devise 0.9.2 → 1.0.0

data/test/integration/registerable_test.rb

@@ -0,0 +1,130 @@
+require 'test/test_helper'
+
+class RegistrationTest < ActionController::IntegrationTest
+
+  test 'a guest admin should be able to sign in successfully' do
+    visit new_admin_session_path
+    click_link 'Sign up'
+
+    assert_template 'registrations/new'
+
+    fill_in 'email', :with => 'new_user@test.com'
+    fill_in 'password', :with => 'new_user123'
+    fill_in 'password confirmation', :with => 'new_user123'
+    click_button 'Sign up'
+
+    assert_contain 'You have signed up successfully.'
+    assert warden.authenticated?(:admin)
+
+    admin = Admin.last
+    assert_equal admin.email, 'new_user@test.com'
+  end
+
+  test 'a guest user should be able to sign up successfully and be blocked by confirmation' do
+    visit new_user_registration_path
+
+    fill_in 'email', :with => 'new_user@test.com'
+    fill_in 'password', :with => 'new_user123'
+    fill_in 'password confirmation', :with => 'new_user123'
+    click_button 'Sign up'
+
+    assert_equal true, @controller.send(:flash)[:"user_signed_up"]
+    assert_equal "You have signed up successfully.", @controller.send(:flash)[:notice]
+
+    # For some reason flash is not being set correctly, so instead of getting the
+    # "signed_up" message we get the unconfirmed one. Seems to be an issue with
+    # the internal redirect by the hook and the tests.
+    # follow_redirect!
+    # assert_contain 'You have signed up successfully.'
+    # assert_not_contain 'confirm your account'
+
+    assert_not warden.authenticated?(:user)
+
+    user = User.last
+    assert_equal user.email, 'new_user@test.com'
+    assert_not user.confirmed?
+  end
+
+  test 'a guest user cannot sign up with invalid information' do
+    visit new_user_registration_path
+
+    fill_in 'email', :with => 'invalid_email'
+    fill_in 'password', :with => 'new_user123'
+    fill_in 'password confirmation', :with => 'new_user321'
+    click_button 'Sign up'
+
+    assert_template 'registrations/new'
+    assert_have_selector '#errorExplanation'
+    assert_contain "Email is invalid"
+    assert_contain "Password doesn't match confirmation"
+    assert_nil User.first
+
+    assert_not warden.authenticated?(:user)
+  end
+
+  test 'a guest should not sign up with email/password that already exists' do
+    user = create_user
+    visit new_user_registration_path
+
+    fill_in 'email', :with => 'user@test.com'
+    fill_in 'password', :with => '123456'
+    fill_in 'password confirmation', :with => '123456'
+    click_button 'Sign up'
+
+    assert_template 'registrations/new'
+    assert_contain 'Email has already been taken'
+
+    assert_not warden.authenticated?(:user)
+  end
+
+  test 'a guest should not be able to change account' do
+    visit edit_user_registration_path
+    follow_redirect!
+    assert_template 'sessions/new'
+  end
+
+  test 'a signed in user should not be able to access sign up' do
+    sign_in_as_user
+    visit new_user_registration_path
+    assert_template 'home/index'
+  end
+
+  test 'a signed in user should be able to edit his account' do
+    sign_in_as_user
+    visit edit_user_registration_path
+
+    fill_in 'email', :with => 'user.new@email.com'
+    fill_in 'current password', :with => '123456'
+    click_button 'Update'
+
+    assert_template 'home/index'
+    assert_contain 'You updated your account successfully.'
+
+    assert_equal "user.new@email.com", User.first.email
+  end
+
+  test 'a signed in user should be able to edit his password' do
+    sign_in_as_user
+    visit edit_user_registration_path
+
+    fill_in 'password', :with => 'pas123'
+    fill_in 'password confirmation', :with => 'pas123'
+    fill_in 'current password', :with => '123456'
+    click_button 'Update'
+
+    assert_template 'home/index'
+    assert_contain 'You updated your account successfully.'
+
+    assert User.first.valid_password?('pas123')
+  end
+
+  test 'a signed in user should be able to cancel his account' do
+    sign_in_as_user
+    visit edit_user_registration_path
+
+    click_link "Cancel my account"
+    assert_contain "Bye! Your account was successfully cancelled. We hope to see you again soon."
+
+    assert User.all.empty?
+  end
+end

data/test/integration/token_authenticatable_test.rb

@@ -2,7 +2,7 @@ require 'test/test_helper'
 
 class TokenAuthenticationTest < ActionController::IntegrationTest
 
-  test 'sign in user should authenticate with valid authentication token and proper authentication token key' do
+  test 'sign in should authenticate with valid authentication token and proper authentication token key' do
     swap Devise, :token_authentication_key => :secret_token do
       sign_in_as_new_user_with_token(:auth_token_key => :secret_token)
 
@@ -13,7 +13,7 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
     end
   end
 
-  test 'user signing in with valid authentication token - but improper authentication token key - return to sign in form with error message' do
+  test 'signing in with valid authentication token - but improper authentication token key - return to sign in form with error message' do
     swap Devise, :token_authentication_key => :donald_duck_token do
       sign_in_as_new_user_with_token(:auth_token_key => :secret_token)
       assert_redirected_to new_user_session_path(:unauthenticated => true)
@@ -25,7 +25,7 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
     end
   end
 
-  test 'user signing in with invalid authentication token should return to sign in form with error message' do
+  test 'signing in with invalid authentication token should return to sign in form with error message' do
     store_translations :en, :devise => {:sessions => {:invalid_token => 'LOL, that was not a single character correct.'}} do
       sign_in_as_new_user_with_token(:auth_token => '*** INVALID TOKEN ***')
       assert_redirected_to new_user_session_path(:invalid_token => true)
@@ -40,7 +40,7 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
 
   private
 
-    def sign_in_as_new_user_with_token(options = {}, &block)
+    def sign_in_as_new_user_with_token(options = {})
       options[:auth_token_key] ||= Devise.token_authentication_key
       options[:auth_token]     ||= VALID_AUTHENTICATION_TOKEN
 

data/test/mailers/confirmation_instructions_test.rb

@@ -63,6 +63,15 @@ class ConfirmationInstructionsTest < ActionMailer::TestCase
     end
   end
 
+  test 'renders a scoped if scoped_views is set in the mailer class' do
+    begin
+      DeviseMailer.scoped_views = true
+      assert_equal user.email, mail.body
+    ensure
+      DeviseMailer.send :remove_instance_variable, :@scoped_views
+    end
+  end
+
   test 'mailer sender accepts a proc' do
     swap Devise, :mailer_sender => lambda { "another@example.com" } do
       assert_equal ['another@example.com'], mail.from

data/test/mapping_test.rb

@@ -63,18 +63,22 @@ class MappingTest < ActiveSupport::TestCase
 
   test 'return default path names' do
     mapping = Devise.mappings[:user]
-    assert_equal 'sign_in', mapping.path_names[:sign_in]
-    assert_equal 'sign_out', mapping.path_names[:sign_out]
-    assert_equal 'password', mapping.path_names[:password]
+    assert_equal 'sign_in',      mapping.path_names[:sign_in]
+    assert_equal 'sign_out',     mapping.path_names[:sign_out]
+    assert_equal 'password',     mapping.path_names[:password]
     assert_equal 'confirmation', mapping.path_names[:confirmation]
+    assert_equal 'sign_up', mapping.path_names[:sign_up]
+    assert_equal 'unlock',       mapping.path_names[:unlock]
   end
 
   test 'allow custom path names to be given' do
     mapping = Devise.mappings[:manager]
-    assert_equal 'login', mapping.path_names[:sign_in]
-    assert_equal 'logout', mapping.path_names[:sign_out]
-    assert_equal 'secret', mapping.path_names[:password]
+    assert_equal 'login',        mapping.path_names[:sign_in]
+    assert_equal 'logout',       mapping.path_names[:sign_out]
+    assert_equal 'secret',       mapping.path_names[:password]
     assert_equal 'verification', mapping.path_names[:confirmation]
+    assert_equal 'register',     mapping.path_names[:sign_up]
+    assert_equal 'unblock',      mapping.path_names[:unlock]
   end
 
   test 'has an empty path as default path prefix' do
@@ -86,7 +90,7 @@ class MappingTest < ActiveSupport::TestCase
     mapping = Devise.mappings[:manager]
     assert_equal '/:locale/', mapping.path_prefix
   end
-  
+
   test 'retrieve as from the proper position' do
     assert_equal 1, Devise.mappings[:user].as_position
     assert_equal 2, Devise.mappings[:manager].as_position
@@ -96,13 +100,13 @@ class MappingTest < ActiveSupport::TestCase
     assert_equal '/users', Devise.mappings[:user].raw_path
     assert_equal '/:locale/accounts', Devise.mappings[:manager].raw_path
   end
-  
+
   test 'raw path ignores the relative_url_root' do
     swap ActionController::Base, :relative_url_root => "/abc" do
       assert_equal '/users', Devise.mappings[:user].raw_path
     end
   end
-  
+
   test 'parsed path is returned' do
     begin
       Devise.default_url_options {{ :locale => I18n.locale }}
@@ -112,7 +116,7 @@ class MappingTest < ActiveSupport::TestCase
       Devise.default_url_options {{ }}
     end
   end
-  
+
   test 'parsed path adds in the relative_url_root' do
     swap ActionController::Base, :relative_url_root => '/abc' do
       assert_equal '/abc/users', Devise.mappings[:user].parsed_path

data/test/models/authenticatable_test.rb

@@ -119,7 +119,7 @@ class AuthenticatableTest < ActiveSupport::TestCase
 
   test 'should use authentication keys to retrieve users' do
     swap Devise, :authentication_keys => [:username] do
-      user = create_user(:username => "josevalim")
+      user = create_user
       assert_nil User.authenticate(:email => user.email, :password => user.password)
       assert_not_nil User.authenticate(:username => user.username, :password => user.password)
     end
@@ -130,29 +130,51 @@ class AuthenticatableTest < ActiveSupport::TestCase
     assert_not_nil Admin.authenticate(:email => admin.email, :password => admin.password)
   end
 
-  test 'should respond to old password' do
-    assert new_user.respond_to?(:old_password)
+  test 'should respond to current password' do
+    assert new_user.respond_to?(:current_password)
   end
 
-  test 'should update password with valid old password' do
+  test 'should update password with valid current password' do
     user = create_user
-    assert user.update_with_password(:old_password => '123456',
+    assert user.update_with_password(:current_password => '123456',
       :password => 'pass321', :password_confirmation => 'pass321')
     assert user.reload.valid_password?('pass321')
   end
 
-  test 'should add an error to old password when it is invalid' do
+  test 'should add an error to current password when it is invalid' do
     user = create_user
-    assert_not user.update_with_password(:old_password => 'other',
+    assert_not user.update_with_password(:current_password => 'other',
       :password => 'pass321', :password_confirmation => 'pass321')
     assert user.reload.valid_password?('123456')
-    assert_match /invalid/, user.errors[:old_password]
+    assert_match /invalid/, user.errors[:current_password]
+  end
+
+  test 'should add an error to current password when it is blank' do
+    user = create_user
+    assert_not user.update_with_password(:password => 'pass321',
+      :password_confirmation => 'pass321')
+    assert user.reload.valid_password?('123456')
+    assert_match /blank/, user.errors[:current_password]
+  end
+
+  test 'should ignore password and its confirmation if they are blank' do
+    user = create_user
+    assert user.update_with_password(:current_password => '123456', :email => "new@email.com")
+    assert_equal "new@email.com", user.email
   end
 
   test 'should not update password with invalid confirmation' do
     user = create_user
-    assert_not user.update_with_password(:old_password => '123456',
+    assert_not user.update_with_password(:current_password => '123456',
       :password => 'pass321', :password_confirmation => 'other')
     assert user.reload.valid_password?('123456')
   end
+
+  test 'should clean up password fields on failure' do
+    user = create_user
+    assert_not user.update_with_password(:current_password => '123456',
+      :password => 'pass321', :password_confirmation => 'other')
+    assert user.password.blank?
+    assert user.password_confirmation.blank?
+  end
 end

data/test/models/lockable_test.rb

@@ -1,25 +1,25 @@
 require 'test/test_helper'
 
 class LockableTest < ActiveSupport::TestCase
-  
+
   def setup
     setup_mailer
   end
-  
+
   test "should increment failed attempts on unsuccessful authentication" do
     user = create_user
     assert_equal 0, user.failed_attempts
     authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword")
     assert_equal 1, user.reload.failed_attempts
   end
-  
+
   test "should lock account base on maximum_attempts" do
     user = create_user
     attempts = Devise.maximum_attempts + 1
     attempts.times { authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword") }
     assert user.reload.locked?
   end
-  
+
   test "should respect maximum attempts configuration" do
     user = create_user
     swap Devise, :maximum_attempts => 2 do
@@ -27,7 +27,7 @@ class LockableTest < ActiveSupport::TestCase
       assert user.reload.locked?
     end
   end
-  
+
   test "should clear failed_attempts on successfull sign in" do
     user = create_user
     User.authenticate(:email => user.email, :password => "anotherpassword")
@@ -61,8 +61,8 @@ class LockableTest < ActiveSupport::TestCase
     assert_nil user.reload.unlock_token
     assert 0, user.reload.failed_attempts
   end
-  
-  test 'should not unlcok an unlocked user' do
+
+  test 'should not unlock an unlocked user' do
     user = create_user
     assert_not user.unlock!
     assert_match /not locked/, user.errors[:email]
@@ -199,4 +199,4 @@ class LockableTest < ActiveSupport::TestCase
     assert_equal 'not locked', user.errors[:email]
   end
 
-end
+end

data/test/models_test.rb

@@ -23,7 +23,7 @@ class ActiveRecordTest < ActiveSupport::TestCase
   end
 
   test 'add modules cherry pick' do
-    assert_include_modules Admin, :authenticatable, :timeoutable
+    assert_include_modules Admin, :authenticatable, :registerable, :timeoutable
   end
 
   test 'set a default value for stretches' do

data/test/rails_app/app/active_record/admin.rb

@@ -1,5 +1,5 @@
 class Admin < ActiveRecord::Base
-  devise :authenticatable, :timeoutable
+  devise :authenticatable, :registerable, :timeoutable
 
   def self.find_for_authentication(conditions)
     last(:conditions => conditions)

data/test/rails_app/app/active_record/user.rb

@@ -1,5 +1,7 @@
 class User < ActiveRecord::Base
-  devise :authenticatable, :confirmable, :recoverable, :rememberable, :trackable,
-         :validatable, :timeoutable, :lockable, :token_authenticatable
+  devise :authenticatable, :confirmable, :lockable, :recoverable,
+         :registerable, :rememberable, :timeoutable, :token_authenticatable,
+         :trackable, :validatable
+
   attr_accessible :username, :email, :password, :password_confirmation
 end

data/test/rails_app/config/routes.rb

@@ -3,8 +3,9 @@ ActionController::Routing::Routes.draw do |map|
   map.devise_for :admin, :as => 'admin_area'
   map.devise_for :accounts, :scope => 'manager', :path_prefix => ':locale',
     :class_name => "User", :requirements => { :extra => 'value' }, :path_names => {
-      :sign_in => 'login', :sign_out => 'logout', :password => 'secret',
-      :confirmation => 'verification', :unlock => 'unblock'
+      :sign_in => 'login', :sign_out => 'logout',
+      :password => 'secret', :confirmation => 'verification',
+      :unlock => 'unblock', :sign_up => 'register'
     }
 
   map.resources :users, :only => [:index], :member => { :expire => :get }

data/test/routes_test.rb

@@ -42,6 +42,38 @@ class MapRoutingTest < ActionController::TestCase
     assert_recognizes({:controller => 'passwords', :action => 'update'}, {:path => 'users/password', :method => :put})
   end
 
+  test 'map new user unlock' do
+    assert_recognizes({:controller => 'unlocks', :action => 'new'}, 'users/unlock/new')
+  end
+
+  test 'map create user unlock' do
+    assert_recognizes({:controller => 'unlocks', :action => 'create'}, {:path => 'users/unlock', :method => :post})
+  end
+
+  test 'map show user unlock' do
+    assert_recognizes({:controller => 'unlocks', :action => 'show'}, {:path => 'users/unlock', :method => :get})
+  end
+
+  test 'map new user registration' do
+    assert_recognizes({:controller => 'registrations', :action => 'new'}, 'users/sign_up')
+  end
+
+  test 'map create user registration' do
+    assert_recognizes({:controller => 'registrations', :action => 'create'}, {:path => 'users', :method => :post})
+  end
+
+  test 'map edit user registration' do
+    assert_recognizes({:controller => 'registrations', :action => 'edit'}, {:path => 'users/edit', :method => :get})
+  end
+
+  test 'map update user registration' do
+    assert_recognizes({:controller => 'registrations', :action => 'update'}, {:path => 'users', :method => :put})
+  end
+
+  test 'map destroy user registration' do
+    assert_recognizes({:controller => 'registrations', :action => 'destroy'}, {:path => 'users', :method => :delete})
+  end
+
   test 'map admin session with :as option' do
     assert_recognizes({:controller => 'sessions', :action => 'new'}, {:path => 'admin_area/sign_in', :method => :get})
   end
@@ -72,4 +104,7 @@ class MapRoutingTest < ActionController::TestCase
     assert_recognizes({:controller => 'unlocks', :action => 'new', :locale => 'en', :extra => 'value'}, '/en/accounts/unblock/new')
   end
 
+  test 'map account with custom path name for registration' do
+    assert_recognizes({:controller => 'registrations', :action => 'new', :locale => 'en', :extra => 'value'}, '/en/accounts/register')
+  end
 end