spree_auth_devise 4.0.0.rc2 → 4.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (73) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +41 -0
  3. data/.gitignore +1 -0
  4. data/.travis.yml +3 -21
  5. data/Appraisals +3 -19
  6. data/Gemfile +2 -2
  7. data/README.md +3 -12
  8. data/app/controllers/spree/user_confirmations_controller.rb +24 -0
  9. data/app/controllers/spree/user_passwords_controller.rb +2 -0
  10. data/app/controllers/spree/user_registrations_controller.rb +27 -1
  11. data/app/controllers/spree/user_sessions_controller.rb +23 -1
  12. data/app/views/spree/user_passwords/edit.html.erb +20 -17
  13. data/app/views/spree/user_passwords/new.html.erb +17 -15
  14. data/app/views/spree/user_registrations/new.html.erb +12 -17
  15. data/app/views/spree/user_sessions/new.html.erb +11 -12
  16. data/config/locales/en.yml +3 -1
  17. data/config/routes.rb +2 -3
  18. data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb +2 -2
  19. data/gemfiles/{spree_3_5.gemfile → spree_4_1.gemfile} +1 -1
  20. data/lib/controllers/frontend/spree/checkout_controller_decorator.rb +2 -2
  21. data/lib/controllers/frontend/spree/users_controller.rb +11 -6
  22. data/lib/generators/spree/auth/install/install_generator.rb +0 -4
  23. data/lib/spree/testing_support/auth_helpers.rb +36 -0
  24. data/lib/spree/testing_support/checkout_helpers.rb +24 -0
  25. data/lib/views/backend/spree/admin/user_passwords/new.html.erb +1 -1
  26. data/lib/views/backend/spree/admin/user_sessions/new.html.erb +1 -1
  27. data/spec/controllers/spree/admin/orders_controller_spec.rb +1 -1
  28. data/spec/controllers/spree/admin/user_sessions_controller_spec.rb +1 -1
  29. data/spec/controllers/spree/checkout_controller_spec.rb +15 -16
  30. data/spec/controllers/spree/products_controller_spec.rb +1 -1
  31. data/spec/controllers/spree/user_passwords_controller_spec.rb +4 -4
  32. data/spec/controllers/spree/user_registrations_controller_spec.rb +8 -8
  33. data/spec/controllers/spree/user_sessions_controller_spec.rb +17 -17
  34. data/spec/controllers/spree/users_controller_spec.rb +4 -4
  35. data/spec/features/account_spec.rb +10 -8
  36. data/spec/features/admin/password_reset_spec.rb +2 -4
  37. data/spec/features/admin/sign_in_spec.rb +5 -7
  38. data/spec/features/admin/sign_out_spec.rb +1 -1
  39. data/spec/features/admin_permissions_spec.rb +1 -1
  40. data/spec/features/change_email_spec.rb +1 -7
  41. data/spec/features/checkout_spec.rb +38 -63
  42. data/spec/features/confirmation_spec.rb +3 -5
  43. data/spec/features/order_spec.rb +9 -15
  44. data/spec/features/password_reset_spec.rb +2 -4
  45. data/spec/features/sign_in_spec.rb +7 -9
  46. data/spec/features/sign_out_spec.rb +16 -23
  47. data/spec/features/sign_up_spec.rb +6 -4
  48. data/spec/mailers/user_mailer_spec.rb +1 -1
  49. data/spec/models/user_spec.rb +5 -5
  50. data/spec/requests/spree/frontend/user_update_spec.rb +42 -0
  51. data/spec/spec_helper.rb +16 -0
  52. data/spec/support/add_to_cart.rb +11 -4
  53. data/spec/support/authentication_helpers.rb +1 -1
  54. data/spec/support/capybara.rb +15 -8
  55. data/spree_auth_devise.gemspec +14 -10
  56. metadata +104 -74
  57. data/app/overrides/auth_shared_login_bar.rb +0 -6
  58. data/app/views/spree/shared/_login.html.erb +0 -18
  59. data/app/views/spree/shared/_user_form.html.erb +0 -17
  60. data/gemfiles/spree_3_2.gemfile +0 -8
  61. data/gemfiles/spree_3_7.gemfile +0 -9
  62. data/gemfiles/spree_4_0.gemfile +0 -8
  63. data/lib/assets/javascripts/spree/backend/spree_auth.js.erb +0 -1
  64. data/lib/assets/javascripts/spree/frontend/account.js +0 -8
  65. data/lib/assets/javascripts/spree/frontend/spree_auth.js.erb +0 -2
  66. data/lib/assets/stylesheets/spree/backend/spree_auth.css.erb +0 -3
  67. data/lib/assets/stylesheets/spree/frontend/spree_auth.css.erb +0 -3
  68. data/lib/controllers/frontend/spree/store_controller_decorator.rb +0 -7
  69. data/lib/views/frontend/spree/checkout/_new_user.html.erb +0 -20
  70. data/lib/views/frontend/spree/checkout/registration.html.erb +0 -25
  71. data/lib/views/frontend/spree/shared/_link_to_account.html.erb +0 -6
  72. data/lib/views/frontend/spree/users/edit.html.erb +0 -17
  73. data/lib/views/frontend/spree/users/show.html.erb +0 -48
@@ -1,5 +1,4 @@
1
1
  RSpec.feature 'Checkout', :js, type: :feature do
2
- given!(:store) { create(:store) }
3
2
  given!(:country) { create(:country, name: 'United States', states_required: true) }
4
3
  given!(:state) { create(:state, name: 'Maryland', country: country) }
5
4
  given!(:shipping_method) do
@@ -9,12 +8,13 @@ RSpec.feature 'Checkout', :js, type: :feature do
9
8
  shipping_method.tap(&:save)
10
9
  end
11
10
 
11
+ given!(:user) { create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password') }
12
12
  given!(:zone) { create(:zone) }
13
13
  given!(:address) { create(:address, state: state, country: country) }
14
+ given!(:mug) { create(:product, name: 'RoR Mug') }
14
15
 
15
16
  background do
16
- @product = create(:product, name: 'RoR Mug')
17
- @product.master.stock_items.first.update_column(:count_on_hand, 1)
17
+ mug.master.stock_items.first.update_column(:count_on_hand, 1)
18
18
 
19
19
  # Bypass gateway error on checkout | ..or stub a gateway
20
20
  Spree::Config[:allow_checkout_on_gateway_error] = true
@@ -31,71 +31,56 @@ RSpec.feature 'Checkout', :js, type: :feature do
31
31
 
32
32
  scenario 'allow a visitor to checkout as guest, without registration' do
33
33
  Spree::Auth::Config.set(registration_step: true)
34
- add_to_cart 'RoR Mug'
35
- click_button 'Checkout'
34
+ add_to_cart(mug)
35
+ click_link 'checkout'
36
36
 
37
- expect(page).to have_content(/Checkout as a Guest/i)
37
+ expect(page).to have_selector(:button, 'Continue as a guest')
38
38
 
39
- within('#guest_checkout') { fill_in 'Email', with: 'spree@test.com' }
39
+ within('#checkout_form_registration') { fill_in 'Email', with: 'spree@test.com' }
40
40
  click_button 'Continue'
41
41
 
42
42
  expect(page).to have_text(/Billing Address/i)
43
43
  expect(page).to have_text(/Shipping Address/i)
44
44
 
45
- str_addr = 'bill_address'
46
- select 'United States', from: "order_#{str_addr}_attributes_country_id"
47
- %w(firstname lastname address1 city zipcode phone).each do |field|
48
- fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
49
- end
50
- select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
51
- check 'order_use_billing'
52
-
45
+ fill_in_address
53
46
  click_button 'Save and Continue'
54
47
  click_button 'Save and Continue'
55
48
 
56
- expect(page).to have_text 'Your order has been processed successfully'
49
+ expect(page).to have_text 'Order placed successfully'
57
50
  end
58
51
 
59
52
  scenario 'associate an uncompleted guest order with user after logging in' do
60
- user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
61
- add_to_cart 'RoR Mug'
53
+ add_to_cart(mug)
62
54
 
63
55
  visit spree.login_path
64
56
  fill_in 'Email', with: user.email
65
57
  fill_in 'Password', with: user.password
66
- click_button 'Login'
67
- expect(page).to have_text('Cart')
68
- click_link 'Cart'
58
+ click_button 'Log in'
59
+ expect(page).to have_text('Logged in successfully')
60
+ find('a.cart-icon').click
69
61
 
70
62
  expect(page).to have_text 'RoR Mug'
71
- within('h1') { expect(page).to have_text 'Shopping Cart' }
72
-
73
- click_button 'Checkout'
63
+ within('h1') { expect(page).to have_text 'YOUR SHOPPING BAG' }
74
64
 
75
- str_addr = 'bill_address'
76
- select 'United States', from: "order_#{str_addr}_attributes_country_id"
77
- %w(firstname lastname address1 city zipcode phone).each do |field|
78
- fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
79
- end
80
- select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
81
- check 'order_use_billing'
65
+ click_link 'checkout'
82
66
 
67
+ fill_in_address
83
68
  click_button 'Save and Continue'
84
69
  click_button 'Save and Continue'
85
70
 
86
- expect(page).to have_text 'Your order has been processed successfully'
71
+ expect(page).to have_text 'Order placed successfully'
87
72
  expect(Spree::Order.first.user).to eq user
88
73
  end
89
74
 
90
75
  # Regression test for #890
91
76
  scenario 'associate an incomplete guest order with user after successful password reset' do
92
- create(:store)
93
- user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
94
- add_to_cart 'RoR Mug'
77
+ add_to_cart(mug)
95
78
 
96
79
  visit spree.login_path
97
- click_link 'Forgot Password?'
98
- fill_in 'spree_user_email', with: 'email@person.com'
80
+ click_link 'Forgot password?'
81
+ fill_in('Email', with: 'email@person.com')
82
+ find('#spree_user_email').set('email@person.com')
83
+
99
84
  click_button 'Reset my password'
100
85
 
101
86
  # Need to do this now because the token stored in the DB is the encrypted version
@@ -109,49 +94,39 @@ RSpec.feature 'Checkout', :js, type: :feature do
109
94
  fill_in 'Password Confirmation', with: 'password'
110
95
  click_button 'Update'
111
96
 
112
- expect(page).to have_text('Cart')
113
- click_link 'Cart'
97
+ expect(page).to have_text('Your password was changed successfully')
98
+ find('a.cart-icon').click
114
99
  expect(page).to have_text('RoR Mug')
115
- click_button 'Checkout'
116
-
117
- str_addr = 'bill_address'
118
- select 'United States', from: "order_#{str_addr}_attributes_country_id"
119
- %w(firstname lastname address1 city zipcode phone).each do |field|
120
- fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
121
- end
122
- select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
123
- check 'order_use_billing'
100
+ click_link 'checkout'
124
101
 
102
+ fill_in_address
125
103
  click_button 'Save and Continue'
126
104
 
127
105
  expect(page).not_to have_text 'Email is invalid'
128
106
  end
129
107
 
130
108
  scenario 'allow a user to register during checkout' do
131
- add_to_cart 'RoR Mug'
132
- click_button 'Checkout'
109
+ add_to_cart(mug)
110
+ click_link 'checkout'
133
111
 
134
- expect(page).to have_text 'Registration'
112
+ expect(page).to have_selector(:link, 'Sign Up')
135
113
 
136
- fill_in 'Email', with: 'email@person.com', match: :first
114
+ click_link 'Sign Up'
115
+
116
+ fill_in 'Email', with: 'test@person.com'
137
117
  fill_in 'Password', with: 'spree123'
138
118
  fill_in 'Password Confirmation', with: 'spree123'
139
- click_button 'Create'
140
- expect(page).to have_text 'You have signed up successfully.'
141
119
 
142
- str_addr = 'bill_address'
143
- select 'United States', from: "order_#{str_addr}_attributes_country_id"
144
- %w(firstname lastname address1 city zipcode phone).each do |field|
145
- fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
146
- end
147
- select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
148
- check 'order_use_billing'
120
+ click_button 'Sign Up'
121
+
122
+ expect(page).to have_text 'You have signed up successfully.'
149
123
 
124
+ fill_in_address
150
125
  click_button 'Save and Continue'
151
126
  click_button 'Save and Continue'
152
127
 
153
- expect(page).to have_text 'Your order has been processed successfully'
154
- expect(Spree::Order.first.user).to eq Spree::User.find_by_email('email@person.com')
128
+ expect(page).to have_text 'Order placed successfully'
129
+ expect(Spree::Order.first.user).to eq Spree.user_class.find_by_email('test@person.com')
155
130
  end
156
131
  end
157
132
  end
@@ -8,8 +8,6 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
8
8
 
9
9
  after(:each) { set_confirmable_option(false) }
10
10
 
11
- let!(:store) { create(:store) }
12
-
13
11
  background do
14
12
  ActionMailer::Base.default_url_options[:host] = 'http://example.com'
15
13
  end
@@ -20,9 +18,9 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
20
18
  fill_in 'Email', with: 'email@person.com'
21
19
  fill_in 'Password', with: 'password'
22
20
  fill_in 'Password Confirmation', with: 'password'
23
- click_button 'Create'
21
+ click_button 'Sign Up'
24
22
 
25
- expect(page).to have_text 'You have signed up successfully.'
26
- expect(Spree::User.last.confirmed?).to be(false)
23
+ expect(page).to have_text I18n.t('devise.user_registrations.signed_up_but_unconfirmed')
24
+ expect(Spree.user_class.last.confirmed?).to be(false)
27
25
  end
28
26
  end
@@ -6,46 +6,40 @@ RSpec.feature 'Orders', :js, type: :feature do
6
6
 
7
7
  # regression test for spree/spree#1687
8
8
  scenario 'merge incomplete orders from different sessions' do
9
- skip %{
10
- TODO: has been broken for ~2 months as of:
11
- https://github.com/spree/spree_auth_devise/commit/3157b47b22c559817d34ec34024587d8aa6136dc
12
- I dont think we can decode these sessions anymore since Rails 4 switched to encrypted cookies I believe devise stores session encrypted.
13
- }
14
- create(:product, name: 'RoR Mug')
15
- create(:product, name: 'RoR Shirt')
9
+ ror_mug = create(:product, name: 'RoR Mug')
10
+ ror_shirt = create(:product, name: 'RoR Shirt')
16
11
 
17
12
  user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
18
13
 
19
14
  using_session('first') do
20
- add_to_cart 'RoR Mug'
15
+ add_to_cart ror_mug
21
16
 
22
17
  visit spree.login_path
23
18
  fill_in 'Email', with: user.email
24
19
  fill_in 'Password', with: user.password
25
- click_button 'Login'
20
+ click_button 'Log in'
26
21
 
27
- click_link 'Cart'
22
+ visit spree.cart_path
28
23
  expect(page).to have_text 'RoR Mug'
29
24
  end
30
25
 
31
26
  using_session('second') do
32
- add_to_cart 'RoR Shirt'
27
+ add_to_cart ror_shirt
33
28
 
34
29
  visit spree.login_path
35
30
  fill_in 'Email', with: user.email
36
31
  fill_in 'Password', with: user.password
37
- click_button 'Login'
32
+ click_button 'Log in'
38
33
 
39
34
  # Order should have been merged with first session
40
- click_link 'Cart'
35
+ visit spree.cart_path
41
36
  expect(page).to have_text 'RoR Mug'
42
37
  expect(page).to have_text 'RoR Shirt'
43
38
  end
44
39
 
45
40
  using_session('first') do
46
41
  visit spree.root_path
47
-
48
- click_link 'Cart'
42
+ visit spree.cart_path
49
43
 
50
44
  # Order should have been merged with second session
51
45
  expect(page).to have_text 'RoR Mug'
@@ -1,6 +1,4 @@
1
1
  RSpec.feature 'Reset Password', type: :feature do
2
- let!(:store) { create(:store) }
3
-
4
2
  background do
5
3
  ActionMailer::Base.default_url_options[:host] = 'http://example.com'
6
4
  end
@@ -8,7 +6,7 @@ RSpec.feature 'Reset Password', type: :feature do
8
6
  scenario 'allow a user to supply an email for the password reset' do
9
7
  user = create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret')
10
8
  visit spree.login_path
11
- click_link 'Forgot Password?'
9
+ click_link 'Forgot password?'
12
10
  fill_in 'Email', with: 'foobar@example.com'
13
11
  click_button 'Reset my password'
14
12
  expect(page).to have_text 'You will receive an email with instructions'
@@ -16,7 +14,7 @@ RSpec.feature 'Reset Password', type: :feature do
16
14
 
17
15
  scenario 'shows errors if no email is supplied' do
18
16
  visit spree.login_path
19
- click_link 'Forgot Password?'
17
+ click_link 'Forgot password?'
20
18
  click_button 'Reset my password'
21
19
  expect(page).to have_text "Email can't be blank"
22
20
  end
@@ -10,23 +10,21 @@ RSpec.feature 'Sign In', type: :feature do
10
10
  end
11
11
 
12
12
  scenario 'let a user sign in successfully', js: true do
13
- fill_in 'Email', with: @user.email
14
- fill_in 'Password', with: @user.password
15
- click_button 'Login'
13
+ log_in(email: @user.email, password: @user.password)
14
+ show_user_menu
16
15
 
17
- expect(page).to have_text 'Logged in successfully'
18
16
  expect(page).not_to have_text 'Login'
19
- expect(page).to have_text 'Logout'
20
- expect(current_path).to eq '/'
17
+ expect(page).to have_text 'LOG OUT'
18
+ expect(current_path).to eq '/account'
21
19
  end
22
20
 
23
21
  scenario 'show validation erros' do
24
22
  fill_in 'Email', with: @user.email
25
23
  fill_in 'Password', with: 'wrong_password'
26
- click_button 'Login'
24
+ click_button 'Log in'
27
25
 
28
26
  expect(page).to have_text 'Invalid email or password'
29
- expect(page).to have_text 'Login'
27
+ expect(page).to have_text 'Log in'
30
28
  end
31
29
 
32
30
  scenario 'allow a user to access a restricted page after logging in' do
@@ -35,7 +33,7 @@ RSpec.feature 'Sign In', type: :feature do
35
33
 
36
34
  fill_in 'Email', with: user.email
37
35
  fill_in 'Password', with: user.password
38
- click_button 'Login'
36
+ click_button 'Log in'
39
37
 
40
38
  within '.user-menu' do
41
39
  expect(page).to have_text 'admin@person.com'
@@ -7,44 +7,37 @@ RSpec.feature 'Sign Out', type: :feature, js: true do
7
7
  end
8
8
 
9
9
  background do
10
- visit spree.login_path
11
- fill_in 'Email', with: user.email
12
- fill_in 'Password', with: user.password
13
- # Regression test for #1257
14
- check 'Remember me'
15
- click_button 'Login'
10
+ log_in(email: user.email, password: user.password)
16
11
  end
17
12
 
18
13
  scenario 'allow a signed in user to logout' do
19
- click_link 'Logout'
14
+ log_out
15
+
20
16
  visit spree.root_path
21
- expect(page).to have_text 'Login'
22
- expect(page).not_to have_text 'Logout'
17
+ show_user_menu
18
+
19
+ expect(page).to have_link 'LOG IN'
20
+ expect(page).not_to have_link 'LOG OUT'
23
21
  end
24
22
 
25
23
  describe 'before_logout' do
26
- before do
27
- create(:product, name: 'RoR Mug')
28
- create(:product, name: 'RoR Shirt')
29
- end
30
-
24
+ let!(:mug) { create(:product_in_stock, name: 'RoR Mug') }
25
+ let!(:shirt) { create(:product, name: 'RoR Shirt') }
31
26
  let!(:other_user) { create(:user) }
32
27
 
33
28
  it 'clears token cookies' do
34
- add_to_cart 'RoR Mug'
35
- expect(page).to have_text 'RoR Mug'
29
+ add_to_cart(mug) do
30
+ find('.close').click
31
+ end
36
32
 
37
- click_link 'Logout'
33
+ log_out
38
34
 
39
- click_link 'Cart'
35
+ find('#link-to-cart').click
40
36
  expect(page).to have_text Spree.t(:your_cart_is_empty)
41
37
 
42
- visit spree.login_path
43
- fill_in 'Email', with: other_user.email
44
- fill_in 'Password', with: other_user.password
45
- click_button 'Login'
38
+ log_in(email: other_user.email, password: user.password)
39
+ find('#link-to-cart').click
46
40
 
47
- click_link 'Cart'
48
41
  expect(page).to have_text Spree.t(:your_cart_is_empty)
49
42
  end
50
43
  end
@@ -6,10 +6,11 @@ RSpec.feature 'Sign Up', type: :feature do
6
6
  fill_in 'Email', with: 'email@person.com'
7
7
  fill_in 'Password', with: 'password'
8
8
  fill_in 'Password Confirmation', with: 'password'
9
- click_button 'Create'
9
+
10
+ click_button 'Sign Up'
10
11
 
11
12
  expect(page).to have_text 'You have signed up successfully.'
12
- expect(Spree::User.count).to eq(1)
13
+ expect(Spree.user_class.count).to eq(1)
13
14
  end
14
15
  end
15
16
 
@@ -20,10 +21,11 @@ RSpec.feature 'Sign Up', type: :feature do
20
21
  fill_in 'Email', with: 'email@person.com'
21
22
  fill_in 'Password', with: 'password'
22
23
  fill_in 'Password Confirmation', with: ''
23
- click_button 'Create'
24
+
25
+ click_button 'Sign Up'
24
26
 
25
27
  expect(page).to have_css '#errorExplanation'
26
- expect(Spree::User.count).to eq(0)
28
+ expect(Spree.user_class.count).to eq(0)
27
29
  end
28
30
  end
29
31
  end
@@ -1,6 +1,6 @@
1
1
  RSpec.describe Spree::UserMailer, type: :mailer do
2
- let!(:store) { create(:store) }
3
2
  let(:user) { create(:user) }
3
+ let(:store) { Spree::Store.default }
4
4
 
5
5
  describe '#reset_password_instructions' do
6
6
  describe 'message contents' do
@@ -31,9 +31,9 @@ RSpec.describe Spree::User, type: :model do
31
31
  order.save
32
32
  user = order.user
33
33
  user.destroy
34
- expect(Spree::User.find_by_id(user.id)).to be_nil
35
- expect(Spree::User.with_deleted.find_by_id(user.id).id).to eq(user.id)
36
- expect(Spree::User.with_deleted.find_by_id(user.id).orders.first).to eq(order)
34
+ expect(Spree.user_class.find_by_id(user.id)).to be_nil
35
+ expect(Spree.user_class.with_deleted.find_by_id(user.id).id).to eq(user.id)
36
+ expect(Spree.user_class.with_deleted.find_by_id(user.id).orders.first).to eq(order)
37
37
 
38
38
  expect(Spree::Order.find_by_user_id(user.id)).not_to be_nil
39
39
  expect(Spree::Order.where(user_id: user.id).first).to eq(order)
@@ -67,13 +67,13 @@ RSpec.describe Spree::User, type: :model do
67
67
  it "is confirmable if the confirmable option is enabled" do
68
68
  set_confirmable_option(true)
69
69
  Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
70
- expect(Spree::User.devise_modules).to include(:confirmable)
70
+ expect(Spree.user_class.devise_modules).to include(:confirmable)
71
71
  set_confirmable_option(false)
72
72
  end
73
73
 
74
74
  it "is not confirmable if the confirmable option is disabled" do
75
75
  set_confirmable_option(false)
76
- expect(Spree::User.devise_modules).to_not include(:confirmable)
76
+ expect(Spree.user_class.devise_modules).to_not include(:confirmable)
77
77
  end
78
78
  end
79
79
  end
@@ -0,0 +1,42 @@
1
+ # frozen_string_literal: true
2
+
3
+ RSpec.feature 'User update', type: :request do
4
+ context 'CSRF protection' do
5
+ %i[exception reset_session null_session].each do |strategy|
6
+ # Completely clean the configuration of forgery protection for the
7
+ # controller and reset it after the expectations. However, besides `:with`,
8
+ # the options given to `protect_from_forgery` are processed on the fly.
9
+ # I.e., there's no way to retain them. The initial setup corresponds to the
10
+ # dummy application, which uses the default Rails skeleton in that regard.
11
+ # So, if at some point Rails changed the given options, we should update it
12
+ # here.
13
+ around do |example|
14
+ controller = Spree::UsersController
15
+ old_allow_forgery_protection_value = controller.allow_forgery_protection
16
+ old_forgery_protection_strategy = controller.forgery_protection_strategy
17
+ controller.skip_forgery_protection
18
+ controller.allow_forgery_protection = true
19
+ controller.protect_from_forgery with: strategy
20
+
21
+ example.run
22
+
23
+ controller.allow_forgery_protection = old_allow_forgery_protection_value
24
+ controller.forgery_protection_strategy = old_forgery_protection_strategy
25
+ end
26
+
27
+ it "is not possible to take account over with the #{strategy} forgery protection strategy" do
28
+ user = create(:user, email: 'legit@mail.com', password: 'password')
29
+
30
+ post '/login', params: "spree_user[email]=legit@mail.com&spree_user[password]=password"
31
+ begin
32
+ put '/users/123456', params: 'user[email]=hacked@example.com'
33
+ rescue
34
+ # testing that the account is not compromised regardless of any raised
35
+ # exception
36
+ end
37
+
38
+ expect(user.reload.email).to eq('legit@mail.com')
39
+ end
40
+ end
41
+ end
42
+ end
data/spec/spec_helper.rb CHANGED
@@ -8,6 +8,16 @@ require File.expand_path('../dummy/config/environment', __FILE__)
8
8
  require 'rspec/rails'
9
9
  require 'shoulda-matchers'
10
10
  require 'ffaker'
11
+ require 'pry'
12
+
13
+ require 'spree/testing_support/auth_helpers'
14
+ require 'spree/testing_support/checkout_helpers'
15
+
16
+ require 'spree/testing_support/authorization_helpers'
17
+ require 'spree/testing_support/capybara_ext'
18
+ require 'spree/testing_support/controller_requests'
19
+ require 'spree/testing_support/factories'
20
+ require 'spree/testing_support/url_helpers'
11
21
 
12
22
  RSpec.configure do |config|
13
23
  config.filter_run focus: true
@@ -27,7 +37,13 @@ RSpec.configure do |config|
27
37
  allow(RSpec::Rails::ViewRendering::EmptyTemplateHandler)
28
38
  .to receive(:call)
29
39
  .and_return(%("")) if Rails.gem_version >= Gem::Version.new('6.0.0.beta1')
40
+
41
+ create(:store)
30
42
  end
43
+
44
+ config.include Spree::TestingSupport::AuthHelpers, type: :feature
45
+ config.include Spree::TestingSupport::CheckoutHelpers, type: :feature
46
+ config.include Spree::TestingSupport::UrlHelpers
31
47
  end
32
48
 
33
49
  Dir[File.join(File.dirname(__FILE__), 'support/**/*.rb')].each { |f| require f }
@@ -1,6 +1,6 @@
1
- def add_to_cart(product_name)
2
- visit spree.root_path
3
- click_link product_name
1
+ def add_to_cart(product)
2
+ visit spree.product_path(product)
3
+
4
4
  if Spree.version.to_f > 3.6
5
5
  expect(page).to have_selector('form#add-to-cart-form')
6
6
  expect(page).to have_selector('button#add-to-cart-button')
@@ -10,6 +10,13 @@ def add_to_cart(product_name)
10
10
  end
11
11
  click_button 'Add To Cart'
12
12
  wait_for_condition do
13
- expect(page).to have_content(Spree.t(:shopping_cart))
13
+ expect(page).to have_content(Spree.t(:added_to_cart))
14
+ end
15
+
16
+ if block_given?
17
+ yield
18
+ else
19
+ click_link 'View cart'
20
+ expect(page).to have_content 'YOUR SHOPPING BAG'
14
21
  end
15
22
  end
@@ -3,7 +3,7 @@ module AuthenticationHelpers
3
3
  visit '/login'
4
4
  fill_in 'Email', with: user.email
5
5
  fill_in 'Password', with: 'secret'
6
- click_button 'Login'
6
+ click_button 'Log in'
7
7
  end
8
8
  end
9
9
 
@@ -1,16 +1,23 @@
1
1
  require 'capybara/rspec'
2
- require 'capybara/rails'
2
+ require 'capybara-screenshot'
3
3
  require 'capybara-screenshot/rspec'
4
- require 'selenium-webdriver'
5
-
6
- RSpec.configure do |_config|
7
- Capybara.save_and_open_page_path = ENV['CIRCLE_ARTIFACTS'] if ENV['CIRCLE_ARTIFACTS']
4
+ require 'capybara/rails'
5
+ require 'selenium/webdriver'
8
6
 
7
+ RSpec.configure do
9
8
  Capybara.register_driver :chrome do |app|
9
+ Selenium::WebDriver.logger.level = :error
10
+
10
11
  Capybara::Selenium::Driver.new app,
11
12
  browser: :chrome,
12
- options: Selenium::WebDriver::Chrome::Options.new(args: %w[disable-popup-blocking headless disable-gpu window-size=1920,1080])
13
+ options: Selenium::WebDriver::Chrome::Options.new(
14
+ args: %w[headless disable-gpu window-size=1920,1080 --enable-features=NetworkService,NetworkServiceInProcess --disable-features=VizDisplayCompositor],
15
+ log_level: :error
16
+ )
13
17
  end
14
-
15
18
  Capybara.javascript_driver = :chrome
16
- end
19
+
20
+ Capybara::Screenshot.register_driver(:chrome) do |driver, path|
21
+ driver.browser.save_screenshot(path)
22
+ end
23
+ end
@@ -3,11 +3,11 @@
3
3
  Gem::Specification.new do |s|
4
4
  s.platform = Gem::Platform::RUBY
5
5
  s.name = 'spree_auth_devise'
6
- s.version = '4.0.0.rc2'
6
+ s.version = '4.1.1'
7
7
  s.summary = 'Provides authentication and authorization services for use with Spree by using Devise and CanCan.'
8
8
  s.description = s.summary
9
9
 
10
- s.required_ruby_version = '>= 2.2.7'
10
+ s.required_ruby_version = '>= 2.5.0'
11
11
 
12
12
  s.author = 'Sean Schofield'
13
13
  s.email = 'sean@spreecommerce.com'
@@ -19,18 +19,19 @@ Gem::Specification.new do |s|
19
19
  s.require_path = 'lib'
20
20
  s.requirements << 'none'
21
21
 
22
+ s.add_dependency 'deface', '~> 1.0'
23
+
22
24
  s.add_dependency 'devise', '~> 4.7'
23
25
  s.add_dependency 'devise-encryptable', '0.2.0'
24
26
 
25
- spree_version = '>= 3.1.0', '< 5.0'
27
+ spree_version = '>= 4.1.0.alpha', '< 4.2'
26
28
  s.add_dependency 'spree_core', spree_version
27
29
  s.add_dependency 'spree_extension'
28
- s.add_dependency 'deface', '~> 1.0'
29
30
 
30
- s.add_development_dependency 'capybara', '~> 2.7'
31
+ s.add_development_dependency 'appraisal'
32
+ s.add_development_dependency 'capybara'
31
33
  s.add_development_dependency 'capybara-screenshot'
32
34
  s.add_development_dependency 'coffee-rails', '~> 4.2'
33
- s.add_development_dependency 'sass-rails'
34
35
  s.add_development_dependency 'database_cleaner', '~> 1.5'
35
36
  s.add_development_dependency 'email_spec', '~> 2.1'
36
37
  s.add_development_dependency 'factory_bot', '~> 4.7'
@@ -38,13 +39,16 @@ Gem::Specification.new do |s|
38
39
  s.add_development_dependency 'launchy'
39
40
  s.add_development_dependency 'mysql2'
40
41
  s.add_development_dependency 'pg'
41
- s.add_development_dependency 'selenium-webdriver'
42
42
  s.add_development_dependency 'pry'
43
- s.add_development_dependency 'rspec-rails', '~> 3.5'
44
- s.add_development_dependency 'shoulda-matchers', '~> 3.1'
43
+ s.add_development_dependency 'puma'
44
+ s.add_development_dependency 'rails-controller-testing'
45
+ s.add_development_dependency 'rspec-rails', '~> 4.0.0.beta2'
46
+ s.add_development_dependency 'sass-rails'
47
+ s.add_development_dependency 'selenium-webdriver'
48
+ s.add_development_dependency 'shoulda-matchers', '~> 4.3'
45
49
  s.add_development_dependency 'simplecov', '~> 0.12'
46
50
  s.add_development_dependency 'spree_backend', spree_version
47
51
  s.add_development_dependency 'spree_frontend', spree_version
48
52
  s.add_development_dependency 'sqlite3'
49
- s.add_development_dependency 'appraisal'
53
+ s.add_development_dependency 'webdrivers', '~> 4.2.0'
50
54
  end