summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
Diffstat (limited to 'users')
-rw-r--r--users/app/controllers/controller_extension/authentication.rb4
-rw-r--r--users/app/controllers/controller_extension/token_authentication.rb4
-rw-r--r--users/app/controllers/users_controller.rb4
-rw-r--r--users/app/controllers/v1/users_controller.rb4
-rw-r--r--users/test/functional/application_controller_test.rb12
-rw-r--r--users/test/functional/v1/sessions_controller_test.rb2
-rw-r--r--users/test/unit/unauthenticated_user_test.rb (renamed from users/test/unit/unauthorized_user_test.rb)2
7 files changed, 18 insertions, 14 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index d831fbe..e83d6b2 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -15,7 +15,7 @@ module ControllerExtension::Authentication
!!current_user
end
- def authorize
+ def require_login
access_denied unless logged_in?
end
@@ -38,7 +38,7 @@ module ControllerExtension::Authentication
current_user && current_user.is_admin?
end
- def authorize_admin
+ def require_admin
access_denied unless admin?
end
diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb
index cd5c074..ee24f73 100644
--- a/users/app/controllers/controller_extension/token_authentication.rb
+++ b/users/app/controllers/controller_extension/token_authentication.rb
@@ -11,6 +11,10 @@ module ControllerExtension::TokenAuthentication
token.authenticate if token
end
+ def require_token
+ access_denied unless token
+ end
+
def logout
super
clear_token
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index a5461cd..6b32d49 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -4,9 +4,9 @@
class UsersController < UsersBaseController
- before_filter :authorize, :only => [:show, :edit, :update, :destroy]
+ before_filter :require_login, :except => [:new]
+ before_filter :require_admin, :only => [:index, :deactivate, :enable]
before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable]
- before_filter :authorize_admin, :only => [:index, :deactivate, :enable]
respond_to :html
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index 0903888..a16c6e9 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -3,8 +3,8 @@ module V1
skip_before_filter :verify_authenticity_token
before_filter :fetch_user, :only => [:update]
- before_filter :authorize, :only => [:update]
- before_filter :authorize_admin, :only => [:index]
+ before_filter :require_login, :only => [:update, :index]
+ before_filter :require_admin, :only => [:index]
respond_to :json
diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb
index 94b77bd..c4c922b 100644
--- a/users/test/functional/application_controller_test.rb
+++ b/users/test/functional/application_controller_test.rb
@@ -7,21 +7,21 @@ class ApplicationControllerTest < ActionController::TestCase
@controller.response = @response
end
- def test_authorize_redirect
- @controller.send(:authorize)
+ def test_require_login_redirect
+ @controller.send(:require_login)
assert_access_denied(true, false)
end
- def test_authorized
+ def test_require_login
login
- @controller.send(:authorize)
+ @controller.send(:require_login)
assert_access_denied(false)
end
- def test_authorize_admin
+ def test_require_admin
login
@current_user.expects(:is_admin?).returns(false)
- @controller.send(:authorize_admin)
+ @controller.send(:require_admin)
assert_access_denied
end
diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb
index 4200e8f..df0d681 100644
--- a/users/test/functional/v1/sessions_controller_test.rb
+++ b/users/test/functional/v1/sessions_controller_test.rb
@@ -36,7 +36,7 @@ class V1::SessionsControllerTest < ActionController::TestCase
post :create, :login => @user.login, 'A' => @client_hex
end
- test "should authorize" do
+ test "should authenticate" do
request.env['warden'].expects(:authenticate!)
@controller.stubs(:current_user).returns(@user)
handshake = stub(:to_hash => {h: "ash"})
diff --git a/users/test/unit/unauthorized_user_test.rb b/users/test/unit/unauthenticated_user_test.rb
index 5b96ae1..e5fafb8 100644
--- a/users/test/unit/unauthorized_user_test.rb
+++ b/users/test/unit/unauthenticated_user_test.rb
@@ -1,6 +1,6 @@
require 'test_helper'
-class UnauthorizedUserTest < ActiveSupport::TestCase
+class UnauthenticatedUserTest < ActiveSupport::TestCase
# test "the truth" do
# assert true
# end
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-27 00:48:29 +0000