diff --git a/.gitignore b/.gitignore index b0cd433..caa5d1e 100644 --- a/.gitignore +++ b/.gitignore @@ -6,4 +6,5 @@ test/dummy/tmp/ test/dummy/.sass-cache Gemfile.lock .idea/ -*.gem \ No newline at end of file +*.gem +coverage/ \ No newline at end of file diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..b3fa9d6 --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,56 @@ +require: + - rubocop-performance + +AllCops: + TargetRubyVersion: 2.3 + +Layout/SpaceInsideHashLiteralBraces: + EnforcedStyle: no_space + +Metrics/BlockLength: + Max: 36 + Exclude: + - spec/**/*.rb + +Metrics/BlockNesting: + Max: 2 + +Layout/LineLength: + AllowURI: true + Enabled: false + +Metrics/MethodLength: + CountComments: false + Max: 10 + +Metrics/ModuleLength: + Max: 100 + +Metrics/ParameterLists: + Max: 5 + CountKeywordArgs: true + +Style/CollectionMethods: + Enabled: true + PreferredMethods: + collect: 'map' + collect!: 'map!' + inject: 'reduce' + find: 'detect' + find_all: 'select' + delete: 'gsub' + +Style/Documentation: + Enabled: false + +Layout/DotPosition: + EnforcedStyle: trailing + +Layout/AccessModifierIndentation: + Enabled: false + +Style/TrailingCommaInArrayLiteral: + EnforcedStyleForMultiline: 'no_comma' + +Style/TrailingCommaInHashLiteral: + EnforcedStyleForMultiline: 'no_comma' \ No newline at end of file diff --git a/.travis.yml b/.travis.yml index fd60548..5b18163 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,15 +2,13 @@ language: ruby sudo: false cache: bundler rvm: - - 2.5.5 - - 2.6.3 + - 2.5.7 + - 2.6.5 before_install: - - gem update --system - - gem install bundler + - gem update bundler env: - - 'TEST_RAILS_VERSION="~> 5.0.7"' - 'TEST_RAILS_VERSION="~> 5.1.6"' - 'TEST_RAILS_VERSION="~> 5.2.3"' - 'TEST_RAILS_VERSION="~> 6.0.0"' \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index 8fbc6fa..7161f1b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Changelog +## 4.0.1 (23-Dec-19) + +* Updated dependencies, tested against more recent Rubies and Rails +* Updated Gemfile for Bundler 2 +* Added Rubocop and SimpleCov + ## 4.0.0 (20-Aug-19) Updated: diff --git a/Gemfile b/Gemfile index 8ab4ecf..e193a12 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,9 @@ -source "https://rubygems.org" +# frozen_string_literal: true + +source 'https://rubygems.org' gemspec group :test do - gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby] -end \ No newline at end of file + gem 'tzinfo-data', platforms: %i[mingw mswin x64_mingw jruby] +end diff --git a/Rakefile b/Rakefile index 24fb892..16bdbc5 100644 --- a/Rakefile +++ b/Rakefile @@ -1,3 +1,5 @@ +# frozen_string_literal: true + begin require 'bundler/setup' rescue LoadError @@ -14,9 +16,6 @@ RDoc::Task.new(:rdoc) do |rdoc| rdoc.rdoc_files.include('lib/**/*.rb') end - - - Bundler::GemHelper.install_tasks require 'rake/testtask' @@ -28,5 +27,4 @@ Rake::TestTask.new(:test) do |t| t.verbose = false end - task default: :test diff --git a/angular_rails_csrf.gemspec b/angular_rails_csrf.gemspec index e084f95..526b5f3 100644 --- a/angular_rails_csrf.gemspec +++ b/angular_rails_csrf.gemspec @@ -1,11 +1,13 @@ -$:.push File.expand_path("../lib", __FILE__) +# frozen_string_literal: true + +$LOAD_PATH.push File.expand_path('lib', __dir__) # Maintain your gem's version: -require "angular_rails_csrf/version" +require 'angular_rails_csrf/version' # Describe your gem and declare its dependencies: Gem::Specification.new do |s| - s.name = "angular_rails_csrf" + s.name = 'angular_rails_csrf' s.version = AngularRailsCsrf::VERSION s.authors = ['James Sanders', 'Ilya Bodrov'] s.email = ['sanderjd@gmail.com', 'golosizpru@gmail.com'] @@ -19,13 +21,18 @@ Gem::Specification.new do |s| s.required_ruby_version = '>= 2.3.0' - s.add_development_dependency 'rake', '~> 12.0' + s.add_development_dependency 'rake', '~> 13.0' s.add_development_dependency 'test-unit', '~> 3.2' if ENV['TEST_RAILS_VERSION'].nil? - s.add_development_dependency 'rails', '6.0.0' + s.add_development_dependency 'rails', '6.0.2.1' else s.add_development_dependency 'rails', ENV['TEST_RAILS_VERSION'].to_s end s.add_runtime_dependency 'railties', '>= 3', '< 7' + + s.add_development_dependency 'codecov', '~> 0.1' + s.add_development_dependency 'rubocop', '~> 0.60' + s.add_development_dependency 'rubocop-performance', '~> 1.5' + s.add_development_dependency 'simplecov', '~> 0.16' end diff --git a/lib/angular_rails_csrf.rb b/lib/angular_rails_csrf.rb index 16a72cb..1a71727 100644 --- a/lib/angular_rails_csrf.rb +++ b/lib/angular_rails_csrf.rb @@ -1 +1,3 @@ +# frozen_string_literal: true + require 'angular_rails_csrf/railtie' diff --git a/lib/angular_rails_csrf/concern.rb b/lib/angular_rails_csrf/concern.rb index 1dda9ec..4a35647 100644 --- a/lib/angular_rails_csrf/concern.rb +++ b/lib/angular_rails_csrf/concern.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + module AngularRailsCsrf module Concern extend ActiveSupport::Concern @@ -7,12 +9,12 @@ module Concern end def set_xsrf_token_cookie - if protect_against_forgery? && !respond_to?(:__exclude_xsrf_token_cookie?) - config = Rails.application.config - domain = config.respond_to?(:angular_rails_csrf_domain) ? config.angular_rails_csrf_domain : nil - cookie_name = config.respond_to?(:angular_rails_csrf_cookie_name) ? config.angular_rails_csrf_cookie_name : 'XSRF-TOKEN' - cookies[cookie_name] = { value: form_authenticity_token, domain: domain } - end + return unless protect_against_forgery? && !respond_to?(:__exclude_xsrf_token_cookie?) + + config = Rails.application.config + domain = config.respond_to?(:angular_rails_csrf_domain) ? config.angular_rails_csrf_domain : nil + cookie_name = config.respond_to?(:angular_rails_csrf_cookie_name) ? config.angular_rails_csrf_cookie_name : 'XSRF-TOKEN' + cookies[cookie_name] = {value: form_authenticity_token, domain: domain} end def verified_request? @@ -25,7 +27,7 @@ def verified_request? module ClassMethods def exclude_xsrf_token_cookie - self.class_eval do + class_eval do def __exclude_xsrf_token_cookie? true end diff --git a/lib/angular_rails_csrf/railtie.rb b/lib/angular_rails_csrf/railtie.rb index bce0826..e36ea4b 100644 --- a/lib/angular_rails_csrf/railtie.rb +++ b/lib/angular_rails_csrf/railtie.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'angular_rails_csrf/concern' module AngularRailsCsrf diff --git a/lib/angular_rails_csrf/version.rb b/lib/angular_rails_csrf/version.rb index 855862f..b1d230b 100644 --- a/lib/angular_rails_csrf/version.rb +++ b/lib/angular_rails_csrf/version.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + module AngularRailsCsrf - VERSION = '4.0.0'.freeze + VERSION = '4.0.1' end diff --git a/test/angular_rails_csrf_exception_test.rb b/test/angular_rails_csrf_exception_test.rb index e4f134b..b9ed51e 100644 --- a/test/angular_rails_csrf_exception_test.rb +++ b/test/angular_rails_csrf_exception_test.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'test_helper' class AngularRailsCsrfExceptionTest < ActionController::TestCase @@ -8,9 +10,9 @@ class AngularRailsCsrfExceptionTest < ActionController::TestCase @correct_token = @controller.send(:form_authenticity_token) end - test "a get does not set the XSRF-TOKEN cookie" do + test 'a get does not set the XSRF-TOKEN cookie' do get :index assert_not_equal @correct_token, cookies['XSRF-TOKEN'] assert_response :success end -end \ No newline at end of file +end diff --git a/test/angular_rails_csrf_test.rb b/test/angular_rails_csrf_test.rb index 9be12a0..e9e3a25 100644 --- a/test/angular_rails_csrf_test.rb +++ b/test/angular_rails_csrf_test.rb @@ -1,37 +1,41 @@ +# frozen_string_literal: true + require 'test_helper' class AngularRailsCsrfTest < ActionController::TestCase tests ApplicationController - test "a get sets the XSRF-TOKEN cookie but does not require the X-XSRF-TOKEN header" do + test 'a get sets the XSRF-TOKEN cookie but does not require the X-XSRF-TOKEN header' do get :index assert_valid_cookie assert_response :success end - test "a post raises an error without the X-XSRF-TOKEN header set" do + test 'a post raises an error without the X-XSRF-TOKEN header set' do assert_raises ActionController::InvalidAuthenticityToken do post :create end end - test "a post raises an error with the X-XSRF-TOKEN header set to the wrong value" do - set_header_to 'garbage' + test 'a post raises an error with the X-XSRF-TOKEN header set to the wrong value' do + header_to 'garbage' assert_raises ActionController::InvalidAuthenticityToken do post :create end end - test "a post is accepted if X-XSRF-TOKEN is set properly" do - set_header_to @controller.send(:form_authenticity_token) + test 'a post is accepted if X-XSRF-TOKEN is set properly' do + header_to @controller.send(:form_authenticity_token) post :create assert_valid_cookie assert_response :success end - test "the domain is used if present" do + test 'the domain is used if present' do config = Rails.application.config - def config.angular_rails_csrf_domain; :all; end + def config.angular_rails_csrf_domain + :all + end get :index assert @response.headers['Set-Cookie'].include?('.test.host') @@ -39,7 +43,7 @@ def config.angular_rails_csrf_domain; :all; end assert_response :success end - test "a custom name is used if present" do + test 'a custom name is used if present' do use_custom_cookie_name do get :index assert @response.headers['Set-Cookie'].include?('CUSTOM-COOKIE-NAME') @@ -52,7 +56,7 @@ def config.angular_rails_csrf_domain; :all; end # Helpers - def set_header_to(value) + def header_to(value) @request.headers['X-XSRF-TOKEN'] = value end @@ -66,9 +70,13 @@ def assert_valid_cookie(name = 'XSRF-TOKEN') def use_custom_cookie_name config = Rails.application.config - def config.angular_rails_csrf_cookie_name; 'CUSTOM-COOKIE-NAME'; end + def config.angular_rails_csrf_cookie_name + 'CUSTOM-COOKIE-NAME' + end yield ensure - config.instance_eval('undef :angular_rails_csrf_cookie_name') + eval <<-RUBY, binding, __FILE__, __LINE__ + 1 + config.instance_eval('undef :angular_rails_csrf_cookie_name') + RUBY end end diff --git a/test/dummy/app/assets/config/manifest.js b/test/dummy/app/assets/config/manifest.js new file mode 100644 index 0000000..88ee63b --- /dev/null +++ b/test/dummy/app/assets/config/manifest.js @@ -0,0 +1,4 @@ +//= link_tree ../images +//= link_tree ../fonts +//= link_directory ../javascripts .js +//= link_directory ../stylesheets .css \ No newline at end of file diff --git a/test/dummy/app/controllers/application_controller.rb b/test/dummy/app/controllers/application_controller.rb index a40598c..0d102ed 100644 --- a/test/dummy/app/controllers/application_controller.rb +++ b/test/dummy/app/controllers/application_controller.rb @@ -1,6 +1,13 @@ +# frozen_string_literal: true + class ApplicationController < ActionController::Base protect_from_forgery with: :exception - def index; head :ok; end - def create; head :ok; end + def index + head :ok + end + + def create + head :ok + end end diff --git a/test/dummy/app/controllers/exclusions_controller.rb b/test/dummy/app/controllers/exclusions_controller.rb index 04a1947..1143f92 100644 --- a/test/dummy/app/controllers/exclusions_controller.rb +++ b/test/dummy/app/controllers/exclusions_controller.rb @@ -1,5 +1,9 @@ +# frozen_string_literal: true + class ExclusionsController < ApplicationController exclude_xsrf_token_cookie - def index; head :ok; end -end \ No newline at end of file + def index + head :ok + end +end diff --git a/test/dummy/config.ru b/test/dummy/config.ru index 5bc2a61..61c04e1 100644 --- a/test/dummy/config.ru +++ b/test/dummy/config.ru @@ -1,4 +1,6 @@ +# frozen_string_literal: true + # This file is used by Rack-based servers to start the application. -require ::File.expand_path('../config/environment', __FILE__) +require ::File.expand_path('../config/environment', __FILE__) run Rails.application diff --git a/test/dummy/config/application.rb b/test/dummy/config/application.rb index 17ee306..aa47bed 100644 --- a/test/dummy/config/application.rb +++ b/test/dummy/config/application.rb @@ -1,9 +1,11 @@ -require File.expand_path('../boot', __FILE__) +# frozen_string_literal: true -require "action_controller/railtie" +require File.expand_path('boot', __dir__) + +require 'action_controller/railtie' Bundler.require(:default, Rails.env) -require "angular_rails_csrf" +require 'angular_rails_csrf' module Dummy class Application < Rails::Application @@ -12,4 +14,3 @@ class Application < Rails::Application config.active_support.test_order = :random end end - diff --git a/test/dummy/config/boot.rb b/test/dummy/config/boot.rb index eaa6ee8..4162dbb 100644 --- a/test/dummy/config/boot.rb +++ b/test/dummy/config/boot.rb @@ -1,4 +1,6 @@ +# frozen_string_literal: true + # Set up gems listed in the Gemfile. -ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__) +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../Gemfile', __dir__) require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE']) diff --git a/test/dummy/config/environment.rb b/test/dummy/config/environment.rb index 10e0cad..bdab775 100644 --- a/test/dummy/config/environment.rb +++ b/test/dummy/config/environment.rb @@ -1,5 +1,7 @@ +# frozen_string_literal: true + # Load the Rails application. -require File.expand_path('../application', __FILE__) +require File.expand_path('application', __dir__) # Initialize the Rails application. Dummy::Application.initialize! diff --git a/test/dummy/config/routes.rb b/test/dummy/config/routes.rb index d426171..6ece8e7 100644 --- a/test/dummy/config/routes.rb +++ b/test/dummy/config/routes.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Dummy::Application.routes.draw do get 'test' => 'application#index' post 'test' => 'application#create' diff --git a/test/test_helper.rb b/test/test_helper.rb index b370fb7..4244a1f 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -1,5 +1,18 @@ +# frozen_string_literal: true + # Configure Rails Environment -ENV["RAILS_ENV"] = "test" +ENV['RAILS_ENV'] = 'test' + +require 'simplecov' +SimpleCov.start do + add_filter 'test/' + add_filter '.github/' +end + +if ENV['CI'] == 'true' + require 'codecov' + SimpleCov.formatter = SimpleCov::Formatter::Codecov +end -require File.expand_path("../dummy/config/environment.rb", __FILE__) -require "rails/test_help" +require File.expand_path('dummy/config/environment.rb', __dir__) +require 'rails/test_help'