fine_print 2.0.1 → 2.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 45ee10b15e66cf1763d09c6689c23ed47bda4619
-  data.tar.gz: ef9c91de28b44343976713634c9b2dd848f181f1
+  metadata.gz: eeb6d09c85c20be2b0312861169f2aecd74a85aa
+  data.tar.gz: 604d154a8c0a3251e736c9939d93ab4b158e578f
 SHA512:
-  metadata.gz: 4410bfd47d1de7de04630157b9454adefe464357167f358fddb8822fb3b3e7d32a62a4fa51fd8e61f5ce3c1b3e137a427c1e5ad7c7a0e3bb60195e348583c930
-  data.tar.gz: 297761b1255b841580f59494503ae44e5cbdae96559ea242c400395e6b621155ddaeb79a29bd648ea7877cf4a4d1db3c33fc276aa64e739ae0997635a615c759
+  metadata.gz: 9814e631196a906b8b1604a132c3d838cc1a00189dd890669fb6677af55879eb6732d421d7397c6c74b77b2c902012e28094873eb82b08e6003020fe85ffe928
+  data.tar.gz: 47badd0b0fbcea2f4a23314b08eb155979e2985c0d95d992a65f7553ee084dda6d4ef0cc6573e2f98adb71fdf075eed276fcbd5ae76e48aa446b03e757abc8c5

data/config/initializers/fine_print.rb

@@ -22,9 +22,9 @@ FinePrint.configure do |config|
   # This proc is called to check that the given user is allowed to sign contracts.
   # Should raise and exception, render or redirect unless the user can sign contracts.
   # You might want to redirect users to a login page if they are not signed in.
-  # The default renders 403 Forbidden for nil users.
-  # Default: lambda { |user| !user.nil? || head(:forbidden) }
-  config.can_sign_proc = lambda { |user| !user.nil? || head(:forbidden) }
+  # The default renders 401 Unauthorized for nil users.
+  # Default: lambda { |user| !user.nil? || head(:unauthorized) }
+  config.can_sign_proc = lambda { |user| !user.nil? || head(:unauthorized) }
 
   # Controller Configuration
 

data/lib/fine_print/version.rb

@@ -1,3 +1,3 @@
 module FinePrint
-  VERSION = '2.0.1'
+  VERSION = '2.0.2'
 end

data/spec/controllers/contracts_controller_spec.rb

@@ -11,12 +11,12 @@ module FinePrint
     let!(:contract) { FactoryGirl.create(:fine_print_contract) }
 
     it "won't get index unless authorized" do
-      expect { get :index, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      get :index, :use_route => :fine_print
+      expect(response.status).to eq 403
       
       sign_in @user
-      expect { get :index, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      get :index, :use_route => :fine_print
+      expect(response.status).to eq 403
     end
     
     it 'must get index if authorized' do
@@ -26,12 +26,12 @@ module FinePrint
     end
     
     it "won't get new unless authorized" do
-      expect { get :new, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      get :new, :use_route => :fine_print
+      expect(response.status).to eq 403
       
       sign_in @user
-      expect { get :new, :use_route => :fine_print }
-      .to raise_error(ActionController::RoutingError)
+      get :new, :use_route => :fine_print
+      expect(response.status).to eq 403
     end
     
     it 'must get new if authorized' do
@@ -45,14 +45,14 @@ module FinePrint
       attributes[:name] = 'some_name'
       attributes[:title] = 'Some title'
       attributes[:content] = 'Some content'
-      
-      expect { post :create, :contract => :attributes, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+
+      post :create, :contract => :attributes, :use_route => :fine_print
+      expect(response.status).to eq 403
       expect(assigns(:contract)).to be_nil
       
       sign_in @user
-      expect { post :create, :contract => :attributes, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      post :create, :contract => :attributes, :use_route => :fine_print
+      expect(response.status).to eq 403
       expect(assigns(:contract)).to be_nil
     end
     
@@ -72,12 +72,12 @@ module FinePrint
     end
     
     it "won't edit unless authorized" do
-      expect { get :edit, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      get :edit, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       
       sign_in @user
-      expect { get :edit, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      get :edit, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
     end
     
     it 'must edit if authorized' do
@@ -95,18 +95,16 @@ module FinePrint
       title = contract.title
       content = contract.content
       
-      expect { post :update, :id => contract.id,
-                    :contract => attributes, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      put :update, :id => contract.id, :contract => attributes, :use_route => :fine_print
+      expect(response.status).to eq 403
       contract.reload
       expect(contract.name).to eq name
       expect(contract.title).to eq title
       expect(contract.content).to eq content
       
       sign_in @user
-      expect { post :update, :id => contract.id,
-        :contract => attributes, :use_route => :fine_print }
-      .to raise_error(ActionController::RoutingError)
+      put :update, :id => contract.id, :contract => attributes, :use_route => :fine_print
+      expect(response.status).to eq 403
       contract.reload
       expect(contract.name).to eq name
       expect(contract.title).to eq title
@@ -130,13 +128,13 @@ module FinePrint
     end
 
     it "won't destroy unless authorized" do
-      expect { delete :destroy, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      delete :destroy, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       expect(Contract.find(contract.id)).to eq contract
       
       sign_in @user
-      expect { delete :destroy, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      delete :destroy, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       expect(Contract.find(contract.id)).to eq contract
     end
     
@@ -149,14 +147,14 @@ module FinePrint
 
     it "won't publish unless authorized" do
       expect(contract.is_published?).to eq false
-      expect { put :publish, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      put :publish, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       contract.reload
       expect(contract.is_published?).to eq false
       
       sign_in @user
-      expect { put :publish, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      put :publish, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       contract.reload
       expect(contract.is_published?).to eq false
     end
@@ -174,14 +172,14 @@ module FinePrint
     it "won't unpublish unless authorized" do
       contract.publish
       expect(contract.is_published?).to eq true
-      expect { put :unpublish, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      put :unpublish, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       contract.reload
       expect(contract.is_published?).to eq true
       
       sign_in @user
-      expect { put :unpublish, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      put :unpublish, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       contract.reload
       expect(contract.is_published?).to eq true
     end
@@ -201,13 +199,13 @@ module FinePrint
       contract.publish
       expect(contract.is_published?).to eq true
       
-      expect { put :new_version, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      post :new_version, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       expect(assigns(:contract)).to be_nil
       
       sign_in @user
-      expect { put :new_version, :id => contract.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      post :new_version, :id => contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       expect(assigns(:contract)).to be_nil
     end
     
@@ -216,7 +214,7 @@ module FinePrint
       expect(contract.is_published?).to eq true
 
       sign_in @admin
-      put :new_version, :id => contract.id, :use_route => :fine_print
+      post :new_version, :id => contract.id, :use_route => :fine_print
       expect(response.status).to eq 200
       expect(assigns(:contract)).not_to be_nil
     end

data/spec/controllers/home_controller_spec.rb

@@ -9,12 +9,12 @@ module FinePrint
     end
 
     it "won't get index unless authorized" do
-      expect { get :index, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      get :index, :use_route => :fine_print
+      expect(response.status).to eq 403
       
       sign_in @user
-      expect { get :index, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      get :index, :use_route => :fine_print
+      expect(response.status).to eq 403
     end
     
     it 'must get index if authorized' do

data/spec/controllers/signatures_controller_spec.rb

@@ -11,14 +11,12 @@ module FinePrint
     let!(:signature) { FactoryGirl.create(:fine_print_signature) }
 
     it "won't get index unless authorized" do
-      expect { get :index, :contract_id => signature.contract.id,
-                           :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      get :index, :contract_id => signature.contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       
       sign_in @user
-      expect { get :index, :contract_id => signature.contract.id,
-                           :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      get :index, :contract_id => signature.contract.id, :use_route => :fine_print
+      expect(response.status).to eq 403
     end
     
     it 'must get index if authorized' do
@@ -31,7 +29,7 @@ module FinePrint
     it "won't get new unless signed in" do
       get :new, :contract_id => signature.contract.id,
                 :use_route => :fine_print
-      expect(response.status).to eq 403
+      expect(response.status).to eq 401
     end
     
     it 'must get new if signed in' do
@@ -44,7 +42,7 @@ module FinePrint
     it "won't create unless signed in" do
       post :create, :contract_id => signature.contract.id,
                     :use_route => :fine_print
-      expect(response.status).to eq 403
+      expect(response.status).to eq 401
     end
     
     it 'must create if signed in' do
@@ -55,13 +53,13 @@ module FinePrint
     end
 
     it "won't destroy unless authorized" do
-      expect { delete :destroy, :id => signature.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      delete :destroy, :id => signature.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       expect(Signature.find(signature.id)).to eq signature
       
       sign_in @user
-      expect { delete :destroy, :id => signature.id, :use_route => :fine_print }
-             .to raise_error(ActionController::RoutingError)
+      delete :destroy, :id => signature.id, :use_route => :fine_print
+      expect(response.status).to eq 403
       expect(Signature.find(signature.id)).to eq signature
     end
     

data/spec/dummy/config/initializers/fine_print.rb

@@ -1,5 +1,4 @@
 # Configuration file for the dummy app
 FinePrint.configure do |config|
-  config.can_manage_proc = lambda { |user| user.try(:is_admin) || \
-                                           raise(ActionController::RoutingError, 'Not Found') }
+  config.can_manage_proc = lambda { |user| user.try(:is_admin) || head(:forbidden) }
 end