devise-remote-user 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2ba593036cec8c5f0fc38ba79eb8e2040897dd7e
-  data.tar.gz: cf65b35d2b96bd7ea3bf3bc38d1a22bce3b0684c
+  metadata.gz: 48592394d5ad5267cdcdc0bc948a590670611ff8
+  data.tar.gz: 46b4a6ffb866678720842a98258f9cfc0757f32c
 SHA512:
-  metadata.gz: 0cf34573776063dc5c328d5122e8d5f9585d4a03fa73fa8655b4e90be8d39832478c26758f9682ccd894bf163713443fc18202f6f50c2e07cd34faa3b047c01d
-  data.tar.gz: ad3d09d20daebf8d1de5e252b91522011e3f160cad5b98df85e4954a5eafccd41afa47e3af84703e607d3cfb04b7c037be0a8a6f98d8cc3b3d34bbb6a53c3539
+  metadata.gz: b72a73def63dbe2cd8157e1e50bd4c582a406562f61223611d534c6079545e92c96494a4beb858882100ac340cad67f3e56534127d41f01eac8735bdfd92d62b
+  data.tar.gz: 363d81d3272248acd1d83ea1812110f413180fa47cbb42cbab76fa6c34be117a03e4d554198f208c48d6fff9ce2acaf4af5040ffc51f7b31dc296267b6f31c7a

data/.gitignore

@@ -8,7 +8,11 @@ InstalledFiles
 lib/bundler/man
 pkg
 rdoc
+spec/dummy/db/*.sqlite3
+spec/dummy/log/*.log
+spec/dummy/tmp
 spec/reports
+spec/tmp
 test/tmp
 test/version_tmp
 tmp

data/README.md

@@ -40,11 +40,8 @@ DeviseRemoteUser.configure do |config|
   config.auto_update = true
   config.attribute_map = {email: 'mail'}
 end
-
-# Uses Warden after_authentication callback to implement auto_update feature
-DeviseRemoteUser.add_warden_callbacks
 ```
 
 ## Tests
 
-Sorry, they haven't been added yet because this code was refactored from en existing Rails app.
+`rake spec` runs the test suite.

data/Rakefile

@@ -4,10 +4,17 @@ rescue LoadError
   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
 end
 
+APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
 Bundler::GemHelper.install_tasks
 
+Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each {|f| load f }
+
+require 'rspec/core'
 require 'rspec/core/rake_task'
 
-RSpec::Core::RakeTask.new(:spec)
+desc "Run all specs in spec directory (excluding plugin specs)"
+RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
 
 task :default => :spec

data/devise_remote_user.gemspec

@@ -15,9 +15,13 @@ Gem::Specification.new do |s|
   s.license     = "BSD"
 
   s.files = `git ls-files`.split("\n")
+  s.test_files = Dir["spec/**/*"]
   s.extra_rdoc_files = ["LICENSE", "README.md"]
   s.require_paths = ["lib"]
   s.add_dependency "rails", ">= 3.2"
   s.add_dependency "devise"
-  s.add_development_dependency "rspec"
+  s.add_development_dependency "sqlite3"
+  s.add_development_dependency "rspec-rails"
+  s.add_development_dependency "factory_girl_rails"
+  s.add_development_dependency "capybara"
 end

data/lib/devise_remote_user/engine.rb

@@ -0,0 +1,10 @@
+module DeviseRemoteUser
+  class Engine < ::Rails::Engine
+    config.generators do |g|
+      g.test_framework :rspec, :fixture => false
+      g.fixture_replacement :factory_girl, :dir => 'spec/factories'
+      g.assets false
+      g.helper false
+    end
+  end
+end

data/lib/devise_remote_user/manager.rb

@@ -17,6 +17,7 @@ module DeviseRemoteUser
       if !user && DeviseRemoteUser.auto_create
         user = create_user
       end
+      update_user(user) if user && DeviseRemoteUser.auto_update
       user
     end
 
@@ -27,9 +28,7 @@ module DeviseRemoteUser
     def create_user
       random_password = SecureRandom.hex(16)
       attrs = user_criterion.merge({password: random_password, password_confirmation: random_password})
-      user = User.create(attrs)
-      update_user(user)
-      user
+      User.create(attrs)
     end
 
     def update_user(user)

data/lib/devise_remote_user/version.rb

@@ -1,3 +1,3 @@
 module DeviseRemoteUser
-  VERSION = '0.1.0'
+  VERSION = '0.2.0'
 end

data/lib/devise_remote_user.rb

@@ -1,8 +1,7 @@
 require 'devise'
+require 'devise_remote_user/engine'
 
 module DeviseRemoteUser
-  
-  class Engine < Rails::Engine; end
 
   # request.env key for remote user name
   # Set to 'HTTP_REMOTE_USER' in config/initializers/devise.rb if behind reverse proxy
@@ -30,15 +29,6 @@ module DeviseRemoteUser
     yield self
   end
 
-  def self.add_warden_callbacks
-    if auto_update
-      Warden::Manager.after_authentication do |user, auth, opts|
-        manager = DeviseRemoteUser::Manager.new(auth.env)
-        manager.update_user(user)
-      end
-    end
-  end
-
 end
 
 Devise.add_module(:remote_user_authenticatable,

data/spec/controllers/application_controller_spec.rb

@@ -0,0 +1,157 @@
+require 'spec_helper'
+
+describe ApplicationController do
+
+  controller do
+    def remote_user_name=(user_name)
+      request.env[DeviseRemoteUser.env_key] = user_name
+    end
+
+    def remote_user_attributes=(attrs)
+      attrs.each {|k, v| request.env[k] = v }
+    end
+  end
+
+  describe "remote user authentication" do
+    describe "remote user exists" do
+      let(:user) { FactoryGirl.create(:user) }
+      after { user.delete }
+      it "should login the remote user" do
+        controller.remote_user_name = user.email
+        get :index
+        controller.user_signed_in?.should be_true
+        controller.current_user.should eq(user)
+      end
+    end
+    describe "remote user not present" do
+      it "should do nothing" do
+        controller.remote_user_name = nil
+        get :index
+        controller.user_signed_in?.should be_false
+      end
+    end
+    describe "remote user does not exist" do
+      let(:email) { "foo@bar.com" }
+      describe "auto-creation enabled" do
+        before { DeviseRemoteUser.auto_create = true }
+        after { @user.delete }
+        it "should create and sign in a new user" do
+          User.find_by_email(email).should be_nil
+          controller.remote_user_name = email
+          get :index
+          response.should be_successful
+          controller.user_signed_in?.should be_true
+          @user = User.find_by_email(email)
+          @user.should_not be_nil
+          controller.current_user.should eq(@user)
+        end
+      end
+      describe "auto-creation disabled" do
+        before { DeviseRemoteUser.auto_create = false }
+        it "should not create a user for the remote user" do
+          User.find_by_email(email).should be_nil
+          controller.remote_user_name = email
+          get :index
+          response.should_not be_successful
+          controller.user_signed_in?.should be_false
+          User.find_by_email(email).should be_nil
+        end
+      end
+    end
+    describe "a local database user is already signed in" do
+      let(:local_user) { FactoryGirl.create(:user) }
+      before do
+        DeviseRemoteUser.auto_create = true
+        controller.remote_user_name = remote_user.email
+        sign_in local_user
+      end
+      after { local_user.delete }
+      describe "remote user exists" do
+        let(:remote_user) { FactoryGirl.create(:user) }
+        after { remote_user.delete }
+        it "should not clobber the existing user session" do
+          get :index
+          controller.current_user.should eq(local_user)
+          controller.current_user.should_not eq(remote_user)
+        end
+      end
+      describe "remote user does not exist" do
+        let(:remote_user) { FactoryGirl.build(:user) }
+        it "should not clobber the existing user session" do
+          get :index
+          controller.current_user.should eq(local_user)
+          controller.current_user.should_not eq(remote_user)
+          User.find_by_email(remote_user.email).should be_nil
+        end
+      end
+    end
+    describe "auto-updating user attributes" do
+      let(:user) { FactoryGirl.create(:user, first_name: 'Hardy', last_name: 'HarHar', nickname: "Laurel's Buddy", display_name: 'Hardy HarHar') }
+      before do
+        DeviseRemoteUser.attribute_map = {
+          first_name: 'givenName',
+          nickname: 'eduPersonNickname',
+          last_name: 'sn',
+          display_name: 'displayName'
+          }
+      end
+      after { user.delete }
+      describe "auto-creation disabled" do
+        before { DeviseRemoteUser.auto_update = false }
+        it "should not update the user attributes" do
+          controller.remote_user_name = user.email
+          controller.remote_user_attributes = {
+            'givenName' => 'Fleece',
+            'sn' => 'Vest',
+            'eduPersonNickname' => 'Iconoclast',
+            'displayName' => 'Fleece Vest (Iconoclast)'
+          }
+          get :index
+          user.reload
+          user.first_name.should == 'Hardy'
+          user.last_name.should == 'HarHar'
+          user.display_name.should == 'Hardy HarHar'
+          user.nickname.should == "Laurel's Buddy"
+        end
+      end
+      describe "auto-creation enabled" do
+        before { DeviseRemoteUser.auto_update = true }
+        describe "database authentication wins" do
+          it "should not update the user attributes" do
+            sign_in user
+            controller.remote_user_attributes = {
+              'givenName' => 'Fleece',
+              'sn' => 'Vest',
+              'eduPersonNickname' => 'Iconoclast',
+              'displayName' => 'Fleece Vest (Iconoclast)'
+            }
+            get :index
+            user.reload
+            user.first_name.should == 'Hardy'
+            user.last_name.should == 'HarHar'
+            user.display_name.should == 'Hardy HarHar'
+            user.nickname.should == "Laurel's Buddy"
+          end
+        end
+        describe "remote user authentication wins" do
+          it "should update the user attributes" do
+            controller.remote_user_name = user.email
+            controller.remote_user_attributes = {
+              'givenName' => 'Fleece',
+              'sn' => 'Vest',
+              'eduPersonNickname' => 'Iconoclast',
+              'displayName' => 'Fleece Vest (Iconoclast)'
+            }
+            get :index
+            user.reload
+            user.first_name.should == 'Fleece'
+            user.last_name.should == 'Vest'
+            user.display_name.should == 'Fleece Vest (Iconoclast)'
+            user.nickname.should == 'Iconoclast'
+          end
+        end
+      end
+    end
+  end
+
+end

data/spec/controllers/application_controller_spec.rb~

@@ -0,0 +1,9 @@
+require 'spec_helper'
+
+describe ApplicationController do
+  controller do
+    def index
+      render text: "Yay!"
+    end
+  end
+end

data/spec/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/spec/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Dummy::Application.load_tasks

data/spec/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/spec/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */

data/spec/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,11 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+
+  before_filter :authenticate_user!
+
+  def index
+    render text: "You have reached your destination!"
+  end
+end

data/spec/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/spec/dummy/app/models/user.rb

@@ -0,0 +1,4 @@
+class User < ActiveRecord::Base
+  devise :remote_user_authenticatable, :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable
+end

data/spec/dummy/app/models/user.rb~

@@ -0,0 +1,6 @@
+class User < ActiveRecord::Base
+  # Include default devise modules. Others available are:
+  # :confirmable, :lockable, :timeoutable and :omniauthable
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable
+end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= stylesheet_link_tag    "application", media: "all", "data-turbolinks-track" => true %>
+  <%= javascript_include_tag "application", "data-turbolinks-track" => true %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/spec/dummy/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/spec/dummy/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/spec/dummy/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/spec/dummy/config/application.rb

@@ -0,0 +1,23 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+Bundler.require(*Rails.groups)
+require "devise_remote_user"
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+  end
+end
+

data/spec/dummy/config/boot.rb

@@ -0,0 +1,5 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
+$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)

data/spec/dummy/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+development:
+  adapter: sqlite3
+  database: db/development.sqlite3
+  pool: 5
+  timeout: 5000
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  adapter: sqlite3
+  database: db/test.sqlite3
+  pool: 5
+  timeout: 5000
+
+production:
+  adapter: sqlite3
+  database: db/production.sqlite3
+  pool: 5
+  timeout: 5000

data/spec/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the Rails application.
+require File.expand_path('../application', __FILE__)
+
+# Initialize the Rails application.
+Dummy::Application.initialize!

data/spec/dummy/config/environments/development.rb

@@ -0,0 +1,29 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise an error on page load if there are pending migrations
+  config.active_record.migration_error = :page_load
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+end

data/spec/dummy/config/environments/production.rb

@@ -0,0 +1,80 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # Code is not reloaded between requests.
+  config.cache_classes = true
+
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both thread web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Enable Rack::Cache to put a simple HTTP cache in front of your application
+  # Add `rack-cache` to your Gemfile before enabling this.
+  # For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid.
+  # config.action_dispatch.rack_cache = true
+
+  # Disable Rails's static asset server (Apache or nginx will already do this).
+  config.serve_static_assets = false
+
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
+
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
+  config.assets.compile = false
+
+  # Generate digests for assets URLs.
+  config.assets.digest = true
+
+  # Version of your assets, change this if you want to expire all your assets.
+  config.assets.version = '1.0'
+
+  # Specifies the header that your server uses for sending files.
+  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  # config.force_ssl = true
+
+  # Set to :debug to see everything in the log.
+  config.log_level = :info
+
+  # Prepend all log lines with the following tags.
+  # config.log_tags = [ :subdomain, :uuid ]
+
+  # Use a different logger for distributed setups.
+  # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
+
+  # Use a different cache store in production.
+  # config.cache_store = :mem_cache_store
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = "http://assets.example.com"
+
+  # Precompile additional assets.
+  # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
+  # config.assets.precompile += %w( search.js )
+
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation can not be found).
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners.
+  config.active_support.deprecation = :notify
+
+  # Disable automatic flushing of the log to improve performance.
+  # config.autoflush_log = false
+
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+end

data/spec/dummy/config/environments/test.rb

@@ -0,0 +1,36 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # The test environment is used exclusively to run your application's
+  # test suite. You never need to work with it otherwise. Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs. Don't rely on the data there!
+  config.cache_classes = true
+
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = false
+
+  # Configure static asset server for tests with Cache-Control for performance.
+  config.serve_static_assets  = true
+  config.static_cache_control = "public, max-age=3600"
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates.
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment.
+  config.action_controller.allow_forgery_protection = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Print deprecation notices to the stderr.
+  config.active_support.deprecation = :stderr
+end