Merge pull request #13298 from rails/secret_tokens

Create config/secrets.yml file for store of tokens
author: Guillermo Iguaran <guilleiguaran@gmail.com> 2013-12-13 09:48:34 -0800
committer: Guillermo Iguaran <guilleiguaran@gmail.com> 2013-12-13 09:48:34 -0800
commit: eed8c85f4b9bd1cb408b6d972c353e30bdd591c7 (patch)
tree: 2261fa7a6d0c0dbea5d36b19671206ecfb3f4d07 /railties/test
parent: 92b92f1782cef7ca68daef6319930a5bbcc3845d (diff)
parent: c1f4bc262884668217060d3a74ebafbf60bc44b3 (diff)
download: rails-eed8c85f4b9bd1cb408b6d972c353e30bdd591c7.tar.gz
rails-eed8c85f4b9bd1cb408b6d972c353e30bdd591c7.tar.bz2
rails-eed8c85f4b9bd1cb408b6d972c353e30bdd591c7.zip
4 files changed, 39 insertions, 7 deletions
diff --git a/railties/test/abstract_unit.rb b/railties/test/abstract_unit.rb
index 643cc6b0ee..ade08d3f5a 100644
--- a/railties/test/abstract_unit.rb
+++ b/railties/test/abstract_unit.rb
@@ -14,6 +14,6 @@ require 'rails/all'
 module TestApp
   class Application < Rails::Application
     config.root = File.dirname(__FILE__)
-    config.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
+    secrets.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
   end
 end
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index b3fbceb0dc..e024ec8cef 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -250,7 +250,7 @@ module ApplicationTests
 
     test "Use key_generator when secret_key_base is set" do
       make_basic_app do |app|
-        app.config.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
+        app.secrets.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
         app.config.session_store :disabled
       end
 
@@ -270,7 +270,7 @@ module ApplicationTests
 
     test "application verifier can be used in the entire application" do
       make_basic_app do |app|
-        app.config.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
+        app.secrets.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
         app.config.session_store :disabled
       end
 
@@ -285,7 +285,7 @@ module ApplicationTests
 
     test "application verifier can build different verifiers" do
       make_basic_app do |app|
-        app.config.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
+        app.secrets.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
         app.config.session_store :disabled
       end
 
@@ -303,6 +303,39 @@ module ApplicationTests
       assert_not_equal default_verifier.object_id, text_verifier.object_id
     end
 
+    test "secrets.secret_key_base is used when config/tokens.yml is present" do
+      app_file 'config/secrets.yml', <<-YAML
+        development:
+          secret_key_base: 3b7cd727ee24e8444053437c36cc66c3
+      YAML
+
+      require "#{app_path}/config/environment"
+      assert_equal '3b7cd727ee24e8444053437c36cc66c3', app.secrets.secret_key_base
+    end
+
+    test "secret_key_base is copied from config to secrets when not set" do
+      remove_file "config/secrets.yml"
+      app_file 'config/initializers/secret_token.rb', <<-RUBY
+        Rails.application.config.secret_key_base = "3b7cd727ee24e8444053437c36cc66c3"
+      RUBY
+
+      require "#{app_path}/config/environment"
+      assert_equal '3b7cd727ee24e8444053437c36cc66c3', app.secrets.secret_key_base
+    end
+
+    test "custom secrets saved in config/tokens.yml are loaded in app secrets" do
+      app_file 'config/secrets.yml', <<-YAML
+        development:
+          secret_key_base: 3b7cd727ee24e8444053437c36cc66c3
+          aws_access_key_id: myamazonaccesskeyid
+          aws_secret_access_key: myamazonsecretaccesskey
+      YAML
+
+      require "#{app_path}/config/environment"
+      assert_equal 'myamazonaccesskeyid', app.secrets.aws_access_key_id
+      assert_equal 'myamazonsecretaccesskey', app.secrets.aws_secret_access_key
+    end
+
     test "protect from forgery is the default in a new app" do
       make_basic_app
 
diff --git a/railties/test/application/middleware/session_test.rb b/railties/test/application/middleware/session_test.rb
index 14a56176f5..31a64c2f5a 100644
--- a/railties/test/application/middleware/session_test.rb
+++ b/railties/test/application/middleware/session_test.rb
@@ -318,7 +318,7 @@ module ApplicationTests
 
       add_to_config <<-RUBY
         config.secret_token = "3b7cd727ee24e8444053437c36cc66c4"
-        config.secret_key_base = nil
+        secrets.secret_key_base = nil
       RUBY
 
       require "#{app_path}/config/environment"
diff --git a/railties/test/isolation/abstract_unit.rb b/railties/test/isolation/abstract_unit.rb
index 913e2b5e29..362c2c510a 100644
--- a/railties/test/isolation/abstract_unit.rb
+++ b/railties/test/isolation/abstract_unit.rb
@@ -119,7 +119,6 @@ module TestHelpers
 
       add_to_config <<-RUBY
         config.eager_load = false
-        config.secret_key_base = "3b7cd727ee24e8444053437c36cc66c4"
         config.session_store :cookie_store, key: "_myapp_session"
         config.active_support.deprecation = :log
         config.action_controller.allow_forgery_protection = false
@@ -139,7 +138,7 @@ module TestHelpers
 
       app = Class.new(Rails::Application)
       app.config.eager_load = false
-      app.config.secret_key_base = "3b7cd727ee24e8444053437c36cc66c4"
+      app.secrets.secret_key_base = "3b7cd727ee24e8444053437c36cc66c4"
       app.config.session_store :cookie_store, key: "_myapp_session"
       app.config.active_support.deprecation = :log
author	Guillermo Iguaran <guilleiguaran@gmail.com>	2013-12-13 09:48:34 -0800
committer	Guillermo Iguaran <guilleiguaran@gmail.com>	2013-12-13 09:48:34 -0800
commit	eed8c85f4b9bd1cb408b6d972c353e30bdd591c7 (patch)
tree	2261fa7a6d0c0dbea5d36b19671206ecfb3f4d07 /railties/test
parent	92b92f1782cef7ca68daef6319930a5bbcc3845d (diff)
parent	c1f4bc262884668217060d3a74ebafbf60bc44b3 (diff)
download	rails-eed8c85f4b9bd1cb408b6d972c353e30bdd591c7.tar.gz rails-eed8c85f4b9bd1cb408b6d972c353e30bdd591c7.tar.bz2 rails-eed8c85f4b9bd1cb408b6d972c353e30bdd591c7.zip