Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Custom authentication #1512

Closed
wants to merge 303 commits into from
This page is out of date. Refresh to see the latest.
Showing with 1,264 additions and 4,021 deletions.
  1. +6 −2 .travis.yml
  2. +9 −5 README.md
  3. +8 −13 Rakefile
  4. +1 −1  SPREE_VERSION
  5. +0 −1  api/Gemfile
  6. +0 −17 api/app/controllers/spree/admin/users_controller_decorator.rb
  7. +7 −3 api/app/controllers/spree/api/v1/base_controller.rb
  8. +9 −26 api/app/controllers/spree/api/v1/images_controller.rb
  9. +2 −2 api/app/controllers/spree/api/v1/orders_controller.rb
  10. +1 −1  api/app/controllers/spree/api/v1/products_controller.rb
  11. +45 −0 api/app/controllers/spree/api/v1/zones_controller.rb
  12. +6 −2 api/app/helpers/spree/api/api_helpers.rb
  13. 0  api/app/models/spree/payment_decorator.rb
  14. +10 −8 api/app/models/spree/user_decorator.rb
  15. +2 −2 api/app/views/spree/admin/users/_api_fields.html.erb
  16. +1 −0  api/app/views/spree/api/v1/images/show.rabl
  17. +5 −1 api/app/views/spree/api/v1/products/show.rabl
  18. +2 −0  api/app/views/spree/api/v1/zones/index.rabl
  19. +6 −0 api/app/views/spree/api/v1/zones/show.rabl
  20. +1 −0  api/config/initializers/metal_load_paths.rb
  21. +3 −2 api/config/routes.rb
  22. +3 −1 api/db/migrate/20100107141738_add_api_key_to_spree_users.rb
  23. +3 −1 api/db/migrate/20120411123334_resize_api_key_field.rb
  24. +7 −0 api/db/migrate/20120530054546_rename_api_key_to_spree_api_key.rb
  25. +0 −1  api/lib/spree/api.rb
  26. +0 −1  api/lib/spree/api/controller_setup.rb
  27. +1 −1  api/lib/spree/api/testing_support/helpers.rb
  28. +1 −1  api/lib/spree/api/testing_support/setup.rb
  29. +6 −2 api/script/rails
  30. +20 −14 api/spec/controllers/spree/api/v1/images_controller_spec.rb
  31. +1 −1  api/spec/controllers/spree/api/v1/orders_controller_spec.rb
  32. +22 −0 api/spec/controllers/spree/api/v1/products_controller_spec.rb
  33. +54 −0 api/spec/controllers/spree/api/v1/zones_controller_spec.rb
  34. +4 −4 api/spec/models/spree/order_spec.rb
  35. +4 −4 api/spec/models/spree/user_spec.rb
  36. +0 −1  api/spree_api.gemspec
  37. +0 −1  auth/.gitignore
  38. +0 −5 auth/Gemfile
  39. +0 −26 auth/LICENSE
  40. +0 −38 auth/README.md
  41. +0 −29 auth/Rakefile
  42. +0 −1  auth/app/assets/javascripts/admin/spree_auth.js
  43. +0 −1  auth/app/assets/javascripts/store/spree_auth.js
  44. +0 −3  auth/app/assets/stylesheets/admin/spree_auth.css
  45. +0 −3  auth/app/assets/stylesheets/store/spree_auth.css
  46. +0 −19 auth/app/controllers/spree/admin/admin_controller_decorator.rb
  47. +0 −14 auth/app/controllers/spree/admin/admin_orders_controller_decorator.rb
  48. +0 −3  auth/app/controllers/spree/admin/admin_resource_controller_decorator.rb
  49. +0 −21 auth/app/controllers/spree/admin/admin_users_controller_decorator.rb
  50. +0 −49 auth/app/controllers/spree/base_controller_decorator.rb
  51. +0 −42 auth/app/controllers/spree/checkout_controller_decorator.rb
  52. +0 −15 auth/app/controllers/spree/orders_controller_decorator.rb
  53. +0 −13 auth/app/controllers/spree/products_controller_decorator.rb
  54. +0 −40 auth/app/controllers/spree/user_passwords_controller.rb
  55. +0 −58 auth/app/controllers/spree/user_registrations_controller.rb
  56. +0 −51 auth/app/controllers/spree/user_sessions_controller.rb
  57. +0 −51 auth/app/controllers/spree/users_controller.rb
  58. +0 −15 auth/app/helpers/spree/users_helper.rb
  59. +0 −8 auth/app/mailers/spree/user_mailer.rb
  60. +0 −6 auth/app/models/spree/auth_configuration.rb
  61. +0 −12 auth/app/models/spree/current_order_decorator.rb
  62. +0 −12 auth/app/models/spree/order_decorator.rb
  63. +0 −97 auth/app/models/spree/user.rb
  64. +0 −7 auth/app/overrides/admin_payment_methods_index.rb
  65. +0 −5 auth/app/overrides/auth_admin_login_navigation_bar.rb
  66. +0 −6 auth/app/overrides/auth_admin_user_roles.rb
  67. +0 −7 auth/app/overrides/auth_shared_login_bar.rb
  68. +0 −6 auth/app/overrides/auth_user_login_form.rb
  69. +0 −14 auth/app/views/spree/admin/banners/_gateway.html.erb
  70. +0 −12 auth/app/views/spree/admin/users/_roles.html.erb
  71. +0 −8 auth/app/views/spree/layouts/admin/_login_nav.html.erb
  72. +0 −9 auth/app/views/spree/shared/_flashes.html.erb
  73. +0 −20 auth/app/views/spree/shared/_login.html.erb
  74. +0 −6 auth/app/views/spree/shared/_login_bar.html.erb
  75. +0 −17 auth/app/views/spree/shared/_user_form.html.erb
  76. +0 −10 auth/app/views/spree/user_mailer/reset_password_instructions.text.erb
  77. +0 −15 auth/app/views/spree/user_passwords/edit.html.erb
  78. +0 −15 auth/app/views/spree/user_passwords/new.html.erb
  79. +0 −22 auth/app/views/spree/user_registrations/new.html.erb
  80. +0 −4 auth/app/views/spree/user_sessions/authorization_failure.html.erb
  81. +0 −13 auth/app/views/spree/user_sessions/new.html.erb
  82. +0 −11 auth/app/views/spree/users/edit.html.erb
  83. +0 −43 auth/app/views/spree/users/show.html.erb
  84. +0 −4 auth/config.ru
  85. +0 −141 auth/config/initializers/devise.rb
  86. +0 −46 auth/config/locales/en.yml
  87. +0 −31 auth/config/routes.rb
  88. +0 −76 auth/db/default/users.rb
  89. +0 −38 auth/db/migrate/20101026184950_rename_columns_for_devise.rb
  90. +0 −11 auth/db/migrate/20101214150824_convert_user_remember_field.rb
  91. +0 −13 auth/db/migrate/20101217012656_create_tokenized_permissions.rb
  92. +0 −18 auth/db/migrate/20101219201531_tokens_for_legacy_orders.rb
  93. +0 −5 auth/db/migrate/20111007143030_namespace_tokenized_permission.rb
  94. +0 −24 auth/db/migrate/20111206075712_migrate_tokenized_permissions.rb
  95. +0 −5 auth/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb
  96. +0 −5 auth/db/seeds.rb
  97. +0 −15 auth/lib/spree/auth.rb
  98. +0 −21 auth/lib/spree/auth/engine.rb
  99. +0 −22 auth/lib/spree/token_resource.rb
  100. +0 −1  auth/lib/spree_auth.rb
  101. +0 −8 auth/lib/tasks/auth.rake
  102. +0 −5 auth/script/rails
  103. +0 −17 auth/spec/bar_ability.rb
  104. +0 −56 auth/spec/controllers/admin/admin_orders_controller_spec.rb
  105. +0 −70 auth/spec/controllers/admin/admin_shipments_controller_spec.rb
  106. +0 −45 auth/spec/controllers/admin/admin_users_controller_spec.rb
  107. +0 −171 auth/spec/controllers/checkout_controller_spec.rb
  108. +0 −160 auth/spec/controllers/orders_controller_spec.rb
  109. +0 −17 auth/spec/controllers/products_controller_spec.rb
  110. +0 −20 auth/spec/controllers/user_registrations_controller_spec.rb
  111. +0 −30 auth/spec/controllers/user_sessions_controller_spec.rb
  112. +0 −44 auth/spec/controllers/users_controller_spec.rb
  113. +0 −251 auth/spec/models/ability_spec.rb
  114. +0 −43 auth/spec/models/order_spec.rb
  115. +0 −66 auth/spec/models/user_spec.rb
  116. +0 −52 auth/spec/requests/account_spec.rb
  117. +0 −9 auth/spec/requests/admin/products_spec.rb
  118. +0 −21 auth/spec/requests/admin/users_spec.rb
  119. +0 −31 auth/spec/requests/admin_permissions_spec.rb
  120. +0 −313 auth/spec/requests/checkout_spec.rb
  121. +0 −8 auth/spec/requests/order_spec.rb
  122. +0 −18 auth/spec/requests/password_reset_spec.rb
  123. +0 −41 auth/spec/requests/sign_in_spec.rb
  124. +0 −26 auth/spec/requests/sign_out_spec.rb
  125. +0 −27 auth/spec/requests/sign_up_spec.rb
  126. +0 −35 auth/spec/requests/user_spec.rb
  127. +0 −66 auth/spec/spec_helper.rb
  128. +0 −13 auth/spec/support/authentication_helpers.rb
  129. +0 −23 auth/spree_auth.gemspec
  130. +46 −18 cmd/lib/spree_cmd/installer.rb
  131. +2 −1  cmd/lib/spree_cmd/templates/extension/lib/%file_name%/engine.rb.tt
  132. +1 −1  cmd/lib/spree_cmd/templates/extension/lib/generators/%file_name%/install/install_generator.rb.tt
  133. +1 −0  common_spree_dependencies.rb
  134. 0  core/app/assets/images/{creditcards → credit_cards}/amex_cid.gif
  135. 0  core/app/assets/images/{creditcards/creditcard.gif → credit_cards/credit_card.gif}
  136. 0  core/app/assets/images/{creditcards → credit_cards}/discover_cid.gif
  137. 0  core/app/assets/images/{creditcards → credit_cards}/icons/american_express.png
  138. 0  core/app/assets/images/{creditcards → credit_cards}/icons/cirrus.png
  139. 0  core/app/assets/images/{creditcards → credit_cards}/icons/delta.png
  140. 0  core/app/assets/images/{creditcards → credit_cards}/icons/dinersclub.png
  141. 0  core/app/assets/images/{creditcards → credit_cards}/icons/directdebit.png
  142. 0  core/app/assets/images/{creditcards → credit_cards}/icons/discover.png
  143. 0  core/app/assets/images/{creditcards → credit_cards}/icons/egold.png
  144. 0  core/app/assets/images/{creditcards → credit_cards}/icons/maestro.png
  145. 0  core/app/assets/images/{creditcards → credit_cards}/icons/master.png
  146. 0  core/app/assets/images/{creditcards → credit_cards}/icons/paypal.png
  147. 0  core/app/assets/images/{creditcards → credit_cards}/icons/solo.png
  148. 0  core/app/assets/images/{creditcards → credit_cards}/icons/switch.png
  149. 0  core/app/assets/images/{creditcards → credit_cards}/icons/visa.png
  150. 0  core/app/assets/images/{creditcards → credit_cards}/icons/visaelectron.png
  151. 0  core/app/assets/images/{creditcards → credit_cards}/icons/westernunion.png
  152. 0  core/app/assets/images/{creditcards → credit_cards}/icons/wirecard.png
  153. 0  core/app/assets/images/{creditcards → credit_cards}/icons/worldpay.png
  154. 0  core/app/assets/images/{creditcards → credit_cards}/master_cid.jpg
  155. 0  core/app/assets/images/{creditcards → credit_cards}/visa_cid.gif
  156. +6 −6 core/app/assets/javascripts/admin/admin.js.erb
  157. +2 −2 core/app/assets/javascripts/admin/image_settings.js
  158. +1 −1  core/app/assets/javascripts/admin/orders/edit.js
  159. +1 −1  core/app/assets/javascripts/admin/orders/edit_form.js
  160. +1 −1  core/app/assets/javascripts/admin/taxonomy.js
  161. +1 −1  core/app/assets/javascripts/store/cart.js
  162. +3 −3 core/app/assets/javascripts/store/product.js
  163. +17 −65 core/app/assets/stylesheets/store/screen.css.scss
  164. +57 −0 core/app/assets/stylesheets/store/variables.css.scss
  165. +14 −0 core/app/controllers/spree/admin/banners_controller.rb
  166. +11 −0 core/app/controllers/spree/admin/base_controller.rb
  167. +1 −1  core/app/controllers/spree/admin/configurations_controller.rb
  168. +1 −1  core/app/controllers/spree/admin/general_settings_controller.rb
  169. +1 −1  core/app/controllers/spree/admin/image_settings_controller.rb
  170. +1 −1  core/app/controllers/spree/admin/inventory_settings_controller.rb
  171. +1 −1  core/app/controllers/spree/admin/inventory_units_controller.rb
  172. +1 −1  core/app/controllers/spree/admin/line_items_controller.rb
  173. +1 −1  core/app/controllers/spree/admin/mail_methods_controller.rb
  174. +1 −1  core/app/controllers/spree/admin/mail_settings_controller.rb
  175. +5 −3 core/app/controllers/spree/admin/orders_controller.rb
  176. +1 −1  core/app/controllers/spree/admin/overview_controller.rb
  177. +3 −3 core/app/controllers/spree/admin/payments_controller.rb
  178. +3 −3 core/app/controllers/spree/admin/products_controller.rb
  179. +3 −3 core/app/controllers/spree/admin/reports_controller.rb
  180. +1 −1  core/app/controllers/spree/admin/resource_controller.rb
  181. +1 −1  core/app/controllers/spree/admin/shipments_controller.rb
  182. +11 −0 core/app/controllers/spree/admin/shipping_methods_controller.rb
  183. +1 −1  core/app/controllers/spree/admin/tax_settings_controller.rb
  184. +1 −1  core/app/controllers/spree/admin/taxons_controller.rb
  185. +0 −68 core/app/controllers/spree/admin/users_controller.rb
  186. +2 −2 core/app/controllers/spree/admin/zones_controller.rb
  187. +162 −1 core/app/controllers/spree/base_controller.rb
  188. +28 −9 core/app/controllers/spree/checkout_controller.rb
  189. +5 −1 core/app/controllers/spree/products_controller.rb
  190. +12 −5 core/app/helpers/spree/base_helper.rb
  191. +1 −1  core/app/helpers/spree/products_helper.rb
  192. +7 −2 {auth → core}/app/models/spree/ability.rb
  193. +3 −3 core/app/models/spree/address.rb
  194. +30 −8 core/app/models/spree/adjustment.rb
  195. +1 −1  core/app/models/spree/app_configuration.rb
  196. +21 −1 core/app/models/spree/calculator/per_item.rb
  197. +3 −3 core/app/models/spree/country.rb
  198. +2 −2 core/app/models/spree/{creditcard.rb → credit_card.rb}
  199. +1 −1  core/app/models/spree/gateway.rb
  200. +10 −10 core/app/models/spree/gateway/bogus.rb
  201. +4 −4 core/app/models/spree/gateway/bogus_simple.rb
  202. +1 −1  core/app/models/spree/image.rb
  203. +4 −4 core/app/models/spree/inventory_unit.rb
  204. +9 −4 core/app/models/spree/line_item.rb
  205. +3 −3 core/app/models/spree/option_type.rb
  206. +2 −2 core/app/models/spree/option_value.rb
  207. +65 −22 core/app/models/spree/order.rb
  208. +4 −4 core/app/models/spree/payment.rb
  209. +12 −3 core/app/models/spree/payment/processing.rb
  210. +1 −1  core/app/models/spree/payment_method.rb
  211. +6 −11 core/app/models/spree/product.rb
  212. +2 −2 core/app/models/spree/product_option_type.rb
  213. +2 −2 core/app/models/spree/product_property.rb
  214. +1 −1  core/app/models/spree/return_authorization.rb
  215. +1 −1  core/app/models/spree/role.rb
  216. +5 −5 core/app/models/spree/shipment.rb
  217. +20 −10 core/app/models/spree/shipping_method.rb
  218. +1 −1  core/app/models/spree/state.rb
  219. +1 −1  core/app/models/spree/state_change.rb
  220. +2 −2 core/app/models/spree/tax_rate.rb
  221. +1 −1  core/app/models/spree/taxon.rb
  222. +1 −0  {auth → core}/app/models/spree/tokenized_permission.rb
  223. +7 −5 core/app/models/spree/user.rb
  224. +10 −7 core/app/models/spree/variant.rb
  225. +2 −2 core/app/models/spree/zone.rb
  226. +1 −1  core/app/models/spree/zone_member.rb
  227. +0 −4 core/app/views/spree/admin/payments/new.html.erb
  228. +4 −4 core/app/views/spree/admin/payments/source_forms/_gateway.html.erb
  229. +2 −2 core/app/views/spree/admin/payments/source_views/_gateway.html.erb
  230. +1 −1  core/app/views/spree/admin/shared/_address_form.html.erb
  231. +2 −3 core/app/views/spree/admin/shared/_head.html.erb
  232. +1 −2  core/app/views/spree/admin/shared/_tabs.html.erb
  233. +1 −1  core/app/views/spree/admin/shipments/edit.html.erb
  234. +0 −19 core/app/views/spree/admin/users/_form.html.erb
  235. +0 −14 core/app/views/spree/admin/users/edit.html.erb
  236. +0 −48 core/app/views/spree/admin/users/index.html.erb
  237. +0 −14 core/app/views/spree/admin/users/new.html.erb
  238. +0 −21 core/app/views/spree/admin/users/show.html.erb
  239. +26 −20 core/app/views/spree/checkout/_address.html.erb
  240. +0 −1  core/app/views/spree/checkout/edit.html.erb
  241. +4 −4 core/app/views/spree/checkout/payment/_gateway.html.erb
  242. +4 −4 core/app/views/spree/content/cvv.html.erb
  243. +4 −4 core/app/views/spree/order_mailer/cancel_email.text.erb
  244. +1 −1  core/app/views/spree/order_mailer/confirm_email.text.erb
  245. +5 −5 core/app/views/spree/orders/_form.html.erb
  246. +7 −7 core/app/views/spree/orders/_line_item.html.erb
  247. +14 −12 core/app/views/spree/orders/edit.html.erb
  248. +2 −2 core/app/views/spree/orders/show.html.erb
  249. +1 −1  core/app/views/spree/products/_taxons.html.erb
  250. +1 −1  core/app/views/spree/products/index.html.erb
  251. +1 −1  core/app/views/spree/shared/_filters.html.erb
  252. +1 −1  core/app/views/spree/shared/_footer.html.erb
  253. +5 −5 core/app/views/spree/shared/_order_details.html.erb
  254. +5 −5 core/app/views/spree/shared/_products.html.erb
  255. 0  {auth → core}/app/views/spree/shared/unauthorized.html.erb
  256. +0 −12 core/config/initializers/spree.rb
  257. +22 −0 core/config/initializers/user_class_extensions.rb
  258. +5 −5 core/config/locales/en.yml
  259. +4 −3 core/config/routes.rb
  260. +14 −12 core/db/migrate/20090823005402_spree_zero_nine_zero.rb
  261. +7 −5 core/db/migrate/20091015153048_add_openid_field_to_users.rb
  262. +5 −5 core/db/migrate/20100209144531_polymorphic_payments.rb
  263. +4 −4 core/db/migrate/20100214212536_assign_creditcard_txns_to_payment.rb
  264. +3 −1 core/db/migrate/20100528185820_add_index_on_users_persistence_token.rb
  265. +3 −1 core/db/migrate/20100811163637_add_guest_flag.rb
  266. +3 −1 core/db/migrate/20100901171814_change_guest_flag_to_anonymous.rb
  267. +3 −1 core/db/migrate/20101103212716_drop_anonymous_field_for_user.rb
  268. +3 −1 core/db/migrate/20111007143030_namespace_top_level_models.rb
  269. +16 −0 core/db/migrate/20120509055454_create_tokenized_permissions_table.rb
  270. +9 −0 core/db/migrate/20120523061241_convert_sales_tax_to_default_tax.rb
  271. +11 −0 core/db/migrate/20120530012000_rename_creditcards_to_credit_cards.rb
  272. +5 −0 core/db/migrate/20120604030249_add_deleted_at_to_spree_shipping_methods.rb
  273. +5 −0 core/db/migrate/20120604203654_remove_credit_total_from_orders.rb
  274. +0 −61 core/db/sample/users.rb
  275. +53 −0 core/lib/generators/spree/custom_user/custom_user_generator.rb
  276. +28 −0 core/lib/generators/spree/custom_user/templates/authentication_helpers.rb.tt
  277. +2 −0  core/lib/generators/spree/custom_user/templates/initializer.rb.tt
  278. +7 −0 core/lib/generators/spree/custom_user/templates/migration.rb.tt
  279. +1 −0  core/lib/generators/spree/dummy/dummy_generator.rb
  280. +1 −0  core/lib/generators/spree/dummy/templates/initializers/custom_user.rb
  281. +1 −1  core/lib/generators/spree/dummy/templates/rails/application.rb
  282. +0 −1  core/lib/generators/spree/install/templates/app/assets/javascripts/admin/all.js
  283. +0 −1  core/lib/generators/spree/install/templates/app/assets/javascripts/store/all.js
  284. +0 −1  core/lib/generators/spree/install/templates/app/assets/stylesheets/admin/all.css
  285. +0 −1  core/lib/generators/spree/install/templates/app/assets/stylesheets/store/all.css
  286. +2 −0  core/lib/generators/spree/install/templates/config/initializers/spree.rb
  287. +0 −36 core/lib/generators/spree/sandbox/sandbox_generator.rb
  288. +0 −7 core/lib/generators/spree/sandbox/templates/rails/routes.rb
  289. +13 −1 core/lib/spree/core.rb
  290. +0 −110 core/lib/spree/core/controller_helpers.rb
  291. +11 −7 core/lib/spree/core/engine.rb
  292. +0 −10 core/lib/spree/core/ext/string.rb
  293. +1 −1  core/lib/spree/core/permalinks.rb
  294. +9 −0 core/lib/spree/core/relation_serialization.rb
  295. +1 −1  core/lib/spree/core/respond_with.rb
  296. +0 −12 core/lib/spree/core/search/base.rb
  297. +2 −2 core/lib/spree/core/ssl_requirement.rb
  298. +1 −1  core/lib/spree/core/store_helpers.rb
  299. +6 −0 core/lib/spree/core/testing_support/controller_requests.rb
  300. +3 −3 core/lib/spree/core/testing_support/factories/{creditcard_factory.rb → credit_card_factory.rb}
Sorry, we could not display the entire diff because too many files (413) changed.
View
8 .travis.yml
@@ -9,7 +9,6 @@ script:
- "export DISPLAY=:99.0"
- "alias set_gemfile='export BUNDLE_GEMFILE=\"`pwd`/Gemfile\"'"
- "cd api; set_gemfile; bundle install --quiet; bundle exec rspec spec"
- - "cd ../auth; set_gemfile; bundle install --quiet; bundle exec rspec spec"
- "cd ../core; set_gemfile; bundle install --quiet; bundle exec rspec spec"
- "cd ../dash; set_gemfile; bundle install --quiet; bundle exec rspec spec"
- "cd ../promo; set_gemfile; bundle install --quiet; bundle exec rspec spec"
@@ -17,10 +16,15 @@ script:
notifications:
email:
- ryan@spreecommerce.com
- irc: "irc.freenode.org#spree"
+ irc:
+ use_notice: true
+ skip_join: true
+ channels:
+ - "irc.freenode.org#spree"
branches:
only:
- 1-0-stable
+ - auth-take-two
- master
rvm:
- 1.8.7
View
14 README.md
@@ -135,11 +135,6 @@ If you want to remove precompiled assets (recommended before you commit to Git a
Running Tests
-------------
-If you want to run all the tests across all the gems then
-
- $ cd spree
- $ bundle exec rake
-
Each gem contains its own series of tests, and for each directory, you need to do a quick one-time
creation of a test application and then you can use it to run the tests. For example, to run the
tests for the core project.
@@ -167,6 +162,15 @@ If you want to run a particular line of spec
$ bundle exec rspec spec/models/state_spec.rb:7
+Travis, the continuous integration service, runs the test suite for each gem one at a time.
+
+ $ bundle exec rake test_app
+ $ cd api; bundle install; bundle exec rspec spec
+ $ cd ../auth; bundle install; bundle exec rspec spec
+ $ cd ../core; bundle install; bundle exec rspec spec
+ $ cd ../dash; bundle install; bundle exec rspec spec
+ $ cd ../promo; bundle install; bundle exec rspec spec
+
Contributing
------------
View
21 Rakefile
@@ -11,15 +11,13 @@ end
desc "Generates a dummy app for testing for every Spree engine"
task :test_app do
- %w(api auth core dash promo).each do |engine|
+ %w(api core dash promo).each do |engine|
ENV['LIB_NAME'] = File.join('spree', engine)
ENV['DUMMY_PATH'] = File.expand_path("../#{engine}/spec/dummy", __FILE__)
Rake::Task['common:test_app'].execute
end
end
-task :default => :all_tests
-
desc "Run all tests for all supported databases"
task :ci do
cmd = "bundle update"; puts cmd; system cmd;
@@ -36,7 +34,7 @@ task :clean do
puts "Deleting pkg directory.."
FileUtils.rm_rf("pkg")
- %w(api auth cmd core dash promo).each do |gem_name|
+ %w(api cmd core dash promo).each do |gem_name|
puts "Cleaning #{gem_name}:"
puts " Deleting #{gem_name}/Gemfile"
FileUtils.rm_f("#{gem_name}/Gemfile")
@@ -52,7 +50,7 @@ end
namespace :gem do
desc "run rake gem for all gems"
task :build do
- %w(core auth api dash promo sample cmd).each do |gem_name|
+ %w(core api dash promo sample cmd).each do |gem_name|
puts "########################### #{gem_name} #########################"
puts "Deleting #{gem_name}/pkg"
FileUtils.rm_rf("#{gem_name}/pkg")
@@ -69,7 +67,7 @@ namespace :gem do
task :install do
version = File.read(File.expand_path("../SPREE_VERSION", __FILE__)).strip
- %w(core auth api dash promo sample cmd).each do |gem_name|
+ %w(core api dash promo sample cmd).each do |gem_name|
puts "########################### #{gem_name} #########################"
puts "Deleting #{gem_name}/pkg"
FileUtils.rm_rf("#{gem_name}/pkg")
@@ -88,7 +86,7 @@ namespace :gem do
task :release do
version = File.read(File.expand_path("../SPREE_VERSION", __FILE__)).strip
- %w(core auth api dash promo sample cmd).each do |gem_name|
+ %w(core api dash promo sample cmd).each do |gem_name|
puts "########################### #{gem_name} #########################"
cmd = "cd #{gem_name}/pkg && gem push spree_#{gem_name}-#{version}.gem"; puts cmd; system cmd
end
@@ -98,10 +96,7 @@ end
desc "Creates a sandbox application for simulating the Spree code in a deployed Rails app"
task :sandbox do
- require 'spree_core'
-
- Spree::SandboxGenerator.start ["--lib_name=spree"]
- Spree::InstallGenerator.start ["--auto-accept"]
-
- cmd = "bundle exec rake assets:precompile:nondigest"; puts cmd; system cmd
+ FileUtils.rm_rf("sandbox")
+ puts "Running Sandbox generator..."
+ exec("rails new sandbox -m lib/sandbox.rb")
end
View
2  SPREE_VERSION
@@ -1 +1 @@
-1.1.0.beta
+1.2.0.beta
View
1  api/Gemfile
@@ -1,6 +1,5 @@
eval(File.read(File.dirname(__FILE__) + '/../common_spree_dependencies.rb'))
gem 'spree_core', :path => "../core"
-gem 'spree_auth', :path => "../auth"
gemspec
View
17 api/app/controllers/spree/admin/users_controller_decorator.rb
@@ -1,17 +0,0 @@
-Spree::Admin::UsersController.class_eval do
- before_filter :load_roles, :only => [:edit, :new, :update, :create, :generate_api_key, :clear_api_key]
-
- def generate_api_key
- if @user.generate_api_key!
- flash.notice = t('key_generated', :scope => 'spree.api')
- end
- redirect_to edit_admin_user_path(@user)
- end
-
- def clear_api_key
- if @user.clear_api_key!
- flash.notice = t('key_cleared', :scope => 'spree.api')
- end
- redirect_to edit_admin_user_path(@user)
- end
-end
View
10 api/app/controllers/spree/api/v1/base_controller.rb
@@ -30,7 +30,7 @@ def check_for_api_key
end
def authenticate_user
- unless @current_api_user = User.find_by_api_key(api_key)
+ unless @current_api_user = User.find_by_spree_api_key(api_key)
render "spree/api/v1/errors/invalid_api_key", :status => 401 and return
end
end
@@ -59,18 +59,22 @@ def api_key
def find_product(id)
begin
- product_scope.find_by_permalink!(id)
+ product_scope.find_by_permalink!(id.to_s)
rescue ActiveRecord::RecordNotFound
product_scope.find(id)
end
end
def product_scope
- if current_api_user.has_role?("admin")
+ if current_api_user.has_spree_role?("admin")
scope = Product
+ unless params[:show_deleted]
+ scope = scope.not_deleted
+ end
else
scope = Product.active
end
+
scope.includes(:master)
end
View
35 api/app/controllers/spree/api/v1/images_controller.rb
@@ -2,44 +2,27 @@ module Spree
module Api
module V1
class ImagesController < Spree::Api::V1::BaseController
+ def show
+ @image = Image.find(params[:id])
+ end
+
def create
- @image = product_or_variant.images.create!(params[:image])
+ @image = Image.create(params[:image])
render :show, :status => 201
end
def update
- image.update_attributes(params[:image])
+ @image = Image.find(params[:id])
+ @image.update_attributes(params[:image])
render :show, :status => 200
end
def destroy
- image.destroy
+ @image = Image.find(params[:id])
+ @image.destroy
render :text => nil
end
- private
-
- def image
- @image = product_or_variant.images.find(params[:id])
- end
-
- def product_or_variant
- return @product_or_variant if @product_or_variant
- if params[:product_id]
- @product_or_variant = product
- else
- @product_or_variant = variant
- end
- end
-
- def variant
- Variant.find(params[:variant_id])
- end
-
- def product
- find_product(params[:product_id]).master
- end
-
end
end
end
View
4 api/app/controllers/spree/api/v1/orders_controller.rb
@@ -6,7 +6,7 @@ class OrdersController < Spree::Api::V1::BaseController
def index
# should probably look at turning this into a CanCan step
- raise CanCan::AccessDenied unless current_api_user.has_role?("admin")
+ raise CanCan::AccessDenied unless current_api_user.has_spree_role?("admin")
@orders = Order.page(params[:page])
end
@@ -15,7 +15,7 @@ def show
end
def search
- @orders = Order.search(params[:q]).result.page(params[:page])
+ @orders = Order.ransack(params[:q]).result.page(params[:page])
render :index
end
View
2  api/app/controllers/spree/api/v1/products_controller.rb
@@ -7,7 +7,7 @@ def index
end
def search
- @products = product_scope.search(params[:q]).result.page(params[:page])
+ @products = product_scope.ransack(params[:q]).result.page(params[:page])
render :index
end
View
45 api/app/controllers/spree/api/v1/zones_controller.rb
@@ -0,0 +1,45 @@
+module Spree
+ module Api
+ module V1
+ class ZonesController < Spree::Api::V1::BaseController
+ def index
+ @zones = Zone.order('name ASC')
+ end
+
+ def show
+ zone
+ end
+
+ def create
+ authorize! :create, Zone
+ @zone = Zone.new(map_nested_attributes_keys(Spree::Zone, params[:zone]))
+ if @zone.save
+ render :show, :status => 201
+ else
+ invalid_resource!(@zone)
+ end
+ end
+
+ def update
+ authorize! :update, Zone
+ if zone.update_attributes(map_nested_attributes_keys(Spree::Zone, params[:zone]))
+ render :show, :status => 200
+ else
+ invalid_resource!(@zone)
+ end
+ end
+
+ def destroy
+ authorize! :delete, Zone
+ zone.destroy
+ render :text => nil, :status => 200
+ end
+
+ private
+ def zone
+ @zone ||= Spree::Zone.find(params[:id])
+ end
+ end
+ end
+ end
+end
View
8 api/app/helpers/spree/api/api_helpers.rb
@@ -12,10 +12,14 @@ def required_fields_for(model)
end
def product_attributes
- [:id, :name, :description, :price, :available_on, :permalink,
+ [:id, :name, :description, :price, :available_on, :permalink,
:count_on_hand, :meta_description, :meta_keywords, :taxon_ids]
end
+ def product_property_attributes
+ [:id, :product_id, :property_id, :value, :property_name]
+ end
+
def variant_attributes
[:id, :name, :count_on_hand, :sku, :price, :weight, :height, :width, :depth, :is_master, :cost_price, :permalink]
end
@@ -29,7 +33,7 @@ def option_value_attributes
end
def order_attributes
- [:id, :number, :item_total, :total, :state, :adjustment_total, :credit_total, :user_id, :created_at, :updated_at, :completed_at, :payment_total, :shipment_state, :payment_state, :email, :special_instructions]
+ [:id, :number, :item_total, :total, :state, :adjustment_total, :user_id, :created_at, :updated_at, :completed_at, :payment_total, :shipment_state, :payment_state, :email, :special_instructions]
end
def line_item_attributes
View
0  api/app/models/spree/payment_decorator.rb
No changes.
View
18 api/app/models/spree/user_decorator.rb
@@ -1,11 +1,13 @@
-Spree::User.class_eval do
- def generate_api_key!
- self.api_key = SecureRandom.hex(24)
- save!
- end
+if Spree.user_class
+ Spree.user_class.class_eval do
+ def generate_spree_api_key!
+ self.spree_api_key = SecureRandom.hex(24)
+ save!
+ end
- def clear_api_key!
- self.api_key = nil
- save!
+ def clear_spree_api_key!
+ self.spree_api_key = nil
+ save!
+ end
end
end
View
4 api/app/views/spree/admin/users/_api_fields.html.erb
@@ -1,7 +1,7 @@
<h2><%= t('access', :scope => 'spree.api') %></h2>
-<% if @user.authentication_token.present? %>
- <p><strong><%= t('key', :scope => 'spree.api') %></strong> <%= @user.authentication_token %></p>
+<% if @user.spree_api_key.present? %>
+ <p><strong><%= t('key', :scope => 'spree.api') %></strong> <%= @user.spree_api_key %></p>
<%= form_tag spree.clear_api_key_admin_user_path(@user), :method => :put do %>
<%= button t('clear_key', :scope => 'spree.api') %>
View
1  api/app/views/spree/api/v1/images/show.rabl
@@ -1,2 +1,3 @@
object @image
attributes *image_attributes
+attributes :viewable_type, :viewable_id
View
6 api/app/views/spree/api/v1/products/show.rabl
@@ -9,7 +9,7 @@ child :variants_including_master => :variants do
end
child :images => :images do
- attributes *image_attributes
+ extends "spree/api/v1/images/show"
end
child :option_types => :option_types do
@@ -19,3 +19,7 @@ child :option_types => :option_types do
attributes *option_value_attributes
end
end
+
+child :product_properties => :product_properties do
+ attributes *product_property_attributes
+end
View
2  api/app/views/spree/api/v1/zones/index.rabl
@@ -0,0 +1,2 @@
+collection @zones
+extends 'spree/api/v1/zones/show'
View
6 api/app/views/spree/api/v1/zones/show.rabl
@@ -0,0 +1,6 @@
+object @zone
+attributes :id, :name, :description
+
+child :zone_members => :zone_members do
+ attributes :id, :name, :zoneable_type, :zoneable_id
+end
View
1  api/config/initializers/metal_load_paths.rb
@@ -0,0 +1 @@
+Spree::Api::V1::BaseController.append_view_path(ApplicationController.view_paths)
View
5 api/config/routes.rb
@@ -16,11 +16,11 @@
end
resources :variants
- resources :images
end
+ resources :images
+
resources :variants, :only => [:index] do
- resources :images
end
resources :orders do
@@ -51,6 +51,7 @@
end
end
+ resources :zones
resources :countries, :only => [:index, :show]
resources :addresses, :only => [:show, :update]
resources :taxonomies do
View
4 api/db/migrate/20100107141738_add_api_key_to_spree_users.rb
@@ -1,5 +1,7 @@
class AddApiKeyToSpreeUsers < ActiveRecord::Migration
def change
- add_column :spree_users, :api_key, :string, :limit => 40
+ unless defined?(User)
+ add_column :spree_users, :api_key, :string, :limit => 40
+ end
end
end
View
4 api/db/migrate/20120411123334_resize_api_key_field.rb
@@ -1,5 +1,7 @@
class ResizeApiKeyField < ActiveRecord::Migration
def change
- change_column :spree_users, :api_key, :string, :limit => 48
+ if table_exists?(:spree_users)
+ change_column :spree_users, :api_key, :string, :limit => 48
+ end
end
end
View
7 api/db/migrate/20120530054546_rename_api_key_to_spree_api_key.rb
@@ -0,0 +1,7 @@
+class RenameApiKeyToSpreeApiKey < ActiveRecord::Migration
+ def change
+ unless defined?(User)
+ rename_column :spree_users, :api_key, :spree_api_key
+ end
+ end
+end
View
1  api/lib/spree/api.rb
@@ -1,5 +1,4 @@
require 'spree/core'
-require 'spree/auth'
require 'spree/api/controller_setup'
View
1  api/lib/spree/api/controller_setup.rb
@@ -17,7 +17,6 @@ def self.included(klass)
include CanCan::ControllerAdditions
append_view_path File.expand_path("../../../app/views", File.dirname(__FILE__))
- append_view_path Rails.root + "app/views"
respond_to :json
end
View
2  api/lib/spree/api/testing_support/helpers.rb
@@ -13,7 +13,7 @@ def assert_unauthorized!
def stub_authentication!
controller.stub :check_for_api_key
- Spree::User.stub :find_by_api_key => current_api_user
+ Spree::User.stub :find_by_spree_api_key => current_api_user
end
# This method can be overriden (with a let block) inside a context
View
2  api/lib/spree/api/testing_support/setup.rb
@@ -5,7 +5,7 @@ module Setup
def sign_in_as_admin!
let!(:current_api_user) do
user = stub_model(Spree::User)
- user.should_receive(:has_role?).any_number_of_times.with("admin").and_return(true)
+ user.should_receive(:has_spree_role?).any_number_of_times.with("admin").and_return(true)
user
end
end
View
8 api/script/rails
@@ -1,5 +1,9 @@
#!/usr/bin/env ruby
# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
-ENGINE_PATH = File.expand_path('../..', __FILE__)
-load File.expand_path('../../spec/dummy/script/rails', __FILE__)
+ENGINE_ROOT = File.expand_path('../..', __FILE__)
+ENGINE_PATH = File.expand_path('../../lib/spree/api/engine', __FILE__)
+
+require 'rails/all'
+require 'rails/engine/commands'
+
View
34 api/spec/controllers/spree/api/v1/images_controller_spec.rb
@@ -5,8 +5,8 @@ module Spree
render_views
let!(:product) { create(:product) }
- let!(:attributes) { [:id, :position, :attachment_content_type,
- :attachment_file_name, :type, :attachment_updated_at, :attachment_width,
+ let!(:attributes) { [:id, :position, :attachment_content_type,
+ :attachment_file_name, :type, :attachment_updated_at, :attachment_width,
:attachment_height, :alt] }
before do
@@ -14,19 +14,25 @@ module Spree
end
it "can upload a new image for a product" do
- product.images.count.should == 0
- api_post :create, :product_id => product.to_param, :image => { :attachment => upload_image("thinking-cat.jpg") }
- response.status.should == 201
- json_response.should have_attributes(attributes)
- product.images.count.should == 1
+ lambda do
+ api_post :create,
+ :image => { :attachment => upload_image("thinking-cat.jpg"),
+ :viewable_type => 'Spree::Product',
+ :viewable_id => product.id }
+ response.status.should == 201
+ json_response.should have_attributes(attributes)
+ end.should change(Image, :count).by(1)
end
it "can upload a new image for a variant" do
- product.master.images.count.should == 0
- api_post :create, :variant_id => product.master.to_param, :image => { :attachment => upload_image("thinking-cat.jpg") }
- response.status.should == 201
- json_response.should have_attributes(attributes)
- product.images.count.should == 1
+ lambda do
+ api_post :create,
+ :image => { :attachment => upload_image("thinking-cat.jpg"),
+ :viewable_type => 'Spree::Variant',
+ :viewable_id => product.master.to_param }
+ response.status.should == 201
+ json_response.should have_attributes(attributes)
+ end.should change(Image, :count).by(1)
end
context "working with an existing image" do
@@ -34,14 +40,14 @@ module Spree
it "can update image data" do
product_image.position.should == 1
- api_post :update, :variant_id => product.master.to_param, :image => { :position => 2 }, :id => product_image.id
+ api_post :update, :image => { :position => 2 }, :id => product_image.id
response.status.should == 200
json_response.should have_attributes(attributes)
product_image.reload.position.should == 2
end
it "can delete an image" do
- api_delete :destroy, :variant_id => product.master.to_param, :id => product_image.id
+ api_delete :destroy, :id => product_image.id
response.status.should == 200
lambda { product_image.reload }.should raise_error(ActiveRecord::RecordNotFound)
end
View
2  api/spec/controllers/spree/api/v1/orders_controller_spec.rb
@@ -6,7 +6,7 @@ module Spree
let!(:order) { create(:order) }
let(:attributes) { [:number, :item_total, :total,
- :state, :adjustment_total, :credit_total,
+ :state, :adjustment_total,
:user_id, :created_at, :updated_at,
:completed_at, :payment_total, :shipment_state,
:payment_state, :email, :special_instructions] }
View
22 api/spec/controllers/spree/api/v1/products_controller_spec.rb
@@ -48,6 +48,7 @@ module Spree
it "gets a single product" do
product.master.images.create!(:attachment => image("thinking-cat.jpg"))
+ product.set_property("spree", "rocks")
api_get :show, :id => product.to_param
json_response.should have_attributes(attributes)
product_json = json_response["product"]
@@ -60,6 +61,10 @@ module Spree
:attachment_width,
:attachment_height,
:attachment_content_type])
+
+ product_json["product_properties"].first.should have_attributes([:value,
+ :product_id,
+ :property_name])
end
@@ -127,6 +132,23 @@ module Spree
json_response["pages"].should == 1
end
+ # Regression test for #1626
+ context "deleted products" do
+ before do
+ create(:product, :deleted_at => Time.now)
+ end
+
+ it "does not include deleted products" do
+ api_get :index
+ json_response["products"].count.should == 2
+ end
+
+ it "can include deleted products" do
+ api_get :index, :show_deleted => 1
+ json_response["products"].count.should == 3
+ end
+ end
+
it "can create a new product" do
api_post :create, :product => { :name => "The Other Product",
:price => 19.99 }
View
54 api/spec/controllers/spree/api/v1/zones_controller_spec.rb
@@ -0,0 +1,54 @@
+require 'spec_helper'
+
+module Spree
+ describe Api::V1::ZonesController do
+ render_views
+
+ let!(:attributes) { [:id, :name, :zone_members] }
+
+ before do
+ stub_authentication!
+ @zone = create(:zone, :name => 'Europe')
+ end
+
+ it "gets list of zones" do
+ api_get :index
+ json_response.first.should have_attributes(attributes)
+ end
+
+ it "gets a zone" do
+ api_get :show, :id => @zone.id
+ json_response.should have_attributes(attributes)
+ json_response['zone']['name'].should eq @zone.name
+ json_response['zone']['zone_members'].size.should eq @zone.zone_members.count
+ end
+
+ context "as an admin" do
+ sign_in_as_admin!
+
+ it "can create a new zone" do
+ api_post :create, :zone => { :name => "North Pole",
+ :zone_members => [ :zone_member => {
+ :zoneable_id => 1 }] }
+ response.status.should == 201
+ json_response.should have_attributes(attributes)
+ end
+
+ it "updates a zone" do
+ api_put :update, :id => @zone.id,
+ :zone => { :name => "Americas",
+ :zone_members => [ :zone_member => {
+ :zoneable_type => 'Spree::Country',
+ :zoneable_id => 1 }]}
+ response.status.should == 200
+ json_response['zone']['name'].should eq 'Americas'
+ end
+
+ it "can delete a zone" do
+ api_delete :destroy, :id => @zone.id
+ response.status.should == 200
+ lambda { @zone.reload }.should raise_error(ActiveRecord::RecordNotFound)
+ end
+ end
+ end
+end
View
8 api/spec/models/spree/order_spec.rb
@@ -5,14 +5,14 @@ module Spree
let(:user) { stub_model(User) }
it 'can build an order from API parameters' do
-
- Spree::Variant.should_receive(:find).and_return(stub_model(Variant, :id => 1))
- order = Order.build_from_api(user, { :line_items_attributes => [{ :variant_id => 1, :quantity => 5 }]})
+ product = Spree::Product.create!(:name => 'Test', :sku => 'TEST-1', :price => 33.22)
+ variant_id = product.master.id
+ order = Order.build_from_api(user, { :line_items_attributes => [{ :variant_id => variant_id, :quantity => 5 }]})
order.user.should == user
line_item = order.line_items.first
line_item.quantity.should == 5
- line_item.variant_id.should == 1
+ line_item.variant_id.should == variant_id
end
end
end
View
8 api/spec/models/spree/user_spec.rb
@@ -6,14 +6,14 @@ module Spree
it "can generate an API key" do
user.should_receive(:save!)
- user.generate_api_key!
- user.api_key.should_not be_blank
+ user.generate_spree_api_key!
+ user.spree_api_key.should_not be_blank
end
it "can clear an API key" do
user.should_receive(:save!)
- user.clear_api_key!
- user.api_key.should be_blank
+ user.clear_spree_api_key!
+ user.spree_api_key.should be_blank
end
end
end
View
1  api/spree_api.gemspec
@@ -16,7 +16,6 @@ Gem::Specification.new do |gem|
gem.version = version
gem.add_dependency 'spree_core', version
- gem.add_dependency 'spree_auth', version
gem.add_dependency 'rabl', '0.6.5'
gem.add_development_dependency 'rspec-rails', '2.9.0'
View
1  auth/.gitignore
@@ -1 +0,0 @@
-sandbox
View
5 auth/Gemfile
@@ -1,5 +0,0 @@
-eval(File.read(File.dirname(__FILE__) + '/../common_spree_dependencies.rb'))
-
-gem 'spree_core', :path => '../core'
-
-gemspec
View
26 auth/LICENSE
@@ -1,26 +0,0 @@
-Copyright (c) 2007-2012, Spree Commerce, Inc. and other contributors
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
-
- * Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
- * Neither the name Spree nor the names of its contributors may be used to
- endorse or promote products derived from this software without specific
- prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
-CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
-PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
View
38 auth/README.md
@@ -1,38 +0,0 @@
-Authentication
-==============
-
-Provides authentication and authorization services for use with Spree
-
-
-Overview
---------
-
-This gem provides the so-called "core" functionality of Spree and is a requirement for any Spree application or
-store. The basic data models as well as product catalog and admin functionality are all provided by this gem.
-
-
-Security Warning
-----------------
-
-*This gem provides absolutely no authentication and authorization. You are strongly encouraged to install
-and use the spree-auth gem in addition to spree-core in order to restrict access to orders and other admin
-functionality.*
-
-
-Testing
--------
-
-You need to do a quick one-time creation of a test application and then you can use it to run the tests.
-
- bundle exec rake test_app
-
-Then run the rspec tests
-
- bundle exec rake spec
-
-Misc
-----
-
-authentication by token example
-
- http://localhost:3000/?auth_token=oWBSN16k6dWx46TtSGcp
View
29 auth/Rakefile
@@ -1,29 +0,0 @@
-require 'rubygems'
-require 'rake'
-require 'rake/testtask'
-require 'rake/packagetask'
-require 'rubygems/package_task'
-require 'rspec/core/rake_task'
-require 'spree/core/testing_support/common_rake'
-
-RSpec::Core::RakeTask.new
-
-task :default => :spec
-
-spec = eval(File.read('spree_auth.gemspec'))
-
-Gem::PackageTask.new(spec) do |p|
- p.gem_spec = spec
-end
-
-desc 'Release to gemcutter'
-task :release do
- version = File.read(File.expand_path('../../SPREE_VERSION', __FILE__)).strip
- cmd = "cd pkg && gem push spree_auth-#{version}.gem"; puts cmd; system cmd
-end
-
-desc 'Generates a dummy app for testing'
-task :test_app do
- ENV['LIB_NAME'] = 'spree/auth'
- Rake::Task['common:test_app'].invoke
-end
View
1  auth/app/assets/javascripts/admin/spree_auth.js
@@ -1 +0,0 @@
-//= require admin/spree_core
View
1  auth/app/assets/javascripts/store/spree_auth.js
@@ -1 +0,0 @@
-//= require store/spree_core
View
3  auth/app/assets/stylesheets/admin/spree_auth.css
@@ -1,3 +0,0 @@
-/*
- *= require admin/spree_core
-*/
View
3  auth/app/assets/stylesheets/store/spree_auth.css
@@ -1,3 +0,0 @@
-/*
- *= require store/spree_core
-*/
View
19 auth/app/controllers/spree/admin/admin_controller_decorator.rb
@@ -1,19 +0,0 @@
-require File.expand_path('../../base_controller_decorator', __FILE__)
-Spree::Admin::BaseController.class_eval do
- before_filter :authorize_admin
-
- def authorize_admin
- begin
- record = model_class.new
- rescue
- record = Object.new
- end
- authorize! :admin, record
- authorize! params[:action].to_sym, record
- end
-
- protected
- def model_class
- "Spree::#{controller_name.classify}".constantize
- end
-end
View
14 auth/app/controllers/spree/admin/admin_orders_controller_decorator.rb
@@ -1,14 +0,0 @@
-Spree::Admin::OrdersController.class_eval do
- before_filter :check_authorization
-
- private
- def check_authorization
- load_order
- session[:access_token] ||= params[:token]
-
- resource = @order || Spree::Order.new
- action = params[:action].to_sym
-
- authorize! action, resource, session[:access_token]
- end
-end
View
3  auth/app/controllers/spree/admin/admin_resource_controller_decorator.rb
@@ -1,3 +0,0 @@
-Spree::Admin::ResourceController.class_eval do
- rescue_from CanCan::AccessDenied, :with => :unauthorized
-end
View
21 auth/app/controllers/spree/admin/admin_users_controller_decorator.rb
@@ -1,21 +0,0 @@
-require File.expand_path('../../base_controller_decorator', __FILE__)
-Spree::Admin::UsersController.class_eval do
- rescue_from Spree::User::DestroyWithOrdersError, :with => :user_destroy_with_orders_error
-
- update.after :sign_in_if_change_own_password
-
- before_filter :load_roles, :only => [:edit, :new, :update, :create]
-
- private
-
- def sign_in_if_change_own_password
- if current_user == @user && @user.password.present?
- sign_in(@user, :event => :authentication, :bypass => true)
- end
- end
-
- def load_roles
- @roles = Spree::Role.scoped
- end
-end
-
View
49 auth/app/controllers/spree/base_controller_decorator.rb
@@ -1,49 +0,0 @@
-Spree::BaseController.class_eval do
- before_filter :set_current_user
-
- # graceful error handling for cancan authorization exceptions
- rescue_from CanCan::AccessDenied do |exception|
- return unauthorized
- end
-
- private
- # Needs to be overriden so that we use Spree's Ability rather than anyone else's.
- def current_ability
- @current_ability ||= Spree::Ability.new(current_user)
- end
- # Redirect as appropriate when an access request fails. The default action is to redirect to the login screen.
- # Override this method in your controllers if you want to have special behavior in case the user is not authorized
- # to access the requested action. For example, a popup window might simply close itself.
- def unauthorized
- respond_to do |format|
- format.html do
- if current_user
- flash.now[:error] = t(:authorization_failure)
- render 'spree/shared/unauthorized', :layout => '/spree/layouts/spree_application', :status => 401
- else
- store_location
- redirect_to spree.login_path and return
- end
- end
- format.xml do
- request_http_basic_authentication 'Web Password'
- end
- format.json do
- render :text => "Not Authorized \n", :status => 401
- end
- end
- end
-
- def store_location
- # disallow return to login, logout, signup pages
- disallowed_urls = [spree.signup_url, spree.login_url, spree.destroy_user_session_path]
- disallowed_urls.map!{ |url| url[/\/\w+$/] }
- unless disallowed_urls.include?(request.fullpath)
- session['user_return_to'] = request.fullpath.gsub('//', '/')
- end
- end
-
- def set_current_user
- Spree::User.current = current_user
- end
-end
View
42 auth/app/controllers/spree/checkout_controller_decorator.rb
@@ -1,42 +0,0 @@
-Spree::CheckoutController.class_eval do
- before_filter :check_authorization
- before_filter :check_registration, :except => [:registration, :update_registration]
-
- helper 'spree/users'
-
- def registration
- @user = Spree::User.new
- end
-
- def update_registration
- fire_event("spree.user.signup", :order => current_order)
- # hack - temporarily change the state to something other than cart so we can validate the order email address
- current_order.state = 'address'
- if current_order.update_attributes(params[:order])
- redirect_to checkout_path
- else
- @user = Spree::User.new
- render 'registration'
- end
- end
-
- private
- def check_authorization
- authorize!(:edit, current_order, session[:access_token])
- end
-
- # Introduces a registration step whenever the +registration_step+ preference is true.
- def check_registration
- return unless Spree::Auth::Config[:registration_step]
- return if current_user or current_order.email
- store_location
- redirect_to spree.checkout_registration_path
- end
-
- # Overrides the equivalent method defined in Spree::Core. This variation of the method will ensure that users
- # are redirected to the tokenized order url unless authenticated as a registered user.
- def completion_route
- return order_path(@order) if current_user
- spree.token_order_path(@order, @order.token)
- end
-end
View
15 auth/app/controllers/spree/orders_controller_decorator.rb
@@ -1,15 +0,0 @@
-Spree::OrdersController.class_eval do
- before_filter :check_authorization
-
- private
- def check_authorization
- session[:access_token] ||= params[:token]
- order = Spree::Order.find_by_number(params[:id]) || current_order
-
- if order
- authorize! :edit, order, session[:access_token]
- else
- authorize! :create, Spree::Order.new
- end
- end
-end
View
13 auth/app/controllers/spree/products_controller_decorator.rb
@@ -1,13 +0,0 @@
-Spree::ProductsController.class_eval do
- rescue_from CanCan::AccessDenied, :with => :render_404
-
- private
- def load_product
- @product = Spree::Product.find_by_permalink!(params[:id])
- if !@product.deleted? && (@product.available_on.nil? || @product.available_on.future?)
- # Allow admins to view any yet to be available products
- raise CanCan::AccessDenied unless current_user && current_user.admin?
- end
- end
-end
-
View
40 auth/app/controllers/spree/user_passwords_controller.rb
@@ -1,40 +0,0 @@
-class Spree::UserPasswordsController < Devise::PasswordsController
- include Spree::Core::ControllerHelpers
- helper 'spree/users', 'spree/base'
-
- ssl_required
-
- after_filter :associate_user
-
- def new
- super
- end
-
- # Temporary Override until next Devise release (i.e after v1.3.4)
- # line:
- # respond_with resource, :location => new_session_path(resource_name)
- # is generating bad url /session/new.user
- #
- # overridden to:
- # respond_with resource, :location => login_path
- #
- def create
- self.resource = resource_class.send_reset_password_instructions(params[resource_name])
-
- if resource.errors.empty?
- set_flash_message(:notice, :send_instructions) if is_navigational_format?
- respond_with resource, :location => spree.login_path
- else
- respond_with_navigational(resource) { render :new }
- end
- end
-
- def edit
- super
- end
-
- def update
- super
- end
-
-end
View
58 auth/app/controllers/spree/user_registrations_controller.rb
@@ -1,58 +0,0 @@
-class Spree::UserRegistrationsController < Devise::RegistrationsController
- include Spree::Core::ControllerHelpers
- helper 'spree/users', 'spree/base'
-
- ssl_required
- after_filter :associate_user, :only => :create
- before_filter :check_permissions, :only => [:edit, :update]
- skip_before_filter :require_no_authentication
-
- # GET /resource/sign_up
- def new
- super
- end
-
- # POST /resource/sign_up
- def create
- @user = build_resource(params[:user])
- if resource.save
- set_flash_message(:notice, :signed_up)
- sign_in(:user, @user)
- fire_event('spree.user.signup', :user => @user, :order => current_order(true))
- sign_in_and_redirect(:user, @user)
- else
- clean_up_passwords(resource)
- render :new
- end
- end
-
- # GET /resource/edit
- def edit
- super
- end
-
- # PUT /resource
- def update
- super
- end
-
- # DELETE /resource
- def destroy
- super
- end
-
- # GET /resource/cancel
- # Forces the session data which is usually expired after sign
- # in to be expired now. This is useful if the user wants to
- # cancel oauth signing in/up in the middle of the process,
- # removing all OAuth session data.
- def cancel
- super
- end
-
- protected
- def check_permissions
- authorize!(:create, resource)
- end
-
-end
View
51 auth/app/controllers/spree/user_sessions_controller.rb
@@ -1,51 +0,0 @@
-class Spree::UserSessionsController < Devise::SessionsController
- include Spree::Core::ControllerHelpers
- helper 'spree/users', 'spree/base'
-
- include Spree::Core::CurrentOrder
-
- after_filter :associate_user, :only => :create
-
- ssl_required :new, :create, :destroy, :update
- ssl_allowed :login_bar
-
- # GET /resource/sign_in
- def new
- super
- end
-
- def create
- authenticate_user!
-
- if user_signed_in?
- respond_to do |format|
- format.html {
- flash.notice = t(:logged_in_succesfully)
- redirect_back_or_default(products_path)
- }
- format.js {
- user = resource.record
- render :json => {:ship_address => user.ship_address, :bill_address => user.bill_address}.to_json
- }
- end
- else
- flash.now[:error] = t('devise.failure.invalid')
- render :new
- end
- end
-
- def destroy
- cookies.clear
- session.clear
- super
- end
-
- def nav_bar
- render :partial => 'spree/shared/nav_bar'
- end
-
- private
- def accurate_title
- t(:login)
- end
-end
View
51 auth/app/controllers/spree/users_controller.rb
@@ -1,51 +0,0 @@
-class Spree::UsersController < Spree::BaseController
- ssl_required
- prepend_before_filter :load_object, :only => [:show, :edit, :update]
- prepend_before_filter :authorize_actions, :only => :new
-
- def show
- @orders = @user.orders.complete
- end
-
- def create
- @user = Spree::User.new(params[:user])
- if @user.save
-
- if current_order
- current_order.associate_user!(@user)
- session[:guest_token] = nil
- end
-
- redirect_back_or_default(root_url)
- else
- render :new
- end
- end
-
- def update
- if @user.update_attributes(params[:user])
- if params[:user][:password].present?
- # this logic needed b/c devise wants to log us out after password changes
- user = Spree::User.reset_password_by_token(params[:user])
- sign_in(@user, :event => :authentication, :bypass => !Spree::Auth::Config[:signout_after_password_change])
- end
- redirect_to spree.account_url, :notice => t(:account_updated)
- else
- render :edit
- end
- end
-
- private
- def load_object
- @user ||= current_user
- authorize! params[:action].to_sym, @user
- end
-
- def authorize_actions
- authorize! params[:action].to_sym, Spree::User.new
- end
-
- def accurate_title
- t(:my_account)
- end
-end
View
15 auth/app/helpers/spree/users_helper.rb
@@ -1,15 +0,0 @@
-module Spree
- module UsersHelper
- def password_style(user)
- ActiveSupport::Deprecation.warn '[SPREE] Password style has be depreciated due to the removal of OpenID from the Auth Gem. '
- 'Please install the spree_social gem to regain this functionality and more.'
- ''
- end
-
- def openid_style(user)
- ActiveSupport::Deprecation.warn '[SPREE] Password style has be depreciated due to the removal of OpenID from the Auth Gem. '
- 'Please install the spree_social gem to regain this functionality and more.'
- 'display:none'
- end
- end
-end
View
8 auth/app/mailers/spree/user_mailer.rb
@@ -1,8 +0,0 @@
-class Spree::UserMailer < ActionMailer::Base
- def reset_password_instructions(user)
- @edit_password_reset_url = spree.edit_user_password_url(:reset_password_token => user.reset_password_token)
-
- mail(:to => user.email,
- :subject => Spree::Config[:site_name] + ' ' + I18n.t(:password_reset_instructions))
- end
-end
View
6 auth/app/models/spree/auth_configuration.rb
@@ -1,6 +0,0 @@
-module Spree
- class AuthConfiguration < Preferences::Configuration
- preference :registration_step, :boolean, :default => true
- preference :signout_after_password_change, :boolean, :default => true
- end
-end
View
12 auth/app/models/spree/current_order_decorator.rb
@@ -1,12 +0,0 @@
-Spree::Core::CurrentOrder.module_eval do
- # Associate the new order with the currently authenticated user before saving
- def before_save_new_order
- @current_order.user ||= current_user
- end
-
- def after_save_new_order
- # make sure the user has permission to access the order (if they are a guest)
- return if current_user
- session[:access_token] = @current_order.token
- end
-end
View
12 auth/app/models/spree/order_decorator.rb
@@ -1,12 +0,0 @@
-Spree::Order.class_eval do
- token_resource
-
- # Associates the specified user with the order and destroys any previous association with guest user if
- # necessary.
- def associate_user!(user)
- self.user = user
- self.email = user.email
- # disable validations since this can cause issues when associating an incomplete address during the address step
- save(:validate => false)
- end
-end
View
97 auth/app/models/spree/user.rb
@@ -1,97 +0,0 @@
-module Spree
- class User < ActiveRecord::Base
- include Core::UserBanners
-
- devise :database_authenticatable, :token_authenticatable, :registerable, :recoverable,
- :rememberable, :trackable, :validatable, :encryptable, :encryptor => 'authlogic_sha512'
-
- has_many :orders
- has_and_belongs_to_many :roles, :join_table => 'spree_roles_users'
- belongs_to :ship_address, :foreign_key => 'ship_address_id', :class_name => 'Spree::Address'
- belongs_to :bill_address, :foreign_key => 'bill_address_id', :class_name => 'Spree::Address'
-
- before_save :check_admin
- before_validation :set_login
- before_destroy :check_completed_orders
-
- # Setup accessible (or protected) attributes for your model
- attr_accessible :email, :password, :password_confirmation, :remember_me, :persistence_token, :login, :role_ids
-
- users_table_name = User.table_name
- roles_table_name = Role.table_name
-
- scope :admin, lambda { includes(:roles).where("#{roles_table_name}.name" => "admin") }
- scope :registered, where("#{users_table_name}.email NOT LIKE ?", "%@example.net")
-
- class DestroyWithOrdersError < StandardError; end
-
- # has_role? simply needs to return true or false whether a user has a role or not.
- def has_role?(role_in_question)
- roles.any? { |role| role.name == role_in_question.to_s }
- end
-
- # Creates an anonymous user. An anonymous user is basically an auto-generated +User+ account that is created for the customer
- # behind the scenes and its completely transparently to the customer. All +Orders+ must have a +User+ so this is necessary
- # when adding to the "cart" (which is really an order) and before the customer has a chance to provide an email or to register.
- def self.anonymous!
- token = User.generate_token(:persistence_token)
- User.create(:email => "#{token}@example.net", :password => token, :password_confirmation => token, :persistence_token => token)
- end
-
- def self.admin_created?
- User.admin.count > 0
- end
-
- def anonymous?
- email =~ /@example.net$/
- end
-
- def send_reset_password_instructions
- generate_reset_password_token!
- UserMailer.reset_password_instructions(self).deliver
- end
-
- protected
- def password_required?
- !persisted? || password.present? || password_confirmation.present?
- end
-
- private
-
- def check_completed_orders
- raise DestroyWithOrdersError if orders.complete.present?
- end
-
- def check_admin
- return if self.class.admin_created?
- admin_role = Role.find_or_create_by_name 'admin'
- self.roles << admin_role
- end
-
- def set_login
- # for now force login to be same as email, eventually we will make this configurable, etc.
- self.login ||= self.email if self.email
- end
-
- # Generate a friendly string randomically to be used as token.
- def self.friendly_token
- SecureRandom.base64(15).tr('+/=', '-_ ').strip.delete("\n")
- end
-
- # Generate a token by looping and ensuring does not already exist.
- def self.generate_token(column)
- loop do
- token = friendly_token
- break token unless find(:first, :conditions => { column => token })
- end
- end
-
- def self.current
- Thread.current[:user]
- end
-
- def self.current=(user)
- Thread.current[:user] = user
- end
- end
-end
View
7 auth/app/overrides/admin_payment_methods_index.rb
@@ -1,7 +0,0 @@
-Deface::Override.new(:virtual_path => "spree/admin/payment_methods/index",
- :name => "gateway_banner",
- :insert_after => "#listing_payment_methods",
- :partial => "spree/admin/banners/gateway",
- :original => '93c6a827573cd5b5410992477389e178b9965630' )
-
-
View
5 auth/app/overrides/auth_admin_login_navigation_bar.rb
@@ -1,5 +0,0 @@
-Deface::Override.new(:virtual_path => "spree/layouts/admin",
- :name => "auth_admin_login_navigation_bar",
- :replace => "[data-hook='admin_login_navigation_bar'], #admin_login_navigation_bar[data-hook]",
- :partial => "spree/layouts/admin/login_nav",
- :original => '0a5476d4d5db90ec8dd200ebaa0109a6a54ec6bc' )
View
6 auth/app/overrides/auth_admin_user_roles.rb
@@ -1,6 +0,0 @@
-Deface::Override.new(:virtual_path => "spree/admin/users/_form",
- :name => "auth_admin_user_roles",
- :insert_after => "[data-hook='admin_user_form_fields']",
- :partial => "spree/admin/users/roles",
- :disabled => false,
- :original => '0e121156115799a53f5c5dddfb65c1ec80cb5f09')
View
7 auth/app/overrides/auth_shared_login_bar.rb
@@ -1,7 +0,0 @@
-Deface::Override.new(:virtual_path => "spree/shared/_nav_bar",
- :name => "auth_shared_login_bar",
- :insert_before => "li#search-bar",
- :partial => "spree/shared/login_bar",
- :disabled => false,
- :original => 'eb3fa668cd98b6a1c75c36420ef1b238a1fc55ac')
-
View
6 auth/app/overrides/auth_user_login_form.rb
@@ -1,6 +0,0 @@
-Deface::Override.new(:virtual_path => "spree/checkout/registration",
- :name => "auth_user_login_form",
- :replace_contents => "[data-hook='registration'] #account, #registration[data-hook] #account",
- :template => "spree/user_sessions/new",
- :disabled => false,
- :original => 'ab20ac9e90baa11b847b30040aef863d2e1af17a')
View
14 auth/app/views/spree/admin/banners/_gateway.html.erb
@@ -1,14 +0,0 @@
-<% if !current_user.dismissed_banner?(:gateway) &&
- Spree::PaymentMethod.production.where("type != 'Spree::Gateway::Bogus'").empty? %>
-
- <div class="banner payment_banner">
- <p class="message">
- <%= t(:payment_processor_choose_banner_text)%>
- <%= link_to t(:payment_processor_choose_link), "http://spreecommerce.com/products/payment_processing", :target => '_blank' %>
- </p>
-
- <%= link_to t(:dismiss_banner), dismiss_banner_admin_user_path(current_user, :banner_id => :gateway),
- :remote => true, :method => :post, :class => 'dismiss' %>
- </div>
-
-<% end %>
View
12 auth/app/views/spree/admin/users/_roles.html.erb
@@ -1,12 +0,0 @@
-<div data-hook="admin_user_form_roles">
- <p>
- <%= label_tag nil, t(:roles) %><br />
- <% @roles.each do |role| %>
- <label class="sub">
- <%= check_box_tag 'user[role_ids][]', role.id, @user.roles.include?(role), :id => "user_role_#{role.name}" %>
- <%= role.name %>
- </label> &nbsp;
- <% end %>
- <%= hidden_field_tag 'user[role_ids][]', '' %>
- </p>
-</div>
View
8 auth/app/views/spree/layouts/admin/_login_nav.html.erb
@@ -1,8 +0,0 @@
-<% if current_user %>
- <ul id="login-nav">
- <li><%= t(:logged_in_as) %>: <%= current_user.email %></li>
- <li><%= link_to t(:account), spree.edit_user_path(current_user) %></li>
- <li><%= link_to t(:logout), spree.destroy_user_session_path %></li>
- <li><%= link_to t(:store), spree.products_path %></li>
- </ul>
-<% end %>
View
9 auth/app/views/spree/shared/_flashes.html.erb
@@ -1,9 +0,0 @@
-<% if flash.any? %>
- <div id="flash">
- <% flash.each do |key, value| %>
- <p>
- <%= value %>
- </p>
- <% end %>
- </div>
-<% end%>
View
20 auth/app/views/spree/shared/_login.html.erb
@@ -1,20 +0,0 @@
-<%= form_for :user, :url => spree.user_session_path do |f| %>
- <div id="password-credentials">
- <p>
- <%= f.label :email, t(:email) %><br />
- <%= f.email_field :email, :class => 'title', :tabindex => 1 %>
- </p>
- <p>
- <%= f.label :password, t(:password) %><br />
- <%= f.password_field :password, :class => 'title', :tabindex => 2 %>
- </p>
- </div>
- <p>
- <label>
- <%= f.check_box :remember_me %>
- <%= f.label :remember_me, t(:remember_me) %>
- </label>
- </p>
-
- <p><%= f.submit t(:login), :class => 'button primary' %></p>
-<% end %>
View
6 auth/app/views/spree/shared/_login_bar.html.erb
@@ -1,6 +0,0 @@
-<% if current_user %>
- <li><%= link_to t(:my_account), spree.account_path %></li>
- <li><%= link_to t(:logout), spree.destroy_user_session_path %></li>
-<% else %>
- <li id="link-to-login"><%= link_to t(:login), spree.login_path %></li>
-<% end %>
View
17 auth/app/views/spree/shared/_user_form.html.erb
@@ -1,17 +0,0 @@
-<p>
- <%= f.label :email, t(:email) %><br />
- <%= f.email_field :email, :class => 'title' %>
-</p>
-<div id="password-credentials">
- <p>
- <%= f.label :password, t(:password) %><br />
- <%= f.password_field :password, :class => 'title' %>
- </p>
-
- <p>
- <%= f.label :password_confirmation, t(:confirm_password) %><br />
- <%= f.password_field :password_confirmation, :class => 'title' %>
- </p>
-</div>
-
-<div data-hook="signup_below_password_fields"></div>
View
10 auth/app/views/spree/user_mailer/reset_password_instructions.text.erb
@@ -1,10 +0,0 @@
-A request to reset your password has been made.
-If you did not make this request, simply ignore this email.
-
-If you did make this request just click the link below:
-
-<%= @edit_password_reset_url %>
-
-If the above URL does not work try copying and pasting it into your browser.
-If you continue to have problem please feel free to contact us.
-
View
15 auth/app/views/spree/user_passwords/edit.html.erb
@@ -1,15 +0,0 @@
-<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
-<h2><%= t(:change_my_password) %></h2>
-
-<%= form_for @user, :url => spree.user_password_path, :method => :put do |f| %>
- <p>
- <%= f.label :password, t(:password) %><br />
- <%= f.password_field :password %><br />
- </p>
- <p>
- <%= f.label :password_confirmation, t(:password_confirmation) %><br />
- <%= f.password_field :password_confirmation %><br />
- </p>
- <%= f.hidden_field :reset_password_token %>
- <%= f.submit t(:update_password), :class => 'button primary' %>
-<% end %>
View
15 auth/app/views/spree/user_passwords/new.html.erb
@@ -1,15 +0,0 @@
-<div id="forgot-password">
- <h6><%= t(:forgot_password) %></h6>
-
- <p><%= t(:instructions_to_reset_password) %></p>
-
- <%= form_for Spree::User.new, :as => :user, :url => spree.user_password_path do |f| %>
- <p>
- <%= f.label :email, t(:email) %><br />
- <%= f.email_field :email %>
- </p>
- <p>
- <%= f.submit t(:reset_password), :class => 'button primary' %>
- </p>
- <% end %>