diff --git a/README.markdown b/README.markdown
index e7d859f..bc6c625 100644
--- a/README.markdown
+++ b/README.markdown
@@ -127,8 +127,6 @@ To run the RSpec specs:
## To Do
-* Install the restful_authentication plugin
-* Install the "acts as state machine" plugin
* Run the restful_authentication generator
* Add everything specified by "Restful Authentication With All the Bells and Whistles"
* Add Google gmail support
@@ -142,6 +140,8 @@ To run the RSpec specs:
* Created a .gitignore file
* Checked the app into GitHub
* Added RSpec (version 1.1.4)
+* Installed the restful_authentication plugin (version of 08/07/08)
+* Installed the "acts as state machine" plugin (version 2.1)
## Documentation and Support
diff --git a/vendor/plugins/restful-authentication/.gitignore b/vendor/plugins/restful-authentication/.gitignore
deleted file mode 100644
index 0523cb8..0000000
--- a/vendor/plugins/restful-authentication/.gitignore
+++ /dev/null
@@ -1,20 +0,0 @@
-Icon?
-.DS_Store
-TAGS
-REVISION
-*.tmproj
-.settings
-.project
-.tasks-cache
-.svn
-/log/*.log
-/tmp/**/*
-/config/database.yml
-actionmailer_config_DONOTVERSION.rb
-*DONOTVERSION*
-/vendor/src/**/*
-/db/*.sqlite*
-/public/ac/*
-/coverage
-/doc/app
-/doc/plugins
diff --git a/vendor/plugins/restful-authentication/CHANGELOG b/vendor/plugins/restful-authentication/CHANGELOG
deleted file mode 100644
index 5495485..0000000
--- a/vendor/plugins/restful-authentication/CHANGELOG
+++ /dev/null
@@ -1,68 +0,0 @@
-h1. Internal Changes to code
-
-As always, this is just a copy-and-pasted version of the CHANGELOG file in the source code tree.
-
-h2. Changes for the May, 2008 version of restful-authentication
-
-h3. Changes to user model
-
-* recently_activated? belongs only if stateful
-* Gave migration a 40-char limit on remember_token & an index on users by login
-* **Much** stricter login and email validation
-* put length constraints in migration too
-* password in 6, 40
-* salt and remember_token now much less predictability
-
-h3. Changes to session_controller
-
-* use uniform logout function
-* use uniform remember_cookie functions
-* avoid calling logged_in? which will auto-log-you-in (safe in the face of
- logout! call, but idiot-proof)
-* Moved reset_session into only the "now logged in" branch
-** wherever it goes, it has to be in front of the current_user= call
-** See more in README-Tradeoffs.txt
-* made a place to take action on failed login attempt
-* recycle login and remember_me setting on failed login
-* nil'ed out the password field in 'new' view
-
-h3. Changes to users_controller
-
-* use uniform logout function
-* use uniform remember_cookie functions
-* Moved reset_session into only the "now logged in" branch
-** wherever it goes, it has to be in front of the current_user= call
-** See more in README-Tradeoffs.txt
-* made the implicit login only happen for non-activationed sites
-* On a failed signup, kick you back to the signin screen (but strip out the password & confirmation)
-* more descriptive error messages in activate()
-
-h3. users_helper
-
-* link_to_user, link_to_current_user, link_to_signin_with_IP
-* if_authorized(action, resource, &block) view function (with appropriate
- warning)
-
-h3. authenticated_system
-
-* Made authorized? take optional arguments action=nil, resource=nil, *args
- This makes its signature better match traditional approaches to access control
- eg Reference Monitor in "Security Patterns":http://www.securitypatterns.org/patterns.html)
-* authorized? should be a helper too
-* added uniform logout! methods
-* format.any (as found in access_denied) doesn't work until
- http://dev.rubyonrails.org/changeset/8987 lands.
-* cookies are now refreshed each time we cross the logged out/in barrier, as
- "best":http://palisade.plynt.com/issues/2004Jul/safe-auth-practices/
- "practice":http://www.owasp.org/index.php/Session_Management#Regeneration_of_Session_Tokens
-
-h3. Other
-
-* Used escapes <%= %> in email templates (among other reasons, so courtenay's
- "'dumbass' test":http://tinyurl.com/684g9t doesn't complain)
-* Added site key to generator, users.yml.
-* Made site key generation idempotent in the most crude and hackish way
-* 100% coverage apart from the stateful code. (needed some access_control
- checks, and the http_auth stuff)
-* Stories!
-
diff --git a/vendor/plugins/restful-authentication/README b/vendor/plugins/restful-authentication/README
deleted file mode 100644
index 97f591c..0000000
--- a/vendor/plugins/restful-authentication/README
+++ /dev/null
@@ -1,176 +0,0 @@
-h1. Restful Authentication Generator
-
-This widely-used plugin provides a foundation for securely managing user
-authentication:
-* Login / logout
-* Secure password handling
-* Account activation by validating email
-* Account approval / disabling by admin
-* Rudimentary hooks for authorization and access control.
-
-Several features were updated in May, 2008. The newest version of this plugin
-may be found in
- http://github.com/technoweenie/restful-authentication/tree/master
-While a "classic" (backward-compatible) version may be found in
- http://github.com/technoweenie/restful-authentication/tree/classic
-
- !! important: if you upgrade your site, existing user account !!
- !! passwords will stop working unless you use --old-passwords !!
-
-This page has notes on
-* "Installation":#INSTALL
-* "Compatibility Warning":#COMPATIBILITY
-* "New Features":#AWESOME
-* "After installing":#POST-INSTALL
-
-See the "wiki":http://github.com/technoweenie/restful-authentication/wikis/home
-(or the notes/ directory) if you want to learn more about:
-
-* "Security Design Patterns":Security-Patterns with "snazzy diagram":http://github.com/technoweenie/restful-authentication/tree/master/notes/SecurityFramework.png
-* [[Authentication]] -- Lets a visitor identify herself (and lay claim to her corresponding Roles and measure of Trust)
-* "Trust Metrics":Trustification -- Confidence we can rely on the outcomes of this visitor's actions.
-* [[Authorization]] and Policy -- Based on trust and identity, what actions may this visitor perform?
-* [[Access Control]] -- How the Authorization policy is actually enforced in your code (A: hopefully without turning it into a spaghetti of if thens)
-* [[Rails Plugins]] for Authentication, Trust, Authorization and Access Control
-* [[Tradeoffs]] -- for the paranoid or the curious, a rundown of tradeoffs made in the code
-* [[CHANGELOG]] -- Summary of changes to internals
-* [[TODO]] -- Ideas for how you can help
-
-These best version of the release notes are in the notes/ directory in the
-"source code":http://github.com/technoweenie/restful-authentication/tree/master
--- look there for the latest version. The wiki versions are taken (manually)
-from there.
-
-***************************************************************************
-
-h2. Exciting new features
-
-h3. Stories
-
-There are now RSpec stories that allow expressive, enjoyable tests for the
-authentication code. The flexible code for resource testing in stories was
-extended from "Ben Mabey's.":http://www.benmabey.com/2008/02/04/rspec-plain-text-stories-webrat-chunky-bacon/
-
-h3. Modularize to match security design patterns:
-
-* Authentication (currently: password, browser cookie token, HTTP basic)
-* Trust metric (email validation)
-* Authorization (stateful roles)
-* Leave a flexible framework that will play nicely with other access control / policy definition / trust metric plugins
-
-h3. Other
-
-* Added a few helper methods for linking to user pages
-* Uniform handling of logout, remember_token
-* Stricter email, login field validation
-* Minor security fixes -- see CHANGELOG
-
-***************************************************************************
-
-h2. Non-backwards compatible Changes
-
-Here are a few changes in the May 2008 release that increase "Defense in Depth"
-but may require changes to existing accounts
-
-* If you have an existing site, none of these changes are compelling enough to
- warrant migrating your userbase.
-* If you are generating for a new site, all of these changes are low-impact.
- You should apply them.
-
-h3. Passwords
-
-The new password encryption (using a site key salt and stretching) will break
-existing user accounts' passwords. We recommend you use the --old-passwords
-option or write a migration tool and submit it as a patch. See the
-[[Tradeoffs]] note for more information.
-
-h3. Validations
-
-By default,
-
-***************************************************************************
-
-h2. Installation
-
-This is a basic restful authentication generator for rails, taken from
-acts as authenticated. Currently it requires Rails 1.2.6 or above.
-
-To use:
-
- ./script/generate authenticated user sessions \
- --include-activation \
- --stateful \
- --rspec \
- --skip-migration \
- --skip-routes \
- --old-passwords
-
-* The first parameter specifies the model that gets created in signup (typically
- a user or account model). A model with migration is created, as well as a
- basic controller with the create method. You probably want to say "User" here.
-
-* The second parameter specifies the session controller name. This is the
- controller that handles the actual login/logout function on the site.
- (probably: "Session").
-
-* --include-activation: Generates the code for a ActionMailer and its respective
- Activation Code through email.
-
-* --stateful: Builds in support for acts_as_state_machine and generates
- activation code. (@--stateful@ implies @--include-activation@). Based on the
- idea at [[http://www.vaporbase.com/postings/stateful_authentication]]. Passing
- @--skip-migration@ will skip the user migration, and @--skip-routes@ will skip
- resource generation -- both useful if you've already run this generator.
-
-* --aasm: Works the same as stateful but uses the updated aasm gem
-
-* --rspec: Generate RSpec tests and Stories in place of standard rails tests.
- This requires the
- "RSpec and Rspec-on-rails plugins":http://rspec.info/
- (make sure you "./script/generate rspec" after installing RSpec.) The rspec
- and story suite are much more thorough than the rails tests, and changes are
- unlikely to be backported.
-
-* --old-passwords: Use the older password scheme (see [[#COMPATIBILITY]], above)
-
-* --skip-migration: Don't generate a migration file for this model
-
-* --skip-routes: Don't generate a resource line in @config/routes.rb@
-
-
-***************************************************************************
-
-h2. After installing
-
-The below assumes a Model named 'User' and a Controller named 'Session'; please
-alter to suit. There are additional security minutae in @notes/README-Tradeoffs@
--- only the paranoid or the curious need bother, though.
-
-* Add these familiar login URLs to your @config/routes.rb@ if you like:
-
- map.signup '/signup', :controller => 'users', :action => 'new' @
- map.login '/login', :controller => 'sessions', :action => 'new' @
- map.logout '/logout', :controller => 'sessions', :action => 'destroy' @
-
-* With @--include-activation@, also add to your @config/routes.rb@:
-
- map.activate '/activate/:activation_code', :controller => 'users', :action => 'activate', :activation_code => nil)
-
- and add an observer to @config/environment.rb@:
-
- config.active_record.observers = :user_observer
-
-* With @--stateful@, add an observer to config/environment.rb:
-
- config.active_record.observers = :user_observer
-
- and modify the users resource line to read
-
- map.resources :users, :member => { :suspend => :put,
- :unsuspend => :put,
- :purge => :delete }
-
-* If you use a public repository for your code (such as github, rubyforge,
- gitorious, etc.) make sure to NOT post your site_keys.rb (add a line like
- '/config/initializers/site_keys.rb' to your .gitignore or do the svn ignore
- dance), but make sure you DO keep it backed up somewhere safe.
diff --git a/vendor/plugins/restful-authentication/Rakefile b/vendor/plugins/restful-authentication/Rakefile
deleted file mode 100644
index 03e0f37..0000000
--- a/vendor/plugins/restful-authentication/Rakefile
+++ /dev/null
@@ -1,22 +0,0 @@
-require 'rake'
-require 'rake/testtask'
-require 'rake/rdoctask'
-
-desc 'Default: run unit tests.'
-task :default => :test
-
-desc 'Test the restful_authentication plugin.'
-Rake::TestTask.new(:test) do |t|
- t.libs << 'lib'
- t.pattern = 'test/**/*_test.rb'
- t.verbose = true
-end
-
-desc 'Generate documentation for the restful_authentication plugin.'
-Rake::RDocTask.new(:rdoc) do |rdoc|
- rdoc.rdoc_dir = 'rdoc'
- rdoc.title = 'RestfulAuthentication'
- rdoc.options << '--line-numbers' << '--inline-source'
- rdoc.rdoc_files.include('README')
- rdoc.rdoc_files.include('lib/**/*.rb')
-end
diff --git a/vendor/plugins/restful-authentication/TODO b/vendor/plugins/restful-authentication/TODO
deleted file mode 100644
index 30968ad..0000000
--- a/vendor/plugins/restful-authentication/TODO
+++ /dev/null
@@ -1,15 +0,0 @@
-
-h3. Authentication security projects for a later date
-
-
-* Track 'failed logins this hour' and demand a captcha after say 5 failed logins
- ("RECAPTCHA plugin.":http://agilewebdevelopment.com/plugins/recaptcha)
- "De-proxy-ficate IP address": http://wiki.codemongers.com/NginxHttpRealIpModule
-
-* Make cookie spoofing a little harder: we set the user's cookie to
- (remember_token), but store digest(remember_token, request_IP). A CSRF cookie
- spoofer has to then at least also spoof the user's originating IP
- (see "Secure Programs HOWTO":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html)
-
-* Log HTTP request on authentication / authorization failures
- http://palisade.plynt.com/issues/2004Jul/safe-auth-practices
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/USAGE b/vendor/plugins/restful-authentication/generators/authenticated/USAGE
deleted file mode 100644
index 72794d7..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/USAGE
+++ /dev/null
@@ -1 +0,0 @@
-./script/generate authenticated USERMODEL CONTROLLERNAME
\ No newline at end of file
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/authenticated_generator.rb b/vendor/plugins/restful-authentication/generators/authenticated/authenticated_generator.rb
deleted file mode 100644
index 9920798..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/authenticated_generator.rb
+++ /dev/null
@@ -1,478 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + "/lib/insert_routes.rb")
-require 'digest/sha1'
-class AuthenticatedGenerator < Rails::Generator::NamedBase
- default_options :skip_migration => false,
- :skip_routes => false,
- :old_passwords => false,
- :include_activation => false
-
- attr_reader :controller_name,
- :controller_class_path,
- :controller_file_path,
- :controller_class_nesting,
- :controller_class_nesting_depth,
- :controller_class_name,
- :controller_singular_name,
- :controller_plural_name,
- :controller_routing_name, # new_session_path
- :controller_routing_path, # /session/new
- :controller_controller_name, # sessions
- :controller_file_name
- alias_method :controller_table_name, :controller_plural_name
- attr_reader :model_controller_name,
- :model_controller_class_path,
- :model_controller_file_path,
- :model_controller_class_nesting,
- :model_controller_class_nesting_depth,
- :model_controller_class_name,
- :model_controller_singular_name,
- :model_controller_plural_name,
- :model_controller_routing_name, # new_user_path
- :model_controller_routing_path, # /users/new
- :model_controller_controller_name # users
- alias_method :model_controller_file_name, :model_controller_singular_name
- alias_method :model_controller_table_name, :model_controller_plural_name
-
- def initialize(runtime_args, runtime_options = {})
- super
-
- @rspec = has_rspec?
-
- @controller_name = (args.shift || 'sessions').pluralize
- @model_controller_name = @name.pluralize
-
- # sessions controller
- base_name, @controller_class_path, @controller_file_path, @controller_class_nesting, @controller_class_nesting_depth = extract_modules(@controller_name)
- @controller_class_name_without_nesting, @controller_file_name, @controller_plural_name = inflect_names(base_name)
- @controller_singular_name = @controller_file_name.singularize
- if @controller_class_nesting.empty?
- @controller_class_name = @controller_class_name_without_nesting
- else
- @controller_class_name = "#{@controller_class_nesting}::#{@controller_class_name_without_nesting}"
- end
- @controller_routing_name = @controller_singular_name
- @controller_routing_path = @controller_file_path.singularize
- @controller_controller_name = @controller_plural_name
-
- # model controller
- base_name, @model_controller_class_path, @model_controller_file_path, @model_controller_class_nesting, @model_controller_class_nesting_depth = extract_modules(@model_controller_name)
- @model_controller_class_name_without_nesting, @model_controller_singular_name, @model_controller_plural_name = inflect_names(base_name)
-
- if @model_controller_class_nesting.empty?
- @model_controller_class_name = @model_controller_class_name_without_nesting
- else
- @model_controller_class_name = "#{@model_controller_class_nesting}::#{@model_controller_class_name_without_nesting}"
- end
- @model_controller_routing_name = @table_name
- @model_controller_routing_path = @model_controller_file_path
- @model_controller_controller_name = @model_controller_plural_name
-
- load_or_initialize_site_keys()
-
- if options[:dump_generator_attribute_names]
- dump_generator_attribute_names
- end
- end
-
- def manifest
- recorded_session = record do |m|
- # Check for class naming collisions.
- m.class_collisions controller_class_path, "#{controller_class_name}Controller", # Sessions Controller
- "#{controller_class_name}Helper"
- m.class_collisions model_controller_class_path, "#{model_controller_class_name}Controller", # Model Controller
- "#{model_controller_class_name}Helper"
- m.class_collisions class_path, "#{class_name}", "#{class_name}Mailer", "#{class_name}MailerTest", "#{class_name}Observer"
- m.class_collisions [], 'AuthenticatedSystem', 'AuthenticatedTestHelper'
-
- # Controller, helper, views, and test directories.
- m.directory File.join('app/models', class_path)
- m.directory File.join('app/controllers', controller_class_path)
- m.directory File.join('app/controllers', model_controller_class_path)
- m.directory File.join('app/helpers', controller_class_path)
- m.directory File.join('app/views', controller_class_path, controller_file_name)
- m.directory File.join('app/views', class_path, "#{file_name}_mailer") if options[:include_activation]
-
- m.directory File.join('app/controllers', model_controller_class_path)
- m.directory File.join('app/helpers', model_controller_class_path)
- m.directory File.join('app/views', model_controller_class_path, model_controller_file_name)
- m.directory File.join('config/initializers')
-
- if @rspec
- m.directory File.join('spec/controllers', controller_class_path)
- m.directory File.join('spec/controllers', model_controller_class_path)
- m.directory File.join('spec/models', class_path)
- m.directory File.join('spec/helpers', model_controller_class_path)
- m.directory File.join('spec/fixtures', class_path)
- m.directory File.join('stories', model_controller_file_path)
- m.directory File.join('stories', 'steps')
- else
- m.directory File.join('test/functional', controller_class_path)
- m.directory File.join('test/functional', model_controller_class_path)
- m.directory File.join('test/unit', class_path)
- m.directory File.join('test/fixtures', class_path)
- end
-
- m.template 'model.rb',
- File.join('app/models',
- class_path,
- "#{file_name}.rb")
-
- if options[:include_activation]
- %w( mailer observer ).each do |model_type|
- m.template "#{model_type}.rb", File.join('app/models',
- class_path,
- "#{file_name}_#{model_type}.rb")
- end
- end
-
- m.template 'controller.rb',
- File.join('app/controllers',
- controller_class_path,
- "#{controller_file_name}_controller.rb")
-
- m.template 'model_controller.rb',
- File.join('app/controllers',
- model_controller_class_path,
- "#{model_controller_file_name}_controller.rb")
-
- m.template 'authenticated_system.rb',
- File.join('lib', 'authenticated_system.rb')
-
- m.template 'authenticated_test_helper.rb',
- File.join('lib', 'authenticated_test_helper.rb')
-
- m.template 'site_keys.rb', site_keys_file
-
- if @rspec
- # RSpec Specs
- m.template 'spec/controllers/users_controller_spec.rb',
- File.join('spec/controllers',
- model_controller_class_path,
- "#{model_controller_file_name}_controller_spec.rb")
- m.template 'spec/controllers/sessions_controller_spec.rb',
- File.join('spec/controllers',
- controller_class_path,
- "#{controller_file_name}_controller_spec.rb")
- m.template 'spec/controllers/access_control_spec.rb',
- File.join('spec/controllers',
- controller_class_path,
- "access_control_spec.rb")
- m.template 'spec/controllers/authenticated_system_spec.rb',
- File.join('spec/controllers',
- controller_class_path,
- "authenticated_system_spec.rb")
- m.template 'spec/helpers/users_helper_spec.rb',
- File.join('spec/helpers',
- model_controller_class_path,
- "#{table_name}_helper_spec.rb")
- m.template 'spec/models/user_spec.rb',
- File.join('spec/models',
- class_path,
- "#{file_name}_spec.rb")
- m.template 'spec/fixtures/users.yml',
- File.join('spec/fixtures',
- class_path,
- "#{table_name}.yml")
-
- # RSpec Stories
- m.template 'stories/steps/ra_navigation_steps.rb',
- File.join('stories/steps/ra_navigation_steps.rb')
- m.template 'stories/steps/ra_response_steps.rb',
- File.join('stories/steps/ra_response_steps.rb')
- m.template 'stories/steps/ra_resource_steps.rb',
- File.join('stories/steps/ra_resource_steps.rb')
- m.template 'stories/steps/user_steps.rb',
- File.join('stories/steps/', "#{file_name}_steps.rb")
- m.template 'stories/users/accounts.story',
- File.join('stories', model_controller_file_path, 'accounts.story')
- m.template 'stories/users/sessions.story',
- File.join('stories', model_controller_file_path, 'sessions.story')
- m.template 'stories/rest_auth_stories_helper.rb',
- File.join('stories', 'rest_auth_stories_helper.rb')
- m.template 'stories/rest_auth_stories.rb',
- File.join('stories', 'rest_auth_stories.rb')
-
- else
- m.template 'test/functional_test.rb',
- File.join('test/functional',
- controller_class_path,
- "#{controller_file_name}_controller_test.rb")
- m.template 'test/model_functional_test.rb',
- File.join('test/functional',
- model_controller_class_path,
- "#{model_controller_file_name}_controller_test.rb")
- m.template 'test/unit_test.rb',
- File.join('test/unit',
- class_path,
- "#{file_name}_test.rb")
- if options[:include_activation]
- m.template 'test/mailer_test.rb', File.join('test/unit', class_path, "#{file_name}_mailer_test.rb")
- end
- m.template 'spec/fixtures/users.yml',
- File.join('test/fixtures',
- class_path,
- "#{table_name}.yml")
- end
-
- m.template 'helper.rb',
- File.join('app/helpers',
- controller_class_path,
- "#{controller_file_name}_helper.rb")
-
- m.template 'model_helper.rb',
- File.join('app/helpers',
- model_controller_class_path,
- "#{model_controller_file_name}_helper.rb")
-
-
- # Controller templates
- m.template 'login.html.erb', File.join('app/views', controller_class_path, controller_file_name, "new.html.erb")
- m.template 'signup.html.erb', File.join('app/views', model_controller_class_path, model_controller_file_name, "new.html.erb")
- m.template '_model_partial.html.erb', File.join('app/views', model_controller_class_path, model_controller_file_name, "_#{file_name}_bar.html.erb")
-
- if options[:include_activation]
- # Mailer templates
- %w( activation signup_notification ).each do |action|
- m.template "#{action}.html.erb",
- File.join('app/views', "#{file_name}_mailer", "#{action}.html.erb")
- end
- end
-
- unless options[:skip_migration]
- m.migration_template 'migration.rb', 'db/migrate', :assigns => {
- :migration_name => "Create#{class_name.pluralize.gsub(/::/, '')}"
- }, :migration_file_name => "create_#{file_path.gsub(/\//, '_').pluralize}"
- end
- unless options[:skip_routes]
- # Note that this fails for nested classes -- you're on your own with setting up the routes.
- m.route_resource controller_singular_name
- m.route_resources model_controller_plural_name
- m.route_name('signup', '/signup', {:controller => model_controller_plural_name, :action => 'new'})
- m.route_name('register', '/register', {:controller => model_controller_plural_name, :action => 'create'})
- m.route_name('login', '/login', {:controller => controller_controller_name, :action => 'new'})
- m.route_name('logout', '/logout', {:controller => controller_controller_name, :action => 'destroy'})
- end
- end
-
- #
- # Post-install notes
- #
- action = File.basename($0) # grok the action from './script/generate' or whatever
- case action
- when "generate"
- puts "Ready to generate."
- puts ("-" * 70)
- puts "Once finished, don't forget to:"
- puts
- if options[:include_activation]
- puts "- Add an observer to config/environment.rb"
- puts " config.active_record.observers = :#{file_name}_observer"
- end
- if options[:aasm]
- puts "- Install the acts_as_state_machine gem:"
- puts " sudo gem sources -a http://gems.github.com (If you haven't already)"
- puts " sudo gem install rubyist-aasm"
- elsif options[:stateful]
- puts "- Install the acts_as_state_machine plugin:"
- puts " svn export http://elitists.textdriven.com/svn/plugins/acts_as_state_machine/trunk vendor/plugins/acts_as_state_machine"
- end
- puts "- Add routes to these resources. In config/routes.rb, insert routes like:"
- puts %( map.signup '/signup', :controller => '#{model_controller_file_name}', :action => 'new')
- puts %( map.login '/login', :controller => '#{controller_file_name}', :action => 'new')
- puts %( map.logout '/logout', :controller => '#{controller_file_name}', :action => 'destroy')
- if options[:include_activation]
- puts %( map.activate '/activate/:activation_code', :controller => '#{model_controller_file_name}', :action => 'activate', :activation_code => nil)
- end
- if options[:stateful]
- puts " and modify the map.resources :#{model_controller_file_name} line to include these actions:"
- puts " map.resources :#{model_controller_file_name}, :member => { :suspend => :put, :unsuspend => :put, :purge => :delete }"
- end
- puts
- puts ("-" * 70)
- puts
- if $rest_auth_site_key_from_generator.blank?
- puts "You've set a nil site key. This preserves existing users' passwords,"
- puts "but allows dictionary attacks in the unlikely event your database is"
- puts "compromised and your site code is not. See the README for more."
- elsif $rest_auth_keys_are_new
- puts "We've create a new site key in #{site_keys_file}. If you have existing"
- puts "user accounts their passwords will no longer work (see README). As always,"
- puts "keep this file safe but don't post it in public."
- else
- puts "We've reused the existing site key in #{site_keys_file}. As always,"
- puts "keep this file safe but don't post it in public."
- end
- puts
- puts ("-" * 70)
- when "destroy"
- puts
- puts ("-" * 70)
- puts
- puts "Thanks for using restful_authentication"
- puts
- puts "Don't forget to comment out the observer line in environment.rb"
- puts " (This was optional so it may not even be there)"
- puts " # config.active_record.observers = :#{file_name}_observer"
- puts
- puts ("-" * 70)
- puts
- else
- puts "Didn't understand the action '#{action}' -- you might have missed the 'after running me' instructions."
- end
-
- #
- # Do the thing
- #
- recorded_session
- end
-
- def has_rspec?
- spec_dir = File.join(RAILS_ROOT, 'spec')
- options[:rspec] ||= (File.exist?(spec_dir) && File.directory?(spec_dir)) unless (options[:rspec] == false)
- end
-
- #
- # !! These must match the corresponding routines in by_password.rb !!
- #
- def secure_digest(*args)
- Digest::SHA1.hexdigest(args.flatten.join('--'))
- end
- def make_token
- secure_digest(Time.now, (1..10).map{ rand.to_s })
- end
- def password_digest(password, salt)
- digest = $rest_auth_site_key_from_generator
- $rest_auth_digest_stretches_from_generator.times do
- digest = secure_digest(digest, salt, password, $rest_auth_site_key_from_generator)
- end
- digest
- end
-
- #
- # Try to be idempotent:
- # pull in the existing site key if any,
- # seed it with reasonable defaults otherwise
- #
- def load_or_initialize_site_keys
- case
- when defined? REST_AUTH_SITE_KEY
- if (options[:old_passwords]) && ((! REST_AUTH_SITE_KEY.blank?) || (REST_AUTH_DIGEST_STRETCHES != 1))
- raise "You have a site key, but --old-passwords will overwrite it. If this is really what you want, move the file #{site_keys_file} and re-run."
- end
- $rest_auth_site_key_from_generator = REST_AUTH_SITE_KEY
- $rest_auth_digest_stretches_from_generator = REST_AUTH_DIGEST_STRETCHES
- when options[:old_passwords]
- $rest_auth_site_key_from_generator = nil
- $rest_auth_digest_stretches_from_generator = 1
- $rest_auth_keys_are_new = true
- else
- $rest_auth_site_key_from_generator = make_token
- $rest_auth_digest_stretches_from_generator = 10
- $rest_auth_keys_are_new = true
- end
- end
- def site_keys_file
- File.join("config", "initializers", "site_keys.rb")
- end
-
-protected
- # Override with your own usage banner.
- def banner
- "Usage: #{$0} authenticated ModelName [ControllerName]"
- end
-
- def add_options!(opt)
- opt.separator ''
- opt.separator 'Options:'
- opt.on("--skip-migration",
- "Don't generate a migration file for this model") { |v| options[:skip_migration] = v }
- opt.on("--include-activation",
- "Generate signup 'activation code' confirmation via email") { |v| options[:include_activation] = true }
- opt.on("--stateful",
- "Use acts_as_state_machine. Assumes --include-activation") { |v| options[:include_activation] = options[:stateful] = true }
- opt.on("--aasm",
- "Use (gem) aasm. Assumes --include-activation") { |v| options[:include_activation] = options[:stateful] = options[:aasm] = true }
- opt.on("--rspec",
- "Force rspec mode (checks for RAILS_ROOT/spec by default)") { |v| options[:rspec] = true }
- opt.on("--no-rspec",
- "Force test (not RSpec mode") { |v| options[:rspec] = false }
- opt.on("--skip-routes",
- "Don't generate a resource line in config/routes.rb") { |v| options[:skip_routes] = v }
- opt.on("--old-passwords",
- "Use the older password encryption scheme (see README)") { |v| options[:old_passwords] = v }
- opt.on("--dump-generator-attrs",
- "(generator debug helper)") { |v| options[:dump_generator_attribute_names] = v }
- end
-
- def dump_generator_attribute_names
- generator_attribute_names = [
- :table_name,
- :file_name,
- :class_name,
- :controller_name,
- :controller_class_path,
- :controller_file_path,
- :controller_class_nesting,
- :controller_class_nesting_depth,
- :controller_class_name,
- :controller_singular_name,
- :controller_plural_name,
- :controller_routing_name, # new_session_path
- :controller_routing_path, # /session/new
- :controller_controller_name, # sessions
- :controller_file_name,
- :controller_table_name, :controller_plural_name,
- :model_controller_name,
- :model_controller_class_path,
- :model_controller_file_path,
- :model_controller_class_nesting,
- :model_controller_class_nesting_depth,
- :model_controller_class_name,
- :model_controller_singular_name,
- :model_controller_plural_name,
- :model_controller_routing_name, # new_user_path
- :model_controller_routing_path, # /users/new
- :model_controller_controller_name, # users
- :model_controller_file_name, :model_controller_singular_name,
- :model_controller_table_name, :model_controller_plural_name,
- ]
- generator_attribute_names.each do |attr|
- puts "%-40s %s" % ["#{attr}:", self.send(attr)] # instance_variable_get("@#{attr.to_s}"
- end
-
- end
-end
-
-# ./script/generate authenticated FoonParent::Foon SporkParent::Spork -p --force --rspec --dump-generator-attrs
-# table_name: foon_parent_foons
-# file_name: foon
-# class_name: FoonParent::Foon
-# controller_name: SporkParent::Sporks
-# controller_class_path: spork_parent
-# controller_file_path: spork_parent/sporks
-# controller_class_nesting: SporkParent
-# controller_class_nesting_depth: 1
-# controller_class_name: SporkParent::Sporks
-# controller_singular_name: spork
-# controller_plural_name: sporks
-# controller_routing_name: spork
-# controller_routing_path: spork_parent/spork
-# controller_controller_name: sporks
-# controller_file_name: sporks
-# controller_table_name: sporks
-# controller_plural_name: sporks
-# model_controller_name: FoonParent::Foons
-# model_controller_class_path: foon_parent
-# model_controller_file_path: foon_parent/foons
-# model_controller_class_nesting: FoonParent
-# model_controller_class_nesting_depth: 1
-# model_controller_class_name: FoonParent::Foons
-# model_controller_singular_name: foons
-# model_controller_plural_name: foons
-# model_controller_routing_name: foon_parent_foons
-# model_controller_routing_path: foon_parent/foons
-# model_controller_controller_name: foons
-# model_controller_file_name: foons
-# model_controller_singular_name: foons
-# model_controller_table_name: foons
-# model_controller_plural_name: foons
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/lib/insert_routes.rb b/vendor/plugins/restful-authentication/generators/authenticated/lib/insert_routes.rb
deleted file mode 100644
index 92b2678..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/lib/insert_routes.rb
+++ /dev/null
@@ -1,54 +0,0 @@
-Rails::Generator::Commands::Create.class_eval do
- def route_resource(*resources)
- resource_list = resources.map { |r| r.to_sym.inspect }.join(', ')
- sentinel = 'ActionController::Routing::Routes.draw do |map|'
-
- logger.route "map.resource #{resource_list}"
- unless options[:pretend]
- gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
- "#{match}\n map.resource #{resource_list}\n"
- end
- end
- end
-
- def route_name(name, path, route_options = {})
- sentinel = 'ActionController::Routing::Routes.draw do |map|'
-
- logger.route "map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
- unless options[:pretend]
- gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
- "#{match}\n map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
- end
- end
- end
-end
-
-Rails::Generator::Commands::Destroy.class_eval do
- def route_resource(*resources)
- resource_list = resources.map { |r| r.to_sym.inspect }.join(', ')
- look_for = "\n map.resource #{resource_list}\n"
- logger.route "map.resource #{resource_list}"
- unless options[:pretend]
- gsub_file 'config/routes.rb', /(#{look_for})/mi, ''
- end
- end
-
- def route_name(name, path, route_options = {})
- look_for = "\n map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
- logger.route "map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
- unless options[:pretend]
- gsub_file 'config/routes.rb', /(#{look_for})/mi, ''
- end
- end
-end
-
-Rails::Generator::Commands::List.class_eval do
- def route_resource(*resources)
- resource_list = resources.map { |r| r.to_sym.inspect }.join(', ')
- logger.route "map.resource #{resource_list}"
- end
-
- def route_name(name, path, options = {})
- logger.route "map.#{name} '#{path}', :controller => '{options[:controller]}', :action => '#{options[:action]}'"
- end
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/_model_partial.html.erb b/vendor/plugins/restful-authentication/generators/authenticated/templates/_model_partial.html.erb
deleted file mode 100644
index 0685494..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/_model_partial.html.erb
+++ /dev/null
@@ -1,8 +0,0 @@
-<%% if logged_in? -%>
-
Logged in as <%%= link_to_current_<%= file_name %> :content_method => :login %>
-<%% end -%>
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/activation.html.erb b/vendor/plugins/restful-authentication/generators/authenticated/templates/activation.html.erb
deleted file mode 100644
index 9d4ad0b..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/activation.html.erb
+++ /dev/null
@@ -1,3 +0,0 @@
-<%%=h @<%= file_name %>.login %>, your account has been activated. Welcome aboard!
-
- <%%=h @url %>
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/authenticated_system.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/authenticated_system.rb
deleted file mode 100644
index baa285b..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/authenticated_system.rb
+++ /dev/null
@@ -1,187 +0,0 @@
-module AuthenticatedSystem
- protected
- # Returns true or false if the <%= file_name %> is logged in.
- # Preloads @current_<%= file_name %> with the <%= file_name %> model if they're logged in.
- def logged_in?
- !!current_<%= file_name %>
- end
-
- # Accesses the current <%= file_name %> from the session.
- # Future calls avoid the database because nil is not equal to false.
- def current_<%= file_name %>
- @current_<%= file_name %> ||= (login_from_session || login_from_basic_auth || login_from_cookie) unless @current_<%= file_name %> == false
- end
-
- # Store the given <%= file_name %> id in the session.
- def current_<%= file_name %>=(new_<%= file_name %>)
- session[:<%= file_name %>_id] = new_<%= file_name %> ? new_<%= file_name %>.id : nil
- @current_<%= file_name %> = new_<%= file_name %> || false
- end
-
- # Check if the <%= file_name %> is authorized
- #
- # Override this method in your controllers if you want to restrict access
- # to only a few actions or if you want to check if the <%= file_name %>
- # has the correct rights.
- #
- # Example:
- #
- # # only allow nonbobs
- # def authorized?
- # current_<%= file_name %>.login != "bob"
- # end
- #
- def authorized?(action=nil, resource=nil, *args)
- logged_in?
- end
-
- # Filter method to enforce a login requirement.
- #
- # To require logins for all actions, use this in your controllers:
- #
- # before_filter :login_required
- #
- # To require logins for specific actions, use this in your controllers:
- #
- # before_filter :login_required, :only => [ :edit, :update ]
- #
- # To skip this in a subclassed controller:
- #
- # skip_before_filter :login_required
- #
- def login_required
- authorized? || access_denied
- end
-
- # Redirect as appropriate when an access request fails.
- #
- # The default action is to redirect to the login screen.
- #
- # Override this method in your controllers if you want to have special
- # behavior in case the <%= file_name %> is not authorized
- # to access the requested action. For example, a popup window might
- # simply close itself.
- def access_denied
- respond_to do |format|
- format.html do
- store_location
- redirect_to new_<%= controller_routing_name %>_path
- end
- # format.any doesn't work in rails version < http://dev.rubyonrails.org/changeset/8987
- # you may want to change format.any to e.g. format.any(:js, :xml)
- format.any do
- request_http_basic_authentication 'Web Password'
- end
- end
- end
-
- # Store the URI of the current request in the session.
- #
- # We can return to this location by calling #redirect_back_or_default.
- def store_location
- session[:return_to] = request.request_uri
- end
-
- # Redirect to the URI stored by the most recent store_location call or
- # to the passed default. Set an appropriately modified
- # after_filter :store_location, :only => [:index, :new, :show, :edit]
- # for any controller you want to be bounce-backable.
- def redirect_back_or_default(default)
- redirect_to(session[:return_to] || default)
- session[:return_to] = nil
- end
-
- # Inclusion hook to make #current_<%= file_name %> and #logged_in?
- # available as ActionView helper methods.
- def self.included(base)
- base.send :helper_method, :current_<%= file_name %>, :logged_in?, :authorized? if base.respond_to? :helper_method
- end
-
- #
- # Login
- #
-
- # Called from #current_<%= file_name %>. First attempt to login by the <%= file_name %> id stored in the session.
- def login_from_session
- self.current_<%= file_name %> = <%= class_name %>.find_by_id(session[:<%= file_name %>_id]) if session[:<%= file_name %>_id]
- end
-
- # Called from #current_<%= file_name %>. Now, attempt to login by basic authentication information.
- def login_from_basic_auth
- authenticate_with_http_basic do |login, password|
- self.current_<%= file_name %> = <%= class_name %>.authenticate(login, password)
- end
- end
-
- #
- # Logout
- #
-
- # Called from #current_<%= file_name %>. Finaly, attempt to login by an expiring token in the cookie.
- # for the paranoid: we _should_ be storing <%= file_name %>_token = hash(cookie_token, request IP)
- def login_from_cookie
- <%= file_name %> = cookies[:auth_token] && <%= class_name %>.find_by_remember_token(cookies[:auth_token])
- if <%= file_name %> && <%= file_name %>.remember_token?
- self.current_<%= file_name %> = <%= file_name %>
- handle_remember_cookie! false # freshen cookie token (keeping date)
- self.current_<%= file_name %>
- end
- end
-
- # This is ususally what you want; resetting the session willy-nilly wreaks
- # havoc with forgery protection, and is only strictly necessary on login.
- # However, **all session state variables should be unset here**.
- def logout_keeping_session!
- # Kill server-side auth cookie
- @current_<%= file_name %>.forget_me if @current_<%= file_name %>.is_a? <%= class_name %>
- @current_<%= file_name %> = false # not logged in, and don't do it for me
- kill_remember_cookie! # Kill client-side auth cookie
- session[:<%= file_name %>_id] = nil # keeps the session but kill our variable
- # explicitly kill any other session variables you set
- end
-
- # The session should only be reset at the tail end of a form POST --
- # otherwise the request forgery protection fails. It's only really necessary
- # when you cross quarantine (logged-out to logged-in).
- def logout_killing_session!
- logout_keeping_session!
- reset_session
- end
-
- #
- # Remember_me Tokens
- #
- # Cookies shouldn't be allowed to persist past their freshness date,
- # and they should be changed at each login
-
- # Cookies shouldn't be allowed to persist past their freshness date,
- # and they should be changed at each login
-
- def valid_remember_cookie?
- return nil unless @current_<%= file_name %>
- (@current_<%= file_name %>.remember_token?) &&
- (cookies[:auth_token] == @current_<%= file_name %>.remember_token)
- end
-
- # Refresh the cookie auth token if it exists, create it otherwise
- def handle_remember_cookie! new_cookie_flag
- return unless @current_<%= file_name %>
- case
- when valid_remember_cookie? then @current_<%= file_name %>.refresh_token # keeping same expiry date
- when new_cookie_flag then @current_<%= file_name %>.remember_me
- else @current_<%= file_name %>.forget_me
- end
- send_remember_cookie!
- end
-
- def kill_remember_cookie!
- cookies.delete :auth_token
- end
-
- def send_remember_cookie!
- cookies[:auth_token] = {
- :value => @current_<%= file_name %>.remember_token,
- :expires => @current_<%= file_name %>.remember_token_expires_at }
- end
-
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/authenticated_test_helper.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/authenticated_test_helper.rb
deleted file mode 100644
index 9cd3e45..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/authenticated_test_helper.rb
+++ /dev/null
@@ -1,22 +0,0 @@
-module AuthenticatedTestHelper
- # Sets the current <%= file_name %> in the session from the <%= file_name %> fixtures.
- def login_as(<%= file_name %>)
- @request.session[:<%= file_name %>_id] = <%= file_name %> ? <%= table_name %>(<%= file_name %>).id : nil
- end
-
- def authorize_as(<%= file_name %>)
- @request.env["HTTP_AUTHORIZATION"] = <%= file_name %> ? ActionController::HttpAuthentication::Basic.encode_credentials(<%= table_name %>(<%= file_name %>).login, 'monkey') : nil
- end
-
-<% if options[:rspec] -%>
- # rspec
- def mock_<%= file_name %>
- <%= file_name %> = mock_model(<%= class_name %>, :id => 1,
- :login => 'user_name',
- :name => 'U. Surname',
- :to_xml => "<%= class_name %>-in-XML", :to_json => "<%= class_name %>-in-JSON",
- :errors => [])
- <%= file_name %>
- end
-<% end -%>
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/controller.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/controller.rb
deleted file mode 100644
index df352ac..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/controller.rb
+++ /dev/null
@@ -1,43 +0,0 @@
-# This controller handles the login/logout function of the site.
-class <%= controller_class_name %>Controller < ApplicationController
- # Be sure to include AuthenticationSystem in Application Controller instead
- include AuthenticatedSystem
-
- # render new.rhtml
- def new
- end
-
- def create
- logout_keeping_session!
- <%= file_name %> = <%= class_name %>.authenticate(params[:login], params[:password])
- if <%= file_name %>
- # Protects against session fixation attacks, causes request forgery
- # protection if user resubmits an earlier form using back
- # button. Uncomment if you understand the tradeoffs.
- # reset_session
- self.current_<%= file_name %> = <%= file_name %>
- new_cookie_flag = (params[:remember_me] == "1")
- handle_remember_cookie! new_cookie_flag
- redirect_back_or_default('/')
- flash[:notice] = "Logged in successfully"
- else
- note_failed_signin
- @login = params[:login]
- @remember_me = params[:remember_me]
- render :action => 'new'
- end
- end
-
- def destroy
- logout_killing_session!
- flash[:notice] = "You have been logged out."
- redirect_back_or_default('/')
- end
-
-protected
- # Track failed login attempts
- def note_failed_signin
- flash[:error] = "Couldn't log you in as '#{params[:login]}'"
- logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}"
- end
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/helper.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/helper.rb
deleted file mode 100644
index ed5759e..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/helper.rb
+++ /dev/null
@@ -1,2 +0,0 @@
-module <%= controller_class_name %>Helper
-end
\ No newline at end of file
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/login.html.erb b/vendor/plugins/restful-authentication/generators/authenticated/templates/login.html.erb
deleted file mode 100644
index 997e3ab..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/login.html.erb
+++ /dev/null
@@ -1,16 +0,0 @@
-
Log In
-
-<%% form_tag <%= controller_routing_name %>_path do -%>
-
-<%% end -%>
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/mailer.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/mailer.rb
deleted file mode 100644
index f6e092b..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/mailer.rb
+++ /dev/null
@@ -1,25 +0,0 @@
-class <%= class_name %>Mailer < ActionMailer::Base
- def signup_notification(<%= file_name %>)
- setup_email(<%= file_name %>)
- @subject += 'Please activate your new account'
- <% if options[:include_activation] %>
- @body[:url] = "http://YOURSITE/activate/#{<%= file_name %>.activation_code}"
- <% else %>
- @body[:url] = "http://YOURSITE/login/" <% end %>
- end
-
- def activation(<%= file_name %>)
- setup_email(<%= file_name %>)
- @subject += 'Your account has been activated!'
- @body[:url] = "http://YOURSITE/"
- end
-
- protected
- def setup_email(<%= file_name %>)
- @recipients = "#{<%= file_name %>.email}"
- @from = "ADMINEMAIL"
- @subject = "[YOURSITE] "
- @sent_on = Time.now
- @body[:<%= file_name %>] = <%= file_name %>
- end
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/migration.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/migration.rb
deleted file mode 100644
index afeaaaa..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/migration.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-class <%= migration_name %> < ActiveRecord::Migration
- def self.up
- create_table "<%= table_name %>", :force => true do |t|
- t.column :login, :string, :limit => 40
- t.column :name, :string, :limit => 100, :default => '', :null => true
- t.column :email, :string, :limit => 100
- t.column :crypted_password, :string, :limit => 40
- t.column :salt, :string, :limit => 40
- t.column :created_at, :datetime
- t.column :updated_at, :datetime
- t.column :remember_token, :string, :limit => 40
- t.column :remember_token_expires_at, :datetime
-<% if options[:include_activation] -%>
- t.column :activation_code, :string, :limit => 40
- t.column :activated_at, :datetime<% end %>
-<% if options[:stateful] -%>
- t.column :state, :string, :null => :no, :default => 'passive'
- t.column :deleted_at, :datetime<% end %>
- end
- add_index :<%= table_name %>, :login, :unique => true
- end
-
- def self.down
- drop_table "<%= table_name %>"
- end
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/model.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/model.rb
deleted file mode 100644
index 7b8a37e..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/model.rb
+++ /dev/null
@@ -1,74 +0,0 @@
-require 'digest/sha1'
-
-class <%= class_name %> < ActiveRecord::Base
- include Authentication
- include Authentication::ByPassword
- include Authentication::ByCookieToken
-<% if options[:aasm] -%>
- include Authorization::AasmRoles
-<% elsif options[:stateful] -%>
- include Authorization::StatefulRoles<% end %>
- validates_presence_of :login
- validates_length_of :login, :within => 3..40
- validates_uniqueness_of :login, :case_sensitive => false
- validates_format_of :login, :with => RE_LOGIN_OK, :message => MSG_LOGIN_BAD
-
- validates_format_of :name, :with => RE_NAME_OK, :message => MSG_NAME_BAD, :allow_nil => true
- validates_length_of :name, :maximum => 100
-
- validates_presence_of :email
- validates_length_of :email, :within => 6..100 #r@a.wk
- validates_uniqueness_of :email, :case_sensitive => false
- validates_format_of :email, :with => RE_EMAIL_OK, :message => MSG_EMAIL_BAD
-
- <% if options[:include_activation] && !options[:stateful] %>before_create :make_activation_code <% end %>
-
- # HACK HACK HACK -- how to do attr_accessible from here?
- # prevents a user from submitting a crafted form that bypasses activation
- # anything else you want your user to change should be added here.
- attr_accessible :login, :email, :name, :password, :password_confirmation
-
-<% if options[:include_activation] && !options[:stateful] %>
- # Activates the user in the database.
- def activate!
- @activated = true
- self.activated_at = Time.now.utc
- self.activation_code = nil
- save(false)
- end
-
- # Returns true if the user has just been activated.
- def recently_activated?
- @activated
- end
-
- def active?
- # the existence of an activation code means they have not activated yet
- activation_code.nil?
- end<% end %>
-
- # Authenticates a user by their login name and unencrypted password. Returns the user or nil.
- #
- # uff. this is really an authorization, not authentication routine.
- # We really need a Dispatch Chain here or something.
- # This will also let us return a human error message.
- #
- def self.authenticate(login, password)
- u = <% if options[:stateful] %>find_in_state :first, :active, :conditions => {:login => login}<%
- elsif options[:include_activation] %>find :first, :conditions => ['login = ? and activated_at IS NOT NULL', login]<%
- else %>find_by_login(login)<% end %> # need to get the salt
- u && u.authenticated?(password) ? u : nil
- end
-
- protected
-
-<% if options[:include_activation] -%>
- def make_activation_code
- <% if options[:stateful] -%>
- self.deleted_at = nil
- <% end -%>
- self.activation_code = self.class.make_token
- end
-<% end %>
-
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/model_controller.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/model_controller.rb
deleted file mode 100644
index 56b3c9e..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/model_controller.rb
+++ /dev/null
@@ -1,86 +0,0 @@
-class <%= model_controller_class_name %>Controller < ApplicationController
- # Be sure to include AuthenticationSystem in Application Controller instead
- include AuthenticatedSystem
- <% if options[:stateful] %>
- # Protect these actions behind an admin login
- # before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge]
- before_filter :find_<%= file_name %>, :only => [:suspend, :unsuspend, :destroy, :purge]
- <% end %>
-
- # render new.rhtml
- def new
- @<%= file_name %> = <%= class_name %>.new
- end
-
- def create
- logout_keeping_session!
- @<%= file_name %> = <%= class_name %>.new(params[:<%= file_name %>])
-<% if options[:stateful] -%>
- @<%= file_name %>.register! if @<%= file_name %> && @<%= file_name %>.valid?
- success = @<%= file_name %> && @<%= file_name %>.valid?
-<% else -%>
- success = @<%= file_name %> && @<%= file_name %>.save
-<% end -%>
- if success && @<%= file_name %>.errors.empty?
- <% if !options[:include_activation] -%>
- # Protects against session fixation attacks, causes request forgery
- # protection if visitor resubmits an earlier form using back
- # button. Uncomment if you understand the tradeoffs.
- # reset session
- self.current_<%= file_name %> = @<%= file_name %> # !! now logged in
- <% end -%>
- redirect_back_or_default('/')
- flash[:notice] = "Thanks for signing up! We're sending you an email with your activation code."
- else
- flash[:error] = "We couldn't set up that account, sorry. Please try again, or contact an admin (link is above)."
- render :action => 'new'
- end
- end
-<% if options[:include_activation] %>
- def activate
- logout_keeping_session!
- <%= file_name %> = <%= class_name %>.find_by_activation_code(params[:activation_code]) unless params[:activation_code].blank?
- case
- when (!params[:activation_code].blank?) && <%= file_name %> && !<%= file_name %>.active?
- <%= file_name %>.activate!
- flash[:notice] = "Signup complete! Please sign in to continue."
- redirect_to '/login'
- when params[:activation_code].blank?
- flash[:error] = "The activation code was missing. Please follow the URL from your email."
- redirect_back_or_default('/')
- else
- flash[:error] = "We couldn't find a <%= file_name %> with that activation code -- check your email? Or maybe you've already activated -- try signing in."
- redirect_back_or_default('/')
- end
- end
-<% end %><% if options[:stateful] %>
- def suspend
- @<%= file_name %>.suspend!
- redirect_to <%= model_controller_routing_name %>_path
- end
-
- def unsuspend
- @<%= file_name %>.unsuspend!
- redirect_to <%= model_controller_routing_name %>_path
- end
-
- def destroy
- @<%= file_name %>.delete!
- redirect_to <%= model_controller_routing_name %>_path
- end
-
- def purge
- @<%= file_name %>.destroy
- redirect_to <%= model_controller_routing_name %>_path
- end
-
- # There's no page here to update or destroy a <%= file_name %>. If you add those, be
- # smart -- make sure you check that the visitor is authorized to do so, that they
- # supply their old password along with a new one to update it, etc.
-
-protected
- def find_<%= file_name %>
- @<%= file_name %> = <%= class_name %>.find(params[:id])
- end
-<% end -%>
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/model_helper.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/model_helper.rb
deleted file mode 100644
index cc7a6b1..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/model_helper.rb
+++ /dev/null
@@ -1,93 +0,0 @@
-module <%= model_controller_class_name %>Helper
-
- #
- # Use this to wrap view elements that the user can't access.
- # !! Note: this is an *interface*, not *security* feature !!
- # You need to do all access control at the controller level.
- #
- # Example:
- # <%%= if_authorized?(:index, User) do link_to('List all users', users_path) end %> |
- # <%%= if_authorized?(:edit, @user) do link_to('Edit this user', edit_user_path) end %> |
- # <%%= if_authorized?(:destroy, @user) do link_to 'Destroy', @user, :confirm => 'Are you sure?', :method => :delete end %>
- #
- #
- def if_authorized?(action, resource, &block)
- if authorized?(action, resource)
- yield action, resource
- end
- end
-
- #
- # Link to user's page ('<%= table_name %>/1')
- #
- # By default, their login is used as link text and link title (tooltip)
- #
- # Takes options
- # * :content_text => 'Content text in place of <%= file_name %>.login', escaped with
- # the standard h() function.
- # * :content_method => :<%= file_name %>_instance_method_to_call_for_content_text
- # * :title_method => :<%= file_name %>_instance_method_to_call_for_title_attribute
- # * as well as link_to()'s standard options
- #
- # Examples:
- # link_to_<%= file_name %> @<%= file_name %>
- # # => barmy
- #
- # # if you've added a .name attribute:
- # content_tag :span, :class => :vcard do
- # (link_to_<%= file_name %> <%= file_name %>, :class => 'fn n', :title_method => :login, :content_method => :name) +
- # ': ' + (content_tag :span, <%= file_name %>.email, :class => 'email')
- # end
- # # => Cyril Fotheringay-Phipps: barmy@blandings.com
- #
- # link_to_<%= file_name %> @<%= file_name %>, :content_text => 'Your user page'
- # # => Your user page
- #
- def link_to_<%= file_name %>(<%= file_name %>, options={})
- raise "Invalid <%= file_name %>" unless <%= file_name %>
- options.reverse_merge! :content_method => :login, :title_method => :login, :class => :nickname
- content_text = options.delete(:content_text)
- content_text ||= <%= file_name %>.send(options.delete(:content_method))
- options[:title] ||= <%= file_name %>.send(options.delete(:title_method))
- link_to h(content_text), <%= model_controller_routing_name.singularize %>_path(<%= file_name %>), options
- end
-
- #
- # Link to login page using remote ip address as link content
- #
- # The :title (and thus, tooltip) is set to the IP address
- #
- # Examples:
- # link_to_login_with_IP
- # # => 169.69.69.69
- #
- # link_to_login_with_IP :content_text => 'not signed in'
- # # => not signed in
- #
- def link_to_login_with_IP content_text=nil, options={}
- ip_addr = request.remote_ip
- content_text ||= ip_addr
- options.reverse_merge! :title => ip_addr
- if tag = options.delete(:tag)
- content_tag tag, h(content_text), options
- else
- link_to h(content_text), login_path, options
- end
- end
-
- #
- # Link to the current user's page (using link_to_<%= file_name %>) or to the login page
- # (using link_to_login_with_IP).
- #
- def link_to_current_<%= file_name %>(options={})
- if current_<%= file_name %>
- link_to_<%= file_name %> current_<%= file_name %>, options
- else
- content_text = options.delete(:content_text) || 'not signed in'
- # kill ignored options from link_to_<%= file_name %>
- [:content_method, :title_method].each{|opt| options.delete(opt)}
- link_to_login_with_IP content_text, options
- end
- end
-
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/model_helper_spec.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/model_helper_spec.rb
deleted file mode 100644
index 1d17fbd..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/model_helper_spec.rb
+++ /dev/null
@@ -1,158 +0,0 @@
-require File.dirname(__FILE__) + '/../spec_helper'
-include ApplicationHelper
-include <%= model_controller_class_name %>Helper
-
-describe "<%= model_controller_class_name %>Helper.link_to_<%= file_name %>" do
- before do
- @<%= file_name %> = <%= class_name %>.new({
- :name => '<%= class_name %> Name',
- :login => '<%= file_name %>_name',
- })
- @<%= file_name %>.id = 1 # set non-attr_accessible specifically
- end
-
- it "should give an error on a nil <%= file_name %>" do
- lambda { link_to_<%= file_name %>(nil) }.should raise_error('Invalid <%= file_name %>')
- end
-
- it "should link to the given <%= file_name %>" do
- link_to_<%= file_name %>(@<%= file_name %>).should have_tag("a[href='/<%= table_name %>/1']")
- end
-
- it "should use given link text if :content_text is specified" do
- link_to_<%= file_name %>(@<%= file_name %>, :content_text => 'Hello there!').should have_tag("a", 'Hello there!')
- end
-
- it "should use the login as link text with no :content_method specified" do
- link_to_<%= file_name %>(@<%= file_name %>).should have_tag("a", '<%= file_name %>_name')
- end
-
- it "should use the name as link text with :content_method => :name" do
- link_to_<%= file_name %>(@<%= file_name %>, :content_method => :name).should have_tag("a", '<%= class_name %> Name')
- end
-
- it "should use the login as title with no :title_method specified" do
- link_to_<%= file_name %>(@<%= file_name %>).should have_tag("a[title='<%= file_name %>_name']")
- end
-
- it "should use the name as link title with :content_method => :name" do
- link_to_<%= file_name %>(@<%= file_name %>, :title_method => :name).should have_tag("a[title='<%= class_name %> Name']")
- end
-
- it "should have nickname as a class by default" do
- link_to_<%= file_name %>(@<%= file_name %>).should have_tag("a.nickname")
- end
-
- it "should take other classes and no longer have the nickname class" do
- result = link_to_<%= file_name %>(@<%= file_name %>, :class => 'foo bar')
- result.should have_tag("a.foo")
- result.should have_tag("a.bar")
- end
-end
-
-describe "<%= model_controller_class_name %>Helper.link_to_signin_with_IP" do
- before do
- end
-
- it "should link to the signin_path" do
- link_to_signin_with_IP().should have_tag("a[href='/signin']")
- end
-
- it "should use given link text if :content_text is specified" do
- link_to_signin_with_IP(:content_text => 'Hello there!').should have_tag("a", 'Hello there!')
- end
-
- it "should use the login as link text with no :content_method specified" do
- link_to_signin_with_IP().should have_tag("a", '0.0.0.0')
- end
-
- it "should use the ip address as title" do
- link_to_signin_with_IP().should have_tag("a[title='0.0.0.0']")
- end
-
- it "should by default be like school in summer and have no class" do
- link_to_signin_with_IP().should_not have_tag("a.nickname")
- end
-
- it "should have some class if you tell it to" do
- result = link_to_signin_with_IP(:class => 'foo bar')
- result.should have_tag("a.foo")
- result.should have_tag("a.bar")
- end
-end
-
-describe "<%= model_controller_class_name %>Helper.link_to_current_<%= file_name %>, When logged in" do
- fixtures :<%= table_name %>
- include AuthenticatedTestHelper
- before do
- login_as(:quentin)
- end
-
- it "should link to the given <%= file_name %>" do
- link_to_current_<%= file_name %>().should have_tag("a[href='/<%= table_name %>/1']")
- end
-
- it "should use given link text if :content_text is specified" do
- link_to_current_user(:content_text => 'Hello there!').should have_tag("a", 'Hello there!')
- end
-
- it "should use the login as link text with no :content_method specified" do
- link_to_current_user().should have_tag("a", 'quentin')
- end
-
- it "should use the name as link text with :content_method => :name" do
- link_to_current_user(:content_method => :name).should have_tag("a", 'Quentin')
- end
-
- it "should use the login as title with no :title_method specified" do
- link_to_current_user().should have_tag("a[title='quentin']")
- end
-
- it "should use the name as link title with :content_method => :name" do
- link_to_current_user(:title_method => :name).should have_tag("a[title='Quentin']")
- end
-
- it "should have nickname as a class" do
- link_to_current_user().should have_tag("a.nickname")
- end
-
- it "should take other classes and no longer have the nickname class" do
- result = link_to_current_user(:class => 'foo bar')
- result.should have_tag("a.foo")
- result.should have_tag("a.bar")
- end
-end
-
-
-
-describe "<%= model_controller_class_name %>Helper.link_to_current_user, When logged out" do
- include AuthenticatedTestHelper
- before do
- end
-
- it "should link to the signin_path" do
- link_to_current_user().should have_tag("a[href='/signin']")
- end
-
- it "should use given link text if :content_text is specified" do
- link_to_current_user(:content_text => 'Hello there!').should have_tag("a", 'Hello there!')
- end
-
- it "should use the IP address as link text with no :content_method specified" do
- link_to_current_user().should have_tag("a", '0.0.0.0')
- end
-
- it "should use the ip address as title" do
- link_to_current_user().should have_tag("a[title='0.0.0.0']")
- end
-
- it "should by default be like school in summer and have no class" do
- link_to_current_user().should_not have_tag("a.nickname")
- end
-
- it "should have some class if you tell it to" do
- result = link_to_current_user(:class => 'foo bar')
- result.should have_tag("a.foo")
- result.should have_tag("a.bar")
- end
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/observer.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/observer.rb
deleted file mode 100644
index bbf6f5e..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/observer.rb
+++ /dev/null
@@ -1,11 +0,0 @@
-class <%= class_name %>Observer < ActiveRecord::Observer
- def after_create(<%= file_name %>)
- <%= class_name %>Mailer.deliver_signup_notification(<%= file_name %>)
- end
-
- def after_save(<%= file_name %>)
- <% if options[:include_activation] %>
- <%= class_name %>Mailer.deliver_activation(<%= file_name %>) if <%= file_name %>.recently_activated?
- <% end %>
- end
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/signup.html.erb b/vendor/plugins/restful-authentication/generators/authenticated/templates/signup.html.erb
deleted file mode 100644
index cbaa476..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/signup.html.erb
+++ /dev/null
@@ -1,19 +0,0 @@
-
-<%% end -%>
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/signup_notification.html.erb b/vendor/plugins/restful-authentication/generators/authenticated/templates/signup_notification.html.erb
deleted file mode 100644
index 05afaba..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/signup_notification.html.erb
+++ /dev/null
@@ -1,8 +0,0 @@
-Your account has been created.
-
- Username: <%%=h @<%= file_name %>.login %>
- Password: <%%=h @<%= file_name %>.password %>
-
-Visit this url to activate your account:
-
- <%%=h @url %>
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/site_keys.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/site_keys.rb
deleted file mode 100644
index 9de2f2b..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/site_keys.rb
+++ /dev/null
@@ -1,38 +0,0 @@
-
-# A Site key gives additional protection against a dictionary attack if your
-# DB is ever compromised. With no site key, we store
-# DB_password = hash(user_password, DB_user_salt)
-# If your database were to be compromised you'd be vulnerable to a dictionary
-# attack on all your stupid users' passwords. With a site key, we store
-# DB_password = hash(user_password, DB_user_salt, Code_site_key)
-# That means an attacker needs access to both your site's code *and* its
-# database to mount an "offline dictionary attack.":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html
-#
-# It's probably of minor importance, but recommended by best practices: 'defense
-# in depth'. Needless to say, if you upload this to github or the youtubes or
-# otherwise place it in public view you'll kinda defeat the point. Your users'
-# passwords are still secure, and the world won't end, but defense_in_depth -= 1.
-#
-# Please note: if you change this, all the passwords will be invalidated, so DO
-# keep it someplace secure. Use the random value given or type in the lyrics to
-# your favorite Jay-Z song or something; any moderately long, unpredictable text.
-REST_AUTH_SITE_KEY = '<%= $rest_auth_site_key_from_generator %>'
-
-# Repeated applications of the hash make brute force (even with a compromised
-# database and site key) harder, and scale with Moore's law.
-#
-# bq. "To squeeze the most security out of a limited-entropy password or
-# passphrase, we can use two techniques [salting and stretching]... that are
-# so simple and obvious that they should be used in every password system.
-# There is really no excuse not to use them." http://tinyurl.com/37lb73
-# Practical Security (Ferguson & Scheier) p350
-#
-# A modest 10 foldings (the default here) adds 3ms. This makes brute forcing 10
-# times harder, while reducing an app that otherwise serves 100 reqs/s to 78 signin
-# reqs/s, an app that does 10reqs/s to 9.7 reqs/s
-#
-# More:
-# * http://www.owasp.org/index.php/Hashing_Java
-# * "An Illustrated Guide to Cryptographic Hashes":http://www.unixwiz.net/techtips/iguide-crypto-hashes.html
-
-REST_AUTH_DIGEST_STRETCHES = <%= $rest_auth_digest_stretches_from_generator %>
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/access_control_spec.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/access_control_spec.rb
deleted file mode 100644
index ef44b7f..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/access_control_spec.rb
+++ /dev/null
@@ -1,90 +0,0 @@
-require File.dirname(__FILE__) + '<%= ('/..'*controller_class_nesting_depth) + '/../spec_helper' %>'
- # Be sure to include AuthenticatedTestHelper in spec/spec_helper.rb instead
-# Then, you can remove it from this and the units test.
-include AuthenticatedTestHelper
-
-#
-# A test controller with and without access controls
-#
-class AccessControlTestController < ApplicationController
- before_filter :login_required, :only => :login_is_required
- def login_is_required
- respond_to do |format|
- @foo = { 'success' => params[:format]||'no fmt given'}
- format.html do render :text => "success" end
- format.xml do render :xml => @foo, :status => :ok end
- format.json do render :json => @foo, :status => :ok end
- end
- end
- def login_not_required
- respond_to do |format|
- @foo = { 'success' => params[:format]||'no fmt given'}
- format.html do render :text => "success" end
- format.xml do render :xml => @foo, :status => :ok end
- format.json do render :json => @foo, :status => :ok end
- end
- end
-end
-
-#
-# Access Control
-#
-
-ACCESS_CONTROL_FORMATS = [
- ['', "success"],
- ['xml', "\n\n xml\n\n"],
- ['json', "{\"success\": \"json\"}"],]
-ACCESS_CONTROL_AM_I_LOGGED_IN = [
- [:i_am_logged_in, :quentin],
- [:i_am_not_logged_in, nil],]
-ACCESS_CONTROL_IS_LOGIN_REQD = [
- :login_not_required,
- :login_is_required,]
-
-describe AccessControlTestController do
- fixtures :<%= table_name %>
- before do
- # is there a better way to do this?
- ActionController::Routing::Routes.add_route '/login_is_required', :controller => 'access_control_test', :action => 'login_is_required'
- ActionController::Routing::Routes.add_route '/login_not_required', :controller => 'access_control_test', :action => 'login_not_required'
- end
-
- ACCESS_CONTROL_FORMATS.each do |format, success_text|
- ACCESS_CONTROL_AM_I_LOGGED_IN.each do |logged_in_status, <%= file_name %>_login|
- ACCESS_CONTROL_IS_LOGIN_REQD.each do |login_reqd_status|
- describe "requesting #{format.blank? ? 'html' : format}; #{logged_in_status.to_s.humanize} and #{login_reqd_status.to_s.humanize}" do
- before do
- logout_keeping_session!
- @<%= file_name %> = format.blank? ? login_as(<%= file_name %>_login) : authorize_as(<%= file_name %>_login)
- get login_reqd_status.to_s, :format => format
- end
-
- if ((login_reqd_status == :login_not_required) ||
- (login_reqd_status == :login_is_required && logged_in_status == :i_am_logged_in))
- it "succeeds" do
- response.should have_text(success_text)
- response.code.to_s.should == '200'
- end
-
- elsif (login_reqd_status == :login_is_required && logged_in_status == :i_am_not_logged_in)
- if ['html', ''].include? format
- it "redirects me to the log in page" do
- response.should redirect_to('/<%= controller_routing_path %>/new')
- end
- else
- it "returns 'Access denied' and a 406 (Access Denied) status code" do
- response.should have_text("HTTP Basic: Access denied.\n")
- response.code.to_s.should == '401'
- end
- end
-
- else
- warn "Oops no case for #{format} and #{logged_in_status.to_s.humanize} and #{login_reqd_status.to_s.humanize}"
- end
- end # describe
-
- end
- end
- end # cases
-
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/authenticated_system_spec.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/authenticated_system_spec.rb
deleted file mode 100644
index 2f34d6c..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/authenticated_system_spec.rb
+++ /dev/null
@@ -1,101 +0,0 @@
-require File.dirname(__FILE__) + '<%= ('/..'*controller_class_nesting_depth) + '/../spec_helper' %>'
-
-# Be sure to include AuthenticatedTestHelper in spec/spec_helper.rb instead
-# Then, you can remove it from this and the units test.
-include AuthenticatedTestHelper
-include AuthenticatedSystem
-
-describe <%= controller_class_name %>Controller do
- fixtures :<%= table_name %>
-
- before do
- # FIXME -- <%= controller_file_name %> controller not testing xml logins
- stub!(:authenticate_with_http_basic).and_return nil
- end
- describe "logout_killing_session!" do
- before do
- login_as :quentin
- stub!(:reset_session)
- end
- it 'resets the session' do should_receive(:reset_session); logout_killing_session! end
- it 'kills my auth_token cookie' do should_receive(:kill_remember_cookie!); logout_killing_session! end
- it 'nils the current <%= file_name %>' do logout_killing_session!; current_<%= file_name %>.should be_nil end
- it 'kills :<%= file_name %>_id session' do
- session.stub!(:[]=)
- session.should_receive(:[]=).with(:<%= file_name %>_id, nil).at_least(:once)
- logout_killing_session!
- end
- it 'forgets me' do
- current_<%= file_name %>.remember_me
- current_<%= file_name %>.remember_token.should_not be_nil; current_<%= file_name %>.remember_token_expires_at.should_not be_nil
- <%= class_name %>.find(1).remember_token.should_not be_nil; <%= class_name %>.find(1).remember_token_expires_at.should_not be_nil
- logout_killing_session!
- <%= class_name %>.find(1).remember_token.should be_nil; <%= class_name %>.find(1).remember_token_expires_at.should be_nil
- end
- end
-
- describe "logout_keeping_session!" do
- before do
- login_as :quentin
- stub!(:reset_session)
- end
- it 'does not reset the session' do should_not_receive(:reset_session); logout_keeping_session! end
- it 'kills my auth_token cookie' do should_receive(:kill_remember_cookie!); logout_keeping_session! end
- it 'nils the current <%= file_name %>' do logout_keeping_session!; current_<%= file_name %>.should be_nil end
- it 'kills :<%= file_name %>_id session' do
- session.stub!(:[]=)
- session.should_receive(:[]=).with(:<%= file_name %>_id, nil).at_least(:once)
- logout_keeping_session!
- end
- it 'forgets me' do
- current_<%= file_name %>.remember_me
- current_<%= file_name %>.remember_token.should_not be_nil; current_<%= file_name %>.remember_token_expires_at.should_not be_nil
- <%= class_name %>.find(1).remember_token.should_not be_nil; <%= class_name %>.find(1).remember_token_expires_at.should_not be_nil
- logout_keeping_session!
- <%= class_name %>.find(1).remember_token.should be_nil; <%= class_name %>.find(1).remember_token_expires_at.should be_nil
- end
- end
-
- describe 'When logged out' do
- it "should not be authorized?" do
- authorized?().should be_false
- end
- end
-
- #
- # Cookie Login
- #
- describe "Logging in by cookie" do
- def set_remember_token token, time
- @<%= file_name %>[:remember_token] = token;
- @<%= file_name %>[:remember_token_expires_at] = time
- @<%= file_name %>.save!
- end
- before do
- @<%= file_name %> = <%= class_name %>.find(:first);
- set_remember_token 'hello!', 5.minutes.from_now
- end
- it 'logs in with cookie' do
- stub!(:cookies).and_return({ :auth_token => 'hello!' })
- logged_in?.should be_true
- end
-
- it 'fails cookie login with bad cookie' do
- should_receive(:cookies).at_least(:once).and_return({ :auth_token => 'i_haxxor_joo' })
- logged_in?.should_not be_true
- end
-
- it 'fails cookie login with no cookie' do
- set_remember_token nil, nil
- should_receive(:cookies).at_least(:once).and_return({ })
- logged_in?.should_not be_true
- end
-
- it 'fails expired cookie login' do
- set_remember_token 'hello!', 5.minutes.ago
- stub!(:cookies).and_return({ :auth_token => 'hello!' })
- logged_in?.should_not be_true
- end
- end
-
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/sessions_controller_spec.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/sessions_controller_spec.rb
deleted file mode 100644
index 05a8dbe..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/sessions_controller_spec.rb
+++ /dev/null
@@ -1,139 +0,0 @@
-require File.dirname(__FILE__) + '<%= ('/..'*controller_class_nesting_depth) + '/../spec_helper' %>'
-
-# Be sure to include AuthenticatedTestHelper in spec/spec_helper.rb instead
-# Then, you can remove it from this and the units test.
-include AuthenticatedTestHelper
-
-describe <%= controller_class_name %>Controller do
- fixtures :<%= table_name %>
- before do
- @<%= file_name %> = mock_<%= file_name %>
- @login_params = { :login => 'quentin', :password => 'test' }
- <%= class_name %>.stub!(:authenticate).with(@login_params[:login], @login_params[:password]).and_return(@<%= file_name %>)
- end
- def do_create
- post :create, @login_params
- end
- describe "on successful login," do
- [ [:nil, nil, nil],
- [:expired, 'valid_token', 15.minutes.ago],
- [:different, 'i_haxxor_joo', 15.minutes.from_now],
- [:valid, 'valid_token', 15.minutes.from_now]
- ].each do |has_request_token, token_value, token_expiry|
- [ true, false ].each do |want_remember_me|
- describe "my request cookie token is #{has_request_token.to_s}," do
- describe "and ask #{want_remember_me ? 'to' : 'not to'} be remembered" do
- before do
- @ccookies = mock('cookies')
- controller.stub!(:cookies).and_return(@ccookies)
- @ccookies.stub!(:[]).with(:auth_token).and_return(token_value)
- @ccookies.stub!(:delete).with(:auth_token)
- @ccookies.stub!(:[]=)
- @<%= file_name %>.stub!(:remember_me)
- @<%= file_name %>.stub!(:refresh_token)
- @<%= file_name %>.stub!(:forget_me)
- @<%= file_name %>.stub!(:remember_token).and_return(token_value)
- @<%= file_name %>.stub!(:remember_token_expires_at).and_return(token_expiry)
- @<%= file_name %>.stub!(:remember_token?).and_return(has_request_token == :valid)
- if want_remember_me
- @login_params[:remember_me] = '1'
- else
- @login_params[:remember_me] = '0'
- end
- end
- it "kills existing login" do controller.should_receive(:logout_keeping_session!); do_create; end
- it "authorizes me" do do_create; controller.send(:authorized?).should be_true; end
- it "logs me in" do do_create; controller.send(:logged_in?).should be_true end
- it "greets me nicely" do do_create; response.flash[:notice].should =~ /success/i end
- it "sets/resets/expires cookie" do controller.should_receive(:handle_remember_cookie!).with(want_remember_me); do_create end
- it "sends a cookie" do controller.should_receive(:send_remember_cookie!); do_create end
- it 'redirects to the home page' do do_create; response.should redirect_to('/') end
- it "does not reset my session" do controller.should_not_receive(:reset_session).and_return nil; do_create end # change if you uncomment the reset_session path
- if (has_request_token == :valid)
- it 'does not make new token' do @<%= file_name %>.should_not_receive(:remember_me); do_create end
- it 'does refresh token' do @<%= file_name %>.should_receive(:refresh_token); do_create end
- it "sets an auth cookie" do do_create; end
- else
- if want_remember_me
- it 'makes a new token' do @<%= file_name %>.should_receive(:remember_me); do_create end
- it "does not refresh token" do @<%= file_name %>.should_not_receive(:refresh_token); do_create end
- it "sets an auth cookie" do do_create; end
- else
- it 'does not make new token' do @<%= file_name %>.should_not_receive(:remember_me); do_create end
- it 'does not refresh token' do @<%= file_name %>.should_not_receive(:refresh_token); do_create end
- it 'kills user token' do @<%= file_name %>.should_receive(:forget_me); do_create end
- end
- end
- end # inner describe
- end
- end
- end
- end
-
- describe "on failed login" do
- before do
- <%= class_name %>.should_receive(:authenticate).with(anything(), anything()).and_return(nil)
- login_as :quentin
- end
- it 'logs out keeping session' do controller.should_receive(:logout_keeping_session!); do_create end
- it 'flashes an error' do do_create; flash[:error].should =~ /Couldn't log you in as 'quentin'/ end
- it 'renders the log in page' do do_create; response.should render_template('new') end
- it "doesn't log me in" do do_create; controller.send(:logged_in?).should == false end
- it "doesn't send password back" do
- @login_params[:password] = 'FROBNOZZ'
- do_create
- response.should_not have_text(/FROBNOZZ/i)
- end
- end
-
- describe "on signout" do
- def do_destroy
- get :destroy
- end
- before do
- login_as :quentin
- end
- it 'logs me out' do controller.should_receive(:logout_killing_session!); do_destroy end
- it 'redirects me to the home page' do do_destroy; response.should be_redirect end
- end
-
-end
-
-describe <%= controller_class_name %>Controller do
- describe "route generation" do
- it "should route the new <%= controller_controller_name %> action correctly" do
- route_for(:controller => '<%= controller_controller_name %>', :action => 'new').should == "/login"
- end
- it "should route the create <%= controller_controller_name %> correctly" do
- route_for(:controller => '<%= controller_controller_name %>', :action => 'create').should == "/<%= controller_routing_path %>"
- end
- it "should route the destroy <%= controller_controller_name %> action correctly" do
- route_for(:controller => '<%= controller_controller_name %>', :action => 'destroy').should == "/logout"
- end
- end
-
- describe "route recognition" do
- it "should generate params from GET /login correctly" do
- params_from(:get, '/login').should == {:controller => '<%= controller_controller_name %>', :action => 'new'}
- end
- it "should generate params from POST /<%= controller_routing_path %> correctly" do
- params_from(:post, '/<%= controller_routing_path %>').should == {:controller => '<%= controller_controller_name %>', :action => 'create'}
- end
- it "should generate params from DELETE /<%= controller_routing_path %> correctly" do
- params_from(:delete, '/logout').should == {:controller => '<%= controller_controller_name %>', :action => 'destroy'}
- end
- end
-
- describe "named routing" do
- before(:each) do
- get :new
- end
- it "should route <%= controller_routing_name %>_path() correctly" do
- <%= controller_routing_name %>_path().should == "/<%= controller_routing_path %>"
- end
- it "should route new_<%= controller_routing_name %>_path() correctly" do
- new_<%= controller_routing_name %>_path().should == "/<%= controller_routing_path %>/new"
- end
- end
-
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/users_controller_spec.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/users_controller_spec.rb
deleted file mode 100644
index 5cf3cd7..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/users_controller_spec.rb
+++ /dev/null
@@ -1,198 +0,0 @@
-require File.dirname(__FILE__) + '<%= ('/..'*model_controller_class_nesting_depth) + '/../spec_helper' %>'
-
-# Be sure to include AuthenticatedTestHelper in spec/spec_helper.rb instead
-# Then, you can remove it from this and the units test.
-include AuthenticatedTestHelper
-
-describe <%= model_controller_class_name %>Controller do
- fixtures :<%= table_name %>
-
- it 'allows signup' do
- lambda do
- create_<%= file_name %>
- response.should be_redirect
- end.should change(<%= class_name %>, :count).by(1)
- end
-
- <% if options[:stateful] %>
- it 'signs up user in pending state' do
- create_<%= file_name %>
- assigns(:<%= file_name %>).reload
- assigns(:<%= file_name %>).should be_pending
- end<% end %>
-
-<% if options[:include_activation] -%>
- it 'signs up user with activation code' do
- create_<%= file_name %>
- assigns(:<%= file_name %>).reload
- assigns(:<%= file_name %>).activation_code.should_not be_nil
- end<% end -%>
-
- it 'requires login on signup' do
- lambda do
- create_<%= file_name %>(:login => nil)
- assigns[:<%= file_name %>].errors.on(:login).should_not be_nil
- response.should be_success
- end.should_not change(<%= class_name %>, :count)
- end
-
- it 'requires password on signup' do
- lambda do
- create_<%= file_name %>(:password => nil)
- assigns[:<%= file_name %>].errors.on(:password).should_not be_nil
- response.should be_success
- end.should_not change(<%= class_name %>, :count)
- end
-
- it 'requires password confirmation on signup' do
- lambda do
- create_<%= file_name %>(:password_confirmation => nil)
- assigns[:<%= file_name %>].errors.on(:password_confirmation).should_not be_nil
- response.should be_success
- end.should_not change(<%= class_name %>, :count)
- end
-
- it 'requires email on signup' do
- lambda do
- create_<%= file_name %>(:email => nil)
- assigns[:<%= file_name %>].errors.on(:email).should_not be_nil
- response.should be_success
- end.should_not change(<%= class_name %>, :count)
- end
-
- <% if options[:include_activation] %>
- it 'activates user' do
- <%= class_name %>.authenticate('aaron', 'monkey').should be_nil
- get :activate, :activation_code => <%= table_name %>(:aaron).activation_code
- response.should redirect_to('/login')
- flash[:notice].should_not be_nil
- flash[:error ].should be_nil
- <%= class_name %>.authenticate('aaron', 'monkey').should == <%= table_name %>(:aaron)
- end
-
- it 'does not activate user without key' do
- get :activate
- flash[:notice].should be_nil
- flash[:error ].should_not be_nil
- end
-
- it 'does not activate user with blank key' do
- get :activate, :activation_code => ''
- flash[:notice].should be_nil
- flash[:error ].should_not be_nil
- end
-
- it 'does not activate user with bogus key' do
- get :activate, :activation_code => 'i_haxxor_joo'
- flash[:notice].should be_nil
- flash[:error ].should_not be_nil
- end<% end %>
-
- def create_<%= file_name %>(options = {})
- post :create, :<%= file_name %> => { :login => 'quire', :email => 'quire@example.com',
- :password => 'quire69', :password_confirmation => 'quire69' }.merge(options)
- end
-end
-
-describe <%= model_controller_class_name %>Controller do
- describe "route generation" do
- it "should route <%= model_controller_controller_name %>'s 'index' action correctly" do
- route_for(:controller => '<%= model_controller_controller_name %>', :action => 'index').should == "/<%= model_controller_routing_path %>"
- end
-
- it "should route <%= model_controller_controller_name %>'s 'new' action correctly" do
- route_for(:controller => '<%= model_controller_controller_name %>', :action => 'new').should == "/signup"
- end
-
- it "should route {:controller => '<%= model_controller_controller_name %>', :action => 'create'} correctly" do
- route_for(:controller => '<%= model_controller_controller_name %>', :action => 'create').should == "/register"
- end
-
- it "should route <%= model_controller_controller_name %>'s 'show' action correctly" do
- route_for(:controller => '<%= model_controller_controller_name %>', :action => 'show', :id => '1').should == "/<%= model_controller_routing_path %>/1"
- end
-
- it "should route <%= model_controller_controller_name %>'s 'edit' action correctly" do
- route_for(:controller => '<%= model_controller_controller_name %>', :action => 'edit', :id => '1').should == "/<%= model_controller_routing_path %>/1/edit"
- end
-
- it "should route <%= model_controller_controller_name %>'s 'update' action correctly" do
- route_for(:controller => '<%= model_controller_controller_name %>', :action => 'update', :id => '1').should == "/<%= model_controller_routing_path %>/1"
- end
-
- it "should route <%= model_controller_controller_name %>'s 'destroy' action correctly" do
- route_for(:controller => '<%= model_controller_controller_name %>', :action => 'destroy', :id => '1').should == "/<%= model_controller_routing_path %>/1"
- end
- end
-
- describe "route recognition" do
- it "should generate params for <%= model_controller_controller_name %>'s index action from GET /<%= model_controller_routing_path %>" do
- params_from(:get, '/<%= model_controller_routing_path %>').should == {:controller => '<%= model_controller_controller_name %>', :action => 'index'}
- params_from(:get, '/<%= model_controller_routing_path %>.xml').should == {:controller => '<%= model_controller_controller_name %>', :action => 'index', :format => 'xml'}
- params_from(:get, '/<%= model_controller_routing_path %>.json').should == {:controller => '<%= model_controller_controller_name %>', :action => 'index', :format => 'json'}
- end
-
- it "should generate params for <%= model_controller_controller_name %>'s new action from GET /<%= model_controller_routing_path %>" do
- params_from(:get, '/<%= model_controller_routing_path %>/new').should == {:controller => '<%= model_controller_controller_name %>', :action => 'new'}
- params_from(:get, '/<%= model_controller_routing_path %>/new.xml').should == {:controller => '<%= model_controller_controller_name %>', :action => 'new', :format => 'xml'}
- params_from(:get, '/<%= model_controller_routing_path %>/new.json').should == {:controller => '<%= model_controller_controller_name %>', :action => 'new', :format => 'json'}
- end
-
- it "should generate params for <%= model_controller_controller_name %>'s create action from POST /<%= model_controller_routing_path %>" do
- params_from(:post, '/<%= model_controller_routing_path %>').should == {:controller => '<%= model_controller_controller_name %>', :action => 'create'}
- params_from(:post, '/<%= model_controller_routing_path %>.xml').should == {:controller => '<%= model_controller_controller_name %>', :action => 'create', :format => 'xml'}
- params_from(:post, '/<%= model_controller_routing_path %>.json').should == {:controller => '<%= model_controller_controller_name %>', :action => 'create', :format => 'json'}
- end
-
- it "should generate params for <%= model_controller_controller_name %>'s show action from GET /<%= model_controller_routing_path %>/1" do
- params_from(:get , '/<%= model_controller_routing_path %>/1').should == {:controller => '<%= model_controller_controller_name %>', :action => 'show', :id => '1'}
- params_from(:get , '/<%= model_controller_routing_path %>/1.xml').should == {:controller => '<%= model_controller_controller_name %>', :action => 'show', :id => '1', :format => 'xml'}
- params_from(:get , '/<%= model_controller_routing_path %>/1.json').should == {:controller => '<%= model_controller_controller_name %>', :action => 'show', :id => '1', :format => 'json'}
- end
-
- it "should generate params for <%= model_controller_controller_name %>'s edit action from GET /<%= model_controller_routing_path %>/1/edit" do
- params_from(:get , '/<%= model_controller_routing_path %>/1/edit').should == {:controller => '<%= model_controller_controller_name %>', :action => 'edit', :id => '1'}
- end
-
- it "should generate params {:controller => '<%= model_controller_controller_name %>', :action => update', :id => '1'} from PUT /<%= model_controller_routing_path %>/1" do
- params_from(:put , '/<%= model_controller_routing_path %>/1').should == {:controller => '<%= model_controller_controller_name %>', :action => 'update', :id => '1'}
- params_from(:put , '/<%= model_controller_routing_path %>/1.xml').should == {:controller => '<%= model_controller_controller_name %>', :action => 'update', :id => '1', :format => 'xml'}
- params_from(:put , '/<%= model_controller_routing_path %>/1.json').should == {:controller => '<%= model_controller_controller_name %>', :action => 'update', :id => '1', :format => 'json'}
- end
-
- it "should generate params for <%= model_controller_controller_name %>'s destroy action from DELETE /<%= model_controller_routing_path %>/1" do
- params_from(:delete, '/<%= model_controller_routing_path %>/1').should == {:controller => '<%= model_controller_controller_name %>', :action => 'destroy', :id => '1'}
- params_from(:delete, '/<%= model_controller_routing_path %>/1.xml').should == {:controller => '<%= model_controller_controller_name %>', :action => 'destroy', :id => '1', :format => 'xml'}
- params_from(:delete, '/<%= model_controller_routing_path %>/1.json').should == {:controller => '<%= model_controller_controller_name %>', :action => 'destroy', :id => '1', :format => 'json'}
- end
- end
-
- describe "named routing" do
- before(:each) do
- get :new
- end
-
- it "should route <%= model_controller_routing_name %>_path() to /<%= model_controller_routing_path %>" do
- <%= model_controller_routing_name %>_path().should == "/<%= model_controller_routing_path %>"
- formatted_<%= model_controller_routing_name %>_path(:format => 'xml').should == "/<%= model_controller_routing_path %>.xml"
- formatted_<%= model_controller_routing_name %>_path(:format => 'json').should == "/<%= model_controller_routing_path %>.json"
- end
-
- it "should route new_<%= model_controller_routing_name.singularize %>_path() to /<%= model_controller_routing_path %>/new" do
- new_<%= model_controller_routing_name.singularize %>_path().should == "/<%= model_controller_routing_path %>/new"
- formatted_new_<%= model_controller_routing_name.singularize %>_path(:format => 'xml').should == "/<%= model_controller_routing_path %>/new.xml"
- formatted_new_<%= model_controller_routing_name.singularize %>_path(:format => 'json').should == "/<%= model_controller_routing_path %>/new.json"
- end
-
- it "should route <%= model_controller_routing_name.singularize %>_(:id => '1') to /<%= model_controller_routing_path %>/1" do
- <%= model_controller_routing_name.singularize %>_path(:id => '1').should == "/<%= model_controller_routing_path %>/1"
- formatted_<%= model_controller_routing_name.singularize %>_path(:id => '1', :format => 'xml').should == "/<%= model_controller_routing_path %>/1.xml"
- formatted_<%= model_controller_routing_name.singularize %>_path(:id => '1', :format => 'json').should == "/<%= model_controller_routing_path %>/1.json"
- end
-
- it "should route edit_<%= model_controller_routing_name.singularize %>_path(:id => '1') to /<%= model_controller_routing_path %>/1/edit" do
- edit_<%= model_controller_routing_name.singularize %>_path(:id => '1').should == "/<%= model_controller_routing_path %>/1/edit"
- end
- end
-
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/fixtures/users.yml b/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/fixtures/users.yml
deleted file mode 100644
index 3d711fe..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/fixtures/users.yml
+++ /dev/null
@@ -1,60 +0,0 @@
-<%
- ## this code must match that in templates/model.rb
- require 'digest/sha1'
- def make_fake_token
- @fake_token_counter ||= 0
- @fake_token_counter += 1
- Digest::SHA1.hexdigest(@fake_token_counter.to_s)
- end
- salts = (1..2).map{ make_fake_token }
- passwds = salts.map{ |salt| password_digest('monkey', salt) }
--%>
-
-quentin:
- id: 1
- login: quentin
- email: quentin@example.com
- salt: <%= salts[0] %> # SHA1('0')
- crypted_password: <%= passwds[0] %> # 'monkey'
- created_at: <%%= 5.days.ago.to_s :db %>
- remember_token_expires_at: <%%= 1.days.from_now.to_s %>
- remember_token: <%= make_fake_token %>
-<% if options[:include_activation] -%>
- activation_code:
- activated_at: <%%= 5.days.ago.to_s :db %>
-<% end -%>
-<% if options[:stateful] -%>
- state: active
-<% end -%>
-
-aaron:
- id: 2
- login: aaron
- email: aaron@example.com
- salt: <%= salts[1] %> # SHA1('1')
- crypted_password: <%= passwds[1] %> # 'monkey'
- created_at: <%%= 1.days.ago.to_s :db %>
- remember_token_expires_at:
- remember_token:
-<% if options[:include_activation] -%>
- activation_code: <%= make_fake_token %>
- activated_at:
-<% end -%>
-<% if options[:stateful] %>
- state: pending
-<% end -%>
-
-
-old_password_holder:
- id: 3
- login: old_password_holder
- email: salty_dog@example.com
- salt: 7e3041ebc2fc05a40c60028e2c4901a81035d3cd
- crypted_password: 00742970dc9e6319f8019fd54864d3ea740f04b1 # test
- created_at: <%%= 1.days.ago.to_s :db %>
-<% if options[:include_activation] %>
- activation_code:
- activated_at: <%%= 5.days.ago.to_s :db %>
-<% end %>
-<% if options[:stateful] %>
- state: active<% end %>
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/helpers/users_helper_spec.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/helpers/users_helper_spec.rb
deleted file mode 100644
index f7b09e8..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/helpers/users_helper_spec.rb
+++ /dev/null
@@ -1,141 +0,0 @@
-require File.dirname(__FILE__) + '<%= ('/..'*model_controller_class_nesting_depth) + '/../spec_helper' %>'
-include ApplicationHelper
-include <%= model_controller_class_name %>Helper
-include AuthenticatedTestHelper
-
-describe <%= model_controller_class_name %>Helper do
- before do
- @<%= file_name %> = mock_<%= file_name %>
- end
-
- describe "if_authorized" do
- it "yields if authorized" do
- should_receive(:authorized?).with('a','r').and_return(true)
- if_authorized?('a','r'){|action,resource| [action,resource,'hi'] }.should == ['a','r','hi']
- end
- it "does nothing if not authorized" do
- should_receive(:authorized?).with('a','r').and_return(false)
- if_authorized?('a','r'){ 'hi' }.should be_nil
- end
- end
-
- describe "link_to_<%= file_name %>" do
- it "should give an error on a nil <%= file_name %>" do
- lambda { link_to_<%= file_name %>(nil) }.should raise_error('Invalid <%= file_name %>')
- end
- it "should link to the given <%= file_name %>" do
- should_receive(:<%= model_controller_routing_name.singularize %>_path).at_least(:once).and_return('/<%= model_controller_file_path %>/1')
- link_to_<%= file_name %>(@<%= file_name %>).should have_tag("a[href='/<%= model_controller_file_path %>/1']")
- end
- it "should use given link text if :content_text is specified" do
- link_to_<%= file_name %>(@<%= file_name %>, :content_text => 'Hello there!').should have_tag("a", 'Hello there!')
- end
- it "should use the login as link text with no :content_method specified" do
- link_to_<%= file_name %>(@<%= file_name %>).should have_tag("a", 'user_name')
- end
- it "should use the name as link text with :content_method => :name" do
- link_to_<%= file_name %>(@<%= file_name %>, :content_method => :name).should have_tag("a", 'U. Surname')
- end
- it "should use the login as title with no :title_method specified" do
- link_to_<%= file_name %>(@<%= file_name %>).should have_tag("a[title='user_name']")
- end
- it "should use the name as link title with :content_method => :name" do
- link_to_<%= file_name %>(@<%= file_name %>, :title_method => :name).should have_tag("a[title='U. Surname']")
- end
- it "should have nickname as a class by default" do
- link_to_<%= file_name %>(@<%= file_name %>).should have_tag("a.nickname")
- end
- it "should take other classes and no longer have the nickname class" do
- result = link_to_<%= file_name %>(@<%= file_name %>, :class => 'foo bar')
- result.should have_tag("a.foo")
- result.should have_tag("a.bar")
- end
- end
-
- describe "link_to_login_with_IP" do
- it "should link to the login_path" do
- link_to_login_with_IP().should have_tag("a[href='/login']")
- end
- it "should use given link text if :content_text is specified" do
- link_to_login_with_IP('Hello there!').should have_tag("a", 'Hello there!')
- end
- it "should use the login as link text with no :content_method specified" do
- link_to_login_with_IP().should have_tag("a", '0.0.0.0')
- end
- it "should use the ip address as title" do
- link_to_login_with_IP().should have_tag("a[title='0.0.0.0']")
- end
- it "should by default be like school in summer and have no class" do
- link_to_login_with_IP().should_not have_tag("a.nickname")
- end
- it "should have some class if you tell it to" do
- result = link_to_login_with_IP(nil, :class => 'foo bar')
- result.should have_tag("a.foo")
- result.should have_tag("a.bar")
- end
- it "should have some class if you tell it to" do
- result = link_to_login_with_IP(nil, :tag => 'abbr')
- result.should have_tag("abbr[title='0.0.0.0']")
- end
- end
-
- describe "link_to_current_<%= file_name %>, When logged in" do
- before do
- stub!(:current_<%= file_name %>).and_return(@<%= file_name %>)
- end
- it "should link to the given <%= file_name %>" do
- should_receive(:<%= model_controller_routing_name.singularize %>_path).at_least(:once).and_return('/<%= model_controller_file_path %>/1')
- link_to_current_<%= file_name %>().should have_tag("a[href='/<%= model_controller_file_path %>/1']")
- end
- it "should use given link text if :content_text is specified" do
- link_to_current_<%= file_name %>(:content_text => 'Hello there!').should have_tag("a", 'Hello there!')
- end
- it "should use the login as link text with no :content_method specified" do
- link_to_current_<%= file_name %>().should have_tag("a", 'user_name')
- end
- it "should use the name as link text with :content_method => :name" do
- link_to_current_<%= file_name %>(:content_method => :name).should have_tag("a", 'U. Surname')
- end
- it "should use the login as title with no :title_method specified" do
- link_to_current_<%= file_name %>().should have_tag("a[title='user_name']")
- end
- it "should use the name as link title with :content_method => :name" do
- link_to_current_<%= file_name %>(:title_method => :name).should have_tag("a[title='U. Surname']")
- end
- it "should have nickname as a class" do
- link_to_current_<%= file_name %>().should have_tag("a.nickname")
- end
- it "should take other classes and no longer have the nickname class" do
- result = link_to_current_<%= file_name %>(:class => 'foo bar')
- result.should have_tag("a.foo")
- result.should have_tag("a.bar")
- end
- end
-
- describe "link_to_current_<%= file_name %>, When logged out" do
- before do
- stub!(:current_<%= file_name %>).and_return(nil)
- end
- it "should link to the login_path" do
- link_to_current_<%= file_name %>().should have_tag("a[href='/login']")
- end
- it "should use given link text if :content_text is specified" do
- link_to_current_<%= file_name %>(:content_text => 'Hello there!').should have_tag("a", 'Hello there!')
- end
- it "should use 'not signed in' as link text with no :content_method specified" do
- link_to_current_<%= file_name %>().should have_tag("a", 'not signed in')
- end
- it "should use the ip address as title" do
- link_to_current_<%= file_name %>().should have_tag("a[title='0.0.0.0']")
- end
- it "should by default be like school in summer and have no class" do
- link_to_current_<%= file_name %>().should_not have_tag("a.nickname")
- end
- it "should have some class if you tell it to" do
- result = link_to_current_<%= file_name %>(:class => 'foo bar')
- result.should have_tag("a.foo")
- result.should have_tag("a.bar")
- end
- end
-
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/models/user_spec.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/models/user_spec.rb
deleted file mode 100644
index 5029d0c..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/models/user_spec.rb
+++ /dev/null
@@ -1,290 +0,0 @@
-# -*- coding: utf-8 -*-
-require File.dirname(__FILE__) + '<%= ('/..'*model_controller_class_nesting_depth) + '/../spec_helper' %>'
-
-# Be sure to include AuthenticatedTestHelper in spec/spec_helper.rb instead.
-# Then, you can remove it from this and the functional test.
-include AuthenticatedTestHelper
-
-describe <%= class_name %> do
- fixtures :<%= table_name %>
-
- describe 'being created' do
- before do
- @<%= file_name %> = nil
- @creating_<%= file_name %> = lambda do
- @<%= file_name %> = create_<%= file_name %>
- violated "#{@<%= file_name %>.errors.full_messages.to_sentence}" if @<%= file_name %>.new_record?
- end
- end
-
- it 'increments <%= class_name %>#count' do
- @creating_<%= file_name %>.should change(<%= class_name %>, :count).by(1)
- end
-<% if options[:include_activation] %>
- it 'initializes #activation_code' do
- @creating_<%= file_name %>.call
- @<%= file_name %>.reload
- @<%= file_name %>.activation_code.should_not be_nil
- end
-<% end %><% if options[:stateful] %>
- it 'starts in pending state' do
- @creating_<%= file_name %>.call
- @<%= file_name %>.reload
- @<%= file_name %>.should be_pending
- end
-<% end %> end
-
- #
- # Validations
- #
-
- it 'requires login' do
- lambda do
- u = create_<%= file_name %>(:login => nil)
- u.errors.on(:login).should_not be_nil
- end.should_not change(<%= class_name %>, :count)
- end
-
- describe 'allows legitimate logins:' do
- ['123', '1234567890_234567890_234567890_234567890',
- 'hello.-_there@funnychar.com'].each do |login_str|
- it "'#{login_str}'" do
- lambda do
- u = create_<%= file_name %>(:login => login_str)
- u.errors.on(:login).should be_nil
- end.should change(<%= class_name %>, :count).by(1)
- end
- end
- end
- describe 'disallows illegitimate logins:' do
- ['12', '1234567890_234567890_234567890_234567890_', "tab\t", "newline\n",
- "Iñtërnâtiônàlizætiøn hasn't happened to ruby 1.8 yet",
- 'semicolon;', 'quote"', 'tick\'', 'backtick`', 'percent%', 'plus+', 'space '].each do |login_str|
- it "'#{login_str}'" do
- lambda do
- u = create_<%= file_name %>(:login => login_str)
- u.errors.on(:login).should_not be_nil
- end.should_not change(<%= class_name %>, :count)
- end
- end
- end
-
- it 'requires password' do
- lambda do
- u = create_<%= file_name %>(:password => nil)
- u.errors.on(:password).should_not be_nil
- end.should_not change(<%= class_name %>, :count)
- end
-
- it 'requires password confirmation' do
- lambda do
- u = create_<%= file_name %>(:password_confirmation => nil)
- u.errors.on(:password_confirmation).should_not be_nil
- end.should_not change(<%= class_name %>, :count)
- end
-
- it 'requires email' do
- lambda do
- u = create_<%= file_name %>(:email => nil)
- u.errors.on(:email).should_not be_nil
- end.should_not change(<%= class_name %>, :count)
- end
-
- describe 'allows legitimate emails:' do
- ['foo@bar.com', 'foo@newskool-tld.museum', 'foo@twoletter-tld.de', 'foo@nonexistant-tld.qq',
- 'r@a.wk', '1234567890-234567890-234567890-234567890-234567890-234567890-234567890-234567890-234567890@gmail.com',
- 'hello.-_there@funnychar.com', 'uucp%addr@gmail.com', 'hello+routing-str@gmail.com',
- 'domain@can.haz.many.sub.doma.in', 'student.name@university.edu'
- ].each do |email_str|
- it "'#{email_str}'" do
- lambda do
- u = create_<%= file_name %>(:email => email_str)
- u.errors.on(:email).should be_nil
- end.should change(<%= class_name %>, :count).by(1)
- end
- end
- end
- describe 'disallows illegitimate emails' do
- ['!!@nobadchars.com', 'foo@no-rep-dots..com', 'foo@badtld.xxx', 'foo@toolongtld.abcdefg',
- 'Iñtërnâtiônàlizætiøn@hasnt.happened.to.email', 'need.domain.and.tld@de', "tab\t", "newline\n",
- 'r@.wk', '1234567890-234567890-234567890-234567890-234567890-234567890-234567890-234567890-234567890@gmail2.com',
- # these are technically allowed but not seen in practice:
- 'uucp!addr@gmail.com', 'semicolon;@gmail.com', 'quote"@gmail.com', 'tick\'@gmail.com', 'backtick`@gmail.com', 'space @gmail.com', 'bracket<@gmail.com', 'bracket>@gmail.com'
- ].each do |email_str|
- it "'#{email_str}'" do
- lambda do
- u = create_<%= file_name %>(:email => email_str)
- u.errors.on(:email).should_not be_nil
- end.should_not change(<%= class_name %>, :count)
- end
- end
- end
-
- describe 'allows legitimate names:' do
- ['Andre The Giant (7\'4", 520 lb.) -- has a posse',
- '', '1234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890',
- ].each do |name_str|
- it "'#{name_str}'" do
- lambda do
- u = create_<%= file_name %>(:name => name_str)
- u.errors.on(:name).should be_nil
- end.should change(<%= class_name %>, :count).by(1)
- end
- end
- end
- describe "disallows illegitimate names" do
- ["tab\t", "newline\n",
- '1234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_',
- ].each do |name_str|
- it "'#{name_str}'" do
- lambda do
- u = create_<%= file_name %>(:name => name_str)
- u.errors.on(:name).should_not be_nil
- end.should_not change(<%= class_name %>, :count)
- end
- end
- end
-
- it 'resets password' do
- <%= table_name %>(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
- <%= class_name %>.authenticate('quentin', 'new password').should == <%= table_name %>(:quentin)
- end
-
- it 'does not rehash password' do
- <%= table_name %>(:quentin).update_attributes(:login => 'quentin2')
- <%= class_name %>.authenticate('quentin2', 'monkey').should == <%= table_name %>(:quentin)
- end
-
- #
- # Authentication
- #
-
- it 'authenticates <%= file_name %>' do
- <%= class_name %>.authenticate('quentin', 'monkey').should == <%= table_name %>(:quentin)
- end
-
- it "doesn't authenticate <%= file_name %> with bad password" do
- <%= class_name %>.authenticate('quentin', 'invalid_password').should be_nil
- end
-
- if REST_AUTH_SITE_KEY.blank?
- # old-school passwords
- it "authenticates a user against a hard-coded old-style password" do
- <%= class_name %>.authenticate('old_password_holder', 'test').should == <%= table_name %>(:old_password_holder)
- end
- else
- it "doesn't authenticate a user against a hard-coded old-style password" do
- <%= class_name %>.authenticate('old_password_holder', 'test').should be_nil
- end
-
- # New installs should bump this up and set REST_AUTH_DIGEST_STRETCHES to give a 10ms encrypt time or so
- desired_encryption_expensiveness_ms = 0.1
- it "takes longer than #{desired_encryption_expensiveness_ms}ms to encrypt a password" do
- test_reps = 100
- start_time = Time.now; test_reps.times{ <%= class_name %>.authenticate('quentin', 'monkey'+rand.to_s) }; end_time = Time.now
- auth_time_ms = 1000 * (end_time - start_time)/test_reps
- auth_time_ms.should > desired_encryption_expensiveness_ms
- end
- end
-
- #
- # Authentication
- #
-
- it 'sets remember token' do
- <%= table_name %>(:quentin).remember_me
- <%= table_name %>(:quentin).remember_token.should_not be_nil
- <%= table_name %>(:quentin).remember_token_expires_at.should_not be_nil
- end
-
- it 'unsets remember token' do
- <%= table_name %>(:quentin).remember_me
- <%= table_name %>(:quentin).remember_token.should_not be_nil
- <%= table_name %>(:quentin).forget_me
- <%= table_name %>(:quentin).remember_token.should be_nil
- end
-
- it 'remembers me for one week' do
- before = 1.week.from_now.utc
- <%= table_name %>(:quentin).remember_me_for 1.week
- after = 1.week.from_now.utc
- <%= table_name %>(:quentin).remember_token.should_not be_nil
- <%= table_name %>(:quentin).remember_token_expires_at.should_not be_nil
- <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after).should be_true
- end
-
- it 'remembers me until one week' do
- time = 1.week.from_now.utc
- <%= table_name %>(:quentin).remember_me_until time
- <%= table_name %>(:quentin).remember_token.should_not be_nil
- <%= table_name %>(:quentin).remember_token_expires_at.should_not be_nil
- <%= table_name %>(:quentin).remember_token_expires_at.should == time
- end
-
- it 'remembers me default two weeks' do
- before = 2.weeks.from_now.utc
- <%= table_name %>(:quentin).remember_me
- after = 2.weeks.from_now.utc
- <%= table_name %>(:quentin).remember_token.should_not be_nil
- <%= table_name %>(:quentin).remember_token_expires_at.should_not be_nil
- <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after).should be_true
- end
-<% if options[:stateful] %>
- it 'registers passive <%= file_name %>' do
- <%= file_name %> = create_<%= file_name %>(:password => nil, :password_confirmation => nil)
- <%= file_name %>.should be_passive
- <%= file_name %>.update_attributes(:password => 'new password', :password_confirmation => 'new password')
- <%= file_name %>.register!
- <%= file_name %>.should be_pending
- end
-
- it 'suspends <%= file_name %>' do
- <%= table_name %>(:quentin).suspend!
- <%= table_name %>(:quentin).should be_suspended
- end
-
- it 'does not authenticate suspended <%= file_name %>' do
- <%= table_name %>(:quentin).suspend!
- <%= class_name %>.authenticate('quentin', 'monkey').should_not == <%= table_name %>(:quentin)
- end
-
- it 'deletes <%= file_name %>' do
- <%= table_name %>(:quentin).deleted_at.should be_nil
- <%= table_name %>(:quentin).delete!
- <%= table_name %>(:quentin).deleted_at.should_not be_nil
- <%= table_name %>(:quentin).should be_deleted
- end
-
- describe "being unsuspended" do
- fixtures :<%= table_name %>
-
- before do
- @<%= file_name %> = <%= table_name %>(:quentin)
- @<%= file_name %>.suspend!
- end
-
- it 'reverts to active state' do
- @<%= file_name %>.unsuspend!
- @<%= file_name %>.should be_active
- end
-
- it 'reverts to passive state if activation_code and activated_at are nil' do
- <%= class_name %>.update_all :activation_code => nil, :activated_at => nil
- @<%= file_name %>.reload.unsuspend!
- @<%= file_name %>.should be_passive
- end
-
- it 'reverts to pending state if activation_code is set and activated_at is nil' do
- <%= class_name %>.update_all :activation_code => 'foo-bar', :activated_at => nil
- @<%= file_name %>.reload.unsuspend!
- @<%= file_name %>.should be_pending
- end
- end
-<% end %>
-protected
- def create_<%= file_name %>(options = {})
- record = <%= class_name %>.new({ :login => 'quire', :email => 'quire@example.com', :password => 'quire69', :password_confirmation => 'quire69' }.merge(options))
- record.<% if options[:stateful] %>register! if record.valid?<% else %>save<% end %>
- record
- end
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/rest_auth_stories.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/rest_auth_stories.rb
deleted file mode 100755
index f2ec3f9..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/rest_auth_stories.rb
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/usr/bin/env ruby
-ENV["RAILS_ENV"] = "test"
-require File.expand_path(File.dirname(__FILE__) + "/../config/environment")
-require 'spec/rails/story_adapter'
-require 'spec/story'
-require File.expand_path(File.dirname(__FILE__) + "/rest_auth_stories_helper.rb")
-
-# Make visible for testing
-ApplicationController.send(:public, :logged_in?, :current_user, :authorized?)
-
-this_dir = File.dirname(__FILE__)
-Dir[File.join(this_dir, "steps/*.rb")].each do |file|
- puts file.to_s
- require file
-end
-
-with_steps_for :ra_navigation, :ra_response, :ra_resource, :<%= file_name %> do
- story_files = Dir[File.join(this_dir, "<%= table_name %>", '*.story')]
- story_files.each do |file|
- run file, :type => RailsStory
- end
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/rest_auth_stories_helper.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/rest_auth_stories_helper.rb
deleted file mode 100644
index e725e98..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/rest_auth_stories_helper.rb
+++ /dev/null
@@ -1,81 +0,0 @@
-# If you have a global stories helper, move this line there:
-include AuthenticatedTestHelper
-
-# Most of the below came out of code from Ben Mabey
-# http://www.benmabey.com/2008/02/04/rspec-plain-text-stories-webrat-chunky-bacon/
-
-# These allow exceptions to come through as opposed to being caught and having non-helpful responses returned.
-ActionController::Base.class_eval do
- def perform_action
- perform_action_without_rescue
- end
-end
-Dispatcher.class_eval do
- def self.failsafe_response(output, status, exception = nil)
- raise exception
- end
-end
-
-#
-# Sugar for turning a story's attribute list into list, array, etc.
-#
-module ToFooFromStory
- def ToFooFromStory.fix_key key
- key.downcase.gsub(/\s+/, '_')
- end
- def ToFooFromStory.fix_value value
- return '' if !value
- value.strip!
- case
- when value =~ /^'(.*)'$/ then value = $1
- when value =~ /^"(.*)"$/ then value = $1
- when value == 'nil!' then value = nil
- when value == 'non-nil!' then value = be_nil
- when value =~ /^#\{(.*)\}$/ then value = eval($1)
- end
- value
- end
- # Converts a key: value list found in the steps into a hash.
- # Example:
- # ISBN: '0967539854' and comment: 'I love this book' and Quality rating: '4'
- # # => {"quality_rating"=>"4", "isbn"=>"0967539854", "comment"=>"I love this book"}
- def to_hash_from_story
- hsh = self.split(/,? and |, /).inject({}) do |hash_so_far, key_value|
- key, value = key_value.split(":")
- if !value then warn "Couldn't understand story '#{self}': only understood up to the part '#{hash_so_far.to_yaml}'" end
- hash_so_far.merge(ToFooFromStory::fix_key(key) => ToFooFromStory::fix_value(value))
- end
- end
- # Coverts an attribute list found in the steps into an array
- # Example:
- # login, email, updated_at, and gravatar
- # # => ['login', 'email', 'updated_at', 'gravatar']
- def to_array_from_story
- self.split(/,? and |, /).map do |value|
- ToFooFromStory::fix_value(value)
- end
- end
-end
-class String
- include ToFooFromStory
-end
-
-def instantize(string)
- instance_variable_get("@#{string}")
-end
-
-#
-# Spew response onto screen -- painful but scrolling >> debugger
-#
-def dump_response
- # note that @request and @template won't to_yaml and that @session includes @cgi
- response_methods = response.instance_variables - ['@request', '@template', '@cgi']
- request_methods = response.request.instance_variables - ['@session_options_with_string_keys', '@cgi', '@session']
- response_methods.map!{|attr| attr.gsub(/^@/,'')}.sort!
- request_methods.map!{ |attr| attr.gsub(/^@/,'')}.sort!
- puts '', '*' * 75,
- response.instance_values.slice(*response_methods).to_yaml,
- "*" * 75, '',
- response.request.instance_values.slice(*request_methods).to_yaml,
- "*" * 75, ''
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/steps/ra_navigation_steps.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/steps/ra_navigation_steps.rb
deleted file mode 100644
index 4ee361c..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/steps/ra_navigation_steps.rb
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# Where to go
-#
-steps_for(:ra_navigation) do
- #
- # GET
- # Go to a given page.
- When "$actor goes to $path" do |actor, path|
- case path
- when 'the home page' then get '/'
- else get path
- end
- end
-
- # POST -- Ex:
- # When she creates a book with ISBN: '0967539854' and comment: 'I love this book' and rating: '4'
- # When she creates a singular session with login: 'reggie' and password: 'i_haxxor_joo'
- # Since I'm not smrt enough to do it right, explicitly specify singular resources
- When %r{$actor creates an? $resource with $attributes} do |actor, resource, attributes|
- attributes = attributes.to_hash_from_story
- if resource =~ /singular (\w+)/
- resource = $1.downcase.singularize
- post "/#{resource}", attributes
- else
- post "/#{resource.downcase.pluralize}", { resource.downcase.singularize => attributes }
- end
- end
-
- # PUT
- When %r{$actor asks to update '$resource' with $attributes} do |_, resource, attributes|
- attributes = attributes.to_hash_from_story
- put "#{resource}", attributes
- dump_response
- end
-
- # DELETE -- Slap together the POST-form-as-fake-HTTP-DELETE submission
- When %r{$actor asks to delete '$resource'} do |_, resource|
- post "/#{resource.downcase.pluralize}", { :_method => :delete }
- dump_response
- end
-
-
- # Redirect --
- # Rather than coding in get/get_via_redirect's and past/p_v_r's,
- # let's just demand that in the story itself.
- When "$actor follows that redirect!" do |actor|
- follow_redirect!
- end
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/steps/ra_resource_steps.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/steps/ra_resource_steps.rb
deleted file mode 100644
index 7403b8e..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/steps/ra_resource_steps.rb
+++ /dev/null
@@ -1,179 +0,0 @@
-# The flexible code for resource testing came out of code from Ben Mabey
-# http://www.benmabey.com/2008/02/04/rspec-plain-text-stories-webrat-chunky-bacon/
-steps_for(:ra_resource) do
- #
- # Construct resources
- #
-
- #
- # Build a resource as described, store it as an @instance variable. Ex:
- # "Given a <%= file_name %> with login: 'mojojojo'"
- # produces a <%= class_name %> instance stored in @<%= file_name %> with 'mojojojo' as its login
- # attribute.
- #
- Given "a $resource instance with $attributes" do |resource, attributes|
- klass, instance, attributes = parse_resource_args resource, attributes
- instance = klass.new(attributes)
- instance.save!
- find_resource(resource, attributes).should_not be_nil
- keep_instance! resource, instance
- end
-
- #
- # Stuff attributes into a preexisting @resource
- # "And the <%= file_name %> has thac0: 3"
- # takes the earlier-defined @<%= file_name %> instance and sets its thac0 to '3'.
- #
- Given "the $resource has $attributes" do |resource, attributes|
- klass, instance, attributes = parse_resource_args resource, attributes
- attributes.each do |attr, val|
- instance.send("#{attr}=", val)
- end
- instance.save!
- find_resource(resource, attributes).should_not be_nil
- keep_instance! resource, instance
- end
-
- #
- # Destroy all for this resource
- #
- Given "no $resource with $attr: '$val' exists" do |resource, attr, val|
- klass, instance = parse_resource_args resource
- klass.destroy_all(attr.to_sym => val)
- instance = find_resource resource, attr.to_sym => val
- instance.should be_nil
- keep_instance! resource, instance
- end
-
- #
- # Then's for resources
- #
-
- # Resource like this DOES exist
- Then %r{an? $resource with $attributes should exist} do |resource, attributes|
- instance = find_resource resource, attributes
- instance.should_not be_nil
- keep_instance! resource, instance
- end
- # Resource like this DOES NOT exist
- Then %r{no $resource with $attributes should exist} do |resource, attributes|
- instance = find_resource resource, attributes
- instance.should be_nil
- end
-
- # Resource has attributes with given values
- Then "the $resource should have $attributes" do |resource, attributes|
- klass, instance, attributes = parse_resource_args resource, attributes
- attributes.each do |attr, val|
- instance.send(attr).should == val
- end
- end
- # Resource attributes should / should not be nil
- Then "the $resource's $attr should be nil" do |resource, attr|
- klass, instance = parse_resource_args resource
- instance.send(attr).should be_nil
- end
- Then "the $resource's $attr should not be nil" do |resource, attr|
- klass, instance = parse_resource_args resource
- instance.send(attr).should_not be_nil
- end
-
- #
- # Bank each of the @resource's listed attributes for later.
- #
- Given "we try hard to remember the $resource's $attributes" do |resource, attributes|
- attributes = attributes.to_array_from_story
- attributes.each do |attr|
- memorize_resource_value resource, attr
- end
- end
- #
- # Bank each of the @resource's listed attributes for later.
- #
- Given "we don't remember anything about the past" do
- memorize_forget_all!
- end
-
- #
- # Compare @resource.attr to its earlier-memorized value.
- # Specify ' using method_name' (abs, to_s, &c) to coerce before comparing.
- # For important and mysterious reasons, timestamps want to_i or to_s.
- #
- Then %r{the $resource\'s $attribute should stay the same(?: under $func)?} do |resource, attr, func|
- klass, instance = parse_resource_args resource
- # Get the values
- old_value = recall_resource_value(resource, attr)
- new_value = instance.send(attr)
- # Transform each value, maybe, using value.func
- if func then new_value = new_value.send(func); old_value = old_value.send(func) end
- # Compare
- old_value.should eql(new_value)
- end
-
- #
- # Look for each for the given attributes in the page's text
- #
- Then "page should have the $resource's $attributes" do |resource, attributes|
- actual_resource = instantize(resource)
- attributes.split(/, and |, /).each do |attribute|
- response.should have_text(/#{actual_resource.send(attribute.strip.gsub(" ","_"))}/)
- end
- end
-
-end
-
-#
-# Turn a resource name and a to_hash_from_story string like
-# "attr: 'value', attr2: 'value2', ... , and attrN: 'valueN'"
-# into
-# * klass -- the class matching that Resource
-# * instance -- the possibly-preexisting local instance value @resource
-# * attributes -- a hash matching the given attribute-list string
-#
-def parse_resource_args resource, attributes=nil
- instance = instantize resource
- klass = resource.classify.constantize
- attributes = attributes.to_hash_from_story if attributes
- [klass, instance, attributes]
-end
-
-#
-# Given a class name 'resource' and a hash of conditsion, find a model
-#
-def find_resource resource, conditions
- klass, instance = parse_resource_args resource
- conditions = conditions.to_hash_from_story unless (conditions.is_a? Hash)
- klass.find(:first, :conditions => conditions)
-end
-
-#
-# Simple, brittle, useful: store the given resource's attribute
-# so we can compare it later.
-#
-def memorize_resource_value resource, attr
- klass, instance = parse_resource_args resource
- value = instance.send(attr)
- @_memorized ||= {}
- @_memorized[resource] ||= {}
- @_memorized[resource][attr] = value
- value
-end
-def recall_resource_value resource, attr
- @_memorized[resource][attr]
-end
-def memorize_forget_all!
- @_memorized = {}
-end
-
-#
-# Keep the object around in a local instance variable @resource.
-#
-# So, for instance,
-# klass, instance = parse_resource_args '<%= file_name %>'
-# instance = klass.new({login => 'me', password => 'monkey', ...})
-# keep_instance! resource, instance
-# keeps the just-constructed <%= class_name %> model in the @<%= file_name %> instance variable.
-#
-def keep_instance! resource, object
- instance_variable_set("@#{resource}", object)
-end
diff --git a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/steps/ra_response_steps.rb b/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/steps/ra_response_steps.rb
deleted file mode 100644
index a18aff3..0000000
--- a/vendor/plugins/restful-authentication/generators/authenticated/templates/stories/steps/ra_response_steps.rb
+++ /dev/null
@@ -1,171 +0,0 @@
-#
-# What you should see when you get there
-#
-
-steps_for(:ra_response) do
- #
- # Destinations. Ex:
- # She should be at the new kids page
- # Tarkin should be at the destroy alderaan page
- # The visitor should be at the '/lolcats/download' form
- # The visitor should be redirected to '/hi/mom'
- #
- # It doesn't know anything about actual routes -- it just
- # feeds its output to render_template or redirect_to
- #
- Then "$actor should be at $path" do |_, path|
- response.should render_template(grok_path(path))
- end
-
- Then "$actor should be redirected to $path" do |_, path|
- response.should redirect_to(grok_path(path))
- end
-
- Then "the page should look AWESOME" do
- response.should have_tag('head>title')
- response.should have_tag('h1')
- # response.should be_valid_xhtml
- end
-
- #
- # Tags
- #
-
- Then "the page should contain '$text'" do |_, text|
- response.should have_text(/#{text}/)
- end
-
- # please note: this enforces the use of a