MisagoRoute implementation cleanup, utils for denying transition to authenticated/anonymous users

misago/emberapp/app/initializers/auth-service.js

@@ -1,22 +1,16 @@
+import Ember from 'ember';
 import PreloadStore from 'misago/services/preload-store';
 import Auth from 'misago/services/auth';
 
 export function initialize(container, application) {
-  var auth = Auth.create({
-    'isAuthenticated': PreloadStore.get('isAuthenticated'),
-    'user': Ember.Object.create(PreloadStore.get('user'))
-  });
+  application.register('service:auth', Auth, { singleton: true });
 
-  application.register('misago:auth', auth, { instantiate: false });
-  application.inject('route', 'auth', 'misago:auth');
-  application.inject('controller', 'auth', 'misago:auth');
-  application.inject('component', 'auth', 'misago:auth');
-
-  application.register('misago:user', auth.get('user'), { instantiate: false });
-  application.inject('route', 'user', 'misago:user');
-  application.inject('controller', 'user', 'misago:user');
-  application.inject('component', 'user', 'misago:user');
+  application.inject('isAuthenticated', PreloadStore.get('isAuthenticated'), 'service:auth');
+  application.inject('user', Ember.Object.create(PreloadStore.get('user')), 'service:auth');
 
+  application.inject('route', 'auth', 'service:auth');
+  application.inject('controller', 'auth', 'service:auth');
+  application.inject('component', 'auth', 'service:auth');
 }
 
 export default {

misago/emberapp/app/mixins/reset-scroll.js

@@ -1,7 +1,11 @@
 import Ember from 'ember';
 
 export default Ember.Mixin.create({
-  resetScroll: function() {
-    window.scrollTo(0,0);
+  scrollToTop: true,
+
+  _resetScroll: function() {
+    if (this.get('scrollToTop')) {
+      window.scrollTo(0,0);
+    }
   }.on('activate')
 });

misago/emberapp/app/router.js

@@ -14,7 +14,6 @@ Router.map(function() {
   this.route('forgotten-password', { path: 'forgotten-password/' }, function() {
     this.route('change-form', { path: ':user_id/:token/' });
   });
-  this.route('register', { path: 'register/' });
 
   // Legal
 

misago/emberapp/app/routes/activation.js

@@ -0,0 +1,7 @@
+import MisagoRoute from 'misago/routes/misago';
+
+export default MisagoRoute.extend({
+  beforeModel: function() {
+    this.auth.denyAuthenticated(gettext('Only guests can activate accounts.'));
+  }
+});

misago/emberapp/app/routes/activation/activate.js

@@ -1,7 +1,6 @@
 import MisagoRoute from 'misago/routes/misago';
-import ResetScroll from 'misago/mixins/reset-scroll';
 
-export default MisagoRoute.extend(ResetScroll, {
+export default MisagoRoute.extend({
   model: function(params) {
     return this.ajax.post('auth/activate-account/' + params.user_id + '/' + params.token);
   },

misago/emberapp/app/routes/activation/index.js

@@ -1,7 +1,6 @@
 import MisagoRoute from 'misago/routes/misago';
-import ResetScroll from 'misago/mixins/reset-scroll';
 
-export default MisagoRoute.extend(ResetScroll, {
+export default MisagoRoute.extend({
   formTitle: gettext('Request activation link'),
   formTemplate: 'activation.request-link',
 

misago/emberapp/app/routes/forgotten-password.js

@@ -0,0 +1,7 @@
+import MisagoRoute from 'misago/routes/misago';
+
+export default MisagoRoute.extend({
+  beforeModel: function() {
+    this.auth.denyAuthenticated(gettext('Only guests can change forgotten password.'));
+  }
+});

misago/emberapp/app/routes/forgotten-password/change-form.js

@@ -1,7 +1,6 @@
 import MisagoRoute from 'misago/routes/misago';
-import ResetScroll from 'misago/mixins/reset-scroll';
 
-export default MisagoRoute.extend(ResetScroll, {
+export default MisagoRoute.extend({
   model: function(params) {
     return this.ajax.get('auth/change-password/' + params.user_id + '/' + params.token);
   },

misago/emberapp/app/routes/index.js

@@ -1,7 +1,6 @@
 import MisagoRoute from 'misago/routes/misago';
-import ResetScroll from 'misago/mixins/reset-scroll';
 
-export default MisagoRoute.extend(ResetScroll, {
+export default MisagoRoute.extend({
   actions: {
     didTransition: function() {
       document.title = this.get('settings.forum_index_title') || this.get('settings.forum_name');

misago/emberapp/app/routes/misago.js

@@ -1,5 +1,5 @@
 import Ember from 'ember';
 import DocumentTitle from 'misago/mixins/document-title';
+import ResetScroll from 'misago/mixins/reset-scroll';
 
-export default Ember.Route.extend(DocumentTitle, {
-});
+export default Ember.Route.extend(DocumentTitle, ResetScroll);

misago/emberapp/app/routes/not-found.js

@@ -1,7 +1,6 @@
 import MisagoRoute from 'misago/routes/misago';
-import ResetScroll from 'misago/mixins/reset-scroll';
 
-export default MisagoRoute.extend(ResetScroll, {
+export default MisagoRoute.extend({
   actions: {
     didTransition: function() {
       // Not found route transitions to error404

misago/emberapp/app/routes/privacy-policy.js

@@ -1,7 +1,6 @@
 import MisagoRoute from 'misago/routes/misago';
-import ResetScroll from 'misago/mixins/reset-scroll';
 
-export default MisagoRoute.extend(ResetScroll, {
+export default MisagoRoute.extend({
   page: 'privacy-policy',
   defaultTitle: gettext('Privacy policy'),
 

misago/emberapp/app/routes/register.js

@@ -1,33 +0,0 @@
-import Ember from 'ember';
-import MisagoRoute from 'misago/routes/misago';
-import ResetScroll from 'misago/mixins/reset-scroll';
-
-export default MisagoRoute.extend(ResetScroll, {
-  stage: 'form',
-
-  isForm: Ember.computed.equal('stage', 'form'),
-  isDone: Ember.computed.equal('stage', 'done'),
-  isClosed: Ember.computed.equal('stage', 'closed'),
-
-  resolveStage: function() {
-    if (!this.get('isDone') && this.get('settings.account_activation') === 'closed') {
-      // we didn't complete prior registration and registrations aren't open
-      this.set('stage', 'closed');
-    }
-  },
-
-  stageTemplate: function() {
-    return 'register.' + this.get('stage');
-  }.property('stage'),
-
-  renderTemplate: function() {
-    this.resolveStage();
-    this.render(this.get('stageTemplate'));
-  },
-
-  actions: {
-    didTransition: function() {
-      this.set('title', gettext("Register"));
-    }
-  }
-});

misago/emberapp/app/services/auth.js

@@ -7,11 +7,26 @@ export default Ember.Service.extend({
     Ember.$('#hidden-logout-form').submit();
   },
 
-  blockAuthenticated: function(message) {
-    // TODO: if user is authenticated, throw error 403 with message
+  // Utils for triggering 403 error
+
+  _throw: function(message) {
+    throw {
+      status: 403,
+      responseJSON: {
+        detail: message
+      }
+    };
+  },
+
+  denyAuthenticated: function(message) {
+    if (this.get('isAuthenticated')) {
+      this._throw(message || gettext('This page is not available to signed in users.'));
+    }
   },
 
-  blockAnonymous: function(message) {
-    // TODO: if user is not authenticated, throw error 403 with message
+  denyAnonymous: function(message) {
+    if (this.get('isAnonymous')) {
+      this._throw(message || gettext('This page is not available to guests.'));
+    }
   }
 });

misago/emberapp/app/templates/navbar.hbs

@@ -6,8 +6,8 @@
       <span>{{settings.forum_name}}</span>
     {{/link-to}}
 
-    {{#if user.isAuthenticated}}
-    {{render 'user-nav'}}
+    {{#if auth.isAuthenticated}}
+      {{user-nav}}
     {{else}}
     <div class="guest-nav navbar-right">
       <button type="button" class="btn btn-default btn-login navbar-btn btn-sm" {{action "showModal" "login"}}>

misago/emberapp/tests/acceptance/auth-deny-test.js

@@ -0,0 +1,42 @@
+import Ember from 'ember';
+import { module, test } from 'qunit';
+import startApp from '../helpers/start-app';
+
+var application, container, service;
+
+module('Acceptance: Auth denyAuthenticated and denyAnonymous tests', {
+  beforeEach: function() {
+    application = startApp();
+    container = application.__container__;
+    service = container.lookup('service:auth');
+  },
+
+  afterEach: function() {
+    Ember.run(application, 'destroy');
+  }
+});
+
+test('guest can access protected route', function(assert) {
+  assert.expect(1);
+
+  visit('/forgotten-password');
+
+  andThen(function() {
+    assert.equal(currentPath(), 'forgotten-password.index');
+  });
+});
+
+test('authenticated is denied access to protected route', function(assert) {
+  assert.expect(2);
+
+  service.set('isAuthenticated', true);
+
+  visit('/forgotten-password');
+
+  andThen(function() {
+    assert.equal(currentPath(), 'error-403');
+
+    var errorMessage = Ember.$.trim(find('.error-message .lead').text());
+    assert.equal(errorMessage, 'Only guests can change forgotten password.');
+  });
+});

misago/emberapp/tests/unit/initializers/auth-service-test.js

@@ -15,10 +15,9 @@ module('AuthServiceInitializer', {
 });
 
 test('initializer registered auth and user', function(assert) {
-  assert.expect(2);
+  assert.expect(1);
 
   initialize(container, application);
 
-  assert.ok(container.lookup('misago:auth'));
-  assert.ok(container.lookup('misago:user'));
+  assert.ok(container.lookup('service:auth'));
 });

misago/emberapp/tests/unit/routes/register-test.js

@@ -1,14 +0,0 @@
-import {
-  moduleFor,
-  test
-} from 'ember-qunit';
-
-moduleFor('route:register', {
-  // Specify the other units that are required for this test.
-  // needs: ['controller:foo']
-});
-
-test('it exists', function(assert) {
-  var route = this.subject();
-  assert.ok(route);
-});

misago/emberapp/vendor/testutils/misago-preload-data.js

@@ -33,11 +33,7 @@ window.MisagoData = {
   "staticUrl": "",
 
   "isAuthenticated": false,
-
-  "user": {
-    "isAnonymous": true,
-    "isAuthenticated": false,
-  },
+  "user": {},
 
   "utcOffset": 0
 };