incline 0.1.5

data/test/fixtures/incline/users.yml

@@ -0,0 +1,64 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+  name: George Jetson
+  email: george@example.com
+  activated: true
+  enabled: true
+  system_admin: false
+  password_digest: <%= Incline::User::digest 'Password123' %>
+  activated_at: <%= 20.days.ago %>
+  last_login_at: <%= 5.hours.ago %>
+  last_login_ip: 10.20.30.40
+
+two:
+  name: Fred Flintstone
+  email: fred@example.com
+  activated: true
+  enabled: true
+  system_admin: false
+  password_digest: <%= Incline::User::digest 'Password123' %>
+  activated_at: <%= 9.days.ago %>
+  last_login_at: <%= 3.days.ago %>
+  last_login_ip: 1:2::3:4
+
+admin:
+  name: Sys Admin
+  email: admin@example.com
+  activated: true
+  enabled: true
+  system_admin: true
+  password_digest: <%= Incline::User::digest 'Password123' %>
+  activated_at: <%= 30.days.ago %>
+
+basic:
+  name: Basic User
+  email: basic@example.com
+  activated: true
+  enabled: true
+  system_admin: false
+  password_digest: <%= Incline::User::digest 'Password123' %>
+  activated_at: <%= 10.days.ago %>
+
+disabled:
+  name: Bad User
+  email: bad@example.com
+  activated: true
+  enabled: false
+  system_admin: false
+  password_digest: <%= Incline::User::digest 'Password123' %>
+  disabled_by: admin@example.com
+  disabled_at: <%= 30.days.ago %>
+  activated_at: <%= 31.days.ago %>
+
+recently_disabled:
+  name: Recent User
+  email: recent@example.com
+  activated: true
+  enabled: false
+  system_admin: false
+  password_digest: <%= Incline::User::digest 'Password123' %>
+  disabled_by: admin@example.com
+  disabled_at: <%= 1.days.ago %>
+  activated_at: <%= 3.days.ago %>
+

data/test/incline_test.rb

@@ -0,0 +1,63 @@
+require 'test_helper'
+
+class InclineTest < ActiveSupport::TestCase
+
+  test 'modules and classes loaded' do
+    assert Object.const_defined? :Incline
+
+    assert Incline.const_defined? :NotLoggedIn
+    assert Incline.const_defined? :NotAuthorized
+    assert Incline.const_defined? :InvalidApiCall
+
+    assert Incline.const_defined? :VERSION
+    assert Incline.const_defined? :Log
+    assert Incline.const_defined? :Engine
+    assert Incline.const_defined? :WorkPath
+    assert Incline.const_defined? :JsonLogFormatter
+    assert Incline.const_defined? :JsonLogger
+    assert Incline.const_defined? :GlobalStatus
+    assert Incline.const_defined? :DataTablesRequest
+    assert Incline.const_defined? :DateTimeFormats
+    assert Incline.const_defined? :NumberFormats
+    assert Incline.const_defined? :AuthEngineBase
+    assert Incline.const_defined? :UserManager
+    assert Incline.const_defined? :Recaptcha
+    assert Incline::Recaptcha.const_defined? :Tag
+
+    assert Incline.const_defined? :Extensions
+    assert Incline::Extensions.const_defined? :Object
+    assert Incline::Extensions.const_defined? :Numeric
+    assert Incline::Extensions.const_defined? :String
+    assert Incline::Extensions.const_defined? :Application
+    assert Incline::Extensions.const_defined? :ApplicationConfiguration
+    assert Incline::Extensions.const_defined? :ActiveRecordBase
+    assert Incline::Extensions.const_defined? :ConnectionAdapter
+    assert Incline::Extensions.const_defined? :MainApp
+    assert Incline::Extensions.const_defined? :ActionControllerBase
+    assert Incline::Extensions.const_defined? :ActionMailerBase
+    assert Incline::Extensions.const_defined? :ActionViewBase
+    assert Incline::Extensions.const_defined? :Session
+    assert Incline::Extensions::Session.const_defined? :Common
+    assert Incline::Extensions::Session.const_defined? :Controller
+    assert Incline::Extensions.const_defined? :ResourceRouteGenerator
+    assert Incline::Extensions.const_defined? :ErbScaffoldGenerator
+    assert Incline::Extensions.const_defined? :JbuilderGenerator
+    assert Incline::Extensions.const_defined? :JbuilderTemplate
+    assert Incline::Extensions.const_defined? :TestCase
+    assert Incline::Extensions.const_defined? :IntegerValue
+    assert Incline::Extensions.const_defined? :FloatValue
+    assert Incline::Extensions.const_defined? :TimeZoneConverter
+    assert Incline::Extensions.const_defined? :DateTimeValue
+    assert Incline::Extensions.const_defined? :DateValue
+    assert Incline::Extensions.const_defined? :DecimalValue
+    assert Incline::Extensions.const_defined? :FormBuilder
+
+    assert Incline.const_defined? :EmailValidator
+    assert Incline.const_defined? :SafeNameValidator
+    assert Incline.const_defined? :IpAddressValidator
+    assert Incline.const_defined? :RecaptchaValidator
+
+  end
+
+
+end

data/test/integration/incline/users_edit_test.rb

@@ -0,0 +1,180 @@
+require 'test_helper'
+
+module Incline
+  class UsersEditTest < ActionDispatch::IntegrationTest
+    def setup
+      @user = incline_users(:one)
+      @other_user = incline_users(:two)
+      @admin = incline_users(:admin)
+      @disabled_user = incline_users(:disabled)
+      @recent_user = incline_users(:recently_disabled)
+    end
+
+    # only admin can view random users.
+    access_tests_for :show,
+                     controller: 'users',
+                     url_helper: 'incline.user_path(@user)',
+                     allow_anon: false,
+                     allow_any_user: false,
+                     allow_admin: true
+
+    # and users can view themselves.
+    test 'user should be able to show self' do
+      log_in_as @user
+      get incline.user_path(@user)
+      assert_response :success
+    end
+
+    # only admin can edit random users.
+    access_tests_for :edit,
+                     controller: 'users',
+                     url_helper: 'incline.edit_user_path(@user)',
+                     allow_anon: false,
+                     allow_any_user: false,
+                     allow_admin: true
+
+    # and users can edit themselves.
+    test 'user can edit self' do
+      log_in_as @user
+      get incline.edit_user_path(@user)
+      assert_template 'incline/users/edit'
+      assert_select 'form[action=?]', incline.user_path(@user)
+      assert_select '#user_name'
+      assert_select '#user_email'
+      assert_select '#user_password'
+    end
+
+    # only admin can update random users.
+    access_tests_for :update,
+                     controller: 'users',
+                     url_helper: 'incline.user_path(@user)',
+                     allow_anon: false,
+                     allow_any_user: false,
+                     allow_admin: true,
+                     update_params: '{ user: { name: @user.name, email: @user.email } }',
+                     success: '(system_admin? ? incline.users_path : incline.user_path(@user))'
+
+    # and users can update themselves.
+    test 'user can update self' do
+      log_in_as @user
+      patch incline.user_path(@user), user: { name: @user.name, email: @user.email }
+      assert_redirected_to incline.user_path(@user)
+    end
+
+
+    # only admin can destroy users.
+    access_tests_for :destroy,
+                     controller: 'users',
+                     url_helper: 'incline.user_path(@disabled_user)',
+                     allow_anon: false,
+                     allow_any_user: false,
+                     allow_admin: true,
+                     success: 'incline.users_path'
+
+    test 'user count should change when destroyed' do
+      log_in_as @admin
+      assert_difference 'Incline::User.count', -1 do
+        delete incline.user_path(@disabled_user)
+      end
+    end
+
+    test 'should not destroy recently disabled users' do
+      log_in_as @admin
+      assert_no_difference 'Incline::User.count' do
+        delete incline.user_path(@recent_user)
+      end
+      assert_redirected_to incline.users_path
+    end
+
+    test 'should not destroy active users' do
+      log_in_as @admin
+      assert_no_difference 'Incline::User.count' do
+        delete incline.user_path(@user)
+      end
+      assert_redirected_to incline.users_path
+    end
+
+    # only admin can disable users.
+    access_tests_for :disable_confirm,
+                     controller: 'users',
+                     url_helper: 'incline.disable_user_path(@user)',
+                     method: 'get',
+                     allow_anon: false,
+                     allow_any_user: false,
+                     allow_admin: true
+
+    access_tests_for :disable,
+                     controller: 'users',
+                     url_helper: 'incline.disable_user_path(@user)',
+                     method: 'patch',
+                     allow_anon: false,
+                     allow_any_user: false,
+                     allow_admin: true,
+                     success: 'incline.users_path',
+                     disable_params: { disable_info: { reason: 'As a test' } }
+
+    test 'enabled count should change when disabled' do
+      log_in_as @admin
+      assert_difference 'Incline::User.enabled.count', -1 do
+        patch incline.disable_user_path(@other_user), disable_info: { reason: 'As a test' }
+      end
+    end
+
+    access_tests_for :enable,
+                     controller: 'users',
+                     url_helper: 'incline.enable_user_path(@recent_user)',
+                     method: 'patch',
+                     allow_anon: false,
+                     allow_any_user: false,
+                     allow_admin: true,
+                     success: 'incline.users_path'
+
+    test 'enabled cound should change when enabled' do
+      log_in_as @admin
+      assert_difference 'Incline::User.enabled.count', 1 do
+        patch incline.enable_user_path(@recent_user)
+      end
+    end
+
+
+
+
+    test 'should not allow the admin attribute to be edited via web' do
+      log_in_as @other_user
+      assert_not @other_user.system_admin?
+      patch incline.user_path(@other_user), user: { password: 'password', password_confirmation: 'password', system_admin: '1' }
+      assert_not @other_user.reload.system_admin?
+    end
+
+    test 'unsuccessful edit' do
+      log_in_as(@user)
+      get incline.edit_user_path(@user)
+      assert_template 'incline/users/edit'
+      patch incline.user_path(@user), user: { name: '', email: 'foo@invalid', password: 'foo', password_confirmation: 'baz' }
+      assert_template 'incline/users/edit'
+      assert_select 'div#error_explanation'
+    end
+
+    test 'successful edit with friendly forwarding' do
+      get incline.edit_user_path(@user)
+      assert_redirected_to incline.login_path
+      log_in_as(@user)
+      assert_redirected_to incline.edit_user_path(@user)
+      name = 'Foo Bar'
+      email = 'foo@bar.com'
+      pwd = ''
+      patch incline.user_path(@user), user: { name: name, email: email, password: pwd, password_confirmation: pwd }
+      assert_not flash.empty?
+      assert_redirected_to @user
+      @user.reload
+      assert_equal name, @user.name
+      assert_equal email, @user.email
+      pwd = 'new-password'
+      patch incline.user_path(@user), user: { name: name, email: email, password: pwd, password_confirmation: pwd }
+      assert_not flash.empty?
+      assert_redirected_to @user
+      @user.reload
+      assert @user.authenticate(pwd)
+    end
+  end
+end

data/test/integration/incline/users_login_test.rb

@@ -0,0 +1,105 @@
+require 'test_helper'
+
+module Incline
+  class UsersLoginTest < ActionDispatch::IntegrationTest
+
+    def setup
+      @routes = Incline::Engine.routes
+      @user = Incline::User.find_by(email: valid_creds[:email])
+    end
+
+    def self.valid_creds
+      {
+          email: 'george@example.com',
+          password: 'Password123'
+      }
+    end
+
+    def valid_creds
+      self.class.valid_creds
+    end
+
+    # to get the login form, you must not be logged in.
+    access_tests_for :new,
+                     controller: 'sessions',
+                     url_helper: 'incline.login_path',
+                     allow_anon: true,
+                     allow_any_user: false,
+                     allow_admin: false,
+                     failure: 'incline.user_path(user)'
+
+    # to login, you must not be logged in.
+    access_tests_for :create,
+                     controller: 'sessions',
+                     url_helper: 'incline.login_path',
+                     allow_anon: true,
+                     allow_any_user: false,
+                     allow_admin: false,
+                     create_params: { session: valid_creds },
+                     success: 'incline.user_path(@user)',   # instance var
+                     failure: 'incline.user_path(user)'     # local var
+
+    test 'login template' do
+      get incline.login_path
+      assert_template 'incline/sessions/new'
+      assert_select '#session_email'
+      assert_select '#session_password'
+      assert_select 'a[href=?]', incline.signup_path
+      assert_select 'a[href=?]', incline.new_password_reset_path
+    end
+
+    test 'login with invalid information' do
+      get incline.login_path
+      assert_template 'incline/sessions/new'
+      post incline.login_path, session: { email: '', password: '' }
+      assert_template 'incline/sessions/new'
+      assert_not flash.empty?
+      get main_app.root_path
+      assert flash.empty?
+      assert_select 'a[href=?]', incline.login_path
+      assert_select 'a[href=?]', incline.logout_path, count: 0
+    end
+
+    test 'login with valid information followed by logout' do
+      get incline.login_path
+      post incline.login_path, session: valid_creds
+      assert is_logged_in?
+      assert_redirected_to @user
+      follow_redirect!
+      assert_template 'incline/users/show'
+      assert_select 'a[href=?]', incline.login_path, count: 0
+      assert_select 'a[href=?]', incline.logout_path
+      assert_select 'a[href=?]', incline.user_path(@user)
+      delete incline.logout_path
+      assert_not is_logged_in?
+      assert_redirected_to main_app.root_path
+      # simulate clicking 'log out' a second time.
+      delete incline.logout_path
+      assert_redirected_to main_app.root_path
+      follow_redirect!
+      assert_select 'a[href=?]', incline.login_path
+      assert_select 'a[href=?]', incline.logout_path, count: 0
+      assert_select 'a[href=?]', incline.user_path(@user), count: 0
+    end
+
+    test 'login with disabled account' do
+      @user = incline_users(:disabled)
+      get incline.login_path
+      post incline.login_path, session: { email: @user.email, password: valid_creds[:password] }
+      assert_template 'incline/sessions/new'
+      assert_not flash.empty?
+    end
+
+    test 'login with remembering' do
+      log_in_as @user, remember_me: '1'
+      assert_not_nil cookies[user_token_cookie.to_s]
+      assert_equal assigns(:user).remember_token, cookies[user_token_cookie.to_s]
+    end
+
+    test 'login without remembering' do
+      log_in_as @user, remember_me: '0'
+      assert_nil cookies[user_token_cookie.to_s]
+    end
+
+  end
+end

data/test/integration/incline/users_signup_test.rb

@@ -0,0 +1,147 @@
+require 'test_helper'
+
+module Incline
+  class UsersSignupTest < ActionDispatch::IntegrationTest
+
+    def setup
+      @routes = Incline::Engine.routes
+      @valid_params = self.class.valid_params
+      ActionMailer::Base.deliveries.clear
+    end
+
+    def self.valid_params
+      {
+          name: 'Valid User',
+          email: 'valid@example.com',
+          password: 'Password321',
+          password_confirmation: 'Password321',
+          recaptcha: Incline::Recaptcha::DISABLED
+      }
+    end
+
+    # should not allow when logged in (except admins can create other users)
+    access_tests_for :new,
+                     controller: 'users',
+                     url_helper: 'incline.signup_path',
+                     allow_anon: true,
+                     allow_any_user: false,
+                     allow_admin: true,
+                     failure: 'incline.user_path(user)'
+
+    access_tests_for :create,
+                     controller: 'users',
+                     url_helper: 'incline.signup_path',
+                     allow_anon: true,
+                     allow_any_user: false,
+                     allow_admin: true,
+                     success: '(system_admin? ? incline.users_path : main_app.root_path)',
+                     failure: 'incline.user_path(user)',
+                     create_params: { user: valid_params }
+
+    test 'signup template' do
+      get incline.signup_path
+      assert_template 'incline/users/new'
+      assert_select 'form[action=?]', incline.signup_path
+      assert_select '#user_name'
+      assert_select '#user_email'
+      assert_select '#user_password'
+    end
+
+    test 'require name' do
+      # no name
+      get incline.signup_path
+      assert_no_difference 'Incline::User.count' do
+        post incline.signup_path, user: @valid_params.merge(name: '')
+      end
+      assert_template 'incline/users/new'
+      assert_select 'div#error_explanation', /Name can't be blank/
+      assert_select 'div.field_with_errors input[id=?]', 'user_name'
+    end
+
+    test 'require valid email' do
+      # no email
+      get incline.signup_path
+      assert_no_difference 'Incline::User.count' do
+        post incline.signup_path, user: @valid_params.merge(email: '')
+      end
+      assert_template 'incline/users/new'
+      assert_select 'div#error_explanation', /Email can't be blank/
+      assert_select 'div.field_with_errors input[id=?]', 'user_email'
+
+      # invalid email
+      assert_no_difference 'Incline::User.count' do
+        post incline.signup_path, user: @valid_params.merge(email: 'admin@localhost')
+      end
+      assert_template 'incline/users/new'
+      assert_select 'div#error_explanation', /Email is not a valid email address/
+      assert_select 'div.field_with_errors input[id=?]', 'user_email'
+    end
+
+    test 'require password and confirmation' do
+      # no password
+      get incline.signup_path
+      assert_no_difference 'Incline::User.count' do
+        post incline.signup_path, user: @valid_params.merge(password: '')
+      end
+      assert_template 'incline/users/new'
+      assert_select 'div#error_explanation', /Password can't be blank/
+      assert_select 'div.field_with_errors input[id=?]', 'user_password'
+
+      # no password confirmation
+      assert_no_difference 'Incline::User.count' do
+        post incline.signup_path, user: @valid_params.merge(password_confirmation: '')
+      end
+      assert_template 'incline/users/new'
+      assert_select 'div#error_explanation', /Password confirmation doesn't match Password/
+      assert_select 'div.field_with_errors input[id=?]', 'user_password_confirmation'
+    end
+
+    test 'require reCAPTCHA' do
+      # no reCAPTCHA challenge
+      get incline.signup_path
+      assert_no_difference 'Incline::User.count' do
+        post incline.signup_path, user: @valid_params.merge(recaptcha: '')
+      end
+      assert_template 'incline/users/new'
+      assert_select 'div#error_explanation', /Recaptcha can't be blank/
+
+      # invalid reCAPTCHA challenge
+      assert_no_difference 'Incline::User.count' do
+        post incline.signup_path, user: @valid_params.merge(recaptcha: '0.0.0.0')
+      end
+      assert_template 'incline/users/new'
+      assert_select 'div#error_explanation', /Requires reCAPTCHA challenge to be completed/
+    end
+
+    test 'valid signup' do
+      # valid signup
+      get incline.signup_path
+      assert_difference 'Incline::User.count', 1 do
+        post incline.signup_path, user: @valid_params
+      end
+      assert_not is_logged_in?
+      assert_equal 1, ActionMailer::Base.deliveries.size
+      user = assigns(:user)
+      assert_not user.activated?
+      token = user.activation_token
+      assert_not_nil token
+
+      # try logging in before activation.
+      log_in_as user, password: @valid_params[:password]
+      assert_not is_logged_in?
+
+      # invalid activation token
+      get incline.edit_account_activation_url('invalid-token', email: user.email)
+      assert_not is_logged_in?
+      assert_not user.reload.activated?
+
+      # valid activation token
+      get incline.edit_account_activation_url(token, email: user.email)
+      assert user.reload.activated?
+      follow_redirect!
+      assert_template 'incline/users/show'
+      assert is_logged_in?
+    end
+
+  end
+end

data/test/integration/navigation_test.rb

@@ -0,0 +1,11 @@
+  require 'test_helper'
+
+  class NavigationTest < ActionDispatch::IntegrationTest
+
+    test 'layout links' do
+      get root_path
+      assert_select 'a[href=?]', root_path, count: 2
+      # TODO: Test more links.
+    end
+
+  end