locomotivecms_steam 1.2.1 → 1.3.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +1 -1
- data/Gemfile +3 -2
- data/Gemfile.lock +57 -50
- data/LICENSE +1 -1
- data/README.md +1 -1
- data/config/locales/nl.yml +2 -2
- data/lib/locomotive/steam/adapters/filesystem/yaml_loaders/content_entry.rb +8 -0
- data/lib/locomotive/steam/adapters/memory/condition.rb +1 -1
- data/lib/locomotive/steam/configuration.rb +1 -1
- data/lib/locomotive/steam/decorators/template_decorator.rb +1 -1
- data/lib/locomotive/steam/entities/content_entry.rb +17 -0
- data/lib/locomotive/steam/entities/content_type.rb +1 -0
- data/lib/locomotive/steam/entities/content_type_field.rb +1 -0
- data/lib/locomotive/steam/entities/editable_element.rb +4 -0
- data/lib/locomotive/steam/errors.rb +35 -5
- data/lib/locomotive/steam/initializers/sprockets.rb +6 -80
- data/lib/locomotive/steam/liquid/drops/page.rb +9 -2
- data/lib/locomotive/steam/liquid/filters/date.rb +109 -0
- data/lib/locomotive/steam/liquid/tags/action.rb +6 -1
- data/lib/locomotive/steam/liquid/tags/authorize.rb +65 -0
- data/lib/locomotive/steam/liquid/tags/snippet.rb +10 -2
- data/lib/locomotive/steam/liquid/template.rb +3 -1
- data/lib/locomotive/steam/middlewares/auth.rb +187 -0
- data/lib/locomotive/steam/middlewares/redirection.rb +24 -0
- data/lib/locomotive/steam/middlewares/renderer.rb +20 -3
- data/lib/locomotive/steam/middlewares/sitemap.rb +3 -1
- data/lib/locomotive/steam/middlewares/templatized_page.rb +1 -6
- data/lib/locomotive/steam/middlewares/thread_safe.rb +19 -0
- data/lib/locomotive/steam/middlewares/url_redirection.rb +14 -1
- data/lib/locomotive/steam/repositories.rb +5 -1
- data/lib/locomotive/steam/repositories/content_entry_repository.rb +1 -1
- data/lib/locomotive/steam/repositories/content_type_field_repository.rb +4 -0
- data/lib/locomotive/steam/server.rb +2 -0
- data/lib/locomotive/steam/services.rb +9 -1
- data/lib/locomotive/steam/services/action_service.rb +26 -7
- data/lib/locomotive/steam/services/asset_host_service.rb +6 -1
- data/lib/locomotive/steam/services/auth_service.rb +105 -0
- data/lib/locomotive/steam/services/content_entry_service.rb +14 -0
- data/lib/locomotive/steam/services/external_api_service.rb +59 -25
- data/lib/locomotive/steam/services/liquid_parser_service.rb +5 -1
- data/lib/locomotive/steam/services/page_redirection_service.rb +29 -0
- data/lib/locomotive/steam/version.rb +1 -1
- data/locomotivecms_steam.gemspec +18 -16
- data/spec/fixtures/default/app/content_types/accounts.yml +59 -0
- data/spec/fixtures/default/app/content_types/songs.yml +2 -1
- data/spec/fixtures/default/app/views/pages/about_us/john_doe.fr.liquid.haml +5 -1
- data/spec/fixtures/default/app/views/pages/about_us/john_doe.liquid.haml +1 -1
- data/spec/fixtures/default/app/views/pages/account/forgot_password.liquid +39 -0
- data/spec/fixtures/default/app/views/pages/account/me.liquid +15 -0
- data/spec/fixtures/default/app/views/pages/account/reset_password.liquid +42 -0
- data/spec/fixtures/default/app/views/pages/account/sign_in.liquid +49 -0
- data/spec/fixtures/default/app/views/pages/all.liquid.haml +1 -1
- data/spec/fixtures/default/app/views/pages/emails/reset_password.liquid +15 -0
- data/spec/fixtures/default/app/views/pages/songs/template.liquid.haml +1 -1
- data/spec/fixtures/default/config/metafields_schema.yml +10 -0
- data/spec/fixtures/default/config/site.yml +5 -0
- data/spec/fixtures/default/config/translations.yml +25 -1
- data/spec/fixtures/default/data/accounts.yml +15 -0
- data/spec/fixtures/mongodb/locomotive_accounts.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_accounts.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_activities.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_activities.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_content_assets.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_content_assets.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_content_entries.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_content_entries.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_content_types.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_content_types.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_pages.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_pages.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_sites.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_sites.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_snippets.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_snippets.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_theme_assets.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_theme_assets.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_translations.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_translations.metadata.json +1 -1
- data/spec/integration/repositories/content_entry_repository_spec.rb +1 -1
- data/spec/integration/repositories/content_type_repository_spec.rb +1 -1
- data/spec/integration/repositories/page_repository_spec.rb +3 -3
- data/spec/integration/repositories/theme_asset_repository_spec.rb +1 -1
- data/spec/integration/repositories/translation_repository_spec.rb +1 -1
- data/spec/integration/server/auth_spec.rb +196 -0
- data/spec/integration/server/basic_spec.rb +18 -0
- data/spec/integration/server/nav_spec.rb +1 -1
- data/spec/integration/server/sitemap_spec.rb +1 -1
- data/spec/integration/services/content_entry_service_spec.rb +1 -1
- data/spec/integration/services/external_api_service_spec.rb +9 -0
- data/spec/support/helpers.rb +1 -1
- data/spec/unit/adapters/filesystem/yaml_loaders/content_entry_spec.rb +17 -5
- data/spec/unit/adapters/filesystem/yaml_loaders/content_type_spec.rb +4 -4
- data/spec/unit/adapters/filesystem/yaml_loaders/page_spec.rb +7 -7
- data/spec/unit/adapters/filesystem/yaml_loaders/site_spec.rb +1 -1
- data/spec/unit/adapters/filesystem/yaml_loaders/translation_spec.rb +1 -1
- data/spec/unit/entities/content_entry_spec.rb +10 -0
- data/spec/unit/errors_spec.rb +2 -2
- data/spec/unit/initializers/sprockets_spec.rb +0 -14
- data/spec/unit/liquid/drops/page_spec.rb +3 -2
- data/spec/unit/liquid/filters/date_spec.rb +219 -0
- data/spec/unit/liquid/tags/action_spec.rb +9 -0
- data/spec/unit/liquid/tags/authorize_spec.rb +51 -0
- data/spec/unit/liquid/tags/link_to_spec.rb +1 -1
- data/spec/unit/liquid/tags/paginate_spec.rb +1 -1
- data/spec/unit/liquid/tags/snippet_spec.rb +10 -0
- data/spec/unit/middlewares/auth_spec.rb +31 -0
- data/spec/unit/middlewares/redirection_spec.rb +37 -0
- data/spec/unit/middlewares/url_redirection_spec.rb +20 -1
- data/spec/unit/services/action_service_spec.rb +57 -1
- data/spec/unit/services/asset_host_service_spec.rb +15 -0
- data/spec/unit/services/auth_service_spec.rb +156 -0
- data/spec/unit/services/external_api_service_spec.rb +22 -0
- data/spec/unit/services/page_redirection_service_spec.rb +49 -0
- metadata +96 -40
- data/CHANGELOG.md +0 -29
- data/spec/fixtures/mongodb/system.indexes.bson +0 -0
@@ -12,6 +12,15 @@ describe Locomotive::Steam::Liquid::Tags::Action do
|
|
12
12
|
|
13
13
|
subject { render_template(source, context) }
|
14
14
|
|
15
|
+
describe 'parsing' do
|
16
|
+
|
17
|
+
describe 'raises an error if the syntax is incorrect' do
|
18
|
+
let(:source) { '{% action %}{% endaction %}' }
|
19
|
+
it { expect { subject }.to raise_exception(Liquid::SyntaxError) }
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
23
|
+
|
15
24
|
describe 'rendering' do
|
16
25
|
|
17
26
|
it { is_expected.to eq '' }
|
@@ -0,0 +1,51 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Locomotive::Steam::Liquid::Tags::Authorize do
|
4
|
+
|
5
|
+
let(:site) { instance_double('Site', default_locale: 'en', prefix_default_locale: false) }
|
6
|
+
let(:page) { instance_double('Page', fullpath: 'me/sign_in', templatized?: false) }
|
7
|
+
let(:page_handle) { "'sign_in'" }
|
8
|
+
let(:source) { "{% authorize 'accounts', #{page_handle} %}Hello world!" }
|
9
|
+
let(:assigns) { {} }
|
10
|
+
let(:services) { Locomotive::Steam::Services.build_instance }
|
11
|
+
let(:context) { ::Liquid::Context.new(assigns, {}, { services: services }) }
|
12
|
+
|
13
|
+
before {
|
14
|
+
allow(services).to receive(:current_site).and_return(site)
|
15
|
+
allow(services.page_finder).to receive(:by_handle).and_return(page)
|
16
|
+
}
|
17
|
+
|
18
|
+
subject { render_template(source, context) }
|
19
|
+
|
20
|
+
describe 'validating syntax' do
|
21
|
+
|
22
|
+
describe 'no page handle' do
|
23
|
+
let(:source) { '{% authorize accounts %}' }
|
24
|
+
it { expect { subject }.to raise_exception(Liquid::SyntaxError) }
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
28
|
+
|
29
|
+
describe '#render' do
|
30
|
+
|
31
|
+
context 'unauthenticated account' do
|
32
|
+
|
33
|
+
it 'redirects to the sign in page' do
|
34
|
+
expect { subject }.to raise_error(Locomotive::Steam::RedirectionException, 'Redirect to /me/sign_in')
|
35
|
+
end
|
36
|
+
|
37
|
+
end
|
38
|
+
|
39
|
+
context 'authenticated account' do
|
40
|
+
|
41
|
+
let(:assigns) { { 'current_account' => liquid_instance_double('Account', {}) } }
|
42
|
+
|
43
|
+
it 'renders the page' do
|
44
|
+
expect(subject).to eq 'Hello world!'
|
45
|
+
end
|
46
|
+
|
47
|
+
end
|
48
|
+
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
@@ -20,7 +20,7 @@ describe Locomotive::Steam::Liquid::Tags::PathTo do
|
|
20
20
|
context 'unknown tag' do
|
21
21
|
|
22
22
|
let(:source) { '{% link_to index %}{% endbar %}{% endlink_to %}' }
|
23
|
-
it { expect { subject }.to raise_error("Liquid syntax error: Unknown tag 'endbar'") }
|
23
|
+
it { expect { subject }.to raise_error("Liquid syntax error (line 1): Unknown tag 'endbar'") }
|
24
24
|
|
25
25
|
end
|
26
26
|
|
@@ -45,7 +45,7 @@ EOF
|
|
45
45
|
|
46
46
|
subject { output }
|
47
47
|
|
48
|
-
it { expect { subject }.to raise_error(::Liquid::ArgumentError, "Liquid error: Cannot paginate 'projects'. Not found.") }
|
48
|
+
it { expect { subject }.to raise_error(::Liquid::ArgumentError, "Liquid error (line 1): Cannot paginate 'projects'. Not found.") }
|
49
49
|
|
50
50
|
end
|
51
51
|
|
@@ -37,6 +37,16 @@ describe Locomotive::Steam::Liquid::Tags::Snippet do
|
|
37
37
|
|
38
38
|
it { is_expected.to eq 'Locomotive built by NoCoffee' }
|
39
39
|
|
40
|
+
context 'rendering error (action) found in the snippet' do
|
41
|
+
|
42
|
+
let(:snippet) { instance_double('Snippet', template: nil, :template= => nil, liquid_source: '{% action "Hello world" %}a.b(+}{% endaction %}') }
|
43
|
+
|
44
|
+
it 'raises ParsingRenderingError' do
|
45
|
+
expect { subject }.to raise_exception(Locomotive::Steam::ParsingRenderingError)
|
46
|
+
end
|
47
|
+
|
48
|
+
end
|
49
|
+
|
40
50
|
end
|
41
51
|
|
42
52
|
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
require_relative '../../../lib/locomotive/steam/middlewares/thread_safe'
|
4
|
+
require_relative '../../../lib/locomotive/steam/middlewares/helpers'
|
5
|
+
require_relative '../../../lib/locomotive/steam/middlewares/auth'
|
6
|
+
|
7
|
+
describe Locomotive::Steam::Middlewares::Auth::AuthOptions do
|
8
|
+
|
9
|
+
let(:metafields) { { 'smtp' => { 'address' => '127.0.0.1', 'user_name' => 'John', 'password' => 'doe', 'port' => 25 } } }
|
10
|
+
let(:site) { instance_double('Site', metafields: metafields) }
|
11
|
+
let(:params) { {} }
|
12
|
+
|
13
|
+
let(:options) { described_class.new(site, params) }
|
14
|
+
|
15
|
+
describe '#smtp' do
|
16
|
+
|
17
|
+
subject { options.smtp }
|
18
|
+
|
19
|
+
it { is_expected.to eq('address': '127.0.0.1', 'user_name': 'John', 'password': 'doe', 'port': 25) }
|
20
|
+
|
21
|
+
context 'no smtp metafields' do
|
22
|
+
|
23
|
+
let(:metafields) { {} }
|
24
|
+
|
25
|
+
it { is_expected.to eq({}) }
|
26
|
+
|
27
|
+
end
|
28
|
+
|
29
|
+
end
|
30
|
+
|
31
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
require_relative '../../../lib/locomotive/steam/middlewares/thread_safe'
|
4
|
+
require_relative '../../../lib/locomotive/steam/middlewares/helpers'
|
5
|
+
require_relative '../../../lib/locomotive/steam/middlewares/redirection'
|
6
|
+
|
7
|
+
describe Locomotive::Steam::Middlewares::Redirection do
|
8
|
+
|
9
|
+
let(:site) { instance_double('Site') }
|
10
|
+
let(:url) { 'http://models.example.com/about-us' }
|
11
|
+
let(:locomotive_path) { nil }
|
12
|
+
let(:app) { ->(env) { [200, env, 'app'] } }
|
13
|
+
let(:middleware) { described_class.new(app) }
|
14
|
+
|
15
|
+
subject do
|
16
|
+
env = env_for(url, 'steam.site' => site)
|
17
|
+
env['steam.request'] = Rack::Request.new(env)
|
18
|
+
env['locomotive.path'] = locomotive_path
|
19
|
+
code, env = middleware.call(env)
|
20
|
+
[code, env['Location']]
|
21
|
+
end
|
22
|
+
|
23
|
+
describe 'no redirection exception raised' do
|
24
|
+
|
25
|
+
it { is_expected.to eq [200, nil] }
|
26
|
+
|
27
|
+
end
|
28
|
+
|
29
|
+
describe 'redirection exception raised' do
|
30
|
+
|
31
|
+
let(:app) { ->(env) { raise Locomotive::Steam::RedirectionException.new('/sign_in') } }
|
32
|
+
|
33
|
+
it { is_expected.to eq [302, '/sign_in'] }
|
34
|
+
|
35
|
+
end
|
36
|
+
|
37
|
+
end
|
@@ -7,7 +7,7 @@ require_relative '../../../lib/locomotive/steam/middlewares/url_redirection'
|
|
7
7
|
describe Locomotive::Steam::Middlewares::UrlRedirection do
|
8
8
|
|
9
9
|
let(:redirections) { [] }
|
10
|
-
let(:site) { instance_double('Site', url_redirections: redirections) }
|
10
|
+
let(:site) { instance_double('Site', _id: 42, url_redirections: redirections) }
|
11
11
|
let(:url) { 'http://models.example.com' }
|
12
12
|
let(:locomotive_path) { nil }
|
13
13
|
let(:app) { ->(env) { [200, env, 'app'] } }
|
@@ -54,6 +54,25 @@ describe Locomotive::Steam::Middlewares::UrlRedirection do
|
|
54
54
|
|
55
55
|
end
|
56
56
|
|
57
|
+
describe 'let the parent app know about the redirection when it happens' do
|
58
|
+
|
59
|
+
let(:events) { [] }
|
60
|
+
|
61
|
+
before {
|
62
|
+
@subscriber = ActiveSupport::Notifications.subscribe('steam.serve.url_redirection') do |name, start, finish, id, payload|
|
63
|
+
events << payload[:url]
|
64
|
+
end
|
65
|
+
}
|
66
|
+
|
67
|
+
after { ActiveSupport::Notifications.unsubscribe(@subscriber) }
|
68
|
+
|
69
|
+
it 'emits an event' do
|
70
|
+
subject
|
71
|
+
expect(events).to eq ['/foo.php']
|
72
|
+
end
|
73
|
+
|
74
|
+
end
|
75
|
+
|
57
76
|
describe 'url with a query string' do
|
58
77
|
|
59
78
|
let(:url) { 'http://models.example.com/foo.php?a=1' }
|
@@ -6,7 +6,9 @@ describe Locomotive::Steam::ActionService do
|
|
6
6
|
let(:site) { instance_double('Site', as_json: site_hash ) }
|
7
7
|
let(:email_service) { instance_double('EmailService') }
|
8
8
|
let(:entry_service) { instance_double('ContentService') }
|
9
|
-
let(:
|
9
|
+
let(:api_service) { instance_double('ExternalAPIService') }
|
10
|
+
let(:redirection_service) { instance_double('PageRedirectionService') }
|
11
|
+
let(:service) { described_class.new(site, email_service, content_entry: entry_service, api: api_service, redirection: redirection_service) }
|
10
12
|
|
11
13
|
describe '#run' do
|
12
14
|
|
@@ -20,6 +22,30 @@ describe Locomotive::Steam::ActionService do
|
|
20
22
|
|
21
23
|
it { is_expected.to eq 2.0 }
|
22
24
|
|
25
|
+
describe 'deal with exceptions' do
|
26
|
+
|
27
|
+
context 'wrong syntax' do
|
28
|
+
|
29
|
+
let(:script) { 'a +/ b * var;' }
|
30
|
+
|
31
|
+
it 'raises a meaningful exception' do
|
32
|
+
expect { subject }.to raise_error(Locomotive::Steam::ActionError, "eof or line terminator in regexp (line 2)")
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
36
|
+
|
37
|
+
context 'other error' do
|
38
|
+
|
39
|
+
let(:script) { 'a.b' }
|
40
|
+
|
41
|
+
it 'raises a meaningful exception' do
|
42
|
+
expect { subject }.to raise_error(Locomotive::Steam::ActionError, "identifier 'a' undefined")
|
43
|
+
end
|
44
|
+
|
45
|
+
end
|
46
|
+
|
47
|
+
end
|
48
|
+
|
23
49
|
describe 'with params' do
|
24
50
|
|
25
51
|
let(:params) { { 'foo' => 'hello' } }
|
@@ -166,6 +192,36 @@ describe Locomotive::Steam::ActionService do
|
|
166
192
|
|
167
193
|
end
|
168
194
|
|
195
|
+
describe 'callAPI' do
|
196
|
+
|
197
|
+
let(:script) { "callAPI('POST', 'https://api.stripe.com/v1/charges', { username: 'abcdefghij', data: { token: '123456789' } })" }
|
198
|
+
|
199
|
+
it 'forwards the action to the external api service' do
|
200
|
+
expect(api_service).to receive(:consume).with(
|
201
|
+
'https://api.stripe.com/v1/charges', {
|
202
|
+
method: 'POST',
|
203
|
+
username: 'abcdefghij',
|
204
|
+
data: {
|
205
|
+
token: '123456789'
|
206
|
+
}
|
207
|
+
}, true
|
208
|
+
)
|
209
|
+
subject
|
210
|
+
end
|
211
|
+
|
212
|
+
end
|
213
|
+
|
214
|
+
describe 'redirectTo' do
|
215
|
+
|
216
|
+
let(:script) { "redirectTo('about-us');" }
|
217
|
+
|
218
|
+
it 'stops the rendering process and redirects the user to another page' do
|
219
|
+
expect(redirection_service).to receive(:redirect_to).with('about-us', nil).and_raise(Locomotive::Steam::RedirectionException.new('/about-us'))
|
220
|
+
expect { subject }.to raise_exception(Locomotive::Steam::RedirectionException, 'Redirect to /about-us')
|
221
|
+
end
|
222
|
+
|
223
|
+
end
|
224
|
+
|
169
225
|
end
|
170
226
|
|
171
227
|
end
|
@@ -53,6 +53,21 @@ describe Locomotive::Steam::AssetHostService do
|
|
53
53
|
|
54
54
|
end
|
55
55
|
|
56
|
+
describe 'the host with prefix' do
|
57
|
+
|
58
|
+
let(:host) { 'http://somewhere.net/other/' }
|
59
|
+
let(:source) { '/sites/42/assets/1/banner.png' }
|
60
|
+
it { is_expected.to eq 'http://somewhere.net/other/sites/42/assets/1/banner.png' }
|
61
|
+
|
62
|
+
describe 'also with https' do
|
63
|
+
|
64
|
+
let(:host) { 'https://somewhere.net/other/' }
|
65
|
+
it { is_expected.to eq 'https://somewhere.net/other/sites/42/assets/1/banner.png' }
|
66
|
+
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
70
|
+
|
56
71
|
describe 'the host is a string' do
|
57
72
|
|
58
73
|
let(:host) { 'http://assets.locomotivecms.com' }
|
@@ -0,0 +1,156 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Locomotive::Steam::AuthService do
|
4
|
+
|
5
|
+
let(:entries) { instance_double('ContentService') }
|
6
|
+
let(:emails) { instance_double('EmailService') }
|
7
|
+
let(:service) { described_class.new(entries, emails) }
|
8
|
+
|
9
|
+
let(:default_auth_options) { {
|
10
|
+
type: 'accounts',
|
11
|
+
id_field: 'email',
|
12
|
+
id: 'john@doe.net',
|
13
|
+
password_field: 'password',
|
14
|
+
password: 'easyone',
|
15
|
+
reset_password_url: '/reset-password',
|
16
|
+
reset_token: '42',
|
17
|
+
from: 'contact@acme.org',
|
18
|
+
subject: 'Instructions for changing your password',
|
19
|
+
email_handle: 'reset-password-email',
|
20
|
+
smtp: {}
|
21
|
+
} }
|
22
|
+
|
23
|
+
let(:auth_options) { instance_double('AuthOptions', default_auth_options) }
|
24
|
+
|
25
|
+
describe '#sign_in' do
|
26
|
+
|
27
|
+
subject { service.sign_in(auth_options) }
|
28
|
+
|
29
|
+
it 'returns :wrong_credentials if no entry matches the email' do
|
30
|
+
expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([])
|
31
|
+
is_expected.to eq :wrong_credentials
|
32
|
+
end
|
33
|
+
|
34
|
+
it "returns :wrong_credentials if the password doesn't the entry's password" do
|
35
|
+
entry = build_account('fakeone')
|
36
|
+
expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([entry])
|
37
|
+
is_expected.to eq :wrong_credentials
|
38
|
+
end
|
39
|
+
|
40
|
+
it "returns both :signed_in and the entry if the password matches the entry's password" do
|
41
|
+
entry = build_account('easyone')
|
42
|
+
expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([entry])
|
43
|
+
is_expected.to eq [:signed_in, entry]
|
44
|
+
end
|
45
|
+
|
46
|
+
end
|
47
|
+
|
48
|
+
describe '#forgot_password' do
|
49
|
+
|
50
|
+
let(:liquid_context) { {} }
|
51
|
+
|
52
|
+
subject { service.forgot_password(auth_options, liquid_context) }
|
53
|
+
|
54
|
+
it 'returns :wrong_email if no entry matches the email' do
|
55
|
+
expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([])
|
56
|
+
is_expected.to eq :wrong_email
|
57
|
+
end
|
58
|
+
|
59
|
+
it 'sends the instructions by email if an entry matches the email' do
|
60
|
+
allow(SecureRandom).to receive(:hex).and_return('42a')
|
61
|
+
entry = build_account('easyone', '42a')
|
62
|
+
expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([entry])
|
63
|
+
expect(entries).to receive(:update_decorated_entry)
|
64
|
+
expect(emails).to receive(:send_email).with({
|
65
|
+
from: 'contact@acme.org',
|
66
|
+
to: 'john@doe.net',
|
67
|
+
subject: 'Instructions for changing your password',
|
68
|
+
page_handle: 'reset-password-email',
|
69
|
+
smtp: {} }, liquid_context)
|
70
|
+
is_expected.to eq :reset_password_instructions_sent
|
71
|
+
expect(liquid_context['reset_password_url']).to eq '/reset-password?auth_reset_token=42a'
|
72
|
+
end
|
73
|
+
|
74
|
+
context 'no email template' do
|
75
|
+
|
76
|
+
let(:_auth_options) { default_auth_options.merge(email_handle: nil) }
|
77
|
+
let(:auth_options) { instance_double('AuthOptions', _auth_options) }
|
78
|
+
|
79
|
+
it 'also sends the instructions by email with a default email template' do
|
80
|
+
allow(SecureRandom).to receive(:hex).and_return('42a')
|
81
|
+
entry = build_account('easyone', '42a')
|
82
|
+
expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([entry])
|
83
|
+
expect(entries).to receive(:update_decorated_entry)
|
84
|
+
expect(emails).to receive(:send_email).with({
|
85
|
+
from: 'contact@acme.org',
|
86
|
+
to: 'john@doe.net',
|
87
|
+
subject: 'Instructions for changing your password',
|
88
|
+
body: (<<-EMAIL
|
89
|
+
Hi,
|
90
|
+
To reset your password please follow the link below: /reset-password?auth_reset_token=42a.
|
91
|
+
Thanks!
|
92
|
+
EMAIL
|
93
|
+
),
|
94
|
+
smtp: {} }, liquid_context)
|
95
|
+
is_expected.to eq :reset_password_instructions_sent
|
96
|
+
expect(liquid_context['reset_password_url']).to eq '/reset-password?auth_reset_token=42a'
|
97
|
+
end
|
98
|
+
|
99
|
+
end
|
100
|
+
|
101
|
+
end
|
102
|
+
|
103
|
+
describe '#reset_password' do
|
104
|
+
|
105
|
+
let(:_auth_options) { default_auth_options }
|
106
|
+
let(:auth_options) { instance_double('AuthOptions', _auth_options) }
|
107
|
+
|
108
|
+
subject { service.reset_password(auth_options) }
|
109
|
+
|
110
|
+
context 'no auth token' do
|
111
|
+
|
112
|
+
let(:_auth_options) { default_auth_options.merge({ reset_token: '' }) }
|
113
|
+
it { is_expected.to eq :invalid_token }
|
114
|
+
|
115
|
+
end
|
116
|
+
|
117
|
+
context 'password too short' do
|
118
|
+
|
119
|
+
let(:_auth_options) { default_auth_options.merge({ password: '' }) }
|
120
|
+
it { is_expected.to eq :password_too_short }
|
121
|
+
|
122
|
+
end
|
123
|
+
|
124
|
+
context 'expired auth token' do
|
125
|
+
|
126
|
+
it 'returns :invalid_token' do
|
127
|
+
entry = instance_double('Account', :[] => (Time.zone.now - 3.hours).iso8601)
|
128
|
+
expect(entries).to receive(:all).with('accounts', { '_auth_reset_token' => '42' }).and_return([entry])
|
129
|
+
is_expected.to eq :invalid_token
|
130
|
+
end
|
131
|
+
|
132
|
+
end
|
133
|
+
|
134
|
+
context 'valid auth token and password' do
|
135
|
+
|
136
|
+
it 'returns :password_reset and entry' do
|
137
|
+
entry = instance_double('Account', :[] => (Time.zone.now - 1.hours).iso8601)
|
138
|
+
expect(entries).to receive(:all).with('accounts', { '_auth_reset_token' => '42' }).and_return([entry])
|
139
|
+
expect(BCrypt::Password).to receive(:create).with('easyone').and_return('hashedeasyone')
|
140
|
+
expect(entries).to receive(:update_decorated_entry).with(entry, { 'password_hash' => 'hashedeasyone', '_auth_reset_token' => nil, '_auth_reset_sent_at' => nil })
|
141
|
+
is_expected.to eq [:password_reset, entry]
|
142
|
+
end
|
143
|
+
|
144
|
+
end
|
145
|
+
|
146
|
+
end
|
147
|
+
|
148
|
+
def build_account(password = 'easyone', reset_token = nil)
|
149
|
+
encrypted_password = BCrypt::Password.create(password)
|
150
|
+
entry = instance_double('Account', password: BCrypt::Password.new(encrypted_password))
|
151
|
+
allow(entry).to receive(:[]).with(:password_hash).and_return(encrypted_password)
|
152
|
+
allow(entry).to receive(:[]).with('_auth_reset_token').and_return(reset_token)
|
153
|
+
entry
|
154
|
+
end
|
155
|
+
|
156
|
+
end
|