Custom authentication #1512

Closed
wants to merge 303 commits into
from
Commits
The table of contents is too big for display.
+2,275 −4,585
Diff settings

Always

Just for now

View
@@ -9,18 +9,22 @@ script:
- "export DISPLAY=:99.0"
- "alias set_gemfile='export BUNDLE_GEMFILE=\"`pwd`/Gemfile\"'"
- "cd api; set_gemfile; bundle install --quiet; bundle exec rspec spec"
- - "cd ../auth; set_gemfile; bundle install --quiet; bundle exec rspec spec"
- "cd ../core; set_gemfile; bundle install --quiet; bundle exec rspec spec"
- "cd ../dash; set_gemfile; bundle install --quiet; bundle exec rspec spec"
- "cd ../promo; set_gemfile; bundle install --quiet; bundle exec rspec spec"
notifications:
email:
- ryan@spreecommerce.com
- irc: "irc.freenode.org#spree"
+ irc:
+ use_notice: true
+ skip_join: true
+ channels:
+ - "irc.freenode.org#spree"
branches:
only:
- 1-0-stable
+ - auth-take-two
- master
rvm:
- 1.8.7
View
@@ -135,11 +135,6 @@ If you want to remove precompiled assets (recommended before you commit to Git a
Running Tests
-------------
-If you want to run all the tests across all the gems then
-
- $ cd spree
- $ bundle exec rake
-
Each gem contains its own series of tests, and for each directory, you need to do a quick one-time
creation of a test application and then you can use it to run the tests. For example, to run the
tests for the core project.
@@ -167,6 +162,15 @@ If you want to run a particular line of spec
$ bundle exec rspec spec/models/state_spec.rb:7
+Travis, the continuous integration service, runs the test suite for each gem one at a time.
+
+ $ bundle exec rake test_app
+ $ cd api; bundle install; bundle exec rspec spec
+ $ cd ../auth; bundle install; bundle exec rspec spec
+ $ cd ../core; bundle install; bundle exec rspec spec
+ $ cd ../dash; bundle install; bundle exec rspec spec
+ $ cd ../promo; bundle install; bundle exec rspec spec
+
Contributing
------------
View
@@ -11,15 +11,13 @@ end
desc "Generates a dummy app for testing for every Spree engine"
task :test_app do
- %w(api auth core dash promo).each do |engine|
+ %w(api core dash promo).each do |engine|
ENV['LIB_NAME'] = File.join('spree', engine)
ENV['DUMMY_PATH'] = File.expand_path("../#{engine}/spec/dummy", __FILE__)
Rake::Task['common:test_app'].execute
end
end
-task :default => :all_tests
-
desc "Run all tests for all supported databases"
task :ci do
cmd = "bundle update"; puts cmd; system cmd;
@@ -36,7 +34,7 @@ task :clean do
puts "Deleting pkg directory.."
FileUtils.rm_rf("pkg")
- %w(api auth cmd core dash promo).each do |gem_name|
+ %w(api cmd core dash promo).each do |gem_name|
puts "Cleaning #{gem_name}:"
puts " Deleting #{gem_name}/Gemfile"
FileUtils.rm_f("#{gem_name}/Gemfile")
@@ -52,7 +50,7 @@ end
namespace :gem do
desc "run rake gem for all gems"
task :build do
- %w(core auth api dash promo sample cmd).each do |gem_name|
+ %w(core api dash promo sample cmd).each do |gem_name|
puts "########################### #{gem_name} #########################"
puts "Deleting #{gem_name}/pkg"
FileUtils.rm_rf("#{gem_name}/pkg")
@@ -69,7 +67,7 @@ namespace :gem do
task :install do
version = File.read(File.expand_path("../SPREE_VERSION", __FILE__)).strip
- %w(core auth api dash promo sample cmd).each do |gem_name|
+ %w(core api dash promo sample cmd).each do |gem_name|
puts "########################### #{gem_name} #########################"
puts "Deleting #{gem_name}/pkg"
FileUtils.rm_rf("#{gem_name}/pkg")
@@ -88,7 +86,7 @@ namespace :gem do
task :release do
version = File.read(File.expand_path("../SPREE_VERSION", __FILE__)).strip
- %w(core auth api dash promo sample cmd).each do |gem_name|
+ %w(core api dash promo sample cmd).each do |gem_name|
puts "########################### #{gem_name} #########################"
cmd = "cd #{gem_name}/pkg && gem push spree_#{gem_name}-#{version}.gem"; puts cmd; system cmd
end
@@ -98,10 +96,7 @@ end
desc "Creates a sandbox application for simulating the Spree code in a deployed Rails app"
task :sandbox do
- require 'spree_core'
-
- Spree::SandboxGenerator.start ["--lib_name=spree"]
- Spree::InstallGenerator.start ["--auto-accept"]
-
- cmd = "bundle exec rake assets:precompile:nondigest"; puts cmd; system cmd
+ FileUtils.rm_rf("sandbox")
+ puts "Running Sandbox generator..."
+ exec("rails new sandbox -m lib/sandbox.rb")
end
View
@@ -1 +1 @@
-1.1.0.beta
+1.2.0.beta
View
@@ -1,6 +1,5 @@
eval(File.read(File.dirname(__FILE__) + '/../common_spree_dependencies.rb'))
gem 'spree_core', :path => "../core"
-gem 'spree_auth', :path => "../auth"
gemspec
@@ -1,17 +0,0 @@
-Spree::Admin::UsersController.class_eval do
- before_filter :load_roles, :only => [:edit, :new, :update, :create, :generate_api_key, :clear_api_key]
-
- def generate_api_key
- if @user.generate_api_key!
- flash.notice = t('key_generated', :scope => 'spree.api')
- end
- redirect_to edit_admin_user_path(@user)
- end
-
- def clear_api_key
- if @user.clear_api_key!
- flash.notice = t('key_cleared', :scope => 'spree.api')
- end
- redirect_to edit_admin_user_path(@user)
- end
-end
@@ -30,7 +30,7 @@ def check_for_api_key
end
def authenticate_user
- unless @current_api_user = User.find_by_api_key(api_key)
+ unless @current_api_user = User.find_by_spree_api_key(api_key)
render "spree/api/v1/errors/invalid_api_key", :status => 401 and return
end
end
@@ -59,18 +59,22 @@ def api_key
def find_product(id)
begin
- product_scope.find_by_permalink!(id)
+ product_scope.find_by_permalink!(id.to_s)
rescue ActiveRecord::RecordNotFound
product_scope.find(id)
end
end
def product_scope
- if current_api_user.has_role?("admin")
+ if current_api_user.has_spree_role?("admin")
scope = Product
+ unless params[:show_deleted]
+ scope = scope.not_deleted
+ end
else
scope = Product.active
end
+
scope.includes(:master)
end
@@ -2,44 +2,27 @@ module Spree
module Api
module V1
class ImagesController < Spree::Api::V1::BaseController
+ def show
+ @image = Image.find(params[:id])
+ end
+
def create
- @image = product_or_variant.images.create!(params[:image])
+ @image = Image.create(params[:image])
render :show, :status => 201
end
def update
- image.update_attributes(params[:image])
+ @image = Image.find(params[:id])
+ @image.update_attributes(params[:image])
render :show, :status => 200
end
def destroy
- image.destroy
+ @image = Image.find(params[:id])
+ @image.destroy
render :text => nil
end
- private
-
- def image
- @image = product_or_variant.images.find(params[:id])
- end
-
- def product_or_variant
- return @product_or_variant if @product_or_variant
- if params[:product_id]
- @product_or_variant = product
- else
- @product_or_variant = variant
- end
- end
-
- def variant
- Variant.find(params[:variant_id])
- end
-
- def product
- find_product(params[:product_id]).master
- end
-
end
end
end
@@ -6,7 +6,7 @@ class OrdersController < Spree::Api::V1::BaseController
def index
# should probably look at turning this into a CanCan step
- raise CanCan::AccessDenied unless current_api_user.has_role?("admin")
+ raise CanCan::AccessDenied unless current_api_user.has_spree_role?("admin")
@orders = Order.page(params[:page])
end
@@ -15,7 +15,7 @@ def show
end
def search
- @orders = Order.search(params[:q]).result.page(params[:page])
+ @orders = Order.ransack(params[:q]).result.page(params[:page])
render :index
end
@@ -7,7 +7,7 @@ def index
end
def search
- @products = product_scope.search(params[:q]).result.page(params[:page])
+ @products = product_scope.ransack(params[:q]).result.page(params[:page])
render :index
end
@@ -0,0 +1,45 @@
+module Spree
+ module Api
+ module V1
+ class ZonesController < Spree::Api::V1::BaseController
+ def index
+ @zones = Zone.order('name ASC')
+ end
+
+ def show
+ zone
+ end
+
+ def create
+ authorize! :create, Zone
+ @zone = Zone.new(map_nested_attributes_keys(Spree::Zone, params[:zone]))
+ if @zone.save
+ render :show, :status => 201
+ else
+ invalid_resource!(@zone)
+ end
+ end
+
+ def update
+ authorize! :update, Zone
+ if zone.update_attributes(map_nested_attributes_keys(Spree::Zone, params[:zone]))
+ render :show, :status => 200
+ else
+ invalid_resource!(@zone)
+ end
+ end
+
+ def destroy
+ authorize! :delete, Zone
+ zone.destroy
+ render :text => nil, :status => 200
+ end
+
+ private
+ def zone
+ @zone ||= Spree::Zone.find(params[:id])
+ end
+ end
+ end
+ end
+end
@@ -12,10 +12,14 @@ def required_fields_for(model)
end
def product_attributes
- [:id, :name, :description, :price, :available_on, :permalink,
+ [:id, :name, :description, :price, :available_on, :permalink,
:count_on_hand, :meta_description, :meta_keywords, :taxon_ids]
end
+ def product_property_attributes
+ [:id, :product_id, :property_id, :value, :property_name]
+ end
+
def variant_attributes
[:id, :name, :count_on_hand, :sku, :price, :weight, :height, :width, :depth, :is_master, :cost_price, :permalink]
end
@@ -29,7 +33,7 @@ def option_value_attributes
end
def order_attributes
- [:id, :number, :item_total, :total, :state, :adjustment_total, :credit_total, :user_id, :created_at, :updated_at, :completed_at, :payment_total, :shipment_state, :payment_state, :email, :special_instructions]
+ [:id, :number, :item_total, :total, :state, :adjustment_total, :user_id, :created_at, :updated_at, :completed_at, :payment_total, :shipment_state, :payment_state, :email, :special_instructions]
end
def line_item_attributes
No changes.
@@ -1,11 +1,13 @@
-Spree::User.class_eval do
- def generate_api_key!
- self.api_key = SecureRandom.hex(24)
- save!
- end
+if Spree.user_class
+ Spree.user_class.class_eval do
+ def generate_spree_api_key!
+ self.spree_api_key = SecureRandom.hex(24)
+ save!
+ end
- def clear_api_key!
- self.api_key = nil
- save!
+ def clear_spree_api_key!
+ self.spree_api_key = nil
+ save!
+ end
end
end
@@ -1,7 +1,7 @@
<h2><%= t('access', :scope => 'spree.api') %></h2>
-<% if @user.authentication_token.present? %>
- <p><strong><%= t('key', :scope => 'spree.api') %></strong> <%= @user.authentication_token %></p>
+<% if @user.spree_api_key.present? %>
+ <p><strong><%= t('key', :scope => 'spree.api') %></strong> <%= @user.spree_api_key %></p>
<%= form_tag spree.clear_api_key_admin_user_path(@user), :method => :put do %>
<%= button t('clear_key', :scope => 'spree.api') %>
@@ -1,2 +1,3 @@
object @image
attributes *image_attributes
+attributes :viewable_type, :viewable_id
@@ -9,7 +9,7 @@ child :variants_including_master => :variants do
end
child :images => :images do
- attributes *image_attributes
+ extends "spree/api/v1/images/show"
end
child :option_types => :option_types do
@@ -19,3 +19,7 @@ child :option_types => :option_types do
attributes *option_value_attributes
end
end
+
+child :product_properties => :product_properties do
+ attributes *product_property_attributes
+end
@@ -0,0 +1,2 @@
+collection @zones
+extends 'spree/api/v1/zones/show'
@@ -0,0 +1,6 @@
+object @zone
+attributes :id, :name, :description
+
+child :zone_members => :zone_members do
+ attributes :id, :name, :zoneable_type, :zoneable_id
+end
@@ -0,0 +1 @@
+Spree::Api::V1::BaseController.append_view_path(ApplicationController.view_paths)
Oops, something went wrong.