Fingertips-authentication-needed-san 1.0.0

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Fingertips, Eloy Duran <eloy@fngtps.com>
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,28 @@
+== AuthenticationNeededSan
+
+A thin wrapper around the Rails ‘flash’ object, to assist in redirecting a user
+‘back’ to the page she originally requested.
+
+For more info see the AuthenticationNeededSan class documentation.
+
+=== Example
+
+Consider an application which uses the authorization-san plugin. The
+ApplicationController would look something like the following:
+
+  class ApplicationController < ActionController::Base
+    # If nobody was logged in and this resource is not accessable by all,
+    # request authentication. Otherwise reply that the resource is forbidden.
+    def access_forbidden
+      # If the user is logged in and still can't view the page, we have to tell
+      # them access is forbidden.
+      if !@authenticated.nil?
+        send_response_document :forbidden
+      else
+        authentication_needed!
+      end
+    end
+  end
+
+The authorization-san plugin is available at:
+http://github.com/Fingertips/authorization-san

data/Rakefile

@@ -0,0 +1,42 @@
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+
+desc 'Default: run unit tests.'
+task :default => :test
+
+desc 'Test the authentication_needed_san plugin.'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = true
+end
+
+desc 'Generate documentation for the authentication_needed_san plugin.'
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'AuthenticationNeeded-San'
+  rdoc.options << '--line-numbers' << '--inline-source' << '--charset=utf-8'
+  rdoc.rdoc_files.include('README.rdoc', 'lib/authentication_needed_san.rb', 'LICENSE')
+end
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |s|
+    s.name     = "authentication-needed-san"
+    s.summary  = s.description = "A thin wrapper around the Rails `flash' object to assist in redirecting the user `back' after authentication."
+    s.email    = "eloy@fngtps.com"
+    s.homepage = "http://github.com/Fingertips/authentication-needed-san"
+    s.authors  = ["Eloy Duran"]
+  end
+rescue LoadError
+end
+
+begin
+  require 'jewelry_portfolio/tasks'
+  JewelryPortfolio::Tasks.new do |p|
+    p.account = 'Fingertips'
+  end
+rescue LoadError
+end

data/VERSION.yml

@@ -0,0 +1,4 @@
+--- 
+:major: 1
+:minor: 0
+:patch: 0

data/lib/authentication_needed_san.rb

@@ -0,0 +1,66 @@
+# == AuthenticationNeededSan
+#
+# AuthenticationNeededSan is a module which assists your controllers in dealing
+# with cases where authentication is needed, but you’d like to redirect the
+# user ‘back’ to the page she originally requested once the authentication flow
+# has been finished.
+# 
+# Since it uses the +flash+ internally, the data _won't_ be around after
+# the user makes another request. This is becasue you do not want the user
+# to be redirected ‘back’ to a page ‘out of the blue’. Which is what would
+# happen if we’d use the +session+.
+#
+# However, sometimes you might want to keep the data around for another
+# request. Use still_authentication_needed! in this case.
+module AuthenticationNeededSan
+  class ProtocolNotImplementedError < StandardError; end
+  
+  # Returns a hash of options that need to be kept around until
+  # finish_authentication_needed! is called.
+  def after_authentication
+    flash[:after_authentication] ||= {}
+  end
+  
+  # Call this method when authentication is needed and you want the user to
+  # be redirected back to the URL she requested.
+  #
+  # Any extra +options+ given will be available as well, through the
+  # after_authentication accessor.
+  #
+  # Your class should implement the +when_authentication_needed+ instance
+  # method, which you use to define what should happen when
+  # authentication_needed! is called. Normally you’d probably redirect the
+  # user to a ‘login’ page.
+  def authentication_needed!(options = {})
+    after_authentication.merge! options
+    after_authentication[:redirect_to] ||= request.url
+    
+    if respond_to?(:when_authentication_needed, true)
+      when_authentication_needed
+    else
+      raise ProtocolNotImplementedError,
+        "[!] The class `#{self.class.name}' should implement #when_authentication_needed to define what should be done after #authentication_needed! is called."
+    end
+  end
+  
+  # Returns whether or not there currently is any after_authentication data.
+  def authentication_needed?
+    !after_authentication.blank?
+  end
+  
+  # Force the after_authentication to be available after the next request.
+  #
+  # You’d use this if, for instance, authentication failed and the user needs
+  # to try it again.
+  def still_authentication_needed!
+    flash.keep :after_authentication
+  end
+  
+  # Finish the after_authentication flow, which means the user will be
+  # redirected ‘back’ to the page she originally requested _before_
+  # authentication_needed! was called.
+  def finish_authentication_needed!
+    flash.discard :after_authentication
+    redirect_to after_authentication[:redirect_to]
+  end
+end

data/rails/init.rb

@@ -0,0 +1,2 @@
+require 'authentication_needed_san'
+ApplicationController.send(:include, AuthenticationNeededSan)

data/test/authentication_needed_san_test.rb

@@ -0,0 +1,100 @@
+require File.expand_path('../test_helper', __FILE__)
+
+class TestController < ApplicationController
+  def does_not_need_authentication
+    render :nothing => true
+  end
+  
+  def needs_authentication
+    authentication_needed! :extra_option => "I was merged!"
+  end
+  
+  def needs_more_authentication
+    still_authentication_needed!
+    render :nothing => true
+  end
+  
+  def authenticate
+    finish_authentication_needed!
+  end
+  
+  private
+  
+  def when_authentication_needed
+    redirect_to new_session_url
+  end
+  
+  def new_session_url
+    "http://test/sessions/new"
+  end
+end
+
+class AuthenticationNeededTest < ActionController::TestCase
+  tests TestController
+  
+  test "should set a redirect_to value, which is the requested url, if authentication is needed" do
+    get :needs_authentication
+    assert_equal url_for(:needs_authentication), flash[:after_authentication][:redirect_to]
+  end
+  
+  test "should merge extra options into the after_authentication hash" do
+    get :needs_authentication
+    assert_equal "I was merged!", flash[:after_authentication][:extra_option]
+  end
+  
+  test "should invoke the when_authentication_needed instance method after #authentication_needed! is done" do
+    get :needs_authentication
+    assert_redirected_to new_session_url
+  end
+  
+  test "should raise a AuthenticationNeededSan::ProtocolNotImplementedError if the class does not implement the when_authentication_needed instance method" do
+    class << @controller
+      undef :when_authentication_needed
+    end
+    
+    assert_raises(AuthenticationNeededSan::ProtocolNotImplementedError) { get :needs_authentication }
+  end
+  
+  test "should return `false' if authentication is not needed" do
+    get :does_not_need_authentication
+    assert !@controller.send(:authentication_needed?)
+  end
+  
+  test "should return `true' if authentication is needed" do
+    get :needs_authentication
+    assert @controller.send(:authentication_needed?)
+  end
+  
+  test "should allow the authentication_needed data to survive an extra request if authentication is still needed" do
+    flash = stubbed_flash
+    flash.expects(:keep).with(:after_authentication)
+    get :needs_more_authentication, {}, {}, flash
+  end
+  
+  test "should redirect back to original user’s requested URL after authentication" do
+    get :authenticate, {}, {}, { :after_authentication => { :redirect_to => new_session_url } }
+    assert_redirected_to new_session_url
+  end
+  
+  test "should discard the :after_authentication data when #finish_authentication_needed! is called" do
+    flash = stubbed_flash
+    flash.expects(:discard).with(:after_authentication)
+    get :authenticate, {}, {}, flash
+  end
+  
+  private
+  
+  def url_for(action)
+    @controller.url_for(:action => action)
+  end
+  
+  def new_session_url
+    @controller.send :new_session_url
+  end
+  
+  def stubbed_flash
+    flash = { :after_authentication => { :redirect_to => new_session_url } }
+    @controller.stubs(:flash).returns(flash)
+    flash
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,19 @@
+$:.unshift File.expand_path('../../lib', __FILE__)
+
+begin
+  require 'rubygems'
+rescue LoadError
+end
+require 'active_support'
+require 'action_controller'
+require 'action_controller/test_case'
+ 
+require 'test/unit'
+
+ActionController::Base.logger = nil
+ActionController::Base.ignore_missing_templates = false if ActionController::Base.respond_to?(:ignore_missing_templates)
+ActionController::Routing::Routes.reload rescue nil
+
+class ApplicationController < ActionController::Base; end
+
+require File.expand_path('../../rails/init', __FILE__)

metadata

@@ -0,0 +1,62 @@
+--- !ruby/object:Gem::Specification 
+name: Fingertips-authentication-needed-san
+version: !ruby/object:Gem::Version 
+  version: 1.0.0
+platform: ruby
+authors: 
+- Eloy Duran
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-06-10 00:00:00 -07:00
+default_executable: 
+dependencies: []
+
+description: A thin wrapper around the Rails `flash' object to assist in redirecting the user `back' after authentication.
+email: eloy@fngtps.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- LICENSE
+- README.rdoc
+- Rakefile
+- VERSION.yml
+- lib/authentication_needed_san.rb
+- rails/init.rb
+- test/authentication_needed_san_test.rb
+- test/test_helper.rb
+has_rdoc: true
+homepage: http://github.com/Fingertips/authentication-needed-san
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: A thin wrapper around the Rails `flash' object to assist in redirecting the user `back' after authentication.
+test_files: 
+- test/authentication_needed_san_test.rb
+- test/test_helper.rb