switch_user 1.3.1 → 1.5.3

data/lib/switch_user/user_loader.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module SwitchUser
   class UserLoader
     attr_reader :scope
@@ -8,7 +10,8 @@ module SwitchUser
 
       if options[:scope_identifier]
         options[:scope_identifier] =~ /^(.*)_([^_]+)$/
-        scope, id = $1, $2
+        scope = Regexp.last_match(1)
+        id = Regexp.last_match(2)
       else
         scope, id = args
       end
@@ -30,7 +33,7 @@ module SwitchUser
       if scope && SwitchUser.available_scopes.include?(scope.to_sym)
         @scope = scope
       else
-        raise InvalidScope.new("#{scope} is invalid and is not listed in SwitchUser#available_users")
+        raise InvalidScope, "#{scope} is invalid and is not listed in SwitchUser#available_users"
       end
     end
 

data/lib/switch_user/user_set.rb

@@ -1,32 +1,36 @@
+# frozen_string_literal: true
+
 module SwitchUser
   class UserSet
     def self.init_from_config
       SwitchUser.available_users.map do |scope, base_scope|
         identifier = SwitchUser.available_users_identifiers[scope]
-        label      = SwitchUser.available_users_names[scope]
+        label = SwitchUser.available_users_names[scope]
         new(scope, identifier, label, base_scope)
       end
     end
 
     def self.users
-      init_from_config.flat_map {|user_set|
-        user_set.users.map {|user| Record.build(user, user_set) }
-      }
+      init_from_config.flat_map do |user_set|
+        user_set.users.map { |user| Record.build(user, user_set) }
+      end
     end
 
     attr_reader :scope, :user_class, :identifier, :label, :base_scope
+
     def initialize(scope, identifier, label, base_scope)
-      @scope      = scope
+      @scope = scope
       @user_class = normalize_class(scope)
       @identifier = identifier
-      @label      = label
+      @label = label
       @base_scope = normalize_scope(base_scope)
     end
 
     def find_user(id)
-      Record.build(users.where(:id => id).first, self)
+      Record.build(users.where(id: id).first, self)
     end
-    alias :[] :find_user
+
+    alias [] find_user
 
     def users
       base_scope
@@ -54,9 +58,10 @@ module SwitchUser
         user_class.respond_to?(:scoped) ? user_class.scoped : user_class.all
       end
     end
+
     class Record < Struct.new(:id, :label, :scope)
       def self.build(user, set)
-        id    = user.send(set.identifier)
+        id = user.send(set.identifier)
         label = user.send(set.label)
         scope = set.scope
 

data/lib/switch_user/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module SwitchUser
-  VERSION = "1.3.1"
+  VERSION = '1.5.3'
 end

data/spec/controllers/switch_user_controller_spec.rb

@@ -1,40 +1,37 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'switch_user'
 require 'switch_user_controller'
 
-RSpec.describe SwitchUserController, :type => :controller do
+RSpec.describe SwitchUserController, type: :controller do
   before do
     SwitchUser.provider = :dummy
   end
 
-  let(:admin) { double(:admin, :admin? => true) }
-  let(:provider) { double(:provider,
-                        :original_user => admin,
-                        :current_user => nil)
-  }
-  describe "#set_current_user" do
-    it "redirects the user to the specified location" do
-      SwitchUser.redirect_path = lambda {|_,_| "/path"}
+  let(:admin) { double(:admin, admin?: true) }
+  let(:provider) { double(:provider, original_user: admin, current_user: nil) }
+  describe '#set_current_user' do
+    it 'redirects the user to the specified location' do
+      SwitchUser.redirect_path = ->(_, _) { '/path' }
       allow(controller).to receive(:available?).and_return(true)
-      get :set_current_user, :scope_identifier => "user_1"
+      get :set_current_user, params: { scope_identifier: 'user_1' }
 
-      expect(response).to redirect_to("/path")
+      expect(response).to redirect_to('/path')
     end
 
-    it "denies access according to the guard block" do
-      SwitchUser.controller_guard = lambda {|_,_,_| false }
-      expect {
-        get :set_current_user
-      }.to raise_error(ActionController::RoutingError)
+    it 'denies access according to the guard block' do
+      SwitchUser.controller_guard = ->(_, _, _) { false }
+      expect { get :set_current_user }.to raise_error(ActionController::RoutingError)
     end
 
-    describe "requests with a privileged original_user" do
+    describe 'requests with a privileged original_user' do
       before do
-        SwitchUser.controller_guard = lambda {|current_user, _, original_user|
+        SwitchUser.controller_guard = lambda do |current_user, _, original_user|
           current_user.try(:admin?) || original_user.try(:admin?)
-        }
+        end
       end
-      it "allows access using the original_user param" do
+      it 'allows access using the original_user param' do
         allow(controller).to receive(:provider).and_return(provider)
 
         expect(provider).to receive(:logout_all)
@@ -46,26 +43,26 @@ RSpec.describe SwitchUserController, :type => :controller do
     end
   end
 
-  describe "#remember_user" do
+  describe '#remember_user' do
     before do
       allow(controller).to receive(:provider).and_return(provider)
       SwitchUser.switch_back = true
     end
-    it "can remember the current user" do
+    it 'can remember the current user' do
       expect(provider).to receive(:remember_current_user).with(true)
 
-      get :remember_user, :remember => "true"
+      get :remember_user, params: { remember: 'true' }
     end
-    it "can forget the current user" do
+    it 'can forget the current user' do
       expect(provider).to receive(:remember_current_user).with(false)
 
-      get :remember_user, :remember => "false"
+      get :remember_user, params: { remember: 'false' }
     end
-    it "does nothing if switch_back is not enabled" do
+    it 'does nothing if switch_back is not enabled' do
       SwitchUser.switch_back = false
       expect(provider).not_to receive(:remember_current_user)
 
-      get :remember_user, :remember => "true"
+      get :remember_user, params: { remember: 'true' }
     end
   end
 end

data/spec/helpers/switch_user_helper_spec.rb

@@ -1,30 +1,35 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'switch_user'
 require 'switch_user_helper'
 
-RSpec.describe SwitchUserHelper, :type => :helper do
+RSpec.describe SwitchUserHelper, type: :helper do
   before do
     SwitchUser.provider = :dummy
   end
 
-  let(:user) { double(:user, :id => 1) }
-  let(:admin) { double(:admin, :id => 1) }
-  let(:provider) {
+  let(:user) { double(:user, id: 1) }
+  let(:admin) { double(:admin, id: 1) }
+  let(:provider) do
     _provider = SwitchUser::Provider::Dummy.new(controller)
     _provider
-  }
+  end
 
-  describe "#switch_user_select" do
+  describe '#switch_user_select' do
     let(:guest_record) { SwitchUser::GuestRecord.new }
-    let(:user_record) { double(:user_record, :user => user, :scope => :user, :label => 'user1', :scope_id => 'user_1') }
-    let(:admin_record) { double(:admin_record, :user => admin, :scope => :admin, :label => 'admin1', :scope_id => 'admin_1') }
-
-    let(:guest_option_tags) { %Q^<optgroup label="Guest"><option value="">Guest</option></optgroup>^ }
-    let(:user_option_tags) { %Q^<optgroup label="User"><option value="user_1">user1</option></optgroup>^ }
-    let(:user_selected_option_tags) { %Q^<optgroup label="User"><option selected="selected" value="user_1">user1</option></optgroup>^ }
-    let(:admin_option_tags) { %Q^<optgroup label="Admin"><option value="admin_1">admin1</option></optgroup>^ }
-    let(:admin_selected_option_tags) { %Q^<optgroup label="Admin"><option selected="selected" value="admin_1">admin1</option></optgroup>^ }
+    let(:user_record) { double(:user_record, user: user, scope: :user, label: 'user1', scope_id: 'user_1') }
+    let(:admin_record) { double(:admin_record, user: admin, scope: :admin, label: 'admin1', scope_id: 'admin_1') }
 
+    let(:guest_option_tags) { '<optgroup label="Guest"><option value="">Guest</option></optgroup>' }
+    let(:user_option_tags) { '<optgroup label="User"><option value="user_1">user1</option></optgroup>' }
+    let(:user_selected_option_tags) do
+      '<optgroup label="User"><option selected="selected" value="user_1">user1</option></optgroup>'
+    end
+    let(:admin_option_tags) { '<optgroup label="Admin"><option value="admin_1">admin1</option></optgroup>' }
+    let(:admin_selected_option_tags) do
+      '<optgroup label="Admin"><option selected="selected" value="admin_1">admin1</option></optgroup>'
+    end
 
     before do
       allow(SwitchUser).to receive(:switch_back).and_return(false)
@@ -39,64 +44,64 @@ RSpec.describe SwitchUserHelper, :type => :helper do
       allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record])
     end
 
-    it "when unavailable" do
+    it 'when unavailable' do
       allow(helper).to receive(:available?).and_return(false)
 
       expect(helper.switch_user_select).to eq(nil)
     end
 
-    it "when current_user is nil and all_users is []" do
+    it 'when current_user is nil and all_users is []' do
       allow(provider).to receive(:current_user).and_return(nil)
       allow(SwitchUser).to receive(:all_users).and_return([])
 
       expect(helper.switch_user_select).not_to match(%r{</option>})
     end
 
-    it "when current_user is nil and all_users is [guest_record]" do
+    it 'when current_user is nil and all_users is [guest_record]' do
       allow(provider).to receive(:current_user).and_return(nil)
       allow(SwitchUser).to receive(:all_users).and_return([guest_record])
 
-      expect(helper.switch_user_select).to match(%r{#{guest_option_tags}})
+      expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
     end
 
-    it "when current_user is nil and all_users is [guest_record, user_record]" do
+    it 'when current_user is nil and all_users is [guest_record, user_record]' do
       allow(provider).to receive(:current_user).and_return(nil)
       allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record])
 
-      expect(helper.switch_user_select).to match(%r{#{guest_option_tags}})
-      expect(helper.switch_user_select).to match(%r{#{user_option_tags}})
+      expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
+      expect(helper.switch_user_select).to match(/#{user_option_tags}/)
     end
 
-    it "when current_user is user and all_users is []" do
+    it 'when current_user is user and all_users is []' do
       allow(provider).to receive(:current_user).and_return(user)
       allow(SwitchUser).to receive(:all_users).and_return([])
 
       expect(helper.switch_user_select).not_to match(%r{</option>})
     end
 
-    it "when current_user is user and all_users is [guest_record, user_record]" do
+    it 'when current_user is user and all_users is [guest_record, user_record]' do
       allow(provider).to receive(:current_user).and_return(user)
       allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record])
 
-      expect(helper.switch_user_select).to match(%r{#{guest_option_tags}})
-      expect(helper.switch_user_select).to match(%r{#{user_selected_option_tags}})
+      expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
+      expect(helper.switch_user_select).to match(/#{user_selected_option_tags}/)
     end
 
-    it "when current_user is default allow and all_users is default allow" do
-      expect(helper.switch_user_select).to match(%r{#{guest_option_tags}})
-      expect(helper.switch_user_select).to match(%r{#{user_selected_option_tags}})
+    it 'when current_user is default allow and all_users is default allow' do
+      expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
+      expect(helper.switch_user_select).to match(/#{user_selected_option_tags}/)
     end
 
-    it "when current_user is user and all_users is [guest_record, user_record, admin_record]" do
+    it 'when current_user is user and all_users is [guest_record, user_record, admin_record]' do
       allow(provider).to receive(:current_user).and_return(user)
       allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record, admin_record])
 
-      expect(helper.switch_user_select).to match(%r{#{guest_option_tags}})
-      expect(helper.switch_user_select).to match(%r{#{user_selected_option_tags}})
-      expect(helper.switch_user_select).to match(%r{#{admin_option_tags}})
+      expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
+      expect(helper.switch_user_select).to match(/#{user_selected_option_tags}/)
+      expect(helper.switch_user_select).to match(/#{admin_option_tags}/)
     end
 
-    it "when current_user is admin and all_users is [guest_record, user_record, admin_record]" do
+    it 'when current_user is admin and all_users is [guest_record, user_record, admin_record]' do
       provider.instance_variable_set(:@user, admin)
       allow(helper).to receive(:provider).and_return(provider)
 
@@ -104,12 +109,12 @@ RSpec.describe SwitchUserHelper, :type => :helper do
 
       allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record, admin_record])
 
-      expect(helper.switch_user_select).to match(%r{#{guest_option_tags}})
-      expect(helper.switch_user_select).to match(%r{#{user_option_tags}})
-      expect(helper.switch_user_select).to match(%r{#{admin_selected_option_tags}})
+      expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
+      expect(helper.switch_user_select).to match(/#{user_option_tags}/)
+      expect(helper.switch_user_select).to match(/#{admin_selected_option_tags}/)
     end
 
-    it "when current_user is admin and all_users is [guest_record, user_record]" do
+    it 'when current_user is admin and all_users is [guest_record, user_record]' do
       provider.instance_variable_set(:@user, admin)
       allow(helper).to receive(:provider).and_return(provider)
 
@@ -117,57 +122,55 @@ RSpec.describe SwitchUserHelper, :type => :helper do
 
       allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record])
 
-      expect(helper.switch_user_select).to match(%r{#{guest_option_tags}})
-      expect(helper.switch_user_select).to match(%r{#{user_option_tags}})
-      expect(helper.switch_user_select).to_not match(%r{#{admin_option_tags}})
+      expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
+      expect(helper.switch_user_select).to match(/#{user_option_tags}/)
+      expect(helper.switch_user_select).to_not match(/#{admin_option_tags}/)
     end
   end
 
-  describe "#user_tag_value" do
-    it "for user" do
-      user = double(:user, :id => 1)
+  describe '#user_tag_value' do
+    it 'for user' do
+      user = double(:user, id: 1)
 
       expect(helper.send(:user_tag_value, user, :id, :user)).to eq('user_1')
     end
   end
 
-  describe "#user_tag_label" do
-    it "when name has call method" do
+  describe '#user_tag_label' do
+    it 'when name has call method' do
       user = double(:user)
-      name = ->(user){ 'user1' }
+      name = ->(_user) { 'user1' }
 
       expect(helper.send(:user_tag_label, user, name)).to eq('user1')
     end
 
-    it "when name not has call method" do
-      user = double(:name, :name => 'user1')
+    it 'when name not has call method' do
+      user = double(:name, name: 'user1')
       name = :name
 
       expect(helper.send(:user_tag_label, user, name)).to eq('user1')
     end
   end
 
-  describe "#available?" do
-    it "return true" do
+  describe '#available?' do
+    it 'return true' do
       allow_any_instance_of(SwitchUser.guard_class).to receive(:view_available?).and_return(true)
 
       expect(helper.send(:available?)).to eq(true)
     end
 
-    it "return false" do
+    it 'return false' do
       allow_any_instance_of(SwitchUser.guard_class).to receive(:view_available?).and_return(false)
 
       expect(helper.send(:available?)).to eq(false)
     end
   end
 
-  describe "#provider" do
-    it "normal" do
+  describe '#provider' do
+    it 'normal' do
       allow(SwitchUser::Provider).to receive(:init).with(controller).and_return(provider)
 
       expect(helper.send(:provider)).to eq(provider)
     end
   end
-
-
 end

data/spec/integration/switch_user_spec.rb

@@ -1,61 +1,145 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
-RSpec.describe "Using SwitchUser", :type => :request do
-  let(:user) { User.create!(:email => "foo@bar.com", :admin => true) }
-  let(:other_user) { User.create!(:email => "other@bar.com", :admin => false) }
+RSpec.describe 'Using SwitchUser', type: :request do
+  let(:user) { User.create!(email: 'foo@bar.com', admin: true) }
+  let(:other_user) { User.create!(email: 'other@bar.com', admin: false) }
 
   before do
     SwitchUser.reset_config
     SwitchUser.provider = :session
-    SwitchUser.controller_guard = lambda { |current_user, request| Rails.env.test? }
-    SwitchUser.redirect_path = lambda {|_,_| "/dummy/open"}
+    SwitchUser.controller_guard = ->(_current_user, _request) { Rails.env.test? }
+    SwitchUser.redirect_path = ->(_, _) { '/dummy/open' }
   end
 
-  it "signs a user in using switch_user" do
+  it 'signs a user in using switch_user' do
     # can't access protected url
-    get "/dummy/protected"
+    get '/dummy/protected'
     expect(response).to be_redirect
 
     get "/switch_user?scope_identifier=user_#{other_user.id}"
     expect(response).to be_redirect
 
     # now that we are logged in via switch_user we can access
-    get "/dummy/protected"
+    get '/dummy/protected'
     expect(response).to be_success
   end
 
-  context "using switch_back" do
+  context 'using switch_back' do
     before do
       SwitchUser.switch_back = true
-      SwitchUser.controller_guard = lambda { |current_user, request, original_user|
+      SwitchUser.controller_guard = lambda do |current_user, _request, original_user|
         current_user && current_user.admin? || original_user && original_user.admin?
-      }
+      end
     end
 
-    it "can switch back to a different user" do
+    it 'can switch back to a different user through remember_user endpoint' do
       # login
-      post "/login", :id => user.id
+      post '/login', params: { id: user.id }
       follow_redirect!
 
       # have SwitchUser remember us
-      get "/switch_user/remember_user", :remember => true
-      expect(session["original_user_scope_identifier"]).to be_present
+      get '/switch_user/remember_user', params: { remember: true }
+      expect(session['original_user_scope_identifier']).to be_present
 
       # check that we can switch to another user
       get "/switch_user?scope_identifier=user_#{other_user.id}"
-      expect(session["user_id"]).to eq other_user.id
+      expect(session['user_id']).to eq other_user.id
+
+      # logout
+      get '/logout'
+      expect(session['user_id']).to be_nil
+
+      # check that we can still switch to another user
+      get "/switch_user?scope_identifier=user_#{user.id}"
+      expect(session['user_id']).to eq user.id
+
+      # check that we can be un-remembered
+      get '/switch_user/remember_user', params: { remember: false }
+      expect(session['original_user']).to be_nil
+    end
+
+    it 'can switch back to a different user without hitting remember_user endpoint' do
+      # login
+      post '/login', params: { id: user.id }
+      follow_redirect!
+
+      # check that we can switch to another user
+      get "/switch_user?scope_identifier=user_#{other_user.id}", params: { remember: true }
+      expect(session['user_id']).to eq other_user.id
+      expect(session['original_user_scope_identifier']).to_not be_nil
 
       # logout
-      get "/logout"
-      expect(session["user_id"]).to be_nil
+      get '/logout'
+      expect(session['user_id']).to be_nil
 
       # check that we can still switch to another user
       get "/switch_user?scope_identifier=user_#{user.id}"
-      expect(session["user_id"]).to eq user.id
+      expect(session['user_id']).to eq user.id
 
       # check that we can be un-remembered
-      get "/switch_user/remember_user", :remember => false
-      expect(session["original_user"]).to be_nil
+      get '/switch_user/remember_user', params: { remember: false }
+      expect(session['original_user']).to be_nil
+    end
+
+    context 'when non-default identifier' do
+      before do
+        SwitchUser.available_users_identifiers = { user: :email }
+      end
+
+      after do
+        SwitchUser.available_users_identifiers = { user: :id }
+      end
+
+      it 'can switch back to a different user through remember_user endpoint' do
+        # login
+        post '/login', params: { id: user.id }
+        follow_redirect!
+
+        # have SwitchUser remember us
+        get '/switch_user/remember_user', params: { remember: true }
+        expect(session['original_user_scope_identifier']).to be_present
+
+        # check that we can switch to another user
+        get "/switch_user?scope_identifier=user_#{other_user.email}"
+        expect(session['user_id']).to eq other_user.id
+
+        # logout
+        get '/logout'
+        expect(session['user_id']).to be_nil
+
+        # check that we can still switch to another user
+        get "/switch_user?scope_identifier=user_#{user.email}"
+        expect(session['user_id']).to eq user.id
+
+        # check that we can be un-remembered
+        get '/switch_user/remember_user', params: { remember: false }
+        expect(session['original_user']).to be_nil
+      end
+
+      it 'can switch back to a different user without hitting remember_user endpoint' do
+        # login
+        post '/login', params: { id: user.id }
+        follow_redirect!
+
+        # check that we can switch to another user
+        get "/switch_user?scope_identifier=user_#{other_user.email}", params: { remember: true }
+        expect(session['user_id']).to eq other_user.id
+        expect(session['original_user_scope_identifier']).to_not be_nil
+
+        # logout
+        get '/logout'
+        expect(session['user_id']).to be_nil
+
+        # check that we can still switch to another user
+        get "/switch_user?scope_identifier=user_#{user.email}"
+        expect(session['user_id']).to eq user.id
+
+        # check that we can be un-remembered
+        get '/switch_user/remember_user', params: { remember: false }
+        expect(session['original_user']).to be_nil
+      end
     end
   end
 end