goma 0.0.1.rc1 → 0.0.1.rc2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5ef7018f710a582f625d31c0933a64ca21c04ae6
-  data.tar.gz: f74640b684a0feaef3146ff6ab537e46c7009b8b
+  metadata.gz: 0d6099fa064157ae214f3a611bc179f97732ea87
+  data.tar.gz: 5e9b12ea1433741c58da4a6b9abe08e7c4b320d9
 SHA512:
-  metadata.gz: 9d68a65ac82a574ab10110551e453aee53dac951d96c4cdee43822e47b86231fb554615635d1449ef690a5124f3a5f80afc8cd29fcd57ad2ac8f9e847639a9e8
-  data.tar.gz: a2f9662edacd4404694af19493b9e626319ee4fbe985c7c7fb3c8f05d07275f966dcebb56ab3212c021054ee1cd5009f3e275440c5826f19904776d78f1bf7dd
+  metadata.gz: 73a52d5b437db21c532f16b6179cc3a163ebac83ae496657337b24b58351e0985b7cab88d49663d0450c1bd443093e3f7542a52423340b20fb85957dd21b1425
+  data.tar.gz: 0d62cf55a2bc7df0c209722eb3ae7e3347ea5b82b7ee549fd25dba5d16841a8d56480a8925fe84b921760352b76944cce87d0afaf50028d7eee7ea9d45631713

data/.travis.yml

@@ -5,4 +5,7 @@ rvm:
 gemfile:
   - Gemfile
 script: 'bundle exec rake test'
-
+env:
+  matrix:
+    - VALIDATE_SESSION_EVEN_IN_NOT_LOGIN_AREA=true
+    - VALIDATE_SESSION_EVEN_IN_NOT_LOGIN_AREA=false

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    goma (0.0.1.rc1)
+    goma (0.0.1.rc2)
       rails (~> 4.0)
       warden
 

data/Rakefile

@@ -44,4 +44,10 @@ task "rebuild_test_app" do
   cd "../.."
 end
 
+desc "Run tests for all environment variables"
+task "test_all" do
+  sh "VALIDATE_SESSION_EVEN_IN_NOT_LOGIN_AREA=true  bundle exec rake test"
+  sh "VALIDATE_SESSION_EVEN_IN_NOT_LOGIN_AREA=false bundle exec rake test"
+end
+
 task default: :test

data/goma.gemspec

@@ -49,11 +49,6 @@ That's it.
 This gem is in early development phase and I do not recommend you to use this for production for a while.
 Bug reports and pull requests are welcome.
 
-I am surprised that this gem has been downloaded over 200 times, in spite of pre release versions of v0.0.1.
-And, I feel bad about there were lots of bugs and incomplete implementations in previous versions.
-
-I will release this as a release candidate, but will add lots of code before v0.0.1.
-
 Enjoy!\e[0m
 MESSAGE
 

data/lib/goma/config.rb

@@ -4,12 +4,12 @@ module Goma
       yield @config ||= Goma::Configuration.new
     end
 
-    def config
-      @config
+    def config(scope=nil)
+      scope ? (config_for[scope] || @config) : @config
     end
 
     def configure_for(scope, &block)
-      yield config_for[scope] = config.dup
+      yield config_for[scope] = @config.dup
     end
 
     def config_for

data/lib/goma/models/confirmable.rb

@@ -24,7 +24,6 @@ module Goma
 
       def initialize(*args)
         super
-        @email_confirmation_setup              = false
         @skip_email_confirmation               = false
 
         # Following instance variables are not used by this library.
@@ -84,7 +83,8 @@ module Goma
       end
 
       def send_email_confirmation_needed_email?
-        @email_confirmation_setup && goma_config.email_confirmation_needed_email_method_name && !@skip_email_confirmation_needed_email
+        send(goma_config.unconfirmed_email_changed_getter) && send(goma_config.unconfirmed_email_getter) &&
+          goma_config.email_confirmation_needed_email_method_name && !@skip_email_confirmation_needed_email
       end
 
       def send_email_confirmation_success_email?
@@ -113,7 +113,6 @@ module Goma
       def setup_email_confirmation
         self.send(Goma.config.unconfirmed_email_setter, self.send(Goma.config.email_getter))
         self.send(Goma.config.email_setter, self.send(Goma.config.email_was_getter))
-        @email_confirmation_setup = true
 
         generate_confirmation_token
       end

data/lib/goma/models/lockable.rb

@@ -53,6 +53,7 @@ module Goma
         self.send(goma_config.locked_at_setter, nil)
         self.send(goma_config.failed_attempts_setter, 0)
         self.send(goma_config.unlock_token_setter, nil)
+        self.send(goma_config.unlock_token_sent_at_setter, nil)
         save(validate: false)
       end
 

data/lib/goma/models/omniauthable.rb

@@ -23,12 +23,14 @@ module Goma
             fill_with_omniauth(omniauth) if respond_to? :fill_with_omniauth
           end
         RUBY
+
+        attr_accessor :creating_with_omniauth
       end
 
       module ClassMethods
-        def create_with_omniauth!(omniauth)
-          @creating_with_omniauth = true
+        def build_with_omniauth!(omniauth)
           record = new
+          record.creating_with_omniauth = true
           if goma_config.modules.include? :confirmable
             record.send(goma_config.activated_at_setter, Time.now.utc)
           end
@@ -36,8 +38,13 @@ module Goma
 
           authentication = record.send(goma_config.oauth_association_name).build
           authentication._fill_with_omniauth(omniauth)
+          record
+        end
 
+        def create_with_omniauth!(omniauth)
+          record = build_with_omniauth!(omniauth)
           record.save!
+          record.creating_with_omniauth = false
           record
         end
 

data/lib/goma/models/password_authenticatable.rb

@@ -9,8 +9,8 @@ module Goma
 
         class_eval <<-METHOD, __FILE__, __LINE__ + 1
         def #{password_attr}=(new_#{password_attr})
-          return if new_#{password_attr}.blank?
           @#{password_attr} = new_#{password_attr}
+          return if new_#{password_attr}.blank?
           self.#{Goma.config.encrypted_password_attribute_name} = encrypt_password(new_#{password_attr})
         end
         METHOD

data/lib/goma/models/timeoutable.rb

@@ -2,7 +2,7 @@ module Goma
   module Models
     module Timeoutable
       def timeout?(last_request_at)
-        false if remember_exists_and_not_expired?
+        return false if remember_exists_and_not_expired?
         goma_config.timeout_in && last_request_at && last_request_at <= goma_config.timeout_in.ago
       end
 

data/lib/goma/models/validatable.rb

@@ -32,9 +32,9 @@ module Goma
           end
 
           validates_presence_of     goma_config.password_attribute_name, if: :password_required?
-          validates_confirmation_of goma_config.password_attribute_name, if: :password_required?
           validates_length_of       goma_config.password_attribute_name,
                                     within: goma_config.password_length, allow_blank: true
+          validates_confirmation_of goma_config.password_attribute_name
 
           if omniauthable?
             class_eval <<-RUBY, __FILE__, __LINE__ + 1

data/lib/goma/version.rb

@@ -1,3 +1,3 @@
 module Goma
-  VERSION = "0.0.1.rc1"
+  VERSION = "0.0.1.rc2"
 end

data/test/fabricators/authentication_fabricator.rb

@@ -0,0 +1,4 @@
+Fabricator(:authentication) do
+  provider 'developer'
+  uid { sequence(:uid, 11111111) { |i| i.to_s } }
+end

data/test/fabricators/{users_fabricator.rb → user_fabricator.rb}

@@ -9,3 +9,11 @@ end
 Fabricator(:unactivated_user, from: :user) do
   activated_at nil
 end
+
+Fabricator(:oauth_user, from: :user) do
+  username nil
+  email nil
+  password nil
+  password_confirmation nil
+  authentications(count: 1) { Fabricate(:authentication) }
+end

data/test/integration/confirmable_integration_test.rb

@@ -48,7 +48,7 @@ class ConfirmableIntegrationTest < ActionDispatch::IntegrationTest
     fill_in :user_password_confirmation, with: 'password'
 
     assert_no_difference 'User.count' do
-      assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+      assert_emails 1 do
         click_button 'Sign up'
       end
     end
@@ -101,7 +101,7 @@ class ConfirmableIntegrationTest < ActionDispatch::IntegrationTest
     fill_in :username_or_email, with: 'user'
 
     assert_no_difference 'User.count' do
-      assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+      assert_emails 1 do
         click_button 'Resend activation instructions'
       end
     end
@@ -132,7 +132,7 @@ class ConfirmableIntegrationTest < ActionDispatch::IntegrationTest
     fill_in :username_or_email, with: 'user@example.com'
 
     assert_no_difference 'User.count' do
-      assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+      assert_emails 1 do
         click_button 'Resend activation instructions'
       end
     end
@@ -159,7 +159,7 @@ class ConfirmableIntegrationTest < ActionDispatch::IntegrationTest
     visit edit_user_url(user)
     fill_in :user_email, with: 'new@example.com'
 
-    assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+    assert_emails 1 do
       click_button 'Update'
     end
     assert_match /but we need to verify your new email address/, _flash[:notice]
@@ -171,7 +171,7 @@ class ConfirmableIntegrationTest < ActionDispatch::IntegrationTest
     assert_equal 'old@example.com', user.email
     assert_equal 'new@example.com', user.unconfirmed_email
 
-    assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+    assert_emails 1 do
       visit email_confirmation_url('sesame')
     end
     email = ActionMailer::Base.deliveries.last

data/test/integration/lockable_integration_test.rb

@@ -30,7 +30,7 @@ class LockableIntegrationTest < ActionDispatch::IntegrationTest
 
     visit new_unlock_url
     fill_in :username_or_email, with: @user.email
-    assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+    assert_emails 1 do
       click_button 'Resend unlock instructions'
     end
     email = ActionMailer::Base.deliveries.last

data/test/integration/recoverable_integration_test.rb

@@ -9,7 +9,7 @@ class RecoverableIntegrationTest < ActionDispatch::IntegrationTest
     Goma.token_generator.stubs(:friendly_token).returns('sesame')
     visit new_password_url
     fill_in :username_or_email, with: @user.email
-    assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+    assert_emails 1 do
       click_button 'Send me reset password instructions'
     end
 
@@ -31,7 +31,7 @@ class RecoverableIntegrationTest < ActionDispatch::IntegrationTest
     Goma.token_generator.stubs(:friendly_token).returns('sesame')
     visit new_password_url
     fill_in :username_or_email, with: @user.email
-    assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+    assert_emails 1 do
       click_button 'Send me reset password instructions'
     end
 

data/test/integration/timeoutable_integration_test.rb

@@ -1,201 +1,201 @@
 require 'test_helper'
 
-class TimeoutableIntegrationTest < ActionDispatch::IntegrationTest
-  def setup
-    @user = Fabricate(:user)
-    post 'session', username_or_email: @user.email, password: 'password'
-  end
+if ENV['VALIDATE_SESSION_EVEN_IN_NOT_LOGIN_AREA'] == 'true'
+  class TimeoutableIntegrationTest < ActionDispatch::IntegrationTest
+    def setup
+      @user = Fabricate(:user)
+      post 'session', username_or_email: @user.email, password: 'password'
+    end
 
-  test "should set goma.last_request_at immediately after login" do
-    assert request.env['warden'].session(:user)['goma.last_request_at']
+    test "should set goma.last_request_at immediately after login" do
+      assert request.env['warden'].session(:user)['goma.last_request_at']
 
-    Timecop.freeze 30.minutes.from_now
-    get 'secret/index'
-    assert_redirected_to root_url
+      Timecop.freeze 30.minutes.from_now
+      get 'secret/index'
+      assert_redirected_to root_url
 
-    Timecop.return
-  end
+      Timecop.return
+    end
 
-  test "should timeout" do
-    Timecop.freeze Time.now
-    get 'secret/index'
+    test "should timeout" do
+      Timecop.freeze Time.now
+      get 'secret/index'
 
-    Timecop.freeze 29.minutes.from_now
-    get 'secret/index'
-    assert_response :success
+      Timecop.freeze 29.minutes.from_now
+      get 'secret/index'
+      assert_response :success
 
-    Timecop.freeze 30.minutes.from_now
-    get 'secret/index'
-    assert_redirected_to root_url
+      Timecop.freeze 30.minutes.from_now
+      get 'secret/index'
+      assert_redirected_to root_url
 
-    Timecop.return
-  end
+      Timecop.return
+    end
 
-  test "should not timeout if accessed a page which does not require login" do
-    Timecop.freeze Time.now
-    get 'secret/index'
+    test "should not timeout if accessed a page which does not require login" do
+      Timecop.freeze Time.now
+      get 'secret/index'
 
-    Timecop.freeze 20.minutes.from_now
-    get '/'
-    assert_response :success
+      Timecop.freeze 20.minutes.from_now
+      get '/'
+      assert_response :success
 
-    Timecop.freeze 20.minutes.from_now
-    get 'secret/index'
-    assert_response :success
+      Timecop.freeze 20.minutes.from_now
+      get 'secret/index'
+      assert_response :success
 
-    Timecop.return
-  end
+      Timecop.return
+    end
 
-  test "should timeout if accessing skip_trackabled action" do
-    Timecop.freeze Time.now
-    get 'secret/index'
+    test "should timeout if accessing skip_trackabled action" do
+      Timecop.freeze Time.now
+      get 'secret/index'
 
-    Timecop.freeze 20.minutes.from_now
-    get 'secret/not_track'
-    assert_response :success
+      Timecop.freeze 20.minutes.from_now
+      get 'secret/not_track'
+      assert_response :success
 
-    Timecop.freeze 20.minutes.from_now
-    get 'secret/not_track'
-    assert_redirected_to root_url
+      Timecop.freeze 20.minutes.from_now
+      get 'secret/not_track'
+      assert_redirected_to root_url
 
-    Timecop.return
-  end
+      Timecop.return
+    end
+
+    test "should not timeout but update last_request_at by accessing skip_timeout action" do
+      Timecop.freeze Time.now
+      get 'secret/index'
+
+      Timecop.freeze 60.minutes.from_now
+      get 'secret/not_timeout'
+      assert_response :success
+
+      Timecop.freeze 29.minutes.from_now
+      get 'secret/index'
+      assert_response :success
 
-  test "should not timeout but update last_request_at by accessing skip_timeout action" do
-    Timecop.freeze Time.now
-    get 'secret/index'
+      Timecop.freeze 60.minutes.from_now
+      get 'secret/not_timeout'
+      assert_response :success
 
-    Timecop.freeze 60.minutes.from_now
-    get 'secret/not_timeout'
-    assert_response :success
+      Timecop.freeze 30.minutes.from_now
+      get 'secret/index'
+      assert_redirected_to root_url
 
-    Timecop.freeze 29.minutes.from_now
-    get 'secret/index'
-    assert_response :success
+      Timecop.return
+    end
 
-    Timecop.freeze 60.minutes.from_now
-    get 'secret/not_timeout'
-    assert_response :success
+    test "should not timeout nor update last_request_at by accessing skip_validate_session action" do
+      Timecop.freeze Time.now
+      get 'secret/index'
 
-    Timecop.freeze 30.minutes.from_now
-    get 'secret/index'
-    assert_redirected_to root_url
+      Timecop.freeze 60.minutes.from_now
+      get 'secret/not_validate_session'
+      assert_response :success
 
-    Timecop.return
+      get 'secret/index'
+      assert_redirected_to root_url
+
+      Timecop.return
+    end
   end
+else
+  class TimeoutableIntegrationTest < ActionDispatch::IntegrationTest
+    def setup
+      @user = Fabricate(:user)
+      post 'session', username_or_email: @user.email, password: 'password'
+    end
+
+    test "should set goma.last_request_at immediately after login" do
+      assert request.env['warden'].session(:user)['goma.last_request_at']
+
+      Timecop.freeze 30.minutes.from_now
+      get 'secret/index'
+      assert_redirected_to root_url
+
+      Timecop.return
+    end
+
+    test "should timeout" do
+      Timecop.freeze Time.now
+      get 'secret/index'
+
+      Timecop.freeze 29.minutes.from_now
+      get 'secret/index'
+      assert_response :success
+
+      Timecop.freeze 30.minutes.from_now
+      get 'secret/index'
+      assert_redirected_to root_url
+
+      Timecop.return
+    end
 
-  test "should not timeout nor update last_request_at by accessing skip_validate_session action" do
-    Timecop.freeze Time.now
-    get 'secret/index'
+    test "should timeout if accessed a page which does not require login" do
+      Timecop.freeze Time.now
+      get 'secret/index'
 
-    Timecop.freeze 60.minutes.from_now
-    get 'secret/not_validate_session'
-    assert_response :success
+      Timecop.freeze 20.minutes.from_now
+      get '/'
+      assert_response :success
 
-    get 'secret/index'
-    assert_redirected_to root_url
+      Timecop.freeze 20.minutes.from_now
+      get 'secret/index'
+      assert_redirected_to root_url
 
-    Timecop.return
+      Timecop.return
+    end
+
+    test "should timeout if accessing skip_trackabled action" do
+      Timecop.freeze Time.now
+      get 'secret/index'
+
+      Timecop.freeze 20.minutes.from_now
+      get 'secret/not_track'
+      assert_response :success
+
+      Timecop.freeze 20.minutes.from_now
+      get 'secret/not_track'
+      assert_redirected_to root_url
+
+      Timecop.return
+    end
+
+    test "should not timeout but update last_request_at by accessing skip_timeout action" do
+      Timecop.freeze Time.now
+      get 'secret/index'
+
+      Timecop.freeze 60.minutes.from_now
+      get 'secret/not_timeout'
+      assert_response :success
+
+      Timecop.freeze 29.minutes.from_now
+      get 'secret/index'
+      assert_response :success
+
+      Timecop.freeze 60.minutes.from_now
+      get 'secret/not_timeout'
+      assert_response :success
+
+      Timecop.freeze 30.minutes.from_now
+      get 'secret/index'
+      assert_redirected_to root_url
+
+      Timecop.return
+    end
+
+    test "should not timeout nor update last_request_at by accessing skip_validate_session action" do
+      Timecop.freeze Time.now
+      get 'secret/index'
+
+      Timecop.freeze 60.minutes.from_now
+      get 'secret/not_validate_session'
+      assert_response :success
+
+      get 'secret/index'
+      assert_redirected_to root_url
+
+      Timecop.return
+    end
   end
 end
-
-# uninclude Module has not yet correctly implemented.
-# Therefore, omit following test
-#
-# class TimeoutableDoNotValidateSessionInNotLoginAreaTest < ActionDispatch::IntegrationTest
-#   def setup
-# #     Goma.config.validate_session_even_in_not_login_area = false
-# #     reinclude_timeout_module
-#     @user = Fabricate(:user)
-#     post 'session', username_or_email: @user.email, password: 'password'
-#   end
-# #
-# #   def teardown
-# #     Goma.config.validate_session_even_in_not_login_area = true
-# #     reinclude_timeout_module
-# #   end
-#
-#   test "should timeout if accessed a page which does not require login" do
-#     Timecop.freeze Time.now
-#     get 'secret/index'
-#
-#     Timecop.freeze 20.minutes.from_now
-#     get '/'
-#     assert_response :success
-#
-#     Timecop.freeze 20.minutes.from_now
-#     get 'secret/index'
-#     assert_redirected_to root_url
-#
-#     Timecop.return
-#   end
-#
-#   test "should timeout if accessing skip_trackabled action" do
-#     Timecop.freeze Time.now
-#     get 'secret/index'
-#
-#     Timecop.freeze 20.minutes.from_now
-#     get 'secret/not_track'
-#     assert_response :success
-#
-#     Timecop.freeze 20.minutes.from_now
-#     get 'secret/not_track'
-#     assert_redirected_to root_url
-#
-#     Timecop.return
-#   end
-#
-#   test "should not timeout but update last_request_at by accessing skip_timeout action" do
-#     Timecop.freeze Time.now
-#     get 'secret/index'
-#
-#     Timecop.freeze 60.minutes.from_now
-#     get 'secret/not_timeout'
-#     assert_response :success
-#
-#     Timecop.freeze 29.minutes.from_now
-#     get 'secret/index'
-#     assert_response :success
-#
-#     Timecop.freeze 60.minutes.from_now
-#     get 'secret/not_timeout'
-#     assert_response :success
-#
-#     Timecop.freeze 30.minutes.from_now
-#     get 'secret/index'
-#     assert_redirected_to root_url
-#
-#     Timecop.return
-#   end
-#
-#   test "should not timeout nor update last_request_at by accessing skip_validate_session action" do
-#     Timecop.freeze Time.now
-#     get 'secret/index'
-#
-#     Timecop.freeze 60.minutes.from_now
-#     get 'secret/not_validate_session'
-#     assert_response :success
-#
-#     get 'secret/index'
-#     assert_redirected_to root_url
-#
-#     Timecop.return
-#   end
-#
-# private
-#   def reinclude_timeout_module
-#     ActionController::Base.send :uninclude, Goma::Controllers::Timeoutable
-#     ActionController::Base.send :unextend, Goma::Controllers::Timeoutable::ClassMethods
-#     # ActionController::Base.class_eval{ skip_filter :validate_session }
-#     # SecretController.class_eval{ skip_filter :validate_session }
-#     SecretController.class_eval do
-#       _process_action_callbacks.reject! do |callback|
-#         callback.filter == :validate_session ||
-#           callback.filter == :skip_timeout ||
-#           callback.filter == :skip_validate_session
-#       end
-#     end
-#     load File.expand_path('../../../lib/goma/controllers/timeoutable.rb', __FILE__)
-#     ActionController::Base.send :include,   Goma::Controllers::Timeoutable
-#   end
-# end