Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

nuke consumers and have an api for managing auth

  • Loading branch information...
commit d8197524f4e0c603e95de088d9d59b7ce5d23420 1 parent befa1ee
@atmos authored
View
1  .gitignore
@@ -8,3 +8,4 @@ bin
vendor
*.gemspec
.bundle
+*.rbc
View
15 Gemfile
@@ -1,19 +1,8 @@
source :gemcutter
-do_version = '~>0.10.1'
-dm_version = '~>0.10.2'
-
group :runtime do
- gem 'dm-core', dm_version
- gem 'extlib', '~>0.9.14'
gem 'sinatra', '~>1.0'
gem 'haml', '~>3.0.0'
- gem 'do_sqlite3', do_version
- gem 'dm-validations', dm_version
- gem 'dm-timestamps', dm_version
- gem 'dm-aggregates', dm_version
- gem 'dm-migrations', dm_version
- gem 'dm-types', dm_version
gem 'ruby-openid', '~>2.1.7'
gem 'guid', '~>0.1.1'
gem 'rack-contrib', '~>0.9.2'
@@ -25,10 +14,8 @@ group :test do
gem 'webrat', '~>0.7.0'
gem 'rspec', '~>1.2.9', :require => 'spec'
gem 'rake'
- gem 'rcov'
+ gem 'addressable', :require => 'addressable/uri'
gem 'cucumber', '~>0.5.1'
- gem 'dm-sweatshop', dm_version
gem 'randexp'
gem 'ParseTree', :require => 'parse_tree'
- gem 'bundler', '~>0.9.24'
end
View
22 Rakefile
@@ -1,9 +1,9 @@
require 'rubygems'
-require 'bundler'
+require 'bundler/setup'
Bundler.setup(:runtime, :test)
+
require File.expand_path(File.join('..', 'lib', 'hancock'), __FILE__)
-Bundler.require(:test)
require 'rake/gempackagetask'
require 'rubygems/specification'
require 'date'
@@ -28,10 +28,11 @@ spec = Gem::Specification.new do |s|
s.email = EMAIL
s.homepage = HOMEPAGE
- bundle = Bundler::Definition.from_gemfile("Gemfile")
- bundle.dependencies.
- select { |d| d.groups.include?(:runtime) }.
- each { |d| s.add_dependency(d.name, d.version_requirements.to_s) }
+ bundle = Bundler::Definition.build('Gemfile', 'Gemfile.lock', { })
+ bundle.dependencies.each do |dep|
+ next unless dep.groups.include?(:runtime)
+ s.add_dependency(dep.name, dep.version_requirements.to_s)
+ end
s.require_path = 'lib'
s.files = %w(LICENSE README.md Rakefile) + Dir.glob("{features,lib,spec}/**/*")
@@ -53,19 +54,10 @@ desc "Run specs"
Spec::Rake::SpecTask.new do |t|
t.spec_files = FileList['spec/**/*_spec.rb']
t.spec_opts = %w(-fp --color)
-
- t.rcov = true
- t.rcov_opts << '--text-summary'
- t.rcov_opts << '--sort' << 'coverage' << '--sort-reverse'
- t.rcov_opts << '--exclude' << '.gem,.rvm,.bundle,spec,examples'
end
require 'cucumber/rake/task'
Cucumber::Rake::Task.new do |t|
t.libs << 'lib'
t.cucumber_opts = "--format pretty"
- t.rcov = true
- t.rcov_opts << '--text-summary'
- t.rcov_opts << '--sort' << 'coverage' << '--sort-reverse'
- t.rcov_opts << '--exclude' << '.gem,.rvm,.bundle,spec,features,examples'
end
View
9 lib/hancock.rb
@@ -1,11 +1,3 @@
-require 'extlib'
-require 'dm-core'
-require 'dm-types'
-require 'dm-aggregates'
-require 'dm-migrations'
-require 'dm-timestamps'
-require 'dm-validations'
-
require 'openid'
require 'openid/store/filesystem'
require 'openid/extensions/sreg'
@@ -21,4 +13,3 @@
require File.join(lib_dir, 'hancock', 'sso')
require File.join(lib_dir, 'hancock', 'models', 'user')
-require File.join(lib_dir, 'hancock', 'models', 'consumer')
View
26 lib/hancock/models/consumer.rb
@@ -1,26 +0,0 @@
-module Hancock
- class Consumer
- include DataMapper::Resource
-
- property :id, Serial
- property :url, String, :required => true, :unique => true, :unique_index => true, :length => 2048
- property :label, String, :required => false
- property :internal, Boolean, :required => false, :default => false
-
- def self.allowed?(host)
- !first(:url => host).nil?
- end
-
- def self.visible
- all(:internal => false).select do |c|
- c.label
- end
- end
-
- def self.internal
- all(:internal => true).select do |c|
- c.label
- end
- end
- end
-end
View
74 lib/hancock/models/user.rb
@@ -1,73 +1,23 @@
module Hancock
- class User
- include DataMapper::Resource
-
- property :id, Serial
- property :first_name, String
- property :last_name, String
- property :email, String, :unique => true, :unique_index => true
- property :internal, Boolean, :default => false
- property :admin, Boolean, :default => false
-
- property :salt, String
- property :crypted_password, String
-
- property :enabled, Boolean, :default => false
- property :verified, Boolean, :default => false
- property :access_token, String
-
- attr_accessor :password, :password_confirmation
+ class UserConfigurationError < StandardError; end
- def reset_access_token
- @access_token = Digest::SHA1.hexdigest(Guid.new.to_s)
- end
-
- def authenticated?(password)
- crypted_password == encrypt(password)
- end
-
- def encrypt(password)
- self.class.encrypt(password, salt)
- end
-
- def password_required?
- crypted_password.blank? || !password.blank?
- end
-
- def encrypt_password
- return if password.blank?
- @salt = Digest::SHA1.hexdigest("--#{Guid.new.to_s}}--email--") if new?
- @crypted_password = encrypt(password)
- end
-
- validates_present :password, :if => proc{|m| m.password_required?}
- validates_is_confirmed :password, :if => proc{|m| m.password_required?}
-
- before :save, :encrypt_password
- before :save, :reset_access_token
-
- def self.encrypt(password, salt)
- Digest::SHA1.hexdigest("--#{salt}--#{password}--")
+ class AuthenticationUser
+ def self.authenticated?(password)
+ raise UserConfigurationError, "You need to setup a Hancock::User authentication class"
end
+ end
- def self.signup(params)
- pass = Digest::SHA1.hexdigest(Guid.new.to_s)
- user = new(:email => params['email'],
- :first_name => params['first_name'],
- :last_name => params['last_name'],
- :password => pass,
- :password_confirmation => pass)
- user.save
- user
+ class User
+ def self.authentication_class=(klass)
+ @authentication_class = klass
end
- def self.authenticate(email, password)
- u = first(:email => email)
- u && u.authenticated?(password) && u.enabled ? u : nil
+ def self.authentication_class
+ @authentication_class ||= AuthenticationUser
end
- def full_name
- "#{first_name} #{last_name}"
+ def self.authenticated?(username, password)
+ authentication_class.authenticated?(username, password)
end
end
end
View
6 lib/hancock/sso/openid.rb
@@ -11,7 +11,7 @@ def server
end
def url_for_user
- absolute_url("/sso/users/#{session_user.id}")
+ absolute_url("/sso/users/#{session_user}")
end
def render_response(oidresp)
@@ -60,9 +60,7 @@ def self.registered(app)
oidreq.identity = oidreq.claimed_id = url_for_user
oidresp = oidreq.answer(true, nil, oidreq.identity)
sreg_data = {
- 'last_name' => session_user.last_name,
- 'first_name' => session_user.first_name,
- 'email' => session_user.email
+ 'email' => session[Hancock::SSO::SESSION_USER_KEY]
}
oidresp.add_extension(OpenID::SReg::Response.new(sreg_data))
else # associate
View
11 lib/hancock/sso/sessions.rb
@@ -3,7 +3,7 @@ module SSO
module Sessions
module Helpers
def session_user
- ::Hancock::User.get(session[Hancock::SSO::SESSION_USER_KEY])
+ session[Hancock::SSO::SESSION_USER_KEY]
end
def session_return_to
@@ -12,11 +12,6 @@ def session_return_to
end
def ensure_authenticated
- if trust_root = session_return_to
- unless ::Hancock::Consumer.allowed?(trust_root)
- raise Hancock::SSO::Forbidden
- end
- end
raise Hancock::SSO::Unauthenticated unless session_user
end
end
@@ -30,8 +25,8 @@ def self.registered(app)
end
app.post '/sso/login' do
- user = ::Hancock::User.authenticate(params['email'], params['password'])
- session[Hancock::SSO::SESSION_USER_KEY] = user && user.id
+ user = ::Hancock::User.authenticated?(params['username'], params['password'])
+ session[Hancock::SSO::SESSION_USER_KEY] = params['username']
ensure_authenticated
redirect session_return_to || raise(Hancock::SSO::RouteMeHome)
end
View
15 spec/helpers/app.rb
@@ -3,12 +3,7 @@ module TestApp
module Helpers
def landing_page
<<-HAML
-%h2 Hello #{session_user.first_name} #{session_user.last_name}!
-- unless @consumers.empty?
- %ul#consumers
- - @consumers.each do |consumer|
- %li
- %a{:href => consumer.url}= consumer.label
+%h2 Hello #{session_user.inspect}!
HAML
end
@@ -29,15 +24,14 @@ def unauthenticated
or
%a{:href => '/sso/signup'} Signup
HAML
- end
+ end
+
end
def self.registered(app)
app.helpers Helpers
app.get '/' do
ensure_authenticated
- @consumers = ::Hancock::Consumer.visible
- @consumers += ::Hancock::Consumer.internal if session_user.internal?
haml landing_page
end
end
@@ -50,6 +44,9 @@ def self.app
end
class SsoServer < ::Hancock::SSO::App
+ enable :raise_errors
+ disable :show_exceptions
+
error Hancock::SSO::Unauthenticated do
haml(unauthenticated)
end
View
42 spec/helpers/fixtures.rb
@@ -1,42 +0,0 @@
-Hancock::User.fix {{
- :enabled => true,
- :email => /\w+@\w+.\w{2,3}/.gen.downcase,
- :first_name => /\w+/.gen.capitalize,
- :last_name => /\w+/.gen.capitalize,
- :verified => true,
- :admin => false,
- :password => (pass = /\w+/.gen.downcase),
- :password_confirmation => pass,
- :salt => (salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--email--")),
- :crypted_password => Hancock::User.encrypt(pass, salt)
-}}
-
-Hancock::User.fix(:internal) {{
- :enabled => true,
- :email => /\w+@\w+.\w{2,3}/.gen.downcase,
- :first_name => /\w+/.gen.capitalize,
- :last_name => /\w+/.gen.capitalize,
- :verified => true,
- :password => (pass = /\w+/.gen.downcase),
- :password_confirmation => pass,
- :salt => (salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--email--")),
- :crypted_password => Hancock::User.encrypt(pass, salt),
- :internal => true
-}}
-
-Hancock::Consumer.fix(:internal) {{
- :url => %r!http://(\w+).example.org/login!.gen.downcase,
- :label => /(\w+) (\w+)/.gen,
- :internal => true
-}}
-
-Hancock::Consumer.fix(:visible_to_all) {{
- :url => %r!http://(\w+).consumerapp.com/login!.gen.downcase,
- :label => /(\w+) (\w+)/.gen,
- :internal => false
-}}
-
-Hancock::Consumer.fix(:hidden) {{
- :url => 'http://localhost:9292/login',
- :internal => true
-}}
View
44 spec/helpers/matchers.rb
@@ -3,6 +3,7 @@ module Matchers
class LoginForm
include ::Webrat::Methods
include ::Webrat::Matchers
+
def matches?(target)
target.should have_selector("form[action='/sso/login'][method='POST']")
target.should have_selector("form[action='/sso/login'][method='POST'] input[type='text'][name='email']")
@@ -10,6 +11,7 @@ def matches?(target)
target.should have_selector("form[action='/sso/login'][method='POST'] input[type='submit'][value='Login']")
true
end
+
def failure_message
puts "Expected a login form to be displayed, it wasn't"
end
@@ -44,9 +46,10 @@ class RedirectToConsumer
include Spec::Matchers
include Webrat::Methods
include Webrat::Matchers
- def initialize(consumer, user)
- @consumer, @user = consumer, user
- @identity_url = "http://example.org/sso/users/#{user.id}"
+
+ def initialize(consumer_url, username)
+ @consumer_url, @username = consumer_url, username
+ @identity_url = "http://example.org/sso/users/#{username}"
end
def matches?(target)
@@ -56,34 +59,34 @@ def matches?(target)
redirect_params['openid.ns'].should == 'http://specs.openid.net/auth/2.0'
redirect_params['openid.mode'].should == 'id_res'
- redirect_params['openid.return_to'].should == @consumer.url
+ redirect_params['openid.return_to'].should == @consumer_url
redirect_params['openid.assoc_handle'].should =~ /^\{HMAC-SHA1\}\{[^\}]{8}\}\{[^\}]{8}\}$/
- redirect_params['openid.op_endpoint'].should == 'http://example.org/sso'
+ redirect_params['openid.op_endpoint'].should == 'http://example.org/sso'
redirect_params['openid.claimed_id'].should == @identity_url
redirect_params['openid.identity'].should == @identity_url
- redirect_params['openid.sreg.email'].should == @user.email
- redirect_params['openid.sreg.last_name'].should == @user.last_name
- redirect_params['openid.sreg.first_name'].should == @user.first_name
+ redirect_params['openid.sreg.email'].should == @username
redirect_params['openid.sig'].should_not be_nil
redirect_params['openid.signed'].should_not be_nil
redirect_params['openid.response_nonce'].should_not be_nil
true
end
+
def failure_message
puts "Expected a redirect to the consumer"
end
end
- def be_a_redirect_to_the_consumer(consumer, user)
- RedirectToConsumer.new(consumer, user)
+ def be_a_redirect_to_the_consumer(consumer_url, username)
+ RedirectToConsumer.new(consumer_url, username)
end
class ReturnAnOpenIDAssociateResponse
include Spec::Matchers
include Webrat::Methods
include Webrat::Matchers
+
def initialize(session)
@openid_session = session
end
@@ -107,6 +110,7 @@ def failure_message
puts "Expected an OpenID Associate Response"
end
end
+
def be_an_openid_associate_response(openid_session)
ReturnAnOpenIDAssociateResponse.new(openid_session)
end
@@ -115,9 +119,10 @@ class ReturnAnOpenIDImmediateResponse
include Spec::Matchers
include Webrat::Methods
include Webrat::Matchers
- def initialize(consumer, user)
- @consumer, @user = consumer, user
- @identity_url = "http://example.org/sso/users/#{user.id}"
+
+ def initialize(consumer_url, username)
+ @consumer_url, @username = consumer_url, username
+ @identity_url = "http://example.org/sso/users/#{username}"
end
def matches?(target)
@@ -127,15 +132,13 @@ def matches?(target)
redirect_params['openid.ns'].should == 'http://specs.openid.net/auth/2.0'
redirect_params['openid.mode'].should == 'id_res'
- redirect_params['openid.return_to'].should == @consumer.url
+ redirect_params['openid.return_to'].should == @consumer_url
redirect_params['openid.assoc_handle'].should =~ /^\{HMAC-SHA1\}\{[^\}]{8}\}\{[^\}]{8}\}$/
- redirect_params['openid.op_endpoint'].should == 'http://example.org/sso'
+ redirect_params['openid.op_endpoint'].should == 'http://example.org/sso'
redirect_params['openid.claimed_id'].should == @identity_url
redirect_params['openid.identity'].should == @identity_url
- redirect_params['openid.sreg.email'].should == @user.email
- redirect_params['openid.sreg.last_name'].should == @user.last_name
- redirect_params['openid.sreg.first_name'].should == @user.first_name
+ redirect_params['openid.sreg.email'].should == @username
redirect_params['openid.sig'].should_not be_nil
redirect_params['openid.signed'].should_not be_nil
@@ -146,8 +149,9 @@ def failure_message
puts "Expected an OpenID Associate Response"
end
end
- def be_an_openid_immediate_response(consumer, user)
- ReturnAnOpenIDImmediateResponse.new(consumer, user)
+
+ def be_an_openid_immediate_response(consumer_url, username)
+ ReturnAnOpenIDImmediateResponse.new(consumer_url, username)
end
end
end
View
34 spec/requests/login_spec.rb
@@ -1,45 +1,33 @@
require File.expand_path(File.dirname(__FILE__)+'/../spec_helper')
describe "posting to /sso/login" do
- before(:each) do
- @user = Hancock::User.gen
- @consumer = Hancock::Consumer.gen(:internal)
+ before(:all) do
+ Hancock::User.authentication_class = MyUserClass
end
+
describe "with a valid password" do
it "should authenticate a user and redirect to /" do
- post '/sso/login', :email => @user.email, :password => @user.password
+ login('atmos', 'hancock')
+
last_response.status.should eql(302)
- last_response.headers['Location'].should eql('/')
+ last_response.headers['Location'].should eql('http://example.org/')
end
end
describe "with an invalid password" do
it "should display a form to login" do
- post '/sso/login', :email => @user.email, :password => 's3cr3t'
+ login('atmos', 'xxxxxx')
+
last_response.body.should be_a_login_form
end
end
end
-describe "getting /sso/login" do
- before(:each) do
- @user = Hancock::User.gen
- @consumer = Hancock::Consumer.gen(:internal)
- end
- describe "with a valid session" do
- describe "from an invalid consumer" do
- it "should return forbidden" do
- get '/sso/login'
- login(@user)
-
- get '/sso/login'
- last_response['Location'].should eql('/')
- end
- end
- end
+describe "getting /sso/login" do
+ let(:consumer_url) { "http://foo.example.org" }
describe "without a valid session" do
it "should prompt the user to login" do
- get '/sso/login', { 'return_to' => @consumer.url }
+ get '/sso/login', { 'return_to' => consumer_url }
last_response.body.should be_a_login_form
end
end
View
14 spec/requests/logout_spec.rb
@@ -1,22 +1,20 @@
require File.expand_path(File.dirname(__FILE__)+'/../spec_helper')
describe "visiting /sso/logout" do
- before(:each) do
- @user = Hancock::User.gen
- @consumer = Hancock::Consumer.gen(:internal)
- end
describe "when authenticated" do
- it "should clear the session and redirec to /" do
+ it "clears the session and redirects to /" do
+ login('atmos', 'hancock')
+
get '/sso/logout'
last_response.status.should eql(302)
- last_response.headers['Location'].should eql('/')
+ last_response.headers['Location'].should eql('http://example.org/')
end
end
describe "when unauthenticated" do
- it "should redirect to /" do
+ it "redirects to /" do
get '/sso/logout'
last_response.status.should eql(302)
- last_response.headers['Location'].should eql('/')
+ last_response.headers['Location'].should eql('http://example.org/')
end
end
end
View
59 spec/requests/openid_spec.rb
@@ -1,9 +1,14 @@
require File.expand_path(File.dirname(__FILE__)+'/../spec_helper')
describe "visiting /sso" do
- let(:user) { Hancock::User.gen }
- let(:consumer) { Hancock::Consumer.gen(:internal) }
- let(:identity_url) { "http://example.org/sso/users/#{user.id}" }
+ let(:user) { 'atmos' }
+ let(:password) { 'hancock' }
+ let(:consumer_url) { "http://foo.example.org" }
+ let(:identity_url) { "http://example.org/sso/users/#{user}" }
+
+ before(:all) do
+ Hancock::User.authentication_class = MyUserClass
+ end
it "should throw a bad request if there aren't any openid params" do
get '/sso'
@@ -31,30 +36,14 @@
params = {
"openid.ns" => "http://specs.openid.net/auth/2.0",
"openid.mode" => "checkid_setup",
- "openid.return_to" => consumer.url,
+ "openid.return_to" => consumer_url,
"openid.identity" => identity_url,
"openid.claimed_id" => identity_url
}
- login(user)
+ login(user, password)
get "/sso", params
- last_response.should be_a_redirect_to_the_consumer(consumer, user)
- end
-
- describe "attempting to access from an untrusted consumer" do
- it "cancel the openid request" do
- params = {
- "openid.ns" => "http://specs.openid.net/auth/2.0",
- "openid.mode" => "checkid_setup",
- "openid.return_to" => "http://rogueconsumerapp.com/",
- "openid.identity" => identity_url,
- "openid.claimed_id" => identity_url
- }
-
- login(user)
- get "/sso", params
- last_response.status.should == 403
- end
+ last_response.should be_a_redirect_to_the_consumer(consumer_url, user)
end
end
@@ -63,7 +52,7 @@
params = {
"openid.ns" => "http://specs.openid.net/auth/2.0",
"openid.mode" => "checkid_setup",
- "openid.return_to" => consumer.url,
+ "openid.return_to" => consumer_url,
"openid.identity" => identity_url,
"openid.claimed_id" => identity_url
}
@@ -80,7 +69,7 @@
params = {
"openid.ns" => "http://specs.openid.net/auth/2.0",
"openid.mode" => "checkid_immediate",
- "openid.return_to" => consumer.url,
+ "openid.return_to" => consumer_url,
"openid.identity" => identity_url,
"openid.claimed_id" => identity_url
}
@@ -96,30 +85,14 @@
params = {
"openid.ns" => "http://specs.openid.net/auth/2.0",
"openid.mode" => "checkid_immediate",
- "openid.return_to" => consumer.url,
- "openid.identity" => identity_url,
- "openid.claimed_id" => identity_url
- }
-
- login(user)
- get "/sso", params
- last_response.should be_an_openid_immediate_response(consumer, user)
- end
- end
-
- describe "attempting to access from an untrusted consumer" do
- it "cancel the openid request" do
- params = {
- "openid.ns" => "http://specs.openid.net/auth/2.0",
- "openid.mode" => "checkid_immediate",
- "openid.return_to" => "http://rogueconsumerapp.com/",
+ "openid.return_to" => consumer_url,
"openid.identity" => identity_url,
"openid.claimed_id" => identity_url
}
- login(user)
+ login(user, password)
get "/sso", params
- last_response.status.should == 403
+ last_response.should be_an_openid_immediate_response(consumer_url, user)
end
end
end
View
20 spec/spec_helper.rb
@@ -8,11 +8,8 @@
Bundler.require(:test)
-%w(app matchers fixtures).each do |helper|
- require File.join(project_root, 'spec', 'helpers', helper)
-end
-
-DataMapper.setup(:default, 'sqlite3::memory:')
+require File.join(project_root, 'spec', 'helpers', 'app')
+require File.join(project_root, 'spec', 'helpers', 'matchers')
Webrat.configure do |config|
config.mode = :rack
@@ -20,20 +17,23 @@
config.application_port = 4567
end
+class MyUserClass
+ def self.authenticated?(username, password)
+ username == 'atmos' && password == 'hancock'
+ end
+end
+
Spec::Runner.configure do |config|
def app
Hancock::TestApp.app
end
- def login(user)
- post '/sso/login', :email => user.email, :password => user.password
+ def login(username, password)
+ post '/sso/login', :username => username, :password => password
end
config.include(Rack::Test::Methods)
config.include(Webrat::Methods)
config.include(Webrat::Matchers)
config.include(Hancock::Matchers)
- config.before(:each) do
- DataMapper.auto_migrate!
- end
end
View
43 spec/units/consumer_spec.rb
@@ -1,43 +0,0 @@
-require File.expand_path(File.dirname(__FILE__)+'/../spec_helper')
-
-describe Hancock::Consumer do
- describe "when queried about a disallowed host" do
- it "returns false" do
- Hancock::Consumer.allowed?('http://blogspot.com').should be_false
- end
- end
-
- describe "visible to staff" do
- before(:each) do
- @consumer = Hancock::Consumer.gen(:internal)
- @consumer.save
- end
- describe "when queried about an allowed host" do
- it "returns true" do
- Hancock::Consumer.allowed?(@consumer.url).should be_true
- end
- end
- end
- describe "visible to customers and staff" do
- before(:each) do
- @consumer = Hancock::Consumer.gen(:visible_to_all)
- @consumer.save
- end
- describe "when queried about an allowed host" do
- it "returns true" do
- Hancock::Consumer.allowed?(@consumer.url).should be_true
- end
- end
- end
- describe "hidden (API) apps" do
- before(:each) do
- @consumer = Hancock::Consumer.gen(:hidden)
- @consumer.save
- end
- describe "when queried about an allowed host" do
- it "returns true" do
- Hancock::Consumer.allowed?(@consumer.url).should be_true
- end
- end
- end
-end
View
41 spec/units/landing_page_spec.rb
@@ -1,38 +1,25 @@
require File.expand_path(File.dirname(__FILE__)+'/../spec_helper')
+class MyUserClass
+ def self.authenticated?(username, password)
+ username == 'atmos' && password == 'hancock'
+ end
+end
+
describe "visiting /" do
- before(:each) do
- @last = Hancock::Consumer.gen(:internal)
- @first = Hancock::Consumer.gen(:visible_to_all)
+ before(:all) do
+ Hancock::User.authentication_class = MyUserClass
end
- describe "when authenticated" do
- describe "as an internal user" do
- before(:each) do
- @user = Hancock::User.gen(:internal)
- end
- it "should greet the user" do
- login(@user)
- get '/'
- last_response.body.to_s.should have_selector("h2:contains('Hello #{@user.first_name} #{@user.last_name}')")
- last_response.body.to_s.should have_selector("ul#consumers li a[href='#{@first.url}']:contains('#{@first.label}')")
- last_response.body.to_s.should have_selector("ul#consumers li a[href='#{@last.url}']:contains('#{@last.label}')")
- end
- end
- describe "as an external user" do
- before(:each) do
- @user = Hancock::User.gen
- end
- it "should greet the user" do
- login(@user)
- get '/'
+ describe "when authenticated" do
+ it "should greet the user" do
+ login('atmos', 'hancock')
+ get '/'
- last_response.body.to_s.should have_selector("h2:contains('Hello #{@user.first_name} #{@user.last_name}')")
- last_response.body.to_s.should have_selector("ul#consumers li a[href='#{@first.url}']:contains('#{@first.label}')")
- last_response.body.to_s.should_not have_selector("ul#consumers li a[href='#{@last.url}']:contains('#{@last.label}')")
- end
+ last_response.should have_selector("h2:contains('Hello \"atmos\"')")
end
end
+
describe "when unauthenticated" do
it "should prompt the user to login" do
get '/'
View
25 spec/units/user_spec.rb
@@ -1,10 +1,27 @@
require File.expand_path(File.dirname(__FILE__)+'/../spec_helper')
describe Hancock::User do
- before(:each) do
- @user = Hancock::User.gen
+ describe "with an authentication class set" do
+ before(:all) do
+ Hancock::User.authentication_class = MyUserClass
+ end
+
+ it "authenticates with good credentials" do
+ Hancock::User.authenticated?('atmos', 'hancock').should be_true
+ end
+
+ it "does not authenticate bad credentials" do
+ Hancock::User.authenticated?('atmos', 'xxxxxxx').should be_false
+ end
end
- it "should save successfully" do
- @user.save.should be_true
+ describe "without an authentication class set" do
+ before(:each) do
+ Hancock::User.authentication_class = Hancock::AuthenticationUser
+ end
+ it "raises and error trying to authenticate" do
+ lambda {
+ Hancock::User.authenticated?('atmos', 'hancock')
+ }.should raise_error
+ end
end
end
Please sign in to comment.
Something went wrong with that request. Please try again.