sparkly-auth 1.0.2 → 1.1.0

data/app/views/sparkly_accounts/_rails3_form.html.erb

@@ -0,0 +1,26 @@
+<%=form_for model, :url => model_path do |f|%>
+  <p>
+    <%model.errors.each do |error, message|%>
+      <%=error.to_s.titleize%> <%=message%>
+    <%end%>
+  </p>
+  
+  <p>
+    <%=f.label model_config.key%><br/>
+    <%=f.text_field model_config.key%>
+  </p>
+  
+  <p>
+    <%=f.label :password%><br/>
+    <%=f.password_field :password, :value => ''%>
+  </p>
+  
+  <p>
+    <%=f.label :password_confirmation%><br/>
+    <%=f.password_field :password_confirmation, :value => ''%>
+  </p>
+  
+  <p>
+    <%=f.submit(model.new_record? ? "Sign up" : "Update Profile")%>
+  </p>
+<%end%>

data/app/views/sparkly_accounts/edit.html.erb

@@ -1,24 +1,6 @@
-<%form_for model, :url => model_path do |f|%>
-  <p>
-    <%=f.error_messages%>
-  </p>
-  
-  <p>
-    <%=f.label model_config.key%><br/>
-    <%=f.text_field model_config.key%>
-  </p>
-  
-  <p>
-    <%=f.label :password%><br/>
-    <%=f.password_field :password, :value => ''%>
-  </p>
-  
-  <p>
-    <%=f.label :password_confirmation%><br/>
-    <%=f.password_field :password_confirmation, :value => ''%>
-  </p>
-  
-  <p>
-    <%=f.submit "Update Profile"%>
-  </p>
+<%if Rails::VERSION::MAJOR == 2%>
+  <%=render :partial => 'rails2_form'%>
+<%else%>
+  <%=render :partial => 'rails3_form'%>
 <%end%>
+

data/app/views/sparkly_accounts/new.html.erb

@@ -1,24 +1,5 @@
-<%form_for model, :url => model_path do |f|%>
-  <p>
-    <%=f.error_messages%>
-  </p>
-  
-  <p>
-    <%=f.label model_config.key%><br/>
-    <%=f.text_field model_config.key%>
-  </p>
-  
-  <p>
-    <%=f.label :password%><br/>
-    <%=f.password_field :password, :value => ''%>
-  </p>
-  
-  <p>
-    <%=f.label :password_confirmation%><br/>
-    <%=f.password_field :password_confirmation, :value => ''%>
-  </p>
-  
-  <p>
-    <%=f.submit "Sign up"%>
-  </p>
+<%if Rails::VERSION::MAJOR == 2%>
+  <%=render :partial => 'rails2_form'%>
+<%else%>
+  <%=render :partial => 'rails3_form'%>
 <%end%>

data/app/views/sparkly_sessions/_rails2_form.html.erb

@@ -0,0 +1,22 @@
+<%form_for model, :url => model_session_path do |f|%>
+  <p>
+    <%=f.label model_config.key%><br/>
+    <%=f.text_field model_config.key%>
+  </p>
+  
+  <p>
+    <%=f.label :password%><br/>
+    <%=f.password_field :password, :value => ''%>
+  </p>
+  
+  <%if sparkly_config.remember_me.enabled?%>
+    <p>
+      <%=f.check_box :remember_me, :checked => false%>
+      <%=f.label :remember_me%>
+    </p>
+  <%end%>
+  
+  <p>
+    <%=f.submit "Sign in"%>
+  </p>
+<%end%>

data/app/views/sparkly_sessions/_rails3_form.html.erb

@@ -0,0 +1,22 @@
+<%=form_for model, :url => model_session_path do |f|%>
+  <p>
+    <%=f.label model_config.key%><br/>
+    <%=f.text_field model_config.key%>
+  </p>
+  
+  <p>
+    <%=f.label :password%><br/>
+    <%=f.password_field :password, :value => ''%>
+  </p>
+  
+  <%if sparkly_config.remember_me.enabled?%>
+    <p>
+      <%=f.check_box :remember_me, :checked => false%>
+      <%=f.label :remember_me%>
+    </p>
+  <%end%>
+  
+  <p>
+    <%=f.submit "Sign in"%>
+  </p>
+<%end%>

data/app/views/sparkly_sessions/new.html.erb

@@ -1,22 +1,5 @@
-<%form_for model, :url => model_session_path do |f|%>
-  <p>
-    <%=f.label model_config.key%><br/>
-    <%=f.text_field model_config.key%>
-  </p>
-  
-  <p>
-    <%=f.label :password%><br/>
-    <%=f.password_field :password, :value => ''%>
-  </p>
-  
-  <%if Auth.remember_me.enabled?%>
-    <p>
-      <%=f.check_box :remember_me, :checked => false%>
-      <%=f.label :remember_me%>
-    </p>
-  <%end%>
-  
-  <p>
-    <%=f.submit "Sign in"%>
-  </p>
+<%if Rails::VERSION::MAJOR == 2%>
+  <%=render :partial => 'rails2_form'%>
+<%else%>
+  <%=render :partial => 'rails3_form'%>
 <%end%>

data/features/create_sparkly_account.feature

@@ -0,0 +1,12 @@
+Feature: Create an account using Sparkly Auth
+  
+  Scenario: Create account with valid details
+    Given I am on the new user page
+    When I enter new user details
+    Then I should see "account has been created"
+
+  Scenario: Create account with missing password
+    Given I am on the new user page
+    When I fill in "email" with "generic@example.com"
+    Then I should not see "account has been created"
+    

data/features/delete_sparkly_account.feature

@@ -0,0 +1,12 @@
+Feature: delete sparkly account
+  
+  Scenario: not logged in
+    When I delete my account
+    Then I should see "You must be signed in to view this page."
+    
+  Scenario: logged in
+    Given I am logged in
+    When I delete my account
+    Then I should see "Your account has been deleted."
+      And I should not be logged in
+    

data/features/edit_sparkly_account.feature

@@ -0,0 +1,54 @@
+Feature: Edit sparkly account
+
+  Scenario: not logged in
+    Given I am on the edit user page
+    Then I should see "You must be signed in to view this page."
+    
+  Scenario: logged in
+    Given I am logged in
+      And I am on the edit user page
+    Then I should not see "You must be signed in to view this page."
+      And I should be on the edit user page
+    
+  Scenario: Change email address
+    Given I am logged in
+      And I am on the edit user page
+    When I fill in "email" with "generic_new@example.com"
+      And I press "Update Profile"
+    Then I should see "Your changes have been saved."
+
+  Scenario: Change password
+    Given I am logged in
+      And I am on the edit user page
+    When I fill in "password" with "Generic13"
+      And I fill in "password confirmation" with "Generic13"
+      And I press "Update Profile"
+    Then I should see "Your changes have been saved."
+    
+  Scenario: Change password (already used)
+    Given I am logged in
+      And I am on the edit user page
+    When I fill in "password" with "Generic12"
+      And I fill in "password confirmation" with "Generic12"
+      And I press "Update Profile"
+    Then I should see "Password must not be the same as any of your recent passwords"
+
+  Scenario: Change password (invalid)
+    Given I am logged in
+      And I am on the edit user page
+    When I fill in "password" with "Generic13"
+      And I fill in "password confirmation" with "Generic14"
+      And I press "Update Profile"
+    Then I should not see "Your changes have been saved."
+      And I should see "Password doesn't match confirmation"
+      # can't remember the exact error message but whatever - if other tests pass, then this should be fine.
+
+  Scenario: Change email and password
+    Given I am logged in
+      And I am on the edit user page
+    When I fill in "password" with "Generic13"
+      And I fill in "password confirmation" with "Generic13"
+      And I press "Update Profile"
+    Then I should see "Your changes have been saved."
+    
+        

data/features/lock_abused_sparkly_account.feature

@@ -0,0 +1,7 @@
+Feature: Lock abused sparkly accounts
+  
+  Scenario: Lock a user out of a sparkly account after too many failures
+    Given I am on the new user session page
+    When I fail to log in 5 times
+    Then I should see "Account is locked due to too many invalid attempts"
+    

data/features/login_sparkly_session.feature

@@ -0,0 +1,43 @@
+Feature: Login sparkly session
+  Background:
+    Given I create an account
+  
+  Scenario: Valid credentials
+    Given I am on the new user session page
+    When I enter valid login credentials
+    Then I should see "Signed in successfully."
+    
+  Scenario: Invalid credentials
+    Given I am on the new user session page
+    When I enter invalid login credentials
+    Then I should see "Credentials were not valid."
+
+  Scenario: Sign in from a page requiring authenticated access
+    Given I am on the edit user page
+    When I enter valid login credentials
+    Then I should see "Signed in successfully."
+      #And I should be on the edit user page
+      And I should see "Email"
+      And I should see "Password"
+      And I should see "Password confirmation"
+
+  Scenario: Locked due to too many failed attempts
+    Given I am on the new user session page
+    When I enter invalid login credentials 6 times
+    Then I should see "Account is locked due to too many invalid attempts"
+    
+  # moved to rspec, these work in rails 2 but not in rails 3 (controller is nil??)
+#  Scenario: Log in with remember box checked
+#    Given I am on the new user session page
+#    When I check "Remember me"
+#      And I enter valid login credentials
+#    Then I should have a remembrance token
+#      And I should see "Signed in successfully."
+#
+#  Scenario: Log in with remember box unchecked
+#    Given I am on the new user session page
+#    When I uncheck "Remember me"
+#      And I enter valid login credentials
+#    Then I should see "Signed in successfully."
+#      And I should not have a remembrance token
+    

data/features/logout_sparkly_session.feature

@@ -0,0 +1,16 @@
+Feature: Logout sparkly session
+  Scenario: when logged in
+    Given I am logged in
+    When I log out
+    Then I should see "You have been signed out."
+    
+  Scenario: when already logged out
+    When I log out
+    Then I should see "You have been signed out."
+
+  Scenario: when logged in and remembered
+    Given I am logged in and remembered
+    When I log out
+    Then I should see "You have been signed out."
+      And I should not have a remembrance token
+    

data/features/setup/sparkly.rb

@@ -0,0 +1,4 @@
+Before do
+  # because some of the session tests modify this.
+  Auth.configuration.session_duration = 30.minutes
+end

data/features/show_sparkly_account.feature

@@ -0,0 +1,13 @@
+Feature: Show sparkly account
+  
+  Scenario: While not logged in
+    When I go to the show user page
+    Then I should see "You must be signed in to view this page."
+
+  Scenario: While logged in
+    Given I am logged in
+    When I go to the show user page
+    Then I should not see "You must be signed in to view this page."
+      And I should be on the show user page
+      # As in, not redirected.
+      

data/features/sparkly_session_timeout.feature

@@ -0,0 +1,6 @@
+Feature: Sparkly session timeout
+  Scenario: Session times out
+    Given I am logged in
+      And my session is expired
+    When I go to the edit user page
+    Then I should see "You have been signed out due to inactivity. Please sign in again."

data/features/step_definitions/account/account_steps.rb

@@ -0,0 +1,16 @@
+Given /^I enter new user details$/ do
+  Given 'I enter new user details for "generic@example.com"'
+end
+
+Given /^I enter new user details for "([^"]*)"$/ do |email|
+  fill_in 'email', :with => email
+  fill_in 'password', :with => 'Generic12'
+  fill_in 'password confirmation', :with => 'Generic12'
+  click_button "Sign up"
+  handle_redirect!
+end
+
+Given /^I delete my account$/ do
+  delete user_path
+  handle_redirect!
+end

data/features/step_definitions/account/brief_steps.rb

@@ -0,0 +1,9 @@
+When /^I create an account for "([^"]*)"$/ do |email|
+  Given "I am on the new user page"
+  When "I enter new user details for \"#{email}\""
+  Then 'I should see "account has been created"'
+end
+
+When /^I create an account$/ do
+  Given 'I create an account for "generic@example.com"'
+end

data/features/step_definitions/debug_steps.rb

@@ -0,0 +1,3 @@
+Then /^show me the response$/ do
+  puts response.body
+end

data/features/step_definitions/email_steps.rb

@@ -0,0 +1,182 @@
+# Commonly used email steps
+#
+# To add your own steps make a custom_email_steps.rb
+# The provided methods are:
+#
+# last_email_address
+# reset_mailer
+# open_last_email
+# visit_in_email
+# unread_emails_for
+# mailbox_for
+# current_email
+# open_email
+# read_emails_for
+# find_email
+#
+# General form for email scenarios are:
+#   - clear the email queue (done automatically by email_spec)
+#   - execute steps that sends an email
+#   - check the user received an/no/[0-9] emails
+#   - open the email
+#   - inspect the email contents
+#   - interact with the email (e.g. click links)
+#
+# The Cucumber steps below are setup in this order.
+
+module EmailHelpers
+  def current_email_address
+    # Replace with your a way to find your current email. e.g @current_user.email
+    # last_email_address will return the last email address used by email spec to find an email.
+    # Note that last_email_address will be reset after each Scenario.
+    last_email_address || "example@example.com"
+  end
+end
+
+World(EmailHelpers)
+
+#
+# Reset the e-mail queue within a scenario.
+# This is done automatically before each scenario.
+#
+
+Given /^(?:a clear email queue|no emails have been sent)$/ do
+  reset_mailer
+end
+
+#
+# Check how many emails have been sent/received
+#
+
+Then /^(?:I|they|"([^"]*?)") should receive (an|no|\d+) emails?$/ do |address, amount|
+  unread_emails_for(address).size.should == parse_email_count(amount)
+end
+
+Then /^(?:I|they|"([^"]*?)") should have (an|no|\d+) emails?$/ do |address, amount|
+  mailbox_for(address).size.should == parse_email_count(amount)
+end
+
+Then /^(?:I|they|"([^"]*?)") should receive (an|no|\d+) emails? with subject "([^"]*?)"$/ do |address, amount, subject|
+  unread_emails_for(address).select { |m| m.subject =~ Regexp.new(subject) }.size.should == parse_email_count(amount)
+end
+
+Then /^(?:I|they|"([^"]*?)") should receive an email with the following body:$/ do |address, expected_body|
+  open_email(address, :with_text => expected_body)
+end
+
+#
+# Accessing emails
+#
+
+# Opens the most recently received email
+When /^(?:I|they|"([^"]*?)") opens? the email$/ do |address|
+  open_email(address)
+end
+
+When /^(?:I|they|"([^"]*?)") opens? the email with subject "([^"]*?)"$/ do |address, subject|
+  open_email(address, :with_subject => subject)
+end
+
+When /^(?:I|they|"([^"]*?)") opens? the email with text "([^"]*?)"$/ do |address, text|
+  open_email(address, :with_text => text)
+end
+
+#
+# Inspect the Email Contents
+#
+
+Then /^(?:I|they) should see "([^"]*?)" in the email subject$/ do |text|
+  current_email.should have_subject(text)
+end
+
+Then /^(?:I|they) should see \/([^"]*?)\/ in the email subject$/ do |text|
+  current_email.should have_subject(Regexp.new(text))
+end
+
+Then /^(?:I|they) should see "([^"]*?)" in the email body$/ do |text|
+  current_email.body.should include(text)
+end
+
+Then /^(?:I|they) should see \/([^"]*?)\/ in the email body$/ do |text|
+  current_email.body.should =~ Regexp.new(text)
+end
+
+Then /^(?:I|they) should see the email delivered from "([^"]*?)"$/ do |text|
+  current_email.should be_delivered_from(text)
+end
+
+Then /^(?:I|they) should see "([^\"]*)" in the email "([^"]*?)" header$/ do |text, name|
+  current_email.should have_header(name, text)
+end
+
+Then /^(?:I|they) should see \/([^\"]*)\/ in the email "([^"]*?)" header$/ do |text, name|
+  current_email.should have_header(name, Regexp.new(text))
+end
+
+#
+# Inspect the Email Attachments
+#
+
+Then /^(?:I|they) should see (an|no|\d+) attachments? with the email$/ do |amount|
+  current_email_attachments.size.should == parse_email_count(amount)
+end
+
+Then /^there should be (an|no|\d+) attachments? named "([^"]*?)"$/ do |amount, filename|
+  current_email_attachments.select { |a| a.original_filename == filename }.size.should == parse_email_count(amount)
+end
+
+Then /^attachment (\d+) should be named "([^"]*?)"$/ do |index, filename|
+  current_email_attachments[(index.to_i - 1)].original_filename.should == filename
+end
+
+Then /^there should be (an|no|\d+) attachments? of type "([^"]*?)"$/ do |amount, content_type|
+  current_email_attachments.select { |a| a.content_type == content_type }.size.should == parse_email_count(amount)
+end
+
+Then /^attachment (\d+) should be of type "([^"]*?)"$/ do |index, content_type|
+  current_email_attachments[(index.to_i - 1)].content_type.should == content_type
+end
+
+Then /^all attachments should not be blank$/ do
+  current_email_attachments.each do |attachment|
+    attachment.size.should_not == 0
+  end
+end
+
+Then /^show me a list of email attachments$/ do
+  EmailSpec::EmailViewer::save_and_open_email_attachments_list(current_email)
+end
+
+#
+# Interact with Email Contents
+#
+
+When /^(?:I|they) follow "([^"]*?)" in the email$/ do |link|
+  visit_in_email(link)
+end
+
+When /^(?:I|they) click the first link in the email$/ do
+  click_first_link_in_email
+end
+
+#
+# Debugging
+# These only work with Rails and OSx ATM since EmailViewer uses RAILS_ROOT and OSx's 'open' command.
+# Patches accepted. ;)
+#
+
+Then /^save and open current email$/ do
+  EmailSpec::EmailViewer::save_and_open_email(current_email)
+end
+
+Then /^save and open all text emails$/ do
+  EmailSpec::EmailViewer::save_and_open_all_text_emails
+end
+
+Then /^save and open all html emails$/ do
+  EmailSpec::EmailViewer::save_and_open_all_html_emails
+end
+
+Then /^save and open all raw emails$/ do
+  EmailSpec::EmailViewer::save_and_open_all_raw_emails
+end