merb-auth-core 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Rakefile +1 -1
- data/lib/merb-auth-core.rb +1 -1
- data/lib/merb-auth-core/authenticated_helper.rb +12 -12
- data/lib/merb-auth-core/authentication.rb +35 -35
- data/lib/merb-auth-core/bootloader.rb +2 -2
- data/lib/merb-auth-core/callbacks.rb +6 -6
- data/lib/merb-auth-core/customizations.rb +5 -5
- data/lib/merb-auth-core/errors.rb +1 -1
- data/lib/merb-auth-core/responses.rb +8 -8
- data/lib/merb-auth-core/router_helper.rb +6 -6
- data/lib/merb-auth-core/session_mixin.rb +10 -10
- data/lib/merb-auth-core/strategy.rb +37 -37
- data/lib/merb-auth-core/version.rb +1 -1
- data/spec/helpers/authentication_helper_spec.rb +22 -22
- data/spec/merb-auth-core/authentication_spec.rb +66 -66
- data/spec/merb-auth-core/callbacks_spec.rb +16 -16
- data/spec/merb-auth-core/customizations_spec.rb +5 -5
- data/spec/merb-auth-core/errors_spec.rb +9 -9
- data/spec/merb-auth-core/failed_login_spec.rb +16 -16
- data/spec/merb-auth-core/merb-auth-core_spec.rb +1 -1
- data/spec/merb-auth-core/router_helper_spec.rb +23 -23
- data/spec/merb-auth-core/strategy_spec.rb +54 -54
- data/spec/spec_helper.rb +7 -7
- metadata +14 -6
@@ -1,27 +1,27 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe "Authentication callbacks" do
|
4
|
-
|
4
|
+
|
5
5
|
before(:each) do
|
6
6
|
Merb::Authentication.after_callbacks.clear
|
7
7
|
clear_strategies!
|
8
8
|
Viking.captures.clear
|
9
|
-
|
10
|
-
# A basic user model that has some simple methods
|
11
|
-
# to set and aknowlege that it's been called
|
9
|
+
|
10
|
+
# A basic user model that has some simple methods
|
11
|
+
# to set and aknowlege that it's been called
|
12
12
|
class AUser
|
13
13
|
attr_accessor :active, :name
|
14
|
-
|
14
|
+
|
15
15
|
def initialize(params)
|
16
16
|
params.each do |k,v|
|
17
17
|
instance_variable_set("@#{k}", v)
|
18
18
|
end
|
19
19
|
end
|
20
|
-
|
20
|
+
|
21
21
|
def acknowledge(value)
|
22
22
|
Viking.capture(value)
|
23
23
|
end
|
24
|
-
|
24
|
+
|
25
25
|
def acknowledge!(value = "default acknowledge")
|
26
26
|
throw(:acknowledged, value)
|
27
27
|
end
|
@@ -32,24 +32,24 @@ describe "Authentication callbacks" do
|
|
32
32
|
end
|
33
33
|
end
|
34
34
|
end
|
35
|
-
|
35
|
+
|
36
36
|
# Create a strategy to test the after stuff
|
37
37
|
class MyStrategy < Merb::Authentication::Strategy
|
38
38
|
def run!
|
39
39
|
AUser.new(request.params[:user] || {}) unless request.params[:no_user]
|
40
40
|
end
|
41
41
|
end
|
42
|
-
|
42
|
+
|
43
43
|
@request = fake_request
|
44
44
|
@params = @request.params
|
45
45
|
@auth = Merb::Authentication.new(@request.session)
|
46
46
|
end
|
47
|
-
|
47
|
+
|
48
48
|
after(:all) do
|
49
49
|
clear_strategies!
|
50
50
|
Merb::Authentication.after_callbacks.clear
|
51
51
|
end
|
52
|
-
|
52
|
+
|
53
53
|
it "should allow you to setup a callback as a block" do
|
54
54
|
Merb::Authentication.after_authentication{ |user, request, params| user.acknowledge!("w00t threw it") }
|
55
55
|
result = catch(:acknowledged) do
|
@@ -57,7 +57,7 @@ describe "Authentication callbacks" do
|
|
57
57
|
end
|
58
58
|
result.should == "w00t threw it"
|
59
59
|
end
|
60
|
-
|
60
|
+
|
61
61
|
it "should allow you to setup a callback as a method" do
|
62
62
|
Merb::Authentication.after_authentication(:acknowledge!)
|
63
63
|
result = catch(:acknowledged) do
|
@@ -65,7 +65,7 @@ describe "Authentication callbacks" do
|
|
65
65
|
end
|
66
66
|
result.should == "default acknowledge"
|
67
67
|
end
|
68
|
-
|
68
|
+
|
69
69
|
it "should allow many callbacks to be setup and executed" do
|
70
70
|
Merb::Authentication.after_authentication{|u,r,p| u.acknowledge("first"); u}
|
71
71
|
Merb::Authentication.after_authentication{|u,r,p| u.acknowledge("second"); u}
|
@@ -81,14 +81,14 @@ describe "Authentication callbacks" do
|
|
81
81
|
end.should raise_error(Merb::Controller::Unauthenticated)
|
82
82
|
Viking.captures.should == ["first"]
|
83
83
|
end
|
84
|
-
|
84
|
+
|
85
85
|
it "should raise an Unauthenticated if a callback returns nil" do
|
86
86
|
Merb::Authentication.after_authentication{|u,r,p| nil }
|
87
87
|
lambda do
|
88
88
|
@request.session.authenticate!(@request,@params)
|
89
89
|
end.should raise_error(Merb::Controller::Unauthenticated)
|
90
90
|
end
|
91
|
-
|
91
|
+
|
92
92
|
it "should not try to process the callbacks when no user is found" do
|
93
93
|
Merb::Authentication.after_authentication{|u,r,p| u.acknowledge("first"); u}
|
94
94
|
Merb::Authentication.after_authentication{|u,r,p| u.acknowledge("second"); u}
|
@@ -98,5 +98,5 @@ describe "Authentication callbacks" do
|
|
98
98
|
end.should raise_error(Merb::Controller::Unauthenticated)
|
99
99
|
Viking.captures.should be_empty
|
100
100
|
end
|
101
|
-
|
101
|
+
|
102
102
|
end
|
@@ -1,22 +1,22 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe "Merb::Authentication.customizations" do
|
4
|
-
|
4
|
+
|
5
5
|
before(:each) do
|
6
6
|
Merb::Authentication.default_customizations.clear
|
7
7
|
end
|
8
|
-
|
8
|
+
|
9
9
|
it "should allow addition to the customizations" do
|
10
10
|
Merb::Authentication.customize_default { "ONE" }
|
11
11
|
Merb::Authentication.default_customizations.first.call.should == "ONE"
|
12
12
|
end
|
13
|
-
|
13
|
+
|
14
14
|
it "should allow multiple additions to the customizations" do
|
15
15
|
Merb::Authentication.customize_default {"ONE"}
|
16
16
|
Merb::Authentication.customize_default {"TWO"}
|
17
|
-
|
17
|
+
|
18
18
|
Merb::Authentication.default_customizations.first.call.should == "ONE"
|
19
19
|
Merb::Authentication.default_customizations.last.call.should == "TWO"
|
20
20
|
end
|
21
|
-
|
21
|
+
|
22
22
|
end
|
@@ -1,31 +1,31 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Merb::Authentication::Errors do
|
4
|
-
|
4
|
+
|
5
5
|
before(:each) do
|
6
6
|
@errors = Merb::Authentication::Errors.new
|
7
7
|
end
|
8
|
-
|
8
|
+
|
9
9
|
it "should report that it is empty on first creation" do
|
10
10
|
@errors.empty?.should == true
|
11
11
|
end
|
12
|
-
|
12
|
+
|
13
13
|
it "should continue to report that it is empty even after being checked" do
|
14
14
|
@errors.on(:foo)
|
15
15
|
@errors.empty?.should == true
|
16
16
|
end
|
17
|
-
|
17
|
+
|
18
18
|
it "should add an error" do
|
19
19
|
@errors.add(:login, "Login or password incorrect")
|
20
20
|
@errors[:login].should == ["Login or password incorrect"]
|
21
21
|
end
|
22
|
-
|
22
|
+
|
23
23
|
it "should allow many errors to be added to the same field" do
|
24
24
|
@errors.add(:login, "bad 1")
|
25
25
|
@errors.add(:login, "bad 2")
|
26
26
|
@errors.on(:login).should == ["bad 1", "bad 2"]
|
27
27
|
end
|
28
|
-
|
28
|
+
|
29
29
|
it "should give the full messages for an error" do
|
30
30
|
@errors.add(:login, "login wrong")
|
31
31
|
@errors.add(:password, "password wrong")
|
@@ -33,16 +33,16 @@ describe Merb::Authentication::Errors do
|
|
33
33
|
@errors.full_messages.should include(msg)
|
34
34
|
end
|
35
35
|
end
|
36
|
-
|
36
|
+
|
37
37
|
it "should return the error for a specific field / label" do
|
38
38
|
@errors.add(:login, "wrong")
|
39
39
|
@errors.on(:login).should == ["wrong"]
|
40
40
|
end
|
41
|
-
|
41
|
+
|
42
42
|
it "should return nil for a specific field if it's not been set" do
|
43
43
|
@errors.on(:not_there).should be_nil
|
44
44
|
end
|
45
|
-
|
45
|
+
|
46
46
|
it "should provide an errors instance method on the Authenticaiton instance" do
|
47
47
|
a = Merb::Authentication.new(Merb::CookieSession.generate)
|
48
48
|
a.errors.should be_a_kind_of(Merb::Authentication::Errors)
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe "Failed Login" do
|
4
|
-
|
4
|
+
|
5
5
|
before(:all) do
|
6
6
|
Merb::Config[:exception_details] = true
|
7
7
|
reset_exceptions!
|
@@ -11,7 +11,7 @@ describe "Failed Login" do
|
|
11
11
|
end
|
12
12
|
end
|
13
13
|
end
|
14
|
-
|
14
|
+
|
15
15
|
after(:all) do
|
16
16
|
reset_exceptions!
|
17
17
|
class Exceptions < Merb::Controller
|
@@ -19,16 +19,16 @@ describe "Failed Login" do
|
|
19
19
|
"Unauthenticated"
|
20
20
|
end
|
21
21
|
end
|
22
|
-
|
22
|
+
|
23
23
|
Viking.captures.clear
|
24
24
|
end
|
25
|
-
|
25
|
+
|
26
26
|
def reset_exceptions!
|
27
27
|
Object.class_eval do
|
28
28
|
remove_const(:Exceptions) if defined?(Exceptions)
|
29
29
|
end
|
30
30
|
end
|
31
|
-
|
31
|
+
|
32
32
|
before(:each) do
|
33
33
|
clear_strategies!
|
34
34
|
Viking.captures.clear
|
@@ -37,33 +37,33 @@ describe "Failed Login" do
|
|
37
37
|
match("/").to(:controller => "a_controller")
|
38
38
|
match("/login", :method => :put).to(:controller => "sessions", :action => :update)
|
39
39
|
end
|
40
|
-
|
40
|
+
|
41
41
|
class LOne < Merb::Authentication::Strategy
|
42
42
|
def run!
|
43
43
|
Viking.capture self.class
|
44
44
|
params[self.class.name.snake_case.gsub("::", "_")]
|
45
45
|
end
|
46
46
|
end
|
47
|
-
|
47
|
+
|
48
48
|
class LTwo < LOne; end
|
49
|
-
|
49
|
+
|
50
50
|
class LThree < LOne; end
|
51
|
-
|
51
|
+
|
52
52
|
class AController < Merb::Controller
|
53
53
|
before :ensure_authenticated, :with => [LThree]
|
54
54
|
def index
|
55
55
|
"INDEX OF AController"
|
56
56
|
end
|
57
57
|
end
|
58
|
-
|
58
|
+
|
59
59
|
class Sessions < Merb::Controller
|
60
60
|
before :ensure_authenticated
|
61
61
|
def update
|
62
62
|
"In the login action"
|
63
63
|
end
|
64
64
|
end
|
65
|
-
end
|
66
|
-
|
65
|
+
end
|
66
|
+
|
67
67
|
it "should fail login and then not try the default login on the second attempt but should try the original" do
|
68
68
|
r1 = request("/")
|
69
69
|
r1.status.should == 401
|
@@ -73,9 +73,9 @@ describe "Failed Login" do
|
|
73
73
|
r2.status.should == 200
|
74
74
|
Viking.captures.should == ["LThree"]
|
75
75
|
end
|
76
|
-
|
76
|
+
|
77
77
|
it "should not be able to fail many times and still work" do
|
78
|
-
3.times do
|
78
|
+
3.times do
|
79
79
|
r1 = request("/")
|
80
80
|
r1.status.should == 401
|
81
81
|
Viking.captures.should == ["LThree"]
|
@@ -85,6 +85,6 @@ describe "Failed Login" do
|
|
85
85
|
r2.status.should == 200
|
86
86
|
Viking.captures.should == ["LThree"]
|
87
87
|
end
|
88
|
-
|
89
|
-
|
88
|
+
|
89
|
+
|
90
90
|
end
|
@@ -6,17 +6,17 @@ describe "router protection" do
|
|
6
6
|
class Foo < Merb::Controller
|
7
7
|
def index; "INDEX"; end
|
8
8
|
end
|
9
|
-
|
9
|
+
|
10
10
|
clear_strategies!
|
11
|
-
|
11
|
+
|
12
12
|
Object.class_eval do
|
13
13
|
remove_const("Mone") if defined?(Mone)
|
14
14
|
remove_const("Mtwo") if defined?(Mtwo)
|
15
15
|
remove_const("Mthree") if defined?(Mthree)
|
16
16
|
end
|
17
|
-
|
17
|
+
|
18
18
|
Viking.captures.clear
|
19
|
-
|
19
|
+
|
20
20
|
class Mone < Merb::Authentication::Strategy
|
21
21
|
def run!
|
22
22
|
Viking.capture self.class
|
@@ -27,7 +27,7 @@ describe "router protection" do
|
|
27
27
|
end
|
28
28
|
end
|
29
29
|
end
|
30
|
-
|
30
|
+
|
31
31
|
class Mthree < Mone; end
|
32
32
|
class Mtwo < Mone; end
|
33
33
|
|
@@ -35,77 +35,77 @@ describe "router protection" do
|
|
35
35
|
to(:controller => "foo") do
|
36
36
|
authenticate do
|
37
37
|
match("/single_level_default").register
|
38
|
-
|
38
|
+
|
39
39
|
authenticate(Mtwo) do
|
40
40
|
match("/nested_specific").register
|
41
41
|
end
|
42
42
|
end
|
43
|
-
|
43
|
+
|
44
44
|
authenticate(Mtwo, Mone) do
|
45
45
|
match("/single_level_specific").register
|
46
46
|
end
|
47
47
|
end
|
48
48
|
end
|
49
49
|
end
|
50
|
-
|
50
|
+
|
51
51
|
describe "single level default" do
|
52
|
-
|
52
|
+
|
53
53
|
it "should allow access to the controller if the strategy passes" do
|
54
54
|
result = request("/single_level_default", :params => {"Mtwo" => true})
|
55
|
-
result.body.should == "INDEX"
|
55
|
+
result.body.should == "INDEX"
|
56
56
|
Viking.captures.should == %w(Mone Mthree Mtwo)
|
57
57
|
end
|
58
|
-
|
58
|
+
|
59
59
|
it "should fail if no strategies match" do
|
60
60
|
result = request("/single_level_default")
|
61
61
|
result.status.should == Merb::Controller::Unauthenticated.status
|
62
62
|
end
|
63
|
-
|
63
|
+
|
64
64
|
it "should set return a rack array if the strategy redirects" do
|
65
65
|
result = request("/single_level_default", :params => {"url" => "/some/url"})
|
66
66
|
result.status.should == 302
|
67
67
|
result.body.should_not =="INDEX"
|
68
68
|
end
|
69
69
|
end
|
70
|
-
|
70
|
+
|
71
71
|
describe "nested_specific" do
|
72
|
-
|
72
|
+
|
73
73
|
it "should allow access to the controller if the strategy passes" do
|
74
74
|
result = request("/nested_specific", :params => {"Mtwo" => true})
|
75
|
-
result.body.should == "INDEX"
|
75
|
+
result.body.should == "INDEX"
|
76
76
|
Viking.captures.should == %w(Mone Mthree Mtwo)
|
77
77
|
end
|
78
|
-
|
78
|
+
|
79
79
|
it "should fail if no strategies match" do
|
80
80
|
result = request("/nested_specific")
|
81
81
|
result.status.should == Merb::Controller::Unauthenticated.status
|
82
82
|
end
|
83
|
-
|
83
|
+
|
84
84
|
it "should set return a rack array if the strategy redirects" do
|
85
85
|
result = request("/nested_specific", :params => {"url" => "/some/url"})
|
86
86
|
result.status.should == 302
|
87
87
|
result.body.should_not =="INDEX"
|
88
88
|
end
|
89
89
|
end
|
90
|
-
|
90
|
+
|
91
91
|
describe "single_level_specific" do
|
92
|
-
|
92
|
+
|
93
93
|
it "should allow access to the controller if the strategy passes" do
|
94
94
|
result = request("/single_level_specific", :params => {"Mone" => true})
|
95
|
-
result.body.should == "INDEX"
|
95
|
+
result.body.should == "INDEX"
|
96
96
|
Viking.captures.should == %w(Mtwo Mone)
|
97
97
|
end
|
98
|
-
|
98
|
+
|
99
99
|
it "should fail if no strategies match" do
|
100
100
|
result = request("/single_level_specific")
|
101
101
|
result.status.should == Merb::Controller::Unauthenticated.status
|
102
102
|
end
|
103
|
-
|
103
|
+
|
104
104
|
it "should set return a rack array if the strategy redirects" do
|
105
105
|
result = request("/single_level_specific", :params => {"url" => "/some/url"})
|
106
106
|
result.status.should == 302
|
107
107
|
result.body.should_not =="INDEX"
|
108
108
|
end
|
109
109
|
end
|
110
|
-
|
110
|
+
|
111
111
|
end
|
@@ -1,25 +1,25 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe "Merb::Authentication::Strategy" do
|
4
|
-
|
4
|
+
|
5
5
|
before(:all) do
|
6
6
|
clear_strategies!
|
7
7
|
end
|
8
|
-
|
8
|
+
|
9
9
|
before(:each) do
|
10
10
|
clear_strategies!
|
11
11
|
end
|
12
|
-
|
12
|
+
|
13
13
|
after(:all) do
|
14
14
|
clear_strategies!
|
15
15
|
end
|
16
|
-
|
16
|
+
|
17
17
|
describe "adding a strategy" do
|
18
18
|
it "should add a strategy" do
|
19
19
|
class MyStrategy < Merb::Authentication::Strategy; end
|
20
20
|
Merb::Authentication.strategies.should include(MyStrategy)
|
21
21
|
end
|
22
|
-
|
22
|
+
|
23
23
|
it "should keep track of the strategies" do
|
24
24
|
class Sone < Merb::Authentication::Strategy; end
|
25
25
|
class Stwo < Merb::Authentication::Strategy; end
|
@@ -27,13 +27,13 @@ describe "Merb::Authentication::Strategy" do
|
|
27
27
|
Merb::Authentication.default_strategy_order.pop
|
28
28
|
Merb::Authentication.strategies.should include(Sone, Stwo)
|
29
29
|
end
|
30
|
-
|
30
|
+
|
31
31
|
it "should add multiple strategies in order of decleration" do
|
32
32
|
class Sone < Merb::Authentication::Strategy; end
|
33
33
|
class Stwo < Merb::Authentication::Strategy; end
|
34
34
|
Merb::Authentication.default_strategy_order.should == [Sone, Stwo]
|
35
35
|
end
|
36
|
-
|
36
|
+
|
37
37
|
it "should allow a strategy to be inserted _before_ another strategy in the default order" do
|
38
38
|
class Sone < Merb::Authentication::Strategy; end
|
39
39
|
class Stwo < Merb::Authentication::Strategy; end
|
@@ -41,7 +41,7 @@ describe "Merb::Authentication::Strategy" do
|
|
41
41
|
Merb::Authentication.strategies.should include(AuthIntruder, Stwo, Sone)
|
42
42
|
Merb::Authentication.default_strategy_order.should == [Sone, AuthIntruder, Stwo]
|
43
43
|
end
|
44
|
-
|
44
|
+
|
45
45
|
it "should allow a strategy to be inserted _after_ another strategy in the default order" do
|
46
46
|
class Sone < Merb::Authentication::Strategy; end
|
47
47
|
class Stwo < Merb::Authentication::Strategy; end
|
@@ -50,7 +50,7 @@ describe "Merb::Authentication::Strategy" do
|
|
50
50
|
Merb::Authentication.default_strategy_order.should == [Sone, AuthIntruder, Stwo]
|
51
51
|
end
|
52
52
|
end
|
53
|
-
|
53
|
+
|
54
54
|
describe "the default order" do
|
55
55
|
it "should allow a user to overwrite the default order" do
|
56
56
|
class Sone < Merb::Authentication::Strategy; end
|
@@ -58,7 +58,7 @@ describe "Merb::Authentication::Strategy" do
|
|
58
58
|
Merb::Authentication.default_strategy_order = [Stwo]
|
59
59
|
Merb::Authentication.default_strategy_order.should == [Stwo]
|
60
60
|
end
|
61
|
-
|
61
|
+
|
62
62
|
it "should get raise an error if any strategy is not an Merb::Authentication::Strategy" do
|
63
63
|
class Sone < Merb::Authentication::Strategy; end
|
64
64
|
class Stwo < Merb::Authentication::Strategy; end
|
@@ -75,107 +75,107 @@ describe "Merb::Authentication::Strategy" do
|
|
75
75
|
Sone.new(request, request.params).run!
|
76
76
|
end.should raise_error(Merb::Authentication::NotImplemented)
|
77
77
|
end
|
78
|
-
|
78
|
+
|
79
79
|
it "should not raise an implemented error if the run! method is defined on the subclass" do
|
80
80
|
class Sone < Merb::Authentication::Strategy; def run!; end; end
|
81
81
|
lambda do
|
82
82
|
Sone.new("controller").run!
|
83
83
|
end.should_not raise_error(Merb::Authentication::NotImplemented)
|
84
84
|
end
|
85
|
-
|
85
|
+
|
86
86
|
describe "convinience methods" do
|
87
|
-
|
87
|
+
|
88
88
|
before(:each) do
|
89
|
-
class Sone < Merb::Authentication::Strategy; def run!; end; end
|
89
|
+
class Sone < Merb::Authentication::Strategy; def run!; end; end
|
90
90
|
@request = fake_request
|
91
91
|
@strategy = Sone.new(@request, {:params => true})
|
92
92
|
end
|
93
|
-
|
93
|
+
|
94
94
|
it "should provide a params helper that defers to the controller" do
|
95
95
|
@strategy.params.should == {:params => true }
|
96
96
|
end
|
97
|
-
|
97
|
+
|
98
98
|
it "should provide a cookies helper" do
|
99
99
|
@request.should_receive(:cookies).and_return("COOKIES")
|
100
100
|
@strategy.cookies.should == "COOKIES"
|
101
101
|
end
|
102
|
-
|
102
|
+
|
103
103
|
end
|
104
|
-
|
104
|
+
|
105
105
|
describe "#user_class" do
|
106
|
-
|
106
|
+
|
107
107
|
# This allows you to scope a particular strategy to a particular user class object
|
108
108
|
# By inheriting you can add multiple user types to the authentication process
|
109
|
-
|
109
|
+
|
110
110
|
before(:each) do
|
111
111
|
class Sone < Merb::Authentication::Strategy; def run!; end; end
|
112
112
|
class Stwo < Sone; end
|
113
|
-
|
113
|
+
|
114
114
|
class Mone < Merb::Authentication::Strategy
|
115
115
|
def user_class; String; end
|
116
116
|
def run!; end
|
117
117
|
end
|
118
118
|
class Mtwo < Mone; end
|
119
|
-
|
119
|
+
|
120
120
|
class Pone < Merb::Authentication::Strategy
|
121
121
|
abstract!
|
122
122
|
def user_class; Hash; end
|
123
123
|
def special_method; true end
|
124
124
|
end
|
125
125
|
class Ptwo < Pone; end;
|
126
|
-
|
126
|
+
|
127
127
|
@request = fake_request
|
128
128
|
end
|
129
|
-
|
129
|
+
|
130
130
|
it "should allow being set to an abstract strategy" do
|
131
131
|
Pone.abstract?.should be_true
|
132
132
|
end
|
133
|
-
|
133
|
+
|
134
134
|
it "should not set the child class of an abstract class to be abstract" do
|
135
135
|
Ptwo.abstract?.should be_false
|
136
136
|
end
|
137
|
-
|
137
|
+
|
138
138
|
it "should implement a user_class helper" do
|
139
139
|
s = Sone.new(@request, @request.params)
|
140
140
|
s.user_class.should == User
|
141
141
|
end
|
142
|
-
|
142
|
+
|
143
143
|
it "should make it into the strategies collection when subclassed from a subclass" do
|
144
144
|
Merb::Authentication.strategies.should include(Mtwo)
|
145
145
|
end
|
146
|
-
|
146
|
+
|
147
147
|
it "should make it in the default_strategy_order when subclassed from a subclass" do
|
148
148
|
Merb::Authentication.default_strategy_order.should include(Mtwo)
|
149
149
|
end
|
150
|
-
|
150
|
+
|
151
151
|
it "should defer to the Merb::Authentication.user_class if not over written" do
|
152
152
|
Merb::Authentication.should_receive(:user_class).and_return(User)
|
153
153
|
s = Sone.new(@request, @request.params)
|
154
154
|
s.user_class
|
155
155
|
end
|
156
|
-
|
156
|
+
|
157
157
|
it "should inherit the user class from it's parent by default" do
|
158
158
|
Merb::Authentication.should_receive(:user_class).and_return(User)
|
159
159
|
s = Stwo.new(@request, @request.params)
|
160
160
|
s.user_class.should == User
|
161
161
|
end
|
162
|
-
|
162
|
+
|
163
163
|
it "should inherit the user_class form it's parent when the parent defines a new one" do
|
164
164
|
Merb::Authentication.should_not_receive(:user_class)
|
165
165
|
m = Mtwo.new(@request, @request.params)
|
166
166
|
m.user_class.should == String
|
167
167
|
end
|
168
|
-
|
168
|
+
|
169
169
|
end
|
170
|
-
|
170
|
+
|
171
171
|
describe "#redirect!" do
|
172
|
-
|
172
|
+
|
173
173
|
before(:all) do
|
174
174
|
class FooController < Merb::Controller
|
175
175
|
def index; "FooController#index" end
|
176
176
|
end
|
177
177
|
end
|
178
|
-
|
178
|
+
|
179
179
|
before(:each) do
|
180
180
|
class MyStrategy < Merb::Authentication::Strategy
|
181
181
|
def run!
|
@@ -186,89 +186,89 @@ describe "Merb::Authentication::Strategy" do
|
|
186
186
|
end
|
187
187
|
end
|
188
188
|
end # MyStrategy
|
189
|
-
|
189
|
+
|
190
190
|
Merb::Router.reset!
|
191
191
|
Merb::Router.prepare{ match("/").to(:controller => "foo_controller")}
|
192
192
|
@request = fake_request
|
193
193
|
@s = MyStrategy.new(@request, @request.params)
|
194
194
|
end
|
195
|
-
|
195
|
+
|
196
196
|
it "allow for a redirect!" do
|
197
197
|
@s.redirect!("/somewhere")
|
198
198
|
@s.headers["Location"].should == "/somewhere"
|
199
199
|
end
|
200
|
-
|
200
|
+
|
201
201
|
it "should provide access to setting the headers" do
|
202
202
|
@s.headers["Location"] = "/a/url"
|
203
203
|
@s.headers["Location"].should == "/a/url"
|
204
204
|
end
|
205
|
-
|
205
|
+
|
206
206
|
it "should allow access to the setting header" do
|
207
207
|
@s.status = 403
|
208
208
|
@s.status.should == 403
|
209
209
|
end
|
210
|
-
|
210
|
+
|
211
211
|
it "should return nil for the Location if it is not redirected" do
|
212
212
|
@s.should_not be_redirected
|
213
213
|
@s.headers["Location"].should be_nil
|
214
214
|
end
|
215
|
-
|
215
|
+
|
216
216
|
it "should pass through the options to the redirect options" do
|
217
217
|
@s.redirect!("/somewhere", :status => 401)
|
218
218
|
@s.headers["Location"].should == "/somewhere"
|
219
219
|
@s.status.should == 401
|
220
220
|
end
|
221
|
-
|
221
|
+
|
222
222
|
it "should set a redirect with a permanent true" do
|
223
223
|
@s.redirect!("/somewhere", :permanent => true)
|
224
224
|
@s.status.should == 301
|
225
225
|
end
|
226
|
-
|
226
|
+
|
227
227
|
it "should be redirected?" do
|
228
228
|
@s.should_not be_redirected
|
229
229
|
@s.redirect!("/somewhere")
|
230
230
|
@s.should be_redirected
|
231
231
|
end
|
232
|
-
|
232
|
+
|
233
233
|
it "should set the strategy to halted" do
|
234
234
|
@s.redirect!("/somewhere")
|
235
235
|
@s.should be_halted
|
236
236
|
end
|
237
|
-
|
237
|
+
|
238
238
|
it "should halt a strategy" do
|
239
239
|
@s.should_not be_halted
|
240
240
|
@s.halt!
|
241
241
|
@s.should be_halted
|
242
242
|
end
|
243
|
-
|
243
|
+
|
244
244
|
it "should allow a body to be set" do
|
245
245
|
@s.body = "body"
|
246
246
|
@s.body.should == "body"
|
247
247
|
end
|
248
|
-
|
248
|
+
|
249
249
|
end
|
250
|
-
|
250
|
+
|
251
251
|
describe "register strategies" do
|
252
|
-
|
252
|
+
|
253
253
|
it "should allow for a strategy to be registered" do
|
254
254
|
Merb::Authentication.register(:test_one, "/path/to/strategy")
|
255
255
|
Merb::Authentication.registered_strategies[:test_one].should == "/path/to/strategy"
|
256
256
|
end
|
257
|
-
|
257
|
+
|
258
258
|
it "should activate a strategy" do
|
259
259
|
Merb::Authentication.register(:test_activation, File.expand_path(File.dirname(__FILE__)) / "activation_fixture")
|
260
260
|
defined?(TheActivationTest).should be_nil
|
261
261
|
Merb::Authentication.activate!(:test_activation)
|
262
262
|
defined?(TheActivationTest).should_not be_nil
|
263
263
|
end
|
264
|
-
|
264
|
+
|
265
265
|
it "should raise if the strategy is not registered" do
|
266
266
|
lambda do
|
267
267
|
Merb::Authentication.activate!(:not_here)
|
268
268
|
end.should raise_error
|
269
269
|
end
|
270
|
-
|
271
|
-
|
270
|
+
|
271
|
+
|
272
272
|
end
|
273
|
-
|
273
|
+
|
274
274
|
end
|