adeia 0.10.0 → 0.10.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f30f7fa1eed97db1750a87c086adbf844427bfc2
-  data.tar.gz: 0f0805b6158786a85b585c9ef57142abe87944b7
+  metadata.gz: 8b88b34b9e3cf15bf8012237d1b0175bb9554ae8
+  data.tar.gz: b4cf556246fe43b51ca8f3e056106c849c372487
 SHA512:
-  metadata.gz: b5f3dc2e53876486e29c471b40178989924d9fd7e2525a2ed63921a25806988569b17fb1085f33f0481217fa5e72c117a2791ccf68efe33b1459a3559a7ed632
-  data.tar.gz: d259aa746873ad3d115fb9f29e62ff305c02f9ad724987438a699901462c85df6cf887920a87b3c7010ebe3cc5e2b8eadfeb92979e52ba69f9a4ad54b3301ef0
+  metadata.gz: 313c6b24c7633f1fc6af4771b3bd34d2295050bc98fa2512d991f9e03e462c5df9d5ab3c520eee4a6f6fab4ccac1718472738096464f86765641c0529e68822e
+  data.tar.gz: 929af587b2acab783df69cc9c9440e1860be98967a75899f8a23753110a334dabe8e729c42bc379658a45038ffac217563c4d892ab3a3cfd70d95bdc2752afba

data/lib/adeia/controller_methods.rb

@@ -40,7 +40,10 @@ module Adeia
     end
 
     def require_login!
-      raise LoginRequired unless signed_in?
+      unless signed_in?
+        store_location
+        raise LoginRequired
+      end
     end
 
     def can?(action, element, resource=nil)
@@ -62,6 +65,16 @@ module Adeia
       cookies.delete(:return_to)
     end
 
+    # Store the current url in a cookie
+    # 
+    # * *Args*    :
+    # 
+    # * *Returns* :
+    #
+    def store_location
+      cookies[:return_to] = request.fullpath if request.get?
+    end
+
   end
 
 end

data/lib/adeia/controller_resource.rb

@@ -33,7 +33,7 @@ module Adeia
       @token = args.fetch(:token, @controller.request.GET[:token])
       @resource = args[:resource]
       @user = @controller.current_user
-      store_location
+      @controller.store_location
     end
 
     def load_resource
@@ -116,16 +116,6 @@ module Adeia
       end
     end
 
-    # Store the current url in a cookie
-    # 
-    # * *Args*    :
-    # 
-    # * *Returns* :
-    #
-    def store_location
-      @controller.request.cookie_jar[:return_to] = @controller.request.fullpath
-    end
-
   end
 
 end

data/lib/adeia/version.rb

@@ -1,3 +1,3 @@
 module Adeia
-  VERSION = "0.10.0"
+  VERSION = "0.10.1"
 end

data/spec/adeia/controller_methods_spec.rb

@@ -91,6 +91,25 @@ module Adeia
         end
       end
 
+      context "with a resource provided and a controller with a different name" do
+
+        controller do
+          def index
+            @article = Article.create(title: "Rspec tests", content: "Lorem ipsum", id: 100)
+            @can = can? :read, "letters", @article
+            render nothing: true
+          end
+        end
+
+        it "returns true when the user is authorized" do
+          sign_in_user
+          create(:permission, owner: @user, element_name: "letters", type_name: "on_entry", resource_id: 100, read_right: true)
+          get :index
+          expect(assigns(:can)).to be true
+        end
+
+      end
+
       context "with a resource and a namespace" do
 
         controller do
@@ -111,7 +130,7 @@ module Adeia
 
     end
 
-     describe "#rights?" do
+    describe "#rights?" do
 
       controller do
         def index

data/spec/features/redirect_back_or_spec.rb

@@ -0,0 +1,32 @@
+require "rails_helper"
+
+RSpec.describe "#redirect_back_or", :type => :feature do
+
+  let(:user) { create(:user) }
+  
+  it "stores the location when authorizing" do
+    create(:permission, element_name: "articles", read_right: true, owner: user)
+    visit "/articles" # redirect to login path
+    fill_in "Name", with: user.name
+    fill_in "Password", with: "12341"
+    click_button "Login"
+    expect(page.current_path).to eq "/articles"
+  end
+
+  it "stores the location when requiring login" do
+    visit "/comments" # redirect to login path
+    fill_in "Name", with: user.name
+    fill_in "Password", with: "12341"
+    click_button "Login"
+    expect(page.current_path).to eq "/comments"
+  end
+
+  it "doesn't store the location if the HTTP method isn't GET" do
+    visit "/comments/new"
+    click_button "Create a comment" # redirect to login path
+    fill_in "Name", with: user.name
+    fill_in "Password", with: "12341"
+    click_button "Login"
+    expect(page.current_path).to eq "/"
+  end
+end

data/spec/spec_helper.rb

@@ -1,4 +1,5 @@
 require 'factory_girl_rails'
+require 'capybara/rspec'
 require 'rspec/active_model/mocks'
 
 FactoryGirl.definition_file_paths = [ File.join(File.dirname(__FILE__), '../spec/factories') ]

data/spec/test_app/app/controllers/application_controller.rb

@@ -2,4 +2,7 @@ class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
+
+  rescue_from(Adeia::LoginRequired) { |e| redirect_to login_path }
+  rescue_from(Adeia::AccessDenied) { |e| redirect_to root_path }
 end

data/spec/test_app/app/controllers/articles_controller.rb

@@ -1,6 +1,6 @@
+# Used to test #authorize!, #load_and_authorize & load_and_authorize!
 class ArticlesController < ApplicationController
-  load_and_authorize only: [:edit]
-  require_login only: [:update]
+  load_and_authorize except: [:index, :show, :new]
 
   def index
     authorize_and_load_records!
@@ -19,7 +19,6 @@ class ArticlesController < ApplicationController
   end
 
   def create
-    require_login!
     @article = Article.new(article_params)
     @article.user = current_user
     if @article.save

data/spec/test_app/app/controllers/comments_controller.rb

@@ -0,0 +1,17 @@
+# Used to test #store_location & #redirect_back_or
+class CommentsController < ApplicationController
+
+  def index
+    require_login!
+    render text: "All the comments"
+  end
+
+  def new
+  end
+
+  def create
+    require_login!
+    render text: "Comment created"
+  end
+
+end

data/spec/test_app/app/controllers/pages_controller.rb

@@ -0,0 +1,6 @@
+class PagesController < ApplicationController
+
+  def dashboard
+  end
+  
+end

data/spec/test_app/app/controllers/sessions_controller.rb

@@ -7,7 +7,7 @@ class SessionsController < ApplicationController
     @user = User.find_by_name(params[:session][:name])
     if @user && @user.authenticate(params[:session][:password])
       sign_in(@user, permanent: params[:session][:remember_me] == "1")
-      redirect_to articles_path, success: "Signed in"
+      redirect_back_or root_path, success: "Signed in"
     else
       flash.now[:error] = "Incorrect user/password"
       render 'new'
@@ -15,6 +15,7 @@ class SessionsController < ApplicationController
   end
 
   def destroy
+    require_login!
     sign_out
     redirect_to root_path, success: "Signed out"
   end

data/spec/test_app/app/views/comments/new.html.erb

@@ -0,0 +1,7 @@
+<h1>New comment</h1>
+
+<%= form_tag comments_path do %>
+  
+  <%= submit_tag "Create a comment" %>
+
+<% end %>

data/spec/test_app/app/views/pages/dashboard.html.erb

@@ -0,0 +1,3 @@
+<h1>Dashboard</h1>
+<h2>All your last activities here ! </h2>
+<p>You're not very active those days...</p>

data/spec/test_app/config/application.rb

@@ -21,6 +21,14 @@ module Dummy
 
     # Do not swallow errors in after_commit/after_rollback callbacks.
     config.active_record.raise_in_transactional_callbacks = true
+
+    config.generators do |g|
+      g.orm             :active_record
+      g.template_engine :erb
+      g.stylesheets     false
+      g.javascripts     false
+      g.helper          false
+    end
   end
 end
 

data/spec/test_app/config/routes.rb

@@ -1,11 +1,13 @@
 Rails.application.routes.draw do
   mount Adeia::Engine => "/adeia"
 
-  root "articles#index"
+  root "pages#dashboard"
+  get "dashboard", to: "pages#dashboard"
 
-  get 'login', to: "sessions#new"
-  get 'logout', to: 'sessions#destroy'
+  get "login", to: "sessions#new"
+  get "logout", to: "sessions#destroy"
   resources :sessions, only: [:create]
 
   resources :articles
+  resources :comments
 end

data/spec/test_app/log/development.log

@@ -52310,3 +52310,41 @@ Migrating to CreateArticles (20151012185726)
             FROM sqlite_temp_master
             WHERE name='index_articles_on_user_id' AND type='index'
 
+
+
+Started GET "/" for ::1 at 2015-11-16 21:10:23 +0100
+  ActiveRecord::SchemaMigration Load (0.8ms)  SELECT "schema_migrations".* FROM "schema_migrations"
+Processing by ArticlesController#dashboard as HTML
+  Rendered articles/dashboard.html.erb within layouts/application (2.3ms)
+  User Load (0.7ms)  SELECT  "users".* FROM "users" WHERE "users"."remember_token" = ? LIMIT 1  [["remember_token", "24c43IkYlTqZjPq3y4veLw"]]
+Completed 200 OK in 263ms (Views: 261.5ms | ActiveRecord: 1.0ms)
+
+
+Started GET "/assets/scaffold.self-83b741db49389dc7cfdf85bf7537a0219cce48e085c4116afc83d55c9af47c78.css?body=1" for ::1 at 2015-11-16 21:10:23 +0100
+
+
+Started GET "/assets/application.self-e80e8f2318043e8af94dddc2adad5a4f09739a8ebb323b3ab31cd71d45fd9113.css?body=1" for ::1 at 2015-11-16 21:10:23 +0100
+
+
+Started GET "/assets/application.self-8f06a73c35179188914ab50e057157639fce1401c1cdca640ac9cec33746fc5b.js?body=1" for ::1 at 2015-11-16 21:10:23 +0100
+
+
+Started GET "/login" for ::1 at 2015-11-16 21:10:27 +0100
+Processing by SessionsController#new as HTML
+  Rendered sessions/new.html.erb within layouts/application (32.2ms)
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."remember_token" = ? LIMIT 1  [["remember_token", "24c43IkYlTqZjPq3y4veLw"]]
+Completed 200 OK in 55ms (Views: 54.6ms | ActiveRecord: 0.1ms)
+
+
+Started GET "/logout" for ::1 at 2015-11-16 21:10:29 +0100
+Processing by SessionsController#destroy as HTML
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."remember_token" = ? LIMIT 1  [["remember_token", "24c43IkYlTqZjPq3y4veLw"]]
+Redirected to http://localhost:3000/login
+Completed 302 Found in 2ms (ActiveRecord: 0.2ms)
+
+
+Started GET "/login" for ::1 at 2015-11-16 21:10:29 +0100
+Processing by SessionsController#new as HTML
+  Rendered sessions/new.html.erb within layouts/application (1.6ms)
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."remember_token" = ? LIMIT 1  [["remember_token", "24c43IkYlTqZjPq3y4veLw"]]
+Completed 200 OK in 27ms (Views: 26.4ms | ActiveRecord: 0.1ms)