kschrader-authlogic 2.1.2

data/test/acts_as_authentic_test/session_maintenance_test.rb

@@ -0,0 +1,84 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module ActsAsAuthenticTest
+  class SessionMaintenanceTest < ActiveSupport::TestCase
+    def test_maintain_sessions_config
+      assert User.maintain_sessions
+      User.maintain_sessions = false
+      assert !User.maintain_sessions
+      User.maintain_sessions true
+      assert User.maintain_sessions
+    end
+    
+    def test_login_after_create
+      assert User.create(:login => "awesome", :password => "saweet", :password_confirmation => "saweet", :email => "awesome@awesome.com")
+      assert UserSession.find
+    end
+    
+    def test_updating_session_with_failed_magic_state
+      ben = users(:ben)
+      ben.confirmed = false
+      ben.password = "newpass"
+      ben.password_confirmation = "newpass"
+      assert ben.save
+    end
+
+    def test_update_session_after_password_modify
+      ben = users(:ben)
+      UserSession.create(ben)
+      old_session_key = controller.session["user_credentials"]
+      old_cookie_key = controller.cookies["user_credentials"]
+      ben.password = "newpass"
+      ben.password_confirmation = "newpass"
+      assert ben.save
+      assert controller.session["user_credentials"]
+      assert controller.cookies["user_credentials"]
+      assert_not_equal controller.session["user_credentials"], old_session_key
+      assert_not_equal controller.cookies["user_credentials"], old_cookie_key
+    end
+
+    def test_no_session_update_after_modify
+      ben = users(:ben)
+      UserSession.create(ben)
+      old_session_key = controller.session["user_credentials"]
+      old_cookie_key = controller.cookies["user_credentials"]
+      ben.first_name = "Ben"
+      assert ben.save
+      assert_equal controller.session["user_credentials"], old_session_key
+      assert_equal controller.cookies["user_credentials"], old_cookie_key
+    end
+    
+    def test_creating_other_user
+      ben = users(:ben)
+      UserSession.create(ben)
+      old_session_key = controller.session["user_credentials"]
+      old_cookie_key = controller.cookies["user_credentials"]
+      assert User.create(:login => "awesome", :password => "saweet", :password_confirmation => "saweet", :email => "awesome@saweet.com")
+      assert_equal controller.session["user_credentials"], old_session_key
+      assert_equal controller.cookies["user_credentials"], old_cookie_key
+    end
+
+    def test_updating_other_user
+      ben = users(:ben)
+      UserSession.create(ben)
+      old_session_key = controller.session["user_credentials"]
+      old_cookie_key = controller.cookies["user_credentials"]
+      zack = users(:zack)
+      zack.password = "newpass"
+      zack.password_confirmation = "newpass"
+      assert zack.save
+      assert_equal controller.session["user_credentials"], old_session_key
+      assert_equal controller.cookies["user_credentials"], old_cookie_key
+    end
+
+    def test_resetting_password_when_logged_out
+      ben = users(:ben)
+      assert !UserSession.find
+      ben.password = "newpass"
+      ben.password_confirmation = "newpass"
+      assert ben.save
+      assert UserSession.find
+      assert_equal ben, UserSession.find.record
+    end
+  end
+end

data/test/acts_as_authentic_test/single_access_test.rb

@@ -0,0 +1,44 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module ActsAsAuthenticTest
+  class SingleAccessTest < ActiveSupport::TestCase
+    def test_change_single_access_token_with_password_config
+      assert !User.change_single_access_token_with_password
+      assert !Employee.change_single_access_token_with_password
+      
+      User.change_single_access_token_with_password = true
+      assert User.change_single_access_token_with_password
+      User.change_single_access_token_with_password false
+      assert !User.change_single_access_token_with_password
+    end
+    
+    def test_validates_uniqueness_of_single_access_token
+      u = User.new
+      u.single_access_token = users(:ben).single_access_token
+      assert !u.valid?
+      assert u.errors[:single_access_token].size > 0
+    end
+    
+    def test_before_validation_reset_single_access_token
+      u = User.new
+      assert !u.valid?
+      assert_not_nil u.single_access_token
+    end
+    
+    def test_after_password_set_reset_single_access_token
+      User.change_single_access_token_with_password = true
+      
+      ben = users(:ben)
+      old_single_access_token = ben.single_access_token
+      ben.password = "new_pass"
+      assert_not_equal old_single_access_token, ben.single_access_token
+      
+      User.change_single_access_token_with_password = false
+    end
+    
+    def test_after_password_set_is_not_called
+      ldaper = Ldaper.new
+      assert ldaper.save
+    end
+  end
+end

data/test/authenticates_many_test.rb

@@ -0,0 +1,16 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class AuthenticatesManyTest < ActiveSupport::TestCase
+  def test_scoping
+    zack = users(:zack)
+    ben = users(:ben)
+    binary_logic = companies(:binary_logic)
+    set_session_for(zack)
+    
+    assert !binary_logic.user_sessions.find
+    
+    set_session_for(ben)
+    
+    assert binary_logic.user_sessions.find
+  end
+end

data/test/crypto_provider_test/aes256_test.rb

@@ -0,0 +1,14 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module CryptoProviderTest
+  class AES256Test < ActiveSupport::TestCase
+    def test_encrypt
+      assert Authlogic::CryptoProviders::AES256.encrypt("mypass")
+    end
+    
+    def test_matches
+      hash = Authlogic::CryptoProviders::AES256.encrypt("mypass")
+      assert Authlogic::CryptoProviders::AES256.matches?(hash, "mypass")
+    end
+  end
+end

data/test/crypto_provider_test/bcrypt_test.rb

@@ -0,0 +1,14 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module CryptoProviderTest
+  class BCrpytTest < ActiveSupport::TestCase
+    def test_encrypt
+      assert Authlogic::CryptoProviders::BCrypt.encrypt("mypass")
+    end
+    
+    def test_matches
+      hash = Authlogic::CryptoProviders::BCrypt.encrypt("mypass")
+      assert Authlogic::CryptoProviders::BCrypt.matches?(hash, "mypass")
+    end
+  end
+end

data/test/crypto_provider_test/sha1_test.rb

@@ -0,0 +1,23 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module CryptoProviderTest
+  class Sha1Test < ActiveSupport::TestCase
+    def test_encrypt
+      assert Authlogic::CryptoProviders::Sha1.encrypt("mypass")
+    end
+    
+    def test_matches
+      hash = Authlogic::CryptoProviders::Sha1.encrypt("mypass")
+      assert Authlogic::CryptoProviders::Sha1.matches?(hash, "mypass")
+    end
+    
+    def test_old_restful_authentication_passwords
+      password = "test"
+      salt = "7e3041ebc2fc05a40c60028e2c4901a81035d3cd"
+      digest = "00742970dc9e6319f8019fd54864d3ea740f04b1"
+      Authlogic::CryptoProviders::Sha1.stretches = 1
+      assert Authlogic::CryptoProviders::Sha1.matches?(digest, nil, salt, password, nil)
+      Authlogic::CryptoProviders::Sha1.stretches = 10
+    end
+  end
+end

data/test/crypto_provider_test/sha512_test.rb

@@ -0,0 +1,14 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module CryptoProviderTest
+  class Sha512Test < ActiveSupport::TestCase
+    def test_encrypt
+      assert Authlogic::CryptoProviders::Sha512.encrypt("mypass")
+    end
+    
+    def test_matches
+      hash = Authlogic::CryptoProviders::Sha512.encrypt("mypass")
+      assert Authlogic::CryptoProviders::Sha512.matches?(hash, "mypass")
+    end
+  end
+end

data/test/fixtures/companies.yml

@@ -0,0 +1,5 @@
+binary_logic:
+  name: Binary Logic
+  
+logic_over_data:
+  name: Logic Over Data

data/test/fixtures/employees.yml

@@ -0,0 +1,17 @@
+drew:
+  company: binary_logic
+  email: dgainor@binarylogic.com
+  password_salt: <%= salt = Authlogic::Random.hex_token %>
+  crypted_password: '<%= Employee.crypto_provider.encrypt("drewrocks" + salt) %>'
+  persistence_token: 5273d85ed156e9dbd6a7c1438d319ef8c8d41dd24368db6c222de11346c7b11e53ee08d45ecf619b1c1dc91233d22b372482b751b066d0a6f6f9bac42eacaabf
+  first_name: Drew
+  last_name: Gainor
+  
+jennifer:
+  company: logic_over_data
+  email: jjohnson@logicoverdata.com
+  password_salt: <%= salt = Authlogic::Random.hex_token %>
+  crypted_password: '<%= Employee.crypto_provider.encrypt("jenniferocks" + salt) %>'
+  persistence_token: 2be52a8f741ad00056e6f94eb6844d5316527206da7a3a5e3d0e14d19499ef9fe4c47c89b87febb59a2b41a69edfb4733b6b79302040f3de83f297c6991c75a2
+  first_name: Jennifer
+  last_name: Johnson

data/test/fixtures/projects.yml

@@ -0,0 +1,3 @@
+web_services:
+  name: web services
+  users: ben, zack

data/test/fixtures/users.yml

@@ -0,0 +1,24 @@
+ben:
+  company: binary_logic
+  projects: web_services
+  login: bjohnson
+  password_salt: <%= salt = Authlogic::Random.hex_token %>
+  crypted_password: <%= Authlogic::CryptoProviders::Sha512.encrypt("benrocks" + salt) %>
+  persistence_token: 6cde0674657a8a313ce952df979de2830309aa4c11ca65805dd00bfdc65dbcc2f5e36718660a1d2e68c1a08c276d996763985d2f06fd3d076eb7bc4d97b1e317
+  single_access_token: <%= Authlogic::Random.friendly_token %>
+  perishable_token: <%= Authlogic::Random.friendly_token %>
+  email: bjohnson@binarylogic.com
+  first_name: Ben
+  last_name: Johnson
+  
+zack:
+  company: logic_over_data
+  projects: web_services
+  login: zackham
+  password_salt: <%= salt = Authlogic::Random.hex_token %>
+  crypted_password: <%= Authlogic::CryptoProviders::Sha512.encrypt("zackrocks" + salt) %>
+  persistence_token: fd3c2d5ce09ab98e7547d21f1b3dcf9158a9a19b5d3022c0402f32ae197019fce3fdbc6614d7ee57d719bae53bb089e30edc9e5d6153e5bc3afca0ac1d320342
+  single_access_token: <%= Authlogic::Random.friendly_token %>
+  email: zham@ziggityzack.com
+  first_name: Zack
+  last_name: Ham

data/test/libs/affiliate.rb

@@ -0,0 +1,7 @@
+class Affiliate < ActiveRecord::Base
+  acts_as_authentic do |c|
+    c.crypted_password_field = :pw_hash
+  end
+  
+  belongs_to :company
+end

data/test/libs/company.rb

@@ -0,0 +1,6 @@
+class Company < ActiveRecord::Base
+  authenticates_many :employee_sessions
+  authenticates_many :user_sessions
+  has_many :employees, :dependent => :destroy
+  has_many :users, :dependent => :destroy
+end

data/test/libs/employee.rb

@@ -0,0 +1,7 @@
+class Employee < ActiveRecord::Base
+  acts_as_authentic do |c|
+    c.crypto_provider Authlogic::CryptoProviders::AES256
+  end
+  
+  belongs_to :company
+end

data/test/libs/employee_session.rb

@@ -0,0 +1,2 @@
+class EmployeeSession < Authlogic::Session::Base
+end

data/test/libs/ldaper.rb

@@ -0,0 +1,3 @@
+class Ldaper < ActiveRecord::Base
+  acts_as_authentic
+end

data/test/libs/ordered_hash.rb

@@ -0,0 +1,9 @@
+class Hash
+  def each(&block)
+    sorted_keys = keys.sort { |a, b| a.to_s <=> b.to_s }
+    sorted_keys.each do |key|
+      yield key, self[key]
+    end
+    self
+  end
+end

data/test/libs/project.rb

@@ -0,0 +1,3 @@
+class Project < ActiveRecord::Base
+  has_and_belongs_to_many :users
+end

data/test/libs/user.rb

@@ -0,0 +1,5 @@
+class User < ActiveRecord::Base
+  acts_as_authentic
+  belongs_to :company
+  has_and_belongs_to_many :projects
+end

data/test/libs/user_session.rb

@@ -0,0 +1,2 @@
+class UserSession < Authlogic::Session::Base
+end

data/test/random_test.rb

@@ -0,0 +1,49 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class RandomTest < ActiveSupport::TestCase
+  def test_random_tokens_have_consisten_length
+    with_any_random do
+      assert_equal 128, Authlogic::Random.hex_token.length
+      assert_equal 20,  Authlogic::Random.friendly_token.length
+    end
+  end
+  
+  def test_random_tokens_are_indeed_random
+    # this might fail if you are *really* unlucky :)
+    with_any_random do
+      assert_not_equal Authlogic::Random.hex_token,       Authlogic::Random.hex_token
+      assert_not_equal Authlogic::Random.friendly_token,  Authlogic::Random.friendly_token
+    end
+  end
+
+  private
+    def with_any_random(&block)
+      [true, false].each {|val| with_secure_random_enabled(val, &block)}
+    end
+
+    def with_secure_random_enabled(enabled = true)
+      # can't really test SecureRandom if we don't have an implementation
+      return if enabled && !Authlogic::Random::SecureRandom
+    
+      current_sec_rand = Authlogic::Random::SecureRandom
+      reload_authlogic_with_sec_random!(current_sec_rand, enabled)
+  
+      yield
+    ensure
+      reload_authlogic_with_sec_random!(current_sec_rand)
+    end
+
+    def reload_authlogic_with_sec_random!(secure_random, enabled = true)
+      silence_warnings do
+        secure_random.parent.const_set(secure_random.name.sub("#{secure_random.parent}::", ''), enabled ? secure_random : nil)
+        load(File.dirname(__FILE__) + '/../lib/authlogic/random.rb')
+      end
+    end
+
+    def silence_warnings
+      old_verbose, $VERBOSE = $VERBOSE, nil
+      yield
+    ensure
+      $VERBOSE = old_verbose
+    end
+end

data/test/session_test/activation_test.rb

@@ -0,0 +1,43 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  module ActivationTest
+    class ClassMethodsTest < ActiveSupport::TestCase
+      def test_activated
+        assert UserSession.activated?
+        Authlogic::Session::Base.controller = nil
+        assert !UserSession.activated?
+      end
+    
+      def test_controller
+        Authlogic::Session::Base.controller = nil
+        assert_nil Authlogic::Session::Base.controller
+        thread1 = Thread.new do
+          controller = MockController.new
+          Authlogic::Session::Base.controller = controller
+          assert_equal controller, Authlogic::Session::Base.controller
+        end
+        thread1.join
+
+        assert_nil Authlogic::Session::Base.controller
+      
+        thread2 = Thread.new do
+          controller = MockController.new
+          Authlogic::Session::Base.controller = controller
+          assert_equal controller, Authlogic::Session::Base.controller
+        end
+        thread2.join
+      
+        assert_nil Authlogic::Session::Base.controller
+      end
+    end
+    
+    class InstanceMethodsTest < ActiveSupport::TestCase
+      def test_init
+        UserSession.controller = nil
+        assert_raise(Authlogic::Session::Activation::NotActivatedError) { UserSession.new }
+        UserSession.controller = controller
+      end
+    end
+  end
+end

data/test/session_test/active_record_trickery_test.rb

@@ -0,0 +1,27 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module SessionTest
+  module ActiveRecordTrickeryTest
+    class ClassMethodsTest < ActiveSupport::TestCase
+      def test_human_attribute_name
+        assert_equal "Some attribute", UserSession.human_attribute_name("some_attribute")
+        assert_equal "Some attribute", UserSession.human_attribute_name(:some_attribute)
+      end
+    
+      def test_human_name
+        assert_equal "Usersession", UserSession.human_name
+      end
+    
+      def test_self_and_descendents_from_active_record
+        assert_equal [UserSession], UserSession.self_and_descendents_from_active_record
+      end
+    end
+    
+    class InstanceMethodsTest < ActiveSupport::TestCase
+      def test_new_record
+        session = UserSession.new
+        assert session.new_record?
+      end
+    end
+  end
+end