sorcery 0.5.1 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (97) hide show
  1. data/README.rdoc +9 -1
  2. data/VERSION +1 -1
  3. data/lib/sorcery/controller/adapters/sinatra.rb +35 -28
  4. data/lib/sorcery/controller/submodules/activity_logging.rb +11 -7
  5. data/lib/sorcery/controller/submodules/brute_force_protection.rb +8 -5
  6. data/lib/sorcery/controller/submodules/external.rb +11 -6
  7. data/lib/sorcery/controller/submodules/http_basic_auth.rb +12 -7
  8. data/lib/sorcery/controller/submodules/remember_me.rb +14 -5
  9. data/lib/sorcery/controller/submodules/session_timeout.rb +3 -1
  10. data/lib/sorcery/controller.rb +12 -9
  11. data/lib/sorcery/crypto_providers/aes256.rb +8 -5
  12. data/lib/sorcery/crypto_providers/bcrypt.rb +12 -6
  13. data/lib/sorcery/crypto_providers/sha256.rb +2 -1
  14. data/lib/sorcery/crypto_providers/sha512.rb +2 -1
  15. data/lib/sorcery/engine.rb +0 -7
  16. data/lib/sorcery/initializers/initializer.rb +127 -36
  17. data/lib/sorcery/model/adapters/active_record.rb +2 -2
  18. data/lib/sorcery/model/adapters/mongoid.rb +4 -4
  19. data/lib/sorcery/model/submodules/activity_logging.rb +7 -6
  20. data/lib/sorcery/model/submodules/brute_force_protection.rb +10 -6
  21. data/lib/sorcery/model/submodules/external.rb +4 -2
  22. data/lib/sorcery/model/submodules/remember_me.rb +4 -3
  23. data/lib/sorcery/model/submodules/reset_password.rb +16 -8
  24. data/lib/sorcery/model/submodules/user_activation.rb +23 -10
  25. data/lib/sorcery/model/temporary_token.rb +3 -2
  26. data/lib/sorcery/model.rb +59 -28
  27. data/lib/sorcery/test_helpers/internal/rails.rb +6 -1
  28. data/lib/sorcery/test_helpers/internal/sinatra.rb +3 -3
  29. data/lib/sorcery/test_helpers/internal/sinatra_modular.rb +74 -0
  30. data/lib/sorcery/test_helpers/internal.rb +2 -1
  31. data/lib/sorcery.rb +3 -5
  32. data/sorcery.gemspec +72 -2
  33. data/spec/Gemfile.lock +1 -1
  34. data/spec/rails3/Gemfile.lock +1 -1
  35. data/spec/rails3/spec/controller_oauth2_spec.rb +3 -24
  36. data/spec/rails3/spec/controller_oauth_spec.rb +3 -24
  37. data/spec/rails3/spec/controller_spec.rb +2 -2
  38. data/spec/rails3/spec/user_activation_spec.rb +2 -168
  39. data/spec/rails3/spec/user_activity_logging_spec.rb +2 -30
  40. data/spec/rails3/spec/user_brute_force_protection_spec.rb +2 -35
  41. data/spec/rails3/spec/user_oauth_spec.rb +2 -26
  42. data/spec/rails3/spec/user_remember_me_spec.rb +2 -45
  43. data/spec/rails3/spec/user_reset_password_spec.rb +3 -168
  44. data/spec/rails3/spec/user_spec.rb +3 -293
  45. data/spec/rails3_mongoid/Gemfile.lock +1 -1
  46. data/spec/rails3_mongoid/app/models/authentication.rb +3 -3
  47. data/spec/rails3_mongoid/spec/user_activation_spec.rb +2 -171
  48. data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb +2 -25
  49. data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb +2 -35
  50. data/spec/rails3_mongoid/spec/user_oauth_spec.rb +2 -28
  51. data/spec/rails3_mongoid/spec/user_remember_me_spec.rb +2 -45
  52. data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +2 -176
  53. data/spec/rails3_mongoid/spec/user_spec.rb +3 -295
  54. data/spec/shared_examples/controller_oauth2_shared_examples.rb +37 -0
  55. data/spec/shared_examples/controller_oauth_shared_examples.rb +37 -0
  56. data/spec/shared_examples/user_activation_shared_examples.rb +173 -0
  57. data/spec/shared_examples/user_activity_logging_shared_examples.rb +27 -0
  58. data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +37 -0
  59. data/spec/shared_examples/user_oauth_shared_examples.rb +31 -0
  60. data/spec/shared_examples/user_remember_me_shared_examples.rb +47 -0
  61. data/spec/shared_examples/user_reset_password_shared_examples.rb +177 -0
  62. data/spec/shared_examples/user_shared_examples.rb +292 -0
  63. data/spec/sinatra/Gemfile.lock +1 -1
  64. data/spec/sinatra/Rakefile +1 -1
  65. data/spec/sinatra/filters.rb +20 -14
  66. data/spec/sinatra/modular.rb +157 -0
  67. data/spec/sinatra/spec/controller_oauth2_spec.rb +3 -24
  68. data/spec/sinatra/spec/controller_oauth_spec.rb +3 -24
  69. data/spec/sinatra/spec/controller_spec.rb +2 -2
  70. data/spec/sinatra_modular/Gemfile +15 -0
  71. data/spec/sinatra_modular/Gemfile.lock +117 -0
  72. data/spec/sinatra_modular/Rakefile +11 -0
  73. data/spec/sinatra_modular/authentication.rb +3 -0
  74. data/spec/sinatra_modular/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
  75. data/spec/sinatra_modular/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +17 -0
  76. data/spec/sinatra_modular/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +11 -0
  77. data/spec/sinatra_modular/db/migrate/core/20101224223620_create_users.rb +16 -0
  78. data/spec/sinatra_modular/db/migrate/external/20101224223628_create_authentications.rb +14 -0
  79. data/spec/sinatra_modular/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
  80. data/spec/sinatra_modular/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
  81. data/spec/sinatra_modular/filters.rb +27 -0
  82. data/spec/sinatra_modular/modular.rb +157 -0
  83. data/spec/sinatra_modular/myapp.rb +133 -0
  84. data/spec/sinatra_modular/sorcery_mailer.rb +25 -0
  85. data/spec/sinatra_modular/spec_modular/controller_activity_logging_spec.rb +85 -0
  86. data/spec/sinatra_modular/spec_modular/controller_brute_force_protection_spec.rb +70 -0
  87. data/spec/sinatra_modular/spec_modular/controller_http_basic_auth_spec.rb +53 -0
  88. data/spec/sinatra_modular/spec_modular/controller_oauth2_spec.rb +99 -0
  89. data/spec/sinatra_modular/spec_modular/controller_oauth_spec.rb +100 -0
  90. data/spec/sinatra_modular/spec_modular/controller_remember_me_spec.rb +64 -0
  91. data/spec/sinatra_modular/spec_modular/controller_session_timeout_spec.rb +57 -0
  92. data/spec/sinatra_modular/spec_modular/controller_spec.rb +116 -0
  93. data/spec/sinatra_modular/spec_modular/spec.opts +2 -0
  94. data/spec/sinatra_modular/spec_modular/spec_helper.rb +51 -0
  95. data/spec/sinatra_modular/user.rb +6 -0
  96. data/spec/sinatra_modular/views/test_login.erb +4 -0
  97. metadata +72 -2
@@ -1,5 +1,6 @@
1
1
  require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
2
  require File.expand_path(File.dirname(__FILE__) + '/../app/mailers/sorcery_mailer')
3
+ require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_shared_examples')
3
4
 
4
5
  describe "User with no submodules (core)" do
5
6
  before(:all) do
@@ -11,308 +12,15 @@ describe "User with no submodules (core)" do
11
12
  User.should respond_to(:authenticates_with_sorcery!)
12
13
  end
13
14
  end
14
-
15
- # ----------------- PLUGIN ACTIVATION -----------------------
16
- describe TestUser, "Testing activated class self-registration" do
17
- it "should register itself as user_class if activated" do
18
- TestUser.class_eval do
19
- authenticates_with_sorcery!
20
- end
21
- ::Sorcery::Controller::Config.user_class.should == TestUser
22
- end
23
- end
24
15
 
25
16
  # ----------------- PLUGIN CONFIGURATION -----------------------
26
- describe User, "loaded plugin configuration" do
27
- after(:each) do
28
- User.sorcery_config.reset!
29
- end
30
-
31
- it "should enable configuration option 'username_attribute_name'" do
32
- sorcery_model_property_set(:username_attribute_name, :email)
33
- User.sorcery_config.username_attribute_name.should equal(:email)
34
- end
35
-
36
- it "should enable configuration option 'password_attribute_name'" do
37
- sorcery_model_property_set(:password_attribute_name, :mypassword)
38
- User.sorcery_config.password_attribute_name.should equal(:mypassword)
39
- end
40
-
41
- it "should enable configuration option 'email_attribute_name'" do
42
- sorcery_model_property_set(:email_attribute_name, :my_email)
43
- User.sorcery_config.email_attribute_name.should equal(:my_email)
44
- end
45
-
46
- it "should enable configuration option 'crypted_password_attribute_name'" do
47
- sorcery_model_property_set(:crypted_password_attribute_name, :password)
48
- User.sorcery_config.crypted_password_attribute_name.should equal(:password)
49
- end
50
-
51
- it "should enable configuration option 'salt_attribute_name'" do
52
- sorcery_model_property_set(:salt_attribute_name, :my_salt)
53
- User.sorcery_config.salt_attribute_name.should equal(:my_salt)
54
- end
55
-
56
- it "should enable configuration option 'encryption_algorithm'" do
57
- sorcery_model_property_set(:encryption_algorithm, :none)
58
- User.sorcery_config.encryption_algorithm.should equal(:none)
59
- end
60
-
61
- it "should enable configuration option 'encryption_key'" do
62
- sorcery_model_property_set(:encryption_key, 'asdadas424234242')
63
- User.sorcery_config.encryption_key.should == 'asdadas424234242'
64
- end
65
-
66
- it "should enable configuration option 'custom_encryption_provider'" do
67
- sorcery_model_property_set(:encryption_algorithm, :custom)
68
- sorcery_model_property_set(:custom_encryption_provider, Array)
69
- User.sorcery_config.custom_encryption_provider.should equal(Array)
70
- end
71
-
72
- it "should enable configuration option 'salt_join_token'" do
73
- salt_join_token = "--%%*&-"
74
- sorcery_model_property_set(:salt_join_token, salt_join_token)
75
- User.sorcery_config.salt_join_token.should equal(salt_join_token)
76
- end
77
-
78
- it "should enable configuration option 'stretches'" do
79
- stretches = 15
80
- sorcery_model_property_set(:stretches, stretches)
81
- User.sorcery_config.stretches.should equal(stretches)
82
- end
83
-
84
- end
85
-
86
- # ----------------- PLUGIN ACTIVATED -----------------------
87
- describe User, "when activated with sorcery" do
88
- before(:all) do
89
- sorcery_reload!()
90
- end
91
-
92
- before(:each) do
93
- User.delete_all
94
- end
95
-
96
- it "should respond to class method authenticate" do
97
- User.should respond_to(:authenticate)
98
- end
99
-
100
- it "authenticate should return true if credentials are good" do
101
- create_new_user
102
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
103
- end
104
-
105
- it "authenticate should return false if credentials are bad" do
106
- create_new_user
107
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'wrong!').should be_false
108
- end
109
-
110
- specify { User.should respond_to(:encrypt) }
111
-
112
- it "subclass should inherit config if defined so" do
113
- sorcery_reload!([],{:subclasses_inherit_config => true})
114
- class Admin < User
115
- end
116
- Admin.sorcery_config.should_not be_nil
117
- Admin.sorcery_config.should == User.sorcery_config
118
- end
119
-
120
- it "subclass should not inherit config if not defined so" do
121
- sorcery_reload!([],{:subclasses_inherit_config => false})
122
- class Admin2 < User
123
- end
124
- Admin2.sorcery_config.should be_nil
125
- end
126
- end
127
-
128
- # ----------------- REGISTRATION -----------------------
129
- describe User, "registration" do
130
-
131
- before(:all) do
132
- sorcery_reload!()
133
- end
134
-
135
- before(:each) do
136
- User.delete_all
137
- end
138
-
139
- it "by default, encryption_provider should not be nil" do
140
- User.sorcery_config.encryption_provider.should_not be_nil
141
- end
142
-
143
- it "should encrypt password when a new user is saved" do
144
- create_new_user
145
- User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
146
- end
147
-
148
- it "should clear the virtual password field if the encryption process worked" do
149
- create_new_user
150
- @user.password.should be_nil
151
- end
152
-
153
- it "should not clear the virtual password field if save failed due to validity" do
154
- create_new_user
155
- User.class_eval do
156
- validates_format_of :email, :with => /^(.)+@(.)+$/, :if => Proc.new {|r| r.email}, :message => "is invalid"
157
- end
158
- @user.password = 'blupush'
159
- @user.email = 'asd'
160
- @user.save
161
- @user.password.should_not be_nil
162
- end
163
-
164
- it "should not clear the virtual password field if save failed due to exception" do
165
- create_new_user
166
- @user.password = '4blupush'
167
- @user.username = nil
168
- User.class_eval do
169
- validates_presence_of :username
170
- end
171
- begin
172
- @user.save! # triggers validation exception since username field is required.
173
- rescue
174
- end
175
- @user.password.should_not be_nil
176
- end
177
-
178
- it "should not encrypt the password twice when a user is updated" do
179
- create_new_user
180
- @user.email = "blup@bla.com"
181
- @user.save!
182
- User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
183
- end
184
-
185
- it "should replace the crypted_password in case a new password is set" do
186
- create_new_user
187
- @user.password = 'new_secret'
188
- @user.save!
189
- User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_false
190
- end
191
-
192
- end
193
-
194
- # ----------------- PASSWORD ENCRYPTION -----------------------
195
- describe User, "special encryption cases" do
196
- before(:all) do
197
-
198
- @text = "Some Text!"
199
- end
200
-
201
- before(:each) do
202
- User.delete_all
203
- sorcery_reload!()
204
- end
205
-
206
- after(:each) do
207
- User.sorcery_config.reset!
208
- end
209
-
210
- it "should work with no password encryption" do
211
- sorcery_model_property_set(:encryption_algorithm, :none)
212
- create_new_user
213
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
214
- end
215
-
216
- it "should work with custom password encryption" do
217
- class MyCrypto
218
- def self.encrypt(*tokens)
219
- tokens.flatten.compact.join('').gsub(/e/,'A')
220
- end
221
-
222
- def self.matches?(crypted,*tokens)
223
- crypted == encrypt(*tokens)
224
- end
225
- end
226
- sorcery_model_property_set(:encryption_algorithm, :custom)
227
- sorcery_model_property_set(:custom_encryption_provider, MyCrypto)
228
- create_new_user
229
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
230
- end
231
-
232
- it "if encryption algo is aes256, it should set key to crypto provider" do
233
- sorcery_model_property_set(:encryption_algorithm, :aes256)
234
- sorcery_model_property_set(:encryption_key, nil)
235
- expect{User.encrypt(@text)}.to raise_error(ArgumentError)
236
- sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
237
- expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
238
- end
239
-
240
- it "if encryption algo is aes256, it should set key to crypto provider, even if attributes are set in reverse" do
241
- sorcery_model_property_set(:encryption_key, nil)
242
- sorcery_model_property_set(:encryption_algorithm, :none)
243
- sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
244
- sorcery_model_property_set(:encryption_algorithm, :aes256)
245
- expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
246
- end
247
-
248
- it "if encryption algo is md5 it should work" do
249
- sorcery_model_property_set(:encryption_algorithm, :md5)
250
- User.encrypt(@text).should == Sorcery::CryptoProviders::MD5.encrypt(@text)
251
- end
252
-
253
- it "if encryption algo is sha1 it should work" do
254
- sorcery_model_property_set(:encryption_algorithm, :sha1)
255
- User.encrypt(@text).should == Sorcery::CryptoProviders::SHA1.encrypt(@text)
256
- end
257
17
 
258
- it "if encryption algo is sha256 it should work" do
259
- sorcery_model_property_set(:encryption_algorithm, :sha256)
260
- User.encrypt(@text).should == Sorcery::CryptoProviders::SHA256.encrypt(@text)
261
- end
262
-
263
- it "if encryption algo is sha512 it should work" do
264
- sorcery_model_property_set(:encryption_algorithm, :sha512)
265
- User.encrypt(@text).should == Sorcery::CryptoProviders::SHA512.encrypt(@text)
266
- end
267
-
268
- it "salt should be random for each user and saved in db" do
269
- sorcery_model_property_set(:salt_attribute_name, :salt)
270
- create_new_user
271
- @user.salt.should_not be_nil
272
- end
273
-
274
- it "if salt is set should use it to encrypt" do
275
- sorcery_model_property_set(:salt_attribute_name, :salt)
276
- sorcery_model_property_set(:encryption_algorithm, :sha512)
277
- create_new_user
278
- @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
279
- @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
280
- end
281
-
282
- it "if salt_join_token is set should use it to encrypt" do
283
- sorcery_model_property_set(:salt_attribute_name, :salt)
284
- sorcery_model_property_set(:salt_join_token, "-@=>")
285
- sorcery_model_property_set(:encryption_algorithm, :sha512)
286
- create_new_user
287
- @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
288
- Sorcery::CryptoProviders::SHA512.join_token = ""
289
- @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
290
- Sorcery::CryptoProviders::SHA512.join_token = User.sorcery_config.salt_join_token
291
- @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
292
- end
293
-
294
- end
18
+ it_should_behave_like "rails_3_core_model"
295
19
 
296
20
  describe User, "external users" do
297
21
 
298
- before(:each) do
299
- User.delete_all
300
- end
301
-
302
- it "should respond to 'external?'" do
303
- create_new_user
304
- @user.should respond_to(:external?)
305
- end
22
+ it_should_behave_like "external_user"
306
23
 
307
- it "external? should be false for regular users" do
308
- create_new_user
309
- @user.external?.should be_false
310
- end
311
-
312
- it "external? should be true for external users" do
313
- create_new_external_user(:twitter)
314
- @user.external?.should be_true
315
- end
316
24
  end
317
25
 
318
26
  describe User, "when inherited" do
@@ -0,0 +1,37 @@
1
+ shared_examples_for "oauth2_controller" do
2
+ describe "using 'create_from'" do
3
+ before(:each) do
4
+ stub_all_oauth2_requests!
5
+ User.delete_all
6
+ Authentication.delete_all
7
+ end
8
+
9
+ it "should create a new user" do
10
+ sorcery_model_property_set(:authentications_class, Authentication)
11
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, {:username => "name"})
12
+ lambda do
13
+ get :test_create_from_provider, :provider => "facebook"
14
+ end.should change(User, :count).by(1)
15
+ User.first.username.should == "Noam Ben Ari"
16
+ end
17
+
18
+ it "should support nested attributes" do
19
+ sorcery_model_property_set(:authentications_class, Authentication)
20
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, {:username => "hometown/name"})
21
+ lambda do
22
+ get :test_create_from_provider, :provider => "facebook"
23
+ end.should change(User, :count).by(1)
24
+ User.first.username.should == "Haifa, Israel"
25
+ end
26
+
27
+ it "should not crash on missing nested attributes" do
28
+ sorcery_model_property_set(:authentications_class, Authentication)
29
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, {:username => "name", :created_at => "does/not/exist"})
30
+ lambda do
31
+ get :test_create_from_provider, :provider => "facebook"
32
+ end.should change(User, :count).by(1)
33
+ User.first.username.should == "Noam Ben Ari"
34
+ User.first.created_at.should_not be_nil
35
+ end
36
+ end
37
+ end
@@ -0,0 +1,37 @@
1
+ shared_examples_for "oauth_controller" do
2
+ describe "using 'create_from'" do
3
+ before(:each) do
4
+ stub_all_oauth_requests!
5
+ User.delete_all
6
+ Authentication.delete_all
7
+ end
8
+
9
+ it "should create a new user" do
10
+ sorcery_model_property_set(:authentications_class, Authentication)
11
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
12
+ lambda do
13
+ get :test_create_from_provider, :provider => "twitter"
14
+ end.should change(User, :count).by(1)
15
+ User.first.username.should == "nbenari"
16
+ end
17
+
18
+ it "should support nested attributes" do
19
+ sorcery_model_property_set(:authentications_class, Authentication)
20
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text"})
21
+ lambda do
22
+ get :test_create_from_provider, :provider => "twitter"
23
+ end.should change(User, :count).by(1)
24
+ User.first.username.should == "coming soon to sorcery gem: twitter and facebook authentication support."
25
+ end
26
+
27
+ it "should not crash on missing nested attributes" do
28
+ sorcery_model_property_set(:authentications_class, Authentication)
29
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text", :created_at => "does/not/exist"})
30
+ lambda do
31
+ get :test_create_from_provider, :provider => "twitter"
32
+ end.should change(User, :count).by(1)
33
+ User.first.username.should == "coming soon to sorcery gem: twitter and facebook authentication support."
34
+ User.first.created_at.should_not be_nil
35
+ end
36
+ end
37
+ end
@@ -0,0 +1,173 @@
1
+ shared_examples_for "rails_3_activation_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+ before(:all) do
5
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
6
+ end
7
+
8
+ after(:each) do
9
+ User.sorcery_config.reset!
10
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
11
+ end
12
+
13
+ it "should enable configuration option 'activation_state_attribute_name'" do
14
+ sorcery_model_property_set(:activation_state_attribute_name, :status)
15
+ User.sorcery_config.activation_state_attribute_name.should equal(:status)
16
+ end
17
+
18
+ it "should enable configuration option 'activation_token_attribute_name'" do
19
+ sorcery_model_property_set(:activation_token_attribute_name, :code)
20
+ User.sorcery_config.activation_token_attribute_name.should equal(:code)
21
+ end
22
+
23
+ it "should enable configuration option 'user_activation_mailer'" do
24
+ sorcery_model_property_set(:user_activation_mailer, TestMailer)
25
+ User.sorcery_config.user_activation_mailer.should equal(TestMailer)
26
+ end
27
+
28
+ it "should enable configuration option 'activation_needed_email_method_name'" do
29
+ sorcery_model_property_set(:activation_needed_email_method_name, :my_activation_email)
30
+ User.sorcery_config.activation_needed_email_method_name.should equal(:my_activation_email)
31
+ end
32
+
33
+ it "should enable configuration option 'activation_success_email_method_name'" do
34
+ sorcery_model_property_set(:activation_success_email_method_name, :my_activation_email)
35
+ User.sorcery_config.activation_success_email_method_name.should equal(:my_activation_email)
36
+ end
37
+
38
+ it "if mailer is nil on activation, throw exception!" do
39
+ expect{sorcery_reload!([:user_activation])}.to raise_error(ArgumentError)
40
+ end
41
+ end
42
+
43
+ # ----------------- ACTIVATION PROCESS -----------------------
44
+ describe User, "activation process" do
45
+ before(:all) do
46
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
47
+ end
48
+
49
+ before(:each) do
50
+ create_new_user
51
+ end
52
+
53
+ it "should initialize user state to 'pending'" do
54
+ @user.activation_state.should == "pending"
55
+ end
56
+
57
+ specify { @user.should respond_to(:activate!) }
58
+
59
+ it "should clear activation code and change state to 'active' on activation" do
60
+ activation_token = @user.activation_token
61
+ @user.activate!
62
+ @user2 = User.find(@user.id) # go to db to make sure it was saved and not just in memory
63
+ @user2.activation_token.should be_nil
64
+ @user2.activation_state.should == "active"
65
+ User.find_by_activation_token(activation_token).should be_nil
66
+ end
67
+
68
+ it "should send the user an activation email" do
69
+ old_size = ActionMailer::Base.deliveries.size
70
+ create_new_user
71
+ ActionMailer::Base.deliveries.size.should == old_size + 1
72
+ end
73
+
74
+ it "subsequent saves do not send activation email" do
75
+ old_size = ActionMailer::Base.deliveries.size
76
+ @user.username = "Shauli"
77
+ @user.save!
78
+ ActionMailer::Base.deliveries.size.should == old_size
79
+ end
80
+
81
+ it "should send the user an activation success email on successful activation" do
82
+ old_size = ActionMailer::Base.deliveries.size
83
+ @user.activate!
84
+ ActionMailer::Base.deliveries.size.should == old_size + 1
85
+ end
86
+
87
+ it "subsequent saves do not send activation success email" do
88
+ @user.activate!
89
+ old_size = ActionMailer::Base.deliveries.size
90
+ @user.username = "Shauli"
91
+ @user.save!
92
+ ActionMailer::Base.deliveries.size.should == old_size
93
+ end
94
+
95
+ it "activation needed email is optional" do
96
+ sorcery_model_property_set(:activation_needed_email_method_name, nil)
97
+ old_size = ActionMailer::Base.deliveries.size
98
+ create_new_user
99
+ ActionMailer::Base.deliveries.size.should == old_size
100
+ end
101
+
102
+ it "activation success email is optional" do
103
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
104
+ old_size = ActionMailer::Base.deliveries.size
105
+ @user.activate!
106
+ ActionMailer::Base.deliveries.size.should == old_size
107
+ end
108
+ end
109
+
110
+ describe User, "prevent non-active login feature" do
111
+ before(:all) do
112
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
113
+ end
114
+
115
+ before(:each) do
116
+ User.delete_all
117
+ create_new_user
118
+ end
119
+
120
+ it "should not allow a non-active user to authenticate" do
121
+ User.authenticate(@user.username,'secret').should be_false
122
+ end
123
+
124
+ it "should allow a non-active user to authenticate if configured so" do
125
+ sorcery_model_property_set(:prevent_non_active_users_to_login, false)
126
+ User.authenticate(@user.username,'secret').should be_true
127
+ end
128
+ end
129
+
130
+ describe User, "load_from_activation_token" do
131
+ before(:all) do
132
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
133
+ end
134
+
135
+ after(:each) do
136
+ Timecop.return
137
+ end
138
+
139
+ it "load_from_activation_token should return user when token is found" do
140
+ create_new_user
141
+ User.load_from_activation_token(@user.activation_token).should == @user
142
+ end
143
+
144
+ it "load_from_activation_token should NOT return user when token is NOT found" do
145
+ create_new_user
146
+ User.load_from_activation_token("a").should == nil
147
+ end
148
+
149
+ it "load_from_activation_token should return user when token is found and not expired" do
150
+ sorcery_model_property_set(:activation_token_expiration_period, 500)
151
+ create_new_user
152
+ User.load_from_activation_token(@user.activation_token).should == @user
153
+ end
154
+
155
+ it "load_from_activation_token should NOT return user when token is found and expired" do
156
+ sorcery_model_property_set(:activation_token_expiration_period, 0.1)
157
+ create_new_user
158
+ Timecop.travel(Time.now+0.5)
159
+ User.load_from_activation_token(@user.activation_token).should == nil
160
+ end
161
+
162
+ it "load_from_activation_token should return nil if token is blank" do
163
+ User.load_from_activation_token(nil).should == nil
164
+ User.load_from_activation_token("").should == nil
165
+ end
166
+
167
+ it "load_from_activation_token should always be valid if expiration period is nil" do
168
+ sorcery_model_property_set(:activation_token_expiration_period, nil)
169
+ create_new_user
170
+ User.load_from_activation_token(@user.activation_token).should == @user
171
+ end
172
+ end
173
+ end
@@ -0,0 +1,27 @@
1
+ shared_examples_for "rails_3_activity_logging_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+ before(:all) do
5
+ sorcery_reload!([:activity_logging])
6
+ end
7
+
8
+ after(:each) do
9
+ User.sorcery_config.reset!
10
+ end
11
+
12
+ it "should allow configuration option 'last_login_at_attribute_name'" do
13
+ sorcery_model_property_set(:last_login_at_attribute_name, :login_time)
14
+ User.sorcery_config.last_login_at_attribute_name.should equal(:login_time)
15
+ end
16
+
17
+ it "should allow configuration option 'last_logout_at_attribute_name'" do
18
+ sorcery_model_property_set(:last_logout_at_attribute_name, :logout_time)
19
+ User.sorcery_config.last_logout_at_attribute_name.should equal(:logout_time)
20
+ end
21
+
22
+ it "should allow configuration option 'last_activity_at_attribute_name'" do
23
+ sorcery_model_property_set(:last_activity_at_attribute_name, :activity_time)
24
+ User.sorcery_config.last_activity_at_attribute_name.should equal(:activity_time)
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,37 @@
1
+ shared_examples_for "rails_3_brute_force_protection_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+
5
+ before(:all) do
6
+ sorcery_reload!([:brute_force_protection])
7
+ create_new_user
8
+ end
9
+
10
+ after(:each) do
11
+ User.sorcery_config.reset!
12
+ end
13
+
14
+ specify { @user.should respond_to(:failed_logins_count) }
15
+ specify { @user.should respond_to(:lock_expires_at) }
16
+
17
+ it "should enable configuration option 'failed_logins_count_attribute_name'" do
18
+ sorcery_model_property_set(:failed_logins_count_attribute_name, :my_count)
19
+ User.sorcery_config.failed_logins_count_attribute_name.should equal(:my_count)
20
+ end
21
+
22
+ it "should enable configuration option 'lock_expires_at_attribute_name'" do
23
+ sorcery_model_property_set(:lock_expires_at_attribute_name, :expires)
24
+ User.sorcery_config.lock_expires_at_attribute_name.should equal(:expires)
25
+ end
26
+
27
+ it "should enable configuration option 'consecutive_login_retries_amount_allowed'" do
28
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 34)
29
+ User.sorcery_config.consecutive_login_retries_amount_limit.should equal(34)
30
+ end
31
+
32
+ it "should enable configuration option 'login_lock_time_period'" do
33
+ sorcery_model_property_set(:login_lock_time_period, 2.hours)
34
+ User.sorcery_config.login_lock_time_period.should == 2.hours
35
+ end
36
+ end
37
+ end
@@ -0,0 +1,31 @@
1
+ shared_examples_for "rails_3_oauth_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+
5
+ before(:all) do
6
+ User.delete_all
7
+ Authentication.delete_all
8
+ sorcery_reload!([:external])
9
+ sorcery_controller_property_set(:external_providers, [:twitter])
10
+ sorcery_model_property_set(:authentications_class, Authentication)
11
+ sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
12
+ sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
13
+ sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
14
+ create_new_external_user(:twitter)
15
+ end
16
+
17
+ it "should respond to 'load_from_provider'" do
18
+ User.should respond_to(:load_from_provider)
19
+ end
20
+
21
+ it "'load_from_provider' should load user if exists" do
22
+ User.load_from_provider(:twitter,123).should == @user
23
+ end
24
+
25
+ it "'load_from_provider' should return nil if user doesn't exist" do
26
+ User.load_from_provider(:twitter,980342).should be_nil
27
+ end
28
+
29
+ end
30
+
31
+ end