spree_auth 0.70.7 → 1.0.0.rc1

data/app/views/spree/checkout/registration.html.erb

@@ -0,0 +1,20 @@
+<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
+<h2><%= t(:registration) %></h2>
+<div id="registration">
+  <div id="account">
+    <%= render :file => 'spree/user_sessions/new' %>
+  </div>
+  <% if Spree::Config[:allow_guest_checkout] %>
+    <div id="guest_checkout">
+      <%= render :partial => 'spree/shared/error_messages', :locals => { :target => @order } %>
+      <h2><%= t(:guest_user_account) %></h2>
+      <%= form_for @order, :url => spree.update_checkout_registration_path, :html => { :method => :put, :id => 'checkout_form_registration'} do |f| %>
+        <p>
+          <%= f.label :email, t(:email) %><br />
+          <%= f.email_field :email, :class => 'title' %>
+        </p>
+        <p><%= f.submit t(:continue), :class => 'button primary' %></p>
+      <% end %>
+    </div>
+  <% end %>
+</div>

data/app/views/spree/layouts/admin/_login_nav.html.erb

@@ -0,0 +1,8 @@
+<% if current_user %>
+  <ul id="login-nav">
+    <li><%= t(:logged_in_as) %>: <%= current_user.email %></li>
+    <li><%= link_to t(:account), spree.edit_user_path(current_user) %></li>
+    <li><%= link_to t(:logout), spree.destroy_user_session_path %></li>
+    <li><%= link_to t(:store), spree.products_path %></li>
+  </ul>
+<% end %>

data/app/views/{shared → spree/shared}/_login.html.erb

@@ -1,8 +1,8 @@
-<%= form_for :user, :url => user_session_path do |f| %>
+<%= form_for :user, :url => spree.user_session_path do |f| %>
   <div id="password-credentials">
     <p>
       <%= f.label :email, t(:email) %><br />
-      <%= f.text_field :email, :class => 'title' %>
+      <%= f.email_field :email, :class => 'title' %>
     </p>
     <p>
       <%= f.label :password, t(:password) %><br />
@@ -16,5 +16,5 @@
     </label>
   </p>
 
-  <p><%= f.submit t(:log_in), :class => 'button primary'%></p>
+  <p><%= f.submit t(:log_in), :class => 'button primary' %></p>
 <% end %>

data/app/views/spree/shared/_login_bar.html.erb

@@ -0,0 +1,6 @@
+<% if current_user %>
+  <li><%= link_to t(:my_account), spree.account_path %></li>
+  <li><%= link_to t(:logout), spree.destroy_user_session_path %></li>
+<% else %>
+  <li><%= link_to t(:log_in), spree.login_path %></li>
+<% end %>

data/app/views/{shared → spree/shared}/_user_form.html.erb

@@ -1,6 +1,6 @@
 <p>
   <%= f.label :email, t(:email) %><br />
-  <%= f.text_field :email, :class => 'title' %>
+  <%= f.email_field :email, :class => 'title' %>
 </p>
 <div id="password-credentials">
   <p>

data/app/views/spree/user_passwords/edit.html.erb

@@ -0,0 +1,15 @@
+<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
+<h2><%= t(:change_my_password) %></h2>
+
+<%= form_for @user, :url => spree.user_password_path, :html => {:method => :put} do |f| %>
+  <p>
+    <%= f.label :password %><br />
+    <%= f.password_field :password %><br />
+  </p>
+  <p>
+    <%= f.label :password_confirmation %><br />
+    <%= f.password_field :password_confirmation %><br />
+  </p>
+  <%= f.hidden_field :reset_password_token %>
+  <%= f.submit t(:update_password), :class => 'button primary' %>
+<% end %>

data/app/views/spree/user_passwords/new.html.erb

@@ -0,0 +1,13 @@
+<h2><%= t(:forgot_password) %></h2>
+
+<p><%= t(:instructions_to_reset_password) %></p>
+
+<%= form_for Spree::User.new, :as => :user, :url => spree.user_password_path do |f| %>
+  <p>
+    <%= f.label :email, t(:email) %>:<br />
+    <%= f.email_field :email %>
+  </p>
+  <p>
+    <%= f.submit t(:reset_password), :class => 'button primary' %>
+  </p>
+<% end %>

data/app/views/spree/user_registrations/new.html.erb

@@ -0,0 +1,22 @@
+<% @body_id = 'signup' %>
+
+<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
+
+<div id="new-customer">
+  <h2><%= t(:new_customer) %></h2>
+
+  <div data-hook="signup">
+
+    <%= form_for :user, :url => spree.user_registration_path(@user) do |f| %>
+      <div data-hook="signup_inside_form"%>
+        <%= render :partial => 'spree/shared/user_form', :locals => { :f => f } %>
+        <p><%= f.submit t(:create), :class => 'button primary' %></p>
+      </div>
+    <% end %>
+    <%= t(:or) %> <%= link_to t(:login_as_existing), spree.login_path %>
+
+  </div>
+
+</div>
+
+<div data-hook="login_extras"></div>

data/app/views/{user_sessions → spree/user_sessions}/new.html.erb

@@ -6,8 +6,8 @@
 <div id="existing-customer">
   <h2><%= t(:login_as_existing) %></h2>
   <div data-hook="login">
-    <%= render :partial => 'shared/login' %>
-    <%= t(:or) %> <%= link_to t(:create_a_new_account), signup_path %> | <%= link_to t(:forgot_password), new_user_password_path %>
+    <%= render :partial => 'spree/shared/login' %>
+    <%= t(:or) %> <%= link_to t(:create_a_new_account), spree.signup_path %> | <%= link_to t(:forgot_password), spree.new_user_password_path %>
   </div>
 </div>
 <div data-hook="login_extras"></div>

data/app/views/spree/users/edit.html.erb

@@ -0,0 +1,11 @@
+<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
+
+<h2><%= t(:editing_user) %></h2>
+
+<%= form_for @user, :url => spree.user_path(@user), :html => { :method => :put } do |f| %>
+  <%= render :partial => 'spree/shared/user_form', :locals => { :f => f } %>
+  <p>
+    <%= f.submit t(:update) %>
+  </p>
+<% end %>
+

data/app/views/{users → spree/users}/show.html.erb

@@ -1,11 +1,11 @@
-<h1><%= t(:my_account) %></h1>
+<h1><%= accurate_title %></h1>
 
 <div data-hook="account_summary">
   <dl id="user-info">
     <dt><%= t(:email) %></dt>
     <dd><%= @user.email %></dd>
   </dl>
-  <p><%= link_to t(:edit), edit_account_path %></p>
+  <p><%= link_to t(:edit), spree.edit_account_path %></p>
 </div>
 
 <div data-hook="account_my_orders">

data/config/initializers/devise.rb

@@ -3,10 +3,10 @@
 Devise.setup do |config|
   # ==> Mailer Configuration
   # Configure the e-mail address which will be shown in DeviseMailer.
-  config.mailer_sender = "please-change-me@config-initializers-devise.com"
+  config.mailer_sender = 'please-change-me@config-initializers-devise.com'
 
   # Configure the class responsible to send e-mails.
-  config.mailer = "UserMailer"
+  config.mailer = 'Spree::UserMailer'
 
   # ==> ORM configuration
   # Load and configure the ORM. Supports :active_record (default) and
@@ -32,7 +32,7 @@ Devise.setup do |config|
   #config.http_authenticatable_on_xhr = false
 
   # The realm used in Http Basic Authentication
-  config.http_authentication_realm = "Spree Application"
+  config.http_authentication_realm = 'Spree Application'
 
   # ==> Configuration for :database_authenticatable
   # For bcrypt, this is the cost for hashing the password and defaults to 10. If
@@ -40,7 +40,7 @@ Devise.setup do |config|
   config.stretches = 20
 
   # Setup a pepper to generate the encrypted password.
-  config.pepper = "0bfa9e2cb4a5efd0d976518a3d82e345060547913d2fd1dd2f32b0c8dbbbb5d3dc20b86d0fed31aca9513bccdf51643700ea277d9c64d9ce8ef886bf39293453"
+  config.pepper = '0bfa9e2cb4a5efd0d976518a3d82e345060547913d2fd1dd2f32b0c8dbbbb5d3dc20b86d0fed31aca9513bccdf51643700ea277d9c64d9ce8ef886bf39293453'
 
   # ==> Configuration for :confirmable
   # The time you want to give your user to confirm his account. During this time
@@ -98,8 +98,8 @@ Devise.setup do |config|
   config.token_authentication_key = :auth_token
 
   # ==> Scopes configuration
-  # Turn scoped views on. Before rendering "sessions/new", it will first check for
-  # "users/sessions/new". It's turned off by default because it's slower if you
+  # Turn scoped views on. Before rendering 'sessions/new', it will first check for
+  # 'users/sessions/new'. It's turned off by default because it's slower if you
   # are using only default views.
   # config.scoped_views = true
 

data/config/locales/en.yml

@@ -1,12 +1,12 @@
 en:
   errors:
     messages:
-      not_found: "not found"
-      already_confirmed: "was already confirmed"
-      not_locked: "was not locked"
+      not_found: 'not found'
+      already_confirmed: 'was already confirmed'
+      not_locked: 'was not locked'
       not_saved:
-        one: "1 error prohibited this %{resource} from being saved:"
-        other: "%{count} errors prohibited this %{resource} from being saved:"
+        one: '1 error prohibited this %{resource} from being saved:'
+        other: '%{count} errors prohibited this %{resource} from being saved:'
   devise:
     failure:
       unauthenticated: 'You need to sign in or sign up before continuing.'

data/config/routes.rb

@@ -1,18 +1,21 @@
-Rails.application.routes.draw do
+Spree::Core::Engine.routes.draw do
   devise_for :user,
-             :controllers => { :sessions => 'user_sessions',
-                               :registrations => 'user_registrations',
-                               :passwords => "user_passwords" },
+             :class_name => 'Spree::User',
+             :controllers => { :sessions => 'spree/user_sessions',
+                               :registrations => 'spree/user_registrations',
+                               :passwords => 'spree/user_passwords' },
              :skip => [:unlocks, :omniauth_callbacks],
-             :path_names => { :sign_out => 'logout'}
+             :path_names => { :sign_out => 'logout' }
+end
+
+Spree::Core::Engine.routes.prepend do
   resources :users, :only => [:edit, :update]
 
   devise_scope :user do
-    get "/login" => "user_sessions#new", :as => :login
-    get "/signup" => "user_registrations#new", :as => :signup
+    get '/login' => 'user_sessions#new', :as => :login
+    get '/signup' => 'user_registrations#new', :as => :signup
   end
 
-
   match '/checkout/registration' => 'checkout#registration', :via => :get, :as => :checkout_registration
   match '/checkout/registration' => 'checkout#update_registration', :via => :put, :as => :update_checkout_registration
 
@@ -23,6 +26,6 @@ Rails.application.routes.draw do
       get :nav_bar
     end
   end
-  resource :account, :controller => "users"
 
+  resource :account, :controller => 'users'
 end

data/db/default/users.rb

@@ -1,12 +1,14 @@
+require 'highline/import'
+
 # see last line where we create an admin if there is none, asking for email and password
 def prompt_for_admin_password
   password = ask('Password [spree123]: ', String) do |q|
     q.echo = false
     q.validate = /^(|.{5,40})$/
-    q.responses[:not_valid] = "Invalid password. Must be at least 5 characters long."
+    q.responses[:not_valid] = 'Invalid password. Must be at least 5 characters long.'
     q.whitespace = :strip
   end
-  password = "spree123" if password.blank?
+  password = 'spree123' if password.blank?
   password
 end
 
@@ -15,17 +17,16 @@ def prompt_for_admin_email
     q.echo = true
     q.whitespace = :strip
   end
-  email = "spree@example.com" if email.blank?
+  email = 'spree@example.com' if email.blank?
   email
 end
 
 def create_admin_user
   if ENV['AUTO_ACCEPT']
-    password =  "spree123"
-    email =  "spree@example.com"
+    password = 'spree123'
+    email = 'spree@example.com'
   else
-    require 'highline/import'
-    puts "Create the admin user (press enter for defaults)."
+    puts 'Create the admin user (press enter for defaults).'
     #name = prompt_for_admin_name unless name
     email = prompt_for_admin_email
     password = prompt_for_admin_password
@@ -37,19 +38,28 @@ def create_admin_user
     :login => email
   }
 
-  load 'user.rb'
+  load 'spree/user.rb'
 
-  if User.find_by_email(email)
+  if Spree::User.find_by_email(email)
     say "\nWARNING: There is already a user with the email: #{email}, so no account changes were made.  If you wish to create an additional admin user, please run rake db:admin:create again with a different email.\n\n"
   else
-    admin = User.create(attributes)
+    admin = Spree::User.create(attributes)
     # create an admin role and and assign the admin user to that role
-    role = Role.find_or_create_by_name "admin"
+    role = Spree::Role.find_or_create_by_name 'admin'
     admin.roles << role
     admin.save
   end
 end
 
 if Rails.env.development?
-  create_admin_user if User.where("roles.name" => 'admin').includes(:roles).empty?
+  if Spree::User.admin.empty?
+    create_admin_user
+  else
+    puts 'Admin user has already been previously created.'
+    if agree('Would you like to create a new admin user? (yes/no)')
+      create_admin_user
+    else
+      puts 'No admin user created.'
+    end
+  end
 end

data/db/migrate/20101026184950_rename_columns_for_devise.rb

@@ -1,39 +1,39 @@
 class RenameColumnsForDevise < ActiveRecord::Migration
-  def self.up
-    return if column_exists?(:users, :password_salt)
-    rename_column :users, :crypted_password, :encrypted_password
-    rename_column :users, :salt, :password_salt
-    rename_column :users, :remember_token_expires_at, :remember_created_at
-    rename_column :users, :login_count, :sign_in_count
-    rename_column :users, :failed_login_count, :failed_attempts
-    rename_column :users, :single_access_token, :reset_password_token
-    rename_column :users, :current_login_at, :current_sign_in_at
-    rename_column :users, :last_login_at, :last_sign_in_at
-    rename_column :users, :current_login_ip, :current_sign_in_ip
-    rename_column :users, :last_login_ip, :last_sign_in_ip
-    add_column :users, :authentication_token, :string
-    add_column :users, :unlock_token, :string
-    add_column :users, :locked_at, :datetime
-    remove_column :users, :api_key if column_exists?(:users, :api_key)
-    remove_column :users, :openid_identifier
+  def up
+    return if column_exists?(:spree_users, :password_salt)
+    rename_column :spree_users, :crypted_password, :encrypted_password
+    rename_column :spree_users, :salt, :password_salt
+    rename_column :spree_users, :remember_token_expires_at, :remember_created_at
+    rename_column :spree_users, :login_count, :sign_in_count
+    rename_column :spree_users, :failed_login_count, :failed_attempts
+    rename_column :spree_users, :single_access_token, :reset_password_token
+    rename_column :spree_users, :current_login_at, :current_sign_in_at
+    rename_column :spree_users, :last_login_at, :last_sign_in_at
+    rename_column :spree_users, :current_login_ip, :current_sign_in_ip
+    rename_column :spree_users, :last_login_ip, :last_sign_in_ip
+    add_column :spree_users, :authentication_token, :string
+    add_column :spree_users, :unlock_token, :string
+    add_column :spree_users, :locked_at, :datetime
+    remove_column :spree_users, :api_key if column_exists?(:spree_users, :api_key)
+    remove_column :spree_users, :openid_identifier
   end
 
-  def self.down
-    remove_column :users, :authentication_token
-    remove_column :users, :locked_at
-    remove_column :users, :unlock_token
+  def down
+    remove_column :spree_users, :authentication_token
+    remove_column :spree_users, :locked_at
+    remove_column :spree_users, :unlock_token
     rename_column :table_name, :new_column_name, :column_name
-    rename_column :users, :last_sign_in_ip, :last_login_ip
-    rename_column :users, :current_sign_in_ip, :current_login_ip
-    rename_column :users, :last_sign_in_at, :last_login_at
-    rename_column :users, :current_sign_in_at, :current_login_at
-    rename_column :users, :reset_password_token, :single_access_token
-    rename_column :users, :failed_attempts, :failed_login_count
-    rename_column :users, :sign_in_count, :login_count
-    rename_column :users, :remember_created_at, :remember_token_expires_at
-    rename_column :users, :password_salt, :salt
-    rename_column :users, :encrypted_password, :crypted_password
-    add_column :users, :unlock_token, :string
-    add_column :users, :openid_identifier, :string
+    rename_column :spree_users, :last_sign_in_ip, :last_login_ip
+    rename_column :spree_users, :current_sign_in_ip, :current_login_ip
+    rename_column :spree_users, :last_sign_in_at, :last_login_at
+    rename_column :spree_users, :current_sign_in_at, :current_login_at
+    rename_column :spree_users, :reset_password_token, :single_access_token
+    rename_column :spree_users, :failed_attempts, :failed_login_count
+    rename_column :spree_users, :sign_in_count, :login_count
+    rename_column :spree_users, :remember_created_at, :remember_token_expires_at
+    rename_column :spree_users, :password_salt, :salt
+    rename_column :spree_users, :encrypted_password, :crypted_password
+    add_column :spree_users, :unlock_token, :string
+    add_column :spree_users, :openid_identifier, :string
   end
 end

data/db/migrate/20101214150824_convert_user_remember_field.rb

@@ -1,11 +1,11 @@
 class ConvertUserRememberField < ActiveRecord::Migration
-  def self.up
-    remove_column :users, :remember_created_at
-    add_column :users, :remember_created_at, :datetime
+  def up
+    remove_column :spree_users, :remember_created_at
+    add_column :spree_users, :remember_created_at, :datetime
   end
 
-  def self.down
-    remove_column :users, :remember_created_at
-    add_column :users, :remember_created_at, :string
+  def down
+    remove_column :spree_users, :remember_created_at
+    add_column :spree_users, :remember_created_at, :string
   end
-end
+end

data/db/migrate/20101217012656_create_tokenized_permissions.rb

@@ -1,18 +1,13 @@
 class CreateTokenizedPermissions < ActiveRecord::Migration
-
-  def self.up
-
+  def change
     create_table :tokenized_permissions do |t|
       t.integer :permissable_id
       t.string  :permissable_type
       t.string  :token
+
       t.timestamps
     end
 
-    add_index "tokenized_permissions", ["permissable_id", "permissable_type"], :name => "index_tokenized_name_and_type"
-  end
-
-  def self.down
-    drop_table :tokenized_permissions
+    add_index :tokenized_permissions, [:permissable_id, :permissable_type], :name => 'index_tokenized_name_and_type'
   end
 end

data/db/migrate/20101219201531_tokens_for_legacy_orders.rb

@@ -1,12 +1,16 @@
 class TokensForLegacyOrders < ActiveRecord::Migration
-  def self.up
+  def up
+    Spree::TokenizedPermission.table_name = 'tokenized_permissions'
+
     # add token permissions for legacy orders (stop relying on user persistence token)
-    Order.all.each do |order|
+    Spree::Order.all.each do |order|
       next unless order.user
       order.create_tokenized_permission(:token => order.user.persistence_token)
     end
+
+    Spree::TokenizedPermission.table_name = 'spree_tokenized_permissions'
   end
 
-  def self.down
+  def down
   end
 end

data/db/migrate/20111007143030_namespace_tokenized_permission.rb

@@ -0,0 +1,5 @@
+class NamespaceTokenizedPermission < ActiveRecord::Migration
+  def change
+    rename_table :tokenized_permissions, :spree_tokenized_permissions
+  end
+end

data/db/migrate/20111206075712_migrate_tokenized_permissions.rb

@@ -0,0 +1,24 @@
+class MigrateTokenizedPermissions < ActiveRecord::Migration
+  def concat(str1, str2)
+    dbtype = Rails.configuration.database_configuration[Rails.env]['adapter'].to_sym
+
+    case dbtype
+    when :mysql, :mysql2
+      "CONCAT(#{str1}, #{str2})"
+    when :sqlserver
+      "(#{str1} + #{str2})"
+    else
+      "(#{str1} || #{str2})"
+    end
+  end
+
+  def up
+    execute "UPDATE spree_tokenized_permissions SET permissable_type = #{concat("'Spree::'", "permissable_type")}" +
+            " WHERE permissable_type NOT LIKE 'Spree::%' AND permissable_type IS NOT NULL"
+  end
+
+  def down
+    execute "UPDATE spree_tokenized_permissions SET permissable_type = REPLACE(permissable_type, 'Spree::', '')" + 
+            " WHERE permissable_type LIKE 'Spree::%'"
+  end
+end

data/db/seeds.rb

@@ -2,4 +2,4 @@
 default_path = File.join(File.dirname(__FILE__), 'default')
 
 Rake::Task['db:load_dir'].reenable
-Rake::Task["db:load_dir"].invoke( default_path )
+Rake::Task['db:load_dir'].invoke(default_path)

data/lib/spree/auth/engine.rb

@@ -0,0 +1,25 @@
+module Spree
+  module Auth
+    class Engine < Rails::Engine
+      isolate_namespace Spree
+      engine_name 'spree_auth'
+
+      initializer "spree.auth.environment", :before => :load_config_initializers do |app|
+        Spree::Auth::Config = Spree::AuthConfiguration.new
+      end
+
+      def self.activate
+        Dir.glob(File.join(File.dirname(__FILE__), "../../../app/**/*_decorator*.rb")) do |c|
+          Rails.configuration.cache_classes ? require(c) : load(c)
+        end
+
+        Dir.glob(File.join(File.dirname(__FILE__), "../../../app/overrides/*.rb")) do |c|
+          Rails.configuration.cache_classes ? require(c) : load(c)
+        end
+      end
+
+      config.to_prepare &method(:activate).to_proc
+      ActiveRecord::Base.class_eval { include Spree::TokenResource }
+    end
+  end
+end

data/lib/spree/auth.rb

@@ -0,0 +1,15 @@
+require 'spree_core'
+require 'devise'
+require 'cancan'
+
+require 'spree/token_resource'
+
+module Spree
+  module Auth
+		def self.config(&block)
+	    yield(Spree::Auth::Config)
+	  end
+  end
+end
+
+require 'spree/auth/engine'

data/lib/spree/token_resource.rb

@@ -1,23 +1,23 @@
-module Spree::TokenResource
-
-  module ClassMethods
-    def token_resource
-      has_one :tokenized_permission, :as => :permissable
-      delegate :token, :to => :tokenized_permission, :allow_nil => true
-      after_create :create_token
+module Spree
+  module TokenResource
+    module ClassMethods
+      def token_resource
+        has_one :tokenized_permission, :as => :permissable
+        delegate :token, :to => :tokenized_permission, :allow_nil => true
+        after_create :create_token
+      end
     end
-  end
 
-  module InstanceMethods
-    def create_token
-      create_tokenized_permission(:token => ::SecureRandom::hex(8))
-      token
+    module InstanceMethods
+      def create_token
+        create_tokenized_permission(:token => ::SecureRandom::hex(8))
+        token
+      end
     end
-  end
 
-  def self.included(receiver)
-    receiver.extend ClassMethods
-    receiver.send :include, InstanceMethods
+    def self.included(receiver)
+      receiver.extend ClassMethods
+      receiver.send :include, InstanceMethods
+    end
   end
-
 end

data/lib/spree_auth.rb

@@ -1,24 +1 @@
-require 'spree_core'
-require 'devise'
-require 'cancan'
-
-require 'spree/auth/config'
-require 'spree/token_resource'
-
-module SpreeAuth
-  class Engine < Rails::Engine
-    engine_name 'spree_auth'
-
-    def self.activate
-      Dir.glob(File.join(File.dirname(__FILE__), "../app/**/*_decorator*.rb")) do |c|
-        Rails.application.config.cache_classes ? require(c) : load(c)
-      end
-      Dir.glob(File.join(File.dirname(__FILE__), "../app/overrides/*.rb")) do |c|
-        Rails.application.config.cache_classes ? require(c) : load(c)
-      end
-    end
-
-    config.to_prepare &method(:activate).to_proc
-    ActiveRecord::Base.class_eval { include Spree::TokenResource }
-  end
-end
+require 'spree/auth'