devise_invitable 0.1.0

data/lib/devise_invitable.rb

@@ -0,0 +1,14 @@
+Devise.module_eval do
+  # Time interval where the invitation token is valid.
+  mattr_accessor :invite_for
+  @@invite_for = 0
+end
+Devise::ALL << :invitable
+Devise::CONTROLLERS = Devise::CONTROLLERS.merge(:invitations => [:invitable])
+
+module DeviseInvitable; end
+
+require 'devise_invitable/mailer'
+require 'devise_invitable/routes'
+require 'devise_invitable/schema'
+require 'devise_invitable/rails'

data/lib/devise_invitable/locales/en.yml

@@ -0,0 +1,5 @@
+en:
+  devise:
+    invitations:
+      send_invitation: 'An email with instructions about how to set the password has been sent.'
+      updated: 'Your password was set successfully. You are now signed in.'

data/lib/devise_invitable/mailer.rb

@@ -0,0 +1,9 @@
+module DeviseInvitable
+  module Mailer
+    # Deliver an invitation when is requested
+    def invitation(record)
+      setup_mail(record, :invitation)
+    end
+  end
+end
+DeviseMailer.send :include, DeviseInvitable::Mailer

data/lib/devise_invitable/rails.rb

@@ -0,0 +1,3 @@
+Rails.configuration.after_initialize do
+  I18n.load_path.unshift File.expand_path(File.join(File.dirname(__FILE__), 'locales', 'en.yml'))
+end

data/lib/devise_invitable/routes.rb

@@ -0,0 +1,28 @@
+module DeviseInvitable
+  module Routes #:doc:
+    # Adds route generation for invitable. This method is responsible to
+    # generate all needed routes for devise, based on what modules you have
+    # defined in your model.
+    # Examples: Let's say you have an User model configured to use
+    # invitable module. After creating this inside your routes:
+    #
+    #   map.devise_for :users
+    #
+    # this method is going to look inside your User model and create the
+    # needed routes:
+    #
+    #  # Invitation routes for Invitable, if User model has :invitable configured
+    #    new_user_invitation GET  /users/invitation/new(.:format)   {:controller=>"invitations", :action=>"new"}
+    #   edit_user_invitation GET  /users/invitation/edit(.:format)  {:controller=>"invitations", :action=>"edit"}
+    #        user_invitation PUT  /users/invitation(.:format)       {:controller=>"invitations", :action=>"update"}
+    #                        POST /users/invitation(.:format)       {:controller=>"invitations", :action=>"create"}
+    #
+
+    protected
+      def invitable(routes, mapping)
+        routes.resource :invitation, :only => [:new, :create, :edit, :update], :as => mapping.path_names[:invitation]
+      end
+  end
+end
+
+ActionController::Routing::RouteSet::Mapper.send :include, DeviseInvitable::Routes

data/lib/devise_invitable/schema.rb

@@ -0,0 +1,11 @@
+module DeviseInvitable
+  module Schema
+    # Creates invitation_token and invitation_sent_at.
+    def invitable
+      apply_schema :invitation_token,   String, :limit => 20
+      apply_schema :invitation_sent_at, DateTime
+    end
+  end
+end
+
+Devise::Schema.send :include, DeviseInvitable::Schema

data/rails/init.rb

@@ -0,0 +1 @@
+require 'devise_invitable'

data/test/integration/invitable_test.rb

@@ -0,0 +1,122 @@
+require 'test/test_helper'
+require 'test/integration_tests_helper'
+
+class InvitationTest < ActionController::IntegrationTest
+
+  def send_invitation(&block)
+    visit new_user_invitation_path
+
+    assert_response :success
+    assert_template 'invitations/new'
+    assert warden.authenticated?(:user)
+
+    fill_in 'email', :with => 'user@test.com'
+    yield if block_given?
+    click_button 'Send an invitation'
+  end
+
+  def set_password(options={}, &block)
+    unless options[:visit] == false
+      visit edit_user_invitation_path(:invitation_token => options[:invitation_token])
+    end
+    assert_response :success
+    assert_template 'invitations/edit'
+
+    fill_in 'Password', :with => '987654321'
+    fill_in 'Password confirmation', :with => '987654321'
+    yield if block_given?
+    click_button 'Set my password'
+  end
+
+  test 'not authenticated user should not be able to send an invitation' do
+    get new_user_invitation_path
+    assert_not warden.authenticated?(:user)
+
+    assert_redirected_to new_user_session_path(:unauthenticated => true)
+  end
+
+  test 'authenticated user should be able to send an invitation' do
+    sign_in_as_user
+
+    send_invitation
+    assert_template 'home/index'
+    assert_equal 'An email with instructions about how to set the password has been sent.', flash[:success]
+  end
+
+  test 'authenticated user with invalid email should receive an error message' do
+    user = create_user
+    sign_in_as_user
+    send_invitation do
+      fill_in 'email', :with => user.email
+    end
+
+    assert_response :success
+    assert_template 'invitations/new'
+    assert_have_selector "input[type=text][value='#{user.email}']"
+    assert_contain 'Email already exists'
+  end
+
+  test 'authenticated user should not be able to visit edit invitation page' do
+    sign_in_as_user
+
+    get edit_user_invitation_path
+
+    assert_response :redirect
+    assert_redirected_to root_path
+    assert warden.authenticated?(:user)
+  end
+
+  test 'not authenticated user with invalid invitation token should not be able to set his password' do
+    user = create_user
+    set_password :invitation_token => 'invalid_token'
+
+    assert_response :success
+    assert_template 'invitations/edit'
+    assert_have_selector '#errorExplanation'
+    assert_contain 'Invitation token is invalid'
+    assert_not user.reload.valid_password?('987654321')
+  end
+
+  test 'not authenticated user with valid invitation token but invalid password should not be able to set his password' do
+    user = create_user(false)
+    set_password :invitation_token => user.invitation_token do
+      fill_in 'Password confirmation', :with => 'other_password'
+    end
+
+    assert_response :success
+    assert_template 'invitations/edit'
+    assert_have_selector '#errorExplanation'
+    assert_contain 'Password doesn\'t match confirmation'
+    assert_not user.reload.valid_password?('987654321')
+  end
+
+  test 'not authenticated user with valid data should be able to change his password' do
+    user = create_user(false)
+    set_password :invitation_token => user.invitation_token
+
+    assert_template 'home/index'
+    assert_equal 'Your password was set successfully. You are now signed in.', flash[:success]
+    assert user.reload.valid_password?('987654321')
+  end
+
+  test 'after entering invalid data user should still be able to set his password' do
+    user = create_user(false)
+    set_password :invitation_token => user.invitation_token do
+      fill_in 'Password confirmation', :with => 'other_password'
+    end
+    assert_response :success
+    assert_have_selector '#errorExplanation'
+    assert_not user.reload.valid_password?('987654321')
+
+    set_password :invitation_token => user.invitation_token
+    assert_equal 'Your password was set successfully. You are now signed in.', flash[:success]
+    assert user.reload.valid_password?('987654321')
+  end
+
+  test 'sign in user automatically after setting it\'s password' do
+    user = create_user(false)
+    set_password :invitation_token => user.invitation_token
+
+    assert warden.authenticated?(:user)
+  end
+end

data/test/integration_tests_helper.rb

@@ -0,0 +1,38 @@
+class ActionController::IntegrationTest
+
+  def warden
+    request.env['warden']
+  end
+  
+  def sign_in_as_user
+    Warden::Proxy.any_instance.stubs(:user).at_least_once.returns(User.new)
+  end
+
+  def create_user(accept_invitation = true)
+    user = User.new :email => 'newuser@test.com'
+    user.invitation_token = 'token'
+    user.invitation_sent_at = Time.now.utc
+    user.save(false)
+    user.accept_invitation! if accept_invitation
+    user
+  end
+
+  # Fix assert_redirect_to in integration sessions because they don't take into
+  # account Middleware redirects.
+  #
+  def assert_redirected_to(url)
+    assert [301, 302].include?(@integration_session.status),
+           "Expected status to be 301 or 302, got #{@integration_session.status}"
+
+    url = prepend_host(url)
+    location = prepend_host(@integration_session.headers["Location"])
+    assert_equal url, location
+  end
+
+  protected
+
+    def prepend_host(url)
+      url = "http://#{request.host}#{url}" if url[0] == ?/
+      url
+    end
+end

data/test/mailers/invitation_test.rb

@@ -0,0 +1,62 @@
+require 'test/test_helper'
+
+class InviationTest < ActionMailer::TestCase
+
+  def setup
+    setup_mailer
+    DeviseMailer.sender = 'test@example.com'
+  end
+
+  def user
+    @user ||= begin
+      user = create_user_with_invitation('token')
+      user.send_invitation
+      user
+    end
+  end
+
+  def mail
+    @mail ||= begin
+      user
+      ActionMailer::Base.deliveries.last
+    end
+  end
+
+  test 'email sent after reseting the user password' do
+    assert_not_nil mail
+  end
+
+  test 'content type should be set to html' do
+    assert_equal 'text/html', mail.content_type
+  end
+
+  test 'send invitation to the user email' do
+    assert_equal [user.email], mail.to
+  end
+
+  test 'setup sender from configuration' do
+    assert_equal ['test@example.com'], mail.from
+  end
+
+  test 'setup subject from I18n' do
+    store_translations :en, :devise => { :mailer => { :invitation => 'Invitation' } } do
+      assert_equal 'Invitation', mail.subject
+    end
+  end
+
+  test 'subject namespaced by model' do
+    store_translations :en, :devise => { :mailer => { :user => { :invitation => 'User Invitation' } } } do
+      assert_equal 'User Invitation', mail.subject
+    end
+  end
+
+  test 'body should have user info' do
+    assert_match /#{user.email}/, mail.body
+  end
+
+  test 'body should have link to confirm the account' do
+    host = ActionMailer::Base.default_url_options[:host]
+    invitation_url_regexp = %r{<a href=\"http://#{host}/users/invitation/edit\?invitation_token=#{user.invitation_token}">}
+    assert_match invitation_url_regexp, mail.body
+  end
+end

data/test/model_tests_helper.rb

@@ -0,0 +1,59 @@
+class ActiveSupport::TestCase
+  def setup_mailer
+    ActionMailer::Base.deliveries = []
+  end
+
+  def store_translations(locale, translations, &block)
+    begin
+      I18n.backend.store_translations locale, translations
+      yield
+    ensure
+      I18n.reload!
+    end
+  end
+
+  # Helpers for creating new users
+  #
+  def generate_unique_email
+    @@email_count ||= 0
+    @@email_count += 1
+    "test#{@@email_count}@email.com"
+  end
+
+  def valid_attributes(attributes={})
+    { :email => generate_unique_email,
+      :password => '123456',
+      :password_confirmation => '123456' }.update(attributes)
+  end
+
+  def new_user(attributes={})
+    User.new(valid_attributes(attributes))
+  end
+
+  def create_user(attributes={})
+    User.create!(valid_attributes(attributes))
+  end
+
+  def create_user_with_invitation(invitation_token, attributes={})
+    user = new_user({:password => nil, :password_confirmation => nil}.update(attributes))
+    user.invitation_token = invitation_token
+    user.invitation_sent_at = Time.now.utc
+    user.save(false)
+    user
+  end
+
+  # Execute the block setting the given values and restoring old values after
+  # the block is executed.
+  def swap(object, new_values)
+    old_values = {}
+    new_values.each do |key, value|
+      old_values[key] = object.send key
+      object.send :"#{key}=", value
+    end
+    yield
+  ensure
+    old_values.each do |key, value|
+      object.send :"#{key}=", value
+    end
+  end
+end

data/test/models/invitable_test.rb

@@ -0,0 +1,164 @@
+require 'test/test_helper'
+require 'test/model_tests_helper'
+
+class InvitableTest < ActiveSupport::TestCase
+
+  def setup
+    setup_mailer
+  end
+
+  test 'should not generate invitation token after creating a record' do
+    assert_nil new_user.invitation_token
+  end
+
+  test 'should regenerate invitation token each time' do
+    user = new_user
+    3.times do
+      token = user.invitation_token
+      user.reset_invitation!
+      assert_not_equal token, user.invitation_token
+    end
+  end
+
+  test 'should test invitation sent at with invite_for configuration value' do
+    user = create_user_with_invitation('')
+    
+    User.stubs(:invite_for).returns(nil)
+    user.invitation_sent_at = Time.now.utc
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(nil)
+    user.invitation_sent_at = 1.year.ago
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(0)
+    user.invitation_sent_at = Time.now.utc
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(0)
+    user.invitation_sent_at = 1.day.ago
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(1.day)
+    user.invitation_sent_at = Time.now.utc
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(1.day)
+    user.invitation_sent_at = 1.day.ago
+    assert_not user.valid_invitation?
+  end
+
+  test 'should never generate the same invitation token for different users' do
+    invitation_tokens = []
+    3.times do
+      user = new_user
+      user.reset_invitation!
+      token = user.invitation_token
+      assert !invitation_tokens.include?(token)
+      invitation_tokens << token
+    end
+  end
+
+  test 'should set password and password confirmation from params' do
+    create_user_with_invitation('valid_token', :password => nil, :password_confirmation => nil)
+    user = User.accept_invitation!(:invitation_token => 'valid_token', :password => '123456789', :password_confirmation => '123456789')
+    assert user.valid_password?('123456789')
+  end
+
+  test 'should set password and save the record' do
+    user = create_user_with_invitation('valid_token', :password => nil, :password_confirmation => nil)
+    old_encrypted_password = user.encrypted_password
+    user = User.accept_invitation!(:invitation_token => 'valid_token', :password => '123456789', :password_confirmation => '123456789')
+    assert_not_equal old_encrypted_password, user.encrypted_password
+  end
+
+  test 'should clear invitation token while setting the password' do
+    user = new_user
+    user.update_attribute(:invitation_token, 'valid_token')
+    assert_present user.invitation_token
+    assert user.accept_invitation!
+    assert_nil user.invitation_token
+  end
+
+  test 'should not clear invitation token if record is invalid' do
+    user = new_user
+    user.update_attribute(:invitation_token, 'valid_token')
+    assert_present user.invitation_token
+    User.any_instance.stubs(:valid?).returns(false)
+    User.accept_invitation!(:invitation_token => 'valid_token', :password => '123456789', :password_confirmation => '987654321')
+    user.reload
+    assert_present user.invitation_token
+  end
+
+  test 'should reset reset password token and send invitation by email' do
+    user = new_user
+    assert_difference('ActionMailer::Base.deliveries.size') do
+      token = user.invitation_token
+      user.reset_invitation!
+      assert_not_equal token, user.invitation_token
+    end
+  end
+
+  test 'should return a record with invitation token and no errors to send invitation by email' do
+    invited_user = User.send_invitation(:email => "invalid@email.com")
+    assert invited_user.errors.blank?
+    assert_present invited_user.invitation_token
+  end
+
+  test 'should return a record with errors if user was found by e-mail' do
+    user = create_user_with_invitation('')
+    user.update_attribute(:invitation_token, nil)
+    invited_user = User.send_invitation(:email => user.email)
+    assert_equal invited_user, user
+    assert_equal 'already exists', invited_user.errors[:email]
+  end
+
+  test 'should return a new record with errors if e-mail is blank' do
+    invited_user = User.send_invitation(:email => '')
+    assert invited_user.new_record?
+    assert_equal "can't be blank", invited_user.errors[:email]
+  end
+
+  test 'should find a user to set his password based on invitation_token' do
+    user = new_user
+    user.reset_invitation!
+
+    invited_user = User.accept_invitation!(:invitation_token => user.invitation_token)
+    assert_equal invited_user, user
+  end
+
+  test 'should return a new record with errors if no invitation_token is found' do
+    invited_user = User.accept_invitation!(:invitation_token => 'invalid_token')
+    assert invited_user.new_record?
+    assert_equal 'is invalid', invited_user.errors[:invitation_token]
+  end
+
+  test 'should return a new record with errors if invitation_token is blank' do
+    invited_user = User.accept_invitation!(:invitation_token => '')
+    assert invited_user.new_record?
+    assert_equal "can't be blank", invited_user.errors[:invitation_token]
+  end
+
+  test 'should return record with errors if invitation_token has expired' do
+    user = create_user_with_invitation('valid_token')
+    user.update_attribute(:invitation_sent_at, 1.day.ago)
+    User.stubs(:invite_for).returns(10.hours)
+    invited_user = User.accept_invitation!(:invitation_token => 'valid_token')
+    assert_equal user, invited_user
+    assert_equal "is invalid", invited_user.errors[:invitation_token]
+  end
+
+  test 'should set successfully user password given the new password and confirmation' do
+    user = new_user(:password => nil, :password_confirmation => nil)
+    user.reset_invitation!
+
+    invited_user = User.accept_invitation!(
+      :invitation_token => user.invitation_token,
+      :password => 'new_password',
+      :password_confirmation => 'new_password'
+    )
+    user.reload
+
+    assert user.valid_password?('new_password')
+  end
+end