authlogic 3.5.0 → 3.8.0

data/lib/authlogic/acts_as_authentic/perishable_token.rb

@@ -1,9 +1,13 @@
 module Authlogic
   module ActsAsAuthentic
-    # This provides a handy token that is "perishable". Meaning the token is only good for a certain amount of time. This is perfect for
-    # resetting password, confirming accounts, etc. Typically during these actions you send them this token in via their email. Once they
-    # use the token and do what they need to do, that token should expire. Don't worry about maintaining this, changing it, or expiring it
-    # yourself. Authlogic does all of this for you. See the sub modules for all of the tools Authlogic provides to you.
+    # This provides a handy token that is "perishable". Meaning the token is
+    # only good for a certain amount of time. This is perfect for resetting
+    # password, confirming accounts, etc. Typically during these actions you
+    # send them this token in via their email. Once they use the token and do
+    # what they need to do, that token should expire. Don't worry about
+    # maintaining this, changing it, or expiring it yourself. Authlogic does all
+    # of this for you. See the sub modules for all of the tools Authlogic
+    # provides to you.
     module PerishableToken
       def self.included(klass)
         klass.class_eval do
@@ -14,8 +18,9 @@ module Authlogic
 
       # Change how the perishable token works.
       module Config
-        # When using the find_using_perishable_token method the token can expire. If the token is expired, no
-        # record will be returned. Use this option to specify how long the token is valid for.
+        # When using the find_using_perishable_token method the token can
+        # expire. If the token is expired, no record will be returned. Use this
+        # option to specify how long the token is valid for.
         #
         # * <tt>Default:</tt> 10.minutes
         # * <tt>Accepts:</tt> Fixnum
@@ -24,9 +29,10 @@ module Authlogic
         end
         alias_method :perishable_token_valid_for=, :perishable_token_valid_for
 
-        # Authlogic tries to expire and change the perishable token as much as possible, without compromising
-        # it's purpose. This is for security reasons. If you want to manage it yourself, you can stop
-        # Authlogic from getting your in way by setting this to true.
+        # Authlogic tries to expire and change the perishable token as much as
+        # possible, without compromising it's purpose. This is for security
+        # reasons. If you want to manage it yourself, you can stop Authlogic
+        # from getting your in way by setting this to true.
         #
         # * <tt>Default:</tt> false
         # * <tt>Accepts:</tt> Boolean
@@ -52,12 +58,14 @@ module Authlogic
 
         # Class level methods for the perishable token
         module ClassMethods
-          # Use this method to find a record with a perishable token. This method does 2 things for you:
+          # Use this method to find a record with a perishable token. This
+          # method does 2 things for you:
           #
           # 1. It ignores blank tokens
           # 2. It enforces the perishable_token_valid_for configuration option.
           #
-          # If you want to use a different timeout value, just pass it as the second parameter:
+          # If you want to use a different timeout value, just pass it as the
+          # second parameter:
           #
           #   User.find_using_perishable_token(token, 1.hour)
           def find_using_perishable_token(token, age = self.perishable_token_valid_for)
@@ -94,7 +102,8 @@ module Authlogic
             save_without_session_maintenance(:validate => false)
           end
 
-          # A convenience method based on the disable_perishable_token_maintenance configuration option.
+          # A convenience method based on the
+          # disable_perishable_token_maintenance configuration option.
           def disable_perishable_token_maintenance?
             self.class.disable_perishable_token_maintenance == true
           end

data/lib/authlogic/acts_as_authentic/restful_authentication.rb

@@ -1,6 +1,7 @@
 module Authlogic
   module ActsAsAuthentic
-    # This module is responsible for transitioning existing applications from the restful_authentication plugin.
+    # This module is responsible for transitioning existing applications from
+    # the restful_authentication plugin.
     module RestfulAuthentication
       def self.included(klass)
         klass.class_eval do
@@ -10,10 +11,13 @@ module Authlogic
       end
 
       module Config
-        # Switching an existing app to Authlogic from restful_authentication? No problem, just set this true and your users won't know
-        # anything changed. From your database perspective nothing will change at all. Authlogic will continue to encrypt passwords
-        # just like restful_authentication, so your app won't skip a beat. Although, might consider transitioning your users to a newer
-        # and stronger algorithm. Checkout the transition_from_restful_authentication option.
+        # Switching an existing app to Authlogic from restful_authentication? No
+        # problem, just set this true and your users won't know anything
+        # changed. From your database perspective nothing will change at all.
+        # Authlogic will continue to encrypt passwords just like
+        # restful_authentication, so your app won't skip a beat. Although, might
+        # consider transitioning your users to a newer and stronger algorithm.
+        # Checkout the transition_from_restful_authentication option.
         #
         # * <tt>Default:</tt> false
         # * <tt>Accepts:</tt> Boolean
@@ -24,10 +28,13 @@ module Authlogic
         end
         alias_method :act_like_restful_authentication=, :act_like_restful_authentication
 
-        # This works just like act_like_restful_authentication except that it will start transitioning your users to the algorithm you
-        # specify with the crypto provider option. The next time they log in it will resave their password with the new algorithm
-        # and any new record will use the new algorithm as well. Make sure to update your users table if you are using the default
-        # migration since it will set crypted_password and salt columns to a maximum width of 40 characters which is not enough.
+        # This works just like act_like_restful_authentication except that it
+        # will start transitioning your users to the algorithm you specify with
+        # the crypto provider option. The next time they log in it will resave
+        # their password with the new algorithm and any new record will use the
+        # new algorithm as well. Make sure to update your users table if you are
+        # using the default migration since it will set crypted_password and
+        # salt columns to a maximum width of 40 characters which is not enough.
         def transition_from_restful_authentication(value = nil)
           r = rw_config(:transition_from_restful_authentication, value, false)
           set_restful_authentication_config if value

data/lib/authlogic/acts_as_authentic/session_maintenance.rb

@@ -102,7 +102,8 @@ module Authlogic
           end
 
           def get_session_information
-            # Need to determine if we are completely logged out, or logged in as another user
+            # Need to determine if we are completely logged out, or logged in as
+            # another user.
             @_sessions = []
 
             session_ids.each do |session_id|
@@ -120,8 +121,9 @@ module Authlogic
           end
 
           def create_session
-            # We only want to automatically login into the first session, since this is the main session. The other sessions are sessions
-            # that need to be created after logging into the main session.
+            # We only want to automatically login into the first session, since
+            # this is the main session. The other sessions are sessions that
+            # need to be created after logging into the main session.
             session_id = session_ids.first
             session_class.create(*[self, self, session_id].compact)
 

data/lib/authlogic/authenticates_many/association.rb

@@ -1,14 +1,17 @@
 module Authlogic
   module AuthenticatesMany
-    # An object of this class is used as a proxy for the authenticates_many relationship. It basically allows you to "save" scope details
-    # and call them on an object, which allows you to do the following:
+    # An object of this class is used as a proxy for the authenticates_many
+    # relationship. It basically allows you to "save" scope details and call
+    # them on an object, which allows you to do the following:
     #
     #   @account.user_sessions.new
     #   @account.user_sessions.find
     #   # ... etc
     #
-    # You can call all of the class level methods off of an object with a saved scope, so that calling the above methods scopes the user
-    # sessions down to that specific account. To implement this via ActiveRecord do something like:
+    # You can call all of the class level methods off of an object with a saved
+    # scope, so that calling the above methods scopes the user sessions down to
+    # that specific account. To implement this via ActiveRecord do something
+    # like:
     #
     #   class User < ActiveRecord::Base
     #     authenticates_many :user_sessions
@@ -16,6 +19,10 @@ module Authlogic
     class Association
       attr_accessor :klass, :find_options, :id
 
+      # - id: Usually `nil`, but if the `scope_cookies` option is used, then
+      #   `id` is a string like "company_123". It may seem strange to refer
+      #   to such a string as an "id", but the naming is intentional, and
+      #   is derived from `Authlogic::Session::Id`.
       def initialize(klass, find_options, id)
         self.klass = klass
         self.find_options = find_options

data/lib/authlogic/authenticates_many/base.rb

@@ -43,17 +43,18 @@ module Authlogic
       # * <tt>scope_cookies:</tt> default: false
       #   By the nature of cookies they scope themselves if you are using subdomains to
       #   access accounts. If you aren't using subdomains you need to have separate
-      #   cookies for each account, assuming a user is logging into mroe than one account.
+      #   cookies for each account, assuming a user is logging into more than one account.
       #   Authlogic can take care of this for you by prefixing the name of the cookie and
-      #   sessin with the model id. You just need to tell Authlogic to do this by passing
-      #   this option.
+      #   session with the model id. Because it affects both cookies names and session keys,
+      #   the name `scope_cookies` is misleading. Perhaps simply `scope` or `scoped`
+      #   would have been better.
       def authenticates_many(name, options = {})
         options[:session_class] ||= name.to_s.classify.constantize
         options[:relationship_name] ||= options[:session_class].klass_name.underscore.pluralize
         class_eval <<-"end_eval", __FILE__, __LINE__
           def #{name}
             find_options = #{options[:find_options].inspect} || #{options[:relationship_name]}.where(nil)
-            @#{name} ||= Authlogic::AuthenticatesMany::Association.new(#{options[:session_class]}, find_options, #{options[:scope_cookies] ? "self.class.model_name.underscore + '_' + self.send(self.class.primary_key).to_s" : "nil"})
+            @#{name} ||= Authlogic::AuthenticatesMany::Association.new(#{options[:session_class]}, find_options, #{options[:scope_cookies] ? "self.class.model_name.name.underscore + '_' + self.send(self.class.primary_key).to_s" : "nil"})
           end
         end_eval
       end

data/lib/authlogic/controller_adapters/rack_adapter.rb

@@ -43,9 +43,13 @@ module Authlogic
         request = Rack::Request.new(env)
 
         request.instance_eval do
-          def request; self; end
+          def request
+            self
+          end
 
-          def remote_ip; self.ip; end
+          def remote_ip
+            self.ip
+          end
         end
 
         super(request)

data/lib/authlogic/controller_adapters/rails_adapter.rb

@@ -2,8 +2,10 @@ require 'action_controller'
 
 module Authlogic
   module ControllerAdapters
-    # Adapts authlogic to work with rails. The point is to close the gap between what authlogic expects and what the rails controller object
-    # provides. Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite, etc.
+    # Adapts authlogic to work with rails. The point is to close the gap between
+    # what authlogic expects and what the rails controller object provides.
+    # Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite,
+    # etc.
     class RailsAdapter < AbstractAdapter
       class AuthlogicLoadedTooLateError < StandardError; end
 
@@ -31,12 +33,13 @@ module Authlogic
           if defined?(::ApplicationController)
             raise AuthlogicLoadedTooLateError.new(
               <<-EOS.strip_heredoc
-                Authlogic is trying to add a callback to ActionController::Base but
-                ApplicationController has already been loaded, so the callback won't
-                be copied into your application. Generally this is due to another gem or
-                plugin requiring your ApplicationController prematurely, such as the
-                resource_controller plugin. Please require Authlogic first, before these
-                other gems / plugins.
+                Authlogic is trying to add a callback to ActionController::Base
+                but ApplicationController has already been loaded, so the
+                callback won't be copied into your application. Generally this
+                is due to another gem or plugin requiring your
+                ApplicationController prematurely, such as the
+                resource_controller plugin. Please require Authlogic first,
+                before these other gems / plugins.
               EOS
             )
           end

data/lib/authlogic/crypto_providers/aes256.rb

@@ -38,8 +38,27 @@ module Authlogic
         private
 
           def aes
-            raise ArgumentError.new("You must provide a key like #{name}.key = my_key before using the #{name}") if @key.blank?
-            @aes ||= OpenSSL::Cipher::Cipher.new("AES-256-ECB")
+            if @key.blank?
+              raise ArgumentError.new(
+                "You must provide a key like #{name}.key = my_key before using the #{name}"
+              )
+            end
+
+            @aes ||= openssl_cipher_class.new("AES-256-ECB")
+          end
+
+          # `::OpenSSL::Cipher::Cipher` has been deprecated since at least 2014,
+          # in favor of `::OpenSSL::Cipher`, but a deprecation warning was not
+          # printed until 2016
+          # (https://github.com/ruby/openssl/commit/5c20a4c014) when openssl
+          # became a gem. Its first release as a gem was 2.0.0, in ruby 2.4.
+          # (See https://github.com/ruby/ruby/blob/v2_4_0/NEWS)
+          def openssl_cipher_class
+            if ::Gem::Version.new(::OpenSSL::VERSION) < ::Gem::Version.new("2.0.0")
+              ::OpenSSL::Cipher::Cipher
+            else
+              ::OpenSSL::Cipher
+            end
           end
       end
     end

data/lib/authlogic/crypto_providers/bcrypt.rb

@@ -56,7 +56,10 @@ module Authlogic
 
         def cost=(val)
           if val < ::BCrypt::Engine::MIN_COST
-            raise ArgumentError.new("Authlogic's bcrypt cost cannot be set below the engine's min cost (#{::BCrypt::Engine::MIN_COST})")
+            raise ArgumentError.new(
+              "Authlogic's bcrypt cost cannot be set below the engine's " \
+                "min cost (#{::BCrypt::Engine::MIN_COST})"
+            )
           end
           @cost = val
         end

data/lib/authlogic/crypto_providers/sha512.rb

@@ -1,22 +1,25 @@
 require "digest/sha2"
 
 module Authlogic
-  # The acts_as_authentic method has a crypto_provider option. This allows you to use any type of encryption you like.
-  # Just create a class with a class level encrypt and matches? method. See example below.
+  # The acts_as_authentic method has a crypto_provider option. This allows you
+  # to use any type of encryption you like. Just create a class with a class
+  # level encrypt and matches? method. See example below.
   #
   # === Example
   #
   #   class MyAwesomeEncryptionMethod
   #     def self.encrypt(*tokens)
-  #       # the tokens passed will be an array of objects, what type of object is irrelevant,
-  #       # just do what you need to do with them and return a single encrypted string.
-  #       # for example, you will most likely join all of the objects into a single string and then encrypt that string
+  #       # The tokens passed will be an array of objects, what type of object
+  #       # is irrelevant, just do what you need to do with them and return a
+  #       # single encrypted string. For example, you will most likely join all
+  #       # of the objects into a single string and then encrypt that string.
   #     end
   #
   #     def self.matches?(crypted, *tokens)
-  #       # return true if the crypted string matches the tokens.
-  #       # depending on your algorithm you might decrypt the string then compare it to the token, or you might
-  #       # encrypt the tokens and make sure it matches the crypted string, its up to you
+  #       # Return true if the crypted string matches the tokens. Depending on
+  #       # your algorithm you might decrypt the string then compare it to the
+  #       # token, or you might encrypt the tokens and make sure it matches the
+  #       # crypted string, its up to you.
   #     end
   #   end
   module CryptoProviders
@@ -27,7 +30,8 @@ module Authlogic
       class << self
         attr_accessor :join_token
 
-        # The number of times to loop through the encryption. This is twenty because that is what restful_authentication defaults to.
+        # The number of times to loop through the encryption. This is twenty
+        # because that is what restful_authentication defaults to.
         def stretches
           @stretches ||= 20
         end
@@ -40,7 +44,8 @@ module Authlogic
           digest
         end
 
-        # Does the crypted password match the tokens? Uses the same tokens that were used to encrypt.
+        # Does the crypted password match the tokens? Uses the same tokens that
+        # were used to encrypt.
         def matches?(crypted, *tokens)
           encrypt(*tokens) == crypted
         end

data/lib/authlogic/regex.rb

@@ -5,15 +5,16 @@ module Authlogic
   #
   #   validates_format_of :my_email_field, :with => Authlogic::Regex.email
   module Regex
-    # A general email regular expression. It allows top level domains (TLD) to be from 2 - 13 in length.
-    # The decisions behind this regular expression were made by analyzing the list of top-level domains
-    # maintained by IANA and by reading this website: http://www.regular-expressions.info/email.html,
-    # which is an excellent resource for regular expressions.
+    # A general email regular expression. It allows top level domains (TLD) to be from 2 -
+    # 24 in length. The decisions behind this regular expression were made by analyzing
+    # the list of top-level domains maintained by IANA and by reading this website:
+    # http://www.regular-expressions.info/email.html, which is an excellent resource for
+    # regular expressions.
     def self.email
       @email_regex ||= begin
         email_name_regex  = '[A-Z0-9_\.&%\+\-\']+'
         domain_head_regex = '(?:[A-Z0-9\-]+\.)+'
-        domain_tld_regex  = '(?:[A-Z]{2,13})'
+        domain_tld_regex  = '(?:[A-Z]{2,25})'
         /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
       end
     end
@@ -33,7 +34,7 @@ module Authlogic
       @email_nonascii_regex ||= begin
         email_name_regex  = '[^[:cntrl:][@\[\]\^ \!\"#$\(\)*,/:;<=>\?`{|}~\\\]]+'
         domain_head_regex = '(?:[^[:cntrl:][@\[\]\^ \!\"#$&\(\)*,/:;<=>\?`{|}~\\\_\.%\+\']]+\.)+'
-        domain_tld_regex  = '(?:[^[:cntrl:][@\[\]\^ \!\"#$&\(\)*,/:;<=>\?`{|}~\\\_\.%\+\-\'0-9]]{2,13})'
+        domain_tld_regex  = '(?:[^[:cntrl:][@\[\]\^ \!\"#$&\(\)*,/:;<=>\?`{|}~\\\_\.%\+\-\'0-9]]{2,25})'
         /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/
       end
     end

data/lib/authlogic/session/activation.rb

@@ -2,9 +2,11 @@ require 'request_store'
 
 module Authlogic
   module Session
-    # Activating Authlogic requires that you pass it an Authlogic::ControllerAdapters::AbstractAdapter object, or a class that extends it.
-    # This is sort of like a database connection for an ORM library, Authlogic can't do anything until it is "connected" to a controller.
-    # If you are using a supported framework, Authlogic takes care of this for you.
+    # Activating Authlogic requires that you pass it an
+    # Authlogic::ControllerAdapters::AbstractAdapter object, or a class that
+    # extends it. This is sort of like a database connection for an ORM library,
+    # Authlogic can't do anything until it is "connected" to a controller. If
+    # you are using a supported framework, Authlogic takes care of this for you.
     module Activation
       class NotActivatedError < ::StandardError # :nodoc:
         def initialize(session)
@@ -20,17 +22,24 @@ module Authlogic
       end
 
       module ClassMethods
-        # Returns true if a controller has been set and can be used properly. This MUST be set before anything can be done.
-        # Similar to how ActiveRecord won't allow you to do anything without establishing a DB connection. In your framework
-        # environment this is done for you, but if you are using Authlogic outside of your framework, you need to assign a controller
-        # object to Authlogic via Authlogic::Session::Base.controller = obj. See the controller= method for more information.
+        # Returns true if a controller has been set and can be used properly.
+        # This MUST be set before anything can be done. Similar to how
+        # ActiveRecord won't allow you to do anything without establishing a DB
+        # connection. In your framework environment this is done for you, but if
+        # you are using Authlogic outside of your framework, you need to assign
+        # a controller object to Authlogic via
+        # Authlogic::Session::Base.controller = obj. See the controller= method
+        # for more information.
         def activated?
           !controller.nil?
         end
 
-        # This accepts a controller object wrapped with the Authlogic controller adapter. The controller adapters close the gap
-        # between the different controllers in each framework. That being said, Authlogic is expecting your object's class to
-        # extend Authlogic::ControllerAdapters::AbstractAdapter. See Authlogic::ControllerAdapters for more info.
+        # This accepts a controller object wrapped with the Authlogic controller
+        # adapter. The controller adapters close the gap between the different
+        # controllers in each framework. That being said, Authlogic is expecting
+        # your object's class to extend
+        # Authlogic::ControllerAdapters::AbstractAdapter. See
+        # Authlogic::ControllerAdapters for more info.
         #
         # Lastly, this is thread safe.
         def controller=(value)

data/lib/authlogic/session/cookies.rb

@@ -91,7 +91,9 @@ module Authlogic
           values = value.is_a?(Array) ? value : [value]
           case values.first
           when Hash
-            self.remember_me = values.first.with_indifferent_access[:remember_me] if values.first.with_indifferent_access.key?(:remember_me)
+            if values.first.with_indifferent_access.key?(:remember_me)
+              self.remember_me = values.first.with_indifferent_access[:remember_me]
+            end
           else
             r = values.find { |value| value.is_a?(TrueClass) || value.is_a?(FalseClass) }
             self.remember_me = r if !r.nil?

data/lib/authlogic/session/id.rb

@@ -1,6 +1,7 @@
 module Authlogic
   module Session
-    # Allows you to separate sessions with an id, ultimately letting you create multiple sessions for the same user.
+    # Allows you to separate sessions with an id, ultimately letting you create
+    # multiple sessions for the same user.
     module Id
       def self.included(klass)
         klass.class_eval do
@@ -15,18 +16,23 @@ module Authlogic
         self.id = values.last if values.last.is_a?(Symbol)
       end
 
-      # Allows you to set a unique identifier for your session, so that you can have more than 1 session at a time.
-      # A good example when this might be needed is when you want to have a normal user session and a "secure" user session.
-      # The secure user session would be created only when they want to modify their billing information, or other sensitive
-      # information. Similar to me.com. This requires 2 user sessions. Just use an id for the "secure" session and you should be good.
+      # Allows you to set a unique identifier for your session, so that you can
+      # have more than 1 session at a time. A good example when this might be
+      # needed is when you want to have a normal user session and a "secure"
+      # user session. The secure user session would be created only when they
+      # want to modify their billing information, or other sensitive
+      # information. Similar to me.com. This requires 2 user sessions. Just use
+      # an id for the "secure" session and you should be good.
       #
-      # You can set the id during initialization (see initialize for more information), or as an attribute:
+      # You can set the id during initialization (see initialize for more
+      # information), or as an attribute:
       #
       #   session.id = :my_id
       #
       # Just be sure and set your id before you save your session.
       #
-      # Lastly, to retrieve your session with the id check out the find class method.
+      # Lastly, to retrieve your session with the id check out the find class
+      # method.
       def id
         @id
       end

data/lib/authlogic/session/magic_columns.rb

@@ -74,14 +74,18 @@ module Authlogic
             end
           end
 
-          # This method lets authlogic know whether it should allow the last_request_at field to be updated
-          # with the current time (Time.now). One thing to note here is that it also checks for the existence of a
-          # last_request_update_allowed? method in your controller. This allows you to control this method pragmatically
-          # in your controller.
+          # This method lets authlogic know whether it should allow the
+          # last_request_at field to be updated with the current time
+          # (Time.now). One thing to note here is that it also checks for the
+          # existence of a last_request_update_allowed? method in your
+          # controller. This allows you to control this method pragmatically in
+          # your controller.
           #
-          # For example, what if you had a javascript function that polled the server updating how much time is left in their
-          # session before it times out. Obviously you would want to ignore this request, because then the user would never time out.
-          # So you can do something like this in your controller:
+          # For example, what if you had a javascript function that polled the
+          # server updating how much time is left in their session before it
+          # times out. Obviously you would want to ignore this request, because
+          # then the user would never time out. So you can do something like
+          # this in your controller:
           #
           #   def last_request_update_allowed?
           #     action_name != "update_session_time_left"
@@ -89,9 +93,14 @@ module Authlogic
           #
           # You can do whatever you want with that method.
           def set_last_request_at? # :doc:
-            return false if !record || !klass.column_names.include?("last_request_at")
-            return false if controller.responds_to_last_request_update_allowed? && !controller.last_request_update_allowed?
-            record.last_request_at.blank? || last_request_at_threshold.to_i.seconds.ago >= record.last_request_at
+            if !record || !klass.column_names.include?("last_request_at")
+              return false
+            end
+            if controller.responds_to_last_request_update_allowed? && !controller.last_request_update_allowed?
+              return false
+            end
+            record.last_request_at.blank? ||
+              last_request_at_threshold.to_i.seconds.ago >= record.last_request_at
           end
 
           def set_last_request_at

data/lib/authlogic/session/magic_states.rb

@@ -58,7 +58,13 @@ module Authlogic
             return true if attempted_record.nil?
             [:active, :approved, :confirmed].each do |required_status|
               if attempted_record.respond_to?("#{required_status}?") && !attempted_record.send("#{required_status}?")
-                errors.add(:base, I18n.t("error_messages.not_#{required_status}", :default => "Your account is not #{required_status}"))
+                errors.add(
+                  :base,
+                  I18n.t(
+                    "error_messages.not_#{required_status}",
+                    :default => "Your account is not #{required_status}"
+                  )
+                )
                 return false
               end
             end