has_secure_attribute 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 21d52ef0208b3210f48d7968e7f28b608039353f
-  data.tar.gz: 283b78f054f1610670abebc05b7a280a42c693bd
+  metadata.gz: 9365979f3bd3c6800d9815e398ac86e02f7f4b41
+  data.tar.gz: 4ccae4ca00ef2afbc27e76b1a972c6018424a1c8
 SHA512:
-  metadata.gz: 427ce061b78c731ade3192481bde53975f5fffd3f88d0dac299ae99e4de2fc6d409c5aa5faafd82392055369c6b7cee693d8cffe73f532f2070d1b11eb820fce
-  data.tar.gz: 687b7590e7250bad4ca8214c42834073e21703249625f41279bd90c9cafec56f36e9ec4b98a27a3d9cc5d0276093382a5df0859cd407868e5ecfebe394b90ea8
+  metadata.gz: 7554a58cdbf1569be7aba7b2a0a58304764f153807aa4e561f88245c6bfbd394548dfedee91c0188b2b0f6be3dfaa98a87e7a4cffbdd47cff882394a96b0d6eb
+  data.tar.gz: 9baf44120d62ebc15e3d1b1f30d5fadabcfcfa4e3b285f67b7afe989169ebe649d4abccd7294c176b29cca4177b2146baf17fd6ecdda6451b70c5273c50ec73e

data/README.md

@@ -29,14 +29,15 @@ In the above example:
 * Your should have a `users` table that has one column: `security_answer_digest`.
 * It creates a reader: `security_answer`.
 * It creates a writer: `security_answer=(value)` which basically saves the security answer given into the database on column `security_answer_digest` but is saves it encrypted.
-* It adds some validations (if you want to avoid having these validations: `has_secure_security_answer :validations => false`).
+* It adds some validations (if you want to avoid having these validations: `has_secure_security_answer validations: false`).
   * It creates a confirmation validation on `security_answer` but only if `security_answer` is given (for confirmation validations see [this](http://http://guides.rubyonrails.org/active_record_validations.html#confirmation)).
   * It creates a presence validation on `security_answer` but only on create.
   * It creates a presence validation on `security_answer_confirmation` but only if `security_answer` has been given.
   * It raises an exception if `security_answer_digest` is empty on create.
 * It defines the method `authenticate_security_answer(answer_to_authenticate)` which returns `false` if the answer given does not correspond to the saved digest, or returns the object instance itself if it does.
 
-__Case Insensitive Values__: you can pass `case_insensitive => false` if you want to handle values that match even if they differ on case. Then, `answer` will match `Answer`, for example.
+__Case Insensitive Values__: you can do `has_secure_security_answer case_insensitive: false` if you want to handle values that match even if they differ on case. Then, `answer` will match `Answer`, for example.
+__Do not use confirmation__: you can do `has_secure_security_answer confirm: false` if you do not want to have confirmation attribute for the attribute you are securing.
 
 Do you want to test it?
 ------------------------

data/lib/active_model/secure_attribute/has_secure_attribute.rb

@@ -21,12 +21,11 @@ module ActiveModel
       def has_secure_attribute(meth, *args, &block)
         attribute_sym = meth.to_sym
         attr_reader attribute_sym # setter is defined later on
-        options = {validations: true, protect_setter_for_digest: false, case_sensitive: true}
+        options = {validations: true, protect_setter_for_digest: false, case_sensitive: true, confirmation: true}
         options.merge! args[0] unless args.blank?
         if options[:validations]
-          validates attribute_sym,                          confirmation: true, if: lambda { |m| m.send(attribute_sym).present? }
-          validates attribute_sym,                          presence: true,     on: :create
-          validates "#{attribute_sym}_confirmation".to_sym, presence: true,     if: lambda { |m| m.send(attribute_sym).present? }
+          confirm attribute_sym if options[:confirmation]
+          validates attribute_sym, presence: true,     on: :create
           before_create { raise "#{attribute_sym}_digest missing on new record" if send("#{attribute_sym}_digest").blank? }
         end
 
@@ -36,6 +35,11 @@ module ActiveModel
         define_authenticate_method(attribute_sym, options)
       end
 
+      def confirm(attribute_sym)
+        validates attribute_sym,                          confirmation: true, if: lambda { |m| m.send(attribute_sym).present? }
+        validates "#{attribute_sym}_confirmation".to_sym, presence: true,     if: lambda { |m| m.send(attribute_sym).present? }
+      end
+
       def define_setter(attribute_sym, options)
         define_method "#{attribute_sym.to_s}=" do |unencrypted_value|
           unless unencrypted_value.blank?
@@ -60,6 +64,7 @@ module ActiveModel
       end
 
       protected :has_secure_attribute
+      protected :confirm
       protected :define_setter
       protected :protect_setter_for_digest
       protected :define_authenticate_method

data/lib/has_secure_attribute/version.rb

@@ -1,3 +1,3 @@
 module HasSecureAttribute
-  VERSION = "0.2.0"
+  VERSION = "0.3.0"
 end

data/spec/factories/test_model_with_attributes.rb

@@ -33,4 +33,12 @@ FactoryGirl.define do
     security_answer 'answer'
     security_answer_confirmation 'answer'
   end
+
+  factory :test_model_with_attribute_disable_confirmation do
+    username 'username_protect'
+    password 'password'
+    password_confirmation 'password'
+    security_question 'question'
+    security_answer 'answer'
+  end
 end

data/spec/models/has_secure_attribute_spec.rb

@@ -171,3 +171,14 @@ describe TestModelWithAttributeWithCaseSensitive do
     t.authenticate_security_answer('answer').should eq t
   end
 end
+
+describe TestModelWithAttributeDisableConfirmation do
+  it { should_not respond_to(:security_answer_confirmation)  }
+  it { should_not respond_to(:security_answer_confirmation=) }
+  it 'should allow to create and save without any confirmation on security answer' do
+    t = FactoryGirl.create :test_model_with_attribute_disable_confirmation, security_answer: 'Answer'
+    t.save!
+    t.authenticate_security_answer('another answer').should be_false
+    t.authenticate_security_answer('Answer').should eq t
+  end
+end

data/spec/models/test_model_with_attribute_disable_confirmation.rb

@@ -0,0 +1,8 @@
+class TestModelWithAttributeDisableConfirmation < ActiveRecord::Base
+  self.table_name = "test_model_with_attributes"
+  has_secure_password
+  has_secure_security_answer confirmation: false
+
+  validates :username,          presence: true, uniqueness: {case_sensitive: false}
+  validates :security_question, presence: true
+end

data/spec/spec_helper.rb

@@ -8,6 +8,7 @@ require File.expand_path("../models/test_model_with_attribute", __FILE__)
 require File.expand_path("../models/test_model_with_attribute_no_validation", __FILE__)
 require File.expand_path("../models/test_model_with_attribute_protect_setter_for_digest", __FILE__)
 require File.expand_path("../models/test_model_with_attribute_with_case_sensitive", __FILE__)
+require File.expand_path("../models/test_model_with_attribute_disable_confirmation", __FILE__)
 
 require 'factory_girl'
 FactoryGirl.find_definitions

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: has_secure_attribute
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Panayotis Matsinopoulos
@@ -125,6 +125,7 @@ files:
 - spec/models/has_secure_attribute_spec.rb
 - spec/models/test_model_with_attribute_no_validation.rb
 - spec/models/test_model_with_attribute_protect_setter_for_digest.rb
+- spec/models/test_model_with_attribute_disable_confirmation.rb
 - spec/models/test_model_with_attribute.rb
 - spec/models/test_model_with_attribute_with_case_sensitive.rb
 - spec/db/migrate/db_helper.rb