From a6de1561461cc719fddd8175c93588a47513a4b8 Mon Sep 17 00:00:00 2001 From: jessib Date: Fri, 5 Oct 2012 15:41:03 -0700 Subject: Rough code to add & comment on tickets. --- users/app/models/user.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'users') diff --git a/users/app/models/user.rb b/users/app/models/user.rb index a6aab84..33c77ce 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -59,4 +59,8 @@ class User < CouchRest::Model::Base Thread.current[:user] = user end + def self.current_test + User.first + end + end -- cgit v1.2.3 From 8b9d5235faed6c15e8ef2e2dc76aec7f24d0bb50 Mon Sep 17 00:00:00 2001 From: jessib Date: Thu, 18 Oct 2012 13:42:37 -0700 Subject: Uses the working authentication code. --- users/app/models/user.rb | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'users') diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 8b7c0b3..29c0b38 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -63,15 +63,13 @@ class User < CouchRest::Model::Base login end +=begin def self.current Thread.current[:user] end def self.current=(user) Thread.current[:user] = user end - - def self.current_test - User.first - end +=end end -- cgit v1.2.3 From 3e0a1a47c0eafb7f9b79e5f2765ea33ce1ad159b Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 24 Oct 2012 20:35:52 +0200 Subject: basic admin controller methods and helpers + tests --- users/app/controllers/application_controller.rb | 22 +++++++++- .../test/functional/application_controller_test.rb | 44 ++++++++++++++++++++ users/test/functional/helper_methods_test.rb | 48 ++++++++++++++++++++++ users/test/support/auth_test_helper.rb | 7 ++++ users/test/test_helper.rb | 3 ++ 5 files changed, 122 insertions(+), 2 deletions(-) create mode 100644 users/test/functional/application_controller_test.rb create mode 100644 users/test/functional/helper_methods_test.rb create mode 100644 users/test/support/auth_test_helper.rb (limited to 'users') diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb index 64e1a55..0d6e5d1 100644 --- a/users/app/controllers/application_controller.rb +++ b/users/app/controllers/application_controller.rb @@ -1,14 +1,32 @@ class ApplicationController < ActionController::Base protect_from_forgery - private + protected def current_user @current_user ||= User.find(session[:user_id]) if session[:user_id] end helper_method :current_user + def logged_in? + !!current_user + end + helper_method :logged_in? + def authorize - redirect_to login_url, alert: "Not authorized" if current_user.nil? + access_denied unless logged_in? + end + + def admin? + current_user && current_user.is_admin? + end + helper_method :admin? + + def authorize_admin + access_denied unless admin? + end + + def access_denied + redirect_to login_url, :alert => "Not authorized" end end diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb new file mode 100644 index 0000000..d13a354 --- /dev/null +++ b/users/test/functional/application_controller_test.rb @@ -0,0 +1,44 @@ +require 'test_helper' + +class ApplicationControllerTest < ActionController::TestCase + + def setup + @user_id = stub + @user = stub + session[:user_id] = @user_id + # so we can test the effect on the response + @controller.response = @response + end + + def test_authorize_redirect + session[:user_id] = nil + @controller.send(:authorize) + assert_access_denied + end + + def test_current_user_with_caching + User.expects(:find).once.with(@user_id).returns(@user) + assert_equal @user, @controller.send(:current_user) + assert_equal @user, @controller.send(:current_user) # tests caching + end + + def test_authorized + User.expects(:find).once.with(@user_id).returns(@user) + @controller.send(:authorize) + end + + def test_admin + bool = stub + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(bool) + assert_equal bool, @controller.send(:admin?) + end + + def test_authorize_admin + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(false) + @controller.send(:authorize_admin) + assert_access_denied + end + +end diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb new file mode 100644 index 0000000..0d76f63 --- /dev/null +++ b/users/test/functional/helper_methods_test.rb @@ -0,0 +1,48 @@ +# +# Testing and documenting the helper methods available from +# ApplicationController +# + +require 'test_helper' + +class HelperMethodsTest < ActionController::TestCase + tests ApplicationController + + # we test them right in here... + include ApplicationController._helpers + + # they all reference the controller. + def controller + @controller + end + + def setup + @user_id = stub + @user = stub + session[:user_id] = @user_id + end + + def test_current_user_with_caching + User.expects(:find).once.with(@user_id).returns(@user) + assert_equal @user, current_user + assert_equal @user, current_user # tests caching + end + + def test_logged_in + User.expects(:find).once.with(@user_id).returns(@user) + assert logged_in? + end + + def test_logged_in + User.expects(:find).once.with(@user_id).returns(nil) + assert !logged_in? + end + + def test_admin + bool = stub + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(bool) + assert_equal bool, admin? + end + +end diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb new file mode 100644 index 0000000..c30421f --- /dev/null +++ b/users/test/support/auth_test_helper.rb @@ -0,0 +1,7 @@ +module AuthTestHelper + + def assert_access_denied + assert_equal({:alert => "Not authorized"}, flash.to_hash) + assert_redirected_to login_path + end +end diff --git a/users/test/test_helper.rb b/users/test/test_helper.rb index 08d4d41..ae6a35c 100644 --- a/users/test/test_helper.rb +++ b/users/test/test_helper.rb @@ -8,3 +8,6 @@ Rails.backtrace_cleaner.remove_silencers! # Load support files Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f } +class ActionController::TestCase + include AuthTestHelper +end -- cgit v1.2.3 From b724d53b36878c96d30676c22ee4e4369dcc37f8 Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 24 Oct 2012 20:41:30 +0200 Subject: Extraction of test support methods --- .../test/functional/application_controller_test.rb | 14 ++++++------- users/test/functional/helper_methods_test.rb | 16 +++++---------- users/test/support/auth_test_helper.rb | 24 +++++++++++++++++++--- 3 files changed, 32 insertions(+), 22 deletions(-) (limited to 'users') diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb index d13a354..4397e1d 100644 --- a/users/test/functional/application_controller_test.rb +++ b/users/test/functional/application_controller_test.rb @@ -3,39 +3,37 @@ require 'test_helper' class ApplicationControllerTest < ActionController::TestCase def setup - @user_id = stub - @user = stub - session[:user_id] = @user_id # so we can test the effect on the response @controller.response = @response end def test_authorize_redirect - session[:user_id] = nil + stub_logged_out @controller.send(:authorize) assert_access_denied end def test_current_user_with_caching - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in assert_equal @user, @controller.send(:current_user) assert_equal @user, @controller.send(:current_user) # tests caching end def test_authorized - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @controller.send(:authorize) + assert_access_denied(false) end def test_admin bool = stub - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @user.expects(:is_admin?).returns(bool) assert_equal bool, @controller.send(:admin?) end def test_authorize_admin - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @user.expects(:is_admin?).returns(false) @controller.send(:authorize_admin) assert_access_denied diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb index 0d76f63..c0eaf61 100644 --- a/users/test/functional/helper_methods_test.rb +++ b/users/test/functional/helper_methods_test.rb @@ -16,31 +16,25 @@ class HelperMethodsTest < ActionController::TestCase @controller end - def setup - @user_id = stub - @user = stub - session[:user_id] = @user_id - end - def test_current_user_with_caching - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in assert_equal @user, current_user assert_equal @user, current_user # tests caching end def test_logged_in - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in assert logged_in? end - def test_logged_in - User.expects(:find).once.with(@user_id).returns(nil) + def test_logged_out + stub_logged_out assert !logged_in? end def test_admin bool = stub - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @user.expects(:is_admin?).returns(bool) assert_equal bool, admin? end diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb index c30421f..d5d52b1 100644 --- a/users/test/support/auth_test_helper.rb +++ b/users/test/support/auth_test_helper.rb @@ -1,7 +1,25 @@ module AuthTestHelper - def assert_access_denied - assert_equal({:alert => "Not authorized"}, flash.to_hash) - assert_redirected_to login_path + def stub_logged_in + @user_id = stub + @user = stub + session[:user_id] = @user_id + User.expects(:find).once.with(@user_id).returns(@user) + return @user + end + + def stub_logged_out + @user_id = stub + session[:user_id] = @user_id + User.expects(:find).once.with(@user_id).returns(nil) + end + + def assert_access_denied(denied = true) + if denied + assert_equal({:alert => "Not authorized"}, flash.to_hash) + assert_redirected_to login_path + else + assert flash[:alert].blank? + end end end -- cgit v1.2.3 From 2c2a80812818362d0e0c416deefd4aee2787dd9e Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 24 Oct 2012 20:50:40 +0200 Subject: removing duplicate testing of helper_methods * once tested as helper * once tested as @controller.send... --- users/test/functional/application_controller_test.rb | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'users') diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb index 4397e1d..69bcb2f 100644 --- a/users/test/functional/application_controller_test.rb +++ b/users/test/functional/application_controller_test.rb @@ -13,25 +13,12 @@ class ApplicationControllerTest < ActionController::TestCase assert_access_denied end - def test_current_user_with_caching - @user = stub_logged_in - assert_equal @user, @controller.send(:current_user) - assert_equal @user, @controller.send(:current_user) # tests caching - end - def test_authorized @user = stub_logged_in @controller.send(:authorize) assert_access_denied(false) end - def test_admin - bool = stub - @user = stub_logged_in - @user.expects(:is_admin?).returns(bool) - assert_equal bool, @controller.send(:admin?) - end - def test_authorize_admin @user = stub_logged_in @user.expects(:is_admin?).returns(false) -- cgit v1.2.3 From a2a8caf577415ef51c0f99da43f9b47bde226fc6 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 29 Oct 2012 12:08:25 +0100 Subject: first steps at is_admin? --- users/app/models/user.rb | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'users') diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 1afb9db..9bbf169 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -63,11 +63,8 @@ class User < CouchRest::Model::Base login end - def self.current - Thread.current[:user] - end - def self.current=(user) - Thread.current[:user] = user + def is_admin? + APP_CONFIG['admins'].include? self.id end end -- cgit v1.2.3 From b7cf67590042eca10381a95f8b74070d7430dbdb Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 31 Oct 2012 10:40:03 +0100 Subject: user creation should send ok flag so js can start login --- users/app/models/user.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'users') diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 8b7c0b3..b57af98 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -44,7 +44,10 @@ class User < CouchRest::Model::Base end def to_json(options={}) - super(options.merge(:only => ['login', 'password_salt'])) + { + :login => login, + :ok => valid? + }.to_json(options) end def initialize_auth(aa) -- cgit v1.2.3 From 4b7333eec8eaf0c01227ade9d77a21f7a879ff0b Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 31 Oct 2012 17:39:06 +0100 Subject: using controller extensions for application controller by hand --- users/app/controllers/application_controller.rb | 14 -------------- .../controllers/controller_extension/authentication.rb | 17 +++++++++++++++++ users/config/initializers/add_controller_methods.rb | 3 +++ 3 files changed, 20 insertions(+), 14 deletions(-) delete mode 100644 users/app/controllers/application_controller.rb create mode 100644 users/app/controllers/controller_extension/authentication.rb create mode 100644 users/config/initializers/add_controller_methods.rb (limited to 'users') diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb deleted file mode 100644 index 64e1a55..0000000 --- a/users/app/controllers/application_controller.rb +++ /dev/null @@ -1,14 +0,0 @@ -class ApplicationController < ActionController::Base - protect_from_forgery - - private - - def current_user - @current_user ||= User.find(session[:user_id]) if session[:user_id] - end - helper_method :current_user - - def authorize - redirect_to login_url, alert: "Not authorized" if current_user.nil? - end -end diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb new file mode 100644 index 0000000..507b62f --- /dev/null +++ b/users/app/controllers/controller_extension/authentication.rb @@ -0,0 +1,17 @@ +module ControllerExtension::Authentication + extend ActiveSupport::Concern + + private + + included do + helper_method :current_user + end + + def current_user + @current_user ||= User.find(session[:user_id]) if session[:user_id] + end + + def authorize + redirect_to login_url, :alert => "Not authorized" if current_user.nil? + end +end diff --git a/users/config/initializers/add_controller_methods.rb b/users/config/initializers/add_controller_methods.rb new file mode 100644 index 0000000..2579176 --- /dev/null +++ b/users/config/initializers/add_controller_methods.rb @@ -0,0 +1,3 @@ +ActiveSupport.on_load(:application_controller) do + include ControllerExtension::Authentication +end -- cgit v1.2.3 From 6c60b179a09030da985462d15dbdf076367b5ea4 Mon Sep 17 00:00:00 2001 From: jessib Date: Wed, 31 Oct 2012 12:10:07 -0700 Subject: Code to check administration (and ugly test display.) This includes example config file. --- .../controller_extension/authentication.rb | 21 +++++++++++++++++++-- users/app/models/user.rb | 3 ++- users/app/views/sessions/_nav.html.haml | 5 ++++- 3 files changed, 25 insertions(+), 4 deletions(-) (limited to 'users') diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index 507b62f..c3342f3 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -4,14 +4,31 @@ module ControllerExtension::Authentication private included do - helper_method :current_user + helper_method :current_user, :logged_in?, :admin? end def current_user @current_user ||= User.find(session[:user_id]) if session[:user_id] end + def logged_in? + !!current_user + end + def authorize - redirect_to login_url, :alert => "Not authorized" if current_user.nil? + access_denied unless logged_in? end + + def access_denied + redirect_to login_url, :alert => "Not authorized" + end + + def admin? + current_user && current_user.is_admin? + end + + def authorize_admin + access_denied unless admin? + end + end diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 2b8ead7..0f5d650 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -66,8 +66,9 @@ class User < CouchRest::Model::Base login end + # Since we are storing admins by login, we cannot allow admins to change their login. def is_admin? - APP_CONFIG['admins'].include? self.id + APP_CONFIG['admins'].include? self.login end end diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml index a5397bd..204ba88 100644 --- a/users/app/views/sessions/_nav.html.haml +++ b/users/app/views/sessions/_nav.html.haml @@ -1,6 +1,9 @@ -- if current_user +- if logged_in? %li + = 'logged in as ' + current_user.login = link_to t(:logout), logout_path + - if admin? + = 'ADMIN' # obviously not like this - else %li = link_to t(:login), login_path -- cgit v1.2.3 From 5c6395d8b1a8c7cf540dae9fdd37f3e68554215c Mon Sep 17 00:00:00 2001 From: Azul Date: Sun, 4 Nov 2012 16:24:35 +0100 Subject: fixing tests, including support files from all engines --- users/test/integration/api/account_flow_test.rb | 2 +- users/test/support/auth_test_helper.rb | 4 ++++ users/test/test_helper.rb | 4 ---- users/test/unit/user_test.rb | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) (limited to 'users') diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb index 66de1e5..5800d46 100644 --- a/users/test/integration/api/account_flow_test.rb +++ b/users/test/integration/api/account_flow_test.rb @@ -39,7 +39,7 @@ class AccountFlowTest < ActionDispatch::IntegrationTest end test "signup response" do - assert_json_response @user_params.slice(:login, :password_salt) + assert_json_response :login => @login, :ok => true assert_response :success end diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb index d5d52b1..9412058 100644 --- a/users/test/support/auth_test_helper.rb +++ b/users/test/support/auth_test_helper.rb @@ -23,3 +23,7 @@ module AuthTestHelper end end end + +class ActionController::TestCase + include AuthTestHelper +end diff --git a/users/test/test_helper.rb b/users/test/test_helper.rb index ae6a35c..e8f0125 100644 --- a/users/test/test_helper.rb +++ b/users/test/test_helper.rb @@ -7,7 +7,3 @@ Rails.backtrace_cleaner.remove_silencers! # Load support files Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f } - -class ActionController::TestCase - include AuthTestHelper -end diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb index 822ef33..f057ca7 100644 --- a/users/test/unit/user_test.rb +++ b/users/test/unit/user_test.rb @@ -19,7 +19,7 @@ class UserTest < ActiveSupport::TestCase end test "test require alphanumerical for login" do - @user.login = "qwär" + @user.login = "qw#r" assert !@user.valid? end -- cgit v1.2.3 From 19008253d01fd6d7a864e98a7ae5dc216070aee1 Mon Sep 17 00:00:00 2001 From: Azul Date: Sun, 4 Nov 2012 16:28:58 +0100 Subject: using ruby-srp 0.1.4 - ruby 1.9.3 compatible --- users/leap_web_users.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'users') diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec index 6d35f63..dec5a71 100644 --- a/users/leap_web_users.gemspec +++ b/users/leap_web_users.gemspec @@ -17,5 +17,5 @@ Gem::Specification.new do |s| s.add_dependency "leap_web_core", LeapWeb::VERSION - s.add_dependency "ruby-srp", "~> 0.1.3" + s.add_dependency "ruby-srp", "~> 0.1.4" end -- cgit v1.2.3