sslrequirement 1.1.1 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README +4 -8
- data/VERSION +1 -1
- data/lib/ssl_requirement.rb +10 -33
- data/sslrequirement.gemspec +52 -0
- data/test/ssl_requirement_test.rb +13 -22
- data/test/url_rewriter_test.rb +0 -27
- metadata +11 -5
data/README
CHANGED
@@ -57,17 +57,13 @@ following code to development.rb / test.rb / production.rb:
|
|
57
57
|
SslRequirement.non_ssl_host = 'nonsecure.example.com'
|
58
58
|
end
|
59
59
|
|
60
|
-
You can also use a Proc to determine the ssl_host or non_ssl_host on the fly:
|
61
|
-
|
62
|
-
config.after_initialize do
|
63
|
-
SslRequirement.ssl_host = Proc.new do
|
64
|
-
'secure.example.com'
|
65
|
-
end
|
66
|
-
end
|
67
|
-
|
68
60
|
You are able to turn disable ssl redirects by adding the following environment configuration file:
|
69
61
|
|
70
62
|
SslRequirement.disable_ssl_check = true
|
63
|
+
|
64
|
+
Or you can enforce ssl across an entire site by setting:
|
65
|
+
|
66
|
+
SslRequirement.ssl_all = true
|
71
67
|
|
72
68
|
P.S.: Beware when you include the SslRequirement module. At the time of
|
73
69
|
inclusion, it'll add the before_filter that validates the declarations. Some
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.2.0
|
data/lib/ssl_requirement.rb
CHANGED
@@ -21,39 +21,22 @@ require "#{File.dirname(__FILE__)}/url_rewriter"
|
|
21
21
|
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
22
|
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
23
23
|
module SslRequirement
|
24
|
-
|
24
|
+
mattr_accessor :ssl_host, :non_ssl_host
|
25
25
|
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
def self.non_ssl_host
|
31
|
-
determine_host(@@non_ssl_host)
|
32
|
-
end
|
33
|
-
|
34
|
-
# mattr_reader would generate both ssl_host and self.ssl_host
|
35
|
-
def ssl_host
|
36
|
-
SslRequirement.ssl_host
|
26
|
+
mattr_writer :disable_ssl_check, :ssl_all
|
27
|
+
def self.disable_ssl_check?
|
28
|
+
@@disable_ssl_check ||= false
|
37
29
|
end
|
38
|
-
|
39
|
-
|
40
|
-
SslRequirement.non_ssl_host
|
30
|
+
def self.ssl_all?
|
31
|
+
@@ssl_all ||= false
|
41
32
|
end
|
42
33
|
|
43
|
-
|
34
|
+
# called when Module is mixed in
|
44
35
|
def self.included(controller)
|
45
36
|
controller.extend(ClassMethods)
|
46
37
|
controller.before_filter(:ensure_proper_protocol)
|
47
38
|
end
|
48
39
|
|
49
|
-
def self.disable_ssl_check?
|
50
|
-
@@disable_ssl_check ||= false
|
51
|
-
end
|
52
|
-
|
53
|
-
def self.disable_ssl_check=(value)
|
54
|
-
@@disable_ssl_check = value
|
55
|
-
end
|
56
|
-
|
57
40
|
module ClassMethods
|
58
41
|
# Specifies that the named actions requires an SSL connection to be performed (which is enforced by ensure_proper_protocol).
|
59
42
|
def ssl_required(*actions)
|
@@ -72,6 +55,8 @@ module SslRequirement
|
|
72
55
|
protected
|
73
56
|
# Returns true if the current action is supposed to run as SSL
|
74
57
|
def ssl_required?
|
58
|
+
return true if SslRequirement.ssl_all?
|
59
|
+
|
75
60
|
required = (self.class.read_inheritable_attribute(:ssl_required_actions) || [])
|
76
61
|
except = self.class.read_inheritable_attribute(:ssl_required_except_actions)
|
77
62
|
|
@@ -93,7 +78,7 @@ module SslRequirement
|
|
93
78
|
private
|
94
79
|
def ensure_proper_protocol
|
95
80
|
return true if SslRequirement.disable_ssl_check?
|
96
|
-
return true if ssl_allowed?
|
81
|
+
return true if ssl_allowed? && !SslRequirement.ssl_all?
|
97
82
|
|
98
83
|
if ssl_required? && !request.ssl?
|
99
84
|
redirect_to determine_redirect_url(request, true)
|
@@ -121,14 +106,6 @@ module SslRequirement
|
|
121
106
|
"#{(non_ssl_host || request_host)}#{determine_port_string(request_port)}"
|
122
107
|
end
|
123
108
|
end
|
124
|
-
|
125
|
-
def self.determine_host(host)
|
126
|
-
if host.is_a?(Proc) || host.respond_to?(:call)
|
127
|
-
host.call
|
128
|
-
else
|
129
|
-
host
|
130
|
-
end
|
131
|
-
end
|
132
109
|
|
133
110
|
def determine_port_string(port)
|
134
111
|
unless port_normal?(port)
|
@@ -0,0 +1,52 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
4
|
+
# -*- encoding: utf-8 -*-
|
5
|
+
|
6
|
+
Gem::Specification.new do |s|
|
7
|
+
s.name = %q{sslrequirement}
|
8
|
+
s.version = "1.2.0"
|
9
|
+
|
10
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
+
s.authors = ["RailsJedi", "David Heinemeier Hansson", "jcnetdev", "bcurren", "bmpercy", "revo", "nathany"]
|
12
|
+
s.date = %q{2010-08-06}
|
13
|
+
s.description = %q{SSL requirement adds a declarative way of specifying that certain actions should only be allowed to run under SSL, and if they're accessed without it, they should be redirected.}
|
14
|
+
s.email = %q{nathan@yardsticksoftware.com}
|
15
|
+
s.extra_rdoc_files = [
|
16
|
+
"README"
|
17
|
+
]
|
18
|
+
s.files = [
|
19
|
+
".gitignore",
|
20
|
+
"README",
|
21
|
+
"Rakefile",
|
22
|
+
"VERSION",
|
23
|
+
"init.rb",
|
24
|
+
"lib/ssl_requirement.rb",
|
25
|
+
"lib/url_rewriter.rb",
|
26
|
+
"rails/init.rb",
|
27
|
+
"shoulda_macros/ssl_requirement_macros.rb",
|
28
|
+
"sslrequirement.gemspec",
|
29
|
+
"test/ssl_requirement_test.rb",
|
30
|
+
"test/url_rewriter_test.rb"
|
31
|
+
]
|
32
|
+
s.homepage = %q{http://github.com/yardstick/ssl_requirement}
|
33
|
+
s.rdoc_options = ["--charset=UTF-8"]
|
34
|
+
s.require_paths = ["lib"]
|
35
|
+
s.rubygems_version = %q{1.3.7}
|
36
|
+
s.summary = %q{Allow controller actions to force SSL on specific parts of the site.}
|
37
|
+
s.test_files = [
|
38
|
+
"test/ssl_requirement_test.rb",
|
39
|
+
"test/url_rewriter_test.rb"
|
40
|
+
]
|
41
|
+
|
42
|
+
if s.respond_to? :specification_version then
|
43
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
44
|
+
s.specification_version = 3
|
45
|
+
|
46
|
+
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
47
|
+
else
|
48
|
+
end
|
49
|
+
else
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
@@ -3,7 +3,7 @@ require 'rubygems'
|
|
3
3
|
require 'active_support'
|
4
4
|
begin
|
5
5
|
require 'action_controller'
|
6
|
-
rescue LoadError
|
6
|
+
rescue LoadError # annoying when this dies due to more unusual errors (like mismatched active_support/action_controller gems)
|
7
7
|
if ENV['ACTIONCONTROLLER_PATH'].nil?
|
8
8
|
abort <<MSG
|
9
9
|
Please set the ACTIONCONTROLLER_PATH environment variable to the directory
|
@@ -314,29 +314,20 @@ class SslRequirementTest < ActionController::TestCase
|
|
314
314
|
@response.headers['Location']
|
315
315
|
end
|
316
316
|
|
317
|
-
#
|
318
|
-
|
319
|
-
|
320
|
-
SslRequirement.
|
321
|
-
|
322
|
-
end
|
317
|
+
# ssl_all to lock down a full site
|
318
|
+
def test_ssl_all
|
319
|
+
SslRequirement.ssl_all = true
|
320
|
+
assert SslRequirement.ssl_all?
|
321
|
+
|
323
322
|
assert_not_equal "on", @request.env["HTTPS"]
|
324
|
-
get :a
|
323
|
+
get :a # requires ssl either way
|
325
324
|
assert_response :redirect
|
326
|
-
|
327
|
-
@response.headers['Location']
|
328
|
-
SslRequirement.ssl_host = nil
|
329
|
-
end
|
330
|
-
|
331
|
-
def test_non_ssl_redirect_with_non_ssl_host_proc
|
332
|
-
SslRequirement.non_ssl_host = Proc.new do
|
333
|
-
@non_ssl_host_override
|
334
|
-
end
|
335
|
-
@request.env['HTTPS'] = 'on'
|
336
|
-
get :d
|
325
|
+
get :c # allow ssl should still redirect
|
337
326
|
assert_response :redirect
|
338
|
-
|
339
|
-
|
340
|
-
|
327
|
+
get :d # doesn't usually require ssl, but now it does
|
328
|
+
assert_response :redirect
|
329
|
+
ensure
|
330
|
+
SslRequirement.ssl_all = false
|
341
331
|
end
|
332
|
+
|
342
333
|
end
|
data/test/url_rewriter_test.rb
CHANGED
@@ -138,32 +138,5 @@ class UrlRewriterTest < Test::Unit::TestCase
|
|
138
138
|
:only_path => true))
|
139
139
|
SslRequirement.non_ssl_host = nil
|
140
140
|
end
|
141
|
-
|
142
|
-
# tests for ssl_host overriding with Procs
|
143
|
-
|
144
|
-
def test_rewrite_secure_with_ssl_host_proc
|
145
|
-
SslRequirement.disable_ssl_check = false
|
146
|
-
SslRequirement.ssl_host = Proc.new do
|
147
|
-
@ssl_host_override
|
148
|
-
end
|
149
|
-
assert_equal("https://#{@ssl_host_override}/c/a",
|
150
|
-
@rewriter.rewrite(:controller => 'c', :action => 'a',
|
151
|
-
:secure => true))
|
152
|
-
SslRequirement.ssl_host = nil
|
153
|
-
end
|
154
141
|
|
155
|
-
def test_rewrite_non_secure_with_non_ssl_host_proc
|
156
|
-
SslRequirement.disable_ssl_check = false
|
157
|
-
SslRequirement.non_ssl_host = Proc.new do
|
158
|
-
@non_ssl_host_override
|
159
|
-
end
|
160
|
-
# with secure option
|
161
|
-
assert_equal("http://#{@non_ssl_host_override}/c/a",
|
162
|
-
@rewriter.rewrite(:controller => 'c', :action => 'a',
|
163
|
-
:secure => false))
|
164
|
-
# without secure option
|
165
|
-
assert_equal("http://#{@non_ssl_host_override}/c/a",
|
166
|
-
@rewriter.rewrite(:controller => 'c', :action => 'a'))
|
167
|
-
SslRequirement.non_ssl_host = nil
|
168
|
-
end
|
169
142
|
end
|
metadata
CHANGED
@@ -1,12 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sslrequirement
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
+
hash: 31
|
4
5
|
prerelease: false
|
5
6
|
segments:
|
6
7
|
- 1
|
7
|
-
-
|
8
|
-
-
|
9
|
-
version: 1.
|
8
|
+
- 2
|
9
|
+
- 0
|
10
|
+
version: 1.2.0
|
10
11
|
platform: ruby
|
11
12
|
authors:
|
12
13
|
- RailsJedi
|
@@ -20,7 +21,7 @@ autorequire:
|
|
20
21
|
bindir: bin
|
21
22
|
cert_chain: []
|
22
23
|
|
23
|
-
date: 2010-
|
24
|
+
date: 2010-08-06 00:00:00 -06:00
|
24
25
|
default_executable:
|
25
26
|
dependencies: []
|
26
27
|
|
@@ -42,6 +43,7 @@ files:
|
|
42
43
|
- lib/url_rewriter.rb
|
43
44
|
- rails/init.rb
|
44
45
|
- shoulda_macros/ssl_requirement_macros.rb
|
46
|
+
- sslrequirement.gemspec
|
45
47
|
- test/ssl_requirement_test.rb
|
46
48
|
- test/url_rewriter_test.rb
|
47
49
|
has_rdoc: true
|
@@ -54,23 +56,27 @@ rdoc_options:
|
|
54
56
|
require_paths:
|
55
57
|
- lib
|
56
58
|
required_ruby_version: !ruby/object:Gem::Requirement
|
59
|
+
none: false
|
57
60
|
requirements:
|
58
61
|
- - ">="
|
59
62
|
- !ruby/object:Gem::Version
|
63
|
+
hash: 3
|
60
64
|
segments:
|
61
65
|
- 0
|
62
66
|
version: "0"
|
63
67
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
68
|
+
none: false
|
64
69
|
requirements:
|
65
70
|
- - ">="
|
66
71
|
- !ruby/object:Gem::Version
|
72
|
+
hash: 3
|
67
73
|
segments:
|
68
74
|
- 0
|
69
75
|
version: "0"
|
70
76
|
requirements: []
|
71
77
|
|
72
78
|
rubyforge_project:
|
73
|
-
rubygems_version: 1.3.
|
79
|
+
rubygems_version: 1.3.7
|
74
80
|
signing_key:
|
75
81
|
specification_version: 3
|
76
82
|
summary: Allow controller actions to force SSL on specific parts of the site.
|