aker 3.0.1 → 3.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (14) hide show
  1. data/CHANGELOG.md +9 -0
  2. data/lib/aker/cas/middleware/ticket_remover.rb +5 -2
  3. data/lib/aker/user.rb +4 -1
  4. data/lib/aker/version.rb +1 -1
  5. data/spec/aker/cas/middleware/ticket_remover_spec.rb +30 -8
  6. data/spec/aker/cas/proxy_mode_spec.rb +1 -1
  7. data/spec/aker/cas/service_mode_spec.rb +1 -1
  8. data/spec/aker/form/a_form_mode.rb +1 -1
  9. data/spec/aker/ldap/authority_spec.rb +1 -1
  10. data/spec/aker/modes/a_aker_mode.rb +1 -1
  11. data/spec/aker/modes/http_basic_spec.rb +1 -1
  12. data/spec/aker/user_spec.rb +19 -0
  13. data/spec/spec_helper.rb +1 -1
  14. metadata +9 -6
data/CHANGELOG.md CHANGED
@@ -1,6 +1,15 @@
1
1
  Aker History
2
2
  ============
3
3
 
4
+ 3.0.2
5
+ -----
6
+ - Added missing LICENSE file. Aker is made available under the MIT
7
+ license. (#9)
8
+ - Fixed: `Aker::Cas::Middleware::TicketRemover` now sets its response's
9
+ Content-Type. `TicketRemover` also now returns a link to the cleaned URI,
10
+ following recommendations set forth in RFC 2616. (#10)
11
+ - Added: `Aker::User#permit?` accepts an `:affiliate_ids` option. (#11)
12
+
4
13
  3.0.1
5
14
  -----
6
15
  - Fixed: with AS3, using `active_support/core_ext` requires the i18n
data/lib/aker/cas/middleware/ticket_remover.rb CHANGED
@@ -15,8 +15,11 @@ module Aker::Cas::Middleware
15
15
 
16
16
  def call(env)
17
17
  if authenticated?(env) && ticket_present?(env)
18
- url = Aker::Cas::ServiceUrl.service_url(Rack::Request.new(env))
19
- [301, { 'Location' => url }, ["Removing authenticated CAS ticket"] ]
18
+ request = Rack::Request.new(env)
19
+ url = Aker::Cas::ServiceUrl.service_url(request)
20
+ body = request.get? ? [%Q{<a href="#{url}">Click here to continue</a>}] : []
21
+
22
+ [301, { 'Location' => url, 'Content-Type' => 'text/html' }, body]
20
23
  else
21
24
  @app.call(env)
22
25
  end
data/lib/aker/user.rb CHANGED
@@ -68,6 +68,7 @@ module Aker
68
68
  # @param [Hash] options additional constraints on the query
69
69
  # @option options [#to_sym] :portal (#default_portal) the portal
70
70
  # within which to do the group check
71
+ # @option options [Array] :affiliate_ids ([]) Affiliate ids constraining group membership
71
72
  # @return [Boolean]
72
73
  #
73
74
  # @overload permit?(*groups, options={}, &block)
@@ -78,17 +79,19 @@ module Aker
78
79
  # @param [Hash] options additional constraints on the condition
79
80
  # @option options [#to_sym] :portal (#default_portal) the portal
80
81
  # within which to do the group check
82
+ # @option options [Array] :affiliate_ids ([]) Affiliate ids constraining group membership
81
83
  # @return [Object,nil] the value of the block if it is
82
84
  # executed; otherwise nil
83
85
  def permit?(*args)
84
86
  options = args.last.is_a?(Hash) ? args.pop : { }
85
87
  portal = options[:portal] || default_portal
88
+ affiliate_ids = options[:affiliate_ids] || []
86
89
 
87
90
  permitted =
88
91
  if args.empty?
89
92
  may_access?(portal)
90
93
  else
91
- args.detect { |group| group_memberships(portal).include?(group.to_sym) }
94
+ args.detect { |group| group_memberships(portal).include?(group.to_sym, *affiliate_ids) }
92
95
  end
93
96
 
94
97
  if block_given?
data/lib/aker/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Aker
2
- VERSION = "3.0.1"
2
+ VERSION = "3.0.2"
3
3
  end
data/spec/aker/cas/middleware/ticket_remover_spec.rb CHANGED
@@ -29,19 +29,41 @@ module Aker::Cas::Middleware
29
29
  last_response.body.should == 'Requested content'
30
30
  end
31
31
 
32
- context 'ticket is present and the user is authenticated' do
33
- before do
34
- env['aker.check'] = Aker::Rack::Facade.new(Aker.configuration, Aker::User.new('jo'))
32
+ context 'with ticket and successful authentication' do
33
+ shared_examples_for 'a ticket cleaner' do |method|
34
+ before do
35
+ env['aker.check'] = Aker::Rack::Facade.new(Aker.configuration, Aker::User.new('jo'))
35
36
 
36
- get '/foo?ticket=ST-45&q=bar', {}, env
37
+ send(method, '/foo?ticket=ST-45&q=bar', {}, env)
38
+ end
39
+
40
+ it 'sends a permanent redirect' do
41
+ last_response.status.should == 301
42
+ end
43
+
44
+ it 'redirects to the same URI without the ticket' do
45
+ last_response.headers['Location'].should == 'http://example.org/foo?q=bar'
46
+ end
47
+
48
+ it 'has Content-Type text/html' do
49
+ last_response.headers['Content-Type'].should == 'text/html'
50
+ end
37
51
  end
38
52
 
39
- it 'sends a permanent redirect' do
40
- last_response.status.should == 301
53
+ context 'on GET' do
54
+ it_should_behave_like 'a ticket cleaner', :get do
55
+ it 'has a link to the cleaned URI in its body' do
56
+ last_response.body.should == %q{<a href="http://example.org/foo?q=bar">Click here to continue</a>}
57
+ end
58
+ end
41
59
  end
42
60
 
43
- it 'redirects to the same URI without the ticket' do
44
- last_response.headers['Location'].should == 'http://example.org/foo?q=bar'
61
+ context 'on HEAD' do
62
+ it_should_behave_like 'a ticket cleaner', :head do
63
+ it 'has an empty body' do
64
+ last_response.body.should be_empty
65
+ end
66
+ end
45
67
  end
46
68
  end
47
69
  end
data/spec/aker/cas/proxy_mode_spec.rb CHANGED
@@ -11,7 +11,7 @@ module Aker::Cas
11
11
  @env['aker.configuration'] = Aker::Configuration.new
12
12
  end
13
13
 
14
- it_should_behave_like "a aker mode"
14
+ it_should_behave_like "an aker mode"
15
15
 
16
16
  describe "#key" do
17
17
  it "is :cas_proxy" do
data/spec/aker/cas/service_mode_spec.rb CHANGED
@@ -11,7 +11,7 @@ module Aker::Cas
11
11
  @mode = ServiceMode.new(@env, @scope)
12
12
  end
13
13
 
14
- it_should_behave_like "a aker mode"
14
+ it_should_behave_like "an aker mode"
15
15
 
16
16
  describe "#key" do
17
17
  it "is :cas" do
data/spec/aker/form/a_form_mode.rb CHANGED
@@ -13,7 +13,7 @@ module Aker::Form
13
13
  @mode = Mode.new(@env, @scope)
14
14
  end
15
15
 
16
- it_should_behave_like "a aker mode"
16
+ it_should_behave_like "an aker mode"
17
17
 
18
18
  describe "#kind" do
19
19
  it "is :user" do
data/spec/aker/ldap/authority_spec.rb CHANGED
@@ -13,7 +13,7 @@ module Aker::Ldap
13
13
  :ldif => File.expand_path("../ldap-users.ldif", __FILE__),
14
14
  :domain => "dc=northwestern,dc=edu",
15
15
  :port => 3897 + port_offset,
16
- :timeout => ENV['AKER_ENV'] ? 45 : 15 # the CI server is slow sometimes
16
+ :timeout => ENV['CI_RUBY'] ? 90 : 15 # the CI server is slow sometimes
17
17
  )
18
18
  end
19
19
 
data/spec/aker/modes/a_aker_mode.rb CHANGED
@@ -6,7 +6,7 @@ require 'warden'
6
6
  #
7
7
  # * @mode: an instance of the mode under test
8
8
  # * @env: a Rack environment used by the mode
9
- shared_examples_for "a aker mode" do
9
+ shared_examples_for "an aker mode" do
10
10
  it "is a Warden strategy" do
11
11
  (@mode.class < Warden::Strategies::Base).should be_true
12
12
  end
data/spec/aker/modes/http_basic_spec.rb CHANGED
@@ -12,7 +12,7 @@ module Aker::Modes
12
12
  @env['aker.configuration'] = Aker::Configuration.new
13
13
  end
14
14
 
15
- it_should_behave_like "a aker mode"
15
+ it_should_behave_like "an aker mode"
16
16
 
17
17
  describe "#key" do
18
18
  it "is :http_basic" do
data/spec/aker/user_spec.rb CHANGED
@@ -143,6 +143,24 @@ module Aker
143
143
  end
144
144
  end
145
145
 
146
+ describe "with affiliate_ids" do
147
+ before do
148
+ affiliated_membership = GroupMembership.new(Group.new('Affiliated'))
149
+ affiliated_membership.affiliate_ids = [1]
150
+ @user.group_memberships(:NOTIS) << affiliated_membership
151
+ @user.group_memberships(:ENU) << affiliated_membership
152
+ end
153
+ it "returns true if the user is in the group for that affiliate id" do
154
+ @user.permit?(:Affiliated, :affiliate_ids => [1]).should be_true
155
+ end
156
+ it "returns false if the user in the group for a different affiliate id" do
157
+ @user.permit?(:Affiliated, :affiliate_ids => [4]).should be_false
158
+ end
159
+ it "returns true if user in group if affiliate_ids is empty array" do
160
+ @user.permit?(:Affiliated, :affiliate_ids => []).should be_true
161
+ end
162
+ end
163
+
146
164
  describe "with a block" do
147
165
  it "yields to a passed block if the user matches the group" do
148
166
  executed = nil
@@ -170,6 +188,7 @@ module Aker
170
188
  @user.permit?(:Admin) { "block value" }.should == nil
171
189
  end
172
190
  end
191
+
173
192
  end
174
193
 
175
194
  describe "#merge!" do
data/spec/spec_helper.rb CHANGED
@@ -33,7 +33,7 @@ RSpec.configure do |config|
33
33
  end
34
34
 
35
35
  def port_offset
36
- base = case ENV["AKER_ENV"]
36
+ base = case ENV['CI_RUBY']
37
37
  when /jruby/
38
38
  17
39
39
  when /1.9/
metadata CHANGED
@@ -1,22 +1,24 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aker
3
3
  version: !ruby/object:Gem::Version
4
- hash: 5
5
- prerelease:
4
+ hash: 3
5
+ prerelease: false
6
6
  segments:
7
7
  - 3
8
8
  - 0
9
- - 1
10
- version: 3.0.1
9
+ - 2
10
+ version: 3.0.2
11
11
  platform: ruby
12
12
  authors:
13
13
  - Rhett Sutphin
14
14
  - David Yip
15
+ - William Dix
15
16
  autorequire:
16
17
  bindir: bin
17
18
  cert_chain: []
18
19
 
19
- date: 2011-08-05 00:00:00 Z
20
+ date: 2011-10-07 00:00:00 -05:00
21
+ default_executable:
20
22
  dependencies:
21
23
  - !ruby/object:Gem::Dependency
22
24
  name: rubytree
@@ -238,6 +240,7 @@ files:
238
240
  - spec/matchers.rb
239
241
  - spec/mock_builder.rb
240
242
  - spec/spec_helper.rb
243
+ has_rdoc: true
241
244
  homepage: https://github.com/NUBIC/aker
242
245
  licenses: []
243
246
 
@@ -267,7 +270,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
267
270
  requirements: []
268
271
 
269
272
  rubyforge_project:
270
- rubygems_version: 1.8.6
273
+ rubygems_version: 1.3.7
271
274
  signing_key:
272
275
  specification_version: 3
273
276
  summary: A flexible authentication and authorization framework for Rack applications.