Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Conditionally add controllers & views into engine path.

  • Loading branch information...
commit d7cefcfd54955ab67060f551c99091b5bc5d9208 1 parent 90a59e6
@JDutil JDutil authored
Showing with 394 additions and 115 deletions.
  1. +0 −1  app/assets/javascripts/spree/backend/spree_auth.js
  2. +0 −1  app/assets/javascripts/spree/frontend/spree_auth.js
  3. +0 −13 app/controllers/spree/admin/admin_controller_decorator.rb
  4. +0 −18 app/controllers/spree/admin/admin_orders_controller_decorator.rb
  5. +0 −5 app/controllers/spree/admin/admin_resource_controller_decorator.rb
  6. +0 −19 app/controllers/spree/admin/orders/customer_details_controller_decorator.rb
  7. +0 −19 app/controllers/spree/base_controller_decorator.rb
  8. +0 −15 app/helpers/spree/users_helper.rb
  9. +14 −0 config/routes.rb
  10. +1 −0  lib/assets/javascripts/spree/backend/spree_auth.js.erb
  11. +1 −0  lib/assets/javascripts/spree/frontend/spree_auth.js.erb
  12. 0  ...ets/stylesheets/spree/backend/spree_auth.css → lib/assets/stylesheets/spree/backend/spree_auth.css.erb
  13. 0  ...s/stylesheets/spree/frontend/spree_auth.css → lib/assets/stylesheets/spree/frontend/spree_auth.css.erb
  14. +26 −0 lib/controllers/backend/spree/admin/admin_controller_decorator.rb
  15. +19 −0 lib/controllers/backend/spree/admin/admin_orders_controller_decorator.rb
  16. +3 −0  lib/controllers/backend/spree/admin/admin_resource_controller_decorator.rb
  17. +15 −0 lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb
  18. +44 −0 lib/controllers/backend/spree/admin/user_passwords_controller.rb
  19. +46 −0 lib/controllers/backend/spree/admin/user_sessions_controller.rb
  20. 0  {app/controllers → lib/controllers/backend}/spree/admin/users_controller.rb
  21. +0 −3  {app/controllers → lib/controllers/frontend}/spree/checkout_controller_decorator.rb
  22. +0 −1  {app/controllers → lib/controllers/frontend}/spree/orders_controller_decorator.rb
  23. +2 −2 {app/controllers → lib/controllers/frontend}/spree/user_passwords_controller.rb
  24. +2 −2 {app/controllers → lib/controllers/frontend}/spree/user_registrations_controller.rb
  25. +2 −2 {app/controllers → lib/controllers/frontend}/spree/user_sessions_controller.rb
  26. 0  {app/controllers → lib/controllers/frontend}/spree/users_controller.rb
  27. +47 −8 lib/spree/auth/engine.rb
  28. 0  {app/views → lib/views/backend}/spree/admin/_users_tab.html.erb
  29. 0  {app/views/spree → lib/views/backend/spree/admin}/user_passwords/edit.html.erb
  30. 0  {app/views/spree → lib/views/backend/spree/admin}/user_passwords/new.html.erb
  31. 0  {app/views/spree → lib/views/backend/spree/admin}/user_sessions/authorization_failure.html.erb
  32. +31 −0 lib/views/backend/spree/admin/user_sessions/new.html.erb
  33. 0  {app/views → lib/views/backend}/spree/admin/users/_form.html.erb
  34. 0  {app/views → lib/views/backend}/spree/admin/users/edit.html.erb
  35. 0  {app/views → lib/views/backend}/spree/admin/users/index.html.erb
  36. 0  {app/views → lib/views/backend}/spree/admin/users/new.html.erb
  37. 0  {app/views → lib/views/backend}/spree/admin/users/show.html.erb
  38. 0  {app/views → lib/views/frontend}/spree/checkout/registration.html.erb
  39. 0  {app/views → lib/views/frontend}/spree/layouts/admin/_login_nav.html.erb
  40. 0  {app/views → lib/views/frontend}/spree/shared/_flashes.html.erb
  41. 0  {app/views → lib/views/frontend}/spree/shared/_login.html.erb
  42. 0  {app/views → lib/views/frontend}/spree/shared/_login_bar.html.erb
  43. 0  {app/views → lib/views/frontend}/spree/shared/_user_form.html.erb
  44. 0  {app/views → lib/views/frontend}/spree/user_mailer/reset_password_instructions.text.erb
  45. +15 −0 lib/views/frontend/spree/user_passwords/edit.html.erb
  46. +17 −0 lib/views/frontend/spree/user_passwords/new.html.erb
  47. 0  {app/views → lib/views/frontend}/spree/user_registrations/new.html.erb
  48. +4 −0 lib/views/frontend/spree/user_sessions/authorization_failure.html.erb
  49. 0  {app/views → lib/views/frontend}/spree/user_sessions/new.html.erb
  50. 0  {app/views → lib/views/frontend}/spree/users/edit.html.erb
  51. 0  {app/views → lib/views/frontend}/spree/users/show.html.erb
  52. +3 −3 spec/controllers/spree/admin/users_controller_spec.rb
  53. +23 −0 spec/features/admin/password_reset_spec.rb
  54. +45 −0 spec/features/admin/sign_in_spec.rb
  55. +26 −0 spec/features/admin/sign_out_spec.rb
  56. +5 −0 spec/features/order_spec.rb
  57. +1 −1  spec/features/sign_in_spec.rb
  58. +2 −2 spree_auth_devise.gemspec
View
1  app/assets/javascripts/spree/backend/spree_auth.js
@@ -1 +0,0 @@
-//= require spree/backend
View
1  app/assets/javascripts/spree/frontend/spree_auth.js
@@ -1 +0,0 @@
-//= require spree/frontend
View
13 app/controllers/spree/admin/admin_controller_decorator.rb
@@ -1,13 +0,0 @@
-if defined?(Spree::Admin::BaseController)
- require File.expand_path('../../base_controller_decorator', __FILE__)
- Spree::Admin::BaseController.class_eval do
- protected
- def model_class
- const_name = controller_name.classify
- if Spree.const_defined?(const_name)
- return "Spree::#{const_name}".constantize
- end
- nil
- end
- end
-end
View
18 app/controllers/spree/admin/admin_orders_controller_decorator.rb
@@ -1,18 +0,0 @@
-if defined?(Spree::Admin::OrdersController)
- Spree::Admin::OrdersController.class_eval do
- before_filter :check_authorization
-
- private
- def check_authorization
- action = params[:action].to_sym
- if action == :index
- authorize! :index, Spree::Order
- else
- load_order
- session[:access_token] ||= params[:token]
- resource = @order || Spree::Order.new
- authorize! action, resource, session[:access_token]
- end
- end
- end
-end
View
5 app/controllers/spree/admin/admin_resource_controller_decorator.rb
@@ -1,5 +0,0 @@
-if defined?(Spree::Admin::ResourceController)
- Spree::Admin::ResourceController.class_eval do
- rescue_from CanCan::AccessDenied, :with => :unauthorized
- end
-end
View
19 app/controllers/spree/admin/orders/customer_details_controller_decorator.rb
@@ -1,19 +0,0 @@
-require 'spree/admin/orders/customer_details_controller'
-
-if defined?(Spree::Admin::Orders::CustomerDetailsController)
- Spree::Admin::Orders::CustomerDetailsController.class_eval do
- before_filter :check_authorization
-
- private
- def check_authorization
- load_order
- session[:access_token] ||= params[:token]
-
- resource = @order
- action = params[:action].to_sym
- action = :edit if action == :show # show route renders :edit for this controller
-
- authorize! action, resource, session[:access_token]
- end
- end
-end
View
19 app/controllers/spree/base_controller_decorator.rb
@@ -1,19 +0,0 @@
-require_dependency 'spree/base_controller'
-Spree::BaseController.class_eval do
- def spree_login_path
- spree.login_path
- end
-
- def spree_signup_path
- spree.signup_path
- end
-
- def spree_logout_path
- spree.destroy_spree_user_session_path
- end
-
- def spree_current_user
- current_spree_user
- end
-end
-
View
15 app/helpers/spree/users_helper.rb
@@ -1,15 +0,0 @@
-module Spree
- module UsersHelper
- def password_style(user)
- ActiveSupport::Deprecation.warn '[SPREE] Password style has be deprecated due to the removal of OpenID from the Auth Gem. '
- 'Please install the spree_social gem to regain this functionality and more.'
- ''
- end
-
- def openid_style(user)
- ActiveSupport::Deprecation.warn '[SPREE] Password style has be deprecated due to the removal of OpenID from the Auth Gem. '
- 'Please install the spree_social gem to regain this functionality and more.'
- 'display:none'
- end
- end
-end
View
14 config/routes.rb
@@ -34,6 +34,20 @@
resource :account, :controller => 'users'
namespace :admin do
+ devise_for :spree_user,
+ :class_name => 'Spree::User',
+ :controllers => { :sessions => 'spree/admin/user_sessions',
+ :passwords => 'spree/admin/user_passwords' },
+ :skip => [:unlocks, :omniauth_callbacks, :registrations],
+ :path_names => { :sign_out => 'logout' },
+ :path_prefix => :user
+ devise_scope :spree_user do
+ get '/authorization_failure', :to => 'user_sessions#authorization_failure', :as => :unauthorized
+ get '/login' => 'user_sessions#new', :as => :login
+ post '/login' => 'user_sessions#create', :as => :create_new_session
+ get '/logout' => 'user_sessions#destroy', :as => :logout
+ end
+
resources :users
end
end
View
1  lib/assets/javascripts/spree/backend/spree_auth.js.erb
@@ -0,0 +1 @@
+//= require spree/backend
View
1  lib/assets/javascripts/spree/frontend/spree_auth.js.erb
@@ -0,0 +1 @@
+//= require spree/frontend
View
0  .../stylesheets/spree/backend/spree_auth.css → ...lesheets/spree/backend/spree_auth.css.erb
File renamed without changes
View
0  ...stylesheets/spree/frontend/spree_auth.css → ...esheets/spree/frontend/spree_auth.css.erb
File renamed without changes
View
26 lib/controllers/backend/spree/admin/admin_controller_decorator.rb
@@ -0,0 +1,26 @@
+Spree::Admin::BaseController.class_eval do
+
+ # Redirect as appropriate when an access request fails. The default action is to redirect to the login screen.
+ # Override this method in your controllers if you want to have special behavior in case the user is not authorized
+ # to access the requested action. For example, a popup window might simply close itself.
+ def unauthorized
+ if try_spree_current_user
+ flash[:error] = Spree.t(:authorization_failure)
+ redirect_to spree.admin_unauthorized_path
+ else
+ store_location
+ redirect_to spree.admin_login_path
+ end
+ end
+
+ protected
+
+ def model_class
+ const_name = controller_name.classify
+ if Spree.const_defined?(const_name)
+ return "Spree::#{const_name}".constantize
+ end
+ nil
+ end
+
+end
View
19 lib/controllers/backend/spree/admin/admin_orders_controller_decorator.rb
@@ -0,0 +1,19 @@
+Spree::Admin::OrdersController.class_eval do
+
+ before_filter :check_authorization
+
+ private
+
+ def check_authorization
+ action = params[:action].to_sym
+ if action == :index
+ authorize! :index, Spree::Order
+ else
+ load_order
+ session[:access_token] ||= params[:token]
+ resource = @order || Spree::Order.new
+ authorize! action, resource, session[:access_token]
+ end
+ end
+
+end
View
3  lib/controllers/backend/spree/admin/admin_resource_controller_decorator.rb
@@ -0,0 +1,3 @@
+Spree::Admin::ResourceController.class_eval do
+ rescue_from CanCan::AccessDenied, :with => :unauthorized
+end
View
15 lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb
@@ -0,0 +1,15 @@
+Spree::Admin::Orders::CustomerDetailsController.class_eval do
+ before_filter :check_authorization
+
+ private
+ def check_authorization
+ load_order
+ session[:access_token] ||= params[:token]
+
+ resource = @order
+ action = params[:action].to_sym
+ action = :edit if action == :show # show route renders :edit for this controller
+
+ authorize! action, resource, session[:access_token]
+ end
+end
View
44 lib/controllers/backend/spree/admin/user_passwords_controller.rb
@@ -0,0 +1,44 @@
+class Spree::Admin::UserPasswordsController < Devise::PasswordsController
+ helper 'spree/base'
+
+ include Spree::Core::ControllerHelpers::Auth
+ include Spree::Core::ControllerHelpers::Common
+ include Spree::Core::ControllerHelpers::SSL
+
+ helper 'spree/admin/navigation'
+ helper 'spree/admin/tables'
+ layout 'spree/layouts/admin'
+
+ ssl_required
+
+ # Overridden due to bug in Devise.
+ # respond_with resource, :location => new_session_path(resource_name)
+ # is generating bad url /session/new.user
+ #
+ # overridden to:
+ # respond_with resource, :location => spree.login_path
+ #
+ def create
+ self.resource = resource_class.send_reset_password_instructions(params[resource_name])
+
+ if resource.errors.empty?
+ set_flash_message(:notice, :send_instructions) if is_navigational_format?
+ respond_with resource, :location => spree.admin_login_path
+ else
+ respond_with_navigational(resource) { render :new }
+ end
+ end
+
+ # Devise::PasswordsController allows for blank passwords.
+ # Silly Devise::PasswordsController!
+ # Fixes spree/spree#2190.
+ def update
+ if params[:spree_user][:password].blank?
+ set_flash_message(:error, :cannot_be_blank)
+ render :edit
+ else
+ super
+ end
+ end
+
+end
View
46 lib/controllers/backend/spree/admin/user_sessions_controller.rb
@@ -0,0 +1,46 @@
+class Spree::Admin::UserSessionsController < Devise::SessionsController
+ helper 'spree/base'
+
+ include Spree::Core::ControllerHelpers::Auth
+ include Spree::Core::ControllerHelpers::Common
+ include Spree::Core::ControllerHelpers::SSL
+
+ helper 'spree/admin/navigation'
+ helper 'spree/admin/tables'
+ layout 'spree/layouts/admin'
+
+ ssl_required :new, :create, :destroy, :update
+
+ def create
+ authenticate_spree_user!
+
+ if spree_user_signed_in?
+ respond_to do |format|
+ format.html {
+ flash[:success] = Spree.t(:logged_in_succesfully)
+ redirect_back_or_default(after_sign_in_path_for(spree_current_user))
+ }
+ format.js {
+ user = resource.record
+ render :json => {:ship_address => user.ship_address, :bill_address => user.bill_address}.to_json
+ }
+ end
+ else
+ flash.now[:error] = t('devise.failure.invalid')
+ render :new
+ end
+ end
+
+ def authorization_failure
+ end
+
+ private
+ def accurate_title
+ Spree.t(:login)
+ end
+
+ def redirect_back_or_default(default)
+ redirect_to(session["spree_user_return_to"] || default)
+ session["spree_user_return_to"] = nil
+ end
+end
View
0  ...ntrollers/spree/admin/users_controller.rb → ...s/backend/spree/admin/users_controller.rb
File renamed without changes
View
3  ...rs/spree/checkout_controller_decorator.rb → ...nd/spree/checkout_controller_decorator.rb
@@ -1,11 +1,8 @@
-require_dependency 'spree/checkout_controller'
require 'spree/core/validators/email'
Spree::CheckoutController.class_eval do
before_filter :check_authorization
before_filter :check_registration, :except => [:registration, :update_registration]
- helper 'spree/users'
-
def registration
@user = Spree::User.new
end
View
1  ...lers/spree/orders_controller_decorator.rb → ...tend/spree/orders_controller_decorator.rb
@@ -1,4 +1,3 @@
-require_dependency 'spree/orders_controller'
Spree::OrdersController.class_eval do
before_filter :check_authorization
View
4 ...ollers/spree/user_passwords_controller.rb → ...ontend/spree/user_passwords_controller.rb
@@ -1,7 +1,7 @@
class Spree::UserPasswordsController < Devise::PasswordsController
- helper 'spree/users', 'spree/base', 'spree/store'
+ helper 'spree/base', 'spree/store'
- if defined?(Spree::Dash)
+ if Spree::Auth::Engine.dash_available?
helper 'spree/analytics'
end
View
4 ...rs/spree/user_registrations_controller.rb → ...nd/spree/user_registrations_controller.rb
@@ -1,7 +1,7 @@
class Spree::UserRegistrationsController < Devise::RegistrationsController
- helper 'spree/users', 'spree/base', 'spree/store'
+ helper 'spree/base', 'spree/store'
- if defined?(Spree::Dash)
+ if Spree::Auth::Engine.dash_available?
helper 'spree/analytics'
end
View
4 ...rollers/spree/user_sessions_controller.rb → ...rontend/spree/user_sessions_controller.rb
@@ -1,6 +1,6 @@
class Spree::UserSessionsController < Devise::SessionsController
- helper 'spree/users', 'spree/base', 'spree/store'
- if defined?(Spree::Dash)
+ helper 'spree/base', 'spree/store'
+ if Spree::Auth::Engine.dash_available?
helper 'spree/analytics'
end
View
0  app/controllers/spree/users_controller.rb → ...ollers/frontend/spree/users_controller.rb
File renamed without changes
View
55 lib/spree/auth/engine.rb
@@ -11,14 +11,6 @@ class Engine < Rails::Engine
Spree::Auth::Config = Spree::AuthConfiguration.new
end
- def self.activate
- Dir.glob(File.join(File.dirname(__FILE__), "../../../app/**/*_decorator*.rb")) do |c|
- Rails.configuration.cache_classes ? require(c) : load(c)
- end
-
- ApplicationController.send :include, Spree::AuthenticationHelpers
- end
-
initializer "spree_auth_devise.set_user_class", :after => :load_config_initializers do
Spree.user_class = "Spree::User"
end
@@ -32,6 +24,53 @@ def self.activate
end
end
+ def self.activate
+ Dir.glob(File.join(File.dirname(__FILE__), '../../app/**/*_decorator*.rb')) do |c|
+ Rails.configuration.cache_classes ? require(c) : load(c)
+ end
+ if Spree::Auth::Engine.backend_available?
+ Rails.application.config.assets.precompile += [
+ 'lib/assets/javascripts/spree/backend/spree_auth.js',
+ 'lib/assets/javascripts/spree/backend/spree_auth.css'
+ ]
+ Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/backend/*/*/*_decorator*.rb")) do |c|
+ Rails.configuration.cache_classes ? require(c) : load(c)
+ end
+ end
+ if Spree::Auth::Engine.frontend_available?
+ Rails.application.config.assets.precompile += [
+ 'lib/assets/javascripts/spree/frontend/spree_auth.js',
+ 'lib/assets/javascripts/spree/frontend/spree_auth.css'
+ ]
+ Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/frontend/*/*_decorator*.rb")) do |c|
+ Rails.configuration.cache_classes ? require(c) : load(c)
+ end
+ end
+ ApplicationController.send :include, Spree::AuthenticationHelpers
+ end
+
+ def self.backend_available?
+ @@backend_available ||= Rails::Application::Railties.engines.map{ |e| e.class.to_s }.include?('Spree::Backend::Engine')
+ end
+
+ def self.dash_available?
+ @@dash_available ||= Rails::Application::Railties.engines.map{ |e| e.class.to_s }.include?('Spree::Dash::Engine')
+ end
+
+ def self.frontend_available?
+ @@frontend_available ||= Rails::Application::Railties.engines.map{ |e| e.class.to_s }.include?('Spree::Frontend::Engine')
+ end
+
+ if self.backend_available?
+ paths["app/controllers"] << "lib/controllers/backend"
+ paths["app/views"] << "lib/views/backend"
+ end
+
+ if self.frontend_available?
+ paths["app/controllers"] << "lib/controllers/frontend"
+ paths["app/views"] << "lib/views/frontend"
+ end
+
config.to_prepare &method(:activate).to_proc
end
end
View
0  app/views/spree/admin/_users_tab.html.erb → ...s/backend/spree/admin/_users_tab.html.erb
File renamed without changes
View
0  app/views/spree/user_passwords/edit.html.erb → .../spree/admin/user_passwords/edit.html.erb
File renamed without changes
View
0  app/views/spree/user_passwords/new.html.erb → ...d/spree/admin/user_passwords/new.html.erb
File renamed without changes
View
0  ...r_sessions/authorization_failure.html.erb → ...r_sessions/authorization_failure.html.erb
File renamed without changes
View
31 lib/views/backend/spree/admin/user_sessions/new.html.erb
@@ -0,0 +1,31 @@
+<% if flash[:alert] %>
+ <div class="flash errors"><%= flash[:alert] %></div>
+<% end %>
+
+<% @body_id = 'login' %>
+<div id="existing-customer">
+ <h6><%= Spree.t(:login_as_existing) %></h6>
+ <div data-hook="login">
+ <%= form_for Spree::User.new, :as => :spree_user, :url => spree.admin_create_new_session_path do |f| %>
+ <div id="password-credentials">
+ <p>
+ <%= f.label :email, Spree.t(:email) %><br />
+ <%= f.email_field :email, :class => 'title', :tabindex => 1 %>
+ </p>
+ <p>
+ <%= f.label :password, Spree.t(:password) %><br />
+ <%= f.password_field :password, :class => 'title', :tabindex => 2 %>
+ </p>
+ </div>
+ <p>
+ <%= f.check_box :remember_me %>
+ <%= f.label :remember_me, Spree.t(:remember_me) %>
+ </p>
+
+ <p><%= f.submit Spree.t(:login), :class => 'button primary', :tabindex => 3 %></p>
+ <% end %>
+ <%= Spree.t(:or) %>
+ <%= link_to Spree.t(:forgot_password), spree.recover_password_path %>
+ </div>
+</div>
+<div data-hook="login_extras"></div>
View
0  app/views/spree/admin/users/_form.html.erb → .../backend/spree/admin/users/_form.html.erb
File renamed without changes
View
0  app/views/spree/admin/users/edit.html.erb → ...s/backend/spree/admin/users/edit.html.erb
File renamed without changes
View
0  app/views/spree/admin/users/index.html.erb → .../backend/spree/admin/users/index.html.erb
File renamed without changes
View
0  app/views/spree/admin/users/new.html.erb → ...ws/backend/spree/admin/users/new.html.erb
File renamed without changes
View
0  app/views/spree/admin/users/show.html.erb → ...s/backend/spree/admin/users/show.html.erb
File renamed without changes
View
0  ...iews/spree/checkout/registration.html.erb → ...tend/spree/checkout/registration.html.erb
File renamed without changes
View
0  ...s/spree/layouts/admin/_login_nav.html.erb → ...d/spree/layouts/admin/_login_nav.html.erb
File renamed without changes
View
0  app/views/spree/shared/_flashes.html.erb → ...s/frontend/spree/shared/_flashes.html.erb
File renamed without changes
View
0  app/views/spree/shared/_login.html.erb → ...ews/frontend/spree/shared/_login.html.erb
File renamed without changes
View
0  app/views/spree/shared/_login_bar.html.erb → ...frontend/spree/shared/_login_bar.html.erb
File renamed without changes
View
0  app/views/spree/shared/_user_form.html.erb → ...frontend/spree/shared/_user_form.html.erb
File renamed without changes
View
0  ...iler/reset_password_instructions.text.erb → ...iler/reset_password_instructions.text.erb
File renamed without changes
View
15 lib/views/frontend/spree/user_passwords/edit.html.erb
@@ -0,0 +1,15 @@
+<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @spree_user } %>
+<h2><%= Spree.t(:change_my_password) %></h2>
+
+<%= form_for @spree_user, :as => :spree_user, :url => spree.update_password_path, :method => :put do |f| %>
+ <p>
+ <%= f.label :password, Spree.t(:password) %><br />
+ <%= f.password_field :password %><br />
+ </p>
+ <p>
+ <%= f.label :password_confirmation, Spree.t(:confirm_password) %><br />
+ <%= f.password_field :password_confirmation %><br />
+ </p>
+ <%= f.hidden_field :reset_password_token %>
+ <%= f.submit Spree.t(:update), :class => 'button primary' %>
+<% end %>
View
17 lib/views/frontend/spree/user_passwords/new.html.erb
@@ -0,0 +1,17 @@
+<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @spree_user } %>
+
+<div id="forgot-password">
+ <h6><%= Spree.t(:forgot_password) %></h6>
+
+ <p><%= Spree.t(:instructions_to_reset_password) %></p>
+
+ <%= form_for Spree::User.new, :as => :spree_user, :url => spree.reset_password_path do |f| %>
+ <p>
+ <%= f.label :email, Spree.t(:email) %><br />
+ <%= f.email_field :email %>
+ </p>
+ <p>
+ <%= f.submit Spree.t(:reset_password), :class => 'button primary' %>
+ </p>
+ <% end %>
+</div>
View
0  ...ews/spree/user_registrations/new.html.erb → ...end/spree/user_registrations/new.html.erb
File renamed without changes
View
4 lib/views/frontend/spree/user_sessions/authorization_failure.html.erb
@@ -0,0 +1,4 @@
+<div style="height:50px; padding-top:20px;">
+ <strong><%= Spree.t(:authorization_failure) %></strong>
+</div>
+<!-- Add your own custom access denied message here if you like -->
View
0  app/views/spree/user_sessions/new.html.erb → ...frontend/spree/user_sessions/new.html.erb
File renamed without changes
View
0  app/views/spree/users/edit.html.erb → lib/views/frontend/spree/users/edit.html.erb
File renamed without changes
View
0  app/views/spree/users/show.html.erb → lib/views/frontend/spree/users/show.html.erb
File renamed without changes
View
6 spec/controllers/spree/admin/users_controller_spec.rb
@@ -38,20 +38,20 @@
user.spree_roles << Spree::Role.find_or_create_by(name: 'bar')
Spree::Ability.register_ability(BarAbility)
spree_post :index
- expect(response).to redirect_to '/unauthorized'
+ expect(response).to redirect_to '/admin/authorization_failure'
end
it 'deny access to users with an bar role' do
user.spree_roles << Spree::Role.find_or_create_by(name: 'bar')
Spree::Ability.register_ability(BarAbility)
spree_post :update, { id: '9' }
- expect(response).to redirect_to '/unauthorized'
+ expect(response).to redirect_to '/admin/authorization_failure'
end
it 'deny access to users without an admin role' do
user.stub :has_spree_role? => false
spree_post :index
- expect(response).to redirect_to '/unauthorized'
+ expect(response).to redirect_to '/admin/authorization_failure'
end
end
end
View
23 spec/features/admin/password_reset_spec.rb
@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+feature 'Admin - Reset Password' do
+ background do
+ ActionMailer::Base.default_url_options[:host] = 'http://example.com'
+ end
+
+ scenario 'allow a user to supply an email for the password reset' do
+ user = create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret')
+ visit spree.admin_login_path
+ click_link 'Forgot Password?'
+ fill_in 'Email', with: 'foobar@example.com'
+ click_button 'Reset my password'
+ expect(page).to have_text 'You will receive an email with instructions'
+ end
+
+ scenario 'shows errors if no email is supplied' do
+ visit spree.admin_login_path
+ click_link 'Forgot Password?'
+ click_button 'Reset my password'
+ expect(page).to have_text "Email can't be blank"
+ end
+end
View
45 spec/features/admin/sign_in_spec.rb
@@ -0,0 +1,45 @@
+require 'spec_helper'
+
+feature 'Admin - Sign In' do
+ background do
+ @user = create(:user, email: 'email@person.com', password: 'secret', password_confirmation: 'secret')
+ visit spree.admin_login_path
+ end
+
+ scenario 'ask user to sign in' do
+ visit spree.admin_path
+ expect(page).not_to have_text 'Authorization Failure'
+ end
+
+ scenario 'let a user sign in successfully' do
+ fill_in 'Email', with: @user.email
+ fill_in 'Password', with: @user.password
+ click_button 'Login'
+
+ expect(page).to have_text 'Logged in successfully'
+ expect(page).not_to have_text 'Login'
+ expect(page).to have_text 'Logout'
+ expect(current_path).to eq '/'
+ end
+
+ scenario 'show validation erros' do
+ fill_in 'Email', with: @user.email
+ fill_in 'Password', with: 'wrong_password'
+ click_button 'Login'
+
+ expect(page).to have_text 'Invalid email or password'
+ expect(page).to have_text 'Login'
+ end
+
+ scenario 'allow a user to access a restricted page after logging in' do
+ user = create(:admin_user, email: 'admin@person.com', password: 'password', password_confirmation: 'password')
+ visit spree.admin_path
+
+ fill_in 'Email', with: user.email
+ fill_in 'Password', with: user.password
+ click_button 'Login'
+
+ expect(page).to have_text 'Logged in as: admin@person.com'
+ expect(current_path).to eq '/admin'
+ end
+end
View
26 spec/features/admin/sign_out_spec.rb
@@ -0,0 +1,26 @@
+require 'spec_helper'
+
+feature 'Admin - Sign Out' do
+ given!(:user) do
+ create(:user,
+ email: 'email@person.com',
+ password: 'secret',
+ password_confirmation: 'secret')
+ end
+
+ background do
+ visit spree.admin_login_path
+ fill_in 'Email', with: user.email
+ fill_in 'Password', with: user.password
+ # Regression test for #1257
+ check 'Remember me'
+ click_button 'Login'
+ end
+
+ scenario 'allow a signed in user to logout' do
+ click_link 'Logout'
+ visit spree.admin_login_path
+ expect(page).to have_text 'Login'
+ expect(page).not_to have_text 'Logout'
+ end
+end
View
5 spec/features/order_spec.rb
@@ -9,6 +9,11 @@
# regression test for spree/spree#1687
scenario 'merge incomplete orders from different sessions' do
+ pending %{
+ TODO: has been broken for ~2 months as of:
+ https://github.com/spree/spree_auth_devise/commit/3157b47b22c559817d34ec34024587d8aa6136dc
+ I dont think we can decode these sessions anymore since Rails 4 switched to encrypted cookies I believe devise stores session encrypted.
+ }
create(:product, name: 'RoR Mug')
create(:product, name: 'RoR Shirt')
View
2  spec/features/sign_in_spec.rb
@@ -6,7 +6,7 @@
visit spree.login_path
end
- scenario 'ask use to sign in' do
+ scenario 'ask user to sign in' do
visit spree.admin_path
expect(page).not_to have_text 'Authorization Failure'
end
View
4 spree_auth_devise.gemspec
@@ -22,8 +22,6 @@ Gem::Specification.new do |s|
spree_version = '~> 2.2.0'
s.add_dependency 'spree_core', spree_version
- s.add_dependency 'spree_frontend', spree_version
- s.add_dependency 'spree_backend', spree_version
s.add_dependency 'devise', '~> 3.2.3'
s.add_dependency 'devise-encryptable', '0.1.2'
s.add_dependency 'cancan', '~> 1.6.10'
@@ -31,6 +29,8 @@ Gem::Specification.new do |s|
s.add_dependency 'json'
s.add_dependency 'multi_json'
+ s.add_development_dependency 'spree_backend', spree_version
+ s.add_development_dependency 'spree_frontend', spree_version
s.add_development_dependency 'sqlite3'
s.add_development_dependency 'mysql2'
s.add_development_dependency 'pg'
Please sign in to comment.
Something went wrong with that request. Please try again.