dancroak-clearance 0.1.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- data/README.textile +41 -26
- data/clearance.gemspec +13 -3
- data/lib/clearance/{application_controller.rb → app/controllers/application_controller.rb} +1 -1
- data/lib/clearance/{sessions_controller.rb → app/controllers/sessions_controller.rb} +0 -1
- data/lib/clearance/{users_controller.rb → app/controllers/users_controller.rb} +2 -0
- data/lib/clearance/{model.rb → app/models/model.rb} +4 -10
- data/lib/clearance/{sessions_controller_test.rb → test/functionals/sessions_controller_test.rb} +18 -14
- data/lib/clearance/{unit_test.rb → test/units/user_test.rb} +1 -1
- data/lib/clearance.rb +8 -8
- metadata +9 -9
- data/lib/clearance/test_helper.rb +0 -73
- data/lib/clearance/users_controller_test.rb +0 -75
data/README.textile
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
h1. Clearance
|
2
2
|
|
3
|
-
Simple, complete
|
3
|
+
Simple, complete Ruby web app authentication.
|
4
4
|
|
5
5
|
"We have clearance, Clarence.":http://www.youtube.com/v/mNRXJEE3Nz8
|
6
6
|
|
@@ -9,50 +9,65 @@ h2. Features
|
|
9
9
|
* email & password
|
10
10
|
* modules, not a generator
|
11
11
|
* gem, not a plugin
|
12
|
-
*
|
12
|
+
* shoulda & factory_girl tests included
|
13
|
+
|
14
|
+
h2. Gem installation (Rails 2.1+)
|
15
|
+
|
16
|
+
Specify the gem dependency in your config/environment.rb file:
|
17
|
+
|
18
|
+
Rails::Initializer.run do |config|
|
19
|
+
# ...
|
20
|
+
config.gem "dancroak-clearance", :lib => 'clearance',
|
21
|
+
:source => 'http://gems.github.com/'
|
22
|
+
end
|
23
|
+
|
24
|
+
Then:
|
25
|
+
|
26
|
+
rake gems:install
|
27
|
+
rake gems:unpack
|
13
28
|
|
14
29
|
h2. Schema
|
15
30
|
|
16
31
|
Change your User model so it has these attributes.
|
17
32
|
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
33
|
+
change_table(:users) do |t|
|
34
|
+
t.column :email, :string
|
35
|
+
t.column :crypted_password, :string, :limit => 40
|
36
|
+
t.column :salt, :string, :limit => 40
|
37
|
+
t.column :remember_token, :string
|
38
|
+
t.column :remember_token_expires_at, :datetime
|
39
|
+
end
|
25
40
|
|
26
|
-
|
41
|
+
add_index :users, [:email, :crypted_password]
|
27
42
|
|
28
|
-
h2. Model
|
43
|
+
h2. User Model
|
29
44
|
|
30
45
|
In app/models/user.rb:
|
31
46
|
|
32
|
-
|
47
|
+
include Clearance::Model
|
33
48
|
|
34
49
|
h2. Controllers
|
35
50
|
|
36
51
|
In app/controllers/application_controller.rb:
|
37
52
|
|
38
|
-
|
53
|
+
include Clearance::ApplicationController
|
39
54
|
|
40
55
|
In app/controllers/sessions_controller.rb:
|
41
56
|
|
42
|
-
|
57
|
+
include Clearance::SessionsController
|
43
58
|
|
44
59
|
In app/controllers/users_controller.rb:
|
45
60
|
|
46
|
-
|
61
|
+
include Clearance::UsersController
|
47
62
|
|
48
63
|
h2. Routes
|
49
64
|
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
65
|
+
map.root # :controller => 'sessions'
|
66
|
+
map.with_options :controller => 'sessions' do |m|
|
67
|
+
m.login '/login', :action => 'new'
|
68
|
+
m.logout '/logout', :action => 'destroy'
|
69
|
+
end
|
70
|
+
map.resource :sessions
|
56
71
|
|
57
72
|
h2. Tests
|
58
73
|
|
@@ -60,23 +75,23 @@ The tests use Shoulda and Factory Girl.
|
|
60
75
|
|
61
76
|
In test/test_helper.rb:
|
62
77
|
|
63
|
-
|
78
|
+
include Clearance::TestHelper
|
64
79
|
|
65
80
|
In test/unit/user_test.rb:
|
66
81
|
|
67
|
-
|
82
|
+
include Clearance::UserTest
|
68
83
|
|
69
84
|
In test/functional/sessions_controller_test.rb:
|
70
85
|
|
71
|
-
|
86
|
+
include Clearance::SessionsControllerTest
|
72
87
|
|
73
88
|
In test/functional/users_controller_test.rb:
|
74
89
|
|
75
|
-
|
90
|
+
include Clearance::UsersControllerTest
|
76
91
|
|
77
92
|
h2. Authors
|
78
93
|
|
79
94
|
* thoughtbot, inc.
|
80
95
|
* Dan Croak
|
81
96
|
* Josh Nichols
|
82
|
-
* Mike Breen
|
97
|
+
* Mike Breen
|
data/clearance.gemspec
CHANGED
@@ -1,11 +1,21 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
s.name = "clearance"
|
3
|
-
s.version = "0.1.
|
4
|
-
s.date = "2008-09-
|
3
|
+
s.version = "0.1.2"
|
4
|
+
s.date = "2008-09-16"
|
5
5
|
s.summary = "Simple, complete Rails authentication."
|
6
6
|
s.email = "dcroak@thoughtbot.com"
|
7
7
|
s.homepage = "http://github.com/dancroak/clearance"
|
8
8
|
s.description = "Simple, complete Rails authentication scheme."
|
9
9
|
s.authors = ["thoughtbot, inc.", "Dan Croak", "Josh Nichols", "Mike Breen"]
|
10
|
-
s.files = ["README.textile",
|
10
|
+
s.files = ["README.textile",
|
11
|
+
"clearance.gemspec",
|
12
|
+
"lib/clearance.rb",
|
13
|
+
"lib/clearance/app/controllers/application_controller.rb",
|
14
|
+
"lib/clearance/app/models/model.rb",
|
15
|
+
"lib/clearance/app/controllers/sessions_controller.rb",
|
16
|
+
"lib/clearance/test/functionals/sessions_controller_test.rb",
|
17
|
+
"lib/clearance/test_helper.rb",
|
18
|
+
"lib/clearance/test/units/user_test.rb",
|
19
|
+
"lib/clearance/app/controllers/users_controller.rb",
|
20
|
+
"lib/clearance/test/controllers/users_controller_test.rb"]
|
11
21
|
end
|
@@ -18,6 +18,7 @@ module Clearance
|
|
18
18
|
|
19
19
|
module InstanceMethods
|
20
20
|
def index
|
21
|
+
@users = User.find :all
|
21
22
|
end
|
22
23
|
|
23
24
|
def new
|
@@ -63,6 +64,7 @@ module Clearance
|
|
63
64
|
|
64
65
|
module PrivateInstanceMethods
|
65
66
|
def ensure_user_is_accessing_self
|
67
|
+
return if current_user and current_user.respond_to?(:admin?) and current_user.admin?
|
66
68
|
deny_access 'You cannot edit that user.' unless current_user.id.to_i == params[:id].to_i
|
67
69
|
end
|
68
70
|
end
|
@@ -8,9 +8,8 @@ module Clearance
|
|
8
8
|
attr_accessor :password, :password_confirmation
|
9
9
|
|
10
10
|
validates_presence_of :email
|
11
|
-
validates_presence_of :password,
|
12
|
-
|
13
|
-
validates_confirmation_of :password, :if => :password_required?
|
11
|
+
validates_presence_of :password, :if => :password_required?
|
12
|
+
validates_confirmation_of :password, :if => :password_required?
|
14
13
|
validates_uniqueness_of :email
|
15
14
|
|
16
15
|
before_save :initialize_salt, :encrypt_password
|
@@ -27,14 +26,9 @@ module Clearance
|
|
27
26
|
|
28
27
|
module ClassMethods
|
29
28
|
def authenticate(email, password)
|
30
|
-
user = find_by_email
|
29
|
+
user = find_by_email email
|
31
30
|
user && user.authenticated?(password) ? user : nil
|
32
31
|
end
|
33
|
-
|
34
|
-
def authenticate_via_auth_token(token)
|
35
|
-
return nil if token.blank?
|
36
|
-
find_by_auth_token(token)
|
37
|
-
end
|
38
32
|
end
|
39
33
|
|
40
34
|
module InstanceMethods
|
@@ -43,7 +37,7 @@ module Clearance
|
|
43
37
|
end
|
44
38
|
|
45
39
|
def encrypt(password)
|
46
|
-
Digest::SHA1.hexdigest
|
40
|
+
Digest::SHA1.hexdigest "--#{salt}--#{password}--"
|
47
41
|
end
|
48
42
|
|
49
43
|
def remember_token?
|
data/lib/clearance/{sessions_controller_test.rb → test/functionals/sessions_controller_test.rb}
RENAMED
@@ -10,20 +10,20 @@ module Clearance
|
|
10
10
|
|
11
11
|
should_filter :password
|
12
12
|
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
13
|
+
context "on GET to /sessions/new" do
|
14
|
+
setup { get :new }
|
15
|
+
|
16
|
+
should_respond_with :success
|
17
|
+
should_render_template :new
|
18
|
+
should_not_set_the_flash
|
19
|
+
should "have login form" do
|
20
|
+
assert_select "form[action$=/session]" do
|
21
|
+
assert_select "input[type=text][name=?]", "session[email]"
|
22
|
+
assert_select "input[type=password][name=?]", "session[password]"
|
23
|
+
assert_select "input[type=checkbox][name=?]", "session[remember_me]"
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
27
|
|
28
28
|
context "a POST to #create with good credentials" do
|
29
29
|
setup do
|
@@ -32,6 +32,7 @@ module Clearance
|
|
32
32
|
|
33
33
|
should_set_the_flash_to /success/i
|
34
34
|
should_redirect_to 'root_url'
|
35
|
+
# should set session
|
35
36
|
end
|
36
37
|
|
37
38
|
context "a POST to #create with bad credentials" do
|
@@ -41,7 +42,10 @@ module Clearance
|
|
41
42
|
|
42
43
|
should_set_the_flash_to /bad/i
|
43
44
|
should_render_template :new
|
45
|
+
# should not set session
|
44
46
|
end
|
47
|
+
|
48
|
+
# two tests for remember me - success and failure
|
45
49
|
end
|
46
50
|
|
47
51
|
context "While logged out" do
|
data/lib/clearance.rb
CHANGED
@@ -1,8 +1,8 @@
|
|
1
|
-
require 'clearance/application_controller'
|
2
|
-
require 'clearance/sessions_controller'
|
3
|
-
require 'clearance/users_controller'
|
4
|
-
require 'clearance/model'
|
5
|
-
require 'clearance/test_helper'
|
6
|
-
require 'clearance/sessions_controller_test'
|
7
|
-
require 'clearance/users_controller_test'
|
8
|
-
require 'clearance/
|
1
|
+
require 'clearance/app/controllers/application_controller'
|
2
|
+
require 'clearance/app/controllers/sessions_controller'
|
3
|
+
require 'clearance/app/controllers/users_controller'
|
4
|
+
require 'clearance/app/models/model'
|
5
|
+
require 'clearance/test/test_helper'
|
6
|
+
require 'clearance/test/functionals/sessions_controller_test'
|
7
|
+
require 'clearance/test/functionals/users_controller_test'
|
8
|
+
require 'clearance/test/units/user_test'
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dancroak-clearance
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- thoughtbot, inc.
|
@@ -12,7 +12,7 @@ autorequire:
|
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
14
|
|
15
|
-
date: 2008-09-
|
15
|
+
date: 2008-09-16 00:00:00 -07:00
|
16
16
|
default_executable:
|
17
17
|
dependencies: []
|
18
18
|
|
@@ -28,14 +28,14 @@ files:
|
|
28
28
|
- README.textile
|
29
29
|
- clearance.gemspec
|
30
30
|
- lib/clearance.rb
|
31
|
-
- lib/clearance/application_controller.rb
|
32
|
-
- lib/clearance/model.rb
|
33
|
-
- lib/clearance/sessions_controller.rb
|
34
|
-
- lib/clearance/sessions_controller_test.rb
|
31
|
+
- lib/clearance/app/controllers/application_controller.rb
|
32
|
+
- lib/clearance/app/models/model.rb
|
33
|
+
- lib/clearance/app/controllers/sessions_controller.rb
|
34
|
+
- lib/clearance/test/functionals/sessions_controller_test.rb
|
35
35
|
- lib/clearance/test_helper.rb
|
36
|
-
- lib/clearance/
|
37
|
-
- lib/clearance/users_controller.rb
|
38
|
-
- lib/clearance/users_controller_test.rb
|
36
|
+
- lib/clearance/test/units/user_test.rb
|
37
|
+
- lib/clearance/app/controllers/users_controller.rb
|
38
|
+
- lib/clearance/test/controllers/users_controller_test.rb
|
39
39
|
has_rdoc: false
|
40
40
|
homepage: http://github.com/dancroak/clearance
|
41
41
|
post_install_message:
|
@@ -1,73 +0,0 @@
|
|
1
|
-
module Clearance
|
2
|
-
module TestHelper
|
3
|
-
|
4
|
-
def self.included(base)
|
5
|
-
base.class_eval do
|
6
|
-
include InstanceMethods
|
7
|
-
extend ClassMethods
|
8
|
-
end
|
9
|
-
end
|
10
|
-
|
11
|
-
module InstanceMethods
|
12
|
-
def login_as(user = nil)
|
13
|
-
user ||= Factory(:user)
|
14
|
-
@request.session[:user_id] = user.id
|
15
|
-
return user
|
16
|
-
end
|
17
|
-
|
18
|
-
def logout
|
19
|
-
@request.session[:user_id] = nil
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
module ClassMethods
|
24
|
-
def should_deny_access_on(command, opts = {})
|
25
|
-
opts[:redirect] ||= "root_url"
|
26
|
-
|
27
|
-
context "on #{command}" do
|
28
|
-
setup { eval command }
|
29
|
-
should_redirect_to opts[:redirect]
|
30
|
-
if opts[:flash]
|
31
|
-
should_set_the_flash_to opts[:flash]
|
32
|
-
else
|
33
|
-
should_not_set_the_flash
|
34
|
-
end
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
def should_filter(*keys)
|
39
|
-
keys.each do |key|
|
40
|
-
should "filter #{key}" do
|
41
|
-
assert @controller.respond_to?(:filter_parameters),
|
42
|
-
"The key #{key} is not filtered"
|
43
|
-
filtered = @controller.send(:filter_parameters, {key.to_s => key.to_s})
|
44
|
-
assert_equal '[FILTERED]', filtered[key.to_s],
|
45
|
-
"The key #{key} is not filtered"
|
46
|
-
end
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
def should_have_user_form
|
51
|
-
should "have the user form" do
|
52
|
-
assert_select "form" do
|
53
|
-
assert_select "input[type=text][name=?]", "user[email]"
|
54
|
-
%w(password password_confirmation).each do |field|
|
55
|
-
assert_select "input[type=password][name=?]", "user[#{field}]"
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
59
|
-
end
|
60
|
-
|
61
|
-
def logged_in_user_context(&blk)
|
62
|
-
context "When logged in as a user" do
|
63
|
-
setup do
|
64
|
-
@user = Factory :user
|
65
|
-
login_as @user
|
66
|
-
end
|
67
|
-
merge_block(&blk)
|
68
|
-
end
|
69
|
-
end
|
70
|
-
end
|
71
|
-
|
72
|
-
end
|
73
|
-
end
|
@@ -1,75 +0,0 @@
|
|
1
|
-
module Clearance
|
2
|
-
module UsersControllerTest
|
3
|
-
|
4
|
-
def self.included(base)
|
5
|
-
base.class_eval do
|
6
|
-
logged_in_user_context do
|
7
|
-
|
8
|
-
should_deny_access_on "get :new"
|
9
|
-
should_deny_access_on "post :create, :user => {}"
|
10
|
-
should_filter :password
|
11
|
-
|
12
|
-
context "viewing their account" do
|
13
|
-
context "on GET to /users/:id/show" do
|
14
|
-
setup { get :show, :id => @user.to_param }
|
15
|
-
should_respond_with :success
|
16
|
-
should_render_template :show
|
17
|
-
should_not_set_the_flash
|
18
|
-
|
19
|
-
should 'assign to @user' do
|
20
|
-
assert_equal @user, assigns(:user)
|
21
|
-
end
|
22
|
-
end
|
23
|
-
|
24
|
-
should_deny_access_on "delete :destroy, :id => @user.to_param"
|
25
|
-
|
26
|
-
context "on GET to /users/:id/edit" do
|
27
|
-
setup { get :edit, :id => @user.to_param }
|
28
|
-
|
29
|
-
should_respond_with :success
|
30
|
-
should_render_template :edit
|
31
|
-
should_not_set_the_flash
|
32
|
-
should_assign_to :user
|
33
|
-
should_have_user_form
|
34
|
-
end
|
35
|
-
|
36
|
-
context "on PUT to /users/:id" do
|
37
|
-
setup do
|
38
|
-
put :update,
|
39
|
-
:id => @user.to_param,
|
40
|
-
:user => { :email => "none@example.com" }
|
41
|
-
end
|
42
|
-
should_set_the_flash_to /updated/i
|
43
|
-
should_redirect_to "root_url"
|
44
|
-
should_assign_to :user
|
45
|
-
should "update the user's attributes" do
|
46
|
-
assert_equal "none@example.com", assigns(:user).email
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
context "on PUT to /users/:id with invalid attributes" do
|
51
|
-
setup { put :update, :id => @user.to_param, :user => {:email => ''} }
|
52
|
-
should_not_set_the_flash
|
53
|
-
should_assign_to :user
|
54
|
-
should_render_template 'edit'
|
55
|
-
should "display errors" do
|
56
|
-
assert_select '#errorExplanation'
|
57
|
-
end
|
58
|
-
end
|
59
|
-
end
|
60
|
-
|
61
|
-
context "dealing with another user's account" do
|
62
|
-
setup do
|
63
|
-
@user = Factory :user
|
64
|
-
end
|
65
|
-
|
66
|
-
should_deny_access_on "get :show, :id => @user.to_param", :flash => /cannot edit/i
|
67
|
-
should_deny_access_on "get :edit, :id => @user.to_param", :flash => /cannot edit/i
|
68
|
-
should_deny_access_on "put :update, :id => @user.to_param, :user => {}", :flash => /cannot edit/i
|
69
|
-
end
|
70
|
-
end
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
|
-
end
|
75
|
-
end
|