solidus_auth_devise 2.1.0 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7899bdbd862830f2ef0fbf045cade336b63ab37177e0618d5ac920a079712968
-  data.tar.gz: 987e002a8da4de12ce47df047d1aca4abcd5654eeaa0eedc0f001b04bbf36b86
+  metadata.gz: 559c61d1fca6c80b947025f147de804bfe73a19ee9bd5f4066c2691f3db98dab
+  data.tar.gz: 7de599e4f661d0265a073f9c9abe2243ed443fb5b47aaa39c2e049461afaff48
 SHA512:
-  metadata.gz: 8aeebc8474bd07689d51cf681186326f47264b77584e127178e0da0df1a329741318f6a819c37319f4137023fbe7a4b35457dcd568335b2353ec58fee4926824
-  data.tar.gz: 9ee65f9f2486ee2d0a3bcfc827ce963b9e424366ad1ac768d96da8f30b81c57527b34fc7be554a3cd669af06f6205f0c2081d9220aeb462b1d4cad2605658158
+  metadata.gz: 13f6f1323ae7d1c5fbbf7f7c02b491640a82b2b0ebfff418e11738d5161764a190673cd702ed9fef907e8d3f6e30bde15cd1b621a9ea22ac1d2f513f707dbf86
+  data.tar.gz: 511c01da048f75ad730af1ef56ad65b64f26483b846ddad7b1976dc7d2e51bbe57d05d61776633be9704ceac8cbff4dbdff1d7401cc04708f1fa319d65d8f1b7

data/.circleci/config.yml

@@ -0,0 +1,35 @@
+version: 2.1
+
+orbs:
+  # Always take the latest version of the orb, this allows us to
+  # run specs against Solidus supported versions only without the need
+  # to change this configuration every time a Solidus version is released
+  # or goes EOL.
+  solidusio_extensions: solidusio/extensions@volatile
+
+jobs:
+  run-specs-with-postgres:
+    executor: solidusio_extensions/postgres
+    steps:
+      - solidusio_extensions/run-tests
+  run-specs-with-mysql:
+    executor: solidusio_extensions/mysql
+    steps:
+      - solidusio_extensions/run-tests
+
+workflows:
+  "Run specs on supported Solidus versions":
+    jobs:
+      - run-specs-with-postgres
+      - run-specs-with-mysql
+  "Weekly run specs against master":
+    triggers:
+      - schedule:
+          cron: "0 0 * * 4" # every Thursday
+          filters:
+            branches:
+              only:
+                - master
+    jobs:
+      - run-specs-with-postgres
+      - run-specs-with-mysql

data/.gem_release.yml

@@ -0,0 +1,10 @@
+bump:
+  file: 'lib/spree/auth/version.rb'
+  message: Bump Solidus Auth Devise to %{version}
+  remote: upstream
+  commit: true
+  push: true
+
+tag:
+  push: true
+  remote: upstream

data/.travis.yml

@@ -4,21 +4,15 @@ rvm:
   - 2.3.1
 env:
   matrix:
-    - SOLIDUS_BRANCH=v1.2 DB=postgres
-    - SOLIDUS_BRANCH=v1.3 DB=postgres
-    - SOLIDUS_BRANCH=v1.4 DB=postgres
-    - SOLIDUS_BRANCH=v2.0 DB=postgres
-    - SOLIDUS_BRANCH=v2.1 DB=postgres
-    - SOLIDUS_BRANCH=v2.2 DB=postgres
-    - SOLIDUS_BRANCH=v2.3 DB=postgres
     - SOLIDUS_BRANCH=v2.4 DB=postgres
+    - SOLIDUS_BRANCH=v2.5 DB=postgres
+    - SOLIDUS_BRANCH=v2.6 DB=postgres
+    - SOLIDUS_BRANCH=v2.7 DB=postgres
+    - SOLIDUS_BRANCH=v2.8 DB=postgres
     - SOLIDUS_BRANCH=master DB=postgres
-    - SOLIDUS_BRANCH=v1.2 DB=mysql
-    - SOLIDUS_BRANCH=v1.3 DB=mysql
-    - SOLIDUS_BRANCH=v1.4 DB=mysql
-    - SOLIDUS_BRANCH=v2.0 DB=mysql
-    - SOLIDUS_BRANCH=v2.1 DB=mysql
-    - SOLIDUS_BRANCH=v2.2 DB=mysql
-    - SOLIDUS_BRANCH=v2.3 DB=mysql
     - SOLIDUS_BRANCH=v2.4 DB=mysql
+    - SOLIDUS_BRANCH=v2.5 DB=mysql
+    - SOLIDUS_BRANCH=v2.6 DB=mysql
+    - SOLIDUS_BRANCH=v2.7 DB=mysql
+    - SOLIDUS_BRANCH=v2.8 DB=mysql
     - SOLIDUS_BRANCH=master DB=mysql

data/CHANGELOG.md

@@ -1,5 +1,21 @@
 ## Master (unreleased)
 
+## Solidus Auth Devise v2.2.0 (2019-06-13)
+
+* Add DB index to `reset_password_token` field
+* Add missing pessimistic versioning
+* Add missing translation to `spree.change_my_password`
+* Allow Spree::Admin::UserPasswordsController to be accessed from admin
+* Disable backend footer profile edit link if role cannot edit users
+* Fix issue with redirections using routes like `new_spree_user_session_url`
+* Fix migration `20101026184950` `down` method
+* Fix to not reuse spree_current_user as `@user`
+* Replace Spree.t with I18n.t
+* Lock mysql2 to 0.4.x
+* Lock SQLite3 to version 1.3
+* Remove FactoryBot warnings
+* Configure CI to ensure support on ruby 2.3 + Solidus 2.4 - 2.8
+
 ## Solidus Auth Devise v2.1.0 (2018-01-22)
 
 * Avoid requiring deface on Solidus 2.5+.

data/Gemfile

@@ -5,19 +5,27 @@ gem "solidus", github: "solidusio/solidus", branch: branch
 
 group :test do
   if branch == 'master' || branch >= "v2.0"
-    gem "rails-controller-testing"
+    gem 'rails-controller-testing', '~> 1.0'
   else
     gem "rails_test_params_backport"
   end
+  if branch < "v2.5"
+    gem 'factory_bot', '4.10.0'
+  else
+    gem 'factory_bot', '> 4.10.0'
+  end
 end
 
-gem 'pg', '~> 0.21'
-gem 'mysql2'
+if ENV['DB'] == 'mysql'
+  gem 'mysql2', '~> 0.4.10'
+else
+  gem 'pg', '~> 0.21'
+end
 
 group :development, :test do
-  gem "pry-rails"
+  gem 'pry-rails', '~> 0.3.9'
 end
 
-gem 'deface', require: false
+gem 'deface', '~> 1.3', require: false
 
 gemspec

data/README.md

@@ -46,9 +46,6 @@ Devise.setup do |config|
   # Required so users don't lose their carts when they need to confirm.
   config.allow_unconfirmed_access_for = 1.days
 
-  # Fixes the bug where Confirmation errors result in a broken page.
-  config.router_name = :spree
-
   # Add any other devise configurations here, as they will override the defaults provided by solidus_auth_devise.
 end
 ```
@@ -96,3 +93,33 @@ Run the following to automatically build a dummy app if necessary and run the te
 ```shell
 bundle exec rake
 ```
+
+Releasing
+---------
+
+We use [gem-release](https://github.com/svenfuchs/gem-release) to release this
+extension with ease.
+
+Supposing you are on the master branch and you are working on a fork of this
+extension, `upstream` is the main remote and you have write access to it, you
+can simply run:
+
+```
+gem bump --version minor --tag --release
+```
+
+This command will:
+
+- bump the gem version to the next minor (changing the `version.rb` file)
+- commit the change and push it to upstream master
+- create a git tag
+- push the tag to the upstream remote
+- release the new version on RubyGems
+
+Or you can run these commands individually:
+
+```
+gem bump --version minor 
+gem tag
+gem release
+```

data/app/models/spree/user.rb

@@ -29,6 +29,10 @@ module Spree
       has_spree_role?('admin')
     end
 
+    def confirmed?
+      !!confirmed_at
+    end
+
     protected
       def password_required?
         !persisted? || password.present? || password_confirmation.present?

data/config/initializers/devise.rb

@@ -135,7 +135,4 @@ Devise.setup do |config|
   config.sign_out_via = :get
 
   config.case_insensitive_keys = [:email]
-
-  # Direct Devise to use the Spree router when attempting to find resource routes.
-  config.router_name = :spree
 end

data/config/locales/en.yml

@@ -2,6 +2,7 @@
 en:
   spree:
     admin_login: Admin Login
+    change_my_password: Change my password
   devise:
     confirmations:
       confirmed: Your account was successfully confirmed. You are now signed in.

data/config/locales/fr.yml

@@ -46,5 +46,5 @@ fr:
       not_found: "n'a pas été trouvé"
       not_locked: "n'a pas été bloqué"
       not_saved:
-        one: "1 erreur interdit cette %{ressource} d'être enregistrée :"
+        one: "1 erreur interdit cette %{resource} d'être enregistrée :"
         other: "%{count} erreurs interdisent cette %{resource} d'être enregistrée :"

data/config/routes.rb

@@ -14,7 +14,8 @@ Spree::Core::Engine.routes.draw do
       },
       skip: [:unlocks, :omniauth_callbacks],
       path_names: { sign_out: 'logout' },
-      path_prefix: :user
+      path_prefix: :user,
+      router_name: :spree
     })
 
     resources :users, only: [:edit, :update]
@@ -53,6 +54,7 @@ Spree::Core::Engine.routes.draw do
           sessions: 'spree/admin/user_sessions',
           passwords: 'spree/admin/user_passwords'
         },
+        router_name: :spree
       })
 
       devise_scope :spree_user do

data/db/migrate/20101026184950_rename_columns_for_devise.rb

@@ -31,7 +31,6 @@ class RenameColumnsForDevise < SolidusSupport::Migration[4.2]
     rename_column :spree_users, :remember_created_at, :remember_token_expires_at
     rename_column :spree_users, :password_salt, :salt
     rename_column :spree_users, :encrypted_password, :crypted_password
-    add_column :spree_users, :unlock_token, :string
     add_column :spree_users, :openid_identifier, :string
   end
 end

data/db/migrate/20190125170630_add_reset_password_token_index_to_spree_users.rb

@@ -0,0 +1,32 @@
+class AddResetPasswordTokenIndexToSpreeUsers < SolidusSupport::Migration[4.2]
+  # We're not using the standard Rails index name because somebody could have
+  # already added that index to the table. By using a custom name we ensure
+  # that the index can effectively be added and removed via migrations/rollbacks
+  # without having any impact on such installations. The index name is Rails
+  # standard name + "_solidus_auth_devise"; the length is 61 chars which is
+  # still OK for Sqlite, mySQL and Postgres.
+  def custom_index_name
+    'index_spree_users_on_reset_password_token_solidus_auth_devise'
+  end
+
+  def default_index_exists?
+    index_exists?(:spree_users, :reset_password_token)
+  end
+
+  def custom_index_exists?
+    index_exists?(:spree_users, :reset_password_token, name: custom_index_name)
+  end
+
+  def up
+    Spree::User.reset_column_information
+    if Spree::User.column_names.include?('reset_password_token') && !default_index_exists? && !custom_index_exists?
+      add_index :spree_users, :reset_password_token, unique: true, name: custom_index_name
+    end
+  end
+
+  def down
+    if custom_index_exists?
+      remove_index :spree_users, name: custom_index_name
+    end
+  end
+end

data/lib/controllers/backend/spree/admin/user_passwords_controller.rb

@@ -8,6 +8,8 @@ class Spree::Admin::UserPasswordsController < Devise::PasswordsController
   helper 'spree/admin/navigation'
   layout 'spree/layouts/admin'
 
+  skip_before_action :require_no_authentication, only: [:create]
+
   # Overridden due to bug in Devise.
   #   respond_with resource, location: new_session_path(resource_name)
   # is generating bad url /session/new.user

data/lib/controllers/backend/spree/admin/user_sessions_controller.rb

@@ -14,7 +14,7 @@ class Spree::Admin::UserSessionsController < Devise::SessionsController
     if spree_user_signed_in?
       respond_to do |format|
         format.html {
-          flash[:success] = Spree.t(:logged_in_succesfully)
+          flash[:success] = I18n.t('spree.logged_in_succesfully')
           redirect_back_or_default(after_sign_in_path_for(spree_current_user))
         }
         format.js {
@@ -33,7 +33,7 @@ class Spree::Admin::UserSessionsController < Devise::SessionsController
 
   private
     def accurate_title
-      Spree.t(:login)
+      I18n.t('spree.login')
     end
 
     def redirect_back_or_default(default)

data/lib/controllers/frontend/spree/user_sessions_controller.rb

@@ -16,7 +16,7 @@ class Spree::UserSessionsController < Devise::SessionsController
     if spree_user_signed_in?
       respond_to do |format|
         format.html do
-          flash[:success] = Spree.t(:logged_in_succesfully)
+          flash[:success] = I18n.t('spree.logged_in_succesfully')
           redirect_back_or_default(after_sign_in_path_for(spree_current_user))
         end
         format.js { render success_json }
@@ -44,7 +44,7 @@ class Spree::UserSessionsController < Devise::SessionsController
   private
 
   def accurate_title
-    Spree.t(:login)
+    I18n.t('spree.login')
   end
 
   def redirect_back_or_default(default)

data/lib/controllers/frontend/spree/users_controller.rb

@@ -25,13 +25,15 @@ class Spree::UsersController < Spree::StoreController
 
   def update
     if @user.update_attributes(user_params)
+      spree_current_user.reload
+
       if params[:user][:password].present?
         # this logic needed b/c devise wants to log us out after password changes
         unless Spree::Auth::Config[:signout_after_password_change]
           bypass_sign_in(@user)
         end
       end
-      redirect_to spree.account_url, notice: Spree.t(:account_updated)
+      redirect_to spree.account_url, notice: I18n.t('spree.account_updated')
     else
       render :edit
     end
@@ -43,7 +45,7 @@ class Spree::UsersController < Spree::StoreController
     end
 
     def load_object
-      @user ||= spree_current_user
+      @user ||= Spree::User.find_by(id: spree_current_user&.id)
       authorize! params[:action].to_sym, @user
     end
 
@@ -52,6 +54,6 @@ class Spree::UsersController < Spree::StoreController
     end
 
     def accurate_title
-      Spree.t(:my_account)
+      I18n.t('spree.my_account')
     end
 end

data/lib/generators/solidus/auth/install/templates/config/initializers/devise.rb

@@ -1 +1 @@
-Devise.secret_key = <%= SecureRandom.hex(50).inspect %>
+Devise.secret_key = SecureRandom.hex(50).inspect

data/lib/spree/auth/engine.rb

@@ -36,7 +36,7 @@ module Spree
 
         Spree::Admin::BaseController.unauthorized_redirect = -> do
           if try_spree_current_user
-            flash[:error] = Spree.t(:authorization_failure)
+            flash[:error] = I18n.t('spree.authorization_failure')
             redirect_to spree.admin_unauthorized_path
           else
             store_location
@@ -57,7 +57,7 @@ module Spree
 
         Spree::BaseController.unauthorized_redirect = -> do
           if try_spree_current_user
-            flash[:error] = Spree.t(:authorization_failure)
+            flash[:error] = I18n.t('spree.authorization_failure')
             redirect_to spree.unauthorized_path
           else
             store_location

data/lib/spree/auth/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Spree
+  module Auth
+    VERSION = '2.2.0'
+  end
+end

data/lib/views/backend/spree/admin/shared/_navigation_footer.html.erb

@@ -1,15 +1,22 @@
 <% if spree_current_user %>
   <ul id="login-nav" class="admin-login-nav">
     <li data-hook="user-account-link">
-      <%= link_to spree.edit_admin_user_path(spree_current_user) do %>
-        <i class='fa fa-user'></i>
-        <%= spree_current_user.email %>
+      <% if can?(:admin, try_spree_current_user) %>
+        <%= link_to spree.edit_admin_user_path(try_spree_current_user) do %>
+          <i class='fa fa-user'></i>
+          <%= try_spree_current_user.email %>
+        <% end %>
+      <% else %>
+        <a>
+          <i class='fa fa-user'></i>
+          <%= try_spree_current_user.email %>
+        </a>
       <% end %>
     </li>
     <li data-hook="user-logout-link">
       <%= link_to spree.admin_logout_path do %>
         <i class='fa fa-sign-out'></i>
-        <%= Spree.t(:logout) %>
+        <%= I18n.t('spree.logout') %>
       <% end %>
     </li>
 
@@ -17,7 +24,7 @@
       <li data-hook="store-frontend-link">
         <%= link_to spree.root_path, target: '_blank' do %>
           <i class='fa fa-external-link'></i>
-          <%= Spree.t(:back_to_store) %>
+          <%= I18n.t('spree.back_to_store') %>
         <% end %>
       </li>
     <% end %>

data/lib/views/backend/spree/admin/user_passwords/edit.html.erb

@@ -1,15 +1,15 @@
 <%= render partial: 'spree/shared/error_messages', locals: { target: @spree_user } %>
-<h2><%= Spree.t(:change_my_password) %></h2>
+<h2><%= I18n.t('spree.change_my_password') %></h2>
 
 <%= form_for @spree_user, as: :spree_user, url: spree.update_password_path, method: :put do |f| %>
   <p>
-    <%= f.label :password, Spree.t(:password) %><br />
+    <%= f.label :password, I18n.t('spree.password') %><br />
     <%= f.password_field :password %><br />
   </p>
   <p>
-    <%= f.label :password_confirmation, Spree.t(:confirm_password) %><br />
+    <%= f.label :password_confirmation, I18n.t('spree.confirm_password') %><br />
     <%= f.password_field :password_confirmation %><br />
   </p>
   <%= f.hidden_field :reset_password_token %>
-  <%= f.submit Spree.t(:update), class: 'button primary' %>
+  <%= f.submit I18n.t('spree.update'), class: 'button primary' %>
 <% end %>

data/lib/views/backend/spree/admin/user_passwords/new.html.erb

@@ -1,17 +1,17 @@
 <%= render partial: 'spree/shared/error_messages', locals: { target: @spree_user } %>
 
 <div id="forgot-password">
-  <h6><%= Spree.t(:forgot_password) %></h6>
+  <h6><%= I18n.t('spree.forgot_password') %></h6>
 
-  <p><%= Spree.t(:instructions_to_reset_password) %></p>
+  <p><%= I18n.t('spree.instructions_to_reset_password') %></p>
 
   <%= form_for Spree::User.new, as: :spree_user, url: spree.admin_reset_password_path do |f| %>
     <p>
-      <%= f.label :email, Spree.t(:email) %><br />
+      <%= f.label :email, I18n.t('spree.email') %><br />
       <%= f.email_field :email %>
     </p>
     <p>
-      <%= f.submit Spree.t(:reset_password), class: 'button primary' %>
+      <%= f.submit I18n.t('spree.reset_password'), class: 'button primary' %>
     </p>
   <% end %>
 </div>

data/lib/views/backend/spree/admin/user_sessions/authorization_failure.html.erb

@@ -1,4 +1,4 @@
 <div style="height:50px; padding-top:20px;">
-  <strong><%= Spree.t(:authorization_failure) %></strong>
+  <strong><%= I18n.t('spree.authorization_failure') %></strong>
 </div>
 <!-- Add your own custom access denied message here if you like -->

data/lib/views/backend/spree/admin/user_sessions/new.html.erb

@@ -4,28 +4,28 @@
 
 <% @body_id = 'login' %>
 <div id="existing-customer">
-  <h6><%= Spree.t(:admin_login) %></h6>
+  <h6><%= I18n.t('spree.admin_login') %></h6>
   <div data-hook="login">
     <%= form_for Spree::User.new, as: :spree_user, url: spree.admin_create_new_session_path do |f| %>
       <div id="password-credentials">
         <p>
-          <%= f.label :email, Spree.t(:email) %><br />
+          <%= f.label :email, I18n.t('spree.email') %><br />
           <%= f.email_field :email, class: 'title', tabindex: 1 %>
         </p>
         <p>
-          <%= f.label :password, Spree.t(:password) %><br />
+          <%= f.label :password, I18n.t('spree.password') %><br />
           <%= f.password_field :password, class: 'title', tabindex: 2 %>
         </p>
       </div>
       <p>
         <%= f.check_box :remember_me, tabindex: 3 %>
-        <%= f.label :remember_me, Spree.t(:remember_me) %>
+        <%= f.label :remember_me, I18n.t('spree.remember_me') %>
       </p>
 
-      <p><%= f.submit Spree.t(:login), class: 'button primary', tabindex: 4 %></p>
+      <p><%= f.submit I18n.t('spree.login'), class: 'button primary', tabindex: 4 %></p>
     <% end %>
-    <%= Spree.t(:or) %>
-    <%= link_to Spree.t(:forgot_password), spree.admin_recover_password_path %>
+    <%= I18n.t('spree.or') %>
+    <%= link_to I18n.t('spree.forgot_password'), spree.admin_recover_password_path %>
   </div>
 </div>
 <div data-hook="login_extras"></div>

data/lib/views/backend/spree/layouts/admin/_login_nav.html.erb

@@ -1,12 +1,12 @@
 <% if spree_current_user %>
   <ul id="login-nav" class="inline-menu">
-    <li data-hook="user-logged-in-as"><%= Spree.t(:logged_in_as) %>: <%= spree_current_user.email %></li>
-    <li data-hook="user-account-link" class='fa fa-user'><%= link_to Spree.t(:account), spree.edit_admin_user_path(spree_current_user) %></li>
-    <li data-hook="user-logout-link" class='fa fa-sign-out'><%= link_to Spree.t(:logout), spree.admin_logout_path %></li>
+    <li data-hook="user-logged-in-as"><%= I18n.t('spree.logged_in_as') %>: <%= spree_current_user.email %></li>
+    <li data-hook="user-account-link" class='fa fa-user'><%= link_to I18n.t('spree.account'), spree.edit_admin_user_path(spree_current_user) %></li>
+    <li data-hook="user-logout-link" class='fa fa-sign-out'><%= link_to I18n.t('spree.logout'), spree.admin_logout_path %></li>
 
     <% if spree.respond_to? :root_path %>
       <li data-hook="store-frontend-link" class='fa fa-external-link'>
-         <%= link_to Spree.t(:back_to_store), spree.root_path, target: '_blank' %>
+         <%= link_to I18n.t('spree.back_to_store'), spree.root_path, target: '_blank' %>
       </li>
     <% end %>
   </ul>

data/lib/views/frontend/spree/checkout/registration.html.erb

@@ -1,21 +1,21 @@
 <%= render partial: 'spree/shared/error_messages', locals: { target: @user } %>
-<h1><%= Spree.t(:registration) %></h1>
+<h1><%= I18n.t('spree.registration') %></h1>
 <div id="registration" data-hook>
   <div id="account" class="columns alpha eight">
     <%= render template: 'spree/user_sessions/new' %>
   </div>
   <% if Spree::Config[:allow_guest_checkout] %>
     <div id="guest_checkout" data-hook class="columns omega eight">
-      <h6><%= Spree.t(:guest_user_account) %></h6>
+      <h6><%= I18n.t('spree.guest_user_account') %></h6>
       <% if flash[:registration_error] %>
         <div class='flash error'><%= flash[:registration_error] %></div>
       <% end %>
       <%= form_for @order, url: update_checkout_registration_path, method: :put, html: { id: 'checkout_form_registration' } do |f| %>
         <p>
-          <%= f.label :email, Spree.t(:email) %><br />
+          <%= f.label :email, I18n.t('spree.email') %><br />
           <%= f.email_field :email, class: 'title' %>
         </p>
-        <p><%= f.submit Spree.t(:continue), class: 'button primary' %></p>
+        <p><%= f.submit I18n.t('spree.continue'), class: 'button primary' %></p>
       <% end %>
     </div>
   <% end %>

data/lib/views/frontend/spree/shared/_login.html.erb

@@ -1,18 +1,18 @@
 <%= form_for Spree::User.new, as: :spree_user, url: spree.create_new_session_path do |f| %>
   <div id="password-credentials">
     <p>
-      <%= f.label :email, Spree.t(:email) %><br />
+      <%= f.label :email, I18n.t('spree.email') %><br />
       <%= f.email_field :email, class: 'title', tabindex: 1, autofocus: true %>
     </p>
     <p>
-      <%= f.label :password, Spree.t(:password) %><br />
+      <%= f.label :password, I18n.t('spree.password') %><br />
       <%= f.password_field :password, class: 'title', tabindex: 2 %>
     </p>
   </div>
   <p>
     <%= f.check_box :remember_me, tabindex: 3 %>
-    <%= f.label :remember_me, Spree.t(:remember_me) %>
+    <%= f.label :remember_me, I18n.t('spree.remember_me') %>
   </p>
 
-  <p><%= f.submit Spree.t(:login), class: 'button primary', tabindex: 4 %></p>
+  <p><%= f.submit I18n.t('spree.login'), class: 'button primary', tabindex: 4 %></p>
 <% end %>

data/lib/views/frontend/spree/shared/_login_bar_items.html.erb

@@ -1,6 +1,6 @@
 <% if spree_current_user %>
-  <li><%= link_to Spree.t(:my_account), spree.account_path %></li>
-  <li><%= link_to Spree.t(:logout), spree.logout_path %></li>
+  <li><%= link_to I18n.t('spree.my_account'), spree.account_path %></li>
+  <li><%= link_to I18n.t('spree.logout'), spree.logout_path %></li>
 <% else %>
-  <li id="link-to-login"><%= link_to Spree.t(:login), spree.login_path %></li>
+  <li id="link-to-login"><%= link_to I18n.t('spree.login'), spree.login_path %></li>
 <% end %>

data/lib/views/frontend/spree/shared/_user_form.html.erb

@@ -1,15 +1,15 @@
 <p>
-  <%= f.label :email, Spree.t(:email) %><br />
+  <%= f.label :email, I18n.t('spree.email') %><br />
   <%= f.email_field :email, class: 'title' %>
 </p>
 <div id="password-credentials">
   <p>
-    <%= f.label :password, Spree.t(:password) %><br />
+    <%= f.label :password, I18n.t('spree.password') %><br />
     <%= f.password_field :password, class: 'title' %>
   </p>
 
   <p>
-    <%= f.label :password_confirmation, Spree.t(:confirm_password) %><br />
+    <%= f.label :password_confirmation, I18n.t('spree.confirm_password') %><br />
     <%= f.password_field :password_confirmation, class: 'title' %>
   </p>
 </div>

data/lib/views/frontend/spree/user_passwords/edit.html.erb

@@ -1,17 +1,17 @@
 <%= render partial: 'spree/shared/error_messages', locals: { target: @spree_user } %>
 <div id="change-password">
-  <h6><%= Spree.t(:change_my_password) %></h6>
+  <h6><%= I18n.t('spree.change_my_password') %></h6>
 
   <%= form_for @spree_user, as: :spree_user, url: spree.update_password_path, method: :put do |f| %>
     <p>
-      <%= f.label :password, Spree.t(:password) %><br />
+      <%= f.label :password, I18n.t('spree.password') %><br />
       <%= f.password_field :password %><br />
     </p>
     <p>
-      <%= f.label :password_confirmation, Spree.t(:confirm_password) %><br />
+      <%= f.label :password_confirmation, I18n.t('spree.confirm_password') %><br />
       <%= f.password_field :password_confirmation %><br />
     </p>
     <%= f.hidden_field :reset_password_token %>
-    <%= f.submit Spree.t(:update), class: 'button primary' %>
+    <%= f.submit I18n.t('spree.update'), class: 'button primary' %>
   <% end %>
 </div>

data/lib/views/frontend/spree/user_passwords/new.html.erb

@@ -1,17 +1,17 @@
 <%= render partial: 'spree/shared/error_messages', locals: { target: @spree_user } %>
 
 <div id="forgot-password">
-  <h6><%= Spree.t(:forgot_password) %></h6>
+  <h6><%= I18n.t('spree.forgot_password') %></h6>
 
-  <p><%= Spree.t(:instructions_to_reset_password) %></p>
+  <p><%= I18n.t('spree.instructions_to_reset_password') %></p>
 
   <%= form_for Spree::User.new, as: :spree_user, url: spree.reset_password_path do |f| %>
     <p>
-      <%= f.label :email, Spree.t(:email) %><br />
+      <%= f.label :email, I18n.t('spree.email') %><br />
       <%= f.email_field :email %>
     </p>
     <p>
-      <%= f.submit Spree.t(:reset_password), class: 'button primary' %>
+      <%= f.submit I18n.t('spree.reset_password'), class: 'button primary' %>
     </p>
   <% end %>
 </div>

data/lib/views/frontend/spree/user_registrations/new.html.erb

@@ -3,16 +3,16 @@
 <%= render 'spree/shared/error_messages', target: resource %>
 
 <div id="new-customer">
-  <h6><%= Spree.t(:new_customer) %></h6>
+  <h6><%= I18n.t('spree.new_customer') %></h6>
 
   <div data-hook="signup">
     <%= form_for resource, as: :spree_user, url: spree.registration_path(resource) do |f| %>
       <div data-hook="signup_inside_form">
         <%= render partial: 'spree/shared/user_form', locals: { f: f } %>
-        <p><%= f.submit Spree.t(:create), class: 'button primary' %></p>
+        <p><%= f.submit I18n.t('spree.create'), class: 'button primary' %></p>
       </div>
     <% end %>
-    <%= Spree.t(:or) %>&nbsp;<%= link_to Spree.t(:login_as_existing), spree.login_path %>
+    <%= I18n.t('spree.or') %>&nbsp;<%= link_to I18n.t('spree.login_as_existing'), spree.login_path %>
 
   </div>
 

data/lib/views/frontend/spree/user_sessions/authorization_failure.html.erb

@@ -1,4 +1,4 @@
 <div style="height:50px; padding-top:20px;">
-  <strong><%= Spree.t(:authorization_failure) %></strong>
+  <strong><%= I18n.t('spree.authorization_failure') %></strong>
 </div>
 <!-- Add your own custom access denied message here if you like -->

data/lib/views/frontend/spree/user_sessions/new.html.erb

@@ -4,10 +4,10 @@
 
 <% @body_id = 'login' %>
 <div id="existing-customer">
-  <h6><%= Spree.t(:login_as_existing) %></h6>
+  <h6><%= I18n.t('spree.login_as_existing') %></h6>
   <div data-hook="login">
     <%= render partial: 'spree/shared/login' %>
-    <%= Spree.t(:or) %>&nbsp;<%= link_to Spree.t(:create_a_new_account), spree.signup_path %> | <%= link_to Spree.t(:forgot_password), spree.recover_password_path %>
+    <%= I18n.t('spree.or') %>&nbsp;<%= link_to I18n.t('spree.create_a_new_account'), spree.signup_path %> | <%= link_to I18n.t('spree.forgot_password'), spree.recover_password_path %>
   </div>
 </div>
 <div data-hook="login_extras"></div>

data/lib/views/frontend/spree/users/edit.html.erb

@@ -1,13 +1,13 @@
 <%= render partial: 'spree/shared/error_messages', locals: { target: @user } %>
 
 <div id="edit-account">
-  <h1><%= Spree.t(:editing_user) %></h1>
+  <h1><%= I18n.t('spree.editing_user') %></h1>
 
   <div data-hook="account_edit">
     <%= form_for Spree::User.new, as: @user, url: spree.user_path(@user), method: :put do |f| %>
       <%= render partial: 'spree/shared/user_form', locals: { f: f } %>
       <p>
-        <%= f.submit Spree.t(:update), class: 'button primary' %>
+        <%= f.submit I18n.t('spree.update'), class: 'button primary' %>
       </p>
     <% end %>
   </div>

data/lib/views/frontend/spree/users/show.html.erb

@@ -2,24 +2,24 @@
 
 <div data-hook="account_summary" class="account-summary">
   <dl id="user-info">
-    <dt><%= Spree.t(:email) %></dt>
-    <dd><%= @user.email %> (<%= link_to Spree.t(:edit), spree.edit_account_path %>)</dd>
+    <dt><%= I18n.t('spree.email') %></dt>
+    <dd><%= @user.email %> (<%= link_to I18n.t('spree.edit'), spree.edit_account_path %>)</dd>
   </dl>
 </div>
 
 <div data-hook="account_my_orders" class="account-my-orders">
 
-  <h3><%= Spree.t(:my_orders) %></h3>
+  <h3><%= I18n.t('spree.my_orders') %></h3>
   <% if @orders.present? %>
     <table class="order-summary">
       <thead>
       <tr>
         <th class="order-number"><%= I18n.t(:number, scope: 'activerecord.attributes.spree/order') %></th>
-        <th class="order-date"><%= Spree.t(:date) %></th>
-        <th class="order-status"><%= Spree.t(:status) %></th>
-        <th class="order-payment-state"><%= Spree.t(:payment_state) %></th>
-        <th class="order-shipment-state"><%= Spree.t(:shipment_state) %></th>
-        <th class="order-total"><%= Spree.t(:total) %></th>
+        <th class="order-date"><%= I18n.t('spree.date') %></th>
+        <th class="order-status"><%= I18n.t('spree.status') %></th>
+        <th class="order-payment-state"><%= I18n.t('spree.payment_state') %></th>
+        <th class="order-shipment-state"><%= I18n.t('spree.shipment_state') %></th>
+        <th class="order-total"><%= I18n.t('spree.total') %></th>
       </tr>
       </thead>
       <tbody>
@@ -27,16 +27,16 @@
         <tr class="<%= cycle('even', 'odd') %>">
           <td class="order-number"><%= link_to order.number, order_url(order) %></td>
           <td class="order-date"><%= l order.completed_at.to_date %></td>
-          <td class="order-status"><%= Spree.t("order_state.#{order.state}").titleize %></td>
-          <td class="order-payment-state"><%= Spree.t("payment_states.#{order.payment_state}").titleize if order.payment_state %></td>
-          <td class="order-shipment-state"><%= Spree.t("shipment_states.#{order.shipment_state}").titleize if order.shipment_state %></td>
+          <td class="order-status"><%= I18n.t("spree.order_state.#{order.state}").titleize %></td>
+          <td class="order-payment-state"><%= I18n.t("spree.payment_states.#{order.payment_state}").titleize if order.payment_state %></td>
+          <td class="order-shipment-state"><%= I18n.t("spree.shipment_states.#{order.shipment_state}").titleize if order.shipment_state %></td>
           <td class="order-total"><%= order.display_total %></td>
         </tr>
       <% end %>
       </tbody>
     </table>
   <% else %>
-    <p><%= Spree.t(:you_have_no_orders_yet) %></p>
+    <p><%= I18n.t('spree.you_have_no_orders_yet') %></p>
   <% end %>
   <br />
 

data/solidus_auth_devise.gemspec

@@ -1,9 +1,12 @@
 # encoding: UTF-8
 
+$:.unshift File.expand_path('lib', __dir__)
+require 'spree/auth/version'
+
 Gem::Specification.new do |s|
   s.platform    = Gem::Platform::RUBY
   s.name        = "solidus_auth_devise"
-  s.version     = "2.1.0"
+  s.version     = Spree::Auth::VERSION
   s.summary     = "Provides authentication and authorization services for use with Solidus by using Devise and CanCan."
   s.description = s.summary
 
@@ -29,8 +32,8 @@ Gem::Specification.new do |s|
   s.add_development_dependency "capybara-screenshot"
   s.add_development_dependency "coffee-rails"
   s.add_development_dependency "database_cleaner", "~> 1.6"
-  s.add_development_dependency "factory_bot", "~> 4.4"
   s.add_development_dependency "ffaker"
+  s.add_development_dependency "gem-release", "~> 2.0"
   s.add_development_dependency "poltergeist", "~> 1.5"
   s.add_development_dependency "rspec-rails", "~> 3.3"
   s.add_development_dependency "sass-rails"
@@ -38,5 +41,5 @@ Gem::Specification.new do |s|
   s.add_development_dependency "simplecov", "~> 0.14"
   s.add_development_dependency "solidus_backend", solidus_version
   s.add_development_dependency "solidus_frontend", solidus_version
-  s.add_development_dependency "sqlite3"
+  s.add_development_dependency "sqlite3", "~> 1.3.6"
 end

data/spec/controllers/spree/admin/user_passwords_controller_spec.rb

@@ -0,0 +1,12 @@
+RSpec.describe Spree::Admin::UserPasswordsController, type: :controller do
+  before { @request.env['devise.mapping'] = Devise.mappings[:spree_user] }
+
+  describe '#create' do
+    it 'responds with success' do
+      post :create, params: { spree_user: { email: 'admin@example.com' } }
+
+      expect(assigns[:spree_user].email).to eq('admin@example.com')
+      expect(response.code).to eq('200')
+    end
+  end
+end

data/spec/controllers/spree/checkout_controller_spec.rb

@@ -94,7 +94,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
           request.cookie_jar.signed[:guest_token] = 'ABC'
           post :update, params: { state: 'confirm' }
           expect(response).to redirect_to spree.token_order_path(order, 'ABC')
-          expect(flash.notice).to eq Spree.t(:order_processed_successfully)
+          expect(flash.notice).to eq I18n.t('spree.order_processed_successfully')
         end
       end
 

data/spec/controllers/spree/users_controller_spec.rb

@@ -4,11 +4,8 @@ RSpec.describe Spree::UsersController, type: :controller do
   let(:user) { create(:user) }
   let(:role) { create(:role) }
 
-  before { allow(controller).to receive(:spree_current_user) { user } }
-
   context '#load_object' do
     it 'redirects to signup path if user is not found' do
-      allow(controller).to receive(:spree_current_user) { nil }
       put :update, params: { user: { email: 'foobar@example.com' } }
       expect(response).to redirect_to spree.login_path
     end
@@ -22,11 +19,32 @@ RSpec.describe Spree::UsersController, type: :controller do
   end
 
   context '#update' do
+    before { sign_in(user) }
+
     context 'when updating own account' do
-      it 'performs update' do
-        put :update, params: { user: { email: 'mynew@email-address.com' } }
-        expect(assigns[:user].email).to eq 'mynew@email-address.com'
-        expect(response).to redirect_to spree.account_url(only_path: true)
+
+      context 'when user updated successfuly' do
+        before { put :update, params: { user: { email: 'mynew@email-address.com' } } }
+
+        it 'saves user' do
+          expect(assigns[:user].email).to eq 'mynew@email-address.com'
+        end
+
+        it 'updates spree_current_user' do
+          expect(subject.spree_current_user.email).to eq 'mynew@email-address.com'
+        end
+
+        it 'redirects to account url' do
+          expect(response).to redirect_to spree.account_url(only_path: true)
+        end
+      end
+
+      context 'when user not valid' do
+        before { put :update, params: { user: { email: '' } } }
+
+        it 'does not affect spree_current_user' do
+          expect(subject.spree_current_user.email).to eq user.email
+        end
       end
     end
 

data/spec/factories/confirmed_user.rb

@@ -2,6 +2,6 @@ FactoryBot.define do
   factory :confirmed_user, parent: :user do
     confirmed_at { Time.now }
     confirmation_sent_at { Time.now }
-    confirmation_token "12345"
+    confirmation_token { "12345" }
   end
 end

data/spec/features/confirmation_spec.rb

@@ -2,23 +2,18 @@ require 'spec_helper'
 
 feature 'Confirmation' do
   before do
-   skip "this introduces a run order dependency"
+    set_confirmable_option(false)
+    allow(Spree::UserMailer).to receive(:confirmation_instructions)
+      .and_return(double(deliver: true))
   end
 
-  before do
-    set_confirmable_option(true)
-    Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
-  end
-
-  #after(:each) { set_confirmable_option(false) }
-
   let!(:store) { create(:store) }
 
   background do
     ActionMailer::Base.default_url_options[:host] = 'http://example.com'
   end
 
-  scenario 'create a new user' do
+  scenario 'create a new user', :js do
     visit spree.signup_path
 
     fill_in 'Email', with: 'email@person.com'

data/spec/models/user_spec.rb

@@ -78,11 +78,9 @@ RSpec.describe Spree::User, type: :model do
   end
 
   describe "confirmable" do
-    before { skip "this introduces a run order dependency" }
-
     it "is confirmable if the confirmable option is enabled" do
       set_confirmable_option(true)
-      Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
+      allow(Spree::UserMailer).to receive(:confirmation_instructions).and_return(double(deliver: true))
       expect(Spree::User.devise_modules).to include(:confirmable)
       set_confirmable_option(false)
     end

data/spec/support/confirm_helpers.rb

@@ -1,10 +1,12 @@
 module ConfirmHelpers
   def set_confirmable_option(value)
-    # FIXME: This is terrible terribleness and causes anything loaded
-    # on the user at initialization to be lost.
-    Spree::Auth::Config[:confirmable] = value
-    Spree.send(:remove_const, 'User')
-    load File.expand_path("../../../app/models/spree/user.rb", __FILE__)
+    if value
+      Spree::User.devise_modules.push(:confirmable)
+      Spree::Auth::Config.set(confirmable: true)
+    else
+      Spree::User.devise_modules.delete(:confirmable)
+      Spree::Auth::Config.set(confirmable: false)
+    end
   end
 end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: solidus_auth_devise
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.0
 platform: ruby
 authors:
 - Solidus Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-01-22 00:00:00.000000000 Z
+date: 2019-06-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: solidus_core
@@ -129,33 +129,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.6'
 - !ruby/object:Gem::Dependency
-  name: factory_bot
+  name: ffaker
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.4'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.4'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: ffaker
+  name: gem-release
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: poltergeist
   requirement: !ruby/object:Gem::Requirement
@@ -270,16 +270,16 @@ dependencies:
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.3.6
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.3.6
 description: Provides authentication and authorization services for use with Solidus
   by using Devise and CanCan.
 email: contact@solidus.io
@@ -287,6 +287,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".circleci/config.yml"
+- ".gem_release.yml"
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
@@ -301,7 +303,6 @@ files:
 - app/overrides/auth_admin_login_navigation_bar.rb
 - app/overrides/auth_shared_login_bar.rb
 - bin/rails
-- circle.yml
 - config/initializers/devise.rb
 - config/initializers/warden.rb
 - config/locales/de.yml
@@ -322,13 +323,13 @@ files:
 - db/migrate/20120605211305_make_users_email_index_unique.rb
 - db/migrate/20140904000425_add_deleted_at_to_users.rb
 - db/migrate/20141002154641_add_confirmable_to_users.rb
+- db/migrate/20190125170630_add_reset_password_token_index_to_spree_users.rb
 - db/seeds.rb
 - lib/assets/javascripts/spree/backend/solidus_auth.js
 - lib/assets/javascripts/spree/frontend/solidus_auth.js
 - lib/assets/stylesheets/spree/backend/solidus_auth.css
 - lib/assets/stylesheets/spree/frontend/solidus_auth.css
 - lib/controllers/backend/spree/admin/admin_controller_decorator.rb
-- lib/controllers/backend/spree/admin/admin_orders_controller_decorator.rb
 - lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb
 - lib/controllers/backend/spree/admin/user_passwords_controller.rb
 - lib/controllers/backend/spree/admin/user_sessions_controller.rb
@@ -344,6 +345,7 @@ files:
 - lib/solidus_auth_devise.rb
 - lib/spree/auth/devise.rb
 - lib/spree/auth/engine.rb
+- lib/spree/auth/version.rb
 - lib/spree/authentication_helpers.rb
 - lib/tasks/auth.rake
 - lib/views/backend/spree/admin/shared/_navigation_footer.html.erb
@@ -368,6 +370,7 @@ files:
 - lib/views/frontend/spree/users/edit.html.erb
 - lib/views/frontend/spree/users/show.html.erb
 - solidus_auth_devise.gemspec
+- spec/controllers/spree/admin/user_passwords_controller_spec.rb
 - spec/controllers/spree/checkout_controller_spec.rb
 - spec/controllers/spree/products_controller_spec.rb
 - spec/controllers/spree/user_passwords_controller_spec.rb
@@ -427,6 +430,7 @@ specification_version: 4
 summary: Provides authentication and authorization services for use with Solidus by
   using Devise and CanCan.
 test_files:
+- spec/controllers/spree/admin/user_passwords_controller_spec.rb
 - spec/controllers/spree/checkout_controller_spec.rb
 - spec/controllers/spree/products_controller_spec.rb
 - spec/controllers/spree/user_passwords_controller_spec.rb

data/circle.yml

@@ -1,6 +0,0 @@
-machine:
-  ruby:
-    version: 2.1.5
-test:
-  pre:
-    - bundle exec rake test_app

data/lib/controllers/backend/spree/admin/admin_orders_controller_decorator.rb

@@ -1,20 +0,0 @@
-Spree::Admin::OrdersController.class_eval do
-  before_action :check_authorization
-
-  private
-    def load_order_action
-      [:edit, :update, :cancel, :resume, :approve, :resend, :open_adjustments, :close_adjustments, :cart]
-    end
-  
-    def check_authorization
-      action = params[:action].to_sym
-      if load_order_action.include?(action)
-        load_order
-        session[:access_token] ||= params[:token]
-        resource = @order || Spree::Order.new
-        authorize! action, resource, session[:access_token]
-      else
-        authorize! :index, Spree::Order
-      end
-    end
-end