Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Prepare Clearance for Rails 4

* Change routes to use `get` instead of `match`.
* Don't allow multiline strings for email format.
* Rails 4 issues an exception when validates_format_of encounters regex
  that uses ^ and $ rather than /A and /Z. See this pull request:
  rails/rails#6569
* `sign_out` should use DELETE, not GET.
* Remove irrelevant spec for testing regex.
* Test against latest security-patched Rails versions.
  • Loading branch information...
commit ada0433ebc58b266be0feedeae5f2af58cbab746 1 parent 9a3ad60
@geoffharcourt geoffharcourt authored croaky committed
View
2  Appraisals
@@ -1,4 +1,4 @@
-['3.0.20', '3.1.10', '3.2.11'].each do |rails_version|
+['3.0.20', '3.1.11', '3.2.12'].each do |rails_version|
appraise "#{rails_version}" do
gem 'rails', rails_version
end
View
6 config/routes.rb
@@ -15,7 +15,7 @@
:only => [:create, :edit, :update]
end
- match 'sign_in' => 'clearance/sessions#new', :as => 'sign_in'
- match 'sign_out' => 'clearance/sessions#destroy', :as => 'sign_out', :via => :delete
- match 'sign_up' => 'clearance/users#new', :as => 'sign_up'
+ get '/sign_in' => 'clearance/sessions#new', :as => 'sign_in'
+ delete '/sign_out' => 'clearance/sessions#destroy', :as => 'sign_out'
+ get '/sign_up' => 'clearance/users#new', :as => 'sign_up'
end
View
2  gemfiles/3.1.10.gemfile → gemfiles/3.1.11.gemfile
@@ -2,6 +2,6 @@
source "http://rubygems.org"
-gem "rails", "3.1.10"
+gem "rails", "3.1.11"
gemspec :path=>"../"
View
70 gemfiles/3.1.10.gemfile.lock → gemfiles/3.1.11.gemfile.lock
@@ -8,12 +8,12 @@ PATH
GEM
remote: http://rubygems.org/
specs:
- actionmailer (3.1.10)
- actionpack (= 3.1.10)
+ actionmailer (3.1.11)
+ actionpack (= 3.1.11)
mail (~> 2.3.3)
- actionpack (3.1.10)
- activemodel (= 3.1.10)
- activesupport (= 3.1.10)
+ actionpack (3.1.11)
+ activemodel (= 3.1.11)
+ activesupport (= 3.1.11)
builder (~> 3.0.0)
erubis (~> 2.7.0)
i18n (~> 0.6)
@@ -22,20 +22,20 @@ GEM
rack-mount (~> 0.8.2)
rack-test (~> 0.6.1)
sprockets (~> 2.0.4)
- activemodel (3.1.10)
- activesupport (= 3.1.10)
+ activemodel (3.1.11)
+ activesupport (= 3.1.11)
builder (~> 3.0.0)
i18n (~> 0.6)
- activerecord (3.1.10)
- activemodel (= 3.1.10)
- activesupport (= 3.1.10)
+ activerecord (3.1.11)
+ activemodel (= 3.1.11)
+ activesupport (= 3.1.11)
arel (~> 2.2.3)
tzinfo (~> 0.3.29)
- activeresource (3.1.10)
- activemodel (= 3.1.10)
- activesupport (= 3.1.10)
- activesupport (3.1.10)
- multi_json (>= 1.0, < 1.3)
+ activeresource (3.1.11)
+ activemodel (= 3.1.11)
+ activesupport (= 3.1.11)
+ activesupport (3.1.11)
+ multi_json (~> 1.0)
appraisal (0.4.1)
bundler
rake
@@ -56,8 +56,8 @@ GEM
rack-test (>= 0.5.4)
selenium-webdriver (~> 2.0)
xpath (~> 0.1.4)
- childprocess (0.3.7)
- ffi (~> 1.0, >= 1.0.6)
+ childprocess (0.3.8)
+ ffi (~> 1.0, >= 1.0.11)
cucumber (1.2.1)
builder (>= 2.1.2)
diff-lcs (>= 1.1.3)
@@ -76,23 +76,23 @@ GEM
factory_girl (~> 3.5.0)
railties (>= 3.0.0)
ffi (1.3.1)
- gherkin (2.11.5)
- json (>= 1.4.6)
+ gherkin (2.11.6)
+ json (>= 1.7.6)
hike (1.2.1)
i18n (0.6.1)
- json (1.7.6)
+ json (1.7.7)
mail (2.3.3)
i18n (>= 0.4.0)
mime-types (~> 1.16)
treetop (~> 1.4.8)
metaclass (0.0.1)
- mime-types (1.19)
+ mime-types (1.21)
mocha (0.13.0)
metaclass (~> 0.0.1)
- multi_json (1.2.0)
+ multi_json (1.6.0)
nokogiri (1.5.6)
polyglot (0.3.3)
- rack (1.3.9)
+ rack (1.3.10)
rack-cache (1.2)
rack (>= 0.4)
rack-mount (0.8.3)
@@ -101,23 +101,23 @@ GEM
rack
rack-test (0.6.2)
rack (>= 1.0)
- rails (3.1.10)
- actionmailer (= 3.1.10)
- actionpack (= 3.1.10)
- activerecord (= 3.1.10)
- activeresource (= 3.1.10)
- activesupport (= 3.1.10)
+ rails (3.1.11)
+ actionmailer (= 3.1.11)
+ actionpack (= 3.1.11)
+ activerecord (= 3.1.11)
+ activeresource (= 3.1.11)
+ activesupport (= 3.1.11)
bundler (~> 1.0)
- railties (= 3.1.10)
- railties (3.1.10)
- actionpack (= 3.1.10)
- activesupport (= 3.1.10)
+ railties (= 3.1.11)
+ railties (3.1.11)
+ actionpack (= 3.1.11)
+ activesupport (= 3.1.11)
rack-ssl (~> 1.3.2)
rake (>= 0.8.7)
rdoc (~> 3.4)
thor (~> 0.14.6)
rake (10.0.3)
- rdoc (3.12)
+ rdoc (3.12.1)
json (~> 1.4)
rspec (2.12.0)
rspec-core (~> 2.12.0)
@@ -171,7 +171,7 @@ DEPENDENCIES
cucumber-rails (= 1.1.1)
database_cleaner (= 0.8.0)
factory_girl_rails (= 3.5.0)
- rails (= 3.1.10)
+ rails (= 3.1.11)
rspec-rails (= 2.12.2)
shoulda-matchers (= 1.2.0)
sqlite3 (= 1.3.6)
View
2  gemfiles/3.2.11.gemfile → gemfiles/3.2.12.gemfile
@@ -2,6 +2,6 @@
source "http://rubygems.org"
-gem "rails", "3.2.11"
+gem "rails", "3.2.12"
gemspec :path=>"../"
View
70 gemfiles/3.2.11.gemfile.lock → gemfiles/3.2.12.gemfile.lock
@@ -8,31 +8,31 @@ PATH
GEM
remote: http://rubygems.org/
specs:
- actionmailer (3.2.11)
- actionpack (= 3.2.11)
+ actionmailer (3.2.12)
+ actionpack (= 3.2.12)
mail (~> 2.4.4)
- actionpack (3.2.11)
- activemodel (= 3.2.11)
- activesupport (= 3.2.11)
+ actionpack (3.2.12)
+ activemodel (= 3.2.12)
+ activesupport (= 3.2.12)
builder (~> 3.0.0)
erubis (~> 2.7.0)
journey (~> 1.0.4)
- rack (~> 1.4.0)
+ rack (~> 1.4.5)
rack-cache (~> 1.2)
rack-test (~> 0.6.1)
sprockets (~> 2.2.1)
- activemodel (3.2.11)
- activesupport (= 3.2.11)
+ activemodel (3.2.12)
+ activesupport (= 3.2.12)
builder (~> 3.0.0)
- activerecord (3.2.11)
- activemodel (= 3.2.11)
- activesupport (= 3.2.11)
+ activerecord (3.2.12)
+ activemodel (= 3.2.12)
+ activesupport (= 3.2.12)
arel (~> 3.0.2)
tzinfo (~> 0.3.29)
- activeresource (3.2.11)
- activemodel (= 3.2.11)
- activesupport (= 3.2.11)
- activesupport (3.2.11)
+ activeresource (3.2.12)
+ activemodel (= 3.2.12)
+ activesupport (= 3.2.12)
+ activesupport (3.2.12)
i18n (~> 0.6)
multi_json (~> 1.0)
appraisal (0.4.1)
@@ -55,8 +55,8 @@ GEM
rack-test (>= 0.5.4)
selenium-webdriver (~> 2.0)
xpath (~> 0.1.4)
- childprocess (0.3.7)
- ffi (~> 1.0, >= 1.0.6)
+ childprocess (0.3.8)
+ ffi (~> 1.0, >= 1.0.11)
cucumber (1.2.1)
builder (>= 2.1.2)
diff-lcs (>= 1.1.3)
@@ -75,47 +75,47 @@ GEM
factory_girl (~> 3.5.0)
railties (>= 3.0.0)
ffi (1.3.1)
- gherkin (2.11.5)
- json (>= 1.4.6)
+ gherkin (2.11.6)
+ json (>= 1.7.6)
hike (1.2.1)
i18n (0.6.1)
journey (1.0.4)
- json (1.7.6)
+ json (1.7.7)
mail (2.4.4)
i18n (>= 0.4.0)
mime-types (~> 1.16)
treetop (~> 1.4.8)
metaclass (0.0.1)
- mime-types (1.19)
+ mime-types (1.21)
mocha (0.13.0)
metaclass (~> 0.0.1)
- multi_json (1.5.0)
+ multi_json (1.6.0)
nokogiri (1.5.6)
polyglot (0.3.3)
- rack (1.4.4)
+ rack (1.4.5)
rack-cache (1.2)
rack (>= 0.4)
rack-ssl (1.3.3)
rack
rack-test (0.6.2)
rack (>= 1.0)
- rails (3.2.11)
- actionmailer (= 3.2.11)
- actionpack (= 3.2.11)
- activerecord (= 3.2.11)
- activeresource (= 3.2.11)
- activesupport (= 3.2.11)
+ rails (3.2.12)
+ actionmailer (= 3.2.12)
+ actionpack (= 3.2.12)
+ activerecord (= 3.2.12)
+ activeresource (= 3.2.12)
+ activesupport (= 3.2.12)
bundler (~> 1.0)
- railties (= 3.2.11)
- railties (3.2.11)
- actionpack (= 3.2.11)
- activesupport (= 3.2.11)
+ railties (= 3.2.12)
+ railties (3.2.12)
+ actionpack (= 3.2.12)
+ activesupport (= 3.2.12)
rack-ssl (~> 1.3.2)
rake (>= 0.8.7)
rdoc (~> 3.4)
thor (>= 0.14.6, < 2.0)
rake (10.0.3)
- rdoc (3.12)
+ rdoc (3.12.1)
json (~> 1.4)
rspec (2.12.0)
rspec-core (~> 2.12.0)
@@ -170,7 +170,7 @@ DEPENDENCIES
cucumber-rails (= 1.1.1)
database_cleaner (= 0.8.0)
factory_girl_rails (= 3.5.0)
- rails (= 3.2.11)
+ rails (= 3.2.12)
rspec-rails (= 2.12.2)
shoulda-matchers (= 1.2.0)
sqlite3 (= 1.3.6)
View
2  lib/clearance/user.rb
@@ -30,7 +30,7 @@ module Validations
included do
validates_presence_of :email, :unless => :email_optional?
validates_uniqueness_of :email, :allow_blank => true
- validates_format_of :email, :with => %r{^[a-z0-9!#\$%&'*+\/=?^_`{|}~-]+(?:\.[a-z0-9!#\$%&'*+\/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$}i, :allow_blank => true
+ validates_format_of :email, :with => %r{\A[a-z0-9!#\$%&'*+\/=?^_`{|}~-]+(?:\.[a-z0-9!#\$%&'*+\/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\Z}i, :allow_blank => true
validates_presence_of :password, :unless => :password_optional?
end
View
2  spec/controllers/denies_controller_spec.rb
@@ -23,7 +23,7 @@ def authorize
before do
Rails.application.routes.draw do
resource :deny, :only => [:new, :show]
- match 'sign_in' => 'clearance/sessions#new', :as => 'sign_in'
+ get '/sign_in' => 'clearance/sessions#new', :as => 'sign_in'
end
end
View
4 spec/controllers/flashes_controller_spec.rb
@@ -16,8 +16,8 @@ def view_flash
describe FlashesController do
before do
Rails.application.routes.draw do
- match 'set_flash' => 'flashes#set_flash'
- match 'view_flash' => 'flashes#view_flash'
+ get '/set_flash' => 'flashes#set_flash'
+ get '/view_flash' => 'flashes#view_flash'
end
end
View
2  spec/controllers/forgeries_controller_spec.rb
@@ -18,7 +18,7 @@ def create
before do
Rails.application.routes.draw do
resources :forgeries
- match 'sign_in' => 'clearance/sessions#new', :as => 'sign_in'
+ get '/sign_in' => 'clearance/sessions#new', :as => 'sign_in'
end
@user = create(:user)
Please sign in to comment.
Something went wrong with that request. Please try again.