Merge pull request #1032 from YaleSTC/2_authentication_II

resolves #2, resolves #694, resolves #777, resolves #695, resolves #973, and resolves #1018

.env

@@ -0,0 +1,2 @@
+# EDIT TO CAS_AUTH AFTER
+export CASH_AUTH=1

.travis.yml

@@ -17,7 +17,6 @@ before_script:
   - cp config/database.travis.yml config/database.yml
   - bundle exec rake db:create
   - bundle exec rake db:schema:load
-  - bundle exec rake db:test:prepare
 
 # From Travis CI Support: This will route jobs to our beta build environment,
 # which has much faster boot times, making it easier to debug via Travis.

Gemfile

@@ -5,13 +5,17 @@ ruby '2.1.2' # Version in .ruby-version must match
 #standard gems
 gem 'rails', '~> 4.1.5'
 gem 'mysql2'
-gem 'rake'
-gem 'rdoc'
+gem 'rake', '~> 10.3.2'
+gem 'rdoc', '~> 4.1.2'
 
-#authentication
-#gem 'rubycas-client-rails'
+# simulate environment variables
+group :development, :test do
+  gem 'dotenv-rails', '~> 1.0.2'
+end
 
-gem 'rubycas-client', :git => 'git://github.com/rubycas/rubycas-client.git'
+# authentication / authorization
+gem 'devise', '~> 3.3.0'
+gem 'devise_cas_authenticatable', '~> 1.3.7'# if ENV['CAS_AUTH']
 gem 'cancancan'
 
 #scheduling
@@ -29,21 +33,19 @@ gem 'permanent_records'
 gem 'nilify_blanks'
 
 #ui
-gem 'jquery-rails'
-gem 'jquery-ui-rails'
+gem 'jquery-rails', '~> 3.1.2'
+gem 'jquery-ui-rails', '~> 5.0.1'
 gem 'jquery-datatables-rails'
 gem 'rails4-autocomplete'
 gem 'select2-rails'
 gem 'kaminari'
-gem 'spinjs-rails', '~> 1.4'
 
 #forms / formatting
 gem 'dynamic_form'
 gem 'simple_form'
 gem 'cocoon'
 gem 'redcarpet'
 
-
 # auditting / logging
 gem 'paper_trail', '~> 3.0.5'
 
@@ -63,7 +65,6 @@ group :development, :test do
   gem 'awesome_print'
   gem 'ruby-progressbar'
   gem 'codeclimate-test-reporter'
-  gem 'parallel_tests'
   gem 'database_cleaner'
 end
 

Gemfile.lock

@@ -1,10 +1,3 @@
-GIT
-  remote: git://github.com/rubycas/rubycas-client.git
-  revision: 195a4b70333029be474b0ac70efdc85bd4288861
-  specs:
-    rubycas-client (2.3.10.rc1)
-      activesupport
-
 GEM
   remote: https://rubygems.org/
   specs:
@@ -37,12 +30,13 @@ GEM
     addressable (2.3.6)
     arel (5.0.1.20140414130214)
     awesome_print (1.2.0)
-    backports (3.6.1)
+    backports (3.6.3)
+    bcrypt (3.1.7)
     binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
     bootstrap-sass (2.0.4.2)
     builder (3.2.2)
-    bullet (4.13.2)
+    bullet (4.14.0)
       activesupport (>= 3.0.0)
       uniform_notifier (>= 1.6.0)
     byebug (3.5.1)
@@ -84,8 +78,20 @@ GEM
     database_cleaner (1.3.0)
     debug_inspector (0.0.2)
     debugger-linecache (1.2.0)
+    devise (3.3.0)
+      bcrypt (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (>= 3.2.6, < 5)
+      thread_safe (~> 0.1)
+      warden (~> 1.2.3)
+    devise_cas_authenticatable (1.3.7)
+      devise (>= 1.2.0)
+      rubycas-client (>= 2.2.1)
     diff-lcs (1.2.5)
     docile (1.1.5)
+    dotenv (1.0.2)
+    dotenv-rails (1.0.2)
+      dotenv (= 1.0.2)
     dynamic_form (1.1.4)
     em-websocket (0.5.1)
       eventmachine (>= 0.12.9)
@@ -105,7 +111,7 @@ GEM
     faraday_middleware (0.9.1)
       faraday (>= 0.7.4, < 0.10)
     ffaker (1.25.0)
-    ffi (1.9.5)
+    ffi (1.9.6)
     font-awesome-rails (4.2.0.0)
       railties (>= 3.2, < 5.0)
     formatador (0.2.5)
@@ -145,7 +151,7 @@ GEM
     jquery-rails (3.1.2)
       railties (>= 3.0, < 5.0)
       thor (>= 0.14, < 2.0)
-    jquery-ui-rails (4.2.1)
+    jquery-ui-rails (5.0.1)
       railties (>= 3.2.16)
     json (1.8.1)
     kaminari (0.16.1)
@@ -185,19 +191,17 @@ GEM
       activesupport (>= 3.0.0)
     nokogiri (1.6.3.1)
       mini_portile (= 0.6.0)
-    octokit (3.3.1)
+    octokit (3.4.0)
       sawyer (~> 0.5.3)
-    paper_trail (3.0.5)
+    orm_adapter (0.5.0)
+    paper_trail (3.0.6)
       activerecord (>= 3.0, < 5.0)
       activesupport (>= 3.0, < 5.0)
     paperclip (4.2.0)
       activemodel (>= 3.0.0)
       activesupport (>= 3.0.0)
       cocaine (~> 0.5.3)
       mime-types
-    parallel (1.3.2)
-    parallel_tests (1.0.7)
-      parallel
     party_foul (1.5.4)
       octokit (~> 3.1)
     permanent_records (3.1.6)
@@ -240,13 +244,13 @@ GEM
       sprockets-rails (~> 2.0)
     rails4-autocomplete (1.1.1)
       rails (>= 3.0)
-    rails_admin (0.6.3)
+    rails_admin (0.6.5)
       builder (~> 3.1)
       coffee-rails (~> 4.0)
-      font-awesome-rails (>= 3.0)
+      font-awesome-rails (>= 3.0, < 5)
       haml (~> 4.0)
       jquery-rails (~> 3.0)
-      jquery-ui-rails (~> 4.0)
+      jquery-ui-rails (~> 5.0)
       kaminari (~> 0.14)
       nested_form (~> 0.3)
       rack-pjax (~> 0.7)
@@ -272,12 +276,12 @@ GEM
       rspec-core (~> 3.1.0)
       rspec-expectations (~> 3.1.0)
       rspec-mocks (~> 3.1.0)
-    rspec-core (3.1.4)
+    rspec-core (3.1.7)
       rspec-support (~> 3.1.0)
     rspec-expectations (3.1.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.1.0)
-    rspec-mocks (3.1.2)
+    rspec-mocks (3.1.3)
       rspec-support (~> 3.1.0)
     rspec-rails (3.1.0)
       actionpack (>= 3.0)
@@ -287,8 +291,10 @@ GEM
       rspec-expectations (~> 3.1.0)
       rspec-mocks (~> 3.1.0)
       rspec-support (~> 3.1.0)
-    rspec-support (3.1.1)
+    rspec-support (3.1.2)
     ruby-progressbar (1.6.0)
+    rubycas-client (2.3.9)
+      activesupport
     safe_yaml (1.0.4)
     sass (3.2.19)
     sass-rails (4.0.3)
@@ -312,8 +318,6 @@ GEM
       simplecov-html (~> 0.8.0)
     simplecov-html (0.8.0)
     slop (3.6.0)
-    spinjs-rails (1.4)
-      rails (>= 3.1)
     spring (1.1.3)
     spring-commands-rspec (1.0.2)
       spring (>= 0.9.1)
@@ -333,10 +337,10 @@ GEM
     therubyracer (0.12.1)
       libv8 (~> 3.16.14.0)
       ref
-    thin (1.6.2)
-      daemons (>= 1.0.9)
-      eventmachine (>= 1.0.0)
-      rack (>= 1.0.0)
+    thin (1.6.3)
+      daemons (~> 1.0, >= 1.0.9)
+      eventmachine (~> 1.0)
+      rack (~> 1.0)
     thor (0.19.1)
     thread_safe (0.3.4)
     tilt (1.4.1)
@@ -361,9 +365,10 @@ GEM
       execjs (>= 0.3.0)
       json (>= 1.8.0)
     uniform_notifier (1.6.2)
+    warden (1.2.3)
+      rack (>= 1.0)
     websocket (1.2.1)
-    whenever (0.9.2)
-      activesupport (>= 2.3.4)
+    whenever (0.9.3)
       chronic (>= 0.6.3)
     xpath (2.0.0)
       nokogiri (~> 1.3)
@@ -383,6 +388,9 @@ DEPENDENCIES
   codeclimate-test-reporter
   coffee-rails
   database_cleaner
+  devise (~> 3.3.0)
+  devise_cas_authenticatable (~> 1.3.7)
+  dotenv-rails (~> 1.0.2)
   dynamic_form
   factory_girl_rails
   ffaker
@@ -391,8 +399,8 @@ DEPENDENCIES
   guard-livereload
   guard-rspec
   jquery-datatables-rails
-  jquery-rails
-  jquery-ui-rails
+  jquery-rails (~> 3.1.2)
+  jquery-ui-rails (~> 5.0.1)
   kaminari
   letter_opener
   letter_opener_web
@@ -401,7 +409,6 @@ DEPENDENCIES
   nilify_blanks
   paper_trail (~> 3.0.5)
   paperclip
-  parallel_tests
   party_foul
   permanent_records
   pry
@@ -413,17 +420,15 @@ DEPENDENCIES
   rails (~> 4.1.5)
   rails4-autocomplete
   rails_admin
-  rake
-  rdoc
+  rake (~> 10.3.2)
+  rdoc (~> 4.1.2)
   redcarpet
   rspec-rails
   ruby-progressbar
-  rubycas-client!
   sass-rails
   select2-rails
   shoulda-matchers
   simple_form
-  spinjs-rails (~> 1.4)
   spring
   spring-commands-rspec
   therubyracer

README.md

@@ -28,7 +28,7 @@ You'll need the following to run Reservations:
 * a database server ([MySQL](http://www.mysql.com/) or any database supported by Rails)
 * [ImageMagick](http://www.imagemagick.org/script/index.php)
 * [GhostScript](http://www.ghostscript.com/)
-* a [CAS](http://www.jasig.org/cas) authentication system
+* a [CAS](http://www.jasig.org/cas) authentication system (optional)
 
 ### Installation
 First, checkout a copy of Reservations using git:
@@ -74,26 +74,23 @@ For a general guide to setting up your web and application servers, including ho
 
 ### Config
 
-Reservations is built using the CAS authentication system, using the gem [Ruby-Cas Client](https://github.com/rubycas/rubycas-client).
+#### Authentication
+By default, Reservations uses e-mail addresses and passwords to authenticate users. It also supports the CAS authentication system, using the gem [devise_cas_authenticatable](https://github.com/nbudin/devise_cas_authenticatable). If you want to use CAS authentication you must set the `CAS_AUTH` environment variable to some value. Attempting to switch between authentication methods after initial setup is highly discouraged and will likely fail. If this is necessary, you may need to install a fresh copy of the application and manually migrate over user data (see our [wiki](https://github.com/YaleSTC/reservations/wiki/Authentication) for more details).
 
-> To point the gem to the correct CAS server, add the following to your app's `config/environment.rb` (make sure that you put it at the bottom of the file, after the Rails Initializer):
+To point the gem to the correct CAS server, modify the following setting in your app's `config/initializers/devise.rb` (near the bottom of the file):
 ```
-CASClient::Frameworks::Rails::Filter.configure(
-  :cas_base_url => "https://cas.example.foo/"
-)
+  # configure the base URL of your CAS server
+  config.cas_base_url = "https://secure.its.yale.edu/cas/"
 ```
-(Change the :cas_base_url value to your CAS server's base URL; also note that many CAS servers are configured with a base URL that looks more like “cas.example.foo/cas”.)
+Change the `:cas_base_url` value to your CAS server's base URL; also note that many CAS servers are configured with a base URL that looks more like “cas.example.foo/cas”.
 
-Reservations ships with the default config time set to Eastern Time (US and Canada). To change the time, edit `config/application.rb`
-`config.time_zone = 'Eastern Time (US & Canada)'`
-
-**IMPORTANT**
+#### IMPORTANT
 You will need to generate a fresh secret key for cookie encryption and signing. Run `rake secret` and paste the output into `config/intializers/secret_token.rb`. Do not make this key available to the public, otherwise anyone will be able to sign on as anyone to Reservations.
 
-You will need to also configure the email config in
-`config/environments/production.rb`. Replace `example.com` with the
-relevant hostname. This will allow links in emails to point to the
-correct places.
+You will need to also configure the email config in `config/initializers/setup_mail.rb`. Replace `0.0.0.0:3000` with the relevant hostname. This will allow links in emails to point to the correct places.
+
+Finally, Reservations ships with the default config time set to Eastern Time (US and Canada). To change the time, edit `config/application.rb`
+`config.time_zone = 'Eastern Time (US & Canada)'`.
 
 
 Further Documentation

app/assets/javascripts/application.js

@@ -1,9 +1,7 @@
 //= require jquery
 //= require jquery_ujs
-//= require jquery.ui.datepicker
-//= require jquery.ui.autocomplete
-//= require spin
-//= require jquery.spin
+//= require jquery-ui/datepicker
+//= require jquery-ui/autocomplete
 //= require cocoon
 //= require autocomplete-rails
 //= require dataTables/jquery.dataTables
@@ -91,6 +89,8 @@ $(document).ready(function() {
 
   // ### LOG JS ### //
 
+  // commented out on 2014/10/12 since it was giving an error for wideDataTables[0]
+
   // Ugly hack to avoid reinitializing #table_log with the correct order
   // try {
   //   if (wideDataTables[0].id == "table_log") {

app/assets/javascripts/cart_pause-resume.js

@@ -7,7 +7,7 @@ function pause_cart () {
   $('#cart_due_date_cart').prop('readonly', true);
   $('#cart_buttons').children('a').addClass("disabled"); // disable cart buttons
   $('.add_to_cart_box').children('#add_to_cart').addClass("disabled"); // disable add to cart buttons
-  $('#cartSpinner').spin("large"); // toggle cart spinner
+  $('#cartSpinner').html('<i class="fa fa-circle-o-notch fa-3x fa-spin"></i>'); // toggle cart spinner
 }
 
 // function to unlock cart after update
@@ -19,7 +19,7 @@ function resume_cart () {
   $('#cart_due_date_cart').prop('readonly', false);
   $('#cart_buttons').children('a').removeClass("disabled"); // disable cart buttons
   $('.add_to_cart_box').children('#add_to_cart').removeClass("disabled"); // enable add to cart buttons
-  $('#cartSpinner').spin(false); // turn off cart spinner
+  $('#cartSpinner').html(''); // turn off cart spinner
 }
 // click add to cart button
 $(document).on('click', '.add_to_cart', function () {

app/assets/stylesheets/application.css.scss

@@ -22,6 +22,11 @@
 // Custom rolled jQuery UI CSS for integrating with Bootstrap
 // ============================
 @import "jquery-ui-1.8.16.custom";
+/*
+ *= require jquery-ui/datepicker
+ *= require jquery-ui/autocomplete
+ *= require jquery-ui/spinner
+ */
 
 // Autocomplete CSS
 // ============================