apache_secure_download 0.2.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. data/ChangeLog +4 -0
  2. data/README +1 -1
  3. data/lib/apache/secure_download/version.rb +1 -1
  4. data/lib/apache/secure_download.rb +1 -1
  5. data/spec/apache/secure_download_spec.rb +13 -4
  6. metadata +4 -4
data/ChangeLog CHANGED
@@ -1,5 +1,9 @@
1
1
  = Revision history for apache_secure_download
2
2
 
3
+ == 0.2.1 [2011-11-08]
4
+
5
+ * Fixed case with missing parameter
6
+
3
7
  == 0.2.0 [2011-11-08]
4
8
 
5
9
  * Changed to use one query parameter only (Not backwards compatible!)
data/README CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  == VERSION
4
4
 
5
- This documentation refers to apache_secure_download version 0.2.0
5
+ This documentation refers to apache_secure_download version 0.2.1
6
6
 
7
7
 
8
8
  == DESCRIPTION
data/lib/apache/secure_download/version.rb CHANGED
@@ -6,7 +6,7 @@ module Apache
6
6
 
7
7
  MAJOR = 0
8
8
  MINOR = 2
9
- TINY = 0
9
+ TINY = 1
10
10
 
11
11
  class << self
12
12
 
data/lib/apache/secure_download.rb CHANGED
@@ -53,7 +53,7 @@ module Apache
53
53
  # If either condition doesn't hold true, access to the requested resource
54
54
  # is denied!
55
55
  def check_access(request)
56
- timestamp, token = Util.split(request.param(Util::TOKEN_KEY))
56
+ timestamp, token = Util.split(request.param(Util::TOKEN_KEY) || '')
57
57
 
58
58
  # Remove timestamp and token from query args
59
59
  request.args &&= Util.real_query(request.args)
data/spec/apache/secure_download_spec.rb CHANGED
@@ -78,6 +78,11 @@ describe Apache::SecureDownload do
78
78
  @handler = @class.new(@secret)
79
79
  end
80
80
 
81
+ it "should be forbidden without _asd parameter" do
82
+ mock_request(false)
83
+ @handler.check_access(@request).should == Apache::FORBIDDEN
84
+ end
85
+
81
86
  shared_examples "normally" do
82
87
 
83
88
  it_should_be_allowed "with correct secret"
@@ -237,11 +242,15 @@ describe Apache::SecureDownload do
237
242
 
238
243
  end
239
244
 
240
- def mock_request
241
- _asd = "#{'%010x' % @timestamp}#{@token}"
245
+ def mock_request(have_asd = true)
246
+ if have_asd
247
+ _asd = "#{'%010x' % @timestamp}#{@token}"
242
248
 
243
- args = "_asd=#{_asd}"
244
- args = "#{@args}&#{args}" if @args
249
+ args = "_asd=#{_asd}"
250
+ args = "#{@args}&#{args}" if @args
251
+ else
252
+ args = "#{@args}"
253
+ end
245
254
 
246
255
  clean_args = @class::Util.real_query(args)
247
256
 
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: apache_secure_download
3
3
  version: !ruby/object:Gem::Version
4
- hash: 23
4
+ hash: 21
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 2
9
- - 0
10
- version: 0.2.0
9
+ - 1
10
+ version: 0.2.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Jens Wille
@@ -47,7 +47,7 @@ licenses: []
47
47
  post_install_message:
48
48
  rdoc_options:
49
49
  - --title
50
- - apache_secure_download Application documentation (v0.2.0)
50
+ - apache_secure_download Application documentation (v0.2.1)
51
51
  - --line-numbers
52
52
  - --main
53
53
  - README