fingerrails 0.1.0

data/templates/public/javascripts/ready.js

@@ -0,0 +1,9 @@
+// Let the javascript libs start their behaviour. These are all included at the
+// end of the document so the browser will first render the document before
+// requesting the javascripts.
+
+// Event.observe(document, 'dom:loaded', function() {
+// });
+
+// Event.observe(window, 'load', function() {
+// });

data/templates/public/stylesheets/default.css

@@ -0,0 +1,143 @@
+/* @group Typography */
+
+html,
+input
+{
+  font: 14px/20px "Lucida Grande", Lucida, "Lucida Sans Unicode", Verdana, sans-serif;
+}
+
+h1
+{
+  font-size: 200%;
+}
+h2
+{
+  font-size: 150%;
+  margin-bottom: 24px;
+}
+
+/* @end */
+
+/* @group Basics */
+
+a,
+a:visited
+{
+  color: #689051;
+}
+
+a:hover,
+a:active
+{
+  color: #84b567;
+}
+
+/* @end */
+
+/* @group Layout */
+
+a#logo
+{
+  display: block;
+  padding: 6px 12px;
+  color: #999;
+  text-decoration: none;
+}
+
+p#member
+{
+  position: absolute;
+  top: 3px;
+  right: 12px;
+}
+p#member a
+{
+  text-decoration: none;
+  font-size: 10px;
+}
+p#member a+a
+{
+  margin-left: 6px;
+}
+
+ul#navigation
+{
+  background-color: #bdff94;
+  padding: 6px 12px;
+  margin-bottom: 12px;
+  border-top: 1px solid #bfff97;
+  border-bottom: 1px solid #a0da7d;
+}
+ul#navigation li
+{
+  display: inline;
+}
+ul#navigation a,
+ul#navigation a:visited
+{
+  text-decoration: none;
+  color: #222;
+}
+ul#navigation a:hover,
+ul#navigation a:active
+{
+  color: #7d9b1d;
+}
+ul#navigation li + li
+{
+  margin-left:  6px;
+}
+
+div#main
+{
+  padding: 12px;
+}
+
+/* @end */
+
+/* @group Forms */
+
+div.field
+{
+  margin: 12px 0px;
+}
+label,
+div.label
+{
+  color: #666;
+}
+div.label a
+{
+  color: #999;
+  font-size: 80%;
+  text-decoration: none;
+}
+div.label a:hover
+{
+  text-decoration: underline;
+}
+div.inline label
+{
+  font-size: 90%;
+}
+
+input[type="text"],
+input[type="password"]
+{
+  color: #222;
+}
+
+a.cancel
+{
+  text-decoration: none;
+  color: #999;
+  font-size: 80%;
+  margin-left: 3px;
+}
+a.cancel:hover
+{
+  text-decoration: underline;
+}
+
+/* @end */
+

data/templates/public/stylesheets/reset.css

@@ -0,0 +1,52 @@
+/* Reset, based on http://meyerweb.com/eric/tools/css/reset/ */
+
+html, body, div, span, applet, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, font, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd, ol, ul, li, fieldset, form, label, button, legend, table, caption, tbody, tfoot, thead, tr, th, td
+{
+  margin: 0;
+  padding: 0;
+  border: 0;
+  outline: 0;
+  font-size: 100%;
+  vertical-align: baseline;
+  background: transparent;
+}
+body
+{
+  line-height: 1;
+}
+ol, ul
+{
+  list-style: none;
+}
+blockquote, q
+{
+  quotes: none;
+}
+blockquote:before, blockquote:after, q:before, q:after
+{
+  content: '';
+  content: none;
+}
+:focus  /* remember to define focus styles! */
+{
+  outline: 0;
+}
+ins  /* remember to highlight inserts somehow! */
+{
+  text-decoration: none;
+}
+del
+{
+  text-decoration: line-through;
+}
+table  /* tables still need 'cellspacing="0"' in the markup */
+{
+  border-collapse: collapse;
+  border-spacing: 0;
+}
+hr
+{
+  height: 1px;
+  background-color: #000;
+  border: none;
+}

data/templates/test/ext/authentication.rb

@@ -0,0 +1,24 @@
+module TestHelpers
+  module Authentication
+    def login(member, password='secret')
+      @authenticated = member
+      request.session[:member_id] = @authenticated.id
+    end
+    
+    def logout
+      request.session.delete(:member_id)
+    end
+    
+    def authenticated?
+      !request.session[:member_id].blank?
+    end
+    
+    def access_denied?
+      response.status.to_i == 403
+    end
+    
+    def login_required?
+      response.header['Location'] == new_session_url
+    end
+  end
+end

data/templates/test/ext/file_fixtures.rb

@@ -0,0 +1,8 @@
+module TestHelpers
+  module FileFixtures
+    def fixture_file_upload(path, mime_type = nil, binary = false)
+      fixture_path = ActionController::TestCase.send(:fixture_path) if ActionController::TestCase.respond_to?(:fixture_path)
+      ActionController::TestUploadedFile.new("#{fixture_path}#{path}", mime_type, binary)
+    end
+  end
+end

data/templates/test/ext/time.rb

@@ -0,0 +1,8 @@
+module TestHelpers
+  module Time
+    def freeze_time!(time = ::Time.parse('6/1/2009'))
+      ::Time.stubs(:now).returns(time)
+      time
+    end
+  end
+end

data/templates/test/fixtures/members.yml

@@ -0,0 +1,8 @@
+adrian:
+  hashed_password: <%= Member.hash_password('secret') %>
+  email: adrian@example.com
+  role: member
+kelly:
+  hashed_password: <%= Member.hash_password('secret') %>
+  email: kelly@example.com
+  role: member

data/templates/test/functional/application_controller_test.rb

@@ -0,0 +1,104 @@
+require File.expand_path('../../test_helper', __FILE__)
+
+class TestApplicationsController < ApplicationController
+  allow_access :admin, :only => :private_action
+  allow_access :all, :except => :private_action
+  
+  def private_action
+    render :nothing => true
+  end
+  
+  def private_action_with_flash
+    flash[:notice] = 'Message'
+    render :nothing => true
+  end
+  
+  def public_action
+    render :nothing => true
+  end
+  
+  def action_with_layout
+    render :inline => '', :layout => 'application'
+  end
+  
+  def action_with_respond_block
+    respond_to do |format|
+      format.html { render :text => 'HTML' }
+      format.jpg { render :text => 'JPG'}
+    end
+  end
+end
+
+ActionController::Routing::Routes.draw do |map|
+  map.resource :test_application, :member => {
+    :private_action => :get,
+    :private_action_with_flash => :get,
+    :public_action => :get,
+    :action_with_layout => :get,
+    :action_with_respond_block => :get
+  }
+end
+
+describe TestApplicationsController do
+  it "should find the currently logged in member" do
+    login members(:adrian)
+    get :public_action
+    assigns(:authenticated).should == members(:adrian)
+  end
+  
+  it "should not find currently logged in member when no-one is logged in" do
+    get :public_action
+    assigns(:authenticated).should.be.blank
+  end
+  
+  it "should log a member in" do
+    should.not.be.authenticated
+    @controller.send(:login, members(:adrian))
+    should.be.authenticated
+  end
+  
+  it "should log a member out" do
+    @controller.send(:login, members(:adrian))
+    should.be.authenticated
+    @controller.send(:logout)
+    should.not.be.authenticated
+  end
+  
+  it "should respond with HTML before JPG" do
+    request.env['HTTP_ACCEPT'] = "*/*"
+    get :action_with_respond_block
+    response.body.should == 'HTML'
+  end
+  
+  it "should respond with HTML before JPG, even with IE" do
+    request.env["HTTP_USER_AGENT"] = 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Win64; x64)'
+    request.env['HTTP_ACCEPT'] = "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/x-shockwave-flash, application/x-silverlight, */*"
+    get :action_with_respond_block
+    response.body.should == 'HTML'
+  end
+end
+
+describe TestApplicationsController, "when dealing with pages that need authorization" do
+  it "should allow the user to authorize" do
+    get :private_action
+    should.redirect_to new_session_url
+  end
+  
+  it "should keep the flash around when access was refused" do
+    get :private_action_with_flash
+    flash[:notice].should == 'Message'
+  end
+  
+  it "should have stored the url to return the user to after authentication" do
+   get :private_action
+   controller.after_authentication[:redirect_to].should == controller.url_for(:action => :private_action)
+  end
+  
+  it "should show a forbidden page when access was refused" do
+    controller.stubs(:find_authenticated)
+    controller.send(:instance_variable_set, "@authenticated", stub(:id => 1, :role => 'member'))
+    
+    get :private_action
+    status.should.be :forbidden
+  end
+end

data/templates/test/functional/members_controller_test.rb

@@ -0,0 +1,71 @@
+require File.expand_path('../../test_helper', __FILE__)
+
+describe "On the", MembersController, "a visitor" do
+  it "should see a form for a new member" do
+    get :new
+    status.should.be :ok
+    template.should.be 'members/new'
+    assert_select 'form'
+  end
+  
+  it "should create a new member" do
+    lambda {
+      post :create, :member => valid_params
+    }.should.differ('Member.count', +1)
+    assigns(:member).email.should == valid_params[:email]
+    assigns(:member).hashed_password.should == Member.hash_password(valid_params[:password])
+    should.redirect_to root_url
+    should.be.authenticated
+  end
+  
+  it "should show validation errors after a failed create" do
+    post :create, :member => valid_params.merge(:email => '')
+    status.should.be :ok
+    template.should.be 'members/new'
+    assert_select 'div.errorExplanation'
+    assert_select 'form'
+    should.not.be.authenticated
+  end
+  
+  it "should see a profile" do
+    get :show, :id => members(:adrian)
+    assigns(:member).should == members(:adrian)
+    status.should.be :success
+    template.should.be 'members/show'
+  end
+  
+  should.require_login.get :edit, :id => members(:adrian)
+  should.require_login.put :update, :id => members(:adrian)
+  should.require_login.delete :destroy, :id => members(:adrian)
+  
+  private
+  
+  def valid_params
+    { :email => 'jurgen@example.com', :password => 'so secret', :verify_password => 'so secret' }
+  end
+end
+
+describe "On the", MembersController, "a member" do
+  before do
+    login members(:adrian)
+  end
+  
+  it "should see an edit form" do
+    get :edit, :id => @authenticated.to_param
+    
+    assert_select 'form'
+    assigns(:member).should == @authenticated
+    status.should.be :success
+    template.should.be 'members/edit'
+  end
+  
+  it "should be able to update his profile" do
+    put :update, :id => @authenticated.to_param, :member => { :email => 'sir.adrian@example.com' }
+    
+    @authenticated.reload.email.should == 'sir.adrian@example.com'
+    should.redirect_to member_url(@authenticated)
+  end
+  
+  should.disallow.put :update, :id => members(:kelly)
+  should.disallow.delete :destroy, :id => members(:kelly)
+end

data/templates/test/functional/passwords_controller_test.rb

@@ -0,0 +1,95 @@
+require File.expand_path('../../test_helper', __FILE__)
+
+describe "On the", PasswordsController, "a visitor" do
+  before do
+    @member = members(:adrian)
+  end
+  
+  it "should see a new form to reset his password" do
+    get :new
+    status.should.be :success
+    template.should.be 'passwords/new'
+    assert_select 'form'
+  end
+  
+  it "should generate a password reset token and send it via email" do
+    @member.update_attribute(:reset_password_token, nil)
+    
+    assert_emails(1) do
+      post :create, :email => @member.email
+    end
+    
+    assigns(:member).should == @member
+    @member.reload.reset_password_token.should.not.be.blank
+    
+    email = ActionMailer::Base.deliveries.last
+    email.body.should.include edit_password_url(:id => @member.reset_password_token)
+    
+    status.should.be :success
+    template.should.be 'passwords/sent'
+  end
+  
+  it "should see an error if no member can be found for a given email address" do
+    assert_emails(0) do
+      post :create, :email => "joe.the.plumber@example.com"
+    end
+    
+    status.should.be :ok
+    template.should.be 'passwords/new'
+    flash[:error].should.not.be.blank
+  end
+  
+  it "should see a warning if an SMTP error occurred" do
+    Mailer.stubs(:deliver_reset_password_message).raises Net::SMTPFatalError
+    post :create, :email => @member.email
+    
+    status.should.be :ok
+    template.should.be 'passwords/new'
+    flash[:error].should.not.be.blank
+  end
+  
+  it "should see an edit form for his password" do
+    @member.generate_reset_password_token!
+    get :edit, :id => @member.reset_password_token
+    
+    status.should.be :success
+    assigns(:member).should == @member
+    template.should.be 'passwords/edit'
+    assert_select 'form'
+  end
+  
+  it "should not see an edit form if no member is found for the given token" do
+    get :edit, :id => "doesnotexist"
+    
+    status.should.be :not_found
+    assigns(:member).should.be nil
+  end
+  
+  it "should be able to update his password" do
+    @member.generate_reset_password_token!
+    put :update, :id => @member.reset_password_token, :password => "newpass"
+    
+    Member.authenticate(:email => @member.email, :password => "newpass").should == @member
+    status.should.be :success
+    template.should.be 'passwords/reset'
+  end
+  
+  it "should see an error if the password is empty" do
+    @member.generate_reset_password_token!
+    before = @member.hashed_password
+    
+    put :update, :id => @member.reset_password_token, :password => ""
+    
+    @member.reload.hashed_password.should == before
+    status.should.be :success
+    template.should.be 'passwords/edit'
+    assert_select "div.errorExplanation", :text => "The password can’t be blank."
+  end
+  
+  it "should not be allowed to update a password with an incorrect token" do
+    put :update, :id => "doesnotexist", :password => "newpass"
+    
+    status.should.be :not_found
+    assigns(:member).should.be nil
+  end
+end