authlogic 3.8.0 → 4.0.0

data/test/acts_as_authentic_test/logged_in_status_test.rb

@@ -2,7 +2,7 @@ require 'test_helper'
 
 module ActsAsAuthenticTest
   class LoggedInStatusTest < ActiveSupport::TestCase
-    ERROR_MSG = 'Multiple calls to %s should result in different relations'
+    ERROR_MSG = 'Multiple calls to %s should result in different relations'.freeze
 
     def test_logged_in_timeout_config
       assert_equal 10.minutes.to_i, User.logged_in_timeout

data/test/acts_as_authentic_test/login_test.rb

@@ -1,44 +1,43 @@
 require 'test_helper'
 
 module ActsAsAuthenticTest
-  class LoginTest < ActiveSupport::TestCase
-    def test_login_field_config
-      assert_equal :login, User.login_field
-      assert_nil Employee.login_field
-
-      User.login_field = :nope
-      assert_equal :nope, User.login_field
-      User.login_field :login
-      assert_equal :login, User.login_field
-    end
-
-    def test_validate_login_field_config
-      assert User.validate_login_field
-      assert Employee.validate_login_field
-
-      User.validate_login_field = false
-      refute User.validate_login_field
-      User.validate_login_field true
-      assert User.validate_login_field
+  # Tests for configuration option: `validates_format_of_login_field_options`
+  class ValidatesFormatOfLoginTest < ActiveSupport::TestCase
+    def test_invalid_format
+      [
+        "fdsf@^&*",
+        " space",
+        ".dot",
+        "-hyphen",
+        "@atmark",
+        "+plus"
+      ].each do |login|
+        u = User.new(login: login)
+        refute u.valid?
+        refute u.errors[:login].empty?
+      end
     end
 
-    def test_validates_length_of_login_field_options_config
-      assert_equal({ :within => 3..100 }, User.validates_length_of_login_field_options)
-      assert_equal({ :within => 3..100 }, Employee.validates_length_of_login_field_options)
-
-      User.validates_length_of_login_field_options = { :yes => "no" }
-      assert_equal({ :yes => "no" }, User.validates_length_of_login_field_options)
-      User.validates_length_of_login_field_options({ :within => 3..100 })
-      assert_equal({ :within => 3..100 }, User.validates_length_of_login_field_options)
+    def test_valid_format
+      [
+        "fdsfdsfdsfdsfs",
+        "dakota.dux+1@gmail.com",
+        "marks .-_@+",
+        "_underscore"
+      ].each do |login|
+        u = User.new(login: login)
+        refute u.valid?
+        assert u.errors[:login].empty?
+      end
     end
 
     def test_validates_format_of_login_field_options_config
       default = {
-        :with => /\A[a-zA-Z0-9_][a-zA-Z0-9\.+\-_@ ]+\z/,
-        :message => proc do
+        with: /\A[a-zA-Z0-9_][a-zA-Z0-9\.+\-_@ ]+\z/,
+        message: proc do
           I18n.t(
             'error_messages.login_invalid',
-            :default => "should use only letters, numbers, spaces, and .-_@+ please."
+            default: "should use only letters, numbers, spaces, and .-_@+ please."
           )
         end
       }
@@ -56,18 +55,57 @@ module ActsAsAuthenticTest
       assert_equal default_message, message.call
       assert_equal default, options
 
-      User.validates_format_of_login_field_options = { :yes => "no" }
-      assert_equal({ :yes => "no" }, User.validates_format_of_login_field_options)
+      User.validates_format_of_login_field_options = { yes: "no" }
+      assert_equal({ yes: "no" }, User.validates_format_of_login_field_options)
       User.validates_format_of_login_field_options default
       assert_equal default, User.validates_format_of_login_field_options
     end
+  end
+
+  # Miscellaneous tests for configuration options related to the `login_field`.
+  # Feel free to organize these into separate `TestCase`s as we have done above
+  # with `ValidatesFormatOfLoginTest`.
+  class MiscellaneousLoginTest < ActiveSupport::TestCase
+    def test_login_field_config
+      assert_equal :login, User.login_field
+      assert_nil Employee.login_field
+
+      User.login_field = :nope
+      assert_equal :nope, User.login_field
+      User.login_field :login
+      assert_equal :login, User.login_field
+    end
+
+    def test_validate_login_field_config
+      assert User.validate_login_field
+      assert Employee.validate_login_field
+
+      User.validate_login_field = false
+      refute User.validate_login_field
+      User.validate_login_field true
+      assert User.validate_login_field
+    end
+
+    def test_validates_length_of_login_field_options_config
+      assert_equal({ within: 3..100 }, User.validates_length_of_login_field_options)
+      assert_equal({ within: 3..100 }, Employee.validates_length_of_login_field_options)
+
+      User.validates_length_of_login_field_options = { yes: "no" }
+      assert_equal({ yes: "no" }, User.validates_length_of_login_field_options)
+      User.validates_length_of_login_field_options(within: 3..100)
+      assert_equal({ within: 3..100 }, User.validates_length_of_login_field_options)
+    end
 
     def test_validates_uniqueness_of_login_field_options_config
-      default = { :case_sensitive => false, :scope => User.validations_scope, :if => "#{User.login_field}_changed?".to_sym }
+      default = {
+        case_sensitive: false,
+        scope: User.validations_scope,
+        if: "#{User.login_field}_changed?".to_sym
+      }
       assert_equal default, User.validates_uniqueness_of_login_field_options
 
-      User.validates_uniqueness_of_login_field_options = { :yes => "no" }
-      assert_equal({ :yes => "no" }, User.validates_uniqueness_of_login_field_options)
+      User.validates_uniqueness_of_login_field_options = { yes: "no" }
+      assert_equal({ yes: "no" }, User.validates_uniqueness_of_login_field_options)
       User.validates_uniqueness_of_login_field_options default
       assert_equal default, User.validates_uniqueness_of_login_field_options
     end
@@ -83,49 +121,6 @@ module ActsAsAuthenticTest
       assert u.errors[:login].empty?
     end
 
-    def test_validates_format_of_login_field
-      u = User.new
-      u.login = "fdsf@^&*"
-      refute u.valid?
-      refute u.errors[:login].empty?
-
-      u.login = "fdsfdsfdsfdsfs"
-      refute u.valid?
-      assert u.errors[:login].empty?
-
-      u.login = "dakota.dux+1@gmail.com"
-      refute u.valid?
-      assert u.errors[:login].empty?
-
-      u.login = "marks .-_@+"
-      refute u.valid?
-      assert u.errors[:login].empty?
-
-      u.login = " space"
-      refute u.valid?
-      refute u.errors[:login].empty?
-
-      u.login = ".dot"
-      refute u.valid?
-      refute u.errors[:login].empty?
-
-      u.login = "-hyphen"
-      refute u.valid?
-      refute u.errors[:login].empty?
-
-      u.login = "_underscore"
-      refute u.valid?
-      assert u.errors[:login].empty?
-
-      u.login = "@atmark"
-      refute u.valid?
-      refute u.errors[:login].empty?
-
-      u.login = "+plus"
-      refute u.valid?
-      refute u.errors[:login].empty?
-    end
-
     def test_validates_uniqueness_of_login_field
       u = User.new
       u.login = "bjohnson"

data/test/acts_as_authentic_test/password_test.rb

@@ -2,7 +2,9 @@ require 'test_helper'
 
 module ActsAsAuthenticTest
   class PasswordTest < ActiveSupport::TestCase
-    i_suck_and_my_tests_are_order_dependent! # If test_human_name is executed after test_i18n_of_human_name the test will fail.
+    # If test_human_name is executed after test_i18n_of_human_name the test will fail.
+    i_suck_and_my_tests_are_order_dependent!
+
     def test_crypted_password_field_config
       assert_equal :crypted_password, User.crypted_password_field
       assert_equal :crypted_password, Employee.crypted_password_field
@@ -52,34 +54,34 @@ module ActsAsAuthenticTest
     end
 
     def test_validates_length_of_password_field_options_config
-      default = { :minimum => 8, :if => :require_password? }
+      default = { minimum: 8, if: :require_password? }
       assert_equal default, User.validates_length_of_password_field_options
       assert_equal default, Employee.validates_length_of_password_field_options
 
-      User.validates_length_of_password_field_options = { :yes => "no" }
-      assert_equal({ :yes => "no" }, User.validates_length_of_password_field_options)
+      User.validates_length_of_password_field_options = { yes: "no" }
+      assert_equal({ yes: "no" }, User.validates_length_of_password_field_options)
       User.validates_length_of_password_field_options default
       assert_equal default, User.validates_length_of_password_field_options
     end
 
     def test_validates_confirmation_of_password_field_options_config
-      default = { :if => :require_password? }
+      default = { if: :require_password? }
       assert_equal default, User.validates_confirmation_of_password_field_options
       assert_equal default, Employee.validates_confirmation_of_password_field_options
 
-      User.validates_confirmation_of_password_field_options = { :yes => "no" }
-      assert_equal({ :yes => "no" }, User.validates_confirmation_of_password_field_options)
+      User.validates_confirmation_of_password_field_options = { yes: "no" }
+      assert_equal({ yes: "no" }, User.validates_confirmation_of_password_field_options)
       User.validates_confirmation_of_password_field_options default
       assert_equal default, User.validates_confirmation_of_password_field_options
     end
 
     def test_validates_length_of_password_confirmation_field_options_config
-      default = { :minimum => 8, :if => :require_password? }
+      default = { minimum: 8, if: :require_password? }
       assert_equal default, User.validates_length_of_password_confirmation_field_options
       assert_equal default, Employee.validates_length_of_password_confirmation_field_options
 
-      User.validates_length_of_password_confirmation_field_options = { :yes => "no" }
-      assert_equal({ :yes => "no" }, User.validates_length_of_password_confirmation_field_options)
+      User.validates_length_of_password_confirmation_field_options = { yes: "no" }
+      assert_equal({ yes: "no" }, User.validates_length_of_password_confirmation_field_options)
       User.validates_length_of_password_confirmation_field_options default
       assert_equal default, User.validates_length_of_password_confirmation_field_options
     end
@@ -105,7 +107,12 @@ module ActsAsAuthenticTest
     end
 
     def test_validates_length_of_password
-      u = User.new(login: "abcde", email: "abcde@test.com", password: "abcdefgh", password_confirmation: "abcdefgh")
+      u = User.new(
+        login: "abcde",
+        email: "abcde@test.com",
+        password: "abcdefgh",
+        password_confirmation: "abcdefgh"
+      )
       assert u.valid?
 
       u.password = u.password_confirmation = "abcdef"
@@ -116,17 +123,18 @@ module ActsAsAuthenticTest
     end
 
     def test_validates_confirmation_of_password
-      u = User.new(login: "abcde", email: "abcde@test.com", password: "abcdefgh", password_confirmation: "abcdefgh")
+      u = User.new(
+        login: "abcde",
+        email: "abcde@test.com",
+        password: "abcdefgh",
+        password_confirmation: "abcdefgh"
+      )
       assert u.valid?
 
       u.password_confirmation = "abcdefghij"
       refute u.valid?
 
-      if ActiveModel.respond_to?(:version) and ActiveModel.version.segments.first >= 4
-        assert u.errors[:password_confirmation].include?("doesn't match Password")
-      else
-        assert u.errors[:password].include?("doesn't match confirmation")
-      end
+      assert u.errors[:password_confirmation].include?("doesn't match Password")
     end
 
     def test_validates_length_of_password_confirmation
@@ -225,7 +233,11 @@ module ActsAsAuthenticTest
 
     private
 
-      def transition_password_to(crypto_provider, records, from_crypto_providers = Authlogic::CryptoProviders::Sha512)
+      def transition_password_to(
+        crypto_provider,
+        records,
+        from_crypto_providers = Authlogic::CryptoProviders::Sha512
+      )
         records = [records] unless records.is_a?(Array)
         User.acts_as_authentic do |c|
           c.crypto_provider = crypto_provider

data/test/acts_as_authentic_test/perishable_token_test.rb

@@ -60,14 +60,18 @@ module ActsAsAuthenticTest
 
     def test_find_using_perishable_token_when_perished
       ben = users(:ben)
-      ActiveRecord::Base.connection.execute("UPDATE users set updated_at = '#{1.week.ago.to_s(:db)}' where id = #{ben.id}")
+      ActiveRecord::Base.connection.execute(
+        "UPDATE users set updated_at = '#{1.week.ago.to_s(:db)}' where id = #{ben.id}"
+      )
       assert_nil User.find_using_perishable_token(ben.perishable_token)
     end
 
     def test_find_using_perishable_token_when_perished_2
       User.perishable_token_valid_for = 1.minute
       ben = users(:ben)
-      ActiveRecord::Base.connection.execute("UPDATE users set updated_at = '#{2.minutes.ago.to_s(:db)}' where id = #{ben.id}")
+      ActiveRecord::Base.connection.execute(
+        "UPDATE users set updated_at = '#{2.minutes.ago.to_s(:db)}' where id = #{ben.id}"
+      )
       assert_nil User.find_using_perishable_token(ben.perishable_token)
       User.perishable_token_valid_for = 10.minutes
     end
@@ -75,7 +79,9 @@ module ActsAsAuthenticTest
     def test_find_using_perishable_token_when_passing_threshold
       User.perishable_token_valid_for = 1.minute
       ben = users(:ben)
-      ActiveRecord::Base.connection.execute("UPDATE users set updated_at = '#{10.minutes.ago.to_s(:db)}' where id = #{ben.id}")
+      ActiveRecord::Base.connection.execute(
+        "UPDATE users set updated_at = '#{10.minutes.ago.to_s(:db)}' where id = #{ben.id}"
+      )
       assert_nil User.find_using_perishable_token(ben.perishable_token, 5.minutes)
       assert_equal ben, User.find_using_perishable_token(ben.perishable_token, 20.minutes)
       User.perishable_token_valid_for = 10.minutes

data/test/acts_as_authentic_test/persistence_token_test.rb

@@ -29,6 +29,8 @@ module ActsAsAuthenticTest
     end
 
     def test_forget_all
+      UserSession.allow_http_basic_auth = true
+
       http_basic_auth_for(users(:ben)) { UserSession.find }
       http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
       assert UserSession.find
@@ -39,6 +41,8 @@ module ActsAsAuthenticTest
     end
 
     def test_forget
+      UserSession.allow_http_basic_auth = true
+
       ben = users(:ben)
       zack = users(:zack)
       http_basic_auth_for(ben) { UserSession.find }

data/test/acts_as_authentic_test/session_maintenance_test.rb

@@ -2,23 +2,59 @@ require 'test_helper'
 
 module ActsAsAuthenticTest
   class SessionMaintenanceTest < ActiveSupport::TestCase
-    def test_maintain_sessions_config
-      assert User.maintain_sessions
-      User.maintain_sessions = false
-      refute User.maintain_sessions
-      User.maintain_sessions true
-      assert User.maintain_sessions
+    def setup
+      User.log_in_after_create = true
+      User.log_in_after_password_change = true
+    end
+
+    def test_log_in_after_create_config
+      assert User.log_in_after_create
+      User.log_in_after_create = false
+      refute User.log_in_after_create
+      User.log_in_after_create = true
+      assert User.log_in_after_create
+    end
+
+    def test_log_in_after_password_change_config
+      assert User.log_in_after_password_change
+      User.log_in_after_password_change = false
+      refute User.log_in_after_password_change
+      User.log_in_after_password_change = true
+      assert User.log_in_after_password_change
     end
 
     def test_login_after_create
+      User.log_in_after_create = true
       user = User.create(
-        :login => "awesome",
-        :password => "saweeeet",
-        :password_confirmation => "saweeeet",
-        :email => "awesome@awesome.com"
+        login: "awesome",
+        password: "saweeeet",
+        password_confirmation: "saweeeet",
+        email: "awesome@awesome.com"
       )
       assert user.persisted?
       assert UserSession.find
+      logged_in_user = UserSession.find.user
+      assert_equal logged_in_user, user
+    end
+
+    def test_no_login_after_create
+      old_user = User.create(
+        login: "awesome",
+        password: "saweeeet",
+        password_confirmation: "saweeeet",
+        email: "awesome@awesome.com"
+      )
+      User.log_in_after_create = false
+      user2 = User.create(
+        login: "awesome2",
+        password: "saweeeet2",
+        password_confirmation: "saweeeet2",
+        email: "awesome2@awesome.com"
+      )
+      assert user2.persisted?
+      logged_in_user = UserSession.find.user
+      assert_not_equal logged_in_user, user2
+      assert_equal logged_in_user, old_user
     end
 
     def test_updating_session_with_failed_magic_state
@@ -30,6 +66,7 @@ module ActsAsAuthenticTest
     end
 
     def test_update_session_after_password_modify
+      User.log_in_after_password_change = true
       ben = users(:ben)
       UserSession.create(ben)
       old_session_key = controller.session["user_credentials"]
@@ -43,6 +80,21 @@ module ActsAsAuthenticTest
       assert_not_equal controller.cookies["user_credentials"], old_cookie_key
     end
 
+    def test_no_update_session_after_password_modify
+      User.log_in_after_password_change = false
+      ben = users(:ben)
+      UserSession.create(ben)
+      old_session_key = controller.session["user_credentials"]
+      old_cookie_key = controller.cookies["user_credentials"]
+      ben.password = "newpasswd"
+      ben.password_confirmation = "newpasswd"
+      assert ben.save
+      assert controller.session["user_credentials"]
+      assert controller.cookies["user_credentials"]
+      assert_equal controller.session["user_credentials"], old_session_key
+      assert_equal controller.cookies["user_credentials"], old_cookie_key
+    end
+
     def test_no_session_update_after_modify
       ben = users(:ben)
       UserSession.create(ben)
@@ -60,10 +112,10 @@ module ActsAsAuthenticTest
       old_session_key = controller.session["user_credentials"]
       old_cookie_key = controller.cookies["user_credentials"]
       user = User.create(
-        :login => "awesome",
-        :password => "saweet", # Password is too short, user invalid
-        :password_confirmation => "saweet",
-        :email => "awesome@saweet.com"
+        login: "awesome",
+        password: "saweet", # Password is too short, user invalid
+        password_confirmation: "saweet",
+        email: "awesome@saweet.com"
       )
       refute user.persisted?
       assert_equal controller.session["user_credentials"], old_session_key