clearance 0.16.0 → 0.16.1

data/.travis.yml

@@ -1,3 +1,4 @@
+language: ruby
 rvm:
   - ree-1.8.7
   - 1.8.7
@@ -5,10 +6,12 @@ rvm:
   - 1.9.3
 before_install:
   - gem update --system
-script: 'bundle exec rake appraisal spec cucumber'
+before_script:
+  - "bundle exec rake db:migrate"
 gemfile:
-  - gemfiles/3.0.9.gemfile
-  - gemfiles/3.1.0.gemfile
+  - gemfiles/3.0.12.gemfile
+  - gemfiles/3.1.4.gemfile
+  - gemfiles/3.2.3.gemfile
 branches:
   only:
     - master

data/Appraisals

@@ -1,7 +1,5 @@
-appraise "3.0.9" do
-  gem "rails", "3.0.9"
-end
-
-appraise "3.1.0" do
-  gem "rails", "3.1.0"
+['3.2.3', '3.1.4', '3.0.12'].each do |rails_version|
+  appraise "#{rails_version}" do
+    gem "rails", rails_version
+  end
 end

data/Gemfile

@@ -2,7 +2,7 @@ source "http://rubygems.org"
 gemspec
 
 gem "capybara", "~> 1.1.1"
-gem "factory_girl_rails"
+gem "factory_girl_rails", "1.7.0"
 gem "shoulda-matchers", :git => "git://github.com/thoughtbot/shoulda-matchers.git"
 gem "database_cleaner"
 gem "launchy"

data/Gemfile.lock

@@ -7,7 +7,7 @@ GIT
 PATH
   remote: .
   specs:
-    clearance (0.16.0)
+    clearance (0.16.1)
       diesel (~> 0.1.5)
       rails (>= 3.0)
 
@@ -81,21 +81,21 @@ GEM
       railties
     diff-lcs (1.1.3)
     erubis (2.7.0)
-    factory_girl (2.5.0)
-      activesupport
-    factory_girl_rails (1.6.0)
-      factory_girl (~> 2.5.0)
+    factory_girl (2.6.4)
+      activesupport (>= 2.3.9)
+    factory_girl_rails (1.7.0)
+      factory_girl (~> 2.6.0)
       railties (>= 3.0.0)
     ffi (1.0.11)
     gherkin (2.7.6)
       json (>= 1.4.6)
     hike (1.2.1)
     i18n (0.6.0)
-    journey (1.0.1)
-    json (1.6.5)
+    journey (1.0.3)
+    json (1.6.6)
     launchy (2.0.5)
       addressable (~> 2.2.6)
-    mail (2.4.1)
+    mail (2.4.4)
       i18n (>= 0.4.0)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
@@ -106,7 +106,7 @@ GEM
     nokogiri (1.5.0)
     polyglot (0.3.3)
     rack (1.4.1)
-    rack-cache (1.1)
+    rack-cache (1.2)
       rack (>= 0.4)
     rack-ssl (1.3.2)
       rack
@@ -131,19 +131,19 @@ GEM
     rdiscount (1.6.8)
     rdoc (3.12)
       json (~> 1.4)
-    rspec (2.6.0)
-      rspec-core (~> 2.6.0)
-      rspec-expectations (~> 2.6.0)
-      rspec-mocks (~> 2.6.0)
-    rspec-core (2.6.4)
-    rspec-expectations (2.6.0)
-      diff-lcs (~> 1.1.2)
-    rspec-mocks (2.6.0)
-    rspec-rails (2.6.1)
-      actionpack (~> 3.0)
-      activesupport (~> 3.0)
-      railties (~> 3.0)
-      rspec (~> 2.6.0)
+    rspec (2.9.0)
+      rspec-core (~> 2.9.0)
+      rspec-expectations (~> 2.9.0)
+      rspec-mocks (~> 2.9.0)
+    rspec-core (2.9.0)
+    rspec-expectations (2.9.1)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.9.0)
+    rspec-rails (2.9.0)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec (~> 2.9.0)
     rubyzip (0.9.5)
     selenium-webdriver (2.18.0)
       childprocess (>= 0.2.5)
@@ -173,14 +173,14 @@ DEPENDENCIES
   appraisal (~> 0.3.8)
   aruba (~> 0.4.2)
   bourne
-  bundler (~> 1.0.0)
+  bundler (~> 1.1.0)
   capybara (~> 1.1.1)
   clearance!
   cucumber-rails (~> 1.1.1)
   database_cleaner
-  factory_girl_rails
+  factory_girl_rails (= 1.7.0)
   launchy
-  rspec-rails (~> 2.6.0)
+  rspec-rails (~> 2.9.0)
   shoulda-matchers!
   sqlite3
   timecop

data/NEWS.md

@@ -1,3 +1,8 @@
+New for 0.16.1:
+
+* Behave correctly when Rails whitelist attributes mass assignment protection is turned on
+* Fix for Rails 3.2.x modifying the HTTP cookie headers in rack requests
+
 New for 0.16.0:
 
 * Blowfish password encryption strategy (Chris Dillon)

data/README.md

@@ -17,7 +17,7 @@ Help
 Installation
 ------------
 
-Clearance is a Rails engine for Rails 3. It is currently tested against Rails 3.0.9 and Rails 3.1.0.
+Clearance is a Rails engine for Rails 3. It is currently tested against Rails 3.0.12 and Rails 3.1.4.
 
 Include the gem in your Gemfile:
 

data/Rakefile

@@ -9,11 +9,15 @@ require 'diesel/tasks'
 require 'rspec/core/rake_task'
 require 'appraisal'
 
-desc 'Default: run the specs and cucumber features'
-task :default => [:all]
+task :default do |t|
+  if ENV['BUNDLE_GEMFILE'] =~ /gemfiles/
+    exec 'rake spec cucumber'
+  else
+    Rake::Task['appraise'].execute
+  end
+end
 
-desc 'Test the plugin under all supported Rails versions.'
-task :all => ['appraisal:install'] do |t|
+task :appraise => ['appraisal:install'] do |t|
   exec 'rake appraisal spec cucumber'
 end
 

data/app/controllers/clearance/users_controller.rb

@@ -5,12 +5,12 @@ class Clearance::UsersController < ApplicationController
   before_filter :redirect_to_root, :only => [:new, :create], :if => :signed_in?
 
   def new
-    @user = Clearance.configuration.user_model.new(params[:user])
+    @user = user_from_params
     render :template => 'users/new'
   end
 
   def create
-    @user = Clearance.configuration.user_model.new(params[:user])
+    @user = user_from_params
     if @user.save
       sign_in(@user)
       redirect_back_or(url_after_create)
@@ -31,4 +31,13 @@ class Clearance::UsersController < ApplicationController
   def url_after_create
     '/'
   end
+
+  def user_from_params
+    user_params = params[:user] || Hash.new
+    email, password = user_params.delete(:email), user_params.delete(:password)
+    Clearance.configuration.user_model.new(user_params).tap do |user|
+      user.email = email
+      user.password = password
+    end
+  end
 end

data/clearance.gemspec

@@ -1,8 +1,10 @@
+$:.push File.expand_path('../lib', __FILE__)
+require 'clearance/version'
 require 'date'
 
 Gem::Specification.new do |s|
   s.name     = %q{clearance}
-  s.version  = IO.read(File.join(File.dirname(__FILE__), 'VERSION'))
+  s.version  = Clearance::VERSION
   s.email    = %q{support@thoughtbot.com}
   s.homepage = %q{http://github.com/thoughtbot/clearance}
 
@@ -25,10 +27,10 @@ Gem::Specification.new do |s|
   s.add_dependency('rails',  '>= 3.0')
   s.add_dependency('diesel', '~> 0.1.5')
 
-  s.add_development_dependency('bundler',        '~> 1.0.0')
+  s.add_development_dependency('bundler',        '~> 1.1.0')
   s.add_development_dependency('appraisal',      '~> 0.3.8')
   s.add_development_dependency('cucumber-rails', '~> 1.1.1')
-  s.add_development_dependency('rspec-rails',    '~> 2.6.0')
+  s.add_development_dependency('rspec-rails',    '~> 2.9.0')
   s.add_development_dependency('sqlite3')
   s.add_development_dependency('bourne')
   s.add_development_dependency('timecop')
@@ -38,4 +40,3 @@ Gem::Specification.new do |s|
     s.specification_version = 3
   end
 end
-

data/features/step_definitions/engine/clearance_steps.rb

@@ -1,11 +1,11 @@
 # Existing users
 
 Given /^(?:I am|I have|I) signed up (?:as|with) "(.*)"$/ do |email|
-  Factory(:user, :email => email)
+  FactoryGirl.create(:user, :email => email)
 end
 
 Given /^a user "([^"]*)" exists without a salt, remember token, or password$/ do |email|
-  user = Factory(:user, :email => email)
+  user = FactoryGirl.create(:user, :email => email)
   sql  = "update users set salt = NULL, encrypted_password = NULL, remember_token = NULL where id = #{user.id}"
   ActiveRecord::Base.connection.update(sql)
 end

data/gemfiles/3.0.12.gemfile

@@ -0,0 +1,13 @@
+# This file was generated by Appraisal
+
+source "http://rubygems.org"
+
+gem "capybara", "~> 1.1.1"
+gem "factory_girl_rails", "1.7.0"
+gem "shoulda-matchers", :git=>"git://github.com/thoughtbot/shoulda-matchers.git"
+gem "database_cleaner"
+gem "launchy"
+gem "aruba", "~> 0.4.2"
+gem "rails", "3.0.12"
+
+gemspec :path=>"../"

data/gemfiles/{3.0.9.gemfile.lock → 3.0.12.gemfile.lock}

@@ -1,13 +1,13 @@
 GIT
   remote: git://github.com/thoughtbot/shoulda-matchers.git
-  revision: 25c2623bb9d96cf6a446ecc141fdfefe5c4860fa
+  revision: d85503f86ef224bca2b54fc6b9ad96866fe12f2d
   specs:
     shoulda-matchers (1.0.0)
 
 PATH
-  remote: /home/mike/lib/clearance
+  remote: /Users/mjankowski/Development/opensource/clearance
   specs:
-    clearance (0.16.0)
+    clearance (0.16.1)
       diesel (~> 0.1.5)
       rails (>= 3.0)
 
@@ -15,47 +15,44 @@ GEM
   remote: http://rubygems.org/
   specs:
     abstract (1.0.0)
-    actionmailer (3.0.9)
-      actionpack (= 3.0.9)
+    actionmailer (3.0.12)
+      actionpack (= 3.0.12)
       mail (~> 2.2.19)
-    actionpack (3.0.9)
-      activemodel (= 3.0.9)
-      activesupport (= 3.0.9)
+    actionpack (3.0.12)
+      activemodel (= 3.0.12)
+      activesupport (= 3.0.12)
       builder (~> 2.1.2)
       erubis (~> 2.6.6)
       i18n (~> 0.5.0)
-      rack (~> 1.2.1)
+      rack (~> 1.2.5)
       rack-mount (~> 0.6.14)
       rack-test (~> 0.5.7)
       tzinfo (~> 0.3.23)
-    activemodel (3.0.9)
-      activesupport (= 3.0.9)
+    activemodel (3.0.12)
+      activesupport (= 3.0.12)
       builder (~> 2.1.2)
       i18n (~> 0.5.0)
-    activerecord (3.0.9)
-      activemodel (= 3.0.9)
-      activesupport (= 3.0.9)
+    activerecord (3.0.12)
+      activemodel (= 3.0.12)
+      activesupport (= 3.0.12)
       arel (~> 2.0.10)
       tzinfo (~> 0.3.23)
-    activeresource (3.0.9)
-      activemodel (= 3.0.9)
-      activesupport (= 3.0.9)
-    activesupport (3.0.9)
-    addressable (2.2.6)
+    activeresource (3.0.12)
+      activemodel (= 3.0.12)
+      activesupport (= 3.0.12)
+    activesupport (3.0.12)
+    addressable (2.2.7)
     appraisal (0.3.8)
       bundler
       rake
     arel (2.0.10)
-    aruba (0.4.6)
-      bcat (>= 0.6.1)
-      childprocess (>= 0.2.0)
-      cucumber (>= 1.0.2)
-      rdiscount (>= 1.6.8)
-      rspec (>= 2.6.0)
-    bcat (0.6.2)
-      rack (~> 1.0)
-    bourne (1.0)
-      mocha (= 0.9.8)
+    aruba (0.4.11)
+      childprocess (>= 0.2.3)
+      cucumber (>= 1.1.1)
+      ffi (>= 1.0.11)
+      rspec (>= 2.7.0)
+    bourne (1.1.2)
+      mocha (= 0.10.5)
     builder (2.1.2)
     capybara (1.1.2)
       mime-types (>= 1.16)
@@ -64,88 +61,88 @@ GEM
       rack-test (>= 0.5.4)
       selenium-webdriver (~> 2.0)
       xpath (~> 0.1.4)
-    childprocess (0.3.0)
+    childprocess (0.3.1)
       ffi (~> 1.0.6)
-    cucumber (1.1.4)
+    cucumber (1.1.9)
       builder (>= 2.1.2)
       diff-lcs (>= 1.1.2)
-      gherkin (~> 2.7.1)
+      gherkin (~> 2.9.0)
       json (>= 1.4.6)
       term-ansicolor (>= 1.0.6)
     cucumber-rails (1.1.1)
       capybara (>= 1.1.1)
       cucumber (>= 1.1.0)
       nokogiri (>= 1.5.0)
-    database_cleaner (0.7.1)
+    database_cleaner (0.7.2)
     diesel (0.1.5)
       railties
     diff-lcs (1.1.3)
     erubis (2.6.6)
       abstract (>= 1.0.0)
-    factory_girl (2.5.0)
-      activesupport
-    factory_girl_rails (1.6.0)
-      factory_girl (~> 2.5.0)
+    factory_girl (2.6.4)
+      activesupport (>= 2.3.9)
+    factory_girl_rails (1.7.0)
+      factory_girl (~> 2.6.0)
       railties (>= 3.0.0)
     ffi (1.0.11)
-    gherkin (2.7.6)
+    gherkin (2.9.3)
       json (>= 1.4.6)
     i18n (0.5.0)
-    json (1.6.5)
-    launchy (2.0.5)
+    json (1.6.6)
+    launchy (2.1.0)
       addressable (~> 2.2.6)
     mail (2.2.19)
       activesupport (>= 2.3.6)
       i18n (>= 0.4.0)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
-    mime-types (1.17.2)
-    mocha (0.9.8)
-      rake
-    multi_json (1.0.4)
-    nokogiri (1.5.0)
+    metaclass (0.0.1)
+    mime-types (1.18)
+    mocha (0.10.5)
+      metaclass (~> 0.0.1)
+    multi_json (1.2.0)
+    nokogiri (1.5.2)
     polyglot (0.3.3)
     rack (1.2.5)
     rack-mount (0.6.14)
       rack (>= 1.0.0)
     rack-test (0.5.7)
       rack (>= 1.0)
-    rails (3.0.9)
-      actionmailer (= 3.0.9)
-      actionpack (= 3.0.9)
-      activerecord (= 3.0.9)
-      activeresource (= 3.0.9)
-      activesupport (= 3.0.9)
+    rails (3.0.12)
+      actionmailer (= 3.0.12)
+      actionpack (= 3.0.12)
+      activerecord (= 3.0.12)
+      activeresource (= 3.0.12)
+      activesupport (= 3.0.12)
       bundler (~> 1.0)
-      railties (= 3.0.9)
-    railties (3.0.9)
-      actionpack (= 3.0.9)
-      activesupport (= 3.0.9)
+      railties (= 3.0.12)
+    railties (3.0.12)
+      actionpack (= 3.0.12)
+      activesupport (= 3.0.12)
       rake (>= 0.8.7)
       rdoc (~> 3.4)
       thor (~> 0.14.4)
     rake (0.9.2.2)
-    rdiscount (1.6.8)
     rdoc (3.12)
       json (~> 1.4)
-    rspec (2.6.0)
-      rspec-core (~> 2.6.0)
-      rspec-expectations (~> 2.6.0)
-      rspec-mocks (~> 2.6.0)
-    rspec-core (2.6.4)
-    rspec-expectations (2.6.0)
-      diff-lcs (~> 1.1.2)
-    rspec-mocks (2.6.0)
-    rspec-rails (2.6.1)
-      actionpack (~> 3.0)
-      activesupport (~> 3.0)
-      railties (~> 3.0)
-      rspec (~> 2.6.0)
-    rubyzip (0.9.5)
-    selenium-webdriver (2.18.0)
+    rspec (2.9.0)
+      rspec-core (~> 2.9.0)
+      rspec-expectations (~> 2.9.0)
+      rspec-mocks (~> 2.9.0)
+    rspec-core (2.9.0)
+    rspec-expectations (2.9.1)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.9.0)
+    rspec-rails (2.9.0)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec (~> 2.9.0)
+    rubyzip (0.9.6.1)
+    selenium-webdriver (2.20.0)
       childprocess (>= 0.2.5)
-      ffi (~> 1.0.9)
-      multi_json (~> 1.0.4)
+      ffi (~> 1.0)
+      multi_json (~> 1.0)
       rubyzip
     sqlite3 (1.3.5)
     term-ansicolor (1.0.7)
@@ -154,7 +151,7 @@ GEM
     treetop (1.4.10)
       polyglot
       polyglot (>= 0.3.1)
-    tzinfo (0.3.31)
+    tzinfo (0.3.32)
     xpath (0.1.4)
       nokogiri (~> 1.3)
 
@@ -165,15 +162,15 @@ DEPENDENCIES
   appraisal (~> 0.3.8)
   aruba (~> 0.4.2)
   bourne
-  bundler (~> 1.0.0)
+  bundler (~> 1.1.0)
   capybara (~> 1.1.1)
   clearance!
   cucumber-rails (~> 1.1.1)
   database_cleaner
-  factory_girl_rails
+  factory_girl_rails (= 1.7.0)
   launchy
-  rails (= 3.0.9)
-  rspec-rails (~> 2.6.0)
+  rails (= 3.0.12)
+  rspec-rails (~> 2.9.0)
   shoulda-matchers!
   sqlite3
   timecop