casino_core 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. data/VERSION +1 -1
  2. data/casino_core.gemspec +2 -2
  3. data/lib/casino_core/model/ticket_granting_ticket.rb +8 -0
  4. data/lib/casino_core/processor/logout.rb +7 -13
  5. data/lib/casino_core/processor/session_destroyer.rb +15 -4
  6. data/spec/processor/logout_spec.rb +7 -6
  7. data/spec/processor/session_destroyer_spec.rb +36 -11
  8. metadata +3 -3
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.3
1
+ 0.0.4
data/casino_core.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = "casino_core"
8
- s.version = "0.0.3"
8
+ s.version = "0.0.4"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Nils Caspar"]
12
- s.date = "2012-12-17"
12
+ s.date = "2012-12-19"
13
13
  s.description = "A CAS server core library."
14
14
  s.email = "ncaspar@me.com"
15
15
  s.extra_rdoc_files = [
data/lib/casino_core/model/ticket_granting_ticket.rb CHANGED
@@ -11,4 +11,12 @@ class CASinoCore::Model::TicketGrantingTicket < ActiveRecord::Base
11
11
  user_agent = UserAgent.parse(self.user_agent)
12
12
  "#{user_agent.browser} (#{user_agent.platform})"
13
13
  end
14
+
15
+ def same_user?(other_ticket)
16
+ if other_ticket.nil?
17
+ false
18
+ else
19
+ other_ticket.username == self.username
20
+ end
21
+ end
14
22
  end
data/lib/casino_core/processor/logout.rb CHANGED
@@ -3,21 +3,15 @@ require 'casino_core/helper'
3
3
  require 'casino_core/model'
4
4
 
5
5
  class CASinoCore::Processor::Logout < CASinoCore::Processor
6
- include CASinoCore::Helper
6
+ include CASinoCore::Helper::TicketGrantingTickets
7
7
 
8
- def process(params = nil, cookies = nil)
9
- params = params || {}
8
+ def process(params = nil, cookies = nil, user_agent = nil)
9
+ params ||= {}
10
10
  cookies ||= {}
11
- session_destroyer = CASinoCore::Processor::SessionDestroyer.new(DummyListener.new)
12
- session_destroyer.process(cookies[:tgt])
13
- @listener.user_logged_out(params[:url])
14
- end
15
-
16
- class DummyListener
17
- def ticket_deleted(*args)
18
- end
19
-
20
- def ticket_not_found(*args)
11
+ ticket_granting_ticket = find_valid_ticket_granting_ticket(cookies[:tgt], user_agent)
12
+ unless ticket_granting_ticket.nil?
13
+ ticket_granting_ticket.destroy
21
14
  end
15
+ @listener.user_logged_out(params[:url])
22
16
  end
23
17
  end
data/lib/casino_core/processor/session_destroyer.rb CHANGED
@@ -2,12 +2,23 @@ require 'casino_core/processor'
2
2
  require 'casino_core/helper'
3
3
  require 'casino_core/model'
4
4
 
5
+ # The SessionDestroyer processor is used to destroy a ticket-granting ticket.
6
+ #
7
+ # This feature is not described in the CAS specification so it's completly optional
8
+ # to implement this on the web application side. It is especially useful in
9
+ # combination with the {CASinoCore::Processor::SessionOverview} processor.
5
10
  class CASinoCore::Processor::SessionDestroyer < CASinoCore::Processor
6
- include CASinoCore::Helper
7
11
 
8
- def process(tgt)
9
- ticket = CASinoCore::Model::TicketGrantingTicket.where(ticket: tgt).first
10
- if ticket.nil?
12
+ # This method will call `#ticket_not_found` or `#ticket_deleted` on the listener.
13
+ # @param [Hash] params parameters supplied by user (ID of ticket-granting ticket to delete should by in params[:id])
14
+ # @param [Hash] cookies cookies supplied by user
15
+ # @param [String] user_agent user-agent delivered by the client
16
+ def process(params = nil, cookies = nil, user_agent = nil)
17
+ params ||= {}
18
+ cookies ||= {}
19
+ ticket = CASinoCore::Model::TicketGrantingTicket.where(id: params[:id]).first
20
+ owner_ticket = CASinoCore::Model::TicketGrantingTicket.where(ticket: cookies[:tgt]).first
21
+ if ticket.nil? || !ticket.same_user?(owner_ticket)
11
22
  @listener.ticket_not_found
12
23
  else
13
24
  ticket.destroy
data/spec/processor/logout_spec.rb CHANGED
@@ -7,6 +7,7 @@ describe CASinoCore::Processor::Logout do
7
7
  let(:cookies) { { tgt: tgt } }
8
8
  let(:url) { nil }
9
9
  let(:params) { { :url => url } unless url.nil? }
10
+ let(:user_agent) { 'TestBrowser 1.0' }
10
11
 
11
12
  before(:each) do
12
13
  listener.stub(:user_logged_out)
@@ -18,19 +19,19 @@ describe CASinoCore::Processor::Logout do
18
19
  ticket: 'TGC-HXdkW233TsRtiqYGq4b8U7',
19
20
  username: 'test',
20
21
  extra_attributes: nil,
21
- user_agent: 'TestBrowser 1.0'
22
+ user_agent: user_agent
22
23
  })
23
24
  }
24
25
  let(:tgt) { ticket_granting_ticket.ticket }
25
26
 
26
- it 'calls the #process method of SessionDestroyer' do
27
- CASinoCore::Processor::SessionDestroyer.any_instance.should_receive(:process).with(tgt)
28
- processor.process(params, cookies)
27
+ it 'deletes the ticket-granting ticket' do
28
+ processor.process(params, cookies, user_agent)
29
+ CASinoCore::Model::TicketGrantingTicket.where(id: ticket_granting_ticket.id).first.should == nil
29
30
  end
30
31
 
31
32
  it 'calls the #user_logged_out method on the listener' do
32
33
  listener.should_receive(:user_logged_out).with(nil)
33
- processor.process(params, cookies)
34
+ processor.process(params, cookies, user_agent)
34
35
  end
35
36
 
36
37
  context 'with an URL' do
@@ -38,7 +39,7 @@ describe CASinoCore::Processor::Logout do
38
39
 
39
40
  it 'calls the #user_logged_out method on the listener and passes the URL' do
40
41
  listener.should_receive(:user_logged_out).with(url)
41
- processor.process(params, cookies)
42
+ processor.process(params, cookies, user_agent)
42
43
  end
43
44
  end
44
45
  end
data/spec/processor/session_destroyer_spec.rb CHANGED
@@ -5,7 +5,7 @@ describe CASinoCore::Processor::SessionDestroyer do
5
5
  let(:listener) { Object.new }
6
6
  let(:processor) { described_class.new(listener) }
7
7
  let(:user_agent) { 'TestBrowser 1.0' }
8
- let(:other_ticket_granting_ticket) {
8
+ let(:owner_ticket_granting_ticket) {
9
9
  CASinoCore::Model::TicketGrantingTicket.create!({
10
10
  ticket: 'TGC-ocCudGzZjJtrvOXJ485mt3',
11
11
  username: 'test',
@@ -13,6 +13,7 @@ describe CASinoCore::Processor::SessionDestroyer do
13
13
  user_agent: user_agent
14
14
  })
15
15
  }
16
+ let(:cookies) { { tgt: owner_ticket_granting_ticket.ticket } }
16
17
 
17
18
  before(:each) do
18
19
  listener.stub(:ticket_deleted)
@@ -28,40 +29,64 @@ describe CASinoCore::Processor::SessionDestroyer do
28
29
  user_agent: user_agent
29
30
  })
30
31
  }
31
- let(:tgt) { ticket_granting_ticket.ticket }
32
+ let(:params) { { id: ticket_granting_ticket.id } }
32
33
 
33
34
  it 'deletes only one ticket-granting ticket' do
34
35
  ticket_granting_ticket
35
- other_ticket_granting_ticket
36
+ owner_ticket_granting_ticket
36
37
  lambda do
37
- processor.process(tgt)
38
+ processor.process(params, cookies, user_agent)
38
39
  end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(-1)
39
40
  end
40
41
 
41
42
  it 'deletes the ticket-granting ticket' do
42
- processor.process(tgt)
43
- CASinoCore::Model::TicketGrantingTicket.where(ticket: tgt).length.should == 0
43
+ processor.process(params, cookies, user_agent)
44
+ CASinoCore::Model::TicketGrantingTicket.where(id: params[:id]).length.should == 0
44
45
  end
45
46
 
46
47
  it 'calls the #ticket_deleted method on the listener' do
47
48
  listener.should_receive(:ticket_deleted).with(no_args)
48
- processor.process(tgt)
49
+ processor.process(params, cookies, user_agent)
49
50
  end
50
51
  end
51
52
 
52
53
  context 'with an invlaid ticket-granting ticket' do
53
- let(:tgt) { 'TGT-lalala' }
54
+ let(:params) { { id: 99999 } }
55
+ it 'does not delete a ticket-granting ticket' do
56
+ owner_ticket_granting_ticket
57
+ lambda do
58
+ processor.process(params, cookies, user_agent)
59
+ end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(0)
60
+ end
61
+
62
+ it 'calls the #ticket_not_found method on the listener' do
63
+ listener.should_receive(:ticket_not_found).with(no_args)
64
+ processor.process(params, cookies, user_agent)
65
+ end
66
+ end
67
+
68
+ context 'when trying to delete ticket-granting ticket of another user' do
69
+ let(:ticket_granting_ticket) {
70
+ CASinoCore::Model::TicketGrantingTicket.create!({
71
+ ticket: 'TGC-HXdkW233TsRtiqYGq4b8U7',
72
+ username: 'this_is_another_user',
73
+ extra_attributes: nil,
74
+ user_agent: user_agent
75
+ })
76
+ }
77
+ let(:params) { { id: ticket_granting_ticket.id } }
54
78
 
55
79
  it 'does not delete a ticket-granting ticket' do
56
- other_ticket_granting_ticket
80
+ owner_ticket_granting_ticket
81
+ ticket_granting_ticket
57
82
  lambda do
58
- processor.process(tgt)
83
+ processor.process(params, cookies, user_agent)
59
84
  end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(0)
60
85
  end
61
86
 
62
87
  it 'calls the #ticket_not_found method on the listener' do
63
88
  listener.should_receive(:ticket_not_found).with(no_args)
64
- processor.process(tgt)
89
+ processor.process(params, cookies, user_agent)
65
90
  end
66
91
  end
67
92
  end
metadata CHANGED
@@ -2,7 +2,7 @@
2
2
  name: casino_core
3
3
  version: !ruby/object:Gem::Version
4
4
  prerelease:
5
- version: 0.0.3
5
+ version: 0.0.4
6
6
  platform: ruby
7
7
  authors:
8
8
  - Nils Caspar
@@ -10,7 +10,7 @@ autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
12
 
13
- date: 2012-12-17 00:00:00 Z
13
+ date: 2012-12-19 00:00:00 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: activerecord
@@ -219,7 +219,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
219
219
  requirements:
220
220
  - - ">="
221
221
  - !ruby/object:Gem::Version
222
- hash: 4231038589682610511
222
+ hash: 3879793628887711018
223
223
  segments:
224
224
  - 0
225
225
  version: "0"