branston 0.4.1 → 0.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/README.rdoc
CHANGED
@@ -1,11 +1,21 @@
|
|
1
1
|
= Branston =
|
2
|
-
|
3
|
-
|
2
|
+
|
3
|
+
A user story tracker that generates gherkin files and step
|
4
|
+
definitions for use with the cucumber testing framework.
|
5
|
+
|
6
|
+
After installation, Branston acts as both a server and a client. The server
|
7
|
+
allows you to create accounts, log in, create user stories, and group them into
|
8
|
+
iterations and releases. Individual user stories can be given acceptance
|
9
|
+
conditions so that the geeks developing them know when they're done.
|
10
|
+
|
11
|
+
Once a user story has been given acceptance conditions, it's possible to write a
|
12
|
+
cucumber test for it. On a developer machine, the Branston client allows a
|
13
|
+
developer to auto-generate cucumber tests from the user stories on the server.
|
4
14
|
|
5
15
|
== Installation ==
|
6
16
|
|
7
|
-
There's a bit of a dependency chain needed to get things running. Cucumber has
|
8
|
-
a dependency on Nokogiri, which itself has some libxml related dependencies
|
17
|
+
There's a bit of a dependency chain needed to get things running. Cucumber has
|
18
|
+
a dependency on Nokogiri, which itself has some libxml related dependencies
|
9
19
|
including a dependency on a C compiler. On a clean Debian/Ubuntu box, this...
|
10
20
|
|
11
21
|
sudo apt-get install libxml-ruby libxml2-dev libxslt-ruby libxslt-dev build-essential sqlite3
|
@@ -1,22 +1,23 @@
|
|
1
|
-
module AuthenticatedTestHelper
|
2
|
-
# Sets the current <%= file_name %> in the session from the <%= file_name %> fixtures.
|
3
|
-
def login_as(<%= file_name %>)
|
4
|
-
@request.session[:<%= file_name %>_id] = <%= file_name %> ? (<%= file_name %>.is_a?(<%= file_name.camelize %>) ? <%= file_name %>.id : <%= table_name %>(<%= file_name %>).id) : nil
|
5
|
-
end
|
1
|
+
#module AuthenticatedTestHelper
|
2
|
+
# # Sets the current <%= file_name %> in the session from the <%= file_name %> fixtures.
|
3
|
+
# def login_as(<%= file_name %>)
|
4
|
+
# @request.session[:<%= file_name %>_id] = <%= file_name %> ? (<%= file_name %>.is_a?(<%= file_name.camelize %>) ? <%= file_name %>.id : <%= table_name %>(<%= file_name %>).id) : nil
|
5
|
+
# end
|
6
|
+
|
7
|
+
# def authorize_as(<%= file_name %>)
|
8
|
+
# @request.env["HTTP_AUTHORIZATION"] = <%= file_name %> ? ActionController::HttpAuthentication::Basic.encode_credentials(<%= table_name %>(<%= file_name %>).login, 'monkey') : nil
|
9
|
+
# end
|
10
|
+
#
|
11
|
+
#<% if options[:rspec] -%>
|
12
|
+
# # rspec
|
13
|
+
# def mock_<%= file_name %>
|
14
|
+
# <%= file_name %> = mock_model(<%= class_name %>, :id => 1,
|
15
|
+
# :login => 'user_name',
|
16
|
+
# :name => 'U. Surname',
|
17
|
+
# :to_xml => "<%= class_name %>-in-XML", :to_json => "<%= class_name %>-in-JSON",
|
18
|
+
# :errors => [])
|
19
|
+
# <%= file_name %>
|
20
|
+
# end
|
21
|
+
#<% end -%>
|
22
|
+
#end
|
6
23
|
|
7
|
-
def authorize_as(<%= file_name %>)
|
8
|
-
@request.env["HTTP_AUTHORIZATION"] = <%= file_name %> ? ActionController::HttpAuthentication::Basic.encode_credentials(<%= table_name %>(<%= file_name %>).login, 'monkey') : nil
|
9
|
-
end
|
10
|
-
|
11
|
-
<% if options[:rspec] -%>
|
12
|
-
# rspec
|
13
|
-
def mock_<%= file_name %>
|
14
|
-
<%= file_name %> = mock_model(<%= class_name %>, :id => 1,
|
15
|
-
:login => 'user_name',
|
16
|
-
:name => 'U. Surname',
|
17
|
-
:to_xml => "<%= class_name %>-in-XML", :to_json => "<%= class_name %>-in-JSON",
|
18
|
-
:errors => [])
|
19
|
-
<%= file_name %>
|
20
|
-
end
|
21
|
-
<% end -%>
|
22
|
-
end
|
@@ -7,17 +7,17 @@
|
|
7
7
|
# DB_password = hash(user_password, DB_user_salt, Code_site_key)
|
8
8
|
# That means an attacker needs access to both your site's code *and* its
|
9
9
|
# database to mount an "offline dictionary attack.":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html
|
10
|
-
#
|
10
|
+
#
|
11
11
|
# It's probably of minor importance, but recommended by best practices: 'defense
|
12
12
|
# in depth'. Needless to say, if you upload this to github or the youtubes or
|
13
13
|
# otherwise place it in public view you'll kinda defeat the point. Your users'
|
14
14
|
# passwords are still secure, and the world won't end, but defense_in_depth -= 1.
|
15
|
-
#
|
15
|
+
#
|
16
16
|
# Please note: if you change this, all the passwords will be invalidated, so DO
|
17
17
|
# keep it someplace secure. Use the random value given or type in the lyrics to
|
18
18
|
# your favorite Jay-Z song or something; any moderately long, unpredictable text.
|
19
19
|
REST_AUTH_SITE_KEY = '<%= $rest_auth_site_key_from_generator %>'
|
20
|
-
|
20
|
+
|
21
21
|
# Repeated applications of the hash make brute force (even with a compromised
|
22
22
|
# database and site key) harder, and scale with Moore's law.
|
23
23
|
#
|
@@ -26,13 +26,14 @@ REST_AUTH_SITE_KEY = '<%= $rest_auth_site_key_from_generator %>'
|
|
26
26
|
# so simple and obvious that they should be used in every password system.
|
27
27
|
# There is really no excuse not to use them." http://tinyurl.com/37lb73
|
28
28
|
# Practical Security (Ferguson & Scheier) p350
|
29
|
-
#
|
29
|
+
#
|
30
30
|
# A modest 10 foldings (the default here) adds 3ms. This makes brute forcing 10
|
31
31
|
# times harder, while reducing an app that otherwise serves 100 reqs/s to 78 signin
|
32
32
|
# reqs/s, an app that does 10reqs/s to 9.7 reqs/s
|
33
|
-
#
|
33
|
+
#
|
34
34
|
# More:
|
35
35
|
# * http://www.owasp.org/index.php/Hashing_Java
|
36
36
|
# * "An Illustrated Guide to Cryptographic Hashes":http://www.unixwiz.net/techtips/iguide-crypto-hashes.html
|
37
37
|
|
38
|
-
REST_AUTH_DIGEST_STRETCHES = <%= $rest_auth_digest_stretches_from_generator %>
|
38
|
+
REST_AUTH_DIGEST_STRETCHES = '<%= $rest_auth_digest_stretches_from_generator %>'
|
39
|
+
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: branston
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- dave.hrycyszyn@headlondon.com
|
@@ -11,7 +11,7 @@ autorequire:
|
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
13
|
|
14
|
-
date: 2010-01-
|
14
|
+
date: 2010-01-07 00:00:00 +00:00
|
15
15
|
default_executable: branston
|
16
16
|
dependencies:
|
17
17
|
- !ruby/object:Gem::Dependency
|