thoughtbot-clearance 0.5.6 → 0.6.0

data/generators/clearance/templates/README

@@ -3,42 +3,25 @@
 
 Ok, enough fancy automatic stuff. Time for some old school monkey copy-pasting.
 
-1. For any other file(s) that you already had and didn't want to overwrite, add 
-the corresponding Clearance module. They are namespaced exactly like the 
-directory structure of a Rails app.
-
-Application controller example:
-
-    class ApplicationController < ActionController::Base
-      include Clearance::App::Controllers::ApplicationController
-    end
-
-User model example:
+1. If you already had a User model, include the Clearance::User module now:
 
     class User < ActiveRecord::Base
-      include Clearance::App::Models::User
-    end
-
-User test example:
-
-    class UserTest < ActiveSupport::TestCase
-      include Clearance::Test::Unit::UserTest
+      include Clearance::User
     end
 
-2. You need to define HOST constant in your environments files. 
+2. Define a HOST constant in your environments files.
 In config/environments/test.rb and config/environments/development.rb it can be:
 
     HOST = "localhost"
 
-In production.rb it must be the actual host your application is deployed to. 
+In production.rb it must be the actual host your application is deployed to.
 The constant is used by mailers to generate URLs in emails.
 
-In config/environment.rb:
+3. In config/environment.rb:
 
     DO_NOT_REPLY = "donotreply@example.com"
 
-3. Clearance depends on root_url, so please make sure that it is defined to
-*something* in your config/routes.rb:
+4. Define root_url to *something* in your config/routes.rb:
 
     map.root :controller => 'home'
 

data/generators/clearance/templates/{test/factories/clearance.rb → factories.rb}

@@ -8,9 +8,6 @@ Factory.define :user do |user|
   user.password_confirmation { "password" }
 end
 
-Factory.define :email_confirmed_user, :class => 'user' do |user|
-  user.email                 { Factory.next :email }
-  user.password              { "password" }
-  user.password_confirmation { "password" }
-  user.email_confirmed       { true }
+Factory.define :email_confirmed_user, :parent => :user do |user|
+  user.email_confirmed { true }
 end

data/generators/clearance/templates/{db/migrate/create_users_with_clearance_columns.rb → migrations/create_users.rb}

@@ -1,4 +1,4 @@
-class CreateOrUpdateUsersWithClearanceColumns < ActiveRecord::Migration
+class ClearanceCreateUsers < ActiveRecord::Migration
   def self.up
     create_table(:users) do |t|
       t.string   :email

data/generators/clearance/templates/{db/migrate/update_users_with_clearance_columns.rb → migrations/update_users.rb}

@@ -1,14 +1,14 @@
-class CreateOrUpdateUsersWithClearanceColumns < ActiveRecord::Migration
+class ClearanceUpdateUsers < ActiveRecord::Migration
   def self.up
 <% 
       existing_columns = ActiveRecord::Base.connection.columns(:users).collect { |each| each.name }
       columns = [
-        [:email,                     't.string :email'],
-        [:encrypted_password,        't.string :encrypted_password, :limit => 128'],
-        [:salt,                      't.string :salt, :limit => 128'],
-        [:token,                     't.string :token, :limit => 128'],
-        [:token_expires_at,          't.datetime :token_expires_at'],
-        [:email_confirmed,           't.boolean :email_confirmed, :default => false, :null => false']
+        [:email,              't.string :email'],
+        [:encrypted_password, 't.string :encrypted_password, :limit => 128'],
+        [:salt,               't.string :salt, :limit => 128'],
+        [:token,              't.string :token, :limit => 128'],
+        [:token_expires_at,   't.datetime :token_expires_at'],
+        [:email_confirmed,    't.boolean :email_confirmed, :default => false, :null => false']
       ].delete_if {|c| existing_columns.include?(c.first.to_s)} 
 -%>
     change_table(:users) do |t|

data/generators/clearance/templates/user.rb

@@ -0,0 +1,3 @@
+class User < ActiveRecord::Base
+  include Clearance::User
+end

data/generators/clearance_features/templates/features/step_definitions/clearance_steps.rb

@@ -1,7 +1,7 @@
 # General
 
 Then /^I should see error messages$/ do
-  response.should contain(/error(s)? prohibited/)
+  assert_match /error(s)? prohibited/m, response.body
 end
 
 # Database

data/lib/clearance.rb

@@ -1,15 +1,15 @@
-require 'clearance/lib/extensions/errors'
-require 'clearance/lib/extensions/rescue'
-require 'clearance/app/controllers/application_controller'
-require 'clearance/app/controllers/confirmations_controller'
-require 'clearance/app/controllers/passwords_controller'
-require 'clearance/app/controllers/sessions_controller'
-require 'clearance/app/controllers/users_controller'
-require 'clearance/app/models/clearance_mailer'
-require 'clearance/app/models/user'
-require 'clearance/test/functional/confirmations_controller_test'
-require 'clearance/test/functional/passwords_controller_test'
-require 'clearance/test/functional/sessions_controller_test'
-require 'clearance/test/functional/users_controller_test'
-require 'clearance/test/unit/clearance_mailer_test'
-require 'clearance/test/unit/user_test'
+require 'clearance/extensions/errors'
+require 'clearance/extensions/rescue'
+
+require 'clearance/authentication'
+require 'clearance/user'
+
+class ActionController::Routing::RouteSet
+  def load_routes_with_clearance!
+    clearance_routes = File.join(File.dirname(__FILE__), *%w[.. config clearance_routes.rb])
+    add_configuration_file(clearance_routes) unless configuration_files.include? clearance_routes
+    load_routes_without_clearance!
+  end
+
+  alias_method_chain :load_routes!, :clearance
+end

data/lib/clearance/authentication.rb

@@ -0,0 +1,80 @@
+module Clearance
+  module Authentication
+
+    def self.included(controller)
+      controller.send(:include, InstanceMethods)
+
+      controller.class_eval do
+        helper_method :current_user
+        helper_method :signed_in?
+
+        hide_action :current_user, :signed_in?
+      end
+    end
+
+    module InstanceMethods
+      def current_user
+        @_current_user ||= (user_from_cookie || user_from_session)
+      end
+
+      def signed_in?
+        ! current_user.nil?
+      end
+
+      protected
+
+      def authenticate
+        deny_access unless signed_in?
+      end
+
+      def user_from_session
+        if session[:user_id]
+          return nil  unless user = ::User.find_by_id(session[:user_id])
+          return user if     user.email_confirmed?
+        end
+      end
+
+      def user_from_cookie
+        if token = cookies[:remember_token]
+          return nil  unless user = ::User.find_by_token(token)
+          return user if     user.remember?
+        end
+      end
+
+      def sign_user_in(user)
+        sign_in(user)
+      end
+
+      def sign_in(user)
+        if user
+          session[:user_id] = user.id
+        end
+      end
+
+      def redirect_back_or(default)
+        session[:return_to] ||= params[:return_to]
+        if session[:return_to]
+          redirect_to(session[:return_to])
+        else
+          redirect_to(default)
+        end
+        session[:return_to] = nil
+      end
+
+      def redirect_to_root
+        redirect_to root_url
+      end
+
+      def store_location
+        session[:return_to] = request.request_uri if request.get?
+      end
+
+      def deny_access(flash_message = nil, opts = {})
+        store_location
+        flash[:failure] = flash_message if flash_message
+        redirect_to new_session_url
+      end
+    end
+
+  end
+end

data/lib/clearance/user.rb

@@ -0,0 +1,114 @@
+require 'digest/sha1'
+
+module Clearance
+  module User
+
+    def self.included(model)
+      model.extend ClassMethods
+      model.send(:include, InstanceMethods)
+
+      model.class_eval do
+        attr_accessible :email, :password, :password_confirmation
+        attr_accessor :password, :password_confirmation
+
+        validates_presence_of     :email
+        validates_presence_of     :password, :if => :password_required?
+        validates_confirmation_of :password, :if => :password_required?
+        validates_uniqueness_of   :email, :case_sensitive => false
+        validates_format_of       :email, :with => %r{.+@.+\..+}
+
+        before_save :initialize_salt, :encrypt_password, :initialize_token
+      end
+    end
+
+    module InstanceMethods
+      def authenticated?(password)
+        encrypted_password == encrypt(password)
+      end
+
+      def encrypt(string)
+        generate_hash("--#{salt}--#{string}--")
+      end
+
+      def remember?
+        token_expires_at && Time.now.utc < token_expires_at
+      end
+
+      def remember_me!
+        remember_me_until! 2.weeks.from_now.utc
+      end
+
+      def forget_me!
+        clear_token
+        save(false)
+      end
+
+      def confirm_email!
+        self.email_confirmed  = true
+        self.token            = nil
+        save(false)
+      end
+
+      def forgot_password!
+        generate_token
+        save(false)
+      end
+
+      def update_password(new_password, new_password_confirmation)
+        self.password              = new_password
+        self.password_confirmation = new_password_confirmation
+        clear_token if valid?
+        save
+      end
+
+      protected
+
+      def generate_hash(string)
+        Digest::SHA1.hexdigest(string)
+      end
+
+      def initialize_salt
+        if new_record?
+          self.salt = generate_hash("--#{Time.now.utc.to_s}--#{password}--")
+        end
+      end
+
+      def encrypt_password
+        return if password.blank?
+        self.encrypted_password = encrypt(password)
+      end
+
+      def generate_token
+        self.token = encrypt("--#{Time.now.utc.to_s}--#{password}--")
+        self.token_expires_at = nil
+      end
+
+      def clear_token
+        self.token            = nil
+        self.token_expires_at = nil
+      end
+
+      def initialize_token
+        generate_token if new_record?
+      end
+
+      def password_required?
+        encrypted_password.blank? || !password.blank?
+      end
+
+      def remember_me_until!(time)
+        self.token_expires_at = time
+        self.token = encrypt("--#{token_expires_at}--#{password}--")
+        save(false)
+      end
+    end
+
+    module ClassMethods
+      def authenticate(email, password)
+        return nil  unless user = find_by_email(email)
+        return user if     user.authenticated?(password)
+      end
+    end
+
+  end
+end

data/shoulda_macros/clearance.rb

@@ -31,10 +31,17 @@ module Clearance
       end
     end
 
-    def should_deny_access_on(command, opts = {})
-      context "on #{command}" do
-        setup { eval command }
-        should_deny_access(opts)
+    # Examples:
+    #   should_deny_access_on :get, :index, :flash => /not authorized/i
+    #   should_deny_access_on :get, :show, :id => '1'
+    def should_deny_access_on(http_method, action, opts = {})
+      flash_message = opts.delete(:flash)
+      context "on #{http_method} to #{action}" do
+        setup do
+          send(http_method, action, opts)
+        end
+
+        should_deny_access(:flash => flash_message)
       end
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: thoughtbot-clearance
 version: !ruby/object:Gem::Version 
-  version: 0.5.6
+  version: 0.6.0
 platform: ruby
 authors: 
 - thoughtbot, inc.
@@ -23,7 +23,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-04-10 21:00:00 -07:00
+date: 2009-04-20 21:00:00 -07:00
 default_executable: 
 dependencies: []
 
@@ -40,51 +40,40 @@ files:
 - LICENSE
 - Rakefile
 - README.textile
+- TODO.textile
+- app/controllers
+- app/controllers/clearance
+- app/controllers/clearance/confirmations_controller.rb
+- app/controllers/clearance/passwords_controller.rb
+- app/controllers/clearance/sessions_controller.rb
+- app/controllers/clearance/users_controller.rb
+- app/models
+- app/models/clearance_mailer.rb
+- app/views
+- app/views/clearance_mailer
+- app/views/clearance_mailer/change_password.html.erb
+- app/views/clearance_mailer/confirmation.html.erb
+- app/views/passwords
+- app/views/passwords/edit.html.erb
+- app/views/passwords/new.html.erb
+- app/views/sessions
+- app/views/sessions/new.html.erb
+- app/views/users
+- app/views/users/_form.html.erb
+- app/views/users/new.html.erb
+- config/clearance_routes.rb
 - generators/clearance
 - generators/clearance/clearance_generator.rb
 - generators/clearance/lib
 - generators/clearance/lib/insert_commands.rb
 - generators/clearance/lib/rake_commands.rb
 - generators/clearance/templates
-- generators/clearance/templates/app
-- generators/clearance/templates/app/controllers
-- generators/clearance/templates/app/controllers/application.rb
-- generators/clearance/templates/app/controllers/confirmations_controller.rb
-- generators/clearance/templates/app/controllers/passwords_controller.rb
-- generators/clearance/templates/app/controllers/sessions_controller.rb
-- generators/clearance/templates/app/controllers/users_controller.rb
-- generators/clearance/templates/app/models
-- generators/clearance/templates/app/models/clearance_mailer.rb
-- generators/clearance/templates/app/models/user.rb
-- generators/clearance/templates/app/views
-- generators/clearance/templates/app/views/clearance_mailer
-- generators/clearance/templates/app/views/clearance_mailer/change_password.html.erb
-- generators/clearance/templates/app/views/clearance_mailer/confirmation.html.erb
-- generators/clearance/templates/app/views/passwords
-- generators/clearance/templates/app/views/passwords/edit.html.erb
-- generators/clearance/templates/app/views/passwords/new.html.erb
-- generators/clearance/templates/app/views/sessions
-- generators/clearance/templates/app/views/sessions/new.html.erb
-- generators/clearance/templates/app/views/users
-- generators/clearance/templates/app/views/users/_form.html.erb
-- generators/clearance/templates/app/views/users/edit.html.erb
-- generators/clearance/templates/app/views/users/new.html.erb
-- generators/clearance/templates/db
-- generators/clearance/templates/db/migrate
-- generators/clearance/templates/db/migrate/create_users_with_clearance_columns.rb
-- generators/clearance/templates/db/migrate/update_users_with_clearance_columns.rb
+- generators/clearance/templates/factories.rb
+- generators/clearance/templates/migrations
+- generators/clearance/templates/migrations/create_users.rb
+- generators/clearance/templates/migrations/update_users.rb
 - generators/clearance/templates/README
-- generators/clearance/templates/test
-- generators/clearance/templates/test/factories
-- generators/clearance/templates/test/factories/clearance.rb
-- generators/clearance/templates/test/functional
-- generators/clearance/templates/test/functional/confirmations_controller_test.rb
-- generators/clearance/templates/test/functional/passwords_controller_test.rb
-- generators/clearance/templates/test/functional/sessions_controller_test.rb
-- generators/clearance/templates/test/functional/users_controller_test.rb
-- generators/clearance/templates/test/unit
-- generators/clearance/templates/test/unit/clearance_mailer_test.rb
-- generators/clearance/templates/test/unit/user_test.rb
+- generators/clearance/templates/user.rb
 - generators/clearance/USAGE
 - generators/clearance_features
 - generators/clearance_features/clearance_features_generator.rb
@@ -101,29 +90,11 @@ files:
 - generators/clearance_features/templates/features/support/paths.rb
 - generators/clearance_features/USAGE
 - lib/clearance
-- lib/clearance/app
-- lib/clearance/app/controllers
-- lib/clearance/app/controllers/application_controller.rb
-- lib/clearance/app/controllers/confirmations_controller.rb
-- lib/clearance/app/controllers/passwords_controller.rb
-- lib/clearance/app/controllers/sessions_controller.rb
-- lib/clearance/app/controllers/users_controller.rb
-- lib/clearance/app/models
-- lib/clearance/app/models/clearance_mailer.rb
-- lib/clearance/app/models/user.rb
-- lib/clearance/lib
-- lib/clearance/lib/extensions
-- lib/clearance/lib/extensions/errors.rb
-- lib/clearance/lib/extensions/rescue.rb
-- lib/clearance/test
-- lib/clearance/test/functional
-- lib/clearance/test/functional/confirmations_controller_test.rb
-- lib/clearance/test/functional/passwords_controller_test.rb
-- lib/clearance/test/functional/sessions_controller_test.rb
-- lib/clearance/test/functional/users_controller_test.rb
-- lib/clearance/test/unit
-- lib/clearance/test/unit/clearance_mailer_test.rb
-- lib/clearance/test/unit/user_test.rb
+- lib/clearance/authentication.rb
+- lib/clearance/extensions
+- lib/clearance/extensions/errors.rb
+- lib/clearance/extensions/rescue.rb
+- lib/clearance/user.rb
 - lib/clearance.rb
 - shoulda_macros/clearance.rb
 - rails/init.rb