cloudfoundry-devise 1.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +12 -0
- data/.travis.yml +13 -0
- data/CHANGELOG.rdoc +755 -0
- data/Gemfile +35 -0
- data/MIT-LICENSE +20 -0
- data/README.rdoc +366 -0
- data/Rakefile +34 -0
- data/app/controllers/devise/confirmations_controller.rb +46 -0
- data/app/controllers/devise/omniauth_callbacks_controller.rb +26 -0
- data/app/controllers/devise/passwords_controller.rb +50 -0
- data/app/controllers/devise/registrations_controller.rb +114 -0
- data/app/controllers/devise/sessions_controller.rb +49 -0
- data/app/controllers/devise/unlocks_controller.rb +34 -0
- data/app/helpers/devise_helper.rb +25 -0
- data/app/mailers/devise/mailer.rb +15 -0
- data/app/views/devise/confirmations/new.html.erb +12 -0
- data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/devise/passwords/edit.html.erb +16 -0
- data/app/views/devise/passwords/new.html.erb +12 -0
- data/app/views/devise/registrations/edit.html.erb +25 -0
- data/app/views/devise/registrations/new.html.erb +18 -0
- data/app/views/devise/sessions/new.html.erb +17 -0
- data/app/views/devise/shared/_links.erb +25 -0
- data/app/views/devise/unlocks/new.html.erb +12 -0
- data/cloudfoundry-devise.gemspec +25 -0
- data/config/locales/en.yml +59 -0
- data/lib/devise.rb +453 -0
- data/lib/devise/controllers/helpers.rb +260 -0
- data/lib/devise/controllers/internal_helpers.rb +161 -0
- data/lib/devise/controllers/rememberable.rb +52 -0
- data/lib/devise/controllers/scoped_views.rb +33 -0
- data/lib/devise/controllers/shared_helpers.rb +26 -0
- data/lib/devise/controllers/url_helpers.rb +53 -0
- data/lib/devise/delegator.rb +16 -0
- data/lib/devise/encryptors/authlogic_sha512.rb +19 -0
- data/lib/devise/encryptors/base.rb +20 -0
- data/lib/devise/encryptors/clearance_sha1.rb +17 -0
- data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
- data/lib/devise/encryptors/sha1.rb +25 -0
- data/lib/devise/encryptors/sha512.rb +25 -0
- data/lib/devise/failure_app.rb +149 -0
- data/lib/devise/hooks/activatable.rb +11 -0
- data/lib/devise/hooks/forgetable.rb +9 -0
- data/lib/devise/hooks/rememberable.rb +6 -0
- data/lib/devise/hooks/timeoutable.rb +24 -0
- data/lib/devise/hooks/trackable.rb +9 -0
- data/lib/devise/mailers/helpers.rb +86 -0
- data/lib/devise/mapping.rb +175 -0
- data/lib/devise/models.rb +91 -0
- data/lib/devise/models/authenticatable.rb +181 -0
- data/lib/devise/models/confirmable.rb +220 -0
- data/lib/devise/models/database_authenticatable.rb +122 -0
- data/lib/devise/models/encryptable.rb +72 -0
- data/lib/devise/models/lockable.rb +169 -0
- data/lib/devise/models/omniauthable.rb +23 -0
- data/lib/devise/models/recoverable.rb +136 -0
- data/lib/devise/models/registerable.rb +21 -0
- data/lib/devise/models/rememberable.rb +114 -0
- data/lib/devise/models/serializable.rb +43 -0
- data/lib/devise/models/timeoutable.rb +45 -0
- data/lib/devise/models/token_authenticatable.rb +72 -0
- data/lib/devise/models/trackable.rb +30 -0
- data/lib/devise/models/validatable.rb +62 -0
- data/lib/devise/modules.rb +30 -0
- data/lib/devise/omniauth.rb +28 -0
- data/lib/devise/omniauth/config.rb +45 -0
- data/lib/devise/omniauth/url_helpers.rb +33 -0
- data/lib/devise/orm/active_record.rb +44 -0
- data/lib/devise/orm/mongoid.rb +31 -0
- data/lib/devise/param_filter.rb +41 -0
- data/lib/devise/path_checker.rb +18 -0
- data/lib/devise/rails.rb +73 -0
- data/lib/devise/rails/routes.rb +385 -0
- data/lib/devise/rails/warden_compat.rb +120 -0
- data/lib/devise/schema.rb +109 -0
- data/lib/devise/strategies/authenticatable.rb +155 -0
- data/lib/devise/strategies/base.rb +15 -0
- data/lib/devise/strategies/database_authenticatable.rb +21 -0
- data/lib/devise/strategies/rememberable.rb +53 -0
- data/lib/devise/strategies/token_authenticatable.rb +57 -0
- data/lib/devise/test_helpers.rb +90 -0
- data/lib/devise/version.rb +3 -0
- data/lib/generators/active_record/devise_generator.rb +71 -0
- data/lib/generators/active_record/templates/migration.rb +29 -0
- data/lib/generators/active_record/templates/migration_existing.rb +26 -0
- data/lib/generators/devise/devise_generator.rb +22 -0
- data/lib/generators/devise/install_generator.rb +24 -0
- data/lib/generators/devise/orm_helpers.rb +31 -0
- data/lib/generators/devise/views_generator.rb +98 -0
- data/lib/generators/mongoid/devise_generator.rb +60 -0
- data/lib/generators/templates/README +32 -0
- data/lib/generators/templates/devise.rb +215 -0
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
- data/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +15 -0
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +19 -0
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +15 -0
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +22 -0
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +17 -0
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +15 -0
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +15 -0
- data/test/controllers/helpers_test.rb +254 -0
- data/test/controllers/internal_helpers_test.rb +96 -0
- data/test/controllers/sessions_controller_test.rb +16 -0
- data/test/controllers/url_helpers_test.rb +59 -0
- data/test/delegator_test.rb +19 -0
- data/test/devise_test.rb +72 -0
- data/test/encryptors_test.rb +30 -0
- data/test/failure_app_test.rb +207 -0
- data/test/generators/active_record_generator_test.rb +47 -0
- data/test/generators/devise_generator_test.rb +39 -0
- data/test/generators/install_generator_test.rb +13 -0
- data/test/generators/mongoid_generator_test.rb +23 -0
- data/test/generators/views_generator_test.rb +52 -0
- data/test/helpers/devise_helper_test.rb +51 -0
- data/test/indifferent_hash.rb +33 -0
- data/test/integration/authenticatable_test.rb +590 -0
- data/test/integration/confirmable_test.rb +262 -0
- data/test/integration/database_authenticatable_test.rb +82 -0
- data/test/integration/http_authenticatable_test.rb +82 -0
- data/test/integration/lockable_test.rb +212 -0
- data/test/integration/omniauthable_test.rb +133 -0
- data/test/integration/recoverable_test.rb +287 -0
- data/test/integration/registerable_test.rb +335 -0
- data/test/integration/rememberable_test.rb +158 -0
- data/test/integration/timeoutable_test.rb +98 -0
- data/test/integration/token_authenticatable_test.rb +148 -0
- data/test/integration/trackable_test.rb +92 -0
- data/test/mailers/confirmation_instructions_test.rb +95 -0
- data/test/mailers/reset_password_instructions_test.rb +83 -0
- data/test/mailers/unlock_instructions_test.rb +77 -0
- data/test/mapping_test.rb +128 -0
- data/test/models/confirmable_test.rb +334 -0
- data/test/models/database_authenticatable_test.rb +167 -0
- data/test/models/encryptable_test.rb +67 -0
- data/test/models/lockable_test.rb +225 -0
- data/test/models/recoverable_test.rb +198 -0
- data/test/models/rememberable_test.rb +168 -0
- data/test/models/serializable_test.rb +38 -0
- data/test/models/timeoutable_test.rb +42 -0
- data/test/models/token_authenticatable_test.rb +49 -0
- data/test/models/trackable_test.rb +5 -0
- data/test/models/validatable_test.rb +113 -0
- data/test/models_test.rb +109 -0
- data/test/omniauth/config_test.rb +57 -0
- data/test/omniauth/url_helpers_test.rb +58 -0
- data/test/orm/active_record.rb +9 -0
- data/test/orm/mongoid.rb +14 -0
- data/test/rails_app/Rakefile +10 -0
- data/test/rails_app/app/active_record/admin.rb +6 -0
- data/test/rails_app/app/active_record/shim.rb +2 -0
- data/test/rails_app/app/active_record/user.rb +6 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +6 -0
- data/test/rails_app/app/controllers/admins_controller.rb +6 -0
- data/test/rails_app/app/controllers/application_controller.rb +8 -0
- data/test/rails_app/app/controllers/home_controller.rb +25 -0
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +14 -0
- data/test/rails_app/app/controllers/users_controller.rb +23 -0
- data/test/rails_app/app/helpers/application_helper.rb +3 -0
- data/test/rails_app/app/mailers/users/mailer.rb +3 -0
- data/test/rails_app/app/mongoid/admin.rb +24 -0
- data/test/rails_app/app/mongoid/shim.rb +24 -0
- data/test/rails_app/app/mongoid/user.rb +45 -0
- data/test/rails_app/app/views/admins/index.html.erb +1 -0
- data/test/rails_app/app/views/admins/sessions/new.html.erb +2 -0
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -0
- data/test/rails_app/app/views/home/index.html.erb +1 -0
- data/test/rails_app/app/views/home/join.html.erb +1 -0
- data/test/rails_app/app/views/home/private.html.erb +1 -0
- data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -0
- data/test/rails_app/app/views/layouts/application.html.erb +24 -0
- data/test/rails_app/app/views/users/index.html.erb +1 -0
- data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +1 -0
- data/test/rails_app/app/views/users/sessions/new.html.erb +1 -0
- data/test/rails_app/config.ru +4 -0
- data/test/rails_app/config/application.rb +41 -0
- data/test/rails_app/config/boot.rb +8 -0
- data/test/rails_app/config/database.yml +18 -0
- data/test/rails_app/config/environment.rb +5 -0
- data/test/rails_app/config/environments/development.rb +18 -0
- data/test/rails_app/config/environments/production.rb +33 -0
- data/test/rails_app/config/environments/test.rb +33 -0
- data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
- data/test/rails_app/config/initializers/devise.rb +197 -0
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/secret_token.rb +2 -0
- data/test/rails_app/config/routes.rb +87 -0
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +71 -0
- data/test/rails_app/db/schema.rb +52 -0
- data/test/rails_app/lib/shared_admin.rb +10 -0
- data/test/rails_app/lib/shared_user.rb +26 -0
- data/test/rails_app/public/404.html +26 -0
- data/test/rails_app/public/422.html +26 -0
- data/test/rails_app/public/500.html +26 -0
- data/test/rails_app/public/favicon.ico +0 -0
- data/test/rails_app/script/rails +10 -0
- data/test/routes_test.rb +240 -0
- data/test/support/assertions.rb +27 -0
- data/test/support/helpers.rb +109 -0
- data/test/support/integration.rb +88 -0
- data/test/support/locale/en.yml +4 -0
- data/test/support/webrat/integrations/rails.rb +24 -0
- data/test/test_helper.rb +27 -0
- data/test/test_helpers_test.rb +134 -0
- metadata +295 -0
|
@@ -0,0 +1,167 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
require 'digest/sha1'
|
|
3
|
+
|
|
4
|
+
class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
5
|
+
test 'should downcase case insensitive keys when saving' do
|
|
6
|
+
# case_insensitive_keys is set to :email by default.
|
|
7
|
+
email = 'Foo@Bar.com'
|
|
8
|
+
user = new_user(:email => email)
|
|
9
|
+
|
|
10
|
+
assert_equal email, user.email
|
|
11
|
+
user.save!
|
|
12
|
+
assert_equal email.downcase, user.email
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
test 'should remove whitespace from strip whitespace keys when saving' do
|
|
16
|
+
# strip_whitespace_keys is set to :email by default.
|
|
17
|
+
email = ' foo@bar.com '
|
|
18
|
+
user = new_user(:email => email)
|
|
19
|
+
|
|
20
|
+
assert_equal email, user.email
|
|
21
|
+
user.save!
|
|
22
|
+
assert_equal email.strip, user.email
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
test "param filter should not convert booleans and integer to strings" do
|
|
26
|
+
conditions = { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => (1..10) }
|
|
27
|
+
conditions = Devise::ParamFilter.new([], []).filter(conditions)
|
|
28
|
+
assert_equal( { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => "1..10" }, conditions)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
test 'should respond to password and password confirmation' do
|
|
32
|
+
user = new_user
|
|
33
|
+
assert user.respond_to?(:password)
|
|
34
|
+
assert user.respond_to?(:password_confirmation)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
test 'should generate encrypted password while setting password' do
|
|
38
|
+
user = new_user
|
|
39
|
+
assert_present user.encrypted_password
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
test 'allow authenticatable_salt to work even with nil encrypted password' do
|
|
43
|
+
user = User.new
|
|
44
|
+
user.encrypted_password = nil
|
|
45
|
+
assert_nil user.authenticatable_salt
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
test 'should not generate encrypted password if password is blank' do
|
|
49
|
+
assert_blank new_user(:password => nil).encrypted_password
|
|
50
|
+
assert_blank new_user(:password => '').encrypted_password
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
test 'should encrypt password again if password has changed' do
|
|
54
|
+
user = create_user
|
|
55
|
+
encrypted_password = user.encrypted_password
|
|
56
|
+
user.password = user.password_confirmation = 'new_password'
|
|
57
|
+
user.save!
|
|
58
|
+
assert_not_equal encrypted_password, user.encrypted_password
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
test 'should test for a valid password' do
|
|
62
|
+
user = create_user
|
|
63
|
+
assert user.valid_password?('123456')
|
|
64
|
+
assert_not user.valid_password?('654321')
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
test 'should not raise error with an empty password' do
|
|
68
|
+
user = create_user
|
|
69
|
+
user.encrypted_password = ''
|
|
70
|
+
assert_nothing_raised { user.valid_password?('123456') }
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
test 'should be an invalid password if the user has an empty password' do
|
|
74
|
+
user = create_user
|
|
75
|
+
user.encrypted_password = ''
|
|
76
|
+
assert_not user.valid_password?('654321')
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
test 'should respond to current password' do
|
|
80
|
+
assert new_user.respond_to?(:current_password)
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
test 'should update password with valid current password' do
|
|
84
|
+
user = create_user
|
|
85
|
+
assert user.update_with_password(:current_password => '123456',
|
|
86
|
+
:password => 'pass321', :password_confirmation => 'pass321')
|
|
87
|
+
assert user.reload.valid_password?('pass321')
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
test 'should update password with valid current password and :as option' do
|
|
91
|
+
user = create_user
|
|
92
|
+
assert user.update_with_password(:current_password => '123456',
|
|
93
|
+
:password => 'pass321', :password_confirmation => 'pass321', :as => :admin)
|
|
94
|
+
assert user.reload.valid_password?('pass321')
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
test 'should add an error to current password when it is invalid' do
|
|
98
|
+
user = create_user
|
|
99
|
+
assert_not user.update_with_password(:current_password => 'other',
|
|
100
|
+
:password => 'pass321', :password_confirmation => 'pass321')
|
|
101
|
+
assert user.reload.valid_password?('123456')
|
|
102
|
+
assert_match "is invalid", user.errors[:current_password].join
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
test 'should add an error to current password when it is blank' do
|
|
106
|
+
user = create_user
|
|
107
|
+
assert_not user.update_with_password(:password => 'pass321',
|
|
108
|
+
:password_confirmation => 'pass321')
|
|
109
|
+
assert user.reload.valid_password?('123456')
|
|
110
|
+
assert_match "can't be blank", user.errors[:current_password].join
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
test 'should run validations even when current password is invalid or blank' do
|
|
114
|
+
user = UserWithValidation.create!(valid_attributes)
|
|
115
|
+
user.save
|
|
116
|
+
assert user.persisted?
|
|
117
|
+
assert_not user.update_with_password(:username => "")
|
|
118
|
+
assert_match "usertest", user.reload.username
|
|
119
|
+
assert_match "can't be blank", user.errors[:username].join
|
|
120
|
+
end
|
|
121
|
+
|
|
122
|
+
test 'should ignore password and its confirmation if they are blank' do
|
|
123
|
+
user = create_user
|
|
124
|
+
assert user.update_with_password(:current_password => '123456', :email => "new@example.com")
|
|
125
|
+
assert_equal "new@example.com", user.email
|
|
126
|
+
end
|
|
127
|
+
|
|
128
|
+
test 'should not update password with invalid confirmation' do
|
|
129
|
+
user = create_user
|
|
130
|
+
assert_not user.update_with_password(:current_password => '123456',
|
|
131
|
+
:password => 'pass321', :password_confirmation => 'other')
|
|
132
|
+
assert user.reload.valid_password?('123456')
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
test 'should clean up password fields on failure' do
|
|
136
|
+
user = create_user
|
|
137
|
+
assert_not user.update_with_password(:current_password => '123456',
|
|
138
|
+
:password => 'pass321', :password_confirmation => 'other')
|
|
139
|
+
assert user.password.blank?
|
|
140
|
+
assert user.password_confirmation.blank?
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
test 'should update the user without password' do
|
|
144
|
+
user = create_user
|
|
145
|
+
user.update_without_password(:email => 'new@example.com')
|
|
146
|
+
assert_equal 'new@example.com', user.email
|
|
147
|
+
end
|
|
148
|
+
|
|
149
|
+
test 'should update the user without password with :as option' do
|
|
150
|
+
user = create_user
|
|
151
|
+
user.update_without_password(:email => 'new@example.com', :as => :admin)
|
|
152
|
+
assert_equal 'new@example.com', user.email
|
|
153
|
+
end
|
|
154
|
+
|
|
155
|
+
test 'should not update password without password' do
|
|
156
|
+
user = create_user
|
|
157
|
+
user.update_without_password(:password => 'pass321', :password_confirmation => 'pass321')
|
|
158
|
+
assert !user.reload.valid_password?('pass321')
|
|
159
|
+
assert user.valid_password?('123456')
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
test 'downcase_keys with validation' do
|
|
163
|
+
user = User.create(:email => "HEllO@example.com", :password => "123456")
|
|
164
|
+
user = User.create(:email => "HEllO@example.com", :password => "123456")
|
|
165
|
+
assert !user.valid?
|
|
166
|
+
end
|
|
167
|
+
end
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
class EncryptableTest < ActiveSupport::TestCase
|
|
4
|
+
def encrypt_password(admin, pepper=Admin.pepper, stretches=Admin.stretches, encryptor=Admin.encryptor_class)
|
|
5
|
+
encryptor.digest('123456', stretches, admin.password_salt, pepper)
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def swap_with_encryptor(klass, encryptor, options={})
|
|
9
|
+
klass.instance_variable_set(:@encryptor_class, nil)
|
|
10
|
+
|
|
11
|
+
swap klass, options.merge(:encryptor => encryptor) do
|
|
12
|
+
begin
|
|
13
|
+
yield
|
|
14
|
+
ensure
|
|
15
|
+
klass.instance_variable_set(:@encryptor_class, nil)
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
test 'should generate salt while setting password' do
|
|
21
|
+
assert_present create_admin.password_salt
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
test 'should not change password salt when updating' do
|
|
25
|
+
admin = create_admin
|
|
26
|
+
salt = admin.password_salt
|
|
27
|
+
admin.expects(:password_salt=).never
|
|
28
|
+
admin.save!
|
|
29
|
+
assert_equal salt, admin.password_salt
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
test 'should generate a base64 hash using SecureRandom for password salt' do
|
|
33
|
+
swap_with_encryptor Admin, :sha1 do
|
|
34
|
+
SecureRandom.expects(:base64).with(15).returns('01lI')
|
|
35
|
+
salt = create_admin.password_salt
|
|
36
|
+
assert_not_equal '01lI', salt
|
|
37
|
+
assert_equal 4, salt.size
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
test 'should not generate salt if password is blank' do
|
|
42
|
+
assert_blank create_admin(:password => nil).password_salt
|
|
43
|
+
assert_blank create_admin(:password => '').password_salt
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
test 'should encrypt password again if password has changed' do
|
|
47
|
+
admin = create_admin
|
|
48
|
+
encrypted_password = admin.encrypted_password
|
|
49
|
+
admin.password = admin.password_confirmation = 'new_password'
|
|
50
|
+
admin.save!
|
|
51
|
+
assert_not_equal encrypted_password, admin.encrypted_password
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
test 'should respect encryptor configuration' do
|
|
55
|
+
swap_with_encryptor Admin, :sha512 do
|
|
56
|
+
admin = create_admin
|
|
57
|
+
assert_equal admin.encrypted_password, encrypt_password(admin, Admin.pepper, Admin.stretches, ::Devise::Encryptors::Sha512)
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
test 'should not validate password when salt is nil' do
|
|
62
|
+
admin = create_admin
|
|
63
|
+
admin.password_salt = nil
|
|
64
|
+
admin.save
|
|
65
|
+
assert_not admin.valid_password?('123456')
|
|
66
|
+
end
|
|
67
|
+
end
|
|
@@ -0,0 +1,225 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
class LockableTest < ActiveSupport::TestCase
|
|
4
|
+
def setup
|
|
5
|
+
setup_mailer
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
test "should respect maximum attempts configuration" do
|
|
9
|
+
user = create_user
|
|
10
|
+
user.confirm!
|
|
11
|
+
swap Devise, :maximum_attempts => 2 do
|
|
12
|
+
3.times { user.valid_for_authentication?{ false } }
|
|
13
|
+
assert user.reload.access_locked?
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
test "should clear failed_attempts on successfull validation" do
|
|
18
|
+
user = create_user
|
|
19
|
+
user.confirm!
|
|
20
|
+
user.valid_for_authentication?{ false }
|
|
21
|
+
assert_equal 1, user.reload.failed_attempts
|
|
22
|
+
user.valid_for_authentication?{ true }
|
|
23
|
+
assert_equal 0, user.reload.failed_attempts
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
test "should not touch failed_attempts if lock_strategy is none" do
|
|
27
|
+
user = create_user
|
|
28
|
+
user.confirm!
|
|
29
|
+
swap Devise, :lock_strategy => :none, :maximum_attempts => 2 do
|
|
30
|
+
3.times { user.valid_for_authentication?{ false } }
|
|
31
|
+
assert !user.access_locked?
|
|
32
|
+
assert_equal 0, user.failed_attempts
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
test 'should be valid for authentication with a unlocked user' do
|
|
37
|
+
user = create_user
|
|
38
|
+
user.lock_access!
|
|
39
|
+
user.unlock_access!
|
|
40
|
+
assert user.valid_for_authentication?{ true }
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
test "should verify whether a user is locked or not" do
|
|
44
|
+
user = create_user
|
|
45
|
+
assert_not user.access_locked?
|
|
46
|
+
user.lock_access!
|
|
47
|
+
assert user.access_locked?
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
test "active_for_authentication? should be the opposite of locked?" do
|
|
51
|
+
user = create_user
|
|
52
|
+
user.confirm!
|
|
53
|
+
assert user.active_for_authentication?
|
|
54
|
+
user.lock_access!
|
|
55
|
+
assert_not user.active_for_authentication?
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
test "should unlock a user by cleaning locked_at, falied_attempts and unlock_token" do
|
|
59
|
+
user = create_user
|
|
60
|
+
user.lock_access!
|
|
61
|
+
assert_not_nil user.reload.locked_at
|
|
62
|
+
assert_not_nil user.reload.unlock_token
|
|
63
|
+
|
|
64
|
+
user.unlock_access!
|
|
65
|
+
assert_nil user.reload.locked_at
|
|
66
|
+
assert_nil user.reload.unlock_token
|
|
67
|
+
assert_equal 0, user.reload.failed_attempts
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
test "new user should not be locked and should have zero failed_attempts" do
|
|
71
|
+
assert_not new_user.access_locked?
|
|
72
|
+
assert_equal 0, create_user.failed_attempts
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
test "should unlock user after unlock_in period" do
|
|
76
|
+
swap Devise, :unlock_in => 3.hours do
|
|
77
|
+
user = new_user
|
|
78
|
+
user.locked_at = 2.hours.ago
|
|
79
|
+
assert user.access_locked?
|
|
80
|
+
|
|
81
|
+
Devise.unlock_in = 1.hour
|
|
82
|
+
assert_not user.access_locked?
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
test "should not unlock in 'unlock_in' if :time unlock strategy is not set" do
|
|
87
|
+
swap Devise, :unlock_strategy => :email do
|
|
88
|
+
user = new_user
|
|
89
|
+
user.locked_at = 2.hours.ago
|
|
90
|
+
assert user.access_locked?
|
|
91
|
+
end
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
test "should set unlock_token when locking" do
|
|
95
|
+
user = create_user
|
|
96
|
+
assert_nil user.unlock_token
|
|
97
|
+
user.lock_access!
|
|
98
|
+
assert_not_nil user.unlock_token
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
test "should never generate the same unlock token for different users" do
|
|
102
|
+
unlock_tokens = []
|
|
103
|
+
3.times do
|
|
104
|
+
user = create_user
|
|
105
|
+
user.lock_access!
|
|
106
|
+
token = user.unlock_token
|
|
107
|
+
assert !unlock_tokens.include?(token)
|
|
108
|
+
unlock_tokens << token
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
test "should not generate unlock_token when :email is not an unlock strategy" do
|
|
113
|
+
swap Devise, :unlock_strategy => :time do
|
|
114
|
+
user = create_user
|
|
115
|
+
user.lock_access!
|
|
116
|
+
assert_nil user.unlock_token
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
test "should send email with unlock instructions when :email is an unlock strategy" do
|
|
121
|
+
swap Devise, :unlock_strategy => :email do
|
|
122
|
+
user = create_user
|
|
123
|
+
assert_email_sent do
|
|
124
|
+
user.lock_access!
|
|
125
|
+
end
|
|
126
|
+
end
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
test "should not send email with unlock instructions when :email is not an unlock strategy" do
|
|
130
|
+
swap Devise, :unlock_strategy => :time do
|
|
131
|
+
user = create_user
|
|
132
|
+
assert_email_not_sent do
|
|
133
|
+
user.lock_access!
|
|
134
|
+
end
|
|
135
|
+
end
|
|
136
|
+
end
|
|
137
|
+
|
|
138
|
+
test 'should find and unlock a user automatically' do
|
|
139
|
+
user = create_user
|
|
140
|
+
user.lock_access!
|
|
141
|
+
locked_user = User.unlock_access_by_token(user.unlock_token)
|
|
142
|
+
assert_equal locked_user, user
|
|
143
|
+
assert_not user.reload.access_locked?
|
|
144
|
+
end
|
|
145
|
+
|
|
146
|
+
test 'should return a new record with errors when a invalid token is given' do
|
|
147
|
+
locked_user = User.unlock_access_by_token('invalid_token')
|
|
148
|
+
assert_not locked_user.persisted?
|
|
149
|
+
assert_equal "is invalid", locked_user.errors[:unlock_token].join
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
test 'should return a new record with errors when a blank token is given' do
|
|
153
|
+
locked_user = User.unlock_access_by_token('')
|
|
154
|
+
assert_not locked_user.persisted?
|
|
155
|
+
assert_equal "can't be blank", locked_user.errors[:unlock_token].join
|
|
156
|
+
end
|
|
157
|
+
|
|
158
|
+
test 'should find a user to send unlock instructions' do
|
|
159
|
+
user = create_user
|
|
160
|
+
user.lock_access!
|
|
161
|
+
unlock_user = User.send_unlock_instructions(:email => user.email)
|
|
162
|
+
assert_equal unlock_user, user
|
|
163
|
+
end
|
|
164
|
+
|
|
165
|
+
test 'should return a new user if no email was found' do
|
|
166
|
+
unlock_user = User.send_unlock_instructions(:email => "invalid@example.com")
|
|
167
|
+
assert_not unlock_user.persisted?
|
|
168
|
+
end
|
|
169
|
+
|
|
170
|
+
test 'should add error to new user email if no email was found' do
|
|
171
|
+
unlock_user = User.send_unlock_instructions(:email => "invalid@example.com")
|
|
172
|
+
assert_equal 'not found', unlock_user.errors[:email].join
|
|
173
|
+
end
|
|
174
|
+
|
|
175
|
+
test 'should find a user to send unlock instructions by authentication_keys' do
|
|
176
|
+
swap Devise, :authentication_keys => [:username, :email] do
|
|
177
|
+
user = create_user
|
|
178
|
+
unlock_user = User.send_unlock_instructions(:email => user.email, :username => user.username)
|
|
179
|
+
assert_equal unlock_user, user
|
|
180
|
+
end
|
|
181
|
+
end
|
|
182
|
+
|
|
183
|
+
test 'should require all unlock_keys' do
|
|
184
|
+
swap Devise, :unlock_keys => [:username, :email] do
|
|
185
|
+
user = create_user
|
|
186
|
+
unlock_user = User.send_unlock_instructions(:email => user.email)
|
|
187
|
+
assert_not unlock_user.persisted?
|
|
188
|
+
assert_equal "can't be blank", unlock_user.errors[:username].join
|
|
189
|
+
end
|
|
190
|
+
end
|
|
191
|
+
|
|
192
|
+
test 'should not be able to send instructions if the user is not locked' do
|
|
193
|
+
user = create_user
|
|
194
|
+
assert_not user.resend_unlock_token
|
|
195
|
+
assert_not user.access_locked?
|
|
196
|
+
assert_equal 'was not locked', user.errors[:email].join
|
|
197
|
+
end
|
|
198
|
+
|
|
199
|
+
test 'should unlock account if lock has expired and increase attempts on failure' do
|
|
200
|
+
swap Devise, :unlock_in => 1.minute do
|
|
201
|
+
user = create_user
|
|
202
|
+
user.confirm!
|
|
203
|
+
|
|
204
|
+
user.failed_attempts = 2
|
|
205
|
+
user.locked_at = 2.minutes.ago
|
|
206
|
+
|
|
207
|
+
user.valid_for_authentication? { false }
|
|
208
|
+
assert_equal 1, user.failed_attempts
|
|
209
|
+
end
|
|
210
|
+
end
|
|
211
|
+
|
|
212
|
+
test 'should unlock account if lock has expired on success' do
|
|
213
|
+
swap Devise, :unlock_in => 1.minute do
|
|
214
|
+
user = create_user
|
|
215
|
+
user.confirm!
|
|
216
|
+
|
|
217
|
+
user.failed_attempts = 2
|
|
218
|
+
user.locked_at = 2.minutes.ago
|
|
219
|
+
|
|
220
|
+
user.valid_for_authentication? { true }
|
|
221
|
+
assert_equal 0, user.failed_attempts
|
|
222
|
+
assert_nil user.locked_at
|
|
223
|
+
end
|
|
224
|
+
end
|
|
225
|
+
end
|