RubyGems - lockdown - Versions diffs - 0.5.7 → 0.5.8 - Mend

lockdown 0.5.7 → 0.5.8

Files changed (10) hide show

data/History.txt CHANGED Viewed

@@ -1,3 +1,7 @@
+== 0.5.8 2008-06-17
+* Fixed: External links are no longer restricted by link_to security.
+* Modified: Name of migration that adds admin user.
 == 0.5.7 2008-06-13
 * Fixed: Change password template, removed ajax usage. Issue: http://stonean.com/issues/show/5

data/Manifest.txt CHANGED Viewed

@@ -49,7 +49,7 @@ rails_generators/lockdown/templates/app/views/users/edit.html.erb
 rails_generators/lockdown/templates/app/views/users/index.html.erb
 rails_generators/lockdown/templates/app/views/users/new.html.erb
 rails_generators/lockdown/templates/app/views/users/show.html.erb
-rails_generators/lockdown/templates/db/migrate/create_admin_user_and_user_group.rb
+rails_generators/lockdown/templates/db/migrate/create_admin_user.rb
 rails_generators/lockdown/templates/db/migrate/create_permissions.rb
 rails_generators/lockdown/templates/db/migrate/create_profiles.rb
 rails_generators/lockdown/templates/db/migrate/create_user_groups.rb

data/README.txt CHANGED Viewed

@@ -1,20 +1,20 @@
 = lockdown
-http://lockdown.rubyforge.org
+http://stonean.com/wiki/lockdown
 == DESCRIPTION:
-Lockdown is a authentication/authorization system for RubyOnRails and Merb.
+Lockdown is a authentication/authorization system for RubyOnRails. (Merb compatibility coming soon).
-For more information please visit the rubyforge site.
+For more information please visit stonean.com
 == REQUIREMENTS:
 Lockdown currently supports:
-Frameworks: RubyOnRails or Merb
+Frameworks: RubyOnRails
-ORMs: ActiveRecord or DataMapper
+ORMs: ActiveRecord
 == INSTALL:

data/lib/lockdown/controller.rb CHANGED Viewed

@@ -185,13 +185,17 @@ module Lockdown
             # continue on
           end
+          # Passing in different domain
+          return true if remote_url?(url_parts[2])
           false
         end
         def access_denied(e)
-					if Lockdown::System.fetch(:logout_on_access_violation)
-						reset_session
-					end
+          if Lockdown::System.fetch(:logout_on_access_violation)
+            reset_session
+          end
           respond_to do |accepts|
             accepts.html do
               store_location
@@ -209,7 +213,11 @@ module Lockdown
         def path_from_hash(hsh)
           hsh[:controller].to_s + "/" + hsh[:action].to_s
         end
+        def remote_url?(domain = nil)
+          return false if domain.nil? || domain.strip.length == 0
+          request.host.downcase != domain.downcase
+        end
       end # InstanceMethods
     end # Rails
   end # Controller

data/lib/lockdown/version.rb CHANGED Viewed

@@ -2,7 +2,7 @@ module Lockdown #:nodoc:
   module VERSION #:nodoc:
     MAJOR = 0
     MINOR = 5
-    TINY  = 7
+    TINY  = 8
     STRING = [MAJOR, MINOR, TINY].join('.')
   end

@@ -149,9 +149,9 @@ class LockdownGenerator < Rails::Generator::Base
     end
     begin
-      m.migration_template "db/migrate/create_admin_user_and_user_group.rb",
+      m.migration_template "db/migrate/create_admin_user.rb",
         "db/migrate",
-        :migration_file_name => "create_admin_user_and_user_group"
+        :migration_file_name => "create_admin_user"
     rescue
       puts "Admin User Group... migration exists"
     end

@@ -1,4 +1,4 @@
-class CreateAdminUserAndUserGroup < ActiveRecord::Migration
+class CreateAdminUser < ActiveRecord::Migration
   def self.up
 		# TODO: Change the password
     u = User.new(	:password => "password",

data/website/generator.html CHANGED Viewed

@@ -33,7 +33,7 @@
     <h1>Lockdown</h1>
     <div id="version" class="clickable" onclick='document.location = "http://rubyforge.org/projects/lockdown"; return false'>
       <p>Get Version</p>
-      <a href="http://rubyforge.org/projects/lockdown" class="numbers">0.5.7</a>
+      <a href="http://rubyforge.org/projects/lockdown" class="numbers">0.5.8</a>
     </div>
     <h2>What</h2>

data/website/index.html CHANGED Viewed

@@ -33,7 +33,7 @@
     <h1>Lockdown</h1>
     <div id="version" class="clickable" onclick='document.location = "http://rubyforge.org/projects/lockdown"; return false'>
       <p>Get Version</p>
-      <a href="http://rubyforge.org/projects/lockdown" class="numbers">0.5.7</a>
+      <a href="http://rubyforge.org/projects/lockdown" class="numbers">0.5.8</a>
     </div>
     <h2>What</h2>

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: lockdown
 version: !ruby/object:Gem::Version
-  version: 0.5.7
+  version: 0.5.8
 platform: ruby
 authors:
 - Andrew Stone
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2008-06-13 00:00:00 -04:00
+date: 2008-06-17 00:00:00 -04:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -88,7 +88,7 @@ files:
 - rails_generators/lockdown/templates/app/views/users/index.html.erb
 - rails_generators/lockdown/templates/app/views/users/new.html.erb
 - rails_generators/lockdown/templates/app/views/users/show.html.erb
-- rails_generators/lockdown/templates/db/migrate/create_admin_user_and_user_group.rb
+- rails_generators/lockdown/templates/db/migrate/create_admin_user.rb
 - rails_generators/lockdown/templates/db/migrate/create_permissions.rb
 - rails_generators/lockdown/templates/db/migrate/create_profiles.rb
 - rails_generators/lockdown/templates/db/migrate/create_user_groups.rb