clearance 0.11.1 → 0.11.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of clearance might be problematic. Click here for more details.
- data/.gitignore +4 -2
- data/Appraisals +11 -0
- data/CHANGELOG.md +7 -0
- data/Gemfile +12 -10
- data/Gemfile.lock +101 -83
- data/README.md +23 -2
- data/Rakefile +9 -4
- data/VERSION +1 -1
- data/app/mailers/clearance_mailer.rb +5 -5
- data/app/views/clearance_mailer/change_password.html.erb +1 -3
- data/clearance.gemspec +1 -1
- data/features/engine/visitor_resets_password.feature +7 -4
- data/features/engine/visitor_signs_in.feature +10 -12
- data/features/engine/visitor_signs_out.feature +2 -4
- data/features/integration.feature +13 -14
- data/features/step_definitions/configuration_steps.rb +6 -1
- data/features/step_definitions/engine/clearance_steps.rb +8 -17
- data/features/step_definitions/web_steps.rb +82 -90
- data/features/support/appraisal.rb +18 -0
- data/features/support/aruba.rb +3 -0
- data/features/support/clearance.rb +16 -0
- data/features/support/env.rb +40 -29
- data/features/support/selectors.rb +39 -0
- data/gemfiles/3.0.9.gemfile +18 -0
- data/gemfiles/3.0.9.gemfile.lock +176 -0
- data/gemfiles/3.1.0.rc4.gemfile +22 -0
- data/gemfiles/3.1.0.rc4.gemfile.lock +212 -0
- data/lib/clearance.rb +0 -1
- data/lib/clearance/test_matchers.rb +60 -0
- data/lib/clearance/user.rb +16 -4
- data/lib/generators/clearance/install/templates/README +6 -6
- data/spec/controllers/passwords_controller_spec.rb +4 -4
- data/spec/factories.rb +5 -5
- data/spec/spec_helper.rb +3 -47
- data/spec/support/clearance.rb +12 -0
- metadata +19 -8
- data/.bundle/config +0 -2
- data/lib/clearance/shoulda_macros.rb +0 -73
- data/spec/support/authorization.rb +0 -18
- data/spec/support/clearance_redirects.rb +0 -21
data/lib/clearance.rb
CHANGED
@@ -0,0 +1,60 @@
|
|
1
|
+
module Clearance
|
2
|
+
module Test
|
3
|
+
module Matchers
|
4
|
+
def deny_access(opts = {})
|
5
|
+
if opts[:flash]
|
6
|
+
should set_the_flash.to(opts[:flash])
|
7
|
+
else
|
8
|
+
should_not set_the_flash
|
9
|
+
end
|
10
|
+
|
11
|
+
redirect_to(sign_in_url)
|
12
|
+
end
|
13
|
+
|
14
|
+
def redirect_to_url_after_create
|
15
|
+
redirect_to(@controller.send(:url_after_create))
|
16
|
+
end
|
17
|
+
|
18
|
+
def redirect_to_url_after_update
|
19
|
+
redirect_to(@controller.send(:url_after_update))
|
20
|
+
end
|
21
|
+
|
22
|
+
def redirect_to_url_after_destroy
|
23
|
+
redirect_to(@controller.send(:url_after_destroy))
|
24
|
+
end
|
25
|
+
|
26
|
+
def redirect_to_url_already_confirmed
|
27
|
+
redirect_to(@controller.send(:url_already_confirmed))
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
module Helpers
|
32
|
+
def sign_in_as(user)
|
33
|
+
@controller.current_user = user
|
34
|
+
return user
|
35
|
+
end
|
36
|
+
|
37
|
+
def sign_in
|
38
|
+
sign_in_as Factory(:user)
|
39
|
+
end
|
40
|
+
|
41
|
+
def sign_out
|
42
|
+
@controller.current_user = nil
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
if defined?(Test::Unit::TestCase)
|
49
|
+
Test::Unit::TestCase.extend Clearance::Test::Matchers
|
50
|
+
class Test::Unit::TestCase
|
51
|
+
include Clearance::Test::Helpers
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
if defined?(RSpec) && RSpec.respond_to?(:configure)
|
56
|
+
RSpec.configure do |config|
|
57
|
+
config.include Clearance::Test::Matchers
|
58
|
+
config.include Clearance::Test::Helpers
|
59
|
+
end
|
60
|
+
end
|
data/lib/clearance/user.rb
CHANGED
@@ -120,7 +120,19 @@ module Clearance
|
|
120
120
|
protected
|
121
121
|
|
122
122
|
def generate_hash(string)
|
123
|
-
|
123
|
+
if RUBY_VERSION >= '1.9'
|
124
|
+
Digest::SHA1.hexdigest(string).encode('UTF-8')
|
125
|
+
else
|
126
|
+
Digest::SHA1.hexdigest(string)
|
127
|
+
end
|
128
|
+
end
|
129
|
+
|
130
|
+
def generate_random_code(length = 20)
|
131
|
+
if RUBY_VERSION >= '1.9'
|
132
|
+
SecureRandom.hex(length).encode('UTF-8')
|
133
|
+
else
|
134
|
+
SecureRandom.hex(length)
|
135
|
+
end
|
124
136
|
end
|
125
137
|
|
126
138
|
def encrypt(string)
|
@@ -129,7 +141,7 @@ module Clearance
|
|
129
141
|
|
130
142
|
def initialize_salt
|
131
143
|
if salt.blank?
|
132
|
-
self.salt =
|
144
|
+
self.salt = generate_random_code
|
133
145
|
end
|
134
146
|
end
|
135
147
|
|
@@ -140,11 +152,11 @@ module Clearance
|
|
140
152
|
end
|
141
153
|
|
142
154
|
def generate_remember_token
|
143
|
-
self.remember_token =
|
155
|
+
self.remember_token = generate_random_code
|
144
156
|
end
|
145
157
|
|
146
158
|
def generate_confirmation_token
|
147
|
-
self.confirmation_token =
|
159
|
+
self.confirmation_token = generate_random_code
|
148
160
|
end
|
149
161
|
|
150
162
|
# Always false. Override to allow other forms of authentication
|
@@ -10,14 +10,14 @@ Next steps:
|
|
10
10
|
|
11
11
|
In production it should be your app's domain name.
|
12
12
|
|
13
|
-
2.
|
14
|
-
|
15
|
-
rake db:migrate
|
16
|
-
|
17
|
-
3. Display flashes. For example, in your application layout:
|
13
|
+
2. Display flashes. For example, in your application layout:
|
18
14
|
|
19
15
|
<% flash.each do |key, value| -%>
|
20
|
-
<div class="flash <%= key %>"><%=
|
16
|
+
<div class="flash <%= key %>"><%= value %></div>
|
21
17
|
<% end -%>
|
22
18
|
|
19
|
+
3. Migrate:
|
20
|
+
|
21
|
+
rake db:migrate
|
22
|
+
|
23
23
|
*******************************************************************************
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Clearance::PasswordsController do
|
4
|
-
include Shoulda::ActionMailer
|
4
|
+
include Shoulda::Matchers::ActionMailer
|
5
5
|
|
6
6
|
it { should route(:get, '/users/1/password/edit').
|
7
7
|
to(:controller => 'clearance/passwords', :action => 'edit', :user_id => '1') }
|
@@ -87,7 +87,7 @@ describe Clearance::PasswordsController do
|
|
87
87
|
get :edit, :user_id => @user.to_param, :token => ""
|
88
88
|
end
|
89
89
|
|
90
|
-
it { should set_the_flash.to(/double check the URL/i) }
|
90
|
+
it { should set_the_flash.to(/double check the URL/i).now }
|
91
91
|
it { should render_template(:new) }
|
92
92
|
end
|
93
93
|
|
@@ -96,7 +96,7 @@ describe Clearance::PasswordsController do
|
|
96
96
|
get :edit, :user_id => @user.to_param
|
97
97
|
end
|
98
98
|
|
99
|
-
it { should set_the_flash.to(/double check the URL/i) }
|
99
|
+
it { should set_the_flash.to(/double check the URL/i).now }
|
100
100
|
it { should render_template(:new) }
|
101
101
|
end
|
102
102
|
|
@@ -154,7 +154,7 @@ describe Clearance::PasswordsController do
|
|
154
154
|
cookies[:remember_token].should be_nil
|
155
155
|
end
|
156
156
|
|
157
|
-
it { should set_the_flash.to(/password can't be blank/i) }
|
157
|
+
it { should set_the_flash.to(/password can't be blank/i).now }
|
158
158
|
it { should respond_with(:success) }
|
159
159
|
it { should render_template(:edit) }
|
160
160
|
end
|
data/spec/factories.rb
CHANGED
@@ -2,11 +2,11 @@ Factory.sequence :email do |n|
|
|
2
2
|
"user#{n}@example.com"
|
3
3
|
end
|
4
4
|
|
5
|
-
Factory.define :user do |
|
6
|
-
|
7
|
-
|
5
|
+
Factory.define :user do |factory|
|
6
|
+
factory.email { Factory.next :email }
|
7
|
+
factory.password { "password" }
|
8
8
|
end
|
9
9
|
|
10
|
-
Factory.define :email_confirmed_user, :parent => :user do |
|
11
|
-
|
10
|
+
Factory.define :email_confirmed_user, :parent => :user do |factory|
|
11
|
+
factory.after_build { warn "[DEPRECATION] The :email_confirmed_user factory is deprecated, please use the :user factory instead." }
|
12
12
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -4,62 +4,18 @@ PROJECT_ROOT = File.expand_path("../..", __FILE__)
|
|
4
4
|
$LOAD_PATH << File.join(PROJECT_ROOT, "lib")
|
5
5
|
|
6
6
|
require 'rails/all'
|
7
|
+
require 'rails/test_help'
|
8
|
+
|
7
9
|
Bundler.require
|
8
10
|
|
9
11
|
require 'diesel/testing'
|
10
|
-
require 'rails/test_help'
|
11
12
|
require 'rspec/rails'
|
12
13
|
|
13
|
-
require 'clearance'
|
14
|
-
require 'clearance/shoulda_macros'
|
15
|
-
|
16
|
-
Clearance.configure do |config|
|
17
|
-
end
|
18
|
-
|
19
|
-
class ApplicationController < ActionController::Base
|
20
|
-
include Clearance::Authentication
|
21
|
-
end
|
22
|
-
|
23
|
-
class User < ActiveRecord::Base
|
24
|
-
include Clearance::User
|
25
|
-
end
|
14
|
+
require 'clearance/test_matchers'
|
26
15
|
|
27
16
|
Dir[Rails.root.join("spec/support/**/*.rb")].each {|f| require f}
|
28
17
|
|
29
18
|
RSpec.configure do |config|
|
30
19
|
config.mock_with :mocha
|
31
20
|
config.use_transactional_fixtures = true
|
32
|
-
config.backtrace_clean_patterns << %r{gems/}
|
33
21
|
end
|
34
|
-
|
35
|
-
# class ActiveSupport::TestCase
|
36
|
-
# def self.should_set_cookie(name, value, should_expire_at)
|
37
|
-
# description = "set a '#{name}' cookie to '#{value}'"
|
38
|
-
# if should_expire_at
|
39
|
-
# description << " expiring at #{should_expire_at}"
|
40
|
-
# else
|
41
|
-
# description << " with no expiration date (session cookie)"
|
42
|
-
# end
|
43
|
-
# should description do
|
44
|
-
# assert_equal value, cookies[name]
|
45
|
-
# # the following statement may be redundant with the preceding one, but can't hurt
|
46
|
-
# assert_equal value, @response.cookies[name]
|
47
|
-
# # cookies and @response[cookies] don't give us the expire time, so we need to fish it out 'manually'
|
48
|
-
# set_cookie_headers = @response.headers['Set-Cookie']
|
49
|
-
# assert_not_nil set_cookie_headers, "@response.headers['Set-Cookie'] must not be nil"
|
50
|
-
# set_cookie_headers = [set_cookie_headers] if set_cookie_headers.respond_to?(:to_str)
|
51
|
-
# regex = /^#{name}=#{value}(;|$)/
|
52
|
-
# assert_contains set_cookie_headers, regex
|
53
|
-
# cookie = set_cookie_headers.find {|h| h =~ regex}
|
54
|
-
# regex = /; expires=(.*?)(;|$)/
|
55
|
-
# if should_expire_at
|
56
|
-
# assert_contains cookie, regex, "cookie does not contain an 'expires=' attribute"
|
57
|
-
# cookie =~ regex
|
58
|
-
# expires_at = Time.parse($1)
|
59
|
-
# assert_in_delta should_expire_at, expires_at, 100 # number of seconds we don't expect the test suite to exceed
|
60
|
-
# else
|
61
|
-
# assert_does_not_contain cookie, regex, "cookie contains an 'expires=' attribute but it shouldn't"
|
62
|
-
# end
|
63
|
-
# end
|
64
|
-
# end
|
65
|
-
# end
|
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: clearance
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 0.11.
|
5
|
+
version: 0.11.2
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Dan Croak
|
@@ -19,7 +19,7 @@ autorequire:
|
|
19
19
|
bindir: bin
|
20
20
|
cert_chain: []
|
21
21
|
|
22
|
-
date: 2011-
|
22
|
+
date: 2011-06-29 00:00:00 Z
|
23
23
|
dependencies:
|
24
24
|
- !ruby/object:Gem::Dependency
|
25
25
|
name: rails
|
@@ -27,9 +27,9 @@ dependencies:
|
|
27
27
|
requirement: &id001 !ruby/object:Gem::Requirement
|
28
28
|
none: false
|
29
29
|
requirements:
|
30
|
-
- -
|
30
|
+
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.0
|
32
|
+
version: "3.0"
|
33
33
|
type: :runtime
|
34
34
|
version_requirements: *id001
|
35
35
|
- !ruby/object:Gem::Dependency
|
@@ -64,9 +64,9 @@ extra_rdoc_files:
|
|
64
64
|
- LICENSE
|
65
65
|
- README.md
|
66
66
|
files:
|
67
|
-
- .bundle/config
|
68
67
|
- .gitignore
|
69
68
|
- .rspec
|
69
|
+
- Appraisals
|
70
70
|
- CHANGELOG.md
|
71
71
|
- Gemfile
|
72
72
|
- Gemfile.lock
|
@@ -98,14 +98,22 @@ files:
|
|
98
98
|
- features/step_definitions/configuration_steps.rb
|
99
99
|
- features/step_definitions/engine/clearance_steps.rb
|
100
100
|
- features/step_definitions/web_steps.rb
|
101
|
+
- features/support/appraisal.rb
|
102
|
+
- features/support/aruba.rb
|
103
|
+
- features/support/clearance.rb
|
101
104
|
- features/support/env.rb
|
102
105
|
- features/support/paths.rb
|
106
|
+
- features/support/selectors.rb
|
107
|
+
- gemfiles/3.0.9.gemfile
|
108
|
+
- gemfiles/3.0.9.gemfile.lock
|
109
|
+
- gemfiles/3.1.0.rc4.gemfile
|
110
|
+
- gemfiles/3.1.0.rc4.gemfile.lock
|
103
111
|
- init.rb
|
104
112
|
- lib/clearance.rb
|
105
113
|
- lib/clearance/authentication.rb
|
106
114
|
- lib/clearance/configuration.rb
|
107
115
|
- lib/clearance/engine.rb
|
108
|
-
- lib/clearance/
|
116
|
+
- lib/clearance/test_matchers.rb
|
109
117
|
- lib/clearance/user.rb
|
110
118
|
- lib/generators/clearance/features/features_generator.rb
|
111
119
|
- lib/generators/clearance/install/install_generator.rb
|
@@ -122,8 +130,7 @@ files:
|
|
122
130
|
- spec/mailers/clearance_mailer_spec.rb
|
123
131
|
- spec/models/user_spec.rb
|
124
132
|
- spec/spec_helper.rb
|
125
|
-
- spec/support/
|
126
|
-
- spec/support/clearance_redirects.rb
|
133
|
+
- spec/support/clearance.rb
|
127
134
|
- spec/support/cookies.rb
|
128
135
|
homepage: http://github.com/thoughtbot/clearance
|
129
136
|
licenses: []
|
@@ -161,5 +168,9 @@ test_files:
|
|
161
168
|
- features/step_definitions/configuration_steps.rb
|
162
169
|
- features/step_definitions/engine/clearance_steps.rb
|
163
170
|
- features/step_definitions/web_steps.rb
|
171
|
+
- features/support/appraisal.rb
|
172
|
+
- features/support/aruba.rb
|
173
|
+
- features/support/clearance.rb
|
164
174
|
- features/support/env.rb
|
165
175
|
- features/support/paths.rb
|
176
|
+
- features/support/selectors.rb
|
data/.bundle/config
DELETED
@@ -1,73 +0,0 @@
|
|
1
|
-
module Clearance
|
2
|
-
module Shoulda
|
3
|
-
# STATE OF AUTHENTICATION
|
4
|
-
|
5
|
-
def should_deny_access(opts = {})
|
6
|
-
if opts[:flash]
|
7
|
-
should set_the_flash.to(opts[:flash])
|
8
|
-
else
|
9
|
-
should_not set_the_flash
|
10
|
-
end
|
11
|
-
|
12
|
-
should redirect_to('sign in page') { sign_in_url }
|
13
|
-
end
|
14
|
-
|
15
|
-
# HTTP FLUENCY
|
16
|
-
|
17
|
-
def should_forbid(description, &block)
|
18
|
-
warn "[DEPRECATION] should_forbid and Clearance's ActionController::Forbidden have been removed. Setting the 403 status code turned out to be an awful user experience in some browsers such as Chrome on Windows machines."
|
19
|
-
end
|
20
|
-
|
21
|
-
# RENDERING
|
22
|
-
|
23
|
-
def should_render_nothing
|
24
|
-
should "render nothing" do
|
25
|
-
assert @response.body.blank?
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
# REDIRECTS
|
30
|
-
|
31
|
-
def should_redirect_to_url_after_create
|
32
|
-
should redirect_to("the post-create url") { @controller.send(:url_after_create) }
|
33
|
-
end
|
34
|
-
|
35
|
-
def should_redirect_to_url_after_update
|
36
|
-
should redirect_to("the post-update url") { @controller.send(:url_after_update) }
|
37
|
-
end
|
38
|
-
|
39
|
-
def should_redirect_to_url_after_destroy
|
40
|
-
should redirect_to("the post-destroy url") { @controller.send(:url_after_destroy) }
|
41
|
-
end
|
42
|
-
|
43
|
-
def should_redirect_to_url_already_confirmed
|
44
|
-
should redirect_to("the already confirmed url") { @controller.send(:url_already_confirmed) }
|
45
|
-
end
|
46
|
-
end
|
47
|
-
end
|
48
|
-
|
49
|
-
module Clearance
|
50
|
-
module Shoulda
|
51
|
-
module Helpers
|
52
|
-
def sign_in_as(user)
|
53
|
-
@controller.current_user = user
|
54
|
-
return user
|
55
|
-
end
|
56
|
-
|
57
|
-
def sign_in
|
58
|
-
sign_in_as Factory(:email_confirmed_user)
|
59
|
-
end
|
60
|
-
|
61
|
-
def sign_out
|
62
|
-
@controller.current_user = nil
|
63
|
-
end
|
64
|
-
end
|
65
|
-
end
|
66
|
-
end
|
67
|
-
|
68
|
-
if defined?(Test::Unit::TestCase)
|
69
|
-
class Test::Unit::TestCase
|
70
|
-
include Clearance::Shoulda::Helpers
|
71
|
-
end
|
72
|
-
Test::Unit::TestCase.extend(Clearance::Shoulda)
|
73
|
-
end
|
@@ -1,18 +0,0 @@
|
|
1
|
-
module AuthorizationHelpers
|
2
|
-
def sign_in_as(user)
|
3
|
-
@controller.current_user = user
|
4
|
-
return user
|
5
|
-
end
|
6
|
-
|
7
|
-
def sign_in
|
8
|
-
sign_in_as Factory(:email_confirmed_user)
|
9
|
-
end
|
10
|
-
|
11
|
-
def sign_out
|
12
|
-
@controller.current_user = nil
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
|
-
RSpec.configure do |config|
|
17
|
-
config.include AuthorizationHelpers
|
18
|
-
end
|