omniauth-shopify-oauth2 2.2.1 → 2.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8ce833c2725777b3827b0ab489eade910d3ef1998cd9b9bc16d9ec1f2492f3dd
-  data.tar.gz: cd0bb274266046f948c6ad3838394fc6392efac50567d488d0e1532e3fc165a1
+  metadata.gz: 1f79e7c2eb47cf4f303c1f8cb850da4bd9796f5b303b0a4ef52819460d353c4f
+  data.tar.gz: 1bb889fe7e031d419f7b11f49404ffcfbd4767f0c92295af679faed935555850
 SHA512:
-  metadata.gz: 7f5223c3153f3bf188054fa647362575774abe5637bdeee8b8a6512bad3a33f5fa2d8ea4489b1f9174377a525483fbb7b47c2d39d6779c01b30fbe70a3b9b426
-  data.tar.gz: 844a9b2d387ba187117c2ef9aa7f06e624eb2ff1b4d0a35aa49e94a5d384fdfc86e40343b2ddca49847543b05dd341ce86c06da18b4f973a7d711693080b3de7
+  metadata.gz: 0e94434e74dd9f35eb13127b5e5bf44c5471280bf9b783fc170f7168529be5bc18a2b29ef422df77622e6e879dc505b434ef0cb83f32986e3476c72c7f0cf5d8
+  data.tar.gz: 76ae229909c8a01b1bcc6ba2832ca9b4a3cf2d3f0d1bc86fd84781b54e460e6638d59f2046a58e590fc70bf7719d5ee2a967cc1f0bd693fc598bb88d871b3e1b

data/lib/omniauth/shopify/version.rb

@@ -1,5 +1,5 @@
 module OmniAuth
   module Shopify
-    VERSION = "2.2.1"
+    VERSION = "2.2.2"
   end
 end

data/lib/omniauth/strategies/shopify.rb

@@ -94,7 +94,12 @@ module OmniAuth
       end
 
       def valid_permissions?(token)
-        token && (options[:per_user_permissions] == !token['associated_user'].nil?)
+        return false unless token
+
+        return true if options[:per_user_permissions] && token['associated_user']
+        return true if !options[:per_user_permissions] && !token['associated_user']
+
+        false
       end
 
       def fix_https

data/omniauth-shopify-oauth2.gemspec

@@ -21,6 +21,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency 'activesupport'
 
   s.add_development_dependency 'minitest', '~> 5.6'
+  s.add_development_dependency 'rspec', '~> 3.9.0'
   s.add_development_dependency 'fakeweb', '~> 1.3'
   s.add_development_dependency 'rake'
 end

data/spec/omniauth/strategies/shopify_spec.rb

@@ -1,4 +1,3 @@
-require 'spec_helper'
 require 'omniauth-shopify-oauth2'
 require 'base64'
 
@@ -141,4 +140,80 @@ describe OmniAuth::Strategies::Shopify do
       subject.valid_site?.should eq(true)
     end
   end
+
+  describe '#valid_permissions?' do
+    let(:associated_user) do
+      {}
+    end
+
+    let(:token) do
+      {
+        'associated_user' => associated_user,
+      }
+    end
+
+    it 'returns false if there is no token' do
+      expect(subject.valid_permissions?(nil)).to be_falsey
+    end
+
+    context 'with per_user_permissions is present' do
+      before do
+        @options = @options.merge(per_user_permissions: true)
+      end
+
+      context 'when token does not have associated user' do
+        let(:associated_user) { nil }
+
+        it 'return false' do
+          expect(subject.valid_permissions?(token)).to be_falsey
+        end
+      end
+
+      context 'when token has associated user' do
+        it 'return true' do
+          expect(subject.valid_permissions?(token)).to be_truthy
+        end
+      end
+    end
+
+    context 'with per_user_permissions is false' do
+      before do
+        @options = @options.merge(per_user_permissions: false)
+      end
+
+      context 'when token does not have associated user' do
+        let(:associated_user) { nil }
+
+        it 'return true' do
+          expect(subject.valid_permissions?(token)).to be_truthy
+        end
+      end
+
+      context 'when token has associated user' do
+        it 'return false' do
+          expect(subject.valid_permissions?(token)).to be_falsey
+        end
+      end
+    end
+
+    context 'with per_user_permissions is nil' do
+      before do
+        @options = @options.merge(per_user_permissions: nil)
+      end
+
+      context 'when token does not have associated user' do
+        let(:associated_user) { nil }
+
+        it 'return true' do
+          expect(subject.valid_permissions?(token)).to be_truthy
+        end
+      end
+
+      context 'when token has associated user' do
+        it 'return false' do
+          expect(subject.valid_permissions?(token)).to be_falsey
+        end
+      end
+    end
+  end
 end

data/test/integration_test.rb

@@ -280,6 +280,18 @@ class IntegrationTest < Minitest::Test
     assert_equal '/auth/failure?message=invalid_permissions&strategy=shopify', response.location
   end
 
+  def test_callback_when_per_user_permissions_are_not_present_and_options_is_nil
+    build_app(scope: 'scope', per_user_permissions: nil)
+
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'scope', nil)
+
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+
+    assert_callback_success(response, access_token, code)
+  end
+
   def test_callback_when_per_user_permissions_are_not_present_but_requested
     build_app(scope: 'scope', per_user_permissions: true)
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-shopify-oauth2
 version: !ruby/object:Gem::Version
-  version: 2.2.1
+  version: 2.2.2
 platform: ruby
 authors:
 - Denis Odorcic
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-02-27 00:00:00.000000000 Z
+date: 2020-03-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth-oauth2
@@ -52,6 +52,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.6'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.9.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.9.0
 - !ruby/object:Gem::Dependency
   name: fakeweb
   requirement: !ruby/object:Gem::Requirement