myobie-rails-auth 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION.yml +2 -2
- data/lib/rails-auth/authenticated_helper.rb +1 -1
- data/spec/core/activation_fixture.rb +2 -0
- data/spec/core/authentication_spec.rb +250 -0
- data/spec/core/callbacks_spec.rb +107 -0
- data/spec/core/costumizations_spec.rb +23 -0
- data/spec/core/errors_spec.rb +51 -0
- data/spec/core/strategy_spec.rb +266 -0
- data/spec/rcov.opts +1 -0
- data/spec/spec.opts +5 -0
- data/spec/spec_helper.rb +97 -0
- metadata +13 -5
data/VERSION.yml
CHANGED
@@ -8,7 +8,7 @@ module Rails
|
|
8
8
|
|
9
9
|
protected
|
10
10
|
def ensure_authenticated(*strategies)
|
11
|
-
session.authenticate!(
|
11
|
+
session.authenticate!(request, params, *strategies) unless session.authenticated?
|
12
12
|
auth = session.authentication
|
13
13
|
if auth.halted?
|
14
14
|
response.headers.merge!(auth.headers)
|
@@ -0,0 +1,250 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
describe "Rails::Authentication Session" do
|
4
|
+
|
5
|
+
before(:each) do
|
6
|
+
ActionController::TestSession.send :include, Rails::Authentication::SessionMixin
|
7
|
+
@session = ActionController::TestSession.new
|
8
|
+
end
|
9
|
+
|
10
|
+
describe "module methods" do
|
11
|
+
|
12
|
+
before(:each) do
|
13
|
+
@m = mock("mock")
|
14
|
+
clear_strategies!
|
15
|
+
end
|
16
|
+
|
17
|
+
after(:all) { clear_strategies! }
|
18
|
+
|
19
|
+
describe "store_user" do
|
20
|
+
it{@session.authentication.should respond_to(:store_user)}
|
21
|
+
end
|
22
|
+
|
23
|
+
describe "fetch_user" do
|
24
|
+
it{@session.authentication.should respond_to(:fetch_user)}
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
28
|
+
|
29
|
+
describe "error_message" do
|
30
|
+
|
31
|
+
before(:each) do
|
32
|
+
@auth = Rails::Authentication.new(@session)
|
33
|
+
end
|
34
|
+
|
35
|
+
it "should be 'Could not log in' by default" do
|
36
|
+
@auth.error_message.should == "Could not log in"
|
37
|
+
end
|
38
|
+
|
39
|
+
it "should allow a user to set the error message" do
|
40
|
+
@auth.error_message = "You won't!"
|
41
|
+
@auth.error_message.should == "You won't!"
|
42
|
+
end
|
43
|
+
|
44
|
+
end
|
45
|
+
|
46
|
+
describe "user" do
|
47
|
+
|
48
|
+
it "should call fetch_user with the session contents to load the user" do
|
49
|
+
@session[:user] = 42
|
50
|
+
@session.authentication.should_receive(:fetch_user).with(42)
|
51
|
+
@session.user
|
52
|
+
end
|
53
|
+
|
54
|
+
it "should set the @user instance variable" do
|
55
|
+
@session[:user] = 42
|
56
|
+
@session.authentication.should_receive(:fetch_user).and_return("THE USER")
|
57
|
+
@session.user
|
58
|
+
@session.authentication.user.should == "THE USER"
|
59
|
+
end
|
60
|
+
|
61
|
+
it "should cache the user in an instance variable" do
|
62
|
+
@session[:user] = 42
|
63
|
+
@session.authentication.should_receive(:fetch_user).once.and_return("THE USER")
|
64
|
+
@session.user
|
65
|
+
@session.authentication.user.should == "THE USER"
|
66
|
+
@session.user
|
67
|
+
end
|
68
|
+
|
69
|
+
it "should set the ivar to nil if the session is nil" do
|
70
|
+
@session[:user] = nil
|
71
|
+
@session.user.should be_nil
|
72
|
+
end
|
73
|
+
|
74
|
+
end
|
75
|
+
|
76
|
+
describe "user=" do
|
77
|
+
before(:each) do
|
78
|
+
@user = mock("user")
|
79
|
+
@session.authentication.stub!(:fetch_user).and_return(@user)
|
80
|
+
end
|
81
|
+
|
82
|
+
it "should call store_user on the session to get the value to store in the session" do
|
83
|
+
@session.authentication.should_receive(:store_user).with(@user)
|
84
|
+
@session.user = @user
|
85
|
+
end
|
86
|
+
|
87
|
+
it "should set the instance variable to nil if the return of store_user is nil" do
|
88
|
+
@session.authentication.should_receive(:store_user).and_return(nil)
|
89
|
+
@session.user = @user
|
90
|
+
@session.user.should be_nil
|
91
|
+
end
|
92
|
+
|
93
|
+
it "should set the instance varaible to nil if the return of store_user is false" do
|
94
|
+
@session.authentication.should_receive(:store_user).and_return(false)
|
95
|
+
@session.user = @user
|
96
|
+
@session.user.should be_nil
|
97
|
+
end
|
98
|
+
|
99
|
+
it "should set the instance variable to the value of user if store_user is not nil or false" do
|
100
|
+
@session.authentication.should_receive(:store_user).and_return(42)
|
101
|
+
@session.user = @user
|
102
|
+
@session.user.should == @user
|
103
|
+
@session[:user].should == 42
|
104
|
+
end
|
105
|
+
end
|
106
|
+
|
107
|
+
describe "abandon!" do
|
108
|
+
|
109
|
+
before(:each) do
|
110
|
+
@user = mock("user")
|
111
|
+
@session.authentication.stub!(:fetch_user).and_return(@user)
|
112
|
+
@session.authentication.stub!(:store_user).and_return(42)
|
113
|
+
@session[:user] = 42
|
114
|
+
@session.user
|
115
|
+
end
|
116
|
+
|
117
|
+
it "should delete the session" do
|
118
|
+
@session.should_receive(:clear)
|
119
|
+
@session.abandon!
|
120
|
+
end
|
121
|
+
|
122
|
+
it "should not have a user after it is abandoned" do
|
123
|
+
@session.user.should == @user
|
124
|
+
@session.abandon!
|
125
|
+
@session.user.should be_nil
|
126
|
+
end
|
127
|
+
end
|
128
|
+
|
129
|
+
describe "#authenticate" do
|
130
|
+
|
131
|
+
before(:all) do
|
132
|
+
clear_strategies!
|
133
|
+
end
|
134
|
+
|
135
|
+
after(:all) do
|
136
|
+
clear_strategies!
|
137
|
+
end
|
138
|
+
|
139
|
+
before(:each) do
|
140
|
+
class Sone < Rails::Authentication::Strategy
|
141
|
+
def run!
|
142
|
+
Viking.capture(Sone)
|
143
|
+
params[:pass_1]
|
144
|
+
end
|
145
|
+
end
|
146
|
+
class Stwo < Rails::Authentication::Strategy
|
147
|
+
def run!
|
148
|
+
Viking.capture(Stwo)
|
149
|
+
params[:pass_2]
|
150
|
+
end
|
151
|
+
end
|
152
|
+
class Sthree < Rails::Authentication::Strategy
|
153
|
+
def run!
|
154
|
+
Viking.capture(Sthree)
|
155
|
+
params[:pass_3]
|
156
|
+
end
|
157
|
+
end
|
158
|
+
class Sfour < Rails::Authentication::Strategy
|
159
|
+
abstract!
|
160
|
+
|
161
|
+
def run!
|
162
|
+
"BAD MAN"
|
163
|
+
end
|
164
|
+
end
|
165
|
+
|
166
|
+
Sfour.should_not_receive(:run!)
|
167
|
+
@request = ActionController::TestRequest.new
|
168
|
+
@auth = Rails::Authentication.new(@request.session)
|
169
|
+
Viking.captures.clear
|
170
|
+
end
|
171
|
+
|
172
|
+
it "should execute the strategies in the default order" do
|
173
|
+
@request.params[:pass_3] = true
|
174
|
+
@auth.authenticate!(@request, @request.params)
|
175
|
+
@auth.selected_strategy.should == Sthree
|
176
|
+
Viking.captures.should == %w( Sone Stwo Sthree )
|
177
|
+
end
|
178
|
+
|
179
|
+
|
180
|
+
it "should run the strategeis until if finds a non nil non false" do
|
181
|
+
@request.params[:pass_2] = true
|
182
|
+
@auth.authenticate!(@request, @request.params)
|
183
|
+
@auth.selected_strategy.should == Stwo
|
184
|
+
Viking.captures.should == %w( Sone Stwo )
|
185
|
+
end
|
186
|
+
|
187
|
+
it "should raise an Unauthenticated exception if no 'user' is found" do
|
188
|
+
lambda do
|
189
|
+
@auth.authenticate!(@request, @request.params)
|
190
|
+
@auth.selected_strategy.should be_nil
|
191
|
+
end.should raise_error(Rails::Authentication::Unauthenticated)
|
192
|
+
end
|
193
|
+
|
194
|
+
it "should store the user into the session if one is found" do
|
195
|
+
@auth.should_receive(:user=).with("WINNA")
|
196
|
+
@request.params[:pass_1] = "WINNA"
|
197
|
+
@auth.authenticate!(@request, @request.params)
|
198
|
+
end
|
199
|
+
|
200
|
+
it "should use the Authentiation#error_message as the error message" do
|
201
|
+
@auth.should_receive(:error_message).and_return("BAD BAD BAD")
|
202
|
+
lambda do
|
203
|
+
@auth.authenticate!(@request, @request.params)
|
204
|
+
end.should raise_error(Rails::Authentication::Unauthenticated, "BAD BAD BAD")
|
205
|
+
end
|
206
|
+
|
207
|
+
it "should execute the strategies as passed into the authenticate! method" do
|
208
|
+
@request.params[:pass_1] = true
|
209
|
+
@auth.authenticate!(@request, @request.params, Stwo, Sone)
|
210
|
+
@auth.selected_strategy.should == Sone
|
211
|
+
Viking.captures.should == ["Stwo", "Sone"]
|
212
|
+
end
|
213
|
+
|
214
|
+
describe "Strategy loading as strings" do
|
215
|
+
|
216
|
+
before :each do
|
217
|
+
Rails::Authentication.reset_strategy_lookup!
|
218
|
+
|
219
|
+
class Rails::Authentication::Strategies::Zone < Rails::Authentication::Strategy
|
220
|
+
def run!
|
221
|
+
Viking.capture(Rails::Authentication::Strategies::Zone)
|
222
|
+
params[:z_one]
|
223
|
+
end
|
224
|
+
end
|
225
|
+
end
|
226
|
+
|
227
|
+
it "should allow for loading the strategies as strings" do
|
228
|
+
@request.params[:z_one] = "z_one"
|
229
|
+
@request.session.authenticate!(@request, @request.params, "Zone")
|
230
|
+
@request.session.user.should == "z_one"
|
231
|
+
end
|
232
|
+
|
233
|
+
it "should raise a const missing error when the strategy is not namespaced" do
|
234
|
+
@request.params[:pass_1] = "s_one"
|
235
|
+
lambda do
|
236
|
+
@request.session.authenticate!(@request, @request.params, "Sone")
|
237
|
+
end.should raise_error(NameError)
|
238
|
+
end
|
239
|
+
|
240
|
+
|
241
|
+
it "should allow a mix of strategies as strings or classes" do
|
242
|
+
@request.params[:pass_2] = "s_two"
|
243
|
+
@request.session.authenticate!(@request, @request.params, "Zone", Sone, Stwo)
|
244
|
+
Viking.captures.should == %w(Rails::Authentication::Strategies::Zone Sone Stwo)
|
245
|
+
end
|
246
|
+
end
|
247
|
+
|
248
|
+
end
|
249
|
+
|
250
|
+
end
|
@@ -0,0 +1,107 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), "..", 'spec_helper.rb')
|
2
|
+
|
3
|
+
describe "Authentication callbacks" do
|
4
|
+
|
5
|
+
before(:all) do
|
6
|
+
ActionController::TestSession.send :include, Rails::Authentication::SessionMixin
|
7
|
+
end
|
8
|
+
|
9
|
+
|
10
|
+
before(:each) do
|
11
|
+
Rails::Authentication.after_callbacks.clear
|
12
|
+
clear_strategies!
|
13
|
+
Viking.captures.clear
|
14
|
+
|
15
|
+
# A basic user model that has some simple methods
|
16
|
+
# to set and aknowlege that it's been called
|
17
|
+
class AUser
|
18
|
+
attr_accessor :active, :name
|
19
|
+
|
20
|
+
def initialize(params)
|
21
|
+
params.each do |k,v|
|
22
|
+
instance_variable_set("@#{k}", v)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def acknowledge(value)
|
27
|
+
Viking.capture(value)
|
28
|
+
end
|
29
|
+
|
30
|
+
def acknowledge!(value = "default acknowledge")
|
31
|
+
throw(:acknowledged, value)
|
32
|
+
end
|
33
|
+
|
34
|
+
def method_missing(name, *args)
|
35
|
+
if /(.*?)\?$/ =~ name.to_s
|
36
|
+
!!instance_variable_get("@#{$1}")
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
# Create a strategy to test the after stuff
|
42
|
+
class MyStrategy < Rails::Authentication::Strategy
|
43
|
+
def run!
|
44
|
+
AUser.new(request.params[:user] || {}) unless request.params[:no_user]
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
@request = fake_request
|
49
|
+
@params = @request.params
|
50
|
+
@auth = Rails::Authentication.new(@request.session)
|
51
|
+
end
|
52
|
+
|
53
|
+
after(:all) do
|
54
|
+
clear_strategies!
|
55
|
+
Rails::Authentication.after_callbacks.clear
|
56
|
+
end
|
57
|
+
|
58
|
+
it "should allow you to setup a callback as a block" do
|
59
|
+
Rails::Authentication.after_authentication{ |user, request, params| user.acknowledge!("w00t threw it") }
|
60
|
+
result = catch(:acknowledged) do
|
61
|
+
@request.session.authenticate!(@request, @params)
|
62
|
+
end
|
63
|
+
result.should == "w00t threw it"
|
64
|
+
end
|
65
|
+
|
66
|
+
it "should allow you to setup a callback as a method" do
|
67
|
+
Rails::Authentication.after_authentication(:acknowledge!)
|
68
|
+
result = catch(:acknowledged) do
|
69
|
+
result = @request.session.authenticate!(@request,@params)
|
70
|
+
end
|
71
|
+
result.should == "default acknowledge"
|
72
|
+
end
|
73
|
+
|
74
|
+
it "should allow many callbacks to be setup and executed" do
|
75
|
+
Rails::Authentication.after_authentication{|u,r,p| u.acknowledge("first"); u}
|
76
|
+
Rails::Authentication.after_authentication{|u,r,p| u.acknowledge("second"); u}
|
77
|
+
@request.session.authenticate!(@request, @params)
|
78
|
+
Viking.captures.should == %w(first second)
|
79
|
+
end
|
80
|
+
|
81
|
+
it "should stop processing if the user is not returned from the callback" do
|
82
|
+
Rails::Authentication.after_authentication{|u,r,p| u.acknowledge("first"); nil}
|
83
|
+
Rails::Authentication.after_authentication{|u,r,p| u.acknowledge("second"); u}
|
84
|
+
lambda do
|
85
|
+
@request.session.authenticate!(@request,@params)
|
86
|
+
end.should raise_error(Rails::Authentication::Unauthenticated)
|
87
|
+
Viking.captures.should == ["first"]
|
88
|
+
end
|
89
|
+
|
90
|
+
it "should raise an Unauthenticated if a callback returns nil" do
|
91
|
+
Rails::Authentication.after_authentication{|u,r,p| nil }
|
92
|
+
lambda do
|
93
|
+
@request.session.authenticate!(@request,@params)
|
94
|
+
end.should raise_error(Rails::Authentication::Unauthenticated)
|
95
|
+
end
|
96
|
+
|
97
|
+
it "should not try to process the callbacks when no user is found" do
|
98
|
+
Rails::Authentication.after_authentication{|u,r,p| u.acknowledge("first"); u}
|
99
|
+
Rails::Authentication.after_authentication{|u,r,p| u.acknowledge("second"); u}
|
100
|
+
@request.params[:no_user] = true
|
101
|
+
lambda do
|
102
|
+
@request.session.authenticate!(@request,@params)
|
103
|
+
end.should raise_error(Rails::Authentication::Unauthenticated)
|
104
|
+
Viking.captures.should be_empty
|
105
|
+
end
|
106
|
+
|
107
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
# NOT SUPPORTED YET!
|
3
|
+
#
|
4
|
+
# describe "Rails::Authentication.customizations" do
|
5
|
+
#
|
6
|
+
# before(:each) do
|
7
|
+
# Rails::Authentication.default_customizations.clear
|
8
|
+
# end
|
9
|
+
#
|
10
|
+
# it "should allow addition to the customizations" do
|
11
|
+
# Rails::Authentication.customize_default { "ONE" }
|
12
|
+
# Rails::Authentication.default_customizations.first.call.should == "ONE"
|
13
|
+
# end
|
14
|
+
#
|
15
|
+
# it "should allow multiple additions to the customizations" do
|
16
|
+
# Rails::Authentication.customize_default {"ONE"}
|
17
|
+
# Rails::Authentication.customize_default {"TWO"}
|
18
|
+
#
|
19
|
+
# Rails::Authentication.default_customizations.first.call.should == "ONE"
|
20
|
+
# Rails::Authentication.default_customizations.last.call.should == "TWO"
|
21
|
+
# end
|
22
|
+
#
|
23
|
+
# end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
describe Rails::Authentication::Errors do
|
4
|
+
|
5
|
+
before(:each) do
|
6
|
+
@errors = Rails::Authentication::Errors.new
|
7
|
+
end
|
8
|
+
|
9
|
+
it "should report that it is empty on first creation" do
|
10
|
+
@errors.empty?.should == true
|
11
|
+
end
|
12
|
+
|
13
|
+
it "should continue to report that it is empty even after being checked" do
|
14
|
+
@errors.on(:foo)
|
15
|
+
@errors.empty?.should == true
|
16
|
+
end
|
17
|
+
|
18
|
+
it "should add an error" do
|
19
|
+
@errors.add(:login, "Login or password incorrect")
|
20
|
+
@errors[:login].should == ["Login or password incorrect"]
|
21
|
+
end
|
22
|
+
|
23
|
+
it "should allow many errors to be added to the same field" do
|
24
|
+
@errors.add(:login, "bad 1")
|
25
|
+
@errors.add(:login, "bad 2")
|
26
|
+
@errors.on(:login).should == ["bad 1", "bad 2"]
|
27
|
+
end
|
28
|
+
|
29
|
+
it "should give the full messages for an error" do
|
30
|
+
@errors.add(:login, "login wrong")
|
31
|
+
@errors.add(:password, "password wrong")
|
32
|
+
["password wrong", "login wrong"].each do |msg|
|
33
|
+
@errors.full_messages.should include(msg)
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
it "should return the error for a specific field / label" do
|
38
|
+
@errors.add(:login, "wrong")
|
39
|
+
@errors.on(:login).should == ["wrong"]
|
40
|
+
end
|
41
|
+
|
42
|
+
it "should return nil for a specific field if it's not been set" do
|
43
|
+
@errors.on(:not_there).should be_nil
|
44
|
+
end
|
45
|
+
|
46
|
+
it "should provide an errors instance method on the Authentication instance" do
|
47
|
+
a = Rails::Authentication.new(ActionController::TestSession.new)
|
48
|
+
a.errors.should be_a_kind_of(Rails::Authentication::Errors)
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
@@ -0,0 +1,266 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
describe Rails::Authentication::Strategy do
|
4
|
+
|
5
|
+
before(:each) { clear_strategies! }
|
6
|
+
after(:all) { clear_strategies! }
|
7
|
+
|
8
|
+
describe "adding a strategy" do
|
9
|
+
|
10
|
+
it "should add an strategy" do
|
11
|
+
class MyStrategy < Rails::Authentication::Strategy; end
|
12
|
+
Rails::Authentication.strategies.include?(MyStrategy).should be_true
|
13
|
+
end
|
14
|
+
|
15
|
+
it "should keep track of the strategies" do
|
16
|
+
class Uno < Rails::Authentication::Strategy; end
|
17
|
+
class Dos < Rails::Authentication::Strategy; end
|
18
|
+
Rails::Authentication.strategies.should include(Uno, Dos)
|
19
|
+
Rails::Authentication.default_strategy_order.pop
|
20
|
+
Rails::Authentication.strategies.should include(Uno, Dos)
|
21
|
+
end
|
22
|
+
|
23
|
+
it "should add multiple strategies in order of declaration" do
|
24
|
+
class Uno < Rails::Authentication::Strategy; end
|
25
|
+
class Dos < Rails::Authentication::Strategy; end
|
26
|
+
Rails::Authentication.default_strategy_order.should == [Uno, Dos]
|
27
|
+
end
|
28
|
+
|
29
|
+
it "should allow an strategy to be inserted _before_ another strategy in the default order" do
|
30
|
+
class Uno < Rails::Authentication::Strategy; end
|
31
|
+
class Dos < Rails::Authentication::Strategy; end
|
32
|
+
class MyStrategy < Rails::Authentication::Strategy
|
33
|
+
before Dos
|
34
|
+
end
|
35
|
+
Rails::Authentication.default_strategy_order.should == [Uno, MyStrategy, Dos]
|
36
|
+
end
|
37
|
+
|
38
|
+
it "should allow an strategy to be inserted _after_ another strategy in the default order" do
|
39
|
+
class Uno < Rails::Authentication::Strategy; end
|
40
|
+
class Dos < Rails::Authentication::Strategy; end
|
41
|
+
class MyStrategy < Rails::Authentication::Strategy
|
42
|
+
after Uno
|
43
|
+
end
|
44
|
+
Rails::Authentication.default_strategy_order.should == [Uno, MyStrategy, Dos]
|
45
|
+
end
|
46
|
+
|
47
|
+
end
|
48
|
+
|
49
|
+
describe "the default order" do
|
50
|
+
|
51
|
+
it "should allow a user to overwrite the default order" do
|
52
|
+
class Uno < Rails::Authentication::Strategy; end
|
53
|
+
class Dos < Rails::Authentication::Strategy; end
|
54
|
+
Rails::Authentication.default_strategy_order = [Dos]
|
55
|
+
Rails::Authentication.default_strategy_order.should == [Dos]
|
56
|
+
end
|
57
|
+
|
58
|
+
it "should get raise an error if any strategy is not a Rails::Authentication::Strategy subclass" do
|
59
|
+
class Uno < Rails::Authentication::Strategy; end
|
60
|
+
class Dos < Rails::Authentication::Strategy; end
|
61
|
+
lambda do
|
62
|
+
Rails::Authentication.default_strategy_order = [Dos, String]
|
63
|
+
end.should raise_error(ArgumentError)
|
64
|
+
end
|
65
|
+
|
66
|
+
it "should raise a not implemented error if the run! method is not defined in the subclass" do
|
67
|
+
class Uno < Rails::Authentication::Strategy; end
|
68
|
+
class Dos < Rails::Authentication::Strategy; end
|
69
|
+
lambda do
|
70
|
+
request = fake_request
|
71
|
+
Dos.new(request, request.params).run!
|
72
|
+
end.should raise_error(Rails::Authentication::NotImplemented)
|
73
|
+
end
|
74
|
+
|
75
|
+
it "should not raise an implemented error if the run! method is defined on the subclass" do
|
76
|
+
class Dos < Rails::Authentication::Strategy; def run!; end; end
|
77
|
+
lambda do
|
78
|
+
request = fake_request
|
79
|
+
Dos.new(request, request.params).run!
|
80
|
+
end.should_not raise_error(Rails::Authentication::NotImplemented)
|
81
|
+
end
|
82
|
+
|
83
|
+
end
|
84
|
+
|
85
|
+
describe "convinience methods" do
|
86
|
+
|
87
|
+
before(:each) do
|
88
|
+
class Uno < Rails::Authentication::Strategy; def run; end; end
|
89
|
+
@request = fake_request
|
90
|
+
@strategy = Uno.new(@request, { :params => true })
|
91
|
+
end
|
92
|
+
|
93
|
+
it "should provide a params helper that defers to the controller's request" do
|
94
|
+
@strategy.params.should == { :params => true }
|
95
|
+
end
|
96
|
+
|
97
|
+
it "should provide a cookies helper" do
|
98
|
+
@request.should_receive(:cookies).and_return("COOKIES")
|
99
|
+
@strategy.cookies.should == "COOKIES"
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
|
104
|
+
describe "#user_class" do
|
105
|
+
|
106
|
+
# This allows you to scope a particular strategy to a particular user class object
|
107
|
+
# By inheriting you can add multiple user types to the authentication process
|
108
|
+
|
109
|
+
before(:each) do
|
110
|
+
class Sone < Rails::Authentication::Strategy; def run!; end; end
|
111
|
+
class Stwo < Sone; end
|
112
|
+
|
113
|
+
class Mone < Rails::Authentication::Strategy
|
114
|
+
def user_class; String; end
|
115
|
+
def run!; end
|
116
|
+
end
|
117
|
+
class Mtwo < Mone; end
|
118
|
+
|
119
|
+
class Pone < Rails::Authentication::Strategy
|
120
|
+
abstract!
|
121
|
+
def user_class; Hash; end
|
122
|
+
def special_method; true end
|
123
|
+
end
|
124
|
+
class Ptwo < Pone; end;
|
125
|
+
|
126
|
+
@request = fake_request
|
127
|
+
end
|
128
|
+
|
129
|
+
it "should allow being set to an abstract strategy" do
|
130
|
+
Pone.abstract?.should be_true
|
131
|
+
end
|
132
|
+
|
133
|
+
it "should not set the child class of an abstract class to be abstract" do
|
134
|
+
Ptwo.abstract?.should be_false
|
135
|
+
end
|
136
|
+
|
137
|
+
it "should implement a user_class helper" do
|
138
|
+
s = Sone.new(@request, @request.params)
|
139
|
+
s.user_class.should == User
|
140
|
+
end
|
141
|
+
|
142
|
+
it "should make it into the strategies collection when subclassed from a subclass" do
|
143
|
+
Rails::Authentication.strategies.should include(Mtwo)
|
144
|
+
end
|
145
|
+
|
146
|
+
it "should make it in the default_strategy_order when subclassed from a subclass" do
|
147
|
+
Rails::Authentication.default_strategy_order.should include(Mtwo)
|
148
|
+
end
|
149
|
+
|
150
|
+
it "should defer to the Merb::Authentication.user_class if not over written" do
|
151
|
+
Rails::Authentication.should_receive(:user_class).and_return(User)
|
152
|
+
s = Sone.new(@request, @request.params)
|
153
|
+
s.user_class
|
154
|
+
end
|
155
|
+
|
156
|
+
it "should inherit the user class from it's parent by default" do
|
157
|
+
Rails::Authentication.should_receive(:user_class).and_return(User)
|
158
|
+
s = Stwo.new(@request, @request.params)
|
159
|
+
s.user_class.should == User
|
160
|
+
end
|
161
|
+
|
162
|
+
it "should inherit the user_class form it's parent when the parent defines a new one" do
|
163
|
+
Rails::Authentication.should_not_receive(:user_class)
|
164
|
+
m = Mtwo.new(@request, @request.params)
|
165
|
+
m.user_class.should == String
|
166
|
+
end
|
167
|
+
|
168
|
+
end
|
169
|
+
|
170
|
+
describe "#redirect!" do
|
171
|
+
|
172
|
+
before(:all) do
|
173
|
+
class FooController < ActionController::Base
|
174
|
+
def index; "FooController#index"; end
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
178
|
+
before(:each) do
|
179
|
+
class MyStrategy < Rails::Authentication::Strategy
|
180
|
+
def run!
|
181
|
+
if params[:url]
|
182
|
+
params[:status] ? redirect!(params[:url], :status => params[:status]) : redirect!(params[:url])
|
183
|
+
else
|
184
|
+
"WHATHA"
|
185
|
+
end
|
186
|
+
end #run!
|
187
|
+
end # MyStrategy
|
188
|
+
|
189
|
+
ActionController::Routing::Routes.reload!
|
190
|
+
ActionController::Routing::Routes.draw { |map| map.root :controller => 'foo' }
|
191
|
+
@request = fake_request
|
192
|
+
@s = MyStrategy.new(@request, @request.params)
|
193
|
+
end
|
194
|
+
|
195
|
+
it "allow for a redirect!" do
|
196
|
+
@s.redirect!("/somewhere")
|
197
|
+
@s.headers["Location"].should == "/somewhere"
|
198
|
+
end
|
199
|
+
|
200
|
+
it "should provide access to setting the headers" do
|
201
|
+
@s.headers["Location"] = "/a/uri"
|
202
|
+
@s.headers["Location"].should == "/a/uri"
|
203
|
+
end
|
204
|
+
|
205
|
+
it "should allow access to the setting header" do
|
206
|
+
@s.status = 403
|
207
|
+
@s.status.should == 403
|
208
|
+
end
|
209
|
+
|
210
|
+
it "should return nil for the Location if it is not redirected" do
|
211
|
+
@s.should_not be_redirected
|
212
|
+
@s.headers["Location"].should be_nil
|
213
|
+
end
|
214
|
+
|
215
|
+
it "should pass through the options to the redirect options" do
|
216
|
+
@s.redirect!("/somewhere", :status => 401)
|
217
|
+
@s.headers["Location"].should == "/somewhere"
|
218
|
+
@s.status.should == 401
|
219
|
+
end
|
220
|
+
|
221
|
+
it "should set a redirect with a permanent true" do
|
222
|
+
@s.redirect!("/somewhere", :permanent => true)
|
223
|
+
@s.status.should == 301
|
224
|
+
end
|
225
|
+
|
226
|
+
it "should be redirected?" do
|
227
|
+
@s.should_not be_redirected
|
228
|
+
@s.redirect!("/somewhere")
|
229
|
+
@s.should be_redirected
|
230
|
+
end
|
231
|
+
|
232
|
+
it "should set an strategy to halted" do
|
233
|
+
@s.redirect!("/somewhere")
|
234
|
+
@s.should be_halted
|
235
|
+
end
|
236
|
+
|
237
|
+
it "should allow a body to be set" do
|
238
|
+
@s.body = "body"
|
239
|
+
@s.body.should == "body"
|
240
|
+
end
|
241
|
+
|
242
|
+
end
|
243
|
+
=begin
|
244
|
+
describe "register strategies" do
|
245
|
+
|
246
|
+
it "should allow for a strategy to be registered" do
|
247
|
+
Rails::Authentication.register(:test_one, "/path/to/strategy")
|
248
|
+
Rails::Authentication.registered_strategies[:test_one].should == "/path/to/strategy"
|
249
|
+
end
|
250
|
+
|
251
|
+
it "should activate a strategy" do
|
252
|
+
Rails::Authentication.register(:test_activation, File.expand_path(File.dirname(__FILE__)) / 'activation_fixture')
|
253
|
+
defined?(TheActivationTest).should be_nil
|
254
|
+
Rails::Authentication.activate!(:test_activation)
|
255
|
+
defined?(TheActivationTest).should_not be_nil
|
256
|
+
end
|
257
|
+
|
258
|
+
it "should raise if the strategy is not registered" do
|
259
|
+
lambda do
|
260
|
+
Rails::Authentication.activate!(:not_here)
|
261
|
+
end.should raise_error
|
262
|
+
end
|
263
|
+
|
264
|
+
end
|
265
|
+
=end
|
266
|
+
end
|
data/spec/rcov.opts
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
--exclude "spec/*"
|
data/spec/spec.opts
ADDED
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,97 @@
|
|
1
|
+
$:.push File.join(File.dirname(__FILE__), '..', 'lib')
|
2
|
+
require "rubygems"
|
3
|
+
require "action_controller"
|
4
|
+
require "action_controller/test_process"
|
5
|
+
require "spec"
|
6
|
+
#require "spec/rails"
|
7
|
+
require "rails-auth"
|
8
|
+
|
9
|
+
module StrategyHelper
|
10
|
+
|
11
|
+
def clear_strategies!
|
12
|
+
Rails::Authentication.strategies.each do |s|
|
13
|
+
begin
|
14
|
+
Object.class_eval{ remove_const(s.name) if defined?(s)}
|
15
|
+
rescue
|
16
|
+
end
|
17
|
+
end
|
18
|
+
Rails::Authentication.strategies.clear
|
19
|
+
Rails::Authentication.default_strategy_order.clear
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
23
|
+
|
24
|
+
module TestRequestHelper
|
25
|
+
|
26
|
+
def fake_request(env = {})
|
27
|
+
ActionController::TestRequest.new(env)
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
31
|
+
|
32
|
+
Spec::Runner.configure do |config|
|
33
|
+
config.include(TestRequestHelper)
|
34
|
+
config.include(StrategyHelper)
|
35
|
+
end
|
36
|
+
|
37
|
+
class User
|
38
|
+
attr_accessor :name, :age, :id
|
39
|
+
|
40
|
+
def initialize(opts = {})
|
41
|
+
@name = opts.fetch(:name, "NAME")
|
42
|
+
@age = opts.fetch(:age, 30)
|
43
|
+
@id = opts.fetch(:id, 23)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
class Application < ActionController::Base
|
48
|
+
end
|
49
|
+
|
50
|
+
class UsersController < Application
|
51
|
+
before_filter :ensure_authenticated
|
52
|
+
|
53
|
+
def index
|
54
|
+
"You made it pal!"
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
class DingbatsController < Application
|
59
|
+
skip_before_filter :ensure_authenticated
|
60
|
+
|
61
|
+
def index
|
62
|
+
"You made it buddy!"
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
class Rails::Authentication
|
67
|
+
def fetch_user(id=23)
|
68
|
+
if id.nil?
|
69
|
+
nil
|
70
|
+
else
|
71
|
+
u = User.new(:id => id)
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
def store_user(user)
|
76
|
+
user.nil? ? nil : 23
|
77
|
+
end
|
78
|
+
|
79
|
+
end
|
80
|
+
|
81
|
+
Rails::Authentication.user_class = 'User'
|
82
|
+
|
83
|
+
class Viking
|
84
|
+
def self.captures
|
85
|
+
@captures ||= []
|
86
|
+
end
|
87
|
+
|
88
|
+
def self.capture(klass)
|
89
|
+
@captures ||= []
|
90
|
+
case klass
|
91
|
+
when Class
|
92
|
+
@captures << klass.name
|
93
|
+
else
|
94
|
+
@captures << klass
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: myobie-rails-auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nathan Herald
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2009-
|
12
|
+
date: 2009-03-27 00:00:00 -07:00
|
13
13
|
default_executable:
|
14
14
|
dependencies: []
|
15
15
|
|
@@ -41,12 +41,20 @@ files:
|
|
41
41
|
- lib/rails-auth/session_mixin.rb
|
42
42
|
- lib/rails-auth/strategies
|
43
43
|
- lib/rails-auth/strategies/abstract_password.rb
|
44
|
-
- lib/rails-auth/strategies/password_form.rb
|
45
44
|
- lib/rails-auth/strategies/openid.rb
|
45
|
+
- lib/rails-auth/strategies/password_form.rb
|
46
46
|
- lib/rails-auth/strategy.rb
|
47
47
|
- lib/rails-auth.rb
|
48
|
-
-
|
49
|
-
-
|
48
|
+
- spec/core
|
49
|
+
- spec/core/activation_fixture.rb
|
50
|
+
- spec/core/authentication_spec.rb
|
51
|
+
- spec/core/callbacks_spec.rb
|
52
|
+
- spec/core/costumizations_spec.rb
|
53
|
+
- spec/core/errors_spec.rb
|
54
|
+
- spec/core/strategy_spec.rb
|
55
|
+
- spec/rcov.opts
|
56
|
+
- spec/spec.opts
|
57
|
+
- spec/spec_helper.rb
|
50
58
|
has_rdoc: true
|
51
59
|
homepage: http://github.com/myobie/rails-auth
|
52
60
|
post_install_message:
|