matthewtodd-has_digest 0.1.0

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2008 [name of plugin creator]
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,55 @@
+=HasDigest
+
+HasDigest is an +ActiveRecord+ macro that makes it easy to write things like encrypted passwords and api tokens +before_save+. Digest attributes may either stand alone or depend on the values of other attributes. Digests with dependencies are also magically salted for models having a +salt+ attribute.
+
+See the documentation for the +has_digest+ method for options.
+
+
+==Installation
+
+As a gem:
+
+  config.gem 'matthewtodd-has_digest', :lib => 'has_digest', :source => 'http://gems.github.com'
+
+As a plugin:
+
+  script/plugin install git://github.com/matthewtodd/has_digest.git
+
+
+==Usage
+
+In your model:
+
+  class User < ActiveRecord::Base
+    has_digest :encrypted_password, :depends => :password
+  end
+
+In your migrations:
+
+  class CreateUsers < ActiveRecord::Migration
+    def self.up
+      create_table :users do |t|
+        t.string :salt, :encrypted_password, :limit => 40
+      end
+    end
+
+    def self.down
+      drop_table :users
+    end
+  end
+
+In your tests:
+
+  class UserTest < ActiveSupport::TestCase
+    should_have_digest :encrypted_password, :depends => :password
+  end
+
+Back in your model:
+
+  class User < ActiveRecord::Base
+    def authenticate(password)
+      encrypted_password == digest(salt, password)
+    end
+  end
+
+Copyright (c) 2008 Matthew Todd, released under the MIT license

data/init.rb

@@ -0,0 +1 @@
+require 'has_digest'

data/lib/has_digest.rb

@@ -0,0 +1,132 @@
+require 'digest/sha1'
+
+module HasDigest
+  def self.included(base) # :nodoc:
+    base.before_save :generate_has_digest_attributes
+    base.extend(ClassMethods)
+  end
+
+  # Returns a 40-character hexadecimal token. When no +values+ are given, the
+  # token is seeded with a randomized form of the current time. When +values+
+  # are given, the token is seeded with them instead, unless any of them
+  # evaluate to +false+, in which case the returned token is +nil+.
+  #
+  # +digest+ is available as an instance method on any of your +ActiveRecord+ models, so you can use it as needed. For example:
+  #   class User < ActiveRecord::Base
+  #     def authenticate(password)
+  #       encrypted_password == digest(salt, password)
+  #     end
+  #   end
+  def digest(*values)
+    if values.empty?
+      Digest::SHA1.hexdigest(Time.now.to_default_s.split(//).sort_by { Kernel.rand }.join)
+    elsif values.all?
+      Digest::SHA1.hexdigest("--#{values.join('--')}--")
+    else
+      nil
+    end
+  end
+
+  def generate_has_digest_attributes # :nodoc:
+    if new_record?
+      if attribute_names.include?('salt')
+        self[:salt] = digest
+      end
+
+      self.class.standalone_has_digest_attributes.each do |name, options|
+        self[name] = digest
+      end
+    end
+
+    lookup_value = lambda { |dependency| send(dependency) }
+    self.class.dependent_has_digest_attributes.each do |name, options|
+      dependencies           = options[:dependencies]
+      synthetic_dependencies = options[:synthetic_dependencies]
+
+      if synthetic_dependencies.all?(&lookup_value)
+        self[name] = digest(*dependencies.map(&lookup_value))
+      end
+    end
+  end
+
+  module ClassMethods
+    # Gives the class it is called on a +before_save+ callback that writes a
+    # 40-character hexadecimal string into the given +attribute+. The
+    # generated string may depend on other (possibly synthetic) attributes of
+    # the model, being automatically regenerated when they change. One key is
+    # supported in the +options+ hash:
+    # * +depends+: either a single attribute name or a list of attribute
+    #   names. If any of these values change, +attribute+ will be re-written.
+    #   Setting any (non-synthetic) one of these attributes to +nil+ will
+    #   effectively also set +attribute+ to +nil+.
+    #
+    # ===Magic Salting
+    # If the model in question has a +salt+ attribute, its +salt+ be
+    # automatically populated on create and automatically mixed into any
+    # digests with dependencies on other attributes, saving you a little bit
+    # of work when dealing with passwords.
+    #
+    # ===Magic Synthetic Attributes
+    # If the model in question doesn't have a database column for one of your
+    # digest dependencies, an +attr_accessor+ for that synthetic dependency
+    # will be created automatically. For example, if you write <tt>has_digest
+    # :encrypted_password, :depends => :password</tt> and don't have a
+    # +password+ column for your model, the +attr_accessor+ for +password+
+    # will be automatically created, saving you a redundant line of code.
+    #
+    # ===Examples
+    #   # token will be generated on create
+    #   class Order < ActiveRecord::Base
+    #     has_digest :token
+    #   end
+    #
+    #   # encrypted_password will be generated on save whenever @password is not nil
+    #   # (Automatically calls attr_accessor :password.)
+    #   class User < ActiveRecord::Base
+    #     has_digest :encrypted_password, :depends => :password
+    #   end
+    #
+    #   # remember_me_token will be generated on save whenever login or remember_me_until have changed.
+    #   # User.update_attributes(:remember_me_until => nil) will set remember_me_token to nil.
+    #   class User < ActiveRecord::Base
+    #     has_digest :remember_me_token, :depends => [:login, :remember_me_until]
+    #   end
+    #
+    #   # api_token will be blank until user.update_attributes(:generate_api_token => true).
+    #   # (Automatically calls attr_accessor :generate_api_token.)
+    #   class User < ActiveRecord::Base
+    #     has_digest :api_token, :depends => :generate_api_token
+    #   end
+    def has_digest(attribute, options = {})
+      options.assert_valid_keys(:depends)
+
+      if options[:depends]
+        dependencies = []
+        dependencies << :salt if column_names.include?('salt')
+        dependencies << options[:depends]
+        dependencies.flatten!
+
+        synthetic_dependencies = dependencies - column_names.map(&:to_sym)
+        synthetic_dependencies.each { |name| attr_accessor name }
+
+        write_inheritable_hash :has_digest_attributes, attribute => { :dependencies => dependencies, :synthetic_dependencies => synthetic_dependencies }
+      else
+        write_inheritable_hash :has_digest_attributes, attribute => {}
+      end
+    end
+
+    def has_digest_attributes # :nodoc:
+      read_inheritable_attribute(:has_digest_attributes) || write_inheritable_attribute(:has_digest_attributes, {})
+    end
+
+    def dependent_has_digest_attributes # :nodoc:
+      has_digest_attributes.reject { |name, options| !options.has_key?(:dependencies) }
+    end
+
+    def standalone_has_digest_attributes # :nodoc:
+      has_digest_attributes.reject { |name, options| options.has_key?(:dependencies) }
+    end
+  end
+end
+
+ActiveRecord::Base.send(:include, HasDigest)

data/shoulda_macros/has_digest.rb

@@ -0,0 +1,35 @@
+module HasDigest
+  module Shoulda
+    # Asserts that <tt>has_digest :name</tt> has been called with the given
+    # options, and that the necessary database columns are present. +options+
+    # may contain two keys:
+    # * +depends+: either a single attribute name or an array of attribtues
+    #   names. (Specifying <tt>:salt</tt> here is unnecessary.)
+    # * +limit+: if your db column for the given digest doesn't have
+    #   <tt>:limit => 40</tt>, you may specify its size here.
+    def should_have_digest(name, options = {})
+      options.assert_valid_keys(:depends, :limit)
+
+      context "#{model_class.name} with has_digest :#{name}" do
+        should_have_db_column name, :type => :string, :limit => (options[:limit] || 40)
+
+        should "generate digest for :#{name}" do
+          assert_not_nil self.class.model_class.has_digest_attributes[name]
+        end
+
+        if options[:depends]
+          dependencies = options[:depends]
+          dependencies = [dependencies] unless dependencies.respond_to?(:each)
+          dependencies.unshift(:salt) if model_class.column_names.include?('salt')
+
+          should "generate digest for :#{name} from #{dependencies.to_sentence}" do
+            attributes = self.class.model_class.has_digest_attributes[name] || {}
+            assert_equal dependencies, attributes[:dependencies]
+          end
+        end
+      end
+    end
+  end
+end
+
+Test::Unit::TestCase.extend(HasDigest::Shoulda)

data/test/has_digest_test.rb

@@ -0,0 +1,123 @@
+require File.join(File.dirname(__FILE__), 'test_helper')
+
+class HasDigestTest < Test::Unit::TestCase
+  context 'Model with a standalone digest' do
+    setup do
+      @klass = model_with_attributes(:token) do
+        has_digest :token
+      end
+    end
+
+    context 'instance' do
+      setup { @instance = @klass.new }
+
+      context 'save' do
+        setup { @instance.save }
+        should_change '@instance.token', :to => /^\w{40}$/
+
+        context 'save again' do
+          setup { @instance.save }
+          should_not_change '@instance.token'
+        end
+      end
+
+      should 'not rely on the default date format' do
+        default = Time::DATE_FORMATS[:default]
+        Time::DATE_FORMATS[:default] = '.'
+        begin
+          assert_unique((1..1000).collect { @instance.digest })
+        ensure
+          Time::DATE_FORMATS[:default] = default
+        end
+      end
+    end
+  end
+
+  context 'Model with a single-attribute-based digest' do
+    setup do
+      @klass = model_with_attributes(:encrypted_password) do
+        has_digest :encrypted_password, :depends => :password
+      end
+    end
+
+    context 'saved instance' do
+      setup { @instance = @klass.create(:password => 'PASSWORD') }
+
+      should 'have digested attribute' do
+        assert_not_nil @instance.encrypted_password
+      end
+
+      context 'saved again' do
+        setup { @instance.save }
+        should_not_change '@instance.encrypted_password'
+      end
+
+      context 'updated' do
+        setup { @instance.update_attributes(:password => 'NEW PASSWORD') }
+        should_change '@instance.encrypted_password'
+      end
+
+      context 'loaded completely fresh' do
+        setup { @instance = @klass.find(@instance.id) }
+
+        context 'and saved' do
+          setup { @instance.save }
+          should_not_change '@instance.encrypted_password'
+        end
+      end
+    end
+  end
+
+  context 'Model with a multiple-attribute-based digest' do
+    setup do
+      @klass = model_with_attributes(:login, :remember_me_token, :remember_me_until) do
+        has_digest :remember_me_token, :depends => [:login, :remember_me_until]
+      end
+    end
+
+    context 'saved instance' do
+      setup { @instance = @klass.create(:login => 'bob', :remember_me_until => 2.weeks.from_now) }
+
+      should 'have digested attribute' do
+        assert_not_nil @instance.remember_me_token
+      end
+
+      context 'update one attribute' do
+        setup { @instance.update_attributes(:remember_me_until => 3.weeks.from_now) }
+        should_change '@instance.remember_me_token'
+      end
+
+      context 'update one attribute to nil' do
+        setup { @instance.update_attributes(:remember_me_until => nil) }
+
+        should 'change digested attribute to nil' do
+          assert_nil @instance.remember_me_token
+        end
+      end
+    end
+  end
+
+  context 'Model with a magic salt column and an attribute-based digest' do
+    setup do
+      @klass = model_with_attributes(:salt, :encrypted_password) do
+        has_digest :encrypted_password, :depends => :password
+      end
+    end
+
+    context 'saved instance' do
+      setup { @instance = @klass.create(:password => 'PASSWORD') }
+
+      should 'have digested salt attribute' do
+        assert_not_nil @instance.salt
+      end
+
+      should 'have digested encrypted_password attribute' do
+        assert_not_nil @instance.encrypted_password
+      end
+
+      should 'have used salt to digest encrypted password' do
+        assert_equal @instance.digest(@instance.salt, 'PASSWORD'), @instance.encrypted_password
+      end
+    end
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,29 @@
+require 'rubygems'
+require 'test/unit'
+require 'shoulda'
+require 'mocha'
+require 'active_record'
+require File.join(File.dirname(__FILE__), '..', 'lib', 'has_digest.rb')
+
+ActiveRecord::Base.establish_connection(:adapter => 'sqlite3', :database => ':memory:')
+
+def model_with_attributes(*attributes, &block)
+  ActiveRecord::Base.connection.create_table :models, :force => true do |table|
+    attributes.each do |attribute|
+      table.string attribute
+    end
+  end
+
+  ActiveRecord::Base.send(:include, HasDigest)
+  Object.send(:remove_const, 'Model') rescue nil
+  Object.const_set('Model', Class.new(ActiveRecord::Base))
+  Model.class_eval(&block) if block_given?
+
+  return Model
+end
+
+class Test::Unit::TestCase
+  def assert_unique(collection)
+    assert_same_elements collection.uniq, collection
+  end
+end

metadata

@@ -0,0 +1,64 @@
+--- !ruby/object:Gem::Specification 
+name: matthewtodd-has_digest
+version: !ruby/object:Gem::Version 
+  version: 0.1.0
+platform: ruby
+authors: 
+- Matthew Todd
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-11-11 00:00:00 -08:00
+default_executable: 
+dependencies: []
+
+description: 
+email: matthew.todd@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+files: 
+- README.rdoc
+- MIT-LICENSE
+- init.rb
+- lib/has_digest.rb
+- shoulda_macros/has_digest.rb
+- test/has_digest_test.rb
+- test/test_helper.rb
+has_rdoc: true
+homepage: 
+post_install_message: 
+rdoc_options: 
+- --main
+- README.rdoc
+- --title
+- has_digest-0.1.0
+- --inline-source
+- --line-numbers
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: Rails plugin that helps encrypt passwords and generate api tokens before save.
+test_files: []
+