blue_light_special 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +20 -0
- data/README.rdoc +67 -0
- data/Rakefile +95 -0
- data/VERSION +1 -0
- data/app/controllers/blue_light_special/impersonations_controller.rb +44 -0
- data/app/controllers/blue_light_special/passwords_controller.rb +84 -0
- data/app/controllers/blue_light_special/sessions_controller.rb +70 -0
- data/app/controllers/blue_light_special/users_controller.rb +48 -0
- data/app/models/blue_light_special_mailer.rb +22 -0
- data/app/models/deliver_change_password_job.rb +19 -0
- data/app/models/deliver_welcome_job.rb +17 -0
- data/app/models/impersonation.rb +26 -0
- data/app/views/blue_light_special_mailer/change_password.html.erb +9 -0
- data/app/views/impersonations/index.html.erb +5 -0
- data/app/views/passwords/edit.html.erb +23 -0
- data/app/views/passwords/new.html.erb +15 -0
- data/app/views/sessions/new.html.erb +48 -0
- data/app/views/users/_form.html.erb +21 -0
- data/app/views/users/edit.html.erb +6 -0
- data/app/views/users/new.html.erb +6 -0
- data/app/views/users/show.html.erb +8 -0
- data/generators/blue_light_special/USAGE +1 -0
- data/generators/blue_light_special/blue_light_special_generator.rb +78 -0
- data/generators/blue_light_special/lib/insert_commands.rb +33 -0
- data/generators/blue_light_special/lib/rake_commands.rb +22 -0
- data/generators/blue_light_special/templates/README +20 -0
- data/generators/blue_light_special/templates/application.html.erb +50 -0
- data/generators/blue_light_special/templates/blue_light_special.rb +21 -0
- data/generators/blue_light_special/templates/blue_light_special.yml +42 -0
- data/generators/blue_light_special/templates/factories.rb +23 -0
- data/generators/blue_light_special/templates/migrations/create_users.rb +24 -0
- data/generators/blue_light_special/templates/migrations/update_users.rb +44 -0
- data/generators/blue_light_special/templates/style.css +31 -0
- data/generators/blue_light_special/templates/user.rb +3 -0
- data/generators/blue_light_special/templates/xd_receiver.html +10 -0
- data/generators/blue_light_special/templates/xd_receiver_ssl.html +10 -0
- data/generators/blue_light_special_admin/USAGE +1 -0
- data/generators/blue_light_special_admin/blue_light_special_admin_generator.rb +30 -0
- data/generators/blue_light_special_admin/lib/insert_commands.rb +33 -0
- data/generators/blue_light_special_admin/templates/README +16 -0
- data/generators/blue_light_special_admin/templates/app/controllers/admin/admin_controller.rb +14 -0
- data/generators/blue_light_special_admin/templates/app/controllers/admin/users_controller.rb +52 -0
- data/generators/blue_light_special_admin/templates/app/views/admin/users/_form.html.erb +25 -0
- data/generators/blue_light_special_admin/templates/app/views/admin/users/edit.html.erb +6 -0
- data/generators/blue_light_special_admin/templates/app/views/admin/users/index.html.erb +7 -0
- data/generators/blue_light_special_admin/templates/app/views/admin/users/new.html.erb +6 -0
- data/generators/blue_light_special_admin/templates/app/views/admin/users/show.html.erb +10 -0
- data/generators/blue_light_special_admin/templates/test/integration/admin/users_test.rb +201 -0
- data/generators/blue_light_special_tests/USAGE +1 -0
- data/generators/blue_light_special_tests/blue_light_special_tests_generator.rb +21 -0
- data/generators/blue_light_special_tests/templates/README +58 -0
- data/generators/blue_light_special_tests/templates/test/integration/edit_profile_test.rb +35 -0
- data/generators/blue_light_special_tests/templates/test/integration/facebook_test.rb +61 -0
- data/generators/blue_light_special_tests/templates/test/integration/impersonation_test.rb +39 -0
- data/generators/blue_light_special_tests/templates/test/integration/password_reset_test.rb +128 -0
- data/generators/blue_light_special_tests/templates/test/integration/sign_in_test.rb +66 -0
- data/generators/blue_light_special_tests/templates/test/integration/sign_out_test.rb +28 -0
- data/generators/blue_light_special_tests/templates/test/integration/sign_up_test.rb +47 -0
- data/lib/blue_light_special.rb +7 -0
- data/lib/blue_light_special/authentication.rb +138 -0
- data/lib/blue_light_special/configuration.rb +32 -0
- data/lib/blue_light_special/extensions/errors.rb +6 -0
- data/lib/blue_light_special/extensions/rescue.rb +5 -0
- data/lib/blue_light_special/routes.rb +55 -0
- data/lib/blue_light_special/user.rb +241 -0
- data/rails/init.rb +4 -0
- data/shoulda_macros/blue_light_special.rb +244 -0
- data/test/controllers/passwords_controller_test.rb +184 -0
- data/test/controllers/sessions_controller_test.rb +129 -0
- data/test/controllers/users_controller_test.rb +57 -0
- data/test/models/blue_light_special_mailer_test.rb +52 -0
- data/test/models/impersonation_test.rb +25 -0
- data/test/models/user_test.rb +213 -0
- data/test/rails_root/app/controllers/accounts_controller.rb +10 -0
- data/test/rails_root/app/controllers/application_controller.rb +6 -0
- data/test/rails_root/app/helpers/application_helper.rb +5 -0
- data/test/rails_root/app/helpers/confirmations_helper.rb +2 -0
- data/test/rails_root/app/helpers/passwords_helper.rb +2 -0
- data/test/rails_root/app/models/user.rb +3 -0
- data/test/rails_root/config/boot.rb +110 -0
- data/test/rails_root/config/environment.rb +22 -0
- data/test/rails_root/config/environments/development.rb +19 -0
- data/test/rails_root/config/environments/production.rb +1 -0
- data/test/rails_root/config/environments/test.rb +37 -0
- data/test/rails_root/config/initializers/blue_light_special.rb +4 -0
- data/test/rails_root/config/initializers/inflections.rb +10 -0
- data/test/rails_root/config/initializers/mime_types.rb +5 -0
- data/test/rails_root/config/initializers/requires.rb +13 -0
- data/test/rails_root/config/initializers/time_formats.rb +4 -0
- data/test/rails_root/config/routes.rb +9 -0
- data/test/rails_root/db/migrate/20100305173127_blue_light_special_create_users.rb +21 -0
- data/test/rails_root/db/migrate/20100305173129_create_delayed_jobs.rb +20 -0
- data/test/rails_root/public/dispatch.rb +10 -0
- data/test/rails_root/script/create_project.rb +52 -0
- data/test/rails_root/test/factories/user.rb +13 -0
- data/test/rails_root/test/functional/accounts_controller_test.rb +23 -0
- data/test/rails_root/test/integration/facebook_test.rb +49 -0
- data/test/rails_root/test/integration/impersonation_test.rb +38 -0
- data/test/rails_root/test/integration/password_reset_test.rb +127 -0
- data/test/rails_root/test/integration/sign_in_test.rb +72 -0
- data/test/rails_root/test/integration/sign_out_test.rb +28 -0
- data/test/rails_root/test/integration/sign_up_test.rb +84 -0
- data/test/test_helper.rb +21 -0
- metadata +219 -0
@@ -0,0 +1,42 @@
|
|
1
|
+
#
|
2
|
+
# The mailer_sender is set as the reply address for all notification emails.
|
3
|
+
#
|
4
|
+
# Set madmimi_username and madmimi_api_key to your MadMimi account username
|
5
|
+
# and API key.
|
6
|
+
#
|
7
|
+
# The impersonation_hash is used to secure user impersonations. Set it to
|
8
|
+
# a long, random hash.
|
9
|
+
#
|
10
|
+
# To turn on Facebook Connect, set use_facebook_connect to true.
|
11
|
+
#
|
12
|
+
# If you are using Facebook Connect, you'll need to provide your
|
13
|
+
# application's API and secret keys from your Facebook application
|
14
|
+
# settings at http://facebook.com/developers.
|
15
|
+
#
|
16
|
+
|
17
|
+
development:
|
18
|
+
mailer_sender: donotreply@example.com
|
19
|
+
madmimi_username:
|
20
|
+
madmimi_api_key:
|
21
|
+
impersonation_hash:
|
22
|
+
use_facebook_connect: false
|
23
|
+
facebook_api_key:
|
24
|
+
facebook_secret_key:
|
25
|
+
|
26
|
+
test:
|
27
|
+
mailer_sender: donotreply@example.com
|
28
|
+
madmimi_username:
|
29
|
+
madmimi_api_key:
|
30
|
+
impersonation_hash:
|
31
|
+
use_facebook_connect: false
|
32
|
+
facebook_api_key:
|
33
|
+
facebook_secret_key:
|
34
|
+
|
35
|
+
production:
|
36
|
+
mailer_sender: donotreply@example.com
|
37
|
+
madmimi_username:
|
38
|
+
madmimi_api_key:
|
39
|
+
impersonation_hash:
|
40
|
+
use_facebook_connect: false
|
41
|
+
facebook_api_key:
|
42
|
+
facebook_secret_key:
|
@@ -0,0 +1,23 @@
|
|
1
|
+
Factory.sequence :email do |n|
|
2
|
+
"user#{n}@example.com"
|
3
|
+
end
|
4
|
+
|
5
|
+
Factory.sequence :facebook_id do |n|
|
6
|
+
n
|
7
|
+
end
|
8
|
+
|
9
|
+
Factory.define :user do |user|
|
10
|
+
user.email { Factory.next :email }
|
11
|
+
user.first_name { "Factory" }
|
12
|
+
user.last_name { "User" }
|
13
|
+
user.password { "password" }
|
14
|
+
user.password_confirmation { "password" }
|
15
|
+
end
|
16
|
+
|
17
|
+
Factory.define :admin_user, :parent => :user do |admin|
|
18
|
+
admin.role 'admin'
|
19
|
+
end
|
20
|
+
|
21
|
+
Factory.define :facebook_user, :parent => :user do |user|
|
22
|
+
user.facebook_uid { Factory.next :facebook_id }
|
23
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
class BlueLightSpecialCreateUsers < ActiveRecord::Migration
|
2
|
+
def self.up
|
3
|
+
create_table(:users) do |t|
|
4
|
+
t.string :email, :limit => 100
|
5
|
+
t.string :first_name, :limit => 50
|
6
|
+
t.string :last_name, :limit => 50
|
7
|
+
t.string :role, :limit => 50
|
8
|
+
t.string :encrypted_password, :limit => 128
|
9
|
+
t.string :salt, :limit => 128
|
10
|
+
t.string :remember_token, :limit => 128
|
11
|
+
t.string :facebook_uid, :limit => 50
|
12
|
+
t.string :password_reset_token, :limit => 128
|
13
|
+
t.timestamps
|
14
|
+
end
|
15
|
+
|
16
|
+
add_index :users, :email
|
17
|
+
add_index :users, :remember_token
|
18
|
+
add_index :users, :facebook_uid
|
19
|
+
end
|
20
|
+
|
21
|
+
def self.down
|
22
|
+
drop_table :users
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
class BlueLightSpecialUpdateUsers<%= schema_version_constant %> < ActiveRecord::Migration
|
2
|
+
def self.up
|
3
|
+
<%
|
4
|
+
existing_columns = ActiveRecord::Base.connection.columns(:users).collect { |each| each.name }
|
5
|
+
columns = [
|
6
|
+
[:email, 't.string :email, :limit => 100'],
|
7
|
+
[:first_name, 't.string :first_name, :limit => 50'],
|
8
|
+
[:last_name, 't.string :last_name, :limit => 50'],
|
9
|
+
[:role, 't.string :role, :limit => 50'],
|
10
|
+
[:encrypted_password, 't.string :encrypted_password, :limit => 128'],
|
11
|
+
[:salt, 't.string :salt, :limit => 128'],
|
12
|
+
[:remember_token, 't.string :remember_token, :limit => 128'],
|
13
|
+
[:facebook_uid, 't.string :facebook_uid, :limit => 50'],
|
14
|
+
[:password_reset_token, 't.string :password_reset_token, :limit => 128']
|
15
|
+
].delete_if {|c| existing_columns.include?(c.first.to_s)}
|
16
|
+
-%>
|
17
|
+
change_table(:users) do |t|
|
18
|
+
<% columns.each do |c| -%>
|
19
|
+
<%= c.last %>
|
20
|
+
<% end -%>
|
21
|
+
end
|
22
|
+
|
23
|
+
<%
|
24
|
+
existing_indexes = ActiveRecord::Base.connection.indexes(:users)
|
25
|
+
index_names = existing_indexes.collect { |each| each.name }
|
26
|
+
new_indexes = [
|
27
|
+
[:index_users_on_email, 'add_index :users, :email'],
|
28
|
+
[:index_users_on_remember_token, 'add_index :users, :remember_token'],
|
29
|
+
[:index_users_on_facebook_uid, 'add_index :users, :facebook_uid']
|
30
|
+
].delete_if { |each| index_names.include?(each.first.to_s) }
|
31
|
+
-%>
|
32
|
+
<% new_indexes.each do |each| -%>
|
33
|
+
<%= each.last %>
|
34
|
+
<% end -%>
|
35
|
+
end
|
36
|
+
|
37
|
+
def self.down
|
38
|
+
change_table(:users) do |t|
|
39
|
+
<% unless columns.empty? -%>
|
40
|
+
t.remove <%= columns.collect { |each| ":#{each.first}" }.join(',') %>
|
41
|
+
<% end -%>
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
/* Flash messages */
|
2
|
+
|
3
|
+
.notice_flash,
|
4
|
+
.failure_flash,
|
5
|
+
.success_flash {
|
6
|
+
border: 1px solid;
|
7
|
+
padding: 3px;
|
8
|
+
padding:15px 10px;
|
9
|
+
background-repeat: no-repeat;
|
10
|
+
background-position: 10px center;
|
11
|
+
margin-bottom: 10px;
|
12
|
+
font-weight: bold;
|
13
|
+
width: 60%;
|
14
|
+
margin-left: auto;
|
15
|
+
margin-right: auto;
|
16
|
+
}
|
17
|
+
|
18
|
+
.notice_flash {
|
19
|
+
color: #00529B;
|
20
|
+
background-color: #BDE5F8;
|
21
|
+
}
|
22
|
+
|
23
|
+
.failure_flash {
|
24
|
+
color: #D8000C;
|
25
|
+
background-color: #FFBABA;
|
26
|
+
}
|
27
|
+
|
28
|
+
.success_flash {
|
29
|
+
color: #4F8A10;
|
30
|
+
background-color: #DFF2BF;
|
31
|
+
}
|
@@ -0,0 +1,10 @@
|
|
1
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
|
2
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
3
|
+
<html xmlns="http://www.w3.org/1999/xhtml" >
|
4
|
+
<head>
|
5
|
+
<title>Cross-Domain Receiver Page</title>
|
6
|
+
</head>
|
7
|
+
<body>
|
8
|
+
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/XdCommReceiver.debug.js" type="text/javascript"></script>
|
9
|
+
</body>
|
10
|
+
</html>
|
@@ -0,0 +1,10 @@
|
|
1
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
|
2
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
3
|
+
<html xmlns="http://www.w3.org/1999/xhtml" >
|
4
|
+
<head>
|
5
|
+
<title>Cross-Domain Receiver Page</title>
|
6
|
+
</head>
|
7
|
+
<body>
|
8
|
+
<script src="https://ssl.connect.facebook.com/js/api_lib/v0.4/XdCommReceiver.js" type="text/javascript"></script>
|
9
|
+
</body>
|
10
|
+
</html>
|
@@ -0,0 +1 @@
|
|
1
|
+
script/generate blue_light_special_admin
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + "/lib/insert_commands.rb")
|
2
|
+
|
3
|
+
class BlueLightSpecialAdminGenerator < Rails::Generator::Base
|
4
|
+
|
5
|
+
def manifest
|
6
|
+
record do |m|
|
7
|
+
m.directory File.join("app", "controllers", "admin")
|
8
|
+
m.file "app/controllers/admin/admin_controller.rb", "app/controllers/admin/admin_controller.rb"
|
9
|
+
m.file "app/controllers/admin/users_controller.rb", "app/controllers/admin/users_controller.rb"
|
10
|
+
|
11
|
+
m.directory File.join("app", "views", "admin", "users")
|
12
|
+
["app/views/admin/users/_form.html.erb",
|
13
|
+
"app/views/admin/users/edit.html.erb",
|
14
|
+
"app/views/admin/users/index.html.erb",
|
15
|
+
"app/views/admin/users/new.html.erb",
|
16
|
+
"app/views/admin/users/show.html.erb"].each do |file|
|
17
|
+
m.file file, file
|
18
|
+
end
|
19
|
+
|
20
|
+
m.directory File.join("test", "integration", "admin")
|
21
|
+
m.file "test/integration/admin/users_test.rb", "test/integration/admin/users_test.rb"
|
22
|
+
|
23
|
+
m.insert_into "config/routes.rb",
|
24
|
+
"map.namespace :admin do |admin|\n admin.resources :users\n end"
|
25
|
+
|
26
|
+
m.readme "README"
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# Mostly pinched from http://github.com/ryanb/nifty-generators/tree/master
|
2
|
+
|
3
|
+
Rails::Generator::Commands::Base.class_eval do
|
4
|
+
def file_contains?(relative_destination, line)
|
5
|
+
File.read(destination_path(relative_destination)).include?(line)
|
6
|
+
end
|
7
|
+
end
|
8
|
+
|
9
|
+
Rails::Generator::Commands::Create.class_eval do
|
10
|
+
def insert_into(file, line)
|
11
|
+
logger.insert "#{line} into #{file}"
|
12
|
+
unless options[:pretend] || file_contains?(file, line)
|
13
|
+
gsub_file file, /^(class|module|.*Routing).*$/ do |match|
|
14
|
+
"#{match}\n #{line}"
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
Rails::Generator::Commands::Destroy.class_eval do
|
21
|
+
def insert_into(file, line)
|
22
|
+
logger.remove "#{line} from #{file}"
|
23
|
+
unless options[:pretend]
|
24
|
+
gsub_file file, "\n #{line}", ''
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
Rails::Generator::Commands::List.class_eval do
|
30
|
+
def insert_into(file, line)
|
31
|
+
logger.insert "#{line} into #{file}"
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
|
2
|
+
*******************************************************************************
|
3
|
+
|
4
|
+
Next:
|
5
|
+
|
6
|
+
1. Add a link somewhere in your app to /admin/users for admins to access the
|
7
|
+
list of users.
|
8
|
+
|
9
|
+
2. Any other admin controllers should inherit from Admin::AdminController.
|
10
|
+
This will ensure that only users who have the 'admin' role are allowed
|
11
|
+
to access the admin controllers.
|
12
|
+
|
13
|
+
3. Manually set an 'admin' role on at least one user, or you won't be able
|
14
|
+
to access the admin area.
|
15
|
+
|
16
|
+
*******************************************************************************
|
@@ -0,0 +1,52 @@
|
|
1
|
+
class Admin::UsersController < Admin::AdminController
|
2
|
+
|
3
|
+
def index
|
4
|
+
@users = User.all
|
5
|
+
end
|
6
|
+
|
7
|
+
def show
|
8
|
+
@user = User.find(params[:id])
|
9
|
+
end
|
10
|
+
|
11
|
+
def new
|
12
|
+
@user = User.new
|
13
|
+
end
|
14
|
+
|
15
|
+
def create
|
16
|
+
@user = User.new(params[:user])
|
17
|
+
@user.role = params[:user][:role]
|
18
|
+
if @user.save
|
19
|
+
flash[:notice] = "Created #{@user.name}"
|
20
|
+
redirect_to admin_user_url(@user)
|
21
|
+
else
|
22
|
+
render :action => 'new'
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def edit
|
27
|
+
@user = User.find(params[:id])
|
28
|
+
end
|
29
|
+
|
30
|
+
def update
|
31
|
+
@user = User.find(params[:id])
|
32
|
+
@user.role = params[:user][:role]
|
33
|
+
if @user.update_attributes(params[:user])
|
34
|
+
flash[:notice] = "Updated #{@user.name}"
|
35
|
+
redirect_to admin_user_url(@user)
|
36
|
+
else
|
37
|
+
render :action => 'edit'
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def destroy
|
42
|
+
@user = User.find(params[:id])
|
43
|
+
if @user != current_user
|
44
|
+
@user.destroy
|
45
|
+
flash[:notice] = "Deleted #{@user.name}"
|
46
|
+
else
|
47
|
+
flash[:error] = "Cannot delete yourself"
|
48
|
+
end
|
49
|
+
redirect_to admin_users_url
|
50
|
+
end
|
51
|
+
|
52
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
<%= form.error_messages %>
|
2
|
+
<p class="text_field">
|
3
|
+
<%= form.label :first_name %>
|
4
|
+
<%= form.text_field :first_name %>
|
5
|
+
</p>
|
6
|
+
<p class="text_field">
|
7
|
+
<%= form.label :last_name %>
|
8
|
+
<%= form.text_field :last_name %>
|
9
|
+
</p>
|
10
|
+
<p class="text_field">
|
11
|
+
<%= form.label :email %>
|
12
|
+
<%= form.text_field :email %>
|
13
|
+
</p>
|
14
|
+
<p class="password_field">
|
15
|
+
<%= form.label :password %>
|
16
|
+
<%= form.password_field :password %>
|
17
|
+
</p>
|
18
|
+
<p class="password_field">
|
19
|
+
<%= form.label :password_confirmation, "Confirm password" %>
|
20
|
+
<%= form.password_field :password_confirmation %>
|
21
|
+
</p>
|
22
|
+
<p>
|
23
|
+
<%= form.label :role %>
|
24
|
+
<%= form.collection_select :role, ['', 'admin'], :to_s, :to_s %>
|
25
|
+
</p>
|
@@ -0,0 +1,10 @@
|
|
1
|
+
<h2>User Details</h2>
|
2
|
+
|
3
|
+
<div id="user_profile">
|
4
|
+
<b>First Name:</b> <%=h @user.first_name %><br/>
|
5
|
+
<b>Last Name:</b> <%=h @user.last_name %><br/>
|
6
|
+
<b>Email:</b> <%=h @user.email %><br/>
|
7
|
+
<%= link_to 'Edit', edit_admin_user_path(@user) %><br/>
|
8
|
+
<%= link_to 'Delete', admin_user_path(@user), :method => :delete, :confirm => 'Are you sure?' %><br/>
|
9
|
+
<%= link_to 'Impersonate', impersonation_path(:user_id => @user.id), :method => :post, :id => "impersonate_#{@user.id}" %>
|
10
|
+
</div>
|
@@ -0,0 +1,201 @@
|
|
1
|
+
require File.dirname(__FILE__) + "/../../test_helper"
|
2
|
+
|
3
|
+
class Admin::UsersTest < ActionController::IntegrationTest
|
4
|
+
|
5
|
+
setup do
|
6
|
+
ActionMailer::Base.deliveries.clear
|
7
|
+
end
|
8
|
+
|
9
|
+
teardown do
|
10
|
+
ActionMailer::Base.deliveries.clear
|
11
|
+
end
|
12
|
+
|
13
|
+
context 'Signed in as an admin' do
|
14
|
+
|
15
|
+
setup do
|
16
|
+
@bob = Factory(:user, :email => 'bob@bob.bob', :first_name => 'Bob')
|
17
|
+
@joe = Factory(:user, :email => 'joe@joe.joe', :first_name => 'Joe')
|
18
|
+
@ted = Factory(:user, :email => 'ted@ted.ted', :first_name => 'Ted')
|
19
|
+
@admin_user = Factory(:admin_user, :email => 'admin@example.com')
|
20
|
+
sign_in_as(@admin_user.email, @admin_user.password)
|
21
|
+
end
|
22
|
+
|
23
|
+
context 'when listing users' do
|
24
|
+
|
25
|
+
should 'show the list of users' do
|
26
|
+
visit admin_users_url
|
27
|
+
assert_contain(/bob@bob.bob/)
|
28
|
+
assert_contain(/joe@joe.joe/)
|
29
|
+
assert_contain(/ted@ted.ted/)
|
30
|
+
end
|
31
|
+
|
32
|
+
end
|
33
|
+
|
34
|
+
context 'when creating a new user' do
|
35
|
+
|
36
|
+
context 'with valid data' do
|
37
|
+
|
38
|
+
should 'display "Created [name]"' do
|
39
|
+
create_user(:first_name => 'Tom', :last_name => 'Tom')
|
40
|
+
assert_contain(/Created Tom Tom/)
|
41
|
+
end
|
42
|
+
|
43
|
+
should 'redirect to the user show page' do
|
44
|
+
create_user(:email => 'tom@tom.tom')
|
45
|
+
user = User.find_by_email('tom@tom.tom')
|
46
|
+
assert_equal current_url, admin_user_url(user)
|
47
|
+
end
|
48
|
+
|
49
|
+
should 'be able to set the role' do
|
50
|
+
create_user(:email => 'tom@tom.tom', :role => 'admin')
|
51
|
+
user = User.find_by_email('tom@tom.tom')
|
52
|
+
assert user.admin?
|
53
|
+
end
|
54
|
+
|
55
|
+
end
|
56
|
+
|
57
|
+
context 'with invalid data' do
|
58
|
+
|
59
|
+
should 'display error messages' do
|
60
|
+
create_user(
|
61
|
+
:first_name => '',
|
62
|
+
:last_name => '',
|
63
|
+
:email => 'invalidemail',
|
64
|
+
:password_confirmation => 'bad')
|
65
|
+
assert_contain(/First name can't be blank/)
|
66
|
+
assert_contain(/Last name can't be blank/)
|
67
|
+
assert_contain(/Email is invalid/)
|
68
|
+
assert_contain(/Password doesn't match confirmation/)
|
69
|
+
end
|
70
|
+
|
71
|
+
should 'redisplay the new user form' do
|
72
|
+
create_user(:first_name => '')
|
73
|
+
assert_have_selector 'form.new_user'
|
74
|
+
end
|
75
|
+
|
76
|
+
end
|
77
|
+
|
78
|
+
end
|
79
|
+
|
80
|
+
context 'when editing a user' do
|
81
|
+
|
82
|
+
context 'with valid data' do
|
83
|
+
|
84
|
+
should 'display "Updated [name]"' do
|
85
|
+
edit_user(@ted, :first_name => 'Tom', :last_name => 'Tom' )
|
86
|
+
assert_contain(/Updated Tom Tom/)
|
87
|
+
end
|
88
|
+
|
89
|
+
should 'redirect to the user show page' do
|
90
|
+
edit_user(@ted, :email => 'tom@tom.tom')
|
91
|
+
user = User.find_by_email('tom@tom.tom')
|
92
|
+
assert_equal current_url, admin_user_url(user)
|
93
|
+
end
|
94
|
+
|
95
|
+
should 'be able to change the role' do
|
96
|
+
edit_user(@ted, :role => 'admin')
|
97
|
+
@ted.reload
|
98
|
+
assert @ted.admin?
|
99
|
+
end
|
100
|
+
|
101
|
+
end
|
102
|
+
|
103
|
+
context 'with invalid data' do
|
104
|
+
|
105
|
+
should 'display error messages' do
|
106
|
+
edit_user(@ted,
|
107
|
+
:first_name => '',
|
108
|
+
:last_name => '',
|
109
|
+
:email => 'invalidemail',
|
110
|
+
:password => 'good',
|
111
|
+
:password_confirmation => 'bad')
|
112
|
+
assert_contain(/First name can't be blank/)
|
113
|
+
assert_contain(/Last name can't be blank/)
|
114
|
+
assert_contain(/Email is invalid/)
|
115
|
+
assert_contain(/Password doesn't match confirmation/)
|
116
|
+
end
|
117
|
+
|
118
|
+
should 'redisplay the edit form' do
|
119
|
+
edit_user(@ted, :first_name => '')
|
120
|
+
assert_have_selector 'form.edit_user'
|
121
|
+
end
|
122
|
+
|
123
|
+
end
|
124
|
+
|
125
|
+
end
|
126
|
+
|
127
|
+
context 'when deleting a user' do
|
128
|
+
|
129
|
+
should 'display "Deleted [name]"' do
|
130
|
+
delete_user(@bob)
|
131
|
+
assert_contain(/Deleted Bob/)
|
132
|
+
end
|
133
|
+
|
134
|
+
should 'redirect to the user list' do
|
135
|
+
delete_user(@bob)
|
136
|
+
assert_equal current_url, admin_users_url
|
137
|
+
end
|
138
|
+
|
139
|
+
should 'not display the deleted user in the list' do
|
140
|
+
delete_user(@bob)
|
141
|
+
assert_not_contain(/bob@bob.bob/)
|
142
|
+
end
|
143
|
+
|
144
|
+
should 'not allow deleting currently logged in user' do
|
145
|
+
visit admin_user_url(@admin_user), :delete
|
146
|
+
assert_contain(/Cannot delete yourself/)
|
147
|
+
assert_contain(/admin@example.com/)
|
148
|
+
end
|
149
|
+
|
150
|
+
end
|
151
|
+
|
152
|
+
end
|
153
|
+
|
154
|
+
context 'Signed in as a non-admin user' do
|
155
|
+
|
156
|
+
setup do
|
157
|
+
@user = Factory(:user)
|
158
|
+
sign_in_as(@user.email, @user.password)
|
159
|
+
end
|
160
|
+
|
161
|
+
should 'not give access' do
|
162
|
+
visit admin_users_url
|
163
|
+
assert_not_equal current_url, admin_users_url
|
164
|
+
end
|
165
|
+
|
166
|
+
end
|
167
|
+
|
168
|
+
|
169
|
+
private
|
170
|
+
|
171
|
+
|
172
|
+
def create_user(options = {})
|
173
|
+
visit admin_users_url
|
174
|
+
click_link 'New User'
|
175
|
+
fill_in 'Email', :with => options[:email] || 'tom@tom.tom'
|
176
|
+
fill_in 'Password', :with => options[:password] || 'password'
|
177
|
+
fill_in 'Confirm Password', :with => options[:password_confirmation] || options[:password] || 'password'
|
178
|
+
fill_in 'First Name', :with => options[:first_name] || 'Tom'
|
179
|
+
fill_in 'Last Name', :with => options[:last_name] || 'Tom'
|
180
|
+
select options[:role] || '', :from => 'Role'
|
181
|
+
click_button 'Save'
|
182
|
+
end
|
183
|
+
|
184
|
+
def edit_user(user, options = {})
|
185
|
+
visit admin_user_url(user)
|
186
|
+
click_link 'Edit'
|
187
|
+
fill_in 'Email', :with => options[:email] || 'tom@tom.tom'
|
188
|
+
fill_in 'Password', :with => options[:password] || ''
|
189
|
+
fill_in 'Confirm Password', :with => options[:password_confirmation] || options[:password] || ''
|
190
|
+
fill_in 'First Name', :with => options[:first_name] || 'Tom'
|
191
|
+
fill_in 'Last Name', :with => options[:last_name] || 'Tom'
|
192
|
+
select options[:role] || '', :from => 'Role'
|
193
|
+
click_button 'Save'
|
194
|
+
end
|
195
|
+
|
196
|
+
def delete_user(user)
|
197
|
+
visit admin_user_url(user)
|
198
|
+
click_link 'Delete'
|
199
|
+
end
|
200
|
+
|
201
|
+
end
|