Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

- Added Token unit tests.

Browse source 
- Added Token attribute 'persisten'.
- Added auth function 'authentication_check_action_token'.
This commit is contained in:
Thorsten Eckel 2015-02-22 19:10:54 +01:00
parent 3a82045f96
commit e19ed671ab
4 changed files with 146 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
app/controllers/application_controller.rb
View file

@ -4,14 +4,15 @@ class ApplicationController < ActionController::Base
# http_basic_authenticate_with :name => "test", :password => "ttt"
helper_method :current_user,
:authentication_check,
:config_frontend,
:is_role,
:model_create_render,
:model_update_render,
:model_restory_render,
:mode_show_rendeder,
:model_index_render
:authentication_check,
:authentication_check_action_token,
:config_frontend,
:is_role,
:model_create_render,
:model_update_render,
:model_restory_render,
:mode_show_rendeder,
:model_index_render
skip_before_filter :verify_authenticity_token
before_filter :set_user, :session_update
@ -193,6 +194,24 @@ class ApplicationController < ActionController::Base
true
end
def authentication_check_action_token(action)
user = Token.check(
:action => action,
:name => params[:action_token],
)
if !user
puts params.inspect
response_access_deny
return
end
current_user_set( user )
true
end
def is_role( role_name )
return false if !current_user
return true if current_user.is_role( role_name )

3
app/models/token.rb
View file

@ -12,7 +12,8 @@ class Token < ActiveRecord::Base
return if !token
# check if token is still valid
if token.created_at < 1.day.ago
if !token.persistent &&
token.created_at < 1.day.ago
# delete token
token.delete

8
db/migrate/20150220216145_token_persistent.rb Normal file
View file

@ -0,0 +1,8 @@
class TokenPersistent < ActiveRecord::Migration
def up
add_column :tokens, :persistent, :boolean
end
def down
end
end

109
test/unit/token_test.rb Normal file
View file

@ -0,0 +1,109 @@
# encoding: utf-8
require 'test_helper'
class TokenTest < ActiveSupport::TestCase
test 'token' do
tests = [
# test 1
{
:test_name => 'invalid token',
:action => 'PasswordReset',
:name => '1NV4L1D',
:result => nil,
},
# test 2
{
:test_name => 'fresh token',
:create => {
:user_id => 2,
:action => 'PasswordReset',
},
:action => 'PasswordReset',
:result => true,
:verify => {
:firstname => 'Nicole',
:lastname => 'Braun',
:email => 'nicole.braun@zammad.org',
}
},
# test 3
{
:test_name => 'two days but not persistent',
:create => {
:user_id => 2,
:action => 'PasswordReset',
:created_at => 2.day.ago,
},
:action => 'PasswordReset',
:result => nil,
},
{
:test_name => 'two days but persistent',
:create => {
:user_id => 2,
:action => 'iCal',
:created_at => 2.day.ago,
:persistent => true,
},
:action => 'iCal',
:result => true,
:verify => {
:firstname => 'Nicole',
:lastname => 'Braun',
:email => 'nicole.braun@zammad.org',
}
},
]
tests.each { |test|
if test[:create]
#puts test[:test_name] + ': creating token '+ test[:create].inspect
token = Token.create(
:action => test[:create][:action],
:user_id => test[:create][:user_id],
:created_at => test[:create][:created_at].to_s,
:persistent => test[:create][:persistent]
)
#puts test[:test_name] + ': created token ' + token.inspect
test[:name] = token.name
end
user = Token.check(
:action => test[:action],
:name => test[:name]
)
if test[:result] == true
if !user
assert( false, test[:test_name] + ': token verification failed' )
else
test[:verify].each {|key, value|
assert_equal( user[key], value, 'verify' )
}
end
else
assert_equal( test[:result], user, test[:test_name] + ': failed or not existing' )
end
if test[:name]
#puts test[:test_name] + ': deleting token '+ test[:name]
token = Token.where( :name => test[:name] ).first
if token
token.destroy
end
end
}
end
end