cassette 1.2.2 → 1.2.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5f220b179c6c6aa45caf8ca5ca44b19a3b7c79c1
-  data.tar.gz: 9ba4aa5c128114dbad97a5a8cedbd62e090febdc
+  metadata.gz: 7cb4c150e5462c22f1c9b50efc460f97b467fb46
+  data.tar.gz: 62125a47efc5907be567ddb8f5110e115f5b3822
 SHA512:
-  metadata.gz: 4a51bad32caf03b1f8ff450cce81cf988d6eb7738d2501cdcc9062add733045d6202291f9822f2d92c76ecf2857bffb35a68d3fc0a07f79ef56a8f163b916dde
-  data.tar.gz: 9121f695f6903e110bb6aab5939ed3391ff42ae74f6037b7ed457903ca2544a024f0544bf7b2ec35f6c7f9fd39e8484d2cf8d774553b06d992e86f8c4b74efcf
+  metadata.gz: f5180968617bf8f175eedc6df3ebad946a29d53f8fc0f4bafad42485d4bb6df55f78d2ee7531c9e1518ceaa2acedec9cc1755b2587cc83dbb018c42efc472455
+  data.tar.gz: 48730cd09644516e5ea5f17e17f22cc8814213f7664021ef9b482961974bad2102022e8b81cab0b430fb9c5276d8f84bbeb047647cec55526cf331df374ff3fb

data/lib/cassette/authentication/filter.rb

@@ -7,13 +7,21 @@ module Cassette
     module Filter
       def self.included(controller)
         controller.extend(ClassMethods)
-        controller.before_action(:validate_authentication_ticket)
+        if controller.respond_to?(:before_action)
+          controller.before_action(:validate_authentication_ticket)
+        else
+          controller.before_filter(:validate_authentication_ticket)
+        end
         controller.send(:attr_accessor, :current_user)
       end
 
       module ClassMethods
         def skip_authentication(*options)
-          skip_before_action :validate_authentication_ticket, *options
+          if respond_to?(:skip_before_action)
+            skip_before_action :validate_authentication_ticket, *options
+          else
+            skip_before_filter :validate_authentication_ticket, *options
+          end
         end
       end
 

data/lib/cassette/rubycas/helper.rb

@@ -8,14 +8,23 @@ module Cassette
       extend ActiveSupport::Concern
       include UserFactory
 
-      included do
-        before_action :validate_authentication_ticket
-        helper_method :current_user
+      included do |base|
+        if base.respond_to?(:before_action)
+          before_action :validate_authentication_ticket
+        else
+          before_filter :validate_authentication_ticket
+        end
+
+        base.helper_method :current_user
       end
 
       module ClassMethods
         def skip_authentication(*options)
-          skip_before_action :validate_authentication_ticket, *options
+          if respond_to?(:skip_before_action)
+            skip_before_action :validate_authentication_ticket, *options
+          else
+            skip_before_filter :validate_authentication_ticket, *options
+          end
         end
       end
 

data/lib/cassette/version.rb

@@ -2,7 +2,7 @@ module Cassette
   class Version
     MAJOR = '1'
     MINOR = '2'
-    PATCH = '2'
+    PATCH = '3'
 
     def self.version
       [MAJOR, MINOR, PATCH].join('.')

data/spec/cassette/authentication/filter_spec.rb

@@ -1,7 +1,5 @@
 # encoding: utf-8
 
-
-
 describe Cassette::Authentication::Filter do
   before do
     allow(Cassette::Authentication).to receive(:validate_ticket)
@@ -17,225 +15,239 @@ describe Cassette::Authentication::Filter do
     end
   end
 
-  describe '#validate_raw_role!' do
-    let(:controller) { ControllerMock(described_class).new }
-    let(:current_user) { instance_double(Cassette::Authentication::User) }
-
-    before do
-      allow(controller).to receive(:current_user).and_return(current_user)
-    end
-
-    it_behaves_like 'with NOAUTH' do
-      it 'never checks the role' do
-        expect(current_user).not_to receive(:has_raw_role?)
-        controller.validate_raw_role!(:something)
-      end
+  shared_examples_for 'controller behaviour' do
+    describe '#validate_raw_role!' do
+      let(:controller) { controller_factory.(described_class).new }
+      let(:current_user) { instance_double(Cassette::Authentication::User) }
 
-      it 'does not raise error' do
-        expect { controller.validate_raw_role!(:something) }.not_to raise_error
+      before do
+        allow(controller).to receive(:current_user).and_return(current_user)
       end
-    end
-
-    it 'forwards to current_user' do
-      role = instance_double(String)
-
-      expect(current_user).to receive(:has_raw_role?).with(role).and_return(true)
-      controller.validate_raw_role!(role)
-    end
-
-    it 'raises a Cassette::Errors::Forbidden when current_user does not have the role' do
-      role = instance_double(String)
 
-      expect(current_user).to receive(:has_raw_role?).with(role).and_return(false)
-      expect { controller.validate_raw_role!(role) }.to raise_error(Cassette::Errors::Forbidden)
-    end
-  end
+      it_behaves_like 'with NOAUTH' do
+        it 'never checks the role' do
+          expect(current_user).not_to receive(:has_raw_role?)
+          controller.validate_raw_role!(:something)
+        end
 
-  describe '#validate_role!' do
-    let(:controller) { ControllerMock(described_class).new }
-    let(:current_user) { instance_double(Cassette::Authentication::User) }
+        it 'does not raise error' do
+          expect { controller.validate_raw_role!(:something) }.not_to raise_error
+        end
+      end
 
-    before do
-      allow(controller).to receive(:current_user).and_return(current_user)
-    end
+      it 'forwards to current_user' do
+        role = instance_double(String)
 
-    it_behaves_like 'with NOAUTH' do
-      it 'never checks the role' do
-        expect(current_user).not_to receive(:has_role?)
-        controller.validate_role!(:something)
+        expect(current_user).to receive(:has_raw_role?).with(role).and_return(true)
+        controller.validate_raw_role!(role)
       end
 
-      it 'does not raise error' do
-        expect { controller.validate_role!(:something) }.not_to raise_error
+      it 'raises a Cassette::Errors::Forbidden when current_user does not have the role' do
+        role = instance_double(String)
+
+        expect(current_user).to receive(:has_raw_role?).with(role).and_return(false)
+        expect { controller.validate_raw_role!(role) }.to raise_error(Cassette::Errors::Forbidden)
       end
     end
 
-    it 'forwards to current_user' do
-      role = instance_double(String)
-
-      expect(current_user).to receive(:has_role?).with(role).and_return(true)
-      controller.validate_role!(role)
-    end
+    describe '#validate_role!' do
+      let(:controller) { controller_factory.(described_class).new }
+      let(:current_user) { instance_double(Cassette::Authentication::User) }
 
-    it 'raises a Cassette::Errors::Forbidden when current_user does not have the role' do
-      role = instance_double(String)
+      before do
+        allow(controller).to receive(:current_user).and_return(current_user)
+      end
 
-      expect(current_user).to receive(:has_role?).with(role).and_return(false)
-      expect { controller.validate_role!(role) }.to raise_error(Cassette::Errors::Forbidden)
-    end
-  end
+      it_behaves_like 'with NOAUTH' do
+        it 'never checks the role' do
+          expect(current_user).not_to receive(:has_role?)
+          controller.validate_role!(:something)
+        end
 
-  describe '#validate_authentication_ticket' do
-    shared_examples_for 'controller without authentication' do
-      it 'does not validate tickets' do
-        controller.validate_authentication_ticket
-        expect(Cassette::Authentication).not_to have_received(:validate_ticket)
+        it 'does not raise error' do
+          expect { controller.validate_role!(:something) }.not_to raise_error
+        end
       end
 
-      it 'sets current_user' do
-        controller.validate_authentication_ticket
-        expect(controller.current_user).to be_present
+      it 'forwards to current_user' do
+        role = instance_double(String)
+
+        expect(current_user).to receive(:has_role?).with(role).and_return(true)
+        controller.validate_role!(role)
       end
-    end
 
-    it_behaves_like 'with NOAUTH' do
-      context 'and no ticket' do
-        let(:controller) { ControllerMock(described_class).new }
+      it 'raises a Cassette::Errors::Forbidden when current_user does not have the role' do
+        role = instance_double(String)
 
-        it_behaves_like 'controller without authentication'
+        expect(current_user).to receive(:has_role?).with(role).and_return(false)
+        expect { controller.validate_role!(role) }.to raise_error(Cassette::Errors::Forbidden)
       end
+    end
 
-      context 'and a ticket header' do
-        let(:controller) do
-          ControllerMock(described_class).new({}, 'Service-Ticket' => 'le ticket')
+    describe '#validate_authentication_ticket' do
+      shared_examples_for 'controller without authentication' do
+        it 'does not validate tickets' do
+          controller.validate_authentication_ticket
+          expect(Cassette::Authentication).not_to have_received(:validate_ticket)
         end
 
-        it_behaves_like 'controller without authentication'
+        it 'sets current_user' do
+          controller.validate_authentication_ticket
+          expect(controller.current_user).to be_present
+        end
       end
 
-      context 'and a ticket param' do
-        let(:controller) do
-          ControllerMock(described_class).new(ticket: 'le ticket')
-        end
+      it_behaves_like 'with NOAUTH' do
+        context 'and no ticket' do
+          let(:controller) { controller_factory.(described_class).new }
 
-        it_behaves_like 'controller without authentication'
-      end
-    end
+          it_behaves_like 'controller without authentication'
+        end
 
-    context 'when accepts_authentication_service? returns false' do
-      let(:controller) do
-        ControllerMock(described_class).new(ticket: 'le ticket')
-      end
+        context 'and a ticket header' do
+          let(:controller) do
+            controller_factory.(described_class).new({}, 'Service-Ticket' => 'le ticket')
+          end
 
-      before do
-        expect(controller).to receive(:accepts_authentication_service?)
-          .with(Cassette.config.service) { false }
-      end
+          it_behaves_like 'controller without authentication'
+        end
 
-      it 'raises a Cassette::Errors::Forbidden' do
-        expect { controller.validate_authentication_ticket }
-          .to raise_error(Cassette::Errors::Forbidden)
-      end
-    end
+        context 'and a ticket param' do
+          let(:controller) do
+            controller_factory.(described_class).new(ticket: 'le ticket')
+          end
 
-    context 'when accepts_authentication_service? returns true' do
-      before do
-        expect(controller).to receive(:accepts_authentication_service?).with(anything) { true }
+          it_behaves_like 'controller without authentication'
+        end
       end
 
-      context 'with a ticket in the query string *AND* headers' do
+      context 'when accepts_authentication_service? returns false' do
         let(:controller) do
-          ControllerMock(described_class).new({ 'ticket' => 'le other ticket' },
-                                              'Service-Ticket' => 'le ticket')
+          controller_factory.(described_class).new(ticket: 'le ticket')
         end
 
-        it 'should send only the header ticket to validation' do
-          controller.validate_authentication_ticket
-          expect(Cassette::Authentication).to have_received(:validate_ticket).with('le ticket', Cassette.config.service)
+        before do
+          expect(controller).to receive(:accepts_authentication_service?)
+            .with(Cassette.config.service) { false }
         end
-      end
 
-      context 'with a ticket in the query string' do
-        let(:controller) do
-          ControllerMock(described_class).new('ticket' => 'le ticket')
+        it 'raises a Cassette::Errors::Forbidden' do
+          expect { controller.validate_authentication_ticket }
+            .to raise_error(Cassette::Errors::Forbidden)
         end
+      end
 
-        it 'should send the ticket to validation' do
-          controller.validate_authentication_ticket
-          expect(Cassette::Authentication).to have_received(:validate_ticket).with('le ticket', Cassette.config.service)
+      context 'when accepts_authentication_service? returns true' do
+        before do
+          expect(controller).to receive(:accepts_authentication_service?).with(anything) { true }
         end
-      end
 
-      context 'when #authentication_service is overriden' do
-        let(:controller) do
-          mod = Module.new do
-            def authentication_service
-              "subdomain.#{Cassette.config.service}"
-            end
+        context 'with a ticket in the query string *AND* headers' do
+          let(:controller) do
+            controller_factory.(described_class).new({ 'ticket' => 'le other ticket' },
+                                                'Service-Ticket' => 'le ticket')
           end
 
-          ControllerMock(described_class, mod).new({}, 'Service-Ticket' => 'le ticket')
+          it 'should send only the header ticket to validation' do
+            controller.validate_authentication_ticket
+            expect(Cassette::Authentication).to have_received(:validate_ticket).with('le ticket', Cassette.config.service)
+          end
         end
 
-        it 'validates with the overriden value and not the config' do
-          controller.validate_authentication_ticket
+        context 'with a ticket in the query string' do
+          let(:controller) do
+            controller_factory.(described_class).new('ticket' => 'le ticket')
+          end
 
-          expect(Cassette::Authentication).to have_received(:validate_ticket)
-            .with('le ticket', "subdomain.#{Cassette.config.service}")
+          it 'should send the ticket to validation' do
+            controller.validate_authentication_ticket
+            expect(Cassette::Authentication).to have_received(:validate_ticket).with('le ticket', Cassette.config.service)
+          end
         end
-      end
 
-      context 'with a ticket in the Service-Ticket header' do
-        let(:controller) do
-          ControllerMock(described_class).new({}, 'Service-Ticket' => 'le ticket')
+        context 'when #authentication_service is overriden' do
+          let(:controller) do
+            mod = Module.new do
+              def authentication_service
+                "subdomain.#{Cassette.config.service}"
+              end
+            end
+
+            controller_factory.(described_class, mod).new({}, 'Service-Ticket' => 'le ticket')
+          end
+
+          it 'validates with the overriden value and not the config' do
+            controller.validate_authentication_ticket
+
+            expect(Cassette::Authentication).to have_received(:validate_ticket)
+              .with('le ticket', "subdomain.#{Cassette.config.service}")
+          end
         end
 
-        it 'sends the ticket to validation' do
-          controller.validate_authentication_ticket
+        context 'with a ticket in the Service-Ticket header' do
+          let(:controller) do
+            controller_factory.(described_class).new({}, 'Service-Ticket' => 'le ticket')
+          end
+
+          it 'sends the ticket to validation' do
+            controller.validate_authentication_ticket
 
-          expect(Cassette::Authentication).to have_received(:validate_ticket)
-            .with('le ticket', Cassette.config.service)
+            expect(Cassette::Authentication).to have_received(:validate_ticket)
+              .with('le ticket', Cassette.config.service)
+          end
         end
       end
     end
-  end
 
-  describe '#accepts_authentication_service?' do
-    let(:controller) do
-      ControllerMock(described_class).new(ticket: 'le ticket')
-    end
+    describe '#accepts_authentication_service?' do
+      let(:controller) do
+        controller_factory.(described_class).new(ticket: 'le ticket')
+      end
 
-    before do
-      allow(Cassette).to receive(:config) { config }
-    end
+      before do
+        allow(Cassette).to receive(:config) { config }
+      end
 
-    subject { controller.accepts_authentication_service?(service) }
+      subject { controller.accepts_authentication_service?(service) }
 
-    context 'when config responds to #services' do
-      let(:subdomain) { "subdomain.acme.org" }
-      let(:not_related) { "acme.org" }
+      context 'when config responds to #services' do
+        let(:subdomain) { "subdomain.acme.org" }
+        let(:not_related) { "acme.org" }
 
-      let(:config) do
-        OpenStruct.new(YAML.load_file('spec/config.yml').merge(services: [subdomain]))
-      end
+        let(:config) do
+          OpenStruct.new(YAML.load_file('spec/config.yml').merge(services: [subdomain]))
+        end
 
-      context 'and the authentication service is included in the configuration' do
-        let(:service) { subdomain }
+        context 'and the authentication service is included in the configuration' do
+          let(:service) { subdomain }
 
-        it { is_expected.to eq true }
-      end
+          it { is_expected.to eq true }
+        end
 
-      context 'and the authentication service is Cassette.config.service' do
-        let(:service) { Cassette.config.service }
+        context 'and the authentication service is Cassette.config.service' do
+          let(:service) { Cassette.config.service }
 
-        it { is_expected.to eq true }
-      end
+          it { is_expected.to eq true }
+        end
 
-      context 'and the authentication service is not included in the configuration' do
-        let(:service) { not_related }
+        context 'and the authentication service is not included in the configuration' do
+          let(:service) { not_related }
 
-        it { is_expected.to eq false }
+          it { is_expected.to eq false }
+        end
       end
     end
   end
+
+  context 'a Rails 4+ controller' do
+    let(:controller_factory) { method(:ControllerMock) }
+
+    it_behaves_like 'controller behaviour'
+  end
+
+  context 'a Rails 3 controller' do
+    let(:controller_factory) { method(:LegacyControllerMock) }
+
+    it_behaves_like 'controller behaviour'
+  end
 end

data/spec/support/controllers/controller_mock.rb

@@ -8,6 +8,12 @@ def ControllerMock(*mods)
   end
 end
 
+def LegacyControllerMock(*mods)
+  mods.inject(Class.new(LegacyControllerMock)) do |c, mod|
+    c.send(:include, mod)
+  end
+end
+
 class ControllerMock
   attr_accessor :params, :request, :current_user
   def self.before_action(*); end
@@ -17,3 +23,13 @@ class ControllerMock
     self.request = OpenStruct.new(headers: headers.with_indifferent_access)
   end
 end
+
+class LegacyControllerMock
+  attr_accessor :params, :request, :current_user
+  def self.before_filter(*); end
+
+  def initialize(params = {}, headers = {})
+    self.params = params.with_indifferent_access
+    self.request = OpenStruct.new(headers: headers.with_indifferent_access)
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cassette
 version: !ruby/object:Gem::Version
-  version: 1.2.2
+  version: 1.2.3
 platform: ruby
 authors:
 - Ricardo Hermida Ruiz
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-01-16 00:00:00.000000000 Z
+date: 2018-10-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday