spree_auth 0.30.2 → 0.40.0

data/db/migrate/20101219201531_tokens_for_legacy_orders.rb

@@ -0,0 +1,12 @@
+class TokensForLegacyOrders < ActiveRecord::Migration
+  def self.up
+    # add token permissions for legacy orders (stop relying on user persistence token)
+    Order.all.each do |order|
+      next unless order.user
+      order.create_tokenized_permission(:token => order.user.persistence_token)
+    end
+  end
+
+  def self.down
+  end
+end

data/db/sample/users.rb

@@ -21,7 +21,7 @@ end
 
 def create_admin_user
   if ENV['AUTO_ACCEPT']
-    password =  "spree"
+    password =  "spree123"
     email =  "spree@example.com"
   else
     require 'highline/import'

data/lib/spree/token_resource.rb

@@ -0,0 +1,23 @@
+module Spree::TokenResource
+
+  module ClassMethods
+    def token_resource
+      has_one :tokenized_permission, :as => :permissable
+      delegate :token, :to => :tokenized_permission, :allow_nil => true
+      after_create :create_token
+    end
+  end
+
+  module InstanceMethods
+    def create_token
+      create_tokenized_permission(:token => ActiveSupport::SecureRandom::hex(8))
+      token
+    end
+  end
+
+  def self.included(receiver)
+    receiver.extend ClassMethods
+    receiver.send :include, InstanceMethods
+  end
+
+end

data/lib/spree_auth.rb

@@ -1,9 +1,9 @@
 require 'spree_core'
-require 'authlogic'
+require 'devise'
 require 'cancan'
 
-require 'spree/auth_user'
 require 'spree/auth/config'
+require 'spree/token_resource'
 
 module SpreeAuth
   class Engine < Rails::Engine
@@ -11,7 +11,18 @@ module SpreeAuth
       Dir.glob(File.join(File.dirname(__FILE__), "../app/**/*_decorator*.rb")) do |c|
         Rails.env.production? ? require(c) : load(c)
       end
+
+      # monkey patch until new version of devise comes out
+      # https://github.com/plataformatec/devise/commit/ec5bfe9119d0e1e633629793b0de1f58f89622dc
+      Devise::IndifferentHash.class_eval do
+        def [](key)
+          super(convert_key(key))
+        end
+        def to_hash; Hash.new.update(self) end
+      end
     end
+
     config.to_prepare &method(:activate).to_proc
+    ActiveRecord::Base.class_eval { include Spree::TokenResource }
   end
 end

data/lib/tasks/install.rake

@@ -11,7 +11,6 @@ namespace :spree_auth do
     task :migrations do
       source = File.join(File.dirname(__FILE__), '..', '..', 'db')
       destination = File.join(Rails.root, 'db')
-      puts "INFO: Mirroring assets from #{source} to #{destination}"
       Spree::FileUtilz.mirror_files(source, destination)
     end
 

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: spree_auth
 version: !ruby/object:Gem::Version 
-  hash: 99
-  prerelease: 
+  hash: 191
+  prerelease: false
   segments: 
   - 0
-  - 30
-  - 2
-  version: 0.30.2
+  - 40
+  - 0
+  version: 0.40.0
 platform: ruby
 authors: 
 - Sean Schofield
@@ -15,7 +15,8 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-10-23 00:00:00 Z
+date: 2010-12-22 00:00:00 -05:00
+default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: spree_core
@@ -25,28 +26,28 @@ dependencies:
     requirements: 
     - - "="
       - !ruby/object:Gem::Version 
-        hash: 99
+        hash: 191
         segments: 
         - 0
-        - 30
-        - 2
-        version: 0.30.2
+        - 40
+        - 0
+        version: 0.40.0
   type: :runtime
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
-  name: authlogic
+  name: devise
   prerelease: false
   requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - "="
       - !ruby/object:Gem::Version 
-        hash: 7
+        hash: 7712074
         segments: 
-        - 2
         - 1
-        - 6
-        version: 2.1.6
+        - 2
+        - rc
+        version: 1.2.rc
   type: :runtime
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
@@ -81,36 +82,47 @@ files:
 - app/controllers/orders_controller_decorator.rb
 - app/controllers/resource_controller_decorator.rb
 - app/controllers/spree/base_controller_decorator.rb
+- app/controllers/user_password_resets_controller.rb
+- app/controllers/user_registrations_controller.rb
 - app/controllers/user_sessions_controller.rb
 - app/controllers/users_controller.rb
+- app/helpers/users_helper.rb
 - app/models/ability.rb
 - app/models/order_decorator.rb
 - app/models/spree_auth_configuration.rb
 - app/models/spree_current_order_decorator.rb
+- app/models/tokenized_permission.rb
 - app/models/user.rb
 - app/models/user_mailer.rb
-- app/models/user_session.rb
 - app/views/checkout/registration.html.erb
-- app/views/password_resets/edit.html.erb
-- app/views/password_resets/new.html.erb
 - app/views/shared/_error_messages.html.erb
 - app/views/shared/_flashes.html.erb
+- app/views/shared/_login.html.erb
 - app/views/shared/_login_bar.html.erb
+- app/views/shared/_user_form.html.erb
 - app/views/shared/unauthorized.html.erb
-- app/views/user_mailer/password_reset_instructions.erb
+- app/views/user_mailer/reset_password_instructions.text.erb
+- app/views/user_password_resets/edit.html.erb
+- app/views/user_password_resets/new.html.erb
+- app/views/user_registrations/new.html.erb
 - app/views/user_sessions/authorization_failure.html.erb
 - app/views/user_sessions/new.html.erb
 - app/views/users/edit.html.erb
-- app/views/users/new.html.erb
 - app/views/users/show.html.erb
+- config/initializers/devise.rb
+- config/locales/en.yml
 - config/routes.rb
-- lib/cancan/controller_additions.rb
 - lib/spree/auth/config.rb
-- lib/spree/auth_user.rb
+- lib/spree/token_resource.rb
 - lib/spree_auth.rb
 - lib/tasks/auth.rake
 - lib/tasks/install.rake
+- db/migrate/20101101185116_rename_columns_for_devise.rb
+- db/migrate/20101214150824_convert_user_remember_field.rb
+- db/migrate/20101217012656_create_tokenized_permissions.rb
+- db/migrate/20101219201531_tokens_for_legacy_orders.rb
 - db/sample/users.rb
+has_rdoc: true
 homepage: http://spreecommerce.com
 licenses: []
 
@@ -142,7 +154,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: 
 - none
 rubyforge_project: spree_auth
-rubygems_version: 1.8.10
+rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
 summary: Provides authentication and authorization services for use with Spree.

data/app/models/user_session.rb

@@ -1,3 +0,0 @@
-class UserSession < Authlogic::Session::Base
-end
-

data/app/views/password_resets/edit.html.erb

@@ -1,12 +0,0 @@
-<h1><%= t(:change_my_password) %></h1>
- 
-<%= form_for @user, :url => password_reset_path, :method => :put do |f| %>
-  <%= f.error_messages %>
-  <%= f.label :password %><br />
-  <%= f.password_field :password %><br />
-  <br />
-  <%= f.label :password_confirmation %><br />
-  <%= f.password_field :password_confirmation %><br />
-  <br />
-  <%= f.submit t("update_password") %>
-<% end %>

data/lib/cancan/controller_additions.rb

@@ -1,60 +0,0 @@
-# Overrides the default current_ability method used by Cancan so that we can use the guest_token in addition to current_user.
-# We were having problems layering the custom logic on top of ActionController::Base in certain situations but overriding
-# this file within spree_auth seems to do the trick. Documentation has been stripped (see cancan for the original docs.)
-# Only the current_ability method has been changed.
-
-module CanCan
-
-  module ControllerAdditions
-    module ClassMethods
-
-      def load_and_authorize_resource(*args)
-        ControllerResource.add_before_filter(self, :load_and_authorize_resource, *args)
-      end
-
-      def load_resource(*args)
-        ControllerResource.add_before_filter(self, :load_resource, *args)
-      end
-
-      def authorize_resource(*args)
-        ControllerResource.add_before_filter(self, :authorize_resource, *args)
-      end
-    end
-
-    def self.included(base)
-      base.extend ClassMethods
-      base.helper_method :can?, :cannot?
-    end
-
-    def authorize!(action, subject, *args)
-      message = nil
-      if args.last.kind_of?(Hash) && args.last.has_key?(:message)
-        message = args.pop[:message]
-      end
-      raise AccessDenied.new(message, action, subject) if cannot?(action, subject, *args)
-    end
-
-    def unauthorized!(message = nil)
-      raise ImplementationRemoved, "The unauthorized! method has been removed from CanCan, use authorize! instead."
-    end
-
-    def current_ability
-      # HACKED to use Spree's auth_user instead of current_user
-      @current_ability ||= ::Ability.new(auth_user)
-    end
-
-    def can?(*args)
-      current_ability.can?(*args)
-    end
-
-    def cannot?(*args)
-      current_ability.cannot?(*args)
-    end
-  end
-end
-
-if defined? ActionController
-  ActionController::Base.class_eval do
-    include CanCan::ControllerAdditions
-  end
-end

data/lib/spree/auth_user.rb

@@ -1,16 +0,0 @@
-module Spree
-  module AuthUser
-
-    # Gives controllers the ability to learn the +auth_user+ as opposed to limiting them to just the standard
-    # +current_user.+  The +auth_user+ method will return the user corresponding to the +guest_token+ if present,
-    # otherwise it will return the +current_user.+  This allows us to check authorization against a guest user
-    # without requiring that user to be signed in.  This means the guest can later sign up for
-    # an acccount (or log in to an existing account.)
-    def auth_user
-      return current_user if current_user
-      return nil if session[:guest_token].blank?
-      User.find_by_persistence_token(session[:guest_token])
-    end
-
-  end
-end