muck-users 0.2.5 → 0.2.6

data/.gitignore

@@ -26,3 +26,4 @@ coverage
 rdoc
 pkg
 pkg/*
+log/*

data/VERSION

@@ -1 +1 @@
-0.2.5
+0.2.6

data/app/controllers/muck/username_request_controller.rb

@@ -29,15 +29,4 @@ class Muck::UsernameRequestController < ApplicationController
     end  
   end
 
-  private
-  
-  def permission_denied
-    respond_to do |format|
-      format.html do
-        flash[:notice] = t('muck.users.already_logged_in')
-        redirect_to account_url
-      end
-    end
-  end
-
 end

data/lib/action_controller/authentic_application.rb

@@ -140,17 +140,15 @@ module ActionController
       def permission_denied      
         respond_to do |format|
           format.html do
-            #Put your domain name here ex. http://www.example.com
-            domain_name = GlobalConfig.application_base_url
+            domain_name = GlobalConfig.application_url
+            raise t('muck.users.application_base_url_not_set') if domain_name.blank?
             http_referer = session[:refer_to]
             if http_referer.nil?
               store_referer
               http_referer = ( session[:refer_to] || domain_name )
             end
             flash[:error] = I18n.t('muck.users.permission_denied')
-            #The [0..20] represents the 21 characters in http://localhost:3000
-            #You have to set that to the number of characters in your domain name
-            if http_referer[0..domain_name.length] != domain_name  
+            if http_referer[0..domain_name.length] != domain_name
               session[:refer_to] = nil
               redirect_to root_path
             else

data/lib/active_record/acts/muck_user.rb

@@ -144,6 +144,7 @@ module ActiveRecord
           options[:except] << :email << :crypted_password << :salt << :remember_token << :remember_token_expires_at << :activation_code
           options[:except] << :activated_at << :password_reset_code << :enabled << :terms_of_service << :can_send_messages << :identity_url
           options[:except] << :tmp_password << :protected_profile << :public_profile    
+          options[:except] << :password_salt << :perishable_token << :persistence_token << :single_access_token
           super
         end
                 

data/locales/en.yml

@@ -113,6 +113,7 @@ en:
       delete_this_user: "Delete this user."
       sign_up: Sign up
       email_recover_prompt: "Please provide the email you signed up with to recover your password."
+      application_base_url_not_set: "Please set application_base_url in global_config.yml"
       admin:
         unactivated_users: "There are {{count}} unactivated users"
         activate_all_inactive_users: "Activate All Inactive Users"

data/muck-users.gemspec

@@ -2,11 +2,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{muck-users}
-  s.version = "0.2.5"
+  s.version = "0.2.6"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Justin Ball"]
-  s.date = %q{2009-07-24}
+  s.date = %q{2009-08-08}
   s.description = %q{Easily add user signup, login and other features to your application}
   s.email = %q{justinball@gmail.com}
   s.extra_rdoc_files = [
@@ -852,6 +852,7 @@ Gem::Specification.new do |s|
      "test/rails_root/test/unit/.keep",
      "test/rails_root/test/unit/permission_test.rb",
      "test/rails_root/test/unit/role_test.rb",
+     "test/rails_root/test/unit/secure_methods_test.rb",
      "test/rails_root/test/unit/user_mailer_test.rb",
      "test/rails_root/test/unit/user_test.rb",
      "test/rails_root/vendor/plugins/ssl_requirement/README",
@@ -914,6 +915,7 @@ Gem::Specification.new do |s|
      "test/rails_root/test/test_helper.rb",
      "test/rails_root/test/unit/permission_test.rb",
      "test/rails_root/test/unit/role_test.rb",
+     "test/rails_root/test/unit/secure_methods_test.rb",
      "test/rails_root/test/unit/user_mailer_test.rb",
      "test/rails_root/test/unit/user_test.rb",
      "test/rails_root/vendor/plugins/ssl_requirement/lib/ssl_requirement.rb",

data/test/rails_root/app/models/user.rb

@@ -4,7 +4,17 @@ class User < ActiveRecord::Base
   end
   acts_as_muck_user
 
-  def display_name
-    'test guy'
+  # these are just for testing
+  def creator_id
+    self.id
   end
-end
+
+  def user_id
+    self.id
+  end
+
+  def shared_by_id
+    self.id
+  end
+  
+end

data/test/rails_root/test/functional/username_request_controller_test.rb

@@ -4,4 +4,36 @@ class Muck::UsernameRequestControllerTest < ActionController::TestCase
 
   tests Muck::UsernameRequestController
 
+  context "username request controller" do
+    setup do
+      @user = Factory(:user)
+    end
+    context "get new" do
+      setup do
+        get :new
+      end
+      should_respond_with :success
+      should_render_template :new
+    end
+    context "find user using email and send email message" do
+      setup do
+        post :create, :request_username => { :email => @user.email }
+      end
+      should "send username" do
+        assert_sent_email do |email|
+          email.to.include?(@user.email)
+        end
+      end
+      should_redirect_to("login") { login_path }
+    end
+    context "bad email - fail to send username" do
+      setup do
+        post :create, :request_username => { :email => 'quentin@bad_email_example.com' }
+      end
+      should_respond_with :success
+      should_render_template :new
+    end
+
+  end
+
 end

data/test/rails_root/test/shoulda_macros/controller.rb

@@ -44,6 +44,20 @@ module MuckControllerMacros
     end
   end
 
+  # make sure the response body matches the text exactly
+  def should_render_text(text)
+    should "render text #{text}" do
+      assert_equal text, @response.body
+    end
+  end
+
+  # look for the given text in the response body
+  def should_render_partial_text(text)
+    should "contain text #{text}" do
+      assert @response.body.include?(text), "Response did not contain the text '#{text}'"
+    end
+  end
+  
 end
 
 ActionController::TestCase.extend(MuckControllerMacros)

data/test/rails_root/test/test_helper.rb

@@ -35,4 +35,17 @@ class ActiveSupport::TestCase
   def ensure_flash(val)
     assert_contains flash.values, val, ", Flash: #{flash.inspect}"
   end
-end
+
+  # Add more helper methods to be used for testing xml
+  def assert_xml_tag(xml, conditions)
+    doc = HTML::Document.new(xml)
+    assert doc.find(conditions), 
+      "expected tag, but no tag found matching #{conditions.inspect} in:\n#{xml.inspect}"
+  end
+
+  def assert_no_xml_tag(xml, conditions)
+    doc = HTML::Document.new(xml)
+    assert !doc.find(conditions), 
+      "expected no tag, but found tag matching #{conditions.inspect} in:\n#{xml.inspect}"
+  end
+end

data/test/rails_root/test/unit/secure_methods_test.rb

@@ -0,0 +1,55 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class SecureMethodsTest < ActiveSupport::TestCase
+
+  context "check creator method" do
+    setup do
+      @user = Factory(:user)
+      @another_user = Factory(:user)
+    end
+    should "return true if creators are equal" do
+      assert @user.send(:check_creator, @user)
+    end
+    should "return false if creators are different" do
+      assert_equal false, @another_user.send(:check_creator, @user)
+    end
+  end
+  context "check user method" do
+    setup do
+      @user = Factory(:user)
+      @another_user = Factory(:user)
+    end
+    should "return true if users are equal" do
+      assert @user.send(:check_user, @user)
+    end
+    should "return false if users are different" do
+      assert_equal false, @another_user.send(:check_user, @user)
+    end
+  end
+  context "check sharer method" do
+    setup do
+      @user = Factory(:user)
+      @another_user = Factory(:user)
+    end
+    should "return true if sharers are equal" do
+      assert @user.send(:check_sharer, @user)
+    end
+    should "return false if sharers are different" do
+      assert_equal false, @another_user.send(:check_sharer, @user)
+    end
+  end
+  context "check method" do
+    setup do
+      @user = Factory(:user)
+      @admin = Factory(:user)
+    end
+    should " return false when user is nil" do
+      assert_equal false, @user.send(:check, nil, :user_id)
+    end
+    should "return true when user is different but an admin" do
+      @admin.add_to_role('administrator')
+      @admin.reload
+      assert @user.send(:check, @admin, :user_id)
+    end
+  end
+end

data/test/rails_root/test/unit/user_test.rb

@@ -47,6 +47,27 @@ class UserTest < ActiveSupport::TestCase
         assert user.full_name == 'quent smith'
       end
     end
+
+    should "show display name if first and last name is blank" do
+      @del_user = User.new
+      @del_user.destroy
+      assert_equal @del_user.display_name,  @del_user.full_name
+    end
+
+    should "not display sensitive information when converted to xml" do
+      @user = Factory(:user)
+      assert @user.to_xml
+      assert_xml_tag( @user.to_xml, :tag => "user" )
+      assert_xml_tag( @user.to_xml, :tag => "created-at", :parent => { :tag => "user"} )
+      assert_xml_tag( @user.to_xml, :tag => "first-name", :parent => { :tag => "user"} )     
+      assert_xml_tag( @user.to_xml, :tag => "last-name", :parent => { :tag => "user"} )
+      assert_no_xml_tag( @user.to_xml, :tag => "crypted_password" )
+    end
+
+    should "return the first_name or display_name" do
+      @user = Factory(:user)
+      assert_equal @user.short_name, CGI::escapeHTML(@user.first_name) || @user.display_name
+    end
     
     should "Create a new user and lowercase the login" do
       assert_difference 'User.count' do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: muck-users
 version: !ruby/object:Gem::Version 
-  version: 0.2.5
+  version: 0.2.6
 platform: ruby
 authors: 
 - Justin Ball
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-07-24 00:00:00 -06:00
+date: 2009-08-08 00:00:00 -06:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -910,6 +910,7 @@ files:
 - test/rails_root/test/unit/.keep
 - test/rails_root/test/unit/permission_test.rb
 - test/rails_root/test/unit/role_test.rb
+- test/rails_root/test/unit/secure_methods_test.rb
 - test/rails_root/test/unit/user_mailer_test.rb
 - test/rails_root/test/unit/user_test.rb
 - test/rails_root/vendor/plugins/ssl_requirement/README
@@ -990,6 +991,7 @@ test_files:
 - test/rails_root/test/test_helper.rb
 - test/rails_root/test/unit/permission_test.rb
 - test/rails_root/test/unit/role_test.rb
+- test/rails_root/test/unit/secure_methods_test.rb
 - test/rails_root/test/unit/user_mailer_test.rb
 - test/rails_root/test/unit/user_test.rb
 - test/rails_root/vendor/plugins/ssl_requirement/lib/ssl_requirement.rb