elucid-merb-ssl-requirement 0.0.3 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/README +12 -13
  2. data/Rakefile +10 -6
  3. data/lib/merb-ssl-requirement/ssl_requirement.rb +29 -12
  4. data/spec/controllers/ssl-requirement.rb +8 -7
  5. data/spec/spec_helper.rb +4 -4
  6. data/spec/ssl_requirement_spec.rb +17 -7
  7. metadata +6 -7
data/README CHANGED
@@ -5,10 +5,6 @@ SSL requirement adds a declarative way of specifying that certain actions
5
5
  should only be allowed to run under SSL, and if they're accessed without it,
6
6
  they should be redirected.
7
7
 
8
- note: unlike the Rails plugin of which this is a port, this plugin does not
9
- provide an ssl_allowed method. actions that have not been specified as SSL
10
- only can run either with or without and will not be redirected to http.
11
-
12
8
  Example:
13
9
 
14
10
  class Application < Merb::Controller
@@ -17,21 +13,25 @@ Example:
17
13
 
18
14
  class Accounts < ApplicationController
19
15
  ssl_required :signup, :payment
20
-
16
+ ssl_allowed :index
17
+
21
18
  def signup
22
- # non-SSL access will be redirected to SSL
19
+ # Non-SSL access will be redirected to SSL
23
20
  end
24
-
21
+
25
22
  def payment
26
- # non-SSL access will be redirected to SSL
23
+ # Non-SSL access will be redirected to SSL
24
+ end
25
+
26
+ def index
27
+ # This action will work either with or without SSL
27
28
  end
28
29
 
29
30
  def other
30
- # other actions will work either with or without SSL
31
- # and will not be redirected to a different protocol
31
+ # SSL access will be redirected to non-SSL
32
32
  end
33
33
  end
34
-
34
+
35
35
  You can overwrite the protected method ssl_required? to rely on other things
36
36
  than just the declarative specification. Say, only premium accounts get SSL.
37
37
 
@@ -41,5 +41,4 @@ times you'll want to run other before filters before that. They should then be
41
41
  declared ahead of including this module.
42
42
 
43
43
  Copyright (c) 2005 David Heinemeier Hansson, released under the MIT license
44
- Copyright (c) 2008 Steve Tooke
45
- Copyright (c) 2008 Justin Giancola
44
+ Copyright (c) 2008 Steve Tooke
data/Rakefile CHANGED
@@ -5,12 +5,14 @@ require 'merb-core'
5
5
  require 'merb-core/tasks/merb'
6
6
 
7
7
  GEM_NAME = "merb-ssl-requirement"
8
- GEM_VERSION = "0.0.3"
9
- AUTHORS = ["Steve Tooke", "Justin Giancola"]
10
- EMAIL = "justin.giancola@gmail.com"
11
- SUMMARY = "Merb plugin similar to ssl_requirement from Rails (note: does not provide ssl_allowed class method)"
8
+ GEM_VERSION = "0.1.0"
9
+ AUTHOR = "Steve Tooke"
10
+ EMAIL = "steve.tooke@gmail.com"
11
+ SUMMARY = "Merb plugin that provides ssl_requirement from rails"
12
+ HOMEPAGE = "http://www.merbivore.com"
12
13
 
13
14
  spec = Gem::Specification.new do |s|
15
+ s.rubyforge_project = 'merb'
14
16
  s.name = GEM_NAME
15
17
  s.version = GEM_VERSION
16
18
  s.platform = Gem::Platform::RUBY
@@ -18,11 +20,13 @@ spec = Gem::Specification.new do |s|
18
20
  s.extra_rdoc_files = ["README", "LICENSE", 'TODO']
19
21
  s.summary = SUMMARY
20
22
  s.description = s.summary
21
- s.authors = AUTHORS
23
+ s.author = AUTHOR
22
24
  s.email = EMAIL
25
+ s.homepage = HOMEPAGE
23
26
  s.add_dependency('merb-core', '>= 0.9.10')
24
27
  s.require_path = 'lib'
25
28
  s.files = %w(LICENSE README Rakefile TODO) + Dir.glob("{lib,spec}/**/*")
29
+
26
30
  end
27
31
 
28
32
  Rake::GemPackageTask.new(spec) do |pkg|
@@ -44,4 +48,4 @@ task :gemspec do
44
48
  File.open("#{GEM_NAME}.gemspec", "w") do |file|
45
49
  file.puts spec.to_ruby
46
50
  end
47
- end
51
+ end
data/lib/merb-ssl-requirement/ssl_requirement.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  # Copyright (c) 2005 David Heinemeier Hansson
2
2
  # Copyright (c) 2008 Steve Tooke
3
- # Copyright (c) 2008 Justin Giancola
4
3
  #
5
4
  # Permission is hereby granted, free of charge, to any person obtaining
6
5
  # a copy of this software and associated documentation files (the
@@ -33,22 +32,40 @@ module SslRequirement
33
32
  self.ssl_required_actions.push(*actions)
34
33
  end
35
34
 
35
+ def ssl_allowed(*actions)
36
+ # write_inheritable_array(:ssl_allowed_actions, actions)
37
+ self.ssl_allowed_actions.push(*actions)
38
+ end
39
+
36
40
  def ssl_required_actions
37
41
  @ssl_required_actions ||= []
38
42
  end
43
+
44
+ def ssl_allowed_actions
45
+ @ssl_allowed_actions ||= []
46
+ end
39
47
  end
40
-
48
+
41
49
  protected
42
- # Returns true if the current action is supposed to run as SSL
43
- def ssl_required?
44
- # (self.class.read_inheritable_attribute(:ssl_required_actions) || []).include?(action_name.to_sym)
45
- self.class.ssl_required_actions.include?(action_name.to_sym)
46
- end
50
+ # Returns true if the current action is supposed to run as SSL
51
+ def ssl_required?
52
+ # (self.class.read_inheritable_attribute(:ssl_required_actions) || []).include?(action_name.to_sym)
53
+ self.class.ssl_required_actions.include?(action_name.to_sym)
54
+ end
55
+
56
+ def ssl_allowed?
57
+ self.class.ssl_allowed_actions.include?(action_name.to_sym)
58
+ # (self.class.read_inheritable_attribute(:ssl_allowed_actions) || []).include?(action_name.to_sym)
59
+ end
47
60
 
48
61
  private
49
- def ensure_proper_protocol
50
- if ssl_required? && !request.ssl?
51
- throw :halt, redirect("https://" + request.host + request.uri)
62
+ def ensure_proper_protocol
63
+ return true if ssl_allowed?
64
+
65
+ if ssl_required? && !request.ssl?
66
+ throw :halt, redirect("https://" + request.host + request.uri)
67
+ elsif request.ssl? && !ssl_required?
68
+ throw :halt, redirect("http://" + request.host + request.uri)
69
+ end
52
70
  end
53
- end
54
- end
71
+ end
data/spec/controllers/ssl-requirement.rb CHANGED
@@ -1,25 +1,26 @@
1
1
  class Secure < Merb::Controller
2
2
  include SslRequirement
3
-
3
+
4
4
  ssl_required :a, :b
5
-
5
+ ssl_allowed :c
6
+
6
7
  def a
7
8
  'a'
8
9
  end
9
-
10
+
10
11
  def b
11
12
  return 'b'
12
13
  end
13
-
14
+
14
15
  def c
15
16
  return 'c'
16
17
  end
17
-
18
+
18
19
  def d
19
20
  return 'd'
20
21
  end
21
- #
22
+ #
22
23
  # def set_flash
23
24
  # flash[:foo] = "bar"
24
25
  # end
25
- end
26
+ end
data/spec/spec_helper.rb CHANGED
@@ -1,13 +1,13 @@
1
1
  $:.push File.join(File.dirname(__FILE__), '..', 'lib')
2
-
2
+
3
3
  require "rubygems"
4
4
  require "merb-core"
5
5
  require "merb-ssl-requirement"
6
6
  require File.dirname(__FILE__) / "controllers" / "ssl-requirement"
7
7
  require "spec"
8
-
8
+
9
9
  Merb.start :environment => 'test'
10
-
10
+
11
11
  Spec::Runner.configure do |config|
12
12
  config.include Merb::Test::RequestHelper
13
- end
13
+ end
data/spec/ssl_requirement_spec.rb CHANGED
@@ -1,11 +1,21 @@
1
1
  require File.dirname(__FILE__) + '/spec_helper'
2
2
 
3
3
  describe "SslRequirement" do
4
-
4
+
5
5
  it "should not accidently introduce any methods as controller actions" do
6
6
  Merb::Controller.callable_actions.should be_empty
7
7
  end
8
+
9
+ end
8
10
 
11
+ describe "ssl_allowed" do
12
+ it "should allow http connection to allowed action" do
13
+ dispatch_to(Secure, :c, {}, 'HTTPS' => nil).body.should == "c"
14
+ end
15
+
16
+ it "should allow https connection to allowed action" do
17
+ dispatch_to(Secure, :c, {}, 'HTTPS' => 'on').body.should == "c"
18
+ end
9
19
  end
10
20
 
11
21
  describe "ssl_required" do
@@ -14,7 +24,7 @@ describe "ssl_required" do
14
24
  controller.should redirect
15
25
  controller.headers['Location'].should match(%r{^https://})
16
26
  end
17
-
27
+
18
28
  it "should allow https connection to required actions" do
19
29
  dispatch_to(Secure, :a, {}, 'HTTPS' => 'on').body.should == "a"
20
30
  end
@@ -24,10 +34,10 @@ describe "non-ssl actions" do
24
34
  it "should allow http connection" do
25
35
  dispatch_to(Secure, :d, {}, 'HTTPS' => nil).body.should == "d"
26
36
  end
27
-
28
- it "should not redirect https connection to http" do
37
+
38
+ it "should redirect https connection to http" do
29
39
  controller = dispatch_to(Secure, :d, {}, 'HTTPS' => 'on')
30
- controller.should_not redirect
31
- controller.body.should == "d"
40
+ controller.should redirect
41
+ controller.headers['Location'].should match(%r{^http://})
32
42
  end
33
- end
43
+ end
metadata CHANGED
@@ -1,11 +1,10 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: elucid-merb-ssl-requirement
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Steve Tooke
8
- - Justin Giancola
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
@@ -23,8 +22,8 @@ dependencies:
23
22
  - !ruby/object:Gem::Version
24
23
  version: 0.9.10
25
24
  version:
26
- description: "Merb plugin similar to ssl_requirement from Rails (note: does not provide ssl_allowed class method)"
27
- email: justin.giancola@gmail.com
25
+ description: Merb plugin that provides ssl_requirement from rails
26
+ email: steve.tooke@gmail.com
28
27
  executables: []
29
28
 
30
29
  extensions: []
@@ -46,7 +45,7 @@ files:
46
45
  - spec/spec_helper.rb
47
46
  - spec/ssl_requirement_spec.rb
48
47
  has_rdoc: true
49
- homepage:
48
+ homepage: http://www.merbivore.com
50
49
  post_install_message:
51
50
  rdoc_options: []
52
51
 
@@ -66,10 +65,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
66
65
  version:
67
66
  requirements: []
68
67
 
69
- rubyforge_project:
68
+ rubyforge_project: merb
70
69
  rubygems_version: 1.2.0
71
70
  signing_key:
72
71
  specification_version: 2
73
- summary: "Merb plugin similar to ssl_requirement from Rails (note: does not provide ssl_allowed class method)"
72
+ summary: Merb plugin that provides ssl_requirement from rails
74
73
  test_files: []
75
74