casino_core 0.0.3 → 0.0.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. data/VERSION +1 -1
  2. data/casino_core.gemspec +2 -2
  3. data/lib/casino_core/model/ticket_granting_ticket.rb +8 -0
  4. data/lib/casino_core/processor/logout.rb +7 -13
  5. data/lib/casino_core/processor/session_destroyer.rb +15 -4
  6. data/spec/processor/logout_spec.rb +7 -6
  7. data/spec/processor/session_destroyer_spec.rb +36 -11
  8. metadata +3 -3
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.3
1
+ 0.0.4
data/casino_core.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = "casino_core"
8
- s.version = "0.0.3"
8
+ s.version = "0.0.4"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Nils Caspar"]
12
- s.date = "2012-12-17"
12
+ s.date = "2012-12-19"
13
13
  s.description = "A CAS server core library."
14
14
  s.email = "ncaspar@me.com"
15
15
  s.extra_rdoc_files = [
data/lib/casino_core/model/ticket_granting_ticket.rb CHANGED
@@ -11,4 +11,12 @@ class CASinoCore::Model::TicketGrantingTicket < ActiveRecord::Base
11
11
  user_agent = UserAgent.parse(self.user_agent)
12
12
  "#{user_agent.browser} (#{user_agent.platform})"
13
13
  end
14
+
15
+ def same_user?(other_ticket)
16
+ if other_ticket.nil?
17
+ false
18
+ else
19
+ other_ticket.username == self.username
20
+ end
21
+ end
14
22
  end
data/lib/casino_core/processor/logout.rb CHANGED
@@ -3,21 +3,15 @@ require 'casino_core/helper'
3
3
  require 'casino_core/model'
4
4
 
5
5
  class CASinoCore::Processor::Logout < CASinoCore::Processor
6
- include CASinoCore::Helper
6
+ include CASinoCore::Helper::TicketGrantingTickets
7
7
 
8
- def process(params = nil, cookies = nil)
9
- params = params || {}
8
+ def process(params = nil, cookies = nil, user_agent = nil)
9
+ params ||= {}
10
10
  cookies ||= {}
11
- session_destroyer = CASinoCore::Processor::SessionDestroyer.new(DummyListener.new)
12
- session_destroyer.process(cookies[:tgt])
13
- @listener.user_logged_out(params[:url])
14
- end
15
-
16
- class DummyListener
17
- def ticket_deleted(*args)
18
- end
19
-
20
- def ticket_not_found(*args)
11
+ ticket_granting_ticket = find_valid_ticket_granting_ticket(cookies[:tgt], user_agent)
12
+ unless ticket_granting_ticket.nil?
13
+ ticket_granting_ticket.destroy
21
14
  end
15
+ @listener.user_logged_out(params[:url])
22
16
  end
23
17
  end
data/lib/casino_core/processor/session_destroyer.rb CHANGED
@@ -2,12 +2,23 @@ require 'casino_core/processor'
2
2
  require 'casino_core/helper'
3
3
  require 'casino_core/model'
4
4
 
5
+ # The SessionDestroyer processor is used to destroy a ticket-granting ticket.
6
+ #
7
+ # This feature is not described in the CAS specification so it's completly optional
8
+ # to implement this on the web application side. It is especially useful in
9
+ # combination with the {CASinoCore::Processor::SessionOverview} processor.
5
10
  class CASinoCore::Processor::SessionDestroyer < CASinoCore::Processor
6
- include CASinoCore::Helper
7
11
 
8
- def process(tgt)
9
- ticket = CASinoCore::Model::TicketGrantingTicket.where(ticket: tgt).first
10
- if ticket.nil?
12
+ # This method will call `#ticket_not_found` or `#ticket_deleted` on the listener.
13
+ # @param [Hash] params parameters supplied by user (ID of ticket-granting ticket to delete should by in params[:id])
14
+ # @param [Hash] cookies cookies supplied by user
15
+ # @param [String] user_agent user-agent delivered by the client
16
+ def process(params = nil, cookies = nil, user_agent = nil)
17
+ params ||= {}
18
+ cookies ||= {}
19
+ ticket = CASinoCore::Model::TicketGrantingTicket.where(id: params[:id]).first
20
+ owner_ticket = CASinoCore::Model::TicketGrantingTicket.where(ticket: cookies[:tgt]).first
21
+ if ticket.nil? || !ticket.same_user?(owner_ticket)
11
22
  @listener.ticket_not_found
12
23
  else
13
24
  ticket.destroy
data/spec/processor/logout_spec.rb CHANGED
@@ -7,6 +7,7 @@ describe CASinoCore::Processor::Logout do
7
7
  let(:cookies) { { tgt: tgt } }
8
8
  let(:url) { nil }
9
9
  let(:params) { { :url => url } unless url.nil? }
10
+ let(:user_agent) { 'TestBrowser 1.0' }
10
11
 
11
12
  before(:each) do
12
13
  listener.stub(:user_logged_out)
@@ -18,19 +19,19 @@ describe CASinoCore::Processor::Logout do
18
19
  ticket: 'TGC-HXdkW233TsRtiqYGq4b8U7',
19
20
  username: 'test',
20
21
  extra_attributes: nil,
21
- user_agent: 'TestBrowser 1.0'
22
+ user_agent: user_agent
22
23
  })
23
24
  }
24
25
  let(:tgt) { ticket_granting_ticket.ticket }
25
26
 
26
- it 'calls the #process method of SessionDestroyer' do
27
- CASinoCore::Processor::SessionDestroyer.any_instance.should_receive(:process).with(tgt)
28
- processor.process(params, cookies)
27
+ it 'deletes the ticket-granting ticket' do
28
+ processor.process(params, cookies, user_agent)
29
+ CASinoCore::Model::TicketGrantingTicket.where(id: ticket_granting_ticket.id).first.should == nil
29
30
  end
30
31
 
31
32
  it 'calls the #user_logged_out method on the listener' do
32
33
  listener.should_receive(:user_logged_out).with(nil)
33
- processor.process(params, cookies)
34
+ processor.process(params, cookies, user_agent)
34
35
  end
35
36
 
36
37
  context 'with an URL' do
@@ -38,7 +39,7 @@ describe CASinoCore::Processor::Logout do
38
39
 
39
40
  it 'calls the #user_logged_out method on the listener and passes the URL' do
40
41
  listener.should_receive(:user_logged_out).with(url)
41
- processor.process(params, cookies)
42
+ processor.process(params, cookies, user_agent)
42
43
  end
43
44
  end
44
45
  end
data/spec/processor/session_destroyer_spec.rb CHANGED
@@ -5,7 +5,7 @@ describe CASinoCore::Processor::SessionDestroyer do
5
5
  let(:listener) { Object.new }
6
6
  let(:processor) { described_class.new(listener) }
7
7
  let(:user_agent) { 'TestBrowser 1.0' }
8
- let(:other_ticket_granting_ticket) {
8
+ let(:owner_ticket_granting_ticket) {
9
9
  CASinoCore::Model::TicketGrantingTicket.create!({
10
10
  ticket: 'TGC-ocCudGzZjJtrvOXJ485mt3',
11
11
  username: 'test',
@@ -13,6 +13,7 @@ describe CASinoCore::Processor::SessionDestroyer do
13
13
  user_agent: user_agent
14
14
  })
15
15
  }
16
+ let(:cookies) { { tgt: owner_ticket_granting_ticket.ticket } }
16
17
 
17
18
  before(:each) do
18
19
  listener.stub(:ticket_deleted)
@@ -28,40 +29,64 @@ describe CASinoCore::Processor::SessionDestroyer do
28
29
  user_agent: user_agent
29
30
  })
30
31
  }
31
- let(:tgt) { ticket_granting_ticket.ticket }
32
+ let(:params) { { id: ticket_granting_ticket.id } }
32
33
 
33
34
  it 'deletes only one ticket-granting ticket' do
34
35
  ticket_granting_ticket
35
- other_ticket_granting_ticket
36
+ owner_ticket_granting_ticket
36
37
  lambda do
37
- processor.process(tgt)
38
+ processor.process(params, cookies, user_agent)
38
39
  end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(-1)
39
40
  end
40
41
 
41
42
  it 'deletes the ticket-granting ticket' do
42
- processor.process(tgt)
43
- CASinoCore::Model::TicketGrantingTicket.where(ticket: tgt).length.should == 0
43
+ processor.process(params, cookies, user_agent)
44
+ CASinoCore::Model::TicketGrantingTicket.where(id: params[:id]).length.should == 0
44
45
  end
45
46
 
46
47
  it 'calls the #ticket_deleted method on the listener' do
47
48
  listener.should_receive(:ticket_deleted).with(no_args)
48
- processor.process(tgt)
49
+ processor.process(params, cookies, user_agent)
49
50
  end
50
51
  end
51
52
 
52
53
  context 'with an invlaid ticket-granting ticket' do
53
- let(:tgt) { 'TGT-lalala' }
54
+ let(:params) { { id: 99999 } }
55
+ it 'does not delete a ticket-granting ticket' do
56
+ owner_ticket_granting_ticket
57
+ lambda do
58
+ processor.process(params, cookies, user_agent)
59
+ end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(0)
60
+ end
61
+
62
+ it 'calls the #ticket_not_found method on the listener' do
63
+ listener.should_receive(:ticket_not_found).with(no_args)
64
+ processor.process(params, cookies, user_agent)
65
+ end
66
+ end
67
+
68
+ context 'when trying to delete ticket-granting ticket of another user' do
69
+ let(:ticket_granting_ticket) {
70
+ CASinoCore::Model::TicketGrantingTicket.create!({
71
+ ticket: 'TGC-HXdkW233TsRtiqYGq4b8U7',
72
+ username: 'this_is_another_user',
73
+ extra_attributes: nil,
74
+ user_agent: user_agent
75
+ })
76
+ }
77
+ let(:params) { { id: ticket_granting_ticket.id } }
54
78
 
55
79
  it 'does not delete a ticket-granting ticket' do
56
- other_ticket_granting_ticket
80
+ owner_ticket_granting_ticket
81
+ ticket_granting_ticket
57
82
  lambda do
58
- processor.process(tgt)
83
+ processor.process(params, cookies, user_agent)
59
84
  end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(0)
60
85
  end
61
86
 
62
87
  it 'calls the #ticket_not_found method on the listener' do
63
88
  listener.should_receive(:ticket_not_found).with(no_args)
64
- processor.process(tgt)
89
+ processor.process(params, cookies, user_agent)
65
90
  end
66
91
  end
67
92
  end
metadata CHANGED
@@ -2,7 +2,7 @@
2
2
  name: casino_core
3
3
  version: !ruby/object:Gem::Version
4
4
  prerelease:
5
- version: 0.0.3
5
+ version: 0.0.4
6
6
  platform: ruby
7
7
  authors:
8
8
  - Nils Caspar
@@ -10,7 +10,7 @@ autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
12
 
13
- date: 2012-12-17 00:00:00 Z
13
+ date: 2012-12-19 00:00:00 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: activerecord
@@ -219,7 +219,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
219
219
  requirements:
220
220
  - - ">="
221
221
  - !ruby/object:Gem::Version
222
- hash: 4231038589682610511
222
+ hash: 3879793628887711018
223
223
  segments:
224
224
  - 0
225
225
  version: "0"