thoughtbot-clearance 0.5.6 → 0.6.0

data/CHANGELOG.textile

@@ -1,9 +1,33 @@
+h1. 0.6.0 (04/21/2009)
+
+* Converted Clearance to a Rails engine. (Dan Croak & Joe Ferris)
+* Include Clearance::User in User model in app. (Dan Croak & Joe Ferris)
+* Include Clearance::Authentication in ApplicationController. (Dan Croak & Joe Ferris)
+* Namespace controllers under Clearance. (Dan Croak & Joe Ferris)
+* Routes move to engine, use namespaced controllers but publicly the same. (Dan Croak & Joe Ferris)
+* If you want to override a controller, subclass it like SessionsController <
+Clearance::SessionsController. This gives you access to usual hooks such as
+url_after_create. (Dan Croak & Joe Ferris)
+* Controllers, mailer, model, routes all unit tested inside engine. Use
+script/generate clearance_features to test integration of Clearance with your
+Rails app. No longer including modules in your app's test files. (Dan Croak & Joe Ferris)
+* Moved views to engine. (Joe Ferris)
+* Converted generated test/factories/clearance.rb to use inheritence for
+email_confirmed_user. (Dan Croak)
+* Corrected some spelling errors with methods (Nick Quaranto)
+* Converted "I should see error messages" to use a regex in the features (Nick
+Quaranto)
+* Loading clearance routes after rails routes via some monkeypatching (Nick
+Quaranto)
+* Made the clearance controllers unloadable to stop constant loading errors in
+development mode (Nick Quaranto)
+
 h2. 0.5.6 (4/11/2009)
 
 * [#57] Step definition changed for "User should see error messages" so
 features won't fail for certain validations. (Nick Quaranto)
 
-h2. 0.5.5 (3/23/2009)
+h1. 0.5.5 (3/23/2009)
 
 * Removing duplicate test to get rid of warning. (Nick Quaranto)
 

data/README.textile

@@ -4,6 +4,10 @@ Rails authentication with email & password.
 
 "We have clearance, Clarence.":http://www.youtube.com/v/mNRXJEE3Nz8
 
+h2. Engine
+
+Clearance is a Rails engine. It works with versions of Rails greater than 2.3.
+
 h2. Wiki
 
 Most information regarding Clearance is on the "Github Wiki":http://wiki.github.com/thoughtbot/clearance.
@@ -12,30 +16,30 @@ h2. Integration with Suspenders
 
 Clearance is based on the same conventions and tools as "Suspenders":http://github.com/thoughtbot/suspenders If you use it, you already have some configuration mentioned below.
 
-h2. Gem installation (Rails 2.1+)
+h2. Gem installation
 
 In config/environment.rb:
 
     config.gem "thoughtbot-clearance", 
       :lib     => 'clearance', 
       :source  => 'http://gems.github.com', 
-      :version => '0.5.5'
+      :version => '0.6.0'
 
 In config/environments/test.rb:
 
     config.gem 'thoughtbot-shoulda',
       :lib     => 'shoulda',
       :source  => "http://gems.github.com", 
-      :version => '2.10.0'
+      :version => '2.10.1'
     config.gem 'thoughtbot-factory_girl',
       :lib     => 'factory_girl',
       :source  => "http://gems.github.com", 
-      :version => '1.2.0'
+      :version => '1.2.1'
 
 Then:
 
     rake gems:install
-    rake gems:unpack 
+    rake gems:unpack
     rake gems:install RAILS_ENV=test
     rake gems:unpack  RAILS_ENV=test
 
@@ -74,3 +78,12 @@ h2. Authors
 Clearance was extracted out of "Hoptoad":http://hoptoadapp.com. We merged the authentication code from two of thoughtbot's client's Rails apps. The following people have made significant contributions, suggestions, and generally improved the library. Thank you!
 
 Dan Croak, Mike Burns, Jason Morrison, Joe Ferris, Eugene Bolshakov, Josh Nichols, Mike Breen, Marcel Görner, Bence Nagy, Ben Mabey, Eloy Duran, Tim Pope, Mihai Anca, & Mark Cornick.
+
+h2. Questions?
+
+* Ask the "mailing list":http://groups.google.com/group/thoughtbot-clearance
+
+h2. Bugs?
+
+* Open up a "Lighthouse ticket":https://thoughtbot.lighthouseapp.com/projects/18503-clearance
+

data/Rakefile

@@ -2,19 +2,17 @@ require 'rake'
 require 'rake/testtask'
 require 'cucumber/rake/task'
 
-test_files_pattern = 'test/rails_root/test/{unit,functional,other}/**/*_test.rb'
-
 namespace :test do
   Rake::TestTask.new(:all => ['generator:cleanup', 
                               'generator:generate']) do |task|
     task.libs << 'lib'
-    task.libs << File.join(File.dirname(__FILE__), "test/rails_root/test")
-    task.pattern = test_files_pattern
+    task.libs << "test"
+    task.pattern = 'test/**/*_test.rb'
     task.verbose = false
   end
 
   Cucumber::Rake::Task.new(:features) do |t|
-    t.cucumber_opts = "--format pretty"
+    t.cucumber_opts = "--format progress"
     t.feature_pattern = 'test/rails_root/features/*.feature'
   end
 end
@@ -35,14 +33,15 @@ namespace :generator do
       FileUtils.rm_rf(each)
     end
     FileUtils.rm_rf("test/rails_root/vendor/plugins/clearance")
-    system "mkdir -p test/rails_root/vendor/plugins/clearance"
-    system "cp -R generators test/rails_root/vendor/plugins/clearance"
+    FileUtils.mkdir_p("test/rails_root/vendor/plugins")
+    clearance_root = File.expand_path(File.dirname(__FILE__))
+    system("ln -s #{clearance_root} test/rails_root/vendor/plugins/clearance")
   end
 
   desc "Run the generator on the tests"
   task :generate do
     generators.each do |generator|
-      system "cd test/rails_root && ./script/generate #{generator}"
+      system "cd test/rails_root && ./script/generate #{generator} && rake db:migrate db:test:prepare"
     end
   end
 end
@@ -52,7 +51,7 @@ task :default => ['test:all', 'test:features']
 
 gem_spec = Gem::Specification.new do |gem_spec|
   gem_spec.name        = "clearance"
-  gem_spec.version     = "0.5.6"
+  gem_spec.version     = "0.6.0"
   gem_spec.summary     = "Rails authentication for developers who write tests."
   gem_spec.email       = "support@thoughtbot.com"
   gem_spec.homepage    = "http://github.com/thoughtbot/clearance"
@@ -62,7 +61,7 @@ gem_spec = Gem::Specification.new do |gem_spec|
                           "Mike Breen", "Joe Ferris", "Bence Nagy", 
                           "Marcel Görner", "Ben Mabey", "Tim Pope", 
                           "Eloy Duran", "Mihai Anca", "Mark Cornick"]
-  gem_spec.files       = FileList["[A-Z]*", "{generators,lib,shoulda_macros,rails}/**/*"]
+  gem_spec.files       = FileList["[A-Z]*", "{app,config,generators,lib,shoulda_macros,rails}/**/*"]
 end
 
 desc "Generate a gemspec file"

data/TODO.textile

@@ -0,0 +1,6 @@
+h1. To-do
+
+* Make insertion of Clearance::User into User model automatic from the generator.
+* Change generated README to include instruction about running the migration.
+* DO_NOT_REPLY, HOST refactoring.
+

data/app/controllers/clearance/confirmations_controller.rb

@@ -0,0 +1,47 @@
+class Clearance::ConfirmationsController < ApplicationController
+  unloadable
+
+  before_filter :forbid_confirmed_user,    :only => :new
+  before_filter :forbid_missing_token,     :only => :new
+  before_filter :forbid_non_existent_user, :only => :new
+  filter_parameter_logging :token
+
+  def new
+    create
+  end
+
+  def create
+    @user = User.find_by_id_and_token(params[:user_id], params[:token])
+    @user.confirm_email!
+
+    sign_user_in(@user)
+    flash[:success] = "Confirmed email and signed in."
+    redirect_to url_after_create
+  end
+
+  private
+
+  def forbid_confirmed_user
+    user = User.find_by_id(params[:user_id])
+    if user && user.email_confirmed?
+      raise ActionController::Forbidden, "confirmed user"
+    end
+  end
+
+  def forbid_missing_token
+    if params[:token].blank?
+      raise ActionController::Forbidden, "missing token"
+    end
+  end
+
+  def forbid_non_existent_user
+    unless User.find_by_id_and_token(params[:user_id], params[:token])
+      raise ActionController::Forbidden, "non-existent user"
+    end
+  end
+
+  def url_after_create
+    root_url
+  end
+
+end

data/app/controllers/clearance/passwords_controller.rb

@@ -0,0 +1,65 @@
+class Clearance::PasswordsController < ApplicationController
+  unloadable
+
+  before_filter :forbid_missing_token,     :only => [:edit, :update]
+  before_filter :forbid_non_existent_user, :only => [:edit, :update]
+  filter_parameter_logging :password, :password_confirmation
+
+  def new
+    render :template => 'passwords/new'
+  end
+
+  def create
+    if user = User.find_by_email(params[:password][:email])
+      user.forgot_password!
+      ClearanceMailer.deliver_change_password user
+      flash[:notice] = "You will receive an email within the next few minutes. " <<
+                       "It contains instructions for changing your password."
+      redirect_to url_after_create
+    else
+      flash.now[:notice] = "Unknown email"
+      render :template => 'passwords/new'
+    end
+  end
+
+  def edit
+    @user = User.find_by_id_and_token(params[:user_id], params[:token])
+    render :template => 'passwords/edit'
+  end
+
+  def update
+    @user = User.find_by_id_and_token(params[:user_id], params[:token])
+
+    if @user.update_password(params[:user][:password], 
+                             params[:user][:password_confirmation])
+      @user.confirm_email! unless @user.email_confirmed?
+      sign_user_in(@user)
+      redirect_to url_after_update
+    else
+      render :template => 'passwords/edit'
+    end
+  end
+
+  private
+
+  def forbid_missing_token
+    if params[:token].blank?
+      raise ActionController::Forbidden, "missing token"
+    end
+  end
+
+  def forbid_non_existent_user
+    unless User.find_by_id_and_token(params[:user_id], params[:token])
+      raise ActionController::Forbidden, "non-existent user"
+    end
+  end
+
+  def url_after_create
+    new_session_url
+  end
+
+  def url_after_update
+    root_url
+  end
+
+end

data/app/controllers/clearance/sessions_controller.rb

@@ -0,0 +1,62 @@
+class Clearance::SessionsController < ApplicationController
+  unloadable
+
+  protect_from_forgery :except => :create
+  filter_parameter_logging :password
+
+  def new
+    render :template => 'sessions/new'
+  end
+
+  def create
+    @user = User.authenticate(params[:session][:email],
+                              params[:session][:password])
+    if @user.nil?
+      flash.now[:notice] = "Bad email or password."
+      render :template => 'sessions/new', :status => :unauthorized
+    else
+      if @user.email_confirmed?
+        remember(@user) if remember?
+        sign_user_in(@user)
+        flash[:notice] = "Signed in successfully."
+        redirect_back_or url_after_create
+      else
+        ClearanceMailer.deliver_confirmation(@user)
+        deny_access("User has not confirmed email. Confirmation email will be resent.")
+      end
+    end
+  end
+
+  def destroy
+    forget(current_user)
+    reset_session
+    flash[:notice] = "You have been signed out."
+    redirect_to url_after_destroy
+  end
+
+  private
+
+  def remember?
+    params[:session] && params[:session][:remember_me] == "1"
+  end
+
+  def remember(user)
+    user.remember_me!
+    cookies[:remember_token] = { :value   => user.token,
+                                 :expires => user.token_expires_at }
+  end
+
+  def forget(user)
+    user.forget_me! if user
+    cookies.delete :remember_token
+  end
+
+  def url_after_create
+    root_url
+  end
+
+  def url_after_destroy
+    new_session_url
+  end
+
+end

data/app/controllers/clearance/users_controller.rb

@@ -0,0 +1,30 @@
+class Clearance::UsersController < ApplicationController
+  unloadable
+
+  before_filter :redirect_to_root, :only => [:new, :create], :if => :signed_in?
+  filter_parameter_logging :password
+
+  def new
+    @user = User.new(params[:user])
+    render :template => 'users/new'
+  end
+
+  def create
+    @user = User.new params[:user]
+    if @user.save
+      ClearanceMailer.deliver_confirmation @user
+      flash[:notice] = "You will receive an email within the next few minutes. " <<
+                       "It contains instructions for confirming your account."
+      redirect_to url_after_create
+    else
+      render :template => 'users/new'
+    end
+  end
+
+  private
+
+  def url_after_create
+    new_session_url
+  end
+
+end

data/app/models/clearance_mailer.rb

@@ -0,0 +1,19 @@
+class ClearanceMailer < ActionMailer::Base
+
+  default_url_options[:host] = HOST
+
+  def change_password(user)
+    from       DO_NOT_REPLY
+    recipients user.email
+    subject    "Change your password"
+    body       :user => user
+  end
+
+  def confirmation(user)
+    from       DO_NOT_REPLY
+    recipients user.email
+    subject   "Account confirmation"
+    body      :user => user
+  end
+
+end

data/config/clearance_routes.rb

@@ -0,0 +1,19 @@
+ActionController::Routing::Routes.draw do |map|
+  map.resources :passwords,
+    :controller => 'clearance/passwords',
+    :only => [:new, :create]
+
+  map.resource  :session,
+    :controller => 'clearance/sessions',
+    :only => [:new, :create, :destroy]
+
+  map.resources :users, :controller => 'clearance/users' do |users|
+    users.resource :password,
+      :controller => 'clearance/passwords',
+      :only => [:create, :edit, :update]
+
+    users.resource :confirmation,
+      :controller => 'clearance/confirmations',
+      :only => [:new, :create]
+  end
+end

data/generators/clearance/clearance_generator.rb

@@ -6,90 +6,30 @@ class ClearanceGenerator < Rails::Generator::Base
 
   def manifest
     record do |m|
-      m.directory File.join("app", "controllers")
-      if Rails.version >= "2.3.0"
-        file = "app/controllers/application_controller.rb"
-      else
-        file = "app/controllers/application.rb"
-      end
-      if File.exists?(file)
-        m.insert_into file, "include Clearance::App::Controllers::ApplicationController"
-      else
-        m.file file, file 
-      end
-
-      ["app/controllers/confirmations_controller.rb",
-       "app/controllers/passwords_controller.rb", 
-       "app/controllers/sessions_controller.rb", 
-       "app/controllers/users_controller.rb"].each do |file|
-        m.file file, file
-      end
+      m.insert_into "app/controllers/application_controller.rb",
+                    "include Clearance::Authentication"
 
       m.directory File.join("app", "models")
-      ["app/models/user.rb", "app/models/clearance_mailer.rb"].each do |file|
-        m.file file, file
-      end
-
-      m.directory File.join("app", "views")
-
-      m.directory File.join("app", "views", "passwords")
-      ["app/views/passwords/new.html.erb",
-       "app/views/passwords/edit.html.erb"].each do |file|
-        m.file file, file
-      end
-
-      m.directory File.join("app", "views", "sessions")
-      ["app/views/sessions/new.html.erb"].each do |file|
-        m.file file, file
-      end
-
-      m.directory File.join("app", "views", "clearance_mailer")
-      ["app/views/clearance_mailer/change_password.html.erb",
-       "app/views/clearance_mailer/confirmation.html.erb"].each do |file|
-        m.file file, file
-      end
-
-      m.directory File.join("app", "views", "users")
-      ["app/views/users/_form.html.erb",
-       "app/views/users/edit.html.erb",
-       "app/views/users/new.html.erb"].each do |file|
-        m.file file, file
-      end
-
-      m.directory File.join("test", "functional")
-      ["test/functional/confirmations_controller_test.rb",
-       "test/functional/passwords_controller_test.rb",
-       "test/functional/sessions_controller_test.rb",
-       "test/functional/users_controller_test.rb"].each do |file|
-        m.file file, file
-      end
-
-      m.directory File.join("test", "unit")
-      ["test/unit/clearance_mailer_test.rb",
-       "test/unit/user_test.rb"].each do |file|
-        m.file file, file
-      end
+      m.file "user.rb", "app/models/user.rb"
 
       m.directory File.join("test", "factories")
-      ["test/factories/clearance.rb"].each do |file|
-        m.file file, file
-      end
+      m.file "factories.rb", "test/factories/clearance.rb"
 
-      m.route_resources ':passwords'
-      m.route_resource  ':session'
-      m.route_resources ':users, :has_one => [:password, :confirmation]'
+      m.migration_template "migrations/#{migration_name}.rb",
+                           'db/migrate',
+                           :migration_file_name => "clearance_#{migration_name}"
 
-      if ActiveRecord::Base.connection.table_exists?(:users)
-        m.migration_template 'db/migrate/update_users_with_clearance_columns.rb', 
-          'db/migrate', :migration_file_name => 'create_or_update_users_with_clearance_columns'
-      else
-        m.migration_template 'db/migrate/create_users_with_clearance_columns.rb', 
-          'db/migrate', :migration_file_name => 'create_or_update_users_with_clearance_columns'
-      end
+      m.readme "README"
+    end
+  end
 
-      m.rake_db_migrate
+  private
 
-      m.readme "README"
+  def migration_name
+    if ActiveRecord::Base.connection.table_exists?(:users)
+      'update_users'
+    else
+      'create_users'
     end
   end