clearance 1.4.2 → 1.4.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b36c10484673f64ecf6621a00b290bb481731ca1
-  data.tar.gz: fd2a23e512ad678d7841128f9e7911cca174f0eb
+  metadata.gz: d79da2d88bfa6ddc89089705872fbf1ece5c42c2
+  data.tar.gz: f5e422a542e1eaed19c721c15a01ad1920c29938
 SHA512:
-  metadata.gz: 31afa57919c1be57c63f8cbfea0b28bb035cd9e2f5df11ccfd0ae730c379d6360fd5638535ce7f047f57aa95f2c35be5ebdb44d6fb4b952f02324222d2203c43
-  data.tar.gz: ea9b82a67c87ffeecae9163a3ed1a3868230d74301678e03dd5d92e09b67a668dc0eb50cfe5d64c146a251435d64f83f74ff4cd5ae2b9c28f637a5d8f0ddc0e4
+  metadata.gz: 6d478f0fc99a8dd5b72243fc0c18ba095fc38ecee3e5fdd58e38e4c7cbe4967a4064475da06c8c53b11ea0e0bd5e3432baf00909a81e4c206d29e89931100bcc
+  data.tar.gz: 486865b87a276387bfa4bdc5d823a14ada721291d4a79433d5a02e355aabb4b414f45583101696152f7964a8e2c0a69561a162fa49fc1b384c6ffd4617b06670

data/.travis.yml

@@ -4,7 +4,7 @@ language:
 rvm:
   - 1.9.3
   - 2.0.0
-  - 2.1.1
+  - 2.1.3
 
 install:
   - "travis_retry bundle install"

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    clearance (1.4.2)
+    clearance (1.4.3)
       bcrypt
       email_validator (~> 1.4)
       rails (>= 3.1)

data/NEWS.md

@@ -1,5 +1,8 @@
 Thank you to all the [contributors](https://github.com/thoughtbot/clearance/graphs/contributors)!
 
+New for 1.4.3 (October 3, 2014)
+* Routing constraints act appropriately when session data is missing.
+
 New for 1.4.2 (September 13, 2014)
 * Eliminate deprecation message when using DenyAccess matcher with RSpec 3.
 

data/lib/clearance/constraints/signed_in.rb

@@ -12,8 +12,12 @@ module Clearance
 
       private
 
+      def clearance_session
+        @request.env[:clearance]
+      end
+
       def current_user
-        @request.env[:clearance].current_user
+        clearance_session.current_user
       end
 
       def current_user_fulfills_additional_requirements?
@@ -21,7 +25,7 @@ module Clearance
       end
 
       def signed_in?
-        @request.env[:clearance].signed_in?
+        clearance_session.present? && clearance_session.signed_in?
       end
     end
   end

data/lib/clearance/constraints/signed_out.rb

@@ -2,7 +2,18 @@ module Clearance
   module Constraints
     class SignedOut
       def matches?(request)
-        request.env[:clearance].signed_out?
+        @request = request
+        missing_session? || clearance_session.signed_out?
+      end
+
+      private
+
+      def clearance_session
+        @request.env[:clearance]
+      end
+
+      def missing_session?
+        clearance_session.nil?
       end
     end
   end

data/lib/clearance/version.rb

@@ -1,3 +1,3 @@
 module Clearance
-  VERSION = '1.4.2'
+  VERSION = '1.4.3'
 end

data/spec/clearance/constraints/signed_in_spec.rb

@@ -3,49 +3,56 @@ require 'spec_helper'
 describe Clearance::Constraints::SignedIn do
   it 'returns true when user is signed in' do
     user = create(:user)
-    signed_in_constraint = Clearance::Constraints::SignedIn.new
-    signed_in_constraint.matches?(request_with_remember_token(user.remember_token)).
-      should be_true
+    constraint = Clearance::Constraints::SignedIn.new
+    request = request_with_remember_token(user.remember_token)
+    expect(constraint.matches?(request)).to eq true
   end
 
   it 'returns false when user is not signed in' do
-    signed_in_constraint = Clearance::Constraints::SignedIn.new
-    signed_in_constraint.matches?(request_without_remember_token).should be_false
+    constraint = Clearance::Constraints::SignedIn.new
+    request = request_without_remember_token
+    expect(constraint.matches?(request)).to eq false
+  end
+
+  it 'returns false when clearance session data is not present' do
+    constraint = Clearance::Constraints::SignedIn.new
+    request = Rack::Request.new({})
+    expect(constraint.matches?(request)).to eq false
   end
 
   it 'yields a signed-in user to a provided block' do
     user = create(:user, email: 'before@example.com')
 
-    signed_in_constraint = Clearance::Constraints::SignedIn.new do |user|
-      user.update_attribute :email, 'after@example.com'
+    constraint = Clearance::Constraints::SignedIn.new do |signed_in_user|
+      signed_in_user.update_attribute :email, 'after@example.com'
     end
 
-    signed_in_constraint.matches?(request_with_remember_token(user.remember_token))
-    user.reload.email.should == 'after@example.com'
+    constraint.matches?(request_with_remember_token(user.remember_token))
+    expect(user.reload.email).to eq 'after@example.com'
   end
 
   it 'does not yield a user if they are not signed in' do
     user = create(:user, email: 'before@example.com')
 
-    signed_in_constraint = Clearance::Constraints::SignedIn.new do |user|
-      user.update_attribute :email, 'after@example.com'
+    constraint = Clearance::Constraints::SignedIn.new do |signed_in_user|
+      signed_in_user.update_attribute :email, 'after@example.com'
     end
 
-    signed_in_constraint.matches?(request_without_remember_token)
-    user.reload.email.should == 'before@example.com'
+    constraint.matches?(request_without_remember_token)
+    expect(user.reload.email).to eq 'before@example.com'
   end
 
   it 'matches if the user-provided block returns true' do
     user = create(:user)
-    signed_in_constraint = Clearance::Constraints::SignedIn.new { |user| true }
-    signed_in_constraint.matches?(request_with_remember_token(user.remember_token)).
-      should be_true
+    constraint = Clearance::Constraints::SignedIn.new { true }
+    request = request_with_remember_token(user.remember_token)
+    expect(constraint.matches?(request)).to eq true
   end
 
   it 'does not match if the user-provided block returns false' do
     user = create(:user)
-    signed_in_constraint = Clearance::Constraints::SignedIn.new { |user| false }
-    signed_in_constraint.matches?(request_with_remember_token(user.remember_token)).
-      should be_false
+    constraint = Clearance::Constraints::SignedIn.new { false }
+    request = request_with_remember_token(user.remember_token)
+    expect(constraint.matches?(request)).to eq false
   end
 end

data/spec/clearance/constraints/signed_out_spec.rb

@@ -2,14 +2,21 @@ require 'spec_helper'
 
 describe Clearance::Constraints::SignedOut do
   it 'returns true when user is signed out' do
-    signed_out_constraint = Clearance::Constraints::SignedOut.new
-    signed_out_constraint.matches?(request_without_remember_token).should be_true
+    constraint = Clearance::Constraints::SignedOut.new
+    request = request_without_remember_token
+    expect(constraint.matches?(request)).to eq true
   end
 
   it 'returns false when user is not signed out' do
     user = create(:user)
-    signed_out_constraint = Clearance::Constraints::SignedOut.new
-    signed_out_constraint.matches?(request_with_remember_token(user.remember_token)).
-      should be_false
+    constraint = Clearance::Constraints::SignedOut.new
+    request = request_with_remember_token(user.remember_token)
+    expect(constraint.matches?(request)).to eq false
+  end
+
+  it 'returns true when clearance info is missing from request' do
+    constraint = Clearance::Constraints::SignedOut.new
+    request = Rack::Request.new({})
+    expect(constraint.matches?(request)).to eq true
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: clearance
 version: !ruby/object:Gem::Version
-  version: 1.4.2
+  version: 1.4.3
 platform: ruby
 authors:
 - Dan Croak
@@ -25,7 +25,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-09-13 00:00:00.000000000 Z
+date: 2014-10-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt