devise 1.1.pre4 → 1.1.rc0

data/test/models/{authenticatable_test.rb → database_authenticatable_test.rb}

@@ -1,7 +1,7 @@
-require 'test/test_helper'
+require 'test_helper'
 require 'digest/sha1'
 
-class AuthenticatableTest < ActiveSupport::TestCase
+class DatabaseAuthenticatableTest < ActiveSupport::TestCase
 
   def encrypt_password(user, pepper=User.pepper, stretches=User.stretches, encryptor=::Devise::Encryptors::Sha1)
     encryptor.digest('123456', stretches, user.password_salt, pepper)
@@ -98,38 +98,6 @@ class AuthenticatableTest < ActiveSupport::TestCase
     assert_not user.valid_password?('654321')
   end
 
-  test 'should authenticate a valid user with email and password and return it' do
-    user = create_user
-    user.confirm!
-    authenticated_user = User.authenticate(:email => user.email, :password => user.password)
-    assert_equal authenticated_user, user
-  end
-
-  test 'should return nil when authenticating an invalid user by email' do
-    user = create_user
-    authenticated_user = User.authenticate(:email => 'another.email@email.com', :password => user.password)
-    assert_nil authenticated_user
-  end
-
-  test 'should return nil when authenticating an invalid user by password' do
-    user = create_user
-    authenticated_user = User.authenticate(:email => user.email, :password => 'another_password')
-    assert_nil authenticated_user
-  end
-
-  test 'should use authentication keys to retrieve users' do
-    swap Devise, :authentication_keys => [:username] do
-      user = create_user
-      assert_nil User.authenticate(:email => user.email, :password => user.password)
-      assert_not_nil User.authenticate(:username => user.username, :password => user.password)
-    end
-  end
-
-  test 'should allow overwriting find for authentication conditions' do
-    admin = Admin.create!(valid_attributes)
-    assert_not_nil Admin.authenticate(:email => admin.email, :password => admin.password)
-  end
-
   test 'should respond to current password' do
     assert new_user.respond_to?(:current_password)
   end

data/test/models/lockable_test.rb

@@ -1,64 +1,64 @@
-require 'test/test_helper'
+require 'test_helper'
 
 class LockableTest < ActiveSupport::TestCase
-
   def setup
     setup_mailer
   end
 
-  test "should increment failed attempts on unsuccessful authentication" do
+  test "should respect maximum attempts configuration" do
     user = create_user
-    assert_equal 0, user.failed_attempts
-
-    authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword")
-    assert_equal 1, user.reload.failed_attempts
+    swap Devise, :maximum_attempts => 2 do
+      3.times { user.valid_for_authentication?{ false } }
+      assert user.reload.access_locked?
+    end
   end
 
-  test "should lock account base on maximum_attempts" do
+  test "should clear failed_attempts on successfull validation" do
     user = create_user
-    attempts = Devise.maximum_attempts + 1
-    attempts.times { authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword") }
-    assert user.reload.locked?
+    user.valid_for_authentication?{ false }
+    assert_equal 1, user.reload.failed_attempts
+    user.valid_for_authentication?{ true }
+    assert_equal 0, user.reload.failed_attempts
   end
 
-  test "should respect maximum attempts configuration" do
+  test "should not touch failed_attempts if lock_strategy is none" do
     user = create_user
-    swap Devise, :maximum_attempts => 2 do
-      3.times { authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword") }
-      assert user.reload.locked?
+    swap Devise, :lock_strategy => :none, :maximum_attempts => 2 do
+      3.times { user.valid_for_authentication?{ false } }
+      assert !user.access_locked?
+      assert_equal 0, user.failed_attempts
     end
   end
 
-  test "should clear failed_attempts on successfull sign in" do
+  test 'should be valid for authentication with a unlocked user' do
     user = create_user
-    User.authenticate(:email => user.email, :password => "anotherpassword")
-    assert_equal 1, user.reload.failed_attempts
-    User.authenticate(:email => user.email, :password => "123456")
-    assert_equal 0, user.reload.failed_attempts
+    user.lock_access!
+    user.unlock_access!
+    assert user.valid_for_authentication?{ true }
   end
 
-  test "should verify wheter a user is locked or not" do
+  test "should verify whether a user is locked or not" do
     user = create_user
-    assert_not user.locked?
-    user.lock!
-    assert user.locked?
+    assert_not user.access_locked?
+    user.lock_access!
+    assert user.access_locked?
   end
 
   test "active? should be the opposite of locked?" do
     user = create_user
     user.confirm!
     assert user.active?
-    user.lock!
+    user.lock_access!
     assert_not user.active?
   end
 
   test "should unlock an user by cleaning locked_at, falied_attempts and unlock_token" do
     user = create_user
-    user.lock!
+    user.lock_access!
     assert_not_nil user.reload.locked_at
     assert_not_nil user.reload.unlock_token
 
-    user.unlock!
+    user.unlock_access!
     assert_nil user.reload.locked_at
     assert_nil user.reload.unlock_token
     assert 0, user.reload.failed_attempts
@@ -66,12 +66,12 @@ class LockableTest < ActiveSupport::TestCase
 
   test 'should not unlock an unlocked user' do
     user = create_user
-    assert_not user.unlock!
+    assert_not user.unlock_access!
     assert_match "was not locked", user.errors[:email].join
   end
 
   test "new user should not be locked and should have zero failed_attempts" do
-    assert_not new_user.locked?
+    assert_not new_user.access_locked?
     assert_equal 0, create_user.failed_attempts
   end
 
@@ -79,10 +79,10 @@ class LockableTest < ActiveSupport::TestCase
     swap Devise, :unlock_in => 3.hours do
       user = new_user
       user.locked_at = 2.hours.ago
-      assert user.locked?
+      assert user.access_locked?
 
       Devise.unlock_in = 1.hour
-      assert_not user.locked?
+      assert_not user.access_locked?
     end
   end
 
@@ -90,32 +90,22 @@ class LockableTest < ActiveSupport::TestCase
     swap Devise, :unlock_strategy => :email do
       user = new_user
       user.locked_at = 2.hours.ago
-      assert user.locked?
+      assert user.access_locked?
     end
   end
 
   test "should set unlock_token when locking" do
     user = create_user
     assert_nil user.unlock_token
-    user.lock!
+    user.lock_access!
     assert_not_nil user.unlock_token
   end
 
-  test 'should not regenerate unlock token if it already exists' do
-    user = create_user
-    user.lock!
-    3.times do
-      token = user.unlock_token
-      user.resend_unlock!
-      assert_equal token, user.unlock_token
-    end
-  end
-
   test "should never generate the same unlock token for different users" do
     unlock_tokens = []
     3.times do
       user = create_user
-      user.lock!
+      user.lock_access!
       token = user.unlock_token
       assert !unlock_tokens.include?(token)
       unlock_tokens << token
@@ -125,7 +115,7 @@ class LockableTest < ActiveSupport::TestCase
   test "should not generate unlock_token when :email is not an unlock strategy" do
     swap Devise, :unlock_strategy => :time do
       user = create_user
-      user.lock!
+      user.lock_access!
       assert_nil user.unlock_token
     end
   end
@@ -134,7 +124,7 @@ class LockableTest < ActiveSupport::TestCase
     swap Devise, :unlock_strategy => :email do
       user = create_user
       assert_email_sent do
-        user.lock!
+        user.lock_access!
       end
     end
   end
@@ -143,49 +133,41 @@ class LockableTest < ActiveSupport::TestCase
     swap Devise, :unlock_strategy => :time do
       user = create_user
       assert_email_not_sent do
-        user.lock!
+        user.lock_access!
       end
     end
   end
 
   test 'should find and unlock an user automatically' do
     user = create_user
-    user.lock!
-    locked_user = User.unlock!(:unlock_token => user.unlock_token)
+    user.lock_access!
+    locked_user = User.unlock_access_by_token(user.unlock_token)
     assert_equal locked_user, user
-    assert_not user.reload.locked?
+    assert_not user.reload.access_locked?
   end
 
   test 'should return a new record with errors when a invalid token is given' do
-    locked_user = User.unlock!(:unlock_token => 'invalid_token')
-    assert locked_user.new_record?
+    locked_user = User.unlock_access_by_token('invalid_token')
+    assert_not locked_user.persisted?
     assert_equal "is invalid", locked_user.errors[:unlock_token].join
   end
 
   test 'should return a new record with errors when a blank token is given' do
-    locked_user = User.unlock!(:unlock_token => '')
-    assert locked_user.new_record?
+    locked_user = User.unlock_access_by_token('')
+    assert_not locked_user.persisted?
     assert_equal "can't be blank", locked_user.errors[:unlock_token].join
   end
 
-  test 'should authenticate a unlocked user' do
-    user = create_user
-    user.lock!
-    user.unlock!
-    authenticated_user = User.authenticate(:email => user.email, :password => user.password)
-    assert_equal authenticated_user, user
-  end
-
   test 'should find a user to send unlock instructions' do
     user = create_user
-    user.lock!
+    user.lock_access!
     unlock_user = User.send_unlock_instructions(:email => user.email)
     assert_equal unlock_user, user
   end
 
   test 'should return a new user if no email was found' do
     unlock_user = User.send_unlock_instructions(:email => "invalid@email.com")
-    assert unlock_user.new_record?
+    assert_not unlock_user.persisted?
   end
 
   test 'should add error to new user email if no email was found' do
@@ -195,8 +177,8 @@ class LockableTest < ActiveSupport::TestCase
 
   test 'should not be able to send instructions if the user is not locked' do
     user = create_user
-    assert_not user.resend_unlock!
-    assert_not user.locked?
+    assert_not user.resend_unlock_token
+    assert_not user.access_locked?
     assert_equal 'was not locked', user.errors[:email].join
   end
 

data/test/models/recoverable_test.rb

@@ -1,4 +1,4 @@
-require 'test/test_helper'
+require 'test_helper'
 
 class RecoverableTest < ActiveSupport::TestCase
 
@@ -82,7 +82,7 @@ class RecoverableTest < ActiveSupport::TestCase
 
   test 'should return a new record with errors if user was not found by e-mail' do
     reset_password_user = User.send_reset_password_instructions(:email => "invalid@email.com")
-    assert reset_password_user.new_record?
+    assert_not reset_password_user.persisted?
     assert_equal "not found", reset_password_user.errors[:email].join
   end
 
@@ -104,19 +104,19 @@ class RecoverableTest < ActiveSupport::TestCase
     user = create_user
     user.send :generate_reset_password_token!
 
-    reset_password_user = User.reset_password!(:reset_password_token => user.reset_password_token)
+    reset_password_user = User.reset_password_by_token(:reset_password_token => user.reset_password_token)
     assert_equal reset_password_user, user
   end
 
   test 'should a new record with errors if no reset_password_token is found' do
-    reset_password_user = User.reset_password!(:reset_password_token => 'invalid_token')
-    assert reset_password_user.new_record?
+    reset_password_user = User.reset_password_by_token(:reset_password_token => 'invalid_token')
+    assert_not reset_password_user.persisted?
     assert_equal "is invalid", reset_password_user.errors[:reset_password_token].join
   end
 
   test 'should a new record with errors if reset_password_token is blank' do
-    reset_password_user = User.reset_password!(:reset_password_token => '')
-    assert reset_password_user.new_record?
+    reset_password_user = User.reset_password_by_token(:reset_password_token => '')
+    assert_not reset_password_user.persisted?
     assert_match "can't be blank", reset_password_user.errors[:reset_password_token].join
   end
 
@@ -125,7 +125,7 @@ class RecoverableTest < ActiveSupport::TestCase
     old_password = user.password
     user.send :generate_reset_password_token!
 
-    reset_password_user = User.reset_password!(
+    reset_password_user = User.reset_password_by_token(
       :reset_password_token => user.reset_password_token,
       :password => 'new_password',
       :password_confirmation => 'new_password'

data/test/models/rememberable_test.rb

@@ -1,4 +1,4 @@
-require 'test/test_helper'
+require 'test_helper'
 
 class RememberableTest < ActiveSupport::TestCase
   test 'should respond to remember_me attribute' do
@@ -39,47 +39,25 @@ class RememberableTest < ActiveSupport::TestCase
     user.forget_me!
   end
 
-  test 'valid remember token' do
-    user = create_user
-    assert_not user.valid_remember_token?(user.remember_token)
-    user.remember_me!
-    assert user.valid_remember_token?(user.remember_token)
-    user.forget_me!
-    assert_not user.valid_remember_token?(user.remember_token)
-  end
-
-  test 'valid remember token should also verify if remember is not expired' do
-    swap Devise, :remember_for => 1.day do
-      user = create_user
-      user.remember_me!
-      user.remember_created_at = 3.days.ago
-      user.save
-      assert_not user.valid_remember_token?(user.remember_token)
-    end
-  end
-
   test 'serialize into cookie' do
     user = create_user
     user.remember_me!
-    assert_equal "#{user.id}::#{user.remember_token}", User.serialize_into_cookie(user)
+    assert_equal [user.id, user.remember_token], User.serialize_into_cookie(user)
   end
 
   test 'serialize from cookie' do
     user = create_user
     user.remember_me!
-    assert_equal user, User.serialize_from_cookie("#{user.id}::#{user.remember_token}")
+    assert_equal user, User.serialize_from_cookie(user.id, user.remember_token)
   end
 
-  # MongoMapper cries if an invalid ID is given, so this does not need to be tested
-  unless DEVISE_ORM == :mongo_mapper
-    test 'serialize should return nil if no user is found' do
-      assert_nil User.serialize_from_cookie('0::123')
-    end
+  test 'serialize should return nil if no user is found' do
+    assert_nil User.serialize_from_cookie(0, "123")
   end
 
   test 'remember me return nil if is a valid user with invalid token' do
     user = create_user
-    assert_nil User.serialize_from_cookie("#{user.id}::#{user.remember_token}123")
+    assert_nil User.serialize_from_cookie(user.id, "123")
   end
 
   test 'remember for should fallback to devise remember for default configuration' do

data/test/models/timeoutable_test.rb

@@ -1,4 +1,4 @@
-require 'test/test_helper'
+require 'test_helper'
 
 class TimeoutableTest < ActiveSupport::TestCase
 

data/test/models/token_authenticatable_test.rb

@@ -1,4 +1,4 @@
-require 'test/test_helper'
+require 'test_helper'
 
 class TokenAuthenticatableTest < ActiveSupport::TestCase
 
@@ -25,13 +25,6 @@ class TokenAuthenticatableTest < ActiveSupport::TestCase
     assert_equal previous_token, user.authentication_token
   end
 
-  test 'should test for a valid authentication token' do
-    User.expects(:authentication_token).returns(VALID_AUTHENTICATION_TOKEN)
-    user = create_user
-    assert user.valid_authentication_token?(VALID_AUTHENTICATION_TOKEN)
-    assert_not user.valid_authentication_token?(VALID_AUTHENTICATION_TOKEN.reverse)
-  end
-
   test 'should authenticate a valid user with authentication token and return it' do
     User.expects(:authentication_token).returns(VALID_AUTHENTICATION_TOKEN)
     user = create_user

data/test/models/trackable_test.rb

@@ -1,4 +1,4 @@
-require 'test/test_helper'
+require 'test_helper'
 
 class TrackableTest < ActiveSupport::TestCase
 

data/test/models/validatable_test.rb

@@ -1,7 +1,7 @@
-require 'test/test_helper'
+require 'test_helper'
 
 class ValidatableTest < ActiveSupport::TestCase
-  extend Devise::TestSilencer if [:mongo_mapper, :data_mapper].include?(DEVISE_ORM)
+  extend Devise::TestSilencer if [:mongoid, :data_mapper].include?(DEVISE_ORM)
 
   test 'should require email to be set' do
     user = new_user(:email => nil)

data/test/models_test.rb

@@ -1,4 +1,4 @@
-require 'test/test_helper'
+require 'test_helper'
 
 class Configurable < User
   devise :authenticatable, :confirmable, :rememberable, :timeoutable, :lockable,
@@ -23,7 +23,21 @@ class ActiveRecordTest < ActiveSupport::TestCase
   end
 
   test 'add modules cherry pick' do
-    assert_include_modules Admin, :authenticatable, :registerable, :timeoutable
+    assert_include_modules Admin, :database_authenticatable, :registerable, :timeoutable, :recoverable
+  end
+
+  test 'order of module inclusion' do
+    correct_module_order   = [:database_authenticatable, :recoverable, :registerable, :timeoutable]
+    incorrect_module_order = [:database_authenticatable, :timeoutable, :registerable, :recoverable]
+
+    assert_include_modules Admin, *incorrect_module_order
+
+    # get module constants from symbol list
+    module_constants = correct_module_order.collect { |mod| Devise::Models::const_get(mod.to_s.classify) }
+
+    # confirm that they adhere to the order in ALL
+    # get included modules, filter out the noise, and reverse the order
+    assert_equal module_constants, (Admin.included_modules & module_constants).reverse
   end
 
   test 'set a default value for stretches' do