solidus_user_roles 2.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 0fd3c45b5071e9d4865c51b4ef3696b674b75f95e837754361f563f4c571a90f
+  data.tar.gz: a8cfbdb44bb6491547f58b6e5fc13cae4ff210236ffc4b744a26a7e6cc77304c
+SHA512:
+  metadata.gz: 998aa0a09c26b99619c4cf5a25fab0dcce2028bc0059491ab9032ad70c8847fc774edfc60521de3ef6894ef147e89c3a8325ff2853797ffa99c13604e2552f6d
+  data.tar.gz: aa1a0db693a3617eebfad61c99f0215a55662f119beb75e1fcdc0f90b82aa0017fbbdd2b6ef45362fa6c94ab0f590eedd0fe61493a405e6caff5ed3a461c52ad

data/.circleci/config.yml

@@ -0,0 +1,73 @@
+version: 2.1
+
+orbs:
+  # Required for feature specs.
+  browser-tools: circleci/browser-tools@1.1
+
+  # Always take the latest version of the orb, this allows us to
+  # run specs against Solidus supported versions only without the need
+  # to change this configuration every time a Solidus version is released
+  # or goes EOL.
+  solidusio_extensions: solidusio/extensions@volatile
+
+jobs:
+  run-specs:
+    parameters:
+      solidus:
+        type: string
+        default: main
+      db:
+        type: string
+        default: "postgres"
+      ruby:
+        type: string
+        default: "3.2"
+    executor:
+      name: solidusio_extensions/<< parameters.db >>
+      ruby_version: << parameters.ruby >>
+    steps:
+      - checkout
+      - browser-tools/install-chrome
+      - solidusio_extensions/run-tests-solidus-<< parameters.solidus >>
+
+  lint-code:
+    executor:
+      name: solidusio_extensions/sqlite
+      ruby_version: "3.0"
+    steps:
+      - solidusio_extensions/lint-code
+
+workflows:
+  "Run specs on supported Solidus versions":
+    jobs:
+      - run-specs:
+          name: &name "run-specs-solidus-<< matrix.solidus >>-ruby-<< matrix.ruby >>-db-<< matrix.db >>"
+          matrix:
+            parameters: { solidus: ["main"], ruby: ["3.2"], db: ["postgres"] }
+      - run-specs:
+          name: *name
+          matrix:
+            parameters: { solidus: ["current"], ruby: ["3.1"], db: ["mysql"] }
+      - run-specs:
+          name: *name
+          matrix:
+            parameters: { solidus: ["older"], ruby: ["3.0"], db: ["sqlite"] }
+      - lint-code
+
+  "Weekly run specs against main":
+    triggers:
+      - schedule:
+          cron: "0 0 * * 4" # every Thursday
+          filters:
+            branches:
+              only:
+                - main
+    jobs:
+      - run-specs:
+          name: *name
+          matrix:
+            parameters: { solidus: ["main"], ruby: ["3.2"], db: ["postgres"] }
+      - run-specs:
+          name: *name
+          matrix:
+            parameters: { solidus: ["current"], ruby: ["3.1"], db: ["mysql"] }

data/.gem_release.yml

@@ -0,0 +1,5 @@
+bump:
+  recurse: false
+  file: 'lib/solidus_user_roles/version.rb'
+  message: Bump SolidusUserRoles to %{version}
+  tag: true

data/.github/stale.yml

@@ -0,0 +1 @@
+_extends: .github

data/.github_changelog_generator

@@ -0,0 +1,2 @@
+issues=false
+exclude-labels=infrastructure

data/.gitignore

@@ -0,0 +1,21 @@
+*.gem
+\#*
+*~
+.#*
+.DS_Store
+.idea
+.project
+.sass-cache
+coverage
+Gemfile.lock
+Gemfile-local
+tmp
+nbproject
+pkg
+*.swp
+spec/dummy
+spec/examples.txt
+/sandbox
+.rvmrc
+.ruby-version
+.ruby-gemset

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,5 @@
+require:
+  - solidus_dev_support/rubocop
+
+AllCops:
+  NewCops: disable

data/CHANGELOG.md

@@ -0,0 +1 @@
+# Changelog

data/Gemfile

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+branch = ENV.fetch('SOLIDUS_BRANCH', 'main')
+gem 'solidus', github: 'solidusio/solidus', branch: branch
+
+# The solidus_frontend gem has been pulled out since v3.2
+gem 'solidus_frontend', github: 'solidusio/solidus_frontend' if branch == 'master'
+gem 'solidus_frontend' if branch >= 'v3.2' # rubocop:disable Bundler/DuplicatedGem
+
+# Needed to help Bundler figure out how to resolve dependencies,
+# otherwise it takes forever to resolve them.
+# See https://github.com/bundler/bundler/issues/6677
+gem 'rails', '>0.a'
+
+# Provides basic authentication functionality for testing parts of your engine
+gem 'solidus_auth_devise'
+
+case ENV.fetch('DB', nil)
+when 'mysql'
+  gem 'mysql2'
+when 'postgresql'
+  gem 'pg'
+else
+  gem 'sqlite3'
+end
+
+gem 'rails-controller-testing', group: :test
+
+gemspec
+
+# Use a local Gemfile to include development dependencies that might not be
+# relevant for the project or for other contributors, e.g. pry-byebug.
+#
+# We use `send` instead of calling `eval_gemfile` to work around an issue with
+# how Dependabot parses projects: https://github.com/dependabot/dependabot-core/issues/1658.
+send(:eval_gemfile, 'Gemfile-local') if File.exist? 'Gemfile-local'

data/LICENSE

@@ -0,0 +1,26 @@
+Copyright (c) 2023 Allison Reilly
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name Solidus nor the names of its contributors may be used to
+      endorse or promote products derived from this software without specific
+      prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md

@@ -0,0 +1,83 @@
+# Solidus User Roles
+
+[![CircleCI](https://circleci.com/gh/cpfergus1/solidus_user_roles.svg?style=shield)](https://circleci.com/gh/cpfergus1/solidus_user_roles)
+[![codecov](https://codecov.io/gh/cpfergus1/solidus_user_roles/branch/master/graph/badge.svg)](https://codecov.io/gh/cpfergus1/solidus_user_roles)
+
+<!-- Explain what your extension does. -->
+
+## Installation
+
+Add solidus_user_roles to your Gemfile:
+
+```ruby
+gem 'solidus_user_roles', github: 'solidusio-contrb/solidus_user_roles'
+```
+
+Bundle your dependencies and run the installation generator:
+
+```shell
+bundle
+bundle exec rails g solidus_user_roles:install
+```
+
+Remember to seed or run:
+```shell
+rake solidus_user_roles:load_seeds
+```
+
+Admin Panel
+-----------
+An admin is the only user who has the ability to add or remove roles from other users.
+![image](https://github.com/cpfergus1/solidus_user_roles/assets/68167430/8109fe7e-d098-42c8-a03a-ad1bec273b8c)
+![image](https://github.com/cpfergus1/solidus_user_roles/assets/68167430/311d8e38-e801-401d-9fe8-f232435001ad)
+![image](https://github.com/cpfergus1/solidus_user_roles/assets/68167430/6f248635-054c-4adc-9fdf-85108acd06c8)
+## Development
+
+### Testing the extension
+
+First bundle your dependencies, then run `bin/rake`. `bin/rake` will default to building the dummy
+app if it does not exist, then it will run specs. The dummy app can be regenerated by using
+`bin/rake extension:test_app`.
+
+```shell
+bin/rake
+```
+
+To run [Rubocop](https://github.com/bbatsov/rubocop) static code analysis run
+
+```shell
+bundle exec rubocop
+```
+
+When testing your application's integration with this extension you may use its factories.
+You can load Solidus core factories along with this extension's factories using this statement:
+
+```ruby
+SolidusDevSupport::TestingSupport::Factories.load_for(SolidusUserRoles::Engine)
+```
+
+### Running the sandbox
+
+To run this extension in a sandboxed Solidus application, you can run `bin/sandbox`. The path for
+the sandbox app is `./sandbox` and `bin/rails` will forward any Rails commands to
+`sandbox/bin/rails`.
+
+Here's an example:
+
+```
+$ bin/rails server
+=> Booting Puma
+=> Rails 6.0.2.1 application starting in development
+* Listening on tcp://127.0.0.1:3000
+Use Ctrl-C to stop
+```
+
+### Releasing new versions
+
+Please refer to the [dedicated page](https://github.com/solidusio/solidus/wiki/How-to-release-extensions) in the Solidus wiki.
+
+
+## License
+Fork of https://github.com/boomerdigital/solidus_user_roles
+
+Copyright (c) 2023 Allison Reilly, released under the New BSD License.

data/Rakefile

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+require 'solidus_dev_support/rake_tasks'
+SolidusDevSupport::RakeTasks.install
+
+task default: 'extension:specs'

data/app/controllers/spree/admin/roles_controller.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Spree
+  module Admin
+    class RolesController < ResourceController
+    end
+  end
+end

data/app/decorators/models/solidus_user_roles/spree/role_decorator.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module SolidusUserRoles
+  module Spree
+    module RoleDecorator
+      def self.prepended(base)
+        base.has_many :role_permissions, dependent: :destroy
+        base.has_many :permission_sets, through: :role_permissions
+
+        base.scope :non_base_roles, -> { where.not(name: ['admin', 'user']) }
+        base.validates_uniqueness_of :name, case_sensitive: false
+        base.after_save :assign_permissions
+      end
+
+      def permission_sets_constantized
+        permission_sets.map(&:set).map(&:constantize)
+      end
+
+      def assign_permissions
+        ::Spree::Config.roles.assign_permissions name, permission_sets_constantized
+      end
+
+      ::Spree::Role.prepend self
+    end
+  end
+end

data/app/models/spree/permission_set.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Spree
+  class PermissionSet < Spree::Base
+    has_many :role_permissions # rubocop:disable Rails/HasManyOrHasOneDependent
+    has_many :roles, through: :role_permissions
+    validates :name, :set, presence: true
+    scope :display_permissions, -> { where('name LIKE ?', '%Display') }
+    scope :management_permissions, -> { where('name LIKE ?', '%Management') }
+  end
+end

data/app/models/spree/permission_sets/role_management.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+# A Role Manager has all the access of a UserManager and the ability to manage Roles
+module Spree
+  module PermissionSets
+    class RoleManagement < PermissionSets::Base
+      def activate!
+        can [
+          :admin,
+          :display,
+          :create,
+          :update,
+          :save_in_address_book,
+          :remove_from_address_book,
+          :addresses,
+          :orders,
+          :items
+        ],
+          Spree.user_class
+
+        # due to how cancancan filters by associations,
+        # we have to define this twice, once for `accessible_by`
+        can :update_email, Spree.user_class, spree_roles: { id: nil }
+        # and once for `can?`
+        can :update_email, Spree.user_class do |user|
+          user.spree_roles.none?
+        end
+
+        cannot [:delete, :destroy], Spree.user_class
+        can :manage, Spree::StoreCredit
+        can :manage, Spree::Role
+      end
+    end
+  end
+end

data/app/models/spree/role_permission.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Spree
+  class RolePermission < Spree::Base
+    belongs_to :role
+    belongs_to :permission_set
+  end
+end

data/app/overrides/user_sub_menu.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+Deface::Override.new(
+  virtual_path: 'spree/admin/shared/_menu',
+  name: 'add_user_roles_menu_links',
+  insert_bottom: "[data-hook='admin_tabs']"
+) do
+  <<-HTML
+    <% if can? :admin, Spree::Role %>
+      <%= tab(:roles, icon: 'users') %>
+    <% end %>
+  HTML
+end

data/app/views/spree/admin/roles/_form.html.erb

@@ -0,0 +1,38 @@
+<div data-hook="admin_role_form_fields">
+  <div class="row">
+    <div class="col-4">
+      <%= f.field_container :name do %>
+        <%= f.label :name, class: 'required' %>
+        <%= f.text_field :name, class: 'fullwidth title' %>
+        <%= f.error_message_on :name %>
+      <% end %>
+    </div>
+  </div>
+
+  <div class="row">
+    <div class="left col-6">
+      <%= f.label nil, I18n.t("spree.display_permissions") %>
+      <ul style="list-style-type: none; padding: 0; margin: 0;">
+        <% Spree::PermissionSet.display_permissions.each do |permission| %>
+          <li>  
+            <%= f.check_box 'permission_set_ids', {checked: f.object.try(:permission_sets).include?(permission), multiple: true}, permission.id, nil %>
+            <strong><%= permission.name %></strong>
+          </li>
+        <% end %>
+      </ul>
+    </div>
+    <div class="right col-6">
+      <%= f.label nil, I18n.t("spree.display_permissions") %>
+        <ul style="list-style-type: none; padding: 0; margin: 0;">
+          <% Spree::PermissionSet.management_permissions.each do |permission| %>
+            <li>
+              <%= f.check_box 'permission_set_ids', {checked: f.object.try(:permission_sets).include?(permission), multiple: true}, permission.id, nil %>
+              <strong><%= permission.name %></strong>
+            </li>
+          <% end %>
+        </ul>
+      </div>
+    </div>
+  </div>
+  <div class="clear"></div>
+</div>

data/app/views/spree/admin/roles/edit.html.erb

@@ -0,0 +1,19 @@
+<% content_for :page_title do %>
+  <%= I18n.t("spree.editing_user_role") %>
+<% end %>
+
+<% content_for :page_actions do %>
+  <li>
+    <%= link_to I18n.t("spree.back_to_roles_list"), spree.admin_roles_path, :icon => 'arrow-left', class: "btn btn-primary" %>
+  </li>
+<% end %>
+
+<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @role } %>
+
+<%= form_for [:admin, @role] do |f| %>
+  <fieldset class="no-border-top">
+    <%= render :partial => 'form', :locals => { :f => f } %>
+    <div class="clear"></div>
+    <%= render :partial => 'spree/admin/shared/edit_resource_links' %>
+  </fieldset>
+<% end %>

data/app/views/spree/admin/roles/index.html.erb

@@ -0,0 +1,54 @@
+<% content_for :page_title do %>
+  <%= I18n.t("spree.user_roles") %>
+<% end %>
+
+<% content_for :page_actions do %>
+  <% if can?(:admin, Spree::Role) && can?(:create, Spree::Role) %>
+    <li>
+      <%= link_to I18n.t("spree.new_user_role"), new_admin_role_url, :icon => 'plus', :id => 'admin_new_role_link', class: "btn btn-primary" %>
+    </li>
+  <% end %>
+<% end %>
+
+<% if @roles.non_base_roles.any? %>
+  <table class="index">
+    <colgroup>
+      <col style="width: 50%">
+      <col style="width: 50%">
+    </colgroup>
+    <thead>
+      <tr data-hook="role_header">
+        <th><%= I18n.t("spree.name") %></th>
+        <th><%= I18n.t("spree.permissions") %></th>
+        <th class="actions"></th>
+      </tr>
+    </thead>
+    <tbody>
+      <% @roles.non_base_roles.each do |role|%>
+      <tr id="<%= spree_dom_id role %>" data-hook="rate_row" class="<%= cycle('odd', 'even')%>">
+        <td class="align-center"><%=role.try(:name) || I18n.t("spree.not_available") %></td>
+        <td class="align-center"><%= role.permission_sets.map(&:name).to_sentence %></td>
+        <td class="actions">
+          <% if can?(:update, role) %>
+            <%= link_to_edit role, :no_text => true %>
+          <% end %>
+          <% if can?(:destroy, role) %>
+            <%= link_to_delete role, :no_text => true %>
+          <% end %>
+        </td>
+      </tr>
+      <% end %>
+    </tbody>
+  </table>
+<% else %>
+  <div class="content row">
+    <div class="content col-12">
+      <div class= "no-objects-found">
+        <%= I18n.t("spree.no_resource_found", resource: I18n.t(:other, scope: 'activerecord.models.spree/role')) %>
+        <% if can?(:admin, Spree::Role) && can?(:create, Spree::Role) %>
+          <%= link_to I18n.t("spree.add_one"), spree.new_admin_role_path %>!
+        <% end %>
+      </div>
+    </div>
+  </div>
+<% end %>

data/app/views/spree/admin/roles/new.html.erb

@@ -0,0 +1,23 @@
+<% content_for :page_title do %>
+  <%= I18n.t("spree.new_user_role") %>
+<% end %>
+
+<% content_for :page_actions do %>
+  <li>
+    <%= link_to I18n.t("spree.back_to_roles_list"), spree.admin_roles_path, :icon => 'arrow-left', class: 'btn btn-primary' %>
+  </li>
+<% end %>
+
+<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @role } %>
+
+<%= form_for [:admin, @role] do |f| %>
+  <fieldset class="no-border-top">
+
+    <%= render :partial => 'form', :locals => { :f => f } %>
+
+    <div class="clear"></div>
+
+    <%= render :partial => 'spree/admin/shared/new_resource_links' %>
+
+  </fieldset>
+<% end %>

data/bin/console

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "solidus_user_roles"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+$LOAD_PATH.unshift(*Dir["#{__dir__}/../app/*"])
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/rails

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+if %w[g generate].include? ARGV.first
+  exec "#{__dir__}/rails-engine", *ARGV
+else
+  exec "#{__dir__}/rails-sandbox", *ARGV
+end

data/bin/rails-engine

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails gems
+# installed from the root of your application.
+
+ENGINE_ROOT = File.expand_path('..', __dir__)
+ENGINE_PATH = File.expand_path('../lib/solidus_user_roles/engine', __dir__)
+
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+
+require 'rails/all'
+require 'rails/engine/commands'

data/bin/rails-sandbox

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+
+app_root = 'sandbox'
+
+unless File.exist? "#{app_root}/bin/rails"
+  warn 'Creating the sandbox app...'
+  Dir.chdir "#{__dir__}/.." do
+    system "#{__dir__}/sandbox" or begin
+      warn 'Automatic creation of the sandbox app failed'
+      exit 1
+    end
+  end
+end
+
+Dir.chdir app_root
+exec 'bin/rails', *ARGV

data/bin/rake

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rake", "rake")