rubysl-cgi-session 1.0.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: be8113d5777dcd44f19953df53b5930ced231f2a
-  data.tar.gz: ae27543b310806b0b8eaca6657b8058d9d5d8b12
+  metadata.gz: 4789df406231c3e8a7bfa32f2f03bbcd88016c0b
+  data.tar.gz: 93dcf411efbe9cb4ed3177fb1a6265ee5a643b09
 SHA512:
-  metadata.gz: 2a60a0678b8889e13337d81ceac3215d7bb85894c3ddf3725af681ae167f91865e830ba2de81a33888985151c089446f795597276dd2e70dc8ede4085cf1fadc
-  data.tar.gz: 630f5f071410e7a963567fa319fa561cccdb2b91726529468a900411061354ce661ba55804dbb09f83d40a9587332e68db049c49b31ecb505f2e61c55ff4e708
+  metadata.gz: c2cc342d9538cd0d82d5441082d8d4d19f307bb269728ffa068fd192dd0622750f06c50893a8b47b5a262a742248bc3cb98e9c98a388efe1b6374ed354074b7e
+  data.tar.gz: 4114b261866635d2c6d540d18da5c7f6f04db324028aea4338869b4eb742374b8d7d3c1b33b28f67c18cc5b5e11880f7e9924e1b5df786d089d4ea53963699cd

data/.gitignore

@@ -15,4 +15,3 @@ spec/reports
 test/tmp
 test/version_tmp
 tmp
-.rbx

data/.travis.yml

@@ -1,8 +1,7 @@
 language: ruby
-before_install:
-  - gem update --system
-  - gem --version
-  - gem install rubysl-bundler
-script: bundle exec mspec spec
+env:
+  - RUBYLIB=lib
+script: bundle exec mspec
 rvm:
-  - rbx-nightly-18mode
+  - 1.9.3
+  - rbx-nightly-19mode

data/README.md

@@ -1,4 +1,4 @@
-# RubySL::Cgi::Session
+# Rubysl::Cgi::Session
 
 TODO: Write a gem description
 
@@ -24,6 +24,6 @@ TODO: Write usage instructions here
 
 1. Fork it
 2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Added some feature'`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)
 5. Create new Pull Request

data/Rakefile

@@ -1,2 +1 @@
-#!/usr/bin/env rake
 require "bundler/gem_tasks"

data/lib/cgi/session/pstore.rb

@@ -2,7 +2,7 @@
 # cgi/session/pstore.rb - persistent storage of marshalled session data
 #
 # Documentation: William Webber (william@williamwebber.com)
-# 
+#
 # == Overview
 #
 # This file provides the CGI::Session::PStore class, which builds
@@ -29,7 +29,7 @@ class CGI
       # created.  The session id must only contain alphanumeric
       # characters; automatically generated session ids observe
       # this requirement.
-      # 
+      #
       # +option+ is a hash of options for the initializer.  The
       # following options are recognised:
       #
@@ -43,55 +43,55 @@ class CGI
       # This session's PStore file will be created if it does
       # not exist, or opened if it does.
       def initialize(session, option={})
-	dir = option['tmpdir'] || Dir::tmpdir
-	prefix = option['prefix'] || ''
-	id = session.session_id
+        dir = option['tmpdir'] || Dir::tmpdir
+        prefix = option['prefix'] || ''
+        id = session.session_id
         require 'digest/md5'
         md5 = Digest::MD5.hexdigest(id)[0,16]
-	path = dir+"/"+prefix+md5
-	path.untaint
-	if File::exist?(path)
-	  @hash = nil
-	else
+        path = dir+"/"+prefix+md5
+        path.untaint
+        if File::exist?(path)
+          @hash = nil
+        else
           unless session.new_session
             raise CGI::Session::NoSession, "uninitialized session"
           end
-	  @hash = {}
-	end
-	@p = ::PStore.new(path)
-	@p.transaction do |p|
-	  File.chmod(0600, p.path)
-	end
+          @hash = {}
+        end
+        @p = ::PStore.new(path)
+        @p.transaction do |p|
+          File.chmod(0600, p.path)
+        end
       end
 
       # Restore session state from the session's PStore file.
       #
       # Returns the session state as a hash.
       def restore
-	unless @hash
-	  @p.transaction do
-           @hash = @p['hash'] || {}
-	  end
-	end
-	@hash
+        unless @hash
+          @p.transaction do
+            @hash = @p['hash'] || {}
+          end
+        end
+        @hash
       end
 
       # Save session state to the session's PStore file.
-      def update 
-	@p.transaction do
-	    @p['hash'] = @hash
-	end
+      def update
+        @p.transaction do
+          @p['hash'] = @hash
+        end
       end
 
       # Update and close the session's PStore file.
       def close
-	update
+        update
       end
 
       # Close and delete the session's PStore file.
       def delete
-	path = @p.path
-	File::unlink path
+        path = @p.path
+        File::unlink path
       end
 
     end

data/lib/rubysl/cgi/session/session.rb

@@ -8,28 +8,22 @@
 # Author: Yukihiro "Matz" Matsumoto
 #
 # Documentation: William Webber (william@williamwebber.com)
-#
-# == Overview
-#
-# This file provides the +CGI::Session+ class, which provides session
-# support for CGI scripts.  A session is a sequence of HTTP requests
-# and responses linked together and associated with a single client.  
-# Information associated with the session is stored
-# on the server between requests.  A session id is passed between client
-# and server with every request and response, transparently
-# to the user.  This adds state information to the otherwise stateless
-# HTTP request/response protocol.
-#
-# See the documentation to the +CGI::Session+ class for more details
-# and examples of usage.  See cgi.rb for the +CGI+ class itself.
 
 require 'cgi'
 require 'tmpdir'
 
 class CGI
 
-  # Class representing an HTTP session.  See documentation for the file 
-  # cgi/session.rb for an introduction to HTTP sessions.
+  # == Overview
+  #
+  # This file provides the CGI::Session class, which provides session
+  # support for CGI scripts.  A session is a sequence of HTTP requests
+  # and responses linked together and associated with a single client.
+  # Information associated with the session is stored
+  # on the server between requests.  A session id is passed between client
+  # and server with every request and response, transparently
+  # to the user.  This adds state information to the otherwise stateless
+  # HTTP request/response protocol.
   #
   # == Lifecycle
   #
@@ -47,7 +41,7 @@ class CGI
   # == Setting and retrieving session data.
   #
   # The Session class associates data with a session as key-value pairs.
-  # This data can be set and retrieved by indexing the Session instance 
+  # This data can be set and retrieved by indexing the Session instance
   # using '[]', much the same as hashes (although other hash methods
   # are not supported).
   #
@@ -60,21 +54,21 @@ class CGI
   #
   # == Storing session state
   #
-  # The caller can specify what form of storage to use for the session's 
+  # The caller can specify what form of storage to use for the session's
   # data with the +database_manager+ option to CGI::Session::new.  The
   # following storage classes are provided as part of the standard library:
   #
-  # CGI::Session::FileStore:: stores data as plain text in a flat file.  Only 
-  #                           works with String data.  This is the default 
+  # CGI::Session::FileStore:: stores data as plain text in a flat file.  Only
+  #                           works with String data.  This is the default
   #                           storage type.
-  # CGI::Session::MemoryStore:: stores data in an in-memory hash.  The data 
-  #                             only persists for as long as the current ruby 
+  # CGI::Session::MemoryStore:: stores data in an in-memory hash.  The data
+  #                             only persists for as long as the current ruby
   #                             interpreter instance does.
   # CGI::Session::PStore:: stores data in Marshalled format.  Provided by
-  #                        cgi/session/pstore.rb.  Supports data of any type, 
+  #                        cgi/session/pstore.rb.  Supports data of any type,
   #                        and provides file-locking and transaction support.
   #
-  # Custom storage types can also be created by defining a class with 
+  # Custom storage types can also be created by defining a class with
   # the following methods:
   #
   #    new(session, options)
@@ -99,14 +93,14 @@ class CGI
   # The simplest way to do this is via cookies.  The CGI::Session class
   # provides transparent support for session id communication via cookies
   # if the client has cookies enabled.
-  # 
+  #
   # If the client has cookies disabled, the session id must be included
   # as a parameter of all requests sent by the client to the server.  The
   # CGI::Session class in conjunction with the CGI class will transparently
   # add the session id as a hidden input field to all forms generated
   # using the CGI#form() HTML generation method.  No built-in support is
   # provided for other mechanisms, such as URL re-writing.  The caller is
-  # responsible for extracting the session id from the session_id 
+  # responsible for extracting the session id from the session_id
   # attribute and manually encoding it in URLs and adding it as a hidden
   # input to HTML forms created by other mechanisms.  Also, session expiry
   # is not automatically handled.
@@ -124,10 +118,10 @@ class CGI
   #   session = CGI::Session.new(cgi,
   #       'database_manager' => CGI::Session::PStore,  # use PStore
   #       'session_key' => '_rb_sess_id',              # custom session key
-  #       'session_expires' => Time.now + 30 * 60,     # 30 minute timeout 
+  #       'session_expires' => Time.now + 30 * 60,     # 30 minute timeout
   #       'prefix' => 'pstore_sid_')                   # PStore option
   #   if cgi.has_key?('user_name') and cgi['user_name'] != ''
-  #       # coerce to String: cgi[] returns the 
+  #       # coerce to String: cgi[] returns the
   #       # string-like CGI::QueryExtension::Value
   #       session['user_name'] = cgi['user_name'].to_s
   #   elsif !session['user_name']
@@ -143,11 +137,11 @@ class CGI
   #   cgi = CGI.new("html4")
   #
   #   # We make sure to delete an old session if one exists,
-  #   # not just to free resources, but to prevent the session 
+  #   # not just to free resources, but to prevent the session
   #   # from being maliciously hijacked later on.
   #   begin
-  #       session = CGI::Session.new(cgi, 'new_session' => false)      
-  #       session.delete                 
+  #       session = CGI::Session.new(cgi, 'new_session' => false)
+  #       session.delete
   #   rescue ArgumentError  # if no old session
   #   end
   #   session = CGI::Session.new(cgi, 'new_session' => true)
@@ -163,7 +157,7 @@ class CGI
 
     def Session::callback(dbman)  #:nodoc:
       Proc.new{
-	dbman[0].close unless dbman.empty?
+        dbman[0].close unless dbman.empty?
       }
     end
 
@@ -172,7 +166,7 @@ class CGI
     # The session id is an MD5 hash based upon the time,
     # a random number, and a constant string.  This routine
     # is used internally for automatically generated
-    # session ids. 
+    # session ids.
     def create_new_id
       require 'securerandom'
       begin
@@ -205,7 +199,7 @@ class CGI
     #              it is retrieved from the +session_key+ parameter
     #              of the request, or automatically generated for
     #              a new session.
-    # new_session:: if true, force creation of a new session.  If not set, 
+    # new_session:: if true, force creation of a new session.  If not set,
     #               a new session is only created if none currently
     #               exists.  If false, a new session is never created,
     #               and if none currently exists and the +session_id+
@@ -220,7 +214,7 @@ class CGI
     # The following options are also recognised, but only apply if the
     # session id is stored in a cookie.
     #
-    # session_expires:: the time the current session expires, as a 
+    # session_expires:: the time the current session expires, as a
     #                   +Time+ object.  If not set, the session will terminate
     #                   when the user's browser is closed.
     # session_domain:: the hostname domain for which this session is valid.
@@ -232,10 +226,10 @@ class CGI
     # +option+ is also passed on to the session storage class initializer; see
     # the documentation for each session storage class for the options
     # they support.
-    #                  
+    #
     # The retrieved or created session is automatically added to +request+
     # as a cookie, and also to its +output_hidden+ table, which is used
-    # to add hidden input elements to forms.  
+    # to add hidden input elements to forms.
     #
     # *WARNING* the +output_hidden+
     # fields are surrounded by a <fieldset> tag in HTML 4 generation, which
@@ -253,26 +247,26 @@ class CGI
       session_key = option['session_key'] || '_session_id'
       session_id = option['session_id']
       unless session_id
-	if option['new_session']
-	  session_id = create_new_id
-      @new_session = true
-	end
+        if option['new_session']
+          session_id = create_new_id
+          @new_session = true
+        end
       end
       unless session_id
-	if request.key?(session_key)
-	  session_id = request[session_key]
-	  session_id = session_id.read if session_id.respond_to?(:read)
-	end
-	unless session_id
-	  session_id, = request.cookies[session_key]
-	end
-	unless session_id
-	  unless option.fetch('new_session', true)
-	    raise ArgumentError, "session_key `%s' should be supplied"%session_key
-	  end
-	  session_id = create_new_id
-      @new_session = true
-	end
+        if request.key?(session_key)
+          session_id = request[session_key]
+          session_id = session_id.read if session_id.respond_to?(:read)
+        end
+        unless session_id
+          session_id, = request.cookies[session_key]
+        end
+        unless session_id
+          unless option.fetch('new_session', true)
+            raise ArgumentError, "session_key `%s' should be supplied"%session_key
+          end
+          session_id = create_new_id
+          @new_session = true
+        end
       end
       @session_id = session_id
       dbman = option['database_manager'] || FileStore
@@ -283,24 +277,25 @@ class CGI
           raise ArgumentError, "invalid session_id `%s'"%session_id
         end
         session_id = @session_id = create_new_id unless session_id
-      @new_session = true
+        @new_session=true
         retry
       end
       request.instance_eval do
-	@output_hidden = {session_key => session_id} unless option['no_hidden']
-	@output_cookies =  [
+        @output_hidden = {session_key => session_id} unless option['no_hidden']
+        @output_cookies =  [
           Cookie::new("name" => session_key,
-		      "value" => session_id,
-		      "expires" => option['session_expires'],
-		      "domain" => option['session_domain'],
-		      "secure" => option['session_secure'],
-		      "path" => if option['session_path'] then
-				  option['session_path']
-		                elsif ENV["SCRIPT_NAME"] then
-				  File::dirname(ENV["SCRIPT_NAME"])
-				else
-				  ""
-				end)
+          "value" => session_id,
+          "expires" => option['session_expires'],
+          "domain" => option['session_domain'],
+          "secure" => option['session_secure'],
+          "path" =>
+          if option['session_path']
+            option['session_path']
+          elsif ENV["SCRIPT_NAME"]
+            File::dirname(ENV["SCRIPT_NAME"])
+          else
+          ""
+          end)
         ] unless option['no_cookies']
       end
       @dbprot = [@dbman]
@@ -313,7 +308,7 @@ class CGI
       @data[key]
     end
 
-    # Set the session date for key +key+.
+    # Set the session data for key +key+.
     def []=(key, val)
       @write_lock ||= true
       @data ||= @dbman.restore
@@ -322,11 +317,11 @@ class CGI
 
     # Store session data on the server.  For some session storage types,
     # this is a no-op.
-    def update  
+    def update
       @dbman.update
     end
 
-    # Store session data on the server and close the session storage.  
+    # Store session data on the server and close the session storage.
     # For some session storage types, this is a no-op.
     def close
       @dbman.close
@@ -358,7 +353,7 @@ class CGI
       # created.  The session id must only contain alphanumeric
       # characters; automatically generated session ids observe
       # this requirement.
-      # 
+      #
       # +option+ is a hash of options for the initializer.  The
       # following options are recognised:
       #
@@ -367,7 +362,7 @@ class CGI
       #          on Unix systems).
       # prefix:: the prefix to add to the session id when generating
       #          the filename for this session's FileStore file.
-      #          Defaults to the empty string.
+      #          Defaults to "cgi_sid_".
       # suffix:: the prefix to add to the session id when generating
       #          the filename for this session's FileStore file.
       #          Defaults to the empty string.
@@ -375,56 +370,56 @@ class CGI
       # This session's FileStore file will be created if it does
       # not exist, or opened if it does.
       def initialize(session, option={})
-	dir = option['tmpdir'] || Dir::tmpdir
-	prefix = option['prefix'] || ''
-	suffix = option['suffix'] || ''
-	id = session.session_id
+        dir = option['tmpdir'] || Dir::tmpdir
+        prefix = option['prefix'] || 'cgi_sid_'
+        suffix = option['suffix'] || ''
+        id = session.session_id
         require 'digest/md5'
         md5 = Digest::MD5.hexdigest(id)[0,16]
-	@path = dir+"/"+prefix+md5+suffix
-	if File::exist? @path
-	  @hash = nil
-	else
+        @path = dir+"/"+prefix+md5+suffix
+        if File::exist? @path
+          @hash = nil
+        else
           unless session.new_session
             raise CGI::Session::NoSession, "uninitialized session"
           end
-	  @hash = {}
-	end
+          @hash = {}
+        end
       end
 
       # Restore session state from the session's FileStore file.
       #
       # Returns the session state as a hash.
       def restore
-	unless @hash
-	  @hash = {}
+        unless @hash
+          @hash = {}
           begin
             lockf = File.open(@path+".lock", "r")
             lockf.flock File::LOCK_SH
-	    f = File.open(@path, 'r')
-	    for line in f
-	      line.chomp!
-	      k, v = line.split('=',2)
-	      @hash[CGI::unescape(k)] = CGI::unescape(v)
-	    end
+            f = File.open(@path, 'r')
+            for line in f
+              line.chomp!
+              k, v = line.split('=',2)
+              @hash[CGI::unescape(k)] = Marshal.restore(CGI::unescape(v))
+            end
           ensure
-	    f.close unless f.nil?
+            f.close unless f.nil?
             lockf.close if lockf
           end
-	end
-	@hash
+        end
+        @hash
       end
 
       # Save session state to the session's FileStore file.
       def update
-	return unless @hash
+        return unless @hash
         begin
           lockf = File.open(@path+".lock", File::CREAT|File::RDWR, 0600)
-	  lockf.flock File::LOCK_EX
+          lockf.flock File::LOCK_EX
           f = File.open(@path+".new", File::CREAT|File::TRUNC|File::WRONLY, 0600)
-   	  for k,v in @hash
-	    f.printf "%s=%s\n", CGI::escape(k), CGI::escape(String(v))
-	  end
+          for k,v in @hash
+            f.printf "%s=%s\n", CGI::escape(k), CGI::escape(String(Marshal.dump(v)))
+          end
           f.close
           File.rename @path+".new", @path
         ensure
@@ -435,22 +430,21 @@ class CGI
 
       # Update and close the session's FileStore file.
       def close
-	update
+        update
       end
 
       # Close and delete the session's FileStore file.
       def delete
         File::unlink @path+".lock" rescue nil
         File::unlink @path+".new" rescue nil
-        File::unlink @path
-      rescue Errno::ENOENT
+        File::unlink @path rescue Errno::ENOENT
       end
     end
 
     # In-memory session storage class.
     #
     # Implements session storage as a global in-memory hash.  Session
-    # data will only persist for as long as the ruby interpreter 
+    # data will only persist for as long as the ruby interpreter
     # instance does.
     class MemoryStore
       GLOBAL_HASH_TABLE = {} #:nodoc:
@@ -461,7 +455,7 @@ class CGI
       # +option+ is a list of initialisation options.  None are
       # currently recognised.
       def initialize(session, option=nil)
-	@session_id = session.session_id
+        @session_id = session.session_id
         unless GLOBAL_HASH_TABLE.key?(@session_id)
           unless session.new_session
             raise CGI::Session::NoSession, "uninitialized session"
@@ -474,26 +468,63 @@ class CGI
       #
       # Returns session data as a hash.
       def restore
-	GLOBAL_HASH_TABLE[@session_id]
+        GLOBAL_HASH_TABLE[@session_id]
+      end
+
+      # Update session state.
+      #
+      # A no-op.
+      def update
+        # don't need to update; hash is shared
+      end
+
+      # Close session storage.
+      #
+      # A no-op.
+      def close
+        # don't need to close
+      end
+
+      # Delete the session state.
+      def delete
+        GLOBAL_HASH_TABLE.delete(@session_id)
+      end
+    end
+
+    # Dummy session storage class.
+    #
+    # Implements session storage place holder.  No actual storage
+    # will be done.
+    class NullStore
+      # Create a new NullStore instance.
+      #
+      # +session+ is the session this instance is associated with.
+      # +option+ is a list of initialisation options.  None are
+      # currently recognised.
+      def initialize(session, option=nil)
+      end
+
+      # Restore (empty) session state.
+      def restore
+        {}
       end
 
       # Update session state.
       #
       # A no-op.
       def update
-	# don't need to update; hash is shared
       end
 
       # Close session storage.
       #
       # A no-op.
       def close
-	# don't need to close
       end
 
       # Delete the session state.
+      #
+      # A no-op.
       def delete
-	GLOBAL_HASH_TABLE.delete(@session_id)
       end
     end
   end

data/lib/rubysl/cgi/session/version.rb

@@ -1,7 +1,7 @@
 module RubySL
   module CGI
     module Session
-      VERSION = "1.0.0"
+      VERSION = "2.0.0"
     end
   end
 end

data/rubysl-cgi-session.gemspec

@@ -19,5 +19,4 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler", "~> 1.3"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "mspec", "~> 1.5"
-  spec.add_development_dependency "rubysl-prettyprint", "~> 1.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rubysl-cgi-session
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Brian Shirai
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-12-25 00:00:00.000000000 Z
+date: 2013-09-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,20 +52,6 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: '1.5'
-- !ruby/object:Gem::Dependency
-  name: rubysl-prettyprint
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: '1.0'
 description: Ruby standard library cgi-session.
 email:
 - brixen@gmail.com