action_interceptor 0.5.3 → 1.0.0

data/lib/action_interceptor/version.rb

@@ -1,3 +1,3 @@
 module ActionInterceptor
-  VERSION = '0.5.3'
+  VERSION = '1.0.0'
 end

data/spec/dummy/config/application.rb

@@ -18,7 +18,5 @@ module Dummy
     # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
     # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
     # config.i18n.default_locale = :de
-
-    config.i18n.enforce_available_locales = true
   end
 end

data/spec/dummy/config/environments/production.rb

@@ -20,7 +20,7 @@ Dummy::Application.configure do
   # config.action_dispatch.rack_cache = true
 
   # Disable Rails's static asset server (Apache or nginx will already do this).
-  config.serve_static_assets = false
+  config.serve_static_files = false
 
   # Compress JavaScripts and CSS.
   config.assets.js_compressor = :uglifier

data/spec/dummy/config/environments/test.rb

@@ -13,7 +13,7 @@ Dummy::Application.configure do
   config.eager_load = false
 
   # Configure static asset server for tests with Cache-Control for performance.
-  config.serve_static_assets  = true
+  config.serve_static_files  = true
   config.static_cache_control = "public, max-age=3600"
 
   # Show full error reports and disable caching.

data/spec/dummy/config/initializers/action_interceptor.rb

@@ -1,13 +1,5 @@
-ActionInterceptor.configure do
-  intercepted_url_key :dummy_key
+ActionInterceptor.configure do |config|
+  config.default_url = '/dummy'
 
-  override_url_options true
-
-  skip_session false
-
-  interceptor :registration do
-  end
-
-  interceptor :my_interceptor do
-  end
+  config.default_key = :dummy_key
 end

data/spec/dummy/lib/strategies/dummy.rb

@@ -0,0 +1,24 @@
+module Strategies
+  class Dummy
+
+    attr_reader :controller
+
+    def initialize(controller)
+      @controller = controller
+      @url = {}
+    end
+
+    def set(key, string)
+      @url[key] = string
+    end
+
+    def get(key)
+      @url[key]
+    end
+
+    def unset(key)
+      @url.delete(:key)
+    end
+
+  end
+end

data/spec/dummy/log/test.log

@@ -0,0 +1 @@
+Redirected to 

data/spec/lib/action_interceptor/action_controller/base_spec.rb

@@ -0,0 +1,65 @@
+require 'spec_helper'
+
+module ActionInterceptor
+  module ActionController
+    describe Base do
+
+      let!(:request)    {
+        r = ::ActionController::TestRequest.new(host: 'http://test.me')
+        r.env['HTTP_REFERER'] = 'http://refer.er'
+        r
+      }
+      let!(:controller) {
+        c = ::ActionController::Base.new
+        c.request = request
+        c
+      }
+
+      it 'modifies ActionController::Base' do
+        expect(controller.respond_to?(:current_page?, true)).to eq true
+        expect(controller.respond_to?(:current_url, true)).to eq true
+        expect(controller.respond_to?(:store_url, true)).to eq true
+        expect(controller.respond_to?(:stored_url, true)).to eq true
+        expect(controller.respond_to?(:store_fallback, true)).to eq true
+        expect(controller.respond_to?(:delete_stored_url, true)).to eq true
+        expect(controller.respond_to?(:redirect_back, true)).to eq true
+      end
+
+      it "allows controllers to store and retrieve url's" do
+        current_url = controller.send(:current_url)
+        expect(controller.send(:current_page?, current_url)).to eq true
+        referer = request.referer
+
+        expect(controller.send(:current_page?, referer)).to eq false
+
+        expect(controller.send(:stored_url)).to be_blank
+
+        expect(controller.send(:store_url)).to eq current_url
+        expect(controller.send(:stored_url)).to eq current_url
+
+        expect(controller.send(:delete_stored_url)).to be_nil
+        expect(controller.send(:stored_url)).to be_blank
+
+        expect(controller.send(:store_fallback)).to eq referer
+        expect(controller.send(:stored_url)).to eq referer
+
+        expect(controller).to receive(:redirect_to) { |url| url }
+        expect(controller.send(:redirect_back)).to eq(referer)
+        expect(controller.send(:stored_url)).to be_blank
+
+        expect(controller.send(:store_url)).to eq current_url
+        expect(controller.send(:stored_url)).to eq current_url
+
+        expect(controller.send(:store_fallback)).to eq nil
+        expect(controller.send(:stored_url)).to eq current_url
+
+        expect(controller).to receive(:redirect_to) { |url| url }
+        expect(controller.send(:redirect_back)).to(
+          eq ActionInterceptor.config.default_url
+        )
+        expect(controller.send(:stored_url)).to be_blank
+      end
+
+    end
+  end
+end

data/spec/lib/action_interceptor/configuration_spec.rb

@@ -0,0 +1,20 @@
+require 'spec_helper'
+
+module ActionInterceptor
+  describe Configuration do
+
+    let!(:config) { Configuration.new }
+
+    it 'stores configuration options' do
+      expect(config.default_url).to be_nil
+      expect(config.default_key).to be_nil
+
+      config.default_url = '/url'
+      config.default_key = :key
+
+      expect(config.default_url).to eq('/url')
+      expect(config.default_key).to eq(:key)
+    end
+
+  end
+end

data/spec/lib/action_interceptor/strategies/session_spec.rb

@@ -0,0 +1,29 @@
+require 'spec_helper'
+
+module ActionInterceptor
+  module Strategies
+    describe Session do
+
+      let!(:request)    {
+        ::ActionController::TestRequest.new(:host => 'http://test.me')
+      }
+      let!(:controller) {
+        c = ::ActionController::Base.new
+        c.request = request
+        c
+      }
+      let!(:strategy)   { Session.new(controller) }
+      let!(:key)        { :key }
+      let!(:string)     { 'string' }
+
+      it "stores and retrieves url's in the session" do
+        expect(strategy.get(key)).to eq nil
+        expect(strategy.set(key, string)).to eq string
+        expect(strategy.get(key)).to eq string
+        expect(strategy.unset(key)).to eq string
+        expect(strategy.get(key)).to eq nil
+      end
+
+    end
+  end
+end

data/spec/lib/action_interceptor/strategies_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+require 'dummy/lib/strategies/dummy'
+
+module ActionInterceptor
+  describe Strategies do
+
+    let!(:controller) { ::ActionController::Base.new }
+
+    it 'registers and instantiates storage strategies' do
+      ActionInterceptor::Strategies.register(:dummy, ::Strategies::Dummy)
+      strategy = ActionInterceptor::Strategies.find(controller, :dummy)
+      expect(strategy).to be_a ::Strategies::Dummy
+      expect(strategy.controller).to eq controller
+
+      strategies = ActionInterceptor::Strategies.find_all(controller, [:dummy])
+      strategies.each do |strategy|
+        expect(strategy).to be_a ::Strategies::Dummy
+        expect(strategy.controller).to eq controller
+      end
+    end
+
+  end
+end

data/spec/lib/action_interceptor_spec.rb

@@ -2,23 +2,7 @@ require 'spec_helper'
 
 describe ActionInterceptor do
   it 'must be configurable' do
-    expect(ActionInterceptor::DEFAULT_CONFIG[:intercepted_url_key]).to eq(:dummy_key)
-    expect(ActionInterceptor::DEFAULT_CONFIG[:override_url_options]).to eq(true)
-    expect(ActionInterceptor::DEFAULT_CONFIG[:skip_session]).to eq(false)
-    expect(ActionInterceptor.interceptors.keys).to include(:registration)
-
-    my_block = lambda { 'my_block' }
-
-    ActionInterceptor.configure do
-      intercepted_url_key :my_key
-      override_url_options false
-      skip_session true
-      interceptor :my_name, &my_block
-    end
-
-    expect(ActionInterceptor::DEFAULT_CONFIG[:intercepted_url_key]).to eq(:my_key)
-    expect(ActionInterceptor::DEFAULT_CONFIG[:override_url_options]).to eq(false)
-    expect(ActionInterceptor::DEFAULT_CONFIG[:skip_session]).to eq(true)
-    expect(ActionInterceptor.interceptors).to include({:my_name => my_block})
+    expect(ActionInterceptor.config.default_url).to eq('/dummy')
+    expect(ActionInterceptor.config.default_key).to eq(:dummy_key)
   end
 end

metadata

@@ -1,79 +1,79 @@
 --- !ruby/object:Gem::Specification
 name: action_interceptor
 version: !ruby/object:Gem::Version
-  version: 0.5.3
+  version: 1.0.0
 platform: ruby
 authors:
 - Dante Soares
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-11 00:00:00.000000000 Z
+date: 2015-03-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '3.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '3.1'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: Action Interceptor provides controllers that require users to perform
-  some task, then redirect them back to the page they were on. Useful for authentication,
-  registration, signing terms of use, etc.
+description: Action Interceptor provides methods to store return url's across multiple
+  requests. Useful during authentication, registration, signing terms of use, etc.
 email:
 - dms3@rice.edu
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- MIT-LICENSE
+- README.md
+- Rakefile
 - config/initializers/action_interceptor.rb
-- lib/action_interceptor/action_controller.rb
-- lib/action_interceptor/action_mailer.rb
-- lib/action_interceptor/common.rb
-- lib/action_interceptor/encryptor.rb
+- lib/action_interceptor.rb
+- lib/action_interceptor/action_controller/base.rb
+- lib/action_interceptor/configuration.rb
 - lib/action_interceptor/engine.rb
-- lib/action_interceptor/undefined_interceptor.rb
+- lib/action_interceptor/strategies.rb
+- lib/action_interceptor/strategies/session.rb
 - lib/action_interceptor/version.rb
-- lib/action_interceptor.rb
 - lib/tasks/action_interceptor_tasks.rake
-- MIT-LICENSE
-- Rakefile
-- README.md
+- spec/dummy/README.md
+- spec/dummy/Rakefile
 - spec/dummy/app/assets/javascripts/application.js
 - spec/dummy/app/assets/stylesheets/application.css
 - spec/dummy/app/controllers/application_controller.rb
@@ -83,6 +83,7 @@ files:
 - spec/dummy/bin/bundle
 - spec/dummy/bin/rails
 - spec/dummy/bin/rake
+- spec/dummy/config.ru
 - spec/dummy/config/application.rb
 - spec/dummy/config/boot.rb
 - spec/dummy/config/database.yml
@@ -100,20 +101,18 @@ files:
 - spec/dummy/config/initializers/wrap_parameters.rb
 - spec/dummy/config/locales/en.yml
 - spec/dummy/config/routes.rb
-- spec/dummy/config.ru
 - spec/dummy/db/test.sqlite3
+- spec/dummy/lib/strategies/dummy.rb
 - spec/dummy/log/development.log
 - spec/dummy/log/test.log
 - spec/dummy/public/404.html
 - spec/dummy/public/422.html
 - spec/dummy/public/500.html
 - spec/dummy/public/favicon.ico
-- spec/dummy/Rakefile
-- spec/dummy/README.md
-- spec/lib/action_interceptor/action_controller_spec.rb
-- spec/lib/action_interceptor/action_mailer_spec.rb
-- spec/lib/action_interceptor/common_spec.rb
-- spec/lib/action_interceptor/encryptor_spec.rb
+- spec/lib/action_interceptor/action_controller/base_spec.rb
+- spec/lib/action_interceptor/configuration_spec.rb
+- spec/lib/action_interceptor/strategies/session_spec.rb
+- spec/lib/action_interceptor/strategies_spec.rb
 - spec/lib/action_interceptor_spec.rb
 - spec/spec_helper.rb
 homepage: http://github.com/openstax/action_interceptor
@@ -126,20 +125,20 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.4.6
 signing_key: 
 specification_version: 4
-summary: Handles redirection to and from `interceptor` controllers.
+summary: Handles storage of return url's across multiple requests
 test_files:
 - spec/dummy/app/assets/javascripts/application.js
 - spec/dummy/app/assets/stylesheets/application.css
@@ -169,6 +168,7 @@ test_files:
 - spec/dummy/config/routes.rb
 - spec/dummy/config.ru
 - spec/dummy/db/test.sqlite3
+- spec/dummy/lib/strategies/dummy.rb
 - spec/dummy/log/development.log
 - spec/dummy/log/test.log
 - spec/dummy/public/404.html
@@ -177,9 +177,9 @@ test_files:
 - spec/dummy/public/favicon.ico
 - spec/dummy/Rakefile
 - spec/dummy/README.md
-- spec/lib/action_interceptor/action_controller_spec.rb
-- spec/lib/action_interceptor/action_mailer_spec.rb
-- spec/lib/action_interceptor/common_spec.rb
-- spec/lib/action_interceptor/encryptor_spec.rb
+- spec/lib/action_interceptor/action_controller/base_spec.rb
+- spec/lib/action_interceptor/configuration_spec.rb
+- spec/lib/action_interceptor/strategies/session_spec.rb
+- spec/lib/action_interceptor/strategies_spec.rb
 - spec/lib/action_interceptor_spec.rb
 - spec/spec_helper.rb

data/lib/action_interceptor/action_controller.rb

@@ -1,175 +0,0 @@
-require 'action_interceptor/common'
-require 'action_interceptor/encryptor'
-require 'action_interceptor/undefined_interceptor'
-
-module ActionInterceptor
-  module ActionController
-
-    def self.included(base)
-      base.class_attribute :interceptor_config, :interceptor_filters
-      base.interceptor_filters = {}
-
-      base.send :attr_accessor, :interceptor_enabled
-
-      base.before_filter :interceptor_setup
-
-      base.helper_method :interceptor_enabled, :interceptor_enabled=,
-                         :is_interceptor?, :current_page?,
-                         :current_url, :current_url_hash, 
-
-      base.extend(ClassMethods)
-    end
-
-    def _compute_redirect_to_location(*args, &block)
-      url_for(super(*args, &block))
-    end
-
-    protected
-
-    def is_interceptor?
-      !interceptor_config.nil?
-    end
-
-    def current_page?(url)
-      # Blank is the current page
-      url.blank? || URI(url).path == request.path
-    end
-
-    def current_url
-      "#{request.protocol}#{request.host_with_port}#{request.fullpath}"
-    end
-
-    def current_url_hash
-      return @current_url_hash if @current_url_hash
-
-      config = interceptor_config || ActionInterceptor::DEFAULT_CONFIG
-      key = config[:intercepted_url_key]
-
-      # Can't redirect back to non-get
-      # Also, can't call root_url here, so use '/' instead
-      url = Encryptor.encrypt_and_sign(request.get? ? current_url : '/')
-
-      @current_url_hash = {key => url}
-    end
-
-    def interceptor_setup
-      if is_interceptor?
-        self.interceptor_enabled = interceptor_config[:override_url_options]
-        session.delete(:interceptor) if interceptor_config[:skip_session]
-      else
-        self.interceptor_enabled = false
-        session.delete(:interceptor)
-      end
-    end
-
-    module ClassMethods
-
-      def interceptor(*interceptor_names, &block)
-        options = interceptor_names.extract_options!
-        filter_name = options.delete(:filter_name)
-        fnames = interceptor_names.collect do |iname|
-          fname = filter_name || iname
-          interceptor_filters[iname] = fname
-
-          define_method fname do
-            blk = block || ActionInterceptor.interceptors[iname]
-            raise UndefinedInterceptor, iname unless blk
-
-            with_interceptor &blk
-          end
-
-          fname
-        end
-
-        before_filter *fnames, options
-      end
-
-      def skip_interceptor(*interceptor_names)
-        options = interceptor_names.extract_options!
-        filter_name = options.delete(:filter_name)
-        fnames = interceptor_names.collect do |iname|
-          filter_name || interceptor_filters[iname] || iname
-        end
-
-        skip_before_filter *fnames, options
-      end
-
-      def acts_as_interceptor(opts = {})
-        self.interceptor_config = ActionInterceptor::DEFAULT_CONFIG.merge(opts)
-
-        class_exec do
-
-          attr_writer :intercepted_url
-
-          # Ensure that we always store the intercepted url
-          before_filter :intercepted_url
-
-          helper_method :intercepted_url, :intercepted_url_hash
-
-          protected
-
-          def intercepted_url
-            return @intercepted_url if @intercepted_url
-
-            key = interceptor_config[:intercepted_url_key]
-            encrypted_url = params[key]
-            session_hash = session[:interceptor] \
-              unless interceptor_config[:skip_session]
-            session_hash ||= {}
-
-            begin
-              # URL params are the most reliable, as they preserve
-              # state even if the user presses the back button
-              # We need to sign them to prevent the Open Redirect vulnerability
-              @intercepted_url = Encryptor.decrypt_and_verify(encrypted_url)
-
-              # If we got this far, the encrypted url is valid
-              # (i.e. we signed it), so reuse it
-              @intercepted_url_hash = {key => encrypted_url}
-            rescue ActiveSupport::MessageVerifier::InvalidSignature
-              # If the param is not available, use our best guess
-              # Session and referer are safe for redirects (for that user)
-              # Also, can't call root_url here, so use '/' instead
-              @intercepted_url = session_hash[key] || request.referer || '/'
-            end
-
-            # Prevent self-redirect
-            @intercepted_url = '/' if current_page?(@intercepted_url)
-
-            # Session is a signed plaintext in Rails 3
-            # In Rails 4, it is encrypted by default
-            session[:interceptor] = session_hash.merge(
-              key => @intercepted_url
-            ) unless interceptor_config[:skip_session]
-
-            @intercepted_url
-          end
-
-          def intercepted_url_hash
-            # Run intercepted_url to verify the params in case the
-            # encrypted url is in there and can be reused
-            unencrypted_url = intercepted_url
-            return @intercepted_url_hash if @intercepted_url_hash
-
-            url = Encryptor.encrypt_and_sign(unencrypted_url)
-            key = interceptor_config[:intercepted_url_key]
-
-            @intercepted_url_hash = {key => url}
-          end
-
-          def redirect_back(options = {})
-            # Disable the return_to param
-            without_interceptor do
-              redirect_to intercepted_url, options
-            end
-          end
-
-        end
-      end
-
-    end
-
-  end
-end
-
-ActionController::Base.send :include, ActionInterceptor::ActionController