warden-github-rails 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. data/.gitignore +20 -0
  2. data/.rspec +2 -0
  3. data/.travis.yml +10 -0
  4. data/Gemfile +14 -0
  5. data/LICENSE.txt +22 -0
  6. data/README.md +188 -0
  7. data/Rakefile +6 -0
  8. data/VERSION +1 -0
  9. data/lib/warden/github/rails.rb +42 -0
  10. data/lib/warden/github/rails/config.rb +52 -0
  11. data/lib/warden/github/rails/controller_helpers.rb +35 -0
  12. data/lib/warden/github/rails/railtie.rb +27 -0
  13. data/lib/warden/github/rails/routes.rb +83 -0
  14. data/lib/warden/github/rails/test_helpers.rb +28 -0
  15. data/lib/warden/github/rails/test_helpers/mock_user.rb +28 -0
  16. data/lib/warden/github/rails/version.rb +9 -0
  17. data/lib/warden/github/rails/view_helpers.rb +18 -0
  18. data/spec/integration/controller_helpers_spec.rb +95 -0
  19. data/spec/integration/membership_spec.rb +183 -0
  20. data/spec/integration/route_spec.rb +82 -0
  21. data/spec/integration/scope_spec.rb +33 -0
  22. data/spec/rails_app/app/controllers/scoped_controller.rb +28 -0
  23. data/spec/rails_app/app/controllers/unscoped_controller.rb +28 -0
  24. data/spec/rails_app/config.ru +2 -0
  25. data/spec/rails_app/config/application.rb +20 -0
  26. data/spec/rails_app/config/boot.rb +3 -0
  27. data/spec/rails_app/config/environment.rb +3 -0
  28. data/spec/rails_app/config/environments/development.rb +8 -0
  29. data/spec/rails_app/config/environments/production.rb +8 -0
  30. data/spec/rails_app/config/environments/test.rb +11 -0
  31. data/spec/rails_app/config/initializers/secret_token.rb +1 -0
  32. data/spec/rails_app/config/initializers/session_store.rb +1 -0
  33. data/spec/rails_app/config/initializers/warden_github_rails.rb +12 -0
  34. data/spec/rails_app/config/initializers/wrap_parameters.rb +4 -0
  35. data/spec/rails_app/config/routes.rb +49 -0
  36. data/spec/rails_app/script/rails +6 -0
  37. data/spec/spec_helper.rb +37 -0
  38. data/spec/unit/config_spec.rb +67 -0
  39. data/spec/unit/mock_user_spec.rb +20 -0
  40. data/spec/unit/rails_spec.rb +11 -0
  41. data/spec/unit/test_helpers_spec.rb +39 -0
  42. data/warden-github-rails.gemspec +25 -0
  43. metadata +229 -0
@@ -0,0 +1,28 @@
1
+ require 'warden/github'
2
+ require 'warden/github/rails/test_helpers/mock_user'
3
+
4
+ module Warden
5
+ module GitHub
6
+ module Rails
7
+ module TestHelpers
8
+ include ::Warden::Test::Helpers
9
+
10
+ # Login a mock GitHub user and return it.
11
+ def github_login(scope=Rails.default_scope)
12
+ MockUser.new.tap do |user|
13
+ login_as(user, :scope => scope)
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
20
+
21
+ # Add a method to Rack::Response to easily determine if a request resulted in an
22
+ # OAuth redirect to GitHub.
23
+ class Rack::Response
24
+ def github_oauth_redirect?
25
+ redirect? and
26
+ location.start_with?('https://github.com/login/oauth/authorize')
27
+ end
28
+ end
@@ -0,0 +1,28 @@
1
+ module Warden
2
+ module GitHub
3
+ module Rails
4
+ module TestHelpers
5
+ class MockUser < User
6
+ attr_reader :memberships
7
+
8
+ def initialize(*args)
9
+ super
10
+ @memberships = { :team => [], :org => [] }
11
+ end
12
+
13
+ def stub_membership(membership)
14
+ memberships.fetch(membership.keys.first) << membership.values.first
15
+ end
16
+
17
+ def team_member?(id)
18
+ memberships[:team].include?(id)
19
+ end
20
+
21
+ def organization_member?(id)
22
+ memberships[:org].include?(id)
23
+ end
24
+ end
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,9 @@
1
+ module Warden
2
+ module GitHub
3
+ module Rails
4
+ VERSION = File.read(
5
+ File.expand_path('../../../../../VERSION', __FILE__)
6
+ ).strip
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,18 @@
1
+ module Warden
2
+ module GitHub
3
+ module Rails
4
+ module ViewHelpers
5
+ # Checks whether a user is logged in for the specified scope.
6
+ def github_authenticated?(scope=Rails.default_scope)
7
+ request.env['warden'].authenticated?(scope)
8
+ end
9
+
10
+ # Returns the currently signed in user for the specified scope. See the
11
+ # documentation for Warden::GitHub::User for available methods.
12
+ def github_user(scope=Rails.default_scope)
13
+ request.env['warden'].user(scope)
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,95 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'controller helpers' do
4
+ {
5
+ :scoped => :admin,
6
+ :unscoped => Warden::GitHub::Rails.default_scope
7
+ }.each do |type, scope|
8
+ context "when using #{type}" do
9
+ describe '#github_authenticate!' do
10
+ subject(:request) { get "/#{type}/authenticate" }
11
+
12
+ context 'when not logged in' do
13
+ it 'initiates the oauth flow' do
14
+ request.should be_github_oauth_redirect
15
+ end
16
+ end
17
+
18
+ context 'when logged in' do
19
+ before { github_login(scope) }
20
+ it 'does nothing' do
21
+ request.should be_ok
22
+ end
23
+ end
24
+ end
25
+
26
+ describe '#github_logout' do
27
+ context 'when not logged in' do
28
+ it 'does nothing' do
29
+ get("/#{type}/logout").body.should eq 'false'
30
+ end
31
+ end
32
+
33
+ context 'when logged in' do
34
+ it 'logs out the user' do
35
+ github_login(scope)
36
+ get("/#{type}/logout").body.should eq 'true'
37
+ get("/#{type}/logout").body.should eq 'false'
38
+ end
39
+ end
40
+ end
41
+
42
+ describe '#github_authenticated?' do
43
+ subject(:request) { get "/#{type}/authenticated" }
44
+
45
+ context 'when not logged in' do
46
+ it 'returns false' do
47
+ request.body.should eq 'false'
48
+ end
49
+ end
50
+
51
+ context 'when logged in' do
52
+ it 'returns true' do
53
+ github_login(scope)
54
+ request.body.should eq 'true'
55
+ end
56
+ end
57
+ end
58
+
59
+ describe '#github_user' do
60
+ subject(:request) { get "/#{type}/user" }
61
+
62
+ context 'when not logged in' do
63
+ it 'returns nil' do
64
+ request.body.should be_blank
65
+ end
66
+ end
67
+
68
+ context 'when logged in' do
69
+ it 'returns the logged in user' do
70
+ github_login(scope)
71
+ request.body.
72
+ should include 'Warden::GitHub::Rails::TestHelpers::MockUser'
73
+ end
74
+ end
75
+ end
76
+
77
+ describe '#github_session' do
78
+ subject(:request) { get "/#{type}/session" }
79
+
80
+ context 'when not logged in' do
81
+ it 'should be nil' do
82
+ request.body.should be_blank
83
+ end
84
+ end
85
+
86
+ context 'when logged in' do
87
+ it "returns the user's session" do
88
+ github_login(scope)
89
+ request.body.should == { :foo => :bar }.to_s
90
+ end
91
+ end
92
+ end
93
+ end
94
+ end
95
+ end
@@ -0,0 +1,183 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'request to a protected resource' do
4
+ context 'that requires a team membership' do
5
+ context 'which is specified by a numeric team id' do
6
+ subject { get '/team/protected' }
7
+
8
+ context 'when not logged in' do
9
+ it { should be_github_oauth_redirect }
10
+ end
11
+
12
+ context 'when logged in' do
13
+ context 'and team member' do
14
+ before do
15
+ user = github_login
16
+ user.stub_membership(:team => 123)
17
+ end
18
+
19
+ it { should be_ok }
20
+ end
21
+
22
+ context 'and not team member' do
23
+ before { github_login }
24
+ it { should be_not_found}
25
+ end
26
+ end
27
+ end
28
+
29
+ context 'which is specified by a team alias' do
30
+ subject { get '/team_alias/protected' }
31
+
32
+ context 'when not logged in' do
33
+ it { should be_github_oauth_redirect }
34
+ end
35
+
36
+ context 'when logged in' do
37
+ context 'and team member' do
38
+ before do
39
+ user = github_login
40
+ user.stub_membership(:team => 456)
41
+ end
42
+
43
+ it { should be_ok }
44
+ end
45
+
46
+ context 'and not team member' do
47
+ before { github_login }
48
+ it { should be_not_found}
49
+ end
50
+ end
51
+ end
52
+
53
+ context 'which is specified by a lambda' do
54
+ subject { get '/dynamic_team/123' }
55
+
56
+ context 'when logged in' do
57
+ context 'and team member' do
58
+ before do
59
+ user = github_login
60
+ user.stub_membership(:team => 123)
61
+ end
62
+
63
+ it { should be_ok }
64
+ end
65
+
66
+ context 'and not team member' do
67
+ before { github_login }
68
+ it { should be_not_found}
69
+ end
70
+ end
71
+ end
72
+ end
73
+
74
+ context 'that requires an organization membership' do
75
+ { :org => :foobar_inc, :organization => 'some_org' }.each do |key, value|
76
+ context "which is specified as #{key}" do
77
+ subject { get "/#{key}/protected" }
78
+
79
+ context 'when not logged in' do
80
+ it { should be_github_oauth_redirect }
81
+ end
82
+
83
+ context 'when logged in' do
84
+ context 'and organization member' do
85
+ before do
86
+ user = github_login
87
+ user.stub_membership(:org => value)
88
+ end
89
+
90
+ it { should be_ok }
91
+ end
92
+
93
+ context 'and not organization member' do
94
+ before { github_login }
95
+ it { should be_not_found }
96
+ end
97
+ end
98
+ end
99
+ end
100
+
101
+ context 'which is specified by a lambda' do
102
+ subject { get '/dynamic_org/some_org' }
103
+
104
+ context 'when logged in' do
105
+ context 'and organization member' do
106
+ before do
107
+ user = github_login
108
+ user.stub_membership(:org => 'some_org')
109
+ end
110
+
111
+ it { should be_ok }
112
+ end
113
+
114
+ context 'and not organization member' do
115
+ before { github_login }
116
+ it { should be_not_found}
117
+ end
118
+ end
119
+ end
120
+ end
121
+ end
122
+
123
+ describe 'request to a resource that only exists when logged in' do
124
+ context 'that requires a team membership' do
125
+ context 'which is specified by a numeric team id' do
126
+ subject { get '/team/conditional' }
127
+
128
+ context 'when team member' do
129
+ before do
130
+ user = github_login
131
+ user.stub_membership(:team => 123)
132
+ end
133
+
134
+ it { should be_ok }
135
+ end
136
+
137
+ context 'when not team member' do
138
+ before { github_login }
139
+ it { should be_not_found}
140
+ end
141
+ end
142
+
143
+ context 'which is specified by a team alias' do
144
+ subject { get '/team_alias/conditional' }
145
+
146
+ context 'when team member' do
147
+ before do
148
+ user = github_login
149
+ user.stub_membership(:team => 456)
150
+ end
151
+
152
+ it { should be_ok }
153
+ end
154
+
155
+ context 'when not team member' do
156
+ before { github_login }
157
+ it { should be_not_found}
158
+ end
159
+ end
160
+ end
161
+
162
+ context 'that requires an organization membership' do
163
+ { :org => :foobar_inc, :organization => 'some_org' }.each do |key, value|
164
+ context "which is specified as #{key}" do
165
+ subject { get "/#{key}/conditional" }
166
+
167
+ context 'when organization member' do
168
+ before do
169
+ user = github_login
170
+ user.stub_membership(:org => value)
171
+ end
172
+
173
+ it { should be_ok }
174
+ end
175
+
176
+ context 'when not organization member' do
177
+ before { github_login }
178
+ it { should be_not_found }
179
+ end
180
+ end
181
+ end
182
+ end
183
+ end
@@ -0,0 +1,82 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'request to a protected resource' do
4
+ subject { get '/protected' }
5
+
6
+ context 'when not logged in' do
7
+ it { should be_github_oauth_redirect }
8
+ end
9
+
10
+ context 'when logged in' do
11
+ before { github_login }
12
+ it { should be_ok }
13
+ end
14
+
15
+ context 'with multiple scopes' do
16
+ subject { get '/admin/protected' }
17
+
18
+ context 'when logged in in the wrong scope' do
19
+ before { github_login }
20
+ it { should be_github_oauth_redirect }
21
+ end
22
+
23
+ context 'when logged in in the correct scope' do
24
+ before { github_login(:admin) }
25
+ it { should be_ok }
26
+ end
27
+ end
28
+ end
29
+
30
+ describe 'request to a resource that only exists when logged in' do
31
+ subject { get '/conditional' }
32
+
33
+ context 'when not logged in' do
34
+ it { should be_not_found }
35
+ end
36
+
37
+ context 'when logged in' do
38
+ before { github_login }
39
+ it { should be_ok }
40
+ end
41
+
42
+ context 'with mutliple scopes' do
43
+ subject { get '/admin/conditional' }
44
+
45
+ context 'when logged in in the wrong scope' do
46
+ before { github_login }
47
+ it { should be_not_found }
48
+ end
49
+
50
+ context 'when logged in in the correct scope' do
51
+ before { github_login(:admin) }
52
+ it { should be_ok }
53
+ end
54
+ end
55
+ end
56
+
57
+ describe 'request to a resource that only exists when logged out' do
58
+ subject { get '/conditional_inverse' }
59
+
60
+ context 'when not logged in' do
61
+ it { should be_ok }
62
+ end
63
+
64
+ context 'when logged in' do
65
+ before { github_login }
66
+ it { should be_not_found }
67
+ end
68
+
69
+ context 'with mutliple scopes' do
70
+ subject { get '/admin/conditional_inverse' }
71
+
72
+ context 'when logged in in the wrong scope' do
73
+ before { github_login }
74
+ it { should be_ok }
75
+ end
76
+
77
+ context 'when logged in in the correct scope' do
78
+ before { github_login(:admin) }
79
+ it { should be_not_found }
80
+ end
81
+ end
82
+ end