🐛 Modern Ruby compat

Author: pboling

.rubocop_gradual.lock

@@ -13,23 +13,7 @@
     [39, 21, 3, "Style/AndOr: Use `&&` instead of `and`.", 193409806],
     [49, 20, 1, "Lint/AssignmentInCondition: Wrap assignment in parentheses if intentional", 177560]
   ],
-  "app/models/masq/account.rb:3431296046": [
-    [43, 5, 298, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 2464945722],
-    [80, 5, 1035, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 2286399262],
-    [82, 17, 3, "Style/AndOr: Use `&&` instead of `and`.", 193409806],
-    [98, 18, 3, "Style/AndOr: Use `&&` instead of `and`.", 193409806],
-    [98, 32, 3, "Style/AndOr: Use `&&` instead of `and`.", 193409806],
-    [99, 39, 2, "Style/AndOr: Use `||` instead of `or`.", 5861240],
-    [99, 88, 3, "Style/AndOr: Use `&&` instead of `and`.", 193409806],
-    [108, 5, 97, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 4218748683],
-    [220, 5, 3, "Lint/IneffectiveAccessModifier: `private` (on line 216) does not make singleton methods private. Use `private_class_method` or `private` inside a `class << self` block instead.", 193404514],
-    [220, 5, 85, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 115756650],
-    [226, 5, 3, "Lint/IneffectiveAccessModifier: `private` (on line 216) does not make singleton methods private. Use `private_class_method` or `private` inside a `class << self` block instead.", 193404514],
-    [226, 5, 181, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3702657420],
-    [234, 5, 3, "Lint/IneffectiveAccessModifier: `private` (on line 216) does not make singleton methods private. Use `private_class_method` or `private` inside a `class << self` block instead.", 193404514],
-    [234, 5, 135, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 4139970307]
-  ],
-  "app/models/masq/open_id_request.rb:3145306176": [
+  "app/models/masq/open_id_request.rb:2515784583": [
     [27, 7, 159, "Style/SafeNavigation: Use safe navigation (`&.`) instead of checking if an object exists before calling the method.", 474907089]
   ],
   "app/models/masq/persona.rb:3585878101": [

app/models/masq/account.rb

@@ -35,18 +35,76 @@ def initialize(account, message = nil)
       end
     end
 
-    # Finds the user with the corresponding activation code, activates their account and returns the user.
-    #
-    # Raises:
-    # [Account::ActivationCodeNotFound] if there is no user with the corresponding activation code
-    # [Account::AlreadyActivated] if the user with the corresponding activation code has already activated their account
-    def self.find_and_activate!(activation_code)
-      raise ArgumentError if activation_code.nil?
-      user = find_by(activation_code: activation_code)
-      raise ActivationCodeNotFound unless user
-      raise AlreadyActivated.new(user) if user.active?
-      user.send(:activate!)
-      user
+    class << self
+      # Finds the user with the corresponding activation code, activates their account and returns the user.
+      #
+      # Raises:
+      # [Account::ActivationCodeNotFound] if there is no user with the corresponding activation code
+      # [Account::AlreadyActivated] if the user with the corresponding activation code has already activated their account
+      def find_and_activate!(activation_code)
+        raise ArgumentError if activation_code.nil?
+        user = find_by(activation_code: activation_code)
+        raise ActivationCodeNotFound unless user
+        raise AlreadyActivated.new(user) if user.active?
+        user.send(:activate!)
+        user
+      end
+
+      # Authenticates a user by their login name and password.
+      # Returns the user or nil.
+      def authenticate(login, password, basic_auth_used = false)
+        a = Account.find_by(login: login)
+        if a.nil? && Masq::Engine.config.masq["create_auth_ondemand"]["enabled"]
+          # Need to set some password - but is never used
+          pw = if Masq::Engine.config.masq["create_auth_ondemand"]["random_password"]
+            SecureRandom.hex(13)
+          else
+            password
+          end
+          signup = Signup.create_account!(
+            login: login,
+            password: pw,
+            password_confirmation: pw,
+            email: "#{login}@#{Masq::Engine.config.masq["create_auth_ondemand"]["default_mail_domain"]}",
+          )
+          a = signup.account if signup.succeeded?
+        end
+
+        if !a.nil? && a.active? && a.enabled
+          if a.authenticated?(password) || (Masq::Engine.config.masq["trust_basic_auth"] && basic_auth_used)
+            a.last_authenticated_at, a.last_authenticated_by_yubikey = Time.now, a.authenticated_with_yubikey?
+            a.save(validate: false)
+            a
+          end
+        end
+      end
+
+      # Encrypts some data with the salt.
+      def encrypt(password, salt)
+        Digest::SHA1.hexdigest("--#{salt}--#{password}--")
+      end
+
+      # Receives a login token which consists of the users password and
+      # a Yubico one time password (the otp is always 44 characters long)
+      def split_password_and_yubico_otp(token)
+        token.reverse!
+        yubico_otp = token.slice!(0..43).reverse
+        password = token.reverse
+        [password, yubico_otp]
+      end
+
+      # Returns the first twelve chars from the Yubico OTP,
+      # which are used to identify a Yubikey
+      def extract_yubico_identity_from_otp(yubico_otp)
+        yubico_otp[0..11]
+      end
+
+      # Utilizes the Yubico library to verify a one time password
+      def verify_yubico_otp(otp)
+        Yubikey::OTP::Verify.new(otp).valid?
+      rescue Yubikey::OTP::InvalidOTPError
+        false
+      end
     end
 
     def to_param
@@ -75,40 +133,6 @@ def has_otp_device?
       !yubico_identity.nil?
     end
 
-    # Authenticates a user by their login name and password.
-    # Returns the user or nil.
-    def self.authenticate(login, password, basic_auth_used = false)
-      a = Account.find_by(login: login)
-      if a.nil? and Masq::Engine.config.masq["create_auth_ondemand"]["enabled"]
-        # Need to set some password - but is never used
-        pw = if Masq::Engine.config.masq["create_auth_ondemand"]["random_password"]
-          SecureRandom.hex(13)
-        else
-          password
-        end
-        signup = Signup.create_account!(
-          login: login,
-          password: pw,
-          password_confirmation: pw,
-          email: "#{login}@#{Masq::Engine.config.masq["create_auth_ondemand"]["default_mail_domain"]}",
-        )
-        a = signup.account if signup.succeeded?
-      end
-
-      if !a.nil? and a.active? and a.enabled
-        if a.authenticated?(password) or (Masq::Engine.config.masq["trust_basic_auth"] and basic_auth_used)
-          a.last_authenticated_at, a.last_authenticated_by_yubikey = Time.now, a.authenticated_with_yubikey?
-          a.save(validate: false)
-          a
-        end
-      end
-    end
-
-    # Encrypts some data with the salt.
-    def self.encrypt(password, salt)
-      Digest::SHA1.hexdigest("--#{salt}--#{password}--")
-    end
-
     # Encrypts the password with the user salt
     def encrypt(password)
       self.class.encrypt(password, salt)
@@ -121,7 +145,7 @@ def authenticated?(password)
         encrypt(password) == crypted_password
       elsif Masq::Engine.config.masq["can_use_yubikey"]
         password, yubico_otp = Account.split_password_and_yubico_otp(password)
-        encrypt(password) == crypted_password && @authenticated_with_yubikey = yubikey_authenticated?(yubico_otp)
+        @authenticated_with_yubikey = yubikey_authenticated?(yubico_otp) if encrypt(password) == crypted_password
       end
     end
 
@@ -213,30 +237,6 @@ def make_password_reset_code
       self.password_reset_code = Digest::SHA1.hexdigest(Time.now.to_s.split("").sort_by { rand }.join)
     end
 
-    private
-
-    # Returns the first twelve chars from the Yubico OTP,
-    # which are used to identify a Yubikey
-    def self.extract_yubico_identity_from_otp(yubico_otp)
-      yubico_otp[0..11]
-    end
-
-    # Recieves a login token which consists of the users password and
-    # a Yubico one time password (the otp is always 44 characters long)
-    def self.split_password_and_yubico_otp(token)
-      token.reverse!
-      yubico_otp = token.slice!(0..43).reverse
-      password = token.reverse
-      [password, yubico_otp]
-    end
-
-    # Utilizes the Yubico library to verify an one time password
-    def self.verify_yubico_otp(otp)
-      Yubikey::OTP::Verify.new(otp).valid?
-    rescue Yubikey::OTP::InvalidOTPError
-      false
-    end
-
     def deliver_forgot_password
       AccountMailer.forgot_password(self).deliver_now if recently_forgot_password?
     end

app/models/masq/open_id_request.rb

@@ -29,7 +29,7 @@ def from_trusted_domain?
       end
     end
 
-    private
+    protected
 
     def make_token
       self.token = Digest::SHA1.hexdigest(Time.now.to_s.split("").sort_by { rand }.join)