headstart 0.1.0

data/generators/headstart_admin/templates/app/controllers/admin/users_controller.rb

@@ -0,0 +1,52 @@
+class Admin::UsersController < Admin::AdminController
+  
+  def index
+    @users = User.all
+  end
+  
+  def show
+    @user = User.find(params[:id])
+  end
+  
+  def new
+    @user = User.new
+  end
+  
+  def create
+    @user = User.new(params[:user])
+    @user.role = params[:user][:role]
+    if @user.save
+      flash[:notice] = "Created #{@user.name}"
+      redirect_to admin_user_url(@user)
+    else
+      render :action => 'new'
+    end
+  end
+  
+  def edit
+    @user = User.find(params[:id])
+  end
+  
+  def update
+    @user = User.find(params[:id])
+    @user.role = params[:user][:role]
+    if @user.update_attributes(params[:user])
+      flash[:notice] = "Updated #{@user.name}"
+      redirect_to admin_user_url(@user)
+    else
+      render :action => 'edit'
+    end
+  end
+  
+  def destroy
+    @user = User.find(params[:id])
+    if @user != current_user
+      @user.destroy
+      flash[:notice] = "Deleted #{@user.name}"
+    else
+      flash[:error] = "Cannot delete yourself"
+    end
+    redirect_to admin_users_url
+  end
+    
+end

data/generators/headstart_admin/templates/app/views/admin/admin/index.html.erb

@@ -0,0 +1,2 @@
+<% content_for :title do %>Admin<% end %>
+<%= link_to 'Users', '/admin/users' %>

data/generators/headstart_admin/templates/app/views/admin/users/_form.html.erb

@@ -0,0 +1,25 @@
+<%= form.error_messages %>
+<p class="text_field">
+  <%= form.label :first_name %>
+  <%= form.text_field :first_name %>
+</p>
+<p class="text_field">
+  <%= form.label :last_name %>
+  <%= form.text_field :last_name %>
+</p>
+<p class="text_field">
+  <%= form.label :email %>
+  <%= form.text_field :email %>
+</p>
+<p class="password_field">
+  <%= form.label :password %>
+  <%= form.password_field :password %>
+</p>
+<p class="password_field">
+  <%= form.label :password_confirmation, "Confirm password" %>
+  <%= form.password_field :password_confirmation %>
+</p>
+<p>
+  <%= form.label :role %>
+  <%= form.collection_select :role, ['', 'admin'], :to_s, :to_s %>
+</p>

data/generators/headstart_admin/templates/app/views/admin/users/edit.html.erb

@@ -0,0 +1,6 @@
+<h2>Edit User</h2>
+
+<% form_for @user, :url => admin_user_path(@user) do |form| %>
+  <%= render :partial => '/admin/users/form', :object => form %>
+  <%= form.submit 'Save', :disable_with => 'Please wait...' %>
+<% end %>

data/generators/headstart_admin/templates/app/views/admin/users/index.html.erb

@@ -0,0 +1,7 @@
+<ul>
+  <%- @users.each do |user| -%>
+    <li><%= link_to user.name, admin_user_path(user) %> <%=h user.email %></li>
+  <%- end -%>
+</ul>
+
+<%= link_to 'New User', new_admin_user_path %>

data/generators/headstart_admin/templates/app/views/admin/users/new.html.erb

@@ -0,0 +1,6 @@
+<h2>Create User</h2>
+
+<% form_for @user, :url => admin_users_path do |form| %>
+  <%= render :partial => '/admin/users/form', :object => form %>
+  <%= form.submit 'Save', :disable_with => 'Please wait...' %>
+<% end %>

data/generators/headstart_admin/templates/app/views/admin/users/show.html.erb

@@ -0,0 +1,10 @@
+<h2>User Details</h2>
+
+<div id="user_profile">
+  <b>First Name:</b> <%=h @user.first_name %><br/>
+  <b>Last Name:</b> <%=h @user.last_name %><br/>
+  <b>Email:</b> <%=h @user.email %><br/>
+  <%= link_to 'Edit', edit_admin_user_path(@user) %><br/>
+  <%= link_to 'Delete', admin_user_path(@user), :method => :delete, :confirm => 'Are you sure?' %><br/>
+  <%= link_to 'Impersonate', impersonation_path(:user_id => @user.id), :method => :post, :id => "impersonate_#{@user.id}" %>
+</div>

data/generators/headstart_admin/templates/test/integration/admin/users_test.rb

@@ -0,0 +1,201 @@
+require File.dirname(__FILE__) + "/../../test_helper"
+
+class Admin::UsersTest < ActionController::IntegrationTest
+
+  setup do
+    ActionMailer::Base.deliveries.clear
+  end
+
+  teardown do
+    ActionMailer::Base.deliveries.clear
+  end
+
+  context 'Signed in as an admin' do
+
+    setup do
+      @bob = Factory(:user, :email => 'bob@bob.bob', :first_name => 'Bob')
+      @joe = Factory(:user, :email => 'joe@joe.joe', :first_name => 'Joe')
+      @ted = Factory(:user, :email => 'ted@ted.ted', :first_name => 'Ted')
+      @admin_user = Factory(:admin_user, :email => 'admin@example.com')
+      sign_in_as(@admin_user.email, @admin_user.password)
+    end
+
+    context 'when listing users' do
+        
+      should 'show the list of users' do
+        visit admin_users_url
+        assert_contain(/bob@bob.bob/)
+        assert_contain(/joe@joe.joe/)
+        assert_contain(/ted@ted.ted/)
+      end
+    
+    end
+    
+    context 'when creating a new user' do
+      
+      context 'with valid data' do
+                  
+        should 'display "Created [name]"' do
+          create_user(:first_name => 'Tom', :last_name => 'Tom')
+          assert_contain(/Created Tom Tom/)
+        end
+
+        should 'redirect to the user show page' do
+          create_user(:email => 'tom@tom.tom')
+          user = User.find_by_email('tom@tom.tom')
+          assert_equal current_url, admin_user_url(user)
+        end
+
+        should 'be able to set the role' do
+          create_user(:email => 'tom@tom.tom', :role => 'admin')
+          user = User.find_by_email('tom@tom.tom')
+          assert user.admin?
+        end
+
+      end
+      
+      context 'with invalid data' do
+        
+        should 'display error messages' do
+          create_user(
+            :first_name => '',
+            :last_name => '',
+            :email => 'invalidemail',
+            :password_confirmation => 'bad')
+          assert_contain(/First name can't be blank/)
+          assert_contain(/Last name can't be blank/)
+          assert_contain(/Email is invalid/)
+          assert_contain(/Password doesn't match confirmation/)
+        end
+        
+        should 'redisplay the new user form' do
+          create_user(:first_name => '')
+          assert_have_selector 'form.new_user'
+        end
+        
+      end
+      
+    end
+  
+    context 'when editing a user' do
+
+      context 'with valid data' do
+      
+        should 'display "Updated [name]"' do
+          edit_user(@ted, :first_name => 'Tom', :last_name => 'Tom' )
+          assert_contain(/Updated Tom Tom/)
+        end
+      
+        should 'redirect to the user show page' do
+          edit_user(@ted, :email => 'tom@tom.tom')
+          user = User.find_by_email('tom@tom.tom')
+          assert_equal current_url, admin_user_url(user)
+        end
+        
+        should 'be able to change the role' do
+          edit_user(@ted, :role => 'admin')
+          @ted.reload
+          assert @ted.admin?
+        end
+        
+      end
+      
+      context 'with invalid data' do
+        
+        should 'display error messages' do
+          edit_user(@ted,
+            :first_name => '',
+            :last_name => '',
+            :email => 'invalidemail',
+            :password => 'good',
+            :password_confirmation => 'bad')
+          assert_contain(/First name can't be blank/)
+          assert_contain(/Last name can't be blank/)
+          assert_contain(/Email is invalid/)
+          assert_contain(/Password doesn't match confirmation/)
+        end
+        
+        should 'redisplay the edit form' do
+          edit_user(@ted, :first_name => '')
+          assert_have_selector 'form.edit_user'
+        end
+        
+      end
+      
+    end
+    
+    context 'when deleting a user' do
+
+      should 'display "Deleted [name]"' do
+        delete_user(@bob)
+        assert_contain(/Deleted Bob/)
+      end
+
+      should 'redirect to the user list' do
+        delete_user(@bob)
+        assert_equal current_url, admin_users_url
+      end
+      
+      should 'not display the deleted user in the list' do
+        delete_user(@bob)
+        assert_not_contain(/bob@bob.bob/)
+      end
+      
+      should 'not allow deleting currently logged in user' do
+        visit admin_user_url(@admin_user), :delete
+        assert_contain(/Cannot delete yourself/)
+        assert_contain(/admin@example.com/)
+      end
+
+    end
+               
+  end
+  
+  context 'Signed in as a non-admin user' do
+
+    setup do
+      @user = Factory(:user)
+      sign_in_as(@user.email, @user.password)
+    end
+    
+    should 'not give access' do
+      visit admin_users_url
+      assert_not_equal current_url, admin_users_url
+    end
+    
+  end
+  
+  
+  private
+  
+  
+  def create_user(options = {})
+    visit admin_users_url
+    click_link 'New User'
+    fill_in 'Email',            :with => options[:email]                  || 'tom@tom.tom'
+    fill_in 'Password',         :with => options[:password]               || 'password'
+    fill_in 'Confirm Password', :with => options[:password_confirmation]  || options[:password] || 'password'
+    fill_in 'First Name',       :with => options[:first_name]             || 'Tom'
+    fill_in 'Last Name',        :with => options[:last_name]              || 'Tom'
+    select options[:role] || '', :from => 'Role'
+    click_button 'Save'
+  end
+  
+  def edit_user(user, options = {})
+    visit admin_user_url(user)
+    click_link 'Edit'
+    fill_in 'Email',            :with => options[:email]                  || 'tom@tom.tom'
+    fill_in 'Password',         :with => options[:password]               || ''
+    fill_in 'Confirm Password', :with => options[:password_confirmation]  || options[:password] || ''
+    fill_in 'First Name',       :with => options[:first_name]             || 'Tom'
+    fill_in 'Last Name',        :with => options[:last_name]              || 'Tom'
+    select options[:role] || '', :from => 'Role'
+    click_button 'Save'
+  end
+  
+  def delete_user(user)
+    visit admin_user_url(user)
+    click_link 'Delete'
+  end
+    
+end

data/generators/headstart_tests/USAGE

@@ -0,0 +1 @@
+script/generate headstart_tests

data/generators/headstart_tests/headstart_tests_generator.rb

@@ -0,0 +1,21 @@
+class HeadstartTestsGenerator < Rails::Generator::Base
+
+  def manifest
+    record do |m|
+      m.directory File.join("test", "integration")
+
+      ["test/integration/facebook_test.rb",
+       "test/integration/impersonation_test.rb",
+       "test/integration/sign_in_test.rb",
+       "test/integration/sign_out_test.rb",
+       "test/integration/sign_up_test.rb",
+       "test/integration/edit_profile_test.rb",
+       "test/integration/password_reset_test.rb"].each do |file|
+        m.file file, file
+       end
+      
+      m.readme "README"
+    end
+  end
+
+end

data/generators/headstart_tests/templates/README

@@ -0,0 +1,58 @@
+
+*******************************************************************************
+
+Next:
+
+1. To run the generated tests, you'll need shoulda, factory_girl, webrat, and fakeweb.
+   Update your config/environments/test.rb:
+
+     config.gem "shoulda"
+     config.gem "factory_girl"
+     config.gem "webrat"
+     config.gem "fakeweb"
+  
+  Unless they are already included.
+
+2. Update your test_helper.rb with:
+
+     FakeWeb.allow_net_connect = false
+
+     Webrat.configure do |config|
+       config.mode             = :rails
+       config.open_error_files = false
+     end
+     
+     class ActionController::IntegrationTest
+       include Webrat::Matchers
+       
+       def sign_in_as(email, password, url_to_visit = sign_in_url)
+         visit url_to_visit
+         fill_in "Email",      :with => email
+         fill_in "Password",   :with => password
+         click_button "sign in"
+       end
+
+       def reset_session
+         request.reset_session
+         controller.instance_variable_set(:@_current_user, nil)
+       end
+
+       def sign_up(options = {})
+         visit new_user_url
+         fill_in "email",            :with => options[:email]                  || 'bob@bob.bob'
+         fill_in "first name",       :with => options[:first_name]             || 'Bob'
+         fill_in "last name",        :with => options[:last_name]              || 'Bob'
+         fill_in "password",         :with => options[:password]               || 'password'
+         fill_in "confirm password", :with => options[:password_confirmation]  || options[:password] || 'password'
+         click_button 'sign up'
+       end
+
+       def sign_out
+         visit session_url, :delete
+       end
+       
+     end
+     
+3. Be sure to define a root_url in routes.rb.
+
+*******************************************************************************

data/generators/headstart_tests/templates/test/integration/edit_profile_test.rb

@@ -0,0 +1,35 @@
+require 'test_helper'
+
+class EditProfileTest < ActionController::IntegrationTest
+  
+  context 'Editing a user profile' do
+    
+    setup do
+      @user = Factory(:user, :password => 'password')
+      sign_in_as(@user.email, 'password')
+      visit edit_user_path(@user)
+    end
+    
+    should_respond_with :success
+
+    should "see the form with his info" do
+      assert_select "input#user_first_name[value='#{@user.first_name}']"
+      assert_select "input#user_last_name[value='#{@user.last_name}']"
+      assert_select "input#user_email[value='#{@user.email}']"
+    end
+
+    should "update valid information and see the SHOW page" do
+      fill_in "user_first_name", :with => 'OtherName'
+      click_button 'Save'
+      assert_contain /othername/i
+    end
+
+    should "update invalid information and see errors" do
+      fill_in "user_first_name", :with => ''
+      click_button 'Save'
+      assert_contain /First name .* blank/i
+    end
+    
+  end
+
+end

data/generators/headstart_tests/templates/test/integration/facebook_test.rb

@@ -0,0 +1,61 @@
+require 'test_helper'
+
+class FacebookTest < ActionController::IntegrationTest
+  
+  if Headstart.configuration.use_facebook_connect
+
+    context 'Signing in with Facebook' do
+    
+      setup do
+        cookies[Headstart.configuration.facebook_api_key + "_user"] = "8055"
+        cookies[Headstart.configuration.facebook_api_key + "_session_key"] = "123456789"
+        FakeWeb.register_uri(:post,
+                             %r|http://api.facebook.com/restserver.php|,
+                             :body => '[{"about_me":"","activities":"","affiliations":{},"birthday":"July 18","books":"","current_location":{"city":"Orlando","state":"Florida","country":"United States","zip":""},"education_history":[{"name":"Florida Institute of Technology","year":1995,"concentrations":{},"degree":"","school_type":"Unknown"}],"first_name":"Bob","hometown_location":null,"hs_info":{"hs1_name":"Cheyenne Mountain High School","hs2_name":"","grad_year":1992,"hs1_id":3202,"hs2_id":0},"interests":"","is_app_user":true,"last_name":"Jones","meeting_for":{},"meeting_sex":{},"movies":"","music":"","name":"Bob Jones","notes_count":null,"pic":"http:\/\/profile.ak.fbcdn.net\/hprofile-ak-sf2p\/hs272.snc3\/23197_1334019372_5345_s.jpg","pic_big":"http:\/\/profile.ak.fbcdn.net\/v228\/245\/118\/n1334019372_6158.jpg","pic_small":"http:\/\/profile.ak.fbcdn.net\/hprofile-ak-sf2p\/hs272.snc3\/23197_1334019372_5345_t.jpg","political":"","profile_update_time":1267034911,"quotes":"","relationship_status":"","religion":"","sex":"male","significant_other_id":null,"status":{"message":"","time":0,"status_id":0},"timezone":-5,"tv":"","uid":8055,"wall_count":34,"work_history":{},"pic_square":"http:\/\/profile.ak.fbcdn.net\/hprofile-ak-sf2p\/hs272.snc3\/23197_1334019372_5345_q.jpg","has_added_app":true,"email_hashes":{},"locale":"en_US","profile_url":"http:\/\/www.facebook.com\/profile.php?id=1334019372","proxied_email":"apps+339309032618.1334019372.a320f4a38471f7b537079f5c13bb33f1@proxymail.facebook.com","pic_big_with_logo":"http:\/\/external.ak.fbcdn.net\/safe_image.php?logo&d=20fef10357c21b2e1acc8dac7d4bed49&url=http%3A%2F%2Fprofile.ak.fbcdn.net%2Fv228%2F245%2F118%2Fn1334019372_6158.jpg&v=5","pic_small_with_logo":"http:\/\/external.ak.fbcdn.net\/safe_image.php?logo&d=ad4b560e363f5b40ccbe81e1d985c91e&url=http%3A%2F%2Fprofile.ak.fbcdn.net%2Fhprofile-ak-sf2p%2Fhs272.snc3%2F23197_1334019372_5345_t.jpg&v=5","pic_square_with_logo":"http:\/\/external.ak.fbcdn.net\/safe_image.php?logo&d=a0118842ed70fce04e7883f5ab52023f&url=http%3A%2F%2Fprofile.ak.fbcdn.net%2Fhprofile-ak-sf2p%2Fhs272.snc3%2F23197_1334019372_5345_q.jpg&v=5","pic_with_logo":"http:\/\/external.ak.fbcdn.net\/safe_image.php?logo&d=eb90cc8c5f332436f5d56009aab6b467&url=http%3A%2F%2Fprofile.ak.fbcdn.net%2Fhprofile-ak-sf2p%2Fhs272.snc3%2F23197_1334019372_5345_s.jpg&v=5","birthday_date":"07\/18","email":"bob@example.com","allowed_restrictions":"alcohol"}]'
+                             )
+      end
+    
+      teardown do
+        cookies[Headstart.configuration.facebook_api_key + "_user"] = nil
+        cookies[Headstart.configuration.facebook_api_key + "_session_key"] = nil
+      end
+    
+      should 'find an existing user with the facebook uid' do
+        user = Factory( :facebook_user,
+                        :facebook_uid => 8055,
+                        :email => 'bob@facebook.com')
+
+        visit fb_connect_url
+        assert controller.signed_in?
+        assert_equal controller.current_user, user
+      end
+
+      should 'find an existing user with the facebook email address' do
+        user = Factory( :user,
+                        :facebook_uid => nil,
+                        :email => 'bob@example.com')
+
+        visit fb_connect_url
+        assert controller.signed_in?
+        assert_equal controller.current_user, user
+      end
+
+      should 'create a new user when the facebook uid is not found' do
+        assert_nil User.find_by_facebook_uid(8055)
+    
+        visit fb_connect_url
+        assert controller.signed_in?
+        assert_equal '8055', controller.current_user.facebook_uid
+      end
+  
+      should 'copy the facebook user details' do
+        visit fb_connect_url
+        assert controller.signed_in?
+        assert_equal 'bob@example.com', controller.current_user.email
+      end
+  
+    end
+
+  end
+
+end

data/generators/headstart_tests/templates/test/integration/impersonation_test.rb

@@ -0,0 +1,39 @@
+require 'test_helper'
+
+class ImpersonationTest < ActionController::IntegrationTest
+  
+  context 'When impersonating another user' do
+    
+    setup do
+      @bob = Factory(:user, :email => 'bob@bob.bob')
+      @admin_user = Factory(:admin_user, :email => 'admin@example.com')
+      sign_in_as @admin_user.email, @admin_user.password
+      impersonate(@bob)
+    end
+    
+    should 'be signed in' do
+      assert controller.signed_in?
+    end        
+    
+    should 'be logged in as bob' do
+      assert_equal controller.current_user, @bob
+    end
+    
+    should 'be able to go back to the original admin user' do
+      click_link "Stop impersonating"
+      assert controller.signed_in?
+      assert_equal controller.current_user, @admin_user
+    end
+    
+  end
+  
+  
+  private
+  
+  
+  def impersonate(user)
+    visit impersonations_url
+    click_link "impersonate_#{user.id}"
+  end
+  
+end

data/generators/headstart_tests/templates/test/integration/password_reset_test.rb

@@ -0,0 +1,128 @@
+require 'test_helper'
+
+class PasswordResetTest < ActionController::IntegrationTest
+  
+  context 'When requesting a password reset' do
+    
+    setup do
+      ActionMailer::Base.deliveries.clear
+    end
+    
+    teardown do
+      ActionMailer::Base.deliveries.clear
+    end
+    
+    context 'when not signed up' do
+      
+      should 'see "Unknown email"' do
+        request_password_reset('unknown@bob.bob')
+        assert_match(/Unknown email/, response.body)
+      end
+      
+      should 'not send an email' do
+        request_password_reset('unknown@bob.bob')
+        assert ActionMailer::Base.deliveries.empty?
+      end
+      
+    end
+    
+    context 'when signed up' do
+      
+      setup do
+        @user = Factory(:user, :email => 'bob@bob.bob')
+      end
+      
+      should 'see "instructions for changing your password"' do
+        request_password_reset(@user.email)
+        assert_match(/instructions for changing your password/, response.body)
+      end
+      
+      should 'send a password reset email to the user' do
+        request_password_reset(@user.email)
+        @user.reload # catch updated confirmation token
+        Delayed::Job.work_off
+        assert !@user.password_reset_token.blank?
+        assert_sent_email do |email|
+          email.recipients =~ /#{Regexp.escape @user.email}/i &&
+          email.subject =~ /password/i &&
+          email.body[:url] =~ /#{Regexp.escape @user.password_reset_token}/
+        end
+      end
+      
+    end
+    
+  end
+  
+  context 'After requesting a password reset' do
+    
+    setup do
+      ActionMailer::Base.deliveries.clear
+      @user = Factory(:user, :email => 'bob@bob.bob')
+    end
+    
+    teardown do
+      ActionMailer::Base.deliveries.clear
+    end
+    
+    context 'with failed password confirmation' do
+      
+      should 'see error messages' do
+        request_password_reset('bob@bob.bob')
+        @user.reload
+        change_password(@user, :password => 'goodpassword', :confirm => 'badpassword')
+        assert_match(/Password doesn't match confirmation/, response.body)
+      end
+      
+      should 'not be signed in' do
+        request_password_reset('bob@bob.bob')
+        @user.reload
+        change_password(@user, :password => 'goodpassword', :confirm => 'badpassword')
+        assert !controller.signed_in?
+      end
+      
+    end
+    
+    context 'with valid password and confirmation' do
+      
+      should 'be signed in' do
+        request_password_reset('bob@bob.bob')
+        @user.reload
+        change_password(@user)
+        assert controller.signed_in?
+      end
+      
+      should 'be able to sign in with new password' do
+        request_password_reset('bob@bob.bob')
+        @user.reload
+        change_password(@user)
+        sign_out
+        sign_in_as('bob@bob.bob', 'goodpassword')
+        assert controller.signed_in?
+      end
+      
+    end
+    
+  end
+  
+  
+  private
+  
+  
+  def request_password_reset(email)
+    visit new_password_url
+    fill_in "Email Address", :with => email
+    click_button "reset password"
+  end
+  
+  def change_password(user, options = {})
+    options[:password]  ||= 'goodpassword'
+    options[:confirm]   ||= options[:password]
+    
+    visit edit_user_password_path(:user_id => user,
+                                  :token   => user.password_reset_token)
+    fill_in "Choose password",    :with => options[:password]
+    fill_in "Confirm password",   :with => options[:confirm]
+    click_button "save this password"
+  end
+  
+end