dancroak-clearance-admin 0.0.1

data/README.textile

@@ -0,0 +1,100 @@
+h1. Clearance
+
+Admin feature for Clearance authentication 
+
+"We have clearance, Clarence.":http://www.youtube.com/v/mNRXJEE3Nz8
+
+h2. Features
+
+* does one thing
+* built on top of "clearance":http://github.com/thoughtbot/clearance
+* modules, not a generator
+* gem, not a plugin
+* tests included using "shoulda":http://thoughtbot.com/projects/shoulda & "factory_girl":http://thoughtbot.com/projects/factory_girl
+
+h2. Gem installation (Rails 2.1+)
+
+Specify the gem dependency in your config/environment.rb file:
+
+    Rails::Initializer.run do |config|
+      # ...
+      config.gem 'dancroak-clearance-admin', :lib => 'clearance-admin', :source => "http://gems.github.com"
+    end
+
+Then:
+
+    rake gems:install
+    rake gems:unpack
+
+h2. Tests
+
+The tests use "Shoulda":http://thoughtbot.com/projects/shoulda and "Factory Girl":http://thoughtbot.com/projects/factory_girl. Update your User Factory:
+
+    Factory.define :user do |user|
+      user.email { Factory.next :email }
+      user.password 'sekrit'
+      user.password_confirmation 'sekrit'
+      user.admin false
+    end
+
+In test/unit/user_test.rb: 
+
+    class UserTest < Test::Unit::TestCase
+      include Clearance::UserTest
+      include Clearance::Admin::UserTest
+    end
+
+h2. Schema
+
+Write a migration:
+
+    add_column :users, :admin, :boolean
+
+h2. User Model
+
+In app/models/user.rb:
+
+    class User < ActiveRecord::Base
+      include Clearance::Model
+      include Clearance::Admin::Model
+    end
+
+h2. Controllers
+
+In app/controllers/admin/users_controller.rb:
+
+    class Admin::UsersController < ActionController::Base
+      include Clearance::Admin::UsersController
+    end
+
+h2. Routes
+
+    map.namespace :admin do |admin|
+	    admin.resources :users
+	  end
+
+h2. Views
+
+In app/views/admin/users/new.html.erb
+
+  <% form_for :session, :url => session_path do |f| %>
+	  <div class="group">
+	    <%= f.label :email %>
+	    <%= f.text_field :email %>  
+	  </div>
+	  <div class="group">
+	    <%= f.label :password %>
+	    <%= f.password_field :password %>
+	  </div>
+	  <div class="checkbox">
+	    <%= f.check_box :remember_me %>
+	    <%= f.label :remember_me %>
+	  </div>
+	  <div class="group buttons">
+	    <%= f.submit 'Login', :disable_with => 'Please wait...' %>
+	  </div>
+	<% end %>
+
+h2. Authors
+
+* Dan Croak

data/clearance-admin.gemspec

@@ -0,0 +1,17 @@
+Gem::Specification.new do |s|
+  s.name = "clearance-admin"
+  s.version = "0.0.1"
+  s.date = "2008-09-28"
+  s.summary = "Simple admin function for Rails authentication."
+  s.email = "dcroak@thoughtbot.com"
+  s.homepage = "http://github.com/dancroak/clearance-admin"
+  s.description = "Simple admin function for Rails authentication."
+  s.authors = ["Dan Croak"]
+  s.files = ["README.textile", 
+    "clearance-admin.gemspec", 
+    "lib/clearance-admin.rb", 
+    "lib/clearance-admin/app/models/admin/model.rb",
+    "lib/clearance-admin/test/units/admin/user_test.rb", 
+    "lib/clearance-admin/app/controllers/admin/users_controller.rb", 
+    "lib/clearance-admin/test/functionals/admin/users_controller_test.rb"]
+end

data/lib/clearance-admin.rb

@@ -0,0 +1,4 @@
+require 'clearance-admin/app/controllers/admin/users_controller'
+require 'clearance-admin/app/models/admin/model'
+require 'clearance-admin/test/functionals/admin/users_controller_test'
+require 'clearance-admin/test/units/admin/user_test'

data/lib/clearance-admin/app/controllers/admin/users_controller.rb

@@ -0,0 +1,83 @@
+module Clearance
+  module Admin
+    module UsersController
+
+      def self.included(base)
+        base.class_eval do
+          before_filter :authenticate, :except => [:new, :create]
+          before_filter :redirect_to_root, :only => [:new, :create], :if => :logged_in?
+          before_filter :ensure_user_is_accessing_self, :only => [:edit, :update, :show]
+
+          filter_parameter_logging :password
+        
+          include InstanceMethods
+        
+        private
+          include PrivateInstanceMethods
+        end
+      end
+
+      module InstanceMethods
+        def index
+          @users = User.find :all
+        end
+      
+        def new
+          @user = User.new
+        end
+      
+        def show
+          @user = User.find params[:id]
+        end
+      
+        def create
+          @user = User.new params[:user]
+          if @user.save
+            current_user = @user
+            flash[:notice] = "User created and logged in."
+            redirect_back_or root_url
+          else
+            render :action => "new"
+          end
+        end
+
+        def edit
+          @user = User.find params[:id]
+        end
+      
+        def update
+          @user = User.find params[:id]
+        
+          if @user.update_attributes params[:user]
+            flash[:notice] = "User updated."
+            redirect_back_or root_url
+          else
+            render :action => "edit"
+          end
+        end
+
+        def destroy
+          @user = User.find params[:id]
+          @user.destroy
+          redirect_to root_url
+        end
+      end
+
+      module PrivateInstanceMethods
+        def ensure_user_is_accessing_self
+          return if current_user and current_user.respond_to?(:admin?) and current_user.admin?
+          deny_access('You cannot edit that user.', :redirect => root_url) unless current_user.id.to_i == params[:id].to_i
+        end
+
+        def url_after_create
+          root_url
+        end
+
+        def url_after_update
+          root_url
+        end
+      end
+
+    end
+  end
+end

data/lib/clearance-admin/app/models/admin/model.rb

@@ -0,0 +1,80 @@
+module Clearance
+  module Admin
+    module Model
+    
+      def self.included(base)
+        base.class_eval do
+        
+          attr_accessible :email, :password, :password_confirmation
+          attr_accessor :password, :password_confirmation
+
+          validates_presence_of     :email
+          validates_presence_of     :password, :if => :password_required?
+          validates_confirmation_of :password, :if => :password_required?
+          validates_uniqueness_of   :email
+
+          before_save :initialize_salt, :encrypt_password
+        
+          extend ClassMethods
+          include InstanceMethods
+        
+        protected
+
+          include ProtectedInstanceMethods
+        
+        end
+      end
+    
+      module ClassMethods
+        def authenticate(email, password)
+          user = find_by_email email
+          user && user.authenticated?(password) ? user : nil
+        end
+      end
+    
+      module InstanceMethods
+        def authenticated?(password)
+          crypted_password == encrypt(password)
+        end
+
+        def encrypt(password)
+          Digest::SHA1.hexdigest "--#{salt}--#{password}--"
+        end
+
+        def remember_token?
+          remember_token_expires_at && Time.now.utc < remember_token_expires_at
+        end
+
+        def remember_me!
+          remember_me_until 2.weeks.from_now.utc
+        end
+
+        def remember_me_until(time)
+          self.update_attribute :remember_token_expires_at, time
+          self.update_attribute :remember_token, encrypt("#{email}--#{remember_token_expires_at}")
+        end
+
+        def forget_me!
+          self.update_attribute :remember_token_expires_at, nil
+          self.update_attribute :remember_token, nil
+        end
+      end
+    
+      module ProtectedInstanceMethods
+        def initialize_salt
+          self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{email}--") if new_record?
+        end
+
+        def encrypt_password
+          return if password.blank?
+          self.crypted_password = encrypt(password)
+        end
+
+        def password_required?
+          crypted_password.blank? || !password.blank?
+        end
+      end
+
+    end
+  end
+end

data/lib/clearance-admin/test/functionals/admin/users_controller_test.rb

@@ -0,0 +1,115 @@
+module Clearance
+  module Admin
+    module UsersControllerTest
+
+      def self.included(base)
+        base.class_eval do
+          public_context do
+
+            context "on GET to /users/new" do
+              setup { get :new }
+              should_respond_with :success
+              should_render_template :new
+              should_not_set_the_flash
+              should_have_form :action => "users_path",
+                :method => :post,
+                :fields => { :email => :text,
+                  :password => :password,
+                  :password_confirmation => :password }
+            end
+
+            context "on POST to /users" do
+              setup do
+                post :create, :user => {
+                  :email => Factory.next(:email),
+                  :password => 'skerit',
+                  :password_confirmation => 'skerit'
+                }
+              end
+            
+              should_set_the_flash_to /created/i
+              should_redirect_to "@controller.send(:url_after_create)"
+              should_assign_to :user
+              should_change 'User.count', :by => 1
+            end
+
+            should_deny_access_on "get :edit, :id => 1", :redirect => "login_url"
+            should_deny_access_on "put :update, :id => 1", :redirect => "login_url"
+            should_deny_access_on "get :show, :id => 1", :redirect => "login_url"
+            should_deny_access_on "delete :destroy, :id => 1", :redirect => "login_url"
+
+          end
+
+          logged_in_user_context do
+
+            should_deny_access_on "get :new"
+            should_deny_access_on "post :create, :user => {}" 
+            should_filter :password
+
+            context "viewing their account" do
+              context "on GET to /users/:id/show" do
+                setup { get :show, :id => @user.to_param }
+                should_respond_with :success
+                should_render_template :show
+                should_not_set_the_flash
+              
+                should 'assign to @user' do
+                  assert_equal @user, assigns(:user)
+                end
+              end
+
+              should_deny_access_on "delete :destroy, :id => @user.to_param"
+
+              context "on GET to /users/:id/edit" do
+                setup { get :edit, :id => @user.to_param }
+
+                should_respond_with :success
+                should_render_template :edit
+                should_not_set_the_flash
+                should_assign_to :user
+                should_have_form :action => "user_path(@user)",
+                  :method => :put,
+                  :fields => { :email => :text,
+                    :password => :password,
+                    :password_confirmation => :password }
+              end
+
+              context "on PUT to /users/:id" do
+                setup do
+                  put :update, 
+                    :id => @user.to_param, 
+                    :user => { :email => "none@example.com" }
+                end
+                should_set_the_flash_to /updated/i
+                should_redirect_to "@controller.send(:url_after_update)"
+                should_assign_to :user
+                should "update the user's attributes" do
+                  assert_equal "none@example.com", assigns(:user).email
+                end
+              end
+
+              context "on PUT to /users/:id with invalid attributes" do
+                setup { put :update, :id => @user.to_param, :user => {:email => ''} }
+                should_not_set_the_flash
+                should_assign_to :user
+                should_render_template 'edit'
+                should "display errors" do
+                  assert_select '#errorExplanation'
+                end
+              end
+            end
+
+            context "trying to access another user's account" do
+              setup { @user = Factory :user }
+
+              should_deny_access_on "get :show, :id => @user.to_param",                :flash => /cannot edit/i
+              should_deny_access_on "get :edit, :id => @user.to_param",                :flash => /cannot edit/i
+              should_deny_access_on "put :update, :id => @user.to_param, :user => {}", :flash => /cannot edit/i
+            end
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/clearance-admin/test/units/admin/user_test.rb

@@ -0,0 +1,186 @@
+module Clearance
+  module UserTest
+    
+    def self.included(base)
+      base.class_eval do
+        should_require_attributes :email, :password
+
+        should "require password validation on create" do
+          user = Factory.build(:user, :password => 'blah', :password_confirmation => 'boogidy')
+          assert !user.save
+          assert_match(/confirmation/i, user.errors.on(:password))
+        end
+
+        should "create a crypted_password on save" do
+          assert_not_nil Factory(:user, :crypted_password => nil).crypted_password
+        end
+
+        context 'updating a password' do
+          setup do
+            @user = Factory(:user)
+            assert_not_nil @user.crypted_password
+            @crypt = @user.crypted_password
+            assert_not_nil @user.salt
+            @salt = @user.salt
+            @user.password = 'a_new_password'
+            @user.password_confirmation = 'a_new_password'
+            assert @user.save
+          end
+
+          should 'update a crypted_password' do
+            @user.reload
+            assert @user.crypted_password != @crypt
+          end
+        end
+        
+        context 'A user' do
+          setup do
+            @password = 'mysekrit'
+            @salt = 'salt'
+            User.any_instance.stubs(:initialize_salt)
+            @user = Factory(:user, :password => @password, :password_confirmation => @password, :salt => @salt)
+          end
+          
+          should "require password validation on update" do
+            @user.update_attributes(:password => "blah", :password_confirmation => "boogidy")
+            assert !@user.save
+            assert_match(/confirmation/i, @user.errors.on(:password))
+          end
+          
+          should_require_unique_attributes :email
+          
+          context 'authenticating a user' do
+            context 'with good credentials' do
+              setup do
+                @result = User.authenticate @user.email, @password
+              end
+
+              should 'return true' do
+                assert @result
+              end
+            end
+
+            context 'with bad credentials' do
+              setup do
+                @result = User.authenticate @user.email, 'horribly_wrong_password'
+              end
+
+              should 'return false' do
+                assert !@result
+              end
+            end
+          end
+          
+          context 'authenticated?' do
+            context 'with good credentials' do
+              setup do
+                @result = @user.authenticated? @password
+              end
+
+              should 'return true' do
+                assert @result
+              end
+            end
+
+            context 'with bad credentials' do
+              setup do
+                @result = @user.authenticated? 'horribly_wrong_password'
+              end
+
+              should 'return false' do
+                assert !@result
+              end
+            end
+          end
+
+          context 'encrypt' do
+            setup do
+              @crypted  = @user.encrypt(@password)
+              @expected = Digest::SHA1.hexdigest("--#{@salt}--#{@password}--")
+            end
+
+            should 'create a Hash using SHA1 encryption' do
+              assert_equal @expected, @crypted
+              assert_not_equal @password, @crypted
+            end
+          end
+
+          context 'remember_me!' do
+            setup do
+              assert_nil @user.remember_token
+              assert_nil @user.remember_token_expires_at
+              @user.remember_me!
+            end
+
+            should 'set the remember token and expiration date' do
+              assert_not_nil @user.remember_token
+              assert_not_nil @user.remember_token_expires_at
+            end
+
+            should 'remember_token?' do
+              assert @user.remember_token?
+            end
+
+            context 'forget_me!' do
+              setup do
+                @user.forget_me!
+              end
+
+              should 'unset the remember token and expiration date' do
+                assert_nil @user.remember_token
+                assert_nil @user.remember_token_expires_at
+              end
+
+              should 'not remember_token?' do
+                assert ! @user.remember_token?
+              end
+            end
+          end
+
+          context 'remember_token?' do
+            context 'when token expires in the future' do
+              setup do
+                @user.update_attribute :remember_token_expires_at, 2.weeks.from_now.utc
+              end
+
+              should 'be true' do
+                assert @user.remember_token?
+              end
+            end
+
+            context 'when token expired' do
+              setup do
+                @user.update_attribute :remember_token_expires_at, 2.weeks.ago.utc
+              end
+
+              should 'be false' do
+                assert ! @user.remember_token?
+              end
+            end
+          end
+
+          context "User.authenticate with a valid email and password" do
+            setup do
+              @found_user = User.authenticate @user.email, @user.password
+            end
+
+            should "find that user" do
+              assert_equal @user, @found_user
+            end
+          end
+
+          context "When sent authenticate with an invalid email and password" do
+            setup do
+              @found_user = User.authenticate "not", "valid" 
+            end
+
+            should "find nothing" do
+              assert_nil @found_user
+            end
+          end
+        end
+
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,59 @@
+--- !ruby/object:Gem::Specification 
+name: dancroak-clearance-admin
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Dan Croak
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-09-28 00:00:00 -07:00
+default_executable: 
+dependencies: []
+
+description: Simple admin function for Rails authentication.
+email: dcroak@thoughtbot.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- README.textile
+- clearance-admin.gemspec
+- lib/clearance-admin.rb
+- lib/clearance-admin/app/models/admin/model.rb
+- lib/clearance-admin/test/units/admin/user_test.rb
+- lib/clearance-admin/app/controllers/admin/users_controller.rb
+- lib/clearance-admin/test/functionals/admin/users_controller_test.rb
+has_rdoc: false
+homepage: http://github.com/dancroak/clearance-admin
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: Simple admin function for Rails authentication.
+test_files: []
+