lockdown 1.0.3 → 1.0.4
Sign up to get free protection for your applications and to get access to all the features.
@@ -19,8 +19,10 @@ module Lockdown
|
|
19
19
|
store_location
|
20
20
|
end
|
21
21
|
|
22
|
+
# Basic auth functionality needs to be reworked as
|
23
|
+
# Lockdown doesn't provide authentication functionality.
|
22
24
|
def set_current_user
|
23
|
-
login_from_basic_auth? unless logged_in?
|
25
|
+
#login_from_basic_auth? unless logged_in?
|
24
26
|
if logged_in?
|
25
27
|
Thread.current[:who_did_it] = Lockdown::System.
|
26
28
|
call(self, :who_did_it)
|
@@ -66,10 +66,10 @@ module Lockdown
|
|
66
66
|
# cache_classes is true in production and testing, need to
|
67
67
|
# modify the ApplicationController
|
68
68
|
def controller_parent
|
69
|
-
if ::Rails.
|
70
|
-
ActionController::Base
|
71
|
-
else
|
69
|
+
if ::Rails.configuration.cache_classes
|
72
70
|
ApplicationController
|
71
|
+
else
|
72
|
+
ActionController::Base
|
73
73
|
end
|
74
74
|
end
|
75
75
|
|
data/lib/lockdown.rb
CHANGED
@@ -88,7 +88,7 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
|
|
88
88
|
|
89
89
|
describe "#path_allowed" do
|
90
90
|
it "should return false for an invalid path" do
|
91
|
-
@controller.path_allowed
|
91
|
+
@controller.send(:path_allowed?,"/no/good").should be_false
|
92
92
|
end
|
93
93
|
end
|
94
94
|
|
@@ -96,7 +96,7 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
|
|
96
96
|
it "should set expiry if null" do
|
97
97
|
Lockdown::System.stub!(:fetch).with(:session_timeout).and_return(10)
|
98
98
|
@session[:expiry_time].should be_nil
|
99
|
-
@controller.check_session_expiry
|
99
|
+
@controller.send(:check_session_expiry)
|
100
100
|
@session[:expiry_time].should_not be_nil
|
101
101
|
end
|
102
102
|
end
|
@@ -108,7 +108,7 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
|
|
108
108
|
@controller.stub!(:request).and_return(request)
|
109
109
|
|
110
110
|
@controller.stub!(:sent_from_uri).and_return("/blop")
|
111
|
-
@controller.store_location
|
111
|
+
@controller.send(:store_location)
|
112
112
|
|
113
113
|
@session[:prevpage].should == ''
|
114
114
|
@session[:thispage].should == '/blop'
|
@@ -122,7 +122,7 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
|
|
122
122
|
|
123
123
|
@controller.stub!(:request).and_return(request)
|
124
124
|
|
125
|
-
@controller.sent_from_uri.should == "/blip"
|
125
|
+
@controller.sent(:sent_from_uri).should == "/blip"
|
126
126
|
end
|
127
127
|
end
|
128
128
|
|
@@ -146,20 +146,20 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
|
|
146
146
|
end
|
147
147
|
|
148
148
|
it "should return false if url is nil" do
|
149
|
-
@controller.authorized
|
149
|
+
@controller.send(:authorized?,nil).should be_false
|
150
150
|
end
|
151
151
|
|
152
152
|
it "should return true if current_user_is_admin" do
|
153
153
|
@controller.stub!(:current_user_is_admin?).and_return(true)
|
154
|
-
@controller.authorized
|
154
|
+
@controller.send(:authorized?,@a_path).should be_true
|
155
155
|
end
|
156
156
|
|
157
157
|
it "should return false if path not in access_rights" do
|
158
|
-
@controller.authorized
|
158
|
+
@controller.send(:authorized?,@a_path).should be_false
|
159
159
|
end
|
160
160
|
|
161
161
|
it "should return true if path is in access_rights" do
|
162
|
-
@controller.authorized
|
162
|
+
@controller.send(:authorized?,@sample_url).should be_true
|
163
163
|
end
|
164
164
|
|
165
165
|
end
|
@@ -170,34 +170,34 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
|
|
170
170
|
describe "#path_from_hash" do
|
171
171
|
it "should return controller/action string" do
|
172
172
|
hash = {:controller => "users", :action => "show", :id => "1"}
|
173
|
-
@controller.path_from_hash
|
173
|
+
@controller.send(:path_from_hash,hash).should == "users/show"
|
174
174
|
end
|
175
175
|
end
|
176
176
|
|
177
177
|
describe "#remote_url?" do
|
178
178
|
it "should return false if domain is nil" do
|
179
|
-
@controller.remote_url
|
179
|
+
@controller.send(:remote_url?).should be_false
|
180
180
|
end
|
181
181
|
|
182
182
|
it "should return false if domain matches request domain" do
|
183
183
|
request = mock("request")
|
184
184
|
request.stub!(:host).and_return("stonean.com")
|
185
185
|
@controller.stub!(:request).and_return(request)
|
186
|
-
@controller.remote_url
|
186
|
+
@controller.send(:remote_url?,"stonean.com").should be_false
|
187
187
|
end
|
188
188
|
|
189
189
|
it "should return true if subdomain differs" do
|
190
190
|
request = mock("request")
|
191
191
|
request.stub!(:host).and_return("blog.stonean.com")
|
192
192
|
@controller.stub!(:request).and_return(request)
|
193
|
-
@controller.remote_url
|
193
|
+
@controller.send(:remote_url?,"stonean.com").should be_true
|
194
194
|
end
|
195
195
|
|
196
196
|
it "should return true if host doesn't match domain" do
|
197
197
|
request = mock("request")
|
198
198
|
request.stub!(:host).and_return("stonean.com")
|
199
199
|
@controller.stub!(:request).and_return(request)
|
200
|
-
@controller.remote_url
|
200
|
+
@controller.send(:remote_url?,"google.com").should be_true
|
201
201
|
end
|
202
202
|
end
|
203
203
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: lockdown
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Stone
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2009-07-
|
12
|
+
date: 2009-07-22 00:00:00 -04:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
@@ -128,7 +128,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements: []
|
129
129
|
|
130
130
|
rubyforge_project: lockdown
|
131
|
-
rubygems_version: 1.3.
|
131
|
+
rubygems_version: 1.3.5
|
132
132
|
signing_key:
|
133
133
|
specification_version: 3
|
134
134
|
summary: Lockdown is an authorization system for RubyOnRails (ver >= 2
|