From 3be93f613971018df0bcdafbd09329e88ca8edb9 Mon Sep 17 00:00:00 2001 From: John Hawthorn Date: Fri, 29 Sep 2017 14:12:32 -0700 Subject: [PATCH 1/4] Use view-relative translations for users edit page Previously translations for this page were stored in the solidus_api gem. --- api/config/locales/en.yml | 6 ------ backend/app/views/spree/admin/users/edit.html.erb | 12 ++++++------ backend/spec/features/admin/users_spec.rb | 6 +++--- core/config/locales/en.yml | 7 +++++++ 4 files changed, 16 insertions(+), 15 deletions(-) diff --git a/api/config/locales/en.yml b/api/config/locales/en.yml index 1cfb79a8ae4..7351534440f 100644 --- a/api/config/locales/en.yml +++ b/api/config/locales/en.yml @@ -8,12 +8,6 @@ en: resource_not_found: "The resource you were looking for could not be found." gateway_error: "There was a problem with the payment gateway: %{text}" delete_restriction_error: "Cannot delete record." - access: "API Access" - key: "Key" - clear_key: "Clear key" - regenerate_key: "Regenerate Key" - no_key: "No key" - generate_key: "Generate API key" key_generated: "Key generated" key_cleared: "Key cleared" order: diff --git a/backend/app/views/spree/admin/users/edit.html.erb b/backend/app/views/spree/admin/users/edit.html.erb index 609be5ead1a..239bdaa0330 100644 --- a/backend/app/views/spree/admin/users/edit.html.erb +++ b/backend/app/views/spree/admin/users/edit.html.erb @@ -28,29 +28,29 @@ <% if can?(:update, @user) %>
- <%= Spree.t('access', scope: 'api') %> + <%= t('.api_access') %> <% if @user.spree_api_key.present? %>
-
<%= Spree.t('key', scope: 'api') %>: (<%= Spree.t('hidden') %>)
+
<%= t('.key') %>: (<%= Spree.t('.hidden') %>)
<%= form_tag spree.clear_api_key_admin_user_path(@user), method: :put do %> - <%= button Spree.t('clear_key', scope: 'api') %> + <%= button t('.clear_key') %> <% end %> <%= form_tag spree.generate_api_key_admin_user_path(@user), method: :put do %> - <%= button Spree.t('regenerate_key', scope: 'api') %> + <%= button t('.regenerate_key') %> <% end %>
<% else %> -
<%= Spree.t('no_key', scope: 'api') %>
+
<%= t('.no_key') %>
<%= form_tag spree.generate_api_key_admin_user_path(@user), method: :put do %> - <%= button Spree.t('generate_key', scope: 'api') %> + <%= button t('.generate_key') %> <% end %>
<% end %> diff --git a/backend/spec/features/admin/users_spec.rb b/backend/spec/features/admin/users_spec.rb index 514517556ce..7c9794e78ef 100644 --- a/backend/spec/features/admin/users_spec.rb +++ b/backend/spec/features/admin/users_spec.rb @@ -238,7 +238,7 @@ def always_invalid_email it 'can generate a new api key' do within("#admin_user_edit_api_key") do expect(user_a.spree_api_key).to be_blank - click_button Spree.t('generate_key', scope: 'api') + click_button "Generate API key" end expect(user_a.reload.spree_api_key).to be_present @@ -257,7 +257,7 @@ def always_invalid_email it 'can clear an api key' do expect(page).to have_css('#current-api-key') - click_button Spree.t('clear_key', scope: 'api') + click_button "Clear key" expect(page).to have_no_css('#current-api-key') @@ -268,7 +268,7 @@ def always_invalid_email old_key = user_a.spree_api_key within("#admin_user_edit_api_key") do - click_button Spree.t('regenerate_key', scope: 'api') + click_button "Regenerate key" end expect(user_a.reload.spree_api_key).to be_present diff --git a/core/config/locales/en.yml b/core/config/locales/en.yml index c29194f7171..16a9512f336 100644 --- a/core/config/locales/en.yml +++ b/core/config/locales/en.yml @@ -949,6 +949,13 @@ en: users: user_page_actions: create_order: Create order for this user + edit: + api_access: "API Access" + clear_key: "Clear key" + generate_key: "Generate API key" + key: "Key" + no_key: "No key" + regenerate_key: "Regenerate key" variants: table_filter: show_deleted: Show deleted variants From eaff27b0dea72bddf3f1a78e72d06e05622066ca Mon Sep 17 00:00:00 2001 From: John Hawthorn Date: Fri, 29 Sep 2017 14:13:35 -0700 Subject: [PATCH 2/4] Add confirmation to generate or clear api_keys These are distructive operations and we don't want admins to accidentally misclick these. --- backend/app/views/spree/admin/users/edit.html.erb | 13 +++---------- core/config/locales/en.yml | 2 ++ 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/backend/app/views/spree/admin/users/edit.html.erb b/backend/app/views/spree/admin/users/edit.html.erb index 239bdaa0330..def2ce4d5fd 100644 --- a/backend/app/views/spree/admin/users/edit.html.erb +++ b/backend/app/views/spree/admin/users/edit.html.erb @@ -35,13 +35,8 @@
<%= t('.key') %>: (<%= Spree.t('.hidden') %>)
- <%= form_tag spree.clear_api_key_admin_user_path(@user), method: :put do %> - <%= button t('.clear_key') %> - <% end %> - - <%= form_tag spree.generate_api_key_admin_user_path(@user), method: :put do %> - <%= button t('.regenerate_key') %> - <% end %> + <%= button_link_to t('.clear_key'), spree.clear_api_key_admin_user_path(@user), method: :put, data: { confirm: t('.confirm_clear_key') }, class: 'btn btn-primary' %> + <%= button_link_to t('.regenerate_key'), spree.generate_api_key_admin_user_path(@user), method: :put, data: { confirm: t('.confirm_regenerate_key') }, class: 'btn btn-primary' %>
<% else %> @@ -49,9 +44,7 @@
<%= t('.no_key') %>
- <%= form_tag spree.generate_api_key_admin_user_path(@user), method: :put do %> - <%= button t('.generate_key') %> - <% end %> + <%= button_link_to t('.generate_key'), spree.generate_api_key_admin_user_path(@user), method: :put, class: 'btn btn-primary' %>
<% end %>
diff --git a/core/config/locales/en.yml b/core/config/locales/en.yml index 16a9512f336..938f6d6bcaf 100644 --- a/core/config/locales/en.yml +++ b/core/config/locales/en.yml @@ -952,6 +952,8 @@ en: edit: api_access: "API Access" clear_key: "Clear key" + confirm_clear_key: "Are you sure you want to clear this user's API key? It will invalidate the existing key." + confirm_regenerate_key: "Are you sure you want to regenerate this user's API key? It will invalidate the existing key." generate_key: "Generate API key" key: "Key" no_key: "No key" From c25fa5b4df0049feef26494c2230049f6fe72a12 Mon Sep 17 00:00:00 2001 From: John Hawthorn Date: Fri, 29 Sep 2017 14:15:46 -0700 Subject: [PATCH 3/4] Allow users to see their own api_key This solves an occasional onboarding usability complaint: that it's hard to find your own API key. Previously you could only find it by viewing the page source or using the rails console, but it makes sense to display it here. API keys for other users remain hidden, regardless of your permissions. --- backend/app/views/spree/admin/users/edit.html.erb | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/backend/app/views/spree/admin/users/edit.html.erb b/backend/app/views/spree/admin/users/edit.html.erb index def2ce4d5fd..e72faa31bfc 100644 --- a/backend/app/views/spree/admin/users/edit.html.erb +++ b/backend/app/views/spree/admin/users/edit.html.erb @@ -31,8 +31,14 @@ <%= t('.api_access') %> <% if @user.spree_api_key.present? %> -
-
<%= t('.key') %>: (<%= Spree.t('.hidden') %>)
+
+ <%= t('.key') %>: + <% if @user == try_spree_current_user %> + <%= @user.spree_api_key %> + <% else %> + (<%= Spree.t('hidden') %>) + <% end %> +
<%= button_link_to t('.clear_key'), spree.clear_api_key_admin_user_path(@user), method: :put, data: { confirm: t('.confirm_clear_key') }, class: 'btn btn-primary' %> From a297480fb2a9336ac47dcfab90896b182331339c Mon Sep 17 00:00:00 2001 From: John Hawthorn Date: Fri, 29 Sep 2017 14:39:27 -0700 Subject: [PATCH 4/4] Fix bad translation on users edit page --- backend/app/views/spree/admin/users/edit.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/app/views/spree/admin/users/edit.html.erb b/backend/app/views/spree/admin/users/edit.html.erb index e72faa31bfc..6c1098ef042 100644 --- a/backend/app/views/spree/admin/users/edit.html.erb +++ b/backend/app/views/spree/admin/users/edit.html.erb @@ -7,7 +7,7 @@ <%= render partial: 'spree/admin/users/user_page_actions' %>
- <%= Spree.t(:general_settings) %> + <%= Spree.user_class.model_name.human %>
<%= render partial: 'spree/shared/error_messages', locals: { target: @user } %>