symphonia 4.1.1 → 4.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 37c5df664c5d4a4e23242972efcb37a44a97b0000c943aba8ff68ac7ebd4d2ec
-  data.tar.gz: 1636c08f1a1aa674319a19172cf0291d5fa910a9930056f8598ac96b7bf65937
+  metadata.gz: 7033f315c16e49ebc00088855303534bd7220068416b08e48056ce9d43e2531d
+  data.tar.gz: 1868fc1ee61994c9859cdb38bcaf069a52a3b3a1cf5242f8ae71a03f282f3909
 SHA512:
-  metadata.gz: f2716c183798fd2acc14702ac79d44f4f210e4d4b770c6670ff78267c2ada056d3c331229371f02a66ca32d7496618a65972b1405860aace5fd7fc433161b94b
-  data.tar.gz: dbeff2e27c22f063183e6eecd395ba895cf8c6986841281d1914f2e3997ee4a833fd3e78c7a38dca24e49041083f3398a876ea8a4bd476b11ec57cf9830c1734
+  metadata.gz: fb542f3bc5305a51d23b4ecc24988a2aaf4acb2abe1b3880264b622f0094c943142f83f3e168f538d6c3d158ae54076bb8aea601762d03b331dfc89faa6e7815
+  data.tar.gz: 4df5f61aeb4d8ee5cd66ec25771602372a30cabad3d0f8320247955965fffe15575a6aa6ff7d81ccd5415a98fed99b943601aec19dc1fefd32512bb955f27e4d

data/.rubocop.yml

@@ -19,6 +19,8 @@ Metrics/BlockLength:
   Enabled: false
 Metrics/MethodLength:
   Enabled: false
+Naming/VariableNumber:
+  Enabled: false
 
 Style/Documentation:
   Enabled: false

data/app/assets/stylesheets/symphonia/basic.scss

@@ -43,9 +43,7 @@
         content: "\f05d"
     }
 }
-flash.recaptcha_error {
-    display: none;
-}
+
 .nodata, .no-data {
     @extend .flash;
     @extend .info;

data/app/controllers/symphonia/accounts_controller.rb

@@ -5,8 +5,6 @@ module Symphonia
     before_action -> { menu_item(:my_account) }, only: [:show, :edit, :update]
     before_action :prepare_user, only: [:register, :create]
 
-    helper Recaptcha::ClientHelper if defined? Recaptcha
-
     def show
       @user = current_account
 
@@ -159,11 +157,7 @@ module Symphonia
 
     # @return [Boolean]
     def verify_registration
-      if defined?(Recaptcha)
-        verify_recaptcha(model: @user)
-      else
-        true
-      end
+      true
     end
 
   end

data/app/views/symphonia/accounts/_form.html.erb

@@ -9,11 +9,9 @@
   </div>
   <div class="col-lg-8">
     <%= f.text_field :first_name, required: true %>
-
   </div>
   <div class="col-lg-8">
     <%= f.text_field :last_name, required: true %>
-
   </div>
   <div class="col-lg-8">
     <% if f.object.external_id.blank? %>
@@ -21,5 +19,3 @@
     <% end %>
   </div>
 </div>
-
-

data/app/views/symphonia/accounts/register.html.erb

@@ -8,20 +8,10 @@
         <%= symphonia_form_for(@user, url: account_register_path) do |f| %>
           <div style="width:1px;height: 1px;visibility: hidden"><%= check_box_tag :terms, true %></div>
           <%= f.error_messages %>
-          <%= f.email_field :mail, required: true, prepend: "@" %>
-          <%= f.text_field :name, required: true, prepend: icon("user") %>
-          <%= f.password_field :password, required: true, prepend: icon('key') %>
-          <% if defined? Recaptcha %>
-            <fieldset>
-              <%= content_tag(:legend, t(:text_explanation_recaptcha)) %>
-              <div class="form-group">
-                <div class="col-sm-offset-4 col-sm-5">
-                  <%#= invisible_recaptcha_tags %>
-                  <%= recaptcha_tags(:display => { :theme => 'white' }) %>
-                </div>
-              </div>
-            </fieldset>
-          <% end %>
+          <%= f.text_field :name, required: true, autocomplete: "off", prepend: icon("user") %>
+          <%= f.email_field :mail, required: true, autocomplete: "username", prepend: "@" %>
+          <%= f.password_field :password, autocomplete: "new-password", required: true, prepend: icon('key') %>
+
           <%= f.primary t(:button_register), class: 'btn btn-primary btn-block' %>
         <% end %>
       </div>

data/app/views/symphonia/login/_form.html.erb

@@ -1,8 +1,8 @@
 <%= f.error_messages %>
-<%= hidden_field_tag(:back_url, params[:back_url].presence || request.env['HTTP_REFERER'].presence || session[:back_url]) %>
-<%= f.text_field :login, required: true, autofocus: true %>
+<%= hidden_field_tag(:back_url, back_url || session[:back_url]) %>
+<%= f.text_field :login, required: true, autofocus: true, autocomplete: "username" %>
 
-<%= f.password_field :password, required: true %>
+<%= f.password_field :password, required: true, autocomplete: "current-password" %>
 
 <%= f.form_group :remember_me do %>
   <%= f.check_box :remember_me %>

data/config/locales/cs.yml

@@ -79,10 +79,6 @@ cs:
           role_id: 'Role'
           ssl: Používat SSL?
 
-  recaptcha:
-    errors:
-      verification_failed: 'Nesprávný text z obrázku'
-
   helpers:
       submit:
         create: Vytvořit
@@ -144,7 +140,6 @@ cs:
   text_user_not_found: Účet nenalezen
   text_activation_resend: Aktivační odkaz odeslán
   text_reset_password_resend: Informace o změně hesla odeslány
-  text_explanation_recaptcha: 'Opište prosím tato dvě slova:'
   text_or: nebo
   text_confirm_send_unlock_mail: Po aktivaci účtu bude uživateli zaslán email.
   text_error_no_data_file_input: Nebyl vybrán žádný soubor

data/lib/generators/symphonia/setup/templates/Gemfile

@@ -14,5 +14,4 @@ end
 
 # gem 'bootswatch-rails'
 # gem 'jquery-colorbox-rails'
-# gem 'recaptacha'
-# gem 'ckeditor-rails'
+# gem 'ckeditor-rails'

data/lib/generators/symphonia/setup/templates/app/config/initializers/settings.rb.tt

@@ -1,10 +1,5 @@
 # encoding: utf-8
 
-# Recaptcha.configure do |config|
-#   config.site_key  = '6LejxOESAAAAALC3ohQCddKilokhYnTNXfYVItZe'
-#   config.secret_key = '6LejxOESAAAAANf-9T4nyHCDGW6Ok78Zo7GaG2GK'
-# end
-
 WillPaginate.per_page = 20
 # Rails.application.config.i18n.available_locales = %i[en cs ru pl]
 

data/lib/symphonia/controller_extensions.rb

@@ -3,69 +3,39 @@ module Symphonia
 
     extend ActiveSupport::Concern
 
+    class Unauthorized < RuntimeError
+    end
 
     included do
-      class Unauthorized < Exception;
-      end
 
       before_action :current_user, :menu_item
       before_action :set_default_locale
 
-      # force_ssl if: -> {Rails.env.production? && User.current.ssl?}
-
       add_flash_types :notice
       add_flash_types :info
       add_flash_types :warning
       add_flash_types :error
 
-      rescue_from ::ActiveRecord::RecordNotFound do
-        render_404
-      end
-
-      rescue_from Unauthorized do
-        render_403
-      end
-
-      helper_method :current_user
+      rescue_from ::ActiveRecord::RecordNotFound, with: :render_404
+      rescue_from Unauthorized, with: :render_403
 
+      helper_method :current_user, :back_url
     end
 
     def back_url
-      url = params[:back_url]
-      if url.nil? && (referer = request.env['HTTP_REFERER'])
+      url = params[:back_url].presence
+      if url.nil? && (referer = request.env['HTTP_REFERER'].presence)
         url = CGI.unescape(referer.to_s)
       end
       url
     end
 
-    # def redirect_back_or_default(default, options={})
-    #   back_url = params[:back_url].to_s
-    #   if back_url.present?
-    #     begin
-    #       uri = URI.parse(back_url)
-    #       # do not redirect user to another host or to the login or register page
-    #       if (uri.relative? || (uri.host == request.host)) && !uri.path.match(%r{/(login|account/register)})
-    #         redirect_to(back_url)
-    #         return
-    #       end
-    #     rescue URI::InvalidURIError
-    #       logger.warn("Could not redirect to invalid URL #{back_url}")
-    #       # redirect to default
-    #     end
-    #   elsif options[:referer]
-    #     redirect_to_referer_or default
-    #     return
-    #   end
-    #   redirect_to default, options
-    #   false
-    # end
-
     # Redirects to the request referer if present, redirects to args or call block otherwise.
     def redirect_to_referer_or(*args, &block)
       redirect_to :back
     rescue ::ActionController::RedirectBackError
       if args.any?
-        redirect_to *args
+        redirect_to(*args)
       elsif block_given?
         block.call
       else
@@ -76,7 +46,10 @@ module Symphonia
     # private
 
     def set_locale
-      client_lang = Array(params.fetch(:locale, nil).presence || session[:locale].presence || request.env['HTTP_ACCEPT_LANGUAGE'].to_s.split(',').collect { |l| l.scan(/^[a-z]{2}/) }.flatten)
+      params_locale = params.fetch(:locale, nil).presence
+      params_locale ||= session[:locale].presence
+      params_locale ||= request.env['HTTP_ACCEPT_LANGUAGE'].to_s.split(',').collect { |l| l.scan(/^[a-z]{2}/) }.flatten
+      client_lang = Array(params_locale).compact
       client_lang.unshift current_user.language if current_user.language
       @client_lang = client_lang.detect { |l| I18n.available_locales.include?(l.to_sym) }
 
@@ -87,53 +60,57 @@ module Symphonia
     end
 
     def set_default_locale
-      if (enforce_default = Symphonia.config.default_locale)
-        I18n.locale = enforce_default
-      end
+      return unless (enforce_default = Symphonia.config.default_locale)
+
+      I18n.locale = enforce_default
     end
 
     # protected
 
-    def login_require(format = nil)
+    def login_require(_format = nil)
       if current_user.nil? || !current_user.logged_in?
         respond_to do |format|
           format.html do
             store_location
             redirect_to symphonia.login_path, flash: { error: t(:text_login_require) }
           end
-          format.json { render json: { errors: 'You must be logged in to access this endpoint' }, status: 401 }
-          format.any { head 401 }
+          format.json do
+            render json: { errors: 'You must be logged in to access this endpoint' }, status: :unauthorized
+          end
+          format.any { head :unauthorized }
         end
         return false
       end
       true
     end
 
-    alias_method :require_login, :login_require
-    alias_method :require_user, :login_require
+    alias require_login login_require
+    alias require_user login_require
 
     def admin_require
       return unless login_require
 
       unless current_user.admin?
         render_403
-        return false
+        false
       end
     end
 
-    alias_method :require_admin, :admin_require
+    alias require_admin admin_require
 
     def render_403
       respond_to do |format|
-        format.html { render template: 'common/403', message: :notice_not_authorized, status: 403 }
-        format.js { render plain: "alert('#{t :text_access_deny}')", message: :notice_not_authorized, status: 403 }
+        format.html { render template: 'common/403', message: :notice_not_authorized, status: :forbidden }
+        format.js do
+          render plain: "alert('#{t :text_access_deny}')", message: :notice_not_authorized, status: :forbidden
+        end
         format.any { head 403, message: :notice_not_authorized }
       end
     end
 
     def render_404
       respond_to do |format|
-        format.html { render template: 'common/404', message: :notice_page_not_found, status: 404 }
+        format.html { render template: 'common/404', message: :notice_page_not_found, status: :not_found }
         format.any { head 404, message: :not_found }
       end
     end
@@ -161,35 +138,32 @@ module Symphonia
     def current_user
       return (Symphonia::User.current ||= @current_user) if defined?(@current_user)
 
-      @current_user = current_user_session && current_user_session.user
+      @current_user = current_user_session&.user
       Symphonia::User.current = @current_user || Symphonia::User::Anonymous.new
     end
 
     def authorize
       if Symphonia::User.current.authorize?(controller_name, action_name)
         return true
+      elsif Symphonia::User.current.logged_in?
+        raise Unauthorized
       else
-        if Symphonia::User.current.logged_in?
-          raise Unauthorized
-        else
-          respond_to do |format|
-            format.html do
-              return redirect_to(symphonia.login_path(back_url: request.path), error: t(:text_error_login_required))
-            end
-            format.any { return head 401 }
+        respond_to do |format|
+          format.html do
+            return redirect_to(symphonia.login_path(back_url: request.path), error: t(:text_error_login_required))
           end
+          format.any { return head 401 }
         end
       end
+
       raise Unauthorized
     end
 
     def handle_unverified_request
       # raise an exception
-      fail ActionController::InvalidAuthenticityToken
+      raise ActionController::InvalidAuthenticityToken
       # or destroy session, redirect
-      if current_user_session
-        current_user_session.destroy
-      end
+      current_user_session&.destroy
       redirect_to main_app.root_url
     end
 

data/lib/symphonia/version.rb

@@ -1,5 +1,5 @@
 module Symphonia
 
-  VERSION = '4.1.1'
+  VERSION = '4.1.2'
 
 end

data/spec/controllers/account_controller_spec.rb

@@ -6,8 +6,8 @@ RSpec.describe Symphonia::AccountsController do
 
   let(:regular_user) { FactoryBot.create(:user) }
 
-  context 'logged', logged: true do
-    context '#update' do
+  context 'with logged', logged: true do
+    describe '#update' do
 
       it 'valid' do
         put :update, params: { user: { login: Faker::Internet.user_name } }
@@ -22,53 +22,52 @@ RSpec.describe Symphonia::AccountsController do
     end
   end
 
-  context '#resend_activation' do
+  describe '#resend_activation' do
 
     let(:email) { Faker::Internet.email }
     subject { get :resend_activation, params: { email: email } }
 
     it 'non exist user' do
-      is_expected.to redirect_to :root
+      is_expected.to redirect_to :login
       expect(flash[:error]).not_to be :blank
     end
 
     it 'active user' do
       _user = FactoryBot.create(:user, email: email, status: 'active')
-      is_expected.to redirect_to :root
+      is_expected.to redirect_to :login
       expect(flash[:error]).not_to be :blank
     end
 
+    let(:pending_user) { FactoryBot.create(:user, email: email, status: 'pending') }
     it 'pending user' do
-      user = FactoryBot.create(:user, email: email, status: 'pending')
-      token = user.perishable_token.dup
+      token = pending_user.perishable_token.dup
 
       expect { get :resend_activation, params: { email: email } }.to have_enqueued_job.on_queue('mailers')
-      expect(response).to have_http_status :redirect
 
-      expect(user.reload.perishable_token).not_to eq token
+      expect { pending_user.reload }.to change(pending_user, :perishable_token)
       expect(flash[:error]).to be_nil
       expect(flash[:notice]).not_to be :blank
     end
   end
 
-  context '#activation' do
-    let(:token) { SecureRandom.hex(3) }
+  describe '#activation' do
     subject { get :activation, params: { activation_code: token } }
+    let(:token) { SecureRandom.hex(3) }
+    let(:pending_user) { FactoryBot.create(:user, status: 'pending') }
 
     it 'valid token' do
-      user = FactoryBot.create(:user, status: 'pending')
-      user.update_columns(perishable_token: token)
+      pending_user.update_columns(perishable_token: token)
       is_expected.to redirect_to :login
-      expect(user.reload.status).to eq 'active'
+      expect { pending_user.reload }.to change(pending_user, :status).to "active"
     end
 
     it 'invalid token' do
-      is_expected.to redirect_to :root
+      is_expected.to redirect_to :login
       expect(flash[:error]).not_to be :blank
     end
   end
 
-  context '#lost_password' do
+  describe '#lost_password' do
 
     it 'with mail' do
       user = FactoryBot.create(:user, status: 'active')
@@ -84,8 +83,9 @@ RSpec.describe Symphonia::AccountsController do
     end
   end
 
-  context "#reset_password" do
+  describe "#reset_password" do
     subject { FactoryBot.create :user }
+
     it "reset" do
       put :reset_password, params: { id: subject.perishable_token, password: "secret-pass-1" }
       expect(response).to redirect_to /login/

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: symphonia
 version: !ruby/object:Gem::Version
-  version: 4.1.1
+  version: 4.1.2
 platform: ruby
 authors:
 - Lukas Pokorny
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-12-25 00:00:00.000000000 Z
+date: 2022-01-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: api-pagination