parlement 0.14 → 0.17
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGES +41 -1
- data/MEMORY +66 -5
- data/README +10 -5
- data/Rakefile +15 -23
- data/app/controllers/account_controller.rb +48 -43
- data/app/controllers/{application.rb → application_controller.rb} +15 -12
- data/app/controllers/elt_controller.rb +77 -32
- data/app/controllers/subscriber_controller.rb +11 -10
- data/app/helpers/application_helper.rb +14 -1
- data/app/helpers/elt_helper.rb +9 -7
- data/app/models/elt.rb +25 -24
- data/app/models/mail.rb +44 -47
- data/app/models/person_notify.rb +2 -2
- data/app/models/user.rb +128 -2
- data/app/models/user_notify.rb +15 -15
- data/app/views/account/_login.rhtml +39 -39
- data/app/views/account/_show.rhtml +22 -30
- data/app/views/account/signup.rhtml +2 -2
- data/app/views/elt/_choice.rhtml +6 -6
- data/app/views/elt/_elt.rhtml +27 -32
- data/app/views/elt/choices.rhtml +16 -18
- data/app/views/elt/list/_byDate.rhtml +14 -14
- data/app/views/elt/list/_byVote.rhtml +15 -15
- data/app/views/elt/list/_children.rhtml +48 -40
- data/app/views/elt/list/_subscribers.rhtml +1 -1
- data/app/views/elt/new.rhtml +22 -21
- data/app/views/elt/rss.rxml +4 -11
- data/app/views/elt/show.rhtml +65 -61
- data/app/views/elt/vote_rss.rxml +4 -11
- data/app/views/layouts/top.rhtml +39 -50
- data/app/views/person/_listElts.rhtml +1 -1
- data/app/views/person/show.rhtml +1 -1
- data/{vendor/plugins/login_engine/app → app}/views/user_notify/change_password.rhtml +0 -0
- data/{vendor/plugins/login_engine/app → app}/views/user_notify/delete.rhtml +0 -0
- data/{vendor/plugins/login_engine/app → app}/views/user_notify/forgot_password.rhtml +0 -0
- data/{vendor/plugins/login_engine/app → app}/views/user_notify/pending_delete.rhtml +0 -0
- data/{vendor/plugins/login_engine/app → app}/views/user_notify/signup.rhtml +0 -0
- data/config/boot.rb +97 -32
- data/config/environment.rb +37 -35
- data/config/environments/development.rb +2 -3
- data/config/environments/production.rb +3 -0
- data/config/initializers/string_ruby_1.8.rb +10 -0
- data/config/routes.rb +17 -22
- data/db/schema.rb +102 -74
- data/lib/tasks/rspec.rake +167 -0
- data/public/404.html +25 -7
- data/public/500.html +26 -7
- data/public/dispatch.cgi +0 -0
- data/public/dispatch.fcgi +0 -0
- data/public/dispatch.rb +0 -0
- data/public/images/live_tree_branch_collapsed_icon.gif +0 -0
- data/public/images/live_tree_branch_expanded_icon.gif +0 -0
- data/public/images/live_tree_leaf_icon.gif +0 -0
- data/public/javascripts/application.js +258 -0
- data/public/javascripts/controls.js +544 -414
- data/public/javascripts/dragdrop.js +229 -198
- data/public/javascripts/effects.js +499 -459
- data/public/javascripts/prototype.js +2926 -1121
- data/public/javascripts/shadedborder.js +68 -50
- data/public/stylesheets/default.css +34 -34
- data/public/stylesheets/live_tree.css +0 -0
- data/public/stylesheets/scaffold.css +6 -6
- data/script/about +0 -0
- data/script/autospec +6 -0
- data/script/benchmarker +0 -0
- data/script/breakpointer +0 -0
- data/script/console +0 -0
- data/script/dbconsole +3 -0
- data/script/destroy +0 -0
- data/script/generate +0 -0
- data/script/plugin +0 -0
- data/script/profiler +0 -0
- data/script/runner +0 -0
- data/script/server +0 -0
- data/script/spec +10 -0
- data/script/spec_server +9 -0
- data/test/unit/attachment_test.rb +4 -4
- data/test/unit/choice_test.rb +1 -1
- data/test/unit/elt_test.rb +9 -9
- data/test/unit/mail_notify_test.rb +2 -2
- data/test/unit/mail_test.rb +18 -11
- data/test/unit/person_notify_test.rb +1 -1
- data/test/unit/person_test.rb +1 -1
- data/test/unit/subscriber_test.rb +1 -1
- data/test/unit/user_test.rb +81 -0
- data/test/unit/visit_test.rb +6 -6
- data/vendor/plugins/activerecord_foreign_key_extensions/init.rb +2 -0
- data/vendor/plugins/activerecord_foreign_key_extensions/lib/active_record_extensions.rb +182 -0
- data/vendor/plugins/activerecord_text_id_extensions/init.rb +2 -0
- data/vendor/plugins/activerecord_text_id_extensions/lib/active_record_extensions.rb +24 -0
- data/vendor/plugins/acts_as_nested_set/README +15 -0
- data/vendor/plugins/acts_as_nested_set/init.rb +1 -0
- data/vendor/plugins/acts_as_nested_set/lib/active_record/acts/nested_set.rb +210 -0
- data/vendor/plugins/acts_as_nested_set/test/nested_set_test.rb +269 -0
- data/vendor/plugins/acts_as_tree/README +26 -0
- data/vendor/plugins/acts_as_tree/Rakefile +22 -0
- data/vendor/plugins/acts_as_tree/init.rb +1 -0
- data/vendor/plugins/acts_as_tree/lib/active_record/acts/tree.rb +96 -0
- data/vendor/plugins/{output_compression/CHANGELOG → acts_as_tree/test/abstract_unit.rb} +0 -0
- data/vendor/plugins/acts_as_tree/test/acts_as_tree_test.rb +219 -0
- data/vendor/plugins/acts_as_tree/test/database.yml +0 -0
- data/vendor/plugins/acts_as_tree/test/fixtures/mixin.rb +0 -0
- data/vendor/plugins/acts_as_tree/test/fixtures/mixins.yml +0 -0
- data/vendor/plugins/acts_as_tree/test/schema.rb +0 -0
- data/vendor/plugins/classic_pagination/CHANGELOG +152 -0
- data/vendor/plugins/classic_pagination/README +18 -0
- data/vendor/plugins/{output_compression/rakefile → classic_pagination/Rakefile} +22 -22
- data/vendor/plugins/classic_pagination/init.rb +33 -0
- data/vendor/plugins/classic_pagination/install.rb +1 -0
- data/vendor/plugins/classic_pagination/lib/pagination.rb +405 -0
- data/vendor/plugins/classic_pagination/lib/pagination_helper.rb +135 -0
- data/vendor/plugins/classic_pagination/test/fixtures/companies.yml +24 -0
- data/vendor/plugins/classic_pagination/test/fixtures/company.rb +9 -0
- data/vendor/plugins/classic_pagination/test/fixtures/developer.rb +7 -0
- data/vendor/plugins/classic_pagination/test/fixtures/developers.yml +21 -0
- data/vendor/plugins/classic_pagination/test/fixtures/developers_projects.yml +13 -0
- data/vendor/plugins/classic_pagination/test/fixtures/project.rb +3 -0
- data/vendor/plugins/classic_pagination/test/fixtures/projects.yml +7 -0
- data/vendor/plugins/classic_pagination/test/fixtures/replies.yml +13 -0
- data/vendor/plugins/classic_pagination/test/fixtures/reply.rb +5 -0
- data/vendor/plugins/classic_pagination/test/fixtures/schema.sql +42 -0
- data/vendor/plugins/classic_pagination/test/fixtures/topic.rb +3 -0
- data/vendor/plugins/classic_pagination/test/fixtures/topics.yml +22 -0
- data/vendor/plugins/classic_pagination/test/helper.rb +117 -0
- data/vendor/plugins/classic_pagination/test/pagination_helper_test.rb +38 -0
- data/vendor/plugins/classic_pagination/test/pagination_test.rb +177 -0
- data/vendor/plugins/file_column/lib/file_column.rb +1 -1
- data/vendor/plugins/file_column/test/file_column_test.rb +0 -0
- metadata +151 -197
- data/app/helpers/live_tree.rb +0 -238
- data/app/views/elt/_form.rhtml +0 -31
- data/app/views/elt/show_tree.rhtml +0 -8
- data/config/environments/user_environment.rb +0 -1
- data/db/ROOT/Titemagli.txt +0 -3
- data/db/ROOT/titemagli.txt +0 -9
- data/public/javascripts/behaviour.js +0 -254
- data/public/javascripts/ie7-load.htc +0 -1
- data/public/javascripts/ie7.js +0 -6
- data/public/javascripts/live_tree.js +0 -749
- data/public/javascripts/mybehaviour.js +0 -225
- data/public/javascripts/scriptaculous.js +0 -47
- data/public/javascripts/slider.js +0 -283
- data/public/stylesheets/blue.css +0 -471
- data/vendor/plugins/engines/CHANGELOG +0 -241
- data/vendor/plugins/engines/MIT-LICENSE +0 -21
- data/vendor/plugins/engines/README +0 -64
- data/vendor/plugins/engines/Rakefile +0 -32
- data/vendor/plugins/engines/UPGRADING +0 -93
- data/vendor/plugins/engines/about.yml +0 -7
- data/vendor/plugins/engines/generators/plugin_migration/USAGE +0 -45
- data/vendor/plugins/engines/generators/plugin_migration/plugin_migration_generator.rb +0 -79
- data/vendor/plugins/engines/generators/plugin_migration/templates/plugin_migration.erb +0 -13
- data/vendor/plugins/engines/init.rb +0 -40
- data/vendor/plugins/engines/install.rb +0 -32
- data/vendor/plugins/engines/lib/engines.rb +0 -323
- data/vendor/plugins/engines/lib/engines/deprecated_config_support.rb +0 -135
- data/vendor/plugins/engines/lib/engines/plugin.rb +0 -214
- data/vendor/plugins/engines/lib/engines/plugin_list.rb +0 -31
- data/vendor/plugins/engines/lib/engines/plugin_migrator.rb +0 -60
- data/vendor/plugins/engines/lib/engines/rails_extensions.rb +0 -6
- data/vendor/plugins/engines/lib/engines/rails_extensions/active_record.rb +0 -19
- data/vendor/plugins/engines/lib/engines/rails_extensions/dependencies.rb +0 -143
- data/vendor/plugins/engines/lib/engines/rails_extensions/migrations.rb +0 -155
- data/vendor/plugins/engines/lib/engines/rails_extensions/public_asset_helpers.rb +0 -116
- data/vendor/plugins/engines/lib/engines/rails_extensions/rails.rb +0 -20
- data/vendor/plugins/engines/lib/engines/rails_extensions/rails_initializer.rb +0 -86
- data/vendor/plugins/engines/lib/engines/rails_extensions/routing.rb +0 -77
- data/vendor/plugins/engines/lib/engines/rails_extensions/templates.rb +0 -140
- data/vendor/plugins/engines/lib/engines/testing.rb +0 -87
- data/vendor/plugins/engines/tasks/engines.rake +0 -149
- data/vendor/plugins/login_engine/CHANGELOG +0 -22
- data/vendor/plugins/login_engine/README +0 -344
- data/vendor/plugins/login_engine/app/controllers/user_controller.rb +0 -262
- data/vendor/plugins/login_engine/app/helpers/user_helper.rb +0 -88
- data/vendor/plugins/login_engine/app/models/user.rb +0 -7
- data/vendor/plugins/login_engine/app/models/user_notify.rb +0 -75
- data/vendor/plugins/login_engine/app/views/user/_edit.rhtml +0 -11
- data/vendor/plugins/login_engine/app/views/user/_password.rhtml +0 -9
- data/vendor/plugins/login_engine/app/views/user/change_password.rhtml +0 -17
- data/vendor/plugins/login_engine/app/views/user/edit.rhtml +0 -23
- data/vendor/plugins/login_engine/app/views/user/forgot_password.rhtml +0 -18
- data/vendor/plugins/login_engine/app/views/user/home.rhtml +0 -7
- data/vendor/plugins/login_engine/app/views/user/login.rhtml +0 -17
- data/vendor/plugins/login_engine/app/views/user/logout.rhtml +0 -8
- data/vendor/plugins/login_engine/app/views/user/signup.rhtml +0 -17
- data/vendor/plugins/login_engine/db/migrate/001_initial_schema.rb +0 -25
- data/vendor/plugins/login_engine/init_engine.rb +0 -11
- data/vendor/plugins/login_engine/install.rb +0 -4
- data/vendor/plugins/login_engine/lib/login_engine.rb +0 -62
- data/vendor/plugins/login_engine/lib/login_engine/authenticated_system.rb +0 -113
- data/vendor/plugins/login_engine/lib/login_engine/authenticated_user.rb +0 -155
- data/vendor/plugins/login_engine/public/stylesheets/login_engine.css +0 -81
- data/vendor/plugins/login_engine/test/fixtures/users.yml +0 -41
- data/vendor/plugins/login_engine/test/functional/user_controller_test.rb +0 -536
- data/vendor/plugins/login_engine/test/mocks/mail.rb +0 -14
- data/vendor/plugins/login_engine/test/mocks/time.rb +0 -19
- data/vendor/plugins/login_engine/test/test_helper.rb +0 -11
- data/vendor/plugins/login_engine/test/unit/user_test.rb +0 -114
- data/vendor/plugins/output_compression/MIT-LICENSE +0 -20
- data/vendor/plugins/output_compression/README +0 -4
- data/vendor/plugins/output_compression/init.rb +0 -1
- data/vendor/plugins/output_compression/lib/output_compression.rb +0 -84
- data/vendor/plugins/output_compression/test/output_test.rb +0 -11
- data/vendor/plugins/output_compression/test/test_controller.rb +0 -3
- data/vendor/plugins/output_compression/test/test_helper.rb +0 -14
|
@@ -1,155 +0,0 @@
|
|
|
1
|
-
require 'digest/sha1'
|
|
2
|
-
|
|
3
|
-
# this model expects a certain database layout and its based on the name/login pattern.
|
|
4
|
-
|
|
5
|
-
module LoginEngine
|
|
6
|
-
module AuthenticatedUser
|
|
7
|
-
|
|
8
|
-
def self.included(base)
|
|
9
|
-
base.class_eval do
|
|
10
|
-
|
|
11
|
-
# use the table name given
|
|
12
|
-
set_table_name LoginEngine.config(:user_table)
|
|
13
|
-
|
|
14
|
-
attr_accessor :new_password
|
|
15
|
-
|
|
16
|
-
validates_presence_of :login
|
|
17
|
-
validates_length_of :login, :within => 3..40
|
|
18
|
-
validates_uniqueness_of :login
|
|
19
|
-
validates_uniqueness_of :email
|
|
20
|
-
validates_format_of :email, :with => /^[^@]+@.+$/
|
|
21
|
-
|
|
22
|
-
validates_presence_of :password, :if => :validate_password?
|
|
23
|
-
validates_confirmation_of :password, :if => :validate_password?
|
|
24
|
-
validates_length_of :password, { :minimum => 5, :if => :validate_password? }
|
|
25
|
-
validates_length_of :password, { :maximum => 40, :if => :validate_password? }
|
|
26
|
-
|
|
27
|
-
protected
|
|
28
|
-
|
|
29
|
-
attr_accessor :password, :password_confirmation
|
|
30
|
-
|
|
31
|
-
after_save :falsify_new_password
|
|
32
|
-
after_validation :crypt_password
|
|
33
|
-
|
|
34
|
-
end
|
|
35
|
-
base.extend(ClassMethods)
|
|
36
|
-
end
|
|
37
|
-
|
|
38
|
-
module ClassMethods
|
|
39
|
-
|
|
40
|
-
def authenticate(login, pass)
|
|
41
|
-
u = find(:first, :conditions => ["login = ? AND verified = 1 AND deleted = 0", login])
|
|
42
|
-
return nil if u.nil?
|
|
43
|
-
find(:first, :conditions => ["login = ? AND salted_password = ? AND verified = 1", login, AuthenticatedUser.salted_password(u.salt, AuthenticatedUser.hashed(pass))])
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
def authenticate_by_token(id, token)
|
|
47
|
-
# Allow logins for deleted accounts, but only via this method (and
|
|
48
|
-
# not the regular authenticate call)
|
|
49
|
-
u = find(:first, :conditions => ["#{User.primary_key} = ? AND security_token = ?", id, token])
|
|
50
|
-
return nil if u.nil? or u.token_expired?
|
|
51
|
-
return nil if false == u.update_expiry
|
|
52
|
-
u
|
|
53
|
-
end
|
|
54
|
-
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
protected
|
|
59
|
-
|
|
60
|
-
def self.hashed(str)
|
|
61
|
-
# check if a salt has been set...
|
|
62
|
-
if LoginEngine.config(:salt) == nil
|
|
63
|
-
raise "You must define a :salt value in the configuration for the LoginEngine module."
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
return Digest::SHA1.hexdigest("#{LoginEngine.config(:salt)}--#{str}--}")[0..39]
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
def self.salted_password(salt, hashed_password)
|
|
70
|
-
hashed(salt + hashed_password)
|
|
71
|
-
end
|
|
72
|
-
|
|
73
|
-
public
|
|
74
|
-
|
|
75
|
-
# hmmm, how does this interact with the developer's own User model initialize?
|
|
76
|
-
# We would have to *insist* that the User.initialize method called 'super'
|
|
77
|
-
#
|
|
78
|
-
def initialize(attributes = nil)
|
|
79
|
-
super
|
|
80
|
-
@new_password = false
|
|
81
|
-
end
|
|
82
|
-
|
|
83
|
-
def token_expired?
|
|
84
|
-
self.security_token and self.token_expiry and (Time.now > self.token_expiry)
|
|
85
|
-
end
|
|
86
|
-
|
|
87
|
-
def update_expiry
|
|
88
|
-
write_attribute('token_expiry', [self.token_expiry, Time.at(Time.now.to_i + 600 * 1000)].min)
|
|
89
|
-
write_attribute('authenticated_by_token', true)
|
|
90
|
-
write_attribute("verified", 1)
|
|
91
|
-
update_without_callbacks
|
|
92
|
-
end
|
|
93
|
-
|
|
94
|
-
def generate_security_token(hours = nil)
|
|
95
|
-
if not hours.nil? or self.security_token.nil? or self.token_expiry.nil? or
|
|
96
|
-
(Time.now.to_i + token_lifetime / 2) >= self.token_expiry.to_i
|
|
97
|
-
return new_security_token(hours)
|
|
98
|
-
else
|
|
99
|
-
return self.security_token
|
|
100
|
-
end
|
|
101
|
-
end
|
|
102
|
-
|
|
103
|
-
def set_delete_after
|
|
104
|
-
hours = LoginEngine.config(:delayed_delete_days) * 24
|
|
105
|
-
write_attribute('deleted', 1)
|
|
106
|
-
write_attribute('delete_after', Time.at(Time.now.to_i + hours * 60 * 60))
|
|
107
|
-
|
|
108
|
-
# Generate and return a token here, so that it expires at
|
|
109
|
-
# the same time that the account deletion takes effect.
|
|
110
|
-
return generate_security_token(hours)
|
|
111
|
-
end
|
|
112
|
-
|
|
113
|
-
def change_password(pass, confirm = nil)
|
|
114
|
-
self.password = pass
|
|
115
|
-
self.password_confirmation = confirm.nil? ? pass : confirm
|
|
116
|
-
@new_password = true
|
|
117
|
-
end
|
|
118
|
-
|
|
119
|
-
protected
|
|
120
|
-
|
|
121
|
-
def validate_password?
|
|
122
|
-
@new_password
|
|
123
|
-
end
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
def crypt_password
|
|
127
|
-
if @new_password
|
|
128
|
-
write_attribute("salt", AuthenticatedUser.hashed("salt-#{Time.now}"))
|
|
129
|
-
write_attribute("salted_password", AuthenticatedUser.salted_password(salt, AuthenticatedUser.hashed(@password)))
|
|
130
|
-
end
|
|
131
|
-
end
|
|
132
|
-
|
|
133
|
-
def falsify_new_password
|
|
134
|
-
@new_password = false
|
|
135
|
-
true
|
|
136
|
-
end
|
|
137
|
-
|
|
138
|
-
def new_security_token(hours = nil)
|
|
139
|
-
write_attribute('security_token', AuthenticatedUser.hashed(self.salted_password + Time.now.to_i.to_s + rand.to_s))
|
|
140
|
-
write_attribute('token_expiry', Time.at(Time.now.to_i + token_lifetime(hours)))
|
|
141
|
-
update_without_callbacks
|
|
142
|
-
return self.security_token
|
|
143
|
-
end
|
|
144
|
-
|
|
145
|
-
def token_lifetime(hours = nil)
|
|
146
|
-
if hours.nil?
|
|
147
|
-
LoginEngine.config(:security_token_life_hours) * 60 * 60
|
|
148
|
-
else
|
|
149
|
-
hours * 60 * 60
|
|
150
|
-
end
|
|
151
|
-
end
|
|
152
|
-
|
|
153
|
-
end
|
|
154
|
-
end
|
|
155
|
-
|
|
@@ -1,81 +0,0 @@
|
|
|
1
|
-
/*
|
|
2
|
-
|
|
3
|
-
This CSS file is basically the scaffold.css file, and is only
|
|
4
|
-
included here to demonstrate using CSS files with Engines.
|
|
5
|
-
|
|
6
|
-
*/
|
|
7
|
-
|
|
8
|
-
body { background-color: #fff; color: #333; }
|
|
9
|
-
|
|
10
|
-
body, p, ol, ul, td {
|
|
11
|
-
font-family: verdana, arial, helvetica, sans-serif;
|
|
12
|
-
font-size: 13px;
|
|
13
|
-
line-height: 18px;
|
|
14
|
-
}
|
|
15
|
-
|
|
16
|
-
pre {
|
|
17
|
-
background-color: #eee;
|
|
18
|
-
padding: 10px;
|
|
19
|
-
font-size: 11px;
|
|
20
|
-
}
|
|
21
|
-
|
|
22
|
-
a { color: #000; }
|
|
23
|
-
a:visited { color: #666; }
|
|
24
|
-
a:hover { color: #fff; background-color:#000; }
|
|
25
|
-
|
|
26
|
-
.fieldWithErrors {
|
|
27
|
-
padding: 2px;
|
|
28
|
-
background-color: red;
|
|
29
|
-
display: table;
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
#ErrorExplanation {
|
|
33
|
-
width: 400px;
|
|
34
|
-
border: 2px solid red;
|
|
35
|
-
padding: 7px;
|
|
36
|
-
padding-bottom: 12px;
|
|
37
|
-
margin-bottom: 20px;
|
|
38
|
-
background-color: #f0f0f0;
|
|
39
|
-
}
|
|
40
|
-
|
|
41
|
-
#ErrorExplanation h2 {
|
|
42
|
-
text-align: left;
|
|
43
|
-
font-weight: bold;
|
|
44
|
-
padding: 5px 5px 5px 15px;
|
|
45
|
-
font-size: 12px;
|
|
46
|
-
margin: -7px;
|
|
47
|
-
background-color: #c00;
|
|
48
|
-
color: #fff;
|
|
49
|
-
}
|
|
50
|
-
|
|
51
|
-
#ErrorExplanation p {
|
|
52
|
-
color: #333;
|
|
53
|
-
margin-bottom: 0;
|
|
54
|
-
padding: 5px;
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
#ErrorExplanation ul li {
|
|
58
|
-
font-size: 12px;
|
|
59
|
-
list-style: square;
|
|
60
|
-
}
|
|
61
|
-
|
|
62
|
-
div.uploadStatus {
|
|
63
|
-
margin: 5px;
|
|
64
|
-
}
|
|
65
|
-
|
|
66
|
-
div.progressBar {
|
|
67
|
-
margin: 5px;
|
|
68
|
-
}
|
|
69
|
-
|
|
70
|
-
div.progressBar div.border {
|
|
71
|
-
background-color: #fff;
|
|
72
|
-
border: 1px solid grey;
|
|
73
|
-
width: 100%;
|
|
74
|
-
}
|
|
75
|
-
|
|
76
|
-
div.progressBar div.background {
|
|
77
|
-
background-color: #333;
|
|
78
|
-
height: 18px;
|
|
79
|
-
width: 0%;
|
|
80
|
-
}
|
|
81
|
-
|
|
@@ -1,41 +0,0 @@
|
|
|
1
|
-
# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
|
|
2
|
-
|
|
3
|
-
bob:
|
|
4
|
-
id: 1000001
|
|
5
|
-
login: bob
|
|
6
|
-
salted_password: b1de1d1d2aec05df2be6f02995537c1783f08490 # atest
|
|
7
|
-
salt: bf3c47e71c0bfeb6288c9b6b5e24e15256a0e407
|
|
8
|
-
email: bob@test.com
|
|
9
|
-
verified: 1
|
|
10
|
-
|
|
11
|
-
existingbob:
|
|
12
|
-
id: 1000002
|
|
13
|
-
login: existingbob
|
|
14
|
-
salted_password: b1de1d1d2aec05df2be6f02995537c1783f08490 # atest
|
|
15
|
-
salt: bf3c47e71c0bfeb6288c9b6b5e24e15256a0e407
|
|
16
|
-
email: existingbob@test.com
|
|
17
|
-
verified: 1
|
|
18
|
-
|
|
19
|
-
longbob:
|
|
20
|
-
id: 1000003
|
|
21
|
-
login: longbob
|
|
22
|
-
salted_password: 53427dca242488e885216a579e362ee888c3ebc1 # alongtest
|
|
23
|
-
salt: d35a9cc89af83799d9a938a74cb06a11d295aa9c
|
|
24
|
-
email: longbob@test.com
|
|
25
|
-
verified: 1
|
|
26
|
-
|
|
27
|
-
deletebob1:
|
|
28
|
-
id: 1000004
|
|
29
|
-
login: deletebob1
|
|
30
|
-
salted_password: 53427dca242488e885216a579e362ee888c3ebc1 # alongtest
|
|
31
|
-
salt: d35a9cc89af83799d9a938a74cb06a11d295aa9c
|
|
32
|
-
email: deletebob1@test.com
|
|
33
|
-
verified: 1
|
|
34
|
-
|
|
35
|
-
deletebob2:
|
|
36
|
-
id: 1000005
|
|
37
|
-
login: deletebob2
|
|
38
|
-
salted_password: 53427dca242488e885216a579e362ee888c3ebc1 # alongtest
|
|
39
|
-
salt: d35a9cc89af83799d9a938a74cb06a11d295aa9c
|
|
40
|
-
email: deletebob2@test.com
|
|
41
|
-
verified: 1
|
|
@@ -1,536 +0,0 @@
|
|
|
1
|
-
require File.dirname(__FILE__) + '/../test_helper'
|
|
2
|
-
require_dependency 'user_controller'
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
# Raise errors beyond the default web-based presentation
|
|
6
|
-
class UserController; def rescue_action(e) raise e end; end
|
|
7
|
-
|
|
8
|
-
class UserControllerTest < Test::Unit::TestCase
|
|
9
|
-
|
|
10
|
-
# load the fixture into the developer-specified table using the custom
|
|
11
|
-
# 'fixture' method.
|
|
12
|
-
fixture :users, :table_name => LoginEngine.config(:user_table), :class_name => "User"
|
|
13
|
-
|
|
14
|
-
def setup
|
|
15
|
-
|
|
16
|
-
LoginEngine::CONFIG[:salt] = "test-salt"
|
|
17
|
-
|
|
18
|
-
@controller = UserController.new
|
|
19
|
-
@request, @response = ActionController::TestRequest.new, ActionController::TestResponse.new
|
|
20
|
-
@request.host = "localhost"
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
#==========================================================================
|
|
26
|
-
#
|
|
27
|
-
# Login/Logout
|
|
28
|
-
#
|
|
29
|
-
#==========================================================================
|
|
30
|
-
|
|
31
|
-
def test_home_without_login
|
|
32
|
-
get :home
|
|
33
|
-
assert_redirected_to :action => "login"
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
def test_invalid_login
|
|
37
|
-
post :login, :user => { :login => "bob", :password => "wrong_password" }
|
|
38
|
-
assert_response :success
|
|
39
|
-
|
|
40
|
-
assert_session_has_no :user
|
|
41
|
-
assert_template "login"
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
def test_login
|
|
45
|
-
@request.session['return-to'] = "/bogus/location"
|
|
46
|
-
|
|
47
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
48
|
-
|
|
49
|
-
assert_response 302 # redirect
|
|
50
|
-
assert_session_has :user
|
|
51
|
-
assert_equal users(:bob), session[:user]
|
|
52
|
-
|
|
53
|
-
assert_redirect_url "http://#{@request.host}/bogus/location"
|
|
54
|
-
end
|
|
55
|
-
|
|
56
|
-
def test_login_logoff
|
|
57
|
-
|
|
58
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
59
|
-
assert_session_has :user
|
|
60
|
-
|
|
61
|
-
get :logout
|
|
62
|
-
assert_session_has_no :user
|
|
63
|
-
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
#==========================================================================
|
|
68
|
-
#
|
|
69
|
-
# Signup
|
|
70
|
-
#
|
|
71
|
-
#==========================================================================
|
|
72
|
-
|
|
73
|
-
def test_signup
|
|
74
|
-
LoginEngine::CONFIG[:use_email_notification] = true
|
|
75
|
-
|
|
76
|
-
ActionMailer::Base.deliveries = []
|
|
77
|
-
|
|
78
|
-
@request.session['return-to'] = "/bogus/location"
|
|
79
|
-
|
|
80
|
-
assert_equal 5, User.count
|
|
81
|
-
post :signup, :user => { :login => "newbob", :password => "newpassword", :password_confirmation => "newpassword", :email => "newbob@test.com" }
|
|
82
|
-
assert_session_has_no :user
|
|
83
|
-
|
|
84
|
-
assert_redirect_url(@controller.url_for(:action => "login"))
|
|
85
|
-
assert_equal 1, ActionMailer::Base.deliveries.size
|
|
86
|
-
mail = ActionMailer::Base.deliveries[0]
|
|
87
|
-
assert_equal "newbob@test.com", mail.to_addrs[0].to_s
|
|
88
|
-
assert_match /login:\s+\w+\n/, mail.encoded
|
|
89
|
-
assert_match /password:\s+\w+\n/, mail.encoded
|
|
90
|
-
#mail.encoded =~ /user_id=(.*?)&key=(.*?)"/
|
|
91
|
-
user_id = /user_id=(\d+)/.match(mail.encoded)[1]
|
|
92
|
-
key = /key=([a-z0-9]+)/.match(mail.encoded)[1]
|
|
93
|
-
|
|
94
|
-
assert_not_nil user_id
|
|
95
|
-
assert_not_nil key
|
|
96
|
-
|
|
97
|
-
user = User.find_by_email("newbob@test.com")
|
|
98
|
-
assert_not_nil user
|
|
99
|
-
assert_equal 0, user.verified
|
|
100
|
-
|
|
101
|
-
# First past the expiration.
|
|
102
|
-
Time.advance_by_days = 1
|
|
103
|
-
get :home, :user_id => "#{user_id}", :key => "#{key}"
|
|
104
|
-
Time.advance_by_days = 0
|
|
105
|
-
user = User.find_by_email("newbob@test.com")
|
|
106
|
-
assert_equal 0, user.verified
|
|
107
|
-
|
|
108
|
-
# Then a bogus key.
|
|
109
|
-
get :home, :user_id => "#{user_id}", :key => "boguskey"
|
|
110
|
-
user = User.find_by_email("newbob@test.com")
|
|
111
|
-
assert_equal 0, user.verified
|
|
112
|
-
|
|
113
|
-
# Now the real one.
|
|
114
|
-
get :home, :user_id => "#{user_id}", :key => "#{key}"
|
|
115
|
-
user = User.find_by_email("newbob@test.com")
|
|
116
|
-
assert_equal 1, user.verified
|
|
117
|
-
|
|
118
|
-
post :login, :user => { :login => "newbob", :password => "newpassword" }
|
|
119
|
-
assert_session_has :user
|
|
120
|
-
get :logout
|
|
121
|
-
|
|
122
|
-
end
|
|
123
|
-
|
|
124
|
-
def test_signup_bad_password
|
|
125
|
-
LoginEngine::CONFIG[:use_email_notification] = true
|
|
126
|
-
ActionMailer::Base.deliveries = []
|
|
127
|
-
|
|
128
|
-
@request.session['return-to'] = "/bogus/location"
|
|
129
|
-
post :signup, :user => { :login => "newbob", :password => "bad", :password_confirmation => "bad", :email => "newbob@test.com" }
|
|
130
|
-
assert_session_has_no :user
|
|
131
|
-
assert_invalid_column_on_record "user", "password"
|
|
132
|
-
assert_success
|
|
133
|
-
assert_equal 0, ActionMailer::Base.deliveries.size
|
|
134
|
-
end
|
|
135
|
-
|
|
136
|
-
def test_signup_bad_email
|
|
137
|
-
LoginEngine::CONFIG[:use_email_notification] = true
|
|
138
|
-
ActionMailer::Base.deliveries = []
|
|
139
|
-
|
|
140
|
-
@request.session['return-to'] = "/bogus/location"
|
|
141
|
-
|
|
142
|
-
ActionMailer::Base.inject_one_error = true
|
|
143
|
-
post :signup, :user => { :login => "newbob", :password => "newpassword", :password_confirmation => "newpassword", :email => "newbob@test.com" }
|
|
144
|
-
assert_session_has_no :user
|
|
145
|
-
assert_equal 0, ActionMailer::Base.deliveries.size
|
|
146
|
-
end
|
|
147
|
-
|
|
148
|
-
def test_signup_without_email
|
|
149
|
-
LoginEngine::CONFIG[:use_email_notification] = false
|
|
150
|
-
|
|
151
|
-
@request.session['return-to'] = "/bogus/location"
|
|
152
|
-
|
|
153
|
-
post :signup, :user => { :login => "newbob", :password => "newpassword", :password_confirmation => "newpassword", :email => "newbob@test.com" }
|
|
154
|
-
|
|
155
|
-
assert_redirect_url(@controller.url_for(:action => "login"))
|
|
156
|
-
assert_session_has_no :user
|
|
157
|
-
assert_match /Signup successful/, flash[:notice]
|
|
158
|
-
|
|
159
|
-
assert_not_nil User.find_by_login("newbob")
|
|
160
|
-
|
|
161
|
-
user = User.find_by_email("newbob@test.com")
|
|
162
|
-
assert_not_nil user
|
|
163
|
-
|
|
164
|
-
post :login, :user => { :login => "newbob", :password => "newpassword" }
|
|
165
|
-
assert_session_has :user
|
|
166
|
-
get :logout
|
|
167
|
-
end
|
|
168
|
-
|
|
169
|
-
def test_signup_bad_details
|
|
170
|
-
@request.session['return-to'] = "/bogus/location"
|
|
171
|
-
|
|
172
|
-
# mismatched password
|
|
173
|
-
post :signup, :user => { :login => "newbob", :password => "newpassword", :password_confirmation => "wrong" }
|
|
174
|
-
assert_invalid_column_on_record "user", "password"
|
|
175
|
-
assert_success
|
|
176
|
-
|
|
177
|
-
# login not long enough
|
|
178
|
-
post :signup, :user => { :login => "yo", :password => "newpassword", :password_confirmation => "newpassword" }
|
|
179
|
-
assert_invalid_column_on_record "user", "login"
|
|
180
|
-
assert_success
|
|
181
|
-
|
|
182
|
-
# both
|
|
183
|
-
post :signup, :user => { :login => "yo", :password => "newpassword", :password_confirmation => "wrong" }
|
|
184
|
-
assert_invalid_column_on_record "user", ["login", "password"]
|
|
185
|
-
assert_success
|
|
186
|
-
|
|
187
|
-
# existing user
|
|
188
|
-
post :signup, :user => { :login => "bob", :password => "doesnt_matter", :password_confirmation => "doesnt_matter" }
|
|
189
|
-
assert_invalid_column_on_record "user", "login"
|
|
190
|
-
assert_success
|
|
191
|
-
|
|
192
|
-
# existing email
|
|
193
|
-
post :signup, :user => { :login => "newbob", :email => "longbob@test.com", :password => "doesnt_matter", :password_confirmation => "doesnt_matter" }
|
|
194
|
-
assert_invalid_column_on_record "user", "email"
|
|
195
|
-
assert_success
|
|
196
|
-
|
|
197
|
-
end
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
#==========================================================================
|
|
201
|
-
#
|
|
202
|
-
# Edit
|
|
203
|
-
#
|
|
204
|
-
#==========================================================================
|
|
205
|
-
|
|
206
|
-
def test_edit
|
|
207
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
208
|
-
assert_session_has :user
|
|
209
|
-
|
|
210
|
-
post :edit, :user => { "firstname" => "Bob", "form" => "edit" }
|
|
211
|
-
assert_equal @response.session[:user].firstname, "Bob"
|
|
212
|
-
|
|
213
|
-
post :edit, :user => { "firstname" => "", "form" => "edit" }
|
|
214
|
-
assert_equal @response.session[:user].firstname, ""
|
|
215
|
-
|
|
216
|
-
get :logout
|
|
217
|
-
end
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
#==========================================================================
|
|
222
|
-
#
|
|
223
|
-
# Delete
|
|
224
|
-
#
|
|
225
|
-
#==========================================================================
|
|
226
|
-
|
|
227
|
-
def test_delete
|
|
228
|
-
LoginEngine::CONFIG[:use_email_notification] = true
|
|
229
|
-
# Immediate delete
|
|
230
|
-
post :login, :user => { :login => "deletebob1", :password => "alongtest" }
|
|
231
|
-
assert_session_has :user
|
|
232
|
-
|
|
233
|
-
LoginEngine.config :delayed_delete, false, :force
|
|
234
|
-
post :delete
|
|
235
|
-
assert_equal 1, ActionMailer::Base.deliveries.size
|
|
236
|
-
assert_session_has_no :user
|
|
237
|
-
|
|
238
|
-
# try and login in again, we should fail.
|
|
239
|
-
post :login, :user => { :login => "deletebob1", :password => "alongtest" }
|
|
240
|
-
assert_session_has_no :user
|
|
241
|
-
assert_template_has "login"
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
# Now try delayed delete
|
|
245
|
-
ActionMailer::Base.deliveries = []
|
|
246
|
-
|
|
247
|
-
post :login, :user => { :login => "deletebob2", :password => "alongtest" }
|
|
248
|
-
assert_session_has :user
|
|
249
|
-
|
|
250
|
-
LoginEngine.config :delayed_delete, true, :force
|
|
251
|
-
post :delete
|
|
252
|
-
assert_equal 1, ActionMailer::Base.deliveries.size
|
|
253
|
-
mail = ActionMailer::Base.deliveries[0]
|
|
254
|
-
user_id = /user_id=(\d+)/.match(mail.encoded)[1]
|
|
255
|
-
key = /key=([a-z0-9]+)/.match(mail.encoded)[1]
|
|
256
|
-
|
|
257
|
-
post :restore_deleted, :user_id => "#{user_id}", "key" => "badkey"
|
|
258
|
-
assert_session_has_no :user
|
|
259
|
-
|
|
260
|
-
# Advance the time past the delete date
|
|
261
|
-
Time.advance_by_days = LoginEngine.config :delayed_delete_days
|
|
262
|
-
post :restore_deleted, :user_id => "#{user_id}", "key" => "#{key}"
|
|
263
|
-
assert_session_has_no :user
|
|
264
|
-
Time.advance_by_days = 0
|
|
265
|
-
|
|
266
|
-
post :restore_deleted, :user_id => "#{user_id}", "key" => "#{key}"
|
|
267
|
-
assert_session_has :user
|
|
268
|
-
end
|
|
269
|
-
|
|
270
|
-
def test_delete_without_email
|
|
271
|
-
LoginEngine::CONFIG[:use_email_notification] = false
|
|
272
|
-
ActionMailer::Base.deliveries = []
|
|
273
|
-
|
|
274
|
-
# Immediate delete
|
|
275
|
-
post :login, :user => { :login => "deletebob1", :password => "alongtest" }
|
|
276
|
-
assert_session_has :user
|
|
277
|
-
|
|
278
|
-
LoginEngine.config :delayed_delete, false, :force
|
|
279
|
-
post :delete
|
|
280
|
-
assert_session_has_no :user
|
|
281
|
-
assert_nil User.find_by_login("deletebob1")
|
|
282
|
-
|
|
283
|
-
# try and login in again, we should fail.
|
|
284
|
-
post :login, :user => { :login => "deletebob1", :password => "alongtest" }
|
|
285
|
-
assert_session_has_no :user
|
|
286
|
-
assert_template_has "login"
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
# Now try delayed delete
|
|
290
|
-
ActionMailer::Base.deliveries = []
|
|
291
|
-
|
|
292
|
-
post :login, :user => { :login => "deletebob2", :password => "alongtest" }
|
|
293
|
-
assert_session_has :user
|
|
294
|
-
|
|
295
|
-
# delayed delete is not really relevant currently without email.
|
|
296
|
-
LoginEngine.config :delayed_delete, true, :force
|
|
297
|
-
post :delete
|
|
298
|
-
assert_equal 1, User.find_by_login("deletebob2").deleted
|
|
299
|
-
end
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
#==========================================================================
|
|
304
|
-
#
|
|
305
|
-
# Change Password
|
|
306
|
-
#
|
|
307
|
-
#==========================================================================
|
|
308
|
-
|
|
309
|
-
def test_change_valid_password
|
|
310
|
-
|
|
311
|
-
LoginEngine::CONFIG[:use_email_notification] = true
|
|
312
|
-
|
|
313
|
-
ActionMailer::Base.deliveries = []
|
|
314
|
-
|
|
315
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
316
|
-
assert_session_has :user
|
|
317
|
-
|
|
318
|
-
post :change_password, :user => { :password => "changed_password", :password_confirmation => "changed_password" }
|
|
319
|
-
|
|
320
|
-
assert_equal 1, ActionMailer::Base.deliveries.size
|
|
321
|
-
mail = ActionMailer::Base.deliveries[0]
|
|
322
|
-
assert_equal "bob@test.com", mail.to_addrs[0].to_s
|
|
323
|
-
assert_match /login:\s+\w+\n/, mail.encoded
|
|
324
|
-
assert_match /password:\s+\w+\n/, mail.encoded
|
|
325
|
-
|
|
326
|
-
post :login, :user => { :login => "bob", :password => "changed_password" }
|
|
327
|
-
assert_session_has :user
|
|
328
|
-
post :change_password, :user => { :password => "atest", :password_confirmation => "atest" }
|
|
329
|
-
get :logout
|
|
330
|
-
|
|
331
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
332
|
-
assert_session_has :user
|
|
333
|
-
|
|
334
|
-
get :logout
|
|
335
|
-
end
|
|
336
|
-
|
|
337
|
-
def test_change_valid_password_without_email
|
|
338
|
-
|
|
339
|
-
LoginEngine::CONFIG[:use_email_notification] = false
|
|
340
|
-
|
|
341
|
-
ActionMailer::Base.deliveries = []
|
|
342
|
-
|
|
343
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
344
|
-
assert_session_has :user
|
|
345
|
-
|
|
346
|
-
post :change_password, :user => { :password => "changed_password", :password_confirmation => "changed_password" }
|
|
347
|
-
|
|
348
|
-
assert_redirected_to :action => "change_password"
|
|
349
|
-
|
|
350
|
-
post :login, :user => { :login => "bob", :password => "changed_password" }
|
|
351
|
-
assert_session_has :user
|
|
352
|
-
post :change_password, :user => { :password => "atest", :password_confirmation => "atest" }
|
|
353
|
-
get :logout
|
|
354
|
-
|
|
355
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
356
|
-
assert_session_has :user
|
|
357
|
-
|
|
358
|
-
get :logout
|
|
359
|
-
end
|
|
360
|
-
|
|
361
|
-
def test_change_short_password
|
|
362
|
-
LoginEngine::CONFIG[:use_email_notification] = true
|
|
363
|
-
ActionMailer::Base.deliveries = []
|
|
364
|
-
|
|
365
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
366
|
-
assert_session_has :user
|
|
367
|
-
|
|
368
|
-
post :change_password, :user => { :password => "bad", :password_confirmation => "bad" }
|
|
369
|
-
assert_invalid_column_on_record "user", "password"
|
|
370
|
-
assert_success
|
|
371
|
-
assert_equal 0, ActionMailer::Base.deliveries.size
|
|
372
|
-
|
|
373
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
374
|
-
assert_session_has :user
|
|
375
|
-
|
|
376
|
-
get :logout
|
|
377
|
-
end
|
|
378
|
-
|
|
379
|
-
def test_change_short_password_without_email
|
|
380
|
-
LoginEngine::CONFIG[:use_email_notification] = false
|
|
381
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
382
|
-
assert_session_has :user
|
|
383
|
-
|
|
384
|
-
post :change_password, :user => { :password => "bad", :password_confirmation => "bad" }
|
|
385
|
-
assert_invalid_column_on_record "user", "password"
|
|
386
|
-
assert_success
|
|
387
|
-
|
|
388
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
389
|
-
assert_session_has :user
|
|
390
|
-
|
|
391
|
-
get :logout
|
|
392
|
-
end
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
def test_change_password_with_bad_email
|
|
396
|
-
LoginEngine::CONFIG[:use_email_notification] = true
|
|
397
|
-
ActionMailer::Base.deliveries = []
|
|
398
|
-
|
|
399
|
-
# log in
|
|
400
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
401
|
-
assert_session_has :user
|
|
402
|
-
|
|
403
|
-
# change the password, but the email delivery will fail
|
|
404
|
-
ActionMailer::Base.inject_one_error = true
|
|
405
|
-
post :change_password, :user => { :password => "changed_password", :password_confirmation => "changed_password" }
|
|
406
|
-
assert_equal 0, ActionMailer::Base.deliveries.size
|
|
407
|
-
assert_match /Password could not be changed/, flash[:warning]
|
|
408
|
-
|
|
409
|
-
# logout
|
|
410
|
-
get :logout
|
|
411
|
-
assert_session_has_no :user
|
|
412
|
-
|
|
413
|
-
# ensure we can log in with our original password
|
|
414
|
-
# TODO: WHY DOES THIS FAIL!! It looks like the transaction stuff in UserController#change_password isn't actually rolling back changes.
|
|
415
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
416
|
-
assert_session_has :user
|
|
417
|
-
|
|
418
|
-
get :logout
|
|
419
|
-
end
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
#==========================================================================
|
|
425
|
-
#
|
|
426
|
-
# Forgot Password
|
|
427
|
-
#
|
|
428
|
-
#==========================================================================
|
|
429
|
-
|
|
430
|
-
def test_forgot_password
|
|
431
|
-
LoginEngine::CONFIG[:use_email_notification] = true
|
|
432
|
-
|
|
433
|
-
do_forgot_password(false, false, false)
|
|
434
|
-
do_forgot_password(false, false, true)
|
|
435
|
-
do_forgot_password(true, false, false)
|
|
436
|
-
do_forgot_password(false, true, false)
|
|
437
|
-
end
|
|
438
|
-
|
|
439
|
-
def do_forgot_password(bad_address, bad_email, logged_in)
|
|
440
|
-
ActionMailer::Base.deliveries = []
|
|
441
|
-
|
|
442
|
-
if logged_in
|
|
443
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
444
|
-
assert_session_has :user
|
|
445
|
-
end
|
|
446
|
-
|
|
447
|
-
@request.session['return-to'] = "/bogus/location"
|
|
448
|
-
if not bad_address and not bad_email
|
|
449
|
-
post :forgot_password, :user => { :email => "bob@test.com" }
|
|
450
|
-
password = "anewpassword"
|
|
451
|
-
if logged_in
|
|
452
|
-
assert_equal 0, ActionMailer::Base.deliveries.size
|
|
453
|
-
assert_redirect_url(@controller.url_for(:action => "change_password"))
|
|
454
|
-
post :change_password, :user => { :password => "#{password}", :password_confirmation => "#{password}" }
|
|
455
|
-
else
|
|
456
|
-
assert_equal 1, ActionMailer::Base.deliveries.size
|
|
457
|
-
mail = ActionMailer::Base.deliveries[0]
|
|
458
|
-
assert_equal "bob@test.com", mail.to_addrs[0].to_s
|
|
459
|
-
user_id = /user_id=(\d+)/.match(mail.encoded)[1]
|
|
460
|
-
key = /key=([a-z0-9]+)/.match(mail.encoded)[1]
|
|
461
|
-
post :change_password, :user => { :password => "#{password}", :password_confirmation => "#{password}"}, :user_id => "#{user_id}", :key => "#{key}"
|
|
462
|
-
assert_session_has :user
|
|
463
|
-
get :logout
|
|
464
|
-
end
|
|
465
|
-
elsif bad_address
|
|
466
|
-
post :forgot_password, :user => { :email => "bademail@test.com" }
|
|
467
|
-
assert_equal 0, ActionMailer::Base.deliveries.size
|
|
468
|
-
elsif bad_email
|
|
469
|
-
ActionMailer::Base.inject_one_error = true
|
|
470
|
-
post :forgot_password, :user => { :email => "bob@test.com" }
|
|
471
|
-
assert_equal 0, ActionMailer::Base.deliveries.size
|
|
472
|
-
else
|
|
473
|
-
# Invalid test case
|
|
474
|
-
assert false
|
|
475
|
-
end
|
|
476
|
-
|
|
477
|
-
if not bad_address and not bad_email
|
|
478
|
-
if logged_in
|
|
479
|
-
get :logout
|
|
480
|
-
else
|
|
481
|
-
assert_redirect_url(@controller.url_for(:action => "login"))
|
|
482
|
-
end
|
|
483
|
-
post :login, :user => { :login => "bob", :password => "#{password}" }
|
|
484
|
-
else
|
|
485
|
-
# Okay, make sure the database did not get changed
|
|
486
|
-
if logged_in
|
|
487
|
-
get :logout
|
|
488
|
-
end
|
|
489
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
490
|
-
end
|
|
491
|
-
|
|
492
|
-
assert_session_has :user
|
|
493
|
-
|
|
494
|
-
# Put the old settings back
|
|
495
|
-
if not bad_address and not bad_email
|
|
496
|
-
post :change_password, :user => { :password => "atest", :password_confirmation => "atest" }
|
|
497
|
-
end
|
|
498
|
-
|
|
499
|
-
get :logout
|
|
500
|
-
end
|
|
501
|
-
|
|
502
|
-
def test_forgot_password_without_email_and_logged_in
|
|
503
|
-
LoginEngine::CONFIG[:use_email_notification] = false
|
|
504
|
-
|
|
505
|
-
post :login, :user => { :login => "bob", :password => "atest" }
|
|
506
|
-
assert_session_has :user
|
|
507
|
-
|
|
508
|
-
@request.session['return-to'] = "/bogus/location"
|
|
509
|
-
post :forgot_password, :user => { :email => "bob@test.com" }
|
|
510
|
-
password = "anewpassword"
|
|
511
|
-
assert_redirect_url(@controller.url_for(:action => "change_password"))
|
|
512
|
-
post :change_password, :user => { :password => "#{password}", :password_confirmation => "#{password}" }
|
|
513
|
-
|
|
514
|
-
get :logout
|
|
515
|
-
|
|
516
|
-
post :login, :user => { :login => "bob", :password => "#{password}" }
|
|
517
|
-
|
|
518
|
-
assert_session_has :user
|
|
519
|
-
|
|
520
|
-
get :logout
|
|
521
|
-
end
|
|
522
|
-
|
|
523
|
-
def forgot_password_without_email_and_not_logged_in
|
|
524
|
-
LoginEngine::CONFIG[:use_email_notification] = false
|
|
525
|
-
|
|
526
|
-
@request.session['return-to'] = "/bogus/location"
|
|
527
|
-
post :forgot_password, :user => { :email => "bob@test.com" }
|
|
528
|
-
password = "anewpassword"
|
|
529
|
-
|
|
530
|
-
# wothout email, you can't retrieve your forgotten password...
|
|
531
|
-
assert_match /Please contact the system admin/, flash[:message]
|
|
532
|
-
assert_session_has_no :user
|
|
533
|
-
|
|
534
|
-
assert_redirect_url "http://#{@request.host}/bogus/location"
|
|
535
|
-
end
|
|
536
|
-
end
|