133
133
|
type: :development
|
134
134
|
prerelease: false
|
135
135
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -139,7 +139,7 @@ dependencies:
|
|
139
139
|
version: 1.0.6
|
140
140
|
- - "<"
|
141
141
|
- !ruby/object:Gem::Version
|
142
|
-
version: '
|
142
|
+
version: '3'
|
143
143
|
- !ruby/object:Gem::Dependency
|
144
144
|
name: rspec-rails
|
145
145
|
requirement: !ruby/object:Gem::Requirement
|
@@ -312,8 +312,8 @@ files:
|
|
312
312
|
- app/mailers/spree/user_mailer.rb
|
313
313
|
- app/models/spree/auth_configuration.rb
|
314
314
|
- app/models/spree/user.rb
|
315
|
+
- app/overrides/auth_admin_login_navigation_bar.rb
|
315
316
|
- app/overrides/auth_shared_login_bar.rb
|
316
|
-
- app/overrides/spree/admin/shared/_header/auth_admin_login_navigation_bar.html.erb.deface
|
317
317
|
- bin/rails
|
318
318
|
- circle.yml
|
319
319
|
- config/initializers/devise.rb
|