Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Added disable_magic_states option for sessions

  • Loading branch information...
commit 1f74ab91b96619095da596243f6a77c544872617 1 parent 5ee3be0
Ben Johnson binarylogic authored
1  CHANGELOG.rdoc
View
@@ -3,6 +3,7 @@
* Only change persistence token if the password is not blank
* Normalize the last_request_at_threshold so that you can pass an integer or a date/time range.
* Fixed bug where password length validations were not being run because the password value was not blank. It should be run if it is a new record, the password has changed, or the password is blank.
+* Added disable_magic_states option for sessions, to turn off the automatic checking of "magic states" such as active?, confirmed?, and approved?.
== 1.3.7 released 2008-11-30
2  lib/authlogic/session/base.rb
View
@@ -439,12 +439,14 @@ def valid_credentials?
end
def valid_record?
+ return true if disable_magic_states?
[:active, :approved, :confirmed].each do |required_status|
if record.respond_to?("#{required_status}?") && !record.send("#{required_status}?")
errors.add_to_base(send("not_#{required_status}_message"))
return false
end
end
+ true
end
end
end
19 lib/authlogic/session/config.rb
View
@@ -65,6 +65,21 @@ def cookie_key(value = nil)
end
alias_method :cookie_key=, :cookie_key
+ # Set this to true if you want to disable the checking of active?, approved?, and confirmed? on your record. This is more or less of a
+ # convenience feature, since 99% of the time if those methods exist and return false you will not want the user logging in. You could
+ # easily accomplish this same thing with a before_validation method or other callbacks.
+ #
+ # * <tt>Default:</tt> false
+ # * <tt>Accepts:</tt> Boolean
+ def disable_magic_states(value = nil)
+ if value.nil?
+ read_inheritable_attribute(:disable_magic_states)
+ else
+ write_inheritable_attribute(:disable_magic_states, value)
+ end
+ end
+ alias_method :disable_magic_states=, :disable_magic_states
+
# Authlogic tries to validate the credentials passed to it. One part of validation is actually finding the user and making sure it exists. What method it uses the do this is up to you.
#
# Let's say you have a UserSession that is authenticating a User. By default UserSession will call User.find_by_login(login). You can change what method UserSession calls by specifying it here. Then
@@ -333,6 +348,10 @@ def cookie_key
build_key(self.class.cookie_key)
end
+ def disable_magic_states?
+ self.class.disable_magic_states == true
+ end
+
def find_by_login_method
self.class.find_by_login_method
end
2  lib/authlogic/version.rb
View
@@ -44,7 +44,7 @@ def to_a
MAJOR = 1
MINOR = 3
- TINY = 7
+ TINY = 8
# The current version as a Version instance
CURRENT = new(MAJOR, MINOR, TINY)
33 test/session_tests/base_test.rb
View
@@ -274,6 +274,39 @@ def test_valid
assert session.errors.empty?
end
+ def test_valid_record
+ session = UserSession.new
+ ben = users(:ben)
+ session.send(:record=, ben)
+ assert session.send :valid_record?
+ assert session.errors.empty?
+
+ ben.update_attribute(:active, false)
+ assert !session.send(:valid_record?)
+ assert session.errors.on_base.size > 0
+
+ ben.active = true
+ ben.approved = false
+ ben.save
+ assert !session.send(:valid_record?)
+ assert session.errors.on_base.size > 0
+
+ ben.approved = true
+ ben.confirmed = false
+ ben.save
+ assert !session.send(:valid_record?)
+ assert session.errors.on_base.size > 0
+
+ ben.approved = false
+ ben.confirmed = false
+ ben.active = false
+
+ UserSession.disable_magic_states = true
+ session = UserSession.new
+ session.send(:record=, ben)
+ assert session.send :valid_record?
+ end
+
def test_valid_http_auth
ben = users(:ben)
session = UserSession.new
12 test/session_tests/config_test.rb
View
@@ -23,6 +23,18 @@ def test_cookie_key
session = UserSession.new
assert_equal "user_credentials", session.cookie_key
end
+
+ def test_disable_magic_states
+ UserSession.disable_magic_states = true
+ assert_equal true, UserSession.disable_magic_states
+ session = UserSession.new
+ assert_equal true, session.disable_magic_states?
+
+ UserSession.disable_magic_states false
+ assert_equal false, UserSession.disable_magic_states
+ session = UserSession.new
+ assert_equal false, session.disable_magic_states?
+ end
def test_find_by_login_method
UserSession.find_by_login_method = "my_login_method"
3  test/test_helper.rb
View
@@ -50,6 +50,9 @@
t.datetime :last_login_at
t.string :current_login_ip
t.string :last_login_ip
+ t.boolean :active, :default => true
+ t.boolean :approved, :default => true
+ t.boolean :confirmed, :default => true
end
create_table :employees do |t|
Please sign in to comment.
Something went wrong with that request. Please try again.