From 13f53593551549d8e95e382fd42a92efc170943d Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 20 Nov 2012 10:34:13 +0100 Subject: ui tweaks to the menu --- app/assets/stylesheets/application.scss | 3 +++ app/views/layouts/_navigation.html.haml | 9 +++++---- users/app/views/sessions/_nav.html.haml | 4 +++- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/app/assets/stylesheets/application.scss b/app/assets/stylesheets/application.scss index 72c943a..3465431 100644 --- a/app/assets/stylesheets/application.scss +++ b/app/assets/stylesheets/application.scss @@ -1,2 +1,5 @@ @import "bootstrap"; +body { + padding: 40px; +} @import "bootstrap-responsive"; diff --git a/app/views/layouts/_navigation.html.haml b/app/views/layouts/_navigation.html.haml index b75eed7..e72586a 100644 --- a/app/views/layouts/_navigation.html.haml +++ b/app/views/layouts/_navigation.html.haml @@ -1,6 +1,7 @@ = link_to "Leap Web", root_path, :class => 'brand' -%ul.nav - // = render '/tickets/nav' +.nav-collapse.collapse + %ul.nav + // = render '/tickets/nav' -%ul.nav.pull-right - = render '/sessions/nav' + %ul.nav.pull-right + = render '/sessions/nav' diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml index 204ba88..b738504 100644 --- a/users/app/views/sessions/_nav.html.haml +++ b/users/app/views/sessions/_nav.html.haml @@ -1,8 +1,10 @@ - if logged_in? %li = 'logged in as ' + current_user.login + %li = link_to t(:logout), logout_path - - if admin? + - if admin? + %li = 'ADMIN' # obviously not like this - else %li -- cgit v1.2.3 From a8cefdcb896736608fcd94456b8f42c8aafd8d7f Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 10:31:09 +0100 Subject: don't collabse the nav --- app/views/layouts/_navigation.html.haml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/app/views/layouts/_navigation.html.haml b/app/views/layouts/_navigation.html.haml index e72586a..b75eed7 100644 --- a/app/views/layouts/_navigation.html.haml +++ b/app/views/layouts/_navigation.html.haml @@ -1,7 +1,6 @@ = link_to "Leap Web", root_path, :class => 'brand' -.nav-collapse.collapse - %ul.nav - // = render '/tickets/nav' +%ul.nav + // = render '/tickets/nav' - %ul.nav.pull-right - = render '/sessions/nav' +%ul.nav.pull-right + = render '/sessions/nav' -- cgit v1.2.3 From 7e5db2a28ba872154e5f5002bb84d149a512e36e Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 10:33:21 +0100 Subject: using the new srp.js api --- users/app/assets/javascripts/srp | 2 +- users/app/assets/javascripts/users.js.coffee | 20 ++++++++++---------- users/app/controllers/sessions_controller.rb | 4 +++- 3 files changed, 14 insertions(+), 12 deletions(-) diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp index efac662..635ea47 160000 --- a/users/app/assets/javascripts/srp +++ b/users/app/assets/javascripts/srp @@ -1 +1 @@ -Subproject commit efac662cdf31bc4b61ffb97b8c398e22a86c364b +Subproject commit 635ea47f1c19d7985a8f5107c070ae19edf9dd54 diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee index ab437f6..75440ea 100644 --- a/users/app/assets/javascripts/users.js.coffee +++ b/users/app/assets/javascripts/users.js.coffee @@ -27,21 +27,21 @@ validOrAbort = (event) -> abortIfErrors() -signup = (event) -> - srp = new SRP(jqueryRest()) - srp.register -> - window.location = '/' -login = (event) -> - srp = new SRP(jqueryRest()) - srp.identify -> - window.location = '/' +srp.session = new srp.Session() +srp.signedUp = -> + window.location = '/' +srp.loggedIn = -> + window.location = '/' + +srp.error = (message) -> + alert(message) $(document).ready -> $('#new_user').submit preventDefault $('#new_user').submit validOrAbort - $('#new_user').submit signup + $('#new_user').submit srp.signup $('#new_session').submit preventDefault - $('#new_session').submit login + $('#new_session').submit srp.login diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 486f67e..66c1c4f 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -3,7 +3,9 @@ class SessionsController < ApplicationController skip_before_filter :verify_authenticity_token def new - @errors = authentication_error + if @errors = authentication_error + render :status => 422 + end end def create -- cgit v1.2.3 From cec9ad7c514f2f3c767bd12bfc3df28db4d1a98b Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 11:36:25 +0100 Subject: using client side validations for login --- users/app/assets/javascripts/users.js.coffee | 8 ++++++- users/app/controllers/sessions_controller.rb | 1 + users/app/models/session.rb | 34 ++++++++++++++++++++++++++++ users/app/views/sessions/new.html.haml | 2 +- 4 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 users/app/models/session.rb diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee index 75440ea..6d1dda2 100644 --- a/users/app/assets/javascripts/users.js.coffee +++ b/users/app/assets/javascripts/users.js.coffee @@ -36,7 +36,13 @@ srp.loggedIn = -> window.location = '/' srp.error = (message) -> - alert(message) + if $.isPlainObject(message) && message.errors + for key, value of message.errors + element = $('form input[name="session['+key+']"]') + next unless element + element.trigger('element:validate:fail.ClientSideValidations', value).data('valid', false) + else + alert(message) $(document).ready -> $('#new_user').submit preventDefault diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 66c1c4f..32d1ddc 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -3,6 +3,7 @@ class SessionsController < ApplicationController skip_before_filter :verify_authenticity_token def new + @session = Session.new if @errors = authentication_error render :status => 422 end diff --git a/users/app/models/session.rb b/users/app/models/session.rb new file mode 100644 index 0000000..a9fdb1b --- /dev/null +++ b/users/app/models/session.rb @@ -0,0 +1,34 @@ +class Session < SRP::Session + include ActiveModel::Validations + + attr_accessor :login + + validates :login, + :presence => true, + :format => { :with => /\A[A-Za-z\d_]+\z/, + :message => "Only letters, digits and _ allowed" } + + def initialize(user = nil, aa = nil) + super(user, aa) if user + end + + def persisted? + false + end + + def new_record? + true + end + + def to_model + self + end + + def to_key + [object_id] + end + + def to_param + nil + end +end diff --git a/users/app/views/sessions/new.html.haml b/users/app/views/sessions/new.html.haml index c91d3f2..a04f584 100644 --- a/users/app/views/sessions/new.html.haml +++ b/users/app/views/sessions/new.html.haml @@ -1,6 +1,6 @@ .span8.offset2 %h2=t :login - = simple_form_for :session, :url => sessions_path, :html => { :id => :new_session, :class => 'form-horizontal' } do |f| + = simple_form_for @session, :validate => true, :html => { :id => :new_session, :class => 'form-horizontal' } do |f| %legend=t :login_message = f.input :login, :input_html => { :id => :srp_username } = f.input :password, :required => true, :input_html => { :id => :srp_password } -- cgit v1.2.3 From 6d5f8d0f993093b51d1f11bb528c535dcf88a969 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 13:05:32 +0100 Subject: beautify login workflow * translating error messages * not caching login and password in js anymore * catching non responses --- users/app/assets/javascripts/srp | 2 +- users/app/assets/javascripts/users.js.coffee | 6 +++--- users/app/controllers/controller_extension/authentication.rb | 8 ++++++-- users/app/controllers/sessions_controller.rb | 3 ++- users/config/locales/en.yml | 2 ++ users/lib/warden/strategies/secure_remote_password.rb | 4 ++-- 6 files changed, 16 insertions(+), 9 deletions(-) diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp index 635ea47..076d6e2 160000 --- a/users/app/assets/javascripts/srp +++ b/users/app/assets/javascripts/srp @@ -1 +1 @@ -Subproject commit 635ea47f1c19d7985a8f5107c070ae19edf9dd54 +Subproject commit 076d6e251e4caf826787d87b11434e535960455c diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee index 6d1dda2..d0ec32f 100644 --- a/users/app/assets/javascripts/users.js.coffee +++ b/users/app/assets/javascripts/users.js.coffee @@ -37,10 +37,10 @@ srp.loggedIn = -> srp.error = (message) -> if $.isPlainObject(message) && message.errors - for key, value of message.errors - element = $('form input[name="session['+key+']"]') + for field, error of message.errors + element = $('form input[name="session['+field+']"]') next unless element - element.trigger('element:validate:fail.ClientSideValidations', value).data('valid', false) + element.trigger('element:validate:fail.ClientSideValidations', error).data('valid', false) else alert(message) diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index 87f7921..6ac7a5b 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -7,8 +7,12 @@ module ControllerExtension::Authentication helper_method :current_user, :logged_in?, :admin? end - def authentication_error - warden.winning_strategy.try(:message) + def authentication_errors + return unless errors = warden.winning_strategy.try(:message) + errors.inject({}) do |translated,err| + translated[err.first] = I18n.t(err.last) + translated + end end def logged_in? diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 32d1ddc..bc910b5 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -4,7 +4,8 @@ class SessionsController < ApplicationController def new @session = Session.new - if @errors = authentication_error + if authentication_errors + @errors = authentication_errors render :status => 422 end end diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml index 172b85f..be3f28e 100644 --- a/users/config/locales/en.yml +++ b/users/config/locales/en.yml @@ -4,3 +4,5 @@ en: cancel: "Cancel" login: "Login" login_message: "Please login with your account." + wrong_password: "wrong password" + user_not_found: "could not be found" diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb index 8266e2d..95570e0 100644 --- a/users/lib/warden/strategies/secure_remote_password.rb +++ b/users/lib/warden/strategies/secure_remote_password.rb @@ -26,7 +26,7 @@ module Warden def validate! user = session[:handshake].authenticate(params['client_auth'].hex) - user ? success!(user) : fail!(:password => "Could not log in") + user ? success!(user) : fail!(:password => "wrong_password") end def initialize! @@ -34,7 +34,7 @@ module Warden session[:handshake] = user.initialize_auth(params['A'].hex) custom! json_response(session[:handshake]) rescue RECORD_NOT_FOUND - fail! :login => "User not found!" + fail! :login => "user_not_found" end def json_response(object) -- cgit v1.2.3 From ec87ccfa185a4c063386d385de7af15f993b77d8 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 16:22:18 +0100 Subject: fixed tests --- users/app/models/user.rb | 2 +- users/test/functional/sessions_controller_test.rb | 9 +++--- users/test/integration/api/account_flow_test.rb | 39 ++++++++++++----------- 3 files changed, 26 insertions(+), 24 deletions(-) diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 824c439..507eda5 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -36,7 +36,7 @@ class User < CouchRest::Model::Base # valid set of attributes for testing def valid_attributes_hash { :login => "me", - :password_verifier => "1234ABC", + :password_verifier => "1234ABCD", :password_salt => "4321AB" } end diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb index 8f2d95c..93cc032 100644 --- a/users/test/functional/sessions_controller_test.rb +++ b/users/test/functional/sessions_controller_test.rb @@ -26,11 +26,12 @@ class SessionsControllerTest < ActionController::TestCase end test "renders warden errors" do - strategy = stub :message => "Warden auth did not work" - request.env['warden'].expects(:winning_strategy).returns(strategy) + strategy = stub :message => {:field => :translate_me} + request.env['warden'].stubs(:winning_strategy).returns(strategy) + I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub") get :new, :format => :json - assert_response :success - assert_json_response :errors => strategy.message + assert_response 422 + assert_json_response :errors => {"field" => "translation stub"} end # Warden takes care of parsing the params and diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb index c9a7109..4135485 100644 --- a/users/test/integration/api/account_flow_test.rb +++ b/users/test/integration/api/account_flow_test.rb @@ -16,24 +16,6 @@ class AccountFlowTest < ActiveSupport::TestCase Warden.test_reset! end - # this test wraps the api and implements the interface the ruby-srp client. - def handshake(login, aa) - post "/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json - assert last_response.successful? - response = JSON.parse(last_response.body) - if response['errors'] - raise RECORD_NOT_FOUND.new(response['errors']) - else - return response['B'].hex - end - end - - def validate(m) - put "/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json - assert last_response.successful? - return JSON.parse(last_response.body) - end - def setup @login = "integration_test_user" User.find_by_login(@login).tap{|u| u.destroy if u} @@ -52,6 +34,22 @@ class AccountFlowTest < ActiveSupport::TestCase @user.destroy if @user # make sure we can run this test again end + # this test wraps the api and implements the interface the ruby-srp client. + def handshake(login, aa) + post "/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json + response = JSON.parse(last_response.body) + if response['errors'] + raise RECORD_NOT_FOUND.new(response['errors']) + else + return response['B'].hex + end + end + + def validate(m) + put "/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json + return JSON.parse(last_response.body) + end + test "signup response" do assert_json_response :login => @login, :ok => true assert last_response.successful? @@ -59,6 +57,7 @@ class AccountFlowTest < ActiveSupport::TestCase test "signup and login with srp via api" do server_auth = @srp.authenticate(self) + assert last_response.successful? assert_nil server_auth["errors"] assert server_auth["M2"] end @@ -66,7 +65,8 @@ class AccountFlowTest < ActiveSupport::TestCase test "signup and wrong password login attempt" do srp = SRP::Client.new(@login, "wrong password") server_auth = srp.authenticate(self) - assert_equal "Could not log in", server_auth["errors"]['password'] + assert !last_response.successful? + assert_equal "wrong password", server_auth["errors"]['password'] assert_nil server_auth["M2"] end @@ -76,6 +76,7 @@ class AccountFlowTest < ActiveSupport::TestCase assert_raises RECORD_NOT_FOUND do server_auth = srp.authenticate(self) end + assert !last_response.successful? assert_nil server_auth end -- cgit v1.2.3 From ddd53a0841cb2af091e1ed3a6e69e9fc52977c08 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 16:25:58 +0100 Subject: ship config file so CI can test --- .gitignore | 3 --- config/config.yml | 8 ++++++++ 2 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 config/config.yml diff --git a/.gitignore b/.gitignore index fc7039e..a3f0974 100644 --- a/.gitignore +++ b/.gitignore @@ -21,6 +21,3 @@ Gemfile.lock */Gemfile.lock test/dummy/log/* test/dummy/tmp/* - -# Ignore configuration file. -config/config.yml diff --git a/config/config.yml b/config/config.yml new file mode 100644 index 0000000..c34dd10 --- /dev/null +++ b/config/config.yml @@ -0,0 +1,8 @@ +development: + admins: [admin, admin2] + +test: + admins: [admin, admin2] + +production: + admins: [] -- cgit v1.2.3 From 33c124aa67788d5c64906f7b3e21ad383577b2a8 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 17:31:18 +0100 Subject: basic user edit form and actions --- users/app/controllers/users_controller.rb | 10 ++++++++++ users/app/views/sessions/_nav.html.haml | 2 +- users/app/views/users/_form.html.haml | 8 ++++++++ users/app/views/users/edit.html.haml | 3 +++ users/app/views/users/new.html.haml | 8 +------- users/config/routes.rb | 2 +- 6 files changed, 24 insertions(+), 9 deletions(-) create mode 100644 users/app/views/users/_form.html.haml create mode 100644 users/app/views/users/edit.html.haml diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 82d2eac..46ecc32 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -15,4 +15,14 @@ class UsersController < ApplicationController @user = e.document respond_with(@user, :location => new_user_path) end + + def edit + @user = current_user + end + + def update + @user = current_user + @user.update!(params[:user]) + respond_with(@user, :location => edit_user_path(@user)) + end end diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml index b738504..dab865e 100644 --- a/users/app/views/sessions/_nav.html.haml +++ b/users/app/views/sessions/_nav.html.haml @@ -1,6 +1,6 @@ - if logged_in? %li - = 'logged in as ' + current_user.login + = link_to current_user.login, edit_user_path(current_user) %li = link_to t(:logout), logout_path - if admin? diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml new file mode 100644 index 0000000..8914241 --- /dev/null +++ b/users/app/views/users/_form.html.haml @@ -0,0 +1,8 @@ += simple_form_for @user, :validate => true, :html => {:class => 'form-horizontal'} do |f| + %legend + = @user.new_record? ? t(:signup_message) : t(:edit_settings) + = f.input :login, :input_html => { :id => :srp_username } + = f.input :password, :required => true, :validate => true, :input_html => { :id => :srp_password } + = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation } + = f.button :submit, :class => 'btn-primary' + = link_to t(:cancel), root_url, :class => :btn diff --git a/users/app/views/users/edit.html.haml b/users/app/views/users/edit.html.haml new file mode 100644 index 0000000..8298443 --- /dev/null +++ b/users/app/views/users/edit.html.haml @@ -0,0 +1,3 @@ +.span8.offset2 + %h2=t :settings + = render 'form' diff --git a/users/app/views/users/new.html.haml b/users/app/views/users/new.html.haml index be14c52..c1c4208 100644 --- a/users/app/views/users/new.html.haml +++ b/users/app/views/users/new.html.haml @@ -1,9 +1,3 @@ .span8.offset2 %h2=t :signup - = simple_form_for @user, :validate => true, :html => {:class => 'form-horizontal'} do |f| - %legend=t :signup_message - = f.input :login, :input_html => { :id => :srp_username } - = f.input :password, :required => true, :validate => true, :input_html => { :id => :srp_password } - = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation } - = f.button :submit, :value => t(:signup), :class => 'btn-primary' - = link_to t(:cancel), root_url, :class => :btn + = render 'form' diff --git a/users/config/routes.rb b/users/config/routes.rb index 522c40c..1d144b4 100644 --- a/users/config/routes.rb +++ b/users/config/routes.rb @@ -5,6 +5,6 @@ Rails.application.routes.draw do resources :sessions, :only => [:new, :create, :update, :destroy] get "signup" => "users#new", :as => "signup" - resources :users, :only => [:new, :create] + resources :users end -- cgit v1.2.3 From 3ce5a25afef3b938c2bbbe8ce481f2af9e0c24dc Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 23 Nov 2012 10:24:46 +0100 Subject: test editing user settings --- users/app/controllers/users_controller.rb | 2 +- users/test/functional/users_controller_test.rb | 31 ++++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 46ecc32..ecab53b 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -22,7 +22,7 @@ class UsersController < ApplicationController def update @user = current_user - @user.update!(params[:user]) + @user.update(params[:user]) respond_with(@user, :location => edit_user_path(@user)) end end diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index 1cb28a6..feae2dd 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -30,4 +30,35 @@ class UsersControllerTest < ActionController::TestCase assert_redirected_to new_user_path end + test "should get edit view" do + params = User.valid_attributes_hash + user = stub params.merge(:id => 123, :class => User, :to_key => ['123'], :new_record? => false, :persisted? => :true) + login user + get :edit, :id => user.id + assert_equal user, assigns[:user] + end + + test "should process updated params" do + params = User.valid_attributes_hash + user = stub params.merge(:id => 123) + params.stringify_keys! + user.expects(:update).with(params).returns(user) + login user + post :update, :user => params, :id => user.id + assert_equal user, assigns[:user] + assert_response :redirect + assert_redirected_to edit_user_path(user) + end + + test "should validate updated params" do + params = User.valid_attributes_hash + user = stub params.merge(:id => 123) + params.stringify_keys! + user.expects(:update).with(params).returns(user) + login user + post :update, :user => params, :id => user.id + assert_equal user, assigns[:user] + end + + end -- cgit v1.2.3 From 46c0140a8eab632c783d309a7afd87cb7aad4280 Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 23 Nov 2012 10:55:49 +0100 Subject: refactored creation of record stubs --- users/test/functional/users_controller_test.rb | 33 +++++++------------------- users/test/support/auth_test_helper.rb | 3 +++ users/test/support/stub_record_helper.rb | 18 ++++++++++++++ 3 files changed, 30 insertions(+), 24 deletions(-) create mode 100644 users/test/support/stub_record_helper.rb diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index feae2dd..4318928 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -1,6 +1,8 @@ require 'test_helper' class UsersControllerTest < ActionController::TestCase + include StubRecordHelper + test "should get new" do get :new assert_equal User, assigns(:user).class @@ -8,11 +10,9 @@ class UsersControllerTest < ActionController::TestCase end test "should create new user" do - params = User.valid_attributes_hash - user = stub params.merge(:id => 123) - params.stringify_keys! - User.expects(:create!).with(params).returns(user) - post :create, :user => params + user = stub_record User + User.expects(:create!).with(user.params).returns(user) + post :create, :user => user.params assert_nil session[:user_id] assert_response :redirect assert_redirected_to root_url @@ -31,34 +31,19 @@ class UsersControllerTest < ActionController::TestCase end test "should get edit view" do - params = User.valid_attributes_hash - user = stub params.merge(:id => 123, :class => User, :to_key => ['123'], :new_record? => false, :persisted? => :true) + user = stub_record User login user get :edit, :id => user.id assert_equal user, assigns[:user] end test "should process updated params" do - params = User.valid_attributes_hash - user = stub params.merge(:id => 123) - params.stringify_keys! - user.expects(:update).with(params).returns(user) + user = stub_record User + user.expects(:update).with(user.params).returns(user) login user - post :update, :user => params, :id => user.id + post :update, :user => user.params, :id => user.id assert_equal user, assigns[:user] assert_response :redirect assert_redirected_to edit_user_path(user) end - - test "should validate updated params" do - params = User.valid_attributes_hash - user = stub params.merge(:id => 123) - params.stringify_keys! - user.expects(:update).with(params).returns(user) - login user - post :update, :user => params, :id => user.id - assert_equal user, assigns[:user] - end - - end diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb index f211597..0b73f5f 100644 --- a/users/test/support/auth_test_helper.rb +++ b/users/test/support/auth_test_helper.rb @@ -11,6 +11,9 @@ module AuthTestHelper def login(user = nil) @current_user = user || stub + unless @current_user.respond_to? :is_admin? + @current_user.stubs(:is_admin?).returns(false) + end request.env['warden'] = stub :user => @current_user return @current_user end diff --git a/users/test/support/stub_record_helper.rb b/users/test/support/stub_record_helper.rb new file mode 100644 index 0000000..95b9d63 --- /dev/null +++ b/users/test/support/stub_record_helper.rb @@ -0,0 +1,18 @@ +module StubRecordHelper + + # Create a stub that has the usual functions of a database record. + # It won't fail on rendering a form for example. + def stub_record(klass, params = {}, persisted = true) + if klass.respond_to?(:valid_attributes_hash) + params.reverse_merge!(klass.valid_attributes_hash) + end + params[:params] = params.stringify_keys + params.reverse_merge! :id => 123, + :class => klass, + :to_key => ['123'], + :new_record? => !persisted, + :persisted? => persisted + stub params + end + +end -- cgit v1.2.3 From ee3c9146e4bbe93ec1f00ee45386a82ec4363c4d Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 23 Nov 2012 12:11:11 +0100 Subject: identify user by id so rerendering the form does not use new invalid login --- users/app/controllers/users_controller.rb | 15 +++++++++++---- users/app/models/user.rb | 8 ++------ users/lib/warden/strategies/secure_remote_password.rb | 2 +- users/test/functional/users_controller_test.rb | 4 +++- users/test/unit/user_test.rb | 8 ++++---- 5 files changed, 21 insertions(+), 16 deletions(-) diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index ecab53b..3913d0d 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -1,6 +1,8 @@ class UsersController < ApplicationController - skip_before_filter :verify_authenticity_token + skip_before_filter :verify_authenticity_token, :only => [:create] + + before_filter :fetch_user, :only => [:edit, :update] respond_to :json, :html @@ -17,12 +19,17 @@ class UsersController < ApplicationController end def edit - @user = current_user end def update - @user = current_user - @user.update(params[:user]) + @user.update_attributes(params[:user]) respond_with(@user, :location => edit_user_path(@user)) end + + protected + + def fetch_user + @user = User.find_by_param(params[:id]) + access_denied unless @user == current_user + end end diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 507eda5..624754b 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -29,9 +29,7 @@ class User < CouchRest::Model::Base end class << self - def find_by_param(login) - return find_by_login(login) || raise(RECORD_NOT_FOUND) - end + alias_method :find_by_param, :find # valid set of attributes for testing def valid_attributes_hash @@ -42,9 +40,7 @@ class User < CouchRest::Model::Base end - def to_param - self.login - end + alias_method :to_param, :id def to_json(options={}) { diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb index 95570e0..953e2e9 100644 --- a/users/lib/warden/strategies/secure_remote_password.rb +++ b/users/lib/warden/strategies/secure_remote_password.rb @@ -30,7 +30,7 @@ module Warden end def initialize! - user = User.find_by_param(id) + user = User.find_by_login(id) session[:handshake] = user.initialize_auth(params['A'].hex) custom! json_response(session[:handshake]) rescue RECORD_NOT_FOUND diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index 4318928..e39869f 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -32,6 +32,7 @@ class UsersControllerTest < ActionController::TestCase test "should get edit view" do user = stub_record User + User.expects(:find_by_param).with(user.id.to_s).returns(user) login user get :edit, :id => user.id assert_equal user, assigns[:user] @@ -39,7 +40,8 @@ class UsersControllerTest < ActionController::TestCase test "should process updated params" do user = stub_record User - user.expects(:update).with(user.params).returns(user) + user.expects(:update_attributes).with(user.params).returns(true) + User.expects(:find_by_param).with(user.id.to_s).returns(user) login user post :update, :user => user.params, :id => user.id assert_equal user, assigns[:user] diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb index f057ca7..92c1463 100644 --- a/users/test/unit/user_test.rb +++ b/users/test/unit/user_test.rb @@ -23,14 +23,14 @@ class UserTest < ActiveSupport::TestCase assert !@user.valid? end - test "find_by_param gets User by login" do + test "find_by_param gets User by id" do @user.save - assert_equal @user, User.find_by_param(@user.login) + assert_equal @user, User.find_by_param(@user.id) @user.destroy end - test "to_param gives user login" do - assert_equal @user.login, @user.to_param + test "to_param gives user id" do + assert_equal @user.id, @user.to_param end test "verifier returns number for the hex in password_verifier" do -- cgit v1.2.3 From 76a3b91ad78d12ef82a0c01ca702720a510f1e22 Mon Sep 17 00:00:00 2001 From: Azul Date: Sun, 25 Nov 2012 13:21:23 +0100 Subject: basic changing of password and login working --- users/app/assets/javascripts/srp | 2 +- users/app/assets/javascripts/users.js.coffee | 36 ++++++---------------------- users/app/views/users/_form.html.haml | 3 ++- 3 files changed, 10 insertions(+), 31 deletions(-) diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp index 076d6e2..fff770a 160000 --- a/users/app/assets/javascripts/srp +++ b/users/app/assets/javascripts/srp @@ -1 +1 @@ -Subproject commit 076d6e251e4caf826787d87b11434e535960455c +Subproject commit fff770a866b44abce6fe0fc5d5ffde034225436d diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee index d0ec32f..5663161 100644 --- a/users/app/assets/javascripts/users.js.coffee +++ b/users/app/assets/javascripts/users.js.coffee @@ -1,40 +1,17 @@ preventDefault = (event) -> event.preventDefault() -validOrAbort = (event) -> - errors = {} - - abortIfErrors = -> - return if $.isEmptyObject(errors) - # we're relying on client_side_validations here instead of printing - # our own errors. This gets us translatable error messages. - $('.control-group.error input, .control-group.error select, control-group.error textarea').first().focus() - event.stopImmediatePropagation() - - validatePassword = -> - password = $('#srp_password').val() - confirmation = $('#srp_password_confirmation').val() - login = $('#srp_username').val() - - if password != confirmation - errors.password_confirmation = "Confirmation does not match!" - if password == login - errors.password = "Password and Login may not match!" - if password.length < 8 - errors.password = "Password needs to be at least 8 characters long!" - - validatePassword() - abortIfErrors() - - - srp.session = new srp.Session() srp.signedUp = -> - window.location = '/' + srp.login srp.loggedIn = -> window.location = '/' +#// TODO: not sure this is what we want. +srp.updated = -> + window.location = '/' + srp.error = (message) -> if $.isPlainObject(message) && message.errors for field, error of message.errors @@ -46,8 +23,9 @@ srp.error = (message) -> $(document).ready -> $('#new_user').submit preventDefault - $('#new_user').submit validOrAbort $('#new_user').submit srp.signup $('#new_session').submit preventDefault $('#new_session').submit srp.login + $('.user.form.edit').submit srp.update + $('.user.form.edit').submit preventDefault diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml index 8914241..d26d17d 100644 --- a/users/app/views/users/_form.html.haml +++ b/users/app/views/users/_form.html.haml @@ -1,4 +1,5 @@ -= simple_form_for @user, :validate => true, :html => {:class => 'form-horizontal'} do |f| +- html = {:class => 'form-horizontal user form ' + (@user.new_record? ? 'new' : 'edit')} += simple_form_for @user, :validate => true, :html => html do |f| %legend = @user.new_record? ? t(:signup_message) : t(:edit_settings) = f.input :login, :input_html => { :id => :srp_username } -- cgit v1.2.3 From ce0999ead0d61db1f6534ee9d8114c4551542e80 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 Nov 2012 10:59:50 +0100 Subject: minor: client side validations fixed + .json request --- config/initializers/client_side_validations.rb | 2 +- users/app/assets/javascripts/users.js.coffee | 2 +- users/app/models/user.rb | 8 +++++++- users/app/views/users/_form.html.haml | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/config/initializers/client_side_validations.rb b/config/initializers/client_side_validations.rb index 2c73fa3..252aded 100644 --- a/config/initializers/client_side_validations.rb +++ b/config/initializers/client_side_validations.rb @@ -1,7 +1,7 @@ # ClientSideValidations Initializer # Uncomment to disable uniqueness validator, possible security issue -# ClientSideValidations::Config.disabled_validators = [:uniqueness] +ClientSideValidations::Config.disabled_validators = [:uniqueness] # Uncomment the following block if you want each input field to have the validation messages attached. ActionView::Base.field_error_proc = Proc.new do |html_tag, instance| diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee index 5663161..f0bb3dd 100644 --- a/users/app/assets/javascripts/users.js.coffee +++ b/users/app/assets/javascripts/users.js.coffee @@ -15,7 +15,7 @@ srp.updated = -> srp.error = (message) -> if $.isPlainObject(message) && message.errors for field, error of message.errors - element = $('form input[name="session['+field+']"]') + element = $('form input[name$="['+field+']"]') next unless element element.trigger('element:validate:fail.ClientSideValidations', error).data('valid', false) else diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 624754b..39d079a 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -9,7 +9,8 @@ class User < CouchRest::Model::Base :presence => true validates :login, - :uniqueness => true + :uniqueness => true, + :if => :serverside? validates :login, :format => { :with => /\A[A-Za-z\d_]+\z/, @@ -74,4 +75,9 @@ class User < CouchRest::Model::Base def password password_verifier end + + # used as a condition for validations that are server side only + def serverside? + true + end end diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml index d26d17d..fc835af 100644 --- a/users/app/views/users/_form.html.haml +++ b/users/app/views/users/_form.html.haml @@ -1,5 +1,5 @@ - html = {:class => 'form-horizontal user form ' + (@user.new_record? ? 'new' : 'edit')} -= simple_form_for @user, :validate => true, :html => html do |f| += simple_form_for @user, :validate => true, :format => :json, :html => html do |f| %legend = @user.new_record? ? t(:signup_message) : t(:edit_settings) = f.input :login, :input_html => { :id => :srp_username } -- cgit v1.2.3 From 595518684b9c4364f96c97a84cc481b5ae0da981 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 Nov 2012 11:54:11 +0100 Subject: simplified controller and adjusted tests Also added #assert_json_error to tests. --- core/lib/extensions/testing.rb | 12 +++++++++-- users/app/controllers/users_controller.rb | 9 +++----- users/test/functional/sessions_controller_test.rb | 4 ++-- users/test/functional/users_controller_test.rb | 25 +++++++++++----------- users/test/support/stub_record_helper.rb | 1 + users/test/unit/user_test.rb | 1 + .../warden_strategy_secure_remote_password_test.rb | 4 ++-- 7 files changed, 31 insertions(+), 25 deletions(-) diff --git a/core/lib/extensions/testing.rb b/core/lib/extensions/testing.rb index 86a059f..925c023 100644 --- a/core/lib/extensions/testing.rb +++ b/core/lib/extensions/testing.rb @@ -15,10 +15,18 @@ module LeapWebCore end def assert_json_response(object) - object.stringify_keys! if object.respond_to? :stringify_keys! - assert_equal object, JSON.parse(get_response.body) + if object.is_a? Hash + object.stringify_keys! if object.respond_to? :stringify_keys! + assert_equal object, JSON.parse(get_response.body) + else + assert_equal object.to_json, get_response.body + end end + def assert_json_error(object) + object.stringify_keys! if object.respond_to? :stringify_keys! + assert_json_response :errors => object + end end end diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 3913d0d..5be1fa9 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -11,11 +11,8 @@ class UsersController < ApplicationController end def create - @user = User.create!(params[:user]) - respond_with(@user, :location => root_url, :notice => "Signed up!") - rescue VALIDATION_FAILED => e - @user = e.document - respond_with(@user, :location => new_user_path) + @user = User.create(params[:user]) + respond_with @user end def edit @@ -23,7 +20,7 @@ class UsersController < ApplicationController def update @user.update_attributes(params[:user]) - respond_with(@user, :location => edit_user_path(@user)) + respond_with @user end protected diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb index 93cc032..9df4455 100644 --- a/users/test/functional/sessions_controller_test.rb +++ b/users/test/functional/sessions_controller_test.rb @@ -22,7 +22,7 @@ class SessionsControllerTest < ActionController::TestCase request.env['warden'].expects(:winning_strategy) get :new, :format => :json assert_response :success - assert_json_response :errors => nil + assert_json_error nil end test "renders warden errors" do @@ -31,7 +31,7 @@ class SessionsControllerTest < ActionController::TestCase I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub") get :new, :format => :json assert_response 422 - assert_json_response :errors => {"field" => "translation stub"} + assert_json_error :field => "translation stub" end # Warden takes care of parsing the params and diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index e39869f..ced8ee9 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -11,23 +11,22 @@ class UsersControllerTest < ActionController::TestCase test "should create new user" do user = stub_record User - User.expects(:create!).with(user.params).returns(user) - post :create, :user => user.params + User.expects(:create).with(user.params).returns(user) + post :create, :user => user.params, :format => :json assert_nil session[:user_id] - assert_response :redirect - assert_redirected_to root_url + assert_json_response user + assert_response :success end test "should redirect to signup form on failed attempt" do params = User.valid_attributes_hash.slice(:login) user = User.new(params) params.stringify_keys! - User.expects(:create!).with(params).raises(VALIDATION_FAILED.new(user)) - post :create, :user => params - assert_nil session[:user_id] - assert_equal user, assigns[:user] - assert_response :redirect - assert_redirected_to new_user_path + assert !user.valid? + User.expects(:create).with(params).returns(user) + post :create, :user => params, :format => :json + assert_json_error user.errors.messages + assert_response 422 end test "should get edit view" do @@ -43,9 +42,9 @@ class UsersControllerTest < ActionController::TestCase user.expects(:update_attributes).with(user.params).returns(true) User.expects(:find_by_param).with(user.id.to_s).returns(user) login user - post :update, :user => user.params, :id => user.id + put :update, :user => user.params, :id => user.id, :format => :json assert_equal user, assigns[:user] - assert_response :redirect - assert_redirected_to edit_user_path(user) + assert_equal " ", @response.body + assert_response 204 end end diff --git a/users/test/support/stub_record_helper.rb b/users/test/support/stub_record_helper.rb index 95b9d63..e744ad7 100644 --- a/users/test/support/stub_record_helper.rb +++ b/users/test/support/stub_record_helper.rb @@ -10,6 +10,7 @@ module StubRecordHelper params.reverse_merge! :id => 123, :class => klass, :to_key => ['123'], + :to_json => %Q({"stub":"#{klass.name}"}), :new_record? => !persisted, :persisted? => persisted stub params diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb index 92c1463..cce11c2 100644 --- a/users/test/unit/user_test.rb +++ b/users/test/unit/user_test.rb @@ -5,6 +5,7 @@ class UserTest < ActiveSupport::TestCase include SRP::Util setup do @attribs = User.valid_attributes_hash + User.find_by_login(@attribs[:login]).try(:destroy) @user = User.new(@attribs) end diff --git a/users/test/unit/warden_strategy_secure_remote_password_test.rb b/users/test/unit/warden_strategy_secure_remote_password_test.rb index 79480f0..319809a 100644 --- a/users/test/unit/warden_strategy_secure_remote_password_test.rb +++ b/users/test/unit/warden_strategy_secure_remote_password_test.rb @@ -32,7 +32,7 @@ class WardenStrategySecureRemotePasswordTest < ActiveSupport::TestCase User.expects(:find_by_param).with(unknown).raises(RECORD_NOT_FOUND) post :create, :login => unknown assert_response :success - assert_json_response :errors => {"login" => ["unknown user"]} + assert_json_error "login" => ["unknown user"] end test "should authorize" do @@ -56,7 +56,7 @@ class WardenStrategySecureRemotePasswordTest < ActiveSupport::TestCase post :update, :id => @user.login, :client_auth => @client_hex assert_nil session[:handshake] assert_nil session[:user_id] - assert_json_response :errors => {"password" => ["wrong password"]} + assert_json_error "password" => ["wrong password"] end =end -- cgit v1.2.3 From cdda8f095d49cdda94c3527ecb92cb15c300327b Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 Nov 2012 12:15:54 +0100 Subject: fixed login error message on wrong username --- users/lib/warden/strategies/secure_remote_password.rb | 11 ++++++----- users/test/integration/api/account_flow_test.rb | 3 ++- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb index 953e2e9..594e27e 100644 --- a/users/lib/warden/strategies/secure_remote_password.rb +++ b/users/lib/warden/strategies/secure_remote_password.rb @@ -30,11 +30,12 @@ module Warden end def initialize! - user = User.find_by_login(id) - session[:handshake] = user.initialize_auth(params['A'].hex) - custom! json_response(session[:handshake]) - rescue RECORD_NOT_FOUND - fail! :login => "user_not_found" + if user = User.find_by_login(id) + session[:handshake] = user.initialize_auth(params['A'].hex) + custom! json_response(session[:handshake]) + else + fail! :login => "user_not_found" + end end def json_response(object) diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb index 4135485..add12fe 100644 --- a/users/test/integration/api/account_flow_test.rb +++ b/users/test/integration/api/account_flow_test.rb @@ -65,8 +65,8 @@ class AccountFlowTest < ActiveSupport::TestCase test "signup and wrong password login attempt" do srp = SRP::Client.new(@login, "wrong password") server_auth = srp.authenticate(self) + assert_json_error :password => "wrong password" assert !last_response.successful? - assert_equal "wrong password", server_auth["errors"]['password'] assert_nil server_auth["M2"] end @@ -76,6 +76,7 @@ class AccountFlowTest < ActiveSupport::TestCase assert_raises RECORD_NOT_FOUND do server_auth = srp.authenticate(self) end + assert_json_error :login => "could not be found" assert !last_response.successful? assert_nil server_auth end -- cgit v1.2.3 From bf74255d1530fe5852dc6e6c27ef975ce9aa8d3c Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 Nov 2012 14:32:50 +0100 Subject: added admin menu and user index action --- users/app/controllers/users_controller.rb | 5 +++++ users/app/views/sessions/_admin_nav.html.haml | 6 ++++++ users/app/views/sessions/_nav.html.haml | 6 +++--- users/app/views/users/index.html.haml | 1 + users/config/locales/en.yml | 6 ++++++ 5 files changed, 21 insertions(+), 3 deletions(-) create mode 100644 users/app/views/sessions/_admin_nav.html.haml create mode 100644 users/app/views/users/index.html.haml diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 5be1fa9..4912ac8 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -3,9 +3,14 @@ class UsersController < ApplicationController skip_before_filter :verify_authenticity_token, :only => [:create] before_filter :fetch_user, :only => [:edit, :update] + before_filter :authorize_admin, :only => [:index] respond_to :json, :html + def index + @users = User.all + end + def new @user = User.new end diff --git a/users/app/views/sessions/_admin_nav.html.haml b/users/app/views/sessions/_admin_nav.html.haml new file mode 100644 index 0000000..14dfbdc --- /dev/null +++ b/users/app/views/sessions/_admin_nav.html.haml @@ -0,0 +1,6 @@ +%a#admin-menu{"data-toggle" => "dropdown", :role => :button} + Admin +%ul.dropdown-menu{:role => "menu", "aria-labelledby" => "admin-menu"} + %li + = link_to Ticket.model_name.human(:count => ""), tickets_path, {:tabindex => -1} + = link_to User.model_name.human(:count => ""), users_path, {:tabindex => -1} diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml index dab865e..5306d0e 100644 --- a/users/app/views/sessions/_nav.html.haml +++ b/users/app/views/sessions/_nav.html.haml @@ -1,11 +1,11 @@ - if logged_in? + - if admin? + %li.dropdown + = render 'sessions/admin_nav' %li = link_to current_user.login, edit_user_path(current_user) %li = link_to t(:logout), logout_path - - if admin? - %li - = 'ADMIN' # obviously not like this - else %li = link_to t(:login), login_path diff --git a/users/app/views/users/index.html.haml b/users/app/views/users/index.html.haml new file mode 100644 index 0000000..7db6038 --- /dev/null +++ b/users/app/views/users/index.html.haml @@ -0,0 +1 @@ +%h1= User.model_name.human(:count =>@users.count) diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml index be3f28e..1260494 100644 --- a/users/config/locales/en.yml +++ b/users/config/locales/en.yml @@ -6,3 +6,9 @@ en: login_message: "Please login with your account." wrong_password: "wrong password" user_not_found: "could not be found" + + activemodel: + models: + user: + one: User + other: "%{count} Users" -- cgit v1.2.3