RubyGems - clearance - Versions diffs - 1.0.1 → 1.1.0 - Mend

clearance 1.0.1 → 1.1.0

Potentially problematic release.

This version of clearance might be problematic. Click here for more details.

Files changed (30) hide show

checksums.yaml +4 -4
data/.travis.yml +4 -0
data/Appraisals +1 -1
data/CONTRIBUTING.md +2 -2
data/Gemfile +2 -4
data/Gemfile.lock +13 -19
data/NEWS.md +14 -0
data/README.md +69 -9
data/app/controllers/clearance/sessions_controller.rb +7 -6
data/app/views/users/new.html.erb +1 -1
data/config/locales/clearance.en.yml +2 -0
data/lib/clearance.rb +1 -0
data/lib/clearance/authentication.rb +4 -2
data/lib/clearance/configuration.rb +7 -2
data/lib/clearance/default_sign_in_guard.rb +19 -0
data/lib/clearance/session.rb +66 -16
data/lib/clearance/session_status.rb +19 -0
data/lib/clearance/sign_in_guard.rb +36 -0
data/lib/clearance/testing/application.rb +2 -1
data/lib/clearance/user.rb +1 -1
data/lib/clearance/version.rb +1 -1
data/spec/clearance/session_spec.rb +207 -35
data/spec/clearance/sign_in_guard_spec.rb +29 -0
data/spec/configuration_spec.rb +51 -27
data/spec/controllers/apis_controller_spec.rb +0 -6
data/spec/controllers/permissions_controller_spec.rb +70 -0
data/spec/controllers/sessions_controller_spec.rb +1 -1
data/spec/models/user_spec.rb +2 -0
metadata +10 -5
data/spec/controllers/denies_controller_spec.rb +0 -62

data/spec/controllers/apis_controller_spec.rb CHANGED Viewed

@@ -10,12 +10,6 @@ class ApisController < ActionController::Base
   def show
     render text: 'response'
   end
-  protected
-  def authorize
-    deny_access 'Access denied.'
-  end
 end
 describe ApisController do

data/spec/controllers/permissions_controller_spec.rb ADDED Viewed

@@ -0,0 +1,70 @@
+require 'spec_helper'
+class PermissionsController < ActionController::Base
+  include Clearance::Controller
+  before_filter :authorize, only: :show
+  def new
+    render text: 'New page'
+  end
+  def show
+    render text: 'Show page'
+  end
+end
+describe PermissionsController do
+  before do
+    Rails.application.routes.draw do
+      resource :permission, only: [:new, :show]
+      get '/sign_in' => 'clearance/sessions#new', as: 'sign_in'
+    end
+  end
+  after do
+    Rails.application.reload_routes!
+  end
+  context 'with signed in user' do
+    before { sign_in }
+    it 'allows access to new' do
+      get :new
+      subject.should_not deny_access
+    end
+    it 'allows access to show' do
+      get :show
+      subject.should_not deny_access
+    end
+  end
+  context 'with visitor' do
+    it 'allows access to new' do
+      get :new
+      subject.should_not deny_access
+    end
+    it 'denies access to show' do
+      get :show
+      subject.should deny_access(redirect: sign_in_url)
+    end
+  end
+  context 'when remember_token is blank' do
+    it 'denies acess to show' do
+      user = create(:user)
+      user.update_attributes(remember_token: '')
+      cookies[:remember_token] = ''
+      get :show
+      subject.should deny_access
+    end
+  end
+end

data/spec/controllers/sessions_controller_spec.rb CHANGED Viewed

@@ -17,7 +17,7 @@ describe Clearance::SessionsController do
         post :create, session: { email: user.email, password: user.password }
         expect(response).to render_template(:new)
-        expect(flash[:notice]).to match /^Bad email or password/
+        expect(flash[:notice]).to match(/^Bad email or password/)
       end
     end
   end

data/spec/models/user_spec.rb CHANGED Viewed

@@ -9,11 +9,13 @@ describe User do
     it { should validate_presence_of(:password) }
     it { should allow_value('foo@example.co.uk').for(:email) }
     it { should allow_value('foo@example.com').for(:email) }
+    it { should allow_value('foo+bar@example.com').for(:email) }
     it { should_not allow_value('foo@').for(:email) }
     it { should_not allow_value('foo@example..com').for(:email) }
     it { should_not allow_value('foo@.example.com').for(:email) }
     it { should_not allow_value('foo').for(:email) }
     it { should_not allow_value('example.com').for(:email) }
+    it { should_not allow_value('foo;@example.com').for(:email) }
     it 'stores email in down case and removes whitespace' do
       user = create(:user, :email => 'Jo hn.Do e @exa mp le.c om')

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: clearance
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.1.0
 platform: ruby
 authors:
 - Dan Croak
@@ -25,7 +25,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-08-10 00:00:00.000000000 Z
+date: 2013-11-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt-ruby
@@ -123,6 +123,7 @@ files:
 - lib/clearance/constraints/signed_in.rb
 - lib/clearance/constraints/signed_out.rb
 - lib/clearance/controller.rb
+- lib/clearance/default_sign_in_guard.rb
 - lib/clearance/engine.rb
 - lib/clearance/password_strategies.rb
 - lib/clearance/password_strategies/bcrypt.rb
@@ -131,6 +132,8 @@ files:
 - lib/clearance/password_strategies/sha1.rb
 - lib/clearance/rack_session.rb
 - lib/clearance/session.rb
+- lib/clearance/session_status.rb
+- lib/clearance/sign_in_guard.rb
 - lib/clearance/testing.rb
 - lib/clearance/testing/app/controllers/application_controller.rb
 - lib/clearance/testing/application.rb
@@ -167,12 +170,13 @@ files:
 - spec/clearance/constraints/signed_out_spec.rb
 - spec/clearance/rack_session_spec.rb
 - spec/clearance/session_spec.rb
+- spec/clearance/sign_in_guard_spec.rb
 - spec/configuration_spec.rb
 - spec/controllers/apis_controller_spec.rb
-- spec/controllers/denies_controller_spec.rb
 - spec/controllers/flashes_controller_spec.rb
 - spec/controllers/forgeries_controller_spec.rb
 - spec/controllers/passwords_controller_spec.rb
+- spec/controllers/permissions_controller_spec.rb
 - spec/controllers/sessions_controller_spec.rb
 - spec/controllers/users_controller_spec.rb
 - spec/factories.rb
@@ -209,7 +213,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.0.3
+rubygems_version: 2.0.5
 signing_key:
 specification_version: 4
 summary: Rails authentication & authorization with email & password.
@@ -226,12 +230,13 @@ test_files:
 - spec/clearance/constraints/signed_out_spec.rb
 - spec/clearance/rack_session_spec.rb
 - spec/clearance/session_spec.rb
+- spec/clearance/sign_in_guard_spec.rb
 - spec/configuration_spec.rb
 - spec/controllers/apis_controller_spec.rb
-- spec/controllers/denies_controller_spec.rb
 - spec/controllers/flashes_controller_spec.rb
 - spec/controllers/forgeries_controller_spec.rb
 - spec/controllers/passwords_controller_spec.rb
+- spec/controllers/permissions_controller_spec.rb
 - spec/controllers/sessions_controller_spec.rb
 - spec/controllers/users_controller_spec.rb
 - spec/factories.rb

data/spec/controllers/denies_controller_spec.rb DELETED Viewed

@@ -1,62 +0,0 @@
-require 'spec_helper'
-class DeniesController < ActionController::Base
-  include Clearance::Controller
-  before_filter :authorize, :only => :show
-  def new
-    render :text => 'New page'
-  end
-  def show
-    render :text => 'Show page'
-  end
-  protected
-  def authorize
-    deny_access 'Access denied.'
-  end
-end
-describe DeniesController do
-  before do
-    Rails.application.routes.draw do
-      resource :deny, :only => [:new, :show]
-      get '/sign_in'  => 'clearance/sessions#new', :as => 'sign_in'
-    end
-  end
-  after do
-    Rails.application.reload_routes!
-  end
-  context 'signed in user' do
-    before { sign_in }
-    it 'allows access to new' do
-      get :new
-      subject.should_not deny_access
-    end
-    it 'denies access to show' do
-      get :show
-      subject.should deny_access(:redirect => '/')
-    end
-  end
-  context 'visitor' do
-    it 'allows access to new' do
-      get :new
-      subject.should_not deny_access
-    end
-    it 'denies access to show' do
-      get :show
-      subject.should deny_access
-      subject.should deny_access(:redirect => sign_in_url,
-        :flash => 'Access denied.')
-    end
-  end
-end