clearance 1.0.0.rc6 → 1.0.0.rc7

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of clearance might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- ZWQxMTkxOTgyMzhhZWEzNzFmNTI3YTMzNDdiY2M1NGZiYmU1NDA3Yg==
4
+ YWM2NjBlMWQ3Yjk5ZDY2OGZjYTFhZGI1YjIzZTJjNzRkYTYyMTEwMw==
5
5
  data.tar.gz: !binary |-
6
- NDA1ZDM3MmQ3NGE2ZDc1NDcyNmQ1NGI4ZGU4OWM0YzEyZmViOTA5OQ==
6
+ ZmUxZWRjN2RkY2ZmNGMwNDgyNTM5ZmY4YzhiOWNjZTViNDYzMWMwNw==
7
7
  !binary "U0hBNTEy":
8
8
  metadata.gz: !binary |-
9
- ZDgxNmZlMDliYTNmMjM3MzIzNWYwMzM1YWUzMGQ2YzMzZDA1OWViYzIyNWI5
10
- OGI2MzU1MjVjNWM0ZjhhYTc0YTQ3MDBmZmZhZDE4MDZlZTI4ZjM1ZTlhZWRi
11
- ZmJhZjZiZDBkODZiZTNhZTU2ODNjNDFlYTg5ZWNlODMxZDhmMjU=
9
+ YzA5YTAzMjUxOGZjNGU5MTQ3ZTQ4NjI2ZjQ0N2M2YWFjNjg4MzIwODA4YmU2
10
+ MTlkZTk2NjNkODE2YjI0YzQ0M2JhNjRmOTM2YzJkMzY1MThlMzJkOTU0ODY5
11
+ Yjc5MzBhOTc2Y2FiMzA4MzdiZDU5ZmU2OTkwYWE5OGNkYjRjOTg=
12
12
  data.tar.gz: !binary |-
13
- YzRlNWQwZjQ4NDYzOGYyODU3MWFjZjQ2NmMyNGRhYzZhMGU3YzQ5M2UxOGZj
14
- MTFiZjM1ZDc2N2VkNDlkN2EwYTEzODdhMzZlYjg2NzVjYTc4M2ZmYTNmNGRh
15
- ZWUyMDQ1ZjE3NTY3OTdlOThmNjI0N2JkZTZmYmZiZTJjZDllMGU=
13
+ ZTdlZDUwN2FjYzg3ZmI4OGEzMGMwMjU1ZjY5NzY5ZDUwOTAyYjcwMjk5MGEz
14
+ OTZmNDZiZTMyNGMxMDNjNjlhNmUwNjkxZDI0YWM1YmU5MmZlMzI3NThjNGZi
15
+ Njc1Y2MxN2E0Nzc0MTg4MzQzYzQ1MzdiZjE0YWE4ZDRhZDJmMGU=
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- clearance (1.0.0.rc5)
4
+ clearance (1.0.0.rc7)
5
5
  bcrypt-ruby
6
6
  email_validator
7
7
  rails (>= 3.0)
@@ -158,7 +158,7 @@ GEM
158
158
  treetop (1.4.12)
159
159
  polyglot
160
160
  polyglot (>= 0.3.1)
161
- tzinfo (0.3.35)
161
+ tzinfo (0.3.37)
162
162
  xpath (0.1.4)
163
163
  nokogiri (~> 1.3)
164
164
 
data/NEWS.md CHANGED
@@ -1,3 +1,5 @@
1
+ Thank you to all the [contributors](https://github.com/thoughtbot/clearance/contributors)!
2
+
1
3
  New for 1.0.0:
2
4
 
3
5
  * Change default password strategy to BCrypt.
@@ -17,376 +19,390 @@ New for 1.0.0:
17
19
  * Remove Diesel dependency.
18
20
  * Remove deprecated methods on User: `remember_me!`, `generate_random_code`,
19
21
  `password_required?`.
20
- * Add locales support.
21
22
  * `PasswordsController` `params[:user]` has changed to `params[:password_reset]`
22
23
  to avoid locale conflicts.
23
24
  * Prepare for Rails 4.
24
25
  * Prepare for Ruby 2.
26
+ * Remove `unloadable` from controllers (Rails 4 bug fix in development
27
+ environment).
28
+ * Add `redirect_url` configuration option.
29
+ * Add `secure_cookie` configuration option.
25
30
 
26
- New for 0.16.2:
31
+ New for 0.16.2 (May 11, 2012):
27
32
 
28
- * Change default email sender to deploy@example.com .
33
+ * Change default email sender to `deploy@example.com`.
29
34
 
30
- New for 0.16.1:
35
+ New for 0.16.1 (April 16, 2012):
31
36
 
32
37
  * Behave correctly when Rails whitelist attributes mass assignment
33
- protection is turned on
34
- * Fix for Rails 3.2.x modifying the HTTP cookie headers in rack requests
38
+ protection is turned on.
39
+ * Fix for Rails 3.2.x modifying the HTTP cookie headers in rack requests.
35
40
 
36
- New for 0.16.0:
41
+ New for 0.16.0 (March 16, 2012):
37
42
 
38
- * Blowfish password encryption strategy (Chris Dillon)
43
+ * Blowfish password encryption strategy.
39
44
 
40
- New for 0.15.0:
45
+ New for 0.15.0 (February 3, 2012):
41
46
 
42
- * The User model can be swapped out using the Clearance.configure method.
43
- * Remove User::InstanceMethods to silence a Rails 3.2 deprecation warning.
47
+ * The `User` model can be swapped out using the `Clearance.configure` method.
48
+ * Remove `User::InstanceMethods` to silence a Rails 3.2 deprecation warning.
44
49
  * Bump development dependency of cucumber-rails to 1.1.1.
45
50
 
46
- New for 0.14.0:
51
+ New for 0.14.0 (January 13, 2012):
47
52
 
48
- * Support clearance session management from the Rack environment (Joe Ferris)
53
+ * Support clearance session management from the Rack environment.
49
54
 
50
- New for 0.13.2:
55
+ New for 0.13.2 (January 13, 2012):
51
56
 
52
- * Fixed the denies_access matcher (Chad Pytel, Joe Ferris)
57
+ * Fixed the `deny_access` matcher.
53
58
 
54
- New for 0.13.0:
59
+ New for 0.13.0 (October 11, 2011):
55
60
 
56
- * [#170] In Clearance's optional generated features, use pure Capybara instead of depending on Cucumber's removed web_steps, paths, and selectors. (Dan Croak)
57
- * [#167] Extract SHA-1-specific code out of `User` into `PasswordStrategies` module. (Vladimir Andrijevik)
58
- * [#164] Extract sign in form so that other methods can be added easily. (Subhash Chandra)
59
- * [#165] Test against Rails 3.1. (Dan Croak) Required upgrades to Diesel and Appraisal. (Dan Croak, Mike Burns, Chad Pytel)
60
- * [#160] Improved README documentation for overrides. (Dan Croak)
61
+ * In Clearance's optional generated features, use pure Capybara instead of
62
+ depending on Cucumber's removed `web_steps`, paths, and selectors.
63
+ * Extract SHA-1-specific code out of `User` into `PasswordStrategies` module.
64
+ * Extract sign in form so that other methods can be added easily.
65
+ * Test against Rails 3.1. Required upgrades to Diesel and Appraisal.
66
+ * Improved README documentation for overrides.
61
67
 
62
- New for 0.12.0:
68
+ New for 0.12.0 (June 30, 2011):
63
69
 
64
- * [#129] Denying access redirects to root_url when signed in, sign_in_url when signed out. (Dan Croak)
65
- * Using flash :notice key everywhere now instead of :success and :failure. More in line with Rails conventions. (Dan Croak)
66
- * [#149] redirect_back_or on sign up. (Dan Croak)
67
- * [#147] Resetting password no longer redirects to sign in page. It displays a message telling them to look for an email. (Dan Croak)
68
- * Removed redundant flash messages. ("Signed in.", "Signed out.", and "You are now signed up.") (Dan Croak)
70
+ * Denying access redirects to `root_url` when signed in, `sign_in_url` when signed
71
+ out.
72
+ * Using flash `:notice` key everywhere now instead of `:success` and `:failure`. More
73
+ in line with Rails conventions.
74
+ * `redirect_back_or` on sign up.
75
+ * Resetting password no longer redirects to sign in page. It displays a message
76
+ telling them to look for an email.
77
+ * Removed redundant flash messages. ("Signed in.", "Signed out.", and "You are
78
+ now signed up.")
69
79
 
70
- New for 0.11.2:
80
+ New for 0.11.2 (June 29, 2011):
71
81
 
72
- * Rails 3.1.rc compatible. (Prem Sichanugrist and Dan Croak)
73
- * Cucumber features no longer require password. (Dan Croak)
74
- * No more Clearance shoulda_macros. Instead providing RSpec- and Test::Unit-compliant test matchers (sign_in, sign_in_as, should deny_access, etc). (Dan Croak)
82
+ * Rails 3.1.rc compatible.
83
+ * Cucumber features no longer require password.
84
+ * No more Clearance `shoulda_macros`. Instead providing RSpec- and
85
+ Test::Unit-compliant test matchers (`should deny_access`, etc).
75
86
 
76
- New for 0.11.1:
87
+ New for 0.11.1 (April 30, 2011):
77
88
 
78
- * [#146] Redirect to home page after sign up. (Dan Croak)
79
- * [#145] Remove dependency on dynamic_form. Replaced with flashes due to limited number of failure cases. (Dan Croak)
80
- * Moving ClearanceMailer to app/mailers. Moving spec to spec/mailers. (Dan Croak)
81
- * [#148] Removing :case_sensitive option from validates_uniqueness_of. It was unnecessary and causes a small performance problem on some apps. (Dan Croak)
82
- * Only development dependency in gemspec should be bundler. All others are derived by bundling. (Dan Croak)
89
+ * Redirect to home page after sign up.
90
+ * Remove dependency on `dynamic_form`. Replaced with flashes due to limited number
91
+ of failure cases.
92
+ * Moving `ClearanceMailer` to `app/mailers`. Moving spec to `spec/mailers`.
93
+ * Removing `:case_sensitive` option from `validates_uniqueness_of`. It was
94
+ unnecessary and causes a small performance problem on some apps.
95
+ * Only development dependency in `gemspec` should be `bundler`. All others are
96
+ derived by bundling.
83
97
 
84
- New for 0.11.0:
98
+ New for 0.11.0 (April 24, 2011):
85
99
 
86
- * [#141] Removing password confirmation. (Dan Croak)
87
- * [#143] Use ActiveSupport::Concern and ActiveSupport::SecureRandom to clean up code. (Dan Croak)
88
- * New controller#authenticate(params) method. Redefine username & password or other styles of authentication. (Dan Croak)
89
- * before_filter :authenticate API replaced with more aptly-named before_filter :authorize. (Dan Croak)
100
+ * Removing password confirmation.
101
+ * Use `ActiveSupport::Concern` and `ActiveSupport::SecureRandom` to clean up code.
102
+ * New `controller#authenticate(params)` method. Redefine username & password or
103
+ other styles of authentication.
104
+ * `before_filter :authenticate` API replaced with more aptly-named `before_filter
105
+ :authorize`.
90
106
 
91
- New for 0.10.5:
107
+ New for 0.10.5 (April 19, 2011):
92
108
 
93
- * Closing CSRF hole for Rails >= 3.0.4 apps (Mack Earnhardt)
109
+ * Closing CSRF hole for Rails >= 3.0.4 apps.
94
110
 
95
- New for 0.10.4:
111
+ New for 0.10.4 (April 16, 2011):
96
112
 
97
- * Formtastic views generator removed. (Dan Croak)
98
- * Emails forced to be downcased (particularly for iPhone user case). (Adam Conrad)
99
- * Suite converted from test/unit to RSpec. (Joe Ferris)
100
- * [#135] Password reset requires a password. (Joel Meador)
101
- * [#138] Use HTML5 email fields. (Dan Croak)
113
+ * Formtastic views generator removed.
114
+ * Emails forced to be downcased (particularly for iPhone user case).
115
+ * Suite converted from test/unit to RSpec.
116
+ * Password reset requires a password.
117
+ * Use HTML5 email fields.
102
118
 
103
- New for 0.10.3.2:
119
+ New for 0.10.3.2 (March 6, 2011):
104
120
 
105
121
  * Fix gemspec to include all necessary files.
106
122
 
107
- New for 0.10.3.1:
123
+ New for 0.10.3.1 (February 20, 2011):
108
124
 
109
- * Ensure everything within features inside any engine directory is included in the gemspec
125
+ * Ensure everything within features inside any engine directory is included in
126
+ the `gemspec`.
110
127
 
111
- New for 0.10.3:
128
+ New for 0.10.3 (February 19, 2011):
112
129
 
113
- * Include features/engines in gemspec file list so generator works as expected
130
+ * Include features/engines in `gemspec` file list so generator works as
131
+ expected.
114
132
 
115
- New for 0.10.2:
133
+ New for 0.10.2 (February 18, 2011):
116
134
 
117
- * Replaced test/rails_root & general testing strategy with Diesel. (Joe Ferris)
135
+ * Replaced `test/rails_root` & general testing strategy with Diesel.
118
136
  * Conveniences in factories for password/confirmation.
119
- * New generator command: rails generate clearance:install.
120
- * Step definitions are now prefixed with visitor_ to use thoughtbot convention. (Dan Croak)
121
- * When Clearance installed in an app that already has users, allow old users to sign in by resetting their password.
122
-
123
- New for 0.10.1:
124
-
125
- * replaced ActionController::Forbidden with a user-friendly flash message. (Dan Croak)
126
- * improved language of Cucumber steps by allowing a little more flexibility. (Dan Croak)
137
+ * New generator command: `rails generate clearance:install`.
138
+ * Step definitions are now prefixed with `visitor_` to use thoughtbot
139
+ convention.
140
+ * When Clearance installed in an app that already has users, allow old users to
141
+ sign in by resetting their password.
127
142
 
128
- New for 0.10.0:
143
+ New for 0.10.1 (February 9, 2011):
129
144
 
130
- * Lots of README cleanup
131
- * Better email validation regex
132
- * Removed email confirmation step, was mostly a hassle and can always be added back in
133
- at the application level (instead of engine level) if necessary
134
- * Removed disable_with on forms since it does not allow IE users to submit forms. See more:
145
+ * Replaced `ActionController::Forbidden` with a user-friendly flash message.
146
+ * Improved language of Cucumber steps by allowing a little more flexibility.
135
147
 
136
- https://github.com/rails/jquery-ujs/issues#issue/30
137
- http://bugs.jquery.com/ticket/7061
148
+ New for 0.10.0 (June 29, 2010):
138
149
 
139
- New for 0.9.1:
150
+ * Better email validation regular expression.
151
+ * Removed email confirmation step, was mostly a hassle and can always be added
152
+ back in at the application level (instead of engine level) if necessary.
153
+ * Removed `disable_with` on forms since it does not allow IE users to submit
154
+ forms. [Read more](https://github.com/rails/jquery-ujs/issues#issue/30).
140
155
 
141
- Forgot to update the changelog in a while, this is going to be brief:
156
+ New for 0.9.1 (June 29, 2010):
142
157
 
143
158
  * This release supports Rails 3, capybara, and shoulda 2.10+.
144
159
 
145
- New for 0.8.9:
160
+ New for 0.9.0 (June 11, 2010):
146
161
 
147
- * Removed unnecessary db index. (Rich Thornett, doctorzaius)
148
- * [#79] Allow customization of cookie duration. (Ron Newman, Dan Croak)
149
- * [#77] rake generator:cleanup needed to be... cleaned up. (Ron Newman)
162
+ * Removed unnecessary db index.
163
+ * Allow customization of cookie duration.
164
+ * `rake generator:cleanup` needed to be... cleaned up.
150
165
 
151
- New for 0.8.8 (02/25/2010):
166
+ New for 0.8.8 (February 25, 2010):
152
167
 
153
- * Fixed sign_in and sign_out not setting current_user (Joe Ferris)
168
+ * Fixed `sign_in` and `sign_out` not setting `current_user`.
154
169
 
155
- New for 0.8.7 (02/21/2010):
170
+ New for 0.8.7 (February 21, 2010):
156
171
 
157
- * [#43] Fixed global sign out bug. (Ryan McGreary)
158
- * [#69] Allow Rails apps to before_filter :authenticate the entire app
159
- in ApplicationController and still have password recovery work without
160
- overriding any controllers. (Claudio Poli, Dan Croak)
161
- * [#72] #[21] Rails3 fix for ActionController/ActionDispatch change.
162
- (Joseph Holsten, Peter Haza, Dan Croak)
172
+ * Fixed global sign out bug.
173
+ * Allow Rails apps to `before_filter :authenticate` the entire app
174
+ in `ApplicationController` and still have password recovery work without
175
+ overriding any controllers.
176
+ * Rails 3 fix for `ActionController`/`ActionDispatch` change.
163
177
 
164
- New for 0.8.6 (02/17/2010):
178
+ New for 0.8.6 (February 17, 2010):
165
179
 
166
- * Clearance features capitalization should match view text (Bobby Wilson)
167
- * [#39] skip :authenticate before_filter in controllers so apps can easily
168
- authenticate a whole site without subclassing (Matthew Ford)
169
- * [#45] Added randomness to token and salt generation (Ryan McGeary)
170
- * [#43] Reset the remember_token on sign out instead of sign in. Allows for the same
171
- user to sign in from two locations at once. (Ryan McGeary)
172
- * [#62] Append the version number to generated update migrations (Joe Ferris)
173
- * Allow overridden user models to skip email/password validations
174
- conditionally. This makes username/facebook integration easier. (Joe Ferris)
180
+ * Clearance features capitalization should match view text.
181
+ * Skip `:authenticate before_filter` in controllers so apps can easily
182
+ authenticate a whole site without subclassing.
183
+ * Added randomness to token and salt generation,
184
+ * Reset the `remember_token` on sign out instead of sign in. Allows for the same
185
+ user to sign in from two locations at once.
186
+ * Append the version number to generated update migrations.
187
+ * Allow overridden user models to skip email/password validations
188
+ conditionally. This makes username/facebook integration easier.
175
189
 
176
- New for 0.8.5 (01/20/2010):
190
+ New for 0.8.5 (January 20, 2010):
177
191
 
178
- * replaced routing hack with Clearance::Routes.draw(map) to give
179
- more control to the application developer. (Dan Croak)
180
- * removed attr_accessible from Clearance::User. (Dan Croak)
181
- * fixed bug in password reset feature. (Ben Orenstein, Dan Croak)
182
- * use Jeweler for gemming. (Dan Croak)
183
- * remove dependency on root_path, use '/' instead. (Dan Croak)
184
- * use Clearance.configure block to set mailer sender instead of
185
- DO_NOT_REPLY constant. (Dan Croak)
192
+ * Replaced routing hack with `Clearance::Routes.draw(map)` to give more control
193
+ to the application developer.
194
+ * Removed `attr_accessible` from `Clearance::User`.
195
+ * Fixed bug in password reset feature.
196
+ * Use Jeweler for gemming.
197
+ * Remove dependency on `root_path`, use `'/'` instead.
198
+ * Use `Clearance.configure` block to set mailer sender instead of `DO_NOT_REPLY`
199
+ constant.
186
200
 
187
- New for 0.8.4 (12/08/2009):
201
+ New for 0.8.4 (December 08, 2009):
188
202
 
189
- * [#48] remove unnecessary require 'factory_girl' in generator (Dan Croak)
190
- * reference gemcutter (not github) as the gem source in README (Dan Croak)
191
- * add IRC, rdoc.info links to README (Dan Croak)
192
- * move user confirmation email trigger into model (Chad Pytel)
203
+ * Remove unnecessary `require 'factory_girl'` in generator.
204
+ * Reference gemcutter (not github) as the gem source in README.
205
+ * Add IRC, rdoc.info links to README.
206
+ * Move user confirmation email trigger into model.
193
207
 
194
- New for 0.8.3 (09/21/2009):
208
+ New for 0.8.3 (September 21, 2009):
195
209
 
196
- * [#27] remove class_eval in Clearance::Authentication. (Anuj Dutta)
197
- * Avoid possible collisions in the remember me token (Joe Ferris)
210
+ * Remove `class_eval` in `Clearance::Authentication`.
211
+ * Avoid possible collisions in the remember me token.
198
212
 
199
- New for 0.8.2 (09/01/2009):
213
+ New for 0.8.2 (September 01, 2009):
200
214
 
201
- * current_user= accessor method. (Joe Ferris, Josh Clayton)
202
- * set current_user in sign_in. (Jon Yurek)
215
+ * `current_user= accessor` method.
216
+ * Set `current_user` in `sign_in`.
203
217
 
204
- New for 0.8.1 (08/31/2009):
218
+ New for 0.8.1 (August 31, 2009):
205
219
 
206
- * Removed unnecessary remember_token_expires_at column and the
207
- remember? and forget_me! user instance methods. (Dan Croak)
220
+ * Removed unnecessary `remember_token_expires_at` column and the
221
+ `remember?` and `forget_me!` user instance methods.
208
222
 
209
- New for 0.8.0 (08/31/2009):
223
+ New for 0.8.0 (August 31, 2009):
210
224
 
211
225
  * Always remember me. Replaced session-and-remember-me authentication with
212
- always using a cookie with a long timeout. (Dan Croak)
213
- * Documented Clearance::Authentication with YARD. (Dan Croak)
214
- * Documented Clearance::User with YARD. (Dan Croak)
226
+ always using a cookie with a long timeout.
227
+ * Documented `Clearance::Authentication` with YARD.
228
+ * Documented `Clearance::User` with YARD.
215
229
 
216
- New for 0.7.0 (08/04/2009):
230
+ New for 0.7.0 (August 4, 2009):
217
231
 
218
- * Redirect signed in user who clicks confirmation link again. (Dan Croak)
219
- * Redirect signed out user who clicks confirmation link again. (Dan Croak)
220
- * Added signed_out? convenience method for controllers, helpers, views. (Dan
221
- Croak)
222
- * Added clearance_views generator. By default, creates formtastic views which
223
- pass all tests and features. (Dan Croak)
232
+ * Redirect signed in user who clicks confirmation link again.
233
+ * Redirect signed out user who clicks confirmation link again.
234
+ * Added `signed_out?` convenience method for controllers, helpers, views.
235
+ * Added `clearance_views` generator. By default, creates formtastic views which
236
+ pass all tests and features.
224
237
 
225
- New for 0.6.9 (07/04/2009):
238
+ New for 0.6.9 (July 4, 2009):
226
239
 
227
- * Added timestamps to create users migration. (Dan Croak)
228
- * Ready for Ruby 1.9. (Jason Morrison, Nick Quaranto)
240
+ * Added timestamps to create users migration.
241
+ * Ready for Ruby 1.9.
229
242
 
230
- New for 0.6.8 (06/24/2009):
243
+ New for 0.6.8 (June 24, 2009):
231
244
 
232
- * Added defined? checks for various Rails constants such as ActionController
233
- for easier unit testing of Clearance extensions... particularly ActiveRecord
234
- extensions... particularly strong_password. (Dan Croak)
245
+ * Added `defined?` checks for various Rails constants such as `ActionController`
246
+ for easier unit testing of Clearance extensions... particularly `ActiveRecord`
247
+ extensions... `particularly strong_password`.
235
248
 
236
- New for 0.6.7 (06/13/2009):
249
+ New for 0.6.7 (June 13, 2009):
237
250
 
238
- * [#30] Added sign_up, sign_in, sign_out named routes. (Dan Croak)
239
- * [#22] Minimizing Reek smell: Duplication in redirect_back_or. (Dan Croak)
240
- * Deprecated sign_user_in. Told developers to use sign_in instead. (Dan
241
- Croak)
242
- * [#16] flash_success_after_create, flash_notice_after_create, flash_failure_after_create, flash_sucess_after_update, flash_success_after_destroy, etc. (Dan Croak)
243
- * [#17] bug. added #create to forbidden before_filters on confirmations controller. (Dan Croak)
244
- * [#24] should_be_signed_in_as shouldn't look in the session. (Dan Croak)
245
- * README improvements. (Dan Croak)
246
- * Move routes loading to separate file. (Joshua Clayton)
251
+ * Added `sign_up`, `sign_in`, `sign_out` named routes.
252
+ * Minimizing Reek smell: Duplication in `redirect_back_or`.
253
+ * Deprecated `sign_user_in`. Told developers to use `sign_in` instead.
254
+ * `flash_success_after_create`, `flash_notice_after_create`,
255
+ `flash_failure_after_create`, `flash_sucess_after_update`,
256
+ `flash_success_after_destroy`, etc.
257
+ * Added `#create` to forbidden `before_filters` on confirmations controller.
258
+ * `should_be_signed_in_as` shouldn't look in the session.
259
+ * README improvements.
260
+ * Move routes loading to separate file.
247
261
 
248
- New for 0.6.6 (05/18/2009):
262
+ New for 0.6.6 (May 18, 2009):
249
263
 
250
- * [#14] replaced class_eval in Clearance::User with modules. This was needed
251
- in a thoughtbot client app so we could write our own validations. (Dan Croak)
264
+ * replaced `class_eval` in `Clearance::User` with modules. This was needed
265
+ so we could write our own validations.
252
266
 
253
- New for 0.6.5 (05/17/2009):
267
+ New for 0.6.5 (May 17, 2009):
254
268
 
255
- * [#6] Make Clearance i18n aware. (Timur Vafin, Marcel Goerner, Eugene Bolshakov, Dan Croak)
269
+ * Make Clearance i18n aware.
256
270
 
257
- New for 0.6.4 (05/12/2009):
271
+ New for 0.6.4 (May 12, 2009):
258
272
 
259
- * Moved issue tracking to Github from Lighthouse. (Dan Croak)
260
- * [#7] asking higher-level questions of controllers in webrat steps, such as signed_in? instead of what's in the session. same for accessors. (Dan Croak)
261
- * [#11] replacing sign_in_as & sign_out shoulda macros with a stubbing (requires no dependency) approach. this will avoid dealing with the internals of current_user, such as session & cookies. added sign_in macro which signs in an email confirmed user from clearance's factories. (Dan Croak)
262
- * [#13] move private methods on sessions controller into Clearance::Authentication module (Dan Croak)
263
- * [#9] audited flash keys. (Dan Croak)
273
+ * Moved issue tracking to Github from Lighthouse.
274
+ * Asking higher-level questions of controllers in webrat steps, such as
275
+ `signed_in`? instead of what's in the session. same for accessors.
276
+ * Replacing `sign_in_as` & `sign_out` shoulda macros with a stubbing (requires no
277
+ dependency) approach. this will avoid dealing with the internals of
278
+ `current_user`, such as session & cookies. Added `sign_in` macro which signs in an
279
+ email confirmed user from clearance's factories.
280
+ * Move private methods on sessions controller into `Clearance::Authentication`
281
+ module.
282
+ * Audited flash keys.
264
283
 
265
- New for 0.6.3 (04/23/2009):
284
+ New for 0.6.3 (April 23, 2009):
266
285
 
267
- * Scoping ClearanceMailer properly within controllers so it works in production environments. (Nick Quaranto)
286
+ * Scoping `ClearanceMailer` properly within controllers so it works in
287
+ production environments.
268
288
 
269
- New for 0.6.2 (04/22/2009):
289
+ New for 0.6.2 (April 22, 2009):
270
290
 
271
- * Insert Clearance::User into User model if it exists. (Nick Quaranto)
272
- * World(NavigationHelpers) Cucumber 3.0 style. (Shay Arnett & Mark Cornick)
291
+ * Insert `Clearance::User` into User model if it exists.
292
+ * `World(NavigationHelpers)` Cucumber 3.0 style.
273
293
 
274
- New for 0.6.1 (04/21/2009):
294
+ New for 0.6.1 (April 21, 2009):
275
295
 
276
296
  * Scope operators are necessary to keep Rails happy. Reverting the original
277
- revert so they're back in the library now for constants referenced inside of
278
- the gem. (Nick Quaranto)
279
-
280
- New for 0.6.0 (04/21/2009):
281
-
282
- * Converted Clearance to a Rails engine. (Dan Croak & Joe Ferris)
283
- * Include Clearance::User in User model in app. (Dan Croak & Joe Ferris)
284
- * Include Clearance::Authentication in ApplicationController. (Dan Croak & Joe Ferris)
285
- * Namespace controllers under Clearance. (Dan Croak & Joe Ferris)
286
- * Routes move to engine, use namespaced controllers but publicly the same. (Dan Croak & Joe Ferris)
287
- * If you want to override a controller, subclass it like SessionsController <
288
- Clearance::SessionsController. This gives you access to usual hooks such as
289
- url_after_create. (Dan Croak & Joe Ferris)
297
+ revert so they're back in the library now for constants referenced inside of
298
+ the gem.
299
+
300
+ New for 0.6.0 (April 21, 2009):
301
+
302
+ * Converted Clearance to a Rails engine.
303
+ * Include `Clearance::User` in User model in app.
304
+ * Include `Clearance::Authentication` in `ApplicationController`.
305
+ * Namespace controllers under `Clearance` module.
306
+ * Routes move to engine, use namespaced controllers but publicly the same.
307
+ * If you want to override a controller, subclass it like `SessionsController <
308
+ Clearance::SessionsController`. This gives you access to usual hooks such as
309
+ `url_after_create`.
290
310
  * Controllers, mailer, model, routes all unit tested inside engine. Use
291
- script/generate clearance_features to test integration of Clearance with your
292
- Rails app. No longer including modules in your app's test files. (Dan Croak & Joe Ferris)
293
- * Moved views to engine. (Joe Ferris)
294
- * Converted generated test/factories/clearance.rb to use inheritence for
295
- email_confirmed_user. (Dan Croak)
296
- * Corrected some spelling errors with methods (Nick Quaranto)
297
- * Converted "I should see error messages" to use a regex in the features (Nick
298
- Quaranto)
299
- * Loading clearance routes after rails routes via some monkeypatching (Nick
300
- Quaranto)
301
- * Made the clearance controllers unloadable to stop constant loading errors in
302
- development mode (Nick Quaranto)
311
+ `script/generate clearance_features` to test integration of Clearance with your
312
+ Rails app. No longer including modules in your app's test files.
313
+ * Moved views to engine.
314
+ * Converted generated `test/factories/clearance.rb` to use inheritence for
315
+ `email_confirmed_user`.
316
+ * Corrected some spelling errors with methods.
317
+ * Converted "I should see error messages" to use a regex in the features.
318
+ * Loading clearance routes after rails routes via some monkeypatching.
319
+ * Made the clearance controllers `unloadable` to stop constant loading errors in
320
+ development mode.
303
321
 
304
- New for 0.5.6 (4/11/2009):
322
+ New for 0.5.6 (April 11, 2009):
305
323
 
306
- * [#57] Step definition changed for "User should see error messages" so
307
- features won't fail for certain validations. (Nick Quaranto)
324
+ * Step definition changed for "User should see error messages" so features won't
325
+ fail for certain validations.
308
326
 
309
- New for 0.5.5 (3/23/2009):
327
+ New for 0.5.5 (March 23, 2009):
310
328
 
311
- * Removing duplicate test to get rid of warning. (Nick Quaranto)
329
+ * Removing duplicate test to get rid of warning.
312
330
 
313
- New for 0.5.4 (3/21/2009):
331
+ New for 0.5.4 (March 21, 2009):
314
332
 
315
- * When users fail logging in, redirect them instead of rendering. (Matt
316
- Jankowski)
333
+ * When users fail logging in, redirect them instead of rendering.
317
334
 
318
- New for 0.5.3 (3/5/2009):
335
+ New for 0.5.3 (March 5, 2009):
319
336
 
320
- * Clearance now works with (and requires) Shoulda 2.10.0. (Mark Cornick, Joe
321
- Ferris, Dan Croak)
322
- * Prefer flat over nested contexts in sessions_controller_test. (Joe Ferris,
323
- Dan Croak)
337
+ * Clearance now works with (and requires) Shoulda 2.10.0.
338
+ * Prefer flat over nested contexts in `sessions_controller_test`.
324
339
 
325
- New for 0.5.2 (3/2/2009):
340
+ New for 0.5.2 (March 2, 2009):
326
341
 
327
- * Fixed last remaining errors in Rails 2.3 tests. Now fully compatible. (Joe
328
- Ferris, Dan Croak)
342
+ * Fixed last remaining errors in Rails 2.3 tests. Now fully compatible.
329
343
 
330
- New for 0.5.1 (2/27/2009):
344
+ New for 0.5.1 (February 27, 2009):
331
345
 
332
- * [#46] A user with unconfirmed email who resets password now confirms email.
333
- (Marcel Görner)
334
- * Refactored user_from_cookie, user_from_session, User#authenticate to use
335
- more direct return code instead of ugly, harder to read ternary. (Dan Croak)
336
- * Switch order of cookies and sessions to take advantage of Rails 2.3's "Rack-based lazy-loaded sessions":http://is.gd/i23E. (Dan Croak)
337
- * Altered generator to interact with application_controller.rb instead of
338
- application.rb in Rails 2.3 apps. (Dan Croak)
339
- * [#42] Bug fix. Rack-based session change altered how to test remember me
340
- cookie. (Mihai Anca)
346
+ * A user with unconfirmed email who resets password now confirms email.
347
+ * Refactored `user_from_cookie`, `user_from_session`, `User#authenticate` to use
348
+ more direct return code instead of ugly, harder to read ternary.
349
+ * Switch order of cookies and sessions to take advantage of Rails 2.3's
350
+ "Rack-based lazy-loaded sessions",
351
+ * Altered generator to interact with `application_controller.rb` instead of
352
+ `application.rb` in Rails 2.3 apps.
353
+ * Bug fix. Rack-based session change altered how to test remember me cookie.
341
354
 
342
- New for 0.5.0 (2/27/2009):
355
+ New for 0.5.0 (February 27, 2009):
343
356
 
344
- * Fixed problem with Cucumber features. (Dan Croak)
345
- * Fixed mising HTTP fluency use case. (Dan Croak)
346
- * Refactored User#update_password to take just parameters it needs. (Dan
347
- Croak)
348
- * Refactored User unit tests to be more readable. (Dan Croak)
357
+ * Fixed problem with Cucumber features.
358
+ * Fixed mising HTTP fluency use case.
359
+ * Refactored `User#update_password` to take just parameters it needs.
360
+ * Refactored `User` unit tests to be more readable.
349
361
 
350
- New for 0.4.9 (2/20/2009):
362
+ New for 0.4.9 (February 20, 2009):
351
363
 
352
- * Protect passwords & confirmations actions with forbidden filters. (Dan Croak)
353
- * Return 403 Forbidden status code in those cases. (Tim Pope)
354
- * Test 403 Forbidden status code in Cucumber feature. (Dan Croak, Joe Ferris)
355
- * Raise custom ActionController::Forbidden error internally. (Joe Ferris, Mike Burns, Jason Morrison)
356
- * Test ActionController::Forbidden error is raised in functional test. (Joe Ferris, Mike Burns, Dan Croak)
357
- * [#45] Fixed bug that allowed anyone to edit another user's password (Marcel Görner)
358
- * Required Factory Girl >= 1.2.0. (Dan Croak)
364
+ * Protect passwords & confirmations actions with forbidden filters.
365
+ * Return 403 Forbidden status code in those cases.
366
+ * Test 403 Forbidden status code in Cucumber feature.
367
+ * Raise custom `ActionController::Forbidden` error internally.
368
+ * Test `ActionController::Forbidden` error is raised in functional test.
369
+ * Fixed bug that allowed anyone to edit another user's password.
370
+ * Required Factory Girl >= 1.2.0.
359
371
 
360
- New for 0.4.8 (2/16/2009):
372
+ New for 0.4.8 (February 16, 2009):
361
373
 
362
- * Added support paths for Cucumber. (Ben Mabey)
363
- * Added documentation for the flash. (Ben Mabey)
364
- * Generators require "test_helper" instead of File.join. for rr compatibility. (Joe Ferris)
365
- * Removed interpolated email address from flash message to make i18n easier. (Bence Nagy)
366
- * Standardized flash messages that refer to email delivery. (Dan Croak)
374
+ * Added support paths for Cucumber.
375
+ * Added documentation for the flash.
376
+ * Generators `require 'test_helper'` instead of `File.join` for RR compatibility.
377
+ * Removed interpolated email address from flash message to make i18n easier.
378
+ * Standardized flash messages that refer to email delivery.
367
379
 
368
- New for 0.4.7 (2/12/2009):
380
+ New for 0.4.7 (February 12, 2009):
369
381
 
370
- * Removed Clearance::Test::TestHelper so there is one less setup step. (Dan Croak)
371
- * All test helpers now in shoulda_macros. (Dan Croak)
382
+ * Removed `Clearance::Test::TestHelper` so there is one less setup step.
383
+ * All test helpers now in `shoulda_macros`.
372
384
 
373
- New for 0.4.6 (2/11/2009):
385
+ New for 0.4.6 (February 11, 2009):
374
386
 
375
- * Made the modules behave like mixins again. (hat-tip Eloy Duran)
376
- * Created Actions and PrivateMethods modules on controllers for future RDoc reasons. (Dan Croak, Joe Ferris)
387
+ * Made the modules behave like mixins again.
388
+ * Created `Actions` and `PrivateMethods` modules on controllers for future RDoc
389
+ reasons.
377
390
 
378
- New for 0.4.5 (2/9/2009):
391
+ New for 0.4.5 (February 9, 2009):
379
392
 
380
- * [#43] Removed email downcasing because local-part is case sensitive per RFC5321. (Dan Croak)
381
- * [#42] Removed dependency on Mocha. (Dan Croak)
382
- * Required Shoulda >= 2.9.1. (Dan Croak)
383
- * Added password reset feature to clearance_features generator. (Eugene Bolshakov, Dan Croak)
384
- * Removed unnecessary session[:salt]. (Dan Croak)
385
- * [#41] Only store location for session[:return_to] for GET requests. (Dan Croak)
386
- * Audited "sign up" naming convention. "Register" had slipped in a few places. (Dan Croak)
387
- * Switched to SHA1 encryption. Cypher doesn't matter much for email confirmation, password reset. Better to have shorter hashes in the emails for clients who line break on 72 chars. (Dan Croak)
393
+ * Removed email downcasing because local-part is case sensitive per
394
+ RFC5321.
395
+ * Removed dependency on Mocha.
396
+ * Required Shoulda >= 2.9.1.
397
+ * Added password reset feature to `clearance_features` generator.
398
+ * Removed unnecessary `session[:salt]`.
399
+ * Only store location for `session[:return_to]` for GET requests.
400
+ * Audited "sign up" naming convention. "Register" had slipped in a few places.
401
+ * Switched to `SHA1` encryption. Cypher doesn't matter much for email
402
+ confirmation, password reset. Better to have shorter hashes in the emails for
403
+ clients who line break on 72 chars.
388
404
 
389
- New for 0.4.4 (2/2/2009):
405
+ New for 0.4.4 (February 2, 2009):
390
406
 
391
- * Added a generator for Cucumber features. (Joe Ferris, Dan Croak)
392
- * Standarized naming for "Sign up," "Sign in," and "Sign out". (Dan Croak)
407
+ * Added a generator for Cucumber features.
408
+ * Standardized naming for "Sign up," "Sign in," and "Sign out".
data/README.md CHANGED
@@ -20,11 +20,11 @@ Install
20
20
  -------
21
21
 
22
22
  Clearance is a Rails engine tested against [Rails 3.x](/Appraisals) on Ruby
23
- 1.9.x.
23
+ 1.9.x and Ruby 2.0.x.
24
24
 
25
25
  Include the gem in your Gemfile:
26
26
 
27
- gem 'clearance', '1.0.0.rc6'
27
+ gem 'clearance', '1.0.0.rc7'
28
28
 
29
29
  Bundle:
30
30
 
@@ -51,13 +51,15 @@ Use [0.16.3](http://rubygems.org/gems/clearance/versions/0.16.3) for Ruby 1.8.7.
51
51
  Configure
52
52
  ---------
53
53
 
54
- Override any of the defaults in `config/initializers/clearance.rb`:
54
+ Override any of these defaults in `config/initializers/clearance.rb`:
55
55
 
56
56
  Clearance.configure do |config|
57
57
  config.cookie_expiration = lambda { 1.year.from_now.utc }
58
+ config.secure_cookie = false
58
59
  config.mailer_sender = 'reply@example.com'
59
60
  config.password_strategy = Clearance::PasswordStrategies::BCrypt
60
61
  config.user_model = User
62
+ config.redirect_path = '/'
61
63
  end
62
64
 
63
65
  Use
@@ -1,8 +1,6 @@
1
1
  require 'active_support/deprecation'
2
2
 
3
3
  class Clearance::PasswordsController < ApplicationController
4
- unloadable
5
-
6
4
  skip_before_filter :authorize, :only => [:create, :edit, :new, :update]
7
5
  before_filter :forbid_missing_token, :only => [:edit, :update]
8
6
  before_filter :forbid_non_existent_user, :only => [:edit, :update]
@@ -57,7 +55,8 @@ class Clearance::PasswordsController < ApplicationController
57
55
  end
58
56
 
59
57
  def find_user_for_create
60
- Clearance.configuration.user_model.find_by_normalized_email params[:password][:email]
58
+ Clearance.configuration.user_model.
59
+ find_by_normalized_email params[:password][:email]
61
60
  end
62
61
 
63
62
  def find_user_for_edit
@@ -99,6 +98,6 @@ class Clearance::PasswordsController < ApplicationController
99
98
  end
100
99
 
101
100
  def url_after_update
102
- '/'
101
+ Clearance.configuration.redirect_url
103
102
  end
104
103
  end
@@ -1,6 +1,4 @@
1
1
  class Clearance::SessionsController < ApplicationController
2
- unloadable
3
-
4
2
  skip_before_filter :authorize, :only => [:create, :new, :destroy]
5
3
  protect_from_forgery :except => :create
6
4
 
@@ -34,7 +32,7 @@ class Clearance::SessionsController < ApplicationController
34
32
  end
35
33
 
36
34
  def url_after_create
37
- '/'
35
+ Clearance.configuration.redirect_url
38
36
  end
39
37
 
40
38
  def url_after_destroy
@@ -1,8 +1,6 @@
1
1
  class Clearance::UsersController < ApplicationController
2
- unloadable
3
-
4
2
  skip_before_filter :authorize, :only => [:create, :new]
5
- before_filter :redirect_to_root, :only => [:create, :new], :if => :signed_in?
3
+ before_filter :avoid_sign_in, :only => [:create, :new], :if => :signed_in?
6
4
 
7
5
  def new
8
6
  @user = user_from_params
@@ -22,8 +20,12 @@ class Clearance::UsersController < ApplicationController
22
20
 
23
21
  private
24
22
 
23
+ def avoid_sign_in
24
+ redirect_to Clearance.configuration.redirect_url
25
+ end
26
+
25
27
  def url_after_create
26
- '/'
28
+ Clearance.configuration.redirect_url
27
29
  end
28
30
 
29
31
  def user_from_params
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: ../
3
3
  specs:
4
- clearance (1.0.0.rc5)
4
+ clearance (1.0.0.rc7)
5
5
  bcrypt-ruby
6
6
  email_validator
7
7
  rails (>= 3.0)
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: ../
3
3
  specs:
4
- clearance (1.0.0.rc5)
4
+ clearance (1.0.0.rc7)
5
5
  bcrypt-ruby
6
6
  email_validator
7
7
  rails (>= 3.0)
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: ../
3
3
  specs:
4
- clearance (1.0.0.rc5)
4
+ clearance (1.0.0.rc7)
5
5
  bcrypt-ruby
6
6
  email_validator
7
7
  rails (>= 3.0)
@@ -43,16 +43,12 @@ module Clearance
43
43
  clear_return_to
44
44
  end
45
45
 
46
- def redirect_to_root
47
- redirect_to('/')
48
- end
49
-
50
46
  def return_to
51
47
  session[:return_to] || params[:return_to]
52
48
  end
53
49
 
54
50
  def url_after_denied_access_when_signed_in
55
- '/'
51
+ Clearance.configuration.redirect_url
56
52
  end
57
53
 
58
54
  def url_after_denied_access_when_signed_out
@@ -10,7 +10,7 @@ module Clearance
10
10
  # # config/environments/test.rb
11
11
  # MyRailsApp::Application.configure do
12
12
  # # ...
13
- # config.middleware.use ClearanceBackDoor
13
+ # config.middleware.use Clearance::BackDoor
14
14
  # # ...
15
15
  # end
16
16
  #
@@ -1,10 +1,18 @@
1
1
  module Clearance
2
2
  class Configuration
3
- attr_accessor :cookie_expiration, :mailer_sender, :password_strategy, :user_model
3
+ attr_accessor \
4
+ :cookie_expiration,
5
+ :mailer_sender,
6
+ :password_strategy,
7
+ :redirect_url,
8
+ :secure_cookie,
9
+ :user_model
4
10
 
5
11
  def initialize
6
12
  @cookie_expiration = lambda { 1.year.from_now.utc }
7
13
  @mailer_sender = 'reply@example.com'
14
+ @secure_cookie = false
15
+ @redirect_url = '/'
8
16
  end
9
17
 
10
18
  def user_model
@@ -12,6 +12,7 @@ module Clearance
12
12
  headers, REMEMBER_TOKEN_COOKIE,
13
13
  :value => current_user.remember_token,
14
14
  :expires => Clearance.configuration.cookie_expiration.call,
15
+ :secure => Clearance.configuration.secure_cookie,
15
16
  :path => '/'
16
17
  )
17
18
  end
@@ -1,3 +1,3 @@
1
1
  module Clearance
2
- VERSION = '1.0.0.rc6'
2
+ VERSION = '1.0.0.rc7'
3
3
  end
@@ -4,6 +4,10 @@ describe Clearance::Session do
4
4
  before { Timecop.freeze }
5
5
  after { Timecop.return }
6
6
 
7
+ let(:headers) {{}}
8
+ let(:session) { Clearance::Session.new(env_without_remember_token) }
9
+ let(:user) { create(:user) }
10
+
7
11
  it 'finds a user from a cookie' do
8
12
  user = create(:user)
9
13
  env = env_with_remember_token(user.remember_token)
@@ -58,6 +62,33 @@ describe Clearance::Session do
58
62
  end
59
63
  end
60
64
 
65
+ context 'if secure_cookie is set' do
66
+ before do
67
+ Clearance.configuration.secure_cookie = true
68
+ session.sign_in(user)
69
+ end
70
+
71
+ it 'sets a secure cookie' do
72
+ session.add_cookie_to_headers(headers)
73
+
74
+ headers['Set-Cookie'].should =~ /remember_token=.+; secure/
75
+ end
76
+
77
+ after { restore_default_config }
78
+ end
79
+
80
+ context 'if secure_cookie is not set' do
81
+ before do
82
+ session.sign_in(user)
83
+ end
84
+
85
+ it 'sets a standard cookie' do
86
+ session.add_cookie_to_headers(headers)
87
+
88
+ headers['Set-Cookie'].should_not =~ /remember_token=.+; secure/
89
+ end
90
+ end
91
+
61
92
  it 'does not set a remember token when signed out' do
62
93
  headers = {}
63
94
  session = Clearance::Session.new(env_without_remember_token)
@@ -87,11 +118,6 @@ describe Clearance::Session do
87
118
  env_with_cookies({})
88
119
  end
89
120
 
90
- def restore_default_config
91
- Clearance.configuration = nil
92
- Clearance.configure {}
93
- end
94
-
95
121
  def serialize_cookies(hash)
96
122
  header = {}
97
123
 
@@ -1,6 +1,8 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe Clearance::Configuration do
4
+ after { restore_default_config }
5
+
4
6
  describe 'when no user_model_name is specified' do
5
7
  before do
6
8
  Clearance.configure do |config|
@@ -31,4 +33,59 @@ describe Clearance::Configuration do
31
33
  Clearance.configuration.user_model.should == ::MyUser
32
34
  end
33
35
  end
36
+
37
+ describe 'when secure_cookie is set to true' do
38
+ before do
39
+ Clearance.configure do |config|
40
+ config.secure_cookie = true
41
+ end
42
+ end
43
+
44
+ after do
45
+ Clearance.configure do |config|
46
+ config.secure_cookie = false
47
+ end
48
+ end
49
+
50
+ it 'returns true' do
51
+ Clearance.configuration.secure_cookie.should be_true
52
+ end
53
+ end
54
+
55
+ describe 'when secure_cookie is not specified' do
56
+ before do
57
+ Clearance.configure do |config|
58
+ end
59
+ end
60
+
61
+ it 'defaults to false' do
62
+ Clearance.configuration.secure_cookie.should be_false
63
+ end
64
+ end
65
+
66
+ describe 'when no redirect URL specified' do
67
+ it 'should return "/" as redirect URL' do
68
+ Clearance::Configuration.new.redirect_url.should == '/'
69
+ end
70
+ end
71
+
72
+ describe 'when redirect URL is specified' do
73
+ let(:new_redirect_url) { '/admin' }
74
+
75
+ before do
76
+ Clearance.configure do |config|
77
+ config.redirect_url = new_redirect_url
78
+ end
79
+ end
80
+
81
+ after do
82
+ Clearance.configure do |config|
83
+ config.redirect_url = '/'
84
+ end
85
+ end
86
+
87
+ it 'should return new redirect URL' do
88
+ Clearance.configuration.redirect_url.should == new_redirect_url
89
+ end
90
+ end
34
91
  end
@@ -68,7 +68,7 @@ describe Clearance::UsersController do
68
68
  before { get :new }
69
69
 
70
70
  it 'redirects to the home page' do
71
- should redirect_to(root_url)
71
+ should redirect_to(Clearance.configuration.redirect_url)
72
72
  end
73
73
  end
74
74
 
@@ -76,7 +76,7 @@ describe Clearance::UsersController do
76
76
  before { post :create, :user => {} }
77
77
 
78
78
  it 'redirects to the home page' do
79
- should redirect_to(root_url)
79
+ should redirect_to(Clearance.configuration.redirect_url)
80
80
  end
81
81
  end
82
82
  end
@@ -25,3 +25,8 @@ RSpec.configure do |config|
25
25
  config.mock_with :mocha
26
26
  config.use_transactional_fixtures = true
27
27
  end
28
+
29
+ def restore_default_config
30
+ Clearance.configuration = nil
31
+ Clearance.configure {}
32
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: clearance
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0.rc6
4
+ version: 1.0.0.rc7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dan Croak
@@ -17,7 +17,7 @@ authors:
17
17
  autorequire:
18
18
  bindir: bin
19
19
  cert_chain: []
20
- date: 2013-03-17 00:00:00.000000000 Z
20
+ date: 2013-03-26 00:00:00.000000000 Z
21
21
  dependencies:
22
22
  - !ruby/object:Gem::Dependency
23
23
  name: bcrypt-ruby