dancroak-clearance 0.1 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.textile +7 -3
- data/clearance.gemspec +3 -3
- data/lib/clearance/application_controller.rb +12 -4
- data/lib/clearance/sessions_controller_test.rb +2 -3
- data/lib/clearance/test_helper.rb +5 -7
- data/lib/clearance/users_controller.rb +49 -0
- data/lib/clearance/users_controller_test.rb +12 -9
- metadata +3 -2
data/README.textile
CHANGED
@@ -47,9 +47,12 @@ In app/controllers/users_controller.rb:
|
|
47
47
|
|
48
48
|
h2. Routes
|
49
49
|
|
50
|
-
map.
|
51
|
-
map.
|
52
|
-
|
50
|
+
map.root # :controller => 'sessions'
|
51
|
+
map.with_options :controller => 'sessions' do |m|
|
52
|
+
m.login '/login', :action => 'new'
|
53
|
+
m.logout '/logout', :action => 'destroy'
|
54
|
+
end
|
55
|
+
map.resource :sessions
|
53
56
|
|
54
57
|
h2. Tests
|
55
58
|
|
@@ -76,3 +79,4 @@ h2. Authors
|
|
76
79
|
* thoughtbot, inc.
|
77
80
|
* Dan Croak
|
78
81
|
* Josh Nichols
|
82
|
+
* Mike Breen
|
data/clearance.gemspec
CHANGED
@@ -1,11 +1,11 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
s.name = "clearance"
|
3
|
-
s.version = "0.1"
|
4
|
-
s.date = "2008-09-
|
3
|
+
s.version = "0.1.1"
|
4
|
+
s.date = "2008-09-10"
|
5
5
|
s.summary = "Simple, complete Rails authentication."
|
6
6
|
s.email = "dcroak@thoughtbot.com"
|
7
7
|
s.homepage = "http://github.com/dancroak/clearance"
|
8
8
|
s.description = "Simple, complete Rails authentication scheme."
|
9
|
-
s.authors = ["thoughtbot, inc.", "Dan Croak", "Josh Nichols"]
|
9
|
+
s.authors = ["thoughtbot, inc.", "Dan Croak", "Josh Nichols", "Mike Breen"]
|
10
10
|
s.files = ["README.textile", "clearance.gemspec", "lib/clearance.rb", "lib/clearance/application_controller.rb", "lib/clearance/model.rb", "lib/clearance/sessions_controller.rb", "lib/clearance/sessions_controller_test.rb", "lib/clearance/test_helper.rb", "lib/clearance/unit_test.rb", "lib/clearance/users_controller.rb", "lib/clearance/users_controller_test.rb"]
|
11
11
|
end
|
@@ -3,12 +3,12 @@ module Clearance
|
|
3
3
|
|
4
4
|
def self.included(base)
|
5
5
|
base.class_eval do
|
6
|
-
attr_accessor :current_user
|
7
6
|
helper_method :current_user
|
7
|
+
helper_method :logged_in?
|
8
8
|
|
9
9
|
include InstanceMethods
|
10
10
|
|
11
|
-
|
11
|
+
protected
|
12
12
|
include ProtectedInstanceMethods
|
13
13
|
end
|
14
14
|
end
|
@@ -17,15 +17,19 @@ module Clearance
|
|
17
17
|
def current_user
|
18
18
|
@current_user ||= (user_from_session || user_from_cookie)
|
19
19
|
end
|
20
|
+
|
21
|
+
def logged_in?
|
22
|
+
! current_user.nil?
|
23
|
+
end
|
20
24
|
end
|
21
25
|
|
22
26
|
module ProtectedInstanceMethods
|
23
27
|
def authenticate
|
24
|
-
deny_access if current_user.nil?
|
28
|
+
deny_access if self.current_user.nil?
|
25
29
|
end
|
26
30
|
|
27
31
|
def user_from_session
|
28
|
-
User.find_by_id
|
32
|
+
User.find_by_id session[:user_id]
|
29
33
|
end
|
30
34
|
|
31
35
|
def user_from_cookie
|
@@ -46,6 +50,10 @@ module Clearance
|
|
46
50
|
session[:return_to] ? redirect_to(session[:return_to]) : redirect_to(default)
|
47
51
|
session[:return_to] = nil
|
48
52
|
end
|
53
|
+
|
54
|
+
def redirect_to_root
|
55
|
+
redirect_to root_url
|
56
|
+
end
|
49
57
|
|
50
58
|
def store_location
|
51
59
|
session[:return_to] = request.request_uri
|
@@ -42,7 +42,6 @@ module Clearance
|
|
42
42
|
should_set_the_flash_to /bad/i
|
43
43
|
should_render_template :new
|
44
44
|
end
|
45
|
-
|
46
45
|
end
|
47
46
|
|
48
47
|
context "While logged out" do
|
@@ -73,8 +72,8 @@ module Clearance
|
|
73
72
|
end
|
74
73
|
|
75
74
|
should 'delete the remember me token in users table' do
|
76
|
-
assert_nil @
|
77
|
-
assert_nil @
|
75
|
+
assert_nil @user.reload.remember_token
|
76
|
+
assert_nil @user.reload.remember_token_expires_at
|
78
77
|
end
|
79
78
|
end
|
80
79
|
end
|
@@ -22,7 +22,7 @@ module Clearance
|
|
22
22
|
|
23
23
|
module ClassMethods
|
24
24
|
def should_deny_access_on(command, opts = {})
|
25
|
-
opts[:redirect] ||= "
|
25
|
+
opts[:redirect] ||= "root_url"
|
26
26
|
|
27
27
|
context "on #{command}" do
|
28
28
|
setup { eval command }
|
@@ -50,9 +50,7 @@ module Clearance
|
|
50
50
|
def should_have_user_form
|
51
51
|
should "have the user form" do
|
52
52
|
assert_select "form" do
|
53
|
-
|
54
|
-
assert_select "input[type=text][name=?]", "user[#{field}]"
|
55
|
-
end
|
53
|
+
assert_select "input[type=text][name=?]", "user[email]"
|
56
54
|
%w(password password_confirmation).each do |field|
|
57
55
|
assert_select "input[type=password][name=?]", "user[#{field}]"
|
58
56
|
end
|
@@ -60,11 +58,11 @@ module Clearance
|
|
60
58
|
end
|
61
59
|
end
|
62
60
|
|
63
|
-
def logged_in_user_context(
|
61
|
+
def logged_in_user_context(&blk)
|
64
62
|
context "When logged in as a user" do
|
65
63
|
setup do
|
66
|
-
user =
|
67
|
-
|
64
|
+
@user = Factory :user
|
65
|
+
login_as @user
|
68
66
|
end
|
69
67
|
merge_block(&blk)
|
70
68
|
end
|
@@ -4,14 +4,63 @@ module Clearance
|
|
4
4
|
def self.included(base)
|
5
5
|
base.class_eval do
|
6
6
|
before_filter :authenticate
|
7
|
+
before_filter :redirect_to_root, :only => [:new, :create], :if => :logged_in?
|
7
8
|
before_filter :ensure_user_is_accessing_self, :only => [:edit, :update, :show]
|
8
9
|
|
9
10
|
filter_parameter_logging :password
|
11
|
+
|
12
|
+
include InstanceMethods
|
13
|
+
|
10
14
|
private
|
11
15
|
include PrivateInstanceMethods
|
12
16
|
end
|
13
17
|
end
|
14
18
|
|
19
|
+
module InstanceMethods
|
20
|
+
def index
|
21
|
+
end
|
22
|
+
|
23
|
+
def new
|
24
|
+
@user = User.new
|
25
|
+
end
|
26
|
+
|
27
|
+
def show
|
28
|
+
@user = User.find params[:id]
|
29
|
+
end
|
30
|
+
|
31
|
+
def create
|
32
|
+
@user = User.new params[:user]
|
33
|
+
if @user.save
|
34
|
+
current_user = @user
|
35
|
+
flash[:notice] = "User created and logged in."
|
36
|
+
redirect_back_or root_url
|
37
|
+
else
|
38
|
+
render :action => "new"
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def edit
|
43
|
+
@user = User.find params[:id]
|
44
|
+
end
|
45
|
+
|
46
|
+
def update
|
47
|
+
@user = User.find params[:id]
|
48
|
+
|
49
|
+
if @user.update_attributes params[:user]
|
50
|
+
flash[:notice] = "User updated."
|
51
|
+
redirect_back_or root_url
|
52
|
+
else
|
53
|
+
render :action => "edit"
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def destroy
|
58
|
+
@user = User.find params[:id]
|
59
|
+
@user.destroy
|
60
|
+
redirect_to root_url
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
15
64
|
module PrivateInstanceMethods
|
16
65
|
def ensure_user_is_accessing_self
|
17
66
|
deny_access 'You cannot edit that user.' unless current_user.id.to_i == params[:id].to_i
|
@@ -5,16 +5,20 @@ module Clearance
|
|
5
5
|
base.class_eval do
|
6
6
|
logged_in_user_context do
|
7
7
|
|
8
|
-
should_deny_access_on "get :index"
|
9
8
|
should_deny_access_on "get :new"
|
10
9
|
should_deny_access_on "post :create, :user => {}"
|
11
10
|
should_filter :password
|
12
11
|
|
13
|
-
context "
|
12
|
+
context "viewing their account" do
|
14
13
|
context "on GET to /users/:id/show" do
|
15
14
|
setup { get :show, :id => @user.to_param }
|
16
|
-
|
15
|
+
should_respond_with :success
|
16
|
+
should_render_template :show
|
17
17
|
should_not_set_the_flash
|
18
|
+
|
19
|
+
should 'assign to @user' do
|
20
|
+
assert_equal @user, assigns(:user)
|
21
|
+
end
|
18
22
|
end
|
19
23
|
|
20
24
|
should_deny_access_on "delete :destroy, :id => @user.to_param"
|
@@ -33,7 +37,7 @@ module Clearance
|
|
33
37
|
setup do
|
34
38
|
put :update,
|
35
39
|
:id => @user.to_param,
|
36
|
-
:user => {:email => "none@example.com"}
|
40
|
+
:user => { :email => "none@example.com" }
|
37
41
|
end
|
38
42
|
should_set_the_flash_to /updated/i
|
39
43
|
should_redirect_to "root_url"
|
@@ -56,13 +60,12 @@ module Clearance
|
|
56
60
|
|
57
61
|
context "dealing with another user's account" do
|
58
62
|
setup do
|
59
|
-
@
|
60
|
-
assert_equal @user.account, @target_user.account
|
63
|
+
@user = Factory :user
|
61
64
|
end
|
62
65
|
|
63
|
-
should_deny_access_on "get :show, :id => @
|
64
|
-
should_deny_access_on "get :edit, :id => @
|
65
|
-
should_deny_access_on "put :update, :id => @
|
66
|
+
should_deny_access_on "get :show, :id => @user.to_param", :flash => /cannot edit/i
|
67
|
+
should_deny_access_on "get :edit, :id => @user.to_param", :flash => /cannot edit/i
|
68
|
+
should_deny_access_on "put :update, :id => @user.to_param, :user => {}", :flash => /cannot edit/i
|
66
69
|
end
|
67
70
|
end
|
68
71
|
end
|
metadata
CHANGED
@@ -1,17 +1,18 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dancroak-clearance
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 0.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- thoughtbot, inc.
|
8
8
|
- Dan Croak
|
9
9
|
- Josh Nichols
|
10
|
+
- Mike Breen
|
10
11
|
autorequire:
|
11
12
|
bindir: bin
|
12
13
|
cert_chain: []
|
13
14
|
|
14
|
-
date: 2008-09-
|
15
|
+
date: 2008-09-10 00:00:00 -07:00
|
15
16
|
default_executable:
|
16
17
|
dependencies: []
|
17
18
|
|