lockdown 2.0.2 → 2.0.3

Sign up to get free protection for your applications and to get access to all the features.
@@ -24,7 +24,7 @@ module Lockdown
24
24
 
25
25
  # @return the version string for the library.
26
26
  def version
27
- '2.0.2'
27
+ '2.0.3'
28
28
  end
29
29
 
30
30
  def rails_mixin
@@ -16,8 +16,8 @@ module Lockdown
16
16
 
17
17
  path += "/" unless path =~ /\/$/
18
18
  path = "/" + path unless path =~ /^\//
19
-
20
- if access_rights_regex =~ path
19
+
20
+ if (access_rights_regex =~ path) == 0
21
21
  return true
22
22
  end
23
23
 
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{lockdown}
8
- s.version = "2.0.2"
8
+ s.version = "2.0.3"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Andrew Stone"]
12
- s.date = %q{2010-09-21}
12
+ s.date = %q{2010-09-22}
13
13
  s.description = %q{Restrict access to your controller actions. }
14
14
  s.email = %q{andy@stonean.com}
15
15
  s.extra_rdoc_files = [
@@ -1,5 +1,6 @@
1
1
  # encoding: utf-8
2
2
 
3
+ require 'rubygems'
3
4
  require 'minitest/unit'
4
5
 
5
6
  MiniTest::Unit.autorun
@@ -187,6 +187,38 @@ class TestLockdown < MiniTest::Unit::TestCase
187
187
 
188
188
  assert_equal false, Lockdown::Delivery.allowed?('/users/', Lockdown::Configuration.authenticated_access)
189
189
  assert_equal false, Lockdown::Delivery.allowed?('/users', Lockdown::Configuration.authenticated_access)
190
+ end
191
+
192
+ def test_it_handles_namespaced_routes_correctly
193
+ Authorization.permission :posts
194
+ Authorization.permission :users
195
+ Authorization.public_access :posts, :users
196
+
197
+ Authorization.permission :protected_users do
198
+ resource 'nested/users'
199
+ end
200
+ Authorization.protected_access :protected_users
201
+
202
+ assert_equal true, Lockdown::Delivery.allowed?('/users')
203
+
204
+ assert_equal false, Lockdown::Delivery.allowed?('/nested/users')
205
+
206
+ assert_equal true, Lockdown::Delivery.allowed?('/users', Lockdown::Configuration.authenticated_access)
207
+ assert_equal true, Lockdown::Delivery.allowed?('/nested/users', Lockdown::Configuration.authenticated_access)
208
+ end
209
+
210
+ def test_it_matches_exact_paths_only
211
+ Authorization.permission :users
212
+ Authorization.public_access :users
213
+
214
+ Authorization.permission :users_that_should_be_protected
215
+ Authorization.protected_access :users_that_should_be_protected
216
+
217
+ assert_equal true, Lockdown::Delivery.allowed?('/users')
218
+
219
+ assert_equal false, Lockdown::Delivery.allowed?('/users_that_should_be_protected')
190
220
 
221
+ assert_equal true, Lockdown::Delivery.allowed?('/users', Lockdown::Configuration.authenticated_access)
222
+ assert_equal true, Lockdown::Delivery.allowed?('/users_that_should_be_protected', Lockdown::Configuration.authenticated_access)
191
223
  end
192
224
  end
metadata CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 2
7
7
  - 0
8
- - 2
9
- version: 2.0.2
8
+ - 3
9
+ version: 2.0.3
10
10
  platform: ruby
11
11
  authors:
12
12
  - Andrew Stone
@@ -14,7 +14,7 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2010-09-21 00:00:00 -04:00
17
+ date: 2010-09-22 00:00:00 -04:00
18
18
  default_executable:
19
19
  dependencies: []
20
20