expertiza-authlogic 2.1.6.1

data/lib/authlogic/test_case/mock_logger.rb

@@ -0,0 +1,10 @@
+module Authlogic
+  module TestCase
+    # Simple class to replace real loggers, so that we can raise any errors being logged.
+    class MockLogger
+      def error(message)
+        raise message
+      end
+    end
+  end
+end

data/lib/authlogic/test_case/mock_request.rb

@@ -0,0 +1,19 @@
+module Authlogic
+  module TestCase
+    class MockRequest # :nodoc:
+      attr_accessor :controller
+      
+      def initialize(controller)
+        self.controller = controller
+      end
+      
+      def remote_ip
+        (controller && controller.respond_to?(:env) && controller.env.is_a?(Hash) && controller.env['REMOTE_ADDR']) || "1.1.1.1"
+      end
+      
+      private
+        def method_missing(*args, &block)
+        end
+    end
+  end
+end

data/lib/authlogic/test_case/rails_request_adapter.rb

@@ -0,0 +1,30 @@
+module Authlogic
+  module TestCase
+    # Adapts authlogic to work with the @request object when testing. This way Authlogic can set cookies and what not before
+    # a request is made, ultimately letting you log in users in functional tests.
+    class RailsRequestAdapter < ControllerAdapters::AbstractAdapter
+      def authenticate_with_http_basic(&block)
+      end
+      
+      def cookies
+        new_cookies = MockCookieJar.new
+        super.each do |key, value|
+          new_cookies[key] = value[:value]
+        end
+        new_cookies
+      end
+      
+      def cookie_domain
+        nil
+      end
+      
+      def request
+        @request ||= MockRequest.new(controller)
+      end
+      
+      def request_content_type
+        request.format.to_s
+      end
+    end
+  end
+end

data/rails/init.rb

@@ -0,0 +1 @@
+require "authlogic"

data/shoulda_macros/authlogic.rb

@@ -0,0 +1,69 @@
+# Test::Unit
+# Place this file into your test/shoulda_macros directory
+#
+# Example:
+# 
+# class UserTest
+#   should_have_authlogic
+# end
+#
+# Rspec
+# Place this file into your spec/support/shoulda directory
+#
+# Example:
+#
+# describe User do
+#   it { should have_authlogic }
+# end
+
+module Authlogic
+  module Shoulda
+
+    module Matchers
+      def have_authlogic
+        HaveAuthlogic.new
+      end
+      alias_method :be_authentic, :have_authlogic
+
+      class HaveAuthlogic
+
+        def matches?(subject)
+          subject.respond_to?(:password=) && subject.respond_to?(:valid_password?)
+        end
+
+        def failure_message
+          "Add the line 'acts_as_authentic' to your model"
+        end
+
+        def description
+          "have Authlogic"
+        end
+      end
+      
+    end
+    
+    module Macros
+      include Matchers
+      
+      def should_have_authlogic
+        klass = described_type rescue model_class
+        matcher = HaveAuthlogic.new
+        
+        should matcher.description do
+          assert matcher.matches?(klass.new), matcher.failure_message
+        end
+      end
+      alias_method :should_be_authentic, :should_have_authlogic
+      
+    end
+    
+  end
+end
+
+if defined? Spec
+  Spec::Runner.configure do |config|
+    config.include(Authlogic::Shoulda::Matchers)
+  end
+else
+  Test::Unit::TestCase.class_eval { extend Authlogic::Shoulda::Macros }
+end

data/test/acts_as_authentic_test/base_test.rb

@@ -0,0 +1,18 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module ActsAsAuthenticTest
+  class BaseTest < ActiveSupport::TestCase
+    def test_acts_as_authentic
+      assert_nothing_raised do
+        User.acts_as_authentic do
+        end
+      end
+    end
+    
+    def test_acts_as_authentic_with_old_config
+      assert_raise(ArgumentError) do
+        User.acts_as_authentic({})
+      end
+    end
+  end
+end

data/test/acts_as_authentic_test/email_test.rb

@@ -0,0 +1,101 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module ActsAsAuthenticTest
+  class EmailTest < ActiveSupport::TestCase
+    def test_email_field_config
+      assert_equal :email, User.email_field
+      assert_equal :email, Employee.email_field
+      
+      User.email_field = :nope
+      assert_equal :nope, User.email_field
+      User.email_field :email
+      assert_equal :email, User.email_field
+    end
+    
+    def test_validate_email_field_config
+      assert User.validate_email_field
+      assert Employee.validate_email_field
+      
+      User.validate_email_field = false
+      assert !User.validate_email_field
+      User.validate_email_field true
+      assert User.validate_email_field
+    end
+    
+    def test_validates_length_of_email_field_options_config
+      assert_equal({:within => 6..100}, User.validates_length_of_email_field_options)
+      assert_equal({:within => 6..100}, Employee.validates_length_of_email_field_options)
+      
+      User.validates_length_of_email_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, User.validates_length_of_email_field_options)
+      User.validates_length_of_email_field_options({:within => 6..100})
+      assert_equal({:within => 6..100}, User.validates_length_of_email_field_options)
+    end
+    
+    def test_validates_format_of_email_field_options_config
+      default = {:with => Authlogic::Regex.email, :message => I18n.t('error_messages.email_invalid', :default => "should look like an email address.")}
+      assert_equal default, User.validates_format_of_email_field_options
+      assert_equal default, Employee.validates_format_of_email_field_options
+      
+      User.validates_format_of_email_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, User.validates_format_of_email_field_options)
+      User.validates_format_of_email_field_options default
+      assert_equal default, User.validates_format_of_email_field_options
+    end
+    
+    def test_validates_uniqueness_of_email_field_options_config
+      default = {:case_sensitive => false, :scope => Employee.validations_scope, :if => "#{Employee.email_field}_changed?".to_sym}
+      assert_equal default, Employee.validates_uniqueness_of_email_field_options
+      
+      Employee.validates_uniqueness_of_email_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, Employee.validates_uniqueness_of_email_field_options)
+      Employee.validates_uniqueness_of_email_field_options default
+      assert_equal default, Employee.validates_uniqueness_of_email_field_options
+    end
+    
+    def test_validates_length_of_email_field
+      u = User.new
+      u.email = "a@a.a"
+      assert !u.valid?
+      assert u.errors[:email].size > 0
+      
+      u.email = "a@a.com"
+      assert !u.valid?
+      assert u.errors[:email].size == 0
+    end
+    
+    def test_validates_format_of_email_field
+      u = User.new
+      u.email = "aaaaaaaaaaaaa"
+      u.valid?
+      assert u.errors[:email].size > 0 
+      
+      u.email = "a@a.com"
+      u.valid?
+      assert u.errors[:email].size == 0
+      
+      u.email = "damien+test1...etc..@mydomain.com"
+      u.valid?
+      assert u.errors[:email].size == 0
+      
+      u.email = "dakota.dux+1@gmail.com"
+      u.valid?
+      assert u.errors[:email].size == 0
+    end
+    
+    def test_validates_uniqueness_of_email_field
+      u = User.new
+      u.email = "bjohnson@binarylogic.com"
+      assert !u.valid?
+      assert u.errors[:email].size > 0
+      
+      u.email = "BJOHNSON@binarylogic.com"
+      assert !u.valid?
+      assert u.errors[:email].size > 0
+      
+      u.email = "a@a.com"
+      assert !u.valid?
+      assert u.errors[:email].size == 0
+    end
+  end
+end

data/test/acts_as_authentic_test/logged_in_status_test.rb

@@ -0,0 +1,36 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module ActsAsAuthenticTest
+  class LoggedInStatusTest < ActiveSupport::TestCase
+    def test_logged_in_timeout_config
+      assert_equal 10.minutes.to_i, User.logged_in_timeout
+      assert_equal 10.minutes.to_i, Employee.logged_in_timeout
+      
+      User.logged_in_timeout = 1.hour
+      assert_equal 1.hour.to_i, User.logged_in_timeout
+      User.logged_in_timeout 10.minutes
+      assert_equal 10.minutes.to_i, User.logged_in_timeout
+    end
+    
+    def test_named_scope_logged_in
+      assert_equal 0, User.logged_in.count
+      User.first.update_attribute(:last_request_at, Time.now)
+      assert_equal 1, User.logged_in.count
+    end
+    
+    def test_named_scope_logged_out
+      assert_equal 2, User.logged_out.count
+      User.first.update_attribute(:last_request_at, Time.now)
+      assert_equal 1, User.logged_out.count
+    end
+    
+    def test_logged_in_logged_out
+      u = User.first
+      assert !u.logged_in?
+      assert u.logged_out?
+      u.last_request_at = Time.now
+      assert u.logged_in?
+      assert !u.logged_out?
+    end
+  end
+end

data/test/acts_as_authentic_test/login_test.rb

@@ -0,0 +1,109 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module ActsAsAuthenticTest
+  class LoginTest < ActiveSupport::TestCase
+    def test_login_field_config
+      assert_equal :login, User.login_field
+      assert_nil Employee.login_field
+      
+      User.login_field = :nope
+      assert_equal :nope, User.login_field
+      User.login_field :login
+      assert_equal :login, User.login_field
+    end
+    
+    def test_validate_login_field_config
+      assert User.validate_login_field
+      assert Employee.validate_login_field
+      
+      User.validate_login_field = false
+      assert !User.validate_login_field
+      User.validate_login_field true
+      assert User.validate_login_field
+    end
+    
+    def test_validates_length_of_login_field_options_config
+      assert_equal({:within => 3..100}, User.validates_length_of_login_field_options)
+      assert_equal({:within => 3..100}, Employee.validates_length_of_login_field_options)
+      
+      User.validates_length_of_login_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, User.validates_length_of_login_field_options)
+      User.validates_length_of_login_field_options({:within => 3..100})
+      assert_equal({:within => 3..100}, User.validates_length_of_login_field_options)
+    end
+    
+    def test_validates_format_of_login_field_options_config
+      default = {:with => /\A\w[\w\.+\-_@ ]+$/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}
+      assert_equal default, User.validates_format_of_login_field_options
+      assert_equal default, Employee.validates_format_of_login_field_options
+      
+      User.validates_format_of_login_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, User.validates_format_of_login_field_options)
+      User.validates_format_of_login_field_options default
+      assert_equal default, User.validates_format_of_login_field_options
+    end
+    
+    def test_validates_uniqueness_of_login_field_options_config
+      default = {:case_sensitive => false, :scope => User.validations_scope, :if => "#{User.login_field}_changed?".to_sym}
+      assert_equal default, User.validates_uniqueness_of_login_field_options
+      
+      User.validates_uniqueness_of_login_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, User.validates_uniqueness_of_login_field_options)
+      User.validates_uniqueness_of_login_field_options default
+      assert_equal default, User.validates_uniqueness_of_login_field_options
+    end
+    
+    def test_validates_length_of_login_field
+      u = User.new
+      u.login = "a"
+      assert !u.valid?
+      assert u.errors[:login].size > 0
+      
+      u.login = "aaaaaaaaaa"
+      assert !u.valid?
+      assert u.errors[:login].size == 0
+    end
+    
+    def test_validates_format_of_login_field
+      u = User.new
+      u.login = "fdsf@^&*"
+      assert !u.valid?
+      assert u.errors[:login].size > 0
+      
+      u.login = "fdsfdsfdsfdsfs"
+      assert !u.valid?
+      assert u.errors[:login].size == 0
+      
+      u.login = "dakota.dux+1@gmail.com"
+      assert !u.valid?
+      assert u.errors[:login].size == 0
+    end
+    
+    def test_validates_uniqueness_of_login_field
+      u = User.new
+      u.login = "bjohnson"
+      assert !u.valid?
+      assert u.errors[:login].size > 0
+      
+      u.login = "BJOHNSON"
+      assert !u.valid?
+      assert u.errors[:login].size > 0
+      
+      u.login = "fdsfdsf"
+      assert !u.valid?
+      assert u.errors[:login].size == 0
+    end
+    
+    def test_find_by_smart_case_login_field
+      ben = users(:ben)
+      assert_equal ben, User.find_by_smart_case_login_field("bjohnson")
+      assert_equal ben, User.find_by_smart_case_login_field("BJOHNSON")
+      assert_equal ben, User.find_by_smart_case_login_field("Bjohnson")
+      
+      drew = employees(:drew)
+      assert_equal drew, Employee.find_by_smart_case_login_field("dgainor@binarylogic.com")
+      assert_equal drew, Employee.find_by_smart_case_login_field("Dgainor@binarylogic.com")
+      assert_equal drew, Employee.find_by_smart_case_login_field("DGAINOR@BINARYLOGIC.COM")
+    end
+  end
+end

data/test/acts_as_authentic_test/magic_columns_test.rb

@@ -0,0 +1,27 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module ActsAsAuthenticTest
+  class MagicColumnsTest < ActiveSupport::TestCase
+    def test_validates_numericality_of_login_count
+      u = User.new
+      u.login_count = -1
+      assert !u.valid?
+      assert u.errors[:login_count].size > 0
+      
+      u.login_count = 0
+      assert !u.valid?
+      assert u.errors[:login_count].size == 0
+    end
+    
+    def test_validates_numericality_of_failed_login_count
+      u = User.new
+      u.failed_login_count = -1
+      assert !u.valid?
+      assert u.errors[:failed_login_count].size > 0
+      
+      u.failed_login_count = 0
+      assert !u.valid?
+      assert u.errors[:failed_login_count].size == 0
+    end
+  end
+end

data/test/acts_as_authentic_test/password_test.rb

@@ -0,0 +1,245 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module ActsAsAuthenticTest
+  class PasswordTest < ActiveSupport::TestCase
+    def test_password_field_config
+      User.password_field = :nope
+      assert_equal :nope, User.password_field
+      assert_equal :nope_confirmation, User.password_confirmation_field
+      User.password_field :password
+      assert_equal :password, User.password_field
+      assert_equal :password_confirmation, User.password_confirmation_field
+    end
+    
+    def test_crypted_password_field_config
+      assert_equal :crypted_password, User.crypted_password_field
+      assert_equal :crypted_password, Employee.crypted_password_field
+      
+      User.crypted_password_field = :nope
+      assert_equal :nope, User.crypted_password_field
+      User.crypted_password_field :crypted_password
+      assert_equal :crypted_password, User.crypted_password_field
+    end
+    
+    def test_password_salt_field_config
+      assert_equal :password_salt, User.password_salt_field
+      assert_equal :password_salt, Employee.password_salt_field
+      
+      User.password_salt_field = :nope
+      assert_equal :nope, User.password_salt_field
+      User.password_salt_field :password_salt
+      assert_equal :password_salt, User.password_salt_field
+    end
+    
+    def test_ignore_blank_passwords_config
+      assert User.ignore_blank_passwords
+      assert Employee.ignore_blank_passwords
+      
+      User.ignore_blank_passwords = false
+      assert !User.ignore_blank_passwords
+      User.ignore_blank_passwords true
+      assert User.ignore_blank_passwords
+    end
+    
+    def test_check_passwords_against_database
+      assert User.check_passwords_against_database
+      User.check_passwords_against_database = false
+      assert !User.check_passwords_against_database
+      User.check_passwords_against_database true
+      assert User.check_passwords_against_database
+    end
+    
+    def test_validate_password_field_config
+      assert User.validate_password_field
+      assert Employee.validate_password_field
+      
+      User.validate_password_field = false
+      assert !User.validate_password_field
+      User.validate_password_field true
+      assert User.validate_password_field
+    end
+    
+    def test_validates_length_of_password_field_options_config
+      default = {:minimum => 4, :if => :require_password?}
+      assert_equal default, User.validates_length_of_password_field_options
+      assert_equal default, Employee.validates_length_of_password_field_options
+      
+      User.validates_length_of_password_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, User.validates_length_of_password_field_options)
+      User.validates_length_of_password_field_options default
+      assert_equal default, User.validates_length_of_password_field_options
+    end
+    
+    def test_validates_confirmation_of_password_field_options_config
+      default = {:if => :require_password?}
+      assert_equal default, User.validates_confirmation_of_password_field_options
+      assert_equal default, Employee.validates_confirmation_of_password_field_options
+      
+      User.validates_confirmation_of_password_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, User.validates_confirmation_of_password_field_options)
+      User.validates_confirmation_of_password_field_options default
+      assert_equal default, User.validates_confirmation_of_password_field_options
+    end
+    
+    def test_validates_length_of_password_confirmation_field_options_config
+      default = {:minimum => 4, :if => :require_password?}
+      assert_equal default, User.validates_length_of_password_confirmation_field_options
+      assert_equal default, Employee.validates_length_of_password_confirmation_field_options
+      
+      User.validates_length_of_password_confirmation_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, User.validates_length_of_password_confirmation_field_options)
+      User.validates_length_of_password_confirmation_field_options default
+      assert_equal default, User.validates_length_of_password_confirmation_field_options
+    end
+    
+    def test_crypto_provider_config
+      assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
+      assert_equal Authlogic::CryptoProviders::AES256, Employee.crypto_provider
+      
+      User.crypto_provider = Authlogic::CryptoProviders::BCrypt
+      assert_equal Authlogic::CryptoProviders::BCrypt, User.crypto_provider
+      User.crypto_provider Authlogic::CryptoProviders::Sha512
+      assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
+    end
+    
+    def test_transition_from_crypto_providers_config
+      assert_equal [], User.transition_from_crypto_providers
+      assert_equal [], Employee.transition_from_crypto_providers
+      
+      User.transition_from_crypto_providers = [Authlogic::CryptoProviders::BCrypt]
+      assert_equal [Authlogic::CryptoProviders::BCrypt], User.transition_from_crypto_providers
+      User.transition_from_crypto_providers []
+      assert_equal [], User.transition_from_crypto_providers
+    end
+    
+    def test_validates_length_of_password
+      u = User.new
+      u.send("#{User.password_confirmation_field}=", "test2")
+      assert !u.valid?
+      assert u.errors[User.password_field].size > 0
+      
+      u.send("#{User.password_field}=", "test")
+      assert !u.valid?
+      assert u.errors[User.password_confirmation_field].size == 0
+    end
+    
+    def test_validates_confirmation_of_password
+      u = User.new
+      u.send("#{User.password_field}=", "test")
+      u.send("#{User.password_confirmation_field}=", "test2")
+      assert !u.valid?
+      assert u.errors[User.password_field].size > 0
+      
+      u.password_confirmation = "test"
+      assert !u.valid?
+      assert u.errors[User.password_field].size == 0
+    end
+    
+    def test_validates_length_of_password_confirmation
+      u = User.new
+      
+      u.send("#{User.password_field}=", "test")
+      u.send("#{User.password_confirmation_field}=", "")
+      assert !u.valid?
+      assert u.errors[User.password_confirmation_field].size > 0
+      
+      u.password_confirmation = "test"
+      assert !u.valid?
+      assert u.errors[User.password_confirmation_field].size == 0
+      
+      ben = users(:ben)
+      assert ben.valid?
+      
+      ben.send("#{User.password_field}=", "newpass")
+      assert !ben.valid?
+      assert ben.errors[User.password_confirmation_field].size > 0
+      
+      ben.send("#{User.password_confirmation_field}=", "newpass")
+      assert ben.valid?
+    end
+    
+    def test_password
+      u = User.new
+      old_password_salt = u.password_salt
+      old_crypted_password = u.crypted_password
+      u.send("#{User.password_field}=", "test")
+      assert_not_equal old_password_salt, u.password_salt
+      assert_not_equal old_crypted_password, u.crypted_password
+    end
+    
+    def test_transitioning_password
+      ben = users(:ben)
+      transition_password_to(Authlogic::CryptoProviders::BCrypt, ben)
+      transition_password_to(Authlogic::CryptoProviders::Sha1, ben, [Authlogic::CryptoProviders::Sha512, Authlogic::CryptoProviders::BCrypt])
+      transition_password_to(Authlogic::CryptoProviders::Sha512, ben, [Authlogic::CryptoProviders::Sha1, Authlogic::CryptoProviders::BCrypt])
+    end
+    
+    def test_checks_password_against_database
+      ben = users(:ben)
+      ben.send("#{User.password_field}=", "new pass")
+      assert !ben.valid_password?("new pass")
+      assert ben.valid_password?("benrocks")
+    end
+    
+    def test_checks_password_against_database_and_always_fails_on_new_records
+      user = User.new
+      user.send("#{User.password_field}=", "new pass")
+      assert !user.valid_password?("new pass")
+    end
+    
+    def test_checks_password_against_object
+      ben = users(:ben)
+      ben.send("#{User.password_field}=", "new pass")
+      assert ben.valid_password?("new pass", false)
+      assert !ben.valid_password?("benrocks", false)
+    end
+    
+    def test_reset_password
+      ben = users(:ben)
+      old_crypted_password = ben.crypted_password
+      old_password_salt = ben.password_salt
+      
+      # soft reset
+      ben.reset_password
+      assert_not_equal old_crypted_password, ben.crypted_password
+      assert_not_equal old_password_salt, ben.password_salt
+      
+      # make sure it didn't go into the db
+      ben.reload
+      assert_equal old_crypted_password, ben.crypted_password
+      assert_equal old_password_salt, ben.password_salt
+      
+      # hard reset
+      assert ben.reset_password!
+      assert_not_equal old_crypted_password, ben.crypted_password
+      assert_not_equal old_password_salt, ben.password_salt
+      
+      # make sure it did go into the db
+      ben.reload
+      assert_not_equal old_crypted_password, ben.crypted_password
+      assert_not_equal old_password_salt, ben.password_salt
+    end
+    
+    private
+      def transition_password_to(crypto_provider, records, from_crypto_providers = Authlogic::CryptoProviders::Sha512)
+        records = [records] unless records.is_a?(Array)
+        User.acts_as_authentic do |c|
+          c.crypto_provider = crypto_provider
+          c.transition_from_crypto_providers = from_crypto_providers
+        end
+        records.each do |record|
+          old_hash = record.crypted_password
+          old_persistence_token = record.persistence_token
+          assert record.valid_password?(password_for(record))
+          assert_not_equal old_hash.to_s, record.crypted_password.to_s
+          assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s
+          
+          old_hash = record.crypted_password
+          old_persistence_token = record.persistence_token
+          assert record.valid_password?(password_for(record))
+          assert_equal old_hash.to_s, record.crypted_password.to_s
+          assert_equal old_persistence_token.to_s, record.persistence_token.to_s
+        end
+      end
+  end
+end