authlogic 3.5.0 → 3.8.0

data/test/acts_as_authentic_test/login_test.rb

@@ -17,7 +17,7 @@ module ActsAsAuthenticTest
       assert Employee.validate_login_field
 
       User.validate_login_field = false
-      assert !User.validate_login_field
+      refute User.validate_login_field
       User.validate_login_field true
       assert User.validate_login_field
     end
@@ -35,13 +35,26 @@ module ActsAsAuthenticTest
     def test_validates_format_of_login_field_options_config
       default = {
         :with => /\A[a-zA-Z0-9_][a-zA-Z0-9\.+\-_@ ]+\z/,
-        :message => I18n.t(
-          'error_messages.login_invalid',
-          :default => "should use only letters, numbers, spaces, and .-_@+ please."
-        )
+        :message => proc do
+          I18n.t(
+            'error_messages.login_invalid',
+            :default => "should use only letters, numbers, spaces, and .-_@+ please."
+          )
+        end
       }
-      assert_equal default, User.validates_format_of_login_field_options
-      assert_equal default, Employee.validates_format_of_login_field_options
+      default_message = default.delete(:message).call
+
+      options = User.validates_format_of_login_field_options
+      message = options.delete(:message)
+      assert message.is_a?(Proc)
+      assert_equal default_message, message.call
+      assert_equal default, options
+
+      options = Employee.validates_format_of_login_field_options
+      message = options.delete(:message)
+      assert message.is_a?(Proc)
+      assert_equal default_message, message.call
+      assert_equal default, options
 
       User.validates_format_of_login_field_options = { :yes => "no" }
       assert_equal({ :yes => "no" }, User.validates_format_of_login_field_options)
@@ -62,70 +75,70 @@ module ActsAsAuthenticTest
     def test_validates_length_of_login_field
       u = User.new
       u.login = "a"
-      assert !u.valid?
-      assert u.errors[:login].size > 0
+      refute u.valid?
+      refute u.errors[:login].empty?
 
       u.login = "aaaaaaaaaa"
-      assert !u.valid?
-      assert u.errors[:login].size == 0
+      refute u.valid?
+      assert u.errors[:login].empty?
     end
 
     def test_validates_format_of_login_field
       u = User.new
       u.login = "fdsf@^&*"
-      assert !u.valid?
-      assert u.errors[:login].size > 0
+      refute u.valid?
+      refute u.errors[:login].empty?
 
       u.login = "fdsfdsfdsfdsfs"
-      assert !u.valid?
-      assert u.errors[:login].size == 0
+      refute u.valid?
+      assert u.errors[:login].empty?
 
       u.login = "dakota.dux+1@gmail.com"
-      assert !u.valid?
-      assert u.errors[:login].size == 0
+      refute u.valid?
+      assert u.errors[:login].empty?
 
       u.login = "marks .-_@+"
-      assert !u.valid?
-      assert u.errors[:login].size == 0
+      refute u.valid?
+      assert u.errors[:login].empty?
 
       u.login = " space"
-      assert !u.valid?
-      assert u.errors[:login].size > 0
+      refute u.valid?
+      refute u.errors[:login].empty?
 
       u.login = ".dot"
-      assert !u.valid?
-      assert u.errors[:login].size > 0
+      refute u.valid?
+      refute u.errors[:login].empty?
 
       u.login = "-hyphen"
-      assert !u.valid?
-      assert u.errors[:login].size > 0
+      refute u.valid?
+      refute u.errors[:login].empty?
 
       u.login = "_underscore"
-      assert !u.valid?
-      assert u.errors[:login].size == 0
+      refute u.valid?
+      assert u.errors[:login].empty?
 
       u.login = "@atmark"
-      assert !u.valid?
-      assert u.errors[:login].size > 0
+      refute u.valid?
+      refute u.errors[:login].empty?
 
       u.login = "+plus"
-      assert !u.valid?
-      assert u.errors[:login].size > 0
+      refute u.valid?
+      refute u.errors[:login].empty?
     end
 
     def test_validates_uniqueness_of_login_field
       u = User.new
       u.login = "bjohnson"
-      assert !u.valid?
-      assert u.errors[:login].size > 0
+      refute u.valid?
+      refute u.errors[:login].empty?
 
       u.login = "BJOHNSON"
-      assert !u.valid?
-      assert u.errors[:login].size > 0
+      refute u.valid?
+      refute u.errors[:login].empty?
 
       u.login = "fdsfdsf"
-      assert !u.valid?
-      assert u.errors[:login].size == 0
+      refute u.valid?
+      assert u.errors[:login].empty?
     end
 
     def test_find_by_smart_case_login_field

data/test/acts_as_authentic_test/magic_columns_test.rb

@@ -5,23 +5,23 @@ module ActsAsAuthenticTest
     def test_validates_numericality_of_login_count
       u = User.new
       u.login_count = -1
-      assert !u.valid?
-      assert u.errors[:login_count].size > 0
+      refute u.valid?
+      refute u.errors[:login_count].empty?
 
       u.login_count = 0
-      assert !u.valid?
-      assert u.errors[:login_count].size == 0
+      refute u.valid?
+      assert u.errors[:login_count].empty?
     end
 
     def test_validates_numericality_of_failed_login_count
       u = User.new
       u.failed_login_count = -1
-      assert !u.valid?
-      assert u.errors[:failed_login_count].size > 0
+      refute u.valid?
+      refute u.errors[:failed_login_count].empty?
 
       u.failed_login_count = 0
-      assert !u.valid?
-      assert u.errors[:failed_login_count].size == 0
+      refute u.valid?
+      assert u.errors[:failed_login_count].empty?
     end
   end
 end

data/test/acts_as_authentic_test/password_test.rb

@@ -28,7 +28,7 @@ module ActsAsAuthenticTest
       assert Employee.ignore_blank_passwords
 
       User.ignore_blank_passwords = false
-      assert !User.ignore_blank_passwords
+      refute User.ignore_blank_passwords
       User.ignore_blank_passwords true
       assert User.ignore_blank_passwords
     end
@@ -36,7 +36,7 @@ module ActsAsAuthenticTest
     def test_check_passwords_against_database
       assert User.check_passwords_against_database
       User.check_passwords_against_database = false
-      assert !User.check_passwords_against_database
+      refute User.check_passwords_against_database
       User.check_passwords_against_database true
       assert User.check_passwords_against_database
     end
@@ -46,7 +46,7 @@ module ActsAsAuthenticTest
       assert Employee.validate_password_field
 
       User.validate_password_field = false
-      assert !User.validate_password_field
+      refute User.validate_password_field
       User.validate_password_field true
       assert User.validate_password_field
     end
@@ -109,7 +109,7 @@ module ActsAsAuthenticTest
       assert u.valid?
 
       u.password = u.password_confirmation = "abcdef"
-      assert !u.valid?
+      refute u.valid?
 
       assert u.errors[:password].include?("is too short (minimum is 8 characters)")
       assert u.errors[:password_confirmation].include?("is too short (minimum is 8 characters)")
@@ -120,7 +120,7 @@ module ActsAsAuthenticTest
       assert u.valid?
 
       u.password_confirmation = "abcdefghij"
-      assert !u.valid?
+      refute u.valid?
 
       if ActiveModel.respond_to?(:version) and ActiveModel.version.segments.first >= 4
         assert u.errors[:password_confirmation].include?("doesn't match Password")
@@ -134,19 +134,19 @@ module ActsAsAuthenticTest
 
       u.password = "testpass"
       u.password_confirmation = ""
-      assert !u.valid?
-      assert u.errors[:password_confirmation].size > 0
+      refute u.valid?
+      refute u.errors[:password_confirmation].empty?
 
       u.password_confirmation = "testpass"
-      assert !u.valid?
-      assert u.errors[:password_confirmation].size == 0
+      refute u.valid?
+      assert u.errors[:password_confirmation].empty?
 
       ben = users(:ben)
       assert ben.valid?
 
       ben.password = "newpasswd"
-      assert !ben.valid?
-      assert ben.errors[:password_confirmation].size > 0
+      refute ben.valid?
+      refute ben.errors[:password_confirmation].empty?
 
       ben.password_confirmation = "newpasswd"
       assert ben.valid?
@@ -180,21 +180,21 @@ module ActsAsAuthenticTest
     def test_checks_password_against_database
       ben = users(:aaron)
       ben.password = "new pass"
-      assert !ben.valid_password?("new pass")
+      refute ben.valid_password?("new pass")
       assert ben.valid_password?("aaronrocks")
     end
 
     def test_checks_password_against_database_and_always_fails_on_new_records
       user = User.new
       user.password = "new pass"
-      assert !user.valid_password?("new pass")
+      refute user.valid_password?("new pass")
     end
 
     def test_checks_password_against_object
       ben = users(:ben)
       ben.password = "new pass"
       assert ben.valid_password?("new pass", false)
-      assert !ben.valid_password?("benrocks", false)
+      refute ben.valid_password?("benrocks", false)
     end
 
     def test_reset_password

data/test/acts_as_authentic_test/perishable_token_test.rb

@@ -13,20 +13,20 @@ module ActsAsAuthenticTest
     end
 
     def test_disable_perishable_token_maintenance_config
-      assert !User.disable_perishable_token_maintenance
-      assert !Employee.disable_perishable_token_maintenance
+      refute User.disable_perishable_token_maintenance
+      refute Employee.disable_perishable_token_maintenance
 
       User.disable_perishable_token_maintenance = true
       assert User.disable_perishable_token_maintenance
       User.disable_perishable_token_maintenance false
-      assert !User.disable_perishable_token_maintenance
+      refute User.disable_perishable_token_maintenance
     end
 
     def test_validates_uniqueness_of_perishable_token
       u = User.new
       u.perishable_token = users(:ben).perishable_token
-      assert !u.valid?
-      assert u.errors[:perishable_token].size > 0
+      refute u.valid?
+      refute u.errors[:perishable_token].empty?
     end
 
     def test_before_save_reset_perishable_token

data/test/acts_as_authentic_test/persistence_token_test.rb

@@ -24,7 +24,7 @@ module ActsAsAuthenticTest
 
     def test_before_validate_reset_persistence_token
       u = User.new
-      assert !u.valid?
+      refute u.valid?
       assert_not_nil u.persistence_token
     end
 
@@ -34,8 +34,8 @@ module ActsAsAuthenticTest
       assert UserSession.find
       assert UserSession.find(:ziggity_zack)
       User.forget_all
-      assert !UserSession.find
-      assert !UserSession.find(:ziggity_zack)
+      refute UserSession.find
+      refute UserSession.find(:ziggity_zack)
     end
 
     def test_forget
@@ -49,7 +49,7 @@ module ActsAsAuthenticTest
 
       ben.forget!
 
-      assert !UserSession.find
+      refute UserSession.find
       assert UserSession.find(:ziggity_zack)
     end
   end

data/test/acts_as_authentic_test/restful_authentication_test.rb

@@ -3,8 +3,8 @@ require 'test_helper'
 module ActsAsAuthenticTest
   class RestfulAuthenticationTest < ActiveSupport::TestCase
     def test_act_like_restful_authentication_config
-      assert !User.act_like_restful_authentication
-      assert !Employee.act_like_restful_authentication
+      refute User.act_like_restful_authentication
+      refute Employee.act_like_restful_authentication
 
       User.act_like_restful_authentication = true
       assert User.act_like_restful_authentication
@@ -14,15 +14,15 @@ module ActsAsAuthenticTest
       assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
 
       User.act_like_restful_authentication false
-      assert !User.act_like_restful_authentication
+      refute User.act_like_restful_authentication
 
       User.crypto_provider = Authlogic::CryptoProviders::Sha512
       User.transition_from_crypto_providers = []
     end
 
     def test_transition_from_restful_authentication_config
-      assert !User.transition_from_restful_authentication
-      assert !Employee.transition_from_restful_authentication
+      refute User.transition_from_restful_authentication
+      refute Employee.transition_from_restful_authentication
 
       User.transition_from_restful_authentication = true
       assert User.transition_from_restful_authentication
@@ -31,7 +31,7 @@ module ActsAsAuthenticTest
       assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
 
       User.transition_from_restful_authentication false
-      assert !User.transition_from_restful_authentication
+      refute User.transition_from_restful_authentication
     end
   end
 end

data/test/acts_as_authentic_test/session_maintenance_test.rb

@@ -5,20 +5,19 @@ module ActsAsAuthenticTest
     def test_maintain_sessions_config
       assert User.maintain_sessions
       User.maintain_sessions = false
-      assert !User.maintain_sessions
+      refute User.maintain_sessions
       User.maintain_sessions true
       assert User.maintain_sessions
     end
 
     def test_login_after_create
-      assert(
-        User.create(
-          :login => "awesome",
-          :password => "saweeeet",
-          :password_confirmation => "saweeeet",
-          :email => "awesome@awesome.com"
-        )
+      user = User.create(
+        :login => "awesome",
+        :password => "saweeeet",
+        :password_confirmation => "saweeeet",
+        :email => "awesome@awesome.com"
       )
+      assert user.persisted?
       assert UserSession.find
     end
 
@@ -60,7 +59,13 @@ module ActsAsAuthenticTest
       UserSession.create(ben)
       old_session_key = controller.session["user_credentials"]
       old_cookie_key = controller.cookies["user_credentials"]
-      assert User.create(:login => "awesome", :password => "saweet", :password_confirmation => "saweet", :email => "awesome@saweet.com")
+      user = User.create(
+        :login => "awesome",
+        :password => "saweet", # Password is too short, user invalid
+        :password_confirmation => "saweet",
+        :email => "awesome@saweet.com"
+      )
+      refute user.persisted?
       assert_equal controller.session["user_credentials"], old_session_key
       assert_equal controller.cookies["user_credentials"], old_cookie_key
     end
@@ -80,7 +85,7 @@ module ActsAsAuthenticTest
 
     def test_resetting_password_when_logged_out
       ben = users(:ben)
-      assert !UserSession.find
+      refute UserSession.find
       ben.password = "newpasswd"
       ben.password_confirmation = "newpasswd"
       assert ben.save

data/test/acts_as_authentic_test/single_access_test.rb

@@ -3,25 +3,25 @@ require 'test_helper'
 module ActsAsAuthenticTest
   class SingleAccessTest < ActiveSupport::TestCase
     def test_change_single_access_token_with_password_config
-      assert !User.change_single_access_token_with_password
-      assert !Employee.change_single_access_token_with_password
+      refute User.change_single_access_token_with_password
+      refute Employee.change_single_access_token_with_password
 
       User.change_single_access_token_with_password = true
       assert User.change_single_access_token_with_password
       User.change_single_access_token_with_password false
-      assert !User.change_single_access_token_with_password
+      refute User.change_single_access_token_with_password
     end
 
     def test_validates_uniqueness_of_single_access_token
       u = User.new
       u.single_access_token = users(:ben).single_access_token
-      assert !u.valid?
-      assert u.errors[:single_access_token].size > 0
+      refute u.valid?
+      refute u.errors[:single_access_token].empty?
     end
 
     def test_before_validation_reset_single_access_token
       u = User.new
-      assert !u.valid?
+      refute u.valid?
       assert_not_nil u.single_access_token
     end
 

data/test/authenticates_many_test.rb

@@ -1,16 +1,31 @@
 require 'test_helper'
 
 class AuthenticatesManyTest < ActiveSupport::TestCase
-  def test_scoping
-    zack = users(:zack)
-    ben = users(:ben)
+  def test_employee_sessions
     binary_logic = companies(:binary_logic)
-    set_session_for(zack)
 
-    assert !binary_logic.user_sessions.find
+    # Drew is a binary_logic employee, authentication succeeds
+    drew = employees(:drew)
+    set_session_for(drew)
+    assert binary_logic.employee_sessions.find
+
+    # Jennifer is not a binary_logic employee, authentication fails
+    jennifer = employees(:jennifer)
+    set_session_for(jennifer)
+    refute binary_logic.employee_sessions.find
+  end
 
-    set_session_for(ben)
+  def test_user_sessions
+    binary_logic = companies(:binary_logic)
 
+    # Ben is a binary_logic user, authentication succeeds
+    ben = users(:ben)
+    set_session_for(ben, binary_logic)
     assert binary_logic.user_sessions.find
+
+    # Zack is not a binary_logic user, authentication fails
+    zack = users(:zack)
+    set_session_for(zack, binary_logic)
+    refute binary_logic.user_sessions.find
   end
 end

data/test/gemfiles/Gemfile.rails-5.1.x

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+gemspec :path => "./../.."
+
+gem "activerecord", "~> 5.1.0"
+gem "activesupport", "~> 5.1.0"
+gem 'sqlite3', :platforms => :ruby

data/test/gemfiles/Gemfile.rails-5.2.x

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+gemspec :path => "./../.."
+
+gem "activerecord", "~> 5.2.x"
+gem "activesupport", "~> 5.2.x"
+gem 'sqlite3', :platforms => :ruby

data/test/libs/company.rb

@@ -1,6 +1,6 @@
 class Company < ActiveRecord::Base
   authenticates_many :employee_sessions
-  authenticates_many :user_sessions
+  authenticates_many :user_sessions, scope_cookies: true
   has_many :employees, :dependent => :destroy
   has_many :users, :dependent => :destroy
 end

data/test/session_test/activation_test.rb

@@ -6,7 +6,7 @@ module SessionTest
       def test_activated
         assert UserSession.activated?
         Authlogic::Session::Base.controller = nil
-        assert !UserSession.activated?
+        refute UserSession.activated?
       end
 
       def test_controller

data/test/session_test/active_record_trickery_test.rb

@@ -49,18 +49,18 @@ module SessionTest
 
       def test_persisted
         session = UserSession.new(users(:ben))
-        assert !session.persisted?
+        refute session.persisted?
 
         session.save
         assert session.persisted?
 
         session.destroy
-        assert !session.persisted?
+        refute session.persisted?
       end
 
       def test_destroyed?
         session = UserSession.create(users(:ben))
-        assert !session.destroyed?
+        refute session.destroyed?
 
         session.destroy
         assert session.destroyed?

data/test/session_test/brute_force_protection_test.rb

@@ -25,19 +25,20 @@ module SessionTest
         ben = users(:ben)
         ben.failed_login_count = UserSession.consecutive_failed_logins_limit - 1
         assert ben.save
-        assert UserSession.create(:login => ben.login, :password => "benrocks")
+        session = UserSession.create(:login => ben.login, :password => "benrocks")
+        refute session.new_session?
       end
 
       def test_exceeded_limit
         ben = users(:ben)
         ben.failed_login_count = UserSession.consecutive_failed_logins_limit
         assert ben.save
-        assert UserSession.create(:login => ben.login, :password => "benrocks").new_session?
+        session = UserSession.create(:login => ben.login, :password => "benrocks")
+        assert session.new_session?
         assert UserSession.create(ben).new_session?
-
         ben.reload
         ben.updated_at = (UserSession.failed_login_ban_for + 2.hours.to_i).seconds.ago
-        assert !UserSession.create(ben).new_session?
+        refute UserSession.create(ben).new_session?
       end
 
       def test_exceeding_failed_logins_limit
@@ -46,14 +47,14 @@ module SessionTest
 
         2.times do |i|
           session = UserSession.new(:login => ben.login, :password => "badpassword1")
-          assert !session.save
-          assert session.errors[:password].size > 0
+          refute session.save
+          refute session.errors[:password].empty?
           assert_equal i + 1, ben.reload.failed_login_count
         end
 
         session = UserSession.new(:login => ben.login, :password => "badpassword2")
-        assert !session.save
-        assert session.errors[:password].size == 0
+        refute session.save
+        assert session.errors[:password].empty?
         assert_equal 3, ben.reload.failed_login_count
 
         UserSession.consecutive_failed_logins_limit = 50
@@ -66,12 +67,14 @@ module SessionTest
 
         2.times do |i|
           session = UserSession.new(:login => ben.login, :password => "badpassword1")
-          assert !session.save
+          refute session.save
           assert session.invalid_password?
           assert_equal i + 1, ben.reload.failed_login_count
         end
 
-        ActiveRecord::Base.connection.execute("update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'")
+        ActiveRecord::Base.connection.execute(
+          "update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
+        )
         session = UserSession.new(:login => ben.login, :password => "benrocks")
         assert session.save
         assert_equal 0, ben.reload.failed_login_count
@@ -86,14 +89,16 @@ module SessionTest
 
         2.times do |i|
           session = UserSession.new(:login => ben.login, :password => "badpassword1")
-          assert !session.save
-          assert session.errors[:password].size > 0
+          refute session.save
+          refute session.errors[:password].empty?
           assert_equal i + 1, ben.reload.failed_login_count
         end
 
-        ActiveRecord::Base.connection.execute("update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'")
+        ActiveRecord::Base.connection.execute(
+          "update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
+        )
         session = UserSession.new(:login => ben.login, :password => "badpassword1")
-        assert !session.save
+        refute session.save
         assert_equal 1, ben.reload.failed_login_count
 
         UserSession.consecutive_failed_logins_limit = 50