solidus_auth_devise 1.5.0 → 1.6.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of solidus_auth_devise might be problematic. Click here for more details.

Files changed (18) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +5 -1
  3. data/CHANGELOG.md +9 -1
  4. data/Gemfile +4 -0
  5. data/app/models/spree/auth_configuration.rb +2 -0
  6. data/app/overrides/auth_admin_login_navigation_bar.rb +11 -0
  7. data/config/routes.rb +10 -2
  8. data/lib/spree/auth/devise.rb +0 -6
  9. data/lib/spree/auth/engine.rb +0 -9
  10. data/solidus_auth_devise.gemspec +2 -2
  11. data/spec/controllers/spree/checkout_controller_spec.rb +14 -14
  12. data/spec/controllers/spree/products_controller_spec.rb +2 -2
  13. data/spec/controllers/spree/user_passwords_controller_spec.rb +4 -4
  14. data/spec/controllers/spree/user_registrations_controller_spec.rb +1 -1
  15. data/spec/controllers/spree/user_sessions_controller_spec.rb +1 -1
  16. data/spec/controllers/spree/users_controller_spec.rb +4 -4
  17. metadata +9 -9
  18. data/app/overrides/spree/admin/shared/_header/auth_admin_login_navigation_bar.html.erb.deface +0 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ed48bb8fc53ea89e494278ad2016e10fcfbd30bc
4
- data.tar.gz: b761cf86babf945a3433d9aa1cf2b9279139e52c
3
+ metadata.gz: 59657ee853e6da1a3dc473ab72d480314ca4af04
4
+ data.tar.gz: 5453c9c17ae5cc87cd6f37bd31265e341d643b2e
5
5
  SHA512:
6
- metadata.gz: 8a8ecb33d6be656864477bcc7d55b7adb1b3a8ee19b3061c49e48e618fb21b098a0ab86cfdbba117fff817c0e4b87306dbf5caa7203e2d674b74e3adcd03d862
7
- data.tar.gz: 035211966358072827219d129f5dece6b04bd7a5d47316dd5d7bc5d40cdd700b314774a434e7f288f50bd9f42a03acbc1ded8c381f925deed2cf1b038caef878
6
+ metadata.gz: 0858cd10ce944dc24381e6acf4837fee98246b438fbe59f4f6055870ef2838638616458399ebb48e815c39d8cd07281070f0a4511095eeb2ecda1d851491c01d
7
+ data.tar.gz: abe7d73b5778f7d37273622b54cd6909d2bdea7bfd495de98f2175153c5d9e975161c155c3631e5d84a3f4720cf6cf8605c7693289d1c93b58b4bbcea3ab1eb9
data/.travis.yml CHANGED
@@ -1,16 +1,20 @@
1
1
  sudo: false
2
2
  language: ruby
3
3
  rvm:
4
- - 2.1.8
4
+ - 2.3.1
5
5
  env:
6
6
  matrix:
7
7
  - SOLIDUS_BRANCH=v1.0 DB=postgres
8
8
  - SOLIDUS_BRANCH=v1.1 DB=postgres
9
9
  - SOLIDUS_BRANCH=v1.2 DB=postgres
10
10
  - SOLIDUS_BRANCH=v1.3 DB=postgres
11
+ - SOLIDUS_BRANCH=v1.4 DB=postgres
12
+ - SOLIDUS_BRANCH=v2.0 DB=postgres
11
13
  - SOLIDUS_BRANCH=master DB=postgres
12
14
  - SOLIDUS_BRANCH=v1.0 DB=mysql
13
15
  - SOLIDUS_BRANCH=v1.1 DB=mysql
14
16
  - SOLIDUS_BRANCH=v1.2 DB=mysql
15
17
  - SOLIDUS_BRANCH=v1.3 DB=mysql
18
+ - SOLIDUS_BRANCH=v1.4 DB=mysql
19
+ - SOLIDUS_BRANCH=v2.0 DB=mysql
16
20
  - SOLIDUS_BRANCH=master DB=mysql
data/CHANGELOG.md CHANGED
@@ -1,4 +1,12 @@
1
- ## Solidus Auth Devise v1.6.0 (master, unreleased)
1
+ ## Master (unreleased)
2
+
3
+ ## Solidus Auth Devise v1.6.0 (2016-08-23)
4
+
5
+ * Loading of routes can be disabled through config (#71)
6
+
7
+ * Support for Solidus 2.0 and Rails 5.0
8
+
9
+ * Remove load-time manipulation of the Devise secret key (#67)
2
10
 
3
11
  ## Solidus Auth Devise v1.5.0 (2016-07-18)
4
12
 
data/Gemfile CHANGED
@@ -3,6 +3,10 @@ source "https://rubygems.org"
3
3
  branch = ENV.fetch('SOLIDUS_BRANCH', 'master')
4
4
  gem "solidus", github: "solidusio/solidus", branch: branch
5
5
 
6
+ if branch == 'master' || branch >= "v2.0"
7
+ gem "rails-controller-testing", group: :test
8
+ end
9
+
6
10
  gem 'pg'
7
11
  gem 'mysql2'
8
12
 
data/app/models/spree/auth_configuration.rb CHANGED
@@ -3,5 +3,7 @@ module Spree
3
3
  preference :registration_step, :boolean, default: true
4
4
  preference :signout_after_password_change, :boolean, default: true
5
5
  preference :confirmable, :boolean, default: false
6
+ preference :draw_frontend_routes, :boolean, default: true
7
+ preference :draw_backend_routes, :boolean, default: true
6
8
  end
7
9
  end
data/app/overrides/auth_admin_login_navigation_bar.rb ADDED
@@ -0,0 +1,11 @@
1
+ override_required = !Spree.respond_to?(:solidus_version) || Spree.solidus_version < '1.2'
2
+ if override_required
3
+ Deface::Override.new(
4
+ virtual_path: "spree/admin/shared/_header",
5
+ name: "auth_admin_login_navigation_bar",
6
+ insert_before: "[data-hook='admin_login_navigation_bar'], #admin_login_navigation_bar[data-hook]",
7
+ partial: "spree/layouts/admin/login_nav",
8
+ disabled: false,
9
+ original: '841227d0aedf7909d62237d8778df99100087715'
10
+ )
11
+ end
data/config/routes.rb CHANGED
@@ -1,5 +1,9 @@
1
1
  Spree::Core::Engine.routes.draw do
2
- if Spree::Auth::Engine.frontend_available?
2
+ if (
3
+ Spree::Auth::Engine.frontend_available? &&
4
+ Spree::Auth::Config.draw_frontend_routes
5
+ )
6
+
3
7
  devise_for(:spree_user, {
4
8
  class_name: 'Spree::User',
5
9
  controllers: {
@@ -34,7 +38,11 @@ Spree::Core::Engine.routes.draw do
34
38
  resource :account, controller: 'users'
35
39
  end
36
40
 
37
- if Spree::Auth::Engine.backend_available?
41
+ if (
42
+ Spree::Auth::Engine.backend_available? &&
43
+ Spree::Auth::Config.draw_backend_routes
44
+ )
45
+
38
46
  namespace :admin do
39
47
  devise_for(:spree_user, {
40
48
  class_name: 'Spree::User',
data/lib/spree/auth/devise.rb CHANGED
@@ -3,18 +3,12 @@ require 'devise'
3
3
  require 'devise-encryptable'
4
4
  require 'cancan'
5
5
 
6
- Devise.secret_key = SecureRandom.hex(50)
7
-
8
6
  module Spree
9
7
  module Auth
10
- mattr_accessor :default_secret_key
11
-
12
8
  def self.config(&block)
13
9
  yield(Spree::Auth::Config)
14
10
  end
15
11
  end
16
12
  end
17
13
 
18
- Spree::Auth.default_secret_key = Devise.secret_key
19
-
20
14
  require 'spree/auth/engine'
data/lib/spree/auth/engine.rb CHANGED
@@ -15,15 +15,6 @@ module Spree
15
15
  Spree.user_class = "Spree::User"
16
16
  end
17
17
 
18
- initializer "solidus_auth_devise.check_secret_token" do
19
- if Spree::Auth.default_secret_key == Devise.secret_key
20
- puts "[WARNING] You are not setting Devise.secret_key within your application!"
21
- puts "You must set this in config/initializers/devise.rb. Here's an example:"
22
- puts " "
23
- puts %Q{Devise.secret_key = "#{SecureRandom.hex(50)}"}
24
- end
25
- end
26
-
27
18
  config.to_prepare do
28
19
  auth = Spree::Auth::Engine
29
20
 
data/solidus_auth_devise.gemspec CHANGED
@@ -3,7 +3,7 @@
3
3
  Gem::Specification.new do |s|
4
4
  s.platform = Gem::Platform::RUBY
5
5
  s.name = "solidus_auth_devise"
6
- s.version = "1.5.0"
6
+ s.version = "1.6.0"
7
7
  s.summary = "Provides authentication and authorization services for use with Solidus by using Devise and CanCan."
8
8
  s.description = s.summary
9
9
 
@@ -18,7 +18,7 @@ Gem::Specification.new do |s|
18
18
  s.require_path = "lib"
19
19
  s.requirements << "none"
20
20
 
21
- solidus_version = [">= 1.0.6", "< 2"]
21
+ solidus_version = [">= 1.0.6", "< 3"]
22
22
 
23
23
  s.add_dependency "solidus_core", solidus_version
24
24
  s.add_dependency "devise", '~> 4.1'
data/spec/controllers/spree/checkout_controller_spec.rb CHANGED
@@ -20,14 +20,14 @@ RSpec.describe Spree::CheckoutController, type: :controller do
20
20
  before { allow(controller).to receive(:spree_current_user) { user } }
21
21
 
22
22
  it 'proceeds to the first checkout step' do
23
- spree_get :edit, { state: 'address' }
23
+ get :edit, { state: 'address' }
24
24
  expect(response).to render_template :edit
25
25
  end
26
26
  end
27
27
 
28
28
  context 'when not authenticated as guest' do
29
29
  it 'redirects to registration step' do
30
- spree_get :edit, { state: 'address' }
30
+ get :edit, { state: 'address' }
31
31
  expect(response).to redirect_to spree.checkout_registration_path
32
32
  end
33
33
  end
@@ -36,7 +36,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
36
36
  before { order.email = 'guest@solidus.io' }
37
37
 
38
38
  it 'proceeds to the first checkout step' do
39
- spree_get :edit, { state: 'address' }
39
+ get :edit, { state: 'address' }
40
40
  expect(response).to render_template :edit
41
41
  end
42
42
 
@@ -50,7 +50,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
50
50
  end
51
51
 
52
52
  it 'redirects to registration step' do
53
- spree_get :edit, { state: 'address' }
53
+ get :edit, { state: 'address' }
54
54
  expect(response).to redirect_to spree.checkout_registration_path
55
55
  end
56
56
  end
@@ -67,14 +67,14 @@ RSpec.describe Spree::CheckoutController, type: :controller do
67
67
  before { allow(controller).to receive(:spree_current_user) { user } }
68
68
 
69
69
  it 'proceeds to the first checkout step' do
70
- spree_get :edit, { state: 'address' }
70
+ get :edit, { state: 'address' }
71
71
  expect(response).to render_template :edit
72
72
  end
73
73
  end
74
74
 
75
75
  context 'when authenticated as guest' do
76
76
  it 'proceeds to the first checkout step' do
77
- spree_get :edit, { state: 'address' }
77
+ get :edit, { state: 'address' }
78
78
  expect(response).to render_template :edit
79
79
  end
80
80
  end
@@ -96,7 +96,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
96
96
 
97
97
  it 'redirects to the tokenized order view' do
98
98
  request.cookie_jar.signed[:guest_token] = 'ABC'
99
- spree_post :update, { state: 'confirm' }
99
+ post :update, { state: 'confirm' }
100
100
  expect(response).to redirect_to spree.token_order_path(order, 'ABC')
101
101
  expect(flash.notice).to eq Spree.t(:order_processed_successfully)
102
102
  end
@@ -110,7 +110,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
110
110
  end
111
111
 
112
112
  it 'redirects to the standard order view' do
113
- spree_post :update, { state: 'confirm' }
113
+ post :update, { state: 'confirm' }
114
114
  expect(response).to redirect_to spree.order_path(order)
115
115
  end
116
116
  end
@@ -121,13 +121,13 @@ RSpec.describe Spree::CheckoutController, type: :controller do
121
121
  it 'does not check registration' do
122
122
  allow(controller).to receive(:check_authorization)
123
123
  expect(controller).not_to receive(:check_registration)
124
- spree_get :registration
124
+ get :registration
125
125
  end
126
126
 
127
127
  it 'checks if the user is authorized for :edit' do
128
128
  expect(controller).to receive(:authorize!).with(:edit, order, token)
129
129
  request.cookie_jar.signed[:guest_token] = token
130
- spree_get :registration, {}
130
+ get :registration, {}
131
131
  end
132
132
  end
133
133
 
@@ -138,12 +138,12 @@ RSpec.describe Spree::CheckoutController, type: :controller do
138
138
  controller.stub :check_authorization
139
139
  order.stub update_attributes: true
140
140
  controller.should_not_receive :check_registration
141
- spree_put :update_registration, { order: { } }
141
+ put :update_registration, { order: { email: 'foo@example.com' } }
142
142
  end
143
143
 
144
144
  it 'renders the registration view if unable to save' do
145
145
  allow(controller).to receive(:check_authorization)
146
- spree_put :update_registration, { order: { email: 'invalid' } }
146
+ put :update_registration, { order: { email: 'invalid' } }
147
147
  expect(flash[:registration_error]).to eq I18n.t(:email_is_invalid, scope: [:errors, :messages])
148
148
  expect(response).to render_template :registration
149
149
  end
@@ -151,7 +151,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
151
151
  it 'redirects to the checkout_path after saving' do
152
152
  allow(order).to receive(:update_attributes) { true }
153
153
  allow(controller).to receive(:check_authorization)
154
- spree_put :update_registration, { order: { email: 'jobs@spreecommerce.com' } }
154
+ put :update_registration, { order: { email: 'jobs@spreecommerce.com' } }
155
155
  expect(response).to redirect_to spree.checkout_path
156
156
  end
157
157
 
@@ -159,7 +159,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
159
159
  request.cookie_jar.signed[:guest_token] = token
160
160
  allow(order).to receive(:update_attributes) { true }
161
161
  expect(controller).to receive(:authorize!).with(:edit, order, token)
162
- spree_put :update_registration, { order: { email: 'jobs@spreecommerce.com' } }
162
+ put :update_registration, { order: { email: 'jobs@spreecommerce.com' } }
163
163
  end
164
164
  end
165
165
  end
data/spec/controllers/spree/products_controller_spec.rb CHANGED
@@ -7,7 +7,7 @@ RSpec.describe Spree::ProductsController, type: :controller do
7
7
  allow(controller).to receive(:before_save_new_order)
8
8
  allow(controller).to receive(:spree_current_user) { user }
9
9
  allow(user).to receive(:has_spree_role?) { true }
10
- spree_get :show, id: product.to_param
10
+ get :show, id: product.to_param
11
11
  expect(response.status).to eq(200)
12
12
  end
13
13
 
@@ -15,7 +15,7 @@ RSpec.describe Spree::ProductsController, type: :controller do
15
15
  allow(controller).to receive(:before_save_new_order)
16
16
  allow(controller).to receive(:spree_current_user) { user }
17
17
  allow(user).to receive(:has_spree_role?) { false }
18
- spree_get :show, id: product.to_param
18
+ get :show, id: product.to_param
19
19
  expect(response.status).to eq(404)
20
20
  end
21
21
  end
data/spec/controllers/spree/user_passwords_controller_spec.rb CHANGED
@@ -7,14 +7,14 @@ RSpec.describe Spree::UserPasswordsController, type: :controller do
7
7
  describe 'GET edit' do
8
8
  context 'when the user token has not been specified' do
9
9
  it 'redirects to the new session path' do
10
- spree_get :edit
10
+ get :edit
11
11
  expect(response).to redirect_to(
12
12
  'http://test.host/user/spree_user/sign_in'
13
13
  )
14
14
  end
15
15
 
16
16
  it 'flashes an error' do
17
- spree_get :edit
17
+ get :edit
18
18
  expect(flash[:alert]).to include(
19
19
  "You can't access this page without coming from a password reset " +
20
20
  'email'
@@ -24,7 +24,7 @@ RSpec.describe Spree::UserPasswordsController, type: :controller do
24
24
 
25
25
  context 'when the user token has been specified' do
26
26
  it 'does something' do
27
- spree_get :edit, reset_password_token: token
27
+ get :edit, reset_password_token: token
28
28
  expect(response.code).to eq('200')
29
29
  end
30
30
  end
@@ -33,7 +33,7 @@ RSpec.describe Spree::UserPasswordsController, type: :controller do
33
33
  context '#update' do
34
34
  context 'when updating password with blank password' do
35
35
  it 'shows error flash message, sets spree_user with token and re-displays password edit form' do
36
- spree_put :update, { spree_user: { password: '', password_confirmation: '', reset_password_token: token } }
36
+ put :update, { spree_user: { password: '', password_confirmation: '', reset_password_token: token } }
37
37
  expect(assigns(:spree_user).kind_of?(Spree::User)).to eq true
38
38
  expect(assigns(:spree_user).reset_password_token).to eq token
39
39
  expect(flash[:error]).to eq I18n.t(:cannot_be_blank, scope: [:devise, :user_passwords, :spree_user])
data/spec/controllers/spree/user_registrations_controller_spec.rb CHANGED
@@ -12,7 +12,7 @@ RSpec.describe Spree::UserRegistrationsController, type: :controller do
12
12
  let(:password_confirmation) { 'foobar123' }
13
13
 
14
14
  subject do
15
- spree_post(:create,
15
+ post(:create,
16
16
  spree_user: {
17
17
  email: 'foobar@example.com',
18
18
  password: 'foobar123',
data/spec/controllers/spree/user_sessions_controller_spec.rb CHANGED
@@ -8,7 +8,7 @@ RSpec.describe Spree::UserSessionsController, type: :controller do
8
8
  let(:password) { 'secret' }
9
9
 
10
10
  subject do
11
- spree_post(:create,
11
+ post(:create,
12
12
  spree_user: {
13
13
  email: user.email,
14
14
  password: password
data/spec/controllers/spree/users_controller_spec.rb CHANGED
@@ -9,14 +9,14 @@ RSpec.describe Spree::UsersController, type: :controller do
9
9
  context '#load_object' do
10
10
  it 'redirects to signup path if user is not found' do
11
11
  allow(controller).to receive(:spree_current_user) { nil }
12
- spree_put :update, { user: { email: 'foobar@example.com' } }
12
+ put :update, { user: { email: 'foobar@example.com' } }
13
13
  expect(response).to redirect_to spree.login_path
14
14
  end
15
15
  end
16
16
 
17
17
  context '#create' do
18
18
  it 'creates a new user' do
19
- spree_post :create, { user: { email: 'foobar@example.com', password: 'foobar123', password_confirmation: 'foobar123' } }
19
+ post :create, { user: { email: 'foobar@example.com', password: 'foobar123', password_confirmation: 'foobar123' } }
20
20
  expect(assigns[:user].new_record?).to be false
21
21
  end
22
22
  end
@@ -24,14 +24,14 @@ RSpec.describe Spree::UsersController, type: :controller do
24
24
  context '#update' do
25
25
  context 'when updating own account' do
26
26
  it 'performs update' do
27
- spree_put :update, { user: { email: 'mynew@email-address.com' } }
27
+ put :update, { user: { email: 'mynew@email-address.com' } }
28
28
  expect(assigns[:user].email).to eq 'mynew@email-address.com'
29
29
  expect(response).to redirect_to spree.account_url(only_path: true)
30
30
  end
31
31
  end
32
32
 
33
33
  it 'does not update roles' do
34
- spree_put :update, user: { spree_role_ids: [role.id] }
34
+ put :update, user: { spree_role_ids: [role.id] }
35
35
  expect(assigns[:user].spree_roles).to_not include role
36
36
  end
37
37
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: solidus_auth_devise
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.5.0
4
+ version: 1.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Solidus Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-18 00:00:00.000000000 Z
11
+ date: 2016-08-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: solidus_core
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: 1.0.6
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
- version: '2'
22
+ version: '3'
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: 1.0.6
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
- version: '2'
32
+ version: '3'
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: devise
35
35
  requirement: !ruby/object:Gem::Requirement
@@ -109,7 +109,7 @@ dependencies:
109
109
  version: 1.0.6
110
110
  - - "<"
111
111
  - !ruby/object:Gem::Version
112
- version: '2'
112
+ version: '3'
113
113
  type: :development
114
114
  prerelease: false
115
115
  version_requirements: !ruby/object:Gem::Requirement
@@ -119,7 +119,7 @@ dependencies:
119
119
  version: 1.0.6
120
120
  - - "<"
121
121
  - !ruby/object:Gem::Version
122
- version: '2'
122
+ version: '3'
123
123
  - !ruby/object:Gem::Dependency
124
124
  name: solidus_frontend
125
125
  requirement: !ruby/object:Gem::Requirement
@@ -129,7 +129,7 @@ dependencies:
129
129
  version: 1.0.6
130
130
  - - "<"
131
131
  - !ruby/object:Gem::Version
132
- version: '2'
132
+ version: '3'
133
133
  type: :development
134
134
  prerelease: false
135
135
  version_requirements: !ruby/object:Gem::Requirement
@@ -139,7 +139,7 @@ dependencies:
139
139
  version: 1.0.6
140
140
  - - "<"
141
141
  - !ruby/object:Gem::Version
142
- version: '2'
142
+ version: '3'
143
143
  - !ruby/object:Gem::Dependency
144
144
  name: rspec-rails
145
145
  requirement: !ruby/object:Gem::Requirement
@@ -312,8 +312,8 @@ files:
312
312
  - app/mailers/spree/user_mailer.rb
313
313
  - app/models/spree/auth_configuration.rb
314
314
  - app/models/spree/user.rb
315
+ - app/overrides/auth_admin_login_navigation_bar.rb
315
316
  - app/overrides/auth_shared_login_bar.rb
316
- - app/overrides/spree/admin/shared/_header/auth_admin_login_navigation_bar.html.erb.deface
317
317
  - bin/rails
318
318
  - circle.yml
319
319
  - config/initializers/devise.rb
data/app/overrides/spree/admin/shared/_header/auth_admin_login_navigation_bar.html.erb.deface DELETED
@@ -1,4 +0,0 @@
1
- <!-- insert_top "[data-hook='admin_login_navigation_bar'], #admin_login_navigation_bar[data-hook]"
2
- original '841227d0aedf7909d62237d8778df99100087715' -->
3
-
4
- <%= render partial: "spree/layouts/admin/login_nav" %>