clearance 0.16.3 → 1.0.0.rc1

data/.gitignore

@@ -8,3 +8,4 @@ db/*.sqlite3
 log/*.log
 pkg
 tmp/
+bin/

data/.travis.yml

@@ -1,7 +1,5 @@
 language: ruby
 rvm:
-  - ree-1.8.7
-  - 1.8.7
   - 1.9.2
   - 1.9.3
 before_install:

data/Appraisals

@@ -1,5 +1,5 @@
-['3.2.3', '3.1.4', '3.0.12'].each do |rails_version|
+['3.0.15', '3.1.6', '3.2.6'].each do |rails_version|
   appraise "#{rails_version}" do
-    gem "rails", rails_version
+    gem 'rails', rails_version
   end
 end

data/CONTRIBUTING.md

@@ -2,17 +2,19 @@ We love pull requests. Here's a quick guide:
 
 1. Fork the repo.
 
-2. Run the tests. We only take pull requests with passing tests, and it's great
-to know that you have a clean slate: `bundle && rake db:migrate && rake`
-   
-3. Add a test for your change. Only refactoring and documentation changes
-require no new tests. If you are adding functionality or fixing a bug, we need
-a test!
+2. Set up Appraisal, which helps us test against multiple Rails versions:
+   `rake appraisal:install`.
 
-4. Make the test pass.
+3. Run the tests. We only take pull requests with passing tests, and it's great
+   to know that you have a clean slate: `rake`
 
-5. Push to your fork and submit a pull request.
+4. Add a test for your change. Only refactoring and documentation changes
+   require no new tests. If you are adding functionality or fixing a bug, we need
+   a test!
 
+5. Make the test pass.
+
+6. Push to your fork and submit a pull request.
 
 At this point you're waiting on us. We like to at least comment on, if not
 accept, pull requests within three business days (and, typically, one business
@@ -25,14 +27,3 @@ taken straight from the Ruby on Rails guide:
 * Include tests that fail without your code, and pass with it
 * Update the documentation, the surrounding one, examples elsewhere, guides,
   whatever is affected by your contribution
-
-Syntax:
-
-* Two spaces, no tabs.
-* No trailing whitespace. Blank lines should not have any space.
-* Prefer &&/|| over and/or.
-* MyClass.my_method(my_arg) not my_method( my_arg ) or my_method my_arg.
-* a = b and not a=b.
-* Follow the conventions you see used in the source already.
-
-And in case we didn't emphasize it enough: we love tests!

data/Gemfile

@@ -1,3 +1,3 @@
-source "http://rubygems.org"
+source 'http://rubygems.org'
 
 gemspec

data/Gemfile.lock

@@ -1,41 +1,42 @@
 PATH
   remote: .
   specs:
-    clearance (0.16.3)
-      diesel (~> 0.1.5)
+    clearance (1.0.0.rc1)
+      bcrypt-ruby
+      diesel (= 0.1.5)
       rails (>= 3.0)
 
 GEM
   remote: http://rubygems.org/
   specs:
-    actionmailer (3.2.1)
-      actionpack (= 3.2.1)
-      mail (~> 2.4.0)
-    actionpack (3.2.1)
-      activemodel (= 3.2.1)
-      activesupport (= 3.2.1)
+    actionmailer (3.2.6)
+      actionpack (= 3.2.6)
+      mail (~> 2.4.4)
+    actionpack (3.2.6)
+      activemodel (= 3.2.6)
+      activesupport (= 3.2.6)
       builder (~> 3.0.0)
       erubis (~> 2.7.0)
       journey (~> 1.0.1)
       rack (~> 1.4.0)
-      rack-cache (~> 1.1)
+      rack-cache (~> 1.2)
       rack-test (~> 0.6.1)
-      sprockets (~> 2.1.2)
-    activemodel (3.2.1)
-      activesupport (= 3.2.1)
+      sprockets (~> 2.1.3)
+    activemodel (3.2.6)
+      activesupport (= 3.2.6)
       builder (~> 3.0.0)
-    activerecord (3.2.1)
-      activemodel (= 3.2.1)
-      activesupport (= 3.2.1)
-      arel (~> 3.0.0)
+    activerecord (3.2.6)
+      activemodel (= 3.2.6)
+      activesupport (= 3.2.6)
+      arel (~> 3.0.2)
       tzinfo (~> 0.3.29)
-    activeresource (3.2.1)
-      activemodel (= 3.2.1)
-      activesupport (= 3.2.1)
-    activesupport (3.2.1)
+    activeresource (3.2.6)
+      activemodel (= 3.2.6)
+      activesupport (= 3.2.6)
+    activesupport (3.2.6)
       i18n (~> 0.6)
       multi_json (~> 1.0)
-    addressable (2.2.6)
+    addressable (2.3.1)
     appraisal (0.4.1)
       bundler
       rake
@@ -45,6 +46,7 @@ GEM
       cucumber (>= 1.1.1)
       ffi (>= 1.0.11)
       rspec (>= 2.7.0)
+    bcrypt-ruby (3.0.1)
     bourne (1.1.2)
       mocha (= 0.10.5)
     builder (3.0.0)
@@ -55,47 +57,46 @@ GEM
       rack-test (>= 0.5.4)
       selenium-webdriver (~> 2.0)
       xpath (~> 0.1.4)
-    childprocess (0.3.0)
-      ffi (~> 1.0.6)
-    cucumber (1.1.4)
+    childprocess (0.3.4)
+      ffi (~> 1.0, >= 1.0.6)
+    cucumber (1.2.1)
       builder (>= 2.1.2)
-      diff-lcs (>= 1.1.2)
-      gherkin (~> 2.7.1)
+      diff-lcs (>= 1.1.3)
+      gherkin (~> 2.11.0)
       json (>= 1.4.6)
-      term-ansicolor (>= 1.0.6)
     cucumber-rails (1.1.1)
       capybara (>= 1.1.1)
       cucumber (>= 1.1.0)
       nokogiri (>= 1.5.0)
-    database_cleaner (0.7.1)
+    database_cleaner (0.8.0)
     diesel (0.1.5)
       railties
     diff-lcs (1.1.3)
     erubis (2.7.0)
-    factory_girl (3.1.1)
+    factory_girl (3.5.0)
       activesupport (>= 3.0.0)
-    factory_girl_rails (3.1.0)
-      factory_girl (~> 3.1.0)
+    factory_girl_rails (3.5.0)
+      factory_girl (~> 3.5.0)
       railties (>= 3.0.0)
-    ffi (1.0.11)
-    gherkin (2.7.6)
+    ffi (1.1.0)
+    gherkin (2.11.1)
       json (>= 1.4.6)
     hike (1.2.1)
     i18n (0.6.0)
-    journey (1.0.3)
-    json (1.6.6)
-    launchy (2.0.5)
-      addressable (~> 2.2.6)
+    journey (1.0.4)
+    json (1.7.3)
+    libwebsocket (0.1.4)
+      addressable
     mail (2.4.4)
       i18n (>= 0.4.0)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     metaclass (0.0.1)
-    mime-types (1.17.2)
+    mime-types (1.19)
     mocha (0.10.5)
       metaclass (~> 0.0.1)
-    multi_json (1.0.4)
-    nokogiri (1.5.0)
+    multi_json (1.3.6)
+    nokogiri (1.5.5)
     polyglot (0.3.3)
     rack (1.4.1)
     rack-cache (1.2)
@@ -104,52 +105,51 @@ GEM
       rack
     rack-test (0.6.1)
       rack (>= 1.0)
-    rails (3.2.1)
-      actionmailer (= 3.2.1)
-      actionpack (= 3.2.1)
-      activerecord (= 3.2.1)
-      activeresource (= 3.2.1)
-      activesupport (= 3.2.1)
+    rails (3.2.6)
+      actionmailer (= 3.2.6)
+      actionpack (= 3.2.6)
+      activerecord (= 3.2.6)
+      activeresource (= 3.2.6)
+      activesupport (= 3.2.6)
       bundler (~> 1.0)
-      railties (= 3.2.1)
-    railties (3.2.1)
-      actionpack (= 3.2.1)
-      activesupport (= 3.2.1)
+      railties (= 3.2.6)
+    railties (3.2.6)
+      actionpack (= 3.2.6)
+      activesupport (= 3.2.6)
       rack-ssl (~> 1.3.2)
       rake (>= 0.8.7)
       rdoc (~> 3.4)
-      thor (~> 0.14.6)
+      thor (>= 0.14.6, < 2.0)
     rake (0.9.2.2)
     rdoc (3.12)
       json (~> 1.4)
-    rspec (2.9.0)
-      rspec-core (~> 2.9.0)
-      rspec-expectations (~> 2.9.0)
-      rspec-mocks (~> 2.9.0)
-    rspec-core (2.9.0)
-    rspec-expectations (2.9.1)
+    rspec (2.11.0)
+      rspec-core (~> 2.11.0)
+      rspec-expectations (~> 2.11.0)
+      rspec-mocks (~> 2.11.0)
+    rspec-core (2.11.1)
+    rspec-expectations (2.11.1)
       diff-lcs (~> 1.1.3)
-    rspec-mocks (2.9.0)
-    rspec-rails (2.9.0)
+    rspec-mocks (2.11.1)
+    rspec-rails (2.11.0)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec (~> 2.9.0)
-    rubyzip (0.9.5)
-    selenium-webdriver (2.18.0)
+      rspec (~> 2.11.0)
+    rubyzip (0.9.9)
+    selenium-webdriver (2.25.0)
       childprocess (>= 0.2.5)
-      ffi (~> 1.0.9)
-      multi_json (~> 1.0.4)
+      libwebsocket (~> 0.1.3)
+      multi_json (~> 1.0)
       rubyzip
-    shoulda-matchers (1.1.0)
+    shoulda-matchers (1.2.0)
       activesupport (>= 3.0.0)
-    sprockets (2.1.2)
+    sprockets (2.1.3)
       hike (~> 1.2)
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
-    sqlite3 (1.3.5)
-    term-ansicolor (1.0.7)
-    thor (0.14.6)
+    sqlite3 (1.3.6)
+    thor (0.15.4)
     tilt (1.3.3)
     timecop (0.3.5)
     treetop (1.4.10)
@@ -163,17 +163,16 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  appraisal (~> 0.4.1)
-  aruba (~> 0.4.11)
-  bourne (~> 1.1.2)
-  bundler (~> 1.1.0)
-  capybara (~> 1.1.2)
+  appraisal (= 0.4.1)
+  aruba (= 0.4.11)
+  bourne (= 1.1.2)
+  bundler (= 1.1.3)
+  capybara (= 1.1.2)
   clearance!
-  cucumber-rails (~> 1.1.1)
-  database_cleaner
-  factory_girl_rails (~> 3.1.0)
-  launchy
-  rspec-rails (~> 2.9.0)
-  shoulda-matchers (~> 1.1.0)
-  sqlite3
-  timecop
+  cucumber-rails (= 1.1.1)
+  database_cleaner (= 0.8.0)
+  factory_girl_rails (= 3.5.0)
+  rspec-rails (= 2.11.0)
+  shoulda-matchers (= 1.2.0)
+  sqlite3 (= 1.3.6)
+  timecop (= 0.3.5)

data/NEWS.md

@@ -1,7 +1,20 @@
-New for 0.17.0:
-
-* Handle the security issue found in Rails by Ben Murphy. Some details
-can be found on the Rails commit: https://github.com/rails/rails/commit/5f91ea3dc1ed3fa1c6be2cff7de1d1663990b0c3
+New for 1.0.0:
+
+* Change default password strategy to BCrypt.
+* Provide BCryptMigrationFromSHA1 password strategy to help people migrate from
+  SHA1 (the old default password strategy) to BCrypt (the new default).
+* Require Ruby 1.9.2.
+* A revamped, more descriptive README.
+* More extension points in more controllers.
+* The email, encrypted_password, and remember_token fields of the users
+  table cannot be NULL.
+* We do not support adding Clearance after-the-fact.
+* We support Test::Unit.
+* Drop Rails plugin support.
+* Add SignedIn and SignedOut routing constraints.
+* Add a fake password strategy, which is useful when writing tests.
+* Remove deprecated methods on User: remember_me!, generate_random_code,
+  password_required?.
 
 New for 0.16.2:
 

data/README.md

@@ -3,25 +3,21 @@ Clearance [![Build Status](https://secure.travis-ci.org/thoughtbot/clearance.png
 
 Rails authentication & authorization with email & password.
 
-[We have clearance, Clarence.](http://www.youtube.com/watch?v=fVq4_HhBK8Y)
+Clearance was extracted out of [Airbrake](http://airbrakeapp.com/). It is intended to be small, simple, well-tested, and easy to override defaults.
 
-Clearance was extracted out of [Airbrake](http://airbrakeapp.com/).
+Use [Github Issues](http://github.com/thoughtbot/clearance/issues) for help.
 
-Help
-----
+Read [CONTRIBUTING.md](https://github.com/thoughtbot/clearance/blob/master/config/routes.rb) to contribute.
 
-* [Documentation](http://rdoc.info/gems/clearance) at RDoc.info.
-* [Patches and bugs](http://github.com/thoughtbot/clearance/issues) at Github Issues.
-* [Mailing list](http://groups.google.com/group/thoughtbot-clearance) at Google Groups.
-
-Installation
-------------
+Install
+-------
 
-Clearance is a Rails engine for Rails 3. It is currently tested against Rails 3.0.12 and Rails 3.1.4.
+Clearance is a Rails engine for Rails 3 on Ruby 1.9.2. It is currently
+tested against Rails 3.0.12, 3.1.4, and 3.2.3.
 
 Include the gem in your Gemfile:
 
-    gem "clearance"
+    gem 'clearance'
 
 Make sure the development database exists, then run the generator:
 
@@ -38,57 +34,70 @@ Follow the instructions that are output from the generator.
 Use the [0.8.x](https://github.com/thoughtbot/clearance/tree/v0.8.8)
 series of Clearance if you have a Rails 2 app.
 
-Usage
------
+Use version [0.16.3](http://rubygems.org/gems/clearance/versions/0.16.3)
+for Ruby 1.8.7.
+
+Configure
+---------
+
+Override any of the defaults in `config/initializers/clearance.rb`:
+
+    Clearance.configure do |config|
+      config.cookie_expiration = lambda { 1.year.from_now.utc }
+      config.mailer_sender = 'reply@example.com'
+      config.password_strategy = Clearance::PasswordStrategies::BCrypt
+      config.user_model = User
+    end
+
+Use
+---
 
-If you want to authorize users for a controller action, use the authorize
-method in a before_filter.
+Use `authorize` and `current_user` in controllers:
 
-    class WidgetsController < ApplicationController
+    class ArticlesController < ApplicationController
       before_filter :authorize
 
       def index
-        @widgets = Widget.all
+        current_user.articles
       end
     end
 
-If you want to reference the current user in a controller, view, or helper, use
-the current_user method.
+Use `signed_in?` and `signed_out?` in controllers, views, or helpers. For example,
+you might want this in a layout:
 
-    def index
-      current_user.articles
-    end
+    - if signed_in?
+      = current_user.email
+      = link_to 'Sign out', sign_out_path, :method => :delete
+    - else
+      = link_to 'Sign in', sign_in_path
 
-If you want to know whether the current user is signed in or out, you can use
-these methods in controllers, views, or helpers:
+If you want to authenticate a user elsewhere than sessions/new, like in an API:
 
-    signed_in?
-    signed_out?
+    User.authenticate 'email@example.com', 'password'
 
-Typically, you want to have something like this in your app, maybe in a layout:
+When a user resets their password, Clearance delivers them an email on. Therefore,
+you should change the default email address in `config/initializers/clearance.rb`:
 
-    <% if signed_in? %>
-      <%= current_user.email %>
-      <%= link_to "Sign out", sign_out_path, :method => :delete %>
-    <% else %>
-      <%= link_to "Sign in", sign_in_path %>
-    <% end %>
+    Clearance.configure do |config|
+      config.mailer_sender = 'reply@example.com'
+    end
 
-If you ever want to authenticate the user some place other than sessions/new,
-maybe in an API:
+You can authorize users at the route level:
 
-    User.authenticate("email@example.com", "password")
+    Blog::Application.routes.draw do
+      constraints Clearance::Constraints::SignedIn.new { |user| user.admin? } do
+        root :to => 'admin'
+      end
 
-Clearance will deliver one email on your app's behalf: when a user resets their password. Therefore, you should change the default email address that email comes from:
+      constraints Clearance::Constraints::SignedIn.new do
+        root :to => 'dashboard'
+      end
 
-    # config/initializers/clearance.rb
-    Clearance.configure do |config|
-      config.mailer_sender = "me@example.com"
+      constraints Clearance::Constraints::SignedOut.new do
+        root :to => 'marketing'
+      end
     end
 
-Rack
-----
-
 Clearance adds its session to the Rack environment hash so middleware and other
 Rack applications can interact with it:
 
@@ -101,16 +110,11 @@ Rack applications can interact with it:
         if env[:clearance].signed_in?
           env[:clearance].current_user.bubble_gum
         end
+
         @app.call(env)
       end
     end
 
-
-Overriding defaults
--------------------
-
-Clearance is intended to be small, simple, well-tested, and easy to override defaults.
-
 Overriding routes
 -----------------
 
@@ -127,43 +131,65 @@ See [app/controllers/clearance](https://github.com/thoughtbot/clearance/tree/mas
 
 To override a Clearance controller, subclass it:
 
+    class PasswordsController < Clearance::PasswordsController
     class SessionsController < Clearance::SessionsController
-      def new
-        # my special new action
-      end
-
-      def url_after_create
-        my_special_path
-      end
-    end
-
-You may want to override entire actions:
-
-    def new
-    end
-
-Or, you may want to override private methods that actions use:
-
-    url_after_create
-    url_after_update
-    url_after_destroy
-    flash_failure_after_create
-    flash_failure_after_update
-    flash_failure_when_forbidden
-    forbid_missing_token
-    forbid_non_existent_user
+    class UsersController < Clearance::UsersController
+
+Then, override public methods:
+
+    passwords#create
+    passwords#edit
+    passwords#new
+    passwords#update
+    sessions#create
+    sessions#destroy
+    sessions#new
+    users#new
+    users#create
+
+Or, override private methods:
+
+    passwords#find_user_by_id_and_confirmation_token
+    passwords#find_user_for_create
+    passwords#find_user_for_edit
+    passwords#find_user_for_update
+    passwords#flash_failure_when_forbidden
+    passwords#flash_failure_after_create
+    passwords#flash_failure_after_update
+    passwords#forbid_missing_token
+    passwords#forbid_non_existent_user
+    passwords#url_after_create
+    passwords#url_after_update
+    sessions#flash_failure_after_create
+    sessions#url_after_create
+    sessions#url_after_destroy
+    users#flash_failure_after_create
+    users#url_after_create
+    users#user_from_params
 
 Overriding translations
 -----------------------
 
-All flash messages and email subject lines are stored in [i18n translations](http://guides.rubyonrails.org/i18n.html). Override them like any other translation.
+All flash messages and email subject lines are stored in
+[i18n translations](http://guides.rubyonrails.org/i18n.html).
+Override them like any other translation.
 
 Overriding views
 ----------------
 
-See [app/views](https://github.com/thoughtbot/clearance/tree/master/app/views) for the default behavior.
+See [app/views](https://github.com/thoughtbot/clearance/tree/master/app/views)
+for the default behavior.
+
+To override a view, create your own:
 
-To override those **views**, create them in your own `app/views` directory.
+    app/views/clearance_mailer/change_password.html.erb
+    app/views/passwords/create.html.erb
+    app/views/passwords/edit.html.erb
+    app/views/passwords/new.html.erb
+    app/views/sessions/_form.html.erb
+    app/views/sessions/new.html.erb
+    app/views/users/_form.html.erb
+    app/views/users/new.html.erb
 
 There is a shortcut to copy all Clearance views into your app:
 
@@ -172,44 +198,78 @@ There is a shortcut to copy all Clearance views into your app:
 Overriding the model
 --------------------
 
-If you want to override the **model** behavior, you can include sub-modules of `Clearance::User`:
+See [lib/clearance/user.rb](https://github.com/thoughtbot/clearance/tree/master/lib/clearance/user.rb)
+for the default behavior.
 
-    extend  Clearance::User::ClassMethods
-    include Clearance::User::Validations
-    include Clearance::User::Callbacks
+To override the model, redefine public methods:
 
-`ClassMethods` contains the `User.authenticate(email, password)` method.
+    self.authenticate(email, password)
+    forgot_password!
+    reset_remember_token!
+    update_password(new_password)
 
-`Validations` contains validations for email and password.
+Or, redefine private methods:
 
-`Callbacks` contains `ActiveRecord` callbacks downcasing the email and generating a remember token.
+    downcase_email
+    email_optional?
+    generate_confirmation_token
+    generate_remember_token
+    password_optional?
 
 Overriding the password strategy
 --------------------------------
 
-By default, Clearance uses SHA1 encryption of the user's password. You can provide your own password strategy by creating a module that conforms to an API of two instance methods:
+By default, Clearance uses BCrypt encryption of the user's password.
 
-    def authenticated?
-    end
+See [lib/clearance/password_strategies/bcrypt.rb](https://github.com/thoughtbot/clearance/blob/master/lib/clearance/password_strategies/bcrypt.rb) for the default behavior.
+
+Change your password strategy in `config/initializers/clearance.rb:`
 
-    def encrypt_password
+    Clearance.configure do |config|
+      config.password_strategy = Clearance::PasswordStrategies::SHA1
     end
 
-See [lib/clearance/password_strategies/sha1.rb](https://github.com/thoughtbot/clearance/blob/master/lib/clearance/password_strategies/sha1.rb) for the default behavior. Also see [lib/clearance/password_strategies/blowfish.rb](https://github.com/thoughtbot/clearance/blob/master/lib/clearance/password_strategies/blowfish.rb) for another password strategy. Switching password strategies will cause your existing users' passwords to not work.
+Clearance provides the following strategies:
+
+    config.password_strategy = Clearance::PasswordStrategies::BCrypt
+    config.password_strategy = Clearance::PasswordStrategies::BCryptMigrationFromSHA1
+    config.password_strategy = Clearance::PasswordStrategies::Blowfish
+    config.password_strategy = Clearance::PasswordStrategies::SHA1
 
-Once you have an API-compliant module, load it with:
+The previous default password strategy was SHA1.
 
-    Clearance.configure do |config|
-      config.password_strategy = MyPasswordStrategy
+Switching password strategies may cause your existing users to not be able to sign in.
+
+If you have an existing app that used the old `SHA1` strategy and you
+want to stay with SHA1, use
+[Clearance::PasswordStrategies::SHA1](https://github.com/thoughtbot/clearance/blob/master/lib/clearance/password_strategies/sha1.rb).
+
+If you have an existing app that used the old `SHA1` strategy and you
+want to switch to BCrypt transparently, use
+[Clearance::PasswordStrategies::BCryptMigrationFromSHA1](https://github.com/thoughtbot/clearance/blob/master/lib/clearance/password_strategies/bcrypt_migration_from_sha1.rb).
+
+The SHA1 and Blowfish password strategies require an additional `salt` column in
+the `users` table. Run this migration before switching to SHA or Blowfish:
+
+    class AddSaltToUsers < ActiveRecord::Migration
+      def change
+        add_column :users, :salt, :string, :limit => 128
+      end
     end
 
-For example:
+You can write a custom password strategy that has two instance methods:
 
-    # default
-    config.password_strategy = Clearance::PasswordStrategies::SHA1
-    # Blowfish
-    config.password_strategy = Clearance::PasswordStrategies::Blowfish
-    
+    module CustomPasswordStrategy
+      def authenticated?
+      end
+
+      def password=(new_password)
+      end
+    end
+
+    Clearance.configure do |config|
+      config.password_strategy = CustomPasswordStrategy
+    end
 
 Optional Cucumber features
 --------------------------
@@ -246,13 +306,13 @@ Testing
 -------
 
 If you want to write Rails functional tests or controller specs with Clearance,
-you'll need to require the  included test helpers and matchers.
+you'll need to require the included test helpers and matchers.
 
-For example, in spec/support/clearance.rb or test/test_helper.rb:
+For example, in `spec/support/clearance.rb` or `test/test_helper.rb`:
 
     require 'clearance/testing'
 
-This will make Clearance::Authentication methods work in your controllers
+This will make `Clearance::Authentication` methods work in your controllers
 during functional tests and provide access to helper methods like:
 
     sign_in
@@ -265,12 +325,15 @@ And matchers like:
 
 Example:
 
-    context "a visitor" do
-      before { get :show }
-      it     { should deny_access }
+    context 'a visitor' do
+      before do
+        get :show
+      end
+
+      it { should deny_access }
     end
 
-    context "a user" do
+    context 'a user' do
       before do
         sign_in
         get :show
@@ -279,23 +342,23 @@ Example:
       it { should respond_with(:success) }
     end
 
-Contributing
-------------
+You may want to customize the tests:
 
-Please see CONTRIBUTING.md for details.
+    it { should deny_access  }
+    it { should deny_access(:flash => 'Denied access.')  }
+    it { should deny_access(:redirect => sign_in_url)  }
 
 Credits
 -------
 
 ![thoughtbot](http://thoughtbot.com/images/tm/logo.png)
 
-Clearance is maintained and funded by [thoughtbot, inc](http://thoughtbot.com/community)
-
+Clearance is maintained by [thoughtbot, inc](http://thoughtbot.com/community).
 Thank you to all [the contributors](https://github.com/thoughtbot/clearance/contributors)!
 
-The names and logos for thoughtbot are trademarks of thoughtbot, inc.
-
 License
 -------
 
-Clearance is Copyright © 2009-2011 thoughtbot. It is free software, and may be redistributed under the terms specified in the LICENSE file.
+Clearance is copyright © 2009-2012 thoughtbot. It is free software, and may be redistributed under the terms specified in the LICENSE file.
+
+The names and logos for thoughtbot are trademarks of thoughtbot, inc.