devise_masquerade 0.6.4 → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of devise_masquerade might be problematic. Click here for more details.

Files changed (56) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +1 -2
  3. data/.ruby-version +1 -1
  4. data/.travis.yml +2 -4
  5. data/Gemfile +14 -10
  6. data/Gemfile.lock +303 -0
  7. data/Makefile +6 -1
  8. data/README.md +25 -1
  9. data/app/controllers/devise/masquerades_controller.rb +70 -54
  10. data/devise_masquerade.gemspec +4 -4
  11. data/features/back.feature +0 -1
  12. data/features/multiple_masquerading_models.feature +17 -0
  13. data/features/step_definitions/auth_steps.rb +1 -0
  14. data/features/step_definitions/back_steps.rb +18 -3
  15. data/features/support/env.rb +23 -4
  16. data/lib/devise_masquerade/controllers/helpers.rb +26 -7
  17. data/lib/devise_masquerade/controllers/url_helpers.rb +19 -4
  18. data/lib/devise_masquerade/models/masqueradable.rb +47 -0
  19. data/lib/devise_masquerade/models.rb +9 -0
  20. data/lib/devise_masquerade/rails.rb +14 -4
  21. data/lib/devise_masquerade/routes.rb +10 -8
  22. data/lib/devise_masquerade/version.rb +1 -1
  23. data/lib/devise_masquerade.rb +3 -9
  24. data/spec/controllers/admin/dashboard_controller_spec.rb +5 -4
  25. data/spec/controllers/dashboard_controller_spec.rb +4 -4
  26. data/spec/controllers/devise/masquerades_controller_spec.rb +60 -36
  27. data/spec/controllers/{masquerades_controller_spec.rb → masquerades_tests_controller_spec.rb} +11 -8
  28. data/spec/dummy/app/controllers/admin/dashboard_controller.rb +1 -2
  29. data/spec/dummy/app/controllers/application_controller.rb +2 -0
  30. data/spec/dummy/app/controllers/dashboard_controller.rb +1 -2
  31. data/spec/dummy/app/controllers/masquerades_tests_controller.rb +7 -0
  32. data/spec/dummy/app/controllers/students_controller.rb +8 -0
  33. data/spec/dummy/app/models/admin/user.rb +0 -7
  34. data/spec/dummy/app/models/student.rb +3 -0
  35. data/spec/dummy/app/models/user.rb +1 -10
  36. data/spec/dummy/app/views/admin/dashboard/index.html.erb +0 -2
  37. data/spec/dummy/app/views/dashboard/index.html.erb +0 -2
  38. data/spec/dummy/app/views/layouts/application.html.erb +7 -1
  39. data/spec/dummy/app/views/students/_student.html.erb +6 -0
  40. data/spec/dummy/app/views/students/index.html.erb +1 -0
  41. data/spec/dummy/app/views/users/_user.html.erb +1 -1
  42. data/spec/dummy/config/application.rb +2 -0
  43. data/spec/dummy/config/environment.rb +1 -0
  44. data/spec/dummy/config/routes.rb +6 -4
  45. data/spec/dummy/db/.gitignore +1 -0
  46. data/spec/dummy/db/migrate/20121119085620_devise_create_users.rb +1 -1
  47. data/spec/dummy/db/migrate/20140418160449_create_admin_users.rb +1 -1
  48. data/spec/dummy/db/migrate/20191022100000_create_students.rb +14 -0
  49. data/spec/dummy/db/schema.rb +37 -31
  50. data/spec/models/user_spec.rb +1 -1
  51. data/spec/orm/active_record.rb +5 -2
  52. data/spec/spec_helper.rb +3 -3
  53. data/spec/support/factories.rb +13 -9
  54. metadata +31 -16
  55. data/lib/devise_masquerade/model.rb +0 -42
  56. data/spec/dummy/app/controllers/masquerades_controller.rb +0 -5
@@ -0,0 +1,17 @@
1
+ Feature: Use various models for masquerading
2
+ In order to use various models for masquerading
3
+ As an masquerade user
4
+ I want to be able to press press masquerade as link for different models
5
+
6
+ Scenario: Use masquerade button on student and user models
7
+ Given I logged in
8
+ And I have a user for masquerade
9
+ And I have a student for masquerade
10
+
11
+ When I am on the users page
12
+ And I login as one user
13
+ Then I should be login as this user
14
+
15
+ When I am on the students page
16
+ And I login as one student
17
+ Then I should be login as this student
@@ -8,3 +8,4 @@ Given /^I logged in$/ do
8
8
 
9
9
  click_on 'Log in'
10
10
  end
11
+
@@ -1,5 +1,5 @@
1
1
  Given /^I have a user for masquerade$/ do
2
- @mask = create(:user)
2
+ @user_mask = create(:user)
3
3
  end
4
4
 
5
5
  When /^I am on the users page$/ do
@@ -7,11 +7,11 @@ When /^I am on the users page$/ do
7
7
  end
8
8
 
9
9
  When /^I login as one user$/ do
10
- click_on "Login as"
10
+ find('.login_as').click
11
11
  end
12
12
 
13
13
  Then /^I should be login as this user$/ do
14
- find('.current_user').should have_content(@mask.email)
14
+ find('.current_user').should have_content(@user_mask.email)
15
15
  end
16
16
 
17
17
  When /^I press back masquerade button$/ do
@@ -22,3 +22,18 @@ Then /^I should be login as owner user$/ do
22
22
  find('.current_user').should have_content(@user.email)
23
23
  end
24
24
 
25
+ Given /^I have a student for masquerade$/ do
26
+ @student_mask = create(:student)
27
+ end
28
+
29
+ When /^I am on the students page$/ do
30
+ visit '/students'
31
+ end
32
+
33
+ When /^I login as one student$/ do
34
+ find('.login_as').click
35
+ end
36
+
37
+ Then /^I should be login as this student$/ do
38
+ find('.current_student').should have_content(@student_mask.email)
39
+ end
@@ -1,5 +1,5 @@
1
1
  require 'cucumber/rails'
2
- require 'factory_girl'
2
+ require 'factory_bot'
3
3
  require 'database_cleaner'
4
4
  require 'cucumber/rspec/doubles'
5
5
 
@@ -9,9 +9,11 @@ ENV["RAILS_ENV"] = "test"
9
9
 
10
10
  Capybara.default_selector = :css
11
11
 
12
- ActionController::Base.allow_rescue = false
12
+ ActiveSupport.on_load(:action_controller) do
13
+ self.allow_rescue = false
14
+ end
13
15
 
14
- World(FactoryGirl::Syntax::Methods)
16
+ World(FactoryBot::Syntax::Methods)
15
17
 
16
18
  begin
17
19
  DatabaseCleaner.strategy = :transaction
@@ -20,7 +22,24 @@ rescue NameError
20
22
  end
21
23
 
22
24
  Cucumber::Rails::Database.javascript_strategy = :truncation
23
- Capybara.javascript_driver = :webkit
25
+
26
+ Capybara.register_driver :chrome do |app|
27
+ Capybara::Selenium::Driver.new(app, browser: :chrome)
28
+ end
29
+
30
+ Capybara.register_driver :headless_chrome do |app|
31
+ caps = Selenium::WebDriver::Remote::Capabilities.chrome(loggingPrefs: { browser: 'ALL' })
32
+ opts = Selenium::WebDriver::Chrome::Options.new
33
+
34
+ chrome_args = %w[--headless --window-size=1920,1080 --no-sandbox --disable-dev-shm-usage]
35
+ chrome_args.each { |arg| opts.add_argument(arg) }
36
+ Capybara::Selenium::Driver.new(app, browser: :chrome, options: opts, desired_capabilities: caps)
37
+ end
38
+
39
+ Capybara.configure do |config|
40
+ # change this to :chrome to observe tests in a real browser
41
+ config.javascript_driver = :headless_chrome
42
+ end
24
43
 
25
44
  Before do
26
45
  allow_any_instance_of(DeviseController).to receive(:devise_mapping) { Devise.mappings[:user] }
@@ -6,13 +6,34 @@ module DeviseMasquerade
6
6
  class_name = mapping.class_name
7
7
 
8
8
  class_eval <<-METHODS, __FILE__, __LINE__ + 1
9
+ def masquerade!
10
+ return if params["#{Devise.masquerade_param}"].blank?
11
+
12
+ klass = unless params[:masqueraded_resource_class].blank?
13
+ params[:masqueraded_resource_class].constantize
14
+ else
15
+ if Devise.masqueraded_resource_class
16
+ Devise.masqueraded_resource_class
17
+ elsif defined?(User)
18
+ User
19
+ end
20
+ end
21
+ return unless klass
22
+
23
+ resource = klass.find_by_masquerade_key(params["#{Devise.masquerade_param}"]).first
24
+
25
+ if resource
26
+ masquerade_sign_in(resource)
27
+ end
28
+ end
29
+
9
30
  def masquerade_#{name}!
10
31
  return if params["#{Devise.masquerade_param}"].blank?
11
32
 
12
- #{name} = ::#{class_name}.find_by_masquerade_key(params["#{Devise.masquerade_param}"])
33
+ resource = ::#{class_name}.find_by_masquerade_key(params["#{Devise.masquerade_param}"]).first
13
34
 
14
- if #{name}
15
- masquerade_sign_in(#{name})
35
+ if resource
36
+ masquerade_sign_in(resource)
16
37
  end
17
38
  end
18
39
 
@@ -22,7 +43,7 @@ module DeviseMasquerade
22
43
 
23
44
  def #{name}_masquerade_owner
24
45
  return nil unless send(:#{name}_masquerade?)
25
- ::#{class_name}.to_adapter.find_first(:id => session[:"devise_masquerade_#{name}"])
46
+ ::#{class_name}.to_adapter.find_first(id: session[:"devise_masquerade_#{name}"])
26
47
  end
27
48
 
28
49
  private
@@ -32,7 +53,7 @@ module DeviseMasquerade
32
53
  if respond_to?(:bypass_sign_in)
33
54
  bypass_sign_in(resource)
34
55
  else
35
- sign_in(resource, :bypass => true)
56
+ sign_in(resource, bypass: true)
36
57
  end
37
58
  else
38
59
  sign_in(resource)
@@ -50,5 +71,3 @@ module DeviseMasquerade
50
71
  end
51
72
  end
52
73
  end
53
-
54
- ActionController::Base.send(:include, DeviseMasquerade::Controllers::Helpers)
@@ -1,16 +1,31 @@
1
+ require 'securerandom'
2
+
1
3
  module DeviseMasquerade
2
4
  module Controllers
5
+
3
6
  module UrlHelpers
4
- def masquerade_path(resource)
7
+ def masquerade_path(resource, *args)
5
8
  scope = Devise::Mapping.find_scope!(resource)
6
- send("#{scope}_masquerade_path", resource)
9
+
10
+ opts = args.first || {}
11
+ opts.merge!(masqueraded_resource_class: resource.class.name)
12
+
13
+ resource.masquerade!
14
+ opts.merge!(Devise.masquerade_param => resource.masquerade_key)
15
+
16
+ send("#{scope}_masquerade_path", resource, opts, *args)
7
17
  end
8
18
 
9
- def back_masquerade_path(resource)
19
+ def back_masquerade_path(resource, *args)
10
20
  scope = Devise::Mapping.find_scope!(resource)
11
- send("back_#{scope}_masquerade_index_path")
21
+
22
+ opts = args.first || {}
23
+ opts.merge!(masqueraded_resource_class: resource.class.name)
24
+
25
+ send("back_#{scope}_masquerade_index_path", opts, *args)
12
26
  end
13
27
  end
28
+
14
29
  end
15
30
  end
16
31
 
@@ -0,0 +1,47 @@
1
+ module DeviseMasquerade
2
+ module Models
3
+ module Masqueradable
4
+ extend ActiveSupport::Concern
5
+
6
+ included do
7
+ attr_reader :masquerade_key
8
+
9
+ def masquerade!
10
+ @masquerade_key = SecureRandom.urlsafe_base64(
11
+ Devise.masquerade_key_size)
12
+ cache_key = self.class.cache_masquerade_key_by(@masquerade_key)
13
+ ::Rails.cache.write(
14
+ cache_key, id, expires_in: Devise.masquerade_expires_in)
15
+ end
16
+ end
17
+
18
+ module ClassMethods
19
+ def cache_masquerade_key_by(key)
20
+ "#{self.name.pluralize.underscore}:#{key}:masquerade"
21
+ end
22
+
23
+ def remove_masquerade_key!(key)
24
+ ::Rails.cache.delete(cache_masquerade_key_by(key))
25
+ end
26
+
27
+ def find_by_masquerade_key(key)
28
+ id = ::Rails.cache.read(cache_masquerade_key_by(key))
29
+
30
+ # clean up the cached masquerade key value
31
+ remove_masquerade_key!(key)
32
+
33
+ where(id: id)
34
+ end
35
+
36
+ def find_by_masquerade_key(key)
37
+ id = ::Rails.cache.read(cache_masquerade_key_by(key))
38
+
39
+ # clean up the cached masquerade key value
40
+ remove_masquerade_key!(key)
41
+
42
+ where(id: id)
43
+ end
44
+ end # ClassMethods
45
+ end
46
+ end
47
+ end
@@ -0,0 +1,9 @@
1
+ require 'devise_masquerade/models/masqueradable'
2
+
3
+ module DeviseMasquerade
4
+ module Models
5
+
6
+ end
7
+ end
8
+
9
+ Devise::Models.send :include, DeviseMasquerade::Models
@@ -1,7 +1,17 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module DeviseMasquerade
2
- class Engine < ::Rails::Engine
3
- ActiveSupport.on_load(:action_controller) { include DeviseMasquerade::Controllers::UrlHelpers }
4
- ActiveSupport.on_load(:action_view) { include DeviseMasquerade::Controllers::UrlHelpers }
4
+ module Rails
5
+
6
+ class Engine < ::Rails::Engine
7
+ initializer "devise.url_helpers" do
8
+ Devise.include_helpers(DeviseMasquerade::Controllers)
9
+ end
10
+
11
+ ActiveSupport.on_load(:action_controller) do
12
+ include DeviseMasquerade::Controllers::Helpers
13
+ end
14
+ end
15
+
5
16
  end
6
17
  end
7
-
@@ -1,17 +1,19 @@
1
- module ActionDispatch::Routing
2
- class Mapper
3
-
4
- protected
1
+ module DeviseMasquerade
2
+ module Routes
5
3
 
6
4
  def devise_masquerade(mapping, controllers)
7
5
  resources :masquerade,
8
- :only => :show,
9
- :path => mapping.path_names[:masquerade],
10
- :controller => controllers[:masquerades] do
6
+ only: :show,
7
+ path: mapping.path_names[:masquerade],
8
+ controller: controllers[:masquerades] do
11
9
 
12
- get :back, :on => :collection
10
+ collection do
11
+ get :back
12
+ end
13
13
  end
14
14
  end
15
+
15
16
  end
16
17
  end
17
18
 
19
+ ActionDispatch::Routing::Mapper.send :include, DeviseMasquerade::Routes
@@ -1,3 +1,3 @@
1
1
  module DeviseMasquerade
2
- VERSION = '0.6.4'.freeze
2
+ VERSION = '1.2.0'.freeze
3
3
  end
@@ -1,22 +1,16 @@
1
1
  require 'devise'
2
-
3
- require 'action_controller'
4
- require 'action_controller/base'
5
2
  require 'devise_masquerade/version'
6
3
  require 'devise_masquerade/routes'
7
4
  require 'devise_masquerade/controllers/helpers'
8
5
  require 'devise_masquerade/controllers/url_helpers'
9
6
  require 'devise_masquerade/rails'
10
7
 
11
- module DeviseMasquerade
12
- end
13
-
14
8
  module Devise
15
9
  mattr_accessor :masquerade_param
16
10
  @@masquerade_param = 'masquerade'
17
11
 
18
12
  mattr_accessor :masquerade_expires_in
19
- @@masquerade_expires_in = 10.seconds
13
+ @@masquerade_expires_in = 1.minute
20
14
 
21
15
  mattr_accessor :masquerade_key_size
22
16
  @@masquerade_key_size = 16
@@ -42,5 +36,5 @@ module Devise
42
36
  @@helpers << DeviseMasquerade::Controllers::Helpers
43
37
  end
44
38
 
45
- Devise.add_module :masqueradable, :controller => :masquerades,
46
- :model => 'devise_masquerade/model', :route => :masquerade
39
+ Devise.add_module :masqueradable, controller: :masquerades,
40
+ model: 'devise_masquerade/models', route: :masquerade
@@ -5,14 +5,15 @@ describe Admin::DashboardController, type: :controller do
5
5
  before { admin_logged_in }
6
6
 
7
7
  context 'and admin masquerade by user' do
8
- let!(:user) { create(:admin_user) }
8
+ let!(:mask) { create(:admin_user) }
9
9
 
10
10
  before do
11
- user.masquerade!
12
- get :index, :masquerade => user.masquerade_key
11
+ mask.masquerade!
12
+
13
+ get :index, params: { masquerade: mask.masquerade_key, masqueraded_resource_class: 'Admin::User' }
13
14
  end
14
15
 
15
- it { expect(current_admin_user.reload).to eq(user) }
16
+ it { expect(current_admin_user.reload).to eq(mask) }
16
17
  end
17
18
  end
18
19
  end
@@ -5,15 +5,15 @@ describe DashboardController, type: :controller do
5
5
  before { logged_in }
6
6
 
7
7
  context 'and admin masquerade by user' do
8
- let!(:user) { create(:user) }
8
+ let!(:mask) { create(:user) }
9
9
 
10
10
  before do
11
- user.masquerade!
11
+ mask.masquerade!
12
12
 
13
- get :index, :masquerade => user.masquerade_key
13
+ get :index, params: { masquerade: mask.masquerade_key }
14
14
  end
15
15
 
16
- it { expect(current_user.reload).to eq(user) }
16
+ it { expect(current_user.reload).to eq(mask) }
17
17
  end
18
18
  end
19
19
  end
@@ -7,17 +7,36 @@ describe Devise::MasqueradesController, type: :controller do
7
7
  context 'when logged in' do
8
8
  before { logged_in }
9
9
 
10
+ context 'with masqueradable_class param' do
11
+ let(:mask) { create(:student) }
12
+
13
+ before { mask.masquerade! }
14
+
15
+ before do
16
+ get :show, params: { id: mask.to_param, masqueraded_resource_class: mask.class.name, masquerade: mask.masquerade_key }
17
+ end
18
+
19
+ it { expect(session.keys).to include('devise_masquerade_student') }
20
+
21
+ it 'should have warden keys defined' do
22
+ expect(session["warden.user.student.key"].first.first).to eq(mask.id)
23
+ end
24
+
25
+ it { should redirect_to('/') }
26
+ end
27
+
10
28
  describe '#masquerade user' do
11
29
  let(:mask) { create(:user) }
12
30
 
31
+ before { mask.masquerade! }
32
+
13
33
  before do
14
- expect(SecureRandom).to receive(:urlsafe_base64) { "secure_key" }
15
- get :show, :id => mask.to_param
34
+ get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key }
16
35
  end
17
36
 
18
37
  it { expect(session.keys).to include('devise_masquerade_user') }
19
38
  it { expect(session["warden.user.user.key"].first.first).to eq(mask.id) }
20
- it { should redirect_to("/?masquerade=secure_key") }
39
+ it { should redirect_to('/') }
21
40
 
22
41
  context 'and back' do
23
42
  before { get :back }
@@ -26,54 +45,59 @@ describe Devise::MasqueradesController, type: :controller do
26
45
  it { expect(current_user.reload).to eq(@user) }
27
46
  it { expect(session.keys).not_to include('devise_masquerade_user') }
28
47
  end
48
+ end
29
49
 
30
- # Configure masquerade_routes_back setting
31
- describe 'config#masquerade_routes_back' do
32
- before { Devise.setup {|c| c.masquerade_routes_back = true } }
33
-
34
- context 'show' do
35
- before { expect(SecureRandom).to receive(:urlsafe_base64) { "secure_key" } }
36
-
37
- context '< Rails 5 version' do
38
- before do
39
- @request.env['HTTP_REFERER'] = 'previous_location'
40
- get :show, id: mask.to_param
41
- end # before
50
+ # Configure masquerade_routes_back setting
51
+ describe 'config#masquerade_routes_back' do
52
+ let(:mask) { create(:user) }
42
53
 
43
- it { should redirect_to('previous_location') }
44
- end # context
54
+ before { Devise.setup { |c| c.masquerade_routes_back = true } }
45
55
 
46
- context '< Rails 5, fallback if http_referer not present' do
47
- before do
48
- allow_any_instance_of(described_class).to receive(:after_masquerade_path_for).and_return("/dashboard?color=red")
49
- end
56
+ after { Devise.masquerade_routes_back = false }
50
57
 
51
- before { get :show, id: mask.to_param }
58
+ before { mask.masquerade! }
52
59
 
53
- it { should redirect_to("/dashboard?color=red&masquerade=secure_key") }
54
- end # context
55
- end # context
56
-
57
- context '< Rails 5, and back' do
58
- before { get :back }
60
+ context 'show' do
61
+ context 'with http referrer' do
62
+ before do
63
+ @request.env['HTTP_REFERER'] = 'previous_location'
64
+ get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key }
65
+ end # before
59
66
 
60
- it { should redirect_to(masquerade_page) }
67
+ it { should redirect_to('previous_location') }
61
68
  end # context
62
69
 
63
- context '< Rails 5, and back fallback if http_referer not present' do
70
+ context 'no http referrer' do
64
71
  before do
65
- @request.env['HTTP_REFERER'] = 'previous_location'
66
- get :back
72
+ allow_any_instance_of(described_class).to(
73
+ receive(:after_masquerade_path_for).and_return("/dashboard?color=red"))
67
74
  end
68
75
 
69
- it { should redirect_to('previous_location') }
76
+ before { get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key } }
77
+
78
+ it { should redirect_to("/dashboard?color=red") }
70
79
  end # context
71
- end # describe
72
- end
80
+ end # context
81
+
82
+ context 'and back' do
83
+ before { get :back }
84
+
85
+ it { should redirect_to(masquerade_page) }
86
+ end # context
87
+
88
+ context 'and back fallback if http_referer not present' do
89
+ before do
90
+ @request.env['HTTP_REFERER'] = 'previous_location'
91
+ get :back
92
+ end
93
+
94
+ it { should redirect_to('previous_location') }
95
+ end # context
96
+ end # describe
73
97
  end
74
98
 
75
99
  context 'when not logged in' do
76
- before { get :show, :id => 'any_id' }
100
+ before { get :show, params: { id: 'any_id' } }
77
101
 
78
102
  it { should redirect_to(new_user_session_path) }
79
103
  end
@@ -1,42 +1,45 @@
1
1
  require 'spec_helper'
2
2
 
3
- describe MasqueradesController, type: :controller do
3
+ describe MasqueradesTestsController, type: :controller do
4
4
  before { @request.env['devise.mapping'] = Devise.mappings[:user] }
5
5
 
6
6
  context 'no access for masquerade' do
7
7
  before do
8
8
  session.clear
9
- allow_any_instance_of(MasqueradesController).to receive(:masquerade_authorized?) { false }
9
+ allow_any_instance_of(MasqueradesTestsController).to receive(:masquerade_authorized?) { false }
10
10
  end
11
11
 
12
12
  before { logged_in }
13
13
 
14
14
  let(:mask) { create(:user) }
15
15
 
16
- before { get :show, :id => mask.to_param }
16
+ before { mask.masquerade! }
17
+
18
+ before { get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key } }
17
19
 
18
20
  it { expect(response.status).to eq(403) }
19
21
  it { expect(session.keys).not_to include('devise_masquerade_user') }
20
- it { expect(session["warden.user.user.key"].first.first).not_to eq(mask.id) }
22
+ it { expect(session['warden.user.user.key'].first.first).not_to eq(mask.id) }
21
23
  end
22
24
 
23
25
  context 'access for masquerade' do
24
26
  before do
25
27
  session.clear
26
- allow_any_instance_of(MasqueradesController).to receive(:masquerade_authorized?) { true }
28
+ allow_any_instance_of(MasqueradesTestsController).to receive(:masquerade_authorized?) { true }
27
29
  end
28
30
 
29
31
  before { logged_in }
30
32
 
31
33
  let(:mask) { create(:user) }
32
34
 
35
+ before { mask.masquerade! }
36
+
33
37
  before do
34
- expect(SecureRandom).to receive(:urlsafe_base64) { "secure_key" }
35
- get :show, :id => mask.to_param
38
+ get :show, params: { id: mask.to_param, masquerade: mask.masquerade_key }
36
39
  end
37
40
 
38
41
  it { expect(response.status).to eq(302) }
39
42
  it { expect(session.keys).to include('devise_masquerade_user') }
40
- it { expect(session["warden.user.user.key"].first.first).to eq(mask.id) }
43
+ it { expect(session['warden.user.user.key'].first.first).to eq(mask.id) }
41
44
  end
42
45
  end
@@ -1,6 +1,5 @@
1
1
  class Admin::DashboardController < ApplicationController
2
- before_filter :authenticate_admin_user!
3
- before_filter :masquerade_admin_user!
2
+ before_action :authenticate_admin_user!
4
3
 
5
4
  def index
6
5
  @users = Admin::User.where("admin_users.id != ?", current_admin_user.id).all
@@ -1,4 +1,6 @@
1
1
  class ApplicationController < ActionController::Base
2
+ before_action :masquerade!
3
+
2
4
  protect_from_forgery
3
5
  end
4
6
 
@@ -1,6 +1,5 @@
1
1
  class DashboardController < ApplicationController
2
- before_filter :authenticate_user!
3
- before_filter :masquerade_user!
2
+ before_action :authenticate_user!
4
3
 
5
4
  def index
6
5
  @users = User.where("users.id != ?", current_user.id).all
@@ -0,0 +1,7 @@
1
+ class MasqueradesTestsController < Devise::MasqueradesController
2
+ before_action :authenticate_user!
3
+
4
+ def show
5
+ super
6
+ end
7
+ end
@@ -0,0 +1,8 @@
1
+ class StudentsController < ApplicationController
2
+ before_action :authenticate_user!
3
+
4
+ def index
5
+ @students = Student.all
6
+ end
7
+ end
8
+
@@ -1,13 +1,6 @@
1
1
  class Admin::User < ActiveRecord::Base
2
- # Include default devise modules. Others available are:
3
- # :token_authenticatable, :confirmable,
4
- # :lockable, :timeoutable and :omniauthable
5
2
  devise :database_authenticatable, :registerable,
6
3
  :recoverable, :rememberable, :trackable, :validatable,
7
4
  :masqueradable
8
-
9
- # Setup accessible (or protected) attributes for your model
10
- attr_accessible :email, :password, :password_confirmation, :remember_me
11
- # attr_accessible :title, :body
12
5
  end
13
6
 
@@ -0,0 +1,3 @@
1
+ class Student < ActiveRecord::Base
2
+ devise :database_authenticatable, :validatable, :masqueradable
3
+ end
@@ -1,12 +1,3 @@
1
1
  class User < ActiveRecord::Base
2
- # Include default devise modules. Others available are:
3
- # :token_authenticatable, :confirmable,
4
- # :lockable, :timeoutable and :omniauthable
5
- devise :database_authenticatable, :registerable,
6
- :recoverable, :rememberable, :trackable, :validatable,
7
- :masqueradable
8
-
9
- # Setup accessible (or protected) attributes for your model
10
- attr_accessible :email, :password, :password_confirmation, :remember_me
11
- # attr_accessible :title, :body
2
+ devise :database_authenticatable, :validatable, :masqueradable
12
3
  end