workarea-storefront 3.4.19 → 3.4.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fd0377b28b5104980ddcfaab6b94d6f354f186359755f3b1cf661499b7414e30
|
|
4
|
+
data.tar.gz: 95b5d487a08e783f7ea2d74e4363486ae2ed03f1f1abf2d45ede73324dfbac61
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5794e7f6adfa4034fc3920131006a87f8d5e8150fd3a92f8565cab7fc6dd795463d5a0c342a96684c1b1bfab7af6442fc83b29212445992c7c50206160bd44ee
|
|
7
|
+
data.tar.gz: 5d882991a8bff9efbd5ee7064d79bf20350c5b1728c93889f85805c918d2b0a833389f6b26e6ec3bd294456a04ec05a64faf45dff4a248b810713a96c5784d20
|
|
@@ -2,6 +2,7 @@ module Workarea
|
|
|
2
2
|
class Storefront::Users::LoginsController < Storefront::ApplicationController
|
|
3
3
|
before_action :ensure_not_locked, only: :create
|
|
4
4
|
skip_before_action :require_password_changes, only: :destroy
|
|
5
|
+
skip_before_action :verify_authenticity_token, only: :destroy
|
|
5
6
|
|
|
6
7
|
def new
|
|
7
8
|
@user = User.new
|
|
@@ -152,6 +152,23 @@ module Workarea
|
|
|
152
152
|
results = JSON.parse(response.body)
|
|
153
153
|
assert_equal(0, results['cart_quantity'])
|
|
154
154
|
end
|
|
155
|
+
|
|
156
|
+
def test_it_doesnt_care_about_csrf_for_logout
|
|
157
|
+
current_forgery_protection = ActionController::Base.allow_forgery_protection
|
|
158
|
+
|
|
159
|
+
post storefront.login_path,
|
|
160
|
+
params: {
|
|
161
|
+
email: 'existing-account@workarea.com',
|
|
162
|
+
password: 'W3bl1nc!'
|
|
163
|
+
}
|
|
164
|
+
|
|
165
|
+
ActionController::Base.allow_forgery_protection = true
|
|
166
|
+
delete storefront.logout_path
|
|
167
|
+
assert(response.headers['Set-Cookie'].present?)
|
|
168
|
+
|
|
169
|
+
ensure
|
|
170
|
+
ActionController::Base.allow_forgery_protection = current_forgery_protection
|
|
171
|
+
end
|
|
155
172
|
end
|
|
156
173
|
end
|
|
157
174
|
end
|
|
@@ -74,21 +74,6 @@ module Workarea
|
|
|
74
74
|
end
|
|
75
75
|
assert(page.has_no_content?('New Taxon'))
|
|
76
76
|
end
|
|
77
|
-
|
|
78
|
-
private
|
|
79
|
-
|
|
80
|
-
# There is some kind of timing problem around waiting for this iframe that
|
|
81
|
-
# after a few hours we still can't find. This is a hack to keep this
|
|
82
|
-
# passing.
|
|
83
|
-
#
|
|
84
|
-
# May God have mercy on our souls.
|
|
85
|
-
#
|
|
86
|
-
# TODO v3.6
|
|
87
|
-
# Remove this after we stop using an iframe for the admin toolbar
|
|
88
|
-
#
|
|
89
|
-
def wait_for_iframe
|
|
90
|
-
sleep(0.5)
|
|
91
|
-
end
|
|
92
77
|
end
|
|
93
78
|
end
|
|
94
79
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: workarea-storefront
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.4.
|
|
4
|
+
version: 3.4.20
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Crouse
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-10-
|
|
11
|
+
date: 2019-10-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: workarea-core
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 3.4.
|
|
19
|
+
version: 3.4.20
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 3.4.
|
|
26
|
+
version: 3.4.20
|
|
27
27
|
description: Provides user-facing ecommerce storefront functionality for the Workarea
|
|
28
28
|
Commerce Platform.
|
|
29
29
|
email:
|