RubyGems - authlogic - Versions diffs - 1.1.0 → 1.1.1 - Mend

authlogic 1.1.0 → 1.1.1

Potentially problematic release.

This version of authlogic might be problematic. Click here for more details.

Files changed (39) hide show

data/test/libs/mock_controller.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 class MockController < Authlogic::ControllerAdapters::AbstractAdapter
   attr_accessor :http_user, :http_password
+  attr_writer :request_content_type
   def initialize
   end
@@ -20,6 +21,10 @@ class MockController < Authlogic::ControllerAdapters::AbstractAdapter
     @request ||= MockRequest.new
   end
+  def request_content_type
+    @request_content_type ||= "text/html"
+  end
   def session
     @session ||= {}
   end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb ADDED Viewed

@@ -0,0 +1,36 @@
+require File.dirname(__FILE__) + '/../../../test_helper.rb'
+module ORMAdaptersTests
+  module ActiveRecordAdapterTests
+    module ActsAsAuthenticTests
+      class ConfigTest < ActiveSupport::TestCase
+        def test_first_column_to_exist
+          assert_equal :login, User.first_column_to_exist(:login, :crypted_password)
+          assert_equal nil, User.first_column_to_exist(nil, :unknown)
+          assert_equal :login, User.first_column_to_exist(:unknown, :login)
+        end
+        def test_acts_as_authentic_config
+          default_config = {
+            :confirm_password_did_not_match_message => "did not match",
+            :single_access_token_field => :single_access_token,
+            :login_field_regex => /\A\w[\w\.\-_@ ]+\z/,
+            :session_ids => [nil],
+            :login_field_regex_failed_message => "use only letters, numbers, spaces, and .-_@ please.",
+            :remember_token_field => :remember_token,
+            :password_field => :password,
+            :logged_in_timeout => 600,
+            :password_salt_field => :password_salt,
+            :login_field_type => :login,
+            :crypto_provider => Authlogic::CryptoProviders::Sha512,
+            :password_blank_message => "can not be blank",
+            :crypted_password_field => :crypted_password,
+            :session_class => "UserSession",
+            :login_field => :login
+          }
+          assert_equal default_config, User.acts_as_authentic_config
+        end
+      end
+    end
+  end
+end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb ADDED Viewed

@@ -0,0 +1,129 @@
+require File.dirname(__FILE__) + '/../../../test_helper.rb'
+module ORMAdaptersTests
+  module ActiveRecordAdapterTests
+    module ActsAsAuthenticTests
+      class CredentialsTest < ActiveSupport::TestCase
+        def test_user_validations
+          user = User.new
+          assert !user.valid?
+          assert user.errors.on(:login)
+          assert user.errors.on(:password)
+          user.login = "a"
+          assert !user.valid?
+          assert user.errors.on(:login)
+          assert user.errors.on(:password)
+          user.login = "%ben*"
+          assert !user.valid?
+          assert user.errors.on(:login)
+          assert user.errors.on(:password)
+          user.login = "bjohnson"
+          assert !user.valid?
+          assert user.errors.on(:login)
+          assert user.errors.on(:password)
+          user.login = "my login"
+          assert !user.valid?
+          assert !user.errors.on(:login)
+          assert user.errors.on(:password)
+          user.password = "my pass"
+          assert !user.valid?
+          assert !user.errors.on(:password)
+          assert user.errors.on(:confirm_password)
+          user.confirm_password = "my pizass"
+          assert !user.valid?
+          assert !user.errors.on(:password)
+          assert user.errors.on(:confirm_password)
+          user.confirm_password = "my pass"
+          assert user.valid?
+        end
+        def test_employee_validations
+          employee = Employee.new
+          employee.password = "pass"
+          employee.confirm_password = "pass"
+          assert !employee.valid?
+          assert employee.errors.on(:email)
+          employee.email = "fdsf"
+          assert !employee.valid?
+          assert employee.errors.on(:email)
+          employee.email = "fake@email.fake"
+          assert !employee.valid?
+          assert employee.errors.on(:email)
+          employee.email = "notfake@email.com"
+          assert employee.valid?
+        end
+        def test_friendly_unique_token
+          assert_equal 20, User.friendly_unique_token.length
+          assert_equal 20, Employee.friendly_unique_token.length # make sure encryptions use hashes also
+          unique_tokens = []
+          1000.times { unique_tokens << User.friendly_unique_token }
+          unique_tokens.uniq!
+          assert_equal 1000, unique_tokens.size
+        end
+        def test_password
+          user = User.new
+          user.password = "sillywilly"
+          assert user.crypted_password
+          assert user.password_salt
+          assert user.remember_token
+          assert_equal true, user.tried_to_set_password
+          assert_nil user.password
+          employee = Employee.new
+          employee.password = "awesome"
+          assert employee.crypted_password
+          assert employee.remember_token
+          assert_equal true, employee.tried_to_set_password
+          assert_nil employee.password
+        end
+        def test_valid_password
+          ben = users(:ben)
+          assert ben.valid_password?("benrocks")
+          assert ben.valid_password?(ben.crypted_password)
+          drew = employees(:drew)
+          assert drew.valid_password?("drewrocks")
+          assert drew.valid_password?(drew.crypted_password)
+        end
+        def test_reset_password
+          ben = users(:ben)
+          UserSession.create(ben)
+          assert UserSession.find
+          old_password = ben.crypted_password
+          old_salt = ben.password_salt
+          old_remember_token = ben.remember_token
+          ben.reset_password
+          assert_not_equal old_password, ben.crypted_password
+          assert_not_equal old_salt, ben.password_salt
+          assert_not_equal old_remember_token, ben.remember_token
+          assert UserSession.find
+          ben.reset_password!
+          ben.reload
+          assert_not_equal old_password, ben.crypted_password
+          assert_not_equal old_salt, ben.password_salt
+          assert_not_equal old_remember_token, ben.remember_token
+          assert !UserSession.find
+        end
+      end
+    end
+  end
+end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb ADDED Viewed

@@ -0,0 +1,24 @@
+require File.dirname(__FILE__) + '/../../../test_helper.rb'
+module ORMAdaptersTests
+  module ActiveRecordAdapterTests
+    module ActsAsAuthenticTests
+      class LoggedInTest < ActiveSupport::TestCase
+        def test_named_scopes
+          assert_equal 0, User.logged_in.count
+          assert_equal User.count, User.logged_out.count
+          http_basic_auth_for(users(:ben)) { UserSession.find }
+          assert_equal 1, User.logged_in.count
+          assert_equal User.count - 1, User.logged_out.count
+        end
+        def test_logged_in
+          ben = users(:ben)
+          assert !ben.logged_in?
+          assert ben.update_attribute(:last_request_at, Time.now)
+          assert ben.logged_in?
+        end
+      end
+    end
+  end
+end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb ADDED Viewed

@@ -0,0 +1,45 @@
+require File.dirname(__FILE__) + '/../../../test_helper.rb'
+module ORMAdaptersTests
+  module ActiveRecordAdapterTests
+    module ActsAsAuthenticTests
+      class PersistenceTest < ActiveSupport::TestCase
+        def test_unique_token
+          assert_equal 128, User.unique_token.length
+          assert_equal 128, Employee.unique_token.length # make sure encryptions use hashes also
+          unique_tokens = []
+          1000.times { unique_tokens << User.unique_token }
+          unique_tokens.uniq!
+          assert_equal 1000, unique_tokens.size
+        end
+        def test_forget_all
+          http_basic_auth_for(users(:ben)) { UserSession.find }
+          http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
+          assert UserSession.find
+          assert UserSession.find(:ziggity_zack)
+          User.forget_all!
+          assert !UserSession.find
+          assert !UserSession.find(:ziggity_zack)
+        end
+        def test_forget
+          ben = users(:ben)
+          zack = users(:zack)
+          http_basic_auth_for(ben) { UserSession.find }
+          http_basic_auth_for(zack) { UserSession.find(:ziggity_zack) }
+          assert ben.reload.logged_in?
+          assert zack.reload.logged_in?
+          ben.forget!
+          assert !UserSession.find
+          assert UserSession.find(:ziggity_zack)
+        end
+      end
+    end
+  end
+end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb ADDED Viewed

@@ -0,0 +1,62 @@
+require File.dirname(__FILE__) + '/../../../test_helper.rb'
+module ORMAdaptersTests
+  module ActiveRecordAdapterTests
+    module ActsAsAuthenticTests
+      class SessionMaintenanceTest < ActiveSupport::TestCase
+        def test_login_after_create
+          assert User.create(:login => "awesome", :password => "saweet", :confirm_password => "saweet")
+          assert UserSession.find
+        end
+        def test_update_session_after_password_modify
+          ben = users(:ben)
+          UserSession.create(ben)
+          old_session_key = @controller.session["user_credentials"]
+          old_cookie_key = @controller.cookies["user_credentials"]
+          ben.password = "newpass"
+          ben.confirm_password = "newpass"
+          ben.save
+          assert @controller.session["user_credentials"]
+          assert @controller.cookies["user_credentials"]
+          assert_not_equal @controller.session["user_credentials"], old_session_key
+          assert_not_equal @controller.cookies["user_credentials"], old_cookie_key
+        end
+        def test_no_session_update_after_modify
+          ben = users(:ben)
+          UserSession.create(ben)
+          old_session_key = @controller.session["user_credentials"]
+          old_cookie_key = @controller.cookies["user_credentials"]
+          ben.first_name = "Ben"
+          ben.save
+          assert_equal @controller.session["user_credentials"], old_session_key
+          assert_equal @controller.cookies["user_credentials"], old_cookie_key
+        end
+        def test_updating_other_user
+          ben = users(:ben)
+          UserSession.create(ben)
+          old_session_key = @controller.session["user_credentials"]
+          old_cookie_key = @controller.cookies["user_credentials"]
+          zack = users(:zack)
+          zack.password = "newpass"
+          zack.confirm_password = "newpass"
+          zack.save
+          assert_equal @controller.session["user_credentials"], old_session_key
+          assert_equal @controller.cookies["user_credentials"], old_cookie_key
+        end
+        def test_resetting_password_when_logged_out
+          ben = users(:ben)
+          assert !UserSession.find
+          ben.password = "newpass"
+          ben.confirm_password = "newpass"
+          ben.save
+          assert UserSession.find
+          assert_equal ben, UserSession.find.record
+        end
+      end
+    end
+  end
+end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb ADDED Viewed

@@ -0,0 +1,41 @@
+require File.dirname(__FILE__) + '/../../../test_helper.rb'
+module ORMAdaptersTests
+  module ActiveRecordAdapterTests
+    module ActsAsAuthenticTests
+      class SingleAccessTest < ActiveSupport::TestCase
+        def test_before_validation
+          user = User.new
+          assert_equal nil, user.single_access_token
+          assert !user.valid?
+          assert user.single_access_token
+        end
+        def test_change_with_password
+          ben = users(:ben)
+          old_single_access_token = ben.single_access_token
+          User.acts_as_authentic(:change_single_access_token_with_password => true)
+          ben.password = "new_pass"
+          assert_not_equal old_single_access_token, ben.single_access_token
+          ben.reload
+          User.acts_as_authentic(:change_single_access_token_with_password => false)
+          ben.password = "new_pass"
+          assert_equal old_single_access_token, ben.single_access_token
+        end
+        def test_reset_single_access_token
+          ben = users(:ben)
+          old_single_access_token = ben.single_access_token
+          ben.reset_single_access_token
+          assert_not_equal old_single_access_token, ben.single_access_token
+          ben.reload
+          assert_equal old_single_access_token, ben.single_access_token
+          ben.reset_single_access_token!
+          assert_not_equal old_single_access_token, ben.single_access_token
+        end
+      end
+    end
+  end
+end

data/test/session_tests/base_test.rb CHANGED Viewed

@@ -48,6 +48,21 @@ module SessionTests
       session = UserSession.find
       assert session
       assert !session.record.last_request_at.nil?
+      UserSession.last_request_at_threshold = 2.seconds
+      assert_equal 2.seconds, UserSession.last_request_at_threshold
+      assert UserSession.find
+      last_request_at = ben.reload.last_request_at
+      sleep(1)
+      assert UserSession.find
+      assert_equal last_request_at, ben.reload.last_request_at
+      sleep(1)
+      assert UserSession.find
+      assert_not_equal last_request_at, ben.reload.last_request_at
+      UserSession.last_request_at_threshold 0
+      assert_equal 0, UserSession.last_request_at_threshold
     end
     def test_klass

data/test/session_tests/config_test.rb CHANGED Viewed

@@ -54,22 +54,15 @@ module SessionTests
     end
     def test_last_request_at_threshold
-      ben = users(:ben)
-      set_session_for(ben)
-      UserSession.last_request_at_threshold = 2.seconds
-      assert_equal 2.seconds, UserSession.last_request_at_threshold
-      assert UserSession.find
-      last_request_at = ben.reload.last_request_at
-      sleep(1)
-      assert UserSession.find
-      assert_equal last_request_at, ben.reload.last_request_at
-      sleep(1)
-      assert UserSession.find
-      assert_not_equal last_request_at, ben.reload.last_request_at
+      UserSession.last_request_at_threshold = 2.minutes
+      assert_equal 2.minutes, UserSession.last_request_at_threshold
+      session = UserSession.new
+      assert_equal 2.minutes, session.last_request_at_threshold
       UserSession.last_request_at_threshold 0
       assert_equal 0, UserSession.last_request_at_threshold
+      session = UserSession.new
+      assert_equal 0, session.last_request_at_threshold
     end
     def test_login_field
@@ -85,6 +78,18 @@ module SessionTests
       assert_equal :login, session.login_field
       assert session.respond_to?(:login)
     end
+    def test_params_key
+      UserSession.params_key = "my_params_key"
+      assert_equal "my_params_key", UserSession.params_key
+      session = UserSession.new
+      assert_equal "my_params_key", session.params_key
+      UserSession.params_key "user_credentials"
+      assert_equal "user_credentials", UserSession.params_key
+      session = UserSession.new
+      assert_equal "user_credentials", session.params_key
+    end
     def test_password_field
       UserSession.password_field = :saweet
@@ -149,6 +154,18 @@ module SessionTests
       session = UserSession.new
       assert_equal "user_credentials", session.session_key
     end
+    def test_single_access_allowed_request_types
+      UserSession.single_access_allowed_request_types = "my request type"
+      assert_equal ["my request type"], UserSession.single_access_allowed_request_types
+      session = UserSession.new
+      assert_equal ["my request type"], session.single_access_allowed_request_types
+      UserSession.single_access_allowed_request_types "application/rss+xml", "application/atom+xml"
+      assert_equal ["application/rss+xml", "application/atom+xml"], UserSession.single_access_allowed_request_types
+      session = UserSession.new
+      assert_equal ["application/rss+xml", "application/atom+xml"], session.single_access_allowed_request_types
+    end
     def test_verify_password_method
       UserSession.verify_password_method = "my_login_method"