clearance 0.16.3 → 1.0.0.rc1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of clearance might be problematic. Click here for more details.

Files changed (85) hide show
  1. data/.gitignore +1 -0
  2. data/.travis.yml +0 -2
  3. data/Appraisals +2 -2
  4. data/CONTRIBUTING.md +10 -19
  5. data/Gemfile +1 -1
  6. data/Gemfile.lock +81 -82
  7. data/NEWS.md +17 -4
  8. data/README.md +176 -113
  9. data/app/controllers/clearance/passwords_controller.rb +44 -31
  10. data/app/controllers/clearance/sessions_controller.rb +11 -10
  11. data/app/controllers/clearance/users_controller.rb +8 -12
  12. data/app/mailers/clearance_mailer.rb +4 -5
  13. data/app/views/clearance_mailer/change_password.html.erb +2 -4
  14. data/app/views/layouts/application.html.erb +7 -5
  15. data/app/views/passwords/edit.html.erb +8 -7
  16. data/app/views/passwords/new.html.erb +6 -5
  17. data/app/views/sessions/_form.html.erb +7 -5
  18. data/app/views/sessions/new.html.erb +3 -2
  19. data/app/views/users/_form.html.erb +4 -3
  20. data/clearance.gemspec +29 -27
  21. data/config/routes.rb +10 -13
  22. data/db/migrate/20110111224543_create_clearance_users.rb +18 -0
  23. data/db/schema.rb +4 -5
  24. data/features/engine/visitor_resets_password.feature +0 -7
  25. data/features/engine/visitor_signs_in.feature +7 -0
  26. data/features/engine/visitor_signs_up.feature +2 -2
  27. data/features/integration.feature +0 -1
  28. data/features/integration_with_test_unit.feature +43 -0
  29. data/features/step_definitions/configuration_steps.rb +8 -15
  30. data/features/step_definitions/engine/clearance_steps.rb +38 -38
  31. data/features/support/clearance.rb +1 -1
  32. data/features/support/env.rb +4 -21
  33. data/gemfiles/{3.0.12.gemfile → 3.0.15.gemfile} +1 -1
  34. data/gemfiles/{3.0.12.gemfile.lock → 3.0.15.gemfile.lock} +75 -76
  35. data/gemfiles/{3.2.3.gemfile → 3.1.6.gemfile} +1 -1
  36. data/gemfiles/{3.1.4.gemfile.lock → 3.1.6.gemfile.lock} +79 -80
  37. data/gemfiles/{3.1.4.gemfile → 3.2.6.gemfile} +1 -1
  38. data/gemfiles/{3.2.3.gemfile.lock → 3.2.6.gemfile.lock} +80 -81
  39. data/lib/clearance.rb +1 -0
  40. data/lib/clearance/authentication.rb +37 -69
  41. data/lib/clearance/configuration.rb +3 -18
  42. data/lib/clearance/constraints.rb +2 -0
  43. data/lib/clearance/constraints/signed_in.rb +28 -0
  44. data/lib/clearance/constraints/signed_out.rb +9 -0
  45. data/lib/clearance/engine.rb +4 -4
  46. data/lib/clearance/password_strategies.rb +5 -1
  47. data/lib/clearance/password_strategies/bcrypt.rb +27 -0
  48. data/lib/clearance/password_strategies/bcrypt_migration_from_sha1.rb +52 -0
  49. data/lib/clearance/password_strategies/blowfish.rb +11 -15
  50. data/lib/clearance/password_strategies/fake.rb +23 -0
  51. data/lib/clearance/password_strategies/sha1.rb +15 -21
  52. data/lib/clearance/session.rb +28 -20
  53. data/lib/clearance/testing.rb +8 -3
  54. data/lib/clearance/testing/assertion_error.rb +2 -7
  55. data/lib/clearance/testing/deny_access_matcher.rb +27 -32
  56. data/lib/clearance/testing/helpers.rb +7 -8
  57. data/lib/clearance/user.rb +26 -92
  58. data/lib/clearance/version.rb +1 -1
  59. data/lib/generators/clearance/install/templates/db/migrate/upgrade_clearance_to_diesel.rb +24 -26
  60. data/spec/clearance/constraints/signed_in_spec.rb +51 -0
  61. data/spec/clearance/constraints/signed_out_spec.rb +15 -0
  62. data/spec/clearance/rack_session_spec.rb +8 -7
  63. data/spec/clearance/session_spec.rb +28 -27
  64. data/spec/configuration_spec.rb +7 -6
  65. data/spec/controllers/denies_controller_spec.rb +11 -10
  66. data/spec/controllers/flashes_controller_spec.rb +5 -5
  67. data/spec/controllers/forgeries_controller_spec.rb +9 -9
  68. data/spec/controllers/passwords_controller_spec.rb +42 -55
  69. data/spec/controllers/sessions_controller_spec.rb +26 -33
  70. data/spec/controllers/users_controller_spec.rb +16 -14
  71. data/spec/factories.rb +1 -3
  72. data/spec/mailers/clearance_mailer_spec.rb +4 -4
  73. data/spec/models/bcrypt_migration_from_sha1_spec.rb +71 -0
  74. data/spec/models/bcrypt_spec.rb +40 -0
  75. data/spec/models/blowfish_spec.rb +14 -13
  76. data/spec/models/{clearance_user_spec.rb → password_strategies_spec.rb} +5 -5
  77. data/spec/models/sha1_spec.rb +18 -13
  78. data/spec/models/user_spec.rb +58 -73
  79. data/spec/spec_helper.rb +5 -6
  80. data/spec/support/clearance.rb +0 -4
  81. data/spec/support/cookies.rb +25 -27
  82. data/spec/support/request_with_remember_token.rb +19 -0
  83. metadata +95 -90
  84. data/db/migrate/20110111224543_create_diesel_clearance_users.rb +0 -19
  85. data/init.rb +0 -1
data/spec/clearance/constraints/signed_in_spec.rb ADDED
@@ -0,0 +1,51 @@
1
+ require 'spec_helper'
2
+
3
+ describe Clearance::Constraints::SignedIn do
4
+ it 'returns true when user is signed in' do
5
+ user = create(:user)
6
+ signed_in_constraint = Clearance::Constraints::SignedIn.new
7
+ signed_in_constraint.matches?(request_with_remember_token(user.remember_token)).
8
+ should be_true
9
+ end
10
+
11
+ it 'returns false when user is not signed in' do
12
+ signed_in_constraint = Clearance::Constraints::SignedIn.new
13
+ signed_in_constraint.matches?(request_without_remember_token).should be_false
14
+ end
15
+
16
+ it 'yields a signed-in user to a provided block' do
17
+ user = create(:user, :email => 'before@example.com')
18
+
19
+ signed_in_constraint = Clearance::Constraints::SignedIn.new do |user|
20
+ user.update_attribute :email, 'after@example.com'
21
+ end
22
+
23
+ signed_in_constraint.matches?(request_with_remember_token(user.remember_token))
24
+ user.reload.email.should == 'after@example.com'
25
+ end
26
+
27
+ it 'does not yield a user if they are not signed in' do
28
+ user = create(:user, :email => 'before@example.com')
29
+
30
+ signed_in_constraint = Clearance::Constraints::SignedIn.new do |user|
31
+ user.update_attribute :email, 'after@example.com'
32
+ end
33
+
34
+ signed_in_constraint.matches?(request_without_remember_token)
35
+ user.reload.email.should == 'before@example.com'
36
+ end
37
+
38
+ it 'matches if the user-provided block returns true' do
39
+ user = create(:user)
40
+ signed_in_constraint = Clearance::Constraints::SignedIn.new { |user| true }
41
+ signed_in_constraint.matches?(request_with_remember_token(user.remember_token)).
42
+ should be_true
43
+ end
44
+
45
+ it 'does not match if the user-provided block returns false' do
46
+ user = create(:user)
47
+ signed_in_constraint = Clearance::Constraints::SignedIn.new { |user| false }
48
+ signed_in_constraint.matches?(request_with_remember_token(user.remember_token)).
49
+ should be_false
50
+ end
51
+ end
data/spec/clearance/constraints/signed_out_spec.rb ADDED
@@ -0,0 +1,15 @@
1
+ require 'spec_helper'
2
+
3
+ describe Clearance::Constraints::SignedOut do
4
+ it 'returns true when user is signed out' do
5
+ signed_out_constraint = Clearance::Constraints::SignedOut.new
6
+ signed_out_constraint.matches?(request_without_remember_token).should be_true
7
+ end
8
+
9
+ it 'returns false when user is not signed out' do
10
+ user = create(:user)
11
+ signed_out_constraint = Clearance::Constraints::SignedOut.new
12
+ signed_out_constraint.matches?(request_with_remember_token(user.remember_token)).
13
+ should be_false
14
+ end
15
+ end
data/spec/clearance/rack_session_spec.rb CHANGED
@@ -1,23 +1,24 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe Clearance::RackSession do
4
- it "injects a clearance session into the environment" do
5
- expected_session = "the session"
6
- expected_session.stubs(:add_cookie_to_headers)
7
- Clearance::Session.stubs(:new => expected_session)
8
- headers = { "X-Roaring-Lobster" => "Red" }
4
+ it 'injects a clearance session into the environment' do
5
+ expected_session = 'the session'
6
+ expected_session.stubs :add_cookie_to_headers
7
+ Clearance::Session.stubs :new => expected_session
8
+ headers = { 'X-Roaring-Lobster' => 'Red' }
9
9
 
10
10
  app = Rack::Builder.new do
11
11
  use Clearance::RackSession
12
12
  run lambda { |env| Rack::Response.new(env[:clearance], 200, headers).finish }
13
13
  end
14
14
 
15
- env = Rack::MockRequest.env_for("/")
15
+ env = Rack::MockRequest.env_for('/')
16
16
 
17
17
  response = Rack::MockResponse.new(*app.call(env))
18
18
 
19
19
  Clearance::Session.should have_received(:new).with(env)
20
20
  response.body.should == expected_session
21
- expected_session.should have_received(:add_cookie_to_headers).with(has_entries(headers))
21
+ expected_session.should have_received(:add_cookie_to_headers).
22
+ with(has_entries(headers))
22
23
  end
23
24
  end
data/spec/clearance/session_spec.rb CHANGED
@@ -4,95 +4,101 @@ describe Clearance::Session do
4
4
  before { Timecop.freeze }
5
5
  after { Timecop.return }
6
6
 
7
- it "finds a user from a cookie" do
7
+ it 'finds a user from a cookie' do
8
8
  user = create(:user)
9
9
  env = env_with_remember_token(user.remember_token)
10
-
11
10
  session = Clearance::Session.new(env)
12
11
  session.should be_signed_in
13
12
  session.current_user.should == user
14
13
  end
15
14
 
16
- it "returns nil for an unknown user" do
15
+ it 'returns nil for an unknown user' do
17
16
  user = create(:user)
18
- env = env_with_remember_token("bogus")
19
-
17
+ env = env_with_remember_token('bogus')
20
18
  session = Clearance::Session.new(env)
21
- session.should_not be_signed_in
19
+ session.should be_signed_out
22
20
  session.current_user.should be_nil
23
21
  end
24
22
 
25
- it "returns nil without a remember token" do
23
+ it 'returns nil without a remember token' do
26
24
  env = env_without_remember_token
27
25
  session = Clearance::Session.new(env)
28
- session.should_not be_signed_in
26
+ session.should be_signed_out
29
27
  session.current_user.should be_nil
30
28
  end
31
29
 
32
- it "signs in a given user" do
30
+ it 'signs in a given user' do
33
31
  user = create(:user)
34
32
  session = Clearance::Session.new(env_without_remember_token)
35
33
  session.sign_in user
36
34
  session.current_user.should == user
37
35
  end
38
36
 
39
- it "sets a remember token cookie with a default expiration of 1 year from now" do
37
+ it 'sets a remember token cookie with a default expiration of 1 year from now' do
40
38
  user = create(:user)
41
39
  headers = {}
42
40
  session = Clearance::Session.new(env_without_remember_token)
43
41
  session.sign_in user
44
42
  session.add_cookie_to_headers headers
45
- headers.should set_cookie("remember_token", user.remember_token, 1.year.from_now)
43
+ headers.should set_cookie('remember_token', user.remember_token, 1.year.from_now)
46
44
  end
47
45
 
48
- it "sets a remember token cookie with a custom expiration" do
46
+ it 'sets a remember token cookie with a custom expiration' do
49
47
  custom_expiration = 1.day.from_now
48
+
50
49
  with_custom_expiration 1.day.from_now do
51
50
  user = create(:user)
52
51
  headers = {}
53
52
  session = Clearance::Session.new(env_without_remember_token)
54
53
  session.sign_in user
55
54
  session.add_cookie_to_headers headers
56
- headers.should set_cookie("remember_token", user.remember_token, 1.day.from_now)
57
- Clearance.configuration.cookie_expiration.call.should be_within(100).of(1.year.from_now)
55
+ headers.should set_cookie('remember_token', user.remember_token, 1.day.from_now)
56
+ Clearance.configuration.cookie_expiration.call.should be_within(100).
57
+ of(1.year.from_now)
58
58
  end
59
59
  end
60
60
 
61
- it "doesn't set a remember token when signed out" do
61
+ it 'does not set a remember token when signed out' do
62
62
  headers = {}
63
63
  session = Clearance::Session.new(env_without_remember_token)
64
64
  session.add_cookie_to_headers headers
65
- headers.should_not set_cookie("remember_token")
65
+ headers.should_not set_cookie('remember_token')
66
66
  end
67
67
 
68
- it "signs out a user" do
68
+ it 'signs out a user' do
69
69
  user = create(:user)
70
70
  old_remember_token = user.remember_token
71
71
  env = env_with_remember_token(old_remember_token)
72
-
73
72
  session = Clearance::Session.new(env)
74
73
  session.sign_out
75
74
  session.current_user.should be_nil
76
75
  user.reload.remember_token.should_not == old_remember_token
77
76
  end
78
77
 
78
+ def env_with_cookies(cookies)
79
+ Rack::MockRequest.env_for '/', 'HTTP_COOKIE' => serialize_cookies(cookies)
80
+ end
81
+
79
82
  def env_with_remember_token(token)
80
- env_with_cookies("remember_token" => token)
83
+ env_with_cookies 'remember_token' => token
81
84
  end
82
85
 
83
86
  def env_without_remember_token
84
87
  env_with_cookies({})
85
88
  end
86
89
 
87
- def env_with_cookies(cookies)
88
- Rack::MockRequest.env_for("/", "HTTP_COOKIE" => serialize_cookies(cookies))
90
+ def restore_default_config
91
+ Clearance.configuration = nil
92
+ Clearance.configure {}
89
93
  end
90
94
 
91
95
  def serialize_cookies(hash)
92
96
  header = {}
97
+
93
98
  hash.each do |key, value|
94
- Rack::Utils.set_cookie_header!(header, key, value)
99
+ Rack::Utils.set_cookie_header! header, key, value
95
100
  end
101
+
96
102
  header['Set-Cookie']
97
103
  end
98
104
 
@@ -101,9 +107,4 @@ describe Clearance::Session do
101
107
  ensure
102
108
  restore_default_config
103
109
  end
104
-
105
- def restore_default_config
106
- Clearance.configuration = nil
107
- Clearance.configure {}
108
- end
109
110
  end
data/spec/configuration_spec.rb CHANGED
@@ -1,20 +1,21 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe Clearance::Configuration do
4
- describe "when no user_model_name is specified" do
4
+ describe 'when no user_model_name is specified' do
5
5
  before do
6
6
  Clearance.configure do |config|
7
7
  end
8
8
  end
9
9
 
10
- it "defaults to User" do
10
+ it 'defaults to User' do
11
11
  Clearance.configuration.user_model.should == ::User
12
12
  end
13
13
  end
14
14
 
15
- describe "when a custom user_model_name is specified" do
15
+ describe 'when a custom user_model_name is specified' do
16
16
  before do
17
17
  MyUser = Class.new
18
+
18
19
  Clearance.configure do |config|
19
20
  config.user_model = MyUser
20
21
  end
@@ -26,8 +27,8 @@ describe Clearance::Configuration do
26
27
  end
27
28
  end
28
29
 
29
- it "is used instead of User" do
30
+ it 'is used instead of User' do
30
31
  Clearance.configuration.user_model.should == ::MyUser
31
32
  end
32
- end
33
- end
33
+ end
34
+ end
data/spec/controllers/denies_controller_spec.rb CHANGED
@@ -5,17 +5,17 @@ class DeniesController < ActionController::Base
5
5
  before_filter :authorize, :only => :show
6
6
 
7
7
  def new
8
- render :text => "New page"
8
+ render :text => 'New page'
9
9
  end
10
10
 
11
11
  def show
12
- render :text => "Show page"
12
+ render :text => 'Show page'
13
13
  end
14
14
 
15
15
  protected
16
16
 
17
17
  def authorize
18
- deny_access("Access denied.")
18
+ deny_access 'Access denied.'
19
19
  end
20
20
  end
21
21
 
@@ -31,30 +31,31 @@ describe DeniesController do
31
31
  Rails.application.reload_routes!
32
32
  end
33
33
 
34
- context "signed in user" do
34
+ context 'signed in user' do
35
35
  before { sign_in }
36
36
 
37
- it "allows access to new" do
37
+ it 'allows access to new' do
38
38
  get :new
39
39
  subject.should_not deny_access
40
40
  end
41
41
 
42
- it "denies access to show" do
42
+ it 'denies access to show' do
43
43
  get :show
44
44
  subject.should deny_access(:redirect => '/')
45
45
  end
46
46
  end
47
47
 
48
- context "visitor" do
49
- it "allows access to new" do
48
+ context 'visitor' do
49
+ it 'allows access to new' do
50
50
  get :new
51
51
  subject.should_not deny_access
52
52
  end
53
53
 
54
- it "denies access to show" do
54
+ it 'denies access to show' do
55
55
  get :show
56
56
  subject.should deny_access
57
- subject.should deny_access(:redirect => sign_in_url, :flash => "Access denied.")
57
+ subject.should deny_access(:redirect => sign_in_url,
58
+ :flash => 'Access denied.')
58
59
  end
59
60
  end
60
61
  end
data/spec/controllers/flashes_controller_spec.rb CHANGED
@@ -16,8 +16,8 @@ end
16
16
  describe FlashesController do
17
17
  before do
18
18
  Rails.application.routes.draw do
19
- match "set_flash" => "flashes#set_flash"
20
- match "view_flash" => "flashes#view_flash"
19
+ match 'set_flash' => 'flashes#set_flash'
20
+ match 'view_flash' => 'flashes#view_flash'
21
21
  end
22
22
  end
23
23
 
@@ -25,8 +25,8 @@ describe FlashesController do
25
25
  Rails.application.reload_routes!
26
26
  end
27
27
 
28
- it "sets and views a flash" do
29
- visit "/set_flash?message=hello"
30
- page.should have_content("hello")
28
+ it 'sets and views a flash' do
29
+ visit '/set_flash?message=hello'
30
+ page.should have_content('hello')
31
31
  end
32
32
  end
data/spec/controllers/forgeries_controller_spec.rb CHANGED
@@ -14,7 +14,7 @@ class ForgeriesController < ActionController::Base
14
14
  end
15
15
 
16
16
  describe ForgeriesController do
17
- context "signed in user" do
17
+ context 'signed in user' do
18
18
  before do
19
19
  Rails.application.routes.draw do
20
20
  resources :forgeries
@@ -22,26 +22,26 @@ describe ForgeriesController do
22
22
  end
23
23
 
24
24
  @user = create(:user)
25
- @user.update_attribute(:remember_token, "old-token")
26
- @request.cookies["remember_token"] = "old-token"
27
- @request.session[:_csrf_token] = "golden-ticket"
25
+ @user.update_attribute(:remember_token, 'old-token')
26
+ @request.cookies['remember_token'] = 'old-token'
27
+ @request.session[:_csrf_token] = 'golden-ticket'
28
28
  end
29
29
 
30
30
  after do
31
31
  Rails.application.reload_routes!
32
32
  end
33
33
 
34
- it "succeeds with authentic token" do
35
- post :create, :authenticity_token => "golden-ticket"
34
+ it 'succeeds with authentic token' do
35
+ post :create, :authenticity_token => 'golden-ticket'
36
36
  subject.should redirect_to(:action => 'index')
37
37
  end
38
38
 
39
- it "fails with invalid token" do
40
- post :create, :authenticity_token => "hax0r"
39
+ it 'fails with invalid token' do
40
+ post :create, :authenticity_token => 'hax0r'
41
41
  subject.should deny_access
42
42
  end
43
43
 
44
- it "fails with no token" do
44
+ it 'fails with no token' do
45
45
  post :create
46
46
  subject.should deny_access
47
47
  end
data/spec/controllers/passwords_controller_spec.rb CHANGED
@@ -3,40 +3,41 @@ require 'spec_helper'
3
3
  describe Clearance::PasswordsController do
4
4
  include Shoulda::Matchers::ActionMailer
5
5
 
6
- it { should route(:get, '/users/1/password/edit').
7
- to(:controller => 'clearance/passwords', :action => 'edit', :user_id => '1') }
6
+ it {
7
+ should route(:get, '/users/1/password/edit').
8
+ to(:controller => 'clearance/passwords', :action => 'edit', :user_id => '1')
9
+ }
8
10
 
9
- describe "a signed up user" do
11
+ describe 'a signed up user' do
10
12
  before do
11
13
  @user = create(:user)
12
14
  end
13
15
 
14
- describe "on GET to #new" do
16
+ describe 'on GET to #new' do
15
17
  before { get :new, :user_id => @user.to_param }
16
18
 
17
19
  it { should respond_with(:success) }
18
20
  it { should render_template(:new) }
19
21
  end
20
22
 
21
- describe "on POST to #create" do
22
- describe "with correct email address" do
23
+ describe 'on POST to #create' do
24
+ describe 'with correct email address' do
23
25
  before do
24
26
  ActionMailer::Base.deliveries.clear
25
27
  post :create, :password => { :email => @user.email }
26
28
  end
27
29
 
28
- it "should generate a token for the change your password email" do
30
+ it 'should generate a token for the change your password email' do
29
31
  @user.reload.confirmation_token.should_not be_nil
30
32
  end
31
33
 
32
34
  it { should have_sent_email.with_subject(/change your password/i) }
33
-
34
35
  it { should respond_with(:success) }
35
36
  end
36
37
 
37
- describe "with incorrect email address" do
38
+ describe 'with incorrect email address' do
38
39
  before do
39
- email = "user1@example.com"
40
+ email = 'user1@example.com'
40
41
  (Clearance.configuration.user_model.exists?(['email = ?', email])).should_not be
41
42
  ActionMailer::Base.deliveries.clear
42
43
  @user.reload.confirmation_token.should == @user.confirmation_token
@@ -44,11 +45,11 @@ describe Clearance::PasswordsController do
44
45
  post :create, :password => { :email => email }
45
46
  end
46
47
 
47
- it "should not generate a token for the change your password email" do
48
+ it 'should not generate a token for the change your password email' do
48
49
  @user.reload.confirmation_token.should == @user.confirmation_token
49
50
  end
50
51
 
51
- it "should not send a password reminder email" do
52
+ it 'should not send a password reminder email' do
52
53
  ActionMailer::Base.deliveries.should be_empty
53
54
  end
54
55
 
@@ -58,19 +59,19 @@ describe Clearance::PasswordsController do
58
59
  end
59
60
  end
60
61
 
61
- describe "a signed up user and forgotten password" do
62
+ describe 'a signed up user and forgotten password' do
62
63
  before do
63
64
  @user = create(:user)
64
65
  @user.forgot_password!
65
66
  end
66
67
 
67
- describe "on GET to #edit with correct id and token" do
68
+ describe 'on GET to #edit with correct id and token' do
68
69
  before do
69
70
  get :edit, :user_id => @user.to_param,
70
- :token => @user.confirmation_token
71
+ :token => @user.confirmation_token
71
72
  end
72
73
 
73
- it "should find the user" do
74
+ it 'should find the user' do
74
75
  assigns(:user).should == @user
75
76
  end
76
77
 
@@ -78,16 +79,16 @@ describe Clearance::PasswordsController do
78
79
  it { should render_template(:edit) }
79
80
  end
80
81
 
81
- describe "on GET to #edit with correct id but blank token" do
82
+ describe 'on GET to #edit with correct id but blank token' do
82
83
  before do
83
- get :edit, :user_id => @user.to_param, :token => ""
84
+ get :edit, :user_id => @user.to_param, :token => ''
84
85
  end
85
86
 
86
87
  it { should set_the_flash.to(/double check the URL/i).now }
87
88
  it { should render_template(:new) }
88
89
  end
89
90
 
90
- describe "on GET to #edit with correct id but no token" do
91
+ describe 'on GET to #edit with correct id but no token' do
91
92
  before do
92
93
  get :edit, :user_id => @user.to_param
93
94
  end
@@ -96,56 +97,46 @@ describe Clearance::PasswordsController do
96
97
  it { should render_template(:new) }
97
98
  end
98
99
 
99
- describe "on PUT to #update with password" do
100
+ describe 'on PUT to #update with password' do
100
101
  before do
101
- new_password = "new_password"
102
- @encrypted_new_password = @user.send(:encrypt, new_password)
103
- @user.encrypted_password.should_not == @encrypted_new_password
104
-
105
- put(:update,
106
- :user_id => @user,
107
- :token => @user.confirmation_token,
108
- :user => {
109
- :password => new_password
110
- })
102
+ @new_password = 'new_password'
103
+ @user.encrypted_password.should_not == @new_password
104
+ put :update, :user_id => @user, :token => @user.confirmation_token,
105
+ :user => { :password => @new_password }
111
106
  @user.reload
112
107
  end
113
108
 
114
- it "should update password" do
115
- @user.encrypted_password.should == @encrypted_new_password
109
+ it 'should update password' do
110
+ @user.encrypted_password.should == @new_password
116
111
  end
117
112
 
118
- it "should clear confirmation token" do
113
+ it 'should clear confirmation token' do
119
114
  @user.confirmation_token.should be_nil
120
115
  end
121
116
 
122
- it "should set remember token" do
117
+ it 'should set remember token' do
123
118
  @user.remember_token.should_not be_nil
124
119
  end
125
120
 
126
121
  it { should redirect_to_url_after_update }
127
122
  end
128
123
 
129
- describe "on PUT to #update with blank password" do
124
+ describe 'on PUT to #update with blank password' do
130
125
  before do
131
- put(:update,
132
- :user_id => @user.to_param,
133
- :token => @user.confirmation_token,
134
- :user => {
135
- :password => ''
136
- })
126
+ put :update, :user_id => @user.to_param, :token => @user.confirmation_token,
127
+ :user => { :password => '' }
137
128
  @user.reload
138
129
  end
139
130
 
140
- it "should not update password" do
141
- @user.encrypted_password.should_not == @encrypted_new_password
131
+ it 'should not update password to be blank' do
132
+ @user.encrypted_password.should_not be_blank
142
133
  end
143
134
 
144
- it "should not clear token" do
135
+ it 'should not clear token' do
145
136
  @user.confirmation_token.should_not be_nil
146
137
  end
147
138
 
148
- it "should not be signed in" do
139
+ it 'should not be signed in' do
149
140
  cookies[:remember_token].should be_nil
150
141
  end
151
142
 
@@ -154,16 +145,12 @@ describe Clearance::PasswordsController do
154
145
  it { should render_template(:edit) }
155
146
  end
156
147
 
157
- describe "on PUT to #update with an empty token after the user sets a password" do
148
+ describe 'on PUT to #update with an empty token after the user sets a password' do
158
149
  before do
159
- put :update,
160
- :user_id => @user.to_param,
161
- :token => @user.confirmation_token,
162
- :user => { :password => 'good password' }
163
- put :update,
164
- :user_id => @user.to_param,
165
- :token => [nil],
166
- :user => { :password => 'new password' }
150
+ put :update, :user_id => @user.to_param, :token => @user.confirmation_token,
151
+ :user => { :password => 'good password' }
152
+ put :update, :user_id => @user.to_param, :token => [nil],
153
+ :user => { :password => 'new password' }
167
154
  end
168
155
 
169
156
  it { should set_the_flash.to(/double check the URL/i).now }
@@ -171,7 +158,7 @@ describe Clearance::PasswordsController do
171
158
  end
172
159
  end
173
160
 
174
- describe "given two users and user one signs in" do
161
+ describe 'given two users and user one signs in' do
175
162
  before do
176
163
  @user_one = create(:user)
177
164
  @user_two = create(:user)