diff --git a/.circleci/config.yml b/.circleci/config.yml index a953c7ed..952afdb3 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -28,6 +28,10 @@ jobs: steps: - checkout - browser-tools/install-chrome + - solidusio_extensions/dependencies + - run: + name: 'fix ffi' + command: 'bundle install && bundle pristine ffi' - solidusio_extensions/run-tests-solidus-master - solidusio_extensions/store-test-results - notify @@ -39,6 +43,7 @@ jobs: steps: - checkout - browser-tools/install-chrome + - solidusio_extensions/dependencies - solidusio_extensions/run-tests-solidus-current - solidusio_extensions/store-test-results - notify @@ -50,6 +55,7 @@ jobs: steps: - checkout - browser-tools/install-chrome + - solidusio_extensions/dependencies - solidusio_extensions/run-tests-solidus-older - solidusio_extensions/store-test-results - notify diff --git a/app/controllers/concerns/solidus_auth_devise/deprecated_routes.rb b/app/controllers/concerns/solidus_auth_devise/deprecated_routes.rb new file mode 100644 index 00000000..070469c6 --- /dev/null +++ b/app/controllers/concerns/solidus_auth_devise/deprecated_routes.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: true + +module SolidusAuthDevise + module DeprecatedRoutes + extend ActiveSupport::Concern + + included do + before_action :deprecates_solidus_auth_devise_routes + end + + private + + def deprecates_solidus_auth_devise_routes + return unless params[:deprecated_route] + + Spree::Deprecation.warn( + <<~TEXT + This route is deprecated: #{request.fullpath.inspect}. + It will be removed in solidus_auth_devise v3. + If you want to continue using this route please define it in your application code: + + Spree::Core::Engine.routes.draw do + devise_scope :spree_user do + #{request.method.downcase} #{request.fullpath.inspect}, to: #{controller_path}##{action_name}, ... + end + end + + Please check your application for places in which this route was generated. + + TEXT + ) + end + end +end diff --git a/config/routes.rb b/config/routes.rb index 39613b7d..713b54dd 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -10,7 +10,7 @@ passwords: 'spree/user_passwords', confirmations: 'spree/user_confirmations' }, - skip: [:unlocks, :omniauth_callbacks], + skip: :all, path_names: { sign_out: 'logout' }, path_prefix: :user, router_name: :spree @@ -19,16 +19,46 @@ resources :users, only: [:edit, :update] devise_scope :spree_user do - get '/login', to: 'user_sessions#new', as: :login - post '/login', to: 'user_sessions#create', as: :create_new_session - match '/logout', to: 'user_sessions#destroy', as: :logout, via: Devise.sign_out_via - get '/signup', to: 'user_registrations#new', as: :signup - post '/signup', to: 'user_registrations#create', as: :registration - get '/password/recover', to: 'user_passwords#new', as: :recover_password - post '/password/recover', to: 'user_passwords#create', as: :reset_password - get '/password/change', to: 'user_passwords#edit', as: :edit_password - put '/password/change', to: 'user_passwords#update', as: :update_password - get '/confirm', to: 'user_confirmations#show', as: :confirmation if Spree::Auth::Config[:confirmable] + # Custom devise routes + get '/login', to: 'user_sessions#new', as: :login + post '/login', to: 'user_sessions#create', as: :create_new_session + match '/logout', to: 'user_sessions#destroy', via: Devise.sign_out_via, as: :logout + get '/password/recover', to: 'user_passwords#new', as: :recover_password + get '/password/change', to: 'user_passwords#edit', as: :edit_password + put '/password/change', to: 'user_passwords#update', as: :update_password + post '/password/recover', to: 'user_passwords#create', as: :reset_password + get '/signup', to: 'user_registrations#new', as: :signup + post '/signup', to: 'user_registrations#create', as: :registration + get '/confirm', to: 'user_confirmations#show', as: :confirmation if Spree::Auth::Config[:confirmable] + + # Legacy devise generated paths + # + # These are deprecated but we still want to support the incoming routes, in order to give existing stores an upgrade path. + # Will be removed at the next major release of solidus_auth_devise. + with_options deprecated_route: true do + get '/user/spree_user/password/edit' => 'user_passwords#edit', as: :deprecated_edit_spree_user_password + get '/password/change' => 'user_passwords#edit', as: :edit_spree_user_password + get '/user/spree_user/password/new' => 'user_passwords#new', as: :deprecated_new_spree_user_password + get '/password/recover' => 'user_passwords#new', as: :new_spree_user_password + match '/user/spree_user/password' => 'user_passwords#update', via: [:patch, :put], as: :deprecated_spree_user_password + put '/password/change' => 'user_passwords#update', as: :spree_user_password + post '/user/spree_user/password' => 'user_passwords#create', as: nil + + get '/login' => 'user_sessions#new', as: :new_spree_user_session + get '/user/spree_user/sign_in' => 'user_sessions#new', as: :deprecated_new_spree_user_session + match '/user/spree_user/logout' => 'user_sessions#destroy', via: Devise.sign_out_via, as: :deprecated_destroy_spree_user_session + match '/logout' => 'user_sessions#destroy', via: Devise.sign_out_via, as: :destroy_spree_user_session + post '/user/spree_user/sign_in' => 'user_sessions#create', as: :deprecated_spree_user_session + post '/login' => 'user_sessions#create', as: :spree_user_session + + get '/user/spree_user/sign_up' => 'user_registrations#new', as: :deprecated_new_spree_user_registration + get '/signup' => 'user_registrations#new', as: :new_spree_user_registration + post '/user/spree_user' => 'user_registrations#create', as: nil + get '/user/spree_user/cancel' => 'user_registrations#cancel', as: :cancel_spree_user_registration + get '/user/spree_user/edit' => 'user_registrations#edit', as: :edit_spree_user_registration + delete '/user/spree_user' => 'user_registrations#destroy', as: nil + match '/user/spree_user' => 'user_registrations#update', as: :spree_user_registration, via: [:patch, :put] + end end get '/checkout/registration', to: 'checkout#registration', as: :checkout_registration diff --git a/lib/controllers/frontend/spree/user_confirmations_controller.rb b/lib/controllers/frontend/spree/user_confirmations_controller.rb index 41bace4a..f6eed1ed 100644 --- a/lib/controllers/frontend/spree/user_confirmations_controller.rb +++ b/lib/controllers/frontend/spree/user_confirmations_controller.rb @@ -8,6 +8,8 @@ class Spree::UserConfirmationsController < Devise::ConfirmationsController include Spree::Core::ControllerHelpers::Order include Spree::Core::ControllerHelpers::Store + include SolidusAuthDevise::DeprecatedRoutes + protected def after_confirmation_path_for(resource_name, resource) diff --git a/lib/controllers/frontend/spree/user_passwords_controller.rb b/lib/controllers/frontend/spree/user_passwords_controller.rb index 80d24d53..e39f8d25 100644 --- a/lib/controllers/frontend/spree/user_passwords_controller.rb +++ b/lib/controllers/frontend/spree/user_passwords_controller.rb @@ -8,6 +8,8 @@ class Spree::UserPasswordsController < Devise::PasswordsController include Spree::Core::ControllerHelpers::Order include Spree::Core::ControllerHelpers::Store + include SolidusAuthDevise::DeprecatedRoutes + # Overridden due to bug in Devise. # respond_with resource, location: new_session_path(resource_name) # is generating bad url /session/new.user diff --git a/lib/controllers/frontend/spree/user_registrations_controller.rb b/lib/controllers/frontend/spree/user_registrations_controller.rb index b1b42195..6ed59761 100644 --- a/lib/controllers/frontend/spree/user_registrations_controller.rb +++ b/lib/controllers/frontend/spree/user_registrations_controller.rb @@ -8,6 +8,8 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController include Spree::Core::ControllerHelpers::Order include Spree::Core::ControllerHelpers::Store + include SolidusAuthDevise::DeprecatedRoutes + before_action :check_permissions, only: [:edit, :update] skip_before_action :require_no_authentication diff --git a/lib/controllers/frontend/spree/user_sessions_controller.rb b/lib/controllers/frontend/spree/user_sessions_controller.rb index dfa67d99..fca2bdd7 100644 --- a/lib/controllers/frontend/spree/user_sessions_controller.rb +++ b/lib/controllers/frontend/spree/user_sessions_controller.rb @@ -8,6 +8,8 @@ class Spree::UserSessionsController < Devise::SessionsController include Spree::Core::ControllerHelpers::Order include Spree::Core::ControllerHelpers::Store + include SolidusAuthDevise::DeprecatedRoutes + # This is included in ControllerHelpers::Order. We just want to call # it after someone has successfully logged in. after_action :set_current_order, only: :create diff --git a/lib/controllers/frontend/spree/users_controller.rb b/lib/controllers/frontend/spree/users_controller.rb index b6f31b45..3572f735 100644 --- a/lib/controllers/frontend/spree/users_controller.rb +++ b/lib/controllers/frontend/spree/users_controller.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class Spree::UsersController < Spree::StoreController + include SolidusAuthDevise::DeprecatedRoutes + skip_before_action :set_current_order, only: :show, raise: false prepend_before_action :authorize_actions, only: :new diff --git a/lib/spree/auth/engine.rb b/lib/spree/auth/engine.rb index d32f0035..106b0c21 100644 --- a/lib/spree/auth/engine.rb +++ b/lib/spree/auth/engine.rb @@ -70,7 +70,6 @@ def self.prepare_backend end end - def self.prepare_frontend Spree::BaseController.unauthorized_redirect = -> do if spree_current_user diff --git a/spec/controllers/spree/user_passwords_controller_spec.rb b/spec/controllers/spree/user_passwords_controller_spec.rb index 2165a22c..056727e9 100644 --- a/spec/controllers/spree/user_passwords_controller_spec.rb +++ b/spec/controllers/spree/user_passwords_controller_spec.rb @@ -10,7 +10,7 @@ it 'redirects to the new session path' do get :edit expect(response).to redirect_to( - 'http://test.host/user/spree_user/sign_in' + 'http://test.host/login' ) end diff --git a/spec/features/checkout_spec.rb b/spec/features/checkout_spec.rb index 3221aaae..cfeef28b 100644 --- a/spec/features/checkout_spec.rb +++ b/spec/features/checkout_spec.rb @@ -111,7 +111,7 @@ # Need to do this now because the token stored in the DB is the encrypted version # The 'plain-text' version is sent in the email and there's one way to get that! reset_password_email = ActionMailer::Base.deliveries.first - token_url_regex = /\/user\/spree_user\/password\/edit\?reset_password_token=(.*)$/ + token_url_regex = %r{/password/change\?reset_password_token=(.*)$} token = token_url_regex.match(reset_password_email.body.to_s)[1] visit spree.edit_spree_user_password_path(reset_password_token: token) diff --git a/spec/mailers/user_mailer_spec.rb b/spec/mailers/user_mailer_spec.rb index a5ae4904..54e525d7 100644 --- a/spec/mailers/user_mailer_spec.rb +++ b/spec/mailers/user_mailer_spec.rb @@ -31,7 +31,7 @@ context 'body includes' do it 'password reset url' do - expect(@message.body.raw_source).to include "http://#{store.url}/user/spree_user/password/edit" + expect(@message.body.raw_source).to include "http://#{store.url}/password/change" end end end