RubyGems - sslrequirement - Versions diffs - 1.1.1 → 1.2.0 - Mend

sslrequirement 1.1.1 → 1.2.0

Files changed (7) hide show

data/README +4 -8
data/VERSION +1 -1
data/lib/ssl_requirement.rb +10 -33
data/sslrequirement.gemspec +52 -0
data/test/ssl_requirement_test.rb +13 -22
data/test/url_rewriter_test.rb +0 -27
metadata +11 -5

data/README CHANGED

@@ -57,17 +57,13 @@ following code to development.rb / test.rb / production.rb:
 	  SslRequirement.non_ssl_host = 'nonsecure.example.com'
 	end
-You can also use a Proc to determine the ssl_host or non_ssl_host on the fly:
-	config.after_initialize do
-      SslRequirement.ssl_host = Proc.new do
-		'secure.example.com'
-	  end
-    end
 You are able to turn disable ssl redirects by adding the following environment configuration file:
     SslRequirement.disable_ssl_check = true
+Or you can enforce ssl across an entire site by setting:
+	SslRequirement.ssl_all = true
 P.S.: Beware when you include the SslRequirement module. At the time of
 inclusion, it'll add the before_filter that validates the declarations. Some

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 1.1.1
1	+ 1.2.0

data/lib/ssl_requirement.rb CHANGED

@@ -21,39 +21,22 @@ require "#{File.dirname(__FILE__)}/url_rewriter"
 # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 module SslRequirement
-  mattr_writer :ssl_host, :non_ssl_host
+  mattr_accessor :ssl_host, :non_ssl_host
-  def self.ssl_host
-    determine_host(@@ssl_host)
-  end
-  def self.non_ssl_host
-    determine_host(@@non_ssl_host)
-  end
-  # mattr_reader would generate both ssl_host and self.ssl_host
-  def ssl_host
-    SslRequirement.ssl_host
+  mattr_writer :disable_ssl_check, :ssl_all
+  def self.disable_ssl_check?
+    @@disable_ssl_check ||= false
   end
-  def non_ssl_host
-    SslRequirement.non_ssl_host
+  def self.ssl_all?
+    @@ssl_all ||= false
   end
+  # called when Module is mixed in
   def self.included(controller)
     controller.extend(ClassMethods)
     controller.before_filter(:ensure_proper_protocol)
   end
-  def self.disable_ssl_check?
-    @@disable_ssl_check ||= false
-  end
-  def self.disable_ssl_check=(value)
-    @@disable_ssl_check = value
-  end
   module ClassMethods
     # Specifies that the named actions requires an SSL connection to be performed (which is enforced by ensure_proper_protocol).
     def ssl_required(*actions)
@@ -72,6 +55,8 @@ module SslRequirement
   protected
   # Returns true if the current action is supposed to run as SSL
   def ssl_required?
+    return true if SslRequirement.ssl_all?
     required = (self.class.read_inheritable_attribute(:ssl_required_actions) || [])
     except  = self.class.read_inheritable_attribute(:ssl_required_except_actions)
@@ -93,7 +78,7 @@ module SslRequirement
   private
   def ensure_proper_protocol
     return true if SslRequirement.disable_ssl_check?
-    return true if ssl_allowed?
+    return true if ssl_allowed? && !SslRequirement.ssl_all?
     if ssl_required? && !request.ssl?
       redirect_to determine_redirect_url(request, true)
@@ -121,14 +106,6 @@ module SslRequirement
       "#{(non_ssl_host || request_host)}#{determine_port_string(request_port)}"
     end
   end
-  def self.determine_host(host)
-    if host.is_a?(Proc) || host.respond_to?(:call)
-      host.call
-    else
-      host
-    end
-  end
   def determine_port_string(port)
     unless port_normal?(port)

data/sslrequirement.gemspec ADDED

@@ -0,0 +1,52 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+Gem::Specification.new do |s|
+  s.name = %q{sslrequirement}
+  s.version = "1.2.0"
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["RailsJedi", "David Heinemeier Hansson", "jcnetdev", "bcurren", "bmpercy", "revo", "nathany"]
+  s.date = %q{2010-08-06}
+  s.description = %q{SSL requirement adds a declarative way of specifying that certain actions should only be allowed to run under SSL, and if they're accessed without it, they should be redirected.}
+  s.email = %q{nathan@yardsticksoftware.com}
+  s.extra_rdoc_files = [
+    "README"
+  ]
+  s.files = [
+    ".gitignore",
+     "README",
+     "Rakefile",
+     "VERSION",
+     "init.rb",
+     "lib/ssl_requirement.rb",
+     "lib/url_rewriter.rb",
+     "rails/init.rb",
+     "shoulda_macros/ssl_requirement_macros.rb",
+     "sslrequirement.gemspec",
+     "test/ssl_requirement_test.rb",
+     "test/url_rewriter_test.rb"
+  ]
+  s.homepage = %q{http://github.com/yardstick/ssl_requirement}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{Allow controller actions to force SSL on specific parts of the site.}
+  s.test_files = [
+    "test/ssl_requirement_test.rb",
+     "test/url_rewriter_test.rb"
+  ]
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end

data/test/ssl_requirement_test.rb CHANGED

@@ -3,7 +3,7 @@ require 'rubygems'
 require 'active_support'
 begin
   require 'action_controller'
-rescue LoadError
+rescue LoadError  # annoying when this dies due to more unusual errors (like mismatched active_support/action_controller gems)
   if ENV['ACTIONCONTROLLER_PATH'].nil?
     abort <<MSG
 Please set the ACTIONCONTROLLER_PATH environment variable to the directory
@@ -314,29 +314,20 @@ class SslRequirementTest < ActionController::TestCase
                     @response.headers['Location']
   end
-  # test ssl_host and ssl_non_host overrides with Procs
-  def test_ssl_redirect_with_ssl_host_proc
-    SslRequirement.ssl_host = Proc.new do
-      @ssl_host_override
-    end
+  # ssl_all to lock down a full site
+  def test_ssl_all
+    SslRequirement.ssl_all = true
+    assert SslRequirement.ssl_all?
     assert_not_equal "on", @request.env["HTTPS"]
-    get :a
+    get :a  # requires ssl either way
     assert_response :redirect
-    assert_match Regexp.new("^https://#{@ssl_host_override}"),
-                 @response.headers['Location']
-    SslRequirement.ssl_host = nil
-  end
-  def test_non_ssl_redirect_with_non_ssl_host_proc
-    SslRequirement.non_ssl_host = Proc.new do
-      @non_ssl_host_override
-    end
-    @request.env['HTTPS'] = 'on'
-    get :d
+    get :c  # allow ssl should still redirect
     assert_response :redirect
-    assert_match Regexp.new("^http://#{@non_ssl_host_override}"),
-                 @response.headers['Location']
-    SslRequirement.non_ssl_host = nil
+    get :d  # doesn't usually require ssl, but now it does
+    assert_response :redirect
+  ensure
+    SslRequirement.ssl_all = false
   end
 end

data/test/url_rewriter_test.rb CHANGED

@@ -138,32 +138,5 @@ class UrlRewriterTest < Test::Unit::TestCase
                                    :only_path => true))
     SslRequirement.non_ssl_host = nil
   end
-  # tests for ssl_host overriding with Procs
-  def test_rewrite_secure_with_ssl_host_proc
-    SslRequirement.disable_ssl_check = false
-    SslRequirement.ssl_host = Proc.new do
-      @ssl_host_override
-    end
-    assert_equal("https://#{@ssl_host_override}/c/a",
-                 @rewriter.rewrite(:controller => 'c', :action => 'a',
-                                   :secure => true))
-    SslRequirement.ssl_host = nil
-  end
-  def test_rewrite_non_secure_with_non_ssl_host_proc
-    SslRequirement.disable_ssl_check = false
-    SslRequirement.non_ssl_host = Proc.new do
-      @non_ssl_host_override
-    end
-    # with secure option
-    assert_equal("http://#{@non_ssl_host_override}/c/a",
-                 @rewriter.rewrite(:controller => 'c', :action => 'a',
-                                   :secure => false))
-    # without secure option
-    assert_equal("http://#{@non_ssl_host_override}/c/a",
-                 @rewriter.rewrite(:controller => 'c', :action => 'a'))
-    SslRequirement.non_ssl_host = nil
-  end
 end

metadata CHANGED

@@ -1,12 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: sslrequirement
 version: !ruby/object:Gem::Version
+  hash: 31
   prerelease: false
   segments:
   - 1
-  - 1
-  - 1
-  version: 1.1.1
+  - 2
+  - 0
+  version: 1.2.0
 platform: ruby
 authors:
 - RailsJedi
@@ -20,7 +21,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2010-04-07 00:00:00 -06:00
+date: 2010-08-06 00:00:00 -06:00
 default_executable:
 dependencies: []
@@ -42,6 +43,7 @@ files:
 - lib/url_rewriter.rb
 - rails/init.rb
 - shoulda_macros/ssl_requirement_macros.rb
+- sslrequirement.gemspec
 - test/ssl_requirement_test.rb
 - test/url_rewriter_test.rb
 has_rdoc: true
@@ -54,23 +56,27 @@ rdoc_options:
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
+      hash: 3
       segments:
       - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
+      hash: 3
       segments:
       - 0
       version: "0"
 requirements: []
 rubyforge_project:
-rubygems_version: 1.3.6
+rubygems_version: 1.3.7
 signing_key:
 specification_version: 3
 summary: Allow controller actions to force SSL on specific parts of the site.