RubyGems - mongoid-devise - Versions diffs - 1.0.1 - Mend

mongoid-devise 1.0.1

Files changed (142) hide show

data/CHANGELOG.rdoc +333 -0
data/MIT-LICENSE +20 -0
data/README.rdoc +260 -0
data/Rakefile +53 -0
data/TODO +2 -0
data/app/controllers/confirmations_controller.rb +33 -0
data/app/controllers/passwords_controller.rb +42 -0
data/app/controllers/registrations_controller.rb +55 -0
data/app/controllers/sessions_controller.rb +45 -0
data/app/controllers/unlocks_controller.rb +33 -0
data/app/models/devise_mailer.rb +68 -0
data/app/views/confirmations/new.html.erb +12 -0
data/app/views/devise_mailer/confirmation_instructions.html.erb +5 -0
data/app/views/devise_mailer/reset_password_instructions.html.erb +8 -0
data/app/views/devise_mailer/unlock_instructions.html.erb +7 -0
data/app/views/passwords/edit.html.erb +16 -0
data/app/views/passwords/new.html.erb +12 -0
data/app/views/registrations/edit.html.erb +25 -0
data/app/views/registrations/new.html.erb +17 -0
data/app/views/sessions/new.html.erb +17 -0
data/app/views/shared/_devise_links.erb +19 -0
data/app/views/unlocks/new.html.erb +12 -0
data/generators/devise/USAGE +5 -0
data/generators/devise/devise_generator.rb +15 -0
data/generators/devise/lib/route_devise.rb +32 -0
data/generators/devise/templates/migration.rb +23 -0
data/generators/devise/templates/model.rb +9 -0
data/generators/devise_install/USAGE +3 -0
data/generators/devise_install/devise_install_generator.rb +15 -0
data/generators/devise_install/templates/README +18 -0
data/generators/devise_install/templates/devise.rb +102 -0
data/generators/devise_views/USAGE +3 -0
data/generators/devise_views/devise_views_generator.rb +21 -0
data/init.rb +2 -0
data/lib/devise.rb +253 -0
data/lib/devise/controllers/helpers.rb +200 -0
data/lib/devise/controllers/internal_helpers.rb +129 -0
data/lib/devise/controllers/url_helpers.rb +41 -0
data/lib/devise/encryptors/authlogic_sha512.rb +21 -0
data/lib/devise/encryptors/base.rb +20 -0
data/lib/devise/encryptors/bcrypt.rb +21 -0
data/lib/devise/encryptors/clearance_sha1.rb +19 -0
data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
data/lib/devise/encryptors/sha1.rb +27 -0
data/lib/devise/encryptors/sha512.rb +27 -0
data/lib/devise/failure_app.rb +65 -0
data/lib/devise/hooks/activatable.rb +15 -0
data/lib/devise/hooks/rememberable.rb +30 -0
data/lib/devise/hooks/timeoutable.rb +18 -0
data/lib/devise/hooks/trackable.rb +18 -0
data/lib/devise/locales/en.yml +35 -0
data/lib/devise/mapping.rb +131 -0
data/lib/devise/models.rb +112 -0
data/lib/devise/models/activatable.rb +16 -0
data/lib/devise/models/authenticatable.rb +146 -0
data/lib/devise/models/confirmable.rb +172 -0
data/lib/devise/models/http_authenticatable.rb +21 -0
data/lib/devise/models/lockable.rb +160 -0
data/lib/devise/models/recoverable.rb +80 -0
data/lib/devise/models/registerable.rb +8 -0
data/lib/devise/models/rememberable.rb +94 -0
data/lib/devise/models/timeoutable.rb +28 -0
data/lib/devise/models/token_authenticatable.rb +89 -0
data/lib/devise/models/trackable.rb +16 -0
data/lib/devise/models/validatable.rb +48 -0
data/lib/devise/orm/active_record.rb +41 -0
data/lib/devise/orm/data_mapper.rb +83 -0
data/lib/devise/orm/mongo_mapper.rb +51 -0
data/lib/devise/orm/mongoid.rb +60 -0
data/lib/devise/rails.rb +14 -0
data/lib/devise/rails/routes.rb +125 -0
data/lib/devise/rails/warden_compat.rb +25 -0
data/lib/devise/schema.rb +65 -0
data/lib/devise/strategies/authenticatable.rb +36 -0
data/lib/devise/strategies/base.rb +16 -0
data/lib/devise/strategies/http_authenticatable.rb +49 -0
data/lib/devise/strategies/rememberable.rb +37 -0
data/lib/devise/strategies/token_authenticatable.rb +37 -0
data/lib/devise/test_helpers.rb +86 -0
data/lib/devise/version.rb +3 -0
data/test/controllers/helpers_test.rb +177 -0
data/test/controllers/internal_helpers_test.rb +55 -0
data/test/controllers/url_helpers_test.rb +47 -0
data/test/devise_test.rb +69 -0
data/test/encryptors_test.rb +31 -0
data/test/failure_app_test.rb +44 -0
data/test/integration/authenticatable_test.rb +271 -0
data/test/integration/confirmable_test.rb +97 -0
data/test/integration/http_authenticatable_test.rb +44 -0
data/test/integration/lockable_test.rb +83 -0
data/test/integration/recoverable_test.rb +141 -0
data/test/integration/registerable_test.rb +130 -0
data/test/integration/rememberable_test.rb +63 -0
data/test/integration/timeoutable_test.rb +68 -0
data/test/integration/token_authenticatable_test.rb +55 -0
data/test/integration/trackable_test.rb +64 -0
data/test/mailers/confirmation_instructions_test.rb +80 -0
data/test/mailers/reset_password_instructions_test.rb +68 -0
data/test/mailers/unlock_instructions_test.rb +62 -0
data/test/mapping_test.rb +153 -0
data/test/models/authenticatable_test.rb +180 -0
data/test/models/confirmable_test.rb +228 -0
data/test/models/lockable_test.rb +202 -0
data/test/models/recoverable_test.rb +138 -0
data/test/models/rememberable_test.rb +135 -0
data/test/models/timeoutable_test.rb +28 -0
data/test/models/token_authenticatable_test.rb +51 -0
data/test/models/trackable_test.rb +5 -0
data/test/models/validatable_test.rb +106 -0
data/test/models_test.rb +56 -0
data/test/orm/active_record.rb +31 -0
data/test/orm/mongo_mapper.rb +20 -0
data/test/orm/mongoid.rb +22 -0
data/test/rails_app/app/active_record/admin.rb +7 -0
data/test/rails_app/app/active_record/user.rb +7 -0
data/test/rails_app/app/controllers/admins_controller.rb +6 -0
data/test/rails_app/app/controllers/application_controller.rb +10 -0
data/test/rails_app/app/controllers/home_controller.rb +4 -0
data/test/rails_app/app/controllers/users_controller.rb +16 -0
data/test/rails_app/app/helpers/application_helper.rb +3 -0
data/test/rails_app/app/mongo_mapper/admin.rb +9 -0
data/test/rails_app/app/mongo_mapper/user.rb +8 -0
data/test/rails_app/app/mongoid/admin.rb +9 -0
data/test/rails_app/app/mongoid/user.rb +8 -0
data/test/rails_app/config/boot.rb +110 -0
data/test/rails_app/config/environment.rb +42 -0
data/test/rails_app/config/environments/development.rb +17 -0
data/test/rails_app/config/environments/production.rb +28 -0
data/test/rails_app/config/environments/test.rb +28 -0
data/test/rails_app/config/initializers/devise.rb +79 -0
data/test/rails_app/config/initializers/inflections.rb +2 -0
data/test/rails_app/config/initializers/new_rails_defaults.rb +24 -0
data/test/rails_app/config/initializers/session_store.rb +15 -0
data/test/rails_app/config/routes.rb +21 -0
data/test/routes_test.rb +110 -0
data/test/support/assertions_helper.rb +37 -0
data/test/support/integration_tests_helper.rb +71 -0
data/test/support/test_silencer.rb +5 -0
data/test/support/tests_helper.rb +39 -0
data/test/test_helper.rb +21 -0
data/test/test_helpers_test.rb +57 -0
metadata +216 -0

@@ -0,0 +1,69 @@
+require 'test/test_helper'
+module Devise
+  def self.clean_warden_config!
+    @warden_config = nil
+  end
+end
+class DeviseTest < ActiveSupport::TestCase
+  test 'model options can be configured through Devise' do
+    swap Devise, :confirm_within => 113, :pepper => "foo" do
+      assert_equal 113, Devise.confirm_within
+      assert_equal "foo", Devise.pepper
+    end
+  end
+  test 'setup block yields self' do
+    Devise.setup do |config|
+      assert_equal Devise, config
+    end
+  end
+  test 'warden manager configuration' do
+    config = Warden::Config.new
+    Devise.configure_warden(config)
+    assert_equal Devise::FailureApp, config.failure_app
+    assert_equal [:rememberable, :http_authenticatable, :token_authenticatable, :authenticatable], config.default_strategies
+    assert_equal :user, config.default_scope
+    assert config.silence_missing_strategies?
+  end
+  test 'warden manager user configuration through a block' do
+    begin
+      @executed = false
+      Devise.warden do |config|
+        @executed = true
+        assert_kind_of Warden::Config, config
+      end
+      Devise.configure_warden(Warden::Config.new)
+      assert @executed
+    ensure
+      Devise.clean_warden_config!
+    end
+  end
+  test 'add new module using the helper method' do
+    assert_nothing_raised(Exception) { Devise.add_module(:coconut) }
+    assert_equal 1, Devise::ALL.select { |v| v == :coconut }.size
+    assert_not Devise::STRATEGIES.include?(:coconut)
+    assert_not defined?(Devise::Models::Coconut)
+    Devise::ALL.delete(:coconut)
+    assert_nothing_raised(Exception) { Devise.add_module(:banana, :strategy => true) }
+    assert_equal 1, Devise::STRATEGIES.select { |v| v == :banana }.size
+    Devise::ALL.delete(:banana)
+    Devise::STRATEGIES.delete(:banana)
+    assert_nothing_raised(Exception) { Devise.add_module(:kivi, :controller => :fruits) }
+    assert_not_nil Devise::CONTROLLERS[:fruits]
+    assert_equal 1, Devise::CONTROLLERS[:fruits].select { |v| v == :kivi }.size
+    Devise::ALL.delete(:kivi)
+    Devise::CONTROLLERS.delete(:fruits)
+    assert_nothing_raised(Exception) { Devise.add_module(:authenticatable_again, :model => 'devise/model/authenticatable') }
+    assert defined?(Devise::Models::AuthenticatableAgain)
+  end
+end

data/test/encryptors_test.rb ADDED

@@ -0,0 +1,31 @@
+gem 'bcrypt-ruby'
+class Encryptors < ActiveSupport::TestCase
+  test 'should match a password created by authlogic' do
+    authlogic = "b623c3bc9c775b0eb8edb218a382453396fec4146422853e66ecc4b6bc32d7162ee42074dcb5f180a770dc38b5df15812f09bbf497a4a1b95fe5e7d2b8eb7eb4"
+    encryptor = Devise::Encryptors::AuthlogicSha512.digest('123mudar', 20, 'usZK_z_EAaF61Gwkw-ed', '')
+    assert_equal authlogic, encryptor
+  end
+  test 'should match a password created by restful_authentication' do
+    restful_authentication = "93110f71309ce91366375ea44e2a6f5cc73fa8d4"
+    encryptor = Devise::Encryptors::RestfulAuthenticationSha1.digest('123mudar', 10, '48901d2b247a54088acb7f8ea3e695e50fe6791b', 'fee9a51ec0a28d11be380ca6dee6b4b760c1a3bf')
+    assert_equal restful_authentication, encryptor
+  end
+  test 'should match a password created by clearance' do
+    clearance = "0f40bbae18ddefd7066276c3ef209d40729b0378"
+    encryptor = Devise::Encryptors::ClearanceSha1.digest('123mudar', nil, '65c58472c207c829f28c68619d3e3aefed18ab3f', nil)
+    assert_equal clearance, encryptor
+  end
+  Devise::ENCRYPTORS_LENGTH.each do |key, value|
+    test "should have length #{value} for #{key.inspect}" do
+      swap Devise, :encryptor => key do
+        encryptor = Devise::Encryptors.const_get(key.to_s.classify)
+        assert_equal value, encryptor.digest('a', 4, encryptor.salt, nil).size
+      end
+    end
+  end
+end

data/test/failure_app_test.rb ADDED

@@ -0,0 +1,44 @@
+require 'test/test_helper'
+require 'ostruct'
+class FailureTest < ActiveSupport::TestCase
+  def call_failure(env_params={})
+    env = {'warden.options' => { :scope => :user }}.merge!(env_params)
+    Devise::FailureApp.call(env)
+  end
+  test 'return 302 status' do
+    assert_equal 302, call_failure.first
+  end
+  test 'return to the default redirect location' do
+    assert_equal '/users/sign_in?unauthenticated=true', call_failure.second['Location']
+  end
+  test 'uses the proxy failure message' do
+    warden = OpenStruct.new(:message => :test)
+    location = call_failure('warden' => warden).second['Location']
+    assert_equal '/users/sign_in?test=true', location
+  end
+  test 'uses the given message' do
+    warden = OpenStruct.new(:message => 'Hello world')
+    location = call_failure('warden' => warden).second['Location']
+    assert_equal '/users/sign_in?message=Hello+world', location
+  end
+  test 'setup default url' do
+    Devise::FailureApp.default_url = 'test/sign_in'
+    location = call_failure('warden.options' => { :scope => nil }).second['Location']
+    assert_equal '/test/sign_in?unauthenticated=true', location
+  end
+  test 'set content type to default text/plain' do
+    assert_equal 'text/plain', call_failure.second['Content-Type']
+  end
+  test 'setup a default message' do
+    assert_equal ['You are being redirected to /users/sign_in?unauthenticated=true'], call_failure.last
+  end
+end

data/test/integration/authenticatable_test.rb ADDED

@@ -0,0 +1,271 @@
+require 'test/test_helper'
+class AuthenticationSanityTest < ActionController::IntegrationTest
+  test 'home should be accessible without sign in' do
+    visit '/'
+    assert_response :success
+    assert_template 'home/index'
+  end
+  test 'sign in as user should not authenticate admin scope' do
+    sign_in_as_user
+    assert warden.authenticated?(:user)
+    assert_not warden.authenticated?(:admin)
+  end
+  test 'sign in as admin should not authenticate user scope' do
+    sign_in_as_admin
+    assert warden.authenticated?(:admin)
+    assert_not warden.authenticated?(:user)
+  end
+  test 'sign in as both user and admin at same time' do
+    sign_in_as_user
+    sign_in_as_admin
+    assert warden.authenticated?(:user)
+    assert warden.authenticated?(:admin)
+  end
+  test 'sign out as user should not touch admin authentication' do
+    sign_in_as_user
+    sign_in_as_admin
+    get destroy_user_session_path
+    assert_not warden.authenticated?(:user)
+    assert warden.authenticated?(:admin)
+  end
+  test 'sign out as admin should not touch user authentication' do
+    sign_in_as_user
+    sign_in_as_admin
+    get destroy_admin_session_path
+    assert_not warden.authenticated?(:admin)
+    assert warden.authenticated?(:user)
+  end
+  test 'not signed in as admin should not be able to access admins actions' do
+    get admins_path
+    assert_redirected_to new_admin_session_path(:unauthenticated => true)
+    assert_not warden.authenticated?(:admin)
+  end
+  test 'signed in as user should not be able to access admins actions' do
+    sign_in_as_user
+    assert warden.authenticated?(:user)
+    assert_not warden.authenticated?(:admin)
+    get admins_path
+    assert_redirected_to new_admin_session_path(:unauthenticated => true)
+  end
+  test 'signed in as admin should be able to access admin actions' do
+    sign_in_as_admin
+    assert warden.authenticated?(:admin)
+    assert_not warden.authenticated?(:user)
+    get admins_path
+    assert_response :success
+    assert_template 'admins/index'
+    assert_contain 'Welcome Admin'
+  end
+  test 'authenticated admin should not be able to sign as admin again' do
+    sign_in_as_admin
+    get new_admin_session_path
+    assert_response :redirect
+    assert_redirected_to admin_root_path
+    assert warden.authenticated?(:admin)
+  end
+  test 'authenticated admin should be able to sign out' do
+    sign_in_as_admin
+    assert warden.authenticated?(:admin)
+    get destroy_admin_session_path
+    assert_response :redirect
+    assert_redirected_to root_path
+    get root_path
+    assert_contain 'Signed out successfully'
+    assert_not warden.authenticated?(:admin)
+  end
+  test 'unauthenticated admin does not set message on sign out' do
+    get destroy_admin_session_path
+    assert_response :redirect
+    assert_redirected_to root_path
+    get root_path
+    assert_not_contain 'Signed out successfully'
+  end
+end
+class AuthenticationTest < ActionController::IntegrationTest
+  test 'sign in should not authenticate if not using proper authentication keys' do
+    swap Devise, :authentication_keys => [:username] do
+      sign_in_as_user
+      assert_not warden.authenticated?(:user)
+    end
+  end
+  test 'sign in with invalid email should return to sign in form with error message' do
+    sign_in_as_admin do
+      fill_in 'email', :with => 'wrongemail@test.com'
+    end
+    assert_contain 'Invalid email or password'
+    assert_not warden.authenticated?(:admin)
+  end
+  test 'sign in with invalid pasword should return to sign in form with error message' do
+    sign_in_as_admin do
+      fill_in 'password', :with => 'abcdef'
+    end
+    assert_contain 'Invalid email or password'
+    assert_not warden.authenticated?(:admin)
+  end
+  test 'error message is configurable by resource name' do
+    store_translations :en, :devise => {
+      :sessions => { :admin => { :invalid => "Invalid credentials" } }
+    } do
+      sign_in_as_admin do
+        fill_in 'password', :with => 'abcdef'
+      end
+      assert_contain 'Invalid credentials'
+    end
+  end
+  test 'redirect from warden shows sign in or sign up message' do
+    get admins_path
+    warden_path = new_admin_session_path(:unauthenticated => true)
+    assert_redirected_to warden_path
+    get warden_path
+    assert_contain 'You need to sign in or sign up before continuing.'
+  end
+  test 'redirect to default url if no other was configured' do
+    sign_in_as_user
+    assert_template 'home/index'
+    assert_nil session[:"user.return_to"]
+  end
+  test 'redirect to requested url after sign in' do
+    get users_path
+    assert_redirected_to new_user_session_path(:unauthenticated => true)
+    assert_equal users_path, session[:"user.return_to"]
+    follow_redirect!
+    sign_in_as_user :visit => false
+    assert_template 'users/index'
+    assert_nil session[:"user.return_to"]
+  end
+  test 'redirect to last requested url overwriting the stored return_to option' do
+    get expire_user_path(create_user)
+    assert_redirected_to new_user_session_path(:unauthenticated => true)
+    assert_equal expire_user_path(create_user), session[:"user.return_to"]
+    get users_path
+    assert_redirected_to new_user_session_path(:unauthenticated => true)
+    assert_equal users_path, session[:"user.return_to"]
+    follow_redirect!
+    sign_in_as_user :visit => false
+    assert_template 'users/index'
+    assert_nil session[:"user.return_to"]
+  end
+  test 'redirect to configured home path for a given scope after sign in' do
+    sign_in_as_admin
+    assert_equal "/admin_area/home", @request.path
+  end
+  test 'destroyed account is signed out' do
+    sign_in_as_user
+    visit 'users/index'
+    User.destroy_all
+    visit 'users/index'
+    assert_redirected_to '/users/sign_in?unauthenticated=true'
+  end
+  test 'allows session to be set by a given scope' do
+    sign_in_as_user
+    visit 'users/index'
+    assert_equal "Cart", @controller.user_session[:cart]
+  end
+  test 'renders the scoped view if turned on and view is available' do
+    swap Devise, :scoped_views => true do
+      assert_raise Webrat::NotFoundError do
+        sign_in_as_user
+      end
+      assert_match /Special user view/, response.body
+    end
+  end
+  test 'renders the scoped view if turned on in an specific controller' do
+    begin
+      SessionsController.scoped_views = true
+      assert_raise Webrat::NotFoundError do
+        sign_in_as_user
+      end
+      assert_match /Special user view/, response.body
+      assert !PasswordsController.scoped_views
+    ensure
+      SessionsController.send :remove_instance_variable, :@scoped_views
+    end
+  end
+  test 'does not render the scoped view if turned off' do
+    swap Devise, :scoped_views => false do
+      assert_nothing_raised do
+        sign_in_as_user
+      end
+    end
+  end
+  test 'does not render the scoped view if not available' do
+    swap Devise, :scoped_views => true do
+      assert_nothing_raised do
+        sign_in_as_admin
+      end
+    end
+  end
+  test 'render 404 on roles without permission' do
+    get 'admin_area/password/new'
+    assert_response :not_found
+    assert_not_contain 'Send me reset password instructions'
+  end
+  test 'render 404 on roles without mapping' do
+    get 'sign_in'
+    assert_response :not_found
+    assert_not_contain 'Sign in'
+  end
+  test 'uses the mapping from the default scope if specified' do
+    swap Devise, :use_default_scope => true do
+      get 'sign_in'
+      assert_response :ok
+      assert_contain 'Sign in'
+    end
+  end
+end

data/test/integration/confirmable_test.rb ADDED

@@ -0,0 +1,97 @@
+require 'test/test_helper'
+class ConfirmationTest < ActionController::IntegrationTest
+  def visit_user_confirmation_with_token(confirmation_token)
+    visit user_confirmation_path(:confirmation_token => confirmation_token)
+  end
+  test 'user should be able to request a new confirmation' do
+    user = create_user(:confirm => false)
+    ActionMailer::Base.deliveries.clear
+    visit new_user_session_path
+    click_link 'Didn\'t receive confirmation instructions?'
+    fill_in 'email', :with => user.email
+    click_button 'Resend confirmation instructions'
+    assert_template 'sessions/new'
+    assert_contain 'You will receive an email with instructions about how to confirm your account in a few minutes'
+    assert_equal 1, ActionMailer::Base.deliveries.size
+  end
+  test 'user with invalid confirmation token should not be able to confirm an account' do
+    visit_user_confirmation_with_token('invalid_confirmation')
+    assert_response :success
+    assert_template 'confirmations/new'
+    assert_have_selector '#errorExplanation'
+    assert_contain /Confirmation token(.*)invalid/
+  end
+  test 'user with valid confirmation token should be able to confirm an account' do
+    user = create_user(:confirm => false)
+    assert_not user.confirmed?
+    visit_user_confirmation_with_token(user.confirmation_token)
+    assert_template 'home/index'
+    assert_contain 'Your account was successfully confirmed.'
+    assert user.reload.confirmed?
+  end
+  test 'user already confirmed user should not be able to confirm the account again' do
+    user = create_user(:confirm => false)
+    user.confirmed_at = Time.now
+    user.save
+    visit_user_confirmation_with_token(user.confirmation_token)
+    assert_template 'confirmations/new'
+    assert_have_selector '#errorExplanation'
+    assert_contain 'already confirmed'
+  end
+  test 'sign in user automatically after confirming it\'s email' do
+    user = create_user(:confirm => false)
+    visit_user_confirmation_with_token(user.confirmation_token)
+    assert warden.authenticated?(:user)
+  end
+  test 'increases sign count when signed in through confirmation' do
+    user = create_user(:confirm => false)
+    visit_user_confirmation_with_token(user.confirmation_token)
+    user.reload
+    assert_equal 1, user.sign_in_count
+  end
+  test 'not confirmed user with setup to block without confirmation should not be able to sign in' do
+    swap Devise, :confirm_within => 0.days do
+      sign_in_as_user(:confirm => false)
+      assert_contain 'You have to confirm your account before continuing'
+      assert_not warden.authenticated?(:user)
+    end
+  end
+  test 'not confirmed user but configured with some days to confirm should be able to sign in' do
+    swap Devise, :confirm_within => 1.day do
+      sign_in_as_user(:confirm => false)
+      assert_response :success
+      assert warden.authenticated?(:user)
+    end
+  end
+  test 'error message is configurable by resource name' do
+    store_translations :en, :devise => {
+      :sessions => { :admin => { :unconfirmed => "Not confirmed user" } }
+    } do
+      get new_admin_session_path(:unconfirmed => true)
+      assert_contain 'Not confirmed user'
+    end
+  end
+end