strelka 0.9.0 → 0.9.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0b14749495dff16df191c5371094312f513e7b6c
-  data.tar.gz: 5db0407a3325455375fa0fbce72257e23cf32a5c
+  metadata.gz: 75847ae82c8afb5c1b015ff7883b242f02f497e3
+  data.tar.gz: f3a1644c01ff9e07c776eda4c98105a85c94f50b
 SHA512:
-  metadata.gz: 2b36ed3558f2cac0228536ea0251e696038b8e2f9711355512704145196c42745c2261df604c5aa9d2cc1eb66c4670142c92f2eef9f9d704487556ef3857ed08
-  data.tar.gz: 129997e0bdad8b2962b083627902917d1e8c2948133910dbc2aa1e947733b9d0b18b8472c7ed6b5af79760b66254ff70606d8d6ee80e813ee50b75e0d4c77cd0
+  metadata.gz: cc56b4ca53995f7b2ac9196c3ab0ea5727b5bb0bbca9ab8802a0205d628d7ccc9365a5b0c2b9f97c9d4b0c0223a32121505aa9c685a791cde17363b717a5f31e
+  data.tar.gz: 5346f6b0ae56a569cf57cef4ab248d65469a77fb84384150e02d51633d392b3f26cf54e9dedfab4672babb53037645052295dd0720b4a64457d42510e8fe58a0

checksums.yaml.gz.sig

@@ -1,2 +1 @@
-I�F�����.�V�e���ҽ�ܶ�&z6�w�M�+�=�o��Gѫn��L���J�
����T
�8�n����
�u�ҥ[v2���e��X�0��`?vC��&�cL��T�;|��z-����^�K���R�c\�+JC$���'')y���Pk��:��b�kBh �'�G�!׃3o�S��28I�-
-GDJ���Ue/*u5-�%N�>2�h��䈆�qo�4{x��-�������'�
+`���[�(ɱ���꾂�G|�G#���\��Ұ��E!]���$�_�Ob'�|��>h���-�Hsja�+0Ƣd�c,5�N�M�
�F�**��lܰs-Q�y�W4Voj�<����7���Ty_�Prvl1��T ���Ց�@\g�����uj�p��3.U���x�Z'�`0��d7�e�fmM�t�c6�E9W�9��X��9;Q��ƓNb�T���]�0r�d�&�J-�|�I��4h@"W�>6�:�

data.tar.gz.sig

@@ -1 +1,2 @@
-@
+�I�^��Po�!�r-ƾ�Du1����Gc�0�$��=(��,�.���*`�\�J���}��?%z��nj͔��A}ɣ�$u����,�e�N-��W�ͅ򍛧�\b��~�&*��K�L�l6v��H%ZE�z��6��@.��9��τ�vz��ZĦ�$��������QG�8�M�ׄ��5�F�^f���*�,�Cl�">1�q� "
+

data/ChangeLog

@@ -1,9 +1,127 @@
+2015-04-01  Michael Granger  <ged@FaerieMUD.org>
+
+	* cert/mahlon.pem:
+	Sign mahlon's cert
+	[db92e594bfc2] [tip]
+
+2015-04-01  Mahlon E. Smith  <mahlon@martini.nu>
+
+	* .gems, Rakefile:
+	Add certificate signing to gem packaging.
+	[d8b9bca999a8]
+
+	* .hoerc, Rakefile, cert/ged.pem, cert/mahlon.pem, strelka.gemspec:
+	Add certificate signing to gem packaging.
+	[d85a66521643]
+
+	* .gems:
+	Add safe_yaml to the .gems file.
+	[1f2abfa84b12]
+
+	* lib/strelka/app/auth.rb, spec/strelka/app/auth_spec.rb:
+	Ensure required permissions for the auth plugin are unmodified
+	between requests.
+	[e38b9bf6df30]
+
+2015-03-25  Michael Granger  <ged@FaerieMUD.org>
+
+	* lib/strelka/httprequest.rb, spec/helpers.rb:
+	Fix urlencoded param parsing
+
+	Ruby 2.2's URI library no longer supports parsing application/x-www-
+	form-urlencoded with semicolon delimiters because the WhatWG decided
+	no one used that I guess.
+
+	This change restores the old behavior by doing the two splits
+	ourselves and handing the escaping off to URI.
+	[dd7fe269b65b]
+
+	* spec/strelka/app/auth_spec.rb, spec/strelka/app/errors_spec.rb,
+	spec/strelka/app/filters_spec.rb,
+	spec/strelka/app/negotiation_spec.rb,
+	spec/strelka/app/parameters_spec.rb,
+	spec/strelka/app/restresources_spec.rb,
+	spec/strelka/app/routing_spec.rb, spec/strelka/app/sessions_spec.rb,
+	spec/strelka/app/templating_spec.rb, spec/strelka/app_spec.rb,
+	spec/strelka/authprovider/basic_spec.rb,
+	spec/strelka/authprovider/hostaccess_spec.rb,
+	spec/strelka/authprovider_spec.rb, spec/strelka/cookie_spec.rb,
+	spec/strelka/discovery_spec.rb, spec/strelka/exceptions_spec.rb,
+	spec/strelka/httprequest/acceptparams_spec.rb,
+	spec/strelka/httprequest/auth_spec.rb,
+	spec/strelka/httprequest/negotiation_spec.rb,
+	spec/strelka/httprequest/session_spec.rb,
+	spec/strelka/httprequest_spec.rb,
+	spec/strelka/httpresponse/negotiation_spec.rb,
+	spec/strelka/httpresponse/session_spec.rb,
+	spec/strelka/httpresponse_spec.rb, spec/strelka/mixins_spec.rb,
+	spec/strelka/multipartparser_spec.rb,
+	spec/strelka/paramvalidator_spec.rb, spec/strelka/plugins_spec.rb,
+	spec/strelka/router/default_spec.rb,
+	spec/strelka/router/exclusive_spec.rb, spec/strelka/router_spec.rb,
+	spec/strelka/session/db_spec.rb,
+	spec/strelka/session/default_spec.rb, spec/strelka/session_spec.rb,
+	spec/strelka/websocketserver/routing_spec.rb,
+	spec/strelka/websocketserver_spec.rb, spec/strelka_spec.rb:
+	Use the loggability spechelper for logging setup/teardown
+	[a585c7b4f35b]
+
+	* spec/strelka/paramvalidator_spec.rb:
+	Update paramvalidator specs for Ruby 2.2.
+
+	This removes some "bad" URI examples that are now parsed
+	successfully by Ruby 2.2's URI library, and one that used to be
+	parsed okay but no longer is.
+	[5675c3e920cb]
+
+	* .gems, .rvm.gems, Rakefile, strelka.gemspec:
+	Bump mongrel2 dependency to get rid of Ruby 2.2 warnings
+	[bb0e56836291]
+
+2015-03-01  Michael Granger  <ged@FaerieMUD.org>
+
+	* strelka.gemspec:
+	Update the gemspec
+	[92c894486289]
+
+	* Rakefile:
+	Fix the fivefish version
+	[22b8b7b6a0dd]
+
+	* .rvmrc:
+	Bump the rvmrc Ruby version
+	[653f2efdcfb3]
+
+2015-02-27  Michael Granger  <ged@FaerieMUD.org>
+
+	* .hgignore, .travis.yml, Gemfile, Rakefile, strelka.gemspec:
+	Prep for travis-ci builds
+	[d2eccf740f22]
+
+	* lib/strelka.rb, lib/strelka/app.rb:
+	Ensure mixins are loaded
+	[421c715bc499]
+
+2014-06-06  Michael Granger  <ged@FaerieMUD.org>
+
+	* .hgtags:
+	Added tag v0.9.0 for changeset a03445b9de0f
+	[f314a21c616e]
+
+	* .hgsigs:
+	Added signature for changeset 406a68302dc6
+	[a03445b9de0f] [v0.9.0]
+
+	* History.rdoc, lib/strelka.rb:
+	Bump the minor version, update history.
+	[406a68302dc6]
+
 2014-06-06  Mahlon E. Smith  <mahlon@martini.nu>
 
 	* lib/strelka/app/auth.rb, spec/strelka/app/auth_spec.rb:
 	Auth plugin: Add the ability to modify permission sets from the
 	require_perms_for() block.
-	[69fbfc1e2de3] [tip]
+	[69fbfc1e2de3]
 
 2014-06-05  Michael Granger  <ged@FaerieMUD.org>
 
@@ -15,7 +133,7 @@
 	spec/strelka/httpresponse/session_spec.rb,
 	spec/strelka/plugins_spec.rb, spec/strelka_spec.rb:
 	Updated for RSpec 3.0; bumped deps.
-	[04bd8611e28f] [github/master]
+	[04bd8611e28f]
 
 2014-02-05  Michael Granger  <ged@FaerieMUD.org>
 
@@ -37,13 +155,6 @@
 	Update dependencies.
 	[4ddae11c28b8]
 
-2014-01-22  Mahlon E. Smith  <mahlon@laika.com>
-
-	* lib/strelka/httprequest.rb:
-	Don't modify the original request URI object when calling
-	HttpRequest#base_uri.
-	[6e2d1e0e89d1]
-
 2014-01-29  Michael Granger  <ged@FaerieMUD.org>
 
 	* lib/strelka/app.rb:
@@ -81,19 +192,19 @@
 	Merge improvements to the AbstractClass mixin from elsewhere.
 	[96725c68d4ae]
 
+2014-01-22  Mahlon E. Smith  <mahlon@laika.com>
+
+	* lib/strelka/httprequest.rb:
+	Don't modify the original request URI object when calling
+	HttpRequest#base_uri.
+	[6e2d1e0e89d1]
+
 2014-01-02  Michael Granger  <ged@FaerieMUD.org>
 
 	* lib/strelka.rb:
 	Merged with bdb098771858
 	[140055f6ee81]
 
-2013-12-02  Mahlon E. Smith  <mahlon@martini.nu>
-
-	* .rvm.gems, lib/strelka.rb, lib/strelka/app/auth.rb,
-	spec/strelka/session/default_spec.rb:
-	Restore access to request parameters from the authentication plugin.
-	[bdb098771858]
-
 2014-01-01  Michael Granger  <ged@FaerieMUD.org>
 
 	* History.rdoc, lib/strelka.rb:
@@ -135,6 +246,13 @@
 	Remove config keys that moved to Discovery
 	[c4b52cde2f47]
 
+2013-12-02  Mahlon E. Smith  <mahlon@martini.nu>
+
+	* .rvm.gems, lib/strelka.rb, lib/strelka/app/auth.rb,
+	spec/strelka/session/default_spec.rb:
+	Restore access to request parameters from the authentication plugin.
+	[bdb098771858]
+
 2013-11-08  Michael Granger  <ged@FaerieMUD.org>
 
 	* .hgtags:
@@ -586,7 +704,7 @@
 	spec/strelka/app/parameters_spec.rb,
 	spec/strelka/paramvalidator_spec.rb:
 	Add a paramvalidator constraint for JSON fields
-	[ac11b12f9366] [github/no-notes-auto-vivify]
+	[ac11b12f9366]
 
 2013-01-25  Michael Granger  <ged@FaerieMUD.org>
 
@@ -829,7 +947,7 @@
 
 	* lib/strelka/authprovider.rb, spec/strelka/authprovider_spec.rb:
 	Fix the documentation and specs for AuthProvider#authorize.
-	[accb655c57b4] [github/master@default]
+	[accb655c57b4]
 
 2012-10-03  Michael Granger  <ged@FaerieMUD.org>
 
@@ -2440,8 +2558,8 @@
 	- Require Ruby-Mongrel 0.12+
 	- This is just the initial implementation. Yet to be added:
 	configuration options for enabling/disabling stuff, automatic
-	composite services mapped from association reflections, mass- create
-	option, and lots more I'm forgetting.
+	composite services mapped from association reflections, mass-
+	create option, and lots more I'm forgetting.
 	[23acdb6e9afc]
 
 	* data/strelka/bootstrap-config.rb:
@@ -2759,11 +2877,12 @@
 	spec/strelka/httpresponse/negotiation_spec.rb:
 	Alterations to the plugin system to reflect dogfood discoveries.
 	- Rearranged the lifecycle of the request to all happen inside the
-	try/catch to allow fixup hooks to finish with an error status, too.
+	try/catch to allow fixup hooks to finish with an error status,
+	too.
 	- Moved the negotiation plugin closer to the router so negotation
-	callbacks can return responses that will be further altered by later
-	plugins. Moved the acceptable check into the response fixup hook to
-	accomplish this.
+	callbacks can return responses that will be further altered by
+	later plugins. Moved the acceptable check into the response fixup
+	hook to accomplish this.
 	- Made the response fixup hook only take a response object since
 	responses can now know what their request is.
 	- Made language-negotiation short-circuit whenever there aren't any

data/History.rdoc

@@ -1,3 +1,10 @@
+== v0.9.1 [2015-04-01] Mahlon E. Smith <mahlon@martini.nu>
+
+- Ensure required permissions for the auth plugin are unmodified between requests.
+- Fix urlencoded param parsing
+- Fixes for Ruby 2.2.
+
+
 == v0.9.0 [2014-06-06] Mahlon E. Smith <mahlon@martini.nu>
 
 - Auth plugin: Add the ability to modify permission sets from the

data/Rakefile

@@ -8,10 +8,11 @@ rescue LoadError
 	abort "This Rakefile requires 'hoe' (gem install hoe)"
 end
 
+GEMSPEC = 'strelka.gemspec'
+
 Hoe.plugin :mercurial
 Hoe.plugin :signing
 Hoe.plugin :deveiate
-Hoe.plugin :bundler
 
 Hoe.plugins.delete :rubyforge
 
@@ -19,6 +20,7 @@ hoespec = Hoe.spec 'strelka' do
 	self.readme_file = 'README.rdoc'
 	self.history_file = 'History.rdoc'
 	self.extra_rdoc_files = FileList[ '*.rdoc' ]
+	self.license "BSD"
 
 	self.developer 'Mahlon E. Smith', 'mahlon@martini.nu'
 	self.developer 'Michael Granger', 'ged@FaerieMUD.org'
@@ -28,42 +30,35 @@ hoespec = Hoe.spec 'strelka' do
 	self.dependency 'highline',        '~> 1.6'
 	self.dependency 'inversion',       '~> 0.12'
 	self.dependency 'loggability',     '~> 0.9'
-	self.dependency 'mongrel2',        '~> 0.41'
+	self.dependency 'mongrel2',        ['~> 0.43', '>= 0.43.1']
 	self.dependency 'pluggability',    '~> 0.4'
 	self.dependency 'sysexits',        '~> 1.1'
 	self.dependency 'trollop',         '~> 2.0'
 	self.dependency 'uuidtools',       '~> 2.1'
 	self.dependency 'safe_yaml',       '~> 1.0'
 
-	self.dependency 'hoe-deveiate',            '~> 0.3',  :developer
-	self.dependency 'hoe-bundler',             '~> 1.2',  :developer
+	self.dependency 'hoe-deveiate',            '~> 0.6',  :developer
 	self.dependency 'rspec',                   '~> 3.0',  :developer
 	self.dependency 'simplecov',               '~> 0.7',  :developer
-	self.dependency 'rdoc-generator-fivefish', '~> 0.2',  :developer
-
-	self.license "BSD"
-	self.spec_extras[:rdoc_options] = [
-		'-t', 'Strelka Web Application Toolkit',
-		'-w', '4',
-	]
-
-	# Use the Fivefish formatter if run in development
-	self.spec_extras[:rdoc_options] += [ '-f', 'fivefish' ] if File.directory?( '.hg' )
+	self.dependency 'rdoc-generator-fivefish', '~> 0.1',  :developer
 
-	self.require_ruby_version( '>=1.9.3' )
+	self.require_ruby_version( '>=2.0.0' )
 	self.hg_sign_tags = true if self.respond_to?( :hg_sign_tags= )
 	self.check_history_on_release = true if self.respond_to?( :check_history_on_release= )
-
 	self.rdoc_locations << "deveiate:/usr/local/www/public/code/#{remote_rdoc_dir}"
 end
 
-
-
 ENV['VERSION'] ||= hoespec.spec.version.to_s
 
 # Ensure the specs pass before checking in
-task 'hg:precheckin' => [ :check_history, :check_manifest, :spec ]
+task 'hg:precheckin' => [:check_history, :check_manifest, :spec]
 
+if Rake::Task.task_defined?( '.gemtest' )
+	Rake::Task['.gemtest'].clear
+	task '.gemtest' do
+		$stderr.puts "Not including a .gemtest until I'm confident the test suite is idempotent."
+	end
+end
 
 desc "Build a coverage report"
 task :coverage do
@@ -71,15 +66,33 @@ task :coverage do
 	Rake::Task[:spec].invoke
 end
 
-if Rake::Task.task_defined?( '.gemtest' )
-	Rake::Task['.gemtest'].clear
-	task '.gemtest' do
-		$stderr.puts "Not including a .gemtest until I'm confident the test suite is idempotent."
-	end
-end
 
+# Use the fivefish formatter for docs generated from development checkout
+if File.directory?( '.hg' )
+	require 'rdoc/task'
 
-# Add admin app testing directories to the clobber list
-CLOBBER.include( 'static', 'run', 'log', 'strelka.sqlite' )
+	Rake::Task[ 'docs' ].clear
+	RDoc::Task.new( 'docs' ) do |rdoc|
+	rdoc.main = "README.rdoc"
+	rdoc.rdoc_files.include( "*.rdoc", "ChangeLog", "lib/**/*.rb" )
+	rdoc.generator = :fivefish
+	rdoc.title = "Strelka: A Ruby Web Framework"
+	rdoc.rdoc_dir = 'doc'
+	end
+end
 
+task :gemspec => GEMSPEC
+file GEMSPEC => __FILE__
+task GEMSPEC do |task|
+	spec = $hoespec.spec
+	spec.files.delete( '.gemtest' )
+	spec.signing_key = nil
+	spec.cert_chain = [ 'certs/mahlon.pem', 'certs/ged.pem' ]
+	spec.version = "#{spec.version.bump}.0.pre#{Time.now.strftime("%Y%m%d%H%M%S")}"
+	File.open( task.name, 'w' ) do |fh|
+		fh.write( spec.to_ruby )
+	end
+end
 
+CLOBBER.include( GEMSPEC.to_s )
+task :default => :gemspec

data/lib/strelka.rb

@@ -24,11 +24,12 @@ module Strelka
 	log_as :strelka
 
 	# Library version constant
-	VERSION = '0.9.0'
+	VERSION = '0.9.1'
 
 	# Version-control revision constant
-	REVISION = %q$Revision: 406a68302dc6 $
+	REVISION = %q$Revision: d8332e8ea7f7 $
 
+	require 'strelka/mixins'
 	require 'strelka/constants'
 	require 'strelka/exceptions'
 	include Strelka::Constants

data/lib/strelka/app.rb

@@ -23,6 +23,7 @@ class Strelka::App < Mongrel2::Handler
 	include Strelka::Constants,
 	        Strelka::ResponseHelpers
 
+
 	# Loggability API -- set up logging
 	log_to :strelka
 

data/lib/strelka/app/auth.rb

@@ -421,7 +421,7 @@ module Strelka::App::Auth
 
 			pattern.gsub!( %r{^/+|/+$}, '' ) if pattern.respond_to?( :gsub! )
 			self.log.debug "  adding require_perms (%p) for %p" % [ perms, pattern ]
-			self.positive_perms_criteria << [ pattern, block, perms ]
+			self.positive_perms_criteria << [ pattern, block, perms.freeze ]
 		end
 
 
@@ -624,7 +624,7 @@ module Strelka::App::Auth
 			criteria = self.request_matches_criteria( request, pattern, &block )
 			next unless criteria
 
-			newperms = Array( newperms )
+			newperms = Array( newperms ).dup
 
 			if criteria.is_a?( Symbol )
 				newperms << criteria

data/lib/strelka/httprequest.rb

@@ -142,7 +142,7 @@ class Strelka::HTTPRequest < Mongrel2::HTTPRequest
 
 			case self.verb
 			when :GET, :HEAD
-				value = self.parse_query_args
+				value = decode_www_form( self.uri.query )
 			when :POST, :PUT
 				value = self.parse_body
 			when :TRACE
@@ -177,7 +177,7 @@ class Strelka::HTTPRequest < Mongrel2::HTTPRequest
 
 		case mimetype.split( ';' ).first
 		when 'application/x-www-form-urlencoded'
-			return merge_query_args( URI.decode_www_form(self.body.read) )
+			return decode_www_form( self.body.read )
 		when 'application/json', 'text/javascript'
 			return Yajl.load( self.body )
 		when 'text/x-yaml', 'application/x-yaml'
@@ -219,24 +219,26 @@ class Strelka::HTTPRequest < Mongrel2::HTTPRequest
 	alias_method :redirect_to, :redirect
 
 
-	#########
-	protected
-	#########
+	#######
+	private
+	#######
 
-	### Return a Hash of request query arguments.
-	### ?arg1=yes&arg2=no&arg3  #=> {'arg1' => 'yes', 'arg2' => 'no', 'arg3' => nil}
-	def parse_query_args
-		return {} if self.uri.query.nil?
+	### Return a Hash of parameters decoded from a application/x-www-form-urlencoded
+	### +query_string+, combining multiple values for the same key into an Array
+	### value in the order they occurred.
+	def decode_www_form( query_string )
+		return {} if query_string.nil?
+
+		query_args = query_string.split( /[&;]/ ).each_with_object([]) do |pair, accum|
+			pair = pair.split( '=', 2 )
+			raise "malformed parameter pair %p: no '='" % [ pair ] unless pair.length == 2
+			accum << pair.map {|part| URI.decode_www_form_component(part) }
+		end
 
-		query_args = URI.decode_www_form( self.uri.query )
 		return merge_query_args( query_args )
 	end
 
 
-	#######
-	private
-	#######
-
 	### Strip surrounding double quotes from a copy of the specified string
 	### and return it.
 	def dequote( string )