RubyGems - challah - Versions diffs - 0.4.0 → 0.4.1 - Mend

challah 0.4.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

data/CHANGELOG.md +5 -1
data/lib/challah/authable/user.rb +13 -10
data/lib/challah/version.rb +1 -1
data/test/user_test.rb +11 -1
metadata +10 -10

data/CHANGELOG.md CHANGED Viewed

@@ -1,4 +1,8 @@
-## Challah 0.4.0 (Unreleased)
+## Challah 0.4.1
+* Added User#protect_attributes to allow for the addition of app-specific protected attributes in User
+## Challah 0.4.0
 * Enabled api key access. Passing ?key=xxxx into any URL will authenticate a user for a single page load. This option is turned off by default in new apps and can be enabled using `Challah.options[:api_key_enabled]`.
 * Updated tests for API key access

data/lib/challah/authable/user.rb CHANGED Viewed

@@ -6,9 +6,9 @@ module Challah
         extend ClassMethods
       end
-      const_set(:PROTECTED_ATTRIBUTES, %w(api_key created_by crypted_password failed_login_count id last_login_at login_count permissions permissions_attributes permission_users permission_users_attributes persistence_token role_id updated_by))
       class_eval do
+        cattr_accessor :protected_attributes
         validates_presence_of :first_name, :last_name, :email, :role_id, :username
         validates_uniqueness_of :email, :username
         validate :validate_new_password
@@ -23,8 +23,9 @@ module Challah
         scope :inactive, where(:active => false).order('users.first_name, users.last_name')
         scope :with_role, lambda { |role| where([ "users.role_id = ?", role ]) }
         scope :search, lambda { |q| where([ 'users.first_name like ? OR users.last_name like ? OR users.email like ? OR users.username LIKE ?', "%#{q}%", "%#{q}%", "%#{q}%", "%#{q}%" ]) }
         after_save :save_permission_keys
+        protect_attributes :api_key, :created_by, :crypted_password, :failed_login_count, :id, :last_login_at, :login_count, :permissions, :permissions_attributes, :permission_users, :permission_users_attributes, :persistence_token, :role_id, :updated_by
       end
     end
@@ -46,6 +47,11 @@ module Challah
         result
       end
+      def protect_attributes(*args)
+        self.protected_attributes ||= []
+        self.protected_attributes << args.collect(&:to_s)
+      end
     end
     # Instance methods to be included once authable_user is set up.
@@ -168,11 +174,8 @@ module Challah
       #
       # All attributes on the user model can be updated, except for the ones listed below.
       def update_account_attributes(attributes_to_update = {})
-        protected_attributes = self.class.const_get(:PROTECTED_ATTRIBUTES)
-        attributes_to_update
-        attributes_to_update.keys.each { |key| attributes_to_update.delete(key) if protected_attributes.include?(key.to_s) }
+        protected_attributes = self.class.protected_attributes.clone.flatten
+        attributes_to_update.keys.each { |key| attributes_to_update.delete(key) if protected_attributes.include?(key.to_s) }
         self.update_attributes(attributes_to_update)
       end
@@ -185,7 +188,7 @@ module Challah
       #
       # Override this method if you need to check for a particular configuration on each page request.
       def valid_session?
-        true
+        self.active?
       end
       # Allow dynamic checking for permissions
@@ -213,7 +216,7 @@ module Challah
           self.persistence_token = ::Challah::Random.token(125) if self.persistence_token.to_s.blank?
           self.api_key = ::Challah::Random.token(50) if self.api_key.to_s.blank?
         end
         # Saves any updated permission keys to the database for this user.
         # Any permission keys that are specifically given to this user and are also in the
         # user's role will be removed. So, the only permission keys added here will be those

data/lib/challah/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Challah
-  VERSION = "0.4.0" unless defined?(::Challah::VERSION)
+  VERSION = "0.4.1" unless defined?(::Challah::VERSION)
 end

data/test/user_test.rb CHANGED Viewed

@@ -34,6 +34,14 @@ class UserTest < ActiveSupport::TestCase
       assert_equal nil, User.find_for_session(' ')
       assert_equal nil, User.find_for_session('not-existing')
     end
+    should "have protected attributes" do
+      assert Array === User.protected_attributes
+      assert_difference 'User.protected_attributes.size', 1 do
+        User.protect_attributes :blah
+      end
+    end
   end
   context "A user instance" do
@@ -66,10 +74,12 @@ class UserTest < ActiveSupport::TestCase
       user.active = true
       assert_equal true, user.active
       assert_equal true, user.active?
+      assert_equal true, user.valid_session?
       user.active = false
       assert_equal false, user.active
       assert_equal false, user.active?
+      assert_equal false, user.valid_session?
     end
     should "not allow updating of certain protected attributes" do
@@ -214,6 +224,6 @@ class UserTest < ActiveSupport::TestCase
       assert_difference 'user.failed_auth_count', 1 do
         user.failed_authentication!
       end
-    end
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: challah
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.4.1
   prerelease:
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-02-08 00:00:00.000000000Z
+date: 2012-02-09 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: highline
-  requirement: &70244762031040 !ruby/object:Gem::Requirement
+  requirement: &70149861857320 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70244762031040
+  version_requirements: *70149861857320
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &70244762124220 !ruby/object:Gem::Requirement
+  requirement: &70149861950500 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: '3.1'
   type: :runtime
   prerelease: false
-  version_requirements: *70244762124220
+  version_requirements: *70149861950500
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70244762123720 !ruby/object:Gem::Requirement
+  requirement: &70149861950000 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,10 +43,10 @@ dependencies:
         version: 0.9.2
   type: :runtime
   prerelease: false
-  version_requirements: *70244762123720
+  version_requirements: *70149861950000
 - !ruby/object:Gem::Dependency
   name: bcrypt-ruby
-  requirement: &70244762123260 !ruby/object:Gem::Requirement
+  requirement: &70149861949540 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,7 +54,7 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70244762123260
+  version_requirements: *70149861949540
 description: A simple ruby gem for authentication, users, roles and permissions.
 email:
 - john@johntornow.com