jlecour-authlogic 2.1.2

data/test/session_test/magic_states_test.rb

@@ -0,0 +1,60 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  module SessionTest
+    class ConfigTest < ActiveSupport::TestCase
+      def test_disable_magic_states_config
+        UserSession.disable_magic_states = true
+        assert_equal true, UserSession.disable_magic_states
+    
+        UserSession.disable_magic_states false
+        assert_equal false, UserSession.disable_magic_states
+      end
+    end
+    
+    class InstanceMethodsTest < ActiveSupport::TestCase
+      def test_disabling_magic_states
+        UserSession.disable_magic_states = true
+      
+        ben = users(:ben)
+        ben.update_attribute(:active, false)
+        assert UserSession.create(ben)
+      
+        UserSession.disable_magic_states = false
+      end
+    
+      def test_validate_validate_magic_states_active
+        session = UserSession.new
+        ben = users(:ben)
+        session.unauthorized_record = ben
+        assert session.valid?
+      
+        ben.update_attribute(:active, false)
+        assert !session.valid?
+        assert session.errors[:base].size > 0
+      end
+    
+      def test_validate_validate_magic_states_approved
+        session = UserSession.new
+        ben = users(:ben)
+        session.unauthorized_record = ben
+        assert session.valid?
+      
+        ben.update_attribute(:approved, false)
+        assert !session.valid?
+        assert session.errors[:base].size > 0
+      end
+    
+      def test_validate_validate_magic_states_confirmed
+        session = UserSession.new
+        ben = users(:ben)
+        session.unauthorized_record = ben
+        assert session.valid?
+      
+        ben.update_attribute(:confirmed, false)
+        assert !session.valid?
+        assert session.errors[:base].size > 0
+      end
+    end
+  end
+end

data/test/session_test/params_test.rb

@@ -0,0 +1,53 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  module ParamsTest
+    class ConfigTest < ActiveSupport::TestCase
+      def test_params_key
+        UserSession.params_key = "my_params_key"
+        assert_equal "my_params_key", UserSession.params_key
+    
+        UserSession.params_key "user_credentials"
+        assert_equal "user_credentials", UserSession.params_key
+      end
+    
+      def test_single_access_allowed_request_types
+        UserSession.single_access_allowed_request_types = ["my request type"]
+        assert_equal ["my request type"], UserSession.single_access_allowed_request_types
+    
+        UserSession.single_access_allowed_request_types ["application/rss+xml", "application/atom+xml"]
+        assert_equal ["application/rss+xml", "application/atom+xml"], UserSession.single_access_allowed_request_types
+      end
+    end
+    
+    class InstanceMethodsTest < ActiveSupport::TestCase
+      def test_persist_persist_by_params
+        ben = users(:ben)
+        session = UserSession.new
+    
+        assert !session.persisting?
+        set_params_for(ben)
+      
+        assert !session.persisting?
+        assert !session.unauthorized_record
+        assert !session.record
+        assert_nil controller.session["user_credentials"]
+      
+        set_request_content_type("text/plain")
+        assert !session.persisting?
+        assert !session.unauthorized_record
+        assert_nil controller.session["user_credentials"]
+      
+        set_request_content_type("application/atom+xml")
+        assert session.persisting?
+        assert_equal ben, session.record
+        assert_nil controller.session["user_credentials"] # should not persist since this is single access
+      
+        set_request_content_type("application/rss+xml")
+        assert session.persisting?
+        assert_equal ben, session.unauthorized_record
+        assert_nil controller.session["user_credentials"]
+      end
+    end
+  end
+end

data/test/session_test/password_test.rb

@@ -0,0 +1,106 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  module PasswordTest
+    class ConfigTest < ActiveSupport::TestCase
+      def test_find_by_login_method
+        UserSession.find_by_login_method = "my_login_method"
+        assert_equal "my_login_method", UserSession.find_by_login_method
+    
+        UserSession.find_by_login_method "find_by_login"
+        assert_equal "find_by_login", UserSession.find_by_login_method
+      end
+    
+      def test_verify_password_method
+        UserSession.verify_password_method = "my_login_method"
+        assert_equal "my_login_method", UserSession.verify_password_method
+    
+        UserSession.verify_password_method "valid_password?"
+        assert_equal "valid_password?", UserSession.verify_password_method
+      end
+    
+      def test_generalize_credentials_error_mesages_set_to_false
+        UserSession.generalize_credentials_error_messages false
+        assert !UserSession.generalize_credentials_error_messages
+        session = UserSession.create(:login => users(:ben).login, :password => "invalud-password")
+        assert_equal ["Password is not valid"], session.errors.full_messages
+      end
+      
+      def test_generalize_credentials_error_messages_set_to_true
+        UserSession.generalize_credentials_error_messages true
+        assert UserSession.generalize_credentials_error_messages
+        session = UserSession.create(:login => users(:ben).login, :password => "invalud-password")
+        assert_equal ["Login/Password combination is not valid"], session.errors.full_messages
+      end
+
+      def test_generalize_credentials_error_messages_set_to_string
+        UserSession.generalize_credentials_error_messages= "Custom Error Message"
+        assert UserSession.generalize_credentials_error_messages
+        session = UserSession.create(:login => users(:ben).login, :password => "invalud-password")
+        assert_equal ["Custom Error Message"], session.errors.full_messages
+      end
+
+      
+      def test_login_field
+        UserSession.configured_password_methods = false
+        UserSession.login_field = :saweet
+        assert_equal :saweet, UserSession.login_field
+        session = UserSession.new
+        assert session.respond_to?(:saweet)
+    
+        UserSession.login_field :login
+        assert_equal :login, UserSession.login_field
+        session = UserSession.new
+        assert session.respond_to?(:login)
+      end
+    
+      def test_password_field
+        UserSession.configured_password_methods = false
+        UserSession.password_field = :saweet
+        assert_equal :saweet, UserSession.password_field
+        session = UserSession.new
+        assert session.respond_to?(:saweet)
+    
+        UserSession.password_field :password
+        assert_equal :password, UserSession.password_field
+        session = UserSession.new
+        assert session.respond_to?(:password)
+      end
+    end
+    
+    class InstanceMethodsTest < ActiveSupport::TestCase
+      def test_init
+        session = UserSession.new
+        assert session.respond_to?(:login)
+        assert session.respond_to?(:login=)
+        assert session.respond_to?(:password)
+        assert session.respond_to?(:password=)
+        assert session.respond_to?(:protected_password, true)
+      end
+    
+      def test_credentials
+        session = UserSession.new
+        session.credentials = {:login => "login", :password => "pass"}
+        assert_equal "login", session.login
+        assert_nil session.password
+        assert_equal "pass", session.send(:protected_password)
+        assert_equal({:password => "<protected>", :login => "login"}, session.credentials)
+      end
+    
+      def test_credentials_are_params_safe
+        session = UserSession.new
+        assert_nothing_raised { session.credentials = {:hacker_method => "error!"} }
+      end
+    
+      def test_save_with_credentials
+        ben = users(:ben)
+        session = UserSession.new(:login => ben.login, :password => "benrocks")
+        assert session.save
+        assert !session.new_session?
+        assert_equal 1, session.record.login_count
+        assert Time.now >= session.record.current_login_at
+        assert_equal "1.1.1.1", session.record.current_login_ip
+      end
+    end
+  end
+end

data/test/session_test/perishability_test.rb

@@ -0,0 +1,15 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  class PerishabilityTest < ActiveSupport::TestCase
+    def test_after_save
+      ben = users(:ben)
+      old_perishable_token = ben.perishable_token
+      session = UserSession.create(ben)
+      assert_not_equal old_perishable_token, ben.perishable_token
+      
+      drew = employees(:drew)
+      assert UserSession.create(drew)
+    end
+  end
+end

data/test/session_test/persistence_test.rb

@@ -0,0 +1,21 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  class PersistenceTest < ActiveSupport::TestCase
+    def test_find
+      ben = users(:ben)
+      assert !UserSession.find
+      http_basic_auth_for(ben) { assert UserSession.find }
+      set_cookie_for(ben)
+      assert UserSession.find
+      unset_cookie
+      set_session_for(ben)
+      session = UserSession.find
+      assert session
+    end
+    
+    def test_persisting
+      # tested thoroughly in test_find
+    end
+  end
+end

data/test/session_test/scopes_test.rb

@@ -0,0 +1,60 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  class ScopesTest < ActiveSupport::TestCase
+    def test_scope_method
+      assert_nil Authlogic::Session::Base.scope
+      
+      thread1 = Thread.new do
+        scope = {:id => :scope1}
+        Authlogic::Session::Base.send(:scope=, scope)
+        assert_equal scope, Authlogic::Session::Base.scope
+      end
+      thread1.join
+      
+      assert_nil Authlogic::Session::Base.scope
+      
+      thread2 = Thread.new do
+        scope = {:id => :scope2}
+        Authlogic::Session::Base.send(:scope=, scope)
+        assert_equal scope, Authlogic::Session::Base.scope
+      end
+      thread2.join
+
+      assert_nil Authlogic::Session::Base.scope
+    end
+  
+    def test_with_scope_method
+      assert_raise(ArgumentError) { UserSession.with_scope }
+      
+      UserSession.with_scope(:find_options => {:conditions => "awesome = 1"}, :id => "some_id") do
+        assert_equal({:find_options => {:conditions => "awesome = 1"}, :id => "some_id"}, UserSession.scope)
+      end
+      
+      assert_nil UserSession.scope
+    end
+  
+    def test_initialize
+      UserSession.with_scope(:find_options => {:conditions => "awesome = 1"}, :id => "some_id") do
+        session = UserSession.new
+        assert_equal({:find_options => {:conditions => "awesome = 1"}, :id => "some_id"}, session.scope)
+        session.id = :another_id
+        assert_equal "another_id_some_id_test", session.send(:build_key, "test")
+      end
+    end
+    
+    def test_search_for_record_with_scopes
+      binary_logic = companies(:binary_logic)
+      ben = users(:ben)
+      zack = users(:zack)
+      
+      session = UserSession.new
+      assert_equal zack, session.send(:search_for_record, "find_by_login", zack.login)
+      
+      session.scope = {:find_options => {:conditions => ["company_id = ?", binary_logic.id]}}
+      assert_nil session.send(:search_for_record, "find_by_login", zack.login)
+      
+      assert_equal ben, session.send(:search_for_record, "find_by_login", ben.login)
+    end
+  end
+end

data/test/session_test/session_test.rb

@@ -0,0 +1,59 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  module SessionTest
+    class ConfigTest < ActiveSupport::TestCase
+      def test_session_key
+        UserSession.session_key = "my_session_key"
+        assert_equal "my_session_key", UserSession.session_key
+    
+        UserSession.session_key "user_credentials"
+        assert_equal "user_credentials", UserSession.session_key
+      end
+    end
+    
+    class InstanceMethodsTest < ActiveSupport::TestCase
+      def test_persist_persist_by_session
+        ben = users(:ben)
+        set_session_for(ben)
+        assert session = UserSession.find
+        assert_equal ben, session.record
+        assert_equal ben.persistence_token, controller.session["user_credentials"]
+      end
+      
+      def test_persist_persist_by_session_with_token_only
+        ben = users(:ben)
+        set_session_for(ben)
+        controller.session["user_credentials_id"] = nil
+        assert session = UserSession.find
+        assert_equal ben, session.record
+        assert_equal ben.persistence_token, controller.session["user_credentials"]
+      end
+    
+      def test_after_save_update_session
+        ben = users(:ben)
+        session = UserSession.new(ben)
+        assert controller.session["user_credentials"].blank?
+        assert session.save
+        assert_equal ben.persistence_token, controller.session["user_credentials"]
+      end
+    
+      def test_after_destroy_update_session
+        ben = users(:ben)
+        set_session_for(ben)
+        assert_equal ben.persistence_token, controller.session["user_credentials"]
+        assert session = UserSession.find
+        assert session.destroy
+        assert controller.session["user_credentials"].blank?
+      end
+    
+      def test_after_persisting_update_session
+        ben = users(:ben)
+        set_cookie_for(ben)
+        assert controller.session["user_credentials"].blank?
+        assert UserSession.find
+        assert_equal ben.persistence_token, controller.session["user_credentials"]
+      end
+    end
+  end
+end

data/test/session_test/timeout_test.rb

@@ -0,0 +1,52 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  module TimeoutTest
+    class ConfigTest < ActiveSupport::TestCase
+      def test_logout_on_timeout
+        UserSession.logout_on_timeout = true
+        assert UserSession.logout_on_timeout
+    
+        UserSession.logout_on_timeout false
+        assert !UserSession.logout_on_timeout
+      end
+    end
+    
+    class InstanceMethods < ActiveSupport::TestCase
+      def test_stale_state
+        UserSession.logout_on_timeout = true
+        ben = users(:ben)
+        ben.last_request_at = 3.years.ago
+        ben.save
+        set_session_for(ben)
+      
+        session = UserSession.new
+        assert session.persisting?
+        assert session.stale?
+        assert_equal ben, session.stale_record
+        assert_nil session.record
+        assert_nil controller.session["user_credentials_id"]
+      
+        set_session_for(ben)
+      
+        ben.last_request_at = Time.now
+        ben.save
+      
+        assert session.persisting?
+        assert !session.stale?
+        assert_nil session.stale_record
+      
+        UserSession.logout_on_timeout = false
+      end
+      
+      def test_successful_login
+        UserSession.logout_on_timeout = true
+        ben = users(:ben)
+        assert UserSession.create(:login => ben.login, :password => "benrocks")
+        assert session = UserSession.find
+        assert_equal ben, session.record
+        UserSession.logout_on_timeout = false
+      end
+    end
+  end
+end

data/test/session_test/unauthorized_record_test.rb

@@ -0,0 +1,13 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  class UnauthorizedRecordTest < ActiveSupport::TestCase
+    def test_credentials
+      ben = users(:ben)
+      session = UserSession.new
+      session.credentials = [ben]
+      assert_equal ben, session.unauthorized_record
+      assert_equal({:unauthorized_record => "<protected>"}, session.credentials)
+    end
+  end
+end