refinerycms-authentication 1.0.11 → 2.0.0

data/spec/factories/user.rb

@@ -0,0 +1,38 @@
+# This is a temporary hack to get around some hackery with Devise when
+# using the authentication macros in request specs that are defined in
+# refinerycms-testing. If you remove this line ensure that tests pass
+# in an extension that is testing against this Factory via the
+# authentication macros in refinerycms-testing.
+# 10-11-2011 - Jamie Winsor - jamie@enmasse.com
+require Refinery.roots(:'refinery/authentication').join("app/models/refinery/role.rb")
+
+FactoryGirl.define do
+  factory :user, :class => Refinery::User do
+    sequence(:username) { |n| "refinery#{n}" }
+    sequence(:email) { |n| "refinery#{n}@refinerycms.com" }
+    password  "refinerycms"
+    password_confirmation "refinerycms"
+  end
+
+  factory :refinery_user, :parent => :user do
+    roles { [ ::Refinery::Role[:refinery] ] }
+
+    after_create do |user|
+      ::Refinery::Plugins.registered.each_with_index do |plugin, index|
+        user.plugins.create(:name => plugin.name, :position => index)
+      end
+    end
+  end
+
+  factory :refinery_superuser, :parent => :refinery_user do
+    roles { [ ::Refinery::Role[:refinery], ::Refinery::Role[:superuser] ]}
+  end
+
+  factory :refinery_translator, :parent => :user do
+    roles { [ ::Refinery::Role[:refinery], ::Refinery::Role[:translator] ] }
+
+    after_create do |user|
+      user.plugins.create(:name => 'refinery_pages', :position => 0)
+    end
+  end
+end

data/spec/models/refinery/user_spec.rb

@@ -0,0 +1,220 @@
+require 'spec_helper'
+
+module Refinery
+  describe User do
+
+    let(:user) { FactoryGirl.create(:user) }
+    let(:refinery_user) { FactoryGirl.create(:refinery_user) }
+
+    context "Roles" do
+      context "add_role" do
+        it "raises Exception when Role object is passed" do
+          proc {user.add_role(Refinery::Role.new)}.should raise_exception
+        end
+
+        it "adds a Role to the User when role not yet assigned to User" do
+          proc {
+            user.add_role(:new_role)
+          }.should change(user.roles, :count).by(1)
+          user.roles.collect(&:title).should include("NewRole")
+        end
+
+        it "does not add a Role to the User when this Role is already assigned to User" do
+          proc {
+            refinery_user.add_role(:refinery)
+          }.should_not change(refinery_user.roles, :count).by(1)
+          refinery_user.roles.collect(&:title).should include("Refinery")
+        end
+      end
+
+      context "has_role" do
+        it "raises Exception when Role object is passed" do
+          proc{ user.has_role?(Refinery::Role.new)}.should raise_exception
+        end
+
+        it "returns the true if user has Role" do
+          refinery_user.has_role?(:refinery).should be_true
+        end
+
+        it "returns false if user hasn't the Role" do
+          refinery_user.has_role?(:refinery_fail).should be_false
+        end
+      end
+
+      describe "role association" do
+        it "have a roles attribute" do
+          user.should respond_to(:roles)
+        end
+      end
+    end
+
+    context "validations" do
+      # email and password validations are done by including devises validatable
+      # module so those validations are not tested here
+      let(:attr) do
+        {
+          :username => "Refinery CMS",
+          :email => "refinery@cms.com",
+          :password => "123456",
+          :password_confirmation => "123456"
+        }
+      end
+
+      it "requires username" do
+        User.new(attr.merge(:username => "")).should_not be_valid
+      end
+
+      it "rejects duplicate usernames" do
+        User.create!(attr)
+        User.new(attr.merge(:email => "another@email.com")).should_not be_valid
+      end
+    end
+
+    describe ".find_for_database_authentication" do
+      it "finds user either by username or email" do
+        User.find_for_database_authentication(:login => user.username).should == user
+        User.find_for_database_authentication(:login => user.email).should == user
+      end
+    end
+
+    describe "#can_delete?" do
+      let(:user_not_persisted) { FactoryGirl.build(:refinery_user) }
+      let(:super_user) do
+        super_user = FactoryGirl.create(:refinery_user)
+        super_user.add_role(:superuser)
+        super_user
+      end
+
+      context "won't allow to delete" do
+        it "not persisted user record" do
+          refinery_user.can_delete?(user_not_persisted).should be_false
+        end
+
+        it "user with superuser role" do
+          refinery_user.can_delete?(super_user).should be_false
+        end
+
+        it "if user count with refinery role < 1" do
+          ::Refinery::Role[:refinery].users.delete([ refinery_user, super_user ])
+          super_user.can_delete?(refinery_user).should be_false
+        end
+
+        it "user himself" do
+          refinery_user.can_delete?(refinery_user).should be_false
+        end
+      end
+
+      context "allow to delete" do
+        it "if user count with refinery role = 1" do
+          ::Refinery::Role[:refinery].users.delete(refinery_user)
+          super_user.can_delete?(refinery_user).should be_true
+        end
+
+        it "if all conditions return true" do
+          super_user.can_delete?(refinery_user).should be_true
+        end
+      end
+    end
+
+    describe "#can_edit?" do
+      let(:user_not_persisted) { FactoryGirl.build(:refinery_user) }
+      let(:super_user) do
+        super_user = FactoryGirl.create(:refinery_user)
+        super_user.add_role(:superuser)
+        super_user
+      end
+      let(:user_persisted) { FactoryGirl.create(:refinery_user)}
+
+      context "won't allow to edit" do
+        it "non-persisted user record" do
+          refinery_user.can_edit?(user_not_persisted).should be_false
+        end
+
+        it "user is not a super user" do
+          refinery_user.can_edit?(user_persisted).should be_false
+        end
+      end
+
+      context "allows to edit" do
+        it "when I am a user super" do
+          super_user.can_edit?(user_persisted).should be_true
+        end
+
+        it "if all conditions return true" do
+          super_user.can_edit?(refinery_user).should be_true
+        end
+      end
+    end
+
+    describe "#plugins=" do
+      it "assigns plugins to user" do
+        plugin_list = ["refinery_one", "refinery_two", "refinery_three"]
+        user.plugins = plugin_list
+        user.plugins.collect { |p| p.name }.should == plugin_list
+      end
+    end
+
+    describe "#authorized_plugins" do
+      it "returns array of user and always allowd plugins" do
+        ["refinery_one", "refinery_two", "refinery_three"].each_with_index do |name, index|
+          user.plugins.create!(:name => name, :position => index)
+        end
+        user.authorized_plugins.should == user.plugins.collect { |p| p.name } | ::Refinery::Plugins.always_allowed.names
+      end
+    end
+
+    describe "plugins association" do
+      let(:plugin_list) { ["refinery_one", "refinery_two", "refinery_three"] }
+      before { user.plugins = plugin_list }
+
+      it "have a plugins attribute" do
+        user.should respond_to(:plugins)
+      end
+
+      it "returns plugins in ASC order" do
+        user.plugins[0].name.should == plugin_list[0]
+        user.plugins[1].name.should == plugin_list[1]
+        user.plugins[2].name.should == plugin_list[2]
+      end
+
+      it "deletes associated plugins" do
+        user.destroy
+        UserPlugin.find_by_user_id(user.id).should be_nil
+      end
+    end
+
+    describe "#create_first" do
+      let(:first_user) do
+        first = FactoryGirl.build(:user)
+        first.create_first
+        first
+      end
+
+      it "adds refinery role" do
+        first_user.roles.collect(&:title).should include("Refinery")
+      end
+
+      it "adds superuser role" do
+        first_user.roles.collect(&:title).should include("Superuser")
+      end
+
+      it "adds registered plugins" do
+        first_user.plugins.collect(&:name).should eq(
+          ["refinery_users", "refinery_dashboard", "refinery_images",
+           "refinery_files", "refinery_pages"]
+        )
+      end
+
+      it "returns true on success" do
+        first_user.stub(:valid?).and_return(true)
+        first_user.create_first.should == true
+      end
+
+      it "returns false on failure" do
+        first_user.stub(:valid?).and_return(false)
+        first_user.create_first.should == false
+      end
+    end
+
+  end
+end

data/spec/requests/refinery/admin/users_spec.rb

@@ -0,0 +1,49 @@
+require "spec_helper"
+
+describe "manage users" do
+  login_refinery_user
+
+  describe "new/create" do
+    it "allows to create user" do
+      visit refinery.admin_users_path
+      click_link "Add new user"
+
+      fill_in "Username", :with => "test"
+      fill_in "Email", :with => "test@refinerycms.com"
+      fill_in "Password", :with => "123456"
+      fill_in "Password confirmation", :with => "123456"
+      click_button "Save"
+
+      page.should have_content("test was successfully added.")
+      page.should have_content("test (test@refinerycms.com)")
+    end
+  end
+
+  describe "edit/update" do
+    it "allows to update user" do
+      visit refinery.admin_users_path
+      click_link "Edit this user"
+
+      fill_in "Username", :with => "cmsrefinery"
+      fill_in "Email", :with => "cms@refinerycms.com"
+      click_button "Save"
+
+      page.should have_content("cmsrefinery was successfully updated.")
+      page.should have_content("cmsrefinery (cms@refinerycms.com)")
+    end
+  end
+
+  describe "destroy" do
+    let!(:user) { FactoryGirl.create(:user, :username => "ugisozols") }
+
+    it "allows to destroy only regular user" do
+      visit refinery.admin_users_path
+      page.should have_selector("a[href='/refinery/users/#{user.username}']")
+      page.should have_no_selector("a[href='/refinery/users/refinerycms']")
+
+      click_link "Remove this user"
+      page.should have_content("'#{user.username}' was successfully removed.")
+      page.should have_content("refinerycms (refinerycms@refinerycms.com)")
+    end
+  end
+end

data/spec/requests/refinery/passwords_spec.rb

@@ -0,0 +1,84 @@
+require "spec_helper"
+
+module Refinery
+  module Users
+    describe "password recovery" do
+      let!(:user) { FactoryGirl.create(:refinery_user, :email => "refinery@refinerycms.com") }
+
+      it "asks user to specify email address" do
+        visit refinery.new_refinery_user_session_path
+        click_link "I forgot my password"
+        page.should have_content("Please enter the email address for your account.")
+      end
+
+      context "when existing email specified" do
+        it "shows success message" do
+          visit refinery.new_refinery_user_password_path
+          fill_in "refinery_user_email", :with => user.email
+          click_button "Reset password"
+          page.should have_content("An email has been sent to you with a link to reset your password.")
+        end
+      end
+
+      context "when non-existing email specified" do
+        it "shows failure message" do
+          visit refinery.new_refinery_user_password_path
+          fill_in "refinery_user_email", :with => "none@refinerycms.com"
+          click_button "Reset password"
+          page.should have_content("Sorry, 'none@refinerycms.com' isn't associated with any accounts.")
+          page.should have_content("Are you sure you typed the correct email address?")
+        end
+      end
+
+      context "when good reset code" do
+        before do
+          user.reset_password_sent_at = 5.minutes.ago
+          user.reset_password_token = "refinerycms"
+          user.save
+        end
+
+        it "allows to change password" do
+          visit refinery.edit_refinery_user_password_path(:reset_password_token => user.reset_password_token)
+          page.should have_content("Pick a new password for #{user.email}")
+
+          fill_in "refinery_user_password", :with => "123456"
+          fill_in "refinery_user_password_confirmation", :with => "123456"
+          click_button "Reset password"
+
+          page.should have_content("Password reset successfully for '#{user.email}'")
+        end
+      end
+
+      context "when invalid reset code" do
+        before do
+          user.reset_password_sent_at = 5.minutes.ago
+          user.reset_password_token = "refinerycms"
+          user.save
+        end
+
+        it "shows error message" do
+          visit refinery.edit_refinery_user_password_path(:reset_password_token => "hmmm")
+          page.should have_content("We're sorry, but this reset code has expired or is invalid.")
+        end
+      end
+
+      context "when expired reset code" do
+        before do
+          user.reset_password_sent_at = 1.day.ago
+          user.reset_password_token = "refinerycms"
+          user.save
+        end
+
+        it "shows error message" do
+          visit refinery.edit_refinery_user_password_path(:reset_password_token => "refinerycms")
+
+          fill_in "refinery_user_password", :with => "123456"
+          fill_in "refinery_user_password_confirmation", :with => "123456"
+          click_button "Reset password"
+
+          page.should have_content("Reset password token has expired, please request a new one")
+        end
+      end
+    end
+  end
+end

data/spec/requests/refinery/sessions_spec.rb

@@ -0,0 +1,62 @@
+require "spec_helper"
+
+module Refinery
+  describe "sign in" do
+    before(:each) do
+      FactoryGirl.create(:refinery_user, :username => "ugisozols",
+                              :password => "123456",
+                              :password_confirmation => "123456")
+      visit refinery.new_refinery_user_session_path
+    end
+
+    it "shows login form" do
+      page.should have_content("Hello! Please sign in.")
+      page.should have_content("I forgot my password")
+      page.should have_selector("a[href*='/refinery/users/password/new']")
+    end
+
+    context "when supplied data is valid" do
+      it "logs in user" do
+        fill_in "Login", :with => "ugisozols"
+        fill_in "Password", :with => "123456"
+        click_button "Sign in"
+        page.should have_content("Signed in successfully.")
+      end
+    end
+
+    context "when supplied data is not valid" do
+      it "shows flash error" do
+        fill_in "Login", :with => "Hmmm"
+        fill_in "Password", :with => "Hmmm"
+        click_button "Sign in"
+        page.should have_content("Sorry, your login or password was incorrect.")
+      end
+    end
+  end
+
+  describe 'user sign up' do
+    before(:each) do
+      User.delete_all
+    end
+
+    describe 'when there are no users' do
+      it 'allows user creation' do
+        # Verify that we can access the sign up page.
+        visit refinery.root_path
+        page.should have_content("There are no users yet, so we'll set you up first")
+
+        # Fill in user details.
+        fill_in 'Username', :with => 'rspec'
+        fill_in 'Email', :with => 'rspec@example.com'
+        fill_in 'Password', :with => 'spectacular'
+        fill_in 'Password confirmation', :with => 'spectacular'
+
+        # Sign up and verify!
+        click_button "Sign up"
+        page.should have_content("Welcome to Refinery, rspec.")
+        page.should have_content("Latest Activity")
+        User.count.should == 1
+      end
+    end
+  end
+end