spree_auth_devise 1.3.1 → 3.0.5

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of spree_auth_devise might be problematic. Click here for more details.

Files changed (144) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +10 -0
  3. data/.rspec +3 -0
  4. data/.travis.yml +11 -0
  5. data/Gemfile +5 -0
  6. data/{LICENSE → LICENSE.md} +1 -1
  7. data/README.md +86 -10
  8. data/Rakefile +15 -0
  9. data/Versionfile +5 -0
  10. data/app/controllers/metal_decorator.rb +6 -0
  11. data/app/mailers/spree/user_mailer.rb +12 -5
  12. data/app/models/spree/auth_configuration.rb +1 -0
  13. data/app/models/spree/user.rb +17 -50
  14. data/app/overrides/spree/admin/shared/_header/auth_admin_login_navigation_bar.html.erb.deface +4 -0
  15. data/bin/rails +7 -0
  16. data/circle.yml +11 -0
  17. data/config.ru +4 -0
  18. data/config/initializers/devise.rb +3 -8
  19. data/config/initializers/warden.rb +14 -0
  20. data/config/locales/de.yml +40 -37
  21. data/config/locales/en.yml +48 -39
  22. data/config/locales/es.yml +49 -0
  23. data/config/locales/fr.yml +49 -0
  24. data/config/locales/it.yml +76 -0
  25. data/config/locales/nl.yml +41 -46
  26. data/config/locales/pt-BR.yml +51 -0
  27. data/config/locales/tr.yml +49 -0
  28. data/config/routes.rb +32 -15
  29. data/db/default/users.rb +13 -6
  30. data/db/migrate/20140904000425_add_deleted_at_to_users.rb +6 -0
  31. data/db/migrate/20141002154641_add_confirmable_to_users.rb +7 -0
  32. data/lib/assets/javascripts/spree/backend/spree_auth.js.erb +1 -0
  33. data/lib/assets/javascripts/spree/frontend/spree_auth.js.erb +1 -0
  34. data/lib/assets/stylesheets/spree/backend/spree_auth.css.erb +3 -0
  35. data/lib/assets/stylesheets/spree/frontend/spree_auth.css.erb +3 -0
  36. data/lib/controllers/backend/spree/admin/admin_controller_decorator.rb +26 -0
  37. data/lib/controllers/backend/spree/admin/admin_orders_controller_decorator.rb +20 -0
  38. data/{app/controllers → lib/controllers/backend}/spree/admin/admin_resource_controller_decorator.rb +0 -0
  39. data/{app/controllers/spree/admin/admin_orders_controller_decorator.rb → lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb} +3 -2
  40. data/lib/controllers/backend/spree/admin/user_passwords_controller.rb +42 -0
  41. data/lib/controllers/backend/spree/admin/user_sessions_controller.rb +53 -0
  42. data/{app/controllers → lib/controllers/frontend}/spree/checkout_controller_decorator.rb +8 -15
  43. data/lib/controllers/frontend/spree/user_confirmations_controller.rb +14 -0
  44. data/{app/controllers → lib/controllers/frontend}/spree/user_passwords_controller.rb +10 -9
  45. data/{app/controllers → lib/controllers/frontend}/spree/user_registrations_controller.rb +18 -15
  46. data/lib/controllers/frontend/spree/user_sessions_controller.rb +46 -0
  47. data/{app/controllers → lib/controllers/frontend}/spree/users_controller.rb +13 -9
  48. data/lib/generators/spree/auth/install/install_generator.rb +26 -0
  49. data/lib/generators/spree/auth/install/templates/config/initializers/devise.rb +1 -0
  50. data/lib/spree/auth.rb +2 -1
  51. data/lib/spree/auth/devise.rb +7 -0
  52. data/lib/spree/auth/engine.rb +57 -2
  53. data/lib/spree/authentication_helpers.rb +1 -1
  54. data/lib/spree_auth_devise.rb +3 -0
  55. data/lib/views/backend/spree/admin/user_passwords/edit.html.erb +15 -0
  56. data/lib/views/backend/spree/admin/user_passwords/new.html.erb +17 -0
  57. data/lib/views/backend/spree/admin/user_sessions/authorization_failure.html.erb +4 -0
  58. data/lib/views/backend/spree/admin/user_sessions/new.html.erb +38 -0
  59. data/lib/views/backend/spree/layouts/admin/_login_nav.html.erb +33 -0
  60. data/lib/views/backend/spree/layouts/login.html.erb +25 -0
  61. data/lib/views/frontend/spree/checkout/_new_user.html.erb +20 -0
  62. data/lib/views/frontend/spree/checkout/registration.html.erb +27 -0
  63. data/{app/views → lib/views/frontend}/spree/shared/_flashes.html.erb +0 -0
  64. data/lib/views/frontend/spree/shared/_login.html.erb +18 -0
  65. data/lib/views/frontend/spree/shared/_login_bar.html.erb +6 -0
  66. data/lib/views/frontend/spree/shared/_user_form.html.erb +13 -0
  67. data/lib/views/frontend/spree/user_mailer/confirmation_instructions.text.erb +5 -0
  68. data/lib/views/frontend/spree/user_mailer/reset_password_instructions.text.erb +10 -0
  69. data/lib/views/frontend/spree/user_passwords/edit.html.erb +22 -0
  70. data/lib/views/frontend/spree/user_passwords/new.html.erb +21 -0
  71. data/lib/views/frontend/spree/user_registrations/new.html.erb +22 -0
  72. data/lib/views/frontend/spree/user_sessions/new.html.erb +20 -0
  73. data/lib/views/frontend/spree/users/edit.html.erb +17 -0
  74. data/lib/views/frontend/spree/users/show.html.erb +43 -0
  75. data/spec/controllers/spree/admin/orders_controller_spec.rb +14 -0
  76. data/spec/controllers/spree/checkout_controller_spec.rb +141 -0
  77. data/spec/controllers/spree/products_controller_spec.rb +21 -0
  78. data/spec/controllers/spree/user_passwords_controller_spec.rb +44 -0
  79. data/spec/controllers/spree/user_registrations_controller_spec.rb +13 -0
  80. data/spec/controllers/spree/user_sessions_controller_spec.rb +56 -0
  81. data/spec/controllers/spree/users_controller_spec.rb +38 -0
  82. data/spec/factories/confirmed_user.rb +7 -0
  83. data/spec/features/account_spec.rb +58 -0
  84. data/spec/features/admin/orders_spec.rb +28 -0
  85. data/spec/features/admin/password_reset_spec.rb +24 -0
  86. data/spec/features/admin/products_spec.rb +9 -0
  87. data/spec/features/admin/sign_in_spec.rb +45 -0
  88. data/spec/features/admin/sign_out_spec.rb +22 -0
  89. data/spec/features/admin_permissions_spec.rb +46 -0
  90. data/spec/features/change_email_spec.rb +24 -0
  91. data/spec/features/checkout_spec.rb +160 -0
  92. data/spec/features/confirmation_spec.rb +28 -0
  93. data/spec/features/order_spec.rb +62 -0
  94. data/spec/features/password_reset_spec.rb +24 -0
  95. data/spec/features/sign_in_spec.rb +54 -0
  96. data/spec/features/sign_out_spec.rb +25 -0
  97. data/spec/features/sign_up_spec.rb +30 -0
  98. data/spec/mailers/user_mailer_spec.rb +46 -0
  99. data/spec/models/order_spec.rb +26 -0
  100. data/spec/models/user_spec.rb +58 -0
  101. data/spec/spec_helper.rb +24 -0
  102. data/spec/support/ability.rb +15 -0
  103. data/spec/support/authentication_helpers.rb +14 -0
  104. data/spec/support/capybara.rb +7 -0
  105. data/spec/support/confirm_helpers.rb +11 -0
  106. data/spec/support/database_cleaner.rb +18 -0
  107. data/spec/support/email.rb +5 -0
  108. data/spec/support/factory_girl.rb +5 -0
  109. data/spec/support/spree.rb +26 -0
  110. data/spree_auth_devise.gemspec +48 -0
  111. metadata +441 -79
  112. data/app/assets/javascripts/admin/spree_auth.js +0 -1
  113. data/app/assets/javascripts/store/spree_auth.js +0 -1
  114. data/app/assets/stylesheets/admin/spree_auth.css +0 -3
  115. data/app/assets/stylesheets/store/spree_auth.css +0 -3
  116. data/app/controllers/spree/admin/admin_controller_decorator.rb +0 -7
  117. data/app/controllers/spree/admin/admin_users_controller_decorator.rb +0 -21
  118. data/app/controllers/spree/admin/users_controller.rb +0 -77
  119. data/app/controllers/spree/base_controller_decorator.rb +0 -18
  120. data/app/controllers/spree/orders_controller_decorator.rb +0 -15
  121. data/app/controllers/spree/user_sessions_controller.rb +0 -54
  122. data/app/helpers/spree/users_helper.rb +0 -15
  123. data/app/models/spree/current_order_decorator.rb +0 -12
  124. data/app/overrides/admin_tab.rb +0 -6
  125. data/app/overrides/auth_admin_login_navigation_bar.rb +0 -5
  126. data/app/overrides/auth_user_login_form.rb +0 -6
  127. data/app/views/spree/admin/users/_form.html.erb +0 -37
  128. data/app/views/spree/admin/users/edit.html.erb +0 -28
  129. data/app/views/spree/admin/users/index.html.erb +0 -53
  130. data/app/views/spree/admin/users/new.html.erb +0 -23
  131. data/app/views/spree/admin/users/show.html.erb +0 -21
  132. data/app/views/spree/layouts/admin/_login_nav.html.erb +0 -8
  133. data/app/views/spree/shared/_login.html.erb +0 -20
  134. data/app/views/spree/shared/_login_bar.html.erb +0 -6
  135. data/app/views/spree/shared/_user_form.html.erb +0 -17
  136. data/app/views/spree/user_mailer/reset_password_instructions.text.erb +0 -10
  137. data/app/views/spree/user_passwords/edit.html.erb +0 -15
  138. data/app/views/spree/user_passwords/new.html.erb +0 -15
  139. data/app/views/spree/user_registrations/new.html.erb +0 -22
  140. data/app/views/spree/user_sessions/authorization_failure.html.erb +0 -4
  141. data/app/views/spree/user_sessions/new.html.erb +0 -13
  142. data/app/views/spree/users/edit.html.erb +0 -11
  143. data/app/views/spree/users/show.html.erb +0 -43
  144. data/config/initializers/spree.rb +0 -1
@@ -0,0 +1,13 @@
1
+ RSpec.describe Spree::UserRegistrationsController, type: :controller do
2
+
3
+ before { @request.env['devise.mapping'] = Devise.mappings[:spree_user] }
4
+
5
+ context '#create' do
6
+ before { allow(controller).to receive(:after_sign_up_path_for).and_return(spree.root_path(thing: 7)) }
7
+
8
+ it 'redirects to after_sign_up_path_for' do
9
+ spree_post :create, { spree_user: { email: 'foobar@example.com', password: 'foobar123', password_confirmation: 'foobar123' } }
10
+ expect(response).to redirect_to spree.root_path(thing: 7)
11
+ end
12
+ end
13
+ end
@@ -0,0 +1,56 @@
1
+ RSpec.describe Spree::UserSessionsController, type: :controller do
2
+
3
+ let(:user) { create(:user) }
4
+
5
+ before { @request.env['devise.mapping'] = Devise.mappings[:spree_user] }
6
+
7
+ context "#create" do
8
+ context "using correct login information" do
9
+ it 'properly assigns orders user from guest_token' do
10
+ order1 = create(:order, email: user.email, guest_token: 'ABC', user_id: nil, created_by_id: nil)
11
+ order2 = create(:order, guest_token: 'ABC', user_id: 200)
12
+ request.cookie_jar.signed[:guest_token] = 'ABC'
13
+ spree_post :create, spree_user: { email: user.email, password: 'secret' }
14
+
15
+ expect(order1.reload.user_id).to eq user.id
16
+ expect(order1.reload.created_by_id).to eq user.id
17
+ expect(order2.reload.user_id).to eq 200
18
+ end
19
+
20
+ context "and html format is used" do
21
+ it "redirects to default after signing in" do
22
+ spree_post :create, spree_user: { email: user.email, password: 'secret' }
23
+ expect(response).to redirect_to spree.root_path
24
+ end
25
+ end
26
+
27
+ context "and js format is used" do
28
+ it "returns a json with ship and bill address" do
29
+ spree_post :create, spree_user: { email: user.email, password: 'secret' }, format: 'js'
30
+ parsed = ActiveSupport::JSON.decode(response.body)
31
+ expect(parsed).to have_key("user")
32
+ expect(parsed).to have_key("ship_address")
33
+ expect(parsed).to have_key("bill_address")
34
+ end
35
+ end
36
+ end
37
+
38
+ context "using incorrect login information" do
39
+ context "and html format is used" do
40
+ it "renders new template again with errors" do
41
+ spree_post :create, spree_user: { email: user.email, password: 'wrong' }
42
+ expect(response).to render_template('new')
43
+ expect(flash[:error]).to eq I18n.t(:'devise.failure.invalid')
44
+ end
45
+ end
46
+
47
+ context "and js format is used" do
48
+ it "returns a json with the error" do
49
+ spree_post :create, spree_user: { email: user.email, password: 'wrong' }, format: 'js'
50
+ parsed = ActiveSupport::JSON.decode(response.body)
51
+ expect(parsed).to have_key("error")
52
+ end
53
+ end
54
+ end
55
+ end
56
+ end
@@ -0,0 +1,38 @@
1
+ RSpec.describe Spree::UsersController, type: :controller do
2
+
3
+ let(:admin_user) { create(:user) }
4
+ let(:user) { create(:user) }
5
+ let(:role) { create(:role) }
6
+
7
+ before { allow(controller).to receive(:spree_current_user) { user } }
8
+
9
+ context '#load_object' do
10
+ it 'redirects to signup path if user is not found' do
11
+ allow(controller).to receive(:spree_current_user) { nil }
12
+ spree_put :update, { user: { email: 'foobar@example.com' } }
13
+ expect(response).to redirect_to spree.login_path
14
+ end
15
+ end
16
+
17
+ context '#create' do
18
+ it 'creates a new user' do
19
+ spree_post :create, { user: { email: 'foobar@example.com', password: 'foobar123', password_confirmation: 'foobar123' } }
20
+ expect(assigns[:user].new_record?).to be false
21
+ end
22
+ end
23
+
24
+ context '#update' do
25
+ context 'when updating own account' do
26
+ it 'performs update' do
27
+ spree_put :update, { user: { email: 'mynew@email-address.com' } }
28
+ expect(assigns[:user].email).to eq 'mynew@email-address.com'
29
+ expect(response).to redirect_to spree.account_url(only_path: true)
30
+ end
31
+ end
32
+
33
+ it 'does not update roles' do
34
+ spree_put :update, user: { spree_role_ids: [role.id] }
35
+ expect(assigns[:user].spree_roles).to_not include role
36
+ end
37
+ end
38
+ end
@@ -0,0 +1,7 @@
1
+ FactoryGirl.define do
2
+ factory :confirmed_user, parent: :user do
3
+ confirmed_at { Time.now }
4
+ confirmation_sent_at { Time.now }
5
+ confirmation_token "12345"
6
+ end
7
+ end
@@ -0,0 +1,58 @@
1
+ RSpec.feature 'Accounts', type: :feature do
2
+
3
+ context 'editing' do
4
+ scenario 'can edit an admin user' do
5
+ user = create(:admin_user, email: 'admin@person.com', password: 'password', password_confirmation: 'password')
6
+ visit spree.login_path
7
+
8
+ fill_in 'Email', with: user.email
9
+ fill_in 'Password', with: user.password
10
+ click_button 'Login'
11
+
12
+ click_link 'My Account'
13
+ expect(page).to have_text 'admin@person.com'
14
+ end
15
+
16
+ scenario 'can edit a new user' do
17
+ Spree::Auth::Config.set(signout_after_password_change: false)
18
+ visit spree.signup_path
19
+
20
+ fill_in 'Email', with: 'email@person.com'
21
+ fill_in 'Password', with: 'password'
22
+ fill_in 'Password Confirmation', with: 'password'
23
+ click_button 'Create'
24
+
25
+ click_link 'My Account'
26
+ expect(page).to have_text 'email@person.com'
27
+ click_link 'Edit'
28
+
29
+ fill_in 'Password', with: 'foobar'
30
+ fill_in 'Password Confirmation', with: 'foobar'
31
+ click_button 'Update'
32
+
33
+ expect(page).to have_text 'email@person.com'
34
+ expect(page).to have_text 'Account updated'
35
+ end
36
+
37
+ scenario 'can edit an existing user account' do
38
+ Spree::Auth::Config.set(signout_after_password_change: false)
39
+ user = create(:user, email: 'email@person.com', password: 'secret', password_confirmation: 'secret')
40
+ visit spree.login_path
41
+
42
+ fill_in 'Email', with: user.email
43
+ fill_in 'Password', with: user.password
44
+ click_button 'Login'
45
+
46
+ click_link 'My Account'
47
+ expect(page).to have_text 'email@person.com'
48
+ click_link 'Edit'
49
+
50
+ fill_in 'Password', with: 'foobar'
51
+ fill_in 'Password Confirmation', with: 'foobar'
52
+ click_button 'Update'
53
+
54
+ expect(page).to have_text 'email@person.com'
55
+ expect(page).to have_text 'Account updated'
56
+ end
57
+ end
58
+ end
@@ -0,0 +1,28 @@
1
+ RSpec.feature 'Admin orders', type: :feature do
2
+
3
+ background do
4
+ sign_in_as! create(:admin_user)
5
+ end
6
+
7
+ # Regression #203
8
+ scenario 'can list orders' do
9
+ expect { visit spree.admin_orders_path }.not_to raise_error
10
+ end
11
+
12
+ # Regression #203
13
+ scenario 'can new orders' do
14
+ expect { visit spree.new_admin_order_path }.not_to raise_error
15
+ end
16
+
17
+ # Regression #203
18
+ scenario 'can not edit orders' do
19
+ expect { visit spree.edit_admin_order_path('nodata') }.to raise_error(ActiveRecord::RecordNotFound)
20
+ end
21
+
22
+ # Regression #203
23
+ scenario 'can edit orders' do
24
+ create(:order, number: 'R123')
25
+ visit spree.edit_admin_order_path('R123')
26
+ expect(page).not_to have_text 'Authorization Failure'
27
+ end
28
+ end
@@ -0,0 +1,24 @@
1
+ RSpec.feature 'Admin - Reset Password', type: :feature do
2
+
3
+ let!(:store) { create(:store) }
4
+
5
+ background do
6
+ ActionMailer::Base.default_url_options[:host] = 'http://example.com'
7
+ end
8
+
9
+ scenario 'allows a user to supply an email for the password reset' do
10
+ user = create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret')
11
+ visit spree.admin_login_path
12
+ click_link 'Forgot Password?'
13
+ fill_in 'Email', with: 'foobar@example.com'
14
+ click_button 'Reset my password'
15
+ expect(page).to have_text 'You will receive an email with instructions'
16
+ end
17
+
18
+ scenario 'shows errors if no email is supplied' do
19
+ visit spree.admin_login_path
20
+ click_link 'Forgot Password?'
21
+ click_button 'Reset my password'
22
+ expect(page).to have_text "Email can't be blank"
23
+ end
24
+ end
@@ -0,0 +1,9 @@
1
+ RSpec.feature 'Admin products', type: :feature do
2
+
3
+ context 'as anonymous user' do
4
+ # Regression test for #1250
5
+ scenario 'redirects to login page when attempting to access product listing' do
6
+ expect { visit spree.admin_products_path }.not_to raise_error
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,45 @@
1
+ RSpec.feature 'Admin - Sign In', type: :feature do
2
+
3
+ background do
4
+ @user = create(:user, email: 'email@person.com')
5
+ visit spree.admin_login_path
6
+ end
7
+
8
+ scenario 'asks user to sign in' do
9
+ visit spree.admin_path
10
+ expect(page).not_to have_text 'Authorization Failure'
11
+ end
12
+
13
+ scenario 'lets a user sign in successfully' do
14
+ fill_in 'Email', with: @user.email
15
+ fill_in 'Password', with: 'secret'
16
+ click_button 'Login'
17
+
18
+ expect(page).to have_text 'Logged in successfully'
19
+ expect(page).not_to have_text 'Login'
20
+ expect(page).to have_text 'Logout'
21
+ expect(current_path).to eq '/'
22
+ end
23
+
24
+ scenario 'shows validation errors' do
25
+ fill_in 'Email', with: @user.email
26
+ fill_in 'Password', with: 'wrong_password'
27
+ click_button 'Login'
28
+
29
+ expect(page).to have_text 'Invalid email or password'
30
+ expect(page).to have_button 'Login'
31
+ end
32
+
33
+ scenario 'allows a user to access a restricted page after logging in' do
34
+ user = create(:admin_user, email: 'admin@person.com')
35
+ visit spree.admin_path
36
+
37
+ fill_in 'Email', with: user.email
38
+ fill_in 'Password', with: 'secret'
39
+ click_button 'Login'
40
+ within '.user-menu' do
41
+ expect(page).to have_text 'admin@person.com'
42
+ end
43
+ expect(current_path).to eq '/admin/orders'
44
+ end
45
+ end
@@ -0,0 +1,22 @@
1
+ RSpec.feature 'Admin - Sign Out', type: :feature do
2
+
3
+ given!(:user) do
4
+ create :user, email: 'email@person.com'
5
+ end
6
+
7
+ background do
8
+ visit spree.admin_login_path
9
+ fill_in 'Email', with: user.email
10
+ fill_in 'Password', with: 'secret'
11
+ # Regression test for #1257
12
+ check 'Remember me'
13
+ click_button 'Login'
14
+ end
15
+
16
+ scenario 'allows a signed in user to logout' do
17
+ click_link 'Logout'
18
+ visit spree.admin_login_path
19
+ expect(page).to have_button 'Login'
20
+ expect(page).not_to have_text 'Logout'
21
+ end
22
+ end
@@ -0,0 +1,46 @@
1
+ RSpec.feature 'Admin Permissions', type: :feature do
2
+
3
+ context 'orders' do
4
+ background do
5
+ user = create(:admin_user, email: 'admin@person.com', password: 'password', password_confirmation: 'password')
6
+ Spree::Ability.register_ability(AbilityDecorator)
7
+ visit spree.login_path
8
+
9
+ fill_in 'Email', with: user.email
10
+ fill_in 'Password', with: user.password
11
+ click_button 'Login'
12
+ end
13
+
14
+ context 'admin is restricted from accessing orders' do
15
+ scenario 'can not list orders' do
16
+ visit spree.admin_orders_path
17
+ expect(page).to have_text 'Authorization Failure'
18
+ end
19
+
20
+ scenario 'can not edit orders' do
21
+ create(:order, number: 'R123')
22
+ visit spree.edit_admin_order_path('R123')
23
+ expect(page).to have_text 'Authorization Failure'
24
+ end
25
+
26
+ scenario 'can not new orders' do
27
+ visit spree.new_admin_order_path
28
+ expect(page).to have_text 'Authorization Failure'
29
+ end
30
+ end
31
+
32
+ context "admin is restricted from accessing an order's customer details" do
33
+ given(:order) { create(:order_with_totals) }
34
+
35
+ scenario 'can not list customer details for an order' do
36
+ visit spree.admin_order_customer_path(order)
37
+ expect(page).to have_text 'Authorization Failure'
38
+ end
39
+
40
+ scenario "can not edit an order's customer details" do
41
+ visit spree.edit_admin_order_customer_path(order)
42
+ expect(page).to have_text 'Authorization Failure'
43
+ end
44
+ end
45
+ end
46
+ end
@@ -0,0 +1,24 @@
1
+ RSpec.feature 'Change email', type: :feature do
2
+
3
+ background do
4
+ user = create(:user)
5
+ visit spree.root_path
6
+ click_link 'Login'
7
+
8
+ fill_in 'spree_user[email]', with: user.email
9
+ fill_in 'spree_user[password]', with: 'secret'
10
+ click_button 'Login'
11
+
12
+ visit spree.edit_account_path
13
+ end
14
+
15
+ scenario 'work with correct password' do
16
+ fill_in 'user_email', with: 'tests@example.com'
17
+ fill_in 'user_password', with: 'password'
18
+ fill_in 'user_password_confirmation', with: 'password'
19
+ click_button 'Update'
20
+
21
+ expect(page).to have_text 'Account updated'
22
+ expect(page).to have_text 'tests@example.com'
23
+ end
24
+ end
@@ -0,0 +1,160 @@
1
+ RSpec.feature 'Checkout', :js, type: :feature do
2
+ given!(:store) { create(:store) }
3
+ given!(:country) { create(:country, name: 'United States', states_required: true) }
4
+ given!(:state) { create(:state, name: 'Maryland', country: country) }
5
+ given!(:shipping_method) do
6
+ shipping_method = create(:shipping_method)
7
+ calculator = Spree::Calculator::Shipping::PerItem.create!(calculable: shipping_method, preferred_amount: 10)
8
+ shipping_method.calculator = calculator
9
+ shipping_method.tap(&:save)
10
+ end
11
+
12
+ given!(:zone) { create(:zone) }
13
+ given!(:address) { create(:address, state: state, country: country) }
14
+
15
+ background do
16
+ @product = create(:product, name: 'RoR Mug')
17
+ @product.master.stock_items.first.update_column(:count_on_hand, 1)
18
+
19
+ # Bypass gateway error on checkout | ..or stub a gateway
20
+ Spree::Config[:allow_checkout_on_gateway_error] = true
21
+
22
+ visit spree.root_path
23
+ end
24
+
25
+ context 'without payment being required' do
26
+ background do
27
+ # So that we don't have to setup payment methods just for the sake of it
28
+ allow_any_instance_of(Spree::Order).to receive(:has_available_payment).and_return(true)
29
+ allow_any_instance_of(Spree::Order).to receive(:payment_required?).and_return(false)
30
+ end
31
+
32
+ scenario 'allow a visitor to checkout as guest, without registration' do
33
+ Spree::Auth::Config.set(registration_step: true)
34
+ click_link 'RoR Mug'
35
+ click_button 'Add To Cart'
36
+ within('h1') { expect(page).to have_text 'Shopping Cart' }
37
+ click_button 'Checkout'
38
+
39
+ expect(page).to have_content(/Checkout as a Guest/i)
40
+
41
+ within('#guest_checkout') { fill_in 'Email', with: 'spree@test.com' }
42
+ click_button 'Continue'
43
+
44
+ expect(page).to have_text(/Billing Address/i)
45
+ expect(page).to have_text(/Shipping Address/i)
46
+
47
+ str_addr = 'bill_address'
48
+ select 'United States', from: "order_#{str_addr}_attributes_country_id"
49
+ %w(firstname lastname address1 city zipcode phone).each do |field|
50
+ fill_in "order_#{str_addr}_attributes_#{field}", with: "#{address.send(field)}"
51
+ end
52
+ select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
53
+ check 'order_use_billing'
54
+
55
+ click_button 'Save and Continue'
56
+ click_button 'Save and Continue'
57
+
58
+ expect(page).to have_text 'Your order has been processed successfully'
59
+ end
60
+
61
+ scenario 'associate an uncompleted guest order with user after logging in' do
62
+ user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
63
+ click_link 'RoR Mug'
64
+ click_button 'Add To Cart'
65
+
66
+ visit spree.login_path
67
+ fill_in 'Email', with: user.email
68
+ fill_in 'Password', with: user.password
69
+ click_button 'Login'
70
+ click_link 'Cart'
71
+
72
+ expect(page).to have_text 'RoR Mug'
73
+ within('h1') { expect(page).to have_text 'Shopping Cart' }
74
+
75
+ click_button 'Checkout'
76
+
77
+ str_addr = 'bill_address'
78
+ select 'United States', from: "order_#{str_addr}_attributes_country_id"
79
+ %w(firstname lastname address1 city zipcode phone).each do |field|
80
+ fill_in "order_#{str_addr}_attributes_#{field}", with: "#{address.send(field)}"
81
+ end
82
+ select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
83
+ check 'order_use_billing'
84
+
85
+ click_button 'Save and Continue'
86
+ click_button 'Save and Continue'
87
+
88
+ expect(page).to have_text 'Your order has been processed successfully'
89
+ expect(Spree::Order.first.user).to eq user
90
+ end
91
+
92
+ # Regression test for #890
93
+ scenario 'associate an incomplete guest order with user after successful password reset' do
94
+ create(:store)
95
+ user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
96
+ click_link 'RoR Mug'
97
+ click_button 'Add To Cart'
98
+
99
+ visit spree.login_path
100
+ click_link 'Forgot Password?'
101
+ fill_in 'spree_user_email', with: 'email@person.com'
102
+ click_button 'Reset my password'
103
+
104
+ # Need to do this now because the token stored in the DB is the encrypted version
105
+ # The 'plain-text' version is sent in the email and there's one way to get that!
106
+ reset_password_email = ActionMailer::Base.deliveries.first
107
+ token_url_regex = /^http:\/\/www.example.com\/user\/spree_user\/password\/edit\?reset_password_token=(.*)$/
108
+ token = token_url_regex.match(reset_password_email.body.to_s)[1]
109
+
110
+ visit spree.edit_spree_user_password_path(reset_password_token: token)
111
+ fill_in 'Password', with: 'password'
112
+ fill_in 'Password Confirmation', with: 'password'
113
+ click_button 'Update'
114
+
115
+ click_link 'Cart'
116
+ click_button 'Checkout'
117
+
118
+ str_addr = 'bill_address'
119
+ select 'United States', from: "order_#{str_addr}_attributes_country_id"
120
+ %w(firstname lastname address1 city zipcode phone).each do |field|
121
+ fill_in "order_#{str_addr}_attributes_#{field}", with: "#{address.send(field)}"
122
+ end
123
+ select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
124
+ check 'order_use_billing'
125
+
126
+ click_button 'Save and Continue'
127
+
128
+ expect(page).not_to have_text 'Email is invalid'
129
+ end
130
+
131
+ scenario 'allow a user to register during checkout' do
132
+ click_link 'RoR Mug'
133
+ click_button 'Add To Cart'
134
+ click_button 'Checkout'
135
+
136
+ expect(page).to have_text 'Registration'
137
+
138
+ fill_in 'Email', with: 'email@person.com'
139
+ fill_in 'Password', with: 'spree123'
140
+ fill_in 'Password Confirmation', with: 'spree123'
141
+ click_button 'Create'
142
+
143
+ expect(page).to have_text 'You have signed up successfully.'
144
+
145
+ str_addr = 'bill_address'
146
+ select 'United States', from: "order_#{str_addr}_attributes_country_id"
147
+ %w(firstname lastname address1 city zipcode phone).each do |field|
148
+ fill_in "order_#{str_addr}_attributes_#{field}", with: "#{address.send(field)}"
149
+ end
150
+ select "#{address.state.name}", from: "order_#{str_addr}_attributes_state_id"
151
+ check 'order_use_billing'
152
+
153
+ click_button 'Save and Continue'
154
+ click_button 'Save and Continue'
155
+
156
+ expect(page).to have_text 'Your order has been processed successfully'
157
+ expect(Spree::Order.first.user).to eq Spree::User.find_by_email('email@person.com')
158
+ end
159
+ end
160
+ end