- Added Token unit tests.
- Added Token attribute 'persisten'. - Added auth function 'authentication_check_action_token'.
This commit is contained in:
parent
3a82045f96
commit
e19ed671ab
4 changed files with 146 additions and 9 deletions
|
@ -5,6 +5,7 @@ class ApplicationController < ActionController::Base
|
|||
|
||||
helper_method :current_user,
|
||||
:authentication_check,
|
||||
:authentication_check_action_token,
|
||||
:config_frontend,
|
||||
:is_role,
|
||||
:model_create_render,
|
||||
|
@ -193,6 +194,24 @@ class ApplicationController < ActionController::Base
|
|||
true
|
||||
end
|
||||
|
||||
def authentication_check_action_token(action)
|
||||
|
||||
user = Token.check(
|
||||
:action => action,
|
||||
:name => params[:action_token],
|
||||
)
|
||||
|
||||
if !user
|
||||
puts params.inspect
|
||||
response_access_deny
|
||||
return
|
||||
end
|
||||
|
||||
current_user_set( user )
|
||||
|
||||
true
|
||||
end
|
||||
|
||||
def is_role( role_name )
|
||||
return false if !current_user
|
||||
return true if current_user.is_role( role_name )
|
||||
|
|
|
@ -12,7 +12,8 @@ class Token < ActiveRecord::Base
|
|||
return if !token
|
||||
|
||||
# check if token is still valid
|
||||
if token.created_at < 1.day.ago
|
||||
if !token.persistent &&
|
||||
token.created_at < 1.day.ago
|
||||
|
||||
# delete token
|
||||
token.delete
|
||||
|
|
8
db/migrate/20150220216145_token_persistent.rb
Normal file
8
db/migrate/20150220216145_token_persistent.rb
Normal file
|
@ -0,0 +1,8 @@
|
|||
class TokenPersistent < ActiveRecord::Migration
|
||||
def up
|
||||
add_column :tokens, :persistent, :boolean
|
||||
end
|
||||
|
||||
def down
|
||||
end
|
||||
end
|
109
test/unit/token_test.rb
Normal file
109
test/unit/token_test.rb
Normal file
|
@ -0,0 +1,109 @@
|
|||
# encoding: utf-8
|
||||
require 'test_helper'
|
||||
|
||||
class TokenTest < ActiveSupport::TestCase
|
||||
test 'token' do
|
||||
|
||||
tests = [
|
||||
|
||||
# test 1
|
||||
{
|
||||
:test_name => 'invalid token',
|
||||
:action => 'PasswordReset',
|
||||
:name => '1NV4L1D',
|
||||
:result => nil,
|
||||
},
|
||||
|
||||
# test 2
|
||||
{
|
||||
:test_name => 'fresh token',
|
||||
:create => {
|
||||
:user_id => 2,
|
||||
:action => 'PasswordReset',
|
||||
},
|
||||
:action => 'PasswordReset',
|
||||
:result => true,
|
||||
:verify => {
|
||||
:firstname => 'Nicole',
|
||||
:lastname => 'Braun',
|
||||
:email => 'nicole.braun@zammad.org',
|
||||
}
|
||||
},
|
||||
|
||||
# test 3
|
||||
{
|
||||
:test_name => 'two days but not persistent',
|
||||
:create => {
|
||||
:user_id => 2,
|
||||
:action => 'PasswordReset',
|
||||
:created_at => 2.day.ago,
|
||||
},
|
||||
:action => 'PasswordReset',
|
||||
:result => nil,
|
||||
},
|
||||
|
||||
{
|
||||
:test_name => 'two days but persistent',
|
||||
:create => {
|
||||
:user_id => 2,
|
||||
:action => 'iCal',
|
||||
:created_at => 2.day.ago,
|
||||
:persistent => true,
|
||||
},
|
||||
:action => 'iCal',
|
||||
:result => true,
|
||||
:verify => {
|
||||
:firstname => 'Nicole',
|
||||
:lastname => 'Braun',
|
||||
:email => 'nicole.braun@zammad.org',
|
||||
}
|
||||
},
|
||||
]
|
||||
|
||||
tests.each { |test|
|
||||
|
||||
if test[:create]
|
||||
|
||||
#puts test[:test_name] + ': creating token '+ test[:create].inspect
|
||||
|
||||
token = Token.create(
|
||||
:action => test[:create][:action],
|
||||
:user_id => test[:create][:user_id],
|
||||
:created_at => test[:create][:created_at].to_s,
|
||||
:persistent => test[:create][:persistent]
|
||||
)
|
||||
|
||||
#puts test[:test_name] + ': created token ' + token.inspect
|
||||
|
||||
test[:name] = token.name
|
||||
end
|
||||
|
||||
user = Token.check(
|
||||
:action => test[:action],
|
||||
:name => test[:name]
|
||||
)
|
||||
|
||||
if test[:result] == true
|
||||
if !user
|
||||
assert( false, test[:test_name] + ': token verification failed' )
|
||||
else
|
||||
test[:verify].each {|key, value|
|
||||
assert_equal( user[key], value, 'verify' )
|
||||
}
|
||||
end
|
||||
else
|
||||
assert_equal( test[:result], user, test[:test_name] + ': failed or not existing' )
|
||||
end
|
||||
|
||||
if test[:name]
|
||||
#puts test[:test_name] + ': deleting token '+ test[:name]
|
||||
|
||||
token = Token.where( :name => test[:name] ).first
|
||||
|
||||
if token
|
||||
token.destroy
|
||||
end
|
||||
end
|
||||
}
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue