solidus_auth_devise 1.0.0

data/spec/features/change_email_spec.rb

@@ -0,0 +1,24 @@
+RSpec.feature 'Change email', type: :feature do
+
+  background do
+    user = create(:user)
+    visit spree.root_path
+    click_link 'Login'
+
+    fill_in 'spree_user[email]', with: user.email
+    fill_in 'spree_user[password]', with: 'secret'
+    click_button 'Login'
+
+    visit spree.edit_account_path
+  end
+
+  scenario 'work with correct password' do
+    fill_in 'user_email', with: 'tests@example.com'
+    fill_in 'user_password', with: 'password'
+    fill_in 'user_password_confirmation', with: 'password'
+    click_button 'Update'
+
+    expect(page).to have_text 'Account updated'
+    expect(page).to have_text 'tests@example.com'
+  end
+end

data/spec/features/checkout_spec.rb

@@ -0,0 +1,165 @@
+RSpec.feature 'Checkout', :js, type: :feature do
+  given!(:store) { create(:store) }
+  given!(:country) { create(:country, name: 'United States', states_required: true) }
+  given!(:state)   { create(:state, name: 'Maryland', country: country) }
+  given!(:shipping_method) do
+    shipping_method = create(:shipping_method)
+    calculator = Spree::Calculator::Shipping::PerItem.create!(calculable: shipping_method, preferred_amount: 10)
+    shipping_method.calculator = calculator
+    shipping_method.tap(&:save)
+  end
+
+  given!(:zone)    { create(:zone) }
+  given!(:address) { create(:address, state: state, country: country) }
+
+  background do
+    @product = create(:product, name: 'RoR Mug')
+    @product.master.stock_items.first.update_column(:count_on_hand, 1)
+
+    # Bypass gateway error on checkout | ..or stub a gateway
+    Spree::Config[:allow_checkout_on_gateway_error] = true
+
+    visit spree.root_path
+  end
+
+  context 'without payment being required' do
+    background do
+      # So that we don't have to setup payment methods just for the sake of it
+      allow_any_instance_of(Spree::Order).to receive(:has_available_payment).and_return(true)
+      allow_any_instance_of(Spree::Order).to receive(:payment_required?).and_return(false)
+    end
+
+    scenario 'allow a visitor to checkout as guest, without registration' do
+      Spree::Auth::Config.set(registration_step: true)
+      click_link 'RoR Mug'
+      click_button 'Add To Cart'
+      within('h1') { expect(page).to have_text 'Shopping Cart' }
+      click_button 'Checkout'
+
+      expect(page).to have_content(/Checkout as a Guest/i)
+
+      within('#guest_checkout') { fill_in 'Email', with: 'spree@test.com' }
+      click_button 'Continue'
+
+      expect(page).to have_text(/Billing Address/i)
+      expect(page).to have_text(/Shipping Address/i)
+
+      str_addr = 'bill_address'
+      select 'United States', from: "order_#{str_addr}_attributes_country_id"
+      %w(firstname lastname address1 city zipcode phone).each do |field|
+        fill_in "order_#{str_addr}_attributes_#{field}", with: "#{address.send(field)}"
+      end
+      select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
+      check 'order_use_billing'
+
+      click_button 'Save and Continue'
+      click_button 'Save and Continue'
+      click_button 'Place Order'
+
+      expect(page).to have_text 'Your order has been processed successfully'
+    end
+
+    scenario 'associate an uncompleted guest order with user after logging in' do
+      user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
+      click_link 'RoR Mug'
+      click_button 'Add To Cart'
+
+      visit spree.login_path
+      fill_in 'Email', with: user.email
+      fill_in 'Password', with: user.password
+      click_button 'Login'
+      click_link 'Cart'
+
+      expect(page).to have_text 'RoR Mug'
+      within('h1') { expect(page).to have_text 'Shopping Cart' }
+
+      click_button 'Checkout'
+
+      str_addr = 'bill_address'
+      select 'United States', from: "order_#{str_addr}_attributes_country_id"
+      %w(firstname lastname address1 city zipcode phone).each do |field|
+        fill_in "order_#{str_addr}_attributes_#{field}", with: "#{address.send(field)}"
+      end
+      select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
+      check 'order_use_billing'
+
+      click_button 'Save and Continue'
+      click_button 'Save and Continue'
+      click_button 'Place Order'
+
+      expect(page).to have_text 'Your order has been processed successfully'
+      expect(Spree::Order.first.user).to eq user
+    end
+
+    # Regression test for #890
+    scenario 'associate an incomplete guest order with user after successful password reset' do
+      create(:store)
+      user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
+      click_link 'RoR Mug'
+      click_button 'Add To Cart'
+
+      visit spree.login_path
+      click_link 'Forgot Password?'
+      fill_in 'spree_user_email', with: 'email@person.com'
+      click_button 'Reset my password'
+
+      # Need to do this now because the token stored in the DB is the encrypted version
+      # The 'plain-text' version is sent in the email and there's one way to get that!
+      reset_password_email = ActionMailer::Base.deliveries.first
+      token_url_regex = /^http:\/\/www.example.com\/user\/spree_user\/password\/edit\?reset_password_token=(.*)$/
+      token = token_url_regex.match(reset_password_email.body.to_s)[1]
+
+      visit spree.edit_spree_user_password_path(reset_password_token: token)
+      fill_in 'Password', with: 'password'
+      fill_in 'Password Confirmation', with: 'password'
+      click_button 'Update'
+
+      click_link 'Cart'
+      click_button 'Checkout'
+
+      str_addr = 'bill_address'
+      select 'United States', from: "order_#{str_addr}_attributes_country_id"
+      %w(firstname lastname address1 city zipcode phone).each do |field|
+        fill_in "order_#{str_addr}_attributes_#{field}", with: "#{address.send(field)}"
+      end
+      select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
+      check 'order_use_billing'
+
+      click_button 'Save and Continue'
+
+      expect(page).not_to have_text 'Email is invalid'
+    end
+
+    scenario 'allow a user to register during checkout' do
+      click_link 'RoR Mug'
+      click_button 'Add To Cart'
+      click_button 'Checkout'
+
+      expect(page).to have_text 'Registration'
+
+      click_link 'Create a new account'
+
+      fill_in 'Email', with: 'email@person.com'
+      fill_in 'Password', with: 'spree123'
+      fill_in 'Password Confirmation', with: 'spree123'
+      click_button 'Create'
+
+      expect(page).to have_text 'You have signed up successfully.'
+
+      str_addr = 'bill_address'
+      select 'United States', from: "order_#{str_addr}_attributes_country_id"
+      %w(firstname lastname address1 city zipcode phone).each do |field|
+        fill_in "order_#{str_addr}_attributes_#{field}", with: "#{address.send(field)}"
+      end
+      select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
+      check 'order_use_billing'
+
+      click_button 'Save and Continue'
+      click_button 'Save and Continue'
+      click_button 'Place Order'
+
+      expect(page).to have_text 'Your order has been processed successfully'
+      expect(Spree::Order.first.user).to eq Spree::User.find_by_email('email@person.com')
+    end
+  end
+end

data/spec/features/confirmation_spec.rb

@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+feature 'Confirmation' do
+  before do
+    set_confirmable_option(true)
+    Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
+  end
+
+  after(:each) { set_confirmable_option(false) }
+
+  let!(:store) { create(:store) }
+
+  background do
+    ActionMailer::Base.default_url_options[:host] = 'http://example.com'
+  end
+
+  scenario 'create a new user' do
+    visit spree.signup_path
+
+    fill_in 'Email', with: 'email@person.com'
+    fill_in 'Password', with: 'password'
+    fill_in 'Password Confirmation', with: 'password'
+    click_button 'Create'
+
+    expect(page).to have_text 'You have signed up successfully.'
+    expect(Spree::User.last.confirmed?).to be(false)
+  end
+end

data/spec/features/order_spec.rb

@@ -0,0 +1,62 @@
+RSpec.feature 'Orders', :js, type: :feature do
+
+  scenario 'allow a user to view their cart at any time' do
+    visit spree.cart_path
+    expect(page).to have_text 'Your cart is empty'
+  end
+
+  # regression test for spree/spree#1687
+  scenario 'merge incomplete orders from different sessions' do
+    skip %{
+      TODO: has been broken for ~2 months as of:
+      https://github.com/spree/spree_auth_devise/commit/3157b47b22c559817d34ec34024587d8aa6136dc
+      I dont think we can decode these sessions anymore since Rails 4 switched to encrypted cookies I believe devise stores session encrypted.
+    }
+    create(:product, name: 'RoR Mug')
+    create(:product, name: 'RoR Shirt')
+
+    user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
+
+    using_session('first') do
+      visit spree.root_path
+
+      click_link 'RoR Mug'
+      click_button 'Add To Cart'
+
+      visit spree.login_path
+      fill_in 'Email', with: user.email
+      fill_in 'Password', with: user.password
+      click_button 'Login'
+
+      click_link 'Cart'
+      expect(page).to have_text 'RoR Mug'
+    end
+
+    using_session('second') do
+      visit spree.root_path
+
+      click_link 'RoR Shirt'
+      click_button 'Add To Cart'
+
+      visit spree.login_path
+      fill_in 'Email', with: user.email
+      fill_in 'Password', with: user.password
+      click_button 'Login'
+
+      # Order should have been merged with first session
+      click_link 'Cart'
+      expect(page).to have_text 'RoR Mug'
+      expect(page).to have_text 'RoR Shirt'
+    end
+
+    using_session('first') do
+      visit spree.root_path
+
+      click_link 'Cart'
+
+      # Order should have been merged with second session
+      expect(page).to have_text 'RoR Mug'
+      expect(page).to have_text 'RoR Shirt'
+    end
+  end
+end

data/spec/features/password_reset_spec.rb

@@ -0,0 +1,24 @@
+RSpec.feature 'Reset Password', type: :feature do
+
+  let!(:store) { create(:store) }
+
+  background do
+    ActionMailer::Base.default_url_options[:host] = 'http://example.com'
+  end
+
+  scenario 'allow a user to supply an email for the password reset' do
+    user = create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret')
+    visit spree.login_path
+    click_link 'Forgot Password?'
+    fill_in 'Email', with: 'foobar@example.com'
+    click_button 'Reset my password'
+    expect(page).to have_text 'You will receive an email with instructions'
+  end
+
+  scenario 'shows errors if no email is supplied' do
+    visit spree.login_path
+    click_link 'Forgot Password?'
+    click_button 'Reset my password'
+    expect(page).to have_text "Email can't be blank"
+  end
+end

data/spec/features/sign_in_spec.rb

@@ -0,0 +1,52 @@
+RSpec.feature 'Sign In', type: :feature do
+
+  background do
+    @user = create(:user, email: 'email@person.com', password: 'secret', password_confirmation: 'secret')
+    visit spree.login_path
+  end
+
+  scenario 'ask user to sign in' do
+    visit spree.admin_path
+    expect(page).not_to have_text 'Authorization Failure'
+  end
+
+  scenario 'let a user sign in successfully' do
+    fill_in 'Email', with: @user.email
+    fill_in 'Password', with: @user.password
+    click_button 'Login'
+
+    expect(page).to have_text 'Logged in successfully'
+    expect(page).not_to have_text 'Login'
+    expect(page).to have_text 'Logout'
+    expect(current_path).to eq '/'
+  end
+
+  scenario 'show validation erros' do
+    fill_in 'Email', with: @user.email
+    fill_in 'Password', with: 'wrong_password'
+    click_button 'Login'
+
+    expect(page).to have_text 'Invalid email or password'
+    expect(page).to have_text 'Login'
+  end
+
+  scenario 'allow a user to access a restricted page after logging in' do
+    user = create(:admin_user, email: 'admin@person.com', password: 'password', password_confirmation: 'password')
+    visit spree.admin_path
+
+    fill_in 'Email', with: user.email
+    fill_in 'Password', with: user.password
+    click_button 'Login'
+
+    expect(page).to have_text 'Logged in as: admin@person.com'
+    expect(current_path).to eq '/admin/orders'
+  end
+
+  it "should store the user previous location" do
+    visit spree.account_path
+    fill_in "Email", with: @user.email
+    fill_in "Password", with: @user.password
+    click_button "Login"
+    expect(current_path).to eq "/account"
+  end
+end

data/spec/features/sign_out_spec.rb

@@ -0,0 +1,25 @@
+RSpec.feature 'Sign Out', type: :feature do
+
+  given!(:user) do
+   create(:user,
+          email: 'email@person.com',
+          password: 'secret',
+          password_confirmation: 'secret')
+  end
+
+  background do
+    visit spree.login_path
+    fill_in 'Email', with: user.email
+    fill_in 'Password', with: user.password
+    # Regression test for #1257
+    check 'Remember me'
+    click_button 'Login'
+  end
+
+  scenario 'allow a signed in user to logout' do
+    click_link 'Logout'
+    visit spree.root_path
+    expect(page).to have_text 'Login'
+    expect(page).not_to have_text 'Logout'
+  end
+end

data/spec/features/sign_up_spec.rb

@@ -0,0 +1,30 @@
+RSpec.feature 'Sign Up', type: :feature do
+
+  context 'with valid data' do
+    scenario 'create a new user' do
+      visit spree.signup_path
+
+      fill_in 'Email', with: 'email@person.com'
+      fill_in 'Password', with: 'password'
+      fill_in 'Password Confirmation', with: 'password'
+      click_button 'Create'
+
+      expect(page).to have_text 'You have signed up successfully.'
+      expect(Spree::User.count).to eq(1)
+    end
+  end
+
+  context 'with invalid data' do
+    scenario 'does not create a new user' do
+      visit spree.signup_path
+
+      fill_in 'Email', with: 'email@person.com'
+      fill_in 'Password', with: 'password'
+      fill_in 'Password Confirmation', with: ''
+      click_button 'Create'
+
+      expect(page).to have_css '#errorExplanation'
+      expect(Spree::User.count).to eq(0)
+    end
+  end
+end

data/spec/mailers/user_mailer_spec.rb

@@ -0,0 +1,46 @@
+RSpec.describe Spree::UserMailer, type: :mailer do
+
+  let!(:store) { create(:store) }
+  let(:user) { create(:user) }
+
+  before do
+    user = create(:user)
+    Spree::UserMailer.reset_password_instructions(user, 'token goes here').deliver
+    @message = ActionMailer::Base.deliveries.last
+  end
+
+  describe '#reset_password_instructions' do
+    describe 'message contents' do
+      before do
+        described_class.reset_password_instructions(user, 'token goes here').deliver
+        @message = ActionMailer::Base.deliveries.last
+      end
+
+      context 'subject includes' do
+        it 'translated devise instructions' do
+          expect(@message.subject).to include(
+            I18n.t(:subject, scope: [:devise, :mailer, :reset_password_instructions])
+          )
+        end
+
+        it 'Spree site name' do
+          expect(@message.subject).to include store.name
+        end
+      end
+
+      context 'body includes' do
+        it 'password reset url' do
+          expect(@message.body.raw_source).to include "http://#{store.url}/user/spree_user/password/edit"
+        end
+      end
+    end
+
+    describe 'legacy support for User object' do
+      it 'sends an email' do
+        expect {
+          described_class.reset_password_instructions(user, 'token goes here').deliver
+        }.to change(ActionMailer::Base.deliveries, :size).by(1)
+      end
+    end
+  end
+end