Skip to content
This repository has been archived by the owner on Oct 24, 2022. It is now read-only.

Authentication and First Draft of Authorization #152

Merged
merged 3 commits into from
Apr 7, 2015
Merged

Authentication and First Draft of Authorization #152

merged 3 commits into from
Apr 7, 2015

Conversation

JPrevost
Copy link
Member

@JPrevost JPrevost commented Apr 3, 2015

  • Unit tests for User (user model tweaked a bit)
  • Authentication not tested: this is tricky and I'll get back to it (we confirm the redirect happens, but not that the values coming back are all handled) closes User Authentication #127
  • Switch browser tests to use H2. They were still using Postgres which ran into problems for me locally.
  • Initial authorization / roles testing (tests just Analyst role for now which is
    all that exists so far) See User Authorization (aka roles) #128
  • Some IntegrationSpec tests had to be pending-ed as they require a logged in Analyst. ApplicationSpec can handle a lot of this though and it's easy to fake
    a Session with that type of Spec. I'll get back to this.

There's a lot more testing to be done, and definitely places where the code is really messy... but it's ready for some feedback / sanity checking.

@coveralls
Copy link

Coverage Status

Coverage decreased (-2.73%) to 22.43% when pulling 5aed2719a5196f46f5f5ef8435d9b07604f3500c on 127_oath2 into 2c89e4f on master.

@coveralls
Copy link

Coverage Status

Coverage increased (+0.52%) to 25.69% when pulling cd9411251d324506af639a025a1f3c9b3c46f7b6 on 127_oath2 into 2c89e4f on master.

@JPrevost
Barebones authentication / authorization
3459b98 
- Unit tests for User (user model tweaked a bit)
- Authentication not tested: this is tricky and I'll get back to it closes #127
- Switch browser tests to use H2. They were still using Postgres which ran into problems for me locally.
- Initial authorization / roles testing (tests just Analyst role for now which is
all that exists so far) See #128
- Some IntegrationSpec tests had to be pending-ed as they require a logged in Analyst. ApplicationSpec can handle a lot of this though and it's easy to fake
a Session with that type of Spec. I'll get back to this.
@JPrevost
Hack identity to work in Integration tests
2c40dc2 
Handles users with expected role, lacking role, and non signed in.
@JPrevost
Subscriber Dashboard Integration tests
d343228 
- subscriber dashboard
- handles users with multiple roles
- redirects to trouble page with notice for authenticated users lacking
required role
- moved integration tests to their own directory
@coveralls
Copy link

Coverage Status

Coverage increased (+1.82%) to 27.34% when pulling d343228 on 127_oath2 into 652dc26 on master.

@richardrodgers
Copy link
Collaborator

👍

JPrevost added a commit that referenced this pull request Apr 7, 2015
@JPrevost
Merge pull request #152 from MITLibraries/127_oath2
d1747d7 
Authentication and First Draft of Authorization
@JPrevost JPrevost merged commit d1747d7 into master Apr 7, 2015
@JPrevost JPrevost deleted the 127_oath2 branch April 7, 2015 14:19
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

User Authentication
3 participants
@JPrevost @coveralls @richardrodgers