goma 0.0.1.gamma → 0.0.1.rc1

data/lib/goma/config.rb

@@ -134,6 +134,10 @@ module Goma
     config_accessor(:oauth_uid_attribute_name)                     { :uid }
 
 
+    def password_confirmation_attribute_name
+      @password_confirmation_attribute_name ||= "#{password_attribute_name}_confirmation".to_sym
+    end
+
     self.instance_methods(false).grep(/attribute_name$/).each do |conf_name|
       name = conf_name.to_s[0...-15]
 
@@ -153,10 +157,6 @@ module Goma
       RUBY
     end
 
-    def password_confirmation_attribute_name
-      @password_confirmation_attribute_name ||= "#{password_attribute_name}_confirmation".to_sym
-    end
-
     def oauth_association_name
       @oauth_association_name ||=
         oauth_authentication_class_name ? oauth_authentication_class_name.underscore.pluralize.to_sym : ''

data/lib/goma/models/authenticatable.rb

@@ -34,10 +34,10 @@ module Goma
         # You don't have to call this method directly.
         # This method is called from the modules defined under {Goma::Models}
         # @return [Object, Symbol] Object load from the token and nil or, if it failed, nil and a symbol which indicates reason
-        def load_from_token_with_error(raw_token, token_attr, token_sent_at_attr, valid_period)
+        def load_from_token_with_error(raw_token, token_attr, token_sent_at_attr, valid_period=nil)
           token = Goma.token_generator.digest(token_attr, raw_token)
           if record = self.find_by(token_attr => token)
-            if Time.new.utc - record.send(token_sent_at_attr) <= valid_period
+            if valid_period.nil? || (Time.new.utc - record.send(token_sent_at_attr) <= valid_period)
               [record, nil]
             else
               [nil, :token_expired]
@@ -77,14 +77,25 @@ module Goma
     class << self
       # class methods
 
-      def define_load_from_token_with_error_method_for(target, purpose)
-        target.module_eval <<-METHOD, __FILE__, __LINE__ + 1
-        def load_from_#{purpose}_token_with_error(raw_token, valid_period)
-          token_attr = goma_config.#{purpose}_token_attribute_name
-          token_sent_at_attr = goma_config.#{purpose}_token_sent_at_attribute_name
-          load_from_token_with_error(raw_token, token_attr, token_sent_at_attr, valid_period)
+      def define_load_from_token_with_error_method_for(target, name, valid_period_config=nil, purpose=name)
+        if valid_period_config
+          target.module_eval <<-METHOD, __FILE__, __LINE__ + 1
+          def load_from_#{purpose}_token_with_error(raw_token)
+            token_attr         = goma_config.#{name}_token_attribute_name
+            token_sent_at_attr = goma_config.#{name}_token_sent_at_attribute_name
+            valid_period       = goma_config.#{valid_period_config}
+            load_from_token_with_error(raw_token, token_attr, token_sent_at_attr, valid_period)
+          end
+          METHOD
+        else
+          target.module_eval <<-METHOD, __FILE__, __LINE__ + 1
+          def load_from_#{purpose}_token_with_error(raw_token)
+            token_attr         = goma_config.#{name}_token_attribute_name
+            token_sent_at_attr = goma_config.#{name}_token_sent_at_attribute_name
+            load_from_token_with_error(raw_token, token_attr, token_sent_at_attr)
+          end
+          METHOD
         end
-        METHOD
       end
 
       def define_load_from_token_methods_for(target, purpose)

data/lib/goma/models/confirmable.rb

@@ -14,17 +14,11 @@ module Goma
 
       # @!parse extend ClassMethods
       module ClassMethods
-        DefinitionHelper.define_load_from_token_with_error_method_for(self, :confirmation)
-
-        def load_from_activation_token_with_error(raw_token)
-          load_from_confirmation_token_with_error(raw_token, goma_config.activate_within)
-        end
+        DefinitionHelper.define_load_from_token_with_error_method_for(self, :confirmation, :activate_within, :activation)
+        DefinitionHelper.define_load_from_token_methods_for(self, :activation)
 
-        def load_from_email_confirmation_token_with_error(raw_token)
-          load_from_confirmation_token_with_error(raw_token, goma_config.confirm_email_within)
-        end
+        DefinitionHelper.define_load_from_token_with_error_method_for(self, :confirmation, :confirm_email_within, :email_confirmation)
 
-        DefinitionHelper.define_load_from_token_methods_for(self, :activation)
         DefinitionHelper.define_load_from_token_methods_for(self, :email_confirmation)
       end
 
@@ -97,6 +91,18 @@ module Goma
         goma_config.email_confirmation_success_email_method_name && !@skip_email_confirmation_success_email
       end
 
+      def resend_activation_needed_email(to: nil)
+        if to
+          @skip_email_confirmation = true
+          self.send(goma_config.email_setter, to)
+          return false unless self.save
+          @skip_email_confirmation = false
+        end
+        setup_activation
+        save(validate: false)
+        send_activation_needed_email
+      end
+
       DefinitionHelper.define_token_generator_method_for(self, :confirmation)
 
       protected

data/lib/goma/models/password_authenticatable.rb

@@ -5,10 +5,11 @@ module Goma
 
       included do
         password_attr = goma_config.password_attribute_name
-        attr_reader password_attr, "current_#{password_attr}"
+        attr_reader password_attr
 
         class_eval <<-METHOD, __FILE__, __LINE__ + 1
         def #{password_attr}=(new_#{password_attr})
+          return if new_#{password_attr}.blank?
           @#{password_attr} = new_#{password_attr}
           self.#{Goma.config.encrypted_password_attribute_name} = encrypt_password(new_#{password_attr})
         end

data/lib/goma/models/recoverable.rb

@@ -8,7 +8,7 @@ module Goma
       end
 
       module ClassMethods
-        DefinitionHelper.define_load_from_token_with_error_method_for(self, :reset_password)
+        DefinitionHelper.define_load_from_token_with_error_method_for(self, :reset_password, :reset_password_within)
         DefinitionHelper.define_load_from_token_methods_for(self, :reset_password)
       end
 

data/lib/goma/models/validatable.rb

@@ -41,16 +41,16 @@ module Goma
             def password_required?
               !@creating_with_omniauth && #{goma_config.oauth_association_name}.empty? && (
               !persisted? ||
-              !#{goma_config.password_attribute_name}.nil? ||
-              !#{goma_config.password_confirmation_attribute_name}.nil?)
+              #{goma_config.password_attribute_name}.present? ||
+              #{goma_config.password_confirmation_attribute_name}.present?)
             end
             RUBY
           else
             class_eval <<-RUBY, __FILE__, __LINE__ + 1
             def password_required?
               !persisted? ||
-              !#{goma_config.password_attribute_name}.nil? ||
-              !#{goma_config.password_confirmation_attribute_name}.nil?
+              #{goma_config.password_attribute_name}.present? ||
+              #{goma_config.password_confirmation_attribute_name}.present?
             end
             RUBY
           end

data/lib/goma/railtie.rb

@@ -6,6 +6,7 @@ module Goma
   class Railtie < ::Rails::Railtie
     config.app_middleware.use Warden::Manager do |config|
       if Goma.config && Goma.config.modules.include?(:rememberable)
+        require 'goma/strategies/rememberable'
         config.default_strategies :rememberable
       end
     end

data/lib/goma/version.rb

@@ -1,3 +1,3 @@
 module Goma
-  VERSION = "0.0.1.gamma"
+  VERSION = "0.0.1.rc1"
 end

data/test/integration/confirmable_integration_test.rb

@@ -0,0 +1,185 @@
+require 'test_helper'
+
+class ConfirmableIntegrationTest < ActionDispatch::IntegrationTest
+  test 'should work activation proccess' do
+    Goma.token_generator.stubs(:friendly_token).returns('sesame')
+
+    visit new_user_url
+    fill_in :user_username, with: 'user'
+    fill_in :user_email, with: 'user@example.com'
+    fill_in :user_password, with: 'password'
+    fill_in :user_password_confirmation, with: 'password'
+
+    assert_difference ['User.count', 'ActionMailer::Base.deliveries.size'], 1 do
+      click_button 'Sign up'
+    end
+    user = User.order(created_at: :desc).first
+    refute user.activated?
+
+    email = ActionMailer::Base.deliveries.last
+    assert_match %r{/confirmations/sesame}, email.body.encoded
+
+    visit confirmation_url('sesame')
+    assert_equal 'Your account was successfully activated.', _flash[:notice]
+    assert_equal new_session_url, current_url
+    user.reload
+    assert user.activated?
+  end
+
+  test 'should be able to change email and resend activation token before activation with username and password which is entered in registration' do
+    Goma.token_generator.expects(:friendly_token).twice.returns('sesame', 'simsim')
+
+    visit new_user_url
+    fill_in :user_username, with: 'user'
+    fill_in :user_email, with: 'wrong@example.com'
+    fill_in :user_password, with: 'password'
+    fill_in :user_password_confirmation, with: 'password'
+    click_button 'Sign up'
+
+    user = User.order(created_at: :desc).first
+    refute user.activated?
+
+
+    visit new_user_url
+    assert_match /If you signed up with wrong email address/, page.body
+    fill_in :user_username, with: 'user'
+    fill_in :user_email, with: 'correct@example.com'
+    fill_in :user_password, with: 'password'
+    fill_in :user_password_confirmation, with: 'password'
+
+    assert_no_difference 'User.count' do
+      assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+        click_button 'Sign up'
+      end
+    end
+
+    email = ActionMailer::Base.deliveries.last
+    assert_match %r{/confirmations/simsim}, email.body.encoded
+    assert_equal 'correct@example.com', email.to.first
+
+    visit confirmation_url('simsim')
+    assert_equal 'Your account was successfully activated.', _flash[:notice]
+    assert_equal new_session_url, current_url
+    user.reload
+    assert user.activated?
+  end
+
+  test 'should not activate user with wrong token' do
+    Goma.token_generator.stubs(:friendly_token).returns('sesame')
+
+    visit new_user_url
+    fill_in :user_username, with: 'user'
+    fill_in :user_email, with: 'user@example.com'
+    fill_in :user_password, with: 'password'
+    fill_in :user_password_confirmation, with: 'password'
+    click_button 'Sign up'
+
+    user = User.order(created_at: :desc).first
+    refute user.activated?
+
+    visit confirmation_url('beans')
+    assert_equal confirmation_url('beans'), current_url
+    assert_match /Not found any account by this URL/, _flash[:alert]
+    user.reload
+    refute user.activated?
+  end
+
+  test 'should resend activation token by username' do
+    Goma.token_generator.expects(:friendly_token).twice.returns('sesame', 'simsim')
+
+    visit new_user_url
+    fill_in :user_username, with: 'user'
+    fill_in :user_email, with: 'user@example.com'
+    fill_in :user_password, with: 'password'
+    fill_in :user_password_confirmation, with: 'password'
+    click_button 'Sign up'
+
+    user = User.order(created_at: :desc).first
+    refute user.activated?
+
+    visit new_confirmation_url
+    fill_in :username_or_email, with: 'user'
+
+    assert_no_difference 'User.count' do
+      assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+        click_button 'Resend activation instructions'
+      end
+    end
+    email = ActionMailer::Base.deliveries.last
+    assert_match %r{/confirmations/simsim}, email.body.encoded
+
+    visit confirmation_url('simsim')
+    assert_equal 'Your account was successfully activated.', _flash[:notice]
+    assert_equal new_session_url, current_url
+    user.reload
+    assert user.activated?
+  end
+
+  test 'should resend activation token by email' do
+    Goma.token_generator.expects(:friendly_token).twice.returns('sesame', 'simsim')
+
+    visit new_user_url
+    fill_in :user_username, with: 'user'
+    fill_in :user_email, with: 'user@example.com'
+    fill_in :user_password, with: 'password'
+    fill_in :user_password_confirmation, with: 'password'
+    click_button 'Sign up'
+
+    user = User.order(created_at: :desc).first
+    refute user.activated?
+
+    visit new_confirmation_url
+    fill_in :username_or_email, with: 'user@example.com'
+
+    assert_no_difference 'User.count' do
+      assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+        click_button 'Resend activation instructions'
+      end
+    end
+    email = ActionMailer::Base.deliveries.last
+    assert_match %r{/confirmations/simsim}, email.body.encoded
+
+    visit confirmation_url('simsim')
+    assert_equal 'Your account was successfully activated.', _flash[:notice]
+    assert_equal new_session_url, current_url
+    user.reload
+    assert user.activated?
+  end
+
+  test 'should work email confirmation process' do
+    user = Fabricate(:user, email: 'old@example.com')
+
+    Goma.token_generator.stubs(:friendly_token).returns('sesame')
+
+    visit new_session_url
+    fill_in :username_or_email, with: 'old@example.com'
+    fill_in :password, with: 'password'
+    click_button 'Login'
+
+    visit edit_user_url(user)
+    fill_in :user_email, with: 'new@example.com'
+
+    assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+      click_button 'Update'
+    end
+    assert_match /but we need to verify your new email address/, _flash[:notice]
+
+    email = ActionMailer::Base.deliveries.last
+    assert_match %r{/confirmations/sesame/email}, email.body.encoded
+
+    user.reload
+    assert_equal 'old@example.com', user.email
+    assert_equal 'new@example.com', user.unconfirmed_email
+
+    assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+      visit email_confirmation_url('sesame')
+    end
+    email = ActionMailer::Base.deliveries.last
+    assert_match /You have successfully changed your account email/, email.body.encoded
+
+    user.reload
+    assert_equal root_url, current_url
+    assert_equal 'new@example.com', user.email
+    assert_nil user.unconfirmed_email
+  end
+end

data/test/integration/lockable_integration_test.rb

@@ -0,0 +1,49 @@
+require 'test_helper'
+
+class LockableIntegrationTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = Fabricate(:user)
+  end
+
+
+  test 'should work unlock process' do
+    Goma.token_generator.stubs(:friendly_token).returns('sesame')
+    @user.lock_access!
+    assert @user.access_locked?
+
+    email = ActionMailer::Base.deliveries.last
+    assert_match %r{/unlocks/sesame}, email.body.encoded
+
+    visit unlock_url('sesame')
+
+    @user.reload
+    assert_equal new_session_url, current_url
+    refute @user.access_locked?
+  end
+
+  test 'should work resending unlock token process' do
+    @user.lock_access!
+    assert @user.access_locked?
+    old_token = @user.unlock_token
+
+    Goma.token_generator.stubs(:friendly_token).returns('sesame')
+
+    visit new_unlock_url
+    fill_in :username_or_email, with: @user.email
+    assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+      click_button 'Resend unlock instructions'
+    end
+    email = ActionMailer::Base.deliveries.last
+    assert_match %r{/unlocks/sesame}, email.body.encoded
+
+    @user.reload
+    refute_equal old_token, @user.unlock_token
+    assert_equal new_session_url, current_url
+
+    visit unlock_url('sesame')
+
+    @user.reload
+    assert_equal new_session_url, current_url
+    refute @user.access_locked?
+  end
+end

data/test/integration/omniauthable_integration_test.rb

@@ -2,25 +2,77 @@ require 'test_helper'
 
 class OmniauthableIntegrationTest < ActionDispatch::IntegrationTest
   def setup
-    OmniAuth.config.mock_auth[:twitter] = OmniAuth::AuthHash.new({
-      provider: 'twitter',
+    OmniAuth.config.mock_auth[:developer] = OmniAuth::AuthHash.new({
+      provider: 'developer',
       uid:      '1234567'
     })
   end
 
   test 'should create user with omniauth' do
-    get '/auth/twitter'
-    assert_redirected_to '/auth/twitter/callback'
+    visit new_session_url
 
-    assert_no_difference 'ActionMailer::Base.deliveries.count' do
-      assert_difference ['User.count', 'Authentication.count'], 1 do
-        follow_redirect!
-      end
+    assert_difference ['User.count', 'Authentication.count'], 1 do
+      click_link 'Sign in with Developer'
+    end
+
+    assert_equal root_url, current_url, 'should be redirected to root_url'
+    assert_equal 'Successfully authenticated from developer account.', _flash[:notice]
+
+    assert _current_user
+    assert_equal 'developer', _current_user.authentications.first.provider
+    assert_equal '1234567', _current_user.authentications.first.uid
+  end
+
+  test 'should redirect back after creating user with omniauth ' do
+    visit secret_url
+    assert_equal root_url, current_url, 'should be redirect to root_url'
+
+    visit new_session_url
+    click_link 'Sign in with Developer'
+
+    assert_equal secret_url, current_url, 'should redirect back'
+    assert_equal 'Successfully authenticated from developer account.', _flash[:notice]
+  end
+
+  test 'should authenticate but not create user if already created' do
+    visit new_session_url
+    click_link 'Sign in with Developer'
+    _warden.logout(:user)
+
+
+    visit new_session_url
+
+    assert_no_difference ['User.count', 'Authentication.count'] do
+      click_link 'Sign in with Developer'
     end
-    assert_redirected_to root_url
 
-    assert current_user
-    assert_equal 'twitter', current_user.authentications.first.provider
-    assert_equal '1234567', current_user.authentications.first.uid
+    assert_equal root_url, current_url, 'should be redirected to root_url'
+    assert_equal 'Successfully authenticated from developer account.', _flash[:notice]
+
+    assert _current_user
+    assert_equal 'developer', _current_user.authentications.first.provider
+    assert_equal '1234567', _current_user.authentications.first.uid
+  end
+
+
+  test 'should handle errors' do
+    OmniAuth.config.mock_auth[:developer] = :access_denied
+
+    visit new_session_url
+
+    assert_no_difference ['User.count', 'Authentication.count'] do
+      click_link 'Sign in with Developer'
+    end
+
+    assert_match /Could not authenticate you from Developer because "Access denied"/, _flash[:alert]
+    assert_equal new_session_url, current_url
+  end
+
+  test 'should not accept unknown provider' do
+    assert_no_difference ['User.count', 'Authentication.count'] do
+      assert_raise ActionController::RoutingError do
+        visit 'auth/unknown'
+      end
+    end
   end
 end