spree_auth_devise 1.3.1 → 3.0.5

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e8d33a18b8879913709314cd4046b18ee1518627
+  data.tar.gz: aaf7a78332ae2badc7f69ccc3773605d91713d0c
+SHA512:
+  metadata.gz: 1bcc4fdd327f2adfe7ca449333f643e42d004e3e6ccf4adb70306deb4c04157fcc66628889e8bb38d956f6358a471ae33f81d4f53b0dfbae0ea2a88136f5ce7f
+  data.tar.gz: 430bf537bbf294bf7e6cdce733e68cad0f1f0efeade91c181798cd6b7103c27ca1ac5930dfefc83ebc2b2b2c004d690162d725bd78d17d79f1472ac5ecf8016f

data/.gitignore

@@ -0,0 +1,10 @@
+spec/dummy
+.sass-cache
+coverage
+Gemfile.lock
+*.swp
+.rvmrc
+.ruby-gemset
+.ruby-version
+.bundle
+.DS_Store

data/.rspec

@@ -0,0 +1,3 @@
+--color
+-r spec_helper
+-f documentation

data/.travis.yml

@@ -0,0 +1,11 @@
+before_script:
+  - bundle exec rake test_app
+  - export DISPLAY=:99.0
+  - sh -e /etc/init.d/xvfb start
+env:
+  - DB=mysql
+  - DB=postgres
+language: ruby
+rvm:
+  - 2.1.5
+sudo: false

data/Gemfile

@@ -0,0 +1,5 @@
+source 'https://rubygems.org'
+
+gem 'spree', github: 'spree/spree', branch: '3-0-stable'
+
+gemspec

data/{LICENSE → LICENSE.md}

@@ -1,4 +1,4 @@
-Copyright (c) 2007-2012, Spree Commerce, Inc. and other contributors
+Copyright (c) 2014, Spree Commerce, Inc. and other contributors
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,

data/README.md

@@ -1,14 +1,30 @@
 # Spree Auth (Devise)
 
+[![Build Status](https://secure.travis-ci.org/spree/spree_auth_devise.png?branch=master)](https://travis-ci.org/spree/spree_auth_devise)
+[![Code Climate](https://codeclimate.com/github/spree/spree_auth_devise.png)](https://codeclimate.com/github/spree/spree_auth_devise)
+
 Provides authentication services for Spree, using the Devise gem.
 
 ## Installation
 
-At one stage in the past, this used to be the auth component for Spree. If that's the feature that you're now finding lacking from Spree, that's easy fixed.
+At one stage in the past, this used to be the auth component for Spree. If that's the feature that you're now finding lacking from Spree, that's easily fixed.
+
+Just add this line to your `Gemfile`:
+```ruby
+gem 'spree_auth_devise', github: 'spree/spree_auth_devise', branch: 'master'
+```
+
+Please ensure you're using the correct branch of `spree_auth_devise` relative to your version of Spree.
 
-Just add this line to your Gemfile:
+Spree 1.3.x or 1-3-stable:
+```ruby
+gem 'spree_auth_devise', :github => 'spree/spree_auth_devise', :branch => '1-3-stable'
+```
 
-    gem "spree_auth_devise", :git => "git://github.com/spree/spree_auth_devise"
+Spree 1.2.x or 1-2-stable:
+```ruby
+gem 'spree_auth_devise', :github => 'spree/spree_auth_devise', :branch => '1-2-stable'
+```
 
 Then run `bundle install`. Authentication will then work exactly as it did in previous versions of Spree.
 
@@ -16,14 +32,75 @@ If you're installing this in a new Spree 1.2+ application, you'll need to instal
 
     bundle exec rake spree_auth:install:migrations
     bundle exec rake db:migrate
+    bundle exec rails g spree:auth:install
+
+and then, run this command in order to set up the admin user for the application.
+
+    bundle exec rake spree_auth:admin:create
+
+## Configuration
+
+### Confirmable
+
+To enable Devise's Confirmable module, which will send the user an email with a link to confirm their account, you must do the following:
+
+* Add this line to an initializer in your Rails project (typically `config/initializers/spree.rb`):
+```ruby
+Spree::Auth::Config[:confirmable] = true
+```
+
+* Add a Devise initializer to your Rails project (typically `config/initializers/devise.rb`):
+```ruby
+Devise.setup do |config|
+  # Required so users don't lose their carts when they need to confirm.
+  config.allow_unconfirmed_access_for = 1.days
+
+  # Fixes the bug where Confirmation errors result in a broken page.
+  config.router_name = :spree
+
+  # Add any other devise configurations here, as they will override the defaults provided by spree_auth_devise.
+end
+```
+
+## Using in an existing Rails application
+
+If you are installing Spree inside of a host application in which you want your own permission setup, you can do this using spree_auth_devise's register_ability method.
+
+First create your own CanCan Ability class following the CanCan documentation.
+
+For example: app/models/your_ability_class.rb
+
+```ruby
+class YourAbilityClass
+  include CanCan::Ability
+
+  def initialize user
+    # direct permissions
+     can :create, SomeRailsObject
+
+     # or permissions by group
+     if spree_user.has_spree_role? "admin"
+       can :create, SomeRailsAdminObject
+     end
+   end
+end
+```
+
+Then register your class in your spree initializer: config/initializers/spree.rb
+```ruby
+Spree::Ability.register_ability(YourAbilityClass)
+```
 
-and then, run `bundle exec rake spree_auth:admin:create` in order to set up the admin user for the application.
+Inside of your host application you can then use CanCan like you normally would.
+```ruby
+<% if can? :show SomeRailsObject %>
 
-If you're updating a Spree 1.1 application, run these to migrate the database:
+<% end %>
+```
 
-    rake railties:install:migrations
-    rake db:migrate
+### Adding Permissions to Gems
 
+This methodology can also be used by gems that extend spree and want/need to add permissions.
 
 ## Testing
 
@@ -31,9 +108,8 @@ You need to do a quick one-time creation of a test application and then you can
 
     bundle exec rake test_app
 
-Then run the rspec tests
+Then run the rspec tests.
 
     bundle exec rake spec
 
-If everything doesn't pass on your machine (using Ruby (1.8.7 or 1.9.3) and (MySQL or PostgreSQL or SQLite3)) then we would consider that a bug. Please file a bug report on the issues page for this project with your test output
-and we will investigate it.
+If everything doesn't pass on your machine (using Ruby (1.9.3 or 2.0.0) and (MySQL or PostgreSQL or SQLite3)) then we would consider that a bug. Please file a bug report on the issues page for this project with your test output and we will investigate it.

data/Rakefile

@@ -0,0 +1,15 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks
+
+require 'rspec/core/rake_task'
+require 'spree/testing_support/common_rake'
+
+RSpec::Core::RakeTask.new
+
+task :default => :spec
+
+desc 'Generates a dummy app for testing'
+task :test_app do
+  ENV['LIB_NAME'] = 'spree/auth'
+  Rake::Task['common:test_app'].invoke("Spree::User")
+end

data/Versionfile

@@ -0,0 +1,5 @@
+"2.2.x" => { :branch => "2-2-stable" }
+"2.1.x" => { :branch => "2-1-stable" }
+"2.0.x" => { :branch => "2-0-stable" }
+"1.3.x" => { :branch => "1-3-stable" }
+"1.2.x" => { :branch => "1-2-stable" }

data/app/controllers/metal_decorator.rb

@@ -0,0 +1,6 @@
+# For the API
+ActionController::Metal.class_eval do
+  def spree_current_user
+    @spree_current_user ||= env['warden'].user
+  end
+end

data/app/mailers/spree/user_mailer.rb

@@ -1,8 +1,15 @@
-class Spree::UserMailer < ActionMailer::Base
-  def reset_password_instructions(user)
-    @edit_password_reset_url = spree.edit_user_password_url(:reset_password_token => user.reset_password_token)
+module Spree
+  class UserMailer < BaseMailer
+    def reset_password_instructions(user, token, *args)
+      @edit_password_reset_url = spree.edit_spree_user_password_url(:reset_password_token => token, :host => Spree::Store.current.url)
 
-    mail(:to => user.email,
-         :subject => Spree::Config[:site_name] + ' ' + I18n.t(:password_reset_instructions))
+      mail to: user.email, from: from_address, subject: Spree::Store.current.name + ' ' + I18n.t(:subject, :scope => [:devise, :mailer, :reset_password_instructions])
+    end
+
+    def confirmation_instructions(user, token, opts={})
+      @confirmation_url = spree.spree_user_confirmation_url(:confirmation_token => token, :host => Spree::Store.current.url)
+
+      mail to: user.email, from: from_address, subject: Spree::Store.current.name + ' ' + I18n.t(:subject, :scope => [:devise, :mailer, :confirmation_instructions])
+    end
   end
 end

data/app/models/spree/auth_configuration.rb

@@ -2,5 +2,6 @@ module Spree
   class AuthConfiguration < Preferences::Configuration
     preference :registration_step, :boolean, :default => true
     preference :signout_after_password_change, :boolean, :default => true
+    preference :confirmable, :boolean, :default => false
   end
 end

data/app/models/spree/user.rb

@@ -1,48 +1,30 @@
 module Spree
-  class User < ActiveRecord::Base
-    include Core::UserBanners
+  class User < Spree::Base
+    include UserAddress
+    include UserPaymentSource
 
-    devise :database_authenticatable, :token_authenticatable, :registerable, :recoverable,
+    devise :database_authenticatable, :registerable, :recoverable,
            :rememberable, :trackable, :validatable, :encryptable, :encryptor => 'authlogic_sha512'
+    devise :confirmable if Spree::Auth::Config[:confirmable]
+
+    acts_as_paranoid
+    after_destroy :scramble_email_and_password
 
     has_many :orders
-    belongs_to :ship_address, :foreign_key => 'ship_address_id', :class_name => 'Spree::Address'
-    belongs_to :bill_address, :foreign_key => 'bill_address_id', :class_name => 'Spree::Address'
 
-    before_save :check_admin
     before_validation :set_login
-    before_destroy :check_completed_orders
-
-    # Setup accessible (or protected) attributes for your model
-    attr_accessible :email, :password, :password_confirmation, :remember_me, :persistence_token, :login, :spree_role_ids
 
     users_table_name = User.table_name
     roles_table_name = Role.table_name
 
-    scope :admin, lambda { includes(:spree_roles).where("#{roles_table_name}.name" => "admin") }
-    scope :registered, where("#{users_table_name}.email NOT LIKE ?", "%@example.net")
-
-    class DestroyWithOrdersError < StandardError; end
-
-    # Creates an anonymous user.  An anonymous user is basically an auto-generated +User+ account that is created for the customer
-    # behind the scenes and its completely transparently to the customer.  All +Orders+ must have a +User+ so this is necessary
-    # when adding to the "cart" (which is really an order) and before the customer has a chance to provide an email or to register.
-    def self.anonymous!
-      token = User.generate_token(:persistence_token)
-      User.create(:email => "#{token}@example.net", :password => token, :password_confirmation => token, :persistence_token => token)
-    end
+    scope :admin, -> { includes(:spree_roles).where("#{roles_table_name}.name" => "admin") }
 
     def self.admin_created?
       User.admin.count > 0
     end
 
-    def anonymous?
-      email =~ /@example.net$/ ? true : false
-    end
-
-    def send_reset_password_instructions
-      generate_reset_password_token!
-      UserMailer.reset_password_instructions(self).deliver
+    def admin?
+      has_spree_role?('admin')
     end
 
     protected
@@ -52,32 +34,17 @@ module Spree
 
     private
 
-      def check_completed_orders
-        raise DestroyWithOrdersError if orders.complete.present?
-      end
-
-      def check_admin
-        return if self.class.admin_created?
-        admin_role = Role.find_or_create_by_name 'admin'
-        self.spree_roles << admin_role
-      end
-
       def set_login
         # for now force login to be same as email, eventually we will make this configurable, etc.
         self.login ||= self.email if self.email
       end
 
-      # Generate a friendly string randomically to be used as token.
-      def self.friendly_token
-        SecureRandom.base64(15).tr('+/=', '-_ ').strip.delete("\n")
-      end
-
-      # Generate a token by looping and ensuring does not already exist.
-      def self.generate_token(column)
-        loop do
-          token = friendly_token
-          break token unless find(:first, :conditions => { column => token })
-        end
+      def scramble_email_and_password
+        self.email = SecureRandom.uuid + "@example.net"
+        self.login = self.email
+        self.password = SecureRandom.hex(8)
+        self.password_confirmation = self.password
+        self.save
       end
   end
 end

data/app/overrides/spree/admin/shared/_header/auth_admin_login_navigation_bar.html.erb.deface

@@ -0,0 +1,4 @@
+<!-- insert_top "[data-hook='admin_login_navigation_bar'], #admin_login_navigation_bar[data-hook]"
+     original '841227d0aedf7909d62237d8778df99100087715' -->
+
+<%= render partial: "spree/layouts/admin/login_nav" %>

data/bin/rails

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+ENGINE_ROOT = File.expand_path('../..', __FILE__)
+ENGINE_PATH = File.expand_path('../../lib/spree/auth/engine', __FILE__)
+
+require 'rails/all'
+require 'rails/engine/commands'

data/circle.yml

@@ -0,0 +1,11 @@
+machine:
+  environment:
+    DB: postgres
+  services:
+    - postgresql
+  ruby:
+    version: '2.2'
+
+dependencies:
+  post:
+    - bundle exec rake test_app

data/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../spec/dummy/config/environment',  __FILE__)
+run Dummy::Application

data/config/initializers/devise.rb

@@ -40,7 +40,7 @@ Devise.setup do |config|
   config.stretches = 20
 
   # Setup a pepper to generate the encrypted password.
-  config.pepper = '0bfa9e2cb4a5efd0d976518a3d82e345060547913d2fd1dd2f32b0c8dbbbb5d3dc20b86d0fed31aca9513bccdf51643700ea277d9c64d9ce8ef886bf39293453'
+  config.pepper = Rails.configuration.secret_token
 
   # ==> Configuration for :confirmable
   # The time you want to give your user to confirm his account. During this time
@@ -65,9 +65,6 @@ Devise.setup do |config|
   # Range for password length
   # config.password_length = 6..20
 
-  # Regex to use to validate the email address
-  config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
-
   # ==> Configuration for :timeoutable
   # The time you want to timeout the user session without activity. After this
   # time the user will be asked for credentials again.
@@ -93,10 +90,6 @@ Devise.setup do |config|
   # Time interval to unlock the account if :time is enabled as unlock_strategy.
   # config.unlock_in = 1.hour
 
-  # ==> Configuration for :token_authenticatable
-  # Defines name of the authentication token params key
-  config.token_authentication_key = :auth_token
-
   # ==> Scopes configuration
   # Turn scoped views on. Before rendering 'sessions/new', it will first check for
   # 'users/sessions/new'. It's turned off by default because it's slower if you
@@ -139,4 +132,6 @@ Devise.setup do |config|
   # change their passwords.
   config.reset_password_within = 6.hours
   config.sign_out_via = :get
+
+  config.case_insensitive_keys = [:email]
 end

data/config/initializers/warden.rb

@@ -0,0 +1,14 @@
+# Merges users orders to their account after sign in and sign up.
+Warden::Manager.after_set_user except: :fetch do |user, auth, opts|
+  if auth.cookies.signed[:guest_token].present?
+    if user.is_a?(Spree::User)
+      Spree::Order.where(email: user.email, guest_token: auth.cookies.signed[:guest_token], user_id: nil).each do |order|
+        order.associate_user!(user)
+      end
+    end
+  end
+end
+
+Warden::Manager.before_logout do |user, auth, opts|
+  auth.cookies.delete :guest_token
+end

data/config/locales/de.yml

@@ -1,46 +1,49 @@
+---
 de:
-  errors:
-    messages:
-      not_found: 'nicht gefunden'
-      already_confirmed: 'wurde berreits bestätigt'
-      not_locked: 'war nicht gesperrt'
-      not_saved:
-        one: '1 Fehler verhindert das Speichern von %{resource}:'
-        other: '%{count} Fehler verhindern das Speichern von %{resource}:'
   devise:
+    confirmations:
+      confirmed: Ihr Konto wurde erfolgreich aktiviert.
+      send_instructions: 'In ein paar Minuten erhalten Sie eine E-Mail mit Anweisungen, um Ihr Konto zu aktivieren.'
     failure:
+      inactive: Ihr Konto wurde noch nicht aktiviert.
+      invalid: Ungültige E-Mail-Adresse oder Passwort.
+      invalid_token: Ungültiger Authentifizierungsschlüssel.
+      locked: Ihr Konto ist gesperrt.
+      timeout: 'Ihre Sitzung ist abgelaufen. Bitte melden Sie sich erneut an, um fortzufahren.'
       unauthenticated: 'Sie müssen sich anmelden oder registrieren, bevor Sie fortfahren.'
       unconfirmed: 'Sie müssen Ihre Registrierung bestätigen, bevor Sie fortfahren.'
-      locked: 'Ihr Konto ist gesperrt.'
-      invalid: 'Ungültige E-Mail-Adresse oder Passwort.'
-      invalid_token: 'Ungültiger Authentifizierungsschlüssel.'
-      timeout: 'Ihre Sitzung ist abgelaufen. Bitte melden Sie sich erneut an, um fortzufahren.'
-      inactive: 'Ihr Konto wurde noch nicht aktiviert.'
-    user_passwords:
-      user:
-        send_instructions: 'In ein paar Minuten erhalten Sie eine E-Mail mit Anweisungen um Ihr Passwort zurücksetzen.'
-        updated: 'Ihr Passwort wurde erfolgreich geändert.'
-    confirmations:
-      send_instructions: 'In ein paar Minuten erhalten Sie eine E-Mail mit Anweisungen, um Ihr Konto zu aktivieren.'
-      confirmed: 'Ihr Konto wurde erfolgreich aktiviert.'
-    user_registrations:
-      signed_up: 'Herzlich Willkommen! Sie haben sich erfolgreich registriert.'
-      inactive_signed_up: 'Sie haben sich erfolgreich registriert. Wir konnten Sie jedoch nicht anmelden, da Ihr Konto %{reason} ist.'
-      updated: 'Sie haben Ihr Konto erfolgreich aktualisiert.'
-      destroyed: 'Ihr Konto wurde erfolgreich gelöscht. Auf Wiedersehen!'
-    user_sessions:
-      signed_in: 'Erfolgreich angemeldet.'
-      signed_out: 'Erfolgreich abgemeldet.'
-    unlocks:
-      send_instructions: 'In ein paar Minuten erhalten Sie eine E-Mail mit Anweisungen um Ihr Konto freizuschalten.'
-      unlocked: 'Ihr Konto wurde erfolgreich freigeschaltet.'
-    oauth_callbacks:
-      success: 'Erfolgreich autorisiert durch %{kind} Konto.'
-      failure: 'Autorisierung durch %{kind} fehlgeschlagen aufgrund von "%{reason}".'
     mailer:
       confirmation_instructions:
-        subject: 'Bestätigen Sie Ihre Registrierung'
+        subject: Bestätigen Sie Ihre Registrierung
       reset_password_instructions:
-        subject: 'Passwort zurücksetzen'
+        subject: Passwort zurücksetzen
       unlock_instructions:
-        subject: 'Konto freischalten'
+        subject: Konto freischalten
+    oauth_callbacks:
+      failure: 'Autorisierung durch %{kind} fehlgeschlagen aufgrund von %{reason}.'
+      success: 'Erfolgreich autorisiert durch %{kind} Konto.'
+    unlocks:
+      send_instructions: In ein paar Minuten erhalten Sie eine E-Mail mit Anweisungen um Ihr Konto freizuschalten.
+      unlocked: Ihr Konto wurde erfolgreich freigeschaltet.
+    user_passwords:
+      spree_user:
+        cannot_be_blank: Ihr Passwort darf nicht leer sein.
+        send_instructions: In ein paar Minuten erhalten Sie eine E-Mail mit Anweisungen um Ihr Passwort zurücksetzen.
+        updated: Ihr Passwort wurde erfolgreich geändert.
+    user_registrations:
+      destroyed: Ihr Konto wurde erfolgreich gelöscht. Auf Wiedersehen!
+      inactive_signed_up: 'Sie haben sich erfolgreich registriert. Wir konnten Sie jedoch nicht anmelden, da Ihr Konto %{reason} ist.'
+      signed_up: Herzlich Willkommen! Sie haben sich erfolgreich registriert.
+      updated: Sie haben Ihr Konto erfolgreich aktualisiert.
+    user_sessions:
+      signed_in: Erfolgreich angemeldet.
+      signed_out: Erfolgreich abgemeldet.
+  errors:
+    messages:
+      already_confirmed: wurde berreits bestätigt
+      email_is_invalid: E-Mail-Adresse darf nicht leer sein
+      not_found: nicht gefunden
+      not_locked: war nicht gesperrt
+      not_saved:
+        one: '1 Fehler verhindert das Speichern von %{resource}:'
+        other: '%{count} Fehler verhindern das Speichern von %{resource}:'