restful-authentication 1.2.1

data/lib/generators/authenticated/templates/features/step_definitions/ra_env.rb

@@ -0,0 +1,9 @@
+
+Before do
+  Fixtures.reset_cache
+  fixtures_folder = File.join(RAILS_ROOT, 'spec', 'fixtures')
+  Fixtures.create_fixtures(fixtures_folder, "users")
+end
+
+# Make visible for testing
+ApplicationController.send(:public, :logged_in?, :current_user, :authorized?)

data/lib/generators/authenticated/templates/features/step_definitions/ra_navigation_steps.rb

@@ -0,0 +1,48 @@
+#
+# Where to go
+#
+
+#
+# GET
+# Go to a given page.
+When "$actor goes to $path" do |actor, path|
+  case path
+  when 'the home page' then get '/'
+  else                      get path
+  end
+end
+
+# POST -- Ex:
+#   When she creates a book with ISBN: '0967539854' and comment: 'I love this book' and rating: '4'
+#   When she creates a singular session with login: 'reggie' and password: 'i_haxxor_joo'
+# Since I'm not smart enough to do it right, explicitly specify singular resources
+When /^(\w+) creates an? ([\w ]+) with ([\w: \',]+)$/ do |actor, resource, attributes|
+  attributes = attributes.to_hash_from_story
+  if resource =~ %r{singular ([\w/]+)}
+    resource = $1.downcase.singularize
+    post "/#{resource}", attributes
+  else
+    post "/#{resource.downcase.pluralize}", { resource.downcase.singularize => attributes }
+  end
+end
+
+# PUT
+When %r{$actor asks to update '$resource' with $attributes} do |_, resource, attributes|
+  attributes = attributes.to_hash_from_story
+  put "#{resource}", attributes
+  dump_response
+end
+
+# DELETE -- Slap together the POST-form-as-fake-HTTP-DELETE submission
+When %r{$actor asks to delete '$resource'} do |_, resource|
+  post "/#{resource.downcase.pluralize}", { :_method => :delete }
+  dump_response
+end
+
+
+# Redirect --
+#   Rather than coding in get/get_via_redirect's and past/p_v_r's,
+#   let's just demand that in the story itself.
+When "$actor follows that redirect!" do |actor|
+  follow_redirect!
+end

data/lib/generators/authenticated/templates/features/step_definitions/ra_resource_steps.rb

@@ -0,0 +1,178 @@
+# The flexible code for resource testing came out of code from Ben Mabey
+# http://www.benmabey.com/2008/02/04/rspec-plain-text-stories-webrat-chunky-bacon/
+
+#
+# Construct resources
+#
+
+#
+# Build a resource as described, store it as an @instance variable. Ex:
+#   "Given a user with login: 'mojojojo'"
+# produces a User instance stored in @user with 'mojojojo' as its login
+# attribute.
+#
+Given "a $resource instance with $attributes" do |resource, attributes|
+  klass, instance, attributes = parse_resource_args resource, attributes
+  instance = klass.new(attributes)
+  instance.save!
+  find_resource(resource, attributes).should_not be_nil
+  keep_instance! resource, instance
+end
+
+#
+# Stuff attributes into a preexisting @resource
+#   "And the user has thac0: 3"
+# takes the earlier-defined @user instance and sets its thac0 to '3'.
+#
+Given "the $resource has $attributes" do |resource, attributes|
+  klass, instance, attributes = parse_resource_args resource, attributes
+  attributes.each do |attr, val|
+    instance.send("#{attr}=", val)
+  end
+  instance.save!
+  find_resource(resource, attributes).should_not be_nil
+  keep_instance! resource, instance
+end
+
+#
+# Destroy all for this resource
+#
+Given "no $resource with $attr: '$val' exists" do |resource, attr, val|
+  klass, instance = parse_resource_args resource
+  klass.destroy_all(attr.to_sym => val)
+  instance = find_resource resource, attr.to_sym => val
+  instance.should be_nil
+  keep_instance! resource, instance
+end
+
+#
+# Then's for resources
+#
+
+# Resource like this DOES exist
+Then /^a (\w+) with ([\w: \']+) should exist$/ do |resource, attributes|
+  instance = find_resource resource, attributes
+  instance.should_not be_nil
+  keep_instance! resource, instance
+end
+# Resource like this DOES NOT exist
+Then /^no (\w+) with ([\w: \']+) should exist$/ do |resource, attributes|
+  instance = find_resource resource, attributes
+  instance.should be_nil
+end
+
+# Resource has attributes with given values
+Then  "the $resource should have $attributes" do |resource, attributes|
+  klass, instance, attributes = parse_resource_args resource, attributes
+  attributes.each do |attr, val|
+    instance.send(attr).should == val
+  end
+end
+
+# Resource attributes should / should not be nil
+Then  "the $resource's $attr should be nil" do |resource, attr|
+  klass, instance = parse_resource_args resource
+  instance.send(attr).should be_nil
+end
+Then  "the $resource's $attr should not be nil" do |resource, attr|
+  klass, instance = parse_resource_args resource
+  instance.send(attr).should_not be_nil
+end
+
+#
+# Bank each of the @resource's listed attributes for later.
+#
+Given "we try hard to remember the $resource's $attributes" do |resource, attributes|
+  attributes = attributes.to_array_from_story
+  attributes.each do |attr|
+    memorize_resource_value resource, attr
+  end
+end
+#
+# Bank each of the @resource's listed attributes for later.
+#
+Given "we don't remember anything about the past" do
+  memorize_forget_all!
+end
+
+#
+# Compare @resource.attr to its earlier-memorized value.
+# Specify ' using method_name' (abs, to_s, &c) to coerce before comparing.
+# For important and mysterious reasons, timestamps want to_i or to_s.
+#
+Then /^the (\w+)\'s (\w+) should stay the same under (\w+)$/ do |resource, attr, func|
+  klass, instance = parse_resource_args resource
+  # Get the values
+  old_value = recall_resource_value(resource, attr)
+  new_value = instance.send(attr)
+  # Transform each value, maybe, using value.func
+  if func then new_value = new_value.send(func); old_value = old_value.send(func) end
+  # Compare
+  old_value.should eql(new_value)
+end
+
+#
+# Look for each for the given attributes in the page's text
+#
+Then "page should have the $resource's $attributes" do |resource, attributes|
+  actual_resource = instantize(resource)
+  attributes.split(/, and |, /).each do |attribute|
+    response.should have_text(/#{actual_resource.send(attribute.strip.gsub(" ","_"))}/)
+  end
+end
+
+#
+# Turn a resource name and a to_hash_from_story string like
+#   "attr: 'value', attr2: 'value2', ... , and attrN: 'valueN'"
+# into
+#   * klass      -- the class matching that Resource
+#   * instance   -- the possibly-preexisting local instance value @resource
+#   * attributes -- a hash matching the given attribute-list string
+#
+def parse_resource_args resource, attributes=nil
+  instance   = instantize resource
+  klass      = resource.classify.constantize
+  attributes = attributes.to_hash_from_story if attributes
+  [klass, instance, attributes]
+end
+
+#
+# Given a class name 'resource' and a hash of conditsion, find a model
+#
+def find_resource resource, conditions
+  klass, instance = parse_resource_args resource
+  conditions = conditions.to_hash_from_story unless (conditions.is_a? Hash)
+  klass.find(:first, :conditions => conditions)
+end
+
+#
+# Simple, brittle, useful: store the given resource's attribute
+# so we can compare it later.
+#
+def memorize_resource_value resource, attr
+  klass, instance = parse_resource_args resource
+  value = instance.send(attr)
+  @_memorized ||= {}
+  @_memorized[resource] ||= {}
+  @_memorized[resource][attr] = value
+  value
+end
+def recall_resource_value resource, attr
+  @_memorized[resource][attr]
+end
+def memorize_forget_all!
+  @_memorized = {}
+end
+
+#
+# Keep the object around in a local instance variable @resource.
+#
+# So, for instance,
+#   klass, instance = parse_resource_args 'user'
+#   instance = klass.new({login => 'me', password => 'monkey', ...})
+#   keep_instance! resource, instance
+# keeps the just-constructed User model in the @user instance variable.
+#
+def keep_instance! resource, object
+  instance_variable_set("@#{resource}", object)
+end

data/lib/generators/authenticated/templates/features/step_definitions/ra_response_steps.rb

@@ -0,0 +1,169 @@
+#
+# What you should see when you get there
+#
+
+#
+# Destinations.  Ex:
+#   She should be at the new kids page
+#   Tarkin should be at the destroy alderaan page
+#   The visitor should be at the '/lolcats/download' form
+#   The visitor should be redirected to '/hi/mom'
+#
+# It doesn't know anything about actual routes -- it just
+# feeds its output to render_template or redirect_to
+#
+Then "$actor should be at $path" do |_, path|
+  response.should render_template(grok_path(path))
+end
+
+Then "$actor should be redirected to $path" do |_, path|
+  response.should redirect_to(grok_path(path))
+end
+
+Then "the page should look AWESOME" do
+  response.should have_tag('head>title')
+  response.should have_tag('h1')
+  # response.should be_valid_xhtml
+end
+
+#
+# Tags
+#
+
+Then "the page should contain '$text'" do |_, text|
+  response.should have_text(/#{text}/)
+end
+
+# please note: this enforces the use of a <label> field
+Then "$actor should see a <$container> containing a $attributes" do |_, container, attributes|
+  attributes = attributes.to_hash_from_story
+  response.should have_tag(container) do
+    attributes.each do |tag, label|
+      case tag
+      when "textfield" then with_tag "input[type='text']";     with_tag("label", label)
+      when "password"  then with_tag "input[type='password']"; with_tag("label", label)
+      when "submit"    then with_tag "input[type='submit'][value='#{label}']"
+      else with_tag tag, label
+      end
+    end
+  end
+end
+
+#
+# Session, cookie variables
+#
+Then "$actor $token cookie should include $attrlist" do |_, token, attrlist|
+  attrlist = attrlist.to_array_from_story
+  cookies.include?(token).should be_true
+  attrlist.each do |val|
+    cookies[token].include?(val).should be_true
+  end
+end
+
+Then "$actor $token cookie should exist but not include $attrlist" do |_, token, attrlist|
+  attrlist = attrlist.to_array_from_story
+  cookies.include?(token).should be_true
+  puts [cookies, attrlist, token].to_yaml
+  attrlist.each do |val|
+    cookies[token].include?(val).should_not be_true
+  end
+end
+
+Then "$actor should have $an $token cookie" do |_, _, token|
+  cookies[token].should_not be_blank
+end
+Then "$actor should not have $an $token cookie" do |_, _, token|
+  cookies[token].should be_blank
+end
+
+Given "$actor has $an cookie jar with $attributes" do |_, _, attributes|
+  attributes = attributes.to_hash_from_story
+  attributes.each do |attr, val|
+    cookies[attr] = val
+  end
+end
+Given "$actor session store has no $attrlist" do |_, attrlist|
+  attrlist = attrlist.to_array_from_story
+  attrlist.each do |attr|
+    # Note that the comparison passes through 'to_s'
+    session[attr.to_sym] = nil
+  end
+end
+
+Then "$actor session store should have $attributes" do |_, attributes|
+  attributes = attributes.to_hash_from_story
+  attributes.each do |attr, val|
+    # Note that the comparison passes through 'to_s'
+    session[attr.to_sym].to_s.should eql(val)
+  end
+end
+
+Then "$actor session store should not have $attrlist" do |_, attrlist|
+  attrlist = attrlist.to_array_from_story
+  attrlist.each do |attr|
+    session[attr.to_sym].blank?.should be_true
+  end
+end
+
+#
+# Flash messages
+#
+
+Then /^she should +see an? (\w+) message '([\w !\']+)'$/ do |notice, message|
+  response.should have_flash(notice, %r{#{message}})
+end
+
+Then "$actor should not see $an $notice message '$message'" do |_, _, notice, message|
+  response.should_not have_flash(notice, %r{#{message}})
+end
+
+Then "$actor should see no messages" do |_|
+  ['error', 'warning', 'notice'].each do |notice|
+    response.should_not have_flash(notice)
+  end
+end
+
+RE_POLITENESS = /(?:please|sorry|thank(?:s| you))/i
+Then %r{we should be polite about it} do
+  response.should have_tag("div.error,div.notice", RE_POLITENESS)
+end
+Then %r{we should not even be polite about it} do
+  response.should_not have_tag("div.error,div.notice", RE_POLITENESS)
+end
+
+#
+# Resource's attributes
+#
+# "Then page should have the $resource's $attributes" is in resource_steps
+
+# helpful debug step
+Then "we dump the response" do
+  dump_response
+end
+
+
+def have_flash notice, *args
+  have_tag("div.#{notice}", *args)
+end
+
+RE_PRETTY_RESOURCE = /the (index|show|new|create|edit|update|destroy) (\w+) (page|form)/i
+RE_THE_FOO_PAGE    = /the '?([^']*)'? (page|form)/i
+RE_QUOTED_PATH     = /^'([^']*)'$/i
+def grok_path path
+  path.gsub(/\s+again$/,'') # strip trailing ' again'
+  case
+  when path == 'the home page'    then dest = '/'
+  when path =~ RE_PRETTY_RESOURCE then dest = template_for $1, $2
+  when path =~ RE_THE_FOO_PAGE    then dest = $1
+  when path =~ RE_QUOTED_PATH     then dest = $1
+  else                                 dest = path
+  end
+  dest
+end
+
+# turns 'new', 'road bikes' into 'road_bikes/new'
+# note that it's "action resource"
+def template_for(action, resource)
+  "#{resource.gsub(" ","_")}/#{action}"
+end
+

data/lib/generators/authenticated/templates/features/step_definitions/rest_auth_features_helper.rb

@@ -0,0 +1,81 @@
+# If you have a global stories helper, move this line there:
+include AuthenticatedTestHelper
+
+# Most of the below came out of code from Ben Mabey
+# http://www.benmabey.com/2008/02/04/rspec-plain-text-stories-webrat-chunky-bacon/
+
+# These allow exceptions to come through as opposed to being caught and having non-helpful responses returned.
+ActionController::Base.class_eval do
+  def perform_action
+    perform_action_without_rescue
+  end
+end
+Dispatcher.class_eval do
+  def self.failsafe_response(output, status, exception = nil)
+    raise exception
+  end
+end
+
+#
+# Sugar for turning a story's attribute list into list, array, etc.
+#
+module ToFooFromStory
+  def ToFooFromStory.fix_key key
+    key.downcase.gsub(/\s+/, '_')
+  end
+  def ToFooFromStory.fix_value value
+    return '' if !value
+    value.strip!
+    case
+    when value =~ /^'(.*)'$/    then value = $1
+    when value =~ /^"(.*)"$/    then value = $1
+    when value == 'nil!'        then value = nil
+    when value == 'non-nil!'    then value = be_nil
+    when value =~ /^#\{(.*)\}$/ then value = eval($1)
+    end
+    value
+  end
+  # Converts a key: value list found in the steps into a hash.
+  # Example:
+  #   ISBN: '0967539854' and comment: 'I love this book' and Quality rating: '4'
+  #   # => {"quality_rating"=>"4", "isbn"=>"0967539854", "comment"=>"I love this book"}
+  def to_hash_from_story
+    hsh = self.split(/,? and |, /).inject({}) do |hash_so_far, key_value|
+      key, value = key_value.split(":")
+      if !value then warn "Couldn't understand story '#{self}': only understood up to the part '#{hash_so_far.to_yaml}'" end
+      hash_so_far.merge(ToFooFromStory::fix_key(key) => ToFooFromStory::fix_value(value))
+    end
+  end
+  # Coverts an attribute list found in the steps into an array
+  # Example:
+  #   login, email, updated_at, and gravatar
+  #   # => ['login', 'email', 'updated_at', 'gravatar']
+  def to_array_from_story
+    self.split(/,? and |, /).map do |value|
+      ToFooFromStory::fix_value(value)
+    end
+  end
+end
+class String
+  include ToFooFromStory
+end
+
+def instantize(string)
+  instance_variable_get("@#{string}")
+end
+
+#
+# Spew response onto screen -- painful but scrolling >> debugger
+#
+def dump_response
+  # note that @request and @template won't to_yaml and that @session includes @cgi
+  response_methods = response.instance_variables         - ['@request', '@template', '@cgi']
+  request_methods  = response.request.instance_variables - ['@session_options_with_string_keys', '@cgi', '@session']
+  response_methods.map!{|attr| attr.gsub(/^@/,'')}.sort!
+  request_methods.map!{ |attr| attr.gsub(/^@/,'')}.sort!
+  puts '', '*' * 75,
+    response.instance_values.slice(*response_methods).to_yaml,
+    "*" * 75, '',
+    response.request.instance_values.slice(*request_methods).to_yaml,
+    "*" * 75, ''
+end