RubyGems - merb-auth-core - Versions diffs - 1.1.0 → 1.1.1 - Mend

merb-auth-core 1.1.0 → 1.1.1

Files changed (24) hide show

data/Rakefile +1 -1
data/lib/merb-auth-core.rb +1 -1
data/lib/merb-auth-core/authenticated_helper.rb +12 -12
data/lib/merb-auth-core/authentication.rb +35 -35
data/lib/merb-auth-core/bootloader.rb +2 -2
data/lib/merb-auth-core/callbacks.rb +6 -6
data/lib/merb-auth-core/customizations.rb +5 -5
data/lib/merb-auth-core/errors.rb +1 -1
data/lib/merb-auth-core/responses.rb +8 -8
data/lib/merb-auth-core/router_helper.rb +6 -6
data/lib/merb-auth-core/session_mixin.rb +10 -10
data/lib/merb-auth-core/strategy.rb +37 -37
data/lib/merb-auth-core/version.rb +1 -1
data/spec/helpers/authentication_helper_spec.rb +22 -22
data/spec/merb-auth-core/authentication_spec.rb +66 -66
data/spec/merb-auth-core/callbacks_spec.rb +16 -16
data/spec/merb-auth-core/customizations_spec.rb +5 -5
data/spec/merb-auth-core/errors_spec.rb +9 -9
data/spec/merb-auth-core/failed_login_spec.rb +16 -16
data/spec/merb-auth-core/merb-auth-core_spec.rb +1 -1
data/spec/merb-auth-core/router_helper_spec.rb +23 -23
data/spec/merb-auth-core/strategy_spec.rb +54 -54
data/spec/spec_helper.rb +7 -7
metadata +14 -6

data/lib/merb-auth-core/strategy.rb CHANGED

@@ -2,13 +2,13 @@ module Merb
   class Authentication
     cattr_reader   :strategies, :default_strategy_order, :registered_strategies
     @@strategies, @@default_strategy_order, @@registered_strategies = [], [], {}
-    # Use this to set the default order of strategies
+    # Use this to set the default order of strategies
     # if you need to in your application.  You don't need to use all avaiable strategies
     # in this array, but you may not include a strategy that has not yet been defined.
-    #
+    #
     # @params [Merb::Authentiation::Strategy,Merb::Authentication::Strategy]
-    #
+    #
     # @public
     def self.default_strategy_order=(*order)
       order = order.flatten
@@ -16,18 +16,18 @@ module Merb
       raise ArgumentError, "#{bad.join(",")} do not inherit from Merb::Authentication::Strategy" unless bad.empty?
       @@default_strategy_order = order
     end
     # Allows for the registration of strategies.
     # @params <Symbol, String>
     #   +label+ The label is the label to identify this strategy
     #   +path+  The path to the file containing the strategy.  This must be an absolute path!
-    #
+    #
     # Registering a strategy does not add it to the list of strategies to use
     # it simply makes it available through the Merb::Authentication.activate method
-    #
+    #
     # This is for plugin writers to make a strategy availalbe but this should not
     # stop you from declaring your own strategies
-    #
+    #
     # @plugin
     def self.register(label, path)
       self.registered_strategies[label] = path
@@ -42,7 +42,7 @@ module Merb
       raise "The #{label} Strategy is not registered" unless path
       require path
     end
     # The Merb::Authentication::Strategy is where all the action happens in the merb-auth framework.
     # Inherit from this class to setup your own strategy.  The strategy will automatically
     # be placed in the default_strategy_order array, and will be included in the strategy runs.
@@ -64,13 +64,13 @@ module Merb
     class Strategy
       attr_accessor :request
       attr_writer   :body
       class << self
         def inherited(klass)
           Merb::Authentication.strategies << klass
           Merb::Authentication.default_strategy_order << klass
         end
         # Use this to declare the strategy should run before another strategy
         def before(strategy)
           order =  Merb::Authentication.default_strategy_order
@@ -78,7 +78,7 @@ module Merb
           index = order.index(strategy)
           order.insert(index,self)
         end
         # Use this to declare the strategy should run after another strategy
         def after(strategy)
           order = Merb::Authentication.default_strategy_order
@@ -86,50 +86,50 @@ module Merb
           index = order.index(strategy)
           index == order.size ? order << self : order.insert(index + 1, self)
         end
         # Mark a strategy as abstract.  This means that a strategy will not
-        # ever be run as part of the authentication.  Instead this
+        # ever be run as part of the authentication.  Instead this
         # will be available to inherit from as a way to share code.
-        #
+        #
         # You could for example setup a strategy to check for a particular kind of login
         # and then have a subclass for each class type of user in your system.
         # i.e. Customer / Staff, Student / Staff etc
         def abstract!
           @abstract = true
         end
         # Asks is this strategy abstract. i.e. can it be run as part of the authentication
         def abstract?
           !!@abstract
         end
       end # End class << self
       def initialize(request, params)
         @request = request
         @params  = params
       end
       # An alias to the request.params hash
       # Only rely on this hash to find any router params you are looking for.
       # If looking for paramteres use request.params
       def params
         @params
       end
       # An alials to the request.cookies hash
       def cookies
         request.cookies
       end
       # An alias to the request.session hash
       def session
         request.session
       end
       # Redirects causes the strategy to signal a redirect
       # to the provided url.
-      #
+      #
       # ====Parameters
       # url<String>:: The url to redirect to
       # options<Hash>:: An options hash with the following keys:
@@ -143,64 +143,64 @@ module Merb
         halt!
         return true
       end
       # Returns ture if the strategy redirected
       def redirected?
         !!headers["Location"]
       end
       # Provides a place to put the status of the response
       attr_accessor :status
       # Provides a place to put headers
       def headers
         @headers ||={}
       end
       # Mark this strategy as complete for this request.  Will cause that no other
-      # strategies will be executed.
+      # strategies will be executed.
       def halt!
         @halt = true
       end
       # Checks to see if this strategy has been halted
       def halted?
         !!@halt
       end
       # Allows you to provide a body of content to return when halting
       def body
         @body || ""
       end
       # This is the method that is called as the test for authentication and is where
       # you put your code.
-      #
+      #
       # You must overwrite this method in your strategy
       #
       # @api overwritable
       def run!
         raise NotImplemented
       end
       # Overwrite this method to scope a strategy to a particular user type
       # you can use this with inheritance for example to try the same strategy
       # on different user types
       #
-      # By default, Merb::Authentication.user_class is used.  This method allows for
+      # By default, Merb::Authentication.user_class is used.  This method allows for
       # particular strategies to deal with a different type of user class.
       #
       # For example.  If Merb::Authentication.user_class is Customer
       # and you have a PasswordStrategy, you can subclass the PasswordStrategy
       # and change this method to return Staff.  Giving you a PasswordStrategy strategy
-      # for first Customer(s) and then Staff.
+      # for first Customer(s) and then Staff.
       #
       # @api overwritable
       def user_class
         Merb::Authentication.user_class
       end
     end # Strategy
   end # Merb::Authentication
 end # Merb

data/lib/merb-auth-core/version.rb CHANGED

@@ -1,7 +1,7 @@
 module Merb
   module Auth
     module Core
-      VERSION = '1.1.0'.freeze
+      VERSION = '1.1.1'.freeze
     end
   end
 end

data/spec/helpers/authentication_helper_spec.rb CHANGED

@@ -1,11 +1,11 @@
 require 'spec_helper'
 describe "Merb::AuthenticationHelper" do
   class ControllerMock < Merb::Controller
     before :ensure_authenticated
   end
   before(:each) do
     clear_strategies!
     @controller = ControllerMock.new(fake_request)
@@ -13,31 +13,31 @@ describe "Merb::AuthenticationHelper" do
     @session = @controller.session
     @session.user = "WINNA"
     Viking.captures.clear
     class Kone < Merb::Authentication::Strategy
       def run!
         Viking.capture(self.class)
         params[self.class.name]
       end
     end
     class Ktwo < Kone; end
   end
   it "should not raise and Unauthenticated error" do
     lambda do
       @controller.send(:ensure_authenticated)
     end.should_not raise_error(Merb::Controller::Unauthenticated)
   end
   it "should raise an Unauthenticated error" do
     @controller = ControllerMock.new(Merb::Request.new({}))
     lambda do
       @controller.send(:ensure_authenticated)
     end.should raise_error(Merb::Controller::Unauthenticated)
   end
   it "should run the authentication when testing if it is authenticated" do
     @controller = ControllerMock.new(fake_request)
     @controller.session.should_receive(:authenticated?).and_return(false)
@@ -45,7 +45,7 @@ describe "Merb::AuthenticationHelper" do
     @controller.session.authentication.should_receive(:authenticate!).and_return("WINNA")
     @controller.send(:ensure_authenticated)
   end
   it "should accept and execute the provided strategies" do
     # This allows using a before filter with specific arguments
     # before :ensure_authenticated, :with => [Authenticaiton::OAuth, Merb::Authentication::BasicAuth]
@@ -54,17 +54,17 @@ describe "Merb::AuthenticationHelper" do
     controller.send(:ensure_authenticated, Kone, Ktwo)
     Viking.captures.should == %w( Kone Ktwo )
   end
   describe "redirection" do
     before(:all) do
       class FooController < Merb::Controller
         before :ensure_authenticated
         def index; "FooController#index" end
       end
     end
     before(:each) do
       class MyStrategy < Merb::Authentication::Strategy
         def run!
@@ -80,32 +80,32 @@ describe "Merb::AuthenticationHelper" do
           end
         end
       end # MyStrategy
       Merb::Router.reset!
       Merb::Router.prepare{ match("/").to(:controller => "foo_controller")}
     end
     it "should redirect the controller to a Location if the strategy redirects" do
-      controller = get "/", :url => "/some/url"
+      controller = get "/", :url => "/some/url"
       controller.headers["Location"].should == "/some/url"
     end
     it "should use a 302 redirection by default" do
       c = get "/", :url => "/some/url"
       c.status.should == 302
     end
     it "should use a 301 when marked as permanent" do
       c = get "/", :url => "/some/url", :permanent => "true"
       c.status.should == 301
     end
     it "should use a custom status" do
       c = get "/", :url => "/some/url", :status => 401
       c.status.should == 401
     end
   end
 end

data/spec/merb-auth-core/authentication_spec.rb CHANGED

@@ -1,7 +1,7 @@
 require 'spec_helper'
 describe "Merb::Authentication Session" do
   before(:each) do
     @session_class = Merb::CookieSession
     @session = @session_class.generate
@@ -12,14 +12,14 @@ describe "Merb::Authentication Session" do
       @m = mock("mock")
       clear_strategies!
     end
     after(:all) do
       clear_strategies!
     end
     describe "store_user" do
       it{@session.authentication.should respond_to(:store_user)}
       it "should raise a NotImplemented error by default" do
         pending "How to spec this when we need to overwrite it for the specs to work?"
         lambda do
@@ -27,50 +27,50 @@ describe "Merb::Authentication Session" do
         end.should raise_error(Merb::Authentication::NotImplemented)
       end
     end
     describe "fetch_user" do
       it{@session.authentication.should respond_to(:fetch_user)}
       it "should raise a NotImplemented error by defualt" do
         pending "How to spec this when we need to overwrite it for the specs to work?"
-        lambda do
+        lambda do
           @session.authentication.fetch_user
         end.should raise_error(Merb::Authentication::NotImplemented)
       end
     end
   end
   describe "error_message" do
     before(:each) do
       @request = fake_request
       @auth = Merb::Authentication.new(@request.session)
     end
     it "should be 'Could not log in' by default" do
       @auth.error_message.should == "Could not log in"
     end
     it "should allow a user to set the error message" do
       @auth.error_message = "No You Don't"
       @auth.error_message.should == "No You Don't"
     end
   end
   describe "user" do
     it "should call fetch_user with the session contents to load the user" do
       @session[:user] = 42
       @session.authentication.should_receive(:fetch_user).with(42)
       @session.user
     end
     it "should set the @user instance variable" do
       @session[:user] = 42
       @session.authentication.should_receive(:fetch_user).and_return("THE USER")
       @session.user
       @session.authentication.assigns(:user).should == "THE USER"
     end
     it "should cache the user in an instance variable" do
       @session[:user] = 42
       @session.authentication.should_receive(:fetch_user).once.and_return("THE USER")
@@ -78,37 +78,37 @@ describe "Merb::Authentication Session" do
       @session.authentication.assigns(:user).should == "THE USER"
       @session.user
     end
     it "should set the ivar to nil if the session is nil" do
       @session[:user] = nil
       @session.user.should be_nil
     end
   end
   describe "user=" do
     before(:each) do
       @user = mock("user")
       @session.authentication.stub!(:fetch_user).and_return(@user)
     end
     it "should call store_user on the session to get the value to store in the session" do
       @session.authentication.should_receive(:store_user).with(@user)
       @session.user = @user
     end
     it "should set the instance variable to nil if the return of store_user is nil" do
       @session.authentication.should_receive(:store_user).and_return(nil)
       @session.user = @user
       @session.user.should be_nil
     end
     it "should set the instance varaible to nil if the return of store_user is false" do
       @session.authentication.should_receive(:store_user).and_return(false)
       @session.user = @user
       @session.user.should be_nil
     end
     it "should set the instance variable to the value of user if store_user is not nil or false" do
       @session.authentication.should_receive(:store_user).and_return(42)
       @session.user = @user
@@ -116,9 +116,9 @@ describe "Merb::Authentication Session" do
       @session[:user].should == 42
     end
   end
   describe "abandon!" do
     before(:each) do
       @user = mock("user")
       @session.authentication.stub!(:fetch_user).and_return(@user)
@@ -126,36 +126,36 @@ describe "Merb::Authentication Session" do
       @session[:user] = 42
       @session.user
     end
     it "should delete the session" do
       @session.should_receive(:clear)
       @session.abandon!
     end
     it "should not have a user after it is abandoned" do
       @session.user.should == @user
       @session.abandon!
       @session.user.should be_nil
     end
   end
   describe "Merb::Authentication" do
     it "Should be hookable" do
       Merb::Authentication.should include(Extlib::Hook)
     end
   end
   describe "#authenticate" do
     before(:all) do
       clear_strategies!
     end
     after(:all) do
       clear_strategies!
     end
     before(:each) do
       class Sone < Merb::Authentication::Strategy
         def run!
@@ -165,119 +165,119 @@ describe "Merb::Authentication Session" do
       end
       class Stwo < Merb::Authentication::Strategy
         def run!
-          Viking.capture(Stwo)
+          Viking.capture(Stwo)
           params[:pass_2]
         end
       end
       class Sthree < Merb::Authentication::Strategy
         def run!
           Viking.capture(Sthree)
-          params[:pass_3]
+          params[:pass_3]
         end
       end
       class Sfour < Merb::Authentication::Strategy
         abstract!
         def run!
            "BAD MAN"
         end
       end
       Sfour.should_not_receive(:run!)
       @request = Users.new(fake_request)
       @auth = Merb::Authentication.new(@request.session)
       Viking.captures.clear
     end
     it "should execute the strategies in the default order" do
       @request.params[:pass_3] = true
       @auth.authenticate!(@request, @request.params)
       Viking.captures.should == %w( Sone Stwo Sthree )
     end
     it "should run the strategeis until if finds a non nil non false" do
       @request.params[:pass_2] = true
       @auth.authenticate!(@request, @request.params)
       Viking.captures.should == %w( Sone Stwo )
     end
     it "should raise an Unauthenticated exception if no 'user' is found" do
       lambda do
         @auth.authenticate!(@request, @request.params)
       end.should raise_error(Merb::Controller::Unauthenticated)
     end
     it "should store the user into the session if one is found" do
       @auth.should_receive(:user=).with("WINNA")
       @request.params[:pass_1] = "WINNA"
       @auth.authenticate!(@request, @request.params)
     end
     it "should use the Authentiation#error_message as the error message" do
       @auth.should_receive(:error_message).and_return("BAD BAD BAD")
       lambda do
         @auth.authenticate!(@request, @request.params)
       end.should raise_error(Merb::Controller::Unauthenticated, "BAD BAD BAD")
     end
     it "should execute the strategies as passed into the authenticate! method" do
       @request.params[:pass_1] = true
       @auth.authenticate!(@request, @request.params, Stwo, Sone)
       Viking.captures.should == ["Stwo", "Sone"]
     end
     describe "Strategy loading as strings" do
       before :each do
         Merb::Authentication.reset_strategy_lookup!
         class Merb::Authentication::Strategies::Zone < Merb::Authentication::Strategy
           def run!
             Viking.capture(Merb::Authentication::Strategies::Zone)
-            params[:z_one]
+            params[:z_one]
           end
         end
       end
       it "should allow for loading the strategies as strings" do
         @request.params[:z_one] = "z_one"
         @request.session.authenticate!(@request, @request.params, "Zone")
         @request.session.user.should == "z_one"
       end
       it "should raise a const misisng error when the error is not namespaced" do
         @request.params[:pass_1] = "s_one"
         lambda do
           @request.session.authenticate!(@request, @request.params, "Sone")
         end.should raise_error(NameError)
       end
       it "should allow a mix of strategies as strings or classes" do
         @request.params[:pass_2] = "s_two"
         @request.session.authenticate!(@request, @request.params, "Zone", Sone, Stwo)
         Viking.captures.should == %w(Merb::Authentication::Strategies::Zone Sone Stwo)
       end
     end
   end
   describe "user_class" do
     it "should have User as the default user class if requested" do
       Merb::Authentication.user_class.should == User
-    end
+    end
   end
   describe "redirection" do
     before(:all) do
       class FooController < Merb::Controller
         before :ensure_authenticated
         def index; "FooController#index" end
       end
     end
     before(:each) do
       class MyStrategy < Merb::Authentication::Strategy
         def run!
@@ -289,37 +289,37 @@ describe "Merb::Authentication Session" do
           end
         end
       end # MyStrategy
       class FailStrategy < Merb::Authentication::Strategy
         def run!
           request.params[:should_not_be_here] = true
         end
       end
       Merb::Router.reset!
       Merb::Router.prepare{ match("/").to(:controller => "foo_controller")}
       @request = mock_request("/")
       @s = MyStrategy.new(@request, @request.params)
       @a = Merb::Authentication.new(@request.session)
     end
     it "should answer redirected false if the strategy did not redirect" do
       @a.authenticate! @request, @request.params
       @a.should_not be_redirected
     end
     it "should answer redirected true if the strategy did redirect" do
       @request.params[:url] = "/some/url"
       @a.authenticate! @request, @request.params
       @a.halted?
     end
     it "should provide access to the Headers" do
       @request.params[:url] = "/some/url"
       @a.authenticate! @request, @request.params
       @a.headers.should == {"Location" => "/some/url"}
     end
     it "should provide access to the status" do
       @request.params[:url] = "/some/url"
       @request.params[:status] = 401
@@ -327,7 +327,7 @@ describe "Merb::Authentication Session" do
       @a.should be_halted
       @a.status.should == 401
     end
     it "should stop processing the strategies if one redirects" do
       @request.params[:url] = "/some/url"
       lambda do
@@ -336,18 +336,18 @@ describe "Merb::Authentication Session" do
       @a.should be_halted
       @request.params[:should_not_be_here].should be_nil
     end
     it "should allow you to set the body" do
       @a.body = "body"
       @a.body.should == "body"
     end
     it "should put the body of the strategy as the response body of the controller" do
       controller = request "/", :params => {:url => "/some/url"}
       controller.should redirect_to("/some/url")
     end
   end