RubyGems - authpwn_rails - Versions diffs - 0.19.0 → 0.20.0 - Mend

authpwn_rails 0.19.0 → 0.20.0

Files changed (13) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b76fa7bb9964950285b988fce4ce50ae02422203
-  data.tar.gz: b42a0461e9b585c6665ec6234b20ef6b6e03768b
+  metadata.gz: e74b051ae5f60f59a12f722ab166d5fc2b263493
+  data.tar.gz: 390e8ffb67cd7094dd54da1006742f94f6bce1fc
 SHA512:
-  metadata.gz: 8d0c4438b497736367d0c5cb2fc567272b623f5770e8b88c98ae74f3c652584aedee57d97f3b74e0066611598cba35bca18200b2d56b64ed2b893b02c8c8247f
-  data.tar.gz: c5635580b753dc43ee7bdc330b605982d06c84efa60a7a85811b506f76f22569c4d5e4e2376bf4b283cfc8479ec4d5c650e6ffc0d1fc09e24659f45826a149dc
+  metadata.gz: f7182e18579ef2e3bd789025dfdefede81eafa12ed40dd0ad24950ab9ea24f5c8b7d73a4b89b4b8291d32eed0129b6cd13a6327f997f8dbdad0fc3ba851b047e
+  data.tar.gz: 14b118e149594915b6d4f6b141a2099f819da1e26f798a7e95e7900fea0be7b2cbc2f4350b7e11d37b4cc5128a0de9d1d186e50f0214b4bf10cc8d51eea65e2f

data/VERSION CHANGED Viewed

data/authpwn_rails.gemspec CHANGED Viewed

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: authpwn_rails 0.19.0 ruby lib
+# stub: authpwn_rails 0.20.0 ruby lib
 Gem::Specification.new do |s|
   s.name = "authpwn_rails"
-  s.version = "0.19.0"
+  s.version = "0.20.0"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib"]
   s.authors = ["Victor Costan"]
-  s.date = "2015-12-21"
+  s.date = "2016-02-02"
   s.description = "Works with Facebook."
   s.email = "victor@costan.us"
   s.extra_rdoc_files = [
@@ -101,6 +101,7 @@ Gem::Specification.new do |s|
     "test/fixtures/bare_session/new.html.erb",
     "test/fixtures/bare_session/password_change.html.erb",
     "test/fixtures/bare_session/welcome.html.erb",
+    "test/fixtures/layouts/application.html.erb",
     "test/helpers/action_controller.rb",
     "test/helpers/action_mailer.rb",
     "test/helpers/application_controller.rb",

data/lib/authpwn_rails/http_basic.rb CHANGED Viewed

@@ -52,7 +52,7 @@ module HttpBasicControllerInstanceMethods
     respond_to do |format|
       format.html do
-        render 'session/forbidden', status: :forbidden
+        render 'session/forbidden', layout: false, status: :forbidden
       end
       format.json do
         render json: { error: "You're not allowed to access that" }

data/lib/authpwn_rails/http_token.rb CHANGED Viewed

@@ -55,7 +55,7 @@ module HttpTokenControllerInstanceMethods
     respond_to do |format|
       format.html do
-        render 'session/forbidden', status: :forbidden
+        render 'session/forbidden', layout: false, status: :forbidden
       end
       format.json do
         render json: { error: "You're not allowed to access that" }

data/lib/authpwn_rails/session.rb CHANGED Viewed

@@ -78,10 +78,10 @@ module ControllerInstanceMethods
       format.html do
         @redirect_url = redirect_url
         if current_user
-          render 'session/forbidden', status: :forbidden
+          render 'session/forbidden', layout: false, status: :forbidden
         else
           flash[:auth_redirect_url] = redirect_url
-          render 'session/forbidden', status: :forbidden
+          render 'session/forbidden', layout: false, status: :forbidden
         end
       end
       format.json do

data/test/cookie_controller_test.rb CHANGED Viewed

@@ -205,6 +205,9 @@ class CookieControllerTest < ActionController::TestCase
     assert_response :forbidden
     assert_template 'session/forbidden'
     assert_select 'a[href="/session"][data-method="delete"]', 'sign out'
+    # Make sure no layout was rendered.
+    assert_select 'title', 0
+    assert_select 'h1', 0
   end
   test "valid user_id bounced in json" do
@@ -220,6 +223,9 @@ class CookieControllerTest < ActionController::TestCase
     assert_response :forbidden
     assert_template 'session/forbidden'
     assert_equal bouncer_cookie_url, flash[:auth_redirect_url]
+    # Make sure no layout was rendered.
+    assert_select 'title', 0
+    assert_select 'h1', 0
     assert_select 'script', %r/.*window.location.*#{new_session_path}.*/
   end

@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Application page</title>
+</head>
+<body>
+  <h1>Application Layout Heading</h1>
+<%= yield %>
+</body>
+</html>

data/test/helpers/application_controller.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 class ApplicationController < ActionController::Base
   prepend_view_path File.expand_path(
       '../../../lib/authpwn_rails/generators/templates', __FILE__)
+  prepend_view_path File.expand_path('../../fixtures', __FILE__)
+  layout 'application'
   # This is necessary for testing CSRF exceptions in API calls.
   protect_from_forgery with: :exception

data/test/http_basic_controller_test.rb CHANGED Viewed

@@ -95,6 +95,9 @@ class HttpBasicControllerTest < ActionController::TestCase
     assert_response :forbidden
     assert_template 'session/forbidden'
     assert_select 'a[href="/session"][data-method="delete"]', 'sign out'
+    # Make sure no layout was rendered.
+    assert_select 'title', 0
+    assert_select 'h1', 0
   end
   test "valid user bounced in json" do

data/test/http_token_controller_test.rb CHANGED Viewed

@@ -101,6 +101,9 @@ class HttpTokenControllerTest < ActionController::TestCase
     assert_response :forbidden
     assert_template 'session/forbidden'
     assert_select 'a[href="/session"][data-method="delete"]', 'sign out'
+    # Make sure no layout was rendered.
+    assert_select 'title', 0
+    assert_select 'h1', 0
   end
   test "valid user bounced in json" do

data/test/session_controller_api_test.rb CHANGED Viewed

@@ -453,6 +453,9 @@ class SessionControllerApiTest < ActionController::TestCase
   test "password_change bounces without logged in user" do
     get :password_change
     assert_response :forbidden
+    # Make sure no layout was rendered.
+    assert_select 'title', 0
+    assert_select 'h1', 0
   end
   test "password_change renders correct form" do
@@ -467,6 +470,10 @@ class SessionControllerApiTest < ActionController::TestCase
     post :change_password, credential: { old_password: 'pa55w0rd',
         password: 'hacks', password_confirmation: 'hacks' }
     assert_response :forbidden
+    assert_template 'session/forbidden'
+    # Make sure no layout was rendered.
+    assert_select 'title', 0
+    assert_select 'h1', 0
   end
   test "change_password works with correct input" do

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authpwn_rails
 version: !ruby/object:Gem::Version
-  version: 0.19.0
+  version: 0.20.0
 platform: ruby
 authors:
 - Victor Costan
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-12-21 00:00:00.000000000 Z
+date: 2016-02-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -268,6 +268,7 @@ files:
 - test/fixtures/bare_session/new.html.erb
 - test/fixtures/bare_session/password_change.html.erb
 - test/fixtures/bare_session/welcome.html.erb
+- test/fixtures/layouts/application.html.erb
 - test/helpers/action_controller.rb
 - test/helpers/action_mailer.rb
 - test/helpers/application_controller.rb