clearance 0.10.3.2 → 0.10.4

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format progress

data/CHANGELOG.md

@@ -1,3 +1,12 @@
+0.10.4
+------------------
+
+* Formtastic views generator removed.
+* Emails forced to be downcased (particularly for iPhone user case). (Adam Conrad)
+* Suite converted from test/unit to RSpec. (Joe Ferris)
+* Password reset requires a password. (Joel Meador)
+* Use HTML5 email fields.
+
 0.10.3.2
 ------------------
 

data/Gemfile

@@ -5,17 +5,13 @@ gem "rake"
 gem "rails", ">= 3.0.3"
 gem "thin"
 gem "shoulda"
-gem "sqlite3-ruby"
+gem "sqlite3"
 gem "factory_girl"
 gem "diesel"
 gem "cucumber-rails"
 gem "capybara"
 gem "factory_girl_rails"
 gem "rspec-rails"
-gem "formtastic"
-gem "database_cleaner"
 gem "dynamic_form"
 gem "launchy"
-gem "redgreen"
 gem "mocha"
-

data/Gemfile.lock

@@ -57,7 +57,6 @@ GEM
       cucumber (>= 0.8.0)
     culerity (0.2.14)
     daemons (1.1.0)
-    database_cleaner (0.6.0)
     diesel (0.1.4)
       railties (~> 3.0.3)
     diff-lcs (1.1.2)
@@ -71,10 +70,6 @@ GEM
       railties (>= 3.0.0)
     ffi (0.6.3)
       rake (>= 0.8.7)
-    formtastic (1.2.3)
-      actionpack (>= 2.3.7)
-      activesupport (>= 2.3.7)
-      i18n (~> 0.4)
     gherkin (2.3.3)
       json (~> 1.4.6)
     i18n (0.5.0)
@@ -112,7 +107,6 @@ GEM
       rake (>= 0.8.7)
       thor (~> 0.14.4)
     rake (0.8.7)
-    redgreen (1.2.2)
     rspec (2.3.0)
       rspec-core (~> 2.3.0)
       rspec-expectations (~> 2.3.0)
@@ -133,7 +127,7 @@ GEM
       json_pure
       rubyzip
     shoulda (2.11.3)
-    sqlite3-ruby (1.3.2)
+    sqlite3 (1.3.3)
     term-ansicolor (1.0.5)
     thin (1.2.7)
       daemons (>= 1.0.9)
@@ -154,18 +148,15 @@ DEPENDENCIES
   capybara
   cucumber
   cucumber-rails
-  database_cleaner
   diesel
   dynamic_form
   factory_girl
   factory_girl_rails
-  formtastic
   launchy
   mocha
   rails (>= 3.0.3)
   rake
-  redgreen
   rspec-rails
   shoulda
-  sqlite3-ruby
+  sqlite3
   thin

data/README.md

@@ -73,13 +73,17 @@ See config/routes.rb for all the routes Clearance provides.
 Actions that redirect (create, update, and destroy) in Clearance controllers
 can be overridden by re-defining url_after_(action) methods as seen above.
 
+Clearance is an engine, so it provides views for you. If you want to customize those views, there is a handy shortcut to copy the views into your app:
+
+    rails generate clearance:views
+
 Optional Cucumber features
 --------------------------
 
 As your app evolves, you want to know that authentication still works. If you
 use [Cucumber](http://cukes.info), run the Clearance features generator:
 
-    rails generate clearance_features
+    rails generate clearance:features
 
 Edit your Gemfile to include:
 
@@ -93,13 +97,6 @@ Then run your tests!
 
     rake
 
-Optional Formtastic views
--------------------------
-
-Clearance can also generate [Formtastic](http://github.com/justinfrench/formtastic) views:
-
-    rails generate clearance_views
-
 Extensions
 ----------
 

data/Rakefile

@@ -6,12 +6,10 @@ require 'rake'
 require 'rake/gempackagetask'
 require 'cucumber/rake/task'
 require 'diesel/tasks'
+require 'rspec/core/rake_task'
 
-Rake::TestTask.new do |task|
-  task.libs << "lib"
-  task.libs << "test"
-  task.pattern = "test/*/*_test.rb"
-  task.verbose = false
+RSpec::Core::RakeTask.new do |t|
+  t.pattern = 'spec/**/*_spec.rb'
 end
 
 Cucumber::Rake::Task.new(:cucumber) do |t|
@@ -19,6 +17,6 @@ Cucumber::Rake::Task.new(:cucumber) do |t|
   t.cucumber_opts = ['--format', (ENV['CUCUMBER_FORMAT'] || 'progress')]
 end
 
-desc "Default: run the unit tests and cucumber features"
-task :default => [:test, :cucumber]
+desc "Default: run the specs and cucumber features"
+task :default => [:spec, :cucumber]
 

data/VERSION

@@ -1 +1 @@
-0.10.3.2
+0.10.4

data/app/views/passwords/new.html.erb

@@ -7,7 +7,7 @@
 <%= form_for :password, :url => passwords_path do |form| %>
   <div class="text_field">
     <%= form.label :email, "Email address" %>
-    <%= form.text_field :email %>
+    <%= form.text_field :email, :type => "email" %>
   </div>
   <div class="submit_field">
     <%= form.submit "Reset password" %>

data/app/views/sessions/new.html.erb

@@ -3,7 +3,7 @@
 <%= form_for :session, :url => session_path do |form| %>
   <div class="text_field">
     <%= form.label :email %>
-    <%= form.text_field :email %>
+    <%= form.text_field :email, :type => "email" %>
   </div>
   <div class="text_field">
     <%= form.label :password %>

data/app/views/users/_form.html.erb

@@ -1,7 +1,7 @@
 <%= form.error_messages %>
 <div class="text_field">
   <%= form.label :email %>
-  <%= form.text_field :email %>
+  <%= form.text_field :email, :type => "email" %>
 </div>
 <div class="password_field">
   <%= form.label :password %>

data/features/engine/visitor_resets_password.feature

@@ -15,6 +15,17 @@ Feature: Password reset
     Then I should see "instructions for changing your password"
     And a password reset message should be sent to "email@example.com"
 
+  Scenario: User is signed up updated his password and tries blank password and confirmation
+    Given I signed up with "email@example.com/password"
+    And I go to the password reset request page
+    Then I should see an email field
+    And I fill in "Email address" with "email@example.com"
+    And I press "Reset password"
+    When I follow the password reset link sent to "email@example.com"
+    And I update my password with "/"
+    Then I should see an error message
+    And I should be signed out
+
   Scenario: User is signed up updated his password and types wrong confirmation
     Given I signed up with "email@example.com/password"
     And I go to the password reset request page

data/features/engine/visitor_signs_in.feature

@@ -21,8 +21,18 @@ Feature: Sign in
  Scenario: Visitor signs in successfully
     Given I am signed up as "email@person.com/password"
     When I go to the sign in page
+    Then I should see an email field
     And I sign in as "email@person.com/password"
     Then I should see "Signed in"
     And I should be signed in
     When I return next time
     Then I should be signed in
+
+ Scenario: Visitor signs in successfully with uppercase email
+    Given I am signed up as "email@person.com/password"
+    When I go to the sign in page
+    And I sign in as "Email@person.com/password"
+    Then I should see "Signed in"
+    And I should be signed in
+    When I return next time
+    Then I should be signed in

data/features/engine/visitor_signs_up.feature

@@ -4,17 +4,19 @@ Feature: Sign up
   As a visitor
   I want to sign up
 
-  Scenario: Visitor signs up with invalid data
+  Background:
     When I go to the sign up page
-    And I fill in "Email" with "invalidemail"
+    Then I should see an email field
+
+  Scenario: Visitor signs up with invalid data
+    When I fill in "Email" with "invalidemail"
     And I fill in "Password" with "password"
     And I fill in "Confirm password" with ""
     And I press "Sign up"
     Then I should see error messages
 
   Scenario: Visitor signs up with valid data
-    When I go to the sign up page
-    And I fill in "Email" with "email@person.com"
+    When I fill in "Email" with "email@person.com"
     And I fill in "Password" with "password"
     And I fill in "Confirm password" with "password"
     And I press "Sign up"

data/features/integration.feature

@@ -11,9 +11,9 @@ Feature: integrate with application
     And I add the "cucumber-rails" gem
     And I add the "capybara" gem
     And I add the "rspec-rails" gem
-    And I add the "formtastic" gem
     And I add the "factory_girl_rails" gem
     And I add the "dynamic_form" gem
+    And I add the "database_cleaner" gem
     And I add the "clearance" gem from this project
     And I add the "diesel" gem
     And I run "bundle install --local"

data/features/step_definitions/engine/clearance_steps.rb

@@ -8,6 +8,14 @@ Then /^I should see an error message$/ do
   Then %{I should see "error prohibited"}
 end
 
+Then /^I should see an email field$/ do
+  if page.respond_to?(:should)
+    page.should have_css("input[type='email']")
+  else
+    assert page.has_css("input[type='email']")
+  end
+end
+
 # Database
 
 Given /^no user exists with an email of "(.*)"$/ do |email|

data/lib/clearance/shoulda_macros.rb

@@ -65,7 +65,9 @@ module Clearance
   end
 end
 
-class Test::Unit::TestCase
-  include Clearance::Shoulda::Helpers
+if defined?(Test::Unit::TestCase)
+  class Test::Unit::TestCase
+    include Clearance::Shoulda::Helpers
+  end
+  Test::Unit::TestCase.extend(Clearance::Shoulda)
 end
-Test::Unit::TestCase.extend(Clearance::Shoulda)

data/lib/clearance/user.rb

@@ -35,6 +35,8 @@ module Clearance
       def self.included(model)
         model.class_eval do
           attr_accessor :password, :password_confirmation
+          private
+          attr_accessor :password_changing
         end
       end
     end
@@ -64,6 +66,7 @@ module Clearance
       # salt, token, password encryption are handled before_save.
       def self.included(model)
         model.class_eval do
+          before_validation :downcase_email
           before_save   :initialize_salt,
                         :encrypt_password
           before_create :generate_remember_token
@@ -115,6 +118,7 @@ module Clearance
       # @example
       #   user.update_password('new-password', 'new-password')
       def update_password(new_password, new_password_confirmation)
+        self.password_changing     = true
         self.password              = new_password
         self.password_confirmation = new_password_confirmation
         if valid?
@@ -162,17 +166,21 @@ module Clearance
       end
 
       # True if the password has been set and the password is not being
-      # updated. Override to allow other forms of # authentication (username,
-      # facebook, etc).
+      # updated and we are not updating the password. Override to allow
+      # other forms of authentication (username, facebook, etc).
       # @return [Boolean] true if the password field can be left blank for this user
       def password_optional?
-        encrypted_password.present? && password.blank?
+        encrypted_password.present? && password.blank? && password_changing.blank?
       end
 
       def password_required?
         # warn "[DEPRECATION] password_required?: use !password_optional? instead"
         !password_optional?
       end
+
+      def downcase_email
+        self.email = email.to_s.downcase
+      end
     end
 
     module ClassMethods
@@ -183,7 +191,7 @@ module Clearance
       # @example
       #   User.authenticate("email@example.com", "password")
       def authenticate(email, password)
-        return nil  unless user = find_by_email(email)
+        return nil  unless user = find_by_email(email.to_s.downcase)
         return user if     user.authenticated?(password)
       end
     end

data/lib/generators/clearance/install/install_generator.rb

@@ -20,9 +20,9 @@ module Clearance
         end
 
         if File.exists?("spec")
-          template "test/factories.rb", "spec/factories/clearance.rb"
+          template "spec/factories.rb", "spec/factories/clearance.rb"
         else
-          template "test/factories.rb", "test/factories/clearance.rb"
+          template "spec/factories.rb", "test/factories/clearance.rb"
         end
 
         readme "README"

data/spec/controllers/passwords_controller_spec.rb

@@ -0,0 +1,177 @@
+require 'spec_helper'
+
+describe Clearance::PasswordsController do
+
+  include Shoulda::ActionMailer::Matchers
+
+  it { should route(:get, '/users/1/password/edit').
+                to(:controller => 'clearance/passwords', :action  => 'edit', :user_id => '1') }
+
+  describe "a signed up user" do
+    before do
+      @user = Factory(:user)
+    end
+
+    describe "on GET to #new" do
+      before { get :new, :user_id => @user.to_param }
+
+      it { should respond_with(:success) }
+      it { should render_template(:new) }
+    end
+
+    describe "on POST to #create" do
+      describe "with correct email address" do
+        before do
+          ActionMailer::Base.deliveries.clear
+          post :create, :password => { :email => @user.email }
+        end
+
+        it "should generate a token for the change your password email" do
+          @user.reload.confirmation_token.should_not be_nil
+        end
+
+        it { should have_sent_email.with_subject(/change your password/i) }
+
+        it { should set_the_flash.to(/password/i) }
+        it { should redirect_to_url_after_create }
+      end
+
+      describe "with incorrect email address" do
+        before do
+          email = "user1@example.com"
+          (::User.exists?(['email = ?', email])).should_not be
+          ActionMailer::Base.deliveries.clear
+          @user.reload.confirmation_token.should == @user.confirmation_token
+
+          post :create, :password => { :email => email }
+        end
+
+        it "should not generate a token for the change your password email" do
+          @user.reload.confirmation_token.should == @user.confirmation_token
+        end
+
+        it "should not send a password reminder email" do
+          ActionMailer::Base.deliveries.should be_empty
+        end
+
+        it "should set the failure flash to Unknown email" do
+          flash.now[:failure].should =~ /unknown email/i
+        end
+
+        it { should render_template(:new) }
+      end
+    end
+  end
+
+  describe "a signed up user and forgotten password" do
+    before do
+      @user = Factory(:user)
+      @user.forgot_password!
+    end
+
+    describe "on GET to #edit with correct id and token" do
+      before do
+        get :edit, :user_id => @user.to_param,
+                   :token   => @user.confirmation_token
+      end
+
+      it "should find the user" do
+        assigns(:user).should == @user
+      end
+
+      it { should respond_with(:success) }
+      it { should render_template(:edit) }
+    end
+
+    describe "on GET to #edit with correct id but blank token" do
+      before do
+        get :edit, :user_id => @user.to_param, :token => ""
+      end
+
+      it { should set_the_flash.to(/double check the URL/i) }
+      it { should render_template(:new) }
+    end
+
+    describe "on GET to #edit with correct id but no token" do
+      before do
+        get :edit, :user_id => @user.to_param
+      end
+
+      it { should set_the_flash.to(/double check the URL/i) }
+      it { should render_template(:new) }
+    end
+
+    describe "on PUT to #update with matching password and password confirmation" do
+      before do
+        new_password = "new_password"
+        @encrypted_new_password = @user.send(:encrypt, new_password)
+        @user.encrypted_password.should_not == @encrypted_new_password
+
+        put(:update,
+            :user_id  => @user,
+            :token    => @user.confirmation_token,
+            :user     => {
+              :password              => new_password,
+              :password_confirmation => new_password
+            })
+        @user.reload
+      end
+
+      it "should update password" do
+        @user.encrypted_password.should == @encrypted_new_password
+      end
+
+      it "should clear confirmation token" do
+        @user.confirmation_token.should be_nil
+      end
+
+      it "should set remember token" do
+        @user.remember_token.should_not be_nil
+      end
+
+      it { should set_the_flash.to(/signed in/i) }
+      it { should redirect_to_url_after_update }
+    end
+
+    describe "on PUT to #update with password but blank password confirmation" do
+      before do
+        new_password = "new_password"
+        @encrypted_new_password = @user.send(:encrypt, new_password)
+
+        put(:update,
+            :user_id => @user.to_param,
+            :token   => @user.confirmation_token,
+            :user    => {
+              :password => new_password,
+              :password_confirmation => ''
+            })
+        @user.reload
+      end
+
+      it "should not update password" do
+        @user.encrypted_password.should_not == @encrypted_new_password
+      end
+
+      it "should not clear token" do
+        @user.confirmation_token.should_not be_nil
+      end
+
+      it "should not be signed in" do
+        cookies[:remember_token].should be_nil
+      end
+
+      it { should_not set_the_flash }
+      it { should respond_with(:success) }
+      it { should render_template(:edit) }
+    end
+  end
+
+  describe "given two users and user one signs in" do
+    before do
+      @user_one = Factory(:user)
+      @user_two = Factory(:user)
+      sign_in_as @user_one
+    end
+  end
+
+end