RubyGems - devise_security_extension - Versions diffs - 0.3.4 → 0.3.5 - Mend

devise_security_extension 0.3.4 → 0.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

data/Gemfile.lock +26 -63
data/VERSION +1 -1
data/app/controllers/devise/password_expired_controller.rb +1 -1
data/config/locales/en.yml +2 -2
data/devise_security_extension.gemspec +3 -3
data/lib/devise_security_extension/controllers/helpers.rb +11 -4
data/lib/devise_security_extension/hooks/password_expirable.rb +3 -1
data/lib/devise_security_extension/models/password_archivable.rb +5 -1
data/lib/devise_security_extension/models/secure_validatable.rb +2 -2
data/lib/devise_security_extension/schema.rb +1 -1
metadata +62 -67

data/Gemfile.lock CHANGED

@@ -1,83 +1,46 @@
 GEM
   remote: http://rubygems.org/
   specs:
-    abstract (1.0.0)
-    actionmailer (3.0.3)
-      actionpack (= 3.0.3)
-      mail (~> 2.2.9)
-    actionpack (3.0.3)
-      activemodel (= 3.0.3)
-      activesupport (= 3.0.3)
+    actionmailer (0.6.1)
+      actionpack (>= 0.9.5)
+    actionpack (1.4.0)
+    activemodel (3.0.7)
+      activesupport (= 3.0.7)
       builder (~> 2.1.2)
-      erubis (~> 2.6.6)
-      i18n (~> 0.4)
-      rack (~> 1.2.1)
-      rack-mount (~> 0.6.13)
-      rack-test (~> 0.5.6)
-      tzinfo (~> 0.3.23)
-    activemodel (3.0.3)
-      activesupport (= 3.0.3)
-      builder (~> 2.1.2)
-      i18n (~> 0.4)
-    activerecord (3.0.3)
-      activemodel (= 3.0.3)
-      activesupport (= 3.0.3)
+      i18n (~> 0.5.0)
+    activerecord (3.0.7)
+      activemodel (= 3.0.7)
+      activesupport (= 3.0.7)
       arel (~> 2.0.2)
       tzinfo (~> 0.3.23)
-    activeresource (3.0.3)
-      activemodel (= 3.0.3)
-      activesupport (= 3.0.3)
-    activesupport (3.0.3)
-    arel (2.0.7)
+    activesupport (3.0.7)
+    arel (2.0.10)
     bcrypt-ruby (2.1.4)
     builder (2.1.2)
-    devise (1.1.5)
+    devise (1.3.4)
       bcrypt-ruby (~> 2.1.2)
-      warden (~> 1.0.2)
-    erubis (2.6.6)
-      abstract (>= 1.0.0)
+      orm_adapter (~> 0.0.3)
+      warden (~> 1.0.3)
     git (1.2.5)
     i18n (0.5.0)
     jeweler (1.5.2)
       bundler (~> 1.0.0)
       git (>= 1.2.5)
       rake
-    mail (2.2.15)
-      activesupport (>= 2.3.6)
-      i18n (>= 0.4.0)
-      mime-types (~> 1.16)
-      treetop (~> 1.4.8)
-    mime-types (1.16)
-    polyglot (0.3.1)
-    rack (1.2.1)
-    rack-mount (0.6.13)
-      rack (>= 1.0.0)
-    rack-test (0.5.7)
-      rack (>= 1.0)
-    rails (3.0.3)
-      actionmailer (= 3.0.3)
-      actionpack (= 3.0.3)
-      activerecord (= 3.0.3)
-      activeresource (= 3.0.3)
-      activesupport (= 3.0.3)
-      bundler (~> 1.0)
-      railties (= 3.0.3)
-    rails_email_validator (0.1.1)
+    orm_adapter (0.0.5)
+    rack (1.3.0)
+    rails (0.9.5)
+      actionmailer (>= 0.6.1)
+      actionpack (>= 1.4.0)
+      activerecord (>= 1.6.0)
+      rake (>= 0.4.15)
+    rails_email_validator (0.1.4)
       activemodel (>= 3.0.0)
-      activemodel (>= 3.0.0)
-    railties (3.0.3)
-      actionpack (= 3.0.3)
-      activesupport (= 3.0.3)
-      rake (>= 0.8.7)
-      thor (~> 0.14.4)
-    rake (0.8.7)
+    rake (0.9.1)
     rcov (0.9.9)
-    thor (0.14.6)
-    treetop (1.4.9)
-      polyglot (>= 0.3.1)
-    tzinfo (0.3.24)
-    warden (1.0.3)
-      rack (>= 1.0.0)
+    tzinfo (0.3.27)
+    warden (1.0.4)
+      rack (>= 1.0)
 PLATFORMS
   ruby

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 0.3.4
1	+ 0.3.5

data/app/controllers/devise/password_expired_controller.rb CHANGED

@@ -4,7 +4,7 @@ class Devise::PasswordExpiredController < ApplicationController
   include Devise::Controllers::InternalHelpers
   def show
-    if resource.need_change_password?
+    if not resource.nil? and resource.need_change_password?
       render_with_scope :show
     else
       redirect_to :root

data/config/locales/en.yml CHANGED

@@ -1,5 +1,5 @@
 en:
   devise:
     password_expired:
-      updated: Yout new password is saved
-      change_required: You password is expired. Please renew your password!
+      updated: Your new password is saved
+      change_required: Your password is expired. Please renew your password!

data/devise_security_extension.gemspec CHANGED

@@ -5,11 +5,11 @@
 Gem::Specification.new do |s|
   s.name = %q{devise_security_extension}
-  s.version = "0.3.4"
+  s.version = "0.3.5"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Marco Scholl"]
-  s.date = %q{2011-03-09}
+  s.date = %q{2011-06-01}
   s.description = %q{a gem for extend devise for more password security}
   s.email = %q{team@phatworx.de}
   s.extra_rdoc_files = [
@@ -47,7 +47,7 @@ Gem::Specification.new do |s|
   s.homepage = %q{http://github.com/phatworx/devise_security_extension}
   s.licenses = ["MIT"]
   s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.5.0}
+  s.rubygems_version = %q{1.6.2}
   s.summary = %q{an security extension for devise}
   s.test_files = [
     "test/helper.rb",

data/lib/devise_security_extension/controllers/helpers.rb CHANGED

@@ -14,12 +14,12 @@ module DeviseSecurityExtension
         # lookup if an password change needed
         def handle_password_change
-          Devise.mappings.keys.flatten.any? do |scope|
-            if signed_in? scope
-              if warden.session(scope)[:password_expired]
+          if not devise_controller? and not ignore_password_expire? and not request.format.nil? and request.format.html?
+            Devise.mappings.keys.flatten.any? do |scope|
+              if signed_in?(scope) and warden.session(scope)[:password_expired]
                 session["#{scope}_return_to"] = request.path if request.get?
                 redirect_for_password_change scope
-                break
+                return
               end
             end
           end
@@ -36,6 +36,13 @@ module DeviseSecurityExtension
           change_path = "#{scope}_password_expired_path"
           send(change_path)
         end
+        protected
+        # allow to overwrite for some special handlings
+        def ignore_password_expire?
+          false
+        end
       end
     end

data/lib/devise_security_extension/hooks/password_expirable.rb CHANGED

@@ -1,3 +1,5 @@
 Warden::Manager.after_authentication do |record, warden, options|
-  warden.session(options[:scope])[:password_expired] = record.need_change_password?
+  if record.respond_to?(:need_change_password?)
+    warden.session(options[:scope])[:password_expired] = record.need_change_password?
+  end
 end

data/lib/devise_security_extension/models/password_archivable.rb CHANGED

@@ -49,7 +49,11 @@ module Devise # :nodoc:
         def archive_password
           if self.encrypted_password_changed?
             if self.class.password_archiving_count.to_i > 0
-              self.old_passwords.create! :encrypted_password => self.encrypted_password_change.first, :password_salt => self.password_salt_change.first
+              if self.password_salt_change.nil?
+                self.old_passwords.create! :encrypted_password => self.encrypted_password_change.first
+              else
+                self.old_passwords.create! :encrypted_password => self.encrypted_password_change.first, :password_salt => self.password_salt_change.first
+              end
               self.old_passwords.order('created_at DESC').offset(self.class.password_archiving_count).destroy_all
             else
               self.old_passwords.destroy_all

data/lib/devise_security_extension/models/secure_validatable.rb CHANGED

@@ -38,10 +38,10 @@ module Devise
       end
       def current_equal_password_validation
-        unless self.encrypted_password_change.nil?
+        if not self.new_record? and not self.encrypted_password_change.nil?
           dummy = self.class.new
           dummy.encrypted_password = self.encrypted_password_change.first
-          dummy.password_salt = self.password_salt_change.first
+          dummy.password_salt = self.password_salt_change.first if self.respond_to? :password_salt_change and not self.password_salt_change.nil?
           self.errors.add(:password, :equal_to_current_password) if dummy.valid_password?(self.password)
         end
       end

data/lib/devise_security_extension/schema.rb CHANGED

@@ -31,7 +31,7 @@ module DeviseSecurityExtension
     #
     def password_archivable
       apply_devise_schema :encrypted_password, String, :limit => 128, :null => false
-      apply_devise_schema :password_salt, String, :null => false
+      apply_devise_schema :password_salt, String
       apply_devise_schema :password_archivable_id, Integer, :null => false
       apply_devise_schema :password_archivable_type, String, :null => false
       apply_devise_schema :created_at, DateTime

metadata CHANGED

@@ -1,94 +1,91 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: devise_security_extension
-version: !ruby/object:Gem::Version
+version: !ruby/object:Gem::Version
+  version: 0.3.5
   prerelease:
-  version: 0.3.4
 platform: ruby
-authors:
+authors:
 - Marco Scholl
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-03-09 00:00:00 +01:00
+date: 2011-06-01 00:00:00.000000000 +02:00
 default_executable:
-dependencies:
-- !ruby/object:Gem::Dependency
+dependencies:
+- !ruby/object:Gem::Dependency
   name: rails
-  requirement: &id001 !ruby/object:Gem::Requirement
+  requirement: &19711100 !ruby/object:Gem::Requirement
     none: false
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency
+  version_requirements: *19711100
+- !ruby/object:Gem::Dependency
   name: devise
-  requirement: &id002 !ruby/object:Gem::Requirement
+  requirement: &19710620 !ruby/object:Gem::Requirement
     none: false
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *id002
-- !ruby/object:Gem::Dependency
+  version_requirements: *19710620
+- !ruby/object:Gem::Dependency
   name: rails_email_validator
-  requirement: &id003 !ruby/object:Gem::Requirement
+  requirement: &19710140 !ruby/object:Gem::Requirement
     none: false
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *id003
-- !ruby/object:Gem::Dependency
+  version_requirements: *19710140
+- !ruby/object:Gem::Dependency
   name: bundler
-  requirement: &id004 !ruby/object:Gem::Requirement
+  requirement: &19709660 !ruby/object:Gem::Requirement
     none: false
-    requirements:
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version
+      - !ruby/object:Gem::Version
         version: 1.0.0
   type: :development
   prerelease: false
-  version_requirements: *id004
-- !ruby/object:Gem::Dependency
+  version_requirements: *19709660
+- !ruby/object:Gem::Dependency
   name: jeweler
-  requirement: &id005 !ruby/object:Gem::Requirement
+  requirement: &19709180 !ruby/object:Gem::Requirement
     none: false
-    requirements:
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version
+      - !ruby/object:Gem::Version
         version: 1.5.2
   type: :development
   prerelease: false
-  version_requirements: *id005
-- !ruby/object:Gem::Dependency
+  version_requirements: *19709180
+- !ruby/object:Gem::Dependency
   name: rcov
-  requirement: &id006 !ruby/object:Gem::Requirement
+  requirement: &19708700 !ruby/object:Gem::Requirement
     none: false
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
   prerelease: false
-  version_requirements: *id006
+  version_requirements: *19708700
 description: a gem for extend devise for more password security
 email: team@phatworx.de
 executables: []
 extensions: []
-extra_rdoc_files:
+extra_rdoc_files:
 - LICENSE.txt
 - README.rdoc
-files:
+files:
 - .document
 - Gemfile
 - Gemfile.lock
@@ -117,35 +114,33 @@ files:
 - test/test_devise_security_extension.rb
 has_rdoc: true
 homepage: http://github.com/phatworx/devise_security_extension
-licenses:
+licenses:
 - MIT
 post_install_message:
 rdoc_options: []
-require_paths:
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      hash: -4027383644345550227
-      segments:
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
       - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement
+      hash: 2051468966150928992
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 1.5.0
+rubygems_version: 1.6.2
 signing_key:
 specification_version: 3
 summary: an security extension for devise
-test_files:
+test_files:
 - test/helper.rb
 - test/test_devise_security_extension.rb