dancroak-clearance 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- data/README.textile +2 -2
- data/clearance.gemspec +4 -4
- data/lib/clearance/app/controllers/users_controller.rb +1 -1
- data/lib/clearance/test/functionals/sessions_controller_test.rb +4 -6
- data/lib/clearance/test/functionals/users_controller_test.rb +84 -0
- data/lib/clearance/test/test_helper.rb +79 -0
- metadata +3 -3
data/README.textile
CHANGED
@@ -62,12 +62,12 @@ In app/controllers/users_controller.rb:
|
|
62
62
|
|
63
63
|
h2. Routes
|
64
64
|
|
65
|
-
map.root # :controller => 'sessions'
|
65
|
+
map.root # '/', :controller => 'sessions', :action => 'new'
|
66
66
|
map.with_options :controller => 'sessions' do |m|
|
67
67
|
m.login '/login', :action => 'new'
|
68
68
|
m.logout '/logout', :action => 'destroy'
|
69
69
|
end
|
70
|
-
map.resource :
|
70
|
+
map.resource :session
|
71
71
|
|
72
72
|
h2. Tests
|
73
73
|
|
data/clearance.gemspec
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
s.name = "clearance"
|
3
|
-
s.version = "0.1.
|
3
|
+
s.version = "0.1.3"
|
4
4
|
s.date = "2008-09-16"
|
5
5
|
s.summary = "Simple, complete Rails authentication."
|
6
6
|
s.email = "dcroak@thoughtbot.com"
|
@@ -14,8 +14,8 @@ Gem::Specification.new do |s|
|
|
14
14
|
"lib/clearance/app/models/model.rb",
|
15
15
|
"lib/clearance/app/controllers/sessions_controller.rb",
|
16
16
|
"lib/clearance/test/functionals/sessions_controller_test.rb",
|
17
|
-
"lib/clearance/test_helper.rb",
|
17
|
+
"lib/clearance/test/test_helper.rb",
|
18
18
|
"lib/clearance/test/units/user_test.rb",
|
19
19
|
"lib/clearance/app/controllers/users_controller.rb",
|
20
|
-
"lib/clearance/test/
|
21
|
-
end
|
20
|
+
"lib/clearance/test/functionals/users_controller_test.rb"]
|
21
|
+
end
|
@@ -65,7 +65,7 @@ module Clearance
|
|
65
65
|
module PrivateInstanceMethods
|
66
66
|
def ensure_user_is_accessing_self
|
67
67
|
return if current_user and current_user.respond_to?(:admin?) and current_user.admin?
|
68
|
-
deny_access
|
68
|
+
deny_access('You cannot edit that user.', :redirect => root_url) unless current_user.id.to_i == params[:id].to_i
|
69
69
|
end
|
70
70
|
end
|
71
71
|
|
@@ -4,9 +4,7 @@ module Clearance
|
|
4
4
|
def self.included(base)
|
5
5
|
base.class_eval do
|
6
6
|
context "Given a user" do
|
7
|
-
setup
|
8
|
-
@user = Factory(:user)
|
9
|
-
end
|
7
|
+
setup { @user = Factory :user }
|
10
8
|
|
11
9
|
should_filter :password
|
12
10
|
|
@@ -32,7 +30,7 @@ module Clearance
|
|
32
30
|
|
33
31
|
should_set_the_flash_to /success/i
|
34
32
|
should_redirect_to 'root_url'
|
35
|
-
# should set session
|
33
|
+
# TODO: should set session
|
36
34
|
end
|
37
35
|
|
38
36
|
context "a POST to #create with bad credentials" do
|
@@ -42,10 +40,10 @@ module Clearance
|
|
42
40
|
|
43
41
|
should_set_the_flash_to /bad/i
|
44
42
|
should_render_template :new
|
45
|
-
# should not set session
|
43
|
+
# TODO: should not set session
|
46
44
|
end
|
47
45
|
|
48
|
-
# two tests for remember me - success and failure
|
46
|
+
# TODO: two tests for remember me - success and failure
|
49
47
|
end
|
50
48
|
|
51
49
|
context "While logged out" do
|
@@ -0,0 +1,84 @@
|
|
1
|
+
module Clearance
|
2
|
+
module UsersControllerTest
|
3
|
+
|
4
|
+
def self.included(base)
|
5
|
+
base.class_eval do
|
6
|
+
public_context do
|
7
|
+
|
8
|
+
should_deny_access_on "get :new", :redirect => "login_url"
|
9
|
+
should_deny_access_on "post :create, :user => {}", :redirect => "login_url"
|
10
|
+
should_deny_access_on "get :edit, :id => 1", :redirect => "login_url"
|
11
|
+
should_deny_access_on "put :update, :id => 1", :redirect => "login_url"
|
12
|
+
should_deny_access_on "get :show, :id => 1", :redirect => "login_url"
|
13
|
+
should_deny_access_on "delete :destroy, :id => 1", :redirect => "login_url"
|
14
|
+
|
15
|
+
end
|
16
|
+
|
17
|
+
logged_in_user_context do
|
18
|
+
|
19
|
+
should_deny_access_on "get :new"
|
20
|
+
should_deny_access_on "post :create, :user => {}"
|
21
|
+
should_filter :password
|
22
|
+
|
23
|
+
context "viewing their account" do
|
24
|
+
context "on GET to /users/:id/show" do
|
25
|
+
setup { get :show, :id => @user.to_param }
|
26
|
+
should_respond_with :success
|
27
|
+
should_render_template :show
|
28
|
+
should_not_set_the_flash
|
29
|
+
|
30
|
+
should 'assign to @user' do
|
31
|
+
assert_equal @user, assigns(:user)
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
should_deny_access_on "delete :destroy, :id => @user.to_param"
|
36
|
+
|
37
|
+
context "on GET to /users/:id/edit" do
|
38
|
+
setup { get :edit, :id => @user.to_param }
|
39
|
+
|
40
|
+
should_respond_with :success
|
41
|
+
should_render_template :edit
|
42
|
+
should_not_set_the_flash
|
43
|
+
should_assign_to :user
|
44
|
+
should_have_user_form
|
45
|
+
end
|
46
|
+
|
47
|
+
context "on PUT to /users/:id" do
|
48
|
+
setup do
|
49
|
+
put :update,
|
50
|
+
:id => @user.to_param,
|
51
|
+
:user => { :email => "none@example.com" }
|
52
|
+
end
|
53
|
+
should_set_the_flash_to /updated/i
|
54
|
+
should_redirect_to "root_url"
|
55
|
+
should_assign_to :user
|
56
|
+
should "update the user's attributes" do
|
57
|
+
assert_equal "none@example.com", assigns(:user).email
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
context "on PUT to /users/:id with invalid attributes" do
|
62
|
+
setup { put :update, :id => @user.to_param, :user => {:email => ''} }
|
63
|
+
should_not_set_the_flash
|
64
|
+
should_assign_to :user
|
65
|
+
should_render_template 'edit'
|
66
|
+
should "display errors" do
|
67
|
+
assert_select '#errorExplanation'
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
context "trying to access another user's account" do
|
73
|
+
setup { @user = Factory :user }
|
74
|
+
|
75
|
+
should_deny_access_on "get :show, :id => @user.to_param", :flash => /cannot edit/i
|
76
|
+
should_deny_access_on "get :edit, :id => @user.to_param", :flash => /cannot edit/i
|
77
|
+
should_deny_access_on "put :update, :id => @user.to_param, :user => {}", :flash => /cannot edit/i
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
end
|
84
|
+
end
|
@@ -0,0 +1,79 @@
|
|
1
|
+
module Clearance
|
2
|
+
module TestHelper
|
3
|
+
|
4
|
+
def self.included(base)
|
5
|
+
base.class_eval do
|
6
|
+
include InstanceMethods
|
7
|
+
extend ClassMethods
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
module InstanceMethods
|
12
|
+
def login_as(user = nil)
|
13
|
+
user ||= Factory(:user)
|
14
|
+
@request.session[:user_id] = user.id
|
15
|
+
return user
|
16
|
+
end
|
17
|
+
|
18
|
+
def logout
|
19
|
+
@request.session[:user_id] = nil
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
module ClassMethods
|
24
|
+
def should_deny_access_on(command, opts = {})
|
25
|
+
opts[:redirect] ||= "root_url"
|
26
|
+
|
27
|
+
context "on #{command}" do
|
28
|
+
setup { eval command }
|
29
|
+
should_redirect_to opts[:redirect]
|
30
|
+
if opts[:flash]
|
31
|
+
should_set_the_flash_to opts[:flash]
|
32
|
+
else
|
33
|
+
should_not_set_the_flash
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
def should_filter(*keys)
|
39
|
+
keys.each do |key|
|
40
|
+
should "filter #{key}" do
|
41
|
+
assert @controller.respond_to?(:filter_parameters),
|
42
|
+
"The key #{key} is not filtered"
|
43
|
+
filtered = @controller.send(:filter_parameters, {key.to_s => key.to_s})
|
44
|
+
assert_equal '[FILTERED]', filtered[key.to_s],
|
45
|
+
"The key #{key} is not filtered"
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def should_have_user_form
|
51
|
+
should "have user form" do
|
52
|
+
assert_select "form" do
|
53
|
+
assert_select "input[type=text][name=?]", "user[email]"
|
54
|
+
assert_select "input[type=password][name=?]", "user[password]"
|
55
|
+
assert_select "input[type=password][name=?]", "user[password_confirmation]"
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
def logged_in_user_context(&blk)
|
61
|
+
context "A logged in user" do
|
62
|
+
setup do
|
63
|
+
@user = Factory :user
|
64
|
+
login_as @user
|
65
|
+
end
|
66
|
+
merge_block(&blk)
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
def public_context(&blk)
|
71
|
+
context "The public" do
|
72
|
+
setup { logout }
|
73
|
+
merge_block(&blk)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
end
|
79
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dancroak-clearance
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- thoughtbot, inc.
|
@@ -32,10 +32,10 @@ files:
|
|
32
32
|
- lib/clearance/app/models/model.rb
|
33
33
|
- lib/clearance/app/controllers/sessions_controller.rb
|
34
34
|
- lib/clearance/test/functionals/sessions_controller_test.rb
|
35
|
-
- lib/clearance/test_helper.rb
|
35
|
+
- lib/clearance/test/test_helper.rb
|
36
36
|
- lib/clearance/test/units/user_test.rb
|
37
37
|
- lib/clearance/app/controllers/users_controller.rb
|
38
|
-
- lib/clearance/test/
|
38
|
+
- lib/clearance/test/functionals/users_controller_test.rb
|
39
39
|
has_rdoc: false
|
40
40
|
homepage: http://github.com/dancroak/clearance
|
41
41
|
post_install_message:
|