barkest_core 1.5.3.0

data/test/dummy/sql/my_test_view.sql

@@ -0,0 +1,3 @@
+-- 2016-12-21 08:44
+CREATE VIEW my_test_view AS
+SELECT 1 AS [one]

data/test/fixtures/access_groups.yml

@@ -0,0 +1,21 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one_one_one:
+  name: Group 1-1-1
+
+one_one:
+  name: Group 1-1
+  members: one_one_one
+
+one_two:
+  name: Group 1-2
+
+one:
+  name: Group 1
+  members: one_one, one_two
+
+two:
+  name: Group 2
+
+three:
+  name: Group 3

data/test/fixtures/users.yml

@@ -0,0 +1,71 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+admin:
+  name: Mike Smith
+  email: msmith@example.com
+  system_admin: true
+  password_digest: <%= User.digest('password') %>
+  activated: true
+  activated_at: <%= Time.zone.now %>
+
+one:
+  name: Number One
+  email: num.one@example.com
+  system_admin: false
+  password_digest: <%= User.digest('password') %>
+  activated: true
+  activated_at: <%= Time.zone.now %>
+
+two:
+  name: Number Two
+  email: num.two@example.com
+  system_admin: false
+  password_digest: <%= User.digest('password') %>
+  activation_digest: <%= User.digest('valid-token') %>
+
+standard:
+  name: John Doe
+  email: jdoe@example.com
+  password_digest: <%= User.digest('password') %>
+  activated: true
+  activated_at: <%= Time.zone.now %>
+  groups: one, two
+
+basic:
+  name: Jane Smith
+  email: jsmith@example.com
+  password_digest: <%= User.digest('password') %>
+  activated: true
+  activated_at: <%= Time.zone.now %>
+
+disabled:
+  name: Tim Thompson
+  email: tt@example.com
+  enabled: false
+  activated: true
+  activated_at: <%= Time.zone.now %>
+  disabled_at: <%= Time.zone.now - 4.weeks %>
+  password_digest: <%= User.digest('password') %>
+
+recently_disabled:
+  name: Fred Flintstone
+  email: fred@example.com
+  enabled: false
+  disabled_at: <%= Time.zone.now - 2.days %>
+  password_digest: <%= User.digest('password') %>
+
+ldap:
+  name: Miss Piggy
+  email: piggy@example.com
+  password_digest: <%= User.digest(User.new_token) %>
+  ldap: true
+  activated: true
+  activated_at: <%= Time.zone.now %>
+
+<% 30.times do |n| %>
+user_<%= n + 3 %>:
+  name: <%= "User #{n}" %>
+  email: <%= "user-#{n}@example.com" %>
+  password_digest: <%= User.digest('password') %>
+  activated: true
+  activated_at: <%= Time.zone.now %>
+<% end %>

data/test/helpers/barkest_core/sessions_helper_test.rb

@@ -0,0 +1,22 @@
+require 'test_helper'
+
+module BarkestCore
+  class SessionsHelperTest < ActionView::TestCase
+
+    def setup
+      @user = users(:standard)
+      remember(@user)
+    end
+
+    test 'current_user returns right user when session is nil' do
+      assert_equal @user, current_user
+      assert is_logged_in?
+    end
+
+    test 'current_user returns nil when remember digest is wrong' do
+      @user.update_attribute(:remember_digest, User.digest(User.new_token))
+      assert_nil current_user
+    end
+
+  end
+end

data/test/integration/access_group_mgmt_test.rb

@@ -0,0 +1,33 @@
+require 'test_helper'
+
+class AccessGroupMgmtTest < ActionDispatch::IntegrationTest
+
+  def setup
+    @admin = users(:admin)
+    @group = access_groups(:one)
+  end
+
+  # group management paths.
+  access_tests_for [ :index, :new, :create, :show, :edit, :update, :destroy ],
+                   controller: 'access_groups',
+                   create_params: { access_group: { name: 'Test Group X'} },
+                   update_params: { access_group: { name: 'Test Group X'} },
+                   allow_anon: false,
+                   allow_any_user: false,
+                   allow_admin: true
+
+  test 'update should require name' do
+    log_in_as @admin
+    patch access_group_path(@group), access_group: { name: '' }
+    assert_template 'access_groups/edit'
+    assert_select 'div#error_explanation'
+  end
+
+  test 'create should require name' do
+    log_in_as @admin
+    post access_groups_path, access_group: { name: '' }
+    assert_template 'access_groups/new'
+    assert_select 'div#error_explanation'
+  end
+
+end

data/test/integration/access_test.rb

@@ -0,0 +1,24 @@
+require 'test_helper'
+
+class AccessTest < ActionDispatch::IntegrationTest
+
+  # paths that are designed for access testing.
+  access_tests_for :allow_anon,
+                   url_helper: 'barkest_core_test_access_allow_anon_path',
+                   allow_anon: true,
+                   allow_any_user: true
+
+  access_tests_for :require_user,
+                   url_helper: 'barkest_core_test_access_require_user_path',
+                   allow_any_user: true
+
+  access_tests_for :require_group_x,
+                   url_helper: 'barkest_core_test_access_require_group_x_path',
+                   allow_groups: ['group 1', 'group 2', 'group 3']
+
+  access_tests_for :require_admin,
+                   url_helper: 'barkest_core_test_access_require_admin_path',
+                   deny_groups: ['group 1', 'group 2', 'group 3' ]
+
+
+end

data/test/integration/account_activations_access_test.rb

@@ -0,0 +1,12 @@
+require 'test_helper'
+
+class AccountActivationsAccessTest < ActionDispatch::IntegrationTest
+  access_tests_for :edit,
+                   controller: 'account_activations',
+                   url_helper: 'edit_account_activation_url(\'valid-token\', email: users(:two).email)',
+                   allow_anon: true,
+                   allow_any_user: false,
+                   allow_admin: false,
+                   success: 'user_path(users(:two))'
+
+end

data/test/integration/contact_test.rb

@@ -0,0 +1,98 @@
+require 'test_helper'
+
+class ContactTest < ActionDispatch::IntegrationTest
+
+  def setup
+    ActionMailer::Base.deliveries.clear
+    @msg = {
+        your_name: 'John Smith',
+        your_email: 'john.smith@example.com',
+        related_to: 'Other',
+        subject: 'Just a thought',
+        body: 'I just wanted to reach out and say hi.',
+    }
+  end
+
+  access_tests_for :index,
+                   url_helper: 'contact_path',
+                   allow_anon: true,
+                   allow_any_user: true
+
+  test 'valid contact message' do
+    get contact_path
+    assert_template 'contact/index'
+
+    post contact_path, barkest_core_contact_message: @msg
+
+    assert_redirected_to root_url
+    follow_redirect!
+
+    assert_not flash.empty?
+    assert_equal 1, ActionMailer::Base.deliveries.size
+  end
+
+  test 'alternate valid contact message' do
+    get contact_path
+    assert_template 'contact/index'
+
+    @msg[:related_to] = 'General Message'
+    @msg.delete(:subject)
+
+    post contact_path, barkest_core_contact_message: @msg
+
+    assert_redirected_to root_url
+    follow_redirect!
+
+    assert_not flash.empty?
+    assert_equal 1, ActionMailer::Base.deliveries.size
+  end
+
+  test 'invalid contact message' do
+    get contact_path
+    assert_template 'contact/index'
+
+    # body is required
+    post contact_path, barkest_core_contact_message: @msg.except(:body)
+    assert_template 'contact/index'
+    assert_select 'div#error_explanation'
+
+    # subject is required if 'related_to' is 'other'
+    post contact_path, barkest_core_contact_message: @msg.except(:subject)
+    assert_template 'contact/index'
+    assert_select 'div#error_explanation'
+
+    # related_to is required
+    post contact_path, barkest_core_contact_message: @msg.except(:related_to)
+    assert_template 'contact/index'
+    assert_select 'div#error_explanation'
+
+    # your_email is required
+    post contact_path, barkest_core_contact_message: @msg.except(:your_email)
+    assert_template 'contact/index'
+    assert_select 'div#error_explanation'
+
+    # your_email must be valid.
+    post contact_path, barkest_core_contact_message: @msg.merge(your_email: 'invalid')
+    assert_template 'contact/index'
+    assert_select 'div#error_explanation'
+
+    post contact_path, barkest_core_contact_message: @msg.merge(your_email: 'invalid@localhost')
+    assert_template 'contact/index'
+    assert_select 'div#error_explanation'
+
+    # your_name is required
+    post contact_path, barkest_core_contact_message: @msg.except(:your_name)
+    assert_template 'contact/index'
+    assert_select 'div#error_explanation'
+
+    # just for good measure, make sure the base @msg value is still good.
+    # if it is not then the previous tests are all invalid.
+    # so this final test must pass to validate the prior tests.
+    post contact_path, barkest_core_contact_message: @msg
+    assert_redirected_to root_url
+
+    # and after all those tests, there should be exactly one message that was processed.
+    assert_equal 1, ActionMailer::Base.deliveries.size
+  end
+
+end

data/test/integration/extra_partial_test.rb

@@ -0,0 +1,41 @@
+require 'test_helper'
+
+class ExtraPartialTest < ActionDispatch::IntegrationTest
+
+  test 'should not have templates' do
+    get root_url
+    assert_template partial: 'layouts/barkest_core/_subheader', count: 0
+  end
+
+  test 'should have subheader template' do
+    get barkest_core_testsub_page1_url
+    assert_template 'layouts/barkest_core/_subheader'
+  end
+
+  test 'should allow partial registration' do
+    partial = 'layouts/barkest_core/menu_sample'
+    template = 'layouts/barkest_core/_menu_sample'
+
+    # shouldn't be registered yet, so count should be zero.
+    get root_url
+    assert_template partial: template, count: 0
+
+    BarkestCore.register_footer_menu partial
+    get root_url
+    assert_template partial: template, count: 1
+
+    BarkestCore.register_anon_menu partial
+    get root_url
+    assert_template partial: template, count: 2
+
+    BarkestCore.register_auth_menu partial
+    get root_url
+    assert_template partial: template, count: 2   # nobody is logged in, count should still be 2
+
+    log_in_as users(:standard)
+    get root_url
+    assert_template partial: template, count: 3
+  end
+
+
+end

data/test/integration/log_view_access_test.rb

@@ -0,0 +1,12 @@
+require 'test_helper'
+
+class LogViewAccessTest < ActionDispatch::IntegrationTest
+
+  access_tests_for :index,
+                   controller: 'log_view',
+                   url_helper: 'system_log_path',
+                   allow_anon: false,
+                   allow_any_user: false,
+                   allow_admin: true
+
+end

data/test/integration/password_resets_test.rb

@@ -0,0 +1,101 @@
+require 'test_helper'
+
+class PasswordResetsTest < ActionDispatch::IntegrationTest
+
+  def setup
+    ActionMailer::Base.deliveries.clear
+    @user = users(:standard)
+  end
+
+  access_tests_for :new,
+                   allow_anon: true,
+                   allow_admin: false
+
+  # nobody should be able to access this path, in the actual integration test it should work.
+  access_tests_for :edit,
+                   url_helper: 'edit_password_reset_path(\'invalid-token\')',
+                   anon_failure: 'root_url',
+                   allow_anon: false,
+                   allow_admin: false
+
+  test 'password resets' do
+    get new_password_reset_path
+    assert_template 'password_resets/new'
+
+    # invalid email
+    post password_resets_path, password_reset: { email: 'nobody@example.com' }
+    assert_not flash.empty?
+    assert_redirected_to root_url
+    assert_equal 1, ActionMailer::Base.deliveries.size
+    email = ActionMailer::Base.deliveries.last
+    assert_match 'email address is not associated with an existing account', email.body.encoded
+
+    # valid email
+    post password_resets_path, password_reset: { email: @user.email }
+    assert_not_equal @user.reset_digest, @user.reload.reset_digest
+    user = assigns(:user)
+    assert_equal 2, ActionMailer::Base.deliveries.size
+    email = ActionMailer::Base.deliveries.last
+    assert_match edit_password_reset_path(id: user.reset_token, email: user.email), email.body.encoded
+    assert_not flash.empty?
+    assert_redirected_to root_url
+
+    # wrong email
+    get edit_password_reset_path(user.reset_token, email: 'nobody@example.com')
+    assert_redirected_to root_url
+
+    # inactive user
+    user.toggle!(:activated)
+    get edit_password_reset_path(user.reset_token, email: user.email)
+    assert_redirected_to root_url
+    user.toggle!(:activated)
+
+    # disabled user
+    user.toggle!(:enabled)
+    get edit_password_reset_path(user.reset_token, email: user.email)
+    assert_redirected_to root_url
+    user.toggle!(:enabled)
+
+    # wrong token
+    get edit_password_reset_path('wrong token', email: user.email)
+    assert_redirected_to root_url
+
+    # right email and token
+    get edit_password_reset_path(user.reset_token, email: user.email)
+    assert_template 'password_resets/edit'
+    assert_select 'input[name=email][type=hidden][value=?]', user.email
+
+    # invalid password and confirmation
+    patch password_reset_path(user.reset_token), email: user.email, user: { password: 'foobar', password_confirmation: 'bar-bq' }
+    assert_select 'div#error_explanation'
+
+    # empty password
+    patch password_reset_path(user.reset_token), email: user.email, user: { password: '', password_confirmation: '' }
+    assert_select 'div#error_explanation'
+
+    # valid password & confirmation
+    patch password_reset_path(user.reset_token), email: user.email, user: { password: 'foobaz', password_confirmation: 'foobaz' }
+    assert is_logged_in?
+    assert_not flash.empty?
+    assert_redirected_to user
+  end
+
+  test 'expired token' do
+    get new_password_reset_path
+    post password_resets_path, password_reset: { email: @user.email }
+    @user = assigns(:user)
+    @user.update_attribute(:reset_sent_at, 3.hours.ago)
+    patch password_reset_path(@user.reset_token),
+          email: @user.email,
+          user: {
+              password: 'foobar',
+              password_confirmation: 'foobar'
+          }
+    assert_response :redirect
+    follow_redirect!
+    assert_not flash.empty?
+    regex = /password\sreset\srequest\shas\sexpired/i
+    assert_match regex, response.body
+  end
+
+end