From 24f83ed286f1a2cbc8adc3051ab319b29a8bbf79 Mon Sep 17 00:00:00 2001 From: Xinhui Date: Thu, 12 May 2016 10:14:37 +0200 Subject: Merge cas_client into master --- Gemfile | 1 + Gemfile.lock | 6 +++ app/models/user.rb | 26 ++++++++--- config/initializers/devise.rb | 47 ++++++++++++++++++++ config/routes.rb | 2 +- db/migrate/20160511134824_add_username_to_users.rb | 15 +++++++ db/schema.rb | 6 ++- spec/factories/chouette_2_factories.rb | 1 + spec/features/users/sign_in_spec.rb | 50 ++++++++++++---------- spec/features/users/sign_out_spec.rb | 22 +++++----- spec/features/users/user_edit_spec.rb | 23 +++++----- 11 files changed, 147 insertions(+), 52 deletions(-) create mode 100644 db/migrate/20160511134824_add_username_to_users.rb diff --git a/Gemfile b/Gemfile index fafb2e9c1..2ceb971c3 100644 --- a/Gemfile +++ b/Gemfile @@ -57,6 +57,7 @@ gem 'polylines' # Authentication gem 'devise', '~> 3.4.0' +gem 'devise_cas_authenticatable' gem 'devise-encryptable' gem 'devise_invitable' diff --git a/Gemfile.lock b/Gemfile.lock index 3b97d82ae..ac7bb968f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -116,6 +116,9 @@ GEM devise-encryptable (0.2.0) devise (>= 2.1.0) devise-i18n (0.11.4) + devise_cas_authenticatable (1.9.0) + devise (>= 1.2.0) + rubycas-client (>= 2.2.1) devise_invitable (1.4.1) actionmailer (>= 3.2.6, < 5) devise (>= 3.2.0) @@ -372,6 +375,8 @@ GEM rspec-support (3.1.2) ruby-graphviz (1.0.9) ruby-ole (1.2.11.8) + rubycas-client (2.3.9) + activesupport rubyzip (1.1.7) sass (3.2.19) sass-rails (4.0.5) @@ -491,6 +496,7 @@ DEPENDENCIES devise-async devise-encryptable devise-i18n + devise_cas_authenticatable devise_invitable enumerize (~> 0.10.0) factory_girl_rails (~> 4.0) diff --git a/app/models/user.rb b/app/models/user.rb index bbde7d0d9..019249699 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,13 +1,16 @@ class User < ActiveRecord::Base # Include default devise modules. Others available are: - # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable - devise :invitable, :database_authenticatable, :registerable, - :recoverable, :rememberable, :trackable, :validatable, - :confirmable, :async + # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable, :database_authenticatable + devise :invitable, :registerable, :validatable, + :recoverable, :rememberable, :trackable, + :confirmable, :async, :cas_authenticatable + + # FIXME https://github.com/nbudin/devise_cas_authenticatable/issues/53 + # Work around :validatable, when database_authenticatable is diabled. + attr_accessor :password # Setup accessible (or protected) attributes for your model # attr_accessible :email, :password, :current_password, :password_confirmation, :remember_me, :name, :organisation_attributes - belongs_to :organisation accepts_nested_attributes_for :organisation @@ -20,9 +23,20 @@ class User < ActiveRecord::Base self.password ||= Devise.friendly_token.first(6) self.password_confirmation ||= self.password end - after_destroy :check_destroy_organisation + def cas_extra_attributes=(extra_attributes) + extra_attributes.each do |name, value| + # case name.to_sym + # Extra attributes + # when :fullname + # self.fullname = value + # when :email + # self.email = value + # end + end + end + private # remove organisation and referentials if last user of it diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index b91fa3c19..aacc8ad0b 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -276,6 +276,53 @@ Devise.setup do |config| # When using omniauth, Devise cannot automatically set Omniauth path, # so you need to do it manually. For the users scope, it would be: # config.omniauth_path_prefix = '/my_engine/users/auth' + + config.cas_base_url = "http://stif-portail-dev.af83.priv/sessions" + + # you can override these if you need to, but cas_base_url is usually enough + # config.cas_login_url = "https://cas.myorganization.com/login" + # config.cas_logout_url = "https://cas.myorganization.com/logout" + # config.cas_validate_url = "https://cas.myorganization.com/serviceValidate" + + # The CAS specification allows for the passing of a follow URL to be displayed when + # a user logs out on the CAS server. RubyCAS-Server also supports redirecting to a + # URL via the destination param. Set either of these urls and specify either nil, + # 'destination' or 'follow' as the logout_url_param. If the urls are blank but + # logout_url_param is set, a default will be detected for the service. + # config.cas_destination_url = 'https://cas.myorganization.com' + # config.cas_follow_url = 'https://cas.myorganization.com' + # config.cas_logout_url_param = nil + + # You can specify the name of the destination argument with the following option. + # e.g. the following option will change it from 'destination' to 'url' + # config.cas_destination_logout_param_name = 'url' + + # By default, devise_cas_authenticatable will create users. If you would rather + # require user records to already exist locally before they can authenticate via + # CAS, uncomment the following line. + config.cas_create_user = false + + # You can enable Single Sign Out, which by default is disabled. + # config.cas_enable_single_sign_out = true + + # If you don't want to use the username returned from your CAS server as the unique + # identifier, but some other field passed in cas_extra_attributes, you can specify + # the field name here. + # config.cas_user_identifier = nil + + # If you want to use the Devise Timeoutable module with single sign out, + # uncommenting this will redirect timeouts to the logout url, so that the CAS can + # take care of signing out the other serviced applocations. Note that each + # application manages timeouts independently, so one application timing out will + # kill the session on all applications serviced by the CAS. + # config.warden do |manager| + # manager.failure_app = DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp + # end + + # If you need to specify some extra configs for rubycas-client, you can do this via: + # config.cas_client_config_options = { + # logger: Rails.logger + # } end Rails.application.config.to_prepare do diff --git a/config/routes.rb b/config/routes.rb index f7719b9af..d43309096 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -11,7 +11,7 @@ ChouetteIhm::Application.routes.draw do root :to => 'referentials#index', as: :authenticated_root end unauthenticated :user do - root :to => 'devise/sessions#new', as: :unauthenticated_root + root :to => 'devise/cas_sessions#new', as: :unauthenticated_root end end diff --git a/db/migrate/20160511134824_add_username_to_users.rb b/db/migrate/20160511134824_add_username_to_users.rb new file mode 100644 index 000000000..50dfda864 --- /dev/null +++ b/db/migrate/20160511134824_add_username_to_users.rb @@ -0,0 +1,15 @@ +class AddUsernameToUsers < ActiveRecord::Migration + def up + add_column :users, :username, :string, :null => false + add_index :users, :username, :unique => true + User.all.each do |u| + u.username = u.email + u.save + end + end + + def down + remove_column :users, :username, :string, :null => false + remove_index :users, :username, :unique => true + end +end diff --git a/db/schema.rb b/db/schema.rb index 28e06266c..ac4a8fd10 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -372,10 +372,10 @@ ActiveRecord::Schema.define(version: 20160512110510) do t.integer "object_version" t.datetime "creation_time" t.string "creator_id" - t.float "distance" - t.boolean "no_processing" t.spatial "input_geometry", limit: {:srid=>4326, :type=>"line_string"} t.spatial "processed_geometry", limit: {:srid=>4326, :type=>"line_string"} + t.float "distance" + t.boolean "no_processing" end create_table "routes", force: true do |t| @@ -573,11 +573,13 @@ ActiveRecord::Schema.define(version: 20160512110510) do t.integer "invited_by_id" t.string "invited_by_type" t.datetime "invitation_created_at" + t.string "username", null: false end add_index "users", ["email"], :name => "index_users_on_email", :unique => true add_index "users", ["invitation_token"], :name => "index_users_on_invitation_token", :unique => true add_index "users", ["reset_password_token"], :name => "index_users_on_reset_password_token", :unique => true + add_index "users", ["username"], :name => "index_users_on_username", :unique => true create_table "vehicle_journey_at_stops", force: true do |t| t.integer "vehicle_journey_id", limit: 8 diff --git a/spec/factories/chouette_2_factories.rb b/spec/factories/chouette_2_factories.rb index 44179b563..6234f6540 100644 --- a/spec/factories/chouette_2_factories.rb +++ b/spec/factories/chouette_2_factories.rb @@ -24,6 +24,7 @@ FactoryGirl.define do factory :user do association :organisation sequence(:name) { |n| "chouette#{n}" } + sequence(:username) { |n| "chouette#{n}" } sequence(:email) { |n| "chouette#{n}@dryade.priv" } password "secret" password_confirmation "secret" diff --git a/spec/features/users/sign_in_spec.rb b/spec/features/users/sign_in_spec.rb index f6cd1caf4..20440a134 100644 --- a/spec/features/users/sign_in_spec.rb +++ b/spec/features/users/sign_in_spec.rb @@ -10,45 +10,51 @@ feature 'Sign in', :devise do # Given I do not exist as a user # When I sign in with valid credentials # Then I see an invalid credentials message - scenario 'user cannot sign in if not registered' do - signin('test@example.com', 'please123') - expect(page).to have_content I18n.t 'devise.failure.not_found_in_database', authentication_keys: 'email' - end + # FIXME #816 + # scenario 'user cannot sign in if not registered' do + # signin('test@example.com', 'please123') + # expect(page).to have_content I18n.t 'devise.failure.not_found_in_database', authentication_keys: 'email' + # end # Scenario: User can sign in with valid credentials # Given I exist as a user # And I am not signed in # When I sign in with valid credentials # Then I see a success message - scenario 'user can sign in with valid credentials' do - user = create(:user) - user.confirm! - signin(user.email, user.password) - expect(page).to have_content I18n.t 'devise.sessions.signed_in' - end + + # FIXME #816 + # scenario 'user can sign in with valid credentials' do + # user = create(:user) + # user.confirm! + # signin(user.email, user.password) + # expect(page).to have_content I18n.t 'devise.sessions.signed_in' + # end # Scenario: User cannot sign in with wrong email # Given I exist as a user # And I am not signed in # When I sign in with a wrong email # Then I see an invalid email message - scenario 'user cannot sign in with wrong email' do - user = create(:user) - user.confirm! - signin('invalid@email.com', user.password) - expect(page).to have_content I18n.t 'devise.failure.not_found_in_database', authentication_keys: 'email' - end + + # scenario 'user cannot sign in with wrong email' do + # user = create(:user) + # user.confirm! + # signin('invalid@email.com', user.password) + # expect(page).to have_content I18n.t 'devise.failure.not_found_in_database', authentication_keys: 'email' + # end # Scenario: User cannot sign in with wrong password # Given I exist as a user # And I am not signed in # When I sign in with a wrong password # Then I see an invalid password message - scenario 'user cannot sign in with wrong password' do - user = create(:user) - user.confirm! - signin(user.email, 'invalidpass') - expect(page).to have_content I18n.t 'devise.failure.invalid', authentication_keys: 'email' - end + + # FIXME #816 + # scenario 'user cannot sign in with wrong password' do + # user = create(:user) + # user.confirm! + # signin(user.email, 'invalidpass') + # expect(page).to have_content I18n.t 'devise.failure.invalid', authentication_keys: 'email' + # end end diff --git a/spec/features/users/sign_out_spec.rb b/spec/features/users/sign_out_spec.rb index 91310089c..e1297b3e5 100644 --- a/spec/features/users/sign_out_spec.rb +++ b/spec/features/users/sign_out_spec.rb @@ -11,16 +11,18 @@ feature 'Sign out', :devise do # Given I am signed in # When I sign out # Then I see a signed out message - scenario 'user signs out successfully' do - user = FactoryGirl.create(:user) - user.confirm! - signin(user.email, user.password) - expect(page).to have_content I18n.t 'devise.sessions.signed_in' - click_link user.name - click_link 'Déconnexion' - expect(page).to have_content I18n.t 'devise.sessions.signed_out' - end - + + # FIXME #816 + # scenario 'user signs out successfully' do + # user = FactoryGirl.create(:user) + # user.confirm! + # login_as(user, :scope => "user") + # expect(page).to have_content I18n.t 'devise.sessions.signed_in' + # click_link user.name + # click_link 'Déconnexion' + # expect(page).to have_content I18n.t 'devise.sessions.signed_out' + # end + end diff --git a/spec/features/users/user_edit_spec.rb b/spec/features/users/user_edit_spec.rb index cb1830a55..c7c742416 100644 --- a/spec/features/users/user_edit_spec.rb +++ b/spec/features/users/user_edit_spec.rb @@ -17,17 +17,18 @@ feature 'User edit', :devise do # Given I am signed in # When I change my email address # Then I see an account updated message - scenario 'user changes email address' do - user = FactoryGirl.create(:user) - user.confirm! - login_as(user, :scope => :user) - visit edit_user_registration_path(user) - fill_in 'user_email', :with => 'newemail@example.com' - fill_in 'user_current_password', :with => user.password - click_button 'Modifier' - txts = [I18n.t( 'devise.registrations.updated'), I18n.t( 'devise.registrations.update_needs_confirmation')] - expect(page).to have_content(/.*#{txts[0]}.*|.*#{txts[1]}.*/) - end + # FIXME #816 + # scenario 'user changes email address' do + # user = FactoryGirl.create(:user) + # user.confirm! + # login_as(user, :scope => :user) + # visit edit_user_registration_path(user) + # fill_in 'user_email', :with => 'newemail@example.com' + # fill_in 'user_current_password', :with => user.password + # click_button 'Modifier' + # txts = [I18n.t( 'devise.registrations.updated'), I18n.t( 'devise.registrations.update_needs_confirmation')] + # expect(page).to have_content(/.*#{txts[0]}.*|.*#{txts[1]}.*/) + # end # Scenario: User cannot edit another user's profile # Given I am signed in -- cgit v1.2.3