devise_masquerade 0.6.4 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of devise_masquerade might be problematic. Click here for more details.

Files changed (56) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +1 -2
  3. data/.ruby-version +1 -1
  4. data/.travis.yml +2 -4
  5. data/Gemfile +14 -10
  6. data/Gemfile.lock +303 -0
  7. data/Makefile +6 -1
  8. data/README.md +25 -1
  9. data/app/controllers/devise/masquerades_controller.rb +70 -54
  10. data/devise_masquerade.gemspec +4 -4
  11. data/features/back.feature +0 -1
  12. data/features/multiple_masquerading_models.feature +17 -0
  13. data/features/step_definitions/auth_steps.rb +1 -0
  14. data/features/step_definitions/back_steps.rb +18 -3
  15. data/features/support/env.rb +23 -4
  16. data/lib/devise_masquerade/controllers/helpers.rb +26 -7
  17. data/lib/devise_masquerade/controllers/url_helpers.rb +19 -4
  18. data/lib/devise_masquerade/models/masqueradable.rb +47 -0
  19. data/lib/devise_masquerade/models.rb +9 -0
  20. data/lib/devise_masquerade/rails.rb +14 -4
  21. data/lib/devise_masquerade/routes.rb +10 -8
  22. data/lib/devise_masquerade/version.rb +1 -1
  23. data/lib/devise_masquerade.rb +3 -9
  24. data/spec/controllers/admin/dashboard_controller_spec.rb +5 -4
  25. data/spec/controllers/dashboard_controller_spec.rb +4 -4
  26. data/spec/controllers/devise/masquerades_controller_spec.rb +60 -36
  27. data/spec/controllers/{masquerades_controller_spec.rb → masquerades_tests_controller_spec.rb} +11 -8
  28. data/spec/dummy/app/controllers/admin/dashboard_controller.rb +1 -2
  29. data/spec/dummy/app/controllers/application_controller.rb +2 -0
  30. data/spec/dummy/app/controllers/dashboard_controller.rb +1 -2
  31. data/spec/dummy/app/controllers/masquerades_tests_controller.rb +7 -0
  32. data/spec/dummy/app/controllers/students_controller.rb +8 -0
  33. data/spec/dummy/app/models/admin/user.rb +0 -7
  34. data/spec/dummy/app/models/student.rb +3 -0
  35. data/spec/dummy/app/models/user.rb +1 -10
  36. data/spec/dummy/app/views/admin/dashboard/index.html.erb +0 -2
  37. data/spec/dummy/app/views/dashboard/index.html.erb +0 -2
  38. data/spec/dummy/app/views/layouts/application.html.erb +7 -1
  39. data/spec/dummy/app/views/students/_student.html.erb +6 -0
  40. data/spec/dummy/app/views/students/index.html.erb +1 -0
  41. data/spec/dummy/app/views/users/_user.html.erb +1 -1
  42. data/spec/dummy/config/application.rb +2 -0
  43. data/spec/dummy/config/environment.rb +1 -0
  44. data/spec/dummy/config/routes.rb +6 -4
  45. data/spec/dummy/db/.gitignore +1 -0
  46. data/spec/dummy/db/migrate/20121119085620_devise_create_users.rb +1 -1
  47. data/spec/dummy/db/migrate/20140418160449_create_admin_users.rb +1 -1
  48. data/spec/dummy/db/migrate/20191022100000_create_students.rb +14 -0
  49. data/spec/dummy/db/schema.rb +37 -31
  50. data/spec/models/user_spec.rb +1 -1
  51. data/spec/orm/active_record.rb +5 -2
  52. data/spec/spec_helper.rb +3 -3
  53. data/spec/support/factories.rb +13 -9
  54. metadata +31 -16
  55. data/lib/devise_masquerade/model.rb +0 -42
  56. data/spec/dummy/app/controllers/masquerades_controller.rb +0 -5
@@ -0,0 +1,17 @@
1
+ Feature: Use various models for masquerading
2
+ In order to use various models for masquerading
3
+ As an masquerade user
4
+ I want to be able to press press masquerade as link for different models
5
+
6
+ Scenario: Use masquerade button on student and user models
7
+ Given I logged in
8
+ And I have a user for masquerade
9
+ And I have a student for masquerade
10
+
11
+ When I am on the users page
12
+ And I login as one user
13
+ Then I should be login as this user
14
+
15
+ When I am on the students page
16
+ And I login as one student
17
+ Then I should be login as this student
@@ -8,3 +8,4 @@ Given /^I logged in$/ do
8
8
 
9
9
  click_on 'Log in'
10
10
  end
11
+
@@ -1,5 +1,5 @@
1
1
  Given /^I have a user for masquerade$/ do
2
- @mask = create(:user)
2
+ @user_mask = create(:user)
3
3
  end
4
4
 
5
5
  When /^I am on the users page$/ do
@@ -7,11 +7,11 @@ When /^I am on the users page$/ do
7
7
  end
8
8
 
9
9
  When /^I login as one user$/ do
10
- click_on "Login as"
10
+ find('.login_as').click
11
11
  end
12
12
 
13
13
  Then /^I should be login as this user$/ do
14
- find('.current_user').should have_content(@mask.email)
14
+ find('.current_user').should have_content(@user_mask.email)
15
15
  end
16
16
 
17
17
  When /^I press back masquerade button$/ do
@@ -22,3 +22,18 @@ Then /^I should be login as owner user$/ do
22
22
  find('.current_user').should have_content(@user.email)
23
23
  end
24
24
 
25
+ Given /^I have a student for masquerade$/ do
26
+ @student_mask = create(:student)
27
+ end
28
+
29
+ When /^I am on the students page$/ do
30
+ visit '/students'
31
+ end
32
+
33
+ When /^I login as one student$/ do
34
+ find('.login_as').click
35
+ end
36
+
37
+ Then /^I should be login as this student$/ do
38
+ find('.current_student').should have_content(@student_mask.email)
39
+ end
@@ -1,5 +1,5 @@
1
1
  require 'cucumber/rails'
2
- require 'factory_girl'
2
+ require 'factory_bot'
3
3
  require 'database_cleaner'
4
4
  require 'cucumber/rspec/doubles'
5
5
 
@@ -9,9 +9,11 @@ ENV["RAILS_ENV"] = "test"
9
9
 
10
10
  Capybara.default_selector = :css
11
11
 
12
- ActionController::Base.allow_rescue = false
12
+ ActiveSupport.on_load(:action_controller) do
13
+ self.allow_rescue = false
14
+ end
13
15
 
14
- World(FactoryGirl::Syntax::Methods)
16
+ World(FactoryBot::Syntax::Methods)
15
17
 
16
18
  begin
17
19
  DatabaseCleaner.strategy = :transaction
@@ -20,7 +22,24 @@ rescue NameError
20
22
  end
21
23
 
22
24
  Cucumber::Rails::Database.javascript_strategy = :truncation
23
- Capybara.javascript_driver = :webkit
25
+
26
+ Capybara.register_driver :chrome do |app|
27
+ Capybara::Selenium::Driver.new(app, browser: :chrome)
28
+ end
29
+
30
+ Capybara.register_driver :headless_chrome do |app|
31
+ caps = Selenium::WebDriver::Remote::Capabilities.chrome(loggingPrefs: { browser: 'ALL' })
32
+ opts = Selenium::WebDriver::Chrome::Options.new
33
+
34
+ chrome_args = %w[--headless --window-size=1920,1080 --no-sandbox --disable-dev-shm-usage]
35
+ chrome_args.each { |arg| opts.add_argument(arg) }
36
+ Capybara::Selenium::Driver.new(app, browser: :chrome, options: opts, desired_capabilities: caps)
37
+ end
38
+
39
+ Capybara.configure do |config|
40
+ # change this to :chrome to observe tests in a real browser
41
+ config.javascript_driver = :headless_chrome
42
+ end
24
43
 
25
44
  Before do
26
45
  allow_any_instance_of(DeviseController).to receive(:devise_mapping) { Devise.mappings[:user] }
@@ -6,13 +6,34 @@ module DeviseMasquerade
6
6
  class_name = mapping.class_name
7
7
 
8
8
  class_eval <<-METHODS, __FILE__, __LINE__ + 1
9
+ def masquerade!
10
+ return if params["#{Devise.masquerade_param}"].blank?
11
+
12
+ klass = unless params[:masqueraded_resource_class].blank?
13
+ params[:masqueraded_resource_class].constantize
14
+ else
15
+ if Devise.masqueraded_resource_class
16
+ Devise.masqueraded_resource_class
17
+ elsif defined?(User)
18
+ User
19
+ end
20
+ end
21
+ return unless klass
22
+
23
+ resource = klass.find_by_masquerade_key(params["#{Devise.masquerade_param}"]).first
24
+
25
+ if resource
26
+ masquerade_sign_in(resource)
27
+ end
28
+ end
29
+
9
30
  def masquerade_#{name}!
10
31
  return if params["#{Devise.masquerade_param}"].blank?
11
32
 
12
- #{name} = ::#{class_name}.find_by_masquerade_key(params["#{Devise.masquerade_param}"])
33
+ resource = ::#{class_name}.find_by_masquerade_key(params["#{Devise.masquerade_param}"]).first
13
34
 
14
- if #{name}
15
- masquerade_sign_in(#{name})
35
+ if resource
36
+ masquerade_sign_in(resource)
16
37
  end
17
38
  end
18
39
 
@@ -22,7 +43,7 @@ module DeviseMasquerade
22
43
 
23
44
  def #{name}_masquerade_owner
24
45
  return nil unless send(:#{name}_masquerade?)
25
- ::#{class_name}.to_adapter.find_first(:id => session[:"devise_masquerade_#{name}"])
46
+ ::#{class_name}.to_adapter.find_first(id: session[:"devise_masquerade_#{name}"])
26
47
  end
27
48
 
28
49
  private
@@ -32,7 +53,7 @@ module DeviseMasquerade
32
53
  if respond_to?(:bypass_sign_in)
33
54
  bypass_sign_in(resource)
34
55
  else
35
- sign_in(resource, :bypass => true)
56
+ sign_in(resource, bypass: true)
36
57
  end
37
58
  else
38
59
  sign_in(resource)
@@ -50,5 +71,3 @@ module DeviseMasquerade
50
71
  end
51
72
  end
52
73
  end
53
-
54
- ActionController::Base.send(:include, DeviseMasquerade::Controllers::Helpers)
@@ -1,16 +1,31 @@
1
+ require 'securerandom'
2
+
1
3
  module DeviseMasquerade
2
4
  module Controllers
5
+
3
6
  module UrlHelpers
4
- def masquerade_path(resource)
7
+ def masquerade_path(resource, *args)
5
8
  scope = Devise::Mapping.find_scope!(resource)
6
- send("#{scope}_masquerade_path", resource)
9
+
10
+ opts = args.first || {}
11
+ opts.merge!(masqueraded_resource_class: resource.class.name)
12
+
13
+ resource.masquerade!
14
+ opts.merge!(Devise.masquerade_param => resource.masquerade_key)
15
+
16
+ send("#{scope}_masquerade_path", resource, opts, *args)
7
17
  end
8
18
 
9
- def back_masquerade_path(resource)
19
+ def back_masquerade_path(resource, *args)
10
20
  scope = Devise::Mapping.find_scope!(resource)
11
- send("back_#{scope}_masquerade_index_path")
21
+
22
+ opts = args.first || {}
23
+ opts.merge!(masqueraded_resource_class: resource.class.name)
24
+
25
+ send("back_#{scope}_masquerade_index_path", opts, *args)
12
26
  end
13
27
  end
28
+
14
29
  end
15
30
  end
16
31
 
@@ -0,0 +1,47 @@
1
+ module DeviseMasquerade
2
+ module Models
3
+ module Masqueradable
4
+ extend ActiveSupport::Concern
5
+
6
+ included do
7
+ attr_reader :masquerade_key
8
+
9
+ def masquerade!
10
+ @masquerade_key = SecureRandom.urlsafe_base64(
11
+ Devise.masquerade_key_size)
12
+ cache_key = self.class.cache_masquerade_key_by(@masquerade_key)
13
+ ::Rails.cache.write(
14
+ cache_key, id, expires_in: Devise.masquerade_expires_in)
15
+ end
16
+ end
17
+
18
+ module ClassMethods
19
+ def cache_masquerade_key_by(key)
20
+ "#{self.name.pluralize.underscore}:#{key}:masquerade"
21
+ end
22
+
23
+ def remove_masquerade_key!(key)
24
+ ::Rails.cache.delete(cache_masquerade_key_by(key))
25
+ end
26
+
27
+ def find_by_masquerade_key(key)
28
+ id = ::Rails.cache.read(cache_masquerade_key_by(key))
29
+
30
+ # clean up the cached masquerade key value
31
+ remove_masquerade_key!(key)
32
+
33
+ where(id: id)
34
+ end
35
+
36
+ def find_by_masquerade_key(key)
37
+ id = ::Rails.cache.read(cache_masquerade_key_by(key))
38
+
39
+ # clean up the cached masquerade key value
40
+ remove_masquerade_key!(key)
41
+
42
+ where(id: id)
43
+ end
44
+ end # ClassMethods
45
+ end
46
+ end
47
+ end
@@ -0,0 +1,9 @@
1
+ require 'devise_masquerade/models/masqueradable'
2
+
3
+ module DeviseMasquerade
4
+ module Models
5
+
6
+ end
7
+ end
8
+
9
+ Devise::Models.send :include, DeviseMasquerade::Models
@@ -1,7 +1,17 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module DeviseMasquerade
2
- class Engine < ::Rails::Engine
3
- ActiveSupport.on_load(:action_controller) { include DeviseMasquerade::Controllers::UrlHelpers }
4
- ActiveSupport.on_load(:action_view) { include DeviseMasquerade::Controllers::UrlHelpers }
4
+ module Rails
5
+
6
+ class Engine < ::Rails::Engine
7
+ initializer "devise.url_helpers" do
8
+ Devise.include_helpers(DeviseMasquerade::Controllers)
9
+ end
10
+
11
+ ActiveSupport.on_load(:action_controller) do
12
+ include DeviseMasquerade::Controllers::Helpers
13
+ end
14
+ end
15
+
5
16
  end
6
17
  end
7
-
@@ -1,17 +1,19 @@
1
- module ActionDispatch::Routing
2
- class Mapper
3
-
4
- protected
1
+ module DeviseMasquerade
2
+ module Routes
5
3
 
6
4
  def devise_masquerade(mapping, controllers)
7
5
  resources :masquerade,
8
- :only => :show,
9
- :path => mapping.path_names[:masquerade],
10
- :controller => controllers[:masquerades] do
6
+ only: :show,
7
+ path: mapping.path_names[:masquerade],
8
+ controller: controllers[:masquerades] do
11
9
 
12
- get :back, :on => :collection
10
+ collection do
11
+ get :back
12
+ end
13
13
  end
14
14
  end
15
+
15
16
  end
16
17
  end
17
18
 
19
+ ActionDispatch::Routing::Mapper.send :include, DeviseMasquerade::Routes
@@ -1,3 +1,3 @@
1
1
  module DeviseMasquerade
2
- VERSION = '0.6.4'.freeze
2
+ VERSION = '1.2.0'.freeze
3
3
  end
@@ -1,22 +1,16 @@
1
1
  require 'devise'
2
-
3
- require 'action_controller'
4
- require 'action_controller/base'
5
2
  require 'devise_masquerade/version'
6
3
  require 'devise_masquerade/routes'
7
4
  require 'devise_masquerade/controllers/helpers'
8
5
  require 'devise_masquerade/controllers/url_helpers'
9
6
  require 'devise_masquerade/rails'
10
7
 
11
- module DeviseMasquerade
12
- end
13
-
14
8
  module Devise
15
9
  mattr_accessor :masquerade_param
16
10
  @@masquerade_param = 'masquerade'
17
11
 
18
12
  mattr_accessor :masquerade_expires_in
19
- @@masquerade_expires_in = 10.seconds
13
+ @@masquerade_expires_in = 1.minute
20
14
 
21
15
  mattr_accessor :masquerade_key_size
22
16
  @@masquerade_key_size = 16
@@ -42,5 +36,5 @@ module Devise
42
36
  @@helpers << DeviseMasquerade::Controllers::Helpers
43
37
  end
44
38
 
45
- Devise.add_module :masqueradable, :controller => :masquerades,
46
- :model => 'devise_masquerade/model', :route => :masquerade
39
+ Devise.add_module :masqueradable, controller: :masquerades,
40
+ model: 'devise_masquerade/models', route: :masquerade
@@ -5,14 +5,15 @@ describe Admin::DashboardController, type: :controller do
5
5
  before { admin_logged_in }
6
6
 
7
7
  context 'and admin masquerade by user' do
8
- let!(:user) { create(:admin_user) }
8
+ let!(:mask) { create(:admin_user) }
9
9
 
10
10
  before do
11
- user.masquerade!
12
- get :index, :masquerade => user.masquerade_key
11
+ mask.masquerade!
12
+
13
+ get :index, params: { masquerade: mask.masquerade_key, masqueraded_resource_class: 'Admin::User' }
13
14
  end
14
15
 
15
- it { expect(current_admin_user.reload).to eq(user) }
16
+ it { expect(current_admin_user.reload).to eq(mask) }
16
17
  end
17
18
  end
18
19
  end
@@ -5,15 +5,15 @@ describe DashboardController, type: :controller do
5
5
  before { logged_in }
6
6
 
7
7
  context 'and admin masquerade by user' do
8
- let!(:user) { create(:user) }
8
+ let!(:mask) { create(:user) }
9
9
 
10
10
  before do
11
- user.masquerade!
11
+ mask.masquerade!
12
12
 
13
- get :index, :masquerade => user.masquerade_key
13
+ get :index, params: { masquerade: mask.masquerade_key }
14
14
  end
15
15
 
16
- it { expect(current_user.reload).to eq(user) }
16
+ it { expect(current_user.reload).to eq(mask) }
17
17
  end
18
18
  end
19
19
  end
@@ -7,17 +7,36 @@ describe Devise::MasqueradesController, type: :controller do
7
7
  context 'when logged in' do
8
8
  before { logged_in }
9
9
 
10
+ context 'with masqueradable_class param' do
11
+ let(:mask) { create(:student) }
12
+
13
+ before { mask.masquerade! }
14
+
15
+ before do
16
+ get :show, params: { id: mask.to_param, masqueraded_resource_class: mask.class.name, masquerade: mask.masquerade_key }
17
+ end
18
+
19
+ it { expect(session.keys).to include('devise_masquerade_student') }
20
+
21
+ it 'should have warden keys defined' do
22
+ expect(session["warden.user.student.key"].first.first).to eq(mask.id)
23
+ end
24
+
25
+ it { should redirect_to('/') }
26
+ end
27
+
10
28
  describe '#masquerade user' do
11
29
  let(:mask) { create(:user) }
12
30
 
31
+ before { mask.masquerade! }
32
+
13
33
  before do
14
- expect(SecureRandom).to receive(:urlsafe_base64) { "secure_key" }
15
- get :show, :id => mask.to_param
34
+ get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key }
16
35
  end
17
36
 
18
37
  it { expect(session.keys).to include('devise_masquerade_user') }
19
38
  it { expect(session["warden.user.user.key"].first.first).to eq(mask.id) }
20
- it { should redirect_to("/?masquerade=secure_key") }
39
+ it { should redirect_to('/') }
21
40
 
22
41
  context 'and back' do
23
42
  before { get :back }
@@ -26,54 +45,59 @@ describe Devise::MasqueradesController, type: :controller do
26
45
  it { expect(current_user.reload).to eq(@user) }
27
46
  it { expect(session.keys).not_to include('devise_masquerade_user') }
28
47
  end
48
+ end
29
49
 
30
- # Configure masquerade_routes_back setting
31
- describe 'config#masquerade_routes_back' do
32
- before { Devise.setup {|c| c.masquerade_routes_back = true } }
33
-
34
- context 'show' do
35
- before { expect(SecureRandom).to receive(:urlsafe_base64) { "secure_key" } }
36
-
37
- context '< Rails 5 version' do
38
- before do
39
- @request.env['HTTP_REFERER'] = 'previous_location'
40
- get :show, id: mask.to_param
41
- end # before
50
+ # Configure masquerade_routes_back setting
51
+ describe 'config#masquerade_routes_back' do
52
+ let(:mask) { create(:user) }
42
53
 
43
- it { should redirect_to('previous_location') }
44
- end # context
54
+ before { Devise.setup { |c| c.masquerade_routes_back = true } }
45
55
 
46
- context '< Rails 5, fallback if http_referer not present' do
47
- before do
48
- allow_any_instance_of(described_class).to receive(:after_masquerade_path_for).and_return("/dashboard?color=red")
49
- end
56
+ after { Devise.masquerade_routes_back = false }
50
57
 
51
- before { get :show, id: mask.to_param }
58
+ before { mask.masquerade! }
52
59
 
53
- it { should redirect_to("/dashboard?color=red&masquerade=secure_key") }
54
- end # context
55
- end # context
56
-
57
- context '< Rails 5, and back' do
58
- before { get :back }
60
+ context 'show' do
61
+ context 'with http referrer' do
62
+ before do
63
+ @request.env['HTTP_REFERER'] = 'previous_location'
64
+ get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key }
65
+ end # before
59
66
 
60
- it { should redirect_to(masquerade_page) }
67
+ it { should redirect_to('previous_location') }
61
68
  end # context
62
69
 
63
- context '< Rails 5, and back fallback if http_referer not present' do
70
+ context 'no http referrer' do
64
71
  before do
65
- @request.env['HTTP_REFERER'] = 'previous_location'
66
- get :back
72
+ allow_any_instance_of(described_class).to(
73
+ receive(:after_masquerade_path_for).and_return("/dashboard?color=red"))
67
74
  end
68
75
 
69
- it { should redirect_to('previous_location') }
76
+ before { get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key } }
77
+
78
+ it { should redirect_to("/dashboard?color=red") }
70
79
  end # context
71
- end # describe
72
- end
80
+ end # context
81
+
82
+ context 'and back' do
83
+ before { get :back }
84
+
85
+ it { should redirect_to(masquerade_page) }
86
+ end # context
87
+
88
+ context 'and back fallback if http_referer not present' do
89
+ before do
90
+ @request.env['HTTP_REFERER'] = 'previous_location'
91
+ get :back
92
+ end
93
+
94
+ it { should redirect_to('previous_location') }
95
+ end # context
96
+ end # describe
73
97
  end
74
98
 
75
99
  context 'when not logged in' do
76
- before { get :show, :id => 'any_id' }
100
+ before { get :show, params: { id: 'any_id' } }
77
101
 
78
102
  it { should redirect_to(new_user_session_path) }
79
103
  end
@@ -1,42 +1,45 @@
1
1
  require 'spec_helper'
2
2
 
3
- describe MasqueradesController, type: :controller do
3
+ describe MasqueradesTestsController, type: :controller do
4
4
  before { @request.env['devise.mapping'] = Devise.mappings[:user] }
5
5
 
6
6
  context 'no access for masquerade' do
7
7
  before do
8
8
  session.clear
9
- allow_any_instance_of(MasqueradesController).to receive(:masquerade_authorized?) { false }
9
+ allow_any_instance_of(MasqueradesTestsController).to receive(:masquerade_authorized?) { false }
10
10
  end
11
11
 
12
12
  before { logged_in }
13
13
 
14
14
  let(:mask) { create(:user) }
15
15
 
16
- before { get :show, :id => mask.to_param }
16
+ before { mask.masquerade! }
17
+
18
+ before { get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key } }
17
19
 
18
20
  it { expect(response.status).to eq(403) }
19
21
  it { expect(session.keys).not_to include('devise_masquerade_user') }
20
- it { expect(session["warden.user.user.key"].first.first).not_to eq(mask.id) }
22
+ it { expect(session['warden.user.user.key'].first.first).not_to eq(mask.id) }
21
23
  end
22
24
 
23
25
  context 'access for masquerade' do
24
26
  before do
25
27
  session.clear
26
- allow_any_instance_of(MasqueradesController).to receive(:masquerade_authorized?) { true }
28
+ allow_any_instance_of(MasqueradesTestsController).to receive(:masquerade_authorized?) { true }
27
29
  end
28
30
 
29
31
  before { logged_in }
30
32
 
31
33
  let(:mask) { create(:user) }
32
34
 
35
+ before { mask.masquerade! }
36
+
33
37
  before do
34
- expect(SecureRandom).to receive(:urlsafe_base64) { "secure_key" }
35
- get :show, :id => mask.to_param
38
+ get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key }
36
39
  end
37
40
 
38
41
  it { expect(response.status).to eq(302) }
39
42
  it { expect(session.keys).to include('devise_masquerade_user') }
40
- it { expect(session["warden.user.user.key"].first.first).to eq(mask.id) }
43
+ it { expect(session['warden.user.user.key'].first.first).to eq(mask.id) }
41
44
  end
42
45
  end
@@ -1,6 +1,5 @@
1
1
  class Admin::DashboardController < ApplicationController
2
- before_filter :authenticate_admin_user!
3
- before_filter :masquerade_admin_user!
2
+ before_action :authenticate_admin_user!
4
3
 
5
4
  def index
6
5
  @users = Admin::User.where("admin_users.id != ?", current_admin_user.id).all
@@ -1,4 +1,6 @@
1
1
  class ApplicationController < ActionController::Base
2
+ before_action :masquerade!
3
+
2
4
  protect_from_forgery
3
5
  end
4
6
 
@@ -1,6 +1,5 @@
1
1
  class DashboardController < ApplicationController
2
- before_filter :authenticate_user!
3
- before_filter :masquerade_user!
2
+ before_action :authenticate_user!
4
3
 
5
4
  def index
6
5
  @users = User.where("users.id != ?", current_user.id).all
@@ -0,0 +1,7 @@
1
+ class MasqueradesTestsController < Devise::MasqueradesController
2
+ before_action :authenticate_user!
3
+
4
+ def show
5
+ super
6
+ end
7
+ end
@@ -0,0 +1,8 @@
1
+ class StudentsController < ApplicationController
2
+ before_action :authenticate_user!
3
+
4
+ def index
5
+ @students = Student.all
6
+ end
7
+ end
8
+
@@ -1,13 +1,6 @@
1
1
  class Admin::User < ActiveRecord::Base
2
- # Include default devise modules. Others available are:
3
- # :token_authenticatable, :confirmable,
4
- # :lockable, :timeoutable and :omniauthable
5
2
  devise :database_authenticatable, :registerable,
6
3
  :recoverable, :rememberable, :trackable, :validatable,
7
4
  :masqueradable
8
-
9
- # Setup accessible (or protected) attributes for your model
10
- attr_accessible :email, :password, :password_confirmation, :remember_me
11
- # attr_accessible :title, :body
12
5
  end
13
6
 
@@ -0,0 +1,3 @@
1
+ class Student < ActiveRecord::Base
2
+ devise :database_authenticatable, :validatable, :masqueradable
3
+ end
@@ -1,12 +1,3 @@
1
1
  class User < ActiveRecord::Base
2
- # Include default devise modules. Others available are:
3
- # :token_authenticatable, :confirmable,
4
- # :lockable, :timeoutable and :omniauthable
5
- devise :database_authenticatable, :registerable,
6
- :recoverable, :rememberable, :trackable, :validatable,
7
- :masqueradable
8
-
9
- # Setup accessible (or protected) attributes for your model
10
- attr_accessible :email, :password, :password_confirmation, :remember_me
11
- # attr_accessible :title, :body
2
+ devise :database_authenticatable, :validatable, :masqueradable
12
3
  end