pillowfort 0.1.1 → 0.1.2

data/spec/dummy/public/404.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <div>
+      <h1>The page you were looking for doesn't exist.</h1>
+      <p>You may have mistyped the address or the page may have moved.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/422.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <div>
+      <h1>The change you wanted was rejected.</h1>
+      <p>Maybe you tried to change something you didn't have access to.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/500.html

@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <div>
+      <h1>We're sorry, but something went wrong.</h1>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/spec/controllers/accounts_controller_spec.rb

@@ -0,0 +1,52 @@
+require 'rails_helper'
+
+describe AccountsController, :type => :controller do
+  describe 'its response' do
+    subject { response }
+
+    context 'when authenticated' do
+      let(:account) { FactoryGirl.create :account }
+      before { authenticate_with account }
+
+      describe 'unprotected #index' do
+        before { get :index }
+        it { should have_http_status :success }
+      end
+
+      describe 'protected #show' do
+        before { get :show, id: 1 }
+        it { should have_http_status :success }
+      end
+    end
+
+    context 'when not authenticated' do
+      describe 'unprotected #index' do
+        before { get :index }
+        it { should have_http_status :success }
+      end
+
+      describe 'protected #show' do
+        before { get :show, id: 1 }
+        it { should have_http_status :unauthorized }
+      end
+    end
+  end
+
+  describe 'its methods' do
+    describe '#current_account' do
+      it { should respond_to(:current_account) }
+
+      context 'when authenticated' do
+        let(:account) { FactoryGirl.create :account }
+        before do
+          authenticate_with account
+          get :show, id: 1
+        end
+
+        it 'should return the account when current_account is called' do
+          expect(subject.current_account).to eq(account)
+        end
+      end
+    end
+  end
+end

data/spec/dummy/spec/factories/accounts.rb

@@ -0,0 +1,10 @@
+FactoryGirl.define do
+  sequence :email do |n|
+    "foo.bar.#{n}@baz.org"
+  end
+
+  factory :account do
+    email
+    password  { "SuperSafe123" }
+  end
+end

data/spec/dummy/spec/models/account_spec.rb

@@ -0,0 +1,276 @@
+require 'rails_helper'
+
+# ------------------------------------------------------------------------------
+# Shared Examples
+# ------------------------------------------------------------------------------
+
+RSpec.shared_examples 'an auth token resetter' do
+  describe 'its affect on the auth_token' do
+    subject { account.auth_token }
+
+    describe 'before the call' do
+      it { should eq(auth_token) }
+    end
+
+    describe 'after the call' do
+      before { call_the_method }
+      it { should_not eq(auth_token) }
+    end
+  end
+
+  describe 'its affect on the auth_token_expires_at' do
+    subject { account.auth_token_expires_at }
+
+    describe 'before the call' do
+      it { should eq(auth_token_expires_at) }
+    end
+
+    describe 'after the call' do
+      before { call_the_method }
+      it { should be > auth_token_expires_at }
+    end
+  end
+end
+
+# ------------------------------------------------------------------------------
+# The Spec!
+# ------------------------------------------------------------------------------
+
+RSpec.describe Account, :type => :model do
+
+  describe 'its validations' do
+    before { account.save }
+    subject { account.errors.messages }
+
+    describe 'email validations' do
+      let(:account) { FactoryGirl.build(:account, email: email) }
+
+      context 'presence_of' do
+        let(:email) { nil }
+
+        it { should include(email: ["can't be blank"]) }
+      end
+
+      context 'uniqueness' do
+        let(:email) { 'foobar@baz.com' }
+        let(:dup_account) { FactoryGirl.build(:account, email: email) }
+        before  { dup_account.save }
+        subject { dup_account.errors.messages}
+
+        it { should include(email: ["has already been taken"]) }
+      end
+    end
+
+    describe 'password validations' do
+      let(:account) { FactoryGirl.build(:account, password: password) }
+
+      context 'presence_of' do
+        let(:password) { nil }
+
+        it { should include(password: [/can't be blank/, /is too short/]) }
+      end
+
+      context 'length of' do
+        context "when it's too short" do
+          let(:password) { "x"*3 }
+
+          it { should include(password: [/is too short/])}
+        end
+
+        context "when it's too long" do
+          let(:password) { "x"*80 }
+
+          it { should include(password: [/is too long/])}
+        end
+      end
+    end
+  end
+
+  describe 'the instance methods' do
+    let(:account) {
+      FactoryGirl.create  :account,
+                          auth_token: auth_token,
+                          auth_token_expires_at: auth_token_expires_at
+    }
+
+    let(:auth_token) { 'abc123def456' }
+    let(:auth_token_expires_at) { 1.day.from_now }
+
+    describe '#ensure_auth_token' do
+      subject { account.auth_token }
+      before { account.ensure_auth_token }
+
+      context 'when the token is nil' do
+        let(:auth_token) { nil }
+        it { should_not be_nil }
+      end
+
+      context 'when the token is not nil' do
+        let(:auth_token) { 'deadbeef' }
+        it { should eq('deadbeef') }
+      end
+    end
+
+    describe '#reset_auth_token' do
+      let(:call_the_method) { account.reset_auth_token }
+      it_behaves_like 'an auth token resetter'
+
+      describe 'its persistence' do
+        subject { account }
+        after { call_the_method }
+        it { should_not receive(:save) }
+      end
+    end
+
+    describe '#reset_auth_token!' do
+      let(:call_the_method) { account.reset_auth_token! }
+      it_behaves_like 'an auth token resetter'
+
+      describe 'its persistence' do
+        subject { account }
+        after { call_the_method }
+        it { should receive(:save) }
+      end
+    end
+
+    describe '#token_expired?' do
+      subject { account.token_expired? }
+
+      context 'when the token expiration is in the future' do
+        let(:auth_token_expires_at) { 1.minute.from_now }
+        it { should be_falsey }
+      end
+
+      context 'when the token expiration is in the past' do
+        let(:auth_token_expires_at) { 1.minute.ago }
+        it { should be_truthy }
+      end
+    end
+
+    describe '#password=' do
+      let!(:current_password) { account.password.to_s }
+      subject { account.password.to_s }
+
+      describe 'before the call' do
+        it { should == (current_password) }
+      end
+
+      describe 'after the call' do
+        before { account.password = 'fudge_knuckles_45' }
+        it { should_not eq(current_password) }
+      end
+    end
+  end
+
+  describe 'the class methods' do
+    let(:email) { 'foobar@baz.com' }
+    let(:token) { 'deadbeef' }
+    let(:password) { 'admin4lolz' }
+    let(:auth_token_expires_at) { 1.day.from_now }
+
+    let!(:account) {
+      FactoryGirl.create  :account,
+                          email: email,
+                          auth_token: token,
+                          password: password,
+                          auth_token_expires_at: auth_token_expires_at
+    }
+
+    describe '.authenticate_securely' do
+      let(:email_param) { email }
+      let(:token_param) { token }
+      let(:block) { ->(resource) {} }
+
+      subject { Account.authenticate_securely(email_param, token_param, &block) }
+
+      context 'when email is nil' do
+        let(:email_param) { nil }
+        it { should be_falsey }
+      end
+
+      context 'when token is nil' do
+        let(:token_param) { nil }
+        it { should be_falsey }
+      end
+
+      context 'when email and token are provided' do
+
+        context 'email case-sensitivity' do
+          describe 'when an uppercased email address is provided' do
+            let(:email_param) { email.upcase }
+
+            it 'should yield the matched account' do
+              expect { |b| Account.authenticate_securely(email_param, token_param, &b) }.to yield_with_args(account)
+            end
+          end
+
+          describe 'when a downcased email address is provided' do
+            let(:email_param) { email.downcase }
+
+            it 'should yield the matched account' do
+              expect { |b| Account.authenticate_securely(email_param, token_param, &b) }.to yield_with_args(account)
+            end
+          end
+        end
+
+        context 'when the resource is located' do
+
+          context 'when the auth_token is expired' do
+            let(:auth_token_expires_at) { 1.week.ago }
+
+            it 'should reset the account auth_token' do
+              allow(Account).to receive(:find_by_email_case_insensitive) { account }
+              expect(account).to receive(:reset_auth_token!)
+              subject
+            end
+
+            it { should be_falsey }
+          end
+
+          context 'when the auth_token is current' do
+
+            context 'when the auth_token matches' do
+              it 'should yield the matched account' do
+                expect { |b| Account.authenticate_securely(email_param, token_param, &b) }.to yield_with_args(account)
+              end
+            end
+
+            context 'when the auth_token does not match' do
+              it { should be_falsey }
+            end
+          end
+        end
+
+        context 'when the resource is not located' do
+          it { should be_falsey }
+        end
+
+      end
+    end
+
+    describe '.find_and_authenticate' do
+      let(:email_param) { email }
+      let(:password_param) { password }
+
+      subject { Account.find_and_authenticate(email_param, password_param) }
+
+
+      context 'when the resource is located' do
+
+        context 'when the password matches' do
+          it { should eq(account) }
+        end
+
+        context 'when the password does not match' do
+          let(:password_param) { "#{password}_bad" }
+          it { should be_falsey }
+        end
+      end
+
+      context 'when the resource is not located' do
+        let(:email_param) { "#{email}_evil" }
+        it { should be_falsey }
+      end
+    end
+  end
+end