RubyGems - hello-rails - Versions diffs - 0.0.0 → 0.5.0 - Mend

hello-rails 0.0.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (235) hide show

data/spec/bdd/hello/authentication/authorization/authorization_router_constraints_spec.rb ADDED

@@ -0,0 +1,41 @@
+require 'spec_helper'
+RSpec.bdd.uic "Router Constraints" do
+  story "For Users" do
+    scenario "As a Guest" do
+      Given "I am a Guest" do
+        # :)
+      end
+      When "I visit a route constrained to users" do
+        # :)
+      end
+      Then "I should see a 404 error" do
+        expect {
+          visit "/middleware/bad_kitty"
+        }.to raise_error ActionController::RoutingError
+      end
+    end
+    scenario "As a User" do
+      Given "I am a User" do
+        given_I_have_signed_in
+      end
+      When "I visit a route constrained to users" do
+        # :)
+      end
+      Then "I should not see a 404 error" do
+        expect {
+          visit "/middleware/bad_kitty"
+        }.not_to raise_error
+      end
+    end
+  end
+end

data/spec/bdd/hello/authentication/authorization/authorization_sensitive_restriction_spec.rb ADDED

@@ -0,0 +1,84 @@
+require 'spec_helper'
+RSpec.bdd.uic "Sensitive Restriction" do
+  story "Enable Sudo Mode" do
+    before do
+      Given "I see the Sudo Mode form" do
+        given_I_have_signed_in
+        click_link "Settings"
+        click_link "Devices"
+        expect(page).to have_content "Confirm Password to Continue"
+        expect(current_path).to eq hello.accesses_path
+        expect(Access.last.sudo_expires_at).to be < Time.now
+      end
+    end
+    scenario "Success" do
+      When "I submit the correct password" do
+        when_I_confirm_my_user_password
+      end
+      Then "and I should see a confirmation message" do
+        expect_flash_notice "Now we know it's really you. We won't be asking your password again for 60 minutes"
+      end
+      then_I_expect_to_be_on_sudo_mode
+    end
+    scenario "Blank Password" do
+      When "I submit an empty form" do
+        when_I_confirm_my_user_password('', false)
+      end
+      _then_failed_to_enable_sudo_mode
+    end
+    scenario "Wrong Password" do
+      When "I submit an incorrect password" do
+        when_I_confirm_my_user_password('wrong', false)
+      end
+      _then_failed_to_enable_sudo_mode
+    end
+  end
+  story "Disable Sudo Mode" do
+    scenario "Success" do
+      given_I_have_signed_in_with_sudo_mode
+      When "I disable sudo mode" do
+        click_link "expire"
+      end
+      Then "I should see a confirmation message" do
+        expect_flash_notice "We will now ask your password for sensitive access"
+      end
+      then_I_expect_not_to_be_on_sudo_mode
+    end
+  end
+  def _then_failed_to_enable_sudo_mode
+    Then "I expect to see an error message" do
+      expect_flash_alert "Incorrect Password"
+    end
+    then_I_expect_not_to_be_on_sudo_mode
+  end
+end

data/spec/bdd/hello/authentication/authorization/bdd.yml ADDED

	@@ -0,0 +1 @@
1	+ capability: Authorization

data/spec/bdd/hello/authentication/bdd.yml ADDED

	@@ -0,0 +1 @@
1	+ goal: Authentication

data/spec/bdd/hello/authentication/classic_sign_in_spec.rb ADDED

@@ -0,0 +1,264 @@
+require 'spec_helper'
+RSpec.bdd.capability 'I can Sign In With Email' do
+  role 'User' do
+    before do
+      given_I_have_an_email_credential
+      expect(Access.count).to eq(0)
+    end
+    context 'Components', type: :feature do
+      uic 'Dual Form' do
+        scenario 'Empty Form' do
+          When 'I sign in with an empty form' do
+            visit hello.root_path
+            click_button 'Sign In'
+          end
+          Then 'I should see an error message' do
+            expect_to_see 'found while trying to sign in'
+          end
+          Then 'and be on the sign in page' do
+            expect(current_path).to eq hello.sign_in_path
+          end
+        end # scenario
+      end # uic
+      uic 'Single Form' do
+        context 'General' do
+          Given 'I am on the sign in page' do
+            visit '/hello/sign_in'
+          end
+          story 'Valid Scearios' do
+            scenario 'Valid Email & Password' do
+              When 'I sign in with a valid form' do
+                fill_in_login_form('foo@bar.com')
+                click_button 'Sign In'
+              end
+            end # scenario
+            scenario 'Valid Username & Password' do
+              When 'I sign in with a valid form' do
+                fill_in_login_form('foobar')
+                click_button 'Sign In'
+              end
+            end # scenario
+            Then 'I should see a confirmation message' do
+              expect_flash_notice 'You have signed in successfully'
+            end
+            Then 'I should be on the home page' do
+              expect_to_be_on '/'
+            end
+            Then 'Database now has 1 Access' do
+              expect(Access.count).to eq(1)
+            end
+          end # story
+          story 'Invalid Scearios' do
+            scenario 'Empty Form' do
+              When 'I sign in with an empty form' do
+                click_button 'Sign In'
+              end
+            end # scenario
+            scenario 'Email not found' do
+              When 'I sign in with an empty form' do
+                click_button 'Sign In'
+              end
+            end # scenario
+            scenario 'Username not found' do
+              When 'I sign in with a bad username' do
+                fill_in_login_form('foobar9999')
+                click_button 'Sign In'
+              end
+            end # scenario
+            scenario 'Wrong Password' do
+              When 'I sign in with a bad password' do
+                fill_in_login_form('foobar', '9999')
+                click_button 'Sign In'
+              end
+            end # scenario
+            scenario 'Blank Password' do
+              When 'I sign in with a bad password' do
+                fill_in_login_form('foobar', '')
+                click_button 'Sign In'
+              end
+            end # scenario
+            Then 'I should see a confirmation message' do
+              expect_to_see 'found while trying to sign in'
+            end
+            Then 'I should be on the sign in page' do
+              expect_to_be_on '/hello/sign_in'
+            end
+            Then 'Database still has 0 Access' do
+              expect(Access.count).to eq(0)
+            end
+          end # story
+        end # context
+        context 'Extras' do
+          story 'Previous URL' do
+            scenario 'Has Previous URL' do
+              Given 'I visited a page that required me to authenticate' do
+                visit '/onboarding'
+                expect_to_be_on '/hello/sign_in'
+              end
+              When 'I sign in with a valid form' do
+                fill_in_login_form('foo@bar.com')
+                click_button 'Sign In'
+                expect_flash_notice 'You have signed in successfully'
+              end
+              Then 'I should be on the home page' do
+                expect_to_be_on '/'
+              end
+            end # scenario
+            scenario 'No Previous URL' do
+              Given 'I am on the sign in page' do
+                visit '/hello/sign_in'
+              end
+              When 'I sign in with a valid form' do
+                fill_in_login_form('foo@bar.com')
+                click_button 'Sign In'
+                expect_flash_notice 'You have signed in successfully'
+              end
+              Then 'I should be on the home page' do
+                expect_to_be_on '/'
+              end
+            end # scenario
+          end # story
+          story 'Keep me' do
+            Given 'I am on the sign in page' do
+              visit '/hello/sign_in'
+            end
+            scenario 'Checked' do
+              Given 'I check "keep me"' do
+                check 'keep_me'
+              end
+              When 'I sign in with a valid form' do
+                fill_in_login_form('foo@bar.com')
+                click_button 'Sign In'
+                expect_flash_notice 'You have signed in successfully'
+              end
+              Then 'and be signed in for 30 days' do
+                expect(Access.last.expires_at).to be > 29.days.from_now
+              end
+            end # scenario
+            scenario 'Unchecked' do
+              Given 'I do not check "keep me"' do
+                # left blank
+              end
+              When 'I sign in with a valid form' do
+                fill_in_login_form('foo@bar.com')
+                click_button 'Sign In'
+                expect_flash_notice 'You have signed in successfully'
+              end
+              Then 'and be signed in for 30 minutes' do
+                a = Access.last
+                expect(a.expires_at).to be < 31.minutes.from_now
+                expect(a.expires_at).to be > 29.minutes.from_now
+              end
+            end # scenario
+          end # story
+        end # context
+      end # uic
+    end # context
+    api 'API', type: :request do
+      scenario 'Valid Parameters' do
+        When 'I sign in with valid parameters' do
+          post '/hello/sign_in.json', sign_in: {login: 'foo@bar.com', password: '1234'}
+        end
+        Then 'I should see the access object' do
+          expect(json_response.keys).to match_array ['expires_at', 'token', 'user', 'user_id']
+          expect(json_response['user'].keys).to match_array ['id', 'accesses_count', 'city', 'created_at', 'credentials_count', 'locale', 'name', 'role', 'time_zone', 'updated_at', 'username']
+        end
+        Then 'I should get a 201 response' do
+          expect(response.status).to         eq(201)
+          expect(response.status_message).to eq('Created')
+        end
+        Then 'Database now has 1 Access' do
+          expect(Access.count).to eq(1)
+        end
+      end # scenario
+      scenario 'Blank Parameters' do
+        When 'I sign in with an empty parameters' do
+          post '/hello/sign_in.json', sign_in: {login: ''}
+        end
+        Then 'I should see errors' do
+          expect(json_response).to eq({
+            "login"=>["can't be blank"],
+            "password"=>["can't be blank"]
+          })
+        end
+        Then 'I should get a 422 response' do
+          expect(response.status).to         eq(422)
+          expect(response.status_message).to eq('Unprocessable Entity')
+        end
+        Then 'Database now has 0 Access' do
+          expect(Access.count).to eq(0)
+        end
+      end # scenario
+    end # api
+  end # role
+end # capability

data/spec/bdd/hello/authentication/manage_sessions_spec.rb ADDED

@@ -0,0 +1,292 @@
+require 'spec_helper'
+RSpec.bdd.capability 'I can Manage Sessions' do
+  role 'User' do
+    Given 'I am a User' do
+      sign_in_as_a('user')
+      expect_to_see 'dummy-accounts-1'
+    end
+    context 'I can Add Sessions' do
+      context 'Components', type: :feature do
+        uic 'Sign In Path' do
+          Given 'I visit "Switch Accounts" > "Add Account" > "Sign In"' do
+            visit '/'
+            click_link 'Switch Accounts'
+            click_link 'Add Account'
+            click_link 'Sign In'
+          end
+          scenario 'Success' do
+            When 'I sign in as a second user' do
+              u = create(:user_user, username: 'foobar')
+              fill_in_login_form(u.username)
+              click_button 'Sign In'
+            end
+            Then 'I should see a confirmation message' do
+              expect_flash_notice 'You have signed in successfully'
+            end
+            Then 'I should be signed in with 2 sessions' do
+              expect_to_see 'dummy-accounts-2'
+            end
+          end # scenario
+          scenario 'Invalid Credentials' do
+            When 'I sign in as a second user' do
+              fill_in_login_form('doesnotexist')
+              click_button 'Sign In'
+            end
+            Then "I should see a validation errors" do
+              expect_error_message "1 error was found while trying to sign in"
+              expect_to_see "This login was not found in our database."
+            end
+            Then 'I should be signed in with 1 session' do
+              expect_to_see 'dummy-accounts-1'
+            end
+          end # scenario
+        end # uic
+        uic 'Sign Up Path' do
+          Given 'I visit "Switch Accounts" > "Add Account" > "Sign Up"' do
+            visit '/'
+            click_link 'Switch Accounts'
+            click_link 'Add Account'
+            click_link 'Sign Up'
+          end
+          scenario 'Success' do
+            When 'I sign up with valid data' do
+              fill_in_registration_form
+              click_button 'Sign Up'
+            end
+            Then 'I should see a confirmation message' do
+              expect_flash_notice 'You have signed up successfully'
+            end
+            Then 'I should be signed in with 2 sessions' do
+              expect_to_see 'dummy-accounts-2'
+            end
+          end # scenario
+          scenario 'Invalid Registration' do
+            When 'I sign up with invalid data' do
+              click_button 'Sign Up'
+            end
+            Then "I should see a validation errors" do
+              expect_error_message "errors were found while trying to sign up"
+            end
+            Then 'I should be signed in with 1 session' do
+              expect_to_see 'dummy-accounts-1'
+            end
+          end
+        end # uic
+      end # context
+      api 'API', type: :request do
+        skip 'TODO: write API features here too'
+      end # api
+    end # context
+    context 'I can Switch Sessions' do
+      context 'Components', type: :feature do
+        uic 'Switch Button' do
+          story 'Has One Account' do
+            Given 'I am signed in with a single account' do
+              # intentionally left blank
+            end
+            scenario 'Success' do
+              When 'I visit Switch Accounts' do
+                click_link 'Switch Accounts'
+              end
+              Then 'I should not see a button to switch accounts' do
+                expect(page).not_to have_link('Switch!')
+              end
+              Then 'I should be signed in with 1 session' do
+                expect_to_see 'dummy-accounts-1'
+              end
+              Then 'and I should be signed in' do
+                then_I_expect_to_be_signed_in
+              end
+            end # scenario
+          end # story
+          story 'Has Two Accounts' do
+            Given 'I sign in as a second user' do
+              u = create(:user_user, username: 'foobar')
+              sign_in_with(u.username)
+              expect_to_see 'dummy-accounts-2'
+            end
+            Given 'I visit "Switch Accounts"' do
+              click_link 'Switch Accounts'
+              # ensuring url_for context and to_param
+              expect(page.html).to include(%{<a href="/users/foobar">foobar</a>})
+            end
+            scenario 'Success' do
+              When 'I attempt to switch to another account' do
+                click_link 'Switch!'
+              end
+              Then 'I should see a confirmation message' do
+                expect_flash_notice 'You have signed in successfully'
+              end
+              Then 'I should be signed in as my first account now' do
+                then_I_expect_to_be_signed_in_with_role('user')
+              end
+            end # scenario
+            scenario 'Not Found' do
+              But 'My first session was dropped from the database' do
+                Access.first.destroy!
+              end
+              When 'I attempt to switch to my first session' do
+                click_link 'Switch!'
+              end
+              Then 'I should see an expiration message' do
+                expect_flash_notice 'You have signed out!'
+              end
+              Then 'I should be signed in as my first account now' do
+                then_I_expect_to_be_signed_in_with_role('user')
+              end
+            end # scenario
+          end # story
+        end # uic
+      end # context
+      api 'API', type: :request do
+        skip 'TODO: write API features here too'
+      end # api
+    end # context
+    context 'I can Forget Sessions' do
+      context 'Components', type: :feature do
+        uic 'Forget Button' do
+          story "Has One Account" do
+            Given 'I am signed in with a single account' do
+              # intentionally left blank
+            end
+            scenario 'Success' do
+              When "I attempt to forget my first session" do
+                click_link "Switch Accounts"
+                click_button "Forget"
+              end
+              Then "I should see a confirmation message" do
+                expect_flash_notice 'You have signed out!'
+              end
+              Then 'I should be signed in with 0 sessions' do
+                expect_to_see 'dummy-accounts-0'
+              end
+              Then 'and I should be signed out' do
+                then_I_expect_to_be_signed_out
+              end
+            end # scenario
+          end # story
+          story "Has Two Accounts" do
+            Given 'I sign in as a second user' do
+              u = create(:user_user, username: 'foobar')
+              sign_in_with(u.username)
+              expect_to_see "dummy-accounts-2"
+            end
+            scenario 'Success' do
+              When "I attempt to forget my first session" do
+                click_link "Switch Accounts"
+                click_nth_button("Forget", 1)
+              end
+              Then "I should see a confirmation message" do
+                expect_flash_notice 'You have signed out!'
+              end
+              Then 'I should be signed in with 1 session' do
+                expect_to_see 'dummy-accounts-1'
+              end
+              Then 'and I should be signed in' do
+                then_I_expect_to_be_signed_in
+              end
+            end # scenario
+          end # story
+        end # uic
+      end # context
+      api 'API', type: :request do
+        skip 'TODO: write API features here too'
+      end # api
+    end # context
+  end # role
+end # capability