spree_auth_devise 4.0.0.rc2 → 4.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (73) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +41 -0
  3. data/.gitignore +1 -0
  4. data/.travis.yml +3 -21
  5. data/Appraisals +3 -19
  6. data/Gemfile +2 -2
  7. data/README.md +3 -12
  8. data/app/controllers/spree/user_confirmations_controller.rb +24 -0
  9. data/app/controllers/spree/user_passwords_controller.rb +2 -0
  10. data/app/controllers/spree/user_registrations_controller.rb +27 -1
  11. data/app/controllers/spree/user_sessions_controller.rb +23 -1
  12. data/app/views/spree/user_passwords/edit.html.erb +20 -17
  13. data/app/views/spree/user_passwords/new.html.erb +17 -15
  14. data/app/views/spree/user_registrations/new.html.erb +12 -17
  15. data/app/views/spree/user_sessions/new.html.erb +11 -12
  16. data/config/locales/en.yml +3 -1
  17. data/config/routes.rb +2 -3
  18. data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb +2 -2
  19. data/gemfiles/{spree_3_5.gemfile → spree_4_1.gemfile} +1 -1
  20. data/lib/controllers/frontend/spree/checkout_controller_decorator.rb +2 -2
  21. data/lib/controllers/frontend/spree/users_controller.rb +11 -6
  22. data/lib/generators/spree/auth/install/install_generator.rb +0 -4
  23. data/lib/spree/testing_support/auth_helpers.rb +36 -0
  24. data/lib/spree/testing_support/checkout_helpers.rb +24 -0
  25. data/lib/views/backend/spree/admin/user_passwords/new.html.erb +1 -1
  26. data/lib/views/backend/spree/admin/user_sessions/new.html.erb +1 -1
  27. data/spec/controllers/spree/admin/orders_controller_spec.rb +1 -1
  28. data/spec/controllers/spree/admin/user_sessions_controller_spec.rb +1 -1
  29. data/spec/controllers/spree/checkout_controller_spec.rb +15 -16
  30. data/spec/controllers/spree/products_controller_spec.rb +1 -1
  31. data/spec/controllers/spree/user_passwords_controller_spec.rb +4 -4
  32. data/spec/controllers/spree/user_registrations_controller_spec.rb +8 -8
  33. data/spec/controllers/spree/user_sessions_controller_spec.rb +17 -17
  34. data/spec/controllers/spree/users_controller_spec.rb +4 -4
  35. data/spec/features/account_spec.rb +10 -8
  36. data/spec/features/admin/password_reset_spec.rb +2 -4
  37. data/spec/features/admin/sign_in_spec.rb +5 -7
  38. data/spec/features/admin/sign_out_spec.rb +1 -1
  39. data/spec/features/admin_permissions_spec.rb +1 -1
  40. data/spec/features/change_email_spec.rb +1 -7
  41. data/spec/features/checkout_spec.rb +38 -63
  42. data/spec/features/confirmation_spec.rb +3 -5
  43. data/spec/features/order_spec.rb +9 -15
  44. data/spec/features/password_reset_spec.rb +2 -4
  45. data/spec/features/sign_in_spec.rb +7 -9
  46. data/spec/features/sign_out_spec.rb +16 -23
  47. data/spec/features/sign_up_spec.rb +6 -4
  48. data/spec/mailers/user_mailer_spec.rb +1 -1
  49. data/spec/models/user_spec.rb +5 -5
  50. data/spec/requests/spree/frontend/user_update_spec.rb +42 -0
  51. data/spec/spec_helper.rb +16 -0
  52. data/spec/support/add_to_cart.rb +11 -4
  53. data/spec/support/authentication_helpers.rb +1 -1
  54. data/spec/support/capybara.rb +15 -8
  55. data/spree_auth_devise.gemspec +14 -10
  56. metadata +104 -74
  57. data/app/overrides/auth_shared_login_bar.rb +0 -6
  58. data/app/views/spree/shared/_login.html.erb +0 -18
  59. data/app/views/spree/shared/_user_form.html.erb +0 -17
  60. data/gemfiles/spree_3_2.gemfile +0 -8
  61. data/gemfiles/spree_3_7.gemfile +0 -9
  62. data/gemfiles/spree_4_0.gemfile +0 -8
  63. data/lib/assets/javascripts/spree/backend/spree_auth.js.erb +0 -1
  64. data/lib/assets/javascripts/spree/frontend/account.js +0 -8
  65. data/lib/assets/javascripts/spree/frontend/spree_auth.js.erb +0 -2
  66. data/lib/assets/stylesheets/spree/backend/spree_auth.css.erb +0 -3
  67. data/lib/assets/stylesheets/spree/frontend/spree_auth.css.erb +0 -3
  68. data/lib/controllers/frontend/spree/store_controller_decorator.rb +0 -7
  69. data/lib/views/frontend/spree/checkout/_new_user.html.erb +0 -20
  70. data/lib/views/frontend/spree/checkout/registration.html.erb +0 -25
  71. data/lib/views/frontend/spree/shared/_link_to_account.html.erb +0 -6
  72. data/lib/views/frontend/spree/users/edit.html.erb +0 -17
  73. data/lib/views/frontend/spree/users/show.html.erb +0 -48
@@ -1,5 +1,4 @@
1
1
  RSpec.feature 'Checkout', :js, type: :feature do
2
- given!(:store) { create(:store) }
3
2
  given!(:country) { create(:country, name: 'United States', states_required: true) }
4
3
  given!(:state) { create(:state, name: 'Maryland', country: country) }
5
4
  given!(:shipping_method) do
@@ -9,12 +8,13 @@ RSpec.feature 'Checkout', :js, type: :feature do
9
8
  shipping_method.tap(&:save)
10
9
  end
11
10
 
11
+ given!(:user) { create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password') }
12
12
  given!(:zone) { create(:zone) }
13
13
  given!(:address) { create(:address, state: state, country: country) }
14
+ given!(:mug) { create(:product, name: 'RoR Mug') }
14
15
 
15
16
  background do
16
- @product = create(:product, name: 'RoR Mug')
17
- @product.master.stock_items.first.update_column(:count_on_hand, 1)
17
+ mug.master.stock_items.first.update_column(:count_on_hand, 1)
18
18
 
19
19
  # Bypass gateway error on checkout | ..or stub a gateway
20
20
  Spree::Config[:allow_checkout_on_gateway_error] = true
@@ -31,71 +31,56 @@ RSpec.feature 'Checkout', :js, type: :feature do
31
31
 
32
32
  scenario 'allow a visitor to checkout as guest, without registration' do
33
33
  Spree::Auth::Config.set(registration_step: true)
34
- add_to_cart 'RoR Mug'
35
- click_button 'Checkout'
34
+ add_to_cart(mug)
35
+ click_link 'checkout'
36
36
 
37
- expect(page).to have_content(/Checkout as a Guest/i)
37
+ expect(page).to have_selector(:button, 'Continue as a guest')
38
38
 
39
- within('#guest_checkout') { fill_in 'Email', with: 'spree@test.com' }
39
+ within('#checkout_form_registration') { fill_in 'Email', with: 'spree@test.com' }
40
40
  click_button 'Continue'
41
41
 
42
42
  expect(page).to have_text(/Billing Address/i)
43
43
  expect(page).to have_text(/Shipping Address/i)
44
44
 
45
- str_addr = 'bill_address'
46
- select 'United States', from: "order_#{str_addr}_attributes_country_id"
47
- %w(firstname lastname address1 city zipcode phone).each do |field|
48
- fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
49
- end
50
- select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
51
- check 'order_use_billing'
52
-
45
+ fill_in_address
53
46
  click_button 'Save and Continue'
54
47
  click_button 'Save and Continue'
55
48
 
56
- expect(page).to have_text 'Your order has been processed successfully'
49
+ expect(page).to have_text 'Order placed successfully'
57
50
  end
58
51
 
59
52
  scenario 'associate an uncompleted guest order with user after logging in' do
60
- user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
61
- add_to_cart 'RoR Mug'
53
+ add_to_cart(mug)
62
54
 
63
55
  visit spree.login_path
64
56
  fill_in 'Email', with: user.email
65
57
  fill_in 'Password', with: user.password
66
- click_button 'Login'
67
- expect(page).to have_text('Cart')
68
- click_link 'Cart'
58
+ click_button 'Log in'
59
+ expect(page).to have_text('Logged in successfully')
60
+ find('a.cart-icon').click
69
61
 
70
62
  expect(page).to have_text 'RoR Mug'
71
- within('h1') { expect(page).to have_text 'Shopping Cart' }
72
-
73
- click_button 'Checkout'
63
+ within('h1') { expect(page).to have_text 'YOUR SHOPPING BAG' }
74
64
 
75
- str_addr = 'bill_address'
76
- select 'United States', from: "order_#{str_addr}_attributes_country_id"
77
- %w(firstname lastname address1 city zipcode phone).each do |field|
78
- fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
79
- end
80
- select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
81
- check 'order_use_billing'
65
+ click_link 'checkout'
82
66
 
67
+ fill_in_address
83
68
  click_button 'Save and Continue'
84
69
  click_button 'Save and Continue'
85
70
 
86
- expect(page).to have_text 'Your order has been processed successfully'
71
+ expect(page).to have_text 'Order placed successfully'
87
72
  expect(Spree::Order.first.user).to eq user
88
73
  end
89
74
 
90
75
  # Regression test for #890
91
76
  scenario 'associate an incomplete guest order with user after successful password reset' do
92
- create(:store)
93
- user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
94
- add_to_cart 'RoR Mug'
77
+ add_to_cart(mug)
95
78
 
96
79
  visit spree.login_path
97
- click_link 'Forgot Password?'
98
- fill_in 'spree_user_email', with: 'email@person.com'
80
+ click_link 'Forgot password?'
81
+ fill_in('Email', with: 'email@person.com')
82
+ find('#spree_user_email').set('email@person.com')
83
+
99
84
  click_button 'Reset my password'
100
85
 
101
86
  # Need to do this now because the token stored in the DB is the encrypted version
@@ -109,49 +94,39 @@ RSpec.feature 'Checkout', :js, type: :feature do
109
94
  fill_in 'Password Confirmation', with: 'password'
110
95
  click_button 'Update'
111
96
 
112
- expect(page).to have_text('Cart')
113
- click_link 'Cart'
97
+ expect(page).to have_text('Your password was changed successfully')
98
+ find('a.cart-icon').click
114
99
  expect(page).to have_text('RoR Mug')
115
- click_button 'Checkout'
116
-
117
- str_addr = 'bill_address'
118
- select 'United States', from: "order_#{str_addr}_attributes_country_id"
119
- %w(firstname lastname address1 city zipcode phone).each do |field|
120
- fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
121
- end
122
- select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
123
- check 'order_use_billing'
100
+ click_link 'checkout'
124
101
 
102
+ fill_in_address
125
103
  click_button 'Save and Continue'
126
104
 
127
105
  expect(page).not_to have_text 'Email is invalid'
128
106
  end
129
107
 
130
108
  scenario 'allow a user to register during checkout' do
131
- add_to_cart 'RoR Mug'
132
- click_button 'Checkout'
109
+ add_to_cart(mug)
110
+ click_link 'checkout'
133
111
 
134
- expect(page).to have_text 'Registration'
112
+ expect(page).to have_selector(:link, 'Sign Up')
135
113
 
136
- fill_in 'Email', with: 'email@person.com', match: :first
114
+ click_link 'Sign Up'
115
+
116
+ fill_in 'Email', with: 'test@person.com'
137
117
  fill_in 'Password', with: 'spree123'
138
118
  fill_in 'Password Confirmation', with: 'spree123'
139
- click_button 'Create'
140
- expect(page).to have_text 'You have signed up successfully.'
141
119
 
142
- str_addr = 'bill_address'
143
- select 'United States', from: "order_#{str_addr}_attributes_country_id"
144
- %w(firstname lastname address1 city zipcode phone).each do |field|
145
- fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
146
- end
147
- select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
148
- check 'order_use_billing'
120
+ click_button 'Sign Up'
121
+
122
+ expect(page).to have_text 'You have signed up successfully.'
149
123
 
124
+ fill_in_address
150
125
  click_button 'Save and Continue'
151
126
  click_button 'Save and Continue'
152
127
 
153
- expect(page).to have_text 'Your order has been processed successfully'
154
- expect(Spree::Order.first.user).to eq Spree::User.find_by_email('email@person.com')
128
+ expect(page).to have_text 'Order placed successfully'
129
+ expect(Spree::Order.first.user).to eq Spree.user_class.find_by_email('test@person.com')
155
130
  end
156
131
  end
157
132
  end
@@ -8,8 +8,6 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
8
8
 
9
9
  after(:each) { set_confirmable_option(false) }
10
10
 
11
- let!(:store) { create(:store) }
12
-
13
11
  background do
14
12
  ActionMailer::Base.default_url_options[:host] = 'http://example.com'
15
13
  end
@@ -20,9 +18,9 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
20
18
  fill_in 'Email', with: 'email@person.com'
21
19
  fill_in 'Password', with: 'password'
22
20
  fill_in 'Password Confirmation', with: 'password'
23
- click_button 'Create'
21
+ click_button 'Sign Up'
24
22
 
25
- expect(page).to have_text 'You have signed up successfully.'
26
- expect(Spree::User.last.confirmed?).to be(false)
23
+ expect(page).to have_text I18n.t('devise.user_registrations.signed_up_but_unconfirmed')
24
+ expect(Spree.user_class.last.confirmed?).to be(false)
27
25
  end
28
26
  end
@@ -6,46 +6,40 @@ RSpec.feature 'Orders', :js, type: :feature do
6
6
 
7
7
  # regression test for spree/spree#1687
8
8
  scenario 'merge incomplete orders from different sessions' do
9
- skip %{
10
- TODO: has been broken for ~2 months as of:
11
- https://github.com/spree/spree_auth_devise/commit/3157b47b22c559817d34ec34024587d8aa6136dc
12
- I dont think we can decode these sessions anymore since Rails 4 switched to encrypted cookies I believe devise stores session encrypted.
13
- }
14
- create(:product, name: 'RoR Mug')
15
- create(:product, name: 'RoR Shirt')
9
+ ror_mug = create(:product, name: 'RoR Mug')
10
+ ror_shirt = create(:product, name: 'RoR Shirt')
16
11
 
17
12
  user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
18
13
 
19
14
  using_session('first') do
20
- add_to_cart 'RoR Mug'
15
+ add_to_cart ror_mug
21
16
 
22
17
  visit spree.login_path
23
18
  fill_in 'Email', with: user.email
24
19
  fill_in 'Password', with: user.password
25
- click_button 'Login'
20
+ click_button 'Log in'
26
21
 
27
- click_link 'Cart'
22
+ visit spree.cart_path
28
23
  expect(page).to have_text 'RoR Mug'
29
24
  end
30
25
 
31
26
  using_session('second') do
32
- add_to_cart 'RoR Shirt'
27
+ add_to_cart ror_shirt
33
28
 
34
29
  visit spree.login_path
35
30
  fill_in 'Email', with: user.email
36
31
  fill_in 'Password', with: user.password
37
- click_button 'Login'
32
+ click_button 'Log in'
38
33
 
39
34
  # Order should have been merged with first session
40
- click_link 'Cart'
35
+ visit spree.cart_path
41
36
  expect(page).to have_text 'RoR Mug'
42
37
  expect(page).to have_text 'RoR Shirt'
43
38
  end
44
39
 
45
40
  using_session('first') do
46
41
  visit spree.root_path
47
-
48
- click_link 'Cart'
42
+ visit spree.cart_path
49
43
 
50
44
  # Order should have been merged with second session
51
45
  expect(page).to have_text 'RoR Mug'
@@ -1,6 +1,4 @@
1
1
  RSpec.feature 'Reset Password', type: :feature do
2
- let!(:store) { create(:store) }
3
-
4
2
  background do
5
3
  ActionMailer::Base.default_url_options[:host] = 'http://example.com'
6
4
  end
@@ -8,7 +6,7 @@ RSpec.feature 'Reset Password', type: :feature do
8
6
  scenario 'allow a user to supply an email for the password reset' do
9
7
  user = create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret')
10
8
  visit spree.login_path
11
- click_link 'Forgot Password?'
9
+ click_link 'Forgot password?'
12
10
  fill_in 'Email', with: 'foobar@example.com'
13
11
  click_button 'Reset my password'
14
12
  expect(page).to have_text 'You will receive an email with instructions'
@@ -16,7 +14,7 @@ RSpec.feature 'Reset Password', type: :feature do
16
14
 
17
15
  scenario 'shows errors if no email is supplied' do
18
16
  visit spree.login_path
19
- click_link 'Forgot Password?'
17
+ click_link 'Forgot password?'
20
18
  click_button 'Reset my password'
21
19
  expect(page).to have_text "Email can't be blank"
22
20
  end
@@ -10,23 +10,21 @@ RSpec.feature 'Sign In', type: :feature do
10
10
  end
11
11
 
12
12
  scenario 'let a user sign in successfully', js: true do
13
- fill_in 'Email', with: @user.email
14
- fill_in 'Password', with: @user.password
15
- click_button 'Login'
13
+ log_in(email: @user.email, password: @user.password)
14
+ show_user_menu
16
15
 
17
- expect(page).to have_text 'Logged in successfully'
18
16
  expect(page).not_to have_text 'Login'
19
- expect(page).to have_text 'Logout'
20
- expect(current_path).to eq '/'
17
+ expect(page).to have_text 'LOG OUT'
18
+ expect(current_path).to eq '/account'
21
19
  end
22
20
 
23
21
  scenario 'show validation erros' do
24
22
  fill_in 'Email', with: @user.email
25
23
  fill_in 'Password', with: 'wrong_password'
26
- click_button 'Login'
24
+ click_button 'Log in'
27
25
 
28
26
  expect(page).to have_text 'Invalid email or password'
29
- expect(page).to have_text 'Login'
27
+ expect(page).to have_text 'Log in'
30
28
  end
31
29
 
32
30
  scenario 'allow a user to access a restricted page after logging in' do
@@ -35,7 +33,7 @@ RSpec.feature 'Sign In', type: :feature do
35
33
 
36
34
  fill_in 'Email', with: user.email
37
35
  fill_in 'Password', with: user.password
38
- click_button 'Login'
36
+ click_button 'Log in'
39
37
 
40
38
  within '.user-menu' do
41
39
  expect(page).to have_text 'admin@person.com'
@@ -7,44 +7,37 @@ RSpec.feature 'Sign Out', type: :feature, js: true do
7
7
  end
8
8
 
9
9
  background do
10
- visit spree.login_path
11
- fill_in 'Email', with: user.email
12
- fill_in 'Password', with: user.password
13
- # Regression test for #1257
14
- check 'Remember me'
15
- click_button 'Login'
10
+ log_in(email: user.email, password: user.password)
16
11
  end
17
12
 
18
13
  scenario 'allow a signed in user to logout' do
19
- click_link 'Logout'
14
+ log_out
15
+
20
16
  visit spree.root_path
21
- expect(page).to have_text 'Login'
22
- expect(page).not_to have_text 'Logout'
17
+ show_user_menu
18
+
19
+ expect(page).to have_link 'LOG IN'
20
+ expect(page).not_to have_link 'LOG OUT'
23
21
  end
24
22
 
25
23
  describe 'before_logout' do
26
- before do
27
- create(:product, name: 'RoR Mug')
28
- create(:product, name: 'RoR Shirt')
29
- end
30
-
24
+ let!(:mug) { create(:product_in_stock, name: 'RoR Mug') }
25
+ let!(:shirt) { create(:product, name: 'RoR Shirt') }
31
26
  let!(:other_user) { create(:user) }
32
27
 
33
28
  it 'clears token cookies' do
34
- add_to_cart 'RoR Mug'
35
- expect(page).to have_text 'RoR Mug'
29
+ add_to_cart(mug) do
30
+ find('.close').click
31
+ end
36
32
 
37
- click_link 'Logout'
33
+ log_out
38
34
 
39
- click_link 'Cart'
35
+ find('#link-to-cart').click
40
36
  expect(page).to have_text Spree.t(:your_cart_is_empty)
41
37
 
42
- visit spree.login_path
43
- fill_in 'Email', with: other_user.email
44
- fill_in 'Password', with: other_user.password
45
- click_button 'Login'
38
+ log_in(email: other_user.email, password: user.password)
39
+ find('#link-to-cart').click
46
40
 
47
- click_link 'Cart'
48
41
  expect(page).to have_text Spree.t(:your_cart_is_empty)
49
42
  end
50
43
  end
@@ -6,10 +6,11 @@ RSpec.feature 'Sign Up', type: :feature do
6
6
  fill_in 'Email', with: 'email@person.com'
7
7
  fill_in 'Password', with: 'password'
8
8
  fill_in 'Password Confirmation', with: 'password'
9
- click_button 'Create'
9
+
10
+ click_button 'Sign Up'
10
11
 
11
12
  expect(page).to have_text 'You have signed up successfully.'
12
- expect(Spree::User.count).to eq(1)
13
+ expect(Spree.user_class.count).to eq(1)
13
14
  end
14
15
  end
15
16
 
@@ -20,10 +21,11 @@ RSpec.feature 'Sign Up', type: :feature do
20
21
  fill_in 'Email', with: 'email@person.com'
21
22
  fill_in 'Password', with: 'password'
22
23
  fill_in 'Password Confirmation', with: ''
23
- click_button 'Create'
24
+
25
+ click_button 'Sign Up'
24
26
 
25
27
  expect(page).to have_css '#errorExplanation'
26
- expect(Spree::User.count).to eq(0)
28
+ expect(Spree.user_class.count).to eq(0)
27
29
  end
28
30
  end
29
31
  end
@@ -1,6 +1,6 @@
1
1
  RSpec.describe Spree::UserMailer, type: :mailer do
2
- let!(:store) { create(:store) }
3
2
  let(:user) { create(:user) }
3
+ let(:store) { Spree::Store.default }
4
4
 
5
5
  describe '#reset_password_instructions' do
6
6
  describe 'message contents' do
@@ -31,9 +31,9 @@ RSpec.describe Spree::User, type: :model do
31
31
  order.save
32
32
  user = order.user
33
33
  user.destroy
34
- expect(Spree::User.find_by_id(user.id)).to be_nil
35
- expect(Spree::User.with_deleted.find_by_id(user.id).id).to eq(user.id)
36
- expect(Spree::User.with_deleted.find_by_id(user.id).orders.first).to eq(order)
34
+ expect(Spree.user_class.find_by_id(user.id)).to be_nil
35
+ expect(Spree.user_class.with_deleted.find_by_id(user.id).id).to eq(user.id)
36
+ expect(Spree.user_class.with_deleted.find_by_id(user.id).orders.first).to eq(order)
37
37
 
38
38
  expect(Spree::Order.find_by_user_id(user.id)).not_to be_nil
39
39
  expect(Spree::Order.where(user_id: user.id).first).to eq(order)
@@ -67,13 +67,13 @@ RSpec.describe Spree::User, type: :model do
67
67
  it "is confirmable if the confirmable option is enabled" do
68
68
  set_confirmable_option(true)
69
69
  Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
70
- expect(Spree::User.devise_modules).to include(:confirmable)
70
+ expect(Spree.user_class.devise_modules).to include(:confirmable)
71
71
  set_confirmable_option(false)
72
72
  end
73
73
 
74
74
  it "is not confirmable if the confirmable option is disabled" do
75
75
  set_confirmable_option(false)
76
- expect(Spree::User.devise_modules).to_not include(:confirmable)
76
+ expect(Spree.user_class.devise_modules).to_not include(:confirmable)
77
77
  end
78
78
  end
79
79
  end
@@ -0,0 +1,42 @@
1
+ # frozen_string_literal: true
2
+
3
+ RSpec.feature 'User update', type: :request do
4
+ context 'CSRF protection' do
5
+ %i[exception reset_session null_session].each do |strategy|
6
+ # Completely clean the configuration of forgery protection for the
7
+ # controller and reset it after the expectations. However, besides `:with`,
8
+ # the options given to `protect_from_forgery` are processed on the fly.
9
+ # I.e., there's no way to retain them. The initial setup corresponds to the
10
+ # dummy application, which uses the default Rails skeleton in that regard.
11
+ # So, if at some point Rails changed the given options, we should update it
12
+ # here.
13
+ around do |example|
14
+ controller = Spree::UsersController
15
+ old_allow_forgery_protection_value = controller.allow_forgery_protection
16
+ old_forgery_protection_strategy = controller.forgery_protection_strategy
17
+ controller.skip_forgery_protection
18
+ controller.allow_forgery_protection = true
19
+ controller.protect_from_forgery with: strategy
20
+
21
+ example.run
22
+
23
+ controller.allow_forgery_protection = old_allow_forgery_protection_value
24
+ controller.forgery_protection_strategy = old_forgery_protection_strategy
25
+ end
26
+
27
+ it "is not possible to take account over with the #{strategy} forgery protection strategy" do
28
+ user = create(:user, email: 'legit@mail.com', password: 'password')
29
+
30
+ post '/login', params: "spree_user[email]=legit@mail.com&spree_user[password]=password"
31
+ begin
32
+ put '/users/123456', params: 'user[email]=hacked@example.com'
33
+ rescue
34
+ # testing that the account is not compromised regardless of any raised
35
+ # exception
36
+ end
37
+
38
+ expect(user.reload.email).to eq('legit@mail.com')
39
+ end
40
+ end
41
+ end
42
+ end
data/spec/spec_helper.rb CHANGED
@@ -8,6 +8,16 @@ require File.expand_path('../dummy/config/environment', __FILE__)
8
8
  require 'rspec/rails'
9
9
  require 'shoulda-matchers'
10
10
  require 'ffaker'
11
+ require 'pry'
12
+
13
+ require 'spree/testing_support/auth_helpers'
14
+ require 'spree/testing_support/checkout_helpers'
15
+
16
+ require 'spree/testing_support/authorization_helpers'
17
+ require 'spree/testing_support/capybara_ext'
18
+ require 'spree/testing_support/controller_requests'
19
+ require 'spree/testing_support/factories'
20
+ require 'spree/testing_support/url_helpers'
11
21
 
12
22
  RSpec.configure do |config|
13
23
  config.filter_run focus: true
@@ -27,7 +37,13 @@ RSpec.configure do |config|
27
37
  allow(RSpec::Rails::ViewRendering::EmptyTemplateHandler)
28
38
  .to receive(:call)
29
39
  .and_return(%("")) if Rails.gem_version >= Gem::Version.new('6.0.0.beta1')
40
+
41
+ create(:store)
30
42
  end
43
+
44
+ config.include Spree::TestingSupport::AuthHelpers, type: :feature
45
+ config.include Spree::TestingSupport::CheckoutHelpers, type: :feature
46
+ config.include Spree::TestingSupport::UrlHelpers
31
47
  end
32
48
 
33
49
  Dir[File.join(File.dirname(__FILE__), 'support/**/*.rb')].each { |f| require f }
@@ -1,6 +1,6 @@
1
- def add_to_cart(product_name)
2
- visit spree.root_path
3
- click_link product_name
1
+ def add_to_cart(product)
2
+ visit spree.product_path(product)
3
+
4
4
  if Spree.version.to_f > 3.6
5
5
  expect(page).to have_selector('form#add-to-cart-form')
6
6
  expect(page).to have_selector('button#add-to-cart-button')
@@ -10,6 +10,13 @@ def add_to_cart(product_name)
10
10
  end
11
11
  click_button 'Add To Cart'
12
12
  wait_for_condition do
13
- expect(page).to have_content(Spree.t(:shopping_cart))
13
+ expect(page).to have_content(Spree.t(:added_to_cart))
14
+ end
15
+
16
+ if block_given?
17
+ yield
18
+ else
19
+ click_link 'View cart'
20
+ expect(page).to have_content 'YOUR SHOPPING BAG'
14
21
  end
15
22
  end
@@ -3,7 +3,7 @@ module AuthenticationHelpers
3
3
  visit '/login'
4
4
  fill_in 'Email', with: user.email
5
5
  fill_in 'Password', with: 'secret'
6
- click_button 'Login'
6
+ click_button 'Log in'
7
7
  end
8
8
  end
9
9
 
@@ -1,16 +1,23 @@
1
1
  require 'capybara/rspec'
2
- require 'capybara/rails'
2
+ require 'capybara-screenshot'
3
3
  require 'capybara-screenshot/rspec'
4
- require 'selenium-webdriver'
5
-
6
- RSpec.configure do |_config|
7
- Capybara.save_and_open_page_path = ENV['CIRCLE_ARTIFACTS'] if ENV['CIRCLE_ARTIFACTS']
4
+ require 'capybara/rails'
5
+ require 'selenium/webdriver'
8
6
 
7
+ RSpec.configure do
9
8
  Capybara.register_driver :chrome do |app|
9
+ Selenium::WebDriver.logger.level = :error
10
+
10
11
  Capybara::Selenium::Driver.new app,
11
12
  browser: :chrome,
12
- options: Selenium::WebDriver::Chrome::Options.new(args: %w[disable-popup-blocking headless disable-gpu window-size=1920,1080])
13
+ options: Selenium::WebDriver::Chrome::Options.new(
14
+ args: %w[headless disable-gpu window-size=1920,1080 --enable-features=NetworkService,NetworkServiceInProcess --disable-features=VizDisplayCompositor],
15
+ log_level: :error
16
+ )
13
17
  end
14
-
15
18
  Capybara.javascript_driver = :chrome
16
- end
19
+
20
+ Capybara::Screenshot.register_driver(:chrome) do |driver, path|
21
+ driver.browser.save_screenshot(path)
22
+ end
23
+ end
@@ -3,11 +3,11 @@
3
3
  Gem::Specification.new do |s|
4
4
  s.platform = Gem::Platform::RUBY
5
5
  s.name = 'spree_auth_devise'
6
- s.version = '4.0.0.rc2'
6
+ s.version = '4.1.1'
7
7
  s.summary = 'Provides authentication and authorization services for use with Spree by using Devise and CanCan.'
8
8
  s.description = s.summary
9
9
 
10
- s.required_ruby_version = '>= 2.2.7'
10
+ s.required_ruby_version = '>= 2.5.0'
11
11
 
12
12
  s.author = 'Sean Schofield'
13
13
  s.email = 'sean@spreecommerce.com'
@@ -19,18 +19,19 @@ Gem::Specification.new do |s|
19
19
  s.require_path = 'lib'
20
20
  s.requirements << 'none'
21
21
 
22
+ s.add_dependency 'deface', '~> 1.0'
23
+
22
24
  s.add_dependency 'devise', '~> 4.7'
23
25
  s.add_dependency 'devise-encryptable', '0.2.0'
24
26
 
25
- spree_version = '>= 3.1.0', '< 5.0'
27
+ spree_version = '>= 4.1.0.alpha', '< 4.2'
26
28
  s.add_dependency 'spree_core', spree_version
27
29
  s.add_dependency 'spree_extension'
28
- s.add_dependency 'deface', '~> 1.0'
29
30
 
30
- s.add_development_dependency 'capybara', '~> 2.7'
31
+ s.add_development_dependency 'appraisal'
32
+ s.add_development_dependency 'capybara'
31
33
  s.add_development_dependency 'capybara-screenshot'
32
34
  s.add_development_dependency 'coffee-rails', '~> 4.2'
33
- s.add_development_dependency 'sass-rails'
34
35
  s.add_development_dependency 'database_cleaner', '~> 1.5'
35
36
  s.add_development_dependency 'email_spec', '~> 2.1'
36
37
  s.add_development_dependency 'factory_bot', '~> 4.7'
@@ -38,13 +39,16 @@ Gem::Specification.new do |s|
38
39
  s.add_development_dependency 'launchy'
39
40
  s.add_development_dependency 'mysql2'
40
41
  s.add_development_dependency 'pg'
41
- s.add_development_dependency 'selenium-webdriver'
42
42
  s.add_development_dependency 'pry'
43
- s.add_development_dependency 'rspec-rails', '~> 3.5'
44
- s.add_development_dependency 'shoulda-matchers', '~> 3.1'
43
+ s.add_development_dependency 'puma'
44
+ s.add_development_dependency 'rails-controller-testing'
45
+ s.add_development_dependency 'rspec-rails', '~> 4.0.0.beta2'
46
+ s.add_development_dependency 'sass-rails'
47
+ s.add_development_dependency 'selenium-webdriver'
48
+ s.add_development_dependency 'shoulda-matchers', '~> 4.3'
45
49
  s.add_development_dependency 'simplecov', '~> 0.12'
46
50
  s.add_development_dependency 'spree_backend', spree_version
47
51
  s.add_development_dependency 'spree_frontend', spree_version
48
52
  s.add_development_dependency 'sqlite3'
49
- s.add_development_dependency 'appraisal'
53
+ s.add_development_dependency 'webdrivers', '~> 4.2.0'
50
54
  end