quo_vadis 1.4.2 → 2.0.0

data/test/integration/cookie_test.rb

@@ -1,67 +0,0 @@
-require 'test_helper'
-
-class CookieTest < ActiveSupport::IntegrationCase
-
-  test 'authenticated user is remembered between browser sessions' do
-    user_factory 'Bob', 'bob', 'secret'
-    sign_in_as 'bob', 'secret'
-    close_browser
-    visit root_path
-    within '#topnav' do
-      assert page.has_content?('You are signed in as Bob.')
-    end
-    assert page.has_no_css?('div.flash')
-  end
-
-  test "signing in updates the remember-me cookie's expiry time" do
-    user_factory 'Bob', 'bob', 'secret'
-    sign_in_as 'bob', 'secret'
-    cookie_a = get_cookie('remember_me')
-    assert_equal 2.weeks.from_now.httpdate, cookie_a.expires.httpdate
-    close_browser
-    sleep 1  # cookie expiry times are accurate to 1 second.
-
-    sign_in_as 'bob', 'secret'
-    cookie_b = get_cookie('remember_me')
-    assert cookie_b.expires > cookie_a.expires
-    assert_equal cookie_a.value, cookie_b.value
-  end
-
-  test 'signing out prevents the user being remembered in the next browser session' do
-    user_factory 'Bob', 'bob', 'secret'
-    sign_in_as 'bob', 'secret'
-    visit sign_out_path
-    close_browser
-    visit new_article_path
-    assert_equal sign_in_path, current_path
-  end
-
-  test "changing user's password prevents user being remembered in the next browser session" do
-    user_factory 'Bob', 'bob', 'secret'
-    sign_in_as 'bob', 'secret'
-    cookie = get_cookie('remember_me')
-    User.last.update_attributes! :password => 'topsecret'
-    close_browser
-    visit new_article_path
-    assert_equal sign_in_path, current_path
-  end
-
-  test 'length of time user is remembered can be configured' do
-    QuoVadis.remember_for = 1.second
-    user_factory 'Bob', 'bob', 'secret'
-    sign_in_as 'bob', 'secret'
-    close_browser
-    sleep 2
-    visit new_article_path
-    assert_equal sign_in_path, current_path
-  end
-
-  test 'remembering user between sessions can be turned off' do
-    QuoVadis.remember_for = nil
-    user_factory 'Bob', 'bob', 'secret'
-    sign_in_as 'bob', 'secret'
-    close_browser
-    visit new_article_path
-    assert_equal sign_in_path, current_path
-  end
-end

data/test/integration/csrf_test.rb

@@ -1,41 +0,0 @@
-require 'test_helper'
-
-class CsrfTest < ActionController::IntegrationTest
-  setup do
-    reset_quo_vadis_configuration
-  end
-
-  test 'cookies are destroyed on unverified requests' do
-    user_factory 'Bob', 'bob', 'secret'
-    # sign in
-    post sign_in_path, :username => 'bob', :password => 'secret'
-    get new_article_path
-    assert_equal new_article_path, path
-
-    # mimic closing browser
-    session.clear
-
-    # assert remember me cookie is still set
-    assert !cookies['remember_me'].blank?
-
-    # go to new article page, to start new session, and create article
-    get_via_redirect new_article_path
-    assert_equal new_article_path, path
-    assert_difference 'Article.count' do
-      post articles_path, :article => {:title => 'My article'}, :authenticity_token => session[:_csrf_token]
-    end
-
-    # assert remember me cookie is still set
-    assert !cookies['remember_me'].blank?
-
-    # make unverified request
-    assert_no_difference 'Article.count' do
-      post articles_path, :article => {:title => 'My article'}, :authenticity_token => 'INVALID'
-    end
-
-    # assert we are signed out, both at session level and cookie level.
-    assert cookies['remember_me'].blank?
-    get_via_redirect new_article_path
-    assert_equal sign_in_path, path
-  end
-end

data/test/integration/forgotten_test.rb

@@ -1,93 +0,0 @@
-require 'test_helper'
-
-class ForgottenTest < ActiveSupport::IntegrationCase
-
-  teardown do
-    Capybara.reset_sessions!
-  end
-
-  test 'user fills in forgotten-password form with blank username' do
-    u = user_factory 'Bob', 'bob', 'secret'
-    u.update_attribute :username, ''
-    submit_forgotten_details ''
-    assert_equal forgotten_sign_in_path, current_path
-    within '.flash.alert' do
-      assert page.has_content?("Sorry, we did not recognise you.")
-    end
-  end
-
-  test 'user fills in forgotten-password form with invalid username' do
-    submit_forgotten_details 'bob'
-    assert_equal forgotten_sign_in_path, current_path
-    within '.flash.alert' do
-      assert page.has_content?("Sorry, we did not recognise you.")
-    end
-  end
-
-  test 'user without email requests password-change email' do
-    user_factory 'Bob', 'bob', 'secret'
-    submit_forgotten_details 'bob'
-    assert_equal forgotten_sign_in_path, current_path
-    within '.flash.alert' do
-      assert page.has_content?("Sorry, we don't have an email address for you.")
-    end
-  end
-
-  test 'user can request password-change email' do
-    user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-    submit_forgotten_details 'bob'
-
-    assert_equal root_path, current_path
-    within '.flash.notice' do
-      assert page.has_content?("We've emailed you a link where you can change your password.")
-    end
-    assert !ActionMailer::Base.deliveries.empty?
-    email = ActionMailer::Base.deliveries.last
-    assert_equal ['bob@example.com'],     email.to
-    assert_equal ['noreply@example.com'], email.from
-    assert_equal 'Change your password',  email.subject
-    # Why doesn't this use the default url option set up in test/test_helper.rb#9?
-    assert_match Regexp.new(Regexp.escape(change_password_url User.last.token, :host => 'www.example.com')), email.encoded
-  end
-
-  test 'user can follow emailed link while valid to change password' do
-    user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-    submit_forgotten_details 'bob'
-
-    link_in_email = ActionMailer::Base.deliveries.last.encoded[%r{http://.*}].strip
-    visit link_in_email
-    fill_in :password, :with => 'topsecret'
-    click_button 'Change my password'
-    assert_equal root_path, current_path
-    within '.flash.notice' do
-      assert page.has_content?("You have successfully changed your password and you're now signed in.")
-    end
-    assert_nil User.last.token
-    assert_nil User.last.token_created_at
-  end
-
-  test 'user cannot change password to an invalid one' do
-    user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-    submit_forgotten_details 'bob'
-
-    link_in_email = ActionMailer::Base.deliveries.last.encoded[%r{http://.*}].strip
-    visit link_in_email
-    fill_in :password, :with => ''
-    click_button 'Change my password'
-    assert_equal change_password_path(User.last.token), current_path
-  end
-
-  test 'user cannot change password once emailed link is invalid' do
-    user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-    submit_forgotten_details 'bob'
-    User.last.update_attributes :token_created_at => 1.day.ago
-
-    link_in_email = ActionMailer::Base.deliveries.last.encoded[%r{http://.*}].strip
-    visit link_in_email
-    assert_equal forgotten_sign_in_path, current_path
-    within '.flash.alert' do
-      assert page.has_content?("Sorry, this link isn't valid anymore.")
-    end
-  end
-
-end

data/test/integration/helper_test.rb

@@ -1,18 +0,0 @@
-require 'test_helper'
-
-class HelperTest < ActiveSupport::IntegrationCase
-
-  teardown do
-    Capybara.reset_sessions!
-  end
-
-  test 'Current user helper' do
-    user_factory 'Bob', 'bob', 'secret'
-    sign_in_as 'bob', 'secret'
-
-    within '#topnav' do
-      assert page.has_content?('You are signed in as Bob.')
-    end
-  end
-
-end

data/test/integration/locale_test.rb

@@ -1,197 +0,0 @@
-require 'test_helper'
-
-class LocaleTest < ActiveSupport::IntegrationCase
-
-  teardown do
-    Capybara.reset_sessions!
-  end
-
-  test 'sign_in.before flash' do
-    visit new_article_path
-    within '.flash' do
-      assert page.has_content?('Please sign in first.')
-    end
-  end
-
-  test 'sign_in.after flash' do
-    user_factory 'Bob', 'bob', 'secret'
-    sign_in_as 'bob', 'secret'
-    within '.flash' do
-      assert page.has_content?('You have successfully signed in.')
-    end
-  end
-
-  test 'sign_in.failed flash' do
-    sign_in_as 'bob', 'secret'
-    within '.flash' do
-      assert page.has_content?('Sorry, we did not recognise you.')
-    end
-  end
-
-  test 'sign_out flash' do
-    visit sign_out_path
-    within '.flash' do
-      assert page.has_content?('You have successfully signed out.')
-    end
-  end
-
-  test 'sign_in.before flash is optional' do
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:sign_in => {:before => ''}}}}
-      visit new_article_path
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-  test 'sign_in.after flash is optional' do
-    user_factory 'Bob', 'bob', 'secret'
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:sign_in => {:after => ''}}}}
-      sign_in_as 'bob', 'secret'
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-  test 'sign_in.failed flash is optional' do
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:sign_in => {:failed => ''}}}}
-      sign_in_as 'bob', 'secret'
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-  test 'sign_in.blocked flash' do
-    QuoVadis.blocked = true
-    user_factory 'Bob', 'bob', 'secret'
-    sign_in_as 'bob', 'secret'
-    within '.flash' do
-      assert page.has_content?('Sorry, your account is blocked.')
-    end
-  end
-
-  test 'sign_in.blocked flash is optional' do
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:sign_in => {:blocked => ''}}}}
-      QuoVadis.blocked = true
-      user_factory 'Bob', 'bob', 'secret'
-      sign_in_as 'bob', 'secret'
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-  test 'sign_out flash is optional' do
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:sign_out => ''}}}
-      visit sign_out_path
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-  test 'forgotten.unknown flash' do
-    submit_forgotten_details 'bob'
-    within '.flash.alert' do
-      assert page.has_content?('Sorry, we did not recognise you.')
-    end
-  end
-
-  test 'forgotten.unknown flash is optional' do
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:forgotten => {:unknown => ''}}}}
-      submit_forgotten_details 'bob'
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-  test 'forgotten.no_email flash' do
-    user_factory 'Bob', 'bob', 'secret'
-    submit_forgotten_details 'bob'
-    within '.flash.alert' do
-      assert page.has_content?("Sorry, we don't have an email address for you.")
-    end
-  end
-
-  test 'forgotten.no_email flash is optional' do
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:forgotten => {:no_email => ''}}}}
-      user_factory 'Bob', 'bob', 'secret'
-      submit_forgotten_details 'bob'
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-  test 'forgotten.sent_email flash' do
-    user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-    submit_forgotten_details 'bob'
-    within '.flash.notice' do
-      assert page.has_content?("We've emailed you a link where you can change your password.")
-    end
-  end
-
-  test 'forgotten.sent_email flash is optional' do
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:forgotten => {:sent_email => ''}}}}
-      user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-      submit_forgotten_details 'bob'
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-  test 'forgotten.invalid_token flash' do
-    visit change_password_path('123')
-    within '.flash.alert' do
-      assert page.has_content?("Sorry, this link isn't valid anymore.")
-    end
-  end
-
-  test 'forgotten.invalid_token flash is optional' do
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:forgotten => {:invalid_token => ''}}}}
-      visit change_password_path('123')
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-  test 'forgotten.password_changed flash' do
-    user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-    User.last.generate_token!
-    visit change_password_path(User.last.token)
-    fill_in :password, :with => 'topsecret'
-    click_button 'Change my password'
-    within '.flash.notice' do
-      assert page.has_content?("You have successfully changed your password and you're now signed in.")
-    end
-  end
-
-  test 'forgotten.password_changed flash is optional' do
-    begin
-      I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:forgotten => {:password_changed => ''}}}}
-      user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-      User.last.generate_token!
-      visit change_password_path(User.last.token)
-      fill_in :password, :with => 'topsecret'
-      click_button 'Change my password'
-      assert page.has_no_css?('div.flash')
-    ensure
-      I18n.reload!
-    end
-  end
-
-end

data/test/integration/navigation_test.rb

@@ -1,7 +0,0 @@
-require 'test_helper'
-
-class NavigationTest < ActiveSupport::IntegrationCase
-  test 'Sanity test' do
-    assert_kind_of Dummy::Application, Rails.application
-  end
-end

data/test/integration/sign_in_person_test.rb

@@ -1,26 +0,0 @@
-require 'test_helper'
-
-class SignInPersonTest < ActiveSupport::IntegrationCase
-
-  # NOTE: it would be great if I could figure out how to re-initialise the method's
-  # mixed into the controller with the new model.
-  test 'successful sign in for a non-user model' do
-    puts <<-END
-    NOTE: this test (#{__FILE__}) has to be run individually like this:
-
-    1. Change lib/quo_vadis.rb's @@model to 'Person'.
-    2. Uncomment the test code.
-    3. bundle exec ruby -Ilib:test #{__FILE__}
-
-    END
-
-    # person_factory 'James', 'jim', 'secret'
-    # sign_in_as 'jim', 'secret'
-
-    # assert_equal root_path, current_path
-    # within '.flash.notice' do
-    #   assert page.has_content?('You have successfully signed in.')
-    # end
-  end
-
-end