clearance 0.10.0 → 0.10.1

data/test/models/clearance_mailer_test.rb

@@ -19,7 +19,7 @@ class ClearanceMailerTest < ActiveSupport::TestCase
     should "contain a link to edit the user's password" do
       host = ActionMailer::Base.default_url_options[:host]
       regexp = %r{http://#{host}/users/#{@user.id}/password/edit\?token=#{@user.confirmation_token}}
-      assert_match regexp, @email.body
+      assert_match regexp, @email.body.to_s
     end
 
     should "set its subject" do

data/test/rails_root/Gemfile.lock

@@ -0,0 +1,145 @@
+PATH
+  remote: ../..
+  specs:
+    clearance (0.10.0)
+      rails (~> 3.0.0)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    abstract (1.0.0)
+    actionmailer (3.0.0)
+      actionpack (= 3.0.0)
+      mail (~> 2.2.5)
+    actionpack (3.0.0)
+      activemodel (= 3.0.0)
+      activesupport (= 3.0.0)
+      builder (~> 2.1.2)
+      erubis (~> 2.6.6)
+      i18n (~> 0.4.1)
+      rack (~> 1.2.1)
+      rack-mount (~> 0.6.12)
+      rack-test (~> 0.5.4)
+      tzinfo (~> 0.3.23)
+    activemodel (3.0.0)
+      activesupport (= 3.0.0)
+      builder (~> 2.1.2)
+      i18n (~> 0.4.1)
+    activerecord (3.0.0)
+      activemodel (= 3.0.0)
+      activesupport (= 3.0.0)
+      arel (~> 1.0.0)
+      tzinfo (~> 0.3.23)
+    activeresource (3.0.0)
+      activemodel (= 3.0.0)
+      activesupport (= 3.0.0)
+    activesupport (3.0.0)
+    arel (1.0.1)
+      activesupport (~> 3.0.0)
+    builder (2.1.2)
+    capybara (0.4.0)
+      celerity (>= 0.7.9)
+      culerity (>= 0.2.4)
+      mime-types (>= 1.16)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      selenium-webdriver (>= 0.0.27)
+      xpath (~> 0.1.2)
+    celerity (0.8.7)
+    childprocess (0.1.6)
+      ffi (~> 0.6.3)
+    configuration (1.2.0)
+    cucumber (0.10.0)
+      builder (>= 2.1.2)
+      diff-lcs (~> 1.1.2)
+      gherkin (~> 2.3.2)
+      json (~> 1.4.6)
+      term-ansicolor (~> 1.0.5)
+    cucumber-rails (0.3.2)
+      cucumber (>= 0.8.0)
+    culerity (0.2.14)
+    diff-lcs (1.1.2)
+    erubis (2.6.6)
+      abstract (>= 1.0.0)
+    factory_girl (1.3.3)
+    factory_girl_rails (1.0)
+      factory_girl (~> 1.3)
+      rails (>= 3.0.0.beta4)
+    ffi (0.6.3)
+      rake (>= 0.8.7)
+    formtastic (1.1.0.beta)
+      actionpack (>= 2.3.0)
+      activesupport (>= 2.3.0)
+      i18n (>= 0.4.0)
+    gherkin (2.3.3)
+      json (~> 1.4.6)
+    i18n (0.4.2)
+    json (1.4.6)
+    json_pure (1.4.6)
+    launchy (0.3.7)
+      configuration (>= 0.0.5)
+      rake (>= 0.8.1)
+    mail (2.2.14)
+      activesupport (>= 2.3.6)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.16)
+    mocha (0.9.8)
+      rake
+    nokogiri (1.4.1)
+    polyglot (0.3.1)
+    rack (1.2.1)
+    rack-mount (0.6.13)
+      rack (>= 1.0.0)
+    rack-test (0.5.7)
+      rack (>= 1.0)
+    rails (3.0.0)
+      actionmailer (= 3.0.0)
+      actionpack (= 3.0.0)
+      activerecord (= 3.0.0)
+      activeresource (= 3.0.0)
+      activesupport (= 3.0.0)
+      bundler (~> 1.0.0)
+      railties (= 3.0.0)
+    railties (3.0.0)
+      actionpack (= 3.0.0)
+      activesupport (= 3.0.0)
+      rake (>= 0.8.4)
+      thor (~> 0.14.0)
+    rake (0.8.7)
+    rubyzip (0.9.4)
+    selenium-webdriver (0.1.2)
+      childprocess (~> 0.1.5)
+      ffi (~> 0.6.3)
+      json_pure
+      rubyzip
+    shoulda (2.11.3)
+    sqlite3 (1.3.3)
+    sqlite3-ruby (1.3.3)
+      sqlite3 (>= 1.3.3)
+    term-ansicolor (1.0.5)
+    thor (0.14.6)
+    treetop (1.4.9)
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.24)
+    xpath (0.1.3)
+      nokogiri (~> 1.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  capybara (= 0.4.0)
+  clearance!
+  cucumber (= 0.10.0)
+  cucumber-rails (= 0.3.2)
+  factory_girl_rails (= 1.0)
+  formtastic (= 1.1.0.beta)
+  launchy (= 0.3.7)
+  mocha (= 0.9.8)
+  nokogiri (= 1.4.1)
+  rails (= 3.0.0)
+  shoulda (= 2.11.3)
+  sqlite3-ruby

data/test/rails_root/app/views/passwords/edit.html.erb

@@ -0,0 +1,21 @@
+<h2>Change your password</h2>
+
+<p>
+  Your password has been reset. Choose a new password below.
+</p>
+
+<%= semantic_form_for(:user,
+            :url  => user_password_path(@user, :token => @user.confirmation_token),
+            :html => { :method => :put }) do |form| %>
+  <%= form.error_messages %>
+  <%= form.inputs do -%>
+    <%= form.input :password, :as => :password,
+                   :label => "Choose password" %>
+    <%= form.input :password_confirmation, :as => :password,
+                   :label => "Confirm password" %>
+  <% end -%>
+  <%= form.buttons do -%>
+    <%= form.commit_button "Save this password" %>
+  <% end -%>
+<% end %>
+

data/test/rails_root/app/views/passwords/new.html.erb

@@ -0,0 +1,15 @@
+<h2>Reset your password</h2>
+
+<p>
+  We will email you a link to reset your password.
+</p>
+
+<%= semantic_form_for :password, :url => passwords_path do |form| -%>
+  <%= form.inputs do -%>
+    <%= form.input :email, :label => "Email address" %>
+  <% end -%>
+  <%= form.buttons do -%>
+    <%= form.commit_button "Reset password" %>
+  <% end -%>
+<% end -%>
+

data/test/rails_root/app/views/sessions/new.html.erb

@@ -0,0 +1,21 @@
+<h2>Sign in</h2>
+
+<%= semantic_form_for :session, :url => session_path do |form| %>
+  <%= form.inputs do %>
+    <%= form.input :email %>
+    <%= form.input :password, :as => :password %>
+  <% end %>
+  <%= form.buttons do %>
+    <%= form.commit_button "Sign in" %>
+  <% end %>
+<% end %>
+
+<ul>
+  <li>
+    <%= link_to "Sign up", sign_up_path %>
+  </li>
+  <li>
+    <%= link_to "Forgot password?", new_password_path %>
+  </li>
+</ul>
+

data/test/rails_root/app/views/users/_inputs.html.erb

@@ -0,0 +1,6 @@
+<%= form.inputs do %>
+  <%= form.input :email %>
+  <%= form.input :password %>
+  <%= form.input :password_confirmation, :label => "Confirm password" %>
+<% end %>
+

data/test/rails_root/app/views/users/new.html.erb

@@ -0,0 +1,10 @@
+<h2>Sign up</h2>
+
+<%= semantic_form_for @user do |form| %>
+  <%= form.error_messages %>
+  <%= render :partial => "/users/inputs", :locals => { :form => form } %>
+  <%= form.buttons do %>
+    <%= form.commit_button "Sign up" %>
+  <% end %>
+<% end %>
+

data/test/rails_root/db/migrate/20110209234101_clearance_create_users.rb

@@ -0,0 +1,19 @@
+class ClearanceCreateUsers < ActiveRecord::Migration
+  def self.up
+    create_table(:users) do |t|
+      t.string   :email
+      t.string   :encrypted_password, :limit => 128
+      t.string   :salt,               :limit => 128
+      t.string   :confirmation_token, :limit => 128
+      t.string   :remember_token,     :limit => 128
+      t.timestamps
+    end
+
+    add_index :users, :email
+    add_index :users, :remember_token
+  end
+
+  def self.down
+    drop_table :users
+  end
+end

data/test/rails_root/db/schema.rb

@@ -0,0 +1,28 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20110209234101) do
+
+  create_table "users", :force => true do |t|
+    t.string   "email"
+    t.string   "encrypted_password", :limit => 128
+    t.string   "salt",               :limit => 128
+    t.string   "confirmation_token", :limit => 128
+    t.string   "remember_token",     :limit => 128
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "users", ["email"], :name => "index_users_on_email"
+  add_index "users", ["remember_token"], :name => "index_users_on_remember_token"
+
+end

data/test/rails_root/features/password_reset.feature

@@ -0,0 +1,40 @@
+Feature: Password reset
+
+  In order to sign in even if I forgot my password
+  As a user
+  I want to reset my password
+
+    Scenario: User is not signed up
+      Given no user exists with an email of "email@person.com"
+      When I request password reset link to be sent to "email@person.com"
+      Then I should see "Unknown email"
+
+    Scenario: User is signed up and requests password reset
+      Given I signed up with "email@person.com/password"
+      When I request password reset link to be sent to "email@person.com"
+      Then I should see "instructions for changing your password"
+      And a password reset message should be sent to "email@person.com"
+
+    Scenario: User is signed up updated his password and types wrong confirmation
+      Given I signed up with "email@person.com/password"
+      And I go to the password reset request page
+      And I fill in "Email address" with "email@person.com"
+      And I press "Reset password"
+      When I follow the password reset link sent to "email@person.com"
+      And I update my password with "newpassword/wrongconfirmation"
+      Then I should see an error message
+      And I should be signed out
+
+    Scenario: User is signed up and updates his password
+      Given I signed up with "email@person.com/password"
+      And I go to the password reset request page
+      And I fill in "Email address" with "email@person.com"
+      And I press "Reset password"
+      When I follow the password reset link sent to "email@person.com"
+      And I update my password with "newpassword/newpassword"
+      Then I should be signed in
+      When I sign out
+      Then I should be signed out
+      And I sign in as "email@person.com/newpassword"
+      Then I should be signed in
+

data/test/rails_root/features/sign_in.feature

@@ -0,0 +1,28 @@
+Feature: Sign in
+
+  In order to get access to protected sections of the site
+  As a user
+  I want to sign in
+
+    Scenario: User is not signed up
+      Given no user exists with an email of "email@person.com"
+      When I go to the sign in page
+      And I sign in as "email@person.com/password"
+      Then I should see "Bad email or password"
+      And I should be signed out
+
+   Scenario: User enters wrong password
+      Given I am signed up as "email@person.com/password"
+      When I go to the sign in page
+      And I sign in as "email@person.com/wrongpassword"
+      Then I should see "Bad email or password"
+      And I should be signed out
+
+   Scenario: User signs in successfully
+      Given I am signed up as "email@person.com/password"
+      When I go to the sign in page
+      And I sign in as "email@person.com/password"
+      Then I should see "Signed in"
+      And I should be signed in
+      When I return next time
+      Then I should be signed in

data/test/rails_root/features/sign_out.feature

@@ -0,0 +1,16 @@
+Feature: Sign out
+
+  In order to protect my account from unauthorized access
+  As a signed in user
+  I want to sign out
+
+    Scenario: User signs out
+      Given I am signed up as "email@person.com/password"
+      When I sign in as "email@person.com/password"
+      Then I should be signed in
+      And I sign out
+      Then I should see "Signed out"
+      And I should be signed out
+      When I return next time
+      Then I should be signed out
+

data/test/rails_root/features/sign_up.feature

@@ -0,0 +1,21 @@
+Feature: Sign up
+
+  In order to get access to protected sections of the site
+  As a user
+  I want to sign up
+
+    Scenario: User signs up with invalid data
+      When I go to the sign up page
+      And I fill in "Email" with "invalidemail"
+      And I fill in "Password" with "password"
+      And I fill in "Confirm password" with ""
+      And I press "Sign up"
+      Then I should see error messages
+
+    Scenario: User signs up with valid data
+      When I go to the sign up page
+      And I fill in "Email" with "email@person.com"
+      And I fill in "Password" with "password"
+      And I fill in "Confirm password" with "password"
+      And I press "Sign up"
+      Then I should see "signed up"

data/test/rails_root/features/step_definitions/clearance_steps.rb

@@ -0,0 +1,109 @@
+# General
+
+Then /^I should see error messages$/ do
+  Then %{I should see "errors prohibited"}
+end
+
+Then /^I should see an error message$/ do
+  Then %{I should see "error prohibited"}
+end
+
+# Database
+
+Given /^no user exists with an email of "(.*)"$/ do |email|
+  assert_nil User.find_by_email(email)
+end
+
+Given /^(?:I am|I have|I) signed up (?:as|with) "(.*)\/(.*)"$/ do |email, password|
+  Factory(:user,
+          :email                 => email,
+          :password              => password,
+          :password_confirmation => password)
+end
+
+# Session
+
+Then /^I should be signed in$/ do
+  Given %{I am on the homepage}
+  Then %{I should see "Sign out"}
+end
+
+Then /^I should be signed out$/ do
+  Given %{I am on the homepage}
+  Then %{I should see "Sign in"}
+end
+
+When /^session is cleared$/ do
+  # TODO: This doesn't work with Capybara
+  # TODO: I tried Capybara.reset_sessions! but that didn't work
+  #request.reset_session
+  #controller.instance_variable_set(:@_current_user, nil)
+end
+
+Given /^(?:I am|I have|I) signed in (?:with|as) "(.*)\/(.*)"$/ do |email, password|
+  Given %{I am signed up as "#{email}/#{password}"}
+  And %{I sign in as "#{email}/#{password}"}
+end
+
+Given /^I sign in$/ do
+  email = Factory.next(:email)
+  Given %{I have signed in with "#{email}/password"}
+end
+
+# Emails
+
+Then /^a password reset message should be sent to "(.*)"$/ do |email|
+  user = User.find_by_email(email)
+  assert !user.confirmation_token.blank?
+  assert !ActionMailer::Base.deliveries.empty?
+  result = ActionMailer::Base.deliveries.any? do |email|
+    email.to == [user.email] &&
+    email.subject =~ /password/i &&
+    email.body =~ /#{user.confirmation_token}/
+  end
+  assert result
+end
+
+When /^I follow the password reset link sent to "(.*)"$/ do |email|
+  user = User.find_by_email(email)
+  visit edit_user_password_path(:user_id => user,
+                                :token   => user.confirmation_token)
+end
+
+When /^I try to change the password of "(.*)" without token$/ do |email|
+  user = User.find_by_email(email)
+  visit edit_user_password_path(:user_id => user)
+end
+
+# Actions
+
+When /^I sign in as "(.*)\/(.*)"$/ do |email, password|
+  When %{I go to the sign in page}
+  And %{I fill in "Email" with "#{email}"}
+  And %{I fill in "Password" with "#{password}"}
+  And %{I press "Sign in"}
+end
+
+When "I sign out" do
+  steps %{
+    When I go to the homepage
+    And I follow "Sign out"
+  }
+end
+
+When /^I request password reset link to be sent to "(.*)"$/ do |email|
+  When %{I go to the password reset request page}
+  And %{I fill in "Email address" with "#{email}"}
+  And %{I press "Reset password"}
+end
+
+When /^I update my password with "(.*)\/(.*)"$/ do |password, confirmation|
+  And %{I fill in "Choose password" with "#{password}"}
+  And %{I fill in "Confirm password" with "#{confirmation}"}
+  And %{I press "Save this password"}
+end
+
+When /^I return next time$/ do
+  When %{session is cleared}
+  And %{I go to the homepage}
+end