casino 3.0.0.pre.1 → 3.0.0.pre.2

data/app/controllers/casino/application_controller.rb

@@ -7,6 +7,10 @@ class CASino::ApplicationController < ::ApplicationController
   layout 'application'
   before_filter :set_locale
 
+  unless Rails.env.development?
+    rescue_from ActionView::MissingTemplate, with: :missing_template
+  end
+
   def cookies
     super
   end
@@ -31,4 +35,8 @@ class CASino::ApplicationController < ::ApplicationController
   def http_accept_language
     HttpAcceptLanguage::Parser.new request.env['HTTP_ACCEPT_LANGUAGE']
   end
+
+  def missing_template(exception)
+    render plain: 'Format not supported', status: :not_acceptable
+  end
 end

data/app/processors/casino/login_credential_requestor_processor.rb

@@ -19,7 +19,12 @@ class CASino::LoginCredentialRequestorProcessor < CASino::Processor
     @params = params || {}
     @cookies = cookies || {}
     @user_agent = user_agent || {}
-    if check_service_allowed
+    begin
+      @service_url = clean_service_url(@params[:service]) unless @params[:service].nil?
+    rescue Addressable::URI::InvalidURIError => e
+      Rails.logger.warn "Service #{@params[:service]} not valid: #{e}"
+    end
+    if service_allowed?
       handle_allowed_service
     end
   end
@@ -34,8 +39,8 @@ class CASino::LoginCredentialRequestorProcessor < CASino::Processor
   end
 
   def handle_logged_in
-    service_url_with_ticket = unless @params[:service].nil?
-      acquire_service_ticket(@ticket_granting_ticket, @params[:service], true).service_with_ticket_url
+    service_url_with_ticket = unless @service_url.nil?
+      acquire_service_ticket(@ticket_granting_ticket, @service_url, true).service_with_ticket_url
     end
     @listener.user_logged_in(service_url_with_ticket)
   end
@@ -43,24 +48,23 @@ class CASino::LoginCredentialRequestorProcessor < CASino::Processor
   def handle_not_logged_in
     if gateway_request?
       # we actually lie to the listener to simplify things
-      @listener.user_logged_in(@params[:service])
+      @listener.user_logged_in(@service_url)
     else
       login_ticket = acquire_login_ticket
       @listener.user_not_logged_in(login_ticket)
     end
   end
 
-  def check_service_allowed
-    service_url = clean_service_url(@params[:service]) unless @params[:service].nil?
-    if service_url.nil? || CASino::ServiceRule.allowed?(service_url)
+  def service_allowed?
+    if @service_url.nil? || CASino::ServiceRule.allowed?(@service_url)
       true
     else
-      @listener.service_not_allowed(service_url)
+      @listener.service_not_allowed(@service_url)
       false
     end
   end
 
   def gateway_request?
-    @params[:gateway] == 'true' && @params[:service]
+    @params[:gateway] == 'true' && @service_url
   end
 end

data/lib/casino/tasks/user.rake

@@ -0,0 +1,32 @@
+require 'terminal-table'
+
+namespace :casino do
+  namespace :user do
+    desc 'Search users by name.'
+    task :search, [:query] => :environment do |task, args|
+      users = CASino::User.where('username LIKE ?', "%#{args[:query]}%")
+      if users.any?
+        headers = ['User ID', 'Username', 'Authenticator', 'Two-factor authentication enabled?']
+        table = Terminal::Table.new :headings => headers do |t|
+          users.each do |user|
+            two_factor_enabled = user.active_two_factor_authenticator ? 'yes' : 'no'
+            t.add_row [user.id, user.username, user.authenticator, two_factor_enabled]
+          end
+        end
+        puts table
+      else
+        puts "No users found matching your query \"#{args[:query]}\"."
+      end
+    end
+
+    desc 'Deactivate two-factor authentication for a user.'
+    task :deactivate_two_factor_authentication, [:user_id] => :environment do |task, args|
+      if CASino::User.find(args[:user_id]).active_two_factor_authenticator
+        CASino::User.find(args[:user_id]).active_two_factor_authenticator.destroy
+        puts "Successfully deactivated two-factor authentication for user ##{args[:user_id]}."
+      else
+        puts "No two-factor authenticator found for user ##{args[:user_id]}."
+      end
+    end
+  end
+end

data/lib/casino/version.rb

@@ -1,3 +1,3 @@
 module CASino
-  VERSION = '3.0.0.pre.1'
+  VERSION = '3.0.0.pre.2'
 end

data/spec/controllers/sessions_controller_spec.rb

@@ -6,6 +6,13 @@ describe CASino::SessionsController do
       CASino::LoginCredentialRequestorProcessor.any_instance.should_receive(:process)
       get :new, use_route: :casino
     end
+
+    context 'with an unsupported format' do
+      it 'sets the status code to 406' do
+        get :new, use_route: :casino, format: :xml
+        response.status.should == 406
+      end
+    end
   end
 
   describe 'POST "create"' do

data/spec/model/service_rule_spec.rb

@@ -40,7 +40,7 @@ describe CASino::ServiceRule do
       it 'does not take too long to check a denied service' do
         start = Time.now
         described_class.allowed?(service_url).should == false
-        (Time.now - start).should < 0.1
+        (Time.now - start).should < 1.0
       end
     end
 

data/spec/processor/login_credential_requestor_spec.rb

@@ -109,6 +109,16 @@ describe CASino::LoginCredentialRequestorProcessor do
         end
       end
 
+      context 'with a broken service' do
+        let(:service) { '%3Atest' }
+        let(:params) { { service: service } }
+
+        it 'calls the #user_logged_in method on the listener' do
+          listener.should_receive(:user_logged_in).with(nil)
+          processor.process(params, cookies, user_agent)
+        end
+      end
+
       context 'without a service' do
         it 'calls the #user_logged_in method on the listener' do
           listener.should_receive(:user_logged_in).with(nil)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: casino
 version: !ruby/object:Gem::Version
-  version: 3.0.0.pre.1
+  version: 3.0.0.pre.2
   prerelease: 6
 platform: ruby
 authors:
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-04-17 00:00:00.000000000 Z
+date: 2014-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capybara
@@ -299,7 +299,7 @@ files:
 - app/assets/javascripts/casino/sessions.js
 - app/assets/stylesheets/casino.scss
 - app/assets/stylesheets/casino/icons.scss
-- app/assets/stylesheets/casino/normalize.css
+- app/assets/stylesheets/casino/normalize.scss
 - app/authenticators/casino/static_authenticator.rb
 - app/builders/casino/ticket_validation_response_builder.rb
 - app/controllers/casino/api/v1/tickets_controller.rb
@@ -397,6 +397,7 @@ files:
 - lib/casino/tasks.rb
 - lib/casino/tasks/cleanup.rake
 - lib/casino/tasks/service_rule.rake
+- lib/casino/tasks/user.rake
 - lib/casino/version.rb
 - lib/generators/casino/install/USAGE
 - lib/generators/casino/install/install_generator.rb