devise 1.0.11 → 1.1.pre

data/test/integration/token_authenticatable_test.rb

@@ -16,8 +16,7 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
   test 'signing in with valid authentication token - but improper authentication token key - return to sign in form with error message' do
     swap Devise, :token_authentication_key => :donald_duck_token do
       sign_in_as_new_user_with_token(:auth_token_key => :secret_token)
-      assert_redirected_to new_user_session_path(:unauthenticated => true)
-      follow_redirect!
+      assert_current_path new_user_session_path(:unauthenticated => true)
 
       assert_contain 'You need to sign in or sign up before continuing'
       assert_contain 'Sign in'
@@ -28,8 +27,7 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
   test 'signing in with invalid authentication token should return to sign in form with error message' do
     store_translations :en, :devise => {:sessions => {:invalid_token => 'LOL, that was not a single character correct.'}} do
       sign_in_as_new_user_with_token(:auth_token => '*** INVALID TOKEN ***')
-      assert_redirected_to new_user_session_path(:invalid_token => true)
-      follow_redirect!
+      assert_current_path new_user_session_path(:invalid_token => true)
 
       assert_response :success
       assert_contain 'LOL, that was not a single character correct.'

data/test/integration/trackable_test.rb

@@ -39,7 +39,7 @@ class TrackableHooksTest < ActionController::IntegrationTest
 
   test "increase sign in count" do
     user = create_user
-    assert_equal 0, user.sign_in_count
+    assert_nil user.sign_in_count
 
     sign_in_as_user
     user.reload

data/test/mailers/confirmation_instructions_test.rb

@@ -59,22 +59,16 @@ class ConfirmationInstructionsTest < ActionMailer::TestCase
 
   test 'renders a scoped if scoped_views is set to true' do
     swap Devise, :scoped_views => true do
-      assert_equal user.email, mail.body
-    end
-  end
-
-  test 'content type should be set to plain when manually configured' do
-    swap Devise, :mailer_content_type => "text/plain" do
-      assert_equal "text/plain", mail.content_type
+      assert_equal user.email, mail.body.decoded
     end
   end
 
   test 'renders a scoped if scoped_views is set in the mailer class' do
     begin
-      DeviseMailer.scoped_views = true
-      assert_equal user.email, mail.body
+      Devise::Mailer.scoped_views = true
+      assert_equal user.email, mail.body.decoded
     ensure
-      DeviseMailer.send :remove_instance_variable, :@scoped_views
+      Devise::Mailer.send :remove_instance_variable, :@scoped_views
     end
   end
 

data/test/mailers/unlock_instructions_test.rb

@@ -10,7 +10,7 @@ class UnlockInstructionsTest < ActionMailer::TestCase
   def user
     @user ||= begin
       user = create_user
-      user.lock_access!
+      user.lock!
       user
     end
   end

data/test/mapping_test.rb

@@ -39,17 +39,22 @@ class MappingTest < ActiveSupport::TestCase
     assert_equal Devise.mappings[:admin], Devise::Mapping.find_by_path("/admin_area/session")
   end
 
+  test 'find mapping by class' do
+    assert_nil Devise::Mapping.find_by_class(String)
+    assert_equal Devise.mappings[:user], Devise::Mapping.find_by_class(User)
+  end
+
+  test 'find mapping by class works with single table inheritance' do
+    klass = Class.new(User)
+    assert_equal Devise.mappings[:user], Devise::Mapping.find_by_class(klass)
+  end
+
   test 'find scope for a given object' do
     assert_equal :user, Devise::Mapping.find_scope!(User)
     assert_equal :user, Devise::Mapping.find_scope!(:user)
     assert_equal :user, Devise::Mapping.find_scope!(User.new)
   end
 
-  test 'find scope works with single table inheritance' do
-    assert_equal :user, Devise::Mapping.find_scope!(Class.new(User))
-    assert_equal :user, Devise::Mapping.find_scope!(Class.new(User).new)
-  end
-
   test 'find scope raises an error if cannot be found' do
     assert_raise RuntimeError do
       Devise::Mapping.find_scope!(String)
@@ -62,7 +67,7 @@ class MappingTest < ActiveSupport::TestCase
     assert_equal 'sign_out',     mapping.path_names[:sign_out]
     assert_equal 'password',     mapping.path_names[:password]
     assert_equal 'confirmation', mapping.path_names[:confirmation]
-    assert_equal 'sign_up', mapping.path_names[:sign_up]
+    assert_equal 'sign_up',      mapping.path_names[:sign_up]
     assert_equal 'unlock',       mapping.path_names[:unlock]
   end
 
@@ -124,30 +129,13 @@ class MappingTest < ActiveSupport::TestCase
     end
   end
 
-  test 'should have default route options' do
-    assert_equal({}, Devise.mappings[:user].route_options)
-  end
-
-  test 'should allow passing route options to devise routes' do
-    assert_equal({ :requirements => { :extra => 'value' } }, Devise.mappings[:manager].route_options)
-  end
-
-  test 'sign_out_via defaults to :get' do
-    assert_equal :get, Devise.mappings[:user].sign_out_via
-  end
-
-  test 'allows custom sign_out_via to be given' do
-    assert_equal :delete, Devise.mappings[:sign_out_via_delete].sign_out_via
-    assert_equal :post,   Devise.mappings[:sign_out_via_post].sign_out_via
-    assert_equal :any,    Devise.mappings[:sign_out_via_anymethod].sign_out_via
-  end
-
   test 'magic predicates' do
     mapping = Devise.mappings[:user]
     assert mapping.authenticatable?
     assert mapping.confirmable?
     assert mapping.recoverable?
     assert mapping.rememberable?
+    assert mapping.registerable?
 
     mapping = Devise.mappings[:admin]
     assert mapping.authenticatable?

data/test/models/authenticatable_test.rb

@@ -100,7 +100,7 @@ class AuthenticatableTest < ActiveSupport::TestCase
 
   test 'should authenticate a valid user with email and password and return it' do
     user = create_user
-    User.any_instance.stubs(:confirmed?).returns(true)
+    user.confirm!
     authenticated_user = User.authenticate(:email => user.email, :password => user.password)
     assert_equal authenticated_user, user
   end
@@ -146,7 +146,7 @@ class AuthenticatableTest < ActiveSupport::TestCase
     assert_not user.update_with_password(:current_password => 'other',
       :password => 'pass321', :password_confirmation => 'pass321')
     assert user.reload.valid_password?('123456')
-    assert_match /invalid/, user.errors[:current_password]
+    assert_match "is invalid", user.errors[:current_password].join
   end
 
   test 'should add an error to current password when it is blank' do
@@ -154,7 +154,7 @@ class AuthenticatableTest < ActiveSupport::TestCase
     assert_not user.update_with_password(:password => 'pass321',
       :password_confirmation => 'pass321')
     assert user.reload.valid_password?('123456')
-    assert_match /blank/, user.errors[:current_password]
+    assert_match "can't be blank", user.errors[:current_password].join
   end
 
   test 'should ignore password and its confirmation if they are blank' do

data/test/models/confirmable_test.rb

@@ -11,6 +11,15 @@ class ConfirmableTest < ActiveSupport::TestCase
     assert_not_nil create_user.confirmation_token
   end
 
+  test 'should regenerate confirmation token each time' do
+    user = create_user
+    3.times do
+      token = user.confirmation_token
+      user.resend_confirmation!
+      assert_not_equal token, user.confirmation_token
+    end
+  end
+
   test 'should never generate the same confirmation token for different users' do
     confirmation_tokens = []
     3.times do
@@ -45,38 +54,38 @@ class ConfirmableTest < ActiveSupport::TestCase
   test 'should not confirm a user already confirmed' do
     user = create_user
     assert user.confirm!
-    assert_nil user.errors[:email]
+    assert_blank user.errors[:email]
 
     assert_not user.confirm!
-    assert_match /already confirmed/, user.errors[:email]
+    assert_equal "was already confirmed", user.errors[:email].join
   end
 
   test 'should find and confirm an user automatically' do
     user = create_user
-    confirmed_user = User.confirm_by_token(user.confirmation_token)
+    confirmed_user = User.confirm!(:confirmation_token => user.confirmation_token)
     assert_equal confirmed_user, user
     assert user.reload.confirmed?
   end
 
   test 'should return a new record with errors when a invalid token is given' do
-    confirmed_user = User.confirm_by_token('invalid_confirmation_token')
+    confirmed_user = User.confirm!(:confirmation_token => 'invalid_confirmation_token')
     assert confirmed_user.new_record?
-    assert_match /invalid/, confirmed_user.errors[:confirmation_token]
+    assert_equal "is invalid", confirmed_user.errors[:confirmation_token].join
   end
 
   test 'should return a new record with errors when a blank token is given' do
-    confirmed_user = User.confirm_by_token('')
+    confirmed_user = User.confirm!(:confirmation_token => '')
     assert confirmed_user.new_record?
-    assert_match /blank/, confirmed_user.errors[:confirmation_token]
+    assert_equal "can't be blank", confirmed_user.errors[:confirmation_token].join
   end
 
   test 'should generate errors for a user email if user is already confirmed' do
     user = create_user
     user.confirmed_at = Time.now
     user.save
-    confirmed_user = User.confirm_by_token(user.confirmation_token)
+    confirmed_user = User.confirm!(:confirmation_token => user.confirmation_token)
     assert confirmed_user.confirmed?
-    assert confirmed_user.errors[:email]
+    assert_equal "was already confirmed", confirmed_user.errors[:email].join
   end
 
   test 'should authenticate a confirmed user' do
@@ -125,7 +134,14 @@ class ConfirmableTest < ActiveSupport::TestCase
   test 'should add error to new user email if no email was found' do
     confirmation_user = User.send_confirmation_instructions(:email => "invalid@email.com")
     assert confirmation_user.errors[:email]
-    assert_equal 'not found', confirmation_user.errors[:email]
+    assert_equal "not found", confirmation_user.errors[:email].join
+  end
+
+  test 'should generate a confirmation token before send the confirmation instructions email' do
+    user = create_user
+    token = user.confirmation_token
+    confirmation_user = User.send_confirmation_instructions(:email => user.email)
+    assert_not_equal token, user.reload.confirmation_token
   end
 
   test 'should send email instructions for the user confirm it\'s email' do
@@ -134,14 +150,6 @@ class ConfirmableTest < ActiveSupport::TestCase
       User.send_confirmation_instructions(:email => user.email)
     end
   end
-  
-  test 'should always have confirmation token when email is sent' do
-    user = new_user
-    user.instance_eval { def confirmation_required?; false end }
-    user.save
-    user.send_confirmation_instructions
-    assert_not_nil user.reload.confirmation_token
-  end
 
   test 'should not resend email instructions if the user change his email' do
     user = create_user
@@ -165,9 +173,9 @@ class ConfirmableTest < ActiveSupport::TestCase
   test 'should not be able to send instructions if the user is already confirmed' do
     user = create_user
     user.confirm!
-    assert_not user.resend_confirmation_token
+    assert_not user.resend_confirmation!
     assert user.confirmed?
-    assert_equal 'already confirmed', user.errors[:email]
+    assert_equal 'was already confirmed', user.errors[:email].join
   end
 
   test 'confirm time should fallback to devise confirm in default configuration' do
@@ -208,7 +216,7 @@ class ConfirmableTest < ActiveSupport::TestCase
     Devise.confirm_within = 0.days
     user = create_user
     user.confirmation_sent_at = Date.today
-    assert_not user.reload.active?
+    assert_not user.active?
   end
 
   test 'should not be active without confirmation' do
@@ -217,12 +225,4 @@ class ConfirmableTest < ActiveSupport::TestCase
     user.save
     assert_not user.reload.active?
   end
-  
-  test 'should be active without confirmation when confirmation is not required' do
-    user = create_user
-    user.instance_eval { def confirmation_required?; false end }
-    user.confirmation_sent_at = nil
-    user.save
-    assert user.reload.active?
-  end
 end

data/test/models/http_authenticatable_test.rb

@@ -0,0 +1,19 @@
+require 'test/test_helper'
+
+class HttpAuthenticatableTest < ActiveSupport::TestCase
+  test 'should authenticate a valid user with email and password and return it' do
+    user = create_user
+    user.confirm!
+
+    authenticated_user = User.authenticate_with_http(user.email, user.password)
+    assert_equal authenticated_user, user
+  end
+
+  test 'should return nil when authenticating an invalid user by email' do
+    user = create_user
+    user.confirm!
+
+    authenticated_user = User.authenticate_with_http('another.email@email.com', user.password)
+    assert_nil authenticated_user
+  end
+end

data/test/models/lockable_test.rb

@@ -9,6 +9,7 @@ class LockableTest < ActiveSupport::TestCase
   test "should increment failed attempts on unsuccessful authentication" do
     user = create_user
     assert_equal 0, user.failed_attempts
+
     authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword")
     assert_equal 1, user.reload.failed_attempts
   end
@@ -17,14 +18,14 @@ class LockableTest < ActiveSupport::TestCase
     user = create_user
     attempts = Devise.maximum_attempts + 1
     attempts.times { authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword") }
-    assert user.reload.access_locked?
+    assert user.reload.locked?
   end
 
   test "should respect maximum attempts configuration" do
     user = create_user
     swap Devise, :maximum_attempts => 2 do
       3.times { authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword") }
-      assert user.reload.access_locked?
+      assert user.reload.locked?
     end
   end
 
@@ -36,50 +37,41 @@ class LockableTest < ActiveSupport::TestCase
     assert_equal 0, user.reload.failed_attempts
   end
 
-  test "should verify whether a user is locked or not" do
+  test "should verify wheter a user is locked or not" do
     user = create_user
-    assert_not user.access_locked?
-    user.lock_access!
-    assert user.access_locked?
+    assert_not user.locked?
+    user.lock!
+    assert user.locked?
   end
 
   test "active? should be the opposite of locked?" do
     user = create_user
     user.confirm!
     assert user.active?
-    user.lock_access!
+    user.lock!
     assert_not user.active?
   end
 
   test "should unlock an user by cleaning locked_at, falied_attempts and unlock_token" do
     user = create_user
-    user.lock_access!
+    user.lock!
     assert_not_nil user.reload.locked_at
     assert_not_nil user.reload.unlock_token
 
-    user.unlock_access!
+    user.unlock!
     assert_nil user.reload.locked_at
     assert_nil user.reload.unlock_token
     assert 0, user.reload.failed_attempts
   end
 
-  test "should not lock a locked account" do
-    user = create_user
-    user.lock_access!
-    assert_no_difference "ActionMailer::Base.deliveries.size" do
-      user.lock_access!
-    end
-  end
-
   test 'should not unlock an unlocked user' do
     user = create_user
-
-    assert_not user.unlock_access!
-    assert_match /not locked/, user.errors[:email]
+    assert_not user.unlock!
+    assert_match "was not locked", user.errors[:email].join
   end
 
   test "new user should not be locked and should have zero failed_attempts" do
-    assert_not new_user.access_locked?
+    assert_not new_user.locked?
     assert_equal 0, create_user.failed_attempts
   end
 
@@ -87,10 +79,10 @@ class LockableTest < ActiveSupport::TestCase
     swap Devise, :unlock_in => 3.hours do
       user = new_user
       user.locked_at = 2.hours.ago
-      assert user.access_locked?
+      assert user.locked?
 
       Devise.unlock_in = 1.hour
-      assert_not user.access_locked?
+      assert_not user.locked?
     end
   end
 
@@ -98,22 +90,32 @@ class LockableTest < ActiveSupport::TestCase
     swap Devise, :unlock_strategy => :email do
       user = new_user
       user.locked_at = 2.hours.ago
-      assert user.access_locked?
+      assert user.locked?
     end
   end
 
   test "should set unlock_token when locking" do
     user = create_user
     assert_nil user.unlock_token
-    user.lock_access!
+    user.lock!
     assert_not_nil user.unlock_token
   end
 
+  test 'should not regenerate unlock token if it already exists' do
+    user = create_user
+    user.lock!
+    3.times do
+      token = user.unlock_token
+      user.resend_unlock!
+      assert_equal token, user.unlock_token
+    end
+  end
+
   test "should never generate the same unlock token for different users" do
     unlock_tokens = []
     3.times do
       user = create_user
-      user.lock_access!
+      user.lock!
       token = user.unlock_token
       assert !unlock_tokens.include?(token)
       unlock_tokens << token
@@ -123,7 +125,7 @@ class LockableTest < ActiveSupport::TestCase
   test "should not generate unlock_token when :email is not an unlock strategy" do
     swap Devise, :unlock_strategy => :time do
       user = create_user
-      user.lock_access!
+      user.lock!
       assert_nil user.unlock_token
     end
   end
@@ -132,7 +134,7 @@ class LockableTest < ActiveSupport::TestCase
     swap Devise, :unlock_strategy => :email do
       user = create_user
       assert_email_sent do
-        user.lock_access!
+        user.lock!
       end
     end
   end
@@ -141,42 +143,42 @@ class LockableTest < ActiveSupport::TestCase
     swap Devise, :unlock_strategy => :time do
       user = create_user
       assert_email_not_sent do
-        user.lock_access!
+        user.lock!
       end
     end
   end
 
   test 'should find and unlock an user automatically' do
     user = create_user
-    user.lock_access!
-    locked_user = User.unlock_access_by_token(user.unlock_token)
+    user.lock!
+    locked_user = User.unlock!(:unlock_token => user.unlock_token)
     assert_equal locked_user, user
-    assert_not user.reload.access_locked?
+    assert_not user.reload.locked?
   end
 
   test 'should return a new record with errors when a invalid token is given' do
-    locked_user = User.unlock_access_by_token('invalid_token')
+    locked_user = User.unlock!(:unlock_token => 'invalid_token')
     assert locked_user.new_record?
-    assert_match /invalid/, locked_user.errors[:unlock_token]
+    assert_equal "is invalid", locked_user.errors[:unlock_token].join
   end
 
   test 'should return a new record with errors when a blank token is given' do
-    locked_user = User.unlock_access_by_token('')
+    locked_user = User.unlock!(:unlock_token => '')
     assert locked_user.new_record?
-    assert_match /blank/, locked_user.errors[:unlock_token]
+    assert_equal "can't be blank", locked_user.errors[:unlock_token].join
   end
 
   test 'should authenticate a unlocked user' do
     user = create_user
-    user.lock_access!
-    user.unlock_access!
+    user.lock!
+    user.unlock!
     authenticated_user = User.authenticate(:email => user.email, :password => user.password)
     assert_equal authenticated_user, user
   end
 
   test 'should find a user to send unlock instructions' do
     user = create_user
-    user.lock_access!
+    user.lock!
     unlock_user = User.send_unlock_instructions(:email => user.email)
     assert_equal unlock_user, user
   end
@@ -188,15 +190,14 @@ class LockableTest < ActiveSupport::TestCase
 
   test 'should add error to new user email if no email was found' do
     unlock_user = User.send_unlock_instructions(:email => "invalid@email.com")
-    assert unlock_user.errors[:email]
-    assert_equal 'not found', unlock_user.errors[:email]
+    assert_equal 'not found', unlock_user.errors[:email].join
   end
 
   test 'should not be able to send instructions if the user is not locked' do
     user = create_user
-    assert_not user.resend_unlock_token
-    assert_not user.access_locked?
-    assert_equal 'not locked', user.errors[:email]
+    assert_not user.resend_unlock!
+    assert_not user.locked?
+    assert_equal 'was not locked', user.errors[:email].join
   end
 
 end