devise_invitable 1.1.8 → 1.2.1

data/test/integration/invitation_remove_test.rb

@@ -0,0 +1,29 @@
+require 'test_helper'
+require 'integration_tests_helper'
+
+class InvitationTest < ActionDispatch::IntegrationTest
+
+  test 'invited user can choose to remove his account/invite' do
+    user = User.invite!(:email => "valid@email.com")
+
+    # remove!
+    visit remove_user_invitation_path(:invitation_token => user.invitation_token)
+    assert_equal root_path, current_path
+    assert page.has_css?('p#notice', :text => 'Your invitation was removed.')
+    
+    # try to remove again!
+    visit remove_user_invitation_path(:invitation_token => user.invitation_token)
+    assert_equal root_path, current_path
+    assert page.has_css?('p#alert', :text => 'The invitation token provided is not valid!')
+  end
+
+  test 'accepted user cannot remove his account (by using the original invitation token)' do
+    user = User.invite!(:email => "valid@email.com")
+    saved_token = user.invitation_token
+    user.accept_invitation!
+    
+    visit remove_user_invitation_path(:invitation_token =>  saved_token)
+    assert_equal root_path, current_path
+    assert page.has_css?('p#alert', :text => 'The invitation token provided is not valid!')
+  end
+end

data/test/integration/invitation_test.rb

@@ -0,0 +1,223 @@
+require 'test_helper'
+require 'integration_tests_helper'
+
+class InvitationTest < ActionDispatch::IntegrationTest
+  def teardown
+    Capybara.reset_sessions!
+  end
+
+  def send_invitation(url = new_user_invitation_path, &block)
+    visit url
+
+    fill_in 'user_email', :with => 'user@test.com'
+    yield if block_given?
+    click_button 'Send an invitation'
+  end
+
+  def set_password(options={}, &block)
+    unless options[:visit] == false
+      visit accept_user_invitation_path(:invitation_token => options[:invitation_token])
+    end
+
+    fill_in 'user_password', :with => '987654321'
+    fill_in 'user_password_confirmation', :with => '987654321'
+    yield if block_given?
+    click_button options[:button] || 'Set my password'
+  end
+
+  test 'not authenticated user should be able to send a free invitation' do
+    send_invitation new_free_invitation_path
+    assert_equal root_path, current_path
+    assert page.has_css?('p#notice', :text => 'An invitation email has been sent to user@test.com.')
+  end
+
+  test 'not authenticated user should not be able to send an invitation' do
+    get new_user_invitation_path
+    assert_redirected_to new_user_session_path
+  end
+
+  test 'authenticated user should be able to send an invitation' do
+    sign_in_as_user
+
+    send_invitation
+    assert_equal root_path, current_path
+    assert page.has_css?('p#notice', :text => 'An invitation email has been sent to user@test.com.')
+  end
+
+  test 'authenticated user with existing email should receive an error message' do
+    user = create_full_user
+    sign_in_as_user(user)
+    send_invitation do
+      fill_in 'user_email', :with => user.email
+    end
+
+    assert_equal user_invitation_path, current_path
+    assert page.has_css?("input[type=text][value='#{user.email}']")
+    assert page.has_css?('#error_explanation li', :text => 'Email has already been taken')
+  end
+
+  test 'authenticated user should not be able to visit edit invitation page' do
+    sign_in_as_user
+
+    visit accept_user_invitation_path
+
+    assert_equal root_path, current_path
+  end
+
+  test 'not authenticated user with invalid invitation token should not be able to set his password' do
+    user = User.invite!(:email => "valid@email.com")
+    user.accept_invitation!
+    visit accept_user_invitation_path(:invitation_token => 'invalid_token')
+
+    assert_equal root_path, current_path
+    assert page.has_css?('p#alert', :text => 'The invitation token provided is not valid!')
+  end
+
+  test 'not authenticated user with valid invitation token but invalid password should not be able to set his password' do
+    user = User.invite!(:email => "valid@email.com")
+    set_password :invitation_token => user.invitation_token do
+      fill_in 'Password confirmation', :with => 'other_password'
+    end
+    assert_equal user_invitation_path, current_path
+    assert page.has_css?('#error_explanation li', :text => /Password .*doesn\'t match/)
+    assert_blank user.encrypted_password
+  end
+
+  test 'not authenticated user with valid data should be able to change his password' do
+    user = User.invite!(:email => "valid@email.com")
+    set_password :invitation_token => user.invitation_token
+
+    assert_equal root_path, current_path
+    assert page.has_css?('p#notice', :text => 'Your password was set successfully. You are now signed in.')
+    assert user.reload.valid_password?('987654321')
+  end
+
+  test 'after entering invalid data user should still be able to set his password' do
+    user = User.invite!(:email => "valid@email.com")
+    set_password :invitation_token => user.invitation_token do
+      fill_in 'Password confirmation', :with => 'other_password'
+    end
+    assert_equal user_invitation_path, current_path
+    assert page.has_css?('#error_explanation')
+    assert_blank user.encrypted_password
+
+    set_password :visit => false
+    assert page.has_css?('p#notice', :text => 'Your password was set successfully. You are now signed in.')
+    assert user.reload.valid_password?('987654321')
+  end
+
+  test 'sign in user automatically after setting it\'s password' do
+    user = User.invite!(:email => "valid@email.com")
+    set_password :invitation_token => user.invitation_token
+    assert_equal root_path, current_path
+  end
+
+  test 'clear token and set invitation_accepted_at after recover password instead of accept_invitation' do
+    user = User.invite!(:email => "valid@email.com")
+
+    visit new_user_password_path
+    fill_in 'user_email', :with => 'valid@email.com'
+    click_button 'Send me reset password instructions'
+
+    user.reload
+    visit edit_user_password_path(:reset_password_token => user.reset_password_token)
+    set_password :visit => false, :button => 'Change my password'
+
+    user.reload
+    assert_nil user.invitation_token
+    assert user.invitation_accepted_at
+  end
+
+  test 'user with invites left should be able to send an invitation' do
+    User.stubs(:invitation_limit).returns(1)
+
+    user = create_full_user
+    user.invitation_limit = 1
+    user.save!
+    sign_in_as_user(user)
+
+    assert_difference 'User.count' do
+      send_invitation
+    end
+    assert_equal root_path, current_path
+    assert page.has_css?('p#notice', :text => 'An invitation email has been sent to user@test.com.')
+    user = User.find(user.id)
+    assert !user.has_invitations_left?
+  end
+
+  test 'user with no invites left should not be able to send an invitation' do
+    User.stubs(:invitation_limit).returns(1)
+
+    user = create_full_user
+    user.invitation_limit = 0
+    user.save!
+    sign_in_as_user(user)
+
+    assert_no_difference 'User.count' do
+      send_invitation
+    end
+    assert_equal user_invitation_path, current_path
+    assert page.has_css?('p#alert', :text => 'No invitations remaining')
+  end
+
+  test 'user with nil invitation_limit should default to User.invitation_limit' do
+    User.stubs(:invitation_limit).returns(3)
+
+    user = create_full_user
+    assert_nil user[:invitation_limit]
+    assert_equal 3, user.invitation_limit
+    sign_in_as_user(user)
+
+    send_invitation
+    assert_equal root_path, current_path
+    assert page.has_css?('p#notice', :text => 'An invitation email has been sent to user@test.com.')
+    user = User.find(user.id)
+    assert_equal 2, user.invitation_limit
+  end
+
+  test 'should not decrement invitation limit when trying to invite again a user which is invited' do
+    User.stubs(:invitation_limit).returns(3)
+
+    user = create_full_user
+    assert_nil user[:invitation_limit]
+    assert_equal 3, user.invitation_limit
+    sign_in_as_user(user)
+
+    send_invitation
+    assert_equal root_path, current_path
+    assert page.has_css?('p#notice', :text => 'An invitation email has been sent to user@test.com.')
+    user = User.find(user.id)
+    assert_equal 2, user.invitation_limit
+
+    send_invitation
+    assert_equal root_path, current_path
+    assert page.has_css?('p#notice', :text => 'An invitation email has been sent to user@test.com.')
+    user = User.find(user.id)
+    assert_equal 2, user.invitation_limit
+  end
+
+  test 'invited_by should be set when user invites someone' do
+    user = create_full_user
+    sign_in_as_user(user)
+    send_invitation
+
+    invited_user = User.where(:email => 'user@test.com').first
+    assert invited_user
+    assert_equal user, invited_user.invited_by
+  end
+
+  test 'authenticated user should not be able to send an admin invitation' do
+    sign_in_as_user
+
+    get new_admin_path
+    assert_redirected_to new_admin_session_path
+  end
+
+  test 'authenticated admin should be able to send an admin invitation' do
+    sign_in_as_user Admin.create(:email => 'admin@test.com', :password => '123456', :password_confirmation => '123456')
+
+    send_invitation new_admin_path
+    assert_equal root_path, current_path
+    assert page.has_css?('p#notice', :text => 'An invitation email has been sent to user@test.com.')
+  end
+end

data/test/integration_tests_helper.rb

@@ -0,0 +1,48 @@
+class ActionController::IntegrationTest
+
+  def warden
+    request.env['warden']
+  end
+  
+  def create_full_user
+    @user ||= begin
+      user = User.create!(
+        :username              => 'usertest',
+        :email                 => 'fulluser@test.com',
+        :password              => '123456',
+        :password_confirmation => '123456',
+        :created_at            => Time.now.utc
+      )
+      user.confirm!
+      user
+    end
+  end
+
+  def sign_in_as_user(user = nil)
+    user ||= create_full_user
+    resource_name = user.class.name.underscore
+    visit send("new_#{resource_name}_session_path")
+    fill_in "#{resource_name}_email", :with => user.email
+    fill_in "#{resource_name}_password", :with => user.password
+    click_button 'Sign in'
+  end
+
+  # Fix assert_redirect_to in integration sessions because they don't take into
+  # account Middleware redirects.
+  #
+  def assert_redirected_to(url)
+    assert [301, 302].include?(@integration_session.status),
+           "Expected status to be 301 or 302, got #{@integration_session.status}"
+
+    url = prepend_host(url)
+    location = prepend_host(@integration_session.headers["Location"])
+    assert_equal url, location
+  end
+
+  protected
+
+    def prepend_host(url)
+      url = "http://#{request.host}#{url}" if url[0] == ?/
+      url
+    end
+end

data/test/mailers/invitation_mail_test.rb

@@ -0,0 +1,59 @@
+require 'test_helper'
+require 'model_tests_helper'
+
+class InvitationMailTest < ActionMailer::TestCase
+
+  def setup
+    setup_mailer
+    Devise.mailer_sender = 'test@example.com'
+  end
+
+  def user
+    @user ||= User.invite!(:email => "valid@email.com")
+  end
+
+  def mail
+    @mail ||= begin
+      user
+      ActionMailer::Base.deliveries.last
+    end
+  end
+
+  test 'email sent after reseting the user password' do
+    assert_not_nil mail
+  end
+
+  test 'content type should be set to html' do
+    assert_equal 'text/html; charset=UTF-8', mail.content_type
+  end
+
+  test 'send invitation to the user email' do
+    assert_equal [user.email], mail.to
+  end
+
+  test 'setup sender from configuration' do
+    assert_equal ['test@example.com'], mail.from
+  end
+
+  test 'setup subject from I18n' do
+    store_translations :en, :devise => { :mailer => { :invitation_instructions => { :subject => 'Localized Invitation' } } } do
+      assert_equal 'Localized Invitation', mail.subject
+    end
+  end
+
+  test 'subject namespaced by model' do
+    store_translations :en, :devise => { :mailer => { :invitation_instructions => { :user_subject => 'User Invitation' } } } do
+      assert_equal 'User Invitation', mail.subject
+    end
+  end
+
+  test 'body should have user info' do
+    assert_match /#{user.email}/, mail.body.decoded
+  end
+
+  test 'body should have link to confirm the account' do
+    host = ActionMailer::Base.default_url_options[:host]
+    invitation_url_regexp = %r{<a href=\"http://#{host}/users/invitation/accept\?invitation_token=#{user.invitation_token}">}
+    assert_match invitation_url_regexp, mail.body.decoded
+  end
+end

data/test/model_tests_helper.rb

@@ -0,0 +1,33 @@
+class ActiveSupport::TestCase
+  def setup_mailer
+    ActionMailer::Base.deliveries = []
+  end
+
+  def store_translations(locale, translations, &block)
+    begin
+      I18n.backend.store_translations locale, translations
+      yield
+    ensure
+      I18n.reload!
+    end
+  end
+
+  # Helpers for creating new users
+  #
+  def generate_unique_email
+    @@email_count ||= 0
+    @@email_count += 1
+    "test#{@@email_count}@email.com"
+  end
+
+  def valid_attributes(attributes={})
+    { :email => generate_unique_email,
+      :password => '123456',
+      :password_confirmation => '123456' }.update(attributes)
+  end
+
+  def new_user(attributes={})
+    User.new(valid_attributes(attributes))
+  end
+
+end

data/test/models/invitable_test.rb

@@ -0,0 +1,533 @@
+require 'test_helper'
+require 'model_tests_helper'
+
+class InvitableTest < ActiveSupport::TestCase
+
+  def setup
+    setup_mailer
+  end
+
+  test 'should not generate invitation token after creating a record' do
+    assert_nil new_user.invitation_token
+  end
+
+  test 'should not regenerate invitation token each time' do
+    user = new_user
+    user.invite!
+    token = user.invitation_token
+    assert_not_nil user.invitation_token
+    assert_not_nil user.invitation_created_at
+    3.times do
+      user.invite!
+      assert_equal token, user.invitation_token
+    end
+  end
+
+  test 'should set invitation created and sent at each time' do
+    user = new_user
+    user.invite!
+    old_invitation_created_at = 3.days.ago
+    old_invitation_sent_at = 3.days.ago
+    user.update_attributes(:invitation_sent_at => old_invitation_sent_at, :invitation_created_at => old_invitation_created_at)
+    3.times do
+      user.invite!
+      assert_not_equal old_invitation_sent_at, user.invitation_sent_at
+      assert_not_equal old_invitation_created_at, user.invitation_sent_at
+      user.update_attributes(:invitation_sent_at => old_invitation_sent_at, :invitation_created_at => old_invitation_created_at)
+    end
+  end
+
+  test 'should not regenerate invitation token even after the invitation token is not valid' do
+    User.stubs(:invite_for).returns(1.day)
+    user = new_user
+    user.invite!
+    token = user.invitation_token
+    user.invitation_created_at = 3.days.ago
+    user.save
+    user.invite!
+    assert_equal token, user.invitation_token
+  end
+
+  test 'should test invitation sent at with invite_for configuration value' do
+    user = User.invite!(:email => "valid@email.com")
+
+    User.stubs(:invite_for).returns(nil)
+    user.invitation_created_at = Time.now.utc
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(nil)
+    user.invitation_created_at = 1.year.ago
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(0)
+    user.invitation_created_at = Time.now.utc
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(0)
+    user.invitation_created_at = 1.day.ago
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(1.day)
+    user.invitation_created_at = Time.now.utc
+    assert user.valid_invitation?
+
+    User.stubs(:invite_for).returns(1.day)
+    user.invitation_created_at = 2.days.ago
+    assert !user.valid_invitation?
+  end
+
+  test 'should never generate the same invitation token for different users' do
+    invitation_tokens = []
+    3.times do
+      user = new_user
+      user.invite!
+      token = user.invitation_token
+      assert !invitation_tokens.include?(token)
+      invitation_tokens << token
+    end
+  end
+
+  test 'should invite with mutiple columns for invite key' do
+    User.stubs(:invite_key).returns(:email => Devise.email_regexp, :username => /\A.+\z/)
+    user = User.invite!(:email => "valid@email.com", :username => "name")
+    assert user.persisted?
+    assert user.errors.empty?
+  end
+
+  test 'should not invite with some missing columns when invite key is an array' do
+    User.stubs(:invite_key).returns(:email => Devise.email_regexp, :username => /\A.+\z/)
+    user = User.invite!(:email => "valid@email.com")
+    assert user.new_record?
+    assert user.errors.present?
+  end
+
+  test 'should return mail object' do
+    mail = User.invite_mail!(:email => 'valid@email.com')
+    assert mail.class.name == 'Mail::Message'
+  end
+
+  test 'should disallow login when invited' do
+    invited_user = User.invite!(:email => "valid@email.com")
+    assert !invited_user.valid_password?('1234')
+  end
+
+  test 'should set password and password confirmation from params' do
+    invited_user = User.invite!(:email => "valid@email.com")
+    user = User.accept_invitation!(:invitation_token => invited_user.invitation_token, :password => '123456789', :password_confirmation => '123456789')
+    assert user.valid_password?('123456789')
+  end
+
+  test 'should set password and save the record' do
+    user = User.invite!(:email => "valid@email.com")
+    old_encrypted_password = user.encrypted_password
+    user = User.accept_invitation!(:invitation_token => user.invitation_token, :password => '123456789', :password_confirmation => '123456789')
+    assert_not_equal old_encrypted_password, user.encrypted_password
+  end
+
+  test 'should clear invitation token and set invitation_accepted_at while accepting the password' do
+    user = User.invite!(:email => "valid@email.com")
+    assert_present user.invitation_token
+    assert_nil user.invitation_accepted_at
+    user.accept_invitation!
+    user.reload
+    assert_nil user.invitation_token
+    assert_present user.invitation_accepted_at
+  end
+
+  test 'should not clear invitation token or set accepted_at if record is invalid' do
+    user = User.invite!(:email => "valid@email.com")
+    assert_present user.invitation_token
+    assert_nil user.invitation_accepted_at
+    User.accept_invitation!(:invitation_token => user.invitation_token, :password => '123456789', :password_confirmation => '987654321')
+    user.reload
+    assert_present user.invitation_token
+    assert_nil user.invitation_accepted_at
+  end
+
+  test 'should clear invitation token while resetting the password' do
+    user = User.invite!(:email => "valid@email.com")
+    assert user.invited_to_sign_up?
+    user.send(:generate_reset_password_token!)
+    assert_present user.reset_password_token
+    assert_present user.invitation_token
+    User.reset_password_by_token(:reset_password_token => user.reset_password_token, :password => '123456789', :password_confirmation => '123456789')
+    assert_nil user.reload.invitation_token
+    assert !user.invited_to_sign_up?
+  end
+
+  test 'should not accept invitation on failing to reset the password' do
+    user = User.invite!(:email => "valid@email.com")
+    assert user.invited_to_sign_up?
+    user.send(:generate_reset_password_token!)
+    assert_present user.reset_password_token
+    assert_present user.invitation_token
+    User.reset_password_by_token(:reset_password_token => user.reset_password_token, :password => '123456789', :password_confirmation => '12345678')
+    assert_present user.reload.invitation_token
+    assert user.invited_to_sign_up?
+  end
+
+  test 'should not set invitation_accepted_at if just resetting password' do
+    user = User.create!(:email => "valid@email.com", :password => "123456780")
+    assert !user.invited_to_sign_up?
+    user.send(:generate_reset_password_token!)
+    assert_present user.reset_password_token
+    assert_nil user.invitation_token
+    User.reset_password_by_token(:reset_password_token => user.reset_password_token, :password => '123456789', :password_confirmation => '123456789')
+    assert_nil user.reload.invitation_token
+    assert_nil user.reload.invitation_accepted_at
+  end
+
+  test 'should reset invitation token and send invitation by email' do
+    user = new_user
+    assert_difference('ActionMailer::Base.deliveries.size') do
+      token = user.invitation_token
+      user.invite!
+      assert_not_equal token, user.invitation_token
+    end
+  end
+
+  test 'should return a record with invitation token and no errors to send invitation by email' do
+    invited_user = User.invite!(:email => "valid@email.com")
+    assert invited_user.errors.blank?
+    assert_present invited_user.invitation_token
+    assert_equal 'valid@email.com', invited_user.email
+    assert invited_user.persisted?
+  end
+
+  test 'should set all attributes with no errors' do
+    invited_user = User.invite!(:email => "valid@email.com", :username => 'first name')
+    assert invited_user.errors.blank?
+    assert_equal 'first name', invited_user.username
+    assert invited_user.persisted?
+  end
+
+  test 'should not validate other attributes when validate_on_invite is disabled' do
+    validate_on_invite = User.validate_on_invite
+    User.validate_on_invite = false
+    invited_user = User.invite!(:email => "valid@email.com", :username => "a"*50)
+    assert invited_user.errors.empty?
+    User.validate_on_invite = validate_on_invite
+  end
+
+  test 'should validate other attributes when validate_on_invite is enabled' do
+    validate_on_invite = User.validate_on_invite
+    User.validate_on_invite = true
+    invited_user = User.invite!(:email => "valid@email.com", :username => "a"*50)
+    assert invited_user.errors[:username].present?
+    User.validate_on_invite = validate_on_invite
+  end
+
+  test 'should not validate password when validate_on_invite is enabled' do
+    validate_on_invite = User.validate_on_invite
+    User.validate_on_invite = true
+    invited_user = User.invite!(:email => "valid@email.com", :username => "a"*50)
+    assert invited_user.errors.present?
+    assert invited_user.errors[:password].empty?
+    User.validate_on_invite = validate_on_invite
+  end
+
+  test 'should validate other attributes when validate_on_invite is enabled and email is not present' do
+    validate_on_invite = User.validate_on_invite
+    User.validate_on_invite = true
+    invited_user = User.invite!(:email => "", :username => "a"*50)
+    assert invited_user.errors[:email].present?
+    assert invited_user.errors[:username].present?
+    User.validate_on_invite = validate_on_invite
+  end
+
+  test 'should return a record with errors if user was found by e-mail' do
+    existing_user = User.new(:email => "valid@email.com")
+    existing_user.save(:validate => false)
+    user = User.invite!(:email => "valid@email.com")
+    assert_equal user, existing_user
+    assert_equal ['has already been taken'], user.errors[:email]
+  end
+
+  test 'should return a record with errors if user with pending invitation was found by e-mail' do
+    existing_user = User.invite!(:email => "valid@email.com")
+    user = User.invite!(:email => "valid@email.com")
+    assert_equal user, existing_user
+    assert_equal [], user.errors[:email]
+    resend_invitation = User.resend_invitation
+    begin
+      User.resend_invitation = false
+
+      user = User.invite!(:email => "valid@email.com")
+      assert_equal user, existing_user
+      assert_equal ['has already been taken'], user.errors[:email]
+    ensure
+      User.resend_invitation = resend_invitation
+    end
+  end
+
+  test 'should return a record with errors if user was found by e-mail with validate_on_invite' do
+    begin
+      validate_on_invite = User.validate_on_invite
+      User.validate_on_invite = true
+      existing_user = User.new(:email => "valid@email.com")
+      existing_user.save(:validate => false)
+      user = User.invite!(:email => "valid@email.com", :username => "a"*50)
+      assert_equal user, existing_user
+      assert_equal ['has already been taken'], user.errors[:email]
+      assert user.errors[:username].present?
+    ensure
+      User.validate_on_invite = validate_on_invite
+    end
+  end
+
+  test 'should return a new record with errors if e-mail is blank' do
+    invited_user = User.invite!(:email => '')
+    assert invited_user.new_record?
+    assert_equal ["can't be blank"], invited_user.errors[:email]
+  end
+
+  test 'should return a new record with errors if e-mail is invalid' do
+    invited_user = User.invite!(:email => 'invalid_email')
+    assert invited_user.new_record?
+    assert_equal ["is invalid"], invited_user.errors[:email]
+  end
+
+  test 'should set all attributes with errors if e-mail is invalid' do
+    invited_user = User.invite!(:email => "invalid_email.com", :username => 'first name')
+    assert invited_user.new_record?
+    assert_equal 'first name', invited_user.username
+    assert invited_user.errors.present?
+  end
+
+  test 'should find a user to set his password based on invitation_token' do
+    user = new_user
+    user.invite!
+    invited_user = User.accept_invitation!(:invitation_token => user.invitation_token)
+    assert_equal invited_user, user
+  end
+
+  test 'should return a new record with errors if no invitation_token is found' do
+    invited_user = User.accept_invitation!(:invitation_token => 'invalid_token')
+    assert invited_user.new_record?
+    assert_equal ['is invalid'], invited_user.errors[:invitation_token]
+  end
+
+  test 'should return a new record with errors if invitation_token is blank' do
+    invited_user = User.accept_invitation!(:invitation_token => '')
+    assert invited_user.new_record?
+    assert_equal ["can't be blank"], invited_user.errors[:invitation_token]
+  end
+
+  test 'should return record with errors if invitation_token has expired' do
+    User.stubs(:invite_for).returns(10.hours)
+    invited_user = User.invite!(:email => "valid@email.com")
+    invited_user.invitation_created_at = 2.days.ago
+    invited_user.save(:validate => false)
+    user = User.accept_invitation!(:invitation_token => invited_user.invitation_token)
+    assert_equal user, invited_user
+    assert_equal ["is invalid"], user.errors[:invitation_token]
+  end
+
+  test 'should allow record modification using block' do
+    invited_user = User.invite!(:email => "valid@email.com", :username => "a"*50) do |u|
+      u.password = '123123'
+      u.password_confirmation = '123123'
+    end
+    assert_equal '123123', invited_user.reload.password
+  end
+
+  test 'should set successfully user password given the new password and confirmation' do
+    user = new_user(:password => nil, :password_confirmation => nil)
+    user.invite!
+
+    invited_user = User.accept_invitation!(
+      :invitation_token => user.invitation_token,
+      :password => 'new_password',
+      :password_confirmation => 'new_password'
+    )
+    user.reload
+
+    assert user.valid_password?('new_password')
+  end
+
+  test 'should return errors on other attributes even when password is valid' do
+    user = new_user(:password => nil, :password_confirmation => nil)
+    user.invite!
+
+    invited_user = User.accept_invitation!(
+      :invitation_token => user.invitation_token,
+      :password => 'new_password',
+      :password_confirmation => 'new_password',
+      :username => 'a'*50
+    )
+    assert invited_user.errors[:username].present?
+
+    assert !user.valid_password?('new_password')
+  end
+
+  test 'should not confirm user on invite' do
+    user = new_user
+
+    user.invite!
+
+    assert !user.confirmed?
+  end
+
+  test 'user.has_invitations_left? test' do
+    # By default with invitation_limit nil, users can send unlimited invitations
+    user = new_user
+    assert_nil user.invitation_limit
+    assert user.has_invitations_left?
+
+    # With invitation_limit set to a value, all users can send that many invitations
+    User.stubs(:invitation_limit).returns(2)
+    assert user.has_invitations_left?
+
+    # With an individual invitation_limit of 0, a user shouldn't be able to send an invitation
+    user.invitation_limit = 0
+    assert user.save
+    assert !user.has_invitations_left?
+
+    # With in invitation_limit of 2, a user should be able to send two invitations
+    user.invitation_limit = 2
+    assert user.save
+    assert user.has_invitations_left?
+  end
+
+  test 'should not send an invitation if we want to skip the invitation' do
+    assert_no_difference('ActionMailer::Base.deliveries.size') do
+      invited_user = User.invite!(:email => "valid@email.com", :username => "a"*50, :skip_invitation => true)
+    end
+  end
+
+  test 'should not send an invitation if we want to skip the invitation with block' do
+    assert_no_difference('ActionMailer::Base.deliveries.size') do
+      invited_user = User.invite!(:email => "valid@email.com", :username => "a"*50) do |u|
+        u.skip_invitation = true
+      end
+    end
+  end
+
+  test 'user.invite! should not send an invitation if we want to skip the invitation' do
+    user = new_user
+    user.skip_invitation = true
+    assert_no_difference('ActionMailer::Base.deliveries.size') do
+      user.invite!
+    end
+    assert_present user.invitation_created_at
+    assert_nil user.invitation_sent_at
+  end
+
+  test 'user.invite! should not set the invited_by attribute if not passed' do
+    user = new_user
+    user.invite!
+    assert_equal nil, user.invited_by
+  end
+
+  test 'user.invite! should set the invited_by attribute if passed' do
+    user = new_user
+    inviting_user = User.new(:email => "valid@email.com")
+    inviting_user.save(:validate => false)
+    user.invite!(inviting_user)
+    assert_equal inviting_user, user.invited_by
+    assert_equal inviting_user.class.to_s, user.invited_by_type
+  end
+
+  test 'user.accept_invitation! should trigger callbacks' do
+    user = User.invite!(:email => "valid@email.com")
+    assert_callbacks_not_fired user
+    user.accept_invitation!
+    assert_callbacks_fired user
+  end
+
+  test 'user.accept_invitation! should not trigger callbacks if validation fails' do
+    user = User.invite!(:email => "valid@email.com")
+    assert_callbacks_not_fired user
+    user.username='a'*50
+    user.accept_invitation!
+    assert_callbacks_not_fired user
+  end
+
+  test 'user.accept_invitation! should confirm user if confirmable' do
+    user = User.invite!(:email => "valid@email.com")
+    user.accept_invitation!
+
+    assert user.confirmed?
+  end
+
+  test 'user.accept_invitation! should not confirm user if validation fails' do
+    user = User.invite!(:email => "valid@email.com")
+    user.username='a'*50
+    user.accept_invitation!
+
+    assert !user.confirmed?
+  end
+
+  def assert_callbacks_fired(user)
+    assert_callbacks_status user, true
+  end
+
+  def assert_callbacks_not_fired(user)
+    assert_callbacks_status user, nil
+  end
+
+  def assert_callbacks_status(user, fired)
+    assert_equal fired, user.callback_works
+  end
+
+  test "user.invite! should downcase the class's case_insensitive_keys" do
+    # Devise default is :email
+    user = User.invite!(:email => "UPPERCASE@email.com")
+    assert user.email == "uppercase@email.com"
+  end
+
+  test "user.invite! should strip whitespace from the class's strip_whitespace_keys" do
+    # Devise default is email
+    user = User.invite!(:email => " valid@email.com ")
+    assert user.email == "valid@email.com"
+  end
+
+  test 'should pass validation before accept if field is required in post-invited instance' do
+    user = User.invite!(:email => "valid@email.com")
+    user.testing_accepting_or_not_invited = true
+    assert_equal true, user.valid?
+  end
+
+  test 'should fail validation after accept if field is required in post-invited instance' do
+    user = User.invite!(:email => "valid@email.com")
+    user.testing_accepting_or_not_invited = true
+    user.accept_invitation!
+    assert_equal false, user.valid?
+  end
+
+  test 'should pass validation after accept if field is required in post-invited instance' do
+    user = User.invite!(:email => "valid@email.com")
+    user.username = 'test'
+    user.testing_accepting_or_not_invited = true
+    user.bio = "Test"
+    user.accept_invitation!
+    assert_equal true, user.valid?
+  end
+
+  test 'should return instance with errors if invitation_token is nil' do
+    registered_user = User.create(:email => 'admin@test.com', :password => '123456', :password_confirmation => '123456')
+    user = User.accept_invitation!
+    assert !user.errors.empty?
+  end
+
+  test "should count accepted and not accepted invitations" do
+    assert_equal 0, User.invitation_not_accepted.count
+    assert_equal 0, User.invitation_accepted.count
+
+    User.invite!(:email => "invalid@email.com")
+    user = User.invite!(:email => "valid@email.com")
+
+    assert_equal 2, User.invitation_not_accepted.count
+    assert_equal 0, User.invitation_accepted.count
+
+    user.accept_invitation!
+    assert_equal 1, User.invitation_not_accepted.count
+    assert_equal 1, User.invitation_accepted.count
+  end
+
+  test "should preserve return values of Devise::Recoverable#reset_password!" do
+    user = new_user
+    retval = user.reset_password!('anewpassword', 'anewpassword')
+    assert_equal true, retval
+  end
+end