namxam-devise 1.1.0.win

Sign up to get free protection for your applications and to get access to all the features.
Files changed (152) hide show
  1. data/CHANGELOG.rdoc +455 -0
  2. data/Gemfile +23 -0
  3. data/Gemfile.lock +118 -0
  4. data/MIT-LICENSE +20 -0
  5. data/README.rdoc +311 -0
  6. data/Rakefile +55 -0
  7. data/TODO +3 -0
  8. data/app/controllers/devise/confirmations_controller.rb +33 -0
  9. data/app/controllers/devise/passwords_controller.rb +41 -0
  10. data/app/controllers/devise/registrations_controller.rb +57 -0
  11. data/app/controllers/devise/sessions_controller.rb +23 -0
  12. data/app/controllers/devise/unlocks_controller.rb +34 -0
  13. data/app/helpers/devise_helper.rb +17 -0
  14. data/app/mailers/devise/mailer.rb +71 -0
  15. data/app/views/devise/confirmations/new.html.erb +12 -0
  16. data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  17. data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  18. data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  19. data/app/views/devise/passwords/edit.html.erb +16 -0
  20. data/app/views/devise/passwords/new.html.erb +12 -0
  21. data/app/views/devise/registrations/edit.html.erb +25 -0
  22. data/app/views/devise/registrations/new.html.erb +18 -0
  23. data/app/views/devise/sessions/new.html.erb +17 -0
  24. data/app/views/devise/shared/_links.erb +19 -0
  25. data/app/views/devise/unlocks/new.html.erb +12 -0
  26. data/config/locales/en.yml +39 -0
  27. data/lib/devise.rb +290 -0
  28. data/lib/devise/controllers/helpers.rb +231 -0
  29. data/lib/devise/controllers/internal_helpers.rb +98 -0
  30. data/lib/devise/controllers/scoped_views.rb +35 -0
  31. data/lib/devise/controllers/url_helpers.rb +41 -0
  32. data/lib/devise/encryptors/authlogic_sha512.rb +19 -0
  33. data/lib/devise/encryptors/base.rb +20 -0
  34. data/lib/devise/encryptors/bcrypt.rb +19 -0
  35. data/lib/devise/encryptors/clearance_sha1.rb +17 -0
  36. data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
  37. data/lib/devise/encryptors/sha1.rb +25 -0
  38. data/lib/devise/encryptors/sha512.rb +25 -0
  39. data/lib/devise/failure_app.rb +107 -0
  40. data/lib/devise/hooks/activatable.rb +11 -0
  41. data/lib/devise/hooks/forgetable.rb +11 -0
  42. data/lib/devise/hooks/rememberable.rb +35 -0
  43. data/lib/devise/hooks/timeoutable.rb +22 -0
  44. data/lib/devise/hooks/trackable.rb +9 -0
  45. data/lib/devise/mapping.rb +103 -0
  46. data/lib/devise/models.rb +80 -0
  47. data/lib/devise/models/authenticatable.rb +126 -0
  48. data/lib/devise/models/confirmable.rb +164 -0
  49. data/lib/devise/models/database_authenticatable.rb +110 -0
  50. data/lib/devise/models/lockable.rb +165 -0
  51. data/lib/devise/models/recoverable.rb +81 -0
  52. data/lib/devise/models/registerable.rb +8 -0
  53. data/lib/devise/models/rememberable.rb +104 -0
  54. data/lib/devise/models/timeoutable.rb +26 -0
  55. data/lib/devise/models/token_authenticatable.rb +60 -0
  56. data/lib/devise/models/trackable.rb +30 -0
  57. data/lib/devise/models/validatable.rb +53 -0
  58. data/lib/devise/modules.rb +23 -0
  59. data/lib/devise/orm/active_record.rb +36 -0
  60. data/lib/devise/orm/mongoid.rb +29 -0
  61. data/lib/devise/path_checker.rb +18 -0
  62. data/lib/devise/rails.rb +69 -0
  63. data/lib/devise/rails/routes.rb +248 -0
  64. data/lib/devise/rails/warden_compat.rb +39 -0
  65. data/lib/devise/schema.rb +97 -0
  66. data/lib/devise/strategies/authenticatable.rb +111 -0
  67. data/lib/devise/strategies/base.rb +33 -0
  68. data/lib/devise/strategies/database_authenticatable.rb +21 -0
  69. data/lib/devise/strategies/rememberable.rb +43 -0
  70. data/lib/devise/strategies/token_authenticatable.rb +49 -0
  71. data/lib/devise/test_helpers.rb +90 -0
  72. data/lib/devise/version.rb +3 -0
  73. data/lib/generators/active_record/devise_generator.rb +28 -0
  74. data/lib/generators/active_record/templates/migration.rb +29 -0
  75. data/lib/generators/devise/devise_generator.rb +17 -0
  76. data/lib/generators/devise/install_generator.rb +24 -0
  77. data/lib/generators/devise/orm_helpers.rb +23 -0
  78. data/lib/generators/devise/templates/README +25 -0
  79. data/lib/generators/devise/templates/devise.rb +139 -0
  80. data/lib/generators/devise/views_generator.rb +63 -0
  81. data/lib/generators/devise_install_generator.rb +4 -0
  82. data/lib/generators/devise_views_generator.rb +4 -0
  83. data/lib/generators/mongoid/devise_generator.rb +17 -0
  84. data/test/controllers/helpers_test.rb +213 -0
  85. data/test/controllers/internal_helpers_test.rb +51 -0
  86. data/test/controllers/url_helpers_test.rb +58 -0
  87. data/test/devise_test.rb +65 -0
  88. data/test/encryptors_test.rb +30 -0
  89. data/test/failure_app_test.rb +123 -0
  90. data/test/integration/authenticatable_test.rb +344 -0
  91. data/test/integration/confirmable_test.rb +104 -0
  92. data/test/integration/database_authenticatable_test.rb +38 -0
  93. data/test/integration/http_authenticatable_test.rb +49 -0
  94. data/test/integration/lockable_test.rb +109 -0
  95. data/test/integration/recoverable_test.rb +141 -0
  96. data/test/integration/registerable_test.rb +153 -0
  97. data/test/integration/rememberable_test.rb +91 -0
  98. data/test/integration/timeoutable_test.rb +80 -0
  99. data/test/integration/token_authenticatable_test.rb +88 -0
  100. data/test/integration/trackable_test.rb +64 -0
  101. data/test/mailers/confirmation_instructions_test.rb +80 -0
  102. data/test/mailers/reset_password_instructions_test.rb +68 -0
  103. data/test/mailers/unlock_instructions_test.rb +62 -0
  104. data/test/mapping_test.rb +85 -0
  105. data/test/models/confirmable_test.rb +221 -0
  106. data/test/models/database_authenticatable_test.rb +148 -0
  107. data/test/models/lockable_test.rb +188 -0
  108. data/test/models/recoverable_test.rb +138 -0
  109. data/test/models/rememberable_test.rb +176 -0
  110. data/test/models/timeoutable_test.rb +28 -0
  111. data/test/models/token_authenticatable_test.rb +37 -0
  112. data/test/models/trackable_test.rb +5 -0
  113. data/test/models/validatable_test.rb +99 -0
  114. data/test/models_test.rb +77 -0
  115. data/test/orm/active_record.rb +9 -0
  116. data/test/orm/mongoid.rb +10 -0
  117. data/test/rails_app/app/active_record/admin.rb +3 -0
  118. data/test/rails_app/app/active_record/shim.rb +2 -0
  119. data/test/rails_app/app/active_record/user.rb +7 -0
  120. data/test/rails_app/app/controllers/admins_controller.rb +6 -0
  121. data/test/rails_app/app/controllers/application_controller.rb +9 -0
  122. data/test/rails_app/app/controllers/home_controller.rb +7 -0
  123. data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
  124. data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
  125. data/test/rails_app/app/controllers/sessions_controller.rb +6 -0
  126. data/test/rails_app/app/controllers/users_controller.rb +18 -0
  127. data/test/rails_app/app/helpers/application_helper.rb +3 -0
  128. data/test/rails_app/app/mongoid/admin.rb +6 -0
  129. data/test/rails_app/app/mongoid/shim.rb +16 -0
  130. data/test/rails_app/app/mongoid/user.rb +10 -0
  131. data/test/rails_app/config/application.rb +35 -0
  132. data/test/rails_app/config/boot.rb +13 -0
  133. data/test/rails_app/config/environment.rb +5 -0
  134. data/test/rails_app/config/environments/development.rb +19 -0
  135. data/test/rails_app/config/environments/production.rb +33 -0
  136. data/test/rails_app/config/environments/test.rb +33 -0
  137. data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
  138. data/test/rails_app/config/initializers/devise.rb +136 -0
  139. data/test/rails_app/config/initializers/inflections.rb +2 -0
  140. data/test/rails_app/config/initializers/secret_token.rb +2 -0
  141. data/test/rails_app/config/routes.rb +47 -0
  142. data/test/rails_app/db/migrate/20100401102949_create_tables.rb +27 -0
  143. data/test/rails_app/db/schema.rb +86 -0
  144. data/test/routes_test.rb +146 -0
  145. data/test/support/assertions.rb +24 -0
  146. data/test/support/helpers.rb +54 -0
  147. data/test/support/integration.rb +88 -0
  148. data/test/support/test_silencer.rb +5 -0
  149. data/test/support/webrat/integrations/rails.rb +32 -0
  150. data/test/test_helper.rb +21 -0
  151. data/test/test_helpers_test.rb +72 -0
  152. metadata +230 -0
@@ -0,0 +1,104 @@
1
+ require 'test_helper'
2
+
3
+ class ConfirmationTest < ActionController::IntegrationTest
4
+
5
+ def visit_user_confirmation_with_token(confirmation_token)
6
+ visit user_confirmation_path(:confirmation_token => confirmation_token)
7
+ end
8
+
9
+ test 'user should be able to request a new confirmation' do
10
+ user = create_user(:confirm => false)
11
+ ActionMailer::Base.deliveries.clear
12
+
13
+ visit new_user_session_path
14
+ click_link "Didn't receive confirmation instructions?"
15
+
16
+ fill_in 'email', :with => user.email
17
+ click_button 'Resend confirmation instructions'
18
+
19
+ assert_current_url '/users/sign_in'
20
+ assert_contain 'You will receive an email with instructions about how to confirm your account in a few minutes'
21
+ assert_equal 1, ActionMailer::Base.deliveries.size
22
+ end
23
+
24
+ test 'user with invalid confirmation token should not be able to confirm an account' do
25
+ visit_user_confirmation_with_token('invalid_confirmation')
26
+ assert_have_selector '#error_explanation'
27
+ assert_contain /Confirmation token(.*)invalid/
28
+ end
29
+
30
+ test 'user with valid confirmation token should be able to confirm an account' do
31
+ user = create_user(:confirm => false)
32
+ assert_not user.confirmed?
33
+ visit_user_confirmation_with_token(user.confirmation_token)
34
+
35
+ assert_contain 'Your account was successfully confirmed.'
36
+ assert_current_url '/'
37
+ assert user.reload.confirmed?
38
+ end
39
+
40
+ test 'already confirmed user should not be able to confirm the account again' do
41
+ user = create_user(:confirm => false)
42
+ user.confirmed_at = Time.now
43
+ user.save
44
+ visit_user_confirmation_with_token(user.confirmation_token)
45
+
46
+ assert_have_selector '#error_explanation'
47
+ assert_contain 'already confirmed'
48
+ end
49
+
50
+ test 'already confirmed user should not be able to confirm the account again neither request confirmation' do
51
+ user = create_user(:confirm => false)
52
+ user.confirmed_at = Time.now
53
+ user.save
54
+
55
+ visit_user_confirmation_with_token(user.confirmation_token)
56
+ assert_contain 'already confirmed'
57
+
58
+ fill_in 'email', :with => user.email
59
+ click_button 'Resend confirmation instructions'
60
+ assert_contain 'already confirmed'
61
+ end
62
+
63
+ test 'sign in user automatically after confirming it\'s email' do
64
+ user = create_user(:confirm => false)
65
+ visit_user_confirmation_with_token(user.confirmation_token)
66
+
67
+ assert warden.authenticated?(:user)
68
+ end
69
+
70
+ test 'increases sign count when signed in through confirmation' do
71
+ user = create_user(:confirm => false)
72
+ visit_user_confirmation_with_token(user.confirmation_token)
73
+
74
+ user.reload
75
+ assert_equal 1, user.sign_in_count
76
+ end
77
+
78
+ test 'not confirmed user with setup to block without confirmation should not be able to sign in' do
79
+ swap Devise, :confirm_within => 0.days do
80
+ sign_in_as_user(:confirm => false)
81
+
82
+ assert_contain 'You have to confirm your account before continuing'
83
+ assert_not warden.authenticated?(:user)
84
+ end
85
+ end
86
+
87
+ test 'not confirmed user but configured with some days to confirm should be able to sign in' do
88
+ swap Devise, :confirm_within => 1.day do
89
+ sign_in_as_user(:confirm => false)
90
+
91
+ assert_response :success
92
+ assert warden.authenticated?(:user)
93
+ end
94
+ end
95
+
96
+ test 'error message is configurable by resource name' do
97
+ store_translations :en, :devise => {
98
+ :failure => { :user => { :unconfirmed => "Not confirmed user" } }
99
+ } do
100
+ sign_in_as_user(:confirm => false)
101
+ assert_contain 'Not confirmed user'
102
+ end
103
+ end
104
+ end
@@ -0,0 +1,38 @@
1
+ require 'test_helper'
2
+
3
+ class DatabaseAuthenticationTest < ActionController::IntegrationTest
4
+ test 'sign in should not authenticate if not using proper authentication keys' do
5
+ swap Devise, :authentication_keys => [:username] do
6
+ sign_in_as_user
7
+ assert_not warden.authenticated?(:user)
8
+ end
9
+ end
10
+
11
+ test 'sign in with invalid email should return to sign in form with error message' do
12
+ sign_in_as_admin do
13
+ fill_in 'email', :with => 'wrongemail@test.com'
14
+ end
15
+
16
+ assert_contain 'Invalid email or password'
17
+ assert_not warden.authenticated?(:admin)
18
+ end
19
+
20
+ test 'sign in with invalid pasword should return to sign in form with error message' do
21
+ sign_in_as_admin do
22
+ fill_in 'password', :with => 'abcdef'
23
+ end
24
+
25
+ assert_contain 'Invalid email or password'
26
+ assert_not warden.authenticated?(:admin)
27
+ end
28
+
29
+ test 'error message is configurable by resource name' do
30
+ store_translations :en, :devise => { :failure => { :admin => { :invalid => "Invalid credentials" } } } do
31
+ sign_in_as_admin do
32
+ fill_in 'password', :with => 'abcdef'
33
+ end
34
+
35
+ assert_contain 'Invalid credentials'
36
+ end
37
+ end
38
+ end
@@ -0,0 +1,49 @@
1
+ require 'test_helper'
2
+
3
+ class HttpAuthenticationTest < ActionController::IntegrationTest
4
+
5
+ test 'sign in should authenticate with http' do
6
+ sign_in_as_new_user_with_http
7
+ assert_response :success
8
+ assert_match '<email>user@test.com</email>', response.body
9
+ assert warden.authenticated?(:user)
10
+ end
11
+
12
+ test 'returns a custom response with www-authenticate header on failures' do
13
+ sign_in_as_new_user_with_http("unknown")
14
+ assert_equal 401, status
15
+ assert_equal 'Basic realm="Application"', headers["WWW-Authenticate"]
16
+ end
17
+
18
+ test 'uses the request format as response content type' do
19
+ sign_in_as_new_user_with_http("unknown")
20
+ assert_equal 401, status
21
+ assert_equal "application/xml; charset=utf-8", headers["Content-Type"]
22
+ assert_match "<error>Invalid email or password.</error>", response.body
23
+ end
24
+
25
+ test 'returns a custom response with www-authenticate and chosen realm' do
26
+ swap Devise, :http_authentication_realm => "MyApp" do
27
+ sign_in_as_new_user_with_http("unknown")
28
+ assert_equal 401, status
29
+ assert_equal 'Basic realm="MyApp"', headers["WWW-Authenticate"]
30
+ end
31
+ end
32
+
33
+ test 'sign in should authenticate with http even with specific authentication keys' do
34
+ swap Devise, :authentication_keys => [:username] do
35
+ sign_in_as_new_user_with_http("usertest")
36
+ assert_response :success
37
+ assert_match '<email>user@test.com</email>', response.body
38
+ assert warden.authenticated?(:user)
39
+ end
40
+ end
41
+
42
+ private
43
+
44
+ def sign_in_as_new_user_with_http(username="user@test.com", password="123456")
45
+ user = create_user
46
+ get users_path(:format => :xml), {}, "HTTP_AUTHORIZATION" => "Basic #{ActiveSupport::Base64.encode64("#{username}:#{password}")}"
47
+ user
48
+ end
49
+ end
@@ -0,0 +1,109 @@
1
+ require 'test_helper'
2
+
3
+ class LockTest < ActionController::IntegrationTest
4
+
5
+ def visit_user_unlock_with_token(unlock_token)
6
+ visit user_unlock_path(:unlock_token => unlock_token)
7
+ end
8
+
9
+ test 'user should be able to request a new unlock token' do
10
+ user = create_user(:locked => true)
11
+ ActionMailer::Base.deliveries.clear
12
+
13
+ visit new_user_session_path
14
+ click_link "Didn't receive unlock instructions?"
15
+
16
+ fill_in 'email', :with => user.email
17
+ click_button 'Resend unlock instructions'
18
+
19
+ assert_template 'sessions/new'
20
+ assert_contain 'You will receive an email with instructions about how to unlock your account in a few minutes'
21
+ assert_equal 1, ActionMailer::Base.deliveries.size
22
+ end
23
+
24
+ test 'unlocked user should not be able to request a unlock token' do
25
+ user = create_user(:locked => false)
26
+ ActionMailer::Base.deliveries.clear
27
+
28
+ visit new_user_session_path
29
+ click_link "Didn't receive unlock instructions?"
30
+
31
+ fill_in 'email', :with => user.email
32
+ click_button 'Resend unlock instructions'
33
+
34
+ assert_template 'unlocks/new'
35
+ assert_contain 'not locked'
36
+ assert_equal 0, ActionMailer::Base.deliveries.size
37
+ end
38
+
39
+ test 'unlocked pages should not be available if email strategy is disabled' do
40
+ visit "/admins/sign_in"
41
+
42
+ assert_raise Webrat::NotFoundError do
43
+ click_link "Didn't receive unlock instructions?"
44
+ end
45
+
46
+ assert_raise NameError do
47
+ visit new_admin_unlock_path
48
+ end
49
+
50
+ visit "/admins/unlock/new"
51
+ assert_response :not_found
52
+ end
53
+
54
+ test 'user with invalid unlock token should not be able to unlock an account' do
55
+ visit_user_unlock_with_token('invalid_token')
56
+
57
+ assert_response :success
58
+ assert_current_url '/users/unlock?unlock_token=invalid_token'
59
+ assert_have_selector '#error_explanation'
60
+ assert_contain /Unlock token(.*)invalid/
61
+ end
62
+
63
+ test "locked user should be able to unlock account" do
64
+ user = create_user(:locked => true)
65
+ assert user.access_locked?
66
+
67
+ visit_user_unlock_with_token(user.unlock_token)
68
+
69
+ assert_current_url '/'
70
+ assert_contain 'Your account was successfully unlocked.'
71
+
72
+ assert_not user.reload.access_locked?
73
+ end
74
+
75
+ test "sign in user automatically after unlocking it's account" do
76
+ user = create_user(:locked => true)
77
+ visit_user_unlock_with_token(user.unlock_token)
78
+ assert warden.authenticated?(:user)
79
+ end
80
+
81
+ test "user should not be able to sign in when locked" do
82
+ user = sign_in_as_user(:locked => true)
83
+ assert_template 'sessions/new'
84
+ assert_contain 'Your account is locked.'
85
+ assert_not warden.authenticated?(:user)
86
+ end
87
+
88
+ test "user should not send a new e-mail if already locked" do
89
+ user = create_user(:locked => true)
90
+ user.failed_attempts = User.maximum_attempts + 1
91
+ user.save!
92
+
93
+ ActionMailer::Base.deliveries.clear
94
+
95
+ sign_in_as_user(:password => "invalid")
96
+ assert_contain 'Your account is locked.'
97
+ assert ActionMailer::Base.deliveries.empty?
98
+ end
99
+
100
+ test 'error message is configurable by resource name' do
101
+ store_translations :en, :devise => {
102
+ :failure => { :user => { :locked => "You are locked!" } }
103
+ } do
104
+ user = sign_in_as_user(:locked => true)
105
+ assert_contain 'You are locked!'
106
+ end
107
+ end
108
+
109
+ end
@@ -0,0 +1,141 @@
1
+ require 'test_helper'
2
+
3
+ class PasswordTest < ActionController::IntegrationTest
4
+
5
+ def visit_new_password_path
6
+ visit new_user_session_path
7
+ click_link 'Forgot your password?'
8
+ end
9
+
10
+ def request_forgot_password(&block)
11
+ visit_new_password_path
12
+
13
+ assert_response :success
14
+ assert_template 'passwords/new'
15
+ assert_not warden.authenticated?(:user)
16
+
17
+ fill_in 'email', :with => 'user@test.com'
18
+ yield if block_given?
19
+ click_button 'Send me reset password instructions'
20
+ end
21
+
22
+ def reset_password(options={}, &block)
23
+ unless options[:visit] == false
24
+ visit edit_user_password_path(:reset_password_token => options[:reset_password_token])
25
+ end
26
+ assert_response :success
27
+ assert_template 'passwords/edit'
28
+
29
+ fill_in 'Password', :with => '987654321'
30
+ fill_in 'Password confirmation', :with => '987654321'
31
+ yield if block_given?
32
+ click_button 'Change my password'
33
+ end
34
+
35
+ test 'authenticated user should not be able to visit forgot password page' do
36
+ sign_in_as_user
37
+ assert warden.authenticated?(:user)
38
+
39
+ get new_user_password_path
40
+
41
+ assert_response :redirect
42
+ assert_redirected_to root_path
43
+ end
44
+
45
+ test 'not authenticated user should be able to request a forgot password' do
46
+ create_user
47
+ request_forgot_password
48
+
49
+ assert_template 'sessions/new'
50
+ assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
51
+ end
52
+
53
+ test 'not authenticated user with invalid email should receive an error message' do
54
+ request_forgot_password do
55
+ fill_in 'email', :with => 'invalid.test@test.com'
56
+ end
57
+
58
+ assert_response :success
59
+ assert_template 'passwords/new'
60
+ assert_have_selector 'input[type=text][value=\'invalid.test@test.com\']'
61
+ assert_contain 'Email not found'
62
+ end
63
+
64
+ test 'authenticated user should not be able to visit edit password page' do
65
+ sign_in_as_user
66
+
67
+ get edit_user_password_path
68
+
69
+ assert_response :redirect
70
+ assert_redirected_to root_path
71
+ assert warden.authenticated?(:user)
72
+ end
73
+
74
+ test 'not authenticated user with invalid reset password token should not be able to change his password' do
75
+ user = create_user
76
+ reset_password :reset_password_token => 'invalid_reset_password'
77
+
78
+ assert_response :success
79
+ assert_template 'passwords/edit'
80
+ assert_have_selector '#error_explanation'
81
+ assert_contain /Reset password token(.*)invalid/
82
+ assert_not user.reload.valid_password?('987654321')
83
+ end
84
+
85
+ test 'not authenticated user with valid reset password token but invalid password should not be able to change his password' do
86
+ user = create_user
87
+ request_forgot_password
88
+ reset_password :reset_password_token => user.reload.reset_password_token do
89
+ fill_in 'Password confirmation', :with => 'other_password'
90
+ end
91
+
92
+ assert_response :success
93
+ assert_template 'passwords/edit'
94
+ assert_have_selector '#error_explanation'
95
+ assert_contain 'Password doesn\'t match confirmation'
96
+ assert_not user.reload.valid_password?('987654321')
97
+ end
98
+
99
+ test 'not authenticated user with valid data should be able to change his password' do
100
+ user = create_user
101
+ request_forgot_password
102
+ reset_password :reset_password_token => user.reload.reset_password_token
103
+
104
+ assert_template 'home/index'
105
+ assert_contain 'Your password was changed successfully.'
106
+ assert user.reload.valid_password?('987654321')
107
+ end
108
+
109
+ test 'after entering invalid data user should still be able to change his password' do
110
+ user = create_user
111
+ request_forgot_password
112
+ reset_password :reset_password_token => user.reload.reset_password_token do
113
+ fill_in 'Password confirmation', :with => 'other_password'
114
+ end
115
+ assert_response :success
116
+ assert_have_selector '#error_explanation'
117
+ assert_not user.reload.valid_password?('987654321')
118
+
119
+ reset_password :reset_password_token => user.reload.reset_password_token, :visit => false
120
+ assert_contain 'Your password was changed successfully.'
121
+ assert user.reload.valid_password?('987654321')
122
+ end
123
+
124
+ test 'sign in user automatically after changing it\'s password' do
125
+ user = create_user
126
+ request_forgot_password
127
+ reset_password :reset_password_token => user.reload.reset_password_token
128
+
129
+ assert warden.authenticated?(:user)
130
+ end
131
+
132
+ test 'does not sign in user automatically after changing it\'s password if it\'s not active' do
133
+ user = create_user(:confirm => false)
134
+ request_forgot_password
135
+ reset_password :reset_password_token => user.reload.reset_password_token
136
+
137
+ assert_equal new_user_session_path, @request.path
138
+ assert !warden.authenticated?(:user)
139
+ end
140
+
141
+ end
@@ -0,0 +1,153 @@
1
+ require 'test_helper'
2
+
3
+ class RegistrationTest < ActionController::IntegrationTest
4
+
5
+ test 'a guest admin should be able to sign in successfully' do
6
+ get new_admin_session_path
7
+ click_link 'Sign up'
8
+
9
+ assert_template 'registrations/new'
10
+
11
+ fill_in 'email', :with => 'new_user@test.com'
12
+ fill_in 'password', :with => 'new_user123'
13
+ fill_in 'password confirmation', :with => 'new_user123'
14
+ click_button 'Sign up'
15
+
16
+ assert_contain 'You have signed up successfully.'
17
+ assert warden.authenticated?(:admin)
18
+
19
+ admin = Admin.last :order => "id"
20
+ assert_equal admin.email, 'new_user@test.com'
21
+ end
22
+
23
+ test 'a guest user should be able to sign up successfully and be blocked by confirmation' do
24
+ get new_user_registration_path
25
+
26
+ fill_in 'email', :with => 'new_user@test.com'
27
+ fill_in 'password', :with => 'new_user123'
28
+ fill_in 'password confirmation', :with => 'new_user123'
29
+ click_button 'Sign up'
30
+
31
+ assert_contain 'You have signed up successfully'
32
+ assert_contain 'Sign in'
33
+ assert_not_contain 'You have to confirm your account before continuing'
34
+
35
+ assert_not warden.authenticated?(:user)
36
+
37
+ user = User.last :order => "id"
38
+ assert_equal user.email, 'new_user@test.com'
39
+ assert_not user.confirmed?
40
+ end
41
+
42
+ test 'a guest user cannot sign up with invalid information' do
43
+ get new_user_registration_path
44
+
45
+ fill_in 'email', :with => 'invalid_email'
46
+ fill_in 'password', :with => 'new_user123'
47
+ fill_in 'password confirmation', :with => 'new_user321'
48
+ click_button 'Sign up'
49
+
50
+ assert_template 'registrations/new'
51
+ assert_have_selector '#error_explanation'
52
+ assert_contain "Email is invalid"
53
+ assert_contain "Password doesn't match confirmation"
54
+ assert_nil User.first
55
+
56
+ assert_not warden.authenticated?(:user)
57
+ end
58
+
59
+ test 'a guest should not sign up with email/password that already exists' do
60
+ user = create_user
61
+ get new_user_registration_path
62
+
63
+ fill_in 'email', :with => 'user@test.com'
64
+ fill_in 'password', :with => '123456'
65
+ fill_in 'password confirmation', :with => '123456'
66
+ click_button 'Sign up'
67
+
68
+ assert_template 'registrations/new'
69
+ assert_contain 'Email has already been taken'
70
+
71
+ assert_not warden.authenticated?(:user)
72
+ end
73
+
74
+ test 'a guest should not be able to change account' do
75
+ get edit_user_registration_path
76
+ assert_redirected_to new_user_session_path
77
+ follow_redirect!
78
+ assert_contain 'You need to sign in or sign up before continuing.'
79
+ end
80
+
81
+ test 'a signed in user should not be able to access sign up' do
82
+ sign_in_as_user
83
+ get new_user_registration_path
84
+ assert_redirected_to root_path
85
+ end
86
+
87
+ test 'a signed in user should be able to edit his account' do
88
+ sign_in_as_user
89
+ get edit_user_registration_path
90
+
91
+ fill_in 'email', :with => 'user.new@email.com'
92
+ fill_in 'current password', :with => '123456'
93
+ click_button 'Update'
94
+
95
+ assert_template 'home/index'
96
+ assert_contain 'You updated your account successfully.'
97
+
98
+ assert_equal "user.new@email.com", User.first.email
99
+ end
100
+
101
+ test 'a signed in user should not change his current user with invalid password' do
102
+ sign_in_as_user
103
+ get edit_user_registration_path
104
+
105
+ fill_in 'email', :with => 'user.new@email.com'
106
+ fill_in 'current password', :with => 'invalid'
107
+ click_button 'Update'
108
+
109
+ assert_template 'registrations/edit'
110
+ assert_contain 'user@test.com'
111
+ assert_have_selector 'form input[value="user.new@email.com"]'
112
+
113
+ assert_equal "user@test.com", User.first.email
114
+ end
115
+
116
+ test 'a signed in user should be able to edit his password' do
117
+ sign_in_as_user
118
+ get edit_user_registration_path
119
+
120
+ fill_in 'password', :with => 'pas123'
121
+ fill_in 'password confirmation', :with => 'pas123'
122
+ fill_in 'current password', :with => '123456'
123
+ click_button 'Update'
124
+
125
+ assert_template 'home/index'
126
+ assert_contain 'You updated your account successfully.'
127
+
128
+ assert User.first.valid_password?('pas123')
129
+ end
130
+
131
+ test 'a signed in user should not be able to edit his password with invalid confirmation' do
132
+ sign_in_as_user
133
+ get edit_user_registration_path
134
+
135
+ fill_in 'password', :with => 'pas123'
136
+ fill_in 'password confirmation', :with => ''
137
+ fill_in 'current password', :with => '123456'
138
+ click_button 'Update'
139
+
140
+ assert_contain "Password doesn't match confirmation"
141
+ assert_not User.first.valid_password?('pas123')
142
+ end
143
+
144
+ test 'a signed in user should be able to cancel his account' do
145
+ sign_in_as_user
146
+ get edit_user_registration_path
147
+
148
+ click_link "Cancel my account", :method => :delete
149
+ assert_contain "Bye! Your account was successfully cancelled. We hope to see you again soon."
150
+
151
+ assert User.all.empty?
152
+ end
153
+ end