tb_core 1.4.5 → 1.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/README.md +2 -2
- data/Rakefile +1 -1
- data/app/controllers/admin/password_resets_controller.rb +1 -0
- data/app/controllers/admin/roles_controller.rb +1 -3
- data/app/controllers/admin/settings_controller.rb +2 -2
- data/app/controllers/admin/setup_controller.rb +1 -1
- data/app/controllers/admin/users_controller.rb +4 -4
- data/app/controllers/concerns/tb_core/error_handling.rb +5 -4
- data/app/controllers/concerns/tb_core/redirection.rb +1 -0
- data/app/controllers/concerns/tb_core/user_authentication.rb +5 -0
- data/app/controllers/user_sessions_controller.rb +2 -2
- data/app/helpers/forgot_password_mailer_helper.rb +9 -0
- data/app/helpers/tb_core/application_helper.rb +17 -0
- data/app/mailers/tb_core_mailer.rb +2 -0
- data/app/models/concerns/tb_core/user_model.rb +55 -8
- data/app/models/spud_role.rb +2 -7
- data/app/views/layouts/admin/application.html.erb +1 -1
- data/app/views/tb_core_mailer/forgot_password_notification.html.erb +5 -1
- data/lib/generators/spud/controller_spec_generator.rb +1 -1
- data/lib/generators/spud/module_generator.rb +4 -4
- data/lib/generators/spud/setup_generator.rb +3 -5
- data/lib/tb_core/belongs_to_app.rb +2 -1
- data/lib/tb_core/engine.rb +1 -3
- data/lib/tb_core/form_builder.rb +1 -1
- data/lib/tb_core/test_files.rb +3 -3
- data/lib/tb_core/test_helper.rb +25 -25
- data/lib/tb_core/version.rb +1 -1
- data/spec/controllers/admin/application_controller_spec.rb +3 -3
- data/spec/controllers/admin/dashboard_controller_spec.rb +1 -1
- data/spec/controllers/admin/password_reset_controller_spec.rb +2 -2
- data/spec/controllers/admin/settings_controller_spec.rb +1 -1
- data/spec/controllers/admin/setup_controller_spec.rb +1 -1
- data/spec/controllers/admin/user_sessions_controller_spec.rb +1 -1
- data/spec/controllers/admin/users_controller_spec.rb +3 -3
- data/spec/dummy/app/assets/config/manifest.js +3 -0
- data/spec/dummy/config/application.rb +1 -46
- data/spec/dummy/config/initializers/secret_token.rb +0 -1
- data/spec/factories/spud_admin_permission_factories.rb +1 -1
- data/spec/factories/spud_user_factories.rb +2 -2
- data/spec/models/spud_user_spec.rb +2 -2
- data/spec/rails_helper.rb +1 -1
- data/vendor/assets/rails-validator/rails-validator.js +534 -0
- data/vendor/assets/rails-validator/rails-validator.js.map +1 -0
- data/vendor/assets/rails-validator/rails-validator.min.js +3 -0
- metadata +44 -11
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 6d872d85445d4c25392456def398ec02e4103b2d200272849c105063c75699e7
|
|
4
|
+
data.tar.gz: a4fa137374414a058fce80a9169518b3978587e968c7a9b21d0a8982db1b86f0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f7b229ce4e43d1012672432e6641005cc944926eef3a77fe5044cfc26ed591d0d572729ddbd7fb6a7c0ca27e9c559fe8aa05941815abcb2d29281af35637a9d0
|
|
7
|
+
data.tar.gz: 1939d6ab1f5e361a89b0dc79f3dea4c023413cad9bb870a4f711241cdcb7dd6b8c0474b2a49321e686de3bf64ee86571c6ffb706bf0d736991dd1713de76d4d9
|
data/README.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
[](https://circleci.com/bb/moser-inc/tb_core)
|
|
2
2
|
|
|
3
3
|
Twice Baked Core
|
|
4
4
|
================
|
|
@@ -105,7 +105,7 @@ Create a file in your app at `app/views/admin/users/_form_additions.html.erb`.
|
|
|
105
105
|
<%= f.label :avatar, :class=>"control-label"%>
|
|
106
106
|
<div class="controls">
|
|
107
107
|
<%= f.file_field :avatar %>
|
|
108
|
-
</div>
|
|
108
|
+
</div>
|
|
109
109
|
</div>
|
|
110
110
|
|
|
111
111
|
### Adding fields to the user show action
|
data/Rakefile
CHANGED
|
@@ -14,7 +14,7 @@ RDoc::Task.new(:rdoc) do |rdoc|
|
|
|
14
14
|
rdoc.rdoc_files.include('lib/**/*.rb')
|
|
15
15
|
end
|
|
16
16
|
|
|
17
|
-
APP_RAKEFILE = File.expand_path('
|
|
17
|
+
APP_RAKEFILE = File.expand_path('spec/dummy/Rakefile', __dir__)
|
|
18
18
|
load 'rails/tasks/engine.rake'
|
|
19
19
|
|
|
20
20
|
load 'rails/tasks/statistics.rake'
|
|
@@ -43,6 +43,7 @@ private
|
|
|
43
43
|
def load_user_using_perishable_token
|
|
44
44
|
@user = SpudUser.find_using_perishable_token(params[:id])
|
|
45
45
|
return if @user
|
|
46
|
+
|
|
46
47
|
flash[:notice] = "We're sorry, but we could not locate your account. " +
|
|
47
48
|
'If you are having issues try copying and pasting the URL ' +
|
|
48
49
|
'from your email into your browser or restarting the ' +
|
|
@@ -34,9 +34,7 @@ class Admin::RolesController < Admin::ApplicationController
|
|
|
34
34
|
|
|
35
35
|
def update
|
|
36
36
|
#role_params[:permission_tags] ||= []
|
|
37
|
-
if @role.
|
|
38
|
-
flash[:notice] = 'SpudRole updated successfully'
|
|
39
|
-
end
|
|
37
|
+
flash[:notice] = 'SpudRole updated successfully' if @role.update(role_params)
|
|
40
38
|
respond_with @role, location: admin_roles_path
|
|
41
39
|
end
|
|
42
40
|
|
|
@@ -13,14 +13,14 @@ class Admin::SettingsController < Admin::ApplicationController
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def update
|
|
16
|
-
if check_password && @current_user.
|
|
16
|
+
if check_password && @current_user.update(user_params)
|
|
17
17
|
if user_params.include?(:password)
|
|
18
18
|
SpudUserSession.create(@current_user)
|
|
19
19
|
end
|
|
20
20
|
flash[:notice] = 'User settings saved successfully.'
|
|
21
21
|
respond_with @current_user, location: admin_settings_path
|
|
22
22
|
else
|
|
23
|
-
render 'edit', status:
|
|
23
|
+
render 'edit', status: :unauthorized
|
|
24
24
|
end
|
|
25
25
|
end
|
|
26
26
|
|
|
@@ -8,8 +8,8 @@ class Admin::UsersController < Admin::ApplicationController
|
|
|
8
8
|
respond_to :html, :csv
|
|
9
9
|
|
|
10
10
|
sortable_by :email, :current_login_at,
|
|
11
|
-
|
|
12
|
-
|
|
11
|
+
name: [:last_name, :first_name],
|
|
12
|
+
default: :email
|
|
13
13
|
|
|
14
14
|
def index
|
|
15
15
|
@spud_users = SpudUser.order(sortable_query).paginate(page: params[:page], per_page: 15)
|
|
@@ -63,7 +63,7 @@ class Admin::UsersController < Admin::ApplicationController
|
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
def update
|
|
66
|
-
if @user.
|
|
66
|
+
if @user.update(user_params)
|
|
67
67
|
if @user == current_user && user_params[:password].present?
|
|
68
68
|
SpudUserSession.create(@user)
|
|
69
69
|
end
|
|
@@ -75,7 +75,7 @@ class Admin::UsersController < Admin::ApplicationController
|
|
|
75
75
|
@user.destroy
|
|
76
76
|
respond_with @user, location: admin_users_path do |format|
|
|
77
77
|
format.js{
|
|
78
|
-
render nothing: true, status:
|
|
78
|
+
render nothing: true, status: :ok
|
|
79
79
|
}
|
|
80
80
|
end
|
|
81
81
|
end
|
|
@@ -29,14 +29,15 @@ module TbCore
|
|
|
29
29
|
render template: error.template,
|
|
30
30
|
layout: nil,
|
|
31
31
|
formats: [:html],
|
|
32
|
+
locals: { },
|
|
32
33
|
status: error.code,
|
|
33
34
|
content_type: 'text/html'
|
|
34
35
|
end
|
|
35
36
|
end
|
|
36
37
|
end
|
|
37
38
|
|
|
38
|
-
def handle_record_not_found(
|
|
39
|
-
error = NotFoundError.new(class_string(
|
|
39
|
+
def handle_record_not_found(exception)
|
|
40
|
+
error = NotFoundError.new(class_string(exception.model))
|
|
40
41
|
handle_request_error(error)
|
|
41
42
|
end
|
|
42
43
|
|
|
@@ -50,8 +51,8 @@ module TbCore
|
|
|
50
51
|
string
|
|
51
52
|
end
|
|
52
53
|
|
|
53
|
-
def handle_unknown_format_error(
|
|
54
|
-
error = NotFoundError.new
|
|
54
|
+
def handle_unknown_format_error(_exception)
|
|
55
|
+
error = NotFoundError.new
|
|
55
56
|
handle_request_error(error)
|
|
56
57
|
end
|
|
57
58
|
end
|
|
@@ -10,27 +10,32 @@ module TbCore
|
|
|
10
10
|
|
|
11
11
|
def current_user_session
|
|
12
12
|
return @current_user_session if defined?(@current_user_session)
|
|
13
|
+
|
|
13
14
|
@current_user_session = SpudUserSession.find
|
|
14
15
|
end
|
|
15
16
|
|
|
16
17
|
def current_user
|
|
17
18
|
return @current_user if defined?(@current_user)
|
|
19
|
+
|
|
18
20
|
@current_user = current_user_session&.spud_user
|
|
19
21
|
end
|
|
20
22
|
|
|
21
23
|
def current_user_id
|
|
22
24
|
return 0 unless @current_user
|
|
25
|
+
|
|
23
26
|
@current_user.id
|
|
24
27
|
end
|
|
25
28
|
|
|
26
29
|
def require_user
|
|
27
30
|
raise UnauthorizedError.new unless current_user
|
|
31
|
+
|
|
28
32
|
true
|
|
29
33
|
end
|
|
30
34
|
|
|
31
35
|
def require_admin_user
|
|
32
36
|
raise UnauthorizedError.new unless current_user
|
|
33
37
|
raise AccessDeniedError.new unless current_user.admin_rights?
|
|
38
|
+
|
|
34
39
|
true
|
|
35
40
|
end
|
|
36
41
|
|
|
@@ -14,7 +14,7 @@ class UserSessionsController < ApplicationController
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def create
|
|
17
|
-
@user_session = SpudUserSession.new(user_session_params)
|
|
17
|
+
@user_session = SpudUserSession.new(user_session_params.to_h)
|
|
18
18
|
if @user_session.save()
|
|
19
19
|
respond_with @user_session do |format|
|
|
20
20
|
format.html{
|
|
@@ -50,7 +50,7 @@ class UserSessionsController < ApplicationController
|
|
|
50
50
|
end
|
|
51
51
|
|
|
52
52
|
def set_change_password
|
|
53
|
-
current_user.
|
|
53
|
+
current_user.update(change_password_params)
|
|
54
54
|
respond_with current_user do |format|
|
|
55
55
|
format.html{
|
|
56
56
|
if current_user.errors.any?
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
module ForgotPasswordMailerHelper
|
|
2
|
+
def perishable_token_link_expiration_time_text(user)
|
|
3
|
+
return if user.class.perishable_token_valid_for.blank?
|
|
4
|
+
|
|
5
|
+
expiration_time = user.updated_at + user.class.perishable_token_valid_for
|
|
6
|
+
|
|
7
|
+
"This link will expire in #{distance_of_time_in_words(Time.current, expiration_time)}."
|
|
8
|
+
end
|
|
9
|
+
end
|
|
@@ -13,6 +13,21 @@ module TbCore::ApplicationHelper
|
|
|
13
13
|
return form_for(record, options, &block)
|
|
14
14
|
end
|
|
15
15
|
|
|
16
|
+
def tb_form_with(record, **options, &block)
|
|
17
|
+
options[:builder] = TbCore::FormBuilder
|
|
18
|
+
|
|
19
|
+
options[:html] ||= {}
|
|
20
|
+
if options[:html][:class]
|
|
21
|
+
options[:html][:class] += ' form-horizontal'
|
|
22
|
+
else
|
|
23
|
+
options[:html][:class] = 'form-horizontal'
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
options[:model] = record
|
|
27
|
+
|
|
28
|
+
return form_with(options, &block)
|
|
29
|
+
end
|
|
30
|
+
|
|
16
31
|
def tb_form_errors(record, *fields_to_display)
|
|
17
32
|
if record.errors.any?
|
|
18
33
|
content_tag :div, class: 'form-errors test' do
|
|
@@ -56,6 +71,7 @@ module TbCore::ApplicationHelper
|
|
|
56
71
|
end
|
|
57
72
|
end
|
|
58
73
|
|
|
74
|
+
# rubocop:disable Rails/HelperInstanceVariable
|
|
59
75
|
def tb_page_title
|
|
60
76
|
if content_for?(:title)
|
|
61
77
|
title = content_for(:title) + ' | ' + TbCore.site_name
|
|
@@ -66,6 +82,7 @@ module TbCore::ApplicationHelper
|
|
|
66
82
|
end
|
|
67
83
|
return content_tag :title, title
|
|
68
84
|
end
|
|
85
|
+
# rubocop:enable Rails/HelperInstanceVariable
|
|
69
86
|
|
|
70
87
|
def current_site_name
|
|
71
88
|
return TbCore.config.site_name
|
|
@@ -1,27 +1,40 @@
|
|
|
1
1
|
module TbCore
|
|
2
|
+
|
|
3
|
+
module Regex
|
|
4
|
+
EMAIL = /
|
|
5
|
+
\A
|
|
6
|
+
[A-Z0-9_.&%+\-']+ # mailbox
|
|
7
|
+
@
|
|
8
|
+
(?:[A-Z0-9\-]+\.)+ # subdomains
|
|
9
|
+
(?:[A-Z]{2,25}) # TLD
|
|
10
|
+
\z
|
|
11
|
+
/ix.freeze
|
|
12
|
+
end
|
|
13
|
+
|
|
2
14
|
module UserModel
|
|
3
15
|
extend ActiveSupport::Concern
|
|
4
16
|
|
|
17
|
+
# rubocop:disable Metrics/BlockLength
|
|
5
18
|
included do
|
|
6
19
|
self.table_name = 'spud_users'
|
|
7
20
|
|
|
8
21
|
acts_as_authentic do |c|
|
|
9
|
-
c.transition_from_crypto_providers = Authlogic::CryptoProviders::Sha512
|
|
10
22
|
c.crypto_provider = Authlogic::CryptoProviders::SCrypt
|
|
11
23
|
c.logged_in_timeout = 24.hours
|
|
12
24
|
c.login_field = :email if TbCore.config.use_email_as_login
|
|
13
|
-
|
|
14
|
-
c.merge_validates_length_of_password_field_options(minimum: TbCore.config.user_password_length)
|
|
15
|
-
end
|
|
25
|
+
c.require_password_confirmation = true
|
|
16
26
|
end
|
|
17
27
|
|
|
28
|
+
attr_accessor :password_confirmation
|
|
29
|
+
|
|
18
30
|
belongs_to :role,
|
|
19
|
-
class_name: SpudRole
|
|
31
|
+
class_name: 'SpudRole', foreign_key: :spud_role_id, optional: true
|
|
20
32
|
has_many :spud_user_settings,
|
|
21
33
|
dependent: :destroy, foreign_key: :spud_user_id
|
|
22
34
|
|
|
23
35
|
validates :first_name, :last_name, presence: true
|
|
24
36
|
before_validation :set_login_to_email, if: -> { TbCore.config.use_email_as_login }
|
|
37
|
+
|
|
25
38
|
before_update :unset_requires_password_change
|
|
26
39
|
|
|
27
40
|
scope :admins, lambda {
|
|
@@ -29,7 +42,37 @@ module TbCore
|
|
|
29
42
|
}
|
|
30
43
|
|
|
31
44
|
scope :ordered, -> { order('last_name asc, first_name asc, email asc') }
|
|
45
|
+
|
|
46
|
+
# These used to be built in to Authlogic
|
|
47
|
+
# See: https://github.com/binarylogic/authlogic/blob/5986e1bd056ccecc519d9f49cc83a0ba757668b4/doc/use_normal_rails_validation.md
|
|
48
|
+
validates :email,
|
|
49
|
+
format: {
|
|
50
|
+
with: ::TbCore::Regex::EMAIL,
|
|
51
|
+
message: proc {
|
|
52
|
+
::Authlogic::I18n.t(
|
|
53
|
+
'error_messages.email_invalid',
|
|
54
|
+
default: 'should look like an email address.'
|
|
55
|
+
)
|
|
56
|
+
}
|
|
57
|
+
},
|
|
58
|
+
length: { maximum: 100 },
|
|
59
|
+
uniqueness: {
|
|
60
|
+
case_sensitive: false,
|
|
61
|
+
if: :will_save_change_to_email?
|
|
62
|
+
}
|
|
63
|
+
validates :password,
|
|
64
|
+
confirmation: { if: :require_password? },
|
|
65
|
+
length: {
|
|
66
|
+
minimum: 8,
|
|
67
|
+
if: :require_password?
|
|
68
|
+
}
|
|
69
|
+
validates :password_confirmation,
|
|
70
|
+
length: {
|
|
71
|
+
minimum: 8,
|
|
72
|
+
if: :require_password?
|
|
73
|
+
}
|
|
32
74
|
end
|
|
75
|
+
# rubocop:enable Metrics/BlockLength
|
|
33
76
|
|
|
34
77
|
module ClassMethods
|
|
35
78
|
|
|
@@ -69,6 +112,7 @@ module TbCore
|
|
|
69
112
|
|
|
70
113
|
def full_name
|
|
71
114
|
return login if first_name.blank? && last_name.blank?
|
|
115
|
+
|
|
72
116
|
[first_name, last_name].reject(&:blank?).join(' ')
|
|
73
117
|
end
|
|
74
118
|
|
|
@@ -79,12 +123,14 @@ module TbCore
|
|
|
79
123
|
# Returns true if user can view at least one dashboard app
|
|
80
124
|
def admin_rights?
|
|
81
125
|
return true if super_admin
|
|
126
|
+
|
|
82
127
|
TbCore.admin_applications.find { |app| can_view_app?(app) }.present?
|
|
83
128
|
end
|
|
84
129
|
|
|
85
130
|
# Returns true if the user can view a spud app based on it's key
|
|
86
131
|
def can_view_app?(admin_application)
|
|
87
132
|
return true if super_admin?
|
|
133
|
+
|
|
88
134
|
key = admin_application[:key]
|
|
89
135
|
permissions.find { |p| p.apps.include?(key) }.present?
|
|
90
136
|
end
|
|
@@ -95,6 +141,7 @@ module TbCore
|
|
|
95
141
|
# * if multiple tags are supplied, return true if ALL tags match
|
|
96
142
|
def permission?(*tags)
|
|
97
143
|
return true if super_admin?
|
|
144
|
+
|
|
98
145
|
my_tags = permissions.collect(&:tag)
|
|
99
146
|
tags.find { |tag| !my_tags.include?(tag) }.blank?
|
|
100
147
|
end
|
|
@@ -105,12 +152,14 @@ module TbCore
|
|
|
105
152
|
# * if multiple tags are supplied, return true if ANY tag matches
|
|
106
153
|
def any_permission?(*tags)
|
|
107
154
|
return true if super_admin?
|
|
155
|
+
|
|
108
156
|
permissions.find { |p| tags.include?(p.tag) }.present?
|
|
109
157
|
end
|
|
110
158
|
|
|
111
159
|
# Return a list of SpudPermission objects for the user's SpudRole
|
|
112
160
|
def permissions
|
|
113
161
|
return [] if role.blank?
|
|
162
|
+
|
|
114
163
|
role.permissions
|
|
115
164
|
end
|
|
116
165
|
|
|
@@ -122,9 +171,7 @@ module TbCore
|
|
|
122
171
|
end
|
|
123
172
|
|
|
124
173
|
def unset_requires_password_change
|
|
125
|
-
if password_changed? && !requires_password_change_changed?(to: true)
|
|
126
|
-
self.requires_password_change = false
|
|
127
|
-
end
|
|
174
|
+
self.requires_password_change = false if password_changed? && !requires_password_change_changed?(to: true)
|
|
128
175
|
true
|
|
129
176
|
end
|
|
130
177
|
end
|
data/app/models/spud_role.rb
CHANGED
|
@@ -14,14 +14,9 @@ class SpudRole < ActiveRecord::Base
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def permission_tags=(tags)
|
|
17
|
-
self.spud_role_permissions.
|
|
18
|
-
|
|
19
|
-
role_permission.destroy()
|
|
20
|
-
else
|
|
21
|
-
tags.delete(role_permission.permission.tag)
|
|
22
|
-
end
|
|
17
|
+
self.spud_role_permissions = tags.map do |tag|
|
|
18
|
+
SpudRolePermission.new(spud_permission_tag: tag)
|
|
23
19
|
end
|
|
24
|
-
self.spud_role_permissions += tags.collect{ |tag| SpudRolePermission.new(spud_permission_tag: tag) }
|
|
25
20
|
end
|
|
26
21
|
|
|
27
22
|
def permission_tags
|
|
@@ -49,7 +49,7 @@
|
|
|
49
49
|
<h3 class="modal-title"></h3>
|
|
50
50
|
</div>
|
|
51
51
|
<div class="modal-body">
|
|
52
|
-
<p
|
|
52
|
+
<p>...</p>
|
|
53
53
|
</div>
|
|
54
54
|
<div class="modal-footer modal-footer-default">
|
|
55
55
|
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
|
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
<h1>Hello <%= @user.full_name %>,</h1>
|
|
2
2
|
|
|
3
|
-
<p>
|
|
3
|
+
<p>
|
|
4
|
+
A password reset has recently been requested for your user account on <strong><%= TbCore.config.site_name %></strong>.
|
|
5
|
+
Click the link below to set your new password.
|
|
6
|
+
<%= perishable_token_link_expiration_time_text(@user) %>
|
|
7
|
+
</p>
|
|
4
8
|
|
|
5
9
|
<p><%= link_to @url, @url %></p>
|
|
6
10
|
|