trusty-cms 7.0.1 → 7.0.3

data/app/helpers/admin/users_helper.rb

@@ -2,7 +2,8 @@ module Admin::UsersHelper
   def roles(user)
     roles = []
     roles << I18n.t('admin') if user.admin?
-    roles << I18n.t('designer') if user.designer?
+    roles << I18n.t('editor') if user.editor?
+    roles << I18n.t('content_editor') if user.content_editor?
     roles.join(', ')
   end
 end

data/app/models/admins_site.rb

@@ -0,0 +1,6 @@
+class AdminsSite < ActiveRecord::Base
+  self.table_name = 'admins_sites'
+
+  belongs_to :admin, class_name: 'User'
+  belongs_to :site
+end

data/app/models/site.rb

@@ -7,6 +7,8 @@ class Site < ActiveRecord::Base
   belongs_to :created_by, class_name: 'User'
   belongs_to :updated_by, class_name: 'User'
   belongs_to :production_homepage, class_name: 'ProductionPage'
+  has_many :admins_sites
+  has_many :admins, through: :admins_sites, class_name: 'User'
 
   default_scope { order('position ASC') }
 

data/app/models/trusty_cms/config.rb

@@ -81,7 +81,8 @@ module TrustyCms
               TrustyCms::Config.initialize_cache
             end
             TrustyCms::Config.initialize_cache if TrustyCms::Config.stale_cache?
-            Rails.cache.read('TrustyCms::Config')[key]
+            config_cache = Rails.cache.read('TrustyCms::Config')
+            config_cache ? config_cache[key] : nil
           end
         end
       end

data/app/models/user.rb

@@ -7,7 +7,6 @@ class User < ActiveRecord::Base
          :recoverable, :rememberable, :trackable, :validatable
 
   alias_attribute :created_by_id, :id
-
   attr_accessor :skip_password_validation
 
   validate :password_complexity
@@ -18,6 +17,13 @@ class User < ActiveRecord::Base
   # Associations
   belongs_to :created_by, class_name: 'User'
   belongs_to :updated_by, class_name: 'User'
+  has_many :admins_sites, foreign_key: 'admin_id', class_name: 'AdminsSite', dependent: :destroy
+  has_many :sites, through: :admins_sites
+
+  # Roles
+  # Admin - all permissions
+  # Editor - all permissions except for users, sites editing
+  # Content Editor - all permissions except for users, sites, publishing and deleting
 
   def role?(role)
     case role
@@ -40,12 +46,16 @@ class User < ActiveRecord::Base
     designer
   end
 
+  def editor?
+    designer
+  end
+
   def content_editor?
     content_editor
   end
 
-  def scoped?
-    site_id.present?
+  def scoped_site?
+    sites.present?
   end
 
   def locale
@@ -67,4 +77,5 @@ class User < ActiveRecord::Base
 
     errors.add :password, 'Complexity requirement not met. Length should be 12 characters and include: 1 uppercase, 1 lowercase, 1 digit and 1 special character.'
   end
-end
+
+end

data/app/views/admin/layouts/_choose_site.html.haml

@@ -1,7 +1,9 @@
 - unless current_user.site
   %label{:for=>'layout_site_id', :class => 'admin_only'}
     Site
-    - sites = Site.all.map { |s| [s.name, s.id] }
-    - selection = {:include_blank => Layout.is_shareable?}
-    - selection[:selected] = current_site.id if @layout.new_record? && ! Layout.is_shareable?
+    :ruby
+      user_sites = current_user.admins_sites.pluck(:site_id)
+      sites = Site.where(:id => user_sites).map { |s| [s.name, s.id] }
+      selection = {:include_blank => Layout.is_shareable?}
+      selection[:selected] = current_site.id if @layout.new_record? && ! Layout.is_shareable?
     = select :layout, :site_id, sites, selection

data/app/views/admin/layouts/_site_chooser.html.haml

@@ -1,9 +1,9 @@
-- if current_user.admin? && !current_user.scoped? && defined?(Site) && defined?(controller) && controller.sited_model? && controller.template_name == 'index' && Site.several?
+- if current_user.scoped_site? && defined?(Site) && defined?(controller) && controller.sited_model? && controller.template_name == 'index' && Site.several?
   .site_chooser
     %ul.nav
       %li
         = "Current Site: #{current_site.name}"
         %ul.expansion
-          - Site.all.each do |site|
+          - current_user.sites.each do |site|
             %li
               = link_to( site.name, "#{request.path}?site_id=#{site.id}", :class => site == current_site ? 'fg site-link' : 'site-link')

data/app/views/admin/pages/_fields.html.haml

@@ -41,9 +41,10 @@
         = fields.label :class_name, t('page_type')
         = fields.select :class_name, [[t('select.normal'), '']] + Page.descendants.map { |p| [p.display_name, p.name] }.sort_by { |p| p.first }
     - layout.edit_status do
-      .status
-        = fields.label :status_id, t('status')
-        = fields.select :status_id, status_to_display
+      - if current_user.admin? || current_user.editor?
+        .status
+          = fields.label :status_id, t('status')
+          = fields.select :status_id, status_to_display
     - layout.edit_published_at do
       .published-date
         #published_at{:class => (@page.published? ? nil : 'hidden')}

data/app/views/admin/pages/_node.html.haml

@@ -18,5 +18,5 @@
       - unless simple
         %td.actions
           = page.add_child_option
-          - if current_user.admin?
+          - if current_user.editor? || current_user.admin?
             = page.remove_option

data/app/views/admin/snippets/_choose_site.html.haml

@@ -1,5 +1,6 @@
 - unless current_user.site
   %label{:for=>'snippet_site_id', :Class => 'admin_only'}
     Site
-    - sites = Site.all.map { |s| [s.name, s.id] }
+    - user_sites = current_user.admins_sites.pluck(:site_id)
+    - sites = Site.where(:id => user_sites).map { |s| [s.name, s.id] }
     = select :snippet, :site_id, sites, :include_blank => Snippet.is_shareable?, :selected => @snippet.site_id || current_site.id

data/app/views/admin/users/_choose_site.html.haml

@@ -1,4 +1,5 @@
 - if current_user.admin?
   %label{:for=>'user_admin'} Can edit site
-  = select :user, :site_id, [['<any>', '']] + Site.all.map { |s| [s.name, s.id] }
+  .caption (hold ctrl or cmd to select multiple)
   .caption A user with no site is able to act (to whatever extent their status allows) on any site.
+  = select :user, :site_ids, options_for_select(Site.all.map { |s| [s.name, s.id] }, selected: @user.site_ids), {}, { multiple: true }

data/app/views/admin/users/_form.html.haml

@@ -25,7 +25,9 @@
           = f.check_box 'admin', :class => 'checkbox'
           = f.label :admin, t('admin'), :class => 'checkbox'
           = f.check_box 'designer', :class => 'checkbox'
-          = f.label :designer, t('designer'), :class => 'checkbox'
+          = f.label :designer, t('editor'), :class => 'checkbox'
+          = f.check_box 'content_editor', :class => 'checkbox'
+          = f.label :content_editor, t('content_editor'), :class => 'checkbox'
 
     - form.edit_notes do
       %fieldset

data/bin/rails

@@ -3,8 +3,8 @@
 # installed from the root of your application.
 
 ENGINE_ROOT = File.expand_path('..', __dir__)
-ENGINE_PATH = File.expand_path('../lib/trusty/cms/engine', __dir__)
-APP_PATH = File.expand_path('../test/dummy/config/application', __dir__)
+ENGINE_PATH = File.expand_path('../lib/trusty_cms/engine', __dir__)
+APP_PATH = File.expand_path('../spec/dummy/config/application', __dir__)
 
 # Set up gems listed in the Gemfile.
 ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)

data/config/application.rb

@@ -20,6 +20,7 @@ module TrustyCms
     Rails.autoloaders.log!
     # Enable the asset pipeline
     config.assets.enabled = true
+    config.active_record.legacy_connection_handling = false
 
     # Version of your assets, change this if you want to expire all your assets
     config.assets.version = '1.0'

data/config/boot.rb

@@ -4,4 +4,4 @@
 # Set up gems listed in the Gemfile.
 ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
 
-require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])

data/config/locales/en.yml

@@ -140,7 +140,7 @@ en:
         secret: 'Secret'
       skip_filetype_validation: 'Skip Filetype Validation'
       storage: 'Storage'
-      url: 'Url'  
+      url: 'Url'
     defaults:
       locale: 'default language'
       page:
@@ -159,17 +159,18 @@ en:
       allow_password_reset?: "allow password reset"
   content: 'Content'
   content_type: 'Content‑Type'
+  content_editor: 'Content Editor'
   creating_status: 'Creating %{model}…'
   date:
-    abbr_day_names: [Sun, Mon, Tue, Wed, Thu, Fri, Sat]
-    abbr_month_names: [~, Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec]
-    day_names: [Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday]
+    abbr_day_names: [ Sun, Mon, Tue, Wed, Thu, Fri, Sat ]
+    abbr_month_names: [ ~, Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec ]
+    day_names: [ Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday ]
     formats:
       default: "%Y-%m-%d"
       long: "%B %e, %Y"
       only_day: "%e"
       short: "%e %b"
-    month_names: [~, January, February, March, April, May, June, July, August, September, October, November, December]
+    month_names: [ ~, January, February, March, April, May, June, July, August, September, October, November, December ]
     order:
       - :year
       - :month
@@ -183,9 +184,10 @@ en:
   designer: 'Designer'
   draft: 'Draft'
   edit: 'Edit'
+  editor: 'Editor'
   edit_configuration: 'Edit Configuration'
   edit_layout: 'Edit Layout'
-  edit_page:  'Edit Page'
+  edit_page: 'Edit Page'
   edit_preferences: 'Edit Preferences'
   edit_settings: 'Edit Settings'
   edit_user: 'Edit User'
@@ -242,7 +244,7 @@ en:
   published: 'Published'
   published_at: 'Published at'
   published_on: 'Published On'
-  reference:  'Reference'
+  reference: 'Reference'
   remember_me: 'Remember me'
   remember_me_in_this_browser: 'Remember me in this browser'
   remove: 'Remove'
@@ -277,7 +279,7 @@ en:
   snippets: 'Snippets'
   snippet: 'Snippet'
   status: 'Status'
-    # Warnings and info text:
+  # Warnings and info text:
   testing: Testing
   text:
     layouts:

data/db/migrate/20241108172942_create_site_users.rb

@@ -0,0 +1,8 @@
+class CreateSiteUsers < ActiveRecord::Migration[7.0]
+  def change
+    create_table :admins_sites do |t|
+      t.integer :admin_id, null: false, index: true
+      t.integer :site_id, null: false, index: true
+    end
+  end
+end

data/lib/generators/extension_controller/extension_controller_generator.rb

@@ -71,7 +71,7 @@ class ExtensionControllerGenerator < ControllerGenerator
   end
 
   def extension_uses_rspec?
-    File.exists?(File.join(destination_root, 'spec')) && !options[:with_test_unit]
+    File.exist?(File.join(destination_root, 'spec')) && !options[:with_test_unit]
   end
 
   def add_options!(opt)

data/lib/generators/extension_mailer/extension_mailer_generator.rb

@@ -55,7 +55,7 @@ class ExtensionMailerGenerator < MailerGenerator
   end
 
   def extension_uses_rspec?
-    File.exists?(File.join(destination_root, 'spec')) && !options[:with_test_unit]
+    File.exist?(File.join(destination_root, 'spec')) && !options[:with_test_unit]
   end
 
   def add_options!(opt)

data/lib/generators/extension_model/extension_model_generator.rb

@@ -55,7 +55,7 @@ class ExtensionModelGenerator < ModelGenerator
   end
 
   def extension_uses_rspec?
-    File.exists?(File.join(destination_root, 'spec')) && !options[:with_test_unit]
+    File.exist?(File.join(destination_root, 'spec')) && !options[:with_test_unit]
   end
 
   def add_options!(opt)

data/lib/generators/instance/instance_generator.rb

@@ -120,28 +120,32 @@ class InstanceGenerator < Rails::Generator::Base
 
   protected
 
-    def banner
-      "Usage: #{$0} /path/to/trusty_cms/app [options]"
-    end
+  def banner
+    "Usage: #{$0} /path/to/trusty_cms/app [options]"
+  end
 
-    def add_options!(opt)
-      opt.separator ''
-      opt.separator 'Options:'
-      opt.on("-r", "--ruby=path", String,
-             "Path to the Ruby binary of your choice (otherwise scripts use env, dispatchers current path).",
-             "Default: #{DEFAULT_SHEBANG}") { |v| options[:shebang] = v }
-      opt.on("-d", "--database=name", String,
-            "Preconfigure for selected database (options: #{DATABASES.join(", ")}).",
-            "Default: sqlite3") { |v| options[:db] = v }
-    end
+  def add_options!(opt)
+    opt.separator ''
+    opt.separator 'Options:'
+    opt.on(
+      "-r", "--ruby=path", String,
+      "Path to the Ruby binary of your choice (otherwise scripts use env, dispatchers current path).",
+      "Default: #{DEFAULT_SHEBANG}"
+    ) { |v| options[:shebang] = v }
+    opt.on(
+      "-d", "--database=name", String,
+      "Preconfigure for selected database (options: #{DATABASES.join(", ")}).",
+      "Default: sqlite3"
+    ) { |v| options[:db] = v }
+  end
 
-    def mysql_socket_location
-      RUBY_PLATFORM =~ /mswin32/ ? MYSQL_SOCKET_LOCATIONS.find { |f| File.exists?(f) } : nil
-    end
+  def mysql_socket_location
+    RUBY_PLATFORM =~ /mswin32/ ? MYSQL_SOCKET_LOCATIONS.find { |f| File.exist?(f) } : nil
+  end
 
   private
 
-    def radiant_root(filename = '')
-      File.join("..", "..", "..", "..", filename)
-    end
-end
+  def radiant_root(filename = '')
+    File.join("..", "..", "..", "..", filename)
+  end
+end

data/lib/generators/trusty_cms/templates/boot.rb.erb

@@ -6,4 +6,4 @@ require 'rubygems'
 # Set up gems listed in the Gemfile.
 ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
 
-require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])

data/lib/login_system.rb

@@ -40,27 +40,27 @@ module LoginSystem
     true
   end
 
-  def authorize
-    # puts _process_action_callbacks.map(&:filter)
-    # action = action_name.to_s.intern
-    # if user_has_access_to_action?(action)
-    #   true
-    # else
-    #   permissions = self.class.controller_permissions[action]
-    #   flash[:error] = permissions[:denied_message] || 'Access denied.'
-    #   respond_to do |format|
-    #     format.html { redirect_to(permissions[:denied_url] || { :action => :index }) }
-    #     format.any(:xml, :json) { head :forbidden }
-    #   end
-    #   false
-    # end
-    true
+  def authorize_role
+    action = action_name.to_s.intern
+    return true if user_has_access_to_action?(action)
+
+    handle_unauthorized_access(action)
+    false
   end
 
   def user_has_access_to_action?(action)
     self.class.user_has_access_to_action?(current_user, action, self)
   end
 
+  def handle_unauthorized_access(action)
+    permissions = self.class.controller_permissions[action]
+    flash[:error] = permissions[:denied_message] || 'Access denied.'
+    respond_to do |format|
+      format.html { redirect_to(permissions[:denied_url] || { action: :index }) }
+      format.any(:xml, :json) { head :forbidden }
+    end
+  end
+
   def login_from_session
     User.unscoped.find(session['user_id'])
   rescue StandardError

data/lib/tasks/framework.rake

@@ -98,7 +98,7 @@ unless File.directory? "#{Rails.root}/app"
       task :javascripts do
         FileUtils.mkdir_p("#{Rails.root}/public/javascripts/admin/")
         copy_javascripts = proc do |project_dir, scripts|
-          scripts.reject! { |s| File.basename(s) == 'overrides.js' } if File.exists?(project_dir + 'overrides.js')
+          scripts.reject! { |s| File.basename(s) == 'overrides.js' } if File.exist?(project_dir + 'overrides.js')
           FileUtils.cp(scripts, project_dir)
         end
         copy_javascripts[Rails.root + '/public/javascripts/', Dir["#{File.dirname(__FILE__)}/../../public/javascripts/*.js"]]
@@ -228,7 +228,7 @@ the new files: #{warning}"
         project_dir = Rails.root + '/public/stylesheets/admin/'
 
         copy_stylesheets = proc do |project_dir, styles|
-          styles.reject! { |s| File.basename(s) == 'overrides.css' } if File.exists?(project_dir + 'overrides.css')
+          styles.reject! { |s| File.basename(s) == 'overrides.css' } if File.exist?(project_dir + 'overrides.css')
           FileUtils.cp(styles, project_dir)
         end
         copy_stylesheets[Rails.root + '/public/stylesheets/admin/', Dir["#{File.dirname(__FILE__)}/../../public/stylesheets/admin/*.css"]]
@@ -237,7 +237,7 @@ the new files: #{warning}"
       desc 'Update admin sass files from your current trusty install'
       task :sass do
         copy_sass = proc do |project_dir, sass_files|
-          sass_files.reject! { |s| File.basename(s) == 'overrides.sass' } if File.exists?(project_dir + 'overrides.sass') || File.exists?(project_dir + '../overrides.css')
+          sass_files.reject! { |s| File.basename(s) == 'overrides.sass' } if File.exist?(project_dir + 'overrides.sass') || File.exist?(project_dir + '../overrides.css')
           sass_files.reject! { |s| File.directory?(s) }
           FileUtils.mkpath(project_dir)
           FileUtils.cp(sass_files, project_dir)

data/lib/trusty_cms/available_locales.rb

@@ -4,7 +4,7 @@ module TrustyCms::AvailableLocales
   def self.locales
     available_locales = {}
     TrustyCms.configuration.i18n.load_path.each do |path|
-      if File.exists?(path) && path !~ /_available_tags/
+      if File.exist?(path) && path !~ /_available_tags/
         locale_yaml = YAML.load_file(path)
         stem = File.basename(path, '.yml')
         if locale_yaml[stem] && lang = locale_yaml[stem]['this_file_language']

data/lib/trusty_cms/task_support.rb

@@ -47,7 +47,7 @@ module TrustyCms
         end.join("\n\n")
 
         cache_path = File.join(dir, cache_file)
-        File.delete(cache_path) if File.exists?(cache_path)
+        File.delete(cache_path) if File.exist?(cache_path)
         File.open(cache_path, 'w+') { |f| f.write(cache_content) }
       end
 

data/lib/trusty_cms/version.rb

@@ -1,4 +1,4 @@
 module TrustyCms
-  VERSION = '7.0.1'.freeze
+  VERSION = '7.0.3'.freeze
 end
 

data/spec/dummy/config/application.rb

@@ -31,6 +31,8 @@ module TrustyCms
 
     # Initialize extension paths
     config.initialize_extension_paths
+    config.active_record.legacy_connection_handling = false
+
     extension_loader = ExtensionLoader.instance { |l| l.initializer = self }
     extension_loader.paths(:load).reverse_each do |path, value|
       config.autoload_paths.unshift path

data/spec/dummy/db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.0].define(version: 2023_10_19_192097) do
+ActiveRecord::Schema[7.0].define(version: 2024_11_08_172942) do
   create_table "active_storage_attachments", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
     t.string "name", null: false
     t.string "record_type", null: false
@@ -69,6 +69,13 @@ ActiveRecord::Schema[7.0].define(version: 2023_10_19_192097) do
     t.datetime "updated_at", precision: nil, null: false
   end
 
+  create_table "admins_sites", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
+    t.integer "admin_id", null: false
+    t.integer "site_id", null: false
+    t.index ["admin_id"], name: "index_admins_sites_on_admin_id"
+    t.index ["site_id"], name: "index_admins_sites_on_site_id"
+  end
+
   create_table "assets", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
     t.string "caption"
     t.string "title"

data/spec/factories/snippet.rb

@@ -0,0 +1,10 @@
+FactoryBot.define do
+
+  factory :snippet do
+    name { 'test_snippet' }
+    content { <<-CONTENT }
+      <p>Snippet Stuff</p>
+    CONTENT
+  end
+
+end

data/spec/factories/user.rb

@@ -1,34 +1,34 @@
 FactoryBot.define do
   factory :user do
-    name { 'User' }
+    first_name { 'FirstName' }
+    last_name { 'LastName' }
     email { 'email@test.com' }
-    login { 'user' }
-    password { 'password' }
+    password { 'ComplexPass1!' }
     password_confirmation { password }
 
     factory :admin do
-      name { 'Admin' }
-      login { 'admin' }
+      first_name { 'FirstName' }
+      last_name { 'LastName' }
       email { 'admin@example.com' }
       admin { true }
     end
 
     factory :existing do
-      name { 'Existing' }
-      login { 'existing' }
+      first_name { 'FirstName' }
+      last_name { 'LastName' }
       email { 'existing@example.com' }
     end
 
     factory :designer do
-      name { 'Designer' }
-      login { 'designer' }
+      first_name { 'FirstName' }
+      last_name { 'LastName' }
       email { '' }
       designer { true }
     end
 
     factory :non_admin do
-      name { 'Non Admin' }
-      login { 'non_admin' }
+      first_name { 'FirstName' }
+      last_name { 'LastName' }
       admin { false }
     end
   end

data/spec/models/snippets_spec.rb

@@ -0,0 +1,29 @@
+require 'spec_helper'
+
+describe Snippet do
+
+  let(:snippet) { FactoryBot.build(:snippet) }
+
+  describe 'name' do
+    it 'is invalid when blank' do
+      snippet = FactoryBot.build(:snippet, name: '')
+      snippet.valid?
+      expect(snippet.errors[:name]).to include("This field is required.")
+    end
+
+    it 'should validate uniqueness of' do
+      snippet = FactoryBot.build(:snippet, name: 'test_snippet', content: "Content!")
+      snippet.save!
+      other = FactoryBot.build(:snippet, name: 'test_snippet', content: "Content!")
+      expect { other.save! }.to raise_error(ActiveRecord::RecordInvalid)
+    end
+
+    it 'should validate length of' do
+      snippet = FactoryBot.build(:snippet, name: 'x' * 100)
+      expect(snippet.errors[:name]).to be_blank
+      snippet = FactoryBot.build(:snippet, name: 'x' * 101)
+      expect { snippet.save! }.to raise_error(ActiveRecord::RecordInvalid)
+      expect(snippet.errors[:name]).to include("This must not be longer than 100 characters")
+    end
+  end
+end

data/spec/models/user_spec.rb

@@ -0,0 +1,46 @@
+require 'spec_helper'
+
+describe User do
+  describe '#role?' do
+    let(:user) { create(:user) }
+
+    it 'returns true for admin role' do
+      user.admin = true
+      expect(user.role?(:admin)).to be true
+    end
+
+    it 'returns false for non-admin role' do
+      user.admin = false
+      expect(user.role?(:admin)).to be false
+    end
+  end
+
+  describe '#password_complexity' do
+    let(:user) { build(:user) }
+
+    it 'is valid with a complex password' do
+      user.password = 'ComplexPass1!'
+      expect(user).to be_valid
+    end
+
+    it 'is invalid with a simple password' do
+      user.password = 'simple'
+      user.valid?
+      expect(user.errors[:password]).to include('Complexity requirement not met. Length should be 12 characters and include: 1 uppercase, 1 lowercase, 1 digit and 1 special character.')
+    end
+  end
+
+  describe '#password_required?' do
+    let(:user) { build(:user) }
+
+    it 'returns false if skip_password_validation is true' do
+      user.skip_password_validation = true
+      expect(user.password_required?).to be false
+    end
+
+    it 'returns true if skip_password_validation is false' do
+      user.skip_password_validation = false
+      expect(user.password_required?).to be true
+    end
+  end
+end

data/trusty_cms.gemspec

@@ -43,7 +43,7 @@ a general purpose content management system--not merely a blogging engine.'
   s.add_dependency 'mini_racer'
   s.add_dependency 'mutex_m'
   s.add_dependency 'mysql2'
-  s.add_dependency 'rack', '>= 2.0.1', '< 3.1.0'
+  s.add_dependency 'rack', '>= 2.0.1', '< 3.2.0'
   s.add_dependency 'rack-cache', '~> 1.7'
   s.add_dependency 'radius', '~> 0.7'
   s.add_dependency 'rails', '~> 7.0.0'