rails-auth 0.5.2 → 0.5.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGES.md +6 -0
  3. data/lib/rails/auth/acl/resource.rb +3 -2
  4. data/lib/rails/auth/version.rb +1 -1
  5. data/spec/rails/auth/acl/resource_spec.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 859d0073cd6debe3a360ae76e53e1776515fed4f
4
- data.tar.gz: 94af3585ac7dec94d5f1c4abe30e71abadcb1a0c
3
+ metadata.gz: 342d0a06b03a2d2baf6208c62ca0640a76a863c5
4
+ data.tar.gz: c3f50f64a4897170496c74b2d9769dee3b1a53ff
5
5
  SHA512:
6
- metadata.gz: 9e1524d42f7431b3bc348ca4f31cafc4adbd0ae21fc7cd10545449d7bc8b383ba7eadd84d53be205c7aa06683d3002a25de294699edd58d60326ca8cc550d758
7
- data.tar.gz: 2272cf19faa31c19dfede2f602752e873c126d09a4dc31773e18a63ba963f0e3d2c42efe789e23d24a5ea5f7e6b7de0ce2abfbaa5fbd2b51b451d86afb80a119
6
+ metadata.gz: b77b9de690846b7aeb69d2a966df81679536a47ce743803397e4e4d644804493ac36a8cb5ef8530f48a4a6d51014b66bcb24dd7994baec8f60bf5b40a7797ab5
7
+ data.tar.gz: e9dbee7122a450b03a1a8a475534dbdd250ce6ff5560636ee551b8fd0a9dc5b334618c3189229c4a0bf5214c486576b173fa21ae9230bbb5a09f70aac01fd04e
data/CHANGES.md CHANGED
@@ -1,3 +1,9 @@
1
+ ### 0.5.3 (2016-04-28)
2
+
3
+ * [#22](https://github.com/square/rails-auth/pull/22)
4
+ Use explicit HTTP_METHODS whitelist when 'ALL' method is used.
5
+ ([@tarcieri])
6
+
1
7
  ### 0.5.2 (2016-04-27)
2
8
 
3
9
  * [#21](https://github.com/square/rails-auth/pull/21)
data/lib/rails/auth/acl/resource.rb CHANGED
@@ -57,7 +57,7 @@ module Rails
57
57
  # @return [Boolean] method and path *only* match the given environment
58
58
  #
59
59
  def match!(env)
60
- return false unless @http_methods.nil? || @http_methods.include?(env["REQUEST_METHOD".freeze])
60
+ return false unless @http_methods.include?(env["REQUEST_METHOD".freeze])
61
61
  return false unless @path =~ env["PATH_INFO".freeze]
62
62
  return false unless @host.nil? || @host =~ env["HTTP_HOST".freeze]
63
63
  true
@@ -68,7 +68,8 @@ module Rails
68
68
  def extract_methods(methods)
69
69
  methods = Array(methods)
70
70
 
71
- return nil if methods.include?("ALL")
71
+ return HTTP_METHODS if methods == ["ALL"]
72
+ raise ParseError, "method 'ALL' cannot be used with other methods" if methods.include?("ALL")
72
73
 
73
74
  methods.each do |method|
74
75
  raise ParseError, "invalid HTTP method: #{method}" unless HTTP_METHODS.include?(method)
data/lib/rails/auth/version.rb CHANGED
@@ -3,6 +3,6 @@
3
3
  module Rails
4
4
  # Pluggable authentication and authorization for Rack/Rails
5
5
  module Auth
6
- VERSION = "0.5.2".freeze
6
+ VERSION = "0.5.3".freeze
7
7
  end
8
8
  end
data/spec/rails/auth/acl/resource_spec.rb CHANGED
@@ -30,7 +30,7 @@ RSpec.describe Rails::Auth::ACL::Resource do
30
30
  {}
31
31
  )
32
32
 
33
- expect(resource.http_methods).to eq nil
33
+ expect(resource.http_methods).to eq Rails::Auth::ACL::Resource::HTTP_METHODS
34
34
  end
35
35
 
36
36
  context "errors" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.2
4
+ version: 0.5.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tony Arcieri
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2016-04-28 00:00:00.000000000 Z
11
+ date: 2016-04-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack