RubyGems - devise_token_auth_skycocker_fork - Versions diffs - 1.0.0 - Mend

devise_token_auth_skycocker_fork 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (167) hide show

data/test/controllers/overrides/registrations_controller_test.rb ADDED

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+require 'test_helper'
+#  was the web request successful?
+#  was the user redirected to the right page?
+#  was the user successfully authenticated?
+#  was the correct object stored in the response?
+#  was the appropriate message delivered in the json payload?
+class Overrides::RegistrationsControllerTest < ActionDispatch::IntegrationTest
+  include OverridesControllersRoutes
+  describe Overrides::RegistrationsController do
+    describe 'Succesful Registration update' do
+      before do
+        @existing_user  = create(:user, :confirmed)
+        @auth_headers   = @existing_user.create_new_auth_token
+        @client_id      = @auth_headers['client']
+        @favorite_color = 'pink'
+        # ensure request is not treated as batch request
+        age_token(@existing_user, @client_id)
+        # test valid update param
+        @new_operating_thetan = 1_000_000
+        put '/evil_user_auth',
+            params: { favorite_color: @favorite_color },
+            headers: @auth_headers
+        @data = JSON.parse(response.body)
+        @existing_user.reload
+      end
+      test 'user was updated' do
+        assert_equal @favorite_color, @existing_user.favorite_color
+      end
+      test 'controller was overridden' do
+        assert_equal Overrides::RegistrationsController::OVERRIDE_PROOF,
+                     @data['override_proof']
+      end
+    end
+  end
+end

data/test/controllers/overrides/sessions_controller_test.rb ADDED

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+require 'test_helper'
+#  was the web request successful?
+#  was the user redirected to the right page?
+#  was the user successfully authenticated?
+#  was the correct object stored in the response?
+#  was the appropriate message delivered in the json payload?
+class Overrides::RegistrationsControllerTest < ActionDispatch::IntegrationTest
+  include OverridesControllersRoutes
+  describe Overrides::RegistrationsController do
+    before do
+      @existing_user = create(:user, :confirmed)
+      post '/evil_user_auth/sign_in',
+           params: { email: @existing_user.email,
+                     password: @existing_user.password }
+      @resource = assigns(:resource)
+      @data = JSON.parse(response.body)
+    end
+    test 'request should succeed' do
+      assert_equal 200, response.status
+    end
+    test 'controller was overridden' do
+      assert_equal Overrides::RegistrationsController::OVERRIDE_PROOF,
+                   @data['override_proof']
+    end
+  end
+end

data/test/controllers/overrides/token_validations_controller_test.rb ADDED

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+require 'test_helper'
+#  was the web request successful?
+#  was the user redirected to the right page?
+#  was the user successfully authenticated?
+#  was the correct object stored in the response?
+#  was the appropriate message delivered in the json payload?
+class Overrides::TokenValidationsControllerTest < ActionDispatch::IntegrationTest
+  include OverridesControllersRoutes
+  describe Overrides::TokenValidationsController do
+    before do
+      @resource = create(:user, :confirmed)
+      @auth_headers = @resource.create_new_auth_token
+      @token     = @auth_headers['access-token']
+      @client_id = @auth_headers['client']
+      @expiry    = @auth_headers['expiry']
+      # ensure that request is not treated as batch request
+      age_token(@resource, @client_id)
+      get '/evil_user_auth/validate_token',
+          params: {},
+          headers: @auth_headers
+      @resp = JSON.parse(response.body)
+    end
+    test 'token valid' do
+      assert_equal 200, response.status
+    end
+    test 'controller was overridden' do
+      assert_equal Overrides::TokenValidationsController::OVERRIDE_PROOF,
+                   @resp['override_proof']
+    end
+  end
+end

data/test/dummy/README.rdoc ADDED

@@ -0,0 +1,28 @@
+== README
+This README would normally document whatever steps are necessary to get the
+application up and running.
+Things you may want to cover:
+* Ruby version
+* System dependencies
+* Configuration
+* Database creation
+* Database initialization
+* How to run the test suite
+* Services (job queues, cache servers, search engines, etc.)
+* Deployment instructions
+* ...
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/test/dummy/app/active_record/lockable_user.rb ADDED

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+class LockableUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable, :lockable
+  include DeviseTokenAuth::Concerns::User
+end

data/test/dummy/app/active_record/mang.rb ADDED

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+class Mang < ActiveRecord::Base
+  include DeviseTokenAuth::Concerns::User
+end

data/test/dummy/app/active_record/only_email_user.rb ADDED

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+class OnlyEmailUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable
+  include DeviseTokenAuth::Concerns::User
+end

data/test/dummy/app/active_record/scoped_user.rb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+class ScopedUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable,
+         :validatable, :confirmable, :omniauthable
+  include DeviseTokenAuth::Concerns::User
+end

data/test/dummy/app/active_record/unconfirmable_user.rb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+class UnconfirmableUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable,
+         :validatable, :omniauthable
+  include DeviseTokenAuth::Concerns::User
+end

data/test/dummy/app/active_record/unregisterable_user.rb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+class UnregisterableUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :recoverable,
+         :trackable, :validatable, :confirmable,
+         :omniauthable
+  include DeviseTokenAuth::Concerns::User
+end

data/test/dummy/app/active_record/user.rb ADDED

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+class User < ActiveRecord::Base
+  include DeviseTokenAuth::Concerns::User
+  include FavoriteColor
+end

data/test/dummy/app/controllers/application_controller.rb ADDED

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+class ApplicationController < ActionController::Base
+  include DeviseTokenAuth::Concerns::SetUserByToken
+  before_action :configure_permitted_parameters, if: :devise_controller?
+  protected
+  def configure_permitted_parameters
+    permitted_parameters = devise_parameter_sanitizer.instance_values['permitted']
+    permitted_parameters[:sign_up] << :operating_thetan
+    permitted_parameters[:sign_up] << :favorite_color
+    permitted_parameters[:account_update] << :operating_thetan
+    permitted_parameters[:account_update] << :favorite_color
+    permitted_parameters[:account_update] << :current_password
+  end
+end

data/test/dummy/app/controllers/auth_origin_controller.rb ADDED

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+class AuthOriginController < ApplicationController
+  def redirected
+    head :ok
+  end
+end

data/test/dummy/app/controllers/custom/confirmations_controller.rb ADDED

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+class Custom::ConfirmationsController < DeviseTokenAuth::ConfirmationsController
+  def show
+    super do |resource|
+      @show_block_called = true unless resource.nil?
+    end
+  end
+  def show_block_called?
+    @show_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb ADDED

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+class Custom::OmniauthCallbacksController < DeviseTokenAuth::OmniauthCallbacksController
+  def omniauth_success
+    super do |resource|
+      @omniauth_success_block_called = true unless resource.nil?
+    end
+  end
+  def omniauth_success_block_called?
+    @omniauth_success_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/passwords_controller.rb ADDED

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+class Custom::PasswordsController < DeviseTokenAuth::PasswordsController
+  def create
+    super do |resource|
+      @create_block_called = true unless resource.nil?
+    end
+  end
+  def edit
+    super do |resource|
+      @edit_block_called = true unless resource.nil?
+    end
+  end
+  def update
+    super do |resource|
+      @update_block_called = true unless resource.nil?
+    end
+  end
+  def create_block_called?
+    @create_block_called == true
+  end
+  def edit_block_called?
+    @edit_block_called == true
+  end
+  def update_block_called?
+    @update_block_called == true
+  end
+  protected
+  def render_update_success
+    render json: { custom: 'foo' }
+  end
+end

data/test/dummy/app/controllers/custom/registrations_controller.rb ADDED

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+class Custom::RegistrationsController < DeviseTokenAuth::RegistrationsController
+  def create
+    super do |resource|
+      @create_block_called = true
+    end
+  end
+  def update
+    super do |resource|
+      @update_block_called = true unless resource.nil?
+    end
+  end
+  def destroy
+    super do |resource|
+      @destroy_block_called = true unless resource.nil?
+    end
+  end
+  def create_block_called?
+    @create_block_called == true
+  end
+  def update_block_called?
+    @update_block_called == true
+  end
+  def destroy_block_called?
+    @destroy_block_called == true
+  end
+  protected
+  def render_create_success
+    render json: { custom: 'foo' }
+  end
+end

data/test/dummy/app/controllers/custom/sessions_controller.rb ADDED

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+class Custom::SessionsController < DeviseTokenAuth::SessionsController
+  def create
+    super do |resource|
+      @create_block_called = true unless resource.nil?
+    end
+  end
+  def destroy
+    super do |resource|
+      @destroy_block_called = true unless resource.nil?
+    end
+  end
+  def create_block_called?
+    @create_block_called == true
+  end
+  def destroy_block_called?
+    @destroy_block_called == true
+  end
+  protected
+  def render_create_success
+    render json: { custom: 'foo' }
+  end
+end

data/test/dummy/app/controllers/custom/token_validations_controller.rb ADDED

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+class Custom::TokenValidationsController < DeviseTokenAuth::TokenValidationsController
+  def validate_token
+    super do |resource|
+      @validate_token_block_called = true unless resource.nil?
+    end
+  end
+  def validate_token_block_called?
+    @validate_token_block_called == true
+  end
+  protected
+  def render_validate_token_success
+    render json: { custom: 'foo' }
+  end
+end

data/test/dummy/app/controllers/demo_group_controller.rb ADDED

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+class DemoGroupController < ApplicationController
+  devise_token_auth_group :member, contains: [:user, :mang]
+  before_action :authenticate_member!
+  def members_only
+    render json: {
+      data: {
+        message: "Welcome #{current_member.name}",
+        user: current_member
+      }
+    }, status: 200
+  end
+end

data/test/dummy/app/controllers/demo_mang_controller.rb ADDED

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+class DemoMangController < ApplicationController
+  before_action :authenticate_mang!
+  def members_only
+    render json: {
+      data: {
+        message: "Welcome #{current_mang.name}",
+        user: current_mang
+      }
+    }, status: 200
+  end
+end

data/test/dummy/app/controllers/demo_user_controller.rb ADDED

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+class DemoUserController < ApplicationController
+  before_action :authenticate_user!
+  def members_only
+    render json: {
+      data: {
+        message: "Welcome #{current_user.name}",
+        user: current_user
+      }
+    }, status: 200
+  end
+  def members_only_remove_token
+    u = User.find(current_user.id)
+    u.tokens = {}
+    u.save!
+    render json: {
+      data: {
+        message: "Welcome #{current_user.name}",
+        user: current_user
+      }
+    }, status: 200
+  end
+end