aker-rails 2.0.3 → 3.0.1

data/CHANGELOG.md

@@ -1,19 +1,7 @@
 Aker-Rails History
 ==================
 
-2.0.3
------
-
-### Fixes
-
-- CSRF token verification in Rails >= 2.3.11 is now properly handled (#4).
-
-### Development
-
-- Added missing LICENSE. Aker-Rails is made available under the MIT
-  license.
-
-2.0.2
+3.0.1
 -----
 
 ### Development
@@ -23,23 +11,19 @@ Aker-Rails History
   renaming of the main project.
 - Switch integration test suite from Celerity to Mechanize. (#3931)
   This eliminates the JRuby dependency for integration testing.
+- Fixed: non-form UI modes can have their middleware correctly applied
+  (#1). This requires a rearrangement of your application's
+  configuration code; see the README for details.
 
 Bcsec-Rails History
 ===================
 
-2.0.1
+3.0.0
 -----
 
-### Fixed
-
-- The bcsec middleware is no longer appended to the stack multiple
-  times when class reloading is active. (#4486)
-
-### Development
+### Features
 
-- Use bundler 1.0. (#3930)
-- CI builds use most-recent-available gems for all dependencies,
-  including prerelease versions of bcsec. (#4422, #4427)
+- Rails 3.0 support
 
 2.0.0
 -----

data/README.md

@@ -1,19 +1,26 @@
 Aker-Rails
-===========
+==========
 
 `aker-rails` is the Rails plugin for Aker 3.0 and later.  It is a
 thin wrapper around Aker's rack support.
 
 There are separate plugins for Rails 3.x and Rails 2.3.x. You're
-looking at the version for **Rails 2.3.x**. The version for Rails 3.x
-has a version number with major version 3.
+looking at the version for **Rails 3.x**. The version for Rails 2.3.x
+has a version number with major version 2.
+
+Reader's note: this README uses [YARD][] markup to provide links to
+Aker-Rails' API documentation. If you aren't already, consider reading it
+on [rubydoc.info][] so that the links will be followable.
+
+[YARD]: http://yardoc.org/
+[rubydoc.info]: http://rubydoc.info/github/NUBIC/aker-rails/rails3/file/README.md
 
 Setup
 -----
 
 ### Prerequisites
 
-`aker-rails` requires Rails ~> 2.3.5.
+`aker-rails` requires Rails ~> 3.0.
 
 Since `aker-rails` is just a thin wrapper, you'll want to be familiar
 with [Aker][] before you get started.
@@ -22,40 +29,25 @@ with [Aker][] before you get started.
 
 ### Get the gem
 
-`aker-rails` is a gem plugin.  In order to use it, either install the
-gem at the system level or (better) include it in your bundler-using
-application's Gemfile.
-
-#### Okay
-
-    !!!plain
-    $ gem install aker-rails
-
-#### Better
-
-    # in your Gemfile
-    gem 'aker-rails', '~> 2.0'
+`aker-rails` is a gem plugin.  In order to use it, include it in your
+application's Gemfile:
 
-### Add it to the application
+    gem 'aker-rails'
 
-Next, configure the gem into your Rails application's environment.
-(This is necessary for gem plugins even if you are using bundler.)
+Between this and the `Bundler.require` that most Rails 3 applications do
+as part of their initialization process, that's all you usually need to
+do to get aker and aker-rails loaded in your Rails application.
 
-    # In config/environment.rb's initializer block
-    config.gem "aker-rails", :lib => 'aker/rails', :version => '~> 2.0'
+### Add a global configuration for Aker
 
-### Add an initializer for aker
-
-Put your global configuration in an initializer. By _global
+Put your global configuration `config/application.rb`. By _global
 configuration_ I mean the parts that are the same no matter which
-environment you are using, like the portal name and the modes.  (N.b.:
-You have to put it in an initializer — if you just put it at the
-end of `config/environment.rb` it won't work.)
+environment you are using, like the portal name and the modes.
 
-    # In config/initializers/aker.rb
-    Aker.configure do
+    # In config/application.rb, inside the Application subclass definition
+    config.aker do
       # The authentication protocol to use for interactive access.
-      # `:form` is the default.
+      # :form is the default.
       ui_mode :form
 
       # The authentication protocol(s) to use for non-interactive
@@ -66,8 +58,12 @@ end of `config/environment.rb` it won't work.)
       portal :ENU
     end
 
+(Migration note: this differs from the Rails 2.3 version of this
+plugin. *Aker configuration should not happen in a Rails 3
+initializer.*)
+
 For more information on the configuration syntax and options, see the
-aker API documentation for {Aker::Configuration}.
+aker API documentation for `Aker::Configuration`.
 
 ### Add per-environment configurations
 
@@ -78,20 +74,23 @@ visible from your workstation. This means that the `authorities` line
 will be env-specific.
 
     # In config/environments/production.rb, for example
-    config.after_initialize do
-      Aker.configure do
-        # The authorities to use.  See the aker API documentation
-        # for `Aker::Authorities` for options.
-        authorities :ldap
-
-        # The server-central parameters file for authority
-        # and policy parameters (optional). See
-        # `Aker::CentralParameters` for a discussion of why this is a
-        # good idea.
-        central '/etc/nubic/aker-prod.yml'
-      end
+    config.aker do
+      # The authorities to use.  See the aker API documentation
+      # for Aker::Authorities for options.
+      authorities :ldap
+
+      # The server-central parameters file for authority
+      # and policy parameters (optional). See
+      # Aker::CentralParameters for a discussion of why this is a
+      # good idea.
+      central '/etc/nubic/aker-prod.yml'
     end
 
+(Migration note: this differs from the Rails 2.3 version of this
+plugin. *Aker configuration should not happen in a Rails 3
+after_initialize block.*)
+
+
 Integration into your app
 -------------------------
 
@@ -112,7 +111,7 @@ If you want to further require that all actions in a controller
 require that the user be a member of a certain group, you can use the
 {Aker::Rails::SecuredController::ClassMethods#permit permit} method:
 
-    class ManuscriptController < ActionController::Base
+    class ManuscriptController < ApplicationController
       include Aker::Rails::SecuredController
       permit :editor
     end
@@ -124,7 +123,7 @@ particular group or groups.  The helper for this is also called
 {Aker::Rails::Application#permit? permit}:
 
     # In a controller action
-    class DashboardController < ActionController::Base
+    class DashboardController < ApplicationController
       # ...
       def index
         if permit?(:editor)
@@ -138,14 +137,15 @@ particular group or groups.  The helper for this is also called
        @manuscripts.collect { |m| m.title }.join(', ')
     <% end %>
 
-This permit helper is available to all controllers and views, not just
-ones that mix in {Aker::Rails::SecuredController}.  This means you
-can have a publically-accessible page which has additional/different
-content for a logged-in user.
+This permit helper is available to all subclasses of
+`ApplicationController`, not just ones that mix in
+{Aker::Rails::SecuredController}.  This means you can have a
+publically-accessible page which has additional/different content for a
+logged-in user.
 
 ### The current user
 
 Aker provides a method {Aker::Rails::Application#current_user
 current_user} to all controllers and views.  It will return a
-{Aker::User} object for the current user, or `nil` if there isn't
+`Aker::User` object for the current user, or `nil` if there isn't
 one.

data/lib/aker/rails/application.rb

@@ -22,16 +22,6 @@ module Aker::Rails
       end
     end
 
-    ##
-    # Sets up the aker global infrastructure that is not affected by
-    # Rails' development-mode class reloading.
-    #
-    # @return [void]
-    def self.one_time_setup
-      Aker::Rack.use_in(ActionController::Dispatcher.middleware)
-      Rack::Request.send(:include, Aker::Rack::RequestExt)
-    end
-
     ##
     # Exposes the logged-in user (if any) to the application.
     #

data/lib/aker/rails/configuration_ext.rb

@@ -0,0 +1,67 @@
+require 'aker/rails'
+require 'rails/application/configuration'
+
+module Aker::Rails
+  ##
+  # Provides sugar for configuring Aker via a Rails application's
+  # configuration.
+  #
+  # The methods in this module operate on Aker's global configuration,
+  # so changes made here will be visible on `Aker.configuration` and
+  # vice versa.
+  #
+  # While everything here could be done with direct calls to methods
+  # on `Aker`, this integration emphasizes that Aker configuration
+  # **must be done during the configuration phase** of Rails boot
+  # (i.e., in `config/application.rb` and
+  # `config/environments/{env}.rb`). If Aker configuration is done in
+  # the initialization phase or later, some features will not work
+  # correctly.
+  module ConfigurationExt
+    ##
+    # Access or update the Aker configuration in the context of this
+    # Rails application.
+    #
+    # **N.b.:** While this method allows you to update the
+    # configuration at any time, some configuration options will only
+    # take full effect if they are set during the application's
+    # initial boot.
+    #
+    # @example Reading the configuration
+    #   unless Rails.configuration.aker.api_modes.empty?
+    #     # do something that should only happen if API access is enabled
+    #   end
+    #
+    # @example Updating the configuration
+    #   # in config/environments/{environment}.rb
+    #   MyApp::Application.configure do
+    #     # ...
+    #     config.aker do
+    #       authority MyEnvSpecificAuthority
+    #     end
+    #     # ...
+    #   end
+    #
+    # @param [Proc] block a block of Aker's configuration DSL. If
+    #   given, it will be applied to the global Aker configuration.
+    # @return [Aker::Configuration] the global Aker configuration.
+    def aker(&block)
+      if block
+        Aker.configure(&block)
+      end
+      Aker.configuration
+    end
+
+    ##
+    # Completely replace the Aker configuration. This should only
+    # rarely (if ever) be necessary.
+    #
+    # @param [Aker::Configuration] aker_configuration the replacement configuration.
+    # @return [void]
+    def aker=(aker_configuration)
+      Aker.configuration = aker_configuration
+    end
+  end
+end
+
+Rails::Application::Configuration.send(:include, Aker::Rails::ConfigurationExt)

data/lib/aker/rails/railtie.rb

@@ -0,0 +1,30 @@
+require 'aker/rails'
+
+require 'rails/railtie'
+
+module Aker::Rails
+  class Railtie < ::Rails::Railtie
+    initializer 'Aker::Rails initialization' do |app|
+      Rails.logger.debug "Initializing Aker-Rails"
+
+      Aker.configure do
+        logger Rails.logger
+      end
+
+      Rack::Request.send(:include, Aker::Rack::RequestExt)
+    end
+
+    initializer 'Aker::Rails middleware installation' do |app|
+      Rails.logger.debug "Installing Aker rack middleware"
+      Rails.logger.debug "- UI mode:   #{Aker.configuration.ui_mode.inspect}"
+      Rails.logger.debug "- API modes: #{Aker.configuration.api_modes.inspect}"
+      Aker::Rack.use_in(app.middleware)
+    end
+
+    initializer 'Aker::Rails development support' do |app|
+      app.config.to_prepare do
+        ApplicationController.send(:include, Aker::Rails::Application)
+      end
+    end
+  end
+end

data/lib/aker/rails/secured_controller.rb

@@ -35,14 +35,6 @@ module Aker::Rails
       request.env['aker.check'].authentication_required!
     end
 
-    def handle_unverified_request
-      super
-
-      if request.env['aker.interactive']
-        request.env['aker.check'].user = nil
-      end
-    end
-
     ##
     # Extensions for the rails controller DSL for
     # authentication-required controllers.

data/lib/aker/rails/version.rb

@@ -2,6 +2,6 @@ module Aker
   module Rails
     # VERSION is in a separate file with no external dependencies so it
     # can be sourced from the gemspec.
-    VERSION = "2.0.3"
+    VERSION = "3.0.1"
   end
 end

data/lib/aker/rails.rb

@@ -10,7 +10,12 @@ module Aker
     autoload :VERSION, 'aker/rails/version'
 
     autoload :Application,       'aker/rails/application'
+    autoload :Railtie,           'aker/rails/railtie'
     autoload :SecuredController, 'aker/rails/secured_controller'
     autoload :Test,              'aker/rails/test'
   end
 end
+
+# This is directly required because the configuration extensions it
+# defines need to be automatically available when the plugin is loaded.
+require 'aker/rails/configuration_ext'

data/lib/aker-rails.rb

@@ -0,0 +1,12 @@
+##
+# This file, being the same name as its parent gem, is required via
+# `Bundler.require` by the stock `config/application.rb` in a Rails 3
+# application.
+#
+# (Just a note as to why this file works: Railtie registration is implemented
+# via a subclassing callback.  See `Rails::Railtie.inherited`.)
+#
+# If you change the `Bundler.require` behavior in your application's
+# `config/application.rb` such that `aker-rails` is not loaded, you will have
+# to load `aker/rails/railtie` yourself.
+require 'aker/rails/railtie'

data/spec/aker/rails/application_spec.rb

@@ -68,20 +68,4 @@ module Aker::Rails
       end
     end
   end
-
-  describe Application, ".one_time_setup" do
-    before do
-      Aker.configure { }
-
-      Application.one_time_setup
-    end
-
-    after do
-      Aker.configuration = nil
-    end
-
-    it "adds the aker middleware to the action controller middleware stack" do
-      ActionController::Dispatcher.middleware.should include(Aker::Rack::Setup)
-    end
-  end
 end

data/spec/aker/rails/configuration_ext_spec.rb

@@ -0,0 +1,50 @@
+require File.expand_path('../../../spec_helper', __FILE__)
+
+module Aker::Rails
+  describe ConfigurationExt do
+    it 'is automatically mixed into Rails::Application::Configuration' do
+      ::Rails::Application::Configuration.ancestors.should include(Aker::Rails::ConfigurationExt)
+    end
+
+    subject { ::Rails::Application::Configuration.new }
+
+    before do
+      Aker.configure { api_mode :http_basic }
+    end
+
+    after do
+      Aker.configuration = nil
+    end
+
+    describe '#aker' do
+      it 'returns the global Aker configuration' do
+        subject.aker.api_modes.should == [:http_basic]
+      end
+
+      describe 'with a block' do
+        before do
+          subject.aker {
+            portal :bar
+          }
+        end
+
+        it 'updates the global configuration' do
+          Aker.configuration.portal.should == :bar
+        end
+
+        it 'does not affect other settings' do
+          Aker.configuration.api_modes.should == [:http_basic]
+        end
+      end
+    end
+
+    describe '#aker=' do
+      it 'replaces the global Aker configuration' do
+        subject.aker = Aker::Configuration.new { portal :foo }
+
+        Aker.configuration.portal.should == :foo
+        Aker.configuration.api_modes.should == []
+      end
+    end
+  end
+end

data/spec/aker/rails/railtie_spec.rb

@@ -0,0 +1,17 @@
+require File.expand_path("../../../spec_helper", __FILE__)
+
+module Aker::Rails
+  describe Railtie do
+    it "uses Rails' logger for Aker logging" do
+      pending "need to figure out a good way to test railties"
+    end
+
+    it "installs the Aker middleware exactly once" do
+      pending "need to figure out a good way to test railties"
+    end
+
+    it "sets up a to_prepare hook for Aker::Rails::Application" do
+      pending "need to figure out a good way to test railties"
+    end
+  end
+end

data/spec/aker/rails/test/helpers_spec.rb

@@ -1,6 +1,6 @@
 require File.expand_path("../../../../spec_helper", __FILE__)
 require 'action_controller'
-require 'action_controller/test_process'
+require 'action_controller/test_case'
 
 module Aker::Rails::Test
   describe Helpers do

data/spec/spec_helper.rb

@@ -1,3 +1,7 @@
+require 'rubygems'
+require 'bundler'
+Bundler.setup
+
 require "spec"
 
 $LOAD_PATH.unshift File.expand_path("../../lib", __FILE__)

metadata

@@ -1,90 +1,116 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification 
 name: aker-rails
-version: !ruby/object:Gem::Version
-  version: 2.0.3
-  prerelease: 
+version: !ruby/object:Gem::Version 
+  hash: 5
+  prerelease: false
+  segments: 
+  - 3
+  - 0
+  - 1
+  version: 3.0.1
 platform: ruby
-authors:
+authors: 
 - David Yip
 - Rhett Sutphin
 - Peter Nyberg
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-01-04 00:00:00.000000000Z
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: rails
-  requirement: &2152515780 !ruby/object:Gem::Requirement
+
+date: 2011-07-20 00:00:00 -05:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id001 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
+    requirements: 
     - - ~>
-      - !ruby/object:Gem::Version
-        version: 2.3.11
-  type: :runtime
+      - !ruby/object:Gem::Version 
+        hash: 7
+        segments: 
+        - 3
+        - 0
+        version: "3.0"
+  requirement: *id001
+  name: rails
   prerelease: false
-  version_requirements: *2152515780
-- !ruby/object:Gem::Dependency
-  name: aker
-  requirement: &2152514380 !ruby/object:Gem::Requirement
+  type: :runtime
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id002 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
+    requirements: 
     - - ~>
-      - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :runtime
+      - !ruby/object:Gem::Version 
+        hash: 7
+        segments: 
+        - 3
+        - 0
+        version: "3.0"
+  requirement: *id002
+  name: aker
   prerelease: false
-  version_requirements: *2152514380
+  type: :runtime
 description: 
 email: r-sutphin@northwestern.edu
 executables: []
+
 extensions: []
+
 extra_rdoc_files: []
-files:
+
+files: 
 - CHANGELOG.md
 - README.md
 - lib/aker/rails/application.rb
+- lib/aker/rails/configuration_ext.rb
+- lib/aker/rails/railtie.rb
 - lib/aker/rails/secured_controller.rb
 - lib/aker/rails/test/helpers.rb
 - lib/aker/rails/test.rb
 - lib/aker/rails/version.rb
 - lib/aker/rails.rb
+- lib/aker-rails.rb
 - spec/aker/rails/application_spec.rb
+- spec/aker/rails/configuration_ext_spec.rb
+- spec/aker/rails/railtie_spec.rb
 - spec/aker/rails/secured_controller_spec.rb
 - spec/aker/rails/test/helpers_spec.rb
 - spec/aker/rails_spec.rb
 - spec/deprecation_helper.rb
 - spec/spec_helper.rb
-- rails/init.rb
+has_rdoc: true
 homepage: https://github.com/NUBIC/aker-rails
 licenses: []
+
 post_install_message: 
 rdoc_options: []
-require_paths:
+
+require_paths: 
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-      segments:
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
       - 0
-      hash: 2362672654052909796
-required_rubygems_version: !ruby/object:Gem::Requirement
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-      segments:
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
       - 0
-      hash: 2362672654052909796
+      version: "0"
 requirements: []
+
 rubyforge_project: 
-rubygems_version: 1.8.10
+rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
 summary: Easy Rails integration for the Aker security framework
 test_files: []
-has_rdoc: 
+

data/rails/init.rb

@@ -1,18 +0,0 @@
-require 'aker/rails'
-
-Rails.logger.debug "Initializing aker-rails"
-# We do this up here to allow the application to override if desired
-Aker.configure {
-  logger Rails.logger
-}
-config.after_initialize do
-  Aker::Rails::Application.one_time_setup
-
-  if config.cache_classes
-    ApplicationController.send(:include, Aker::Rails::Application)
-  else
-    config.to_prepare do
-      ApplicationController.send(:include, Aker::Rails::Application)
-    end
-  end
-end