token_action 0.0.1

data/lib/token_action/orm/active_record.rb

@@ -0,0 +1,10 @@
+require 'orm_adapter/adapters/active_record'
+
+module TokenAction
+  # A token to authenticate an action.
+  class Token < ActiveRecord::Base
+    include TokenAction::Model
+
+    serialize :args
+  end
+end

data/lib/token_action/orm/mongoid.rb

@@ -0,0 +1,34 @@
+require 'orm_adapter/adapters/mongoid'
+
+module TokenAction
+  # A token to authenticate an action.
+  class Token
+    include Mongoid::Document
+    include Mongoid::Timestamps
+
+    include TokenAction::Model
+
+    # A shared secret.
+    # @return [String] a token
+    field :token, :type => String
+
+    # The class on which to perform the action.
+    # @return [String] a class name
+    # @note `class` clashes with `Object#class` and Mongoid reserves `klass`.
+    field :kind, :type => String
+
+    # Any additional arguments for the action.
+    # @return [Array] a list of arguments
+    field :args, :type => Array
+
+    # The URL to redirect to after performing the action successfully.
+    # @return [String] a URL or path
+    field :success_url, :type => String
+
+    # The URL to redirect to after failing to perform the action.
+    # @return [String] a URL or path
+    field :failure_url, :type => String
+
+    index({:token => 1}, :unique => true)
+  end
+end

data/lib/token_action/version.rb

@@ -0,0 +1,3 @@
+module TokenAction
+  VERSION = "0.0.1"
+end

data/lib/token_action.rb

@@ -0,0 +1,71 @@
+require 'token_action/engine'
+
+require 'securerandom'
+
+require 'active_support/concern'
+require 'orm_adapter'
+
+module TokenAction
+  # Returns the default success URL.
+  #
+  # @return [String] the default success URL
+  def self.success_url
+    if Proc === @@success_url
+      @@success_url.call
+    else
+      @@success_url
+    end
+  end
+
+  # Sets the default success URL.
+  #
+  # @param [String,Proc] a default success URL
+  def self.success_url=(success_url)
+    @@success_url = success_url
+  end
+
+  # Returns the default failure URL.
+  #
+  # @return [String] the default failure URL
+  def self.failure_url
+    if Proc === @@failure_url
+      @@failure_url.call
+    else
+      @@failure_url
+    end
+  end
+
+  # Sets the default failure URL.
+  #
+  # @param [String,Proc] a default failure URL
+  def self.failure_url=(failure_url)
+    @@failure_url = failure_url
+  end
+
+  # Configures TokenAction.
+  #
+  # * `success_url`: the default success URL
+  # * `failure_url`: the default failure URL
+  #
+  # @example
+  #   require 'token_action'
+  #
+  #   TokenAction.setup do |config|
+  #     config.success_url = '/home'
+  #     config.failure_url = '/oops'
+  #   end
+  def self.setup
+    yield self
+  end
+
+  # Returns a random alphanumeric string.
+  #
+  # @return [String] a random alphanumeric string
+  # @see Devise::friendly_token
+  def self.friendly_token
+    SecureRandom.base64(15).tr('+/=lIO0', 'pqrsxyz')
+  end
+end
+
+require 'token_action/mixins/token_generator'
+require 'token_action/mixins/model'

data/spec/controllers/token_action/tokens_controller_spec.rb

@@ -0,0 +1,172 @@
+require 'spec_helper'
+
+describe TokenAction::TokensController do
+  before :each do
+    @routes = TokenAction::Engine.routes
+  end
+
+  describe 'GET redeem' do
+    context 'after failing to perform the action' do
+      let :token_with_failure_url do
+        FactoryGirl.create(:token, :args => ['upgrade'], :failure_url => '/hello/token_failure').token
+      end
+      let :token_with_unroutable_failure_url do
+        FactoryGirl.create(:token, :args => ['upgrade'], :failure_url => '/missing').token
+      end
+      let :token_without_failure_url do
+        FactoryGirl.create(:token, :args => ['upgrade']).token
+      end
+      let :token_with_error do
+        FactoryGirl.create(:token, :args => ['metamorphose']).token
+      end
+      let :token_with_namespaced_error do
+        FactoryGirl.create(:token, :args => ['fly']).token
+      end
+
+      it "redirects to the token's failure URL" do
+        TokenAction.failure_url = '/hello/failure'
+        get :redeem, :token => token_with_failure_url, :path => 'redeem'
+        response.should redirect_to '/hello/token_failure'
+      end
+      it "redirects to the default failure URL if the token's failure URL is not routable" do
+        TokenAction.failure_url = '/hello/failure'
+        get :redeem, :token => token_with_unroutable_failure_url, :path => 'redeem'
+        response.should redirect_to '/hello/failure'
+      end
+      it "redirects to the default failure URL if the token's failure URL is not set" do
+        TokenAction.failure_url = '/hello/failure'
+        get :redeem, :token => token_without_failure_url, :path => 'redeem'
+        response.should redirect_to '/hello/failure'
+      end
+      it "redirects to the application's root_path if the default failure URL is not routable" do
+        TokenAction.failure_url = '/missing'
+        get :redeem, :token => token_without_failure_url, :path => 'redeem'
+        response.should redirect_to Rails.application.routes.url_for(:controller => 'hello', :action => 'hello')
+      end
+      it "redirects to the application's root_path if the default failure URL is not set" do
+        TokenAction.failure_url = nil
+        get :redeem, :token => token_without_failure_url, :path => 'redeem'
+        response.should redirect_to Rails.application.routes.url_for(:controller => 'hello', :action => 'hello')
+      end
+
+      it 'flashes a path-based, error-based failure message' do
+        get :redeem, :token => token_with_error, :path => 'confirm'
+        flash[:notice].should be_nil
+        flash[:alert].should == 'This is an path-based, error-based failure message.'
+      end
+      it 'flashes a error-based failure message' do
+        get :redeem, :token => token_with_error, :path => 'redeem'
+        flash[:notice].should be_nil
+        flash[:alert].should == 'This is an error-based failure message.'
+      end
+      it 'flashes a long error-based failure message' do
+        get :redeem, :token => token_with_namespaced_error, :path => 'redeem'
+        flash[:notice].should be_nil
+        flash[:alert].should == 'This is another error-based failure message.'
+      end
+      it 'flashes a path-based failure message' do
+        get :redeem, :token => token_without_failure_url, :path => 'confirm'
+        flash[:notice].should be_nil
+        flash[:alert].should == 'This is a path-based failure message.'
+      end
+      it 'flashes a long path-based failure message' do
+        get :redeem, :token => token_without_failure_url, :path => 'a/b/c'
+        flash[:notice].should be_nil
+        flash[:alert].should == 'This is another path-based failure message.'
+      end
+      it 'flashes the default failure message' do
+        get :redeem, :token => token_without_failure_url, :path => 'redeem'
+        flash[:notice].should be_nil
+        flash[:alert].should == 'An error occurred while processing your request.'
+      end
+    end
+
+    context 'when the token is not found' do
+      it 'redirects to the default failure URL' do
+        TokenAction.failure_url = '/hello/not_found'
+        get :redeem, :token => 'missing', :path => 'redeem'
+        response.should redirect_to '/hello/not_found'
+      end
+      it "redirects to the application's root_path if the default failure URL is not routable" do
+        TokenAction.failure_url = '/missing'
+        get :redeem, :token => 'missing', :path => 'redeem'
+        response.should redirect_to Rails.application.routes.url_for(:controller => 'hello', :action => 'hello')
+      end
+      it "redirects to the application's root_path if the default failure URL is not set" do
+        TokenAction.failure_url = nil
+        get :redeem, :token => 'missing', :path => 'redeem'
+        response.should redirect_to Rails.application.routes.url_for(:controller => 'hello', :action => 'hello')
+      end
+
+      it 'flashes a path-based failure message' do
+        get :redeem, :token => 'missing', :path => 'confirm'
+        flash[:notice].should be_nil
+        flash[:alert].should == 'This is a path-based not found message.'
+      end
+      it 'flashes a long path-based failure message' do
+        get :redeem, :token => 'missing', :path => 'a/b/c'
+        flash[:notice].should be_nil
+        flash[:alert].should == 'This is another path-based not found message.'
+      end
+      it 'flashes the default failure message if no path-based failure message is set' do
+        get :redeem, :token => 'missing', :path => 'redeem'
+        flash[:notice].should be_nil
+        flash[:alert].should == 'Sorry, your request could not be processed.'
+      end
+    end
+
+    context 'after performing the action successfully' do
+      let :token_with_success_url do
+        FactoryGirl.create(:token, :success_url => '/hello/token_success').token
+      end
+      let :token_with_unroutable_success_url do
+        FactoryGirl.create(:token, :success_url => '/missing').token
+      end
+      let :token_without_success_url do
+        FactoryGirl.create(:token).token
+      end
+
+      it "redirects to the token's success URL" do
+        TokenAction.success_url = '/hello/success'
+        get :redeem, :token => token_with_success_url, :path => 'redeem'
+        response.should redirect_to '/hello/token_success'
+      end
+      it "redirects to the default success URL if the token's success URL is not routable" do
+        TokenAction.success_url = '/hello/success'
+        get :redeem, :token => token_with_unroutable_success_url, :path => 'redeem'
+        response.should redirect_to '/hello/success'
+      end
+      it "redirects to the default success URL if the token's success URL is not set" do
+        TokenAction.success_url = '/hello/success'
+        get :redeem, :token => token_without_success_url, :path => 'redeem'
+        response.should redirect_to '/hello/success'
+      end
+      it "redirects to the application's root_path if the default success URL is not routable" do
+        TokenAction.success_url = '/missing'
+        get :redeem, :token => token_without_success_url, :path => 'redeem'
+        response.should redirect_to Rails.application.routes.url_for(:controller => 'hello', :action => 'hello')
+      end
+      it "redirects to the application's root_path if the default success URL is not set" do
+        TokenAction.success_url = nil
+        get :redeem, :token => token_without_success_url, :path => 'redeem'
+        response.should redirect_to Rails.application.routes.url_for(:controller => 'hello', :action => 'hello')
+      end
+
+      it 'flashes a path-based success message' do
+        get :redeem, :token => token_without_success_url, :path => 'confirm'
+        flash[:notice].should == 'This is a path-based success message.'
+        flash[:alert].should be_nil
+      end
+      it 'flashes a long path-based success message' do
+        get :redeem, :token => token_without_success_url, :path => 'a/b/c'
+        flash[:notice].should == 'This is another path-based success message.'
+        flash[:alert].should be_nil
+      end
+      it 'flashes the default success message if no path-based success message is set' do
+        get :redeem, :token => token_without_success_url, :path => 'redeem'
+        flash[:notice].should == 'Your request was successfully processed.'
+        flash[:alert].should be_nil
+      end
+    end
+  end
+end

data/spec/dummy/Rakefile

@@ -0,0 +1,7 @@
+#!/usr/bin/env rake
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Dummy::Application.load_tasks

data/spec/dummy/app/active_record/cat.rb

@@ -0,0 +1,18 @@
+class AnimalError < StandardError; end
+class MammalError < StandardError; end
+
+class Cat < ActiveRecord::Base
+  class CatError < StandardError; end
+  include TokenAction::TokenGenerator
+
+  def self.redeem_token(action = nil)
+    case action
+    when 'upgrade'
+      raise AnimalError.new
+    when 'metamorphose'
+      raise MammalError.new
+    when 'fly'
+      raise CatError.new
+    end
+  end
+end

data/spec/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// the compiled file.
+//
+// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
+// GO AFTER THE REQUIRES BELOW.
+//
+//= require_tree .

data/spec/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */

data/spec/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,3 @@
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+end

data/spec/dummy/app/controllers/hello_controller.rb

@@ -0,0 +1,25 @@
+class HelloController < ApplicationController
+  def hello
+    render :text => 'Hello, world'
+  end
+
+  def token_success
+    render :nothing => true
+  end
+
+  def token_failure
+    render :nothing => true
+  end
+
+  def success
+    render :nothing => true
+  end
+
+  def failure
+    render :nothing => true
+  end
+
+  def not_found
+    render :nothing => true
+  end
+end

data/spec/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/spec/dummy/app/mongoid/cat.rb

@@ -0,0 +1,22 @@
+class AnimalError < StandardError; end
+class MammalError < StandardError; end
+
+class Cat
+  class CatError < StandardError; end
+  include TokenAction::TokenGenerator
+
+  include Mongoid::Document
+
+  field :token, :type => String
+
+  def self.redeem_token(action = nil)
+    case action
+    when 'upgrade'
+      raise AnimalError.new
+    when 'metamorphose'
+      raise MammalError.new
+    when 'fly'
+      raise CatError.new
+    end
+  end
+end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= stylesheet_link_tag    "application", :media => "all" %>
+  <%= javascript_include_tag "application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/spec/dummy/config/application.rb

@@ -0,0 +1,71 @@
+require File.expand_path('../boot', __FILE__)
+
+require "action_controller/railtie"
+require "action_mailer/railtie"
+require "active_resource/railtie"
+require "sprockets/railtie"
+
+Bundler.require TOKEN_ACTION_ORM
+require "token_action"
+
+# @see https://github.com/plataformatec/devise/blob/master/test/rails_app/config/application.rb
+begin
+  require "#{TOKEN_ACTION_ORM}/railtie" # e.g. "active_record/railtie"
+rescue LoadError
+  # do nothing
+end
+
+module Dummy
+  class Application < Rails::Application
+    # @see https://github.com/plataformatec/devise/blob/master/test/rails_app/config/application.rb
+    config.autoload_paths += %W(#{config.root}/app/#{TOKEN_ACTION_ORM})
+
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Custom directories with classes and modules you want to be autoloadable.
+    # config.autoload_paths += %W(#{config.root}/extras)
+
+    # Only load the plugins named here, in the order given (default is alphabetical).
+    # :all can be used as a placeholder for all plugins not explicitly named.
+    # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
+
+    # Activate observers that should always be running.
+    # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # Configure the default encoding used in templates for Ruby 1.9.
+    config.encoding = "utf-8"
+
+    # Configure sensitive parameters which will be filtered from the log file.
+    config.filter_parameters += [:password]
+
+    # Enable escaping HTML in JSON.
+    config.active_support.escape_html_entities_in_json = true
+
+    # Use SQL instead of Active Record's schema dumper when creating the database.
+    # This is necessary if your schema can't be completely dumped by the schema dumper,
+    # like if you have constraints or database-specific column types
+    # config.active_record.schema_format = :sql
+
+    # Enforce whitelist mode for mass assignment.
+    # This will create an empty whitelist of attributes available for mass-assignment for all models
+    # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
+    # parameters by using an attr_accessible or attr_protected declaration.
+    # config.active_record.whitelist_attributes = true
+
+    # Enable the asset pipeline
+    config.assets.enabled = true
+
+    # Version of your assets, change this if you want to expire all your assets
+    config.assets.version = '1.0'
+  end
+end