devise_g5_authenticatable 0.1.0

data/spec/models/protected_attributes_spec.rb

@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe DeviseG5Authenticatable::Models::ProtectedAttributes do
+  subject { model }
+
+  let(:model_class) { User }
+  let(:model) { model_class.new }
+
+  it { should allow_mass_assignment_of(:email) }
+  it { should allow_mass_assignment_of(:password) }
+  it { should allow_mass_assignment_of(:password_confirmation) }
+  it { should allow_mass_assignment_of(:provider) }
+  it { should allow_mass_assignment_of(:uid) }
+  it { should_not allow_mass_assignment_of(:g5_access_token) }
+  it { should allow_mass_assignment_of(:current_password) }
+  it { should allow_mass_assignment_of(:updated_by) }
+end

data/spec/routing/registrations_routing_spec.rb

@@ -0,0 +1,107 @@
+require 'spec_helper'
+
+describe 'Registrations controller' do
+  describe 'routing' do
+    context 'with user scope' do
+      it 'should route GET /users/sign_up' do
+        expect(get '/users/sign_up').to route_to(controller: 'devise_g5_authenticatable/registrations',
+                                             action: 'new')
+      end
+
+      it 'should route POST /users' do
+        expect(post '/users').to route_to(controller: 'devise_g5_authenticatable/registrations',
+                                          action: 'create')
+      end
+
+      it 'should route GET /users/edit' do
+        expect(get '/users/edit').to route_to(controller: 'devise_g5_authenticatable/registrations',
+                                              action: 'edit')
+      end
+
+      it 'should route PUT /users' do
+        expect(put '/users').to route_to(controller: 'devise_g5_authenticatable/registrations',
+                                         action: 'update')
+      end
+
+      it 'should route DELETE /users' do
+        expect(delete '/users').to route_to(controller: 'devise_g5_authenticatable/registrations',
+                                            action: 'destroy')
+      end
+
+      it 'should route GET /users/cancel' do
+        expect(get '/users/cancel').to route_to(controller: 'devise_g5_authenticatable/registrations',
+                                                action: 'cancel')
+      end
+    end
+
+    context 'with admin scope' do
+      it 'should route GET /registered/admins/custom_sign_up' do
+        expect(get '/registered/admins/custom_sign_up').to route_to(controller: 'custom_registrations',
+                                                                    action: 'new')
+      end
+
+      it 'should route POST /registered/admins' do
+        expect(post '/registered/admins').to route_to(controller: 'custom_registrations',
+                                                      action: 'create')
+      end
+
+      it 'should route GET /registered/admins/edit' do
+        expect(get '/registered/admins/edit').to route_to(controller: 'custom_registrations',
+                                              action: 'edit')
+      end
+
+      it 'should route PUT /registered/admins' do
+        expect(put '/registered/admins').to route_to(controller: 'custom_registrations',
+                                         action: 'update')
+      end
+
+      it 'should route DELETE /registered/admins' do
+        expect(delete '/registered/admins').to route_to(controller: 'custom_registrations',
+                                                        action: 'destroy')
+      end
+
+      it 'should route GET /registered/admins/custom_cancel' do
+        expect(get '/registered/admins/custom_cancel').to route_to(controller: 'custom_registrations',
+                                                                   action: 'cancel')
+      end
+    end
+  end
+
+  describe 'generated url helpers' do
+    context 'with user scope' do
+      it 'should generate new_user_registration_path' do
+        expect(new_user_registration_path).to eq('/users/sign_up')
+      end
+
+      it 'should generate user_registration_path' do
+        expect(user_registration_path).to eq('/users')
+      end
+
+      it 'should generate edit_user_registration_path' do
+        expect(edit_user_registration_path).to eq('/users/edit')
+      end
+
+      it 'should generate cancel_user_registration_path' do
+        expect(cancel_user_registration_path).to eq('/users/cancel')
+      end
+    end
+
+    context 'with admin scope' do
+      it 'should generate new_admin_registration_path' do
+        expect(new_admin_registration_path).to eq('/registered/admins/custom_sign_up')
+      end
+
+      it 'should generate admin_registration_path' do
+        expect(admin_registration_path).to eq('/registered/admins')
+      end
+
+      it 'should generate edit_admin_registration_path' do
+        expect(edit_admin_registration_path).to eq('/registered/admins/edit')
+      end
+
+      it 'should generate cancel_admin_registration_path' do
+        expect(cancel_admin_registration_path).to eq('/registered/admins/custom_cancel')
+      end
+    end
+  end
+end

data/spec/routing/sessions_routing_spec.rb

@@ -0,0 +1,111 @@
+require 'spec_helper'
+
+describe 'Sessions controller' do
+  describe 'routing' do
+    context 'with user scope' do
+      it 'should route GET /users/sign_in' do
+        expect(get '/users/sign_in').to route_to(controller: 'devise_g5_authenticatable/sessions',
+                                                 action: 'new')
+      end
+
+      it 'should route DELETE /users/sign_out' do
+        expect(delete '/users/sign_out').to route_to(controller: 'devise_g5_authenticatable/sessions',
+                                                     action: 'destroy')
+      end
+
+      it 'should route GET /users/auth/g5' do
+        expect(get '/users/auth/g5').to route_to(controller: 'devise_g5_authenticatable/sessions',
+                                                 action: 'omniauth_passthru')
+      end
+
+      it 'should route POST /users/auth/g5' do
+        expect(post '/users/auth/g5').to route_to(controller: 'devise_g5_authenticatable/sessions',
+                                                  action: 'omniauth_passthru')
+      end
+
+      it 'should route GET /users/auth/g5/callback' do
+        expect(get '/users/auth/g5/callback').to route_to(controller: 'devise_g5_authenticatable/sessions',
+                                                          action: 'create')
+      end
+
+      it 'should route POST /users/auth/g5/callback' do
+        expect(post '/users/auth/g5/callback').to route_to(controller: 'devise_g5_authenticatable/sessions',
+                                                           action: 'create')
+      end
+
+      it 'should set the OmniAuth path prefix' do
+        expect(OmniAuth.config.path_prefix).to eq('/users/auth')
+      end
+    end
+
+    context 'with admin scope' do
+      it 'should route GET /registered/admins/custom_sign_in' do
+        expect(get '/registered/admins/custom_sign_in').to route_to(controller: 'custom_sessions',
+                                                      action: 'new')
+      end
+
+      it 'should route DELETE /registered/admins/custom_sign_out' do
+        expect(delete '/registered/admins/custom_sign_out').to route_to(controller: 'custom_sessions',
+                                                          action: 'destroy')
+      end
+
+      it 'should route GET /registered/admins/auth/g5' do
+        expect(get '/registered/admins/auth/g5').to route_to(controller: 'custom_sessions',
+                                                             action: 'omniauth_passthru')
+      end
+
+      it 'should route POST /registered/admins/auth/g5' do
+        expect(post '/registered/admins/auth/g5').to route_to(controller: 'custom_sessions',
+                                                             action: 'omniauth_passthru')
+      end
+
+      it 'should route GET /registered/admins/auth/g5/callback' do
+        expect(get '/registered/admins/auth/g5/callback').to route_to(controller: 'custom_sessions',
+                                                                      action: 'create')
+      end
+
+      it 'should route POST /registered/admins/auth/g5/callback' do
+        expect(post '/registered/admins/auth/g5/callback').to route_to(controller: 'custom_sessions',
+                                                                       action: 'create')
+      end
+    end
+  end
+
+  describe 'generated url helpers' do
+    context 'with user scope' do
+      it 'should generate new_user_session_path' do
+        expect(new_user_session_path).to eq('/users/sign_in')
+      end
+
+      it 'should generate destroy_user_session_path' do
+        expect(destroy_user_session_path).to eq('/users/sign_out')
+      end
+
+      it 'should generate user_g5_authorize_path' do
+        expect(user_g5_authorize_path).to eq('/users/auth/g5')
+      end
+
+      it 'should generate user_g5_callback_path' do
+        expect(user_g5_callback_path).to eq('/users/auth/g5/callback')
+      end
+    end
+
+    context 'with admin scope' do
+      it 'should route new_admin_session_path' do
+        expect(new_admin_session_path).to eq('/registered/admins/custom_sign_in')
+      end
+
+      it 'should route destroy_admin_session_path' do
+        expect(destroy_admin_session_path).to eq('/registered/admins/custom_sign_out')
+      end
+
+      it 'should generate admin_g5_authorize_path' do
+        expect(admin_g5_authorize_path).to eq('/registered/admins/auth/g5')
+      end
+
+      it 'should generate admin_g5_callback_path' do
+        expect(admin_g5_callback_path).to eq('/registered/admins/auth/g5/callback')
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,44 @@
+# Setup for test coverage instrumentation (e.g. simplecov, codeclimate)
+# MUST happen before any other code is loaded
+require 'simplecov'
+SimpleCov.start 'test_frameworks'
+
+require 'codeclimate-test-reporter'
+CodeClimate::TestReporter.start
+
+require 'pry'
+
+# Load rails dummy application
+ENV['RAILS_ENV'] = 'test'
+require File.expand_path('../dummy/config/environment.rb',  __FILE__)
+
+require 'rspec/rails'
+require 'capybara/rspec'
+require 'webmock/rspec'
+require 'shoulda-matchers'
+require 'factory_girl_rails'
+
+# Load support files
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
+
+RSpec.configure do |config|
+  config.include FactoryGirl::Syntax::Methods
+
+  config.use_transactional_fixtures = true
+
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = 'random'
+
+  # The integration tests can be run with:
+  # rspec -t type:feature
+  # config.filter_run_excluding type: 'feature'
+
+  config.after(:suite) { WebMock.disable! }
+end

data/spec/support/devise.rb

@@ -0,0 +1,3 @@
+RSpec.configure do |config|
+  config.include Devise::TestHelpers, type: :controller
+end

data/spec/support/omniauth.rb

@@ -0,0 +1,3 @@
+RSpec.configure do |config|
+  config.before(:all) { OmniAuth.config.logger = Logger.new('/dev/null') }
+end

data/spec/support/shared_contexts/oauth_error.rb

@@ -0,0 +1,9 @@
+shared_context 'OAuth2::Error' do
+  let(:oauth_error) { OAuth2::Error.new(oauth_response) }
+  let(:oauth_response) do
+    double(:oauth_response,
+           parsed: {'error' => error_message}).as_null_object
+  end
+
+  let(:error_message) { 'Validation failed: Email is already taken' }
+end

data/spec/support/shared_contexts/rake.rb

@@ -0,0 +1,21 @@
+# Based on: http://robots.thoughtbot.com/test-rake-tasks-like-a-boss
+# Modified for a non-Rails environment
+require 'rake'
+
+shared_context 'rake' do
+  let(:rake)      { Rake::Application.new }
+  let(:task_name) { self.class.top_level_description }
+  let(:task_path) { "lib/tasks/#{task_name.split(':').first}/#{task_name.split(':').last}" }
+  let(:root_path) { File.expand_path('../../../..', __FILE__) }
+  subject(:task)  { rake[task_name] }
+
+  def loaded_files_excluding_current_rake_file
+    $".reject {|file| file =~ /#{task_path}\.rake$/ }
+  end
+
+  before do
+    Rake.application = rake
+    Rake.application.rake_require(task_path, [root_path], loaded_files_excluding_current_rake_file)
+    Rake::Task.define_task(:environment)
+  end
+end

data/spec/support/shared_examples/registration_error.rb

@@ -0,0 +1,15 @@
+shared_examples_for 'a registration validation error' do
+  it 'should not create a user' do
+    expect { subject }.to_not change { User.count }
+  end
+
+  it 'should not create a user on the auth server' do
+    subject
+    expect(auth_client).to_not have_received(:create_user)
+  end
+
+  it 'should display an error message' do
+    subject
+    expect(page).to have_content(error_message)
+  end
+end

data/spec/support/user_feature_methods.rb

@@ -0,0 +1,26 @@
+module UserFeatureMethods
+  def stub_g5_omniauth(user, options={})
+    OmniAuth.config.mock_auth[:g5] = OmniAuth::AuthHash.new({
+      uid: user.uid,
+      provider: 'g5',
+      info: {email: user.email},
+      credentials: {token: user.g5_access_token}
+    }.merge(options))
+  end
+
+  def stub_g5_invalid_credentials
+    OmniAuth.config.mock_auth[:g5] = :invalid_credentials
+  end
+
+  def visit_path_and_login_with(path, user)
+    stub_g5_omniauth(user)
+    visit path
+  end
+end
+
+RSpec.configure do |config|
+  config.before(:each) { OmniAuth.config.test_mode = true }
+  config.after(:each) { OmniAuth.config.test_mode = false }
+
+  config.include UserFeatureMethods, type: :feature
+end

data/spec/tasks/export_users_spec.rb

@@ -0,0 +1,90 @@
+require 'spec_helper'
+
+describe 'g5:export_users' do
+  include_context 'rake'
+
+  let(:user_exporter) { double(:user_exporter, export: nil) }
+  before { allow(G5::UserExporter).to receive(:new).and_return(user_exporter) }
+
+  before { ENV['G5_AUTH_CLIENT_ID'] = default_client_id }
+  let(:default_client_id) { 'default_client_id' }
+
+  before { ENV['G5_AUTH_CLIENT_SECRET'] = default_client_secret }
+  let(:default_client_secret) { 'default_client_secret' }
+
+  before { ENV['G5_AUTH_REDIRECT_URI'] = default_redirect_uri }
+  let(:default_redirect_uri) { 'http://test.host/default' }
+
+  before { ENV['G5_AUTH_ENDPOINT'] = default_endpoint }
+  let(:default_endpoint) { 'https://my.g5auth.host' }
+
+  before { ENV['G5_AUTH_AUTHORIZATION_CODE'] = default_auth_code }
+  let(:default_auth_code) { 'default_auth_code' }
+
+  def expect_init_user_exporter_with(option_name, expected_value)
+    expect(G5::UserExporter).to receive(:new) do |args|
+      expect(args[option_name]).to eq(expected_value)
+      user_exporter
+    end
+  end
+
+  it 'should use the default authorization code from the environment' do
+    expect_init_user_exporter_with(:authorization_code, default_auth_code)
+    task.invoke
+  end
+
+  it 'should allow the default authorization code to be overridden by an argument' do
+    auth_code_arg = 'some new auth code'
+    expect_init_user_exporter_with(:authorization_code, auth_code_arg)
+    task.invoke(auth_code_arg)
+  end
+
+  it 'should use the default client id from the environment' do
+    expect_init_user_exporter_with(:client_id, default_client_id)
+    task.invoke
+  end
+
+  it 'should allow the default client id to be overridden by an argument' do
+    client_id_arg = 'custom_client_id_override'
+    expect_init_user_exporter_with(:client_id, client_id_arg)
+    task.invoke(nil, client_id_arg)
+  end
+
+  it 'should use the default client secret from the environment' do
+    expect_init_user_exporter_with(:client_secret, default_client_secret)
+    task.invoke
+  end
+
+  it 'should allow the default client secret to be overridden by an argument' do
+    client_secret_arg = 'custom client secret'
+    expect_init_user_exporter_with(:client_secret, client_secret_arg)
+    task.invoke(nil, nil, client_secret_arg)
+  end
+
+  it 'should use the default redirect uri from the environment' do
+    expect_init_user_exporter_with(:redirect_uri, default_redirect_uri)
+    task.invoke
+  end
+
+  it 'should allow the default redirect uri to be overridden by an argument' do
+    redirect_uri_arg = 'http://test.localhost/custom/callback'
+    expect_init_user_exporter_with(:redirect_uri, redirect_uri_arg)
+    task.invoke(nil, nil, nil, redirect_uri_arg)
+  end
+
+  it 'should use the default auth endpoint from the environment' do
+    expect_init_user_exporter_with(:endpoint, default_endpoint)
+    task.invoke
+  end
+
+  it 'should allow the default auth endpoint to be overridden by an argument' do
+    endpoint_arg = 'https://custom-arg.auth.host'
+    expect_init_user_exporter_with(:endpoint, endpoint_arg)
+    task.invoke(nil, nil, nil, nil, endpoint_arg)
+  end
+
+  it 'should export the users' do
+    expect(user_exporter).to receive(:export)
+    task.invoke
+  end
+end