elucid-merb-ssl-requirement 0.0.3 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README +12 -13
- data/Rakefile +10 -6
- data/lib/merb-ssl-requirement/ssl_requirement.rb +29 -12
- data/spec/controllers/ssl-requirement.rb +8 -7
- data/spec/spec_helper.rb +4 -4
- data/spec/ssl_requirement_spec.rb +17 -7
- metadata +6 -7
data/README
CHANGED
@@ -5,10 +5,6 @@ SSL requirement adds a declarative way of specifying that certain actions
|
|
5
5
|
should only be allowed to run under SSL, and if they're accessed without it,
|
6
6
|
they should be redirected.
|
7
7
|
|
8
|
-
note: unlike the Rails plugin of which this is a port, this plugin does not
|
9
|
-
provide an ssl_allowed method. actions that have not been specified as SSL
|
10
|
-
only can run either with or without and will not be redirected to http.
|
11
|
-
|
12
8
|
Example:
|
13
9
|
|
14
10
|
class Application < Merb::Controller
|
@@ -17,21 +13,25 @@ Example:
|
|
17
13
|
|
18
14
|
class Accounts < ApplicationController
|
19
15
|
ssl_required :signup, :payment
|
20
|
-
|
16
|
+
ssl_allowed :index
|
17
|
+
|
21
18
|
def signup
|
22
|
-
#
|
19
|
+
# Non-SSL access will be redirected to SSL
|
23
20
|
end
|
24
|
-
|
21
|
+
|
25
22
|
def payment
|
26
|
-
#
|
23
|
+
# Non-SSL access will be redirected to SSL
|
24
|
+
end
|
25
|
+
|
26
|
+
def index
|
27
|
+
# This action will work either with or without SSL
|
27
28
|
end
|
28
29
|
|
29
30
|
def other
|
30
|
-
#
|
31
|
-
# and will not be redirected to a different protocol
|
31
|
+
# SSL access will be redirected to non-SSL
|
32
32
|
end
|
33
33
|
end
|
34
|
-
|
34
|
+
|
35
35
|
You can overwrite the protected method ssl_required? to rely on other things
|
36
36
|
than just the declarative specification. Say, only premium accounts get SSL.
|
37
37
|
|
@@ -41,5 +41,4 @@ times you'll want to run other before filters before that. They should then be
|
|
41
41
|
declared ahead of including this module.
|
42
42
|
|
43
43
|
Copyright (c) 2005 David Heinemeier Hansson, released under the MIT license
|
44
|
-
Copyright (c) 2008 Steve Tooke
|
45
|
-
Copyright (c) 2008 Justin Giancola
|
44
|
+
Copyright (c) 2008 Steve Tooke
|
data/Rakefile
CHANGED
@@ -5,12 +5,14 @@ require 'merb-core'
|
|
5
5
|
require 'merb-core/tasks/merb'
|
6
6
|
|
7
7
|
GEM_NAME = "merb-ssl-requirement"
|
8
|
-
GEM_VERSION = "0.0
|
9
|
-
|
10
|
-
EMAIL = "
|
11
|
-
SUMMARY = "Merb plugin
|
8
|
+
GEM_VERSION = "0.1.0"
|
9
|
+
AUTHOR = "Steve Tooke"
|
10
|
+
EMAIL = "steve.tooke@gmail.com"
|
11
|
+
SUMMARY = "Merb plugin that provides ssl_requirement from rails"
|
12
|
+
HOMEPAGE = "http://www.merbivore.com"
|
12
13
|
|
13
14
|
spec = Gem::Specification.new do |s|
|
15
|
+
s.rubyforge_project = 'merb'
|
14
16
|
s.name = GEM_NAME
|
15
17
|
s.version = GEM_VERSION
|
16
18
|
s.platform = Gem::Platform::RUBY
|
@@ -18,11 +20,13 @@ spec = Gem::Specification.new do |s|
|
|
18
20
|
s.extra_rdoc_files = ["README", "LICENSE", 'TODO']
|
19
21
|
s.summary = SUMMARY
|
20
22
|
s.description = s.summary
|
21
|
-
s.
|
23
|
+
s.author = AUTHOR
|
22
24
|
s.email = EMAIL
|
25
|
+
s.homepage = HOMEPAGE
|
23
26
|
s.add_dependency('merb-core', '>= 0.9.10')
|
24
27
|
s.require_path = 'lib'
|
25
28
|
s.files = %w(LICENSE README Rakefile TODO) + Dir.glob("{lib,spec}/**/*")
|
29
|
+
|
26
30
|
end
|
27
31
|
|
28
32
|
Rake::GemPackageTask.new(spec) do |pkg|
|
@@ -44,4 +48,4 @@ task :gemspec do
|
|
44
48
|
File.open("#{GEM_NAME}.gemspec", "w") do |file|
|
45
49
|
file.puts spec.to_ruby
|
46
50
|
end
|
47
|
-
end
|
51
|
+
end
|
@@ -1,6 +1,5 @@
|
|
1
1
|
# Copyright (c) 2005 David Heinemeier Hansson
|
2
2
|
# Copyright (c) 2008 Steve Tooke
|
3
|
-
# Copyright (c) 2008 Justin Giancola
|
4
3
|
#
|
5
4
|
# Permission is hereby granted, free of charge, to any person obtaining
|
6
5
|
# a copy of this software and associated documentation files (the
|
@@ -33,22 +32,40 @@ module SslRequirement
|
|
33
32
|
self.ssl_required_actions.push(*actions)
|
34
33
|
end
|
35
34
|
|
35
|
+
def ssl_allowed(*actions)
|
36
|
+
# write_inheritable_array(:ssl_allowed_actions, actions)
|
37
|
+
self.ssl_allowed_actions.push(*actions)
|
38
|
+
end
|
39
|
+
|
36
40
|
def ssl_required_actions
|
37
41
|
@ssl_required_actions ||= []
|
38
42
|
end
|
43
|
+
|
44
|
+
def ssl_allowed_actions
|
45
|
+
@ssl_allowed_actions ||= []
|
46
|
+
end
|
39
47
|
end
|
40
|
-
|
48
|
+
|
41
49
|
protected
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
50
|
+
# Returns true if the current action is supposed to run as SSL
|
51
|
+
def ssl_required?
|
52
|
+
# (self.class.read_inheritable_attribute(:ssl_required_actions) || []).include?(action_name.to_sym)
|
53
|
+
self.class.ssl_required_actions.include?(action_name.to_sym)
|
54
|
+
end
|
55
|
+
|
56
|
+
def ssl_allowed?
|
57
|
+
self.class.ssl_allowed_actions.include?(action_name.to_sym)
|
58
|
+
# (self.class.read_inheritable_attribute(:ssl_allowed_actions) || []).include?(action_name.to_sym)
|
59
|
+
end
|
47
60
|
|
48
61
|
private
|
49
|
-
|
50
|
-
|
51
|
-
|
62
|
+
def ensure_proper_protocol
|
63
|
+
return true if ssl_allowed?
|
64
|
+
|
65
|
+
if ssl_required? && !request.ssl?
|
66
|
+
throw :halt, redirect("https://" + request.host + request.uri)
|
67
|
+
elsif request.ssl? && !ssl_required?
|
68
|
+
throw :halt, redirect("http://" + request.host + request.uri)
|
69
|
+
end
|
52
70
|
end
|
53
|
-
|
54
|
-
end
|
71
|
+
end
|
@@ -1,25 +1,26 @@
|
|
1
1
|
class Secure < Merb::Controller
|
2
2
|
include SslRequirement
|
3
|
-
|
3
|
+
|
4
4
|
ssl_required :a, :b
|
5
|
-
|
5
|
+
ssl_allowed :c
|
6
|
+
|
6
7
|
def a
|
7
8
|
'a'
|
8
9
|
end
|
9
|
-
|
10
|
+
|
10
11
|
def b
|
11
12
|
return 'b'
|
12
13
|
end
|
13
|
-
|
14
|
+
|
14
15
|
def c
|
15
16
|
return 'c'
|
16
17
|
end
|
17
|
-
|
18
|
+
|
18
19
|
def d
|
19
20
|
return 'd'
|
20
21
|
end
|
21
|
-
#
|
22
|
+
#
|
22
23
|
# def set_flash
|
23
24
|
# flash[:foo] = "bar"
|
24
25
|
# end
|
25
|
-
end
|
26
|
+
end
|
data/spec/spec_helper.rb
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
$:.push File.join(File.dirname(__FILE__), '..', 'lib')
|
2
|
-
|
2
|
+
|
3
3
|
require "rubygems"
|
4
4
|
require "merb-core"
|
5
5
|
require "merb-ssl-requirement"
|
6
6
|
require File.dirname(__FILE__) / "controllers" / "ssl-requirement"
|
7
7
|
require "spec"
|
8
|
-
|
8
|
+
|
9
9
|
Merb.start :environment => 'test'
|
10
|
-
|
10
|
+
|
11
11
|
Spec::Runner.configure do |config|
|
12
12
|
config.include Merb::Test::RequestHelper
|
13
|
-
end
|
13
|
+
end
|
@@ -1,11 +1,21 @@
|
|
1
1
|
require File.dirname(__FILE__) + '/spec_helper'
|
2
2
|
|
3
3
|
describe "SslRequirement" do
|
4
|
-
|
4
|
+
|
5
5
|
it "should not accidently introduce any methods as controller actions" do
|
6
6
|
Merb::Controller.callable_actions.should be_empty
|
7
7
|
end
|
8
|
+
|
9
|
+
end
|
8
10
|
|
11
|
+
describe "ssl_allowed" do
|
12
|
+
it "should allow http connection to allowed action" do
|
13
|
+
dispatch_to(Secure, :c, {}, 'HTTPS' => nil).body.should == "c"
|
14
|
+
end
|
15
|
+
|
16
|
+
it "should allow https connection to allowed action" do
|
17
|
+
dispatch_to(Secure, :c, {}, 'HTTPS' => 'on').body.should == "c"
|
18
|
+
end
|
9
19
|
end
|
10
20
|
|
11
21
|
describe "ssl_required" do
|
@@ -14,7 +24,7 @@ describe "ssl_required" do
|
|
14
24
|
controller.should redirect
|
15
25
|
controller.headers['Location'].should match(%r{^https://})
|
16
26
|
end
|
17
|
-
|
27
|
+
|
18
28
|
it "should allow https connection to required actions" do
|
19
29
|
dispatch_to(Secure, :a, {}, 'HTTPS' => 'on').body.should == "a"
|
20
30
|
end
|
@@ -24,10 +34,10 @@ describe "non-ssl actions" do
|
|
24
34
|
it "should allow http connection" do
|
25
35
|
dispatch_to(Secure, :d, {}, 'HTTPS' => nil).body.should == "d"
|
26
36
|
end
|
27
|
-
|
28
|
-
it "should
|
37
|
+
|
38
|
+
it "should redirect https connection to http" do
|
29
39
|
controller = dispatch_to(Secure, :d, {}, 'HTTPS' => 'on')
|
30
|
-
controller.
|
31
|
-
controller.
|
40
|
+
controller.should redirect
|
41
|
+
controller.headers['Location'].should match(%r{^http://})
|
32
42
|
end
|
33
|
-
end
|
43
|
+
end
|
metadata
CHANGED
@@ -1,11 +1,10 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: elucid-merb-ssl-requirement
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Steve Tooke
|
8
|
-
- Justin Giancola
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
@@ -23,8 +22,8 @@ dependencies:
|
|
23
22
|
- !ruby/object:Gem::Version
|
24
23
|
version: 0.9.10
|
25
24
|
version:
|
26
|
-
description:
|
27
|
-
email:
|
25
|
+
description: Merb plugin that provides ssl_requirement from rails
|
26
|
+
email: steve.tooke@gmail.com
|
28
27
|
executables: []
|
29
28
|
|
30
29
|
extensions: []
|
@@ -46,7 +45,7 @@ files:
|
|
46
45
|
- spec/spec_helper.rb
|
47
46
|
- spec/ssl_requirement_spec.rb
|
48
47
|
has_rdoc: true
|
49
|
-
homepage:
|
48
|
+
homepage: http://www.merbivore.com
|
50
49
|
post_install_message:
|
51
50
|
rdoc_options: []
|
52
51
|
|
@@ -66,10 +65,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
66
65
|
version:
|
67
66
|
requirements: []
|
68
67
|
|
69
|
-
rubyforge_project:
|
68
|
+
rubyforge_project: merb
|
70
69
|
rubygems_version: 1.2.0
|
71
70
|
signing_key:
|
72
71
|
specification_version: 2
|
73
|
-
summary:
|
72
|
+
summary: Merb plugin that provides ssl_requirement from rails
|
74
73
|
test_files: []
|
75
74
|
|