sorcery 0.5.3 → 0.5.21

data/spec/rails3_mongoid/Gemfile.lock

@@ -2,7 +2,7 @@ PATH
   remote: ../../../
   specs:
     oauth (0.4.4)
-    sorcery (0.5.21)
+    sorcery (0.5.2)
       bcrypt-ruby (~> 2.1.4)
       oauth (>= 0.4.4)
       oauth (>= 0.4.4)

data/spec/rails3_mongoid/app/models/authentication.rb

@@ -1,7 +1,7 @@
 class Authentication
   include Mongoid::Document
-  field :user_id, :type => Integer
-  field :provider, :type => String
-  field :uid, :type => Integer
+  field :user_id, type: Integer
+  field :provider, type: String
+  field :uid, type: Integer
   belongs_to :user
 end

data/spec/rails3_mongoid/spec/user_activation_spec.rb

@@ -1,9 +1,178 @@
 require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
 require File.expand_path(File.dirname(__FILE__) + '/../app/mailers/sorcery_mailer')
-require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_activation_shared_examples')
 
 describe "User with activation submodule" do
 
-  it_behaves_like "rails_3_activation_model"
+  # ----------------- PLUGIN CONFIGURATION -----------------------
+  describe User, "loaded plugin configuration" do
+    before(:all) do
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+  
+    after(:each) do
+      User.sorcery_config.reset!
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+    
+    it "should enable configuration option 'activation_state_attribute_name'" do
+      sorcery_model_property_set(:activation_state_attribute_name, :status)
+      User.sorcery_config.activation_state_attribute_name.should equal(:status)    
+    end
+    
+    it "should enable configuration option 'activation_token_attribute_name'" do
+      sorcery_model_property_set(:activation_token_attribute_name, :code)
+      User.sorcery_config.activation_token_attribute_name.should equal(:code)    
+    end
+    
+    it "should enable configuration option 'user_activation_mailer'" do
+      sorcery_model_property_set(:user_activation_mailer, TestMailer)
+      User.sorcery_config.user_activation_mailer.should equal(TestMailer)    
+    end
+    
+    it "should enable configuration option 'activation_needed_email_method_name'" do
+      sorcery_model_property_set(:activation_needed_email_method_name, :my_activation_email)
+      User.sorcery_config.activation_needed_email_method_name.should equal(:my_activation_email)
+    end
+    
+    it "should enable configuration option 'activation_success_email_method_name'" do
+      sorcery_model_property_set(:activation_success_email_method_name, :my_activation_email)
+      User.sorcery_config.activation_success_email_method_name.should equal(:my_activation_email)
+    end
+    
+    it "if mailer is nil on activation, throw exception!" do
+      expect{sorcery_reload!([:user_activation])}.to raise_error(ArgumentError)
+    end
+  end
+
+  # ----------------- ACTIVATION PROCESS -----------------------
+  describe User, "activation process" do
+    before(:all) do
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+    
+    before(:each) do
+      create_new_user
+    end
+    
+    it "should initialize user state to 'pending'" do
+      @user.activation_state.should == "pending"
+    end
+    
+    specify { @user.should respond_to(:activate!) }
+    
+    it "should clear activation code and change state to 'active' on activation" do
+      activation_token = @user.activation_token
+      @user.activate!
+      @user2 = User.find(@user.id) # go to db to make sure it was saved and not just in memory
+      @user2.activation_token.should be_nil
+      @user2.activation_state.should == "active"
+      User.find_by_activation_token(activation_token).should be_nil
+    end
+    
+    it "should send the user an activation email" do
+      old_size = ActionMailer::Base.deliveries.size
+      create_new_user
+      ActionMailer::Base.deliveries.size.should == old_size + 1
+    end
+    
+    it "subsequent saves do not send activation email" do
+      old_size = ActionMailer::Base.deliveries.size
+      @user.username = "Shauli"
+      @user.save!
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+    
+    it "should send the user an activation success email on successful activation" do
+      old_size = ActionMailer::Base.deliveries.size
+      @user.activate!
+      ActionMailer::Base.deliveries.size.should == old_size + 1
+    end
+    
+    it "subsequent saves do not send activation success email" do
+      @user.activate!
+      old_size = ActionMailer::Base.deliveries.size
+      @user.username = "Shauli"
+      @user.save!
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+    
+    it "activation needed email is optional" do
+      sorcery_model_property_set(:activation_needed_email_method_name, nil)
+      old_size = ActionMailer::Base.deliveries.size
+      create_new_user
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+    
+    it "activation success email is optional" do
+      sorcery_model_property_set(:activation_success_email_method_name, nil)
+      old_size = ActionMailer::Base.deliveries.size
+      @user.activate!
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+  end
+
+  describe User, "prevent non-active login feature" do
+    before(:all) do
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+
+    before(:each) do
+      User.delete_all
+      create_new_user
+    end
+
+    it "should not allow a non-active user to authenticate" do
+      User.authenticate(@user.username,'secret').should be_false
+    end
+    
+    it "should allow a non-active user to authenticate if configured so" do
+      sorcery_model_property_set(:prevent_non_active_users_to_login, false)
+      User.authenticate(@user.username,'secret').should be_true
+    end
+  end
+  
+  describe User, "load_from_activation_token" do
+    before(:all) do
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+    
+    after(:each) do
+      Timecop.return
+    end
+    
+    it "load_from_activation_token should return user when token is found" do
+      create_new_user
+      User.load_from_activation_token(@user.activation_token).should == @user
+    end
+    
+    it "load_from_activation_token should NOT return user when token is NOT found" do
+      create_new_user
+      User.load_from_activation_token("a").should == nil
+    end
+    
+    it "load_from_activation_token should return user when token is found and not expired" do
+      sorcery_model_property_set(:activation_token_expiration_period, 500)
+      create_new_user
+      User.load_from_activation_token(@user.activation_token).should == @user
+    end
+    
+    it "load_from_activation_token should NOT return user when token is found and expired" do
+      sorcery_model_property_set(:activation_token_expiration_period, 0.1)
+      create_new_user
+      Timecop.travel(Time.now+0.5)
+      User.load_from_activation_token(@user.activation_token).should == nil
+    end
+    
+    it "load_from_activation_token should return nil if token is blank" do
+      User.load_from_activation_token(nil).should == nil
+      User.load_from_activation_token("").should == nil
+    end
+    
+    it "load_from_activation_token should always be valid if expiration period is nil" do
+      sorcery_model_property_set(:activation_token_expiration_period, nil)
+      create_new_user
+      User.load_from_activation_token(@user.activation_token).should == @user
+    end
+  end
   
 end

data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb

@@ -1,8 +1,31 @@
 require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_activity_logging_shared_examples')
 
 describe "User with activity logging submodule" do
 
-  it_behaves_like "rails_3_activity_logging_model"
+  # ----------------- PLUGIN CONFIGURATION -----------------------
+  describe User, "loaded plugin configuration" do
+    before(:all) do
+      sorcery_reload!([:activity_logging])
+    end
+  
+    after(:each) do
+      User.sorcery_config.reset!
+    end
+    
+    it "should allow configuration option 'last_login_at_attribute_name'" do
+      sorcery_model_property_set(:last_login_at_attribute_name, :login_time)
+      User.sorcery_config.last_login_at_attribute_name.should equal(:login_time)
+    end
+    
+    it "should allow configuration option 'last_logout_at_attribute_name'" do
+      sorcery_model_property_set(:last_logout_at_attribute_name, :logout_time)
+      User.sorcery_config.last_logout_at_attribute_name.should equal(:logout_time)
+    end
+    
+    it "should allow configuration option 'last_activity_at_attribute_name'" do
+      sorcery_model_property_set(:last_activity_at_attribute_name, :activity_time)
+      User.sorcery_config.last_activity_at_attribute_name.should equal(:activity_time)
+    end
+  end
 
 end

data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb

@@ -1,8 +1,41 @@
 require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_brute_force_protection_shared_examples')
 
 describe "User with brute_force_protection submodule" do
 
-  it_behaves_like "rails_3_brute_force_protection_model"
+  # ----------------- PLUGIN CONFIGURATION -----------------------
+  describe User, "loaded plugin configuration" do
+  
+    before(:all) do
+      sorcery_reload!([:brute_force_protection])
+      create_new_user
+    end
+  
+    after(:each) do
+      User.sorcery_config.reset!
+    end
+    
+    specify { @user.should respond_to(:failed_logins_count) }
+    specify { @user.should respond_to(:lock_expires_at) }
+ 
+    it "should enable configuration option 'failed_logins_count_attribute_name'" do
+      sorcery_model_property_set(:failed_logins_count_attribute_name, :my_count)
+      User.sorcery_config.failed_logins_count_attribute_name.should equal(:my_count)    
+    end
+    
+    it "should enable configuration option 'lock_expires_at_attribute_name'" do
+      sorcery_model_property_set(:lock_expires_at_attribute_name, :expires)
+      User.sorcery_config.lock_expires_at_attribute_name.should equal(:expires)    
+    end
+    
+    it "should enable configuration option 'consecutive_login_retries_amount_allowed'" do
+      sorcery_model_property_set(:consecutive_login_retries_amount_limit, 34)
+      User.sorcery_config.consecutive_login_retries_amount_limit.should equal(34)    
+    end
+    
+    it "should enable configuration option 'login_lock_time_period'" do
+      sorcery_model_property_set(:login_lock_time_period, 2.hours)
+      User.sorcery_config.login_lock_time_period.should == 2.hours    
+    end
+  end
   
 end

data/spec/rails3_mongoid/spec/user_oauth_spec.rb

@@ -1,8 +1,34 @@
 require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_oauth_shared_examples')
 
 describe "User with oauth submodule" do
 
-  it_behaves_like "rails_3_oauth_model"
+  # ----------------- PLUGIN CONFIGURATION -----------------------
+  describe User, "loaded plugin configuration" do
+  
+    before(:all) do
+      User.delete_all
+      Authentication.delete_all
+      sorcery_reload!([:external])
+      sorcery_controller_property_set(:external_providers, [:twitter])
+      sorcery_model_property_set(:authentications_class, Authentication)
+      sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
+      sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+      sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
+      create_new_external_user(:twitter)
+    end
+
+    it "should respond to 'load_from_provider'" do
+      User.should respond_to(:load_from_provider)
+    end
+    
+    it "'load_from_provider' should load user if exists" do
+      User.load_from_provider(:twitter,123).should == @user
+    end
+    
+    it "'load_from_provider' should return nil if user doesn't exist" do
+      User.load_from_provider(:twitter,980342).should be_nil
+    end
+    
+  end
   
 end

data/spec/rails3_mongoid/spec/user_remember_me_spec.rb

@@ -1,8 +1,51 @@
 require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_remember_me_shared_examples')
 
 describe "User with remember_me submodule" do
 
-  it_behaves_like "rails_3_remember_me_model"
+  # ----------------- PLUGIN CONFIGURATION -----------------------
+  describe User, "loaded plugin configuration" do
+    before(:all) do
+      sorcery_reload!([:remember_me])
+      create_new_user
+    end
+  
+    after(:each) do
+      User.sorcery_config.reset!
+    end
+    
+    it "should allow configuration option 'remember_me_token_attribute_name'" do
+      sorcery_model_property_set(:remember_me_token_attribute_name, :my_token)
+      User.sorcery_config.remember_me_token_attribute_name.should equal(:my_token)
+    end
+
+    it "should allow configuration option 'remember_me_token_expires_at_attribute_name'" do
+      sorcery_model_property_set(:remember_me_token_expires_at_attribute_name, :my_expires)
+      User.sorcery_config.remember_me_token_expires_at_attribute_name.should equal(:my_expires)
+    end
+    
+    specify { @user.should respond_to(:remember_me!) }
+    
+    specify { @user.should respond_to(:forget_me!) }
+    
+    it "should generate a new token on 'remember_me!'" do
+      @user.remember_me_token.should be_nil
+      @user.remember_me!
+      @user.remember_me_token.should_not be_nil
+    end
+    
+    it "should set an expiration based on 'remember_me_for' attribute" do
+      sorcery_model_property_set(:remember_me_for, 2 * 60 * 60 * 24)
+      @user.remember_me!
+      @user.remember_me_token_expires_at.utc.to_s.should == (Time.now + 2 * 60 * 60 * 24).utc.to_s
+    end
+    
+    it "should delete the token and expiration on 'forget_me!'" do
+      @user.remember_me!
+      @user.remember_me_token.should_not be_nil
+      @user.forget_me!
+      @user.remember_me_token.should be_nil
+      @user.remember_me_token_expires_at.should be_nil
+    end
+  end
 
 end

data/spec/rails3_mongoid/spec/user_reset_password_spec.rb

@@ -1,8 +1,182 @@
 require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_reset_password_shared_examples')
 
 describe "User with reset_password submodule" do
 
-  it_behaves_like "rails_3_reset_password_model"
+  # ----------------- PLUGIN CONFIGURATION -----------------------
+  describe User, "loaded plugin configuration" do
+  
+    before(:all) do
+      sorcery_reload!([:reset_password], :reset_password_mailer => ::SorceryMailer)
+    end
+  
+    after(:each) do
+      User.sorcery_config.reset!
+    end
+    
+    context "API" do
+      before(:all) do
+        create_new_user
+      end
+      
+      specify { @user.should respond_to(:deliver_reset_password_instructions!) }
+      
+      specify { @user.should respond_to(:change_password!) }
+
+      it "should respond to .load_from_reset_password_token" do
+        User.should respond_to(:load_from_reset_password_token)
+      end
+    end
+
+    it "should allow configuration option 'reset_password_token_attribute_name'" do
+      sorcery_model_property_set(:reset_password_token_attribute_name, :my_code)
+      User.sorcery_config.reset_password_token_attribute_name.should equal(:my_code)
+    end
+    
+    it "should allow configuration option 'reset_password_mailer'" do
+      sorcery_model_property_set(:reset_password_mailer, TestUser)
+      User.sorcery_config.reset_password_mailer.should equal(TestUser)
+    end
+    
+    it "should allow configuration option 'reset_password_email_method_name'" do
+      sorcery_model_property_set(:reset_password_email_method_name, :my_mailer_method)
+      User.sorcery_config.reset_password_email_method_name.should equal(:my_mailer_method)
+    end
+    
+    it "should allow configuration option 'reset_password_expiration_period'" do
+      sorcery_model_property_set(:reset_password_expiration_period, 16)
+      User.sorcery_config.reset_password_expiration_period.should equal(16)
+    end
+    
+    it "should allow configuration option 'reset_password_email_sent_at_attribute_name'" do
+      sorcery_model_property_set(:reset_password_email_sent_at_attribute_name, :blabla)
+      User.sorcery_config.reset_password_email_sent_at_attribute_name.should equal(:blabla)
+    end
+    
+    it "should allow configuration option 'reset_password_time_between_emails'" do
+      sorcery_model_property_set(:reset_password_time_between_emails, 16)
+      User.sorcery_config.reset_password_time_between_emails.should equal(16)
+    end
+  end
+
+  # ----------------- PLUGIN ACTIVATED -----------------------
+  describe User, "when activated with sorcery" do
+  
+    before(:all) do
+      sorcery_reload!([:reset_password], :reset_password_mailer => ::SorceryMailer)
+    end
+  
+    before(:each) do
+      User.delete_all
+    end
+    
+    after(:each) do
+      Timecop.return
+    end
+    
+    it "load_from_reset_password_token should return user when token is found" do
+      create_new_user
+      @user.deliver_reset_password_instructions!
+      User.load_from_reset_password_token(@user.reset_password_token).should == @user
+    end
+    
+    it "load_from_reset_password_token should NOT return user when token is NOT found" do
+      create_new_user
+      @user.deliver_reset_password_instructions!
+      User.load_from_reset_password_token("a").should == nil
+    end
+    
+    it "load_from_reset_password_token should return user when token is found and not expired" do
+      create_new_user
+      sorcery_model_property_set(:reset_password_expiration_period, 500)
+      @user.deliver_reset_password_instructions!
+      User.load_from_reset_password_token(@user.reset_password_token).should == @user
+    end
+    
+    it "load_from_reset_password_token should NOT return user when token is found and expired" do
+      create_new_user
+      sorcery_model_property_set(:reset_password_expiration_period, 0.1)
+      @user.deliver_reset_password_instructions!
+      Timecop.travel(Time.now+0.5)
+      User.load_from_reset_password_token(@user.reset_password_token).should == nil
+    end
+    
+    it "load_from_reset_password_token should always be valid if expiration period is nil" do
+      create_new_user
+      sorcery_model_property_set(:reset_password_expiration_period, nil)
+      @user.deliver_reset_password_instructions!
+      User.load_from_reset_password_token(@user.reset_password_token).should == @user
+    end
+    
+    it "load_from_reset_password_token should return nil if token is blank" do
+      User.load_from_reset_password_token(nil).should == nil
+      User.load_from_reset_password_token("").should == nil
+    end
+    
+    it "'deliver_reset_password_instructions!' should generate a reset_password_token" do
+      create_new_user
+      @user.reset_password_token.should be_nil
+      @user.deliver_reset_password_instructions!
+      @user.reset_password_token.should_not be_nil
+    end
+
+    it "the reset_password_token should be random" do
+      create_new_user
+      sorcery_model_property_set(:reset_password_time_between_emails, 0)
+      @user.deliver_reset_password_instructions!
+      old_password_code = @user.reset_password_token
+      @user.deliver_reset_password_instructions!
+      @user.reset_password_token.should_not == old_password_code
+    end
+
+    it "should send an email on reset" do
+      create_new_user
+      old_size = ActionMailer::Base.deliveries.size
+      @user.deliver_reset_password_instructions!
+      ActionMailer::Base.deliveries.size.should == old_size + 1
+    end
+
+    it "when change_password! is called, should delete reset_password_token" do
+      create_new_user
+      @user.deliver_reset_password_instructions!
+      @user.reset_password_token.should_not be_nil
+      @user.change_password!("blabulsdf")
+      @user.save!
+      @user.reset_password_token.should be_nil
+    end
+    
+    it "should not send an email if time between emails has not passed since last email" do
+      create_new_user
+      sorcery_model_property_set(:reset_password_time_between_emails, 10000)
+      old_size = ActionMailer::Base.deliveries.size
+      @user.deliver_reset_password_instructions!
+      ActionMailer::Base.deliveries.size.should == old_size + 1
+      @user.deliver_reset_password_instructions!
+      ActionMailer::Base.deliveries.size.should == old_size + 1
+    end
+    
+    it "should send an email if time between emails has passed since last email" do
+      create_new_user
+      sorcery_model_property_set(:reset_password_time_between_emails, 0.5)
+      old_size = ActionMailer::Base.deliveries.size
+      @user.deliver_reset_password_instructions!
+      ActionMailer::Base.deliveries.size.should == old_size + 1
+      Timecop.travel(Time.now+0.5)
+      @user.deliver_reset_password_instructions!
+      ActionMailer::Base.deliveries.size.should == old_size + 2
+    end
+
+    it "should encrypt properly on reset" do
+      create_new_user
+      @user.deliver_reset_password_instructions!
+      @user.change_password!("blagu")
+      Sorcery::CryptoProviders::BCrypt.matches?(@user.crypted_password,"blagu",@user.salt).should be_true
+    end
+
+    it "if mailer is nil on activation, throw exception!" do
+      expect{sorcery_reload!([:reset_password])}.to raise_error(ArgumentError)
+    end
+
+
+  end
   
 end