grosser-ssl_requirement 0.1.0

data/Gemfile

@@ -0,0 +1,2 @@
+source :rubygems
+gemspec

data/Gemfile.lock

@@ -0,0 +1,55 @@
+PATH
+  remote: .
+  specs:
+    grosser-ssl_requirement (0.1.0)
+      actionpack
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionpack (3.1.0)
+      activemodel (= 3.1.0)
+      activesupport (= 3.1.0)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      i18n (~> 0.6)
+      rack (~> 1.3.2)
+      rack-cache (~> 1.0.3)
+      rack-mount (~> 0.8.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.0.0)
+    activemodel (3.1.0)
+      activesupport (= 3.1.0)
+      bcrypt-ruby (~> 3.0.0)
+      builder (~> 3.0.0)
+      i18n (~> 0.6)
+    activesupport (3.1.0)
+      multi_json (~> 1.0)
+    bcrypt-ruby (3.0.0)
+    builder (3.0.0)
+    erubis (2.7.0)
+    hike (1.2.1)
+    i18n (0.6.0)
+    multi_json (1.0.3)
+    rack (1.3.2)
+    rack-cache (1.0.3)
+      rack (>= 0.4)
+    rack-mount (0.8.3)
+      rack (>= 1.0.0)
+    rack-test (0.6.1)
+      rack (>= 1.0)
+    rake (0.9.2)
+    redgreen (1.2.2)
+    sprockets (2.0.0)
+      hike (~> 1.2)
+      rack (~> 1.0)
+      tilt (!= 1.3.0, ~> 1.1)
+    tilt (1.3.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  grosser-ssl_requirement!
+  rake
+  redgreen

data/README.markdown

@@ -0,0 +1,88 @@
+###Fork of ssl_requirement to add
+
+ - if a action is ssl_allowed and ssl_required -- it is ssl_required
+ - support :all
+ - `ssl_required` == `ssl_required :all`
+ - allow attributes as array `ssl_required [:login, :register]`
+ - allow strings as attributes `ssl_required 'login', 'register'` / `ssl_required %w[login register]`
+ - running tests
+ - ability to overwrite ssl_host, to make custom host changes e.g. `def ssl_host; request.sll? ? 'xxx.com' : 'yyy.com';end`
+ - added :except option to exclude actions
+ - added rails3 compatibility
+
+Install
+=======
+### As Gem
+` gem install grosser-ssl_requirement `
+
+Add to Gemfile<br/>
+` gem 'grosser-ssl_requirement', :require => 'ssl_requirement' `
+
+### As plugin
+` rails plugin install git://github.com/grosser/ssl_requirement.git `
+
+
+SSL Requirement
+===============
+ - redirect https to http by default
+ - redirect http requests to https with `ssl_required`
+ - allow https and http with `ssl_allowed`
+
+Example:
+
+    class ApplicationController < ActionController::Base
+      include SslRequirement
+    end
+
+    class AccountController < ApplicationController
+      ssl_required :signup, :payment
+      ssl_allowed :index
+
+      def signup
+        # Non-SSL access will be redirected to SSL
+      end
+
+      def payment
+        # Non-SSL access will be redirected to SSL
+      end
+
+      def index
+        # This action will work either with or without SSL
+      end
+
+      def other
+        # SSL access will be redirected to non-SSL
+      end
+    end
+
+You can overwrite the protected method ssl_required? to rely on other things
+than just the declarative specification. Say, only premium accounts get SSL.
+
+When including SslRequirement it adds `before_filter :ensure_proper_protocol`.
+
+### Separate ssl host?
+    class ApplicationController < ActionController::Base
+      include SslRequirement
+
+      def ssl_host
+        Rails.env.production ? 'myhost.com' : request.host
+      end
+    end
+
+### No ssl in development? (not recommended, [TATFT](http://dawanda.com/product/3861630-TATFT-Mousepad-Test-all-the-fucking-time))
+    class ApplicationController < ActionController::Base
+      include SslRequirement
+      skip_before_filter :ensure_proper_protocol unless Rails.env.production?
+    end
+
+Authors
+=======
+
+###Original
+Copyright (c) 2005 David Heinemeier Hansson, released under the MIT license
+
+###Additions
+ - [Michael Grosser](http://pragmatig.wordpress.com)
+ - [Johndouthat](http://github.com/johndouthat)
+ - [Adam Wiggins](http://adam.blog.heroku.com/)
+ - [Mark Rambow](https://github.com/markrambow)

data/Rakefile

@@ -0,0 +1,14 @@
+require "bundler"
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+Rake::TestTask.new do |test|
+  test.libs << 'lib'
+  test.pattern = 'test/**/*_test.rb'
+  test.verbose = true
+end
+
+task :default do
+ sh "RAILS='~>2' bundle && bundle exec rake test"
+ sh "RAILS='~>3' bundle && bundle exec rake test"
+end

data/grosser-ssl_requirement.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "ssl_requirement/version"
+
+Gem::Specification.new do |s|
+  s.name                  = "grosser-ssl_requirement"
+  s.version               = SslRequirement::Version::STRING
+  s.platform              = Gem::Platform::RUBY
+  s.authors               = ["DHH","Michael Grosser","DaWanda"]
+  s.email                 = ["michael@grosser.it"]
+  s.homepage              = "http://github.com/grosser/ssl_requirement"
+  s.summary               = "A fork to add some cool options to ssl_requirement"
+  s.description           = s.summary
+  s.license               = "MIT"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.require_paths = ["lib"]
+
+  s.add_dependency "actionpack", ENV["RAILS"]
+
+  s.add_development_dependency "redgreen"
+  s.add_development_dependency "rake"
+end

data/lib/ssl_requirement.rb

@@ -0,0 +1,80 @@
+# Copyright (c) 2005 David Heinemeier Hansson
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+module SslRequirement
+  def self.included(controller)
+    controller.extend(ClassMethods)
+    controller.before_filter(:ensure_proper_protocol)
+  end
+
+  module ClassMethods
+    # Specifies that the named actions requires an SSL connection to be performed (which is enforced by ensure_proper_protocol).
+    def ssl_required(*actions)
+      write_inheritable_array(:ssl_required_actions, actions.flatten)
+    end
+
+    def ssl_allowed(*actions)
+      write_inheritable_array(:ssl_allowed_actions, actions.flatten)
+    end
+  end
+
+  protected
+
+  # Returns true if the current action is supposed to run as SSL
+  def ssl_required?
+    ssl_actions_include_current_action(:ssl_required_actions)
+  end
+
+  def ssl_allowed?
+    ssl_actions_include_current_action(:ssl_allowed_actions)
+  end
+
+  def ssl_host
+    request.host
+  end
+
+  private
+
+  def ssl_actions_include_current_action (name)
+    actions = self.class.read_inheritable_attribute(name)
+    return unless actions
+    actions = [:all] if actions.empty?
+    return true if actions.include? :all
+
+    if actions.first.is_a? Hash and actions.first[:except]
+      not actions.first[:except].map(&:to_sym).include?(params[:action].to_sym)
+    else
+      actions.map(&:to_sym).include?(params[:action].to_sym)
+    end
+  end
+
+  def ensure_proper_protocol
+    must_turn_on = (not request.ssl? and ssl_required?)
+    must_turn_off = (request.ssl? and not ssl_allowed? and not ssl_required?)
+
+    return if not must_turn_on and not must_turn_off
+
+    protocol = (must_turn_on ? 'https' : 'http')
+    path = request.respond_to?(:fullpath) ? request.fullpath : request.request_uri
+    redirect_to "#{protocol}://#{ssl_host}#{path}"
+    flash.keep
+    return false
+  end
+end

data/lib/ssl_requirement/version.rb

@@ -0,0 +1,8 @@
+module SslRequirement
+  module Version
+    MAJOR = 0
+    MINOR = 1
+    PATCH = 0
+    STRING = "#{MAJOR}.#{MINOR}.#{PATCH}"
+  end
+end

data/test/ssl_requirement_test.rb

@@ -0,0 +1,314 @@
+require 'rubygems'
+require 'action_pack'
+require 'action_controller'
+require 'test/unit'
+require 'redgreen'
+$LOAD_PATH << 'lib'
+
+if ActionPack::VERSION::MAJOR > 2
+ require 'action_dispatch/testing/test_process'
+
+ ROUTES = ActionDispatch::Routing::RouteSet.new
+ ROUTES.draw do
+   match ':controller(/:action(/:id(.:format)))'
+ end
+ ROUTES.finalize!
+
+# funky patch to get @routes working, in 'setup' did not work
+ module ActionController::TestCase::Behavior
+   def process_with_routes(*args)
+     @routes = ROUTES
+     process_without_routes(*args)
+   end
+   alias_method_chain :process, :routes
+ end
+
+ class ActionController::Base
+   self.view_paths = 'test/views'
+
+   def self._routes
+     ROUTES
+   end
+ end
+else
+ require 'action_controller/test_process'
+
+ ActionController::Routing::Routes.reload rescue nil
+ ActionController::Base.cache_store = :memory_store
+
+end
+
+
+
+
+
+require 'ssl_requirement'
+
+class SslRequirementController < ActionController::Base
+  include SslRequirement
+
+  ssl_required :a, :b
+  ssl_allowed :c
+
+  def a
+    render :nothing => true
+  end
+
+  def b
+    render :nothing => true
+  end
+
+  def c
+    render :nothing => true
+  end
+
+  def d
+    render :nothing => true
+  end
+
+  def set_flash
+    flash[:foo] = "bar"
+    render :nothing => true
+  end
+end
+
+class SslRequirementTest < ActionController::TestCase
+  def setup
+    @controller = SslRequirementController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  test "redirect to https preserves flash" do
+    get :set_flash
+    get :b
+    assert_response :redirect
+    assert_equal "bar", flash[:foo]
+  end
+
+  test "not redirecting to https does preserve the flash" do
+    get :set_flash
+    get :d
+    assert_response :success
+    assert_equal "bar", flash[:foo]
+  end
+
+  test "redirect to http preserves flash" do
+    get :set_flash
+    @request.env['HTTPS'] = "on"
+    get :d
+    assert_response :redirect
+    assert_equal "bar", flash[:foo]
+  end
+
+  test "not redirecting to http does preserve the flash" do
+    get :set_flash
+    @request.env['HTTPS'] = "on"
+    get :a
+    assert_response :success
+    assert_equal "bar", flash[:foo]
+  end
+
+  test "required without ssl" do
+    assert_not_equal "on", @request.env["HTTPS"]
+    get :a
+    assert_response :redirect
+    assert_match %r{^https://}, @response.headers['Location']
+    get :b
+    assert_response :redirect
+    assert_match %r{^https://}, @response.headers['Location']
+  end
+
+  test "required with ssl" do
+    @request.env['HTTPS'] = "on"
+    get :a
+    assert_response :success
+    get :b
+    assert_response :success
+  end
+
+  test "disallowed without ssl" do
+    assert_not_equal "on", @request.env["HTTPS"]
+    get :d
+    assert_response :success
+  end
+
+  test "disallowed with ssl" do
+    @request.env['HTTPS'] = "on"
+    get :d
+    assert_response :redirect
+    assert_match %r{^http://}, @response.headers['Location']
+  end
+
+  test "allowed without ssl" do
+    assert_not_equal "on", @request.env["HTTPS"]
+    get :c
+    assert_response :success
+  end
+
+  test "allowed with ssl" do
+    @request.env['HTTPS'] = "on"
+    get :c
+    assert_response :success
+  end
+end
+
+class SslRequiredAllController < ActionController::Base
+  include SslRequirement
+  ssl_required
+
+  def a
+    render :nothing => true
+  end
+end
+
+
+class SslRequiredAllTest < ActionController::TestCase
+  def setup
+    @controller = SslRequiredAllController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  test "allows ssl" do
+    @request.env['HTTPS'] = "on"
+    get :a
+    assert_response :success
+  end
+
+  test "disallowed without ssl" do
+    get :a
+    assert_response :redirect
+  end
+end
+
+
+class SslAllowedAllController < ActionController::Base
+  include SslRequirement
+  ssl_allowed :all
+
+  def a
+    render :nothing => true
+  end
+end
+
+class SslAllowedAllTest < ActionController::TestCase
+  def setup
+    @controller = SslAllowedAllController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  test "allows ssl" do
+    @request.env['HTTPS'] = "on"
+    get :a
+    assert_response :success
+  end
+
+  test "allowes without ssl" do
+    get :a
+    assert_response :success
+  end
+end
+
+
+class SslAllowedAndRequiredController < ActionController::Base
+  include SslRequirement
+  ssl_allowed
+  ssl_required
+
+  def a
+    render :nothing => true
+  end
+end
+
+class SslAllowedAndRequiredTest < ActionController::TestCase
+  def setup
+    @controller = SslAllowedAndRequiredController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  test "allows ssl" do
+    @request.env['HTTPS'] = "on"
+    get :a
+    assert_response :success
+  end
+
+  test "diallowes without ssl" do
+    get :a
+    assert_response :redirect
+  end
+end
+
+class SslAllowedAndRequiredController < ActionController::Base
+  include SslRequirement
+  ssl_required
+
+  def a
+    render :nothing => true
+  end
+
+  protected
+
+  def ssl_host
+    'www.xxx.com'
+  end
+end
+
+class SslHostTest < ActionController::TestCase
+  def setup
+    @controller = SslAllowedAndRequiredController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  test "uses ssl_host" do
+    @request.env['HTTPS'] = "on"
+    get :a
+    assert_response :success
+  end
+
+  test "diallowes without ssl" do
+    @request.path = "/ssl_allowed_and_required/a"
+    get :a
+    assert_response :redirect
+    assert_equal "https://www.xxx.com/ssl_allowed_and_required/a", @response.headers['Location']
+  end
+end
+
+class SslAllowedWithExceptedMethods < ActionController::Base
+  include SslRequirement
+  ssl_allowed :except => [:non_secure_method]
+
+  def secure
+    render :nothing => true
+  end
+
+  def non_secure_method
+    render :nothing => true
+  end
+end
+
+class SslAllowedWithExceptedMethodsTest < ActionController::TestCase
+  def setup
+    @controller = SslAllowedWithExceptedMethods.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  test "uses ssl" do
+    @request.env['HTTPS'] = "on"
+    get :secure
+    assert_response :success
+  end
+
+  test "diallowes with ssl on excluded methods" do
+    @request.env['HTTPS'] = "on"
+    @request.path = "/ssl_allowed_with_excepted_methods/non_secure_method" #stubed path because testframework does not sets path on rails 3
+    get :non_secure_method
+    assert_response :redirect
+    assert_equal "http://test.host/ssl_allowed_with_excepted_methods/non_secure_method", @response.headers['Location']
+  end
+end
+

metadata

@@ -0,0 +1,118 @@
+--- !ruby/object:Gem::Specification 
+name: grosser-ssl_requirement
+version: !ruby/object:Gem::Version 
+  hash: 27
+  prerelease: 
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- DHH
+- Michael Grosser
+- DaWanda
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-09-07 00:00:00 +02:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  name: actionpack
+  version_requirements: *id001
+  prerelease: false
+- !ruby/object:Gem::Dependency 
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  name: redgreen
+  version_requirements: *id002
+  prerelease: false
+- !ruby/object:Gem::Dependency 
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  name: rake
+  version_requirements: *id003
+  prerelease: false
+description: A fork to add some cool options to ssl_requirement
+email: 
+- michael@grosser.it
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- Gemfile
+- Gemfile.lock
+- README.markdown
+- Rakefile
+- grosser-ssl_requirement.gemspec
+- lib/ssl_requirement.rb
+- lib/ssl_requirement/version.rb
+- test/ssl_requirement_test.rb
+has_rdoc: true
+homepage: http://github.com/grosser/ssl_requirement
+licenses: 
+- MIT
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: A fork to add some cool options to ssl_requirement
+test_files: []
+