clearance 1.6.0 → 1.6.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of clearance might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.gitignore +1 -1
- data/.travis.yml +6 -8
- data/Gemfile +2 -2
- data/Gemfile.lock +20 -19
- data/NEWS.md +3 -0
- data/Rakefile +13 -14
- data/app/mailers/clearance_mailer.rb +9 -4
- data/app/views/clearance_mailer/change_password.html.erb +3 -3
- data/app/views/layouts/application.html.erb +1 -1
- data/app/views/passwords/edit.html.erb +2 -2
- data/app/views/passwords/new.html.erb +2 -2
- data/app/views/sessions/_form.html.erb +2 -2
- data/app/views/sessions/new.html.erb +1 -1
- data/app/views/users/_form.html.erb +1 -1
- data/app/views/users/new.html.erb +1 -1
- data/bin/setup +1 -2
- data/config/locales/clearance.en.yml +4 -4
- data/features/step_definitions/configuration_steps.rb +2 -2
- data/features/support/env.rb +15 -23
- data/gemfiles/rails3.2.gemfile +20 -0
- data/gemfiles/rails4.0.gemfile +20 -0
- data/gemfiles/rails4.1.gemfile +20 -0
- data/gemfiles/rails4.2.gemfile +20 -0
- data/lib/clearance/configuration.rb +1 -1
- data/lib/clearance/session.rb +5 -1
- data/lib/clearance/testing/deny_access_matcher.rb +1 -3
- data/lib/clearance/version.rb +1 -1
- data/lib/generators/clearance/install/install_generator.rb +5 -15
- data/spec/clearance/session_spec.rb +1 -1
- data/{lib/clearance/testing → spec/dummy}/app/controllers/application_controller.rb +0 -0
- data/spec/dummy/application.rb +47 -0
- data/{lib/clearance/testing → spec/dummy}/config/database.yml +0 -0
- data/{lib/clearance/testing → spec/dummy}/config/routes.rb +0 -0
- data/spec/generators/clearance/install/install_generator_spec.rb +118 -0
- data/spec/generators/clearance/routes/routes_generator_spec.rb +17 -0
- data/spec/generators/clearance/specs/specs_generator_spec.rb +26 -0
- data/spec/generators/clearance/views/views_generator_spec.rb +35 -0
- data/spec/mailers/clearance_mailer_spec.rb +48 -19
- data/spec/models/bcrypt_migration_from_sha1_spec.rb +81 -51
- data/spec/models/password_strategies_spec.rb +2 -0
- data/spec/spec_helper.rb +12 -18
- data/spec/support/app_templates/app/controllers/application_controller.rb +2 -0
- data/spec/support/app_templates/app/models/user.rb +5 -0
- data/spec/support/app_templates/config/routes.rb +3 -0
- data/spec/support/cookies.rb +1 -1
- data/spec/support/generator_spec_helpers.rb +40 -0
- metadata +31 -13
- data/.rspec +0 -2
- data/features/add_migrations_to_project.feature +0 -36
- data/features/copy_routes_to_host_application.feature +0 -9
- data/lib/clearance/testing/application.rb +0 -49
- data/lib/clearance/testing/assertion_error.rb +0 -6
@@ -1,85 +1,115 @@
|
|
1
|
-
require
|
1
|
+
require "spec_helper"
|
2
2
|
|
3
3
|
describe Clearance::PasswordStrategies::BCryptMigrationFromSHA1 do
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
)
|
8
|
-
end
|
4
|
+
describe "#password=" do
|
5
|
+
it "encrypts the password into a BCrypt-encrypted encrypted_password" do
|
6
|
+
stub_bcrypt_password
|
9
7
|
|
10
|
-
|
11
|
-
|
12
|
-
let(:password) { 'password' }
|
13
|
-
let(:encrypted_password) { double("encrypted password") }
|
8
|
+
expect(model_instance.encrypted_password).to eq encrypted_password
|
9
|
+
end
|
14
10
|
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
subject.password = password
|
11
|
+
it "encrypts with BCrypt" do
|
12
|
+
stub_bcrypt_password
|
13
|
+
|
14
|
+
expect(BCrypt::Password).to have_received(:create).
|
15
|
+
with(password, anything)
|
21
16
|
end
|
22
17
|
|
23
|
-
it
|
24
|
-
|
18
|
+
it "sets the pasword on the subject" do
|
19
|
+
stub_bcrypt_password
|
20
|
+
|
21
|
+
expect(model_instance.password).to be_present
|
25
22
|
end
|
26
23
|
|
27
|
-
|
28
|
-
|
29
|
-
|
24
|
+
def stub_bcrypt_password
|
25
|
+
model_instance.salt = salt
|
26
|
+
digestable = "--#{salt}--#{password}--"
|
27
|
+
model_instance.encrypted_password = Digest::SHA1.hexdigest(digestable)
|
28
|
+
allow(BCrypt::Password).to receive(:create).and_return(encrypted_password)
|
29
|
+
model_instance.password = password
|
30
30
|
end
|
31
31
|
|
32
|
-
|
33
|
-
|
32
|
+
def encrypted_password
|
33
|
+
@encrypted_password ||= double("encrypted password")
|
34
34
|
end
|
35
35
|
end
|
36
36
|
|
37
|
-
describe
|
38
|
-
|
39
|
-
|
40
|
-
|
37
|
+
describe "#authenticated?" do
|
38
|
+
context "with a SHA1-encrypted password" do
|
39
|
+
it "is authenticated" do
|
40
|
+
model_instance.salt = salt
|
41
|
+
model_instance.encrypted_password = sha1_hash
|
42
|
+
allow(model_instance).to receive(:save)
|
41
43
|
|
42
|
-
|
43
|
-
before do
|
44
|
-
subject.salt = salt
|
45
|
-
subject.encrypted_password = sha1_hash
|
46
|
-
allow(subject).to receive(:save).and_return(true)
|
44
|
+
expect(model_instance).to be_authenticated(password)
|
47
45
|
end
|
48
46
|
|
49
|
-
it
|
50
|
-
|
47
|
+
it "changes the hash into a BCrypt-encrypted one" do
|
48
|
+
model_instance.salt = salt
|
49
|
+
model_instance.encrypted_password = sha1_hash
|
50
|
+
allow(model_instance).to receive(:save)
|
51
|
+
|
52
|
+
model_instance.authenticated? password
|
53
|
+
|
54
|
+
expect(model_instance.encrypted_password).not_to eq sha1_hash
|
51
55
|
end
|
52
56
|
|
53
|
-
it
|
54
|
-
|
55
|
-
|
57
|
+
it "does not raise a BCrypt error for invalid passwords" do
|
58
|
+
model_instance.salt = salt
|
59
|
+
model_instance.encrypted_password = sha1_hash
|
60
|
+
|
61
|
+
expect do
|
62
|
+
model_instance.authenticated? "bad" + password
|
63
|
+
end.not_to raise_error
|
56
64
|
end
|
57
65
|
|
58
|
-
it
|
59
|
-
|
66
|
+
it "saves the subject to database" do
|
67
|
+
model_instance.salt = salt
|
68
|
+
model_instance.encrypted_password = sha1_hash
|
69
|
+
allow(model_instance).to receive(:save)
|
70
|
+
|
71
|
+
model_instance.authenticated? password
|
72
|
+
|
73
|
+
expect(model_instance).to have_received(:save)
|
60
74
|
end
|
61
75
|
|
62
|
-
|
63
|
-
|
64
|
-
expect(subject).to have_received(:save)
|
76
|
+
def sha1_hash
|
77
|
+
Digest::SHA1.hexdigest("--#{salt}--#{password}--")
|
65
78
|
end
|
66
79
|
end
|
67
80
|
|
68
|
-
context
|
69
|
-
|
81
|
+
context "with a BCrypt-encrypted password" do
|
82
|
+
it "is authenticated" do
|
83
|
+
model_instance.encrypted_password = bcrypt_hash
|
70
84
|
|
71
|
-
|
72
|
-
subject.encrypted_password = bcrypt_hash
|
85
|
+
expect(model_instance).to be_authenticated(password)
|
73
86
|
end
|
74
87
|
|
75
|
-
it
|
76
|
-
|
88
|
+
it "does not change the hash" do
|
89
|
+
model_instance.encrypted_password = bcrypt_hash
|
90
|
+
|
91
|
+
model_instance.authenticated? password
|
92
|
+
|
93
|
+
expect(model_instance.encrypted_password.to_s).to eq bcrypt_hash.to_s
|
77
94
|
end
|
78
95
|
|
79
|
-
|
80
|
-
|
81
|
-
expect(subject.encrypted_password.to_s).to eq bcrypt_hash.to_s
|
96
|
+
def bcrypt_hash
|
97
|
+
@bcrypt_hash ||= ::BCrypt::Password.create(password)
|
82
98
|
end
|
83
99
|
end
|
84
100
|
end
|
101
|
+
|
102
|
+
def model_instance
|
103
|
+
@model_instance ||= fake_model_with_password_strategy(
|
104
|
+
Clearance::PasswordStrategies::BCryptMigrationFromSHA1
|
105
|
+
)
|
106
|
+
end
|
107
|
+
|
108
|
+
def salt
|
109
|
+
"salt"
|
110
|
+
end
|
111
|
+
|
112
|
+
def password
|
113
|
+
"password"
|
114
|
+
end
|
85
115
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -1,29 +1,23 @@
|
|
1
|
-
ENV[
|
1
|
+
ENV["RAILS_ENV"] ||= "test"
|
2
2
|
|
3
|
-
|
4
|
-
|
3
|
+
require "rails/all"
|
4
|
+
require "dummy/application"
|
5
5
|
|
6
|
-
require
|
7
|
-
require
|
6
|
+
require "clearance/rspec"
|
7
|
+
require "factory_girl_rails"
|
8
|
+
require "rspec/rails"
|
9
|
+
require "shoulda-matchers"
|
10
|
+
require "timecop"
|
8
11
|
|
9
|
-
|
12
|
+
Dir[Rails.root.join("spec/support/**/*.rb")].each { |f| require f }
|
10
13
|
|
11
|
-
|
12
|
-
require 'rspec/rails'
|
13
|
-
require 'factory_girl_rails'
|
14
|
-
require 'shoulda-matchers'
|
15
|
-
require 'clearance/rspec'
|
16
|
-
require 'timecop'
|
17
|
-
|
18
|
-
Dir[Rails.root.join('spec/support/**/*.rb')].each { |f| require f }
|
19
|
-
|
20
|
-
Clearance::Testing::Application.initialize!
|
14
|
+
Dummy::Application.initialize!
|
21
15
|
|
22
16
|
RSpec.configure do |config|
|
23
17
|
config.include FactoryGirl::Syntax::Methods
|
24
|
-
config.use_transactional_fixtures = true
|
25
|
-
config.order = :random
|
26
18
|
config.infer_spec_type_from_file_location!
|
19
|
+
config.order = :random
|
20
|
+
config.use_transactional_fixtures = true
|
27
21
|
|
28
22
|
config.expect_with :rspec do |expectations|
|
29
23
|
expectations.syntax = :expect
|
data/spec/support/cookies.rb
CHANGED
@@ -0,0 +1,40 @@
|
|
1
|
+
require "ammeter/rspec/generator/example.rb"
|
2
|
+
require "ammeter/rspec/generator/matchers.rb"
|
3
|
+
require "ammeter/init"
|
4
|
+
|
5
|
+
module GeneratorSpecHelpers
|
6
|
+
TEMPLATE_PATH = File.expand_path("../app_templates", __FILE__)
|
7
|
+
|
8
|
+
def provide_existing_routes_file
|
9
|
+
copy_to_generator_root("config", "routes.rb")
|
10
|
+
end
|
11
|
+
|
12
|
+
def provide_existing_application_controller
|
13
|
+
copy_to_generator_root("app/controllers", "application_controller.rb")
|
14
|
+
end
|
15
|
+
|
16
|
+
def provide_existing_user_class
|
17
|
+
copy_to_generator_root("app/models", "user.rb")
|
18
|
+
allow(File).to receive(:exist?).and_call_original
|
19
|
+
allow(File).to receive(:exist?).with("app/models/user.rb").and_return(true)
|
20
|
+
end
|
21
|
+
|
22
|
+
private
|
23
|
+
|
24
|
+
def copy_to_generator_root(destination, template)
|
25
|
+
template_file = File.join(TEMPLATE_PATH, destination, template)
|
26
|
+
destination = File.join(destination_root, destination)
|
27
|
+
|
28
|
+
FileUtils.mkdir_p(destination)
|
29
|
+
FileUtils.cp(template_file, destination)
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
RSpec.configure do |config|
|
34
|
+
config.include GeneratorSpecHelpers
|
35
|
+
|
36
|
+
config.before(:example, :generator) do
|
37
|
+
destination File.expand_path("../../../tmp", __FILE__)
|
38
|
+
prepare_destination
|
39
|
+
end
|
40
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: clearance
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.6.
|
4
|
+
version: 1.6.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dan Croak
|
@@ -25,7 +25,7 @@ authors:
|
|
25
25
|
autorequire:
|
26
26
|
bindir: bin
|
27
27
|
cert_chain: []
|
28
|
-
date:
|
28
|
+
date: 2015-01-07 00:00:00.000000000 Z
|
29
29
|
dependencies:
|
30
30
|
- !ruby/object:Gem::Dependency
|
31
31
|
name: bcrypt
|
@@ -78,7 +78,6 @@ extra_rdoc_files:
|
|
78
78
|
- README.md
|
79
79
|
files:
|
80
80
|
- ".gitignore"
|
81
|
-
- ".rspec"
|
82
81
|
- ".travis.yml"
|
83
82
|
- Appraisals
|
84
83
|
- CONTRIBUTING.md
|
@@ -109,14 +108,16 @@ files:
|
|
109
108
|
- cucumber.yml
|
110
109
|
- db/migrate/20110111224543_create_clearance_users.rb
|
111
110
|
- db/schema.rb
|
112
|
-
- features/add_migrations_to_project.feature
|
113
|
-
- features/copy_routes_to_host_application.feature
|
114
111
|
- features/integration_with_rspec.feature
|
115
112
|
- features/integration_with_test_unit.feature
|
116
113
|
- features/step_definitions/configuration_steps.rb
|
117
114
|
- features/step_definitions/gem_file_steps.rb
|
118
115
|
- features/support/aruba.rb
|
119
116
|
- features/support/env.rb
|
117
|
+
- gemfiles/rails3.2.gemfile
|
118
|
+
- gemfiles/rails4.0.gemfile
|
119
|
+
- gemfiles/rails4.1.gemfile
|
120
|
+
- gemfiles/rails4.2.gemfile
|
120
121
|
- lib/clearance.rb
|
121
122
|
- lib/clearance/authentication.rb
|
122
123
|
- lib/clearance/authorization.rb
|
@@ -140,11 +141,6 @@ files:
|
|
140
141
|
- lib/clearance/sign_in_guard.rb
|
141
142
|
- lib/clearance/test_unit.rb
|
142
143
|
- lib/clearance/testing.rb
|
143
|
-
- lib/clearance/testing/app/controllers/application_controller.rb
|
144
|
-
- lib/clearance/testing/application.rb
|
145
|
-
- lib/clearance/testing/assertion_error.rb
|
146
|
-
- lib/clearance/testing/config/database.yml
|
147
|
-
- lib/clearance/testing/config/routes.rb
|
148
144
|
- lib/clearance/testing/deny_access_matcher.rb
|
149
145
|
- lib/clearance/testing/helpers.rb
|
150
146
|
- lib/clearance/token.rb
|
@@ -186,7 +182,15 @@ files:
|
|
186
182
|
- spec/controllers/permissions_controller_spec.rb
|
187
183
|
- spec/controllers/sessions_controller_spec.rb
|
188
184
|
- spec/controllers/users_controller_spec.rb
|
185
|
+
- spec/dummy/app/controllers/application_controller.rb
|
186
|
+
- spec/dummy/application.rb
|
187
|
+
- spec/dummy/config/database.yml
|
188
|
+
- spec/dummy/config/routes.rb
|
189
189
|
- spec/factories.rb
|
190
|
+
- spec/generators/clearance/install/install_generator_spec.rb
|
191
|
+
- spec/generators/clearance/routes/routes_generator_spec.rb
|
192
|
+
- spec/generators/clearance/specs/specs_generator_spec.rb
|
193
|
+
- spec/generators/clearance/views/views_generator_spec.rb
|
190
194
|
- spec/mailers/clearance_mailer_spec.rb
|
191
195
|
- spec/models/bcrypt_migration_from_sha1_spec.rb
|
192
196
|
- spec/models/bcrypt_spec.rb
|
@@ -196,9 +200,13 @@ files:
|
|
196
200
|
- spec/models/user_spec.rb
|
197
201
|
- spec/routing/clearance_routes_spec.rb
|
198
202
|
- spec/spec_helper.rb
|
203
|
+
- spec/support/app_templates/app/controllers/application_controller.rb
|
204
|
+
- spec/support/app_templates/app/models/user.rb
|
205
|
+
- spec/support/app_templates/config/routes.rb
|
199
206
|
- spec/support/clearance.rb
|
200
207
|
- spec/support/cookies.rb
|
201
208
|
- spec/support/fake_model_with_password_strategy.rb
|
209
|
+
- spec/support/generator_spec_helpers.rb
|
202
210
|
- spec/support/request_with_remember_token.rb
|
203
211
|
homepage: http://github.com/thoughtbot/clearance
|
204
212
|
licenses:
|
@@ -221,13 +229,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
221
229
|
version: '0'
|
222
230
|
requirements: []
|
223
231
|
rubyforge_project:
|
224
|
-
rubygems_version: 2.
|
232
|
+
rubygems_version: 2.4.5
|
225
233
|
signing_key:
|
226
234
|
specification_version: 4
|
227
235
|
summary: Rails authentication & authorization with email & password.
|
228
236
|
test_files:
|
229
|
-
- features/add_migrations_to_project.feature
|
230
|
-
- features/copy_routes_to_host_application.feature
|
231
237
|
- features/integration_with_rspec.feature
|
232
238
|
- features/integration_with_test_unit.feature
|
233
239
|
- features/step_definitions/configuration_steps.rb
|
@@ -250,7 +256,15 @@ test_files:
|
|
250
256
|
- spec/controllers/permissions_controller_spec.rb
|
251
257
|
- spec/controllers/sessions_controller_spec.rb
|
252
258
|
- spec/controllers/users_controller_spec.rb
|
259
|
+
- spec/dummy/app/controllers/application_controller.rb
|
260
|
+
- spec/dummy/application.rb
|
261
|
+
- spec/dummy/config/database.yml
|
262
|
+
- spec/dummy/config/routes.rb
|
253
263
|
- spec/factories.rb
|
264
|
+
- spec/generators/clearance/install/install_generator_spec.rb
|
265
|
+
- spec/generators/clearance/routes/routes_generator_spec.rb
|
266
|
+
- spec/generators/clearance/specs/specs_generator_spec.rb
|
267
|
+
- spec/generators/clearance/views/views_generator_spec.rb
|
254
268
|
- spec/mailers/clearance_mailer_spec.rb
|
255
269
|
- spec/models/bcrypt_migration_from_sha1_spec.rb
|
256
270
|
- spec/models/bcrypt_spec.rb
|
@@ -260,7 +274,11 @@ test_files:
|
|
260
274
|
- spec/models/user_spec.rb
|
261
275
|
- spec/routing/clearance_routes_spec.rb
|
262
276
|
- spec/spec_helper.rb
|
277
|
+
- spec/support/app_templates/app/controllers/application_controller.rb
|
278
|
+
- spec/support/app_templates/app/models/user.rb
|
279
|
+
- spec/support/app_templates/config/routes.rb
|
263
280
|
- spec/support/clearance.rb
|
264
281
|
- spec/support/cookies.rb
|
265
282
|
- spec/support/fake_model_with_password_strategy.rb
|
283
|
+
- spec/support/generator_spec_helpers.rb
|
266
284
|
- spec/support/request_with_remember_token.rb
|
data/.rspec
DELETED
@@ -1,36 +0,0 @@
|
|
1
|
-
Feature: add migrations to the project
|
2
|
-
|
3
|
-
Background:
|
4
|
-
Given I have a project with clearance
|
5
|
-
|
6
|
-
Scenario: Users table does not exist
|
7
|
-
When I install dependencies
|
8
|
-
And I successfully run `bundle exec rails generate clearance:install`
|
9
|
-
And I successfully run `ls db/migrate`
|
10
|
-
Then the output should contain:
|
11
|
-
"""
|
12
|
-
create_users.rb
|
13
|
-
"""
|
14
|
-
|
15
|
-
Scenario: Users table without clearance fields exists in the database
|
16
|
-
When I install dependencies
|
17
|
-
And I create a simple user model
|
18
|
-
And I add an existing user
|
19
|
-
And I successfully run `bundle exec rails generate clearance:install`
|
20
|
-
And I successfully run `bundle exec rake db:migrate`
|
21
|
-
Then the output should contain:
|
22
|
-
"""
|
23
|
-
add_clearance_to_users.rb
|
24
|
-
"""
|
25
|
-
And the existing user should have a remember token
|
26
|
-
|
27
|
-
Scenario: Users table with clearance fields exists in the database
|
28
|
-
When I install dependencies
|
29
|
-
And I create a migration with clearance fields
|
30
|
-
And I successfully run `bundle exec rake db:migrate`
|
31
|
-
And I successfully run `bundle exec rails generate clearance:install`
|
32
|
-
And I successfully run `ls db/migrate`
|
33
|
-
Then the output should not contain:
|
34
|
-
"""
|
35
|
-
add_clearance_to_users.rb
|
36
|
-
"""
|