authpwn_rails 0.13.0 → 0.13.1

data/.travis.yml

@@ -1,6 +1,7 @@
 language: ruby
 env:
-  - DB=mysql
+  - DB=mysql:utf8_general_ci
+  - DB=mysql:utf8_bin
   - DB=pg DB_USER=postgres
   - DB=sqlite
 rvm:

data/Gemfile.lock

@@ -29,7 +29,7 @@ GEM
       i18n (~> 0.6)
       multi_json (~> 1.0)
     arel (3.0.2)
-    builder (3.0.3)
+    builder (3.0.4)
     erubis (2.7.0)
     faraday (0.8.4)
       multipart-post (~> 1.1)

data/VERSION

@@ -1 +1 @@
-0.13.0
+0.13.1

data/app/models/tokens/base.rb

@@ -96,11 +96,9 @@ class Base < ::Credential
   #     code
   def self.random_for(user, key = nil, klass = nil)
     klass ||= self
-    if key.nil?
-      token = self.new(:code => random_code)
-    else
-      token = self.new(:code => random_code, :key => key)
-    end
+    token = self.new
+    token.code = random_code
+    token.key = key unless key.nil?
     user.credentials << token
     token.save!
     token

data/authpwn_rails.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = "authpwn_rails"
-  s.version = "0.13.0"
+  s.version = "0.13.1"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Victor Costan"]
-  s.date = "2012-10-13"
+  s.date = "2012-10-17"
   s.description = "Works with Facebook."
   s.email = "victor@costan.us"
   s.extra_rdoc_files = [

data/lib/authpwn_rails/credential_model.rb

@@ -20,6 +20,8 @@ module CredentialModel
 
     # Secret information associated with the token.
     validates :key, :length => { :in => 1..2.kilobytes, :allow_nil => true }
+
+    attr_accessible
   end
 
   # Included in the metaclass of models that call pwnauth_facebook_token_model.

data/lib/authpwn_rails/user_model.rb

@@ -22,8 +22,6 @@ module UserModel
     # Credentials used to authenticate the user.
     has_many :credentials, :dependent => :destroy, :inverse_of => :user
     validates_associated :credentials
-    # This is safe, because credentials use attr_accessible.
-    accepts_nested_attributes_for :credentials, :allow_destroy => true
 
     # Automatically assign exuid.
     before_validation :set_default_exuid, :on => :create

data/test/credentials/email_credential_test.rb

@@ -1,15 +1,16 @@
 require File.expand_path('../../test_helper', __FILE__)
 
-class EmailCredentialTest < ActiveSupport::TestCase  
+class EmailCredentialTest < ActiveSupport::TestCase
   def setup
-    @credential = Credentials::Email.new :email => 'dvdjohn@mit.edu'
+    @credential = Credentials::Email.new
+    @credential.email = 'dvdjohn@mit.edu'
     @credential.user = users(:bill)
   end
-  
+
   test 'setup' do
     assert @credential.valid?
   end
-  
+
   test 'key required' do
     @credential.key = ''
     assert !@credential.valid?
@@ -19,19 +20,19 @@ class EmailCredentialTest < ActiveSupport::TestCase
     @credential.key = 'xoxo'
     assert !@credential.valid?
   end
-  
+
   test 'verified set to true' do
     @credential.verified = true
     assert_equal '1', @credential.key, 'key'
     assert_equal true, @credential.verified?, 'verified?'
   end
-  
+
   test 'verified set to false' do
     @credential.verified = false
     assert_equal '0', @credential.key, 'key'
     assert_equal false, @credential.verified?, 'verified?'
   end
-  
+
   test 'user presence' do
     @credential.user = nil
     assert !@credential.valid?
@@ -41,30 +42,30 @@ class EmailCredentialTest < ActiveSupport::TestCase
     @credential.email = nil
     assert !@credential.valid?
   end
-  
+
   test 'email length' do
     @credential.email = 'abcde' * 25 + '@mit.edu'
     assert !@credential.valid?, 'Overly long email'
   end
-  
+
   test 'email format' do
     ['cos tan@gmail.com', 'costan@x@mit.edu'].each do |email|
       @credential.email = email
       assert !@credential.valid?, "Bad email format - #{email}"
-    end    
+    end
   end
-  
+
   test 'email uniqueness' do
     @credential.email = credentials(:john_email).email
     assert !@credential.valid?
   end
-  
+
   test 'authenticate' do
     assert_equal users(:john), Credentials::Email.authenticate('john@gmail.com')
     assert_equal users(:jane), Credentials::Email.authenticate('jane@gmail.com')
     assert_equal :invalid, Credentials::Email.authenticate('bill@gmail.com')
   end
-  
+
   test 'authenticate calls User#auth_bounce_reason' do
     with_blocked_credential credentials(:john_email), :reason do
       assert_equal :reason, Credentials::Email.authenticate('john@gmail.com')

data/test/credentials/email_verification_token_test.rb

@@ -2,9 +2,9 @@ require File.expand_path('../../test_helper', __FILE__)
 
 class EmailVerificationTokenTest < ActiveSupport::TestCase
   def setup
-    @credential = Tokens::EmailVerification.new(
-        :code => 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo',
-        :key => 'jane@gmail.com')
+    @credential = Tokens::EmailVerification.new
+    @credential.code = 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo'
+    @credential.key = 'jane@gmail.com'
     @credential.user = users(:jane)
   end
 

data/test/credentials/one_time_token_credential_test.rb

@@ -2,8 +2,8 @@ require File.expand_path('../../test_helper', __FILE__)
 
 class OneTimeTokenCredentialTest < ActiveSupport::TestCase
   def setup
-    @credential = Tokens::OneTime.new(
-        :code => 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo')
+    @credential = Tokens::OneTime.new
+    @credential.code = 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo'
     @credential.user = users(:bill)
   end
 

data/test/credentials/password_credential_test.rb

@@ -2,8 +2,9 @@ require File.expand_path('../../test_helper', __FILE__)
 
 class PasswordCredentialTest < ActiveSupport::TestCase
   def setup
-    @credential = Credentials::Password.new :password => 'awesome',
-                                            :password_confirmation => 'awesome'
+    @credential = Credentials::Password.new
+    @credential.password = 'awesome'
+    @credential.password_confirmation = 'awesome'
     @credential.user = users(:bill)
     @_password_expires = Credentials::Password.expires_after
   end

data/test/credentials/password_reset_token_test.rb

@@ -1,21 +1,21 @@
 require File.expand_path('../../test_helper', __FILE__)
 
-class PasswordVerificationTokenTest < ActiveSupport::TestCase  
+class PasswordVerificationTokenTest < ActiveSupport::TestCase
   def setup
-    @credential = Tokens::PasswordReset.new(
-        :code => 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo')
+    @credential = Tokens::PasswordReset.new
+    @credential.code = 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo'
     @credential.user = users(:john)
   end
-  
+
   test 'setup' do
     assert @credential.valid?
   end
-  
+
   test 'code required' do
     @credential.code = nil
     assert !@credential.valid?
   end
-  
+
   test 'code uniqueness' do
     @credential.code = credentials(:john_token).code
     assert !@credential.valid?
@@ -25,21 +25,21 @@ class PasswordVerificationTokenTest < ActiveSupport::TestCase
     @credential.user = nil
     assert !@credential.valid?
   end
-  
+
   test 'password_credential' do
     assert_equal credentials(:john_password), @credential.password_credential
     assert_equal credentials(:jane_password),
                  credentials(:jane_password_token).password_credential
-  
+
     @credential.user = users(:bill)
     assert_nil @credential.password_credential
   end
-  
+
   test 'spend blanks out the password and destroys the token' do
     password_credential = credentials(:jane_password)
     credential = credentials(:jane_password_token)
     assert_equal Tokens::PasswordReset, credential.class, 'bad setup'
-    
+
     assert_difference 'Credential.count', -2 do
       assert_difference 'Credentials::Password.count', -1 do
         credential.spend
@@ -54,13 +54,13 @@ class PasswordVerificationTokenTest < ActiveSupport::TestCase
     password_credential = credentials(:jane_password)
     password_credential.destroy
     credential = credentials(:jane_password_token)
-    
+
     assert_difference 'Credential.count', -1 do
       credential.spend
     end
     assert credential.frozen?, 'not destroyed'
   end
-  
+
   test 'random_for' do
     token = Tokens::PasswordReset.random_for users(:john)
     assert token.valid?, 'valid token'

data/test/credentials/session_uid_token_test.rb

@@ -2,11 +2,11 @@ require File.expand_path('../../test_helper', __FILE__)
 
 class SessionUidTokenTest < ActiveSupport::TestCase
   def setup
-    @credential = Tokens::SessionUid.new(
-      :code => 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo',
-      :browser_ip => '18.70.0.160',
-      :browser_ua => 'Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1'
-    )
+    @credential = Tokens::SessionUid.new
+    @credential.code = 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo'
+    @credential.browser_ip = '18.70.0.160'
+    @credential.browser_ua =
+        'Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1'
     @credential.user = users(:jane)
     @_expires_after = Tokens::SessionUid.expires_after
   end

data/test/credentials/token_crendential_test.rb

@@ -2,8 +2,8 @@ require File.expand_path('../../test_helper', __FILE__)
 
 class TokenCredentialTest < ActiveSupport::TestCase
   def setup
-    @credential = Tokens::Base.new(
-        :code => 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo')
+    @credential = Tokens::Base.new
+    @credential.code = 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo'
     @credential.user = users(:bill)
   end
 

data/test/helpers/db_setup.rb

@@ -1,6 +1,11 @@
 case ENV['DB']
 when /mysql/i
-  `mysql -u root -e "DROP DATABASE IF EXISTS plugin_dev; CREATE DATABASE plugin_dev;"`
+  create_sql = 'CREATE DATABASE plugin_dev DEFAULT CHARACTER SET utf8;'
+  if /:(.*)$/ =~ ENV['DB']
+    create_sql.sub! ';', " DEFAULT COLLATE #{$1};"
+  end
+
+  `mysql -u root -e "DROP DATABASE IF EXISTS plugin_dev; #{create_sql}"`
   ActiveRecord::Base.establish_connection :adapter => 'mysql2',
       :database => 'plugin_dev', :username => 'root', :password => ''
 when /pg/i
@@ -14,6 +19,8 @@ else
                                           :database => ':memory:'
 end
 ActiveRecord::Base.configurations = true
+ActiveRecord::Base.mass_assignment_sanitizer = :strict
+# ActiveRecord::Base.whitelist_attributes = true
 
 ActiveRecord::Migration.verbose = false
 require 'authpwn_rails/generators/templates/001_create_users.rb'

data/test/user_test.rb

@@ -56,13 +56,6 @@ class UserTest < ActiveSupport::TestCase
     assert_equal nil, User.find_by_param(nil)
   end
 
-  test 'nested attributes' do
-    @user = User.new :credentials_attributes => { 0 =>
-        {:name => 'test@email.com', :type => 'Credentials::Password'}}
-    assert_equal 1, @user.credentials.length
-    assert_equal 'test@email.com', @user.credentials.first.name
-  end
-
   test 'authenticate_email' do
     assert_equal users(:john),
         User.authenticate_signin('john@gmail.com', 'password')

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: authpwn_rails
 version: !ruby/object:Gem::Version
-  version: 0.13.0
+  version: 0.13.1
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-10-13 00:00:00.000000000 Z
+date: 2012-10-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fbgraph_rails
@@ -285,7 +285,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -1259066968914269566
+      hash: -2039679637570681553
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements: