tb_core 1.3.3 → 1.3.4

data/app/views/user_sessions/new.html.erb

@@ -2,25 +2,4 @@
 
 <h1><%= Spud::Core.config.site_name %> Login</h1>
 
-<%= form_for @user_session, :url => login_path, :html => {:class => 'login-form'} do |f| %>
-  <%= tb_form_errors(@user_session) %>
-  <% if params[:return_to] %>
-    <%= hidden_field_tag :return_to, params[:return_to] %>
-  <% end %>
-  <div class="form-group">
-    <% if Spud::Core.config.use_email_as_login %>
-      <%= f.label :email %>
-      <%= f.text_field :email, :placeholder => 'Email', :autofocus => 'autofocus', :autocomplete => 'username', :class => 'form-control' %>
-    <% else %>
-      <%= f.label :login %>
-      <%= f.text_field :login, :placeholder => 'Username', :autofocus => 'autofocus', :autocomplete => 'username', :class => 'form-control' %>
-    <% end %>
-  </div>
-  <div class="form-group">
-    <%= f.label :password %>
-    <%= f.password_field :password, :placeholder => 'Password', :autocomplete => 'current-password', :class => 'form-control' %>
-  </div>
-  <div class="form-group">
-    <%= f.submit "Login", :class => 'btn btn-primary' %> <span>or</span> <%=link_to "Forgot Password?", password_resets_path %>
-  </div>
-<% end %>
+<%= render 'form' %>

data/config/locales/en.yml

@@ -10,9 +10,19 @@ en:
         message: "The %{item} you were looking for could not be found."
       access_denied:
         title: "Access Denied"
-        message: "You are not authorized to view the requested %{item}."
+        message: "You do not have permission to view the requested %{item}."
+      unauthorized:
+        title: "Unauthorized"
+        message: "You must log in to view the requested %{item}."
   activerecord:
     attributes:
       spud_user:
         spud_role_id: 'Role'
-        password_confirmation: 'Confirm Password'
+        password_confirmation: 'Confirm password'
+        requires_password_change: 'Require change'
+  tb_core_mailer:
+    forgot_password_notification:
+      subject: 'Forgot Password Request from %{site_name}'
+    user_credentials:
+      subject: 'Your login credentials for %{site_name}'
+      greeting: 'Here are your login credentials for %{site_name}:'

data/config/routes.rb

@@ -3,9 +3,8 @@ Rails.application.routes.draw do
   namespace :admin do
 
     get 'login' => 'user_sessions#new', :as => 'login'
-    post 'login' => 'user_sessions#create'
     get 'badges' => 'dashboard#badges'
-    match 'logout' => 'user_sessions#destroy', :as => 'logout', :via => [:get, :post]
+
     resources :password_resets, :only => [:index, :create, :show, :update], :path => 'login/forgot'
 
     get 'settings' => 'settings#edit', :as => 'settings'
@@ -23,6 +22,10 @@ Rails.application.routes.draw do
   get 'login' => 'user_sessions#new', :as => 'login'
   post 'login' => 'user_sessions#create'
   match 'logout' => 'user_sessions#destroy', :as => 'logout', :via => [:get, :post]
+
+  get 'login/change_password' => 'user_sessions#change_password'
+  post 'login/change_password' => 'user_sessions#set_change_password'
+
   resources :password_resets, :only => [:index, :create, :show, :update], :path => 'login/forgot'
 
   get 'spud/admin' => 'admin/user_sessions#legacy_redirect'

data/db/migrate/20150610143438_add_requires_password_change_to_spud_users.rb

@@ -0,0 +1,5 @@
+class AddRequiresPasswordChangeToSpudUsers < ActiveRecord::Migration
+  def change
+    add_column :spud_users, :requires_password_change, :boolean, :default => false
+  end
+end

data/lib/generators/spud/setup_generator.rb

@@ -21,6 +21,11 @@ class Spud::SetupGenerator < ::Rails::Generators::Base
     if defined?(Bootstrap)
       theme_file = Bootstrap::Rails::Engine.root.join('templates', 'project', '_bootstrap-variables.sass')
       template theme_file, 'app/assets/stylesheets/imports/bootstrap_theme.scss' if File.exist?(theme_file)
+      
+      modules_file = Bootstrap::Rails::Engine.root.join('assets', 'stylesheets', '_bootstrap.scss')
+      template modules_file, 'app/assets/stylesheets/imports/bootstrap_modules.scss' if File.exist?(modules_file)
+
+      template 'assets/bootstrap.js', 'app/assets/javascripts/bootstrap_modules.js'
     end
 
     environment(spud_core_configs())

data/lib/generators/spud/templates/assets/application.js

@@ -1,7 +1,7 @@
 //= require jquery
 //= require jquery_ujs
 //= require tb_core
-//= require bootstrap-sprockets
+//= require bootstrap_modules
 //= require_self
 //= require_directory .
 

data/lib/generators/spud/templates/assets/application.scss

@@ -1,6 +1,6 @@
 //= require_self
 //= require_directory .
 
-@import "imports/bootstrap_theme";
 @import "bootstrap-sprockets";
-@import "bootstrap";
+@import "imports/bootstrap_theme";
+@import "imports/bootstrap_modules";

data/lib/generators/spud/templates/assets/bootstrap.js

@@ -0,0 +1,14 @@
+// Use this file to comment out any Bootstrap JavaScript files you are not using
+//
+//= require bootstrap/affix
+//= require bootstrap/alert
+//= require bootstrap/button
+//= require bootstrap/carousel
+//= require bootstrap/collapse
+//= require bootstrap/dropdown
+//= require bootstrap/modal
+//= require bootstrap/scrollspy
+//= require bootstrap/tab
+//= require bootstrap/transition
+//= require bootstrap/tooltip
+//= require bootstrap/popover

data/lib/spud_core/belongs_to_app.rb

@@ -9,7 +9,7 @@ module Spud::BelongsToApp
     def belongs_to_spud_app(name=nil,options={})
       @page_title = options[:page_title]
       Spud::Core.admin_applications.each do |app|
-        if app[:name].parameterize.underscore.to_sym == name
+        if app[:key] == name
           @page_application = app
           break
         end

data/lib/spud_core/engine.rb

@@ -1,5 +1,6 @@
 require 'responders'
 require 'jquery-rails'
+require 'jquery-ui-rails'
 require 'authlogic'
 require 'bootstrap-sass'
 require 'autoprefixer-rails'

data/lib/spud_core/errors.rb

@@ -38,3 +38,11 @@ class Spud::NotFoundError < Spud::RequestError
     super(item_or_opts, opts)
   end
 end
+
+class Spud::UnauthorizedError < Spud::RequestError
+  def initialize(item_or_opts='page', opts={})
+    @code = 401
+    @i18n = 'unauthorized'
+    super(item_or_opts, opts)
+  end
+end

data/lib/spud_core/version.rb

@@ -1,5 +1,5 @@
 module Spud
   module Core
-    VERSION = "1.3.3"
+    VERSION = "1.3.4"
   end
 end

data/lib/tb_core/form_builder.rb

@@ -114,7 +114,7 @@ class TbCore::FormBuilder < ActionView::Helpers::FormBuilder
       content_tag :div, :class => 'col-sm-offset-2 col-sm-10' do
         concat submit "Save #{model_name}", :class => 'btn btn-primary', :data => {:disable_with => "Saving #{model_name}...", :enable_with => 'Saved!'}
         concat ' '
-        concat @template.link_to 'Cancel', cancel_path, :class => 'btn btn-default'
+        concat @template.link_to 'Cancel', cancel_path, :class => 'btn btn-default', :data => {:dismiss => :modal}
       end
     end
   end
@@ -242,6 +242,30 @@ class TbCore::FormBuilder < ActionView::Helpers::FormBuilder
     end
   end
 
+  # Return a picker for a new or existing user
+  #
+  # * attribute: The spud user column name. Default = spud_user_id.
+  # * users: Optional query object representing the list of users to display. Default = all users.
+  # * selected: Desired id to select. Will try to look up the value currently on the record if blank.
+  # * default_text: Text to show for blank option. Default = 'Select User'
+  #
+  def tb_user_select(attribute = :spud_user_id, users: SpudUser.ordered, selected: nil, default_text: 'Select User')
+    selected = @object[attribute] if selected.nil?
+    return content_tag :div, :class => 'form-group' do
+      concat label attribute, :class => 'control-label col-sm-2'
+      concat content_tag(:div, :class => 'col-sm-10'){
+        concat select(
+          attribute,
+          @template.options_from_collection_for_select(users, :id, :full_name_with_email, selected),
+          {:include_blank => default_text},
+          {:class => 'form-control tb-user-select'}
+        )
+        concat @template.link_to 'Edit User', @template.edit_admin_user_path(':id'), :class => 'btn btn-default tb-user-select-btn tb-user-select-edit'
+        concat @template.link_to 'New User', @template.new_admin_user_path, :class => 'btn btn-default tb-user-select-btn tb-user-select-add'
+      }
+    end
+  end
+
 private
 
   def concat(*args)
@@ -264,12 +288,13 @@ private
   end
 
   def get_limit_for_column(attribute)
-    col = @object.class.columns.find{ |c| c.name == attribute.to_s }
-    if col.present? && col.sql_type.match(/^varchar/)
-      return col.limit
-    else
-      return nil
+    if @object.class.respond_to?(:columns)
+      col = @object.class.columns.find{ |c| c.name == attribute.to_s }
+      if col.present? && col.sql_type.match(/^varchar/)
+        return col.limit
+      end
     end
+    return nil
   end
 
 end

data/spec/controllers/admin/user_sessions_controller_spec.rb

@@ -20,32 +20,4 @@ describe Admin::UserSessionsController, :type => :controller do
     end
   end
 
-  describe 'create' do
-    it "should rerender form when login is invalid" do
-      post :create
-        expect(response).to be_success
-    end
-    it "should redirect to admin root if login is valid" do
-      u = FactoryGirl.create(:spud_user,:login => "testuser")
-      u.save
-      user_session = {:login => "testuser", :password => "password"}
-      post :create, :spud_user_session => user_session
-      expect(response).to redirect_to(admin_root_path)
-    end
-  end
-
-  describe 'destroy' do
-    it "should redirect to login after logout when no referer" do
-      activate_session(admin: true)
-      delete :destroy
-      expect(response).to redirect_to(admin_login_path)
-    end
-    it "should redirect to the admin login page after logout" do
-        request.env["HTTP_REFERER"] = "/"
-        activate_authlogic
-      SpudUserSession.create(FactoryGirl.build(:spud_user))
-      delete :destroy
-      expect(response).to redirect_to("/admin/login")
-    end
-  end
 end

data/spec/dummy/config/environments/development.rb

@@ -23,11 +23,11 @@ Dummy::Application.configure do
   config.action_dispatch.best_standards_support = :builtin
 
   # Raise exception on mass assignment protection for Active Record models
-  config.active_record.mass_assignment_sanitizer = :strict
+  # config.active_record.mass_assignment_sanitizer = :strict
 
   # Log the query plan for queries taking more than this (works
   # with SQLite, MySQL, and PostgreSQL)
-  config.active_record.auto_explain_threshold_in_seconds = 0.5
+  # config.active_record.auto_explain_threshold_in_seconds = 0.5
 
   # Do not compress assets
   config.assets.compress = false

data/spec/dummy/db/migrate/20150610180845_add_requires_password_change_to_spud_users.tb_core.rb

@@ -0,0 +1,6 @@
+# This migration comes from tb_core (originally 20150610143438)
+class AddRequiresPasswordChangeToSpudUsers < ActiveRecord::Migration
+  def change
+    add_column :spud_users, :requires_password_change, :boolean, :default => false
+  end
+end

data/spec/dummy/db/schema.rb

@@ -11,9 +11,9 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20141214200812) do
+ActiveRecord::Schema.define(version: 20150610180845) do
 
-  create_table "spud_permissions", force: true do |t|
+  create_table "spud_permissions", force: :cascade do |t|
     t.string   "name",       limit: 255, null: false
     t.string   "tag",        limit: 255, null: false
     t.datetime "created_at"
@@ -22,7 +22,7 @@ ActiveRecord::Schema.define(version: 20141214200812) do
 
   add_index "spud_permissions", ["tag"], name: "index_spud_permissions_on_tag", unique: true, using: :btree
 
-  create_table "spud_role_permissions", force: true do |t|
+  create_table "spud_role_permissions", force: :cascade do |t|
     t.integer  "spud_role_id",        limit: 4,   null: false
     t.string   "spud_permission_tag", limit: 255, null: false
     t.datetime "created_at"
@@ -32,13 +32,13 @@ ActiveRecord::Schema.define(version: 20141214200812) do
   add_index "spud_role_permissions", ["spud_permission_tag"], name: "index_spud_role_permissions_on_spud_permission_tag", using: :btree
   add_index "spud_role_permissions", ["spud_role_id"], name: "index_spud_role_permissions_on_spud_role_id", using: :btree
 
-  create_table "spud_roles", force: true do |t|
+  create_table "spud_roles", force: :cascade do |t|
     t.string   "name",       limit: 255
     t.datetime "created_at"
     t.datetime "updated_at"
   end
 
-  create_table "spud_user_settings", force: true do |t|
+  create_table "spud_user_settings", force: :cascade do |t|
     t.integer  "spud_user_id", limit: 4
     t.string   "key",          limit: 255
     t.string   "value",        limit: 255
@@ -46,28 +46,29 @@ ActiveRecord::Schema.define(version: 20141214200812) do
     t.datetime "updated_at"
   end
 
-  create_table "spud_users", force: true do |t|
-    t.string   "first_name",          limit: 255
-    t.string   "last_name",           limit: 255
-    t.boolean  "super_admin",         limit: 1
-    t.string   "login",               limit: 255,             null: false
-    t.string   "email",               limit: 255,             null: false
-    t.string   "crypted_password",    limit: 255,             null: false
-    t.string   "password_salt",       limit: 255,             null: false
-    t.string   "persistence_token",   limit: 255,             null: false
-    t.string   "single_access_token", limit: 255,             null: false
-    t.string   "perishable_token",    limit: 255,             null: false
-    t.integer  "login_count",         limit: 4,   default: 0, null: false
-    t.integer  "failed_login_count",  limit: 4,   default: 0, null: false
+  create_table "spud_users", force: :cascade do |t|
+    t.string   "first_name",               limit: 255
+    t.string   "last_name",                limit: 255
+    t.boolean  "super_admin",              limit: 1
+    t.string   "login",                    limit: 255,                 null: false
+    t.string   "email",                    limit: 255,                 null: false
+    t.string   "crypted_password",         limit: 255,                 null: false
+    t.string   "password_salt",            limit: 255,                 null: false
+    t.string   "persistence_token",        limit: 255,                 null: false
+    t.string   "single_access_token",      limit: 255,                 null: false
+    t.string   "perishable_token",         limit: 255,                 null: false
+    t.integer  "login_count",              limit: 4,   default: 0,     null: false
+    t.integer  "failed_login_count",       limit: 4,   default: 0,     null: false
     t.datetime "last_request_at"
     t.datetime "current_login_at"
     t.datetime "last_login_at"
-    t.string   "current_login_ip",    limit: 255
-    t.string   "last_login_ip",       limit: 255
+    t.string   "current_login_ip",         limit: 255
+    t.string   "last_login_ip",            limit: 255
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.string   "time_zone",           limit: 255
-    t.integer  "spud_role_id",        limit: 4
+    t.string   "time_zone",                limit: 255
+    t.integer  "spud_role_id",             limit: 4
+    t.boolean  "requires_password_change", limit: 1,   default: false
   end
 
   add_index "spud_users", ["email"], name: "index_spud_users_on_email", using: :btree

data/spec/models/spud_user_spec.rb

@@ -25,8 +25,8 @@ describe SpudUser, :type => :model do
   end
 
   it { should_not allow_value('').for(:login) }
-  it { should ensure_length_of(:login).is_at_least(3) }
-  it { should ensure_length_of(:password).is_at_least(4) }
+  it { should validate_length_of(:login).is_at_least(3) }
+  it { should validate_length_of(:password).is_at_least(4) }
   it { should_not allow_value('@mail.com').for(:email) }
   it { should_not allow_value('mail.com').for(:email) }
   it { should allow_value('test@mail.com').for(:email) }
@@ -36,4 +36,20 @@ describe SpudUser, :type => :model do
     expect(u.save).to eq(false)
   end
 
+  describe '#unset_requires_password_change' do
+    it 'should not unset the requires_password_change flag' do
+      u = FactoryGirl.create(:spud_user, :requires_password_change => true)
+      expect{
+        u.update_attributes(:first_name => 'updated')
+      }.to_not change(u, :requires_password_change)
+    end
+
+    it 'should unset the requires_password_change flag' do
+      u = FactoryGirl.create(:spud_user, :requires_password_change => true)
+      expect{
+        u.update_attributes(:password => 'updated', :password_confirmation => 'updated')
+      }.to change(u, :requires_password_change).from(true).to(false)
+    end
+  end
+
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tb_core
 version: !ruby/object:Gem::Version
-  version: 1.3.3
+  version: 1.3.4
 platform: ruby
 authors:
 - Greg Woods
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-06-02 00:00:00.000000000 Z
+date: 2015-08-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -80,6 +80,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: jquery-ui-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: breadcrumbs_on_rails
   requirement: !ruby/object:Gem::Requirement
@@ -293,24 +307,10 @@ files:
 - app/assets/libs/datepicker/css/datepicker.css
 - app/assets/libs/datepicker/js/bootstrap-datepicker.js
 - app/assets/libs/datepicker/less/datepicker.less
-- app/assets/libs/jquery-ui/images/ui-bg_flat_0_aaaaaa_40x100.png
-- app/assets/libs/jquery-ui/images/ui-bg_flat_75_ffffff_40x100.png
-- app/assets/libs/jquery-ui/images/ui-bg_glass_55_fbf9ee_1x400.png
-- app/assets/libs/jquery-ui/images/ui-bg_glass_65_ffffff_1x400.png
-- app/assets/libs/jquery-ui/images/ui-bg_glass_75_dadada_1x400.png
-- app/assets/libs/jquery-ui/images/ui-bg_glass_75_e6e6e6_1x400.png
-- app/assets/libs/jquery-ui/images/ui-bg_glass_95_fef1ec_1x400.png
-- app/assets/libs/jquery-ui/images/ui-bg_highlight-soft_75_cccccc_1x100.png
-- app/assets/libs/jquery-ui/images/ui-icons_222222_256x240.png
-- app/assets/libs/jquery-ui/images/ui-icons_2e83ff_256x240.png
-- app/assets/libs/jquery-ui/images/ui-icons_454545_256x240.png
-- app/assets/libs/jquery-ui/images/ui-icons_888888_256x240.png
-- app/assets/libs/jquery-ui/images/ui-icons_cd0a0a_256x240.png
-- app/assets/libs/jquery-ui/jquery-ui.js
-- app/assets/libs/jquery-ui/jquery-ui.scss
 - app/assets/stylesheets/admin/application.css
 - app/assets/stylesheets/admin/core/application.scss
 - app/assets/stylesheets/admin/core/login.scss
+- app/assets/stylesheets/admin/core/users.scss
 - app/controllers/admin/application_controller.rb
 - app/controllers/admin/dashboard_controller.rb
 - app/controllers/admin/password_resets_controller.rb
@@ -325,8 +325,9 @@ files:
 - app/controllers/user_sessions_controller.rb
 - app/helpers/admin/application_helper.rb
 - app/helpers/admin/roles_helper.rb
+- app/helpers/spud/application_helper.rb
 - app/helpers/tb_core/application_helper.rb
-- app/mailers/core_mailer.rb
+- app/mailers/tb_core_mailer.rb
 - app/models/spud/spud_user_model.rb
 - app/models/spud_permission.rb
 - app/models/spud_role.rb
@@ -353,8 +354,6 @@ files:
 - app/views/admin/users/index.html.erb
 - app/views/admin/users/new.html.erb
 - app/views/admin/users/show.html.erb
-- app/views/core_mailer/forgot_password_notification.html.erb
-- app/views/core_mailer/forgot_password_notification.text.erb
 - app/views/layouts/admin/_flashes.html.erb
 - app/views/layouts/admin/_search.html.erb
 - app/views/layouts/admin/application.html.erb
@@ -362,10 +361,15 @@ files:
 - app/views/layouts/admin/error_page.html.erb
 - app/views/layouts/admin/login.html.erb
 - app/views/layouts/error_page.html.erb
+- app/views/layouts/mailer.html.erb
 - app/views/layouts/spud/admin/detail.html.erb
 - app/views/layouts/user_sessions.html.erb
 - app/views/password_resets/index.html.erb
 - app/views/password_resets/show.html.erb
+- app/views/tb_core_mailer/forgot_password_notification.html.erb
+- app/views/tb_core_mailer/user_credentials.html.erb
+- app/views/user_sessions/_form.html.erb
+- app/views/user_sessions/change_password.html.erb
 - app/views/user_sessions/new.html.erb
 - config/locales/en.yml
 - config/routes.rb
@@ -378,6 +382,7 @@ files:
 - db/migrate/20130620143941_create_spud_permissions.rb
 - db/migrate/20130620151132_create_spud_role_permissions.rb
 - db/migrate/20130620163144_drop_spud_admin_permissions.rb
+- db/migrate/20150610143438_add_requires_password_change_to_spud_users.rb
 - db/seeds.rb
 - lib/generators/spud/controller_spec_generator.rb
 - lib/generators/spud/module_generator.rb
@@ -389,6 +394,7 @@ files:
 - lib/generators/spud/templates/assets/admin/module.js.erb
 - lib/generators/spud/templates/assets/application.js
 - lib/generators/spud/templates/assets/application.scss
+- lib/generators/spud/templates/assets/bootstrap.js
 - lib/generators/spud/templates/assets/module.js.erb
 - lib/generators/spud/templates/controller.rb.erb
 - lib/generators/spud/templates/controller_spec.rb.erb
@@ -457,6 +463,7 @@ files:
 - spec/dummy/db/migrate/20141214200810_create_spud_permissions.tb_core.rb
 - spec/dummy/db/migrate/20141214200811_create_spud_role_permissions.tb_core.rb
 - spec/dummy/db/migrate/20141214200812_drop_spud_admin_permissions.tb_core.rb
+- spec/dummy/db/migrate/20150610180845_add_requires_password_change_to_spud_users.tb_core.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/public/404.html
 - spec/dummy/public/422.html
@@ -536,6 +543,7 @@ test_files:
 - spec/dummy/db/migrate/20141214200810_create_spud_permissions.tb_core.rb
 - spec/dummy/db/migrate/20141214200811_create_spud_role_permissions.tb_core.rb
 - spec/dummy/db/migrate/20141214200812_drop_spud_admin_permissions.tb_core.rb
+- spec/dummy/db/migrate/20150610180845_add_requires_password_change_to_spud_users.tb_core.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/public/404.html
 - spec/dummy/public/422.html