fortress 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/Rakefile +11 -0
- data/lib/fortress.rb +1 -0
- data/lib/fortress/configuration.rb +44 -0
- data/lib/fortress/controller.rb +15 -2
- data/lib/fortress/version.rb +1 -1
- data/spec/fixtures/application.rb +8 -0
- data/spec/fixtures/controllers.rb +12 -0
- data/spec/fortress/access_deny_spec.rb +54 -0
- data/spec/fortress/configuration_spec.rb +37 -0
- data/spec/fortress/controller_spec.rb +37 -41
- data/spec/fortress/external_controllers_spec.rb +83 -0
- data/spec/spec_helper.rb +3 -0
- metadata +9 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0f461ea5452cda1e8c528abce340f785daf5563a
|
4
|
+
data.tar.gz: fdc2d34806a35bbe9d1b5783c8975aa0ce9c9ae1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 79a48a060e3eb1c14ace5b630bcbeb580744d49f20e182440ec8303be1f075743773ced8615858433ce25f942bd0c77984bfd9318174e085f2a055fdb27b0947
|
7
|
+
data.tar.gz: 17a71c6918265fcdc18ddfd06e6dc35406ccd82ef0277e478a7ecfd33c396a9469284a0f5b8be1c7cf0bc3eb53b72ab7dd8f96fa5cac7b3e09dee97e1e00182e
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Fortress
|
2
2
|
|
3
|
-
[](https://travis-ci.org/YourCursus/fortress)
|
3
|
+
[](https://travis-ci.org/YourCursus/fortress) [](https://codeclimate.com/github/YourCursus/fortress) [](http://badge.fury.io/rb/fortress)
|
4
4
|
|
5
5
|
Implement the simple but powerful protection: close everything and open the
|
6
6
|
access explecitely.
|
data/Rakefile
CHANGED
@@ -1,6 +1,17 @@
|
|
1
1
|
require 'bundler/gem_tasks'
|
2
2
|
require 'rspec/core/rake_task'
|
3
3
|
|
4
|
+
# Imported Rails rake task
|
5
|
+
desc 'Print out all defined routes in match order, with names.'
|
6
|
+
task :routes do
|
7
|
+
$LOAD_PATH.unshift('spec/')
|
8
|
+
require 'fixtures/application'
|
9
|
+
all_routes = Rails.application.routes.routes
|
10
|
+
require 'action_dispatch/routing/inspector'
|
11
|
+
inspector = ActionDispatch::Routing::RoutesInspector.new(all_routes)
|
12
|
+
puts inspector.format(ActionDispatch::Routing::ConsoleFormatter.new)
|
13
|
+
end
|
14
|
+
|
4
15
|
RSpec::Core::RakeTask.new
|
5
16
|
|
6
17
|
task default: :spec
|
data/lib/fortress.rb
CHANGED
@@ -0,0 +1,44 @@
|
|
1
|
+
module Fortress
|
2
|
+
class << self
|
3
|
+
attr_accessor :configuration
|
4
|
+
end
|
5
|
+
|
6
|
+
def self.configure
|
7
|
+
self.configuration ||= Configuration.new
|
8
|
+
|
9
|
+
yield(configuration)
|
10
|
+
|
11
|
+
apply_configuration!
|
12
|
+
end
|
13
|
+
|
14
|
+
class Configuration
|
15
|
+
attr_reader :options
|
16
|
+
|
17
|
+
def externals=(value)
|
18
|
+
return unless value
|
19
|
+
|
20
|
+
@options = { externals: externals_from(value) }
|
21
|
+
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
def externals_from(value)
|
26
|
+
case
|
27
|
+
when value.is_a?(String) then [value]
|
28
|
+
when value.is_a?(Array) then value
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
private
|
34
|
+
|
35
|
+
def self.apply_configuration!
|
36
|
+
if configuration.options.try(:key?, :externals)
|
37
|
+
fortress_allow_externals!(configuration.options[:externals])
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def self.fortress_allow_externals!(externals)
|
42
|
+
externals.each { |name| Mechanism.authorise!(name, :all) }
|
43
|
+
end
|
44
|
+
end
|
data/lib/fortress/controller.rb
CHANGED
@@ -29,8 +29,21 @@ module Fortress
|
|
29
29
|
# You can re-define it within the ApplicationController of you rails
|
30
30
|
# application.
|
31
31
|
def access_deny
|
32
|
-
|
33
|
-
|
32
|
+
message = 'You are not authorised to access this page.'
|
33
|
+
respond_to do |format|
|
34
|
+
format.html do
|
35
|
+
flash[:error] = message
|
36
|
+
redirect_to root_url
|
37
|
+
end
|
38
|
+
format.json do
|
39
|
+
self.status = :unauthorized
|
40
|
+
self.response_body = { error: message }.to_json
|
41
|
+
end
|
42
|
+
format.xml do
|
43
|
+
self.status = :unauthorized
|
44
|
+
self.response_body = { error: message }.to_xml
|
45
|
+
end
|
46
|
+
end
|
34
47
|
end
|
35
48
|
|
36
49
|
#
|
data/lib/fortress/version.rb
CHANGED
@@ -14,12 +14,20 @@ module Rails
|
|
14
14
|
{}
|
15
15
|
end
|
16
16
|
|
17
|
+
# Required in order to have `rake routes` working
|
18
|
+
def config
|
19
|
+
OpenStruct.new(assets: OpenStruct.new(prefix: nil))
|
20
|
+
end
|
21
|
+
|
17
22
|
def routes
|
18
23
|
return @routes if defined?(@routes)
|
19
24
|
@routes = ActionDispatch::Routing::RouteSet.new
|
20
25
|
@routes.draw do
|
21
26
|
root 'home#index'
|
22
27
|
resources :guitars
|
28
|
+
resources :concerts, only: :index
|
29
|
+
# Represents an external controller
|
30
|
+
resources :stages
|
23
31
|
end
|
24
32
|
@routes
|
25
33
|
end
|
@@ -27,3 +27,15 @@ class GuitarsController < TestController
|
|
27
27
|
|
28
28
|
def destroy; end
|
29
29
|
end
|
30
|
+
|
31
|
+
#
|
32
|
+
# Controller with a custom access_deny method
|
33
|
+
#
|
34
|
+
class ConcertsController < TestController
|
35
|
+
def index; end
|
36
|
+
|
37
|
+
def access_deny
|
38
|
+
flash[:error] = 'Accès refusé'
|
39
|
+
redirect_to '/another/route'
|
40
|
+
end
|
41
|
+
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe GuitarsController, type: :controller do
|
4
|
+
let(:default_message) { 'You are not authorised to access this page.' }
|
5
|
+
describe 'access_deny' do
|
6
|
+
it 'should have a default method' do
|
7
|
+
get :index
|
8
|
+
|
9
|
+
expect(response).to redirect_to(root_url)
|
10
|
+
expect(flash[:error]).to eql(default_message)
|
11
|
+
end
|
12
|
+
describe 'respond with the same format (YourCursus/fortress#2)' do
|
13
|
+
context 'with JSON' do
|
14
|
+
it 'should respond with a JSON message' do
|
15
|
+
json = { error: default_message }.to_json
|
16
|
+
|
17
|
+
get :index, format: :json
|
18
|
+
|
19
|
+
expect(response.status).to eql(401)
|
20
|
+
expect(response.body).to eql(json)
|
21
|
+
end
|
22
|
+
end
|
23
|
+
context 'with XML' do
|
24
|
+
it 'should respond with a XML message' do
|
25
|
+
xml = { error: default_message }.to_xml
|
26
|
+
|
27
|
+
get :index, format: :xml
|
28
|
+
|
29
|
+
expect(response.status).to eql(401)
|
30
|
+
expect(response.body).to eql(xml)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
describe ConcertsController, type: :controller do
|
38
|
+
describe 'access_deny' do
|
39
|
+
it 'flash message should be overriden' do
|
40
|
+
new_message = 'Accès refusé'
|
41
|
+
|
42
|
+
get :index
|
43
|
+
|
44
|
+
expect(flash[:error]).to eql(new_message)
|
45
|
+
end
|
46
|
+
it 'redirection should be overriden' do
|
47
|
+
new_route = '/another/route'
|
48
|
+
|
49
|
+
get :index
|
50
|
+
|
51
|
+
expect(response).to redirect_to(new_route)
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Fortress::Configuration do
|
4
|
+
describe 'default configuration' do
|
5
|
+
it 'should keep a blank configuration' do
|
6
|
+
expect(Fortress.configuration).to be_nil
|
7
|
+
end
|
8
|
+
end
|
9
|
+
describe 'externals option' do
|
10
|
+
context 'passing nil' do
|
11
|
+
before { Fortress.configure { |config| config.externals = nil } }
|
12
|
+
it 'should keep a blank configuration' do
|
13
|
+
expect(Fortress.configuration.options).to be_nil
|
14
|
+
end
|
15
|
+
end
|
16
|
+
context 'passing a String' do
|
17
|
+
before do
|
18
|
+
Fortress.configure { |config| config.externals = 'IronMaiden' }
|
19
|
+
end
|
20
|
+
it 'should add the externals key as an Array with the given string' do
|
21
|
+
options = { externals: ['IronMaiden'] }
|
22
|
+
expect(Fortress.configuration.options).to eql(options)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
context 'passing an Array of String' do
|
26
|
+
before do
|
27
|
+
Fortress.configure do |config|
|
28
|
+
config.externals = %w(Rocksmith IronMaiden Pantera)
|
29
|
+
end
|
30
|
+
end
|
31
|
+
it 'should add the externals key as an Array with the given string' do
|
32
|
+
options = { externals: %w(Rocksmith IronMaiden Pantera) }
|
33
|
+
expect(Fortress.configuration.options).to eql(options)
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -1,10 +1,6 @@
|
|
1
1
|
require 'spec_helper'
|
2
|
-
require 'fixtures/application'
|
3
|
-
require 'fixtures/controllers'
|
4
2
|
|
5
3
|
describe GuitarsController, type: :controller do
|
6
|
-
before { @flash_error = 'You are not authorised to access this page.' }
|
7
|
-
|
8
4
|
it 'should have a before filter `:prevent_access!`' do
|
9
5
|
before_filters = subject._process_action_callbacks.map do |callback|
|
10
6
|
callback.filter if callback.kind == :before
|
@@ -20,7 +16,7 @@ describe GuitarsController, type: :controller do
|
|
20
16
|
get :index
|
21
17
|
|
22
18
|
expect(response).to redirect_to(root_url)
|
23
|
-
expect(flash[:error]).to
|
19
|
+
expect(flash[:error]).to be_present
|
24
20
|
end
|
25
21
|
end
|
26
22
|
describe 'GET show' do
|
@@ -28,7 +24,7 @@ describe GuitarsController, type: :controller do
|
|
28
24
|
get :show, id: 1
|
29
25
|
|
30
26
|
expect(response).to redirect_to(root_url)
|
31
|
-
expect(flash[:error]).to
|
27
|
+
expect(flash[:error]).to be_present
|
32
28
|
end
|
33
29
|
end
|
34
30
|
describe 'GET new' do
|
@@ -36,7 +32,7 @@ describe GuitarsController, type: :controller do
|
|
36
32
|
get :new
|
37
33
|
|
38
34
|
expect(response).to redirect_to(root_url)
|
39
|
-
expect(flash[:error]).to
|
35
|
+
expect(flash[:error]).to be_present
|
40
36
|
end
|
41
37
|
end
|
42
38
|
describe 'POST create' do
|
@@ -44,7 +40,7 @@ describe GuitarsController, type: :controller do
|
|
44
40
|
post :create
|
45
41
|
|
46
42
|
expect(response).to redirect_to(root_url)
|
47
|
-
expect(flash[:error]).to
|
43
|
+
expect(flash[:error]).to be_present
|
48
44
|
end
|
49
45
|
end
|
50
46
|
describe 'GET edit' do
|
@@ -52,7 +48,7 @@ describe GuitarsController, type: :controller do
|
|
52
48
|
post :edit, id: 1
|
53
49
|
|
54
50
|
expect(response).to redirect_to(root_url)
|
55
|
-
expect(flash[:error]).to
|
51
|
+
expect(flash[:error]).to be_present
|
56
52
|
end
|
57
53
|
end
|
58
54
|
describe 'PUT update' do
|
@@ -60,7 +56,7 @@ describe GuitarsController, type: :controller do
|
|
60
56
|
put :update, id: 1
|
61
57
|
|
62
58
|
expect(response).to redirect_to(root_url)
|
63
|
-
expect(flash[:error]).to
|
59
|
+
expect(flash[:error]).to be_present
|
64
60
|
end
|
65
61
|
end
|
66
62
|
describe 'PATCH update' do
|
@@ -68,7 +64,7 @@ describe GuitarsController, type: :controller do
|
|
68
64
|
patch :update, id: 1
|
69
65
|
|
70
66
|
expect(response).to redirect_to(root_url)
|
71
|
-
expect(flash[:error]).to
|
67
|
+
expect(flash[:error]).to be_present
|
72
68
|
end
|
73
69
|
end
|
74
70
|
describe 'POST destroy' do
|
@@ -76,7 +72,7 @@ describe GuitarsController, type: :controller do
|
|
76
72
|
post :destroy, id: 1
|
77
73
|
|
78
74
|
expect(response).to redirect_to(root_url)
|
79
|
-
expect(flash[:error]).to
|
75
|
+
expect(flash[:error]).to be_present
|
80
76
|
end
|
81
77
|
end
|
82
78
|
end
|
@@ -100,7 +96,7 @@ describe GuitarsController, type: :controller do
|
|
100
96
|
get :show, id: 1
|
101
97
|
|
102
98
|
expect(response).to redirect_to(root_url)
|
103
|
-
expect(flash[:error]).to
|
99
|
+
expect(flash[:error]).to be_present
|
104
100
|
end
|
105
101
|
end
|
106
102
|
describe 'GET new' do
|
@@ -108,7 +104,7 @@ describe GuitarsController, type: :controller do
|
|
108
104
|
get :new
|
109
105
|
|
110
106
|
expect(response).to redirect_to(root_url)
|
111
|
-
expect(flash[:error]).to
|
107
|
+
expect(flash[:error]).to be_present
|
112
108
|
end
|
113
109
|
end
|
114
110
|
describe 'POST create' do
|
@@ -116,7 +112,7 @@ describe GuitarsController, type: :controller do
|
|
116
112
|
post :create
|
117
113
|
|
118
114
|
expect(response).to redirect_to(root_url)
|
119
|
-
expect(flash[:error]).to
|
115
|
+
expect(flash[:error]).to be_present
|
120
116
|
end
|
121
117
|
end
|
122
118
|
describe 'GET edit' do
|
@@ -124,7 +120,7 @@ describe GuitarsController, type: :controller do
|
|
124
120
|
post :edit, id: 1
|
125
121
|
|
126
122
|
expect(response).to redirect_to(root_url)
|
127
|
-
expect(flash[:error]).to
|
123
|
+
expect(flash[:error]).to be_present
|
128
124
|
end
|
129
125
|
end
|
130
126
|
describe 'PUT update' do
|
@@ -132,7 +128,7 @@ describe GuitarsController, type: :controller do
|
|
132
128
|
put :update, id: 1
|
133
129
|
|
134
130
|
expect(response).to redirect_to(root_url)
|
135
|
-
expect(flash[:error]).to
|
131
|
+
expect(flash[:error]).to be_present
|
136
132
|
end
|
137
133
|
end
|
138
134
|
describe 'PATCH update' do
|
@@ -140,7 +136,7 @@ describe GuitarsController, type: :controller do
|
|
140
136
|
patch :update, id: 1
|
141
137
|
|
142
138
|
expect(response).to redirect_to(root_url)
|
143
|
-
expect(flash[:error]).to
|
139
|
+
expect(flash[:error]).to be_present
|
144
140
|
end
|
145
141
|
end
|
146
142
|
describe 'POST destroy' do
|
@@ -148,7 +144,7 @@ describe GuitarsController, type: :controller do
|
|
148
144
|
post :destroy, id: 1
|
149
145
|
|
150
146
|
expect(response).to redirect_to(root_url)
|
151
|
-
expect(flash[:error]).to
|
147
|
+
expect(flash[:error]).to be_present
|
152
148
|
end
|
153
149
|
end
|
154
150
|
end
|
@@ -181,7 +177,7 @@ describe GuitarsController, type: :controller do
|
|
181
177
|
get :new
|
182
178
|
|
183
179
|
expect(response).to redirect_to(root_url)
|
184
|
-
expect(flash[:error]).to
|
180
|
+
expect(flash[:error]).to be_present
|
185
181
|
end
|
186
182
|
end
|
187
183
|
describe 'POST create' do
|
@@ -189,7 +185,7 @@ describe GuitarsController, type: :controller do
|
|
189
185
|
post :create
|
190
186
|
|
191
187
|
expect(response).to redirect_to(root_url)
|
192
|
-
expect(flash[:error]).to
|
188
|
+
expect(flash[:error]).to be_present
|
193
189
|
end
|
194
190
|
end
|
195
191
|
describe 'GET edit' do
|
@@ -197,7 +193,7 @@ describe GuitarsController, type: :controller do
|
|
197
193
|
post :edit, id: 1
|
198
194
|
|
199
195
|
expect(response).to redirect_to(root_url)
|
200
|
-
expect(flash[:error]).to
|
196
|
+
expect(flash[:error]).to be_present
|
201
197
|
end
|
202
198
|
end
|
203
199
|
describe 'PUT update' do
|
@@ -205,7 +201,7 @@ describe GuitarsController, type: :controller do
|
|
205
201
|
put :update, id: 1
|
206
202
|
|
207
203
|
expect(response).to redirect_to(root_url)
|
208
|
-
expect(flash[:error]).to
|
204
|
+
expect(flash[:error]).to be_present
|
209
205
|
end
|
210
206
|
end
|
211
207
|
describe 'PATCH update' do
|
@@ -213,7 +209,7 @@ describe GuitarsController, type: :controller do
|
|
213
209
|
patch :update, id: 1
|
214
210
|
|
215
211
|
expect(response).to redirect_to(root_url)
|
216
|
-
expect(flash[:error]).to
|
212
|
+
expect(flash[:error]).to be_present
|
217
213
|
end
|
218
214
|
end
|
219
215
|
describe 'POST destroy' do
|
@@ -221,7 +217,7 @@ describe GuitarsController, type: :controller do
|
|
221
217
|
post :destroy, id: 1
|
222
218
|
|
223
219
|
expect(response).to redirect_to(root_url)
|
224
|
-
expect(flash[:error]).to
|
220
|
+
expect(flash[:error]).to be_present
|
225
221
|
end
|
226
222
|
end
|
227
223
|
end
|
@@ -342,7 +338,7 @@ describe GuitarsController, type: :controller do
|
|
342
338
|
post :create
|
343
339
|
|
344
340
|
expect(response).to redirect_to(root_url)
|
345
|
-
expect(flash[:error]).to
|
341
|
+
expect(flash[:error]).to be_present
|
346
342
|
end
|
347
343
|
end
|
348
344
|
describe 'GET edit' do
|
@@ -402,7 +398,7 @@ describe GuitarsController, type: :controller do
|
|
402
398
|
get :show, id: 1
|
403
399
|
|
404
400
|
expect(response).to redirect_to(root_url)
|
405
|
-
expect(flash[:error]).to
|
401
|
+
expect(flash[:error]).to be_present
|
406
402
|
end
|
407
403
|
end
|
408
404
|
describe 'GET new' do
|
@@ -410,7 +406,7 @@ describe GuitarsController, type: :controller do
|
|
410
406
|
get :new
|
411
407
|
|
412
408
|
expect(response).to redirect_to(root_url)
|
413
|
-
expect(flash[:error]).to
|
409
|
+
expect(flash[:error]).to be_present
|
414
410
|
end
|
415
411
|
end
|
416
412
|
describe 'POST create' do
|
@@ -418,7 +414,7 @@ describe GuitarsController, type: :controller do
|
|
418
414
|
post :create
|
419
415
|
|
420
416
|
expect(response).to redirect_to(root_url)
|
421
|
-
expect(flash[:error]).to
|
417
|
+
expect(flash[:error]).to be_present
|
422
418
|
end
|
423
419
|
end
|
424
420
|
describe 'GET edit' do
|
@@ -426,7 +422,7 @@ describe GuitarsController, type: :controller do
|
|
426
422
|
post :edit, id: 1
|
427
423
|
|
428
424
|
expect(response).to redirect_to(root_url)
|
429
|
-
expect(flash[:error]).to
|
425
|
+
expect(flash[:error]).to be_present
|
430
426
|
end
|
431
427
|
end
|
432
428
|
describe 'PUT update' do
|
@@ -434,7 +430,7 @@ describe GuitarsController, type: :controller do
|
|
434
430
|
put :update, id: 1
|
435
431
|
|
436
432
|
expect(response).to redirect_to(root_url)
|
437
|
-
expect(flash[:error]).to
|
433
|
+
expect(flash[:error]).to be_present
|
438
434
|
end
|
439
435
|
end
|
440
436
|
describe 'PATCH update' do
|
@@ -442,7 +438,7 @@ describe GuitarsController, type: :controller do
|
|
442
438
|
patch :update, id: 1
|
443
439
|
|
444
440
|
expect(response).to redirect_to(root_url)
|
445
|
-
expect(flash[:error]).to
|
441
|
+
expect(flash[:error]).to be_present
|
446
442
|
end
|
447
443
|
end
|
448
444
|
describe 'POST destroy' do
|
@@ -450,7 +446,7 @@ describe GuitarsController, type: :controller do
|
|
450
446
|
post :destroy, id: 1
|
451
447
|
|
452
448
|
expect(response).to redirect_to(root_url)
|
453
|
-
expect(flash[:error]).to
|
449
|
+
expect(flash[:error]).to be_present
|
454
450
|
end
|
455
451
|
end
|
456
452
|
end
|
@@ -465,7 +461,7 @@ describe GuitarsController, type: :controller do
|
|
465
461
|
get :index
|
466
462
|
|
467
463
|
expect(response).to redirect_to(root_url)
|
468
|
-
expect(flash[:error]).to
|
464
|
+
expect(flash[:error]).to be_present
|
469
465
|
end
|
470
466
|
end
|
471
467
|
describe 'GET show' do
|
@@ -473,7 +469,7 @@ describe GuitarsController, type: :controller do
|
|
473
469
|
get :show, id: 1
|
474
470
|
|
475
471
|
expect(response).to redirect_to(root_url)
|
476
|
-
expect(flash[:error]).to
|
472
|
+
expect(flash[:error]).to be_present
|
477
473
|
end
|
478
474
|
end
|
479
475
|
describe 'GET new' do
|
@@ -481,7 +477,7 @@ describe GuitarsController, type: :controller do
|
|
481
477
|
get :new
|
482
478
|
|
483
479
|
expect(response).to redirect_to(root_url)
|
484
|
-
expect(flash[:error]).to
|
480
|
+
expect(flash[:error]).to be_present
|
485
481
|
end
|
486
482
|
end
|
487
483
|
describe 'POST create' do
|
@@ -489,7 +485,7 @@ describe GuitarsController, type: :controller do
|
|
489
485
|
post :create
|
490
486
|
|
491
487
|
expect(response).to redirect_to(root_url)
|
492
|
-
expect(flash[:error]).to
|
488
|
+
expect(flash[:error]).to be_present
|
493
489
|
end
|
494
490
|
end
|
495
491
|
describe 'GET edit' do
|
@@ -497,7 +493,7 @@ describe GuitarsController, type: :controller do
|
|
497
493
|
post :edit, id: 1
|
498
494
|
|
499
495
|
expect(response).to redirect_to(root_url)
|
500
|
-
expect(flash[:error]).to
|
496
|
+
expect(flash[:error]).to be_present
|
501
497
|
end
|
502
498
|
end
|
503
499
|
describe 'PUT update' do
|
@@ -505,7 +501,7 @@ describe GuitarsController, type: :controller do
|
|
505
501
|
put :update, id: 1
|
506
502
|
|
507
503
|
expect(response).to redirect_to(root_url)
|
508
|
-
expect(flash[:error]).to
|
504
|
+
expect(flash[:error]).to be_present
|
509
505
|
end
|
510
506
|
end
|
511
507
|
describe 'PATCH update' do
|
@@ -513,7 +509,7 @@ describe GuitarsController, type: :controller do
|
|
513
509
|
patch :update, id: 1
|
514
510
|
|
515
511
|
expect(response).to redirect_to(root_url)
|
516
|
-
expect(flash[:error]).to
|
512
|
+
expect(flash[:error]).to be_present
|
517
513
|
end
|
518
514
|
end
|
519
515
|
describe 'POST destroy' do
|
@@ -521,7 +517,7 @@ describe GuitarsController, type: :controller do
|
|
521
517
|
post :destroy, id: 1
|
522
518
|
|
523
519
|
expect(response).to redirect_to(root_url)
|
524
|
-
expect(flash[:error]).to
|
520
|
+
expect(flash[:error]).to be_present
|
525
521
|
end
|
526
522
|
end
|
527
523
|
end
|
@@ -0,0 +1,83 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class StagesController < TestController
|
4
|
+
def index; end
|
5
|
+
|
6
|
+
def show; end
|
7
|
+
|
8
|
+
def new; end
|
9
|
+
|
10
|
+
def create; end
|
11
|
+
|
12
|
+
def edit; end
|
13
|
+
|
14
|
+
def update; end
|
15
|
+
|
16
|
+
def destroy; end
|
17
|
+
end
|
18
|
+
|
19
|
+
describe 'Allow adding manually controller names (YourCursus/fortress#3)' do
|
20
|
+
describe StagesController, type: :controller do
|
21
|
+
describe 'giving a controller name to config.externals' do
|
22
|
+
before do
|
23
|
+
Fortress.configure { |config| config.externals = 'StagesController' }
|
24
|
+
end
|
25
|
+
it 'should allow the index controller action' do
|
26
|
+
get :index
|
27
|
+
|
28
|
+
expect(response).to_not redirect_to(root_url)
|
29
|
+
expect(flash[:error]).to be_nil
|
30
|
+
expect(response).to have_http_status(:ok)
|
31
|
+
end
|
32
|
+
it 'should allow the show controller action' do
|
33
|
+
get :show, id: 1
|
34
|
+
|
35
|
+
expect(response).to_not redirect_to(root_url)
|
36
|
+
expect(flash[:error]).to be_nil
|
37
|
+
expect(response).to have_http_status(:ok)
|
38
|
+
end
|
39
|
+
it 'should allow the new controller action' do
|
40
|
+
get :new
|
41
|
+
|
42
|
+
expect(response).to_not redirect_to(root_url)
|
43
|
+
expect(flash[:error]).to be_nil
|
44
|
+
expect(response).to have_http_status(:ok)
|
45
|
+
end
|
46
|
+
it 'should allow the create controller action' do
|
47
|
+
post :create
|
48
|
+
|
49
|
+
expect(response).to_not redirect_to(root_url)
|
50
|
+
expect(flash[:error]).to be_nil
|
51
|
+
expect(response).to have_http_status(:ok)
|
52
|
+
end
|
53
|
+
it 'should allow the edit controller action' do
|
54
|
+
get :edit, id: 1
|
55
|
+
|
56
|
+
expect(response).to_not redirect_to(root_url)
|
57
|
+
expect(flash[:error]).to be_nil
|
58
|
+
expect(response).to have_http_status(:ok)
|
59
|
+
end
|
60
|
+
it 'should allow the update (PUT) controller action' do
|
61
|
+
put :update, id: 1
|
62
|
+
|
63
|
+
expect(response).to_not redirect_to(root_url)
|
64
|
+
expect(flash[:error]).to be_nil
|
65
|
+
expect(response).to have_http_status(:ok)
|
66
|
+
end
|
67
|
+
it 'should allow the update (PATCH) controller action' do
|
68
|
+
patch :update, id: 1
|
69
|
+
|
70
|
+
expect(response).to_not redirect_to(root_url)
|
71
|
+
expect(flash[:error]).to be_nil
|
72
|
+
expect(response).to have_http_status(:ok)
|
73
|
+
end
|
74
|
+
it 'should allow the destroy controller action' do
|
75
|
+
post :destroy, id: 1
|
76
|
+
|
77
|
+
expect(response).to_not redirect_to(root_url)
|
78
|
+
expect(flash[:error]).to be_nil
|
79
|
+
expect(response).to have_http_status(:ok)
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fortress
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Guillaume Hain
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-01-
|
11
|
+
date: 2015-01-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: actionpack
|
@@ -155,14 +155,18 @@ files:
|
|
155
155
|
- bin/thor
|
156
156
|
- fortress.gemspec
|
157
157
|
- lib/fortress.rb
|
158
|
+
- lib/fortress/configuration.rb
|
158
159
|
- lib/fortress/controller.rb
|
159
160
|
- lib/fortress/controller_interface.rb
|
160
161
|
- lib/fortress/mechanism.rb
|
161
162
|
- lib/fortress/version.rb
|
162
163
|
- spec/fixtures/application.rb
|
163
164
|
- spec/fixtures/controllers.rb
|
165
|
+
- spec/fortress/access_deny_spec.rb
|
166
|
+
- spec/fortress/configuration_spec.rb
|
164
167
|
- spec/fortress/controller_interface_spec.rb
|
165
168
|
- spec/fortress/controller_spec.rb
|
169
|
+
- spec/fortress/external_controllers_spec.rb
|
166
170
|
- spec/fortress/mechanism_spec.rb
|
167
171
|
- spec/spec_helper.rb
|
168
172
|
homepage: https://github.com/YourCursus/fortress
|
@@ -193,7 +197,10 @@ summary: Secure your Rails application from preventing access to everything to o
|
|
193
197
|
test_files:
|
194
198
|
- spec/fixtures/application.rb
|
195
199
|
- spec/fixtures/controllers.rb
|
200
|
+
- spec/fortress/access_deny_spec.rb
|
201
|
+
- spec/fortress/configuration_spec.rb
|
196
202
|
- spec/fortress/controller_interface_spec.rb
|
197
203
|
- spec/fortress/controller_spec.rb
|
204
|
+
- spec/fortress/external_controllers_spec.rb
|
198
205
|
- spec/fortress/mechanism_spec.rb
|
199
206
|
- spec/spec_helper.rb
|