diff options
| author | Azul <azul@leap.se> | 2014-02-07 14:38:56 +0100 |
|---|---|---|
| committer | Azul <azul@leap.se> | 2014-02-10 14:26:30 +0100 |
| commit | 3f9dc65636afb57fed441978dca4bf7d3209bd2d (patch) | |
| tree | a3ede0e3b6e1f2ea952848f2c3b5b62249105d76 /users | |
| parent | e1243d02953b4012d6bb216efc9b0606809ab4bb (diff) | |
rename authorize to require_login
authorize_admin -> require_admin
also add require_token which will ensure token has been used for auth.
Diffstat (limited to 'users')
| -rw-r--r-- | users/app/controllers/controller_extension/authentication.rb | 4 | ||||
| -rw-r--r-- | users/app/controllers/controller_extension/token_authentication.rb | 4 | ||||
| -rw-r--r-- | users/app/controllers/users_controller.rb | 4 | ||||
| -rw-r--r-- | users/app/controllers/v1/users_controller.rb | 4 | ||||
| -rw-r--r-- | users/test/functional/application_controller_test.rb | 12 | ||||
| -rw-r--r-- | users/test/functional/v1/sessions_controller_test.rb | 2 | ||||
| -rw-r--r-- | users/test/unit/unauthenticated_user_test.rb (renamed from users/test/unit/unauthorized_user_test.rb) | 2 |
7 files changed, 18 insertions, 14 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index d831fbe..e83d6b2 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -15,7 +15,7 @@ module ControllerExtension::Authentication !!current_user end - def authorize + def require_login access_denied unless logged_in? end @@ -38,7 +38,7 @@ module ControllerExtension::Authentication current_user && current_user.is_admin? end - def authorize_admin + def require_admin access_denied unless admin? end diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb index cd5c074..ee24f73 100644 --- a/users/app/controllers/controller_extension/token_authentication.rb +++ b/users/app/controllers/controller_extension/token_authentication.rb @@ -11,6 +11,10 @@ module ControllerExtension::TokenAuthentication token.authenticate if token end + def require_token + access_denied unless token + end + def logout super clear_token diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index a5461cd..6b32d49 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -4,9 +4,9 @@ class UsersController < UsersBaseController - before_filter :authorize, :only => [:show, :edit, :update, :destroy] + before_filter :require_login, :except => [:new] + before_filter :require_admin, :only => [:index, :deactivate, :enable] before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable] - before_filter :authorize_admin, :only => [:index, :deactivate, :enable] respond_to :html diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb index 0903888..a16c6e9 100644 --- a/users/app/controllers/v1/users_controller.rb +++ b/users/app/controllers/v1/users_controller.rb @@ -3,8 +3,8 @@ module V1 skip_before_filter :verify_authenticity_token before_filter :fetch_user, :only => [:update] - before_filter :authorize, :only => [:update] - before_filter :authorize_admin, :only => [:index] + before_filter :require_login, :only => [:update, :index] + before_filter :require_admin, :only => [:index] respond_to :json diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb index 94b77bd..c4c922b 100644 --- a/users/test/functional/application_controller_test.rb +++ b/users/test/functional/application_controller_test.rb @@ -7,21 +7,21 @@ class ApplicationControllerTest < ActionController::TestCase @controller.response = @response end - def test_authorize_redirect - @controller.send(:authorize) + def test_require_login_redirect + @controller.send(:require_login) assert_access_denied(true, false) end - def test_authorized + def test_require_login login - @controller.send(:authorize) + @controller.send(:require_login) assert_access_denied(false) end - def test_authorize_admin + def test_require_admin login @current_user.expects(:is_admin?).returns(false) - @controller.send(:authorize_admin) + @controller.send(:require_admin) assert_access_denied end diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb index 4200e8f..df0d681 100644 --- a/users/test/functional/v1/sessions_controller_test.rb +++ b/users/test/functional/v1/sessions_controller_test.rb @@ -36,7 +36,7 @@ class V1::SessionsControllerTest < ActionController::TestCase post :create, :login => @user.login, 'A' => @client_hex end - test "should authorize" do + test "should authenticate" do request.env['warden'].expects(:authenticate!) @controller.stubs(:current_user).returns(@user) handshake = stub(:to_hash => {h: "ash"}) diff --git a/users/test/unit/unauthorized_user_test.rb b/users/test/unit/unauthenticated_user_test.rb index 5b96ae1..e5fafb8 100644 --- a/users/test/unit/unauthorized_user_test.rb +++ b/users/test/unit/unauthenticated_user_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class UnauthorizedUserTest < ActiveSupport::TestCase +class UnauthenticatedUserTest < ActiveSupport::TestCase # test "the truth" do # assert true # end |