lita 1.1.0 → 1.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f158cb443c81f822bc6d7e8c79686c2d88d4b54e
4
- data.tar.gz: 7b69a1cf250862ccfc8e14f6744d888aca82e4bb
3
+ metadata.gz: 84663df9e521122035bbb09de95d53157535a474
4
+ data.tar.gz: ce55f59a8ff5c6d11a3d27889cad9f663df3f073
5
5
  SHA512:
6
- metadata.gz: d789ea06b6c14ccbc872ff44ec44a4da8c395648e2617fb80f423022dfa1480c109a45981dbd4be6aed48d112908f476e42685cfbe2317c74d229a7f960f9161
7
- data.tar.gz: d5f90787d8903222cb433f8d065a0bccd2f2dc7edd7867acc4355d351352286d2876c48264745edd37fad2e861af4331ed24de97477bf95e313376b9fa3dad95
6
+ metadata.gz: 39470491c57e513f944a14aa6d42364d51a56db47035302012c4914d5b0227f2f31948db4c6f4fe785d3cbd38e4e40d00c79e2a2542c133d51edc4b2c0217d32
7
+ data.tar.gz: e1163b8a148943e0abc833044f4a8eb092c5c6a4d39e1d07d9a06dd891fe2ec04d51e2d838ecb21c72d114e029b86ce9b62419f96683c4d236f053a784f6d90d
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Changelog
2
2
 
3
+ ## 1.1.1 (June 23, 2013)
4
+
5
+ * Fixed broken internals in the authorization API. Auth commands will now correctly detect the user making the command and will normalize group names so that capitalization and white space don't matter.
6
+
3
7
  ## 1.1.0 (June 23, 2013)
4
8
 
5
9
  * Added a new configuration: `config.robot.mention_name`. This allows the display name of the robot `config.robot.name` to differ from the name Lita uses to detect a message as a command. For example, on HipChat, Lita's name might be displayed as "Lita Bot", but might be mentioned in messages with "LitaBot". This value will default to `config.robot.name` if not set.
@@ -1,18 +1,18 @@
1
1
  module Lita
2
2
  module Authorization
3
3
  class << self
4
- def add_user_to_group(user, group)
5
- return unless user_is_admin?(user)
6
- redis.sadd(group, user.id)
4
+ def add_user_to_group(requesting_user, user, group)
5
+ return :unauthorized unless user_is_admin?(requesting_user)
6
+ redis.sadd(normalize_group(group), user.id)
7
7
  end
8
8
 
9
- def remove_user_from_group(user, group)
10
- return unless user_is_admin?(user)
11
- redis.srem(group, user.id)
9
+ def remove_user_from_group(requesting_user, user, group)
10
+ return :unauthorized unless user_is_admin?(requesting_user)
11
+ redis.srem(normalize_group(group), user.id)
12
12
  end
13
13
 
14
14
  def user_in_group?(user, group)
15
- redis.sismember(group, user.id)
15
+ redis.sismember(normalize_group(group), user.id)
16
16
  end
17
17
 
18
18
  def user_is_admin?(user)
@@ -21,6 +21,10 @@ module Lita
21
21
 
22
22
  private
23
23
 
24
+ def normalize_group(group)
25
+ group.to_s.downcase.strip
26
+ end
27
+
24
28
  def redis
25
29
  @redis ||= Redis::Namespace.new("auth", redis: Lita.redis)
26
30
  end
@@ -16,7 +16,10 @@ module Lita
16
16
  def add(matches)
17
17
  return unless valid_message?
18
18
 
19
- if Lita::Authorization.add_user_to_group(@user, @group)
19
+ case Lita::Authorization.add_user_to_group(user, @user, @group)
20
+ when :unauthorized
21
+ reply "Only administrators can add users to groups."
22
+ when true
20
23
  reply "#{@user.name} was added to #{@group}."
21
24
  else
22
25
  reply "#{@user.name} was already in #{@group}."
@@ -26,7 +29,10 @@ module Lita
26
29
  def remove(matches)
27
30
  return unless valid_message?
28
31
 
29
- if Lita::Authorization.remove_user_from_group(@user, @group)
32
+ case Lita::Authorization.remove_user_from_group(user, @user, @group)
33
+ when :unauthorized
34
+ reply "Only administrators can remove users from groups."
35
+ when true
30
36
  reply "#{@user.name} was removed from #{@group}."
31
37
  else
32
38
  reply "#{@user.name} was not in #{@group}."
data/lib/lita/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Lita
2
- VERSION = "1.1.0"
2
+ VERSION = "1.1.1"
3
3
  end
@@ -1,46 +1,63 @@
1
1
  require "spec_helper"
2
2
 
3
3
  describe Lita::Authorization, lita: true do
4
- let(:user) do
5
- user = double("User")
6
- allow(user).to receive(:id).and_return("1")
7
- user
4
+ let(:requesting_user) { double("Lita::User", id: "1") }
5
+ let(:user) { double("Lita::User", id: "2") }
6
+
7
+ before do
8
+ Lita.config.robot.admins = ["1"]
8
9
  end
9
10
 
10
11
  describe ".add_user_to_group" do
11
12
  it "adds users to an auth group" do
12
- allow(described_class).to receive(:user_is_admin?).and_return(true)
13
- described_class.add_user_to_group(user, "employees")
13
+ described_class.add_user_to_group(requesting_user, user, "employees")
14
14
  expect(described_class.user_in_group?(user, "employees")).to be_true
15
15
  end
16
16
 
17
17
  it "can only be called by admins" do
18
- allow(described_class).to receive(:user_is_admin?).and_return(false)
19
- described_class.add_user_to_group(user, "employees")
18
+ Lita.config.robot.admins = nil
19
+ result = described_class.add_user_to_group(
20
+ requesting_user,
21
+ user,
22
+ "employees"
23
+ )
24
+ expect(result).to eq(:unauthorized)
20
25
  expect(described_class.user_in_group?(user, "employees")).to be_false
21
26
  end
27
+
28
+ it "normalizes the group name" do
29
+ described_class.add_user_to_group(requesting_user, user, "eMPLoYeeS")
30
+ expect(described_class.user_in_group?(user, " EmplOyEEs ")).to be_true
31
+ end
22
32
  end
23
33
 
24
34
  describe ".remove_user_from_group" do
25
35
  it "removes users from an auth group" do
26
- allow(described_class).to receive(:user_is_admin?).and_return(true)
27
- described_class.add_user_to_group(user, "employees")
28
- described_class.remove_user_from_group(user, "employees")
36
+ described_class.add_user_to_group(requesting_user, user, "employees")
37
+ described_class.remove_user_from_group(requesting_user, user, "employees")
29
38
  expect(described_class.user_in_group?(user, "employees")).to be_false
30
39
  end
31
40
 
32
41
  it "can only be called by admins" do
33
- allow(described_class).to receive(:user_is_admin?).and_return(true)
34
- described_class.add_user_to_group(user, "employees")
35
- allow(described_class).to receive(:user_is_admin?).and_return(false)
36
- described_class.remove_user_from_group(user, "employees")
42
+ described_class.add_user_to_group(requesting_user, user, "employees")
43
+ Lita.config.robot.admins = nil
44
+ result = described_class.remove_user_from_group(
45
+ requesting_user,
46
+ user,
47
+ "employees"
48
+ )
49
+ expect(result).to eq(:unauthorized)
37
50
  expect(described_class.user_in_group?(user, "employees")).to be_true
38
51
  end
52
+
53
+ it "normalizes the group name" do
54
+ described_class.add_user_to_group(requesting_user, user, "eMPLoYeeS")
55
+ described_class.remove_user_from_group(requesting_user, user, "EmployeeS")
56
+ expect(described_class.user_in_group?(user, " EmplOyEEs ")).to be_false
57
+ end
39
58
  end
40
59
 
41
60
  describe ".user_in_group?" do
42
- # Positive case is covered by .add_user_to_group's example.
43
-
44
61
  it "returns false if the user is in the group" do
45
62
  expect(described_class.user_in_group?(user, "employees")).to be_false
46
63
  end
@@ -48,8 +65,7 @@ describe Lita::Authorization, lita: true do
48
65
 
49
66
  describe ".user_is_admin?" do
50
67
  it "returns true if the user's ID is in the config" do
51
- Lita.config.robot.admins = "1"
52
- expect(described_class.user_is_admin?(user)).to be_true
68
+ expect(described_class.user_is_admin?(requesting_user)).to be_true
53
69
  end
54
70
 
55
71
  it "returns false if the user's ID is not in the config" do
@@ -1,7 +1,14 @@
1
1
  require "spec_helper"
2
2
 
3
3
  describe Lita::Handlers::Authorization, lita: true do
4
- before { allow(robot).to receive(:send_messages) }
4
+ before do
5
+ allow(robot).to receive(:send_messages)
6
+ allow(Lita::Authorization).to receive(:user_is_admin?).with(
7
+ user
8
+ ).and_return(true)
9
+ end
10
+
11
+ let(:target_user) { double("Lita::User", id: "1", name: "Carl") }
5
12
 
6
13
  it { routes("#{robot.name}: auth add foo bar").to(:add) }
7
14
  it { routes("#{robot.name}: auth add foo@bar.com baz").to(:add) }
@@ -15,10 +22,6 @@ describe Lita::Handlers::Authorization, lita: true do
15
22
  end
16
23
 
17
24
  describe "#add" do
18
- before do
19
- allow(Lita::Authorization).to receive(:user_is_admin?).and_return(true)
20
- end
21
-
22
25
  it "replies with the proper format if the require commands are missing" do
23
26
  expect_reply(/^Format:/)
24
27
  send_test_message("#{robot.name}: auth add foo")
@@ -29,41 +32,51 @@ describe Lita::Handlers::Authorization, lita: true do
29
32
  send_test_message("#{robot.name}: auth add foo bar")
30
33
  end
31
34
 
32
- it "replies with success if the valid user ID and group were supplied" do
33
- allow(Lita::User).to receive(:find_by_id).and_return(user)
34
- expect_reply("#{user.name} was added to bar.")
35
+ it "replies with success if a valid user and group were supplied" do
36
+ allow(Lita::User).to receive(:find_by_id).and_return(target_user)
37
+ expect_reply("#{target_user.name} was added to bar.")
35
38
  send_test_message("#{robot.name}: auth add foo bar")
36
39
  end
37
40
 
38
- it "replies with success if the valid user ID and group were supplied" do
39
- allow(Lita::User).to receive(:find_by_name).and_return(user)
40
- expect_reply("#{user.name} was added to bar.")
41
+ it "replies with a warning if the user was already in the group" do
42
+ allow(Lita::User).to receive(:find_by_id).and_return(target_user)
43
+ send_test_message("#{robot.name}: auth add foo bar")
44
+ expect_reply("#{target_user.name} was already in bar.")
41
45
  send_test_message("#{robot.name}: auth add foo bar")
42
46
  end
43
47
 
44
- it "replies with a warning if the user was already in the group" do
45
- allow(Lita::User).to receive(:find_by_id).and_return(user)
46
- send_test_message("#{robot.name}: auth add foo bar")
47
- expect_reply("#{user.name} was already in bar.")
48
+ it "replies with a warning if the requesting user is not an admin" do
49
+ allow(Lita::User).to receive(:find_by_id).and_return(target_user)
50
+ allow(Lita::Authorization).to receive(:user_is_admin?).with(
51
+ user
52
+ ).and_return(false)
53
+ expect_reply(/Only administrators can add/)
48
54
  send_test_message("#{robot.name}: auth add foo bar")
49
55
  end
50
56
  end
51
57
 
52
58
  describe "#remove" do
53
59
  before do
54
- allow(Lita::Authorization).to receive(:user_is_admin?).and_return(true)
55
- allow(Lita::User).to receive(:find_by_id).and_return(user)
60
+ allow(Lita::User).to receive(:find_by_id).and_return(target_user)
56
61
  send_test_message("#{robot.name}: auth add foo bar")
57
62
  end
58
63
 
59
- it "replies with success if the valid user ID and group were supplied" do
60
- expect_reply("#{user.name} was removed from bar.")
64
+ it "replies with success if a valid user and group were supplied" do
65
+ expect_reply("#{target_user.name} was removed from bar.")
61
66
  send_test_message("#{robot.name}: auth remove foo bar")
62
67
  end
63
68
 
64
69
  it "replies with a warning if the user was already in the group" do
65
70
  send_test_message("#{robot.name}: auth remove foo bar")
66
- expect_reply("#{user.name} was not in bar.")
71
+ expect_reply("#{target_user.name} was not in bar.")
72
+ send_test_message("#{robot.name}: auth remove foo bar")
73
+ end
74
+
75
+ it "replies with a warning if the requesting user is not an admin" do
76
+ allow(Lita::Authorization).to receive(:user_is_admin?).with(
77
+ user
78
+ ).and_return(false)
79
+ expect_reply(/Only administrators can remove/)
67
80
  send_test_message("#{robot.name}: auth remove foo bar")
68
81
  end
69
82
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lita
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 1.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jimmy Cuadra