solidus_auth_devise 2.2.0 → 2.3.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of solidus_auth_devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.rubocop.yml +326 -0
- data/CHANGELOG.md +250 -163
- data/Gemfile +4 -5
- data/README.md +22 -5
- data/Rakefile +2 -0
- data/app/mailers/spree/user_mailer.rb +4 -2
- data/app/models/spree/auth_configuration.rb +2 -0
- data/app/models/spree/user.rb +19 -19
- data/config/initializers/devise.rb +11 -3
- data/config/initializers/warden.rb +4 -2
- data/config/locales/en.yml +3 -1
- data/config/routes.rb +5 -11
- data/db/default/users.rb +10 -8
- data/db/migrate/20101026184949_create_users.rb +9 -7
- data/db/migrate/20101026184950_rename_columns_for_devise.rb +3 -0
- data/db/migrate/20101214150824_convert_user_remember_field.rb +2 -0
- data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb +2 -0
- data/db/migrate/20120605211305_make_users_email_index_unique.rb +4 -2
- data/db/migrate/20140904000425_add_deleted_at_to_users.rb +2 -0
- data/db/migrate/20141002154641_add_confirmable_to_users.rb +2 -0
- data/db/migrate/20190125170630_add_reset_password_token_index_to_spree_users.rb +4 -2
- data/db/seeds.rb +2 -0
- data/lib/controllers/backend/spree/admin/base_controller_decorator.rb +20 -0
- data/lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb +11 -8
- data/lib/controllers/backend/spree/admin/user_passwords_controller.rb +4 -2
- data/lib/controllers/backend/spree/admin/user_sessions_controller.rb +11 -8
- data/lib/controllers/frontend/spree/checkout_controller_decorator.rb +29 -19
- data/lib/controllers/frontend/spree/user_confirmations_controller.rb +2 -0
- data/lib/controllers/frontend/spree/user_passwords_controller.rb +4 -1
- data/lib/controllers/frontend/spree/user_registrations_controller.rb +4 -0
- data/lib/controllers/frontend/spree/user_sessions_controller.rb +2 -0
- data/lib/controllers/frontend/spree/users_controller.rb +17 -14
- data/lib/generators/solidus/auth/install/install_generator.rb +4 -2
- data/lib/generators/solidus/auth/install/templates/config/initializers/devise.rb +2 -0
- data/lib/solidus/auth.rb +2 -0
- data/lib/solidus_auth_devise.rb +2 -0
- data/lib/spree/auth/devise.rb +3 -1
- data/lib/spree/auth/engine.rb +3 -1
- data/lib/spree/auth/version.rb +1 -1
- data/lib/spree/authentication_helpers.rb +5 -11
- data/lib/tasks/auth.rake +3 -1
- data/lib/views/backend/spree/admin/shared/_navigation_footer.html.erb +1 -1
- data/lib/views/backend/spree/admin/user_passwords/new.html.erb +1 -3
- data/lib/views/backend/spree/admin/user_sessions/new.html.erb +1 -1
- data/lib/views/frontend/spree/shared/_login_bar_items.html.erb +1 -1
- data/lib/views/frontend/spree/user_passwords/new.html.erb +1 -3
- data/solidus_auth_devise.gemspec +16 -6
- data/spec/controllers/spree/admin/user_passwords_controller_spec.rb +2 -0
- data/spec/controllers/spree/checkout_controller_spec.rb +5 -9
- data/spec/controllers/spree/products_controller_spec.rb +2 -1
- data/spec/controllers/spree/user_passwords_controller_spec.rb +4 -3
- data/spec/controllers/spree/user_registrations_controller_spec.rb +3 -2
- data/spec/controllers/spree/user_sessions_controller_spec.rb +14 -0
- data/spec/controllers/spree/users_controller_spec.rb +2 -2
- data/spec/factories/confirmed_user.rb +5 -3
- data/spec/features/account_spec.rb +4 -3
- data/spec/features/admin/orders_spec.rb +2 -1
- data/spec/features/admin/password_reset_spec.rb +23 -10
- data/spec/features/admin/products_spec.rb +2 -1
- data/spec/features/admin/sign_in_spec.rb +2 -1
- data/spec/features/admin/sign_out_spec.rb +2 -1
- data/spec/features/admin_permissions_spec.rb +2 -1
- data/spec/features/change_email_spec.rb +3 -2
- data/spec/features/checkout_spec.rb +15 -13
- data/spec/features/confirmation_spec.rb +2 -0
- data/spec/features/order_spec.rb +2 -1
- data/spec/features/password_reset_spec.rb +23 -10
- data/spec/features/sign_in_spec.rb +2 -1
- data/spec/features/sign_out_spec.rb +4 -3
- data/spec/features/sign_up_spec.rb +2 -1
- data/spec/mailers/user_mailer_spec.rb +2 -1
- data/spec/models/order_spec.rb +2 -1
- data/spec/models/user_spec.rb +2 -1
- data/spec/spec_helper.rb +3 -1
- data/spec/support/ability.rb +3 -1
- data/spec/support/authentication_helpers.rb +2 -0
- data/spec/support/confirm_helpers.rb +4 -2
- data/spec/support/email.rb +2 -0
- data/spec/support/preferences.rb +10 -2
- data/spec/support/spree.rb +2 -0
- metadata +94 -35
- data/.travis.yml +0 -18
- data/lib/controllers/backend/spree/admin/admin_controller_decorator.rb +0 -11
data/lib/spree/auth/devise.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'spree/core'
|
2
4
|
require 'devise'
|
3
5
|
require 'devise-encryptable'
|
@@ -5,7 +7,7 @@ require 'cancan'
|
|
5
7
|
|
6
8
|
module Spree
|
7
9
|
module Auth
|
8
|
-
def self.config
|
10
|
+
def self.config
|
9
11
|
yield(Spree::Auth::Config)
|
10
12
|
end
|
11
13
|
end
|
data/lib/spree/auth/engine.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'devise'
|
2
4
|
require 'devise-encryptable'
|
3
5
|
|
@@ -7,7 +9,7 @@ module Spree
|
|
7
9
|
isolate_namespace Spree
|
8
10
|
engine_name 'solidus_auth'
|
9
11
|
|
10
|
-
initializer "spree.auth.environment", before: :load_config_initializers do |
|
12
|
+
initializer "spree.auth.environment", before: :load_config_initializers do |_app|
|
11
13
|
Spree::Auth::Config = Spree::AuthConfiguration.new
|
12
14
|
end
|
13
15
|
|
data/lib/spree/auth/version.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Spree
|
2
4
|
module AuthenticationHelpers
|
3
5
|
def self.included(receiver)
|
@@ -17,17 +19,9 @@ module Spree
|
|
17
19
|
end
|
18
20
|
|
19
21
|
if SolidusSupport.frontend_available?
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
def spree_signup_path
|
25
|
-
spree.signup_path
|
26
|
-
end
|
27
|
-
|
28
|
-
def spree_logout_path
|
29
|
-
spree.logout_path
|
30
|
-
end
|
22
|
+
delegate :login_path, :signup_path, :logout_path,
|
23
|
+
to: :spree,
|
24
|
+
prefix: :spree
|
31
25
|
end
|
32
26
|
end
|
33
27
|
end
|
data/lib/tasks/auth.rake
CHANGED
@@ -1,7 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
namespace :spree_auth do
|
2
4
|
namespace :admin do
|
3
5
|
desc "Create admin username and password"
|
4
|
-
task :
|
6
|
+
task create: :environment do
|
5
7
|
require File.join(File.dirname(__FILE__), '..', '..', 'db', 'default', 'users.rb')
|
6
8
|
puts "Done!"
|
7
9
|
end
|
@@ -1,5 +1,3 @@
|
|
1
|
-
<%= render partial: 'spree/shared/error_messages', locals: { target: @spree_user } %>
|
2
|
-
|
3
1
|
<div id="forgot-password">
|
4
2
|
<h6><%= I18n.t('spree.forgot_password') %></h6>
|
5
3
|
|
@@ -8,7 +6,7 @@
|
|
8
6
|
<%= form_for Spree::User.new, as: :spree_user, url: spree.admin_reset_password_path do |f| %>
|
9
7
|
<p>
|
10
8
|
<%= f.label :email, I18n.t('spree.email') %><br />
|
11
|
-
<%= f.email_field :email %>
|
9
|
+
<%= f.email_field :email, required: true %>
|
12
10
|
</p>
|
13
11
|
<p>
|
14
12
|
<%= f.submit I18n.t('spree.reset_password'), class: 'button primary' %>
|
@@ -22,7 +22,7 @@
|
|
22
22
|
<%= f.label :remember_me, I18n.t('spree.remember_me') %>
|
23
23
|
</p>
|
24
24
|
|
25
|
-
<p><%= f.submit I18n.t('spree.login'), class: '
|
25
|
+
<p><%= f.submit I18n.t('spree.login'), class: 'btn btn-primary', tabindex: 4 %></p>
|
26
26
|
<% end %>
|
27
27
|
<%= I18n.t('spree.or') %>
|
28
28
|
<%= link_to I18n.t('spree.forgot_password'), spree.admin_recover_password_path %>
|
@@ -1,6 +1,6 @@
|
|
1
1
|
<% if spree_current_user %>
|
2
2
|
<li><%= link_to I18n.t('spree.my_account'), spree.account_path %></li>
|
3
|
-
<li><%= link_to I18n.t('spree.logout'), spree.logout_path %></li>
|
3
|
+
<li><%= link_to I18n.t('spree.logout'), spree.logout_path, method: Devise.sign_out_via %></li>
|
4
4
|
<% else %>
|
5
5
|
<li id="link-to-login"><%= link_to I18n.t('spree.login'), spree.login_path %></li>
|
6
6
|
<% end %>
|
@@ -1,5 +1,3 @@
|
|
1
|
-
<%= render partial: 'spree/shared/error_messages', locals: { target: @spree_user } %>
|
2
|
-
|
3
1
|
<div id="forgot-password">
|
4
2
|
<h6><%= I18n.t('spree.forgot_password') %></h6>
|
5
3
|
|
@@ -8,7 +6,7 @@
|
|
8
6
|
<%= form_for Spree::User.new, as: :spree_user, url: spree.reset_password_path do |f| %>
|
9
7
|
<p>
|
10
8
|
<%= f.label :email, I18n.t('spree.email') %><br />
|
11
|
-
<%= f.email_field :email %>
|
9
|
+
<%= f.email_field :email, required: true %>
|
12
10
|
</p>
|
13
11
|
<p>
|
14
12
|
<%= f.submit I18n.t('spree.reset_password'), class: 'button primary' %>
|
data/solidus_auth_devise.gemspec
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
#
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
3
|
$:.unshift File.expand_path('lib', __dir__)
|
4
4
|
require 'spree/auth/version'
|
@@ -13,8 +13,8 @@ Gem::Specification.new do |s|
|
|
13
13
|
s.author = 'Solidus Team'
|
14
14
|
s.email = 'contact@solidus.io'
|
15
15
|
|
16
|
-
s.required_ruby_version = ">= 2.
|
17
|
-
s.license
|
16
|
+
s.required_ruby_version = ">= 2.3"
|
17
|
+
s.license = 'BSD-3'
|
18
18
|
|
19
19
|
s.files = `git ls-files`.split("\n")
|
20
20
|
s.test_files = `git ls-files -- spec/*`.split("\n")
|
@@ -23,10 +23,16 @@ Gem::Specification.new do |s|
|
|
23
23
|
|
24
24
|
solidus_version = [">= 1.2.0", "< 3"]
|
25
25
|
|
26
|
-
s.
|
27
|
-
|
26
|
+
s.post_install_message = "
|
27
|
+
NOTE: Rails 6 has removed secret_token in favor of secret_key_base, which was deprecated in
|
28
|
+
Rails 5.2. solidus_auth_devise will keep using secret_token, when present, as the pepper. If
|
29
|
+
secret_token is undefined or not available, secret_key_base will be used instead.
|
30
|
+
".strip.gsub(/ +/, ' ')
|
31
|
+
|
28
32
|
s.add_dependency "devise", '~> 4.1'
|
29
33
|
s.add_dependency "devise-encryptable", "0.2.0"
|
34
|
+
s.add_dependency "solidus_core", solidus_version
|
35
|
+
s.add_dependency "solidus_support", ">= 0.1.3"
|
30
36
|
|
31
37
|
s.add_development_dependency "capybara", "~> 2.14"
|
32
38
|
s.add_development_dependency "capybara-screenshot"
|
@@ -34,9 +40,13 @@ Gem::Specification.new do |s|
|
|
34
40
|
s.add_development_dependency "database_cleaner", "~> 1.6"
|
35
41
|
s.add_development_dependency "ffaker"
|
36
42
|
s.add_development_dependency "gem-release", "~> 2.0"
|
37
|
-
s.add_development_dependency "
|
43
|
+
s.add_development_dependency "github_changelog_generator", "~> 1.14"
|
38
44
|
s.add_development_dependency "rspec-rails", "~> 3.3"
|
45
|
+
s.add_development_dependency "rubocop", "~> 0.71"
|
46
|
+
s.add_development_dependency "rubocop-performance", "~> 1.4"
|
47
|
+
s.add_development_dependency "rubocop-rails", "~> 2.2"
|
39
48
|
s.add_development_dependency "sass-rails"
|
49
|
+
s.add_development_dependency "selenium-webdriver", "~> 3.142"
|
40
50
|
s.add_development_dependency "shoulda-matchers", "~> 3.1"
|
41
51
|
s.add_development_dependency "simplecov", "~> 0.14"
|
42
52
|
s.add_development_dependency "solidus_backend", solidus_version
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.describe Spree::CheckoutController, type: :controller do
|
3
4
|
let(:order) { create(:order_with_line_items, email: nil, user: nil, guest_token: token) }
|
4
5
|
let(:user) { build(:user, spree_api_key: 'fake') }
|
5
6
|
let(:token) { 'some_token' }
|
@@ -39,11 +40,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
39
40
|
|
40
41
|
context 'when guest checkout not allowed' do
|
41
42
|
before do
|
42
|
-
|
43
|
-
end
|
44
|
-
|
45
|
-
after do
|
46
|
-
Spree::Config.set(allow_guest_checkout: true)
|
43
|
+
stub_spree_preferences(allow_guest_checkout: false)
|
47
44
|
end
|
48
45
|
|
49
46
|
it 'redirects to registration step' do
|
@@ -56,7 +53,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
56
53
|
|
57
54
|
context 'when registration step disabled' do
|
58
55
|
before do
|
59
|
-
Spree::Auth::Config
|
56
|
+
stub_spree_preferences(Spree::Auth::Config, registration_step: false)
|
60
57
|
end
|
61
58
|
|
62
59
|
context 'when authenticated as registered' do
|
@@ -80,8 +77,7 @@ RSpec.describe Spree::CheckoutController, type: :controller do
|
|
80
77
|
context '#update' do
|
81
78
|
context 'when in the confirm state' do
|
82
79
|
before do
|
83
|
-
order.
|
84
|
-
order.update_column(:state, 'confirm')
|
80
|
+
order.update(email: 'spree@example.com', state: 'confirm')
|
85
81
|
|
86
82
|
# So that the order can transition to complete successfully
|
87
83
|
allow(order).to receive(:payment_required?) { false }
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.describe Spree::ProductsController, type: :controller do
|
3
4
|
let!(:product) { create(:product, available_on: 1.year.from_now) }
|
4
5
|
let!(:user) { build(:user, spree_api_key: 'fake') }
|
5
6
|
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.describe Spree::UserPasswordsController, type: :controller do
|
3
4
|
let(:token) { 'some_token' }
|
4
5
|
|
5
6
|
before { @request.env['devise.mapping'] = Devise.mappings[:spree_user] }
|
@@ -16,7 +17,7 @@ RSpec.describe Spree::UserPasswordsController, type: :controller do
|
|
16
17
|
it 'flashes an error' do
|
17
18
|
get :edit
|
18
19
|
expect(flash[:alert]).to include(
|
19
|
-
"You can't access this page without coming from a password reset "
|
20
|
+
"You can't access this page without coming from a password reset " \
|
20
21
|
'email'
|
21
22
|
)
|
22
23
|
end
|
@@ -34,7 +35,7 @@ RSpec.describe Spree::UserPasswordsController, type: :controller do
|
|
34
35
|
context 'when updating password with blank password' do
|
35
36
|
it 'shows error flash message, sets spree_user with token and re-displays password edit form' do
|
36
37
|
put :update, params: { spree_user: { password: '', password_confirmation: '', reset_password_token: token } }
|
37
|
-
expect(assigns(:spree_user).
|
38
|
+
expect(assigns(:spree_user).is_a?(Spree::User)).to eq true
|
38
39
|
expect(assigns(:spree_user).reset_password_token).to eq token
|
39
40
|
expect(flash[:error]).to eq I18n.t(:cannot_be_blank, scope: [:devise, :user_passwords, :spree_user])
|
40
41
|
expect(response).to render_template :edit
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.describe Spree::UserRegistrationsController, type: :controller do
|
3
4
|
before { @request.env['devise.mapping'] = Devise.mappings[:spree_user] }
|
4
5
|
|
5
6
|
context '#create' do
|
@@ -56,7 +57,7 @@ RSpec.describe Spree::UserRegistrationsController, type: :controller do
|
|
56
57
|
it 'assigns orders with the correct token and no user present' do
|
57
58
|
order = create(:order, guest_token: 'ABC', user_id: nil, created_by_id: nil)
|
58
59
|
subject
|
59
|
-
user = Spree::User.
|
60
|
+
user = Spree::User.find_by(email: 'foobar@example.com')
|
60
61
|
|
61
62
|
order.reload
|
62
63
|
expect(order.user_id).to eq user.id
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
RSpec.describe Spree::UserSessionsController, type: :controller do
|
2
4
|
let(:user) { create(:user) }
|
3
5
|
|
@@ -110,4 +112,16 @@ RSpec.describe Spree::UserSessionsController, type: :controller do
|
|
110
112
|
end
|
111
113
|
end
|
112
114
|
end
|
115
|
+
|
116
|
+
context "#destroy" do
|
117
|
+
subject do
|
118
|
+
delete(:destroy)
|
119
|
+
end
|
120
|
+
|
121
|
+
it "redirects to default after signing out" do
|
122
|
+
subject
|
123
|
+
expect(controller.spree_current_user).to be_nil
|
124
|
+
expect(response).to redirect_to spree.root_path
|
125
|
+
end
|
126
|
+
end
|
113
127
|
end
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.describe Spree::UsersController, type: :controller do
|
3
4
|
let(:admin_user) { create(:user) }
|
4
5
|
let(:user) { create(:user) }
|
5
6
|
let(:role) { create(:role) }
|
@@ -22,7 +23,6 @@ RSpec.describe Spree::UsersController, type: :controller do
|
|
22
23
|
before { sign_in(user) }
|
23
24
|
|
24
25
|
context 'when updating own account' do
|
25
|
-
|
26
26
|
context 'when user updated successfuly' do
|
27
27
|
before { put :update, params: { user: { email: 'mynew@email-address.com' } } }
|
28
28
|
|
@@ -1,7 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
FactoryBot.define do
|
2
4
|
factory :confirmed_user, parent: :user do
|
3
|
-
confirmed_at { Time.now }
|
4
|
-
confirmation_sent_at { Time.now }
|
5
|
+
confirmed_at { Time.zone.now }
|
6
|
+
confirmation_sent_at { Time.zone.now }
|
5
7
|
confirmation_token { "12345" }
|
6
8
|
end
|
7
|
-
end
|
9
|
+
end
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.feature 'Accounts', type: :feature do
|
3
4
|
context 'editing' do
|
4
5
|
scenario 'can edit an admin user' do
|
5
6
|
user = create(:admin_user, email: 'admin@person.com', password: 'password', password_confirmation: 'password')
|
@@ -14,7 +15,7 @@ RSpec.feature 'Accounts', type: :feature do
|
|
14
15
|
end
|
15
16
|
|
16
17
|
scenario 'can edit a new user' do
|
17
|
-
Spree::Auth::Config
|
18
|
+
stub_spree_preferences(Spree::Auth::Config, signout_after_password_change: false)
|
18
19
|
visit spree.signup_path
|
19
20
|
|
20
21
|
fill_in 'Email', with: 'email@person.com'
|
@@ -35,7 +36,7 @@ RSpec.feature 'Accounts', type: :feature do
|
|
35
36
|
end
|
36
37
|
|
37
38
|
scenario 'can edit an existing user account' do
|
38
|
-
Spree::Auth::Config
|
39
|
+
stub_spree_preferences(Spree::Auth::Config ,signout_after_password_change: false)
|
39
40
|
user = create(:user, email: 'email@person.com', password: 'secret', password_confirmation: 'secret')
|
40
41
|
visit spree.login_path
|
41
42
|
|
@@ -1,24 +1,37 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.feature 'Admin - Reset Password', type: :feature do
|
3
4
|
let!(:store) { create(:store) }
|
4
5
|
|
5
6
|
background do
|
6
7
|
ActionMailer::Base.default_url_options[:host] = 'http://example.com'
|
7
8
|
end
|
8
9
|
|
9
|
-
|
10
|
-
user
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
10
|
+
context 'when an account with this email address exists' do
|
11
|
+
let!(:user) { create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret') }
|
12
|
+
|
13
|
+
scenario 'allows a user to supply an email for the password reset' do
|
14
|
+
visit spree.admin_login_path
|
15
|
+
click_link 'Forgot Password?'
|
16
|
+
fill_in_email
|
17
|
+
click_button 'Reset my password'
|
18
|
+
expect(page).to have_text 'you will receive an email with instructions'
|
19
|
+
end
|
16
20
|
end
|
17
21
|
|
18
|
-
|
22
|
+
# Revealing that an admin email address is not found allows an attacker to
|
23
|
+
# find admin account email addresses by trying email addresses until this
|
24
|
+
# error is not shown.
|
25
|
+
scenario 'does not reveal email addresses if they are not found' do
|
19
26
|
visit spree.admin_login_path
|
20
27
|
click_link 'Forgot Password?'
|
28
|
+
fill_in_email
|
21
29
|
click_button 'Reset my password'
|
22
|
-
expect(page).
|
30
|
+
expect(page).to_not have_text "Email not found"
|
31
|
+
expect(page).to have_text 'you will receive an email with instructions'
|
32
|
+
end
|
33
|
+
|
34
|
+
def fill_in_email
|
35
|
+
fill_in 'Email', with: 'foobar@example.com'
|
23
36
|
end
|
24
37
|
end
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.feature 'Admin products', type: :feature do
|
3
4
|
context 'as anonymous user' do
|
4
5
|
# Regression test for #1250
|
5
6
|
scenario 'redirects to login page when attempting to access product listing' do
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.feature 'Admin Permissions', type: :feature do
|
3
4
|
context 'orders' do
|
4
5
|
background do
|
5
6
|
user = create(:admin_user, email: 'admin@person.com', password: 'password', password_confirmation: 'password')
|
@@ -1,7 +1,8 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.feature 'Change email', type: :feature do
|
3
4
|
background do
|
4
|
-
Spree::Auth::Config
|
5
|
+
stub_spree_preferences(Spree::Auth::Config, signout_after_password_change: false)
|
5
6
|
|
6
7
|
user = create(:user)
|
7
8
|
visit spree.root_path
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
RSpec.feature 'Checkout', :js, type: :feature do
|
2
4
|
given!(:store) { create(:store) }
|
3
5
|
given!(:country) { create(:country, name: 'United States', states_required: true) }
|
@@ -15,17 +17,17 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
15
17
|
|
16
18
|
background do
|
17
19
|
@product = create(:product, name: 'RoR Mug')
|
18
|
-
@product.master.stock_items.first.
|
20
|
+
@product.master.stock_items.first.set_count_on_hand(1)
|
19
21
|
|
20
22
|
# Bypass gateway error on checkout | ..or stub a gateway
|
21
|
-
|
23
|
+
stub_spree_preferences(allow_checkout_on_gateway_error: true)
|
22
24
|
|
23
25
|
visit spree.root_path
|
24
26
|
end
|
25
27
|
|
26
28
|
# Regression test for https://github.com/solidusio/solidus/issues/1588
|
27
29
|
scenario 'leaving and returning to address step' do
|
28
|
-
Spree::Auth::Config
|
30
|
+
stub_spree_preferences(Spree::Auth::Config, registration_step: true)
|
29
31
|
click_link 'RoR Mug'
|
30
32
|
click_button 'Add To Cart'
|
31
33
|
within('h1') { expect(page).to have_text 'Shopping Cart' }
|
@@ -61,9 +63,9 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
61
63
|
str_addr = 'bill_address'
|
62
64
|
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
63
65
|
%w(firstname lastname address1 city zipcode phone).each do |field|
|
64
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with:
|
66
|
+
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
65
67
|
end
|
66
|
-
select
|
68
|
+
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
67
69
|
check 'order_use_billing'
|
68
70
|
|
69
71
|
click_button 'Save and Continue'
|
@@ -93,9 +95,9 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
93
95
|
str_addr = 'bill_address'
|
94
96
|
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
95
97
|
%w(firstname lastname address1 city zipcode phone).each do |field|
|
96
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with:
|
98
|
+
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
97
99
|
end
|
98
|
-
select
|
100
|
+
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
99
101
|
check 'order_use_billing'
|
100
102
|
|
101
103
|
click_button 'Save and Continue'
|
@@ -109,7 +111,7 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
109
111
|
|
110
112
|
# Regression test for #890
|
111
113
|
scenario 'associate an incomplete guest order with user after successful password reset' do
|
112
|
-
|
114
|
+
create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
|
113
115
|
click_link 'RoR Mug'
|
114
116
|
click_button 'Add To Cart'
|
115
117
|
|
@@ -135,9 +137,9 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
135
137
|
str_addr = 'bill_address'
|
136
138
|
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
137
139
|
%w(firstname lastname address1 city zipcode phone).each do |field|
|
138
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with:
|
140
|
+
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
139
141
|
end
|
140
|
-
select
|
142
|
+
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
141
143
|
check 'order_use_billing'
|
142
144
|
|
143
145
|
click_button 'Save and Continue'
|
@@ -164,9 +166,9 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
164
166
|
str_addr = 'bill_address'
|
165
167
|
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
166
168
|
%w(firstname lastname address1 city zipcode phone).each do |field|
|
167
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with:
|
169
|
+
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
168
170
|
end
|
169
|
-
select
|
171
|
+
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
170
172
|
check 'order_use_billing'
|
171
173
|
|
172
174
|
click_button 'Save and Continue'
|
@@ -175,7 +177,7 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
175
177
|
click_button 'Place Order'
|
176
178
|
|
177
179
|
expect(page).to have_text 'Your order has been processed successfully'
|
178
|
-
expect(Spree::Order.first.user).to eq Spree::User.
|
180
|
+
expect(Spree::Order.first.user).to eq Spree::User.find_by(email: 'email@person.com')
|
179
181
|
end
|
180
182
|
end
|
181
183
|
end
|
data/spec/features/order_spec.rb
CHANGED
@@ -1,24 +1,37 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
RSpec.feature 'Reset Password', type: :feature do
|
3
4
|
let!(:store) { create(:store) }
|
4
5
|
|
5
6
|
background do
|
6
7
|
ActionMailer::Base.default_url_options[:host] = 'http://example.com'
|
7
8
|
end
|
8
9
|
|
9
|
-
|
10
|
-
user
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
10
|
+
context 'when an account with this email address exists' do
|
11
|
+
let!(:user) { create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret') }
|
12
|
+
|
13
|
+
scenario 'allows a user to supply an email for the password reset' do
|
14
|
+
visit spree.login_path
|
15
|
+
click_link 'Forgot Password?'
|
16
|
+
fill_in_email
|
17
|
+
click_button 'Reset my password'
|
18
|
+
expect(page).to have_text 'you will receive an email with instructions'
|
19
|
+
end
|
16
20
|
end
|
17
21
|
|
18
|
-
|
22
|
+
# Test that we are extending the functionality from
|
23
|
+
# https://github.com/solidusio/solidus_auth_devise/pull/155
|
24
|
+
# to the non-admin login
|
25
|
+
scenario 'does not reveal email addresses if they are not found' do
|
19
26
|
visit spree.login_path
|
20
27
|
click_link 'Forgot Password?'
|
28
|
+
fill_in_email
|
21
29
|
click_button 'Reset my password'
|
22
|
-
expect(page).
|
30
|
+
expect(page).to_not have_text "Email not found"
|
31
|
+
expect(page).to have_text 'you will receive an email with instructions'
|
32
|
+
end
|
33
|
+
|
34
|
+
def fill_in_email
|
35
|
+
fill_in 'Email', with: 'foobar@example.com'
|
23
36
|
end
|
24
37
|
end
|