authpwn_rails 0.19.0 → 0.20.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b76fa7bb9964950285b988fce4ce50ae02422203
4
- data.tar.gz: b42a0461e9b585c6665ec6234b20ef6b6e03768b
3
+ metadata.gz: e74b051ae5f60f59a12f722ab166d5fc2b263493
4
+ data.tar.gz: 390e8ffb67cd7094dd54da1006742f94f6bce1fc
5
5
  SHA512:
6
- metadata.gz: 8d0c4438b497736367d0c5cb2fc567272b623f5770e8b88c98ae74f3c652584aedee57d97f3b74e0066611598cba35bca18200b2d56b64ed2b893b02c8c8247f
7
- data.tar.gz: c5635580b753dc43ee7bdc330b605982d06c84efa60a7a85811b506f76f22569c4d5e4e2376bf4b283cfc8479ec4d5c650e6ffc0d1fc09e24659f45826a149dc
6
+ metadata.gz: f7182e18579ef2e3bd789025dfdefede81eafa12ed40dd0ad24950ab9ea24f5c8b7d73a4b89b4b8291d32eed0129b6cd13a6327f997f8dbdad0fc3ba851b047e
7
+ data.tar.gz: 14b118e149594915b6d4f6b141a2099f819da1e26f798a7e95e7900fea0be7b2cbc2f4350b7e11d37b4cc5128a0de9d1d186e50f0214b4bf10cc8d51eea65e2f
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.19.0
1
+ 0.20.0
@@ -2,16 +2,16 @@
2
2
  # DO NOT EDIT THIS FILE DIRECTLY
3
3
  # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
4
  # -*- encoding: utf-8 -*-
5
- # stub: authpwn_rails 0.19.0 ruby lib
5
+ # stub: authpwn_rails 0.20.0 ruby lib
6
6
 
7
7
  Gem::Specification.new do |s|
8
8
  s.name = "authpwn_rails"
9
- s.version = "0.19.0"
9
+ s.version = "0.20.0"
10
10
 
11
11
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
12
12
  s.require_paths = ["lib"]
13
13
  s.authors = ["Victor Costan"]
14
- s.date = "2015-12-21"
14
+ s.date = "2016-02-02"
15
15
  s.description = "Works with Facebook."
16
16
  s.email = "victor@costan.us"
17
17
  s.extra_rdoc_files = [
@@ -101,6 +101,7 @@ Gem::Specification.new do |s|
101
101
  "test/fixtures/bare_session/new.html.erb",
102
102
  "test/fixtures/bare_session/password_change.html.erb",
103
103
  "test/fixtures/bare_session/welcome.html.erb",
104
+ "test/fixtures/layouts/application.html.erb",
104
105
  "test/helpers/action_controller.rb",
105
106
  "test/helpers/action_mailer.rb",
106
107
  "test/helpers/application_controller.rb",
@@ -52,7 +52,7 @@ module HttpBasicControllerInstanceMethods
52
52
 
53
53
  respond_to do |format|
54
54
  format.html do
55
- render 'session/forbidden', status: :forbidden
55
+ render 'session/forbidden', layout: false, status: :forbidden
56
56
  end
57
57
  format.json do
58
58
  render json: { error: "You're not allowed to access that" }
@@ -55,7 +55,7 @@ module HttpTokenControllerInstanceMethods
55
55
 
56
56
  respond_to do |format|
57
57
  format.html do
58
- render 'session/forbidden', status: :forbidden
58
+ render 'session/forbidden', layout: false, status: :forbidden
59
59
  end
60
60
  format.json do
61
61
  render json: { error: "You're not allowed to access that" }
@@ -78,10 +78,10 @@ module ControllerInstanceMethods
78
78
  format.html do
79
79
  @redirect_url = redirect_url
80
80
  if current_user
81
- render 'session/forbidden', status: :forbidden
81
+ render 'session/forbidden', layout: false, status: :forbidden
82
82
  else
83
83
  flash[:auth_redirect_url] = redirect_url
84
- render 'session/forbidden', status: :forbidden
84
+ render 'session/forbidden', layout: false, status: :forbidden
85
85
  end
86
86
  end
87
87
  format.json do
@@ -205,6 +205,9 @@ class CookieControllerTest < ActionController::TestCase
205
205
  assert_response :forbidden
206
206
  assert_template 'session/forbidden'
207
207
  assert_select 'a[href="/session"][data-method="delete"]', 'sign out'
208
+ # Make sure no layout was rendered.
209
+ assert_select 'title', 0
210
+ assert_select 'h1', 0
208
211
  end
209
212
 
210
213
  test "valid user_id bounced in json" do
@@ -220,6 +223,9 @@ class CookieControllerTest < ActionController::TestCase
220
223
  assert_response :forbidden
221
224
  assert_template 'session/forbidden'
222
225
  assert_equal bouncer_cookie_url, flash[:auth_redirect_url]
226
+ # Make sure no layout was rendered.
227
+ assert_select 'title', 0
228
+ assert_select 'h1', 0
223
229
 
224
230
  assert_select 'script', %r/.*window.location.*#{new_session_path}.*/
225
231
  end
@@ -0,0 +1,11 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <title>Application page</title>
5
+ </head>
6
+ <body>
7
+ <h1>Application Layout Heading</h1>
8
+
9
+ <%= yield %>
10
+ </body>
11
+ </html>
@@ -2,6 +2,9 @@
2
2
  class ApplicationController < ActionController::Base
3
3
  prepend_view_path File.expand_path(
4
4
  '../../../lib/authpwn_rails/generators/templates', __FILE__)
5
+ prepend_view_path File.expand_path('../../fixtures', __FILE__)
6
+
7
+ layout 'application'
5
8
 
6
9
  # This is necessary for testing CSRF exceptions in API calls.
7
10
  protect_from_forgery with: :exception
@@ -95,6 +95,9 @@ class HttpBasicControllerTest < ActionController::TestCase
95
95
  assert_response :forbidden
96
96
  assert_template 'session/forbidden'
97
97
  assert_select 'a[href="/session"][data-method="delete"]', 'sign out'
98
+ # Make sure no layout was rendered.
99
+ assert_select 'title', 0
100
+ assert_select 'h1', 0
98
101
  end
99
102
 
100
103
  test "valid user bounced in json" do
@@ -101,6 +101,9 @@ class HttpTokenControllerTest < ActionController::TestCase
101
101
  assert_response :forbidden
102
102
  assert_template 'session/forbidden'
103
103
  assert_select 'a[href="/session"][data-method="delete"]', 'sign out'
104
+ # Make sure no layout was rendered.
105
+ assert_select 'title', 0
106
+ assert_select 'h1', 0
104
107
  end
105
108
 
106
109
  test "valid user bounced in json" do
@@ -453,6 +453,9 @@ class SessionControllerApiTest < ActionController::TestCase
453
453
  test "password_change bounces without logged in user" do
454
454
  get :password_change
455
455
  assert_response :forbidden
456
+ # Make sure no layout was rendered.
457
+ assert_select 'title', 0
458
+ assert_select 'h1', 0
456
459
  end
457
460
 
458
461
  test "password_change renders correct form" do
@@ -467,6 +470,10 @@ class SessionControllerApiTest < ActionController::TestCase
467
470
  post :change_password, credential: { old_password: 'pa55w0rd',
468
471
  password: 'hacks', password_confirmation: 'hacks' }
469
472
  assert_response :forbidden
473
+ assert_template 'session/forbidden'
474
+ # Make sure no layout was rendered.
475
+ assert_select 'title', 0
476
+ assert_select 'h1', 0
470
477
  end
471
478
 
472
479
  test "change_password works with correct input" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authpwn_rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.19.0
4
+ version: 0.20.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Victor Costan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-12-21 00:00:00.000000000 Z
11
+ date: 2016-02-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -268,6 +268,7 @@ files:
268
268
  - test/fixtures/bare_session/new.html.erb
269
269
  - test/fixtures/bare_session/password_change.html.erb
270
270
  - test/fixtures/bare_session/welcome.html.erb
271
+ - test/fixtures/layouts/application.html.erb
271
272
  - test/helpers/action_controller.rb
272
273
  - test/helpers/action_mailer.rb
273
274
  - test/helpers/application_controller.rb