sslrequirement 1.1.1 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/README CHANGED
@@ -57,17 +57,13 @@ following code to development.rb / test.rb / production.rb:
57
57
  SslRequirement.non_ssl_host = 'nonsecure.example.com'
58
58
  end
59
59
 
60
- You can also use a Proc to determine the ssl_host or non_ssl_host on the fly:
61
-
62
- config.after_initialize do
63
- SslRequirement.ssl_host = Proc.new do
64
- 'secure.example.com'
65
- end
66
- end
67
-
68
60
  You are able to turn disable ssl redirects by adding the following environment configuration file:
69
61
 
70
62
  SslRequirement.disable_ssl_check = true
63
+
64
+ Or you can enforce ssl across an entire site by setting:
65
+
66
+ SslRequirement.ssl_all = true
71
67
 
72
68
  P.S.: Beware when you include the SslRequirement module. At the time of
73
69
  inclusion, it'll add the before_filter that validates the declarations. Some
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.1.1
1
+ 1.2.0
@@ -21,39 +21,22 @@ require "#{File.dirname(__FILE__)}/url_rewriter"
21
21
  # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
22
  # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23
23
  module SslRequirement
24
- mattr_writer :ssl_host, :non_ssl_host
24
+ mattr_accessor :ssl_host, :non_ssl_host
25
25
 
26
- def self.ssl_host
27
- determine_host(@@ssl_host)
28
- end
29
-
30
- def self.non_ssl_host
31
- determine_host(@@non_ssl_host)
32
- end
33
-
34
- # mattr_reader would generate both ssl_host and self.ssl_host
35
- def ssl_host
36
- SslRequirement.ssl_host
26
+ mattr_writer :disable_ssl_check, :ssl_all
27
+ def self.disable_ssl_check?
28
+ @@disable_ssl_check ||= false
37
29
  end
38
-
39
- def non_ssl_host
40
- SslRequirement.non_ssl_host
30
+ def self.ssl_all?
31
+ @@ssl_all ||= false
41
32
  end
42
33
 
43
-
34
+ # called when Module is mixed in
44
35
  def self.included(controller)
45
36
  controller.extend(ClassMethods)
46
37
  controller.before_filter(:ensure_proper_protocol)
47
38
  end
48
39
 
49
- def self.disable_ssl_check?
50
- @@disable_ssl_check ||= false
51
- end
52
-
53
- def self.disable_ssl_check=(value)
54
- @@disable_ssl_check = value
55
- end
56
-
57
40
  module ClassMethods
58
41
  # Specifies that the named actions requires an SSL connection to be performed (which is enforced by ensure_proper_protocol).
59
42
  def ssl_required(*actions)
@@ -72,6 +55,8 @@ module SslRequirement
72
55
  protected
73
56
  # Returns true if the current action is supposed to run as SSL
74
57
  def ssl_required?
58
+ return true if SslRequirement.ssl_all?
59
+
75
60
  required = (self.class.read_inheritable_attribute(:ssl_required_actions) || [])
76
61
  except = self.class.read_inheritable_attribute(:ssl_required_except_actions)
77
62
 
@@ -93,7 +78,7 @@ module SslRequirement
93
78
  private
94
79
  def ensure_proper_protocol
95
80
  return true if SslRequirement.disable_ssl_check?
96
- return true if ssl_allowed?
81
+ return true if ssl_allowed? && !SslRequirement.ssl_all?
97
82
 
98
83
  if ssl_required? && !request.ssl?
99
84
  redirect_to determine_redirect_url(request, true)
@@ -121,14 +106,6 @@ module SslRequirement
121
106
  "#{(non_ssl_host || request_host)}#{determine_port_string(request_port)}"
122
107
  end
123
108
  end
124
-
125
- def self.determine_host(host)
126
- if host.is_a?(Proc) || host.respond_to?(:call)
127
- host.call
128
- else
129
- host
130
- end
131
- end
132
109
 
133
110
  def determine_port_string(port)
134
111
  unless port_normal?(port)
@@ -0,0 +1,52 @@
1
+ # Generated by jeweler
2
+ # DO NOT EDIT THIS FILE DIRECTLY
3
+ # Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
4
+ # -*- encoding: utf-8 -*-
5
+
6
+ Gem::Specification.new do |s|
7
+ s.name = %q{sslrequirement}
8
+ s.version = "1.2.0"
9
+
10
+ s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
+ s.authors = ["RailsJedi", "David Heinemeier Hansson", "jcnetdev", "bcurren", "bmpercy", "revo", "nathany"]
12
+ s.date = %q{2010-08-06}
13
+ s.description = %q{SSL requirement adds a declarative way of specifying that certain actions should only be allowed to run under SSL, and if they're accessed without it, they should be redirected.}
14
+ s.email = %q{nathan@yardsticksoftware.com}
15
+ s.extra_rdoc_files = [
16
+ "README"
17
+ ]
18
+ s.files = [
19
+ ".gitignore",
20
+ "README",
21
+ "Rakefile",
22
+ "VERSION",
23
+ "init.rb",
24
+ "lib/ssl_requirement.rb",
25
+ "lib/url_rewriter.rb",
26
+ "rails/init.rb",
27
+ "shoulda_macros/ssl_requirement_macros.rb",
28
+ "sslrequirement.gemspec",
29
+ "test/ssl_requirement_test.rb",
30
+ "test/url_rewriter_test.rb"
31
+ ]
32
+ s.homepage = %q{http://github.com/yardstick/ssl_requirement}
33
+ s.rdoc_options = ["--charset=UTF-8"]
34
+ s.require_paths = ["lib"]
35
+ s.rubygems_version = %q{1.3.7}
36
+ s.summary = %q{Allow controller actions to force SSL on specific parts of the site.}
37
+ s.test_files = [
38
+ "test/ssl_requirement_test.rb",
39
+ "test/url_rewriter_test.rb"
40
+ ]
41
+
42
+ if s.respond_to? :specification_version then
43
+ current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
44
+ s.specification_version = 3
45
+
46
+ if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
47
+ else
48
+ end
49
+ else
50
+ end
51
+ end
52
+
@@ -3,7 +3,7 @@ require 'rubygems'
3
3
  require 'active_support'
4
4
  begin
5
5
  require 'action_controller'
6
- rescue LoadError
6
+ rescue LoadError # annoying when this dies due to more unusual errors (like mismatched active_support/action_controller gems)
7
7
  if ENV['ACTIONCONTROLLER_PATH'].nil?
8
8
  abort <<MSG
9
9
  Please set the ACTIONCONTROLLER_PATH environment variable to the directory
@@ -314,29 +314,20 @@ class SslRequirementTest < ActionController::TestCase
314
314
  @response.headers['Location']
315
315
  end
316
316
 
317
- # test ssl_host and ssl_non_host overrides with Procs
318
-
319
- def test_ssl_redirect_with_ssl_host_proc
320
- SslRequirement.ssl_host = Proc.new do
321
- @ssl_host_override
322
- end
317
+ # ssl_all to lock down a full site
318
+ def test_ssl_all
319
+ SslRequirement.ssl_all = true
320
+ assert SslRequirement.ssl_all?
321
+
323
322
  assert_not_equal "on", @request.env["HTTPS"]
324
- get :a
323
+ get :a # requires ssl either way
325
324
  assert_response :redirect
326
- assert_match Regexp.new("^https://#{@ssl_host_override}"),
327
- @response.headers['Location']
328
- SslRequirement.ssl_host = nil
329
- end
330
-
331
- def test_non_ssl_redirect_with_non_ssl_host_proc
332
- SslRequirement.non_ssl_host = Proc.new do
333
- @non_ssl_host_override
334
- end
335
- @request.env['HTTPS'] = 'on'
336
- get :d
325
+ get :c # allow ssl should still redirect
337
326
  assert_response :redirect
338
- assert_match Regexp.new("^http://#{@non_ssl_host_override}"),
339
- @response.headers['Location']
340
- SslRequirement.non_ssl_host = nil
327
+ get :d # doesn't usually require ssl, but now it does
328
+ assert_response :redirect
329
+ ensure
330
+ SslRequirement.ssl_all = false
341
331
  end
332
+
342
333
  end
@@ -138,32 +138,5 @@ class UrlRewriterTest < Test::Unit::TestCase
138
138
  :only_path => true))
139
139
  SslRequirement.non_ssl_host = nil
140
140
  end
141
-
142
- # tests for ssl_host overriding with Procs
143
-
144
- def test_rewrite_secure_with_ssl_host_proc
145
- SslRequirement.disable_ssl_check = false
146
- SslRequirement.ssl_host = Proc.new do
147
- @ssl_host_override
148
- end
149
- assert_equal("https://#{@ssl_host_override}/c/a",
150
- @rewriter.rewrite(:controller => 'c', :action => 'a',
151
- :secure => true))
152
- SslRequirement.ssl_host = nil
153
- end
154
141
 
155
- def test_rewrite_non_secure_with_non_ssl_host_proc
156
- SslRequirement.disable_ssl_check = false
157
- SslRequirement.non_ssl_host = Proc.new do
158
- @non_ssl_host_override
159
- end
160
- # with secure option
161
- assert_equal("http://#{@non_ssl_host_override}/c/a",
162
- @rewriter.rewrite(:controller => 'c', :action => 'a',
163
- :secure => false))
164
- # without secure option
165
- assert_equal("http://#{@non_ssl_host_override}/c/a",
166
- @rewriter.rewrite(:controller => 'c', :action => 'a'))
167
- SslRequirement.non_ssl_host = nil
168
- end
169
142
  end
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sslrequirement
3
3
  version: !ruby/object:Gem::Version
4
+ hash: 31
4
5
  prerelease: false
5
6
  segments:
6
7
  - 1
7
- - 1
8
- - 1
9
- version: 1.1.1
8
+ - 2
9
+ - 0
10
+ version: 1.2.0
10
11
  platform: ruby
11
12
  authors:
12
13
  - RailsJedi
@@ -20,7 +21,7 @@ autorequire:
20
21
  bindir: bin
21
22
  cert_chain: []
22
23
 
23
- date: 2010-04-07 00:00:00 -06:00
24
+ date: 2010-08-06 00:00:00 -06:00
24
25
  default_executable:
25
26
  dependencies: []
26
27
 
@@ -42,6 +43,7 @@ files:
42
43
  - lib/url_rewriter.rb
43
44
  - rails/init.rb
44
45
  - shoulda_macros/ssl_requirement_macros.rb
46
+ - sslrequirement.gemspec
45
47
  - test/ssl_requirement_test.rb
46
48
  - test/url_rewriter_test.rb
47
49
  has_rdoc: true
@@ -54,23 +56,27 @@ rdoc_options:
54
56
  require_paths:
55
57
  - lib
56
58
  required_ruby_version: !ruby/object:Gem::Requirement
59
+ none: false
57
60
  requirements:
58
61
  - - ">="
59
62
  - !ruby/object:Gem::Version
63
+ hash: 3
60
64
  segments:
61
65
  - 0
62
66
  version: "0"
63
67
  required_rubygems_version: !ruby/object:Gem::Requirement
68
+ none: false
64
69
  requirements:
65
70
  - - ">="
66
71
  - !ruby/object:Gem::Version
72
+ hash: 3
67
73
  segments:
68
74
  - 0
69
75
  version: "0"
70
76
  requirements: []
71
77
 
72
78
  rubyforge_project:
73
- rubygems_version: 1.3.6
79
+ rubygems_version: 1.3.7
74
80
  signing_key:
75
81
  specification_version: 3
76
82
  summary: Allow controller actions to force SSL on specific parts of the site.