tb_core 1.3.10 → 1.4.beta1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Rakefile +5 -20
- data/app/controllers/admin/application_controller.rb +2 -2
- data/app/controllers/admin/dashboard_controller.rb +4 -4
- data/app/controllers/admin/password_resets_controller.rb +9 -9
- data/app/controllers/admin/roles_controller.rb +8 -8
- data/app/controllers/admin/settings_controller.rb +11 -9
- data/app/controllers/admin/setup_controller.rb +5 -5
- data/app/controllers/admin/user_sessions_controller.rb +2 -2
- data/app/controllers/admin/users_controller.rb +13 -13
- data/app/controllers/password_resets_controller.rb +7 -7
- data/app/controllers/spud/admin/application_controller.rb +5 -1
- data/app/controllers/spud/application_controller.rb +15 -11
- data/app/controllers/user_sessions_controller.rb +11 -5
- data/app/helpers/admin/application_helper.rb +20 -14
- data/app/helpers/tb_core/application_helper.rb +20 -16
- data/app/mailers/tb_core_mailer.rb +9 -3
- data/app/models/spud/spud_user_model.rb +7 -13
- data/app/models/spud_role.rb +4 -4
- data/app/models/spud_user_setting.rb +2 -2
- data/config/routes.rb +3 -3
- data/lib/generators/spud/controller_spec_generator.rb +6 -3
- data/lib/generators/spud/module_generator.rb +56 -41
- data/lib/generators/spud/setup_generator.rb +26 -22
- data/lib/generators/spud/templates/admin_controller.rb.erb +9 -13
- data/lib/generators/spud/templates/controller.rb.erb +4 -6
- data/lib/generators/spud/templates/controller_spec.rb.erb +16 -21
- data/lib/generators/spud/templates/views/layouts/application.html.erb +1 -1
- data/lib/spud_core/catch_all_route.rb +1 -1
- data/lib/spud_core/configuration.rb +7 -3
- data/lib/spud_core/engine.rb +5 -18
- data/lib/spud_core/errors.rb +3 -4
- data/lib/spud_core/test_files.rb +3 -3
- data/lib/spud_core/version.rb +1 -1
- data/lib/tb_core/belongs_to_app.rb +6 -3
- data/lib/tb_core/form_builder.rb +40 -33
- data/lib/tb_core/responder.rb +2 -2
- data/lib/tb_core/test_helper.rb +2 -2
- data/spec/controllers/admin/application_controller_spec.rb +14 -14
- data/spec/controllers/admin/dashboard_controller_spec.rb +26 -23
- data/spec/controllers/admin/password_reset_controller_spec.rb +29 -30
- data/spec/controllers/admin/settings_controller_spec.rb +13 -13
- data/spec/controllers/admin/setup_controller_spec.rb +12 -12
- data/spec/controllers/admin/user_sessions_controller_spec.rb +3 -3
- data/spec/controllers/admin/users_controller_spec.rb +68 -65
- data/spec/controllers/spud/application_controller_spec.rb +1 -1
- data/spec/dummy/config/application.rb +6 -7
- data/spec/dummy/config/database.yml +7 -16
- data/spec/dummy/config/environments/production.rb +1 -1
- data/spec/dummy/config/environments/test.rb +5 -2
- data/spec/dummy/config/routes.rb +1 -1
- data/spec/dummy/db/schema.rb +53 -54
- data/spec/factories/spud_user_factories.rb +2 -2
- data/spec/helpers/spud/admin/application_helper_spec.rb +4 -4
- data/spec/lib/spud_core/configuration_spec.rb +2 -2
- data/spec/lib/tb_core/belongs_to_app_spec.rb +4 -4
- data/spec/models/spud_role_spec.rb +9 -9
- data/spec/models/spud_user_spec.rb +19 -32
- data/spec/rails_helper.rb +5 -6
- metadata +67 -77
- data/lib/responds_to_parent.rb +0 -69
- data/lib/tb_core/mysql2_extensions.rb +0 -45
- data/spec/dummy/db/migrate/20141214200804_create_spud_admin_permissions.tb_core.rb +0 -12
- data/spec/dummy/db/migrate/20141214200805_create_spud_users.tb_core.rb +0 -30
- data/spec/dummy/db/migrate/20141214200806_add_time_zone_to_spud_user.tb_core.rb +0 -7
- data/spec/dummy/db/migrate/20141214200807_add_scope_to_spud_admin_permissions.tb_core.rb +0 -7
- data/spec/dummy/db/migrate/20141214200808_create_spud_user_settings.tb_core.rb +0 -12
- data/spec/dummy/db/migrate/20141214200809_create_spud_roles.tb_core.rb +0 -11
- data/spec/dummy/db/migrate/20141214200810_create_spud_permissions.tb_core.rb +0 -11
- data/spec/dummy/db/migrate/20141214200811_create_spud_role_permissions.tb_core.rb +0 -12
- data/spec/dummy/db/migrate/20141214200812_drop_spud_admin_permissions.tb_core.rb +0 -16
- data/spec/dummy/db/migrate/20150610180845_add_requires_password_change_to_spud_users.tb_core.rb +0 -6
- data/spec/lib/tb_core/mysql2_extensions_spec.rb +0 -59
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7972e913d7dfa93775c49dff5e6bd3fe6bd4781c
|
|
4
|
+
data.tar.gz: 38b2840a7b5e0770508445c53199de91230c97a9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: badde50660d068861e27367ec9033f125e63f53973c5cfa3d496114fabc7675e7ca7b354dd7e6076af254b64517fef074b6a18f5b8e8753379ac0cf70a1d1056
|
|
7
|
+
data.tar.gz: 82f6a259e226267a08cdf81ee59a8cc57bca8e8a14e7f1f150c57d0e016ac8ad36d567e214bf604fae2b0136e7b59b8edfad98d91486ef277e8ab767be75706a
|
data/Rakefile
CHANGED
|
@@ -1,16 +1,10 @@
|
|
|
1
|
-
#!/usr/bin/env rake
|
|
2
1
|
begin
|
|
3
2
|
require 'bundler/setup'
|
|
4
3
|
rescue LoadError
|
|
5
4
|
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
|
6
5
|
end
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
rescue LoadError
|
|
10
|
-
require 'rdoc/rdoc'
|
|
11
|
-
require 'rake/rdoctask'
|
|
12
|
-
RDoc::Task = Rake::RDocTask
|
|
13
|
-
end
|
|
6
|
+
|
|
7
|
+
require 'rdoc/task'
|
|
14
8
|
|
|
15
9
|
RDoc::Task.new(:rdoc) do |rdoc|
|
|
16
10
|
rdoc.rdoc_dir = 'rdoc'
|
|
@@ -20,18 +14,9 @@ RDoc::Task.new(:rdoc) do |rdoc|
|
|
|
20
14
|
rdoc.rdoc_files.include('lib/**/*.rb')
|
|
21
15
|
end
|
|
22
16
|
|
|
23
|
-
APP_RAKEFILE = File.expand_path(
|
|
17
|
+
APP_RAKEFILE = File.expand_path('../spec/dummy/Rakefile', __FILE__)
|
|
24
18
|
load 'rails/tasks/engine.rake'
|
|
25
19
|
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
require 'rake'
|
|
20
|
+
load 'rails/tasks/statistics.rake'
|
|
29
21
|
|
|
30
|
-
|
|
31
|
-
require 'jasmine'
|
|
32
|
-
load 'jasmine/tasks/jasmine.rake'
|
|
33
|
-
rescue LoadError
|
|
34
|
-
task :jasmine do
|
|
35
|
-
abort "Jasmine is not available. In order to run jasmine, you must: (sudo) gem install jasmine"
|
|
36
|
-
end
|
|
37
|
-
end
|
|
22
|
+
Bundler::GemHelper.install_tasks
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
class Admin::ApplicationController < Spud::ApplicationController
|
|
2
2
|
|
|
3
3
|
before_action :require_admin_user
|
|
4
|
-
add_breadcrumb
|
|
4
|
+
add_breadcrumb 'Dashboard', :admin_root_path
|
|
5
5
|
layout 'admin/detail'
|
|
6
6
|
respond_to :html, :json
|
|
7
7
|
|
|
@@ -12,7 +12,7 @@ private
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def login_path_for_require_user
|
|
15
|
-
admin_login_path(:
|
|
15
|
+
admin_login_path(return_to: request.path)
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
end
|
|
@@ -4,7 +4,7 @@ class Admin::DashboardController < Admin::ApplicationController
|
|
|
4
4
|
layout 'admin/application'
|
|
5
5
|
|
|
6
6
|
def index
|
|
7
|
-
@setting = SpudUserSetting.find_by(:
|
|
7
|
+
@setting = SpudUserSetting.find_by(spud_user_id: current_user.id, key: 'dash_icon_order')
|
|
8
8
|
apps = Spud::Core.admin_applications
|
|
9
9
|
if @setting.nil? == false
|
|
10
10
|
apps = arrange_apps(apps)
|
|
@@ -16,7 +16,7 @@ class Admin::DashboardController < Admin::ApplicationController
|
|
|
16
16
|
|
|
17
17
|
def change_sort
|
|
18
18
|
@order = params[:order]
|
|
19
|
-
@setting = SpudUserSetting.find_or_initialize_by(:
|
|
19
|
+
@setting = SpudUserSetting.find_or_initialize_by(spud_user_id: current_user.id, key: 'dash_icon_order')
|
|
20
20
|
@setting.value = @order
|
|
21
21
|
if @setting.save
|
|
22
22
|
respond_to do |format|
|
|
@@ -30,11 +30,11 @@ class Admin::DashboardController < Admin::ApplicationController
|
|
|
30
30
|
@admin_applications = Spud::Core.admin_applications.select do |admin_application|
|
|
31
31
|
if current_user.can_view_app?(admin_application)
|
|
32
32
|
if admin_application[:badge]
|
|
33
|
-
data << {:
|
|
33
|
+
data << {key: admin_application[:key], badge_count: admin_application[:badge].call(current_user)}
|
|
34
34
|
end
|
|
35
35
|
end
|
|
36
36
|
end
|
|
37
|
-
render :
|
|
37
|
+
render json: {data: data}
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
private
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
class Admin::PasswordResetsController < Admin::ApplicationController
|
|
2
2
|
|
|
3
|
-
before_action :load_user_using_perishable_token, :
|
|
4
|
-
skip_before_action :require_user, :require_admin_user
|
|
3
|
+
before_action :load_user_using_perishable_token, only: [:show, :update]
|
|
4
|
+
skip_before_action :require_user, :require_admin_user, raise: false
|
|
5
5
|
layout 'admin/login'
|
|
6
6
|
|
|
7
7
|
def index
|
|
@@ -13,11 +13,11 @@ class Admin::PasswordResetsController < Admin::ApplicationController
|
|
|
13
13
|
if @user
|
|
14
14
|
@user.reset_perishable_token!
|
|
15
15
|
TbCoreMailer.forgot_password_notification(@user, admin_password_reset_url(@user.perishable_token)).deliver_later
|
|
16
|
-
flash[:notice] =
|
|
17
|
-
|
|
16
|
+
flash[:notice] = 'Instructions to reset your password have been emailed to you. ' +
|
|
17
|
+
'Please check your email.'
|
|
18
18
|
redirect_to admin_login_path
|
|
19
19
|
else
|
|
20
|
-
flash.now[:error] =
|
|
20
|
+
flash.now[:error] = 'No user was found with that email address'
|
|
21
21
|
render 'index'
|
|
22
22
|
end
|
|
23
23
|
end
|
|
@@ -31,7 +31,7 @@ class Admin::PasswordResetsController < Admin::ApplicationController
|
|
|
31
31
|
@user.password_confirmation = params[:spud_user][:password_confirmation]
|
|
32
32
|
if @user.save
|
|
33
33
|
SpudUserSession.create(@user)
|
|
34
|
-
flash[:notice] =
|
|
34
|
+
flash[:notice] = 'Password successfully updated'
|
|
35
35
|
redirect_to admin_login_path
|
|
36
36
|
else
|
|
37
37
|
render 'show'
|
|
@@ -44,9 +44,9 @@ private
|
|
|
44
44
|
@user = SpudUser.find_using_perishable_token(params[:id])
|
|
45
45
|
unless @user
|
|
46
46
|
flash[:notice] = "We're sorry, but we could not locate your account. " +
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
47
|
+
'If you are having issues try copying and pasting the URL ' +
|
|
48
|
+
'from your email into your browser or restarting the ' +
|
|
49
|
+
'reset password process.'
|
|
50
50
|
redirect_to admin_login_path
|
|
51
51
|
end
|
|
52
52
|
end
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
class Admin::RolesController < Admin::ApplicationController
|
|
2
2
|
|
|
3
|
-
before_action :get_record, :
|
|
3
|
+
before_action :get_record, only: [:show, :edit, :update, :destroy]
|
|
4
4
|
respond_to :html, :json, :xml
|
|
5
5
|
belongs_to_app :users
|
|
6
|
-
add_breadcrumb
|
|
7
|
-
add_breadcrumb
|
|
6
|
+
add_breadcrumb 'Users', :admin_users_path
|
|
7
|
+
add_breadcrumb 'Roles', :admin_roles_path
|
|
8
8
|
|
|
9
9
|
def index
|
|
10
10
|
@roles = SpudRole.includes(:spud_role_permissions)
|
|
@@ -25,7 +25,7 @@ class Admin::RolesController < Admin::ApplicationController
|
|
|
25
25
|
logger.debug role_params
|
|
26
26
|
@role = SpudRole.new(role_params)
|
|
27
27
|
flash[:notice] = 'SpudRole created successfully' if @role.save
|
|
28
|
-
respond_with @role, :
|
|
28
|
+
respond_with @role, location: admin_roles_path
|
|
29
29
|
end
|
|
30
30
|
|
|
31
31
|
def edit
|
|
@@ -37,12 +37,12 @@ class Admin::RolesController < Admin::ApplicationController
|
|
|
37
37
|
if @role.update_attributes(role_params)
|
|
38
38
|
flash[:notice] = 'SpudRole updated successfully'
|
|
39
39
|
end
|
|
40
|
-
respond_with @role, :
|
|
40
|
+
respond_with @role, location: admin_roles_path
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
def destroy
|
|
44
44
|
flash[:notice] = 'SpudRole deleted successfully' if @role.destroy
|
|
45
|
-
respond_with @role, :
|
|
45
|
+
respond_with @role, location: admin_roles_path
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
private
|
|
@@ -51,14 +51,14 @@ class Admin::RolesController < Admin::ApplicationController
|
|
|
51
51
|
begin
|
|
52
52
|
@role = SpudRole.find(params[:id])
|
|
53
53
|
rescue ActiveRecord::RecordNotFound => e
|
|
54
|
-
flash[:error] =
|
|
54
|
+
flash[:error] = 'Could not find the requested SpudRole'
|
|
55
55
|
redirect_to admin_roles_path
|
|
56
56
|
return false
|
|
57
57
|
end
|
|
58
58
|
end
|
|
59
59
|
|
|
60
60
|
def role_params
|
|
61
|
-
params.require(:spud_role).permit(:name, :
|
|
61
|
+
params.require(:spud_role).permit(:name, permission_tags: [])
|
|
62
62
|
end
|
|
63
63
|
|
|
64
64
|
end
|
|
@@ -5,38 +5,40 @@ class Admin::SettingsController < Admin::ApplicationController
|
|
|
5
5
|
|
|
6
6
|
before_action do |c|
|
|
7
7
|
if current_user && current_user.has_admin_rights?
|
|
8
|
-
add_breadcrumb
|
|
8
|
+
add_breadcrumb 'Settings', :admin_settings_path
|
|
9
9
|
end
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def edit
|
|
13
|
-
|
|
14
13
|
end
|
|
15
14
|
|
|
16
15
|
def update
|
|
17
16
|
if check_password && @current_user.update_attributes(user_params)
|
|
18
17
|
if user_params.include?(:password)
|
|
19
|
-
|
|
18
|
+
SpudUserSession.create(@current_user)
|
|
20
19
|
end
|
|
21
|
-
flash[:notice] =
|
|
22
|
-
respond_with @current_user, :
|
|
20
|
+
flash[:notice] = 'User settings saved successfully.'
|
|
21
|
+
respond_with @current_user, location: admin_settings_path
|
|
23
22
|
else
|
|
24
|
-
render 'edit', :
|
|
23
|
+
render 'edit', status: 401
|
|
25
24
|
end
|
|
26
25
|
end
|
|
27
26
|
|
|
28
27
|
private
|
|
29
28
|
|
|
30
29
|
def user_params
|
|
31
|
-
params.require(:spud_user).permit(
|
|
30
|
+
params.require(:spud_user).permit(
|
|
31
|
+
:login, :first_name, :last_name, :email,
|
|
32
|
+
:password, :password_confirmation, :time_zone
|
|
33
|
+
)
|
|
32
34
|
end
|
|
33
35
|
|
|
34
36
|
def check_password
|
|
35
|
-
if
|
|
37
|
+
if user_params[:password].nil? || user_params[:password].empty?
|
|
36
38
|
return true
|
|
37
39
|
else
|
|
38
40
|
if !current_user.valid_password?(params[:current_password])
|
|
39
|
-
current_user.errors.add(:current_password,
|
|
41
|
+
current_user.errors.add(:current_password, 'is not correct. Please enter correct password.')
|
|
40
42
|
return false
|
|
41
43
|
end
|
|
42
44
|
return true
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
class Admin::SetupController < Admin::ApplicationController
|
|
2
2
|
|
|
3
|
-
skip_before_action :
|
|
3
|
+
skip_before_action :require_admin_user
|
|
4
4
|
|
|
5
5
|
def new
|
|
6
|
-
if SpudUser.count
|
|
7
|
-
flash[:error] =
|
|
6
|
+
if SpudUser.count.nonzero?
|
|
7
|
+
flash[:error] = 'Access Denied! This wizard may only be executed when the database is empty.'
|
|
8
8
|
redirect_to admin_login_path and return
|
|
9
9
|
else
|
|
10
|
-
@spud_user = SpudUser.new
|
|
10
|
+
@spud_user = SpudUser.new
|
|
11
11
|
end
|
|
12
12
|
end
|
|
13
13
|
|
|
@@ -18,7 +18,7 @@ class Admin::SetupController < Admin::ApplicationController
|
|
|
18
18
|
SpudUserSession.create(@spud_user)
|
|
19
19
|
redirect_to admin_root_path
|
|
20
20
|
else
|
|
21
|
-
render 'new', :
|
|
21
|
+
render 'new', status: 422
|
|
22
22
|
end
|
|
23
23
|
end
|
|
24
24
|
|
|
@@ -6,8 +6,8 @@ class Admin::UserSessionsController < Admin::ApplicationController
|
|
|
6
6
|
def new
|
|
7
7
|
if current_user
|
|
8
8
|
redirect_to admin_root_path
|
|
9
|
-
elsif SpudUser.all.count
|
|
10
|
-
logger.debug
|
|
9
|
+
elsif SpudUser.all.count.zero?
|
|
10
|
+
logger.debug 'NO USERS!'
|
|
11
11
|
redirect_to admin_setup_path and return
|
|
12
12
|
end
|
|
13
13
|
@user_session = SpudUserSession.new
|
|
@@ -2,13 +2,13 @@ class Admin::UsersController < Admin::ApplicationController
|
|
|
2
2
|
require 'csv'
|
|
3
3
|
|
|
4
4
|
belongs_to_app :users
|
|
5
|
-
add_breadcrumb
|
|
6
|
-
before_action :load_user, :
|
|
7
|
-
after_action :send_credentials_email, :
|
|
5
|
+
add_breadcrumb 'Users', :admin_users_path
|
|
6
|
+
before_action :load_user, only: [:edit, :update, :show, :destroy]
|
|
7
|
+
after_action :send_credentials_email, only: [:create, :update]
|
|
8
8
|
respond_to :html, :csv
|
|
9
9
|
|
|
10
10
|
def index
|
|
11
|
-
@spud_users = SpudUser.ordered.paginate(:
|
|
11
|
+
@spud_users = SpudUser.ordered.paginate(page: params[:page], per_page: 15)
|
|
12
12
|
if params[:search]
|
|
13
13
|
@spud_users = @spud_users.where_name_like(params[:search])
|
|
14
14
|
end
|
|
@@ -23,7 +23,9 @@ class Admin::UsersController < Admin::ApplicationController
|
|
|
23
23
|
users = SpudUser.all
|
|
24
24
|
export_columns = %w(created_at first_name last_name email last_login_at)
|
|
25
25
|
file_name = Spud::Core.site_name + ' Users Export.csv'
|
|
26
|
-
send_data users.as_csv(export_columns),
|
|
26
|
+
send_data users.as_csv(export_columns),
|
|
27
|
+
type: 'text/csv; charset=iso-8859-1; header=present',
|
|
28
|
+
disposition: "attachment; filename=#{file_name}"
|
|
27
29
|
end
|
|
28
30
|
|
|
29
31
|
def new
|
|
@@ -31,7 +33,7 @@ class Admin::UsersController < Admin::ApplicationController
|
|
|
31
33
|
respond_with @user do |format|
|
|
32
34
|
format.html{
|
|
33
35
|
if request.xhr?
|
|
34
|
-
render 'new', :
|
|
36
|
+
render 'new', layout: false
|
|
35
37
|
else
|
|
36
38
|
render 'new'
|
|
37
39
|
end
|
|
@@ -41,14 +43,14 @@ class Admin::UsersController < Admin::ApplicationController
|
|
|
41
43
|
|
|
42
44
|
def create
|
|
43
45
|
@user = SpudUser.create(user_params)
|
|
44
|
-
respond_with @user, :
|
|
46
|
+
respond_with @user, location: admin_users_path
|
|
45
47
|
end
|
|
46
48
|
|
|
47
49
|
def edit
|
|
48
50
|
respond_with @user do |format|
|
|
49
51
|
format.html{
|
|
50
52
|
if request.xhr?
|
|
51
|
-
render 'edit', :
|
|
53
|
+
render 'edit', layout: false
|
|
52
54
|
else
|
|
53
55
|
render 'edit'
|
|
54
56
|
end
|
|
@@ -62,14 +64,14 @@ class Admin::UsersController < Admin::ApplicationController
|
|
|
62
64
|
SpudUserSession.create(@user)
|
|
63
65
|
end
|
|
64
66
|
end
|
|
65
|
-
respond_with @user, :
|
|
67
|
+
respond_with @user, location: admin_user_path(@user), status: 200
|
|
66
68
|
end
|
|
67
69
|
|
|
68
70
|
def destroy
|
|
69
71
|
@user.destroy
|
|
70
|
-
respond_with @user, :
|
|
72
|
+
respond_with @user, location: admin_users_path do |format|
|
|
71
73
|
format.js{
|
|
72
|
-
render :
|
|
74
|
+
render nothing: true, status: 200
|
|
73
75
|
}
|
|
74
76
|
end
|
|
75
77
|
end
|
|
@@ -83,8 +85,6 @@ private
|
|
|
83
85
|
end
|
|
84
86
|
end
|
|
85
87
|
|
|
86
|
-
# attr_accessible :login,:email,:first_name,:last_name,:password,:password_confirmation,:password_salt,:last_login_at,:last_request_at,:last_login_ip,:failed_login_count,:current_login_at,:login_count,:persistence_token,:perishable_token,:single_access_token,:crypted_password, :current_login_ip, :created_at, :updated_at,:time_zone, :as => [:default, :admin]
|
|
87
|
-
# attr_accessible :super_admin, :spud_role_id, :id, :as => :admin
|
|
88
88
|
def user_params
|
|
89
89
|
params.require(:spud_user).permit!
|
|
90
90
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
class PasswordResetsController < ApplicationController
|
|
2
2
|
|
|
3
|
-
before_action :load_user_using_perishable_token, :
|
|
4
|
-
skip_before_action :require_user
|
|
3
|
+
before_action :load_user_using_perishable_token, only: [:show, :update]
|
|
4
|
+
skip_before_action :require_user, raise: false
|
|
5
5
|
respond_to :html
|
|
6
6
|
layout 'user_sessions'
|
|
7
7
|
|
|
@@ -14,16 +14,16 @@ class PasswordResetsController < ApplicationController
|
|
|
14
14
|
if @user
|
|
15
15
|
@user.reset_perishable_token!
|
|
16
16
|
TbCoreMailer.forgot_password_notification(@user, password_reset_url(@user.perishable_token)).deliver_later
|
|
17
|
-
flash[:notice] =
|
|
17
|
+
flash[:notice] = 'Password reset instructions have been sent to your email'
|
|
18
18
|
redirect_to login_path
|
|
19
19
|
else
|
|
20
|
-
flash.now[:error] =
|
|
20
|
+
flash.now[:error] = 'No user was found with that email address'
|
|
21
21
|
render 'index'
|
|
22
22
|
end
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def show
|
|
26
|
-
|
|
26
|
+
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
def update
|
|
@@ -34,7 +34,7 @@ class PasswordResetsController < ApplicationController
|
|
|
34
34
|
@user.password_confirmation = params[:spud_user][:password_confirmation]
|
|
35
35
|
if @user.save()
|
|
36
36
|
SpudUserSession.create(@user)
|
|
37
|
-
flash[:notice] =
|
|
37
|
+
flash[:notice] = 'Password successfully updated'
|
|
38
38
|
redirect_back_or_default(root_path)
|
|
39
39
|
return
|
|
40
40
|
end
|
|
@@ -47,7 +47,7 @@ private
|
|
|
47
47
|
def load_user_using_perishable_token
|
|
48
48
|
@user = SpudUser.find_using_perishable_token(params[:id])
|
|
49
49
|
unless @user
|
|
50
|
-
flash[:error] =
|
|
50
|
+
flash[:error] = 'Password reset token was invalid or expired'
|
|
51
51
|
redirect_to login_path
|
|
52
52
|
end
|
|
53
53
|
end
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
class Spud::Admin::ApplicationController < Admin::ApplicationController
|
|
2
2
|
|
|
3
3
|
def initialize
|
|
4
|
-
ActiveSupport::Deprecation.warn
|
|
4
|
+
ActiveSupport::Deprecation.warn(
|
|
5
|
+
"Spud::Admin::ApplicationController is deprecated and may be removed from future releases,
|
|
6
|
+
use Admin::ApplicationController instead.",
|
|
7
|
+
caller
|
|
8
|
+
)
|
|
5
9
|
super
|
|
6
10
|
end
|
|
7
11
|
|
|
@@ -10,9 +10,9 @@ class Spud::ApplicationController < ActionController::Base
|
|
|
10
10
|
|
|
11
11
|
self.responder = TbCore::Responder
|
|
12
12
|
|
|
13
|
-
rescue_from Spud::RequestError, :
|
|
14
|
-
rescue_from ActiveRecord::RecordNotFound, :
|
|
15
|
-
rescue_from ActionController::UnknownFormat, :
|
|
13
|
+
rescue_from Spud::RequestError, with: :handle_request_error
|
|
14
|
+
rescue_from ActiveRecord::RecordNotFound, with: :handle_record_not_found
|
|
15
|
+
rescue_from ActionController::UnknownFormat, with: :handle_unknown_format_error
|
|
16
16
|
|
|
17
17
|
def not_found
|
|
18
18
|
raise Spud::NotFoundError
|
|
@@ -21,7 +21,7 @@ class Spud::ApplicationController < ActionController::Base
|
|
|
21
21
|
private
|
|
22
22
|
|
|
23
23
|
def set_mailer_default_url
|
|
24
|
-
ActionMailer::Base.default_url_options = {:
|
|
24
|
+
ActionMailer::Base.default_url_options = {host: request.host_with_port}
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def current_user_session
|
|
@@ -52,7 +52,7 @@ private
|
|
|
52
52
|
# Override this in a controller to redifine where the login form is
|
|
53
53
|
#
|
|
54
54
|
def login_path_for_require_user
|
|
55
|
-
login_path(:
|
|
55
|
+
login_path(return_to: request.path)
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
def require_admin_user
|
|
@@ -78,7 +78,7 @@ private
|
|
|
78
78
|
|
|
79
79
|
def check_requires_password_change
|
|
80
80
|
if current_user.present? && current_user.requires_password_change?
|
|
81
|
-
redirect_to(login_change_password_path(:
|
|
81
|
+
redirect_to(login_change_password_path(return_to: request.path))
|
|
82
82
|
return false
|
|
83
83
|
end
|
|
84
84
|
end
|
|
@@ -97,19 +97,23 @@ private
|
|
|
97
97
|
|
|
98
98
|
if error.is_a?(Spud::UnauthorizedError)
|
|
99
99
|
if should_present_basic_auth?
|
|
100
|
-
headers[
|
|
100
|
+
headers['WWW-Authenticate'] = "Basic realm=\"#{Spud::Core.config.site_name}\""
|
|
101
101
|
elsif request.format.html?
|
|
102
102
|
redirect_to(login_path_for_require_user)
|
|
103
103
|
return false
|
|
104
104
|
end
|
|
105
105
|
end
|
|
106
106
|
|
|
107
|
+
do_error_response(error)
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
def do_error_response(error)
|
|
107
111
|
respond_to do |format|
|
|
108
|
-
format.json{ render :
|
|
109
|
-
format.xml{ render :
|
|
110
|
-
format.all{
|
|
112
|
+
format.json { render json: { errors: error.message }, status: error.code }
|
|
113
|
+
format.xml { render xml: { errors: error.message }, status: error.code }
|
|
114
|
+
format.all {
|
|
111
115
|
@error = error
|
|
112
|
-
render :
|
|
116
|
+
render template: error.template, layout: nil, formats: [:html], status: error.code, content_type: 'text/html'
|
|
113
117
|
}
|
|
114
118
|
end
|
|
115
119
|
end
|
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
class UserSessionsController < ApplicationController
|
|
2
2
|
|
|
3
|
-
skip_before_action :require_user, :
|
|
4
|
-
skip_before_action :check_requires_password_change,
|
|
3
|
+
skip_before_action :require_user, only: [:new, :create, :destroy], raise: false
|
|
4
|
+
skip_before_action :check_requires_password_change,
|
|
5
|
+
only: [:destroy, :change_password, :set_change_password],
|
|
6
|
+
raise: false
|
|
5
7
|
|
|
6
8
|
respond_to :html, :json, :js
|
|
7
9
|
layout 'user_sessions'
|
|
@@ -12,11 +14,11 @@ class UserSessionsController < ApplicationController
|
|
|
12
14
|
end
|
|
13
15
|
|
|
14
16
|
def create
|
|
15
|
-
@user_session = SpudUserSession.new(
|
|
17
|
+
@user_session = SpudUserSession.new(user_session_params)
|
|
16
18
|
if @user_session.save()
|
|
17
19
|
respond_with @user_session do |format|
|
|
18
20
|
format.html{
|
|
19
|
-
flash[:notice] =
|
|
21
|
+
flash[:notice] = 'Login successful!'
|
|
20
22
|
redirect_back_or_default('/')
|
|
21
23
|
}
|
|
22
24
|
format.json{
|
|
@@ -36,7 +38,7 @@ class UserSessionsController < ApplicationController
|
|
|
36
38
|
current_user_session.destroy unless current_user_session.blank?
|
|
37
39
|
respond_with({}) do |format|
|
|
38
40
|
format.html{
|
|
39
|
-
flash[:notice] =
|
|
41
|
+
flash[:notice] = 'Logout successful!'
|
|
40
42
|
redirect_back_or_default(login_path)
|
|
41
43
|
}
|
|
42
44
|
end
|
|
@@ -62,6 +64,10 @@ class UserSessionsController < ApplicationController
|
|
|
62
64
|
|
|
63
65
|
private
|
|
64
66
|
|
|
67
|
+
def user_session_params
|
|
68
|
+
params.require(:spud_user_session).permit(:login, :password)
|
|
69
|
+
end
|
|
70
|
+
|
|
65
71
|
def change_password_params
|
|
66
72
|
params.require(:spud_user).permit(:password, :password_confirmation)
|
|
67
73
|
end
|
|
@@ -1,14 +1,18 @@
|
|
|
1
1
|
module Admin::ApplicationHelper
|
|
2
2
|
|
|
3
3
|
def timestamp(timedate=nil)
|
|
4
|
-
return
|
|
4
|
+
return 'Never' if timedate.blank?
|
|
5
5
|
|
|
6
6
|
if Time.now() > timedate # in the past
|
|
7
|
-
|
|
7
|
+
if Time.now() - timedate > 604800
|
|
8
|
+
return timedate.strftime('%B %d, %Y') + ' at ' + timedate.strftime('%I:%M %p')
|
|
9
|
+
else
|
|
10
|
+
return time_ago_in_words(timedate) + ' ago'
|
|
11
|
+
end
|
|
8
12
|
elsif Time.now() < timedate # in the future
|
|
9
|
-
return timedate.strftime(
|
|
13
|
+
return timedate.strftime('%B %d, %Y') + ' at ' + timedate.strftime('%I:%M %p')
|
|
10
14
|
else
|
|
11
|
-
return
|
|
15
|
+
return 'Right now'
|
|
12
16
|
end
|
|
13
17
|
end
|
|
14
18
|
|
|
@@ -16,25 +20,28 @@ module Admin::ApplicationHelper
|
|
|
16
20
|
if Rails.configuration.relative_url_root.blank?
|
|
17
21
|
return url
|
|
18
22
|
else
|
|
19
|
-
return [Rails.configuration.relative_url_root, url].join('/').gsub(/(\/+)/, '/')
|
|
23
|
+
return [Rails.configuration.relative_url_root, url].join('/').gsub(/(\/+)/, '/')
|
|
20
24
|
end
|
|
21
25
|
end
|
|
22
26
|
|
|
23
27
|
# Build an icon with left padding to indicate nesting below the previous table row
|
|
24
28
|
#
|
|
25
29
|
def table_nesting_indicator(depth)
|
|
26
|
-
if depth
|
|
30
|
+
if depth.positive?
|
|
27
31
|
depth.times do
|
|
28
|
-
concat content_tag(:span, '', :
|
|
32
|
+
concat content_tag(:span, '', class: 'nesting-spacer')
|
|
29
33
|
end
|
|
30
|
-
content_tag(:span,
|
|
34
|
+
content_tag(:span, '', class: 'glyphicon glyphicon-chevron-right')
|
|
31
35
|
end
|
|
32
36
|
end
|
|
33
37
|
|
|
38
|
+
WHITE_LIST_PARAMS = [:tab, :page, :sort, :direction, :search, :id].freeze
|
|
39
|
+
|
|
34
40
|
# Build a Bootstrap nav-tabs element
|
|
35
41
|
#
|
|
36
42
|
# * url_helper: A symbol representing the url helper method. ie: admin_widgets_path
|
|
37
43
|
# * tabs: An array of tab hashes with :title and :value keys
|
|
44
|
+
# * white_list: An array of param keys that should be allowed in the tabs. Optional.
|
|
38
45
|
#
|
|
39
46
|
# Example:
|
|
40
47
|
#
|
|
@@ -42,7 +49,7 @@ module Admin::ApplicationHelper
|
|
|
42
49
|
# {:title => 'All'},
|
|
43
50
|
# {:title => 'New', :value => 'new'},
|
|
44
51
|
# {:title => 'Used', :value => 'used'}
|
|
45
|
-
# ]) %>
|
|
52
|
+
# ], white_list: [:category_id]) %>
|
|
46
53
|
#
|
|
47
54
|
# This would generate:
|
|
48
55
|
#
|
|
@@ -52,18 +59,17 @@ module Admin::ApplicationHelper
|
|
|
52
59
|
# <li class=""><a href="/admin/vehicles?tab=used">Used</a></li>
|
|
53
60
|
# </ul>
|
|
54
61
|
#
|
|
55
|
-
def tb_core_tabbed_navigation(url_helper, tabs)
|
|
62
|
+
def tb_core_tabbed_navigation(url_helper, tabs, white_list: [])
|
|
56
63
|
key = :tab
|
|
57
|
-
content_tag :ul, :
|
|
64
|
+
content_tag :ul, class: 'nav nav-tabs' do
|
|
58
65
|
tabs.each do |tab|
|
|
59
66
|
cls = params[key] == tab[:value] ? 'active' : ''
|
|
60
67
|
url = tab.delete(:url)
|
|
61
68
|
if url.blank?
|
|
62
|
-
|
|
63
|
-
link_args = id_params.merge(key => tab[:value])
|
|
69
|
+
link_args = params.permit(white_list.concat(WHITE_LIST_PARAMS)).merge(key => tab[:value])
|
|
64
70
|
url = self.send(url_helper, link_args)
|
|
65
71
|
end
|
|
66
|
-
concat(content_tag(:li, :
|
|
72
|
+
concat(content_tag(:li, class: cls){ link_to tab[:title], url })
|
|
67
73
|
end
|
|
68
74
|
end
|
|
69
75
|
end
|