clearance 0.9.0.rc2 → 0.9.0.rc3

data/spec/rails_root/features/sign_in.feature

@@ -0,0 +1,35 @@
+Feature: Sign in
+  In order to get access to protected sections of the site
+  A user
+  Should be able to sign in
+
+    Scenario: User is not signed up
+      Given no user exists with an email of "email@person.com"
+      When I go to the sign in page
+      And I sign in as "email@person.com/password"
+      Then I should see "Bad email or password"
+      And I should be signed out
+
+    Scenario: User is not confirmed
+      Given I signed up with "email@person.com/password"
+      When I go to the sign in page
+      And I sign in as "email@person.com/password"
+      Then I should see "User has not confirmed email"
+      And I should be signed out
+
+   Scenario: User enters wrong password
+      Given I am signed up and confirmed as "email@person.com/password"
+      When I go to the sign in page
+      And I sign in as "email@person.com/wrongpassword"
+      Then I should see "Bad email or password"
+      And I should be signed out
+
+   Scenario: User signs in successfully
+      Given I am signed up and confirmed as "email@person.com/password"
+      When I go to the sign in page
+      And I sign in as "email@person.com/password"
+      Then I should see "Signed in"
+      And I should be signed in
+      When I return next time
+      Then I should be signed in
+

data/spec/rails_root/features/sign_out.feature

@@ -0,0 +1,15 @@
+Feature: Sign out
+  To protect my account from unauthorized access
+  A signed in user
+  Should be able to sign out
+
+    Scenario: User signs out
+      Given I am signed up and confirmed as "email@person.com/password"
+      When I sign in as "email@person.com/password"
+      Then I should be signed in
+      And I sign out
+      Then I should see "Signed out"
+      And I should be signed out
+      When I return next time
+      Then I should be signed out
+

data/spec/rails_root/features/sign_up.feature

@@ -0,0 +1,45 @@
+Feature: Sign up
+  In order to get access to protected sections of the site
+  A user
+  Should be able to sign up
+
+    Scenario: User signs up with invalid data
+      When I go to the sign up page
+      And I fill in "Email" with "invalidemail"
+      And I fill in "Password" with "password"
+      And I fill in "Confirm password" with ""
+      And I press "Sign up"
+      Then I should see error messages
+
+    Scenario: User signs up with valid data
+      When I go to the sign up page
+      And I fill in "Email" with "email@person.com"
+      And I fill in "Password" with "password"
+      And I fill in "Confirm password" with "password"
+      And I press "Sign up"
+      Then I should see "instructions for confirming"
+      And a confirmation message should be sent to "email@person.com"
+
+    Scenario: User confirms his account
+      Given I signed up with "email@person.com/password"
+      When I follow the confirmation link sent to "email@person.com"
+      Then I should see "Confirmed email and signed in"
+      And I should be signed in
+
+    Scenario: Signed in user clicks confirmation link again
+      Given I signed up with "email@person.com/password"
+      When I follow the confirmation link sent to "email@person.com"
+      Then I should be signed in
+      When I follow the confirmation link sent to "email@person.com"
+      Then I should see "Confirmed email and signed in"
+      And I should be signed in
+
+    Scenario: Signed out user clicks confirmation link again
+      Given I signed up with "email@person.com/password"
+      When I follow the confirmation link sent to "email@person.com"
+      Then I should be signed in
+      When I sign out
+      And I follow the confirmation link sent to "email@person.com"
+      Then I should see "Already confirmed email. Please sign in."
+      And I should be signed out
+

data/spec/rails_root/features/step_definitions/clearance_steps.rb

@@ -0,0 +1,130 @@
+# General
+
+Then /^I should see error messages$/ do
+  Then %{I should see "errors prohibited"}
+end
+
+Then /^I should see an error message$/ do
+  Then %{I should see "error prohibited"}
+end
+
+# Database
+
+Given /^no user exists with an email of "(.*)"$/ do |email|
+  assert_nil User.find_by_email(email)
+end
+
+Given /^I signed up with "(.*)\/(.*)"$/ do |email, password|
+  user = Factory :user,
+    :email                 => email,
+    :password              => password,
+    :password_confirmation => password
+end 
+
+Given /^I am signed up and confirmed as "(.*)\/(.*)"$/ do |email, password|
+  user = Factory :email_confirmed_user,
+    :email                 => email,
+    :password              => password,
+    :password_confirmation => password
+end
+
+# Session
+
+Then /^I should be signed in$/ do
+  Given %{I am on the homepage} 
+  Then %{I should see "Sign out"} 
+end
+
+Then /^I should be signed out$/ do
+  Given %{I am on the homepage} 
+  Then %{I should see "Sign in"} 
+end
+
+When /^session is cleared$/ do
+  # TODO: This doesn't work with Capybara
+  # TODO: I tried Capybara.reset_sessions! but that didn't work
+  #request.reset_session
+  #controller.instance_variable_set(:@_current_user, nil)
+end
+
+Given /^I have signed in with "(.*)\/(.*)"$/ do |email, password|
+  Given %{I am signed up and confirmed as "#{email}/#{password}"}
+  And %{I sign in as "#{email}/#{password}"}
+end
+
+# Emails
+
+Then /^a confirmation message should be sent to "(.*)"$/ do |email|
+  user = User.find_by_email(email)
+  assert !user.confirmation_token.blank?
+  assert !ActionMailer::Base.deliveries.empty?
+  result = ActionMailer::Base.deliveries.any? do |email|
+    email.to == [user.email] &&
+    email.subject =~ /confirm/i &&
+    email.body =~ /#{user.confirmation_token}/
+  end
+  assert result
+end
+
+When /^I follow the confirmation link sent to "(.*)"$/ do |email|
+  user = User.find_by_email(email)
+  visit new_user_confirmation_path(:user_id => user,
+                                   :token   => user.confirmation_token)
+end
+
+Then /^a password reset message should be sent to "(.*)"$/ do |email|
+  user = User.find_by_email(email)
+  assert !user.confirmation_token.blank?
+  assert !ActionMailer::Base.deliveries.empty?
+  result = ActionMailer::Base.deliveries.any? do |email|
+    email.to == [user.email] &&
+    email.subject =~ /password/i &&
+    email.body =~ /#{user.confirmation_token}/
+  end
+  assert result
+end
+
+When /^I follow the password reset link sent to "(.*)"$/ do |email|
+  user = User.find_by_email(email)
+  visit edit_user_password_path(:user_id => user,
+                                :token   => user.confirmation_token)
+end
+
+When /^I try to change the password of "(.*)" without token$/ do |email|
+  user = User.find_by_email(email)
+  visit edit_user_password_path(:user_id => user)
+end
+
+Then /^I should be forbidden$/ do
+  assert_response :forbidden
+end
+
+# Actions
+
+When /^I sign in as "(.*)\/(.*)"$/ do |email, password|
+  When %{I go to the sign in page}
+  And %{I fill in "Email" with "#{email}"}
+  And %{I fill in "Password" with "#{password}"}
+  And %{I press "Sign in"}
+end
+
+When /^I sign out$/ do
+  visit '/sign_out'
+end
+
+When /^I request password reset link to be sent to "(.*)"$/ do |email|
+  When %{I go to the password reset request page}
+  And %{I fill in "Email address" with "#{email}"}
+  And %{I press "Reset password"}
+end
+
+When /^I update my password with "(.*)\/(.*)"$/ do |password, confirmation|
+  And %{I fill in "Choose password" with "#{password}"}
+  And %{I fill in "Confirm password" with "#{confirmation}"}
+  And %{I press "Save this password"}
+end
+
+When /^I return next time$/ do
+  When %{session is cleared}
+  And %{I go to the homepage}
+end

data/spec/rails_root/features/step_definitions/web_steps.rb

@@ -0,0 +1,219 @@
+# IMPORTANT: This file is generated by cucumber-rails - edit at your own peril.
+# It is recommended to regenerate this file in the future when you upgrade to a 
+# newer version of cucumber-rails. Consider adding your own code to a new file 
+# instead of editing this one. Cucumber will automatically load all features/**/*.rb
+# files.
+
+
+require 'uri'
+require 'cgi'
+require File.expand_path(File.join(File.dirname(__FILE__), "..", "support", "paths"))
+
+module WithinHelpers
+  def with_scope(locator)
+    locator ? within(locator) { yield } : yield
+  end
+end
+World(WithinHelpers)
+
+Given /^(?:|I )am on (.+)$/ do |page_name|
+  visit path_to(page_name)
+end
+
+When /^(?:|I )go to (.+)$/ do |page_name|
+  visit path_to(page_name)
+end
+
+When /^(?:|I )press "([^"]*)"(?: within "([^"]*)")?$/ do |button, selector|
+  with_scope(selector) do
+    click_button(button)
+  end
+end
+
+When /^(?:|I )follow "([^"]*)"(?: within "([^"]*)")?$/ do |link, selector|
+  with_scope(selector) do
+    click_link(link)
+  end
+end
+
+When /^(?:|I )fill in "([^"]*)" with "([^"]*)"(?: within "([^"]*)")?$/ do |field, value, selector|
+  with_scope(selector) do
+    fill_in(field, :with => value)
+  end
+end
+
+When /^(?:|I )fill in "([^"]*)" for "([^"]*)"(?: within "([^"]*)")?$/ do |value, field, selector|
+  with_scope(selector) do
+    fill_in(field, :with => value)
+  end
+end
+
+# Use this to fill in an entire form with data from a table. Example:
+#
+#   When I fill in the following:
+#     | Account Number | 5002       |
+#     | Expiry date    | 2009-11-01 |
+#     | Note           | Nice guy   |
+#     | Wants Email?   |            |
+#
+# TODO: Add support for checkbox, select og option
+# based on naming conventions.
+#
+When /^(?:|I )fill in the following(?: within "([^"]*)")?:$/ do |selector, fields|
+  with_scope(selector) do
+    fields.rows_hash.each do |name, value|
+      When %{I fill in "#{name}" with "#{value}"}
+    end
+  end
+end
+
+When /^(?:|I )select "([^"]*)" from "([^"]*)"(?: within "([^"]*)")?$/ do |value, field, selector|
+  with_scope(selector) do
+    select(value, :from => field)
+  end
+end
+
+When /^(?:|I )check "([^"]*)"(?: within "([^"]*)")?$/ do |field, selector|
+  with_scope(selector) do
+    check(field)
+  end
+end
+
+When /^(?:|I )uncheck "([^"]*)"(?: within "([^"]*)")?$/ do |field, selector|
+  with_scope(selector) do
+    uncheck(field)
+  end
+end
+
+When /^(?:|I )choose "([^"]*)"(?: within "([^"]*)")?$/ do |field, selector|
+  with_scope(selector) do
+    choose(field)
+  end
+end
+
+When /^(?:|I )attach the file "([^"]*)" to "([^"]*)"(?: within "([^"]*)")?$/ do |path, field, selector|
+  with_scope(selector) do
+    attach_file(field, path)
+  end
+end
+
+Then /^(?:|I )should see JSON:$/ do |expected_json|
+  require 'json'
+  expected = JSON.pretty_generate(JSON.parse(expected_json))
+  actual   = JSON.pretty_generate(JSON.parse(response.body))
+  expected.should == actual
+end
+
+Then /^(?:|I )should see "([^"]*)"(?: within "([^"]*)")?$/ do |text, selector|
+  with_scope(selector) do
+    if page.respond_to? :should
+      page.should have_content(text)
+    else
+      assert page.has_content?(text)
+    end
+  end
+end
+
+Then /^(?:|I )should see \/([^\/]*)\/(?: within "([^"]*)")?$/ do |regexp, selector|
+  regexp = Regexp.new(regexp)
+  with_scope(selector) do
+    if page.respond_to? :should
+      page.should have_xpath('//*', :text => regexp)
+    else
+      assert page.has_xpath?('//*', :text => regexp)
+    end
+  end
+end
+
+Then /^(?:|I )should not see "([^"]*)"(?: within "([^"]*)")?$/ do |text, selector|
+  with_scope(selector) do
+    if page.respond_to? :should
+      page.should have_no_content(text)
+    else
+      assert page.has_no_content?(text)
+    end
+  end
+end
+
+Then /^(?:|I )should not see \/([^\/]*)\/(?: within "([^"]*)")?$/ do |regexp, selector|
+  regexp = Regexp.new(regexp)
+  with_scope(selector) do
+    if page.respond_to? :should
+      page.should have_no_xpath('//*', :text => regexp)
+    else
+      assert page.has_no_xpath?('//*', :text => regexp)
+    end
+  end
+end
+
+Then /^the "([^"]*)" field(?: within "([^"]*)")? should contain "([^"]*)"$/ do |field, selector, value|
+  with_scope(selector) do
+    field = find_field(field)
+    field_value = (field.tag_name == 'textarea') ? field.text : field.value
+    if field_value.respond_to? :should
+      field_value.should =~ /#{value}/
+    else
+      assert_match(/#{value}/, field_value)
+    end
+  end
+end
+
+Then /^the "([^"]*)" field(?: within "([^"]*)")? should not contain "([^"]*)"$/ do |field, selector, value|
+  with_scope(selector) do
+    field = find_field(field)
+    field_value = (field.tag_name == 'textarea') ? field.text : field.value
+    if field_value.respond_to? :should_not
+      field_value.should_not =~ /#{value}/
+    else
+      assert_no_match(/#{value}/, field_value)
+    end
+  end
+end
+
+Then /^the "([^"]*)" checkbox(?: within "([^"]*)")? should be checked$/ do |label, selector|
+  with_scope(selector) do
+    field_checked = find_field(label)['checked']
+    if field_checked.respond_to? :should
+      field_checked.should be_true
+    else
+      assert field_checked
+    end
+  end
+end
+
+Then /^the "([^"]*)" checkbox(?: within "([^"]*)")? should not be checked$/ do |label, selector|
+  with_scope(selector) do
+    field_checked = find_field(label)['checked']
+    if field_checked.respond_to? :should
+      field_checked.should be_false
+    else
+      assert !field_checked
+    end
+  end
+end
+ 
+Then /^(?:|I )should be on (.+)$/ do |page_name|
+  current_path = URI.parse(current_url).path
+  if current_path.respond_to? :should
+    current_path.should == path_to(page_name)
+  else
+    assert_equal path_to(page_name), current_path
+  end
+end
+
+Then /^(?:|I )should have the following query string:$/ do |expected_pairs|
+  query = URI.parse(current_url).query
+  actual_params = query ? CGI.parse(query) : {}
+  expected_params = {}
+  expected_pairs.rows_hash.each_pair{|k,v| expected_params[k] = v.split(',')} 
+  
+  if actual_params.respond_to? :should
+    actual_params.should == expected_params
+  else
+    assert_equal expected_params, actual_params
+  end
+end
+
+Then /^show me the page$/ do
+  save_and_open_page
+end