trusty-cms 2.0.20 → 2.0.21.alpha

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5276d4fafa219de785fbdde6856bd2669364f433
-  data.tar.gz: 2588f19ddb0ade42aaa53a5e652c0a531739cd1e
+  metadata.gz: 2a70dc8977477fc05f0c0f564bc8c16f4ceb5af1
+  data.tar.gz: 6aadac44daf584414af090b62ce6b8e1fee405ac
 SHA512:
-  metadata.gz: 4b59e1e8af5830a094004749b4402ee3c36ef531f7e450c1cc5b37bddcb7107d093241271b4c31c1be85992597126c2ae8f8dbe375796ff9573530ee8fb789b7
-  data.tar.gz: 79fa037ac0f4b9777610e36dc5fd510dee24b90be800f11d03bb113c6d93c798446e03174ea786ca7eb85a592c71ff218e75794f1f13c703d3418de2f661e717
+  metadata.gz: 39b212b91013312d84f24890b0f54295987f3500f1989bdf2c45c118c361d1308f4ca70691f4f4f8630968f4336b6d29d33330269eade03ac8a3e235a1bc1ab8
+  data.tar.gz: fb688c23a8a656026905e7e01b0697f3e074f93e77bb42192e45ad752525fbdb115f8cef2784323e1f0e8c81437c9dc66c0c2f97acdf0657a10fd5e279e2e756

data/.gitignore

@@ -27,3 +27,4 @@ trusty-cms.box
 .vagrant
 *.gem
 .sass-cache
+/coverage/*

data/Gemfile

@@ -33,7 +33,7 @@ gemspec
 
 
 group :development, :test do
-  gem "compass-rails",   "~> 2.0.1"
+  gem 'compass-rails',   '~> 2.0.1'
   gem 'thin',             '~> 1.6.2'
   gem 'pry',              '~> 0.10.0'
   gem 'capybara',         '~> 2.3.0'
@@ -41,10 +41,12 @@ group :development, :test do
   gem 'launchy',          '~> 2.4.2'
   gem 'database_cleaner', '~> 1.3.0'
   gem 'poltergeist',      '~> 1.5.1'
-  gem "ckeditor",        "~> 4.1.0"
-  gem 'factory_girl_rails', '~> 4.5.0'
+  gem 'ckeditor',        '~> 4.1.0'
+  gem 'factory_girl_rails', '~> 4.6.0'
   gem 'rails-observers'
-  gem "protected_attributes"
-  gem "pry-byebug"
+  gem 'protected_attributes'
+  gem 'pry-rails'
   gem 'mysql2',          '~> 0.4.2'
+  gem 'pry-byebug'
+  gem 'simplecov'
 end

data/Gemfile.lock

@@ -1,8 +1,8 @@
 PATH
   remote: .
   specs:
-    trusty-cms (2.0.20)
-      RedCloth (~> 4.2)
+    trusty-cms (2.0.21.alpha)
+      RedCloth (~> 4.3.2)
       acts_as_tree (~> 2.1)
       bundler (~> 1.7)
       ckeditor (~> 4.1)
@@ -30,7 +30,7 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    RedCloth (4.2.9)
+    RedCloth (4.3.2)
     actionmailer (4.2.6)
       actionpack (= 4.2.6)
       actionview (= 4.2.6)
@@ -71,7 +71,7 @@ GEM
     addressable (2.4.0)
     arel (6.0.3)
     builder (3.2.2)
-    byebug (8.2.2)
+    byebug (9.0.4)
     capybara (2.3.0)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
@@ -109,13 +109,14 @@ GEM
     delocalize (0.4.0)
       rails (>= 3.0)
     diff-lcs (1.2.5)
+    docile (1.1.5)
     erubis (2.7.0)
-    eventmachine (1.0.9.1)
-    eventmachine (1.0.9.1-java)
-    execjs (2.6.0)
+    eventmachine (1.2.0.1)
+    eventmachine (1.2.0.1-java)
+    execjs (2.7.0)
     factory_girl (4.5.0)
       activesupport (>= 3.0.0)
-    factory_girl_rails (4.5.0)
+    factory_girl_rails (4.6.0)
       factory_girl (~> 4.5.0)
       railties (>= 3.0.0)
     ffi (1.9.10)
@@ -148,17 +149,19 @@ GEM
     launchy (2.4.3-java)
       addressable (~> 2.3)
       spoon (~> 0.0.1)
-    libv8 (3.16.14.13)
+    libv8 (3.16.14.15)
     loofah (2.0.3)
       nokogiri (>= 1.5.9)
     mail (2.6.4)
       mime-types (>= 1.16, < 4)
     method_source (0.8.2)
-    mime-types (2.99.1)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
     mini_portile2 (2.0.0)
-    minitest (5.8.4)
-    multi_json (1.11.2)
-    mysql2 (0.4.3)
+    minitest (5.9.0)
+    multi_json (1.12.1)
+    mysql2 (0.4.4)
     nokogiri (1.6.7.2)
       mini_portile2 (~> 2.0.0.rc2)
     nokogiri (1.6.7.2-java)
@@ -179,9 +182,11 @@ GEM
       method_source (~> 0.8.1)
       slop (~> 3.4)
       spoon (~> 0.0)
-    pry-byebug (3.3.0)
-      byebug (~> 8.0)
+    pry-byebug (3.4.0)
+      byebug (~> 9.0)
       pry (~> 0.10)
+    pry-rails (0.3.4)
+      pry (>= 0.9.10)
     rack (1.6.4)
     rack-cache (1.6.1)
       rack (>= 0.4)
@@ -237,9 +242,9 @@ GEM
       rspec-mocks (~> 3.0.0)
       rspec-support (~> 3.0.0)
     rspec-support (3.0.4)
-    ruby_parser (3.8.1)
+    ruby_parser (3.8.2)
       sexp_processor (~> 4.1)
-    sass (3.4.21)
+    sass (3.4.22)
     sass-rails (5.0.4)
       railties (>= 4.0.0, < 5.0)
       sass (~> 3.1)
@@ -247,6 +252,11 @@ GEM
       sprockets-rails (>= 2.0, < 4.0)
       tilt (>= 1.1, < 3)
     sexp_processor (4.7.0)
+    simplecov (0.11.2)
+      docile (~> 1.1.0)
+      json (~> 1.8)
+      simplecov-html (~> 0.10.0)
+    simplecov-html (0.10.0)
     slop (3.6.0)
     spoon (0.0.4)
       ffi
@@ -278,9 +288,9 @@ GEM
     uglifier (2.7.2)
       execjs (>= 0.3.0)
       json (>= 1.8.0)
-    websocket-driver (0.6.3)
+    websocket-driver (0.6.4)
       websocket-extensions (>= 0.1.0)
-    websocket-driver (0.6.3-java)
+    websocket-driver (0.6.4-java)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.2)
     will_paginate (3.1.0)
@@ -296,15 +306,17 @@ DEPENDENCIES
   ckeditor (~> 4.1.0)
   compass-rails (~> 2.0.1)
   database_cleaner (~> 1.3.0)
-  factory_girl_rails (~> 4.5.0)
+  factory_girl_rails (~> 4.6.0)
   launchy (~> 2.4.2)
   mysql2 (~> 0.4.2)
   poltergeist (~> 1.5.1)
   protected_attributes
   pry (~> 0.10.0)
   pry-byebug
+  pry-rails
   rails-observers
   rspec-rails (~> 3.0.0)
+  simplecov
   thin (~> 1.6.2)
   trusty-cms!
   trustygems (~> 0.2.0)

data/app/controllers/admin/password_resets_controller.rb

@@ -0,0 +1,25 @@
+class Admin::PasswordResetsController < ApplicationController
+  no_login_required
+  skip_before_filter :verify_authenticity_token
+
+  def create
+    user = User.find_by_email(params[:email])
+    user.send_password_reset if user
+    redirect_to welcome_path, :notice => "Email sent with password reset instructions."
+  end
+
+  def edit
+    @user = User.find_by_password_reset_token!(params[:id])
+  end
+
+  def update
+    @user = User.find_by_password_reset_token!(params[:id])
+    if @user.password_reset_sent_at < 2.hours.ago
+      redirect_to new_password_reset_path, :alert => "Password reset has expired."
+    elsif @user.update_attributes(params[:user])
+      redirect_to welcome_url, :notice => "Password has been reset!"
+    else
+      render :edit
+    end
+  end
+end

data/app/mailers/password_mailer.rb

@@ -0,0 +1,8 @@
+class PasswordMailer < ActionMailer::Base
+
+  def password_reset(user)
+    @user = user
+    mail :to => user.email, :subject => "Password Reset for TrustyCMS"
+  end
+
+end

data/app/models/user.rb

@@ -60,28 +60,38 @@ class User < ActiveRecord::Base
     update_attribute(:session_token, nil)
   end
 
+  def send_password_reset
+    generate_token(:password_reset_token)
+    update_attribute(:password_reset_sent_at, Time.zone.now)
+    PasswordMailer.password_reset(self).deliver_now
+  end
+
   private
 
-    def validate_length_of_password?
-      new_record? or not password.to_s.empty?
-    end
+  def generate_token(column)
+    self[column] = SecureRandom.urlsafe_base64 if User.exists?(column => self[column])
+  end
 
-    before_create :encrypt_password
-    def encrypt_password
-      self.salt = Digest::SHA1.hexdigest("--#{Time.now}--#{login}--sweet harmonious biscuits--")
-      self.password = sha1(password)
-    end
+  def validate_length_of_password?
+    new_record? or not password.to_s.empty?
+  end
+
+  before_create :encrypt_password
+  def encrypt_password
+    self.salt = Digest::SHA1.hexdigest("--#{Time.now}--#{login}--sweet harmonious biscuits--")
+    self.password = sha1(password)
+  end
 
-    before_update :encrypt_password_unless_empty_or_unchanged
-    def encrypt_password_unless_empty_or_unchanged
-      user = self.class.find(self.id)
-      case password
-      when ''
-        self.password = user.password
-      when user.password
-      else
-        encrypt_password
-      end
+  before_update :encrypt_password_unless_empty_or_unchanged
+  def encrypt_password_unless_empty_or_unchanged
+    user = self.class.find(self.id)
+    case password
+    when ''
+      self.password = user.password
+    when user.password
+    else
+      encrypt_password
     end
+  end
 
 end

data/app/views/admin/password_resets/edit.html.haml

@@ -0,0 +1,23 @@
+%h1= t('reset_your_password')
+
+= form_for @user, :url => admin_password_reset_path(params[:id]) do |f|
+  - if @user.errors.any?
+    .error_messages
+      %h2 Form is invalid
+      %ul
+        - for message in @user.errors.full_messages
+          %li= message
+  %p
+    %label{:for=>"password"}= t('password')
+    = f.password_field :password
+  %p
+    %label{:for=>"password_confirmation"}= t('password_confirmation')
+    = f.password_field :password_confirmation
+  .actions= f.submit "Update Password"
+
+%p.version
+= t('powered_by')
+%a{ :href => "https://github.com/pgharts/trusty-cms" } TrustyCms CMS
+= t('version')
+= TrustyCms.loaded_via_gem? ? "#{TrustyCms::VERSION} (gem)." : "#{TrustyCms::VERSION}."
+

data/app/views/admin/password_resets/new.html.haml

@@ -0,0 +1,14 @@
+%h1= t('reset_your_password')
+
+= form_tag admin_password_resets_path, :method => :post do
+  %p
+    %label{:for=>"email"}= t('email')
+    = text_field_tag :email, params[:email], :class => 'textbox', :maxlength => 70, :size => 70
+  .actions
+    = submit_tag "Reset Password"
+
+%p.version
+= t('powered_by')
+%a{ :href => "https://github.com/pgharts/trusty-cms" } TrustyCms CMS
+= t('version')
+= TrustyCms.loaded_via_gem? ? "#{TrustyCms::VERSION} (gem)." : "#{TrustyCms::VERSION}."

data/app/views/admin/welcome/login.html.haml

@@ -10,6 +10,7 @@
     %p
       %label{:for=>"password"}= t('password')
       = password_field_tag "password", '', :class => 'textbox password', :maxlength => 40, :size => 40
+    %p= link_to "Forgot password?", new_admin_password_reset_path
     %p.remember_me
       = check_box_tag :remember_me, 1, false, :class => 'checkbox'
       %label.checkbox{:for=>"remember_me"}= t('remember_me_in_this_browser')

data/app/views/password_mailer/password_reset.html.haml

@@ -0,0 +1,3 @@
+= link_to('Reset Your Password', edit_admin_password_reset_url(@user.password_reset_token))
+
+If you did not request your password to be reset, please alert your TrustyCMS Admin.

data/config/routes.rb

@@ -15,6 +15,7 @@ TrustyCms::Application.routes.draw do
     resources :users do
       get 'remove', on: :member
     end
+    resources :password_resets
   end
 
   match 'admin/preview' => 'admin/pages#preview', :as => :preview, :via => [:post, :put]