bartt-ssl_requirement 1.2.6 → 1.2.7
Sign up to get free protection for your applications and to get access to all the features.
- data/Rakefile +1 -0
- data/VERSION +1 -1
- data/bartt-ssl_requirement.gemspec +17 -20
- data/lib/ssl_requirement.rb +2 -1
- data/test/ssl_requirement_test.rb +48 -47
- metadata +6 -18
- data/.gitignore +0 -1
data/Rakefile
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.2.
|
1
|
+
1.2.7
|
@@ -1,46 +1,43 @@
|
|
1
1
|
# Generated by jeweler
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
-
# Instead, edit Jeweler::Tasks in Rakefile, and run
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{bartt-ssl_requirement}
|
8
|
-
s.version = "1.2.
|
8
|
+
s.version = "1.2.7"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
-
s.authors = ["RailsJedi", "David Heinemeier Hansson", "jcnetdev", "bcurren", "bmpercy", "revo", "nathany", "bartt", "Thorben
|
12
|
-
s.date = %q{2011-05-
|
11
|
+
s.authors = ["RailsJedi", "David Heinemeier Hansson", "jcnetdev", "bcurren", "bmpercy", "revo", "nathany", "bartt", "Thorben Schröder"]
|
12
|
+
s.date = %q{2011-05-27}
|
13
13
|
s.description = %q{SSL requirement adds a declarative way of specifying that certain actions should only be allowed to run under SSL, and if they're accessed without it, they should be redirected.}
|
14
14
|
s.email = %q{bart@thecodemill.biz}
|
15
15
|
s.extra_rdoc_files = [
|
16
16
|
"README"
|
17
17
|
]
|
18
18
|
s.files = [
|
19
|
-
"
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
"test/url_for_test.rb"
|
19
|
+
"README",
|
20
|
+
"Rakefile",
|
21
|
+
"VERSION",
|
22
|
+
"bartt-ssl_requirement.gemspec",
|
23
|
+
"init.rb",
|
24
|
+
"lib/ssl_requirement.rb",
|
25
|
+
"lib/url_for.rb",
|
26
|
+
"rails/init.rb",
|
27
|
+
"shoulda_macros/ssl_requirement_macros.rb",
|
28
|
+
"test/ssl_requirement_test.rb",
|
29
|
+
"test/url_for_test.rb"
|
31
30
|
]
|
32
31
|
s.homepage = %q{http://github.com/bartt/ssl_requirement}
|
33
|
-
s.rdoc_options = ["--charset=UTF-8"]
|
34
32
|
s.require_paths = ["lib"]
|
35
|
-
s.rubygems_version = %q{1.
|
33
|
+
s.rubygems_version = %q{1.6.2}
|
36
34
|
s.summary = %q{Allow controller actions to force SSL on specific parts of the site.}
|
37
35
|
s.test_files = [
|
38
36
|
"test/ssl_requirement_test.rb",
|
39
|
-
|
37
|
+
"test/url_for_test.rb"
|
40
38
|
]
|
41
39
|
|
42
40
|
if s.respond_to? :specification_version then
|
43
|
-
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
44
41
|
s.specification_version = 3
|
45
42
|
|
46
43
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
data/lib/ssl_requirement.rb
CHANGED
@@ -21,7 +21,8 @@ require "#{File.dirname(__FILE__)}/url_for"
|
|
21
21
|
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
22
|
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
23
23
|
module SslRequirement
|
24
|
-
mattr_writer :ssl_host, :non_ssl_host, :disable_ssl_check
|
24
|
+
mattr_writer :ssl_host, :non_ssl_host, :disable_ssl_check
|
25
|
+
mattr_accessor :redirect_status
|
25
26
|
|
26
27
|
def self.ssl_host
|
27
28
|
determine_host(@@ssl_host) rescue nil
|
@@ -18,10 +18,11 @@ MSG
|
|
18
18
|
end
|
19
19
|
end
|
20
20
|
end
|
21
|
+
$:.unshift(File.dirname(__FILE__) + '/../lib')
|
21
22
|
|
22
23
|
require 'action_dispatch/testing/test_process'
|
23
24
|
require 'test/unit'
|
24
|
-
require "
|
25
|
+
require "ssl_requirement"
|
25
26
|
|
26
27
|
ActionController::Base.logger = nil
|
27
28
|
ActionController::Routing::Routes.reload rescue nil
|
@@ -41,25 +42,25 @@ ROUTES.finalize!
|
|
41
42
|
|
42
43
|
class SslRequirementController < ActionController::Base
|
43
44
|
include SslRequirement
|
44
|
-
|
45
|
+
|
45
46
|
ssl_required :a, :b
|
46
47
|
ssl_allowed :c
|
47
|
-
|
48
|
+
|
48
49
|
def a
|
49
50
|
flash[:abar] = "foo"
|
50
51
|
render :nothing => true
|
51
52
|
end
|
52
|
-
|
53
|
+
|
53
54
|
def b
|
54
55
|
flash[:bbar] = "foo"
|
55
56
|
render :nothing => true
|
56
57
|
end
|
57
|
-
|
58
|
+
|
58
59
|
def c
|
59
60
|
flash[:cbar] = "foo"
|
60
61
|
render :nothing => true
|
61
62
|
end
|
62
|
-
|
63
|
+
|
63
64
|
def d
|
64
65
|
flash[:dbar] = "foo"
|
65
66
|
render :nothing => true
|
@@ -69,7 +70,7 @@ class SslRequirementController < ActionController::Base
|
|
69
70
|
flash[:foo] = "bar"
|
70
71
|
render :nothing => true
|
71
72
|
end
|
72
|
-
|
73
|
+
|
73
74
|
def self._routes
|
74
75
|
ROUTES
|
75
76
|
end
|
@@ -77,27 +78,27 @@ end
|
|
77
78
|
|
78
79
|
class SslExceptionController < ActionController::Base
|
79
80
|
include SslRequirement
|
80
|
-
|
81
|
+
|
81
82
|
ssl_required :a
|
82
83
|
ssl_exceptions :b
|
83
84
|
ssl_allowed :d
|
84
|
-
|
85
|
+
|
85
86
|
def a
|
86
87
|
render :nothing => true
|
87
88
|
end
|
88
|
-
|
89
|
+
|
89
90
|
def b
|
90
91
|
render :nothing => true
|
91
92
|
end
|
92
|
-
|
93
|
+
|
93
94
|
def c
|
94
95
|
render :nothing => true
|
95
96
|
end
|
96
|
-
|
97
|
+
|
97
98
|
def d
|
98
99
|
render :nothing => true
|
99
100
|
end
|
100
|
-
|
101
|
+
|
101
102
|
def self._routes
|
102
103
|
ROUTES
|
103
104
|
end
|
@@ -105,13 +106,13 @@ end
|
|
105
106
|
|
106
107
|
class SslAllActionsController < ActionController::Base
|
107
108
|
include SslRequirement
|
108
|
-
|
109
|
+
|
109
110
|
ssl_exceptions
|
110
|
-
|
111
|
+
|
111
112
|
def a
|
112
113
|
render :nothing => true
|
113
114
|
end
|
114
|
-
|
115
|
+
|
115
116
|
def self._routes
|
116
117
|
ROUTES
|
117
118
|
end
|
@@ -119,17 +120,17 @@ end
|
|
119
120
|
|
120
121
|
class SslAllowAllActionsController < ActionController::Base
|
121
122
|
include SslRequirement
|
122
|
-
|
123
|
+
|
123
124
|
ssl_allowed :all
|
124
|
-
|
125
|
+
|
125
126
|
def a
|
126
127
|
render :nothing => true
|
127
128
|
end
|
128
|
-
|
129
|
+
|
129
130
|
def b
|
130
131
|
render :nothing => true
|
131
132
|
end
|
132
|
-
|
133
|
+
|
133
134
|
def self._routes
|
134
135
|
ROUTES
|
135
136
|
end
|
@@ -141,7 +142,7 @@ end
|
|
141
142
|
|
142
143
|
# NOTE: The only way I could get the flash tests to work under Rails 2.3.2
|
143
144
|
# (without resorting to IntegrationTest with some artificial session
|
144
|
-
# store) was to use TestCase. In TestCases, it appears that flash
|
145
|
+
# store) was to use TestCase. In TestCases, it appears that flash
|
145
146
|
# messages are effectively persisted in session after the last controller
|
146
147
|
# action that consumed them...so that when the TestCase inspects
|
147
148
|
# the FlashHash, it will find the flash still populated, even though
|
@@ -151,8 +152,8 @@ end
|
|
151
152
|
# flash is persisted forever. But if subsequent controller actions add to
|
152
153
|
# flash, the older flash messages eventually disappear.
|
153
154
|
#
|
154
|
-
# As a result, the flash-related tests now make two requests after the
|
155
|
-
# set_flash, each of these requests is also modifying flash. flash is
|
155
|
+
# As a result, the flash-related tests now make two requests after the
|
156
|
+
# set_flash, each of these requests is also modifying flash. flash is
|
156
157
|
# inspected after the second request returns.
|
157
158
|
#
|
158
159
|
# This feels a little hacky, so if anyone can improve it, please do so!
|
@@ -161,7 +162,7 @@ end
|
|
161
162
|
class SslRequirementTest < ActionController::TestCase
|
162
163
|
def setup
|
163
164
|
@routes = ROUTES
|
164
|
-
|
165
|
+
|
165
166
|
@controller = SslRequirementController.new
|
166
167
|
@ssl_host_override = 'www.example.com:80443'
|
167
168
|
@non_ssl_host_override = 'www.example.com:8080'
|
@@ -187,7 +188,7 @@ class SslRequirementTest < ActionController::TestCase
|
|
187
188
|
end
|
188
189
|
|
189
190
|
# flash-related tests
|
190
|
-
|
191
|
+
|
191
192
|
def test_redirect_to_https_preserves_flash
|
192
193
|
assert_not_equal "on", @request.env["HTTPS"]
|
193
194
|
get :set_flash
|
@@ -197,7 +198,7 @@ class SslRequirementTest < ActionController::TestCase
|
|
197
198
|
assert_response :redirect # make sure it happens again
|
198
199
|
assert_equal "bar", flash[:foo] # the flash would be gone now if no redirect
|
199
200
|
end
|
200
|
-
|
201
|
+
|
201
202
|
def test_not_redirecting_to_https_does_not_preserve_the_flash
|
202
203
|
assert_not_equal "on", @request.env["HTTPS"]
|
203
204
|
get :set_flash
|
@@ -207,7 +208,7 @@ class SslRequirementTest < ActionController::TestCase
|
|
207
208
|
assert_response :success # check no redirect
|
208
209
|
assert_nil flash[:foo] # the flash should be gone now
|
209
210
|
end
|
210
|
-
|
211
|
+
|
211
212
|
def test_redirect_to_http_preserves_flash
|
212
213
|
get :set_flash
|
213
214
|
@request.env['HTTPS'] = "on"
|
@@ -217,7 +218,7 @@ class SslRequirementTest < ActionController::TestCase
|
|
217
218
|
assert_response :redirect # make sure redirect happens
|
218
219
|
assert_equal "bar", flash[:foo] # flash would be gone now if no redirect
|
219
220
|
end
|
220
|
-
|
221
|
+
|
221
222
|
def test_not_redirecting_to_http_does_not_preserve_the_flash
|
222
223
|
get :set_flash
|
223
224
|
@request.env['HTTPS'] = "on"
|
@@ -229,7 +230,7 @@ class SslRequirementTest < ActionController::TestCase
|
|
229
230
|
end
|
230
231
|
|
231
232
|
# ssl required/allowed/exceptions testing
|
232
|
-
|
233
|
+
|
233
234
|
def test_required_without_ssl
|
234
235
|
assert_not_equal "on", @request.env["HTTPS"]
|
235
236
|
get :a
|
@@ -239,7 +240,7 @@ class SslRequirementTest < ActionController::TestCase
|
|
239
240
|
assert_response :redirect
|
240
241
|
assert_match %r{^https://}, @response.headers['Location']
|
241
242
|
end
|
242
|
-
|
243
|
+
|
243
244
|
def test_required_with_ssl
|
244
245
|
@request.env['HTTPS'] = "on"
|
245
246
|
get :a
|
@@ -253,7 +254,7 @@ class SslRequirementTest < ActionController::TestCase
|
|
253
254
|
get :d
|
254
255
|
assert_response :success
|
255
256
|
end
|
256
|
-
|
257
|
+
|
257
258
|
def test_ssl_exceptions_without_ssl
|
258
259
|
@controller = SslExceptionController.new
|
259
260
|
assert_not_equal "on", @request.env["HTTPS"]
|
@@ -266,7 +267,7 @@ class SslRequirementTest < ActionController::TestCase
|
|
266
267
|
assert_response :redirect
|
267
268
|
assert_match %r{^https://}, @response.headers['Location']
|
268
269
|
end
|
269
|
-
|
270
|
+
|
270
271
|
def test_ssl_exceptions_with_ssl
|
271
272
|
@controller = SslExceptionController.new
|
272
273
|
@request.env['HTTPS'] = "on"
|
@@ -275,14 +276,14 @@ class SslRequirementTest < ActionController::TestCase
|
|
275
276
|
get :c
|
276
277
|
assert_response :success
|
277
278
|
end
|
278
|
-
|
279
|
+
|
279
280
|
def test_ssl_all_actions_without_ssl
|
280
281
|
@controller = SslAllActionsController.new
|
281
282
|
get :a
|
282
283
|
assert_response :redirect
|
283
284
|
assert_match %r{^https://}, @response.headers['Location']
|
284
285
|
end
|
285
|
-
|
286
|
+
|
286
287
|
def test_disallowed_with_ssl
|
287
288
|
@request.env['HTTPS'] = "on"
|
288
289
|
get :d
|
@@ -360,7 +361,7 @@ class SslRequirementTest < ActionController::TestCase
|
|
360
361
|
end
|
361
362
|
|
362
363
|
# test ssl_host and ssl_non_host overrides with Procs
|
363
|
-
|
364
|
+
|
364
365
|
def test_ssl_redirect_with_ssl_host_proc
|
365
366
|
SslRequirement.ssl_host = Proc.new do
|
366
367
|
@ssl_host_override
|
@@ -368,14 +369,14 @@ class SslRequirementTest < ActionController::TestCase
|
|
368
369
|
assert_not_equal "on", @request.env["HTTPS"]
|
369
370
|
get :a
|
370
371
|
assert_response :redirect
|
371
|
-
assert_match Regexp.new("^https://#{@ssl_host_override}"),
|
372
|
+
assert_match Regexp.new("^https://#{@ssl_host_override}"),
|
372
373
|
@response.headers['Location']
|
373
374
|
SslRequirement.ssl_host = nil
|
374
375
|
end
|
375
376
|
|
376
377
|
def test_non_ssl_redirect_with_non_ssl_host_proc
|
377
378
|
SslRequirement.non_ssl_host = Proc.new do
|
378
|
-
@non_ssl_host_override
|
379
|
+
@non_ssl_host_override
|
379
380
|
end
|
380
381
|
@request.env['HTTPS'] = 'on'
|
381
382
|
get :d
|
@@ -384,31 +385,31 @@ class SslRequirementTest < ActionController::TestCase
|
|
384
385
|
@response.headers['Location']
|
385
386
|
SslRequirement.non_ssl_host = nil
|
386
387
|
end
|
387
|
-
|
388
|
+
|
388
389
|
# test allowing ssl on any action by the :all symbol
|
389
390
|
def test_controller_that_allows_ssl_on_all_actions_allows_requests_with_or_without_ssl_enabled
|
390
391
|
@controller = SslAllowAllActionsController.new
|
391
|
-
|
392
|
+
|
392
393
|
assert_not_equal "on", @request.env["HTTPS"]
|
393
|
-
|
394
|
+
|
394
395
|
get :a
|
395
396
|
assert_response :success
|
396
|
-
|
397
|
+
|
397
398
|
get :b
|
398
399
|
assert_response :success
|
399
|
-
|
400
|
+
|
400
401
|
@request.env["HTTPS"] = "on"
|
401
|
-
|
402
|
+
|
402
403
|
get :a
|
403
404
|
assert_response :success
|
404
|
-
|
405
|
+
|
405
406
|
get :b
|
406
407
|
assert_response :success
|
407
408
|
end
|
408
|
-
|
409
|
+
|
409
410
|
def test_required_without_ssl_and_allowed_all
|
410
411
|
@controller = SslAllowAllAndRequireController.new
|
411
|
-
|
412
|
+
|
412
413
|
assert_not_equal "on", @request.env["HTTPS"]
|
413
414
|
get :a
|
414
415
|
assert_response :redirect
|
@@ -417,5 +418,5 @@ class SslRequirementTest < ActionController::TestCase
|
|
417
418
|
assert_response :redirect
|
418
419
|
assert_match %r{^https://}, @response.headers['Location']
|
419
420
|
end
|
420
|
-
|
421
|
+
|
421
422
|
end
|
metadata
CHANGED
@@ -1,13 +1,8 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bartt-ssl_requirement
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
|
5
|
-
|
6
|
-
segments:
|
7
|
-
- 1
|
8
|
-
- 2
|
9
|
-
- 6
|
10
|
-
version: 1.2.6
|
4
|
+
prerelease:
|
5
|
+
version: 1.2.7
|
11
6
|
platform: ruby
|
12
7
|
authors:
|
13
8
|
- RailsJedi
|
@@ -23,7 +18,7 @@ autorequire:
|
|
23
18
|
bindir: bin
|
24
19
|
cert_chain: []
|
25
20
|
|
26
|
-
date: 2011-05-
|
21
|
+
date: 2011-05-27 00:00:00 -07:00
|
27
22
|
default_executable:
|
28
23
|
dependencies: []
|
29
24
|
|
@@ -36,7 +31,6 @@ extensions: []
|
|
36
31
|
extra_rdoc_files:
|
37
32
|
- README
|
38
33
|
files:
|
39
|
-
- .gitignore
|
40
34
|
- README
|
41
35
|
- Rakefile
|
42
36
|
- VERSION
|
@@ -53,8 +47,8 @@ homepage: http://github.com/bartt/ssl_requirement
|
|
53
47
|
licenses: []
|
54
48
|
|
55
49
|
post_install_message:
|
56
|
-
rdoc_options:
|
57
|
-
|
50
|
+
rdoc_options: []
|
51
|
+
|
58
52
|
require_paths:
|
59
53
|
- lib
|
60
54
|
required_ruby_version: !ruby/object:Gem::Requirement
|
@@ -62,23 +56,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
62
56
|
requirements:
|
63
57
|
- - ">="
|
64
58
|
- !ruby/object:Gem::Version
|
65
|
-
hash: 3
|
66
|
-
segments:
|
67
|
-
- 0
|
68
59
|
version: "0"
|
69
60
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
70
61
|
none: false
|
71
62
|
requirements:
|
72
63
|
- - ">="
|
73
64
|
- !ruby/object:Gem::Version
|
74
|
-
hash: 3
|
75
|
-
segments:
|
76
|
-
- 0
|
77
65
|
version: "0"
|
78
66
|
requirements: []
|
79
67
|
|
80
68
|
rubyforge_project:
|
81
|
-
rubygems_version: 1.
|
69
|
+
rubygems_version: 1.6.2
|
82
70
|
signing_key:
|
83
71
|
specification_version: 3
|
84
72
|
summary: Allow controller actions to force SSL on specific parts of the site.
|
data/.gitignore
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
*.gem
|