spree_auth_devise 4.0.0.rc2 → 4.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.circleci/config.yml +41 -0
- data/.gitignore +1 -0
- data/.travis.yml +3 -21
- data/Appraisals +3 -19
- data/Gemfile +2 -2
- data/README.md +3 -12
- data/app/controllers/spree/user_confirmations_controller.rb +24 -0
- data/app/controllers/spree/user_passwords_controller.rb +2 -0
- data/app/controllers/spree/user_registrations_controller.rb +27 -1
- data/app/controllers/spree/user_sessions_controller.rb +23 -1
- data/app/views/spree/user_passwords/edit.html.erb +20 -17
- data/app/views/spree/user_passwords/new.html.erb +17 -15
- data/app/views/spree/user_registrations/new.html.erb +12 -17
- data/app/views/spree/user_sessions/new.html.erb +11 -12
- data/config/locales/en.yml +3 -1
- data/config/routes.rb +2 -3
- data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb +2 -2
- data/gemfiles/{spree_3_5.gemfile → spree_4_1.gemfile} +1 -1
- data/lib/controllers/frontend/spree/checkout_controller_decorator.rb +2 -2
- data/lib/controllers/frontend/spree/users_controller.rb +11 -6
- data/lib/generators/spree/auth/install/install_generator.rb +0 -4
- data/lib/spree/testing_support/auth_helpers.rb +36 -0
- data/lib/spree/testing_support/checkout_helpers.rb +24 -0
- data/lib/views/backend/spree/admin/user_passwords/new.html.erb +1 -1
- data/lib/views/backend/spree/admin/user_sessions/new.html.erb +1 -1
- data/spec/controllers/spree/admin/orders_controller_spec.rb +1 -1
- data/spec/controllers/spree/admin/user_sessions_controller_spec.rb +1 -1
- data/spec/controllers/spree/checkout_controller_spec.rb +15 -16
- data/spec/controllers/spree/products_controller_spec.rb +1 -1
- data/spec/controllers/spree/user_passwords_controller_spec.rb +4 -4
- data/spec/controllers/spree/user_registrations_controller_spec.rb +8 -8
- data/spec/controllers/spree/user_sessions_controller_spec.rb +17 -17
- data/spec/controllers/spree/users_controller_spec.rb +4 -4
- data/spec/features/account_spec.rb +10 -8
- data/spec/features/admin/password_reset_spec.rb +2 -4
- data/spec/features/admin/sign_in_spec.rb +5 -7
- data/spec/features/admin/sign_out_spec.rb +1 -1
- data/spec/features/admin_permissions_spec.rb +1 -1
- data/spec/features/change_email_spec.rb +1 -7
- data/spec/features/checkout_spec.rb +38 -63
- data/spec/features/confirmation_spec.rb +3 -5
- data/spec/features/order_spec.rb +9 -15
- data/spec/features/password_reset_spec.rb +2 -4
- data/spec/features/sign_in_spec.rb +7 -9
- data/spec/features/sign_out_spec.rb +16 -23
- data/spec/features/sign_up_spec.rb +6 -4
- data/spec/mailers/user_mailer_spec.rb +1 -1
- data/spec/models/user_spec.rb +5 -5
- data/spec/requests/spree/frontend/user_update_spec.rb +42 -0
- data/spec/spec_helper.rb +16 -0
- data/spec/support/add_to_cart.rb +11 -4
- data/spec/support/authentication_helpers.rb +1 -1
- data/spec/support/capybara.rb +15 -8
- data/spree_auth_devise.gemspec +14 -10
- metadata +104 -74
- data/app/overrides/auth_shared_login_bar.rb +0 -6
- data/app/views/spree/shared/_login.html.erb +0 -18
- data/app/views/spree/shared/_user_form.html.erb +0 -17
- data/gemfiles/spree_3_2.gemfile +0 -8
- data/gemfiles/spree_3_7.gemfile +0 -9
- data/gemfiles/spree_4_0.gemfile +0 -8
- data/lib/assets/javascripts/spree/backend/spree_auth.js.erb +0 -1
- data/lib/assets/javascripts/spree/frontend/account.js +0 -8
- data/lib/assets/javascripts/spree/frontend/spree_auth.js.erb +0 -2
- data/lib/assets/stylesheets/spree/backend/spree_auth.css.erb +0 -3
- data/lib/assets/stylesheets/spree/frontend/spree_auth.css.erb +0 -3
- data/lib/controllers/frontend/spree/store_controller_decorator.rb +0 -7
- data/lib/views/frontend/spree/checkout/_new_user.html.erb +0 -20
- data/lib/views/frontend/spree/checkout/registration.html.erb +0 -25
- data/lib/views/frontend/spree/shared/_link_to_account.html.erb +0 -6
- data/lib/views/frontend/spree/users/edit.html.erb +0 -17
- data/lib/views/frontend/spree/users/show.html.erb +0 -48
@@ -1,5 +1,4 @@
|
|
1
1
|
RSpec.feature 'Checkout', :js, type: :feature do
|
2
|
-
given!(:store) { create(:store) }
|
3
2
|
given!(:country) { create(:country, name: 'United States', states_required: true) }
|
4
3
|
given!(:state) { create(:state, name: 'Maryland', country: country) }
|
5
4
|
given!(:shipping_method) do
|
@@ -9,12 +8,13 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
9
8
|
shipping_method.tap(&:save)
|
10
9
|
end
|
11
10
|
|
11
|
+
given!(:user) { create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password') }
|
12
12
|
given!(:zone) { create(:zone) }
|
13
13
|
given!(:address) { create(:address, state: state, country: country) }
|
14
|
+
given!(:mug) { create(:product, name: 'RoR Mug') }
|
14
15
|
|
15
16
|
background do
|
16
|
-
|
17
|
-
@product.master.stock_items.first.update_column(:count_on_hand, 1)
|
17
|
+
mug.master.stock_items.first.update_column(:count_on_hand, 1)
|
18
18
|
|
19
19
|
# Bypass gateway error on checkout | ..or stub a gateway
|
20
20
|
Spree::Config[:allow_checkout_on_gateway_error] = true
|
@@ -31,71 +31,56 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
31
31
|
|
32
32
|
scenario 'allow a visitor to checkout as guest, without registration' do
|
33
33
|
Spree::Auth::Config.set(registration_step: true)
|
34
|
-
add_to_cart
|
35
|
-
|
34
|
+
add_to_cart(mug)
|
35
|
+
click_link 'checkout'
|
36
36
|
|
37
|
-
expect(page).to
|
37
|
+
expect(page).to have_selector(:button, 'Continue as a guest')
|
38
38
|
|
39
|
-
within('#
|
39
|
+
within('#checkout_form_registration') { fill_in 'Email', with: 'spree@test.com' }
|
40
40
|
click_button 'Continue'
|
41
41
|
|
42
42
|
expect(page).to have_text(/Billing Address/i)
|
43
43
|
expect(page).to have_text(/Shipping Address/i)
|
44
44
|
|
45
|
-
|
46
|
-
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
47
|
-
%w(firstname lastname address1 city zipcode phone).each do |field|
|
48
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
49
|
-
end
|
50
|
-
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
51
|
-
check 'order_use_billing'
|
52
|
-
|
45
|
+
fill_in_address
|
53
46
|
click_button 'Save and Continue'
|
54
47
|
click_button 'Save and Continue'
|
55
48
|
|
56
|
-
expect(page).to have_text '
|
49
|
+
expect(page).to have_text 'Order placed successfully'
|
57
50
|
end
|
58
51
|
|
59
52
|
scenario 'associate an uncompleted guest order with user after logging in' do
|
60
|
-
|
61
|
-
add_to_cart 'RoR Mug'
|
53
|
+
add_to_cart(mug)
|
62
54
|
|
63
55
|
visit spree.login_path
|
64
56
|
fill_in 'Email', with: user.email
|
65
57
|
fill_in 'Password', with: user.password
|
66
|
-
click_button '
|
67
|
-
expect(page).to have_text('
|
68
|
-
|
58
|
+
click_button 'Log in'
|
59
|
+
expect(page).to have_text('Logged in successfully')
|
60
|
+
find('a.cart-icon').click
|
69
61
|
|
70
62
|
expect(page).to have_text 'RoR Mug'
|
71
|
-
within('h1') { expect(page).to have_text '
|
72
|
-
|
73
|
-
click_button 'Checkout'
|
63
|
+
within('h1') { expect(page).to have_text 'YOUR SHOPPING BAG' }
|
74
64
|
|
75
|
-
|
76
|
-
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
77
|
-
%w(firstname lastname address1 city zipcode phone).each do |field|
|
78
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
79
|
-
end
|
80
|
-
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
81
|
-
check 'order_use_billing'
|
65
|
+
click_link 'checkout'
|
82
66
|
|
67
|
+
fill_in_address
|
83
68
|
click_button 'Save and Continue'
|
84
69
|
click_button 'Save and Continue'
|
85
70
|
|
86
|
-
expect(page).to have_text '
|
71
|
+
expect(page).to have_text 'Order placed successfully'
|
87
72
|
expect(Spree::Order.first.user).to eq user
|
88
73
|
end
|
89
74
|
|
90
75
|
# Regression test for #890
|
91
76
|
scenario 'associate an incomplete guest order with user after successful password reset' do
|
92
|
-
|
93
|
-
user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
|
94
|
-
add_to_cart 'RoR Mug'
|
77
|
+
add_to_cart(mug)
|
95
78
|
|
96
79
|
visit spree.login_path
|
97
|
-
click_link 'Forgot
|
98
|
-
fill_in
|
80
|
+
click_link 'Forgot password?'
|
81
|
+
fill_in('Email', with: 'email@person.com')
|
82
|
+
find('#spree_user_email').set('email@person.com')
|
83
|
+
|
99
84
|
click_button 'Reset my password'
|
100
85
|
|
101
86
|
# Need to do this now because the token stored in the DB is the encrypted version
|
@@ -109,49 +94,39 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
109
94
|
fill_in 'Password Confirmation', with: 'password'
|
110
95
|
click_button 'Update'
|
111
96
|
|
112
|
-
expect(page).to have_text('
|
113
|
-
|
97
|
+
expect(page).to have_text('Your password was changed successfully')
|
98
|
+
find('a.cart-icon').click
|
114
99
|
expect(page).to have_text('RoR Mug')
|
115
|
-
|
116
|
-
|
117
|
-
str_addr = 'bill_address'
|
118
|
-
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
119
|
-
%w(firstname lastname address1 city zipcode phone).each do |field|
|
120
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
121
|
-
end
|
122
|
-
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
123
|
-
check 'order_use_billing'
|
100
|
+
click_link 'checkout'
|
124
101
|
|
102
|
+
fill_in_address
|
125
103
|
click_button 'Save and Continue'
|
126
104
|
|
127
105
|
expect(page).not_to have_text 'Email is invalid'
|
128
106
|
end
|
129
107
|
|
130
108
|
scenario 'allow a user to register during checkout' do
|
131
|
-
add_to_cart
|
132
|
-
|
109
|
+
add_to_cart(mug)
|
110
|
+
click_link 'checkout'
|
133
111
|
|
134
|
-
expect(page).to
|
112
|
+
expect(page).to have_selector(:link, 'Sign Up')
|
135
113
|
|
136
|
-
|
114
|
+
click_link 'Sign Up'
|
115
|
+
|
116
|
+
fill_in 'Email', with: 'test@person.com'
|
137
117
|
fill_in 'Password', with: 'spree123'
|
138
118
|
fill_in 'Password Confirmation', with: 'spree123'
|
139
|
-
click_button 'Create'
|
140
|
-
expect(page).to have_text 'You have signed up successfully.'
|
141
119
|
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
146
|
-
end
|
147
|
-
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
148
|
-
check 'order_use_billing'
|
120
|
+
click_button 'Sign Up'
|
121
|
+
|
122
|
+
expect(page).to have_text 'You have signed up successfully.'
|
149
123
|
|
124
|
+
fill_in_address
|
150
125
|
click_button 'Save and Continue'
|
151
126
|
click_button 'Save and Continue'
|
152
127
|
|
153
|
-
expect(page).to have_text '
|
154
|
-
expect(Spree::Order.first.user).to eq Spree
|
128
|
+
expect(page).to have_text 'Order placed successfully'
|
129
|
+
expect(Spree::Order.first.user).to eq Spree.user_class.find_by_email('test@person.com')
|
155
130
|
end
|
156
131
|
end
|
157
132
|
end
|
@@ -8,8 +8,6 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
|
|
8
8
|
|
9
9
|
after(:each) { set_confirmable_option(false) }
|
10
10
|
|
11
|
-
let!(:store) { create(:store) }
|
12
|
-
|
13
11
|
background do
|
14
12
|
ActionMailer::Base.default_url_options[:host] = 'http://example.com'
|
15
13
|
end
|
@@ -20,9 +18,9 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
|
|
20
18
|
fill_in 'Email', with: 'email@person.com'
|
21
19
|
fill_in 'Password', with: 'password'
|
22
20
|
fill_in 'Password Confirmation', with: 'password'
|
23
|
-
click_button '
|
21
|
+
click_button 'Sign Up'
|
24
22
|
|
25
|
-
expect(page).to have_text '
|
26
|
-
expect(Spree
|
23
|
+
expect(page).to have_text I18n.t('devise.user_registrations.signed_up_but_unconfirmed')
|
24
|
+
expect(Spree.user_class.last.confirmed?).to be(false)
|
27
25
|
end
|
28
26
|
end
|
data/spec/features/order_spec.rb
CHANGED
@@ -6,46 +6,40 @@ RSpec.feature 'Orders', :js, type: :feature do
|
|
6
6
|
|
7
7
|
# regression test for spree/spree#1687
|
8
8
|
scenario 'merge incomplete orders from different sessions' do
|
9
|
-
|
10
|
-
|
11
|
-
https://github.com/spree/spree_auth_devise/commit/3157b47b22c559817d34ec34024587d8aa6136dc
|
12
|
-
I dont think we can decode these sessions anymore since Rails 4 switched to encrypted cookies I believe devise stores session encrypted.
|
13
|
-
}
|
14
|
-
create(:product, name: 'RoR Mug')
|
15
|
-
create(:product, name: 'RoR Shirt')
|
9
|
+
ror_mug = create(:product, name: 'RoR Mug')
|
10
|
+
ror_shirt = create(:product, name: 'RoR Shirt')
|
16
11
|
|
17
12
|
user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
|
18
13
|
|
19
14
|
using_session('first') do
|
20
|
-
add_to_cart
|
15
|
+
add_to_cart ror_mug
|
21
16
|
|
22
17
|
visit spree.login_path
|
23
18
|
fill_in 'Email', with: user.email
|
24
19
|
fill_in 'Password', with: user.password
|
25
|
-
click_button '
|
20
|
+
click_button 'Log in'
|
26
21
|
|
27
|
-
|
22
|
+
visit spree.cart_path
|
28
23
|
expect(page).to have_text 'RoR Mug'
|
29
24
|
end
|
30
25
|
|
31
26
|
using_session('second') do
|
32
|
-
add_to_cart
|
27
|
+
add_to_cart ror_shirt
|
33
28
|
|
34
29
|
visit spree.login_path
|
35
30
|
fill_in 'Email', with: user.email
|
36
31
|
fill_in 'Password', with: user.password
|
37
|
-
click_button '
|
32
|
+
click_button 'Log in'
|
38
33
|
|
39
34
|
# Order should have been merged with first session
|
40
|
-
|
35
|
+
visit spree.cart_path
|
41
36
|
expect(page).to have_text 'RoR Mug'
|
42
37
|
expect(page).to have_text 'RoR Shirt'
|
43
38
|
end
|
44
39
|
|
45
40
|
using_session('first') do
|
46
41
|
visit spree.root_path
|
47
|
-
|
48
|
-
click_link 'Cart'
|
42
|
+
visit spree.cart_path
|
49
43
|
|
50
44
|
# Order should have been merged with second session
|
51
45
|
expect(page).to have_text 'RoR Mug'
|
@@ -1,6 +1,4 @@
|
|
1
1
|
RSpec.feature 'Reset Password', type: :feature do
|
2
|
-
let!(:store) { create(:store) }
|
3
|
-
|
4
2
|
background do
|
5
3
|
ActionMailer::Base.default_url_options[:host] = 'http://example.com'
|
6
4
|
end
|
@@ -8,7 +6,7 @@ RSpec.feature 'Reset Password', type: :feature do
|
|
8
6
|
scenario 'allow a user to supply an email for the password reset' do
|
9
7
|
user = create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret')
|
10
8
|
visit spree.login_path
|
11
|
-
click_link 'Forgot
|
9
|
+
click_link 'Forgot password?'
|
12
10
|
fill_in 'Email', with: 'foobar@example.com'
|
13
11
|
click_button 'Reset my password'
|
14
12
|
expect(page).to have_text 'You will receive an email with instructions'
|
@@ -16,7 +14,7 @@ RSpec.feature 'Reset Password', type: :feature do
|
|
16
14
|
|
17
15
|
scenario 'shows errors if no email is supplied' do
|
18
16
|
visit spree.login_path
|
19
|
-
click_link 'Forgot
|
17
|
+
click_link 'Forgot password?'
|
20
18
|
click_button 'Reset my password'
|
21
19
|
expect(page).to have_text "Email can't be blank"
|
22
20
|
end
|
@@ -10,23 +10,21 @@ RSpec.feature 'Sign In', type: :feature do
|
|
10
10
|
end
|
11
11
|
|
12
12
|
scenario 'let a user sign in successfully', js: true do
|
13
|
-
|
14
|
-
|
15
|
-
click_button 'Login'
|
13
|
+
log_in(email: @user.email, password: @user.password)
|
14
|
+
show_user_menu
|
16
15
|
|
17
|
-
expect(page).to have_text 'Logged in successfully'
|
18
16
|
expect(page).not_to have_text 'Login'
|
19
|
-
expect(page).to have_text '
|
20
|
-
expect(current_path).to eq '/'
|
17
|
+
expect(page).to have_text 'LOG OUT'
|
18
|
+
expect(current_path).to eq '/account'
|
21
19
|
end
|
22
20
|
|
23
21
|
scenario 'show validation erros' do
|
24
22
|
fill_in 'Email', with: @user.email
|
25
23
|
fill_in 'Password', with: 'wrong_password'
|
26
|
-
click_button '
|
24
|
+
click_button 'Log in'
|
27
25
|
|
28
26
|
expect(page).to have_text 'Invalid email or password'
|
29
|
-
expect(page).to have_text '
|
27
|
+
expect(page).to have_text 'Log in'
|
30
28
|
end
|
31
29
|
|
32
30
|
scenario 'allow a user to access a restricted page after logging in' do
|
@@ -35,7 +33,7 @@ RSpec.feature 'Sign In', type: :feature do
|
|
35
33
|
|
36
34
|
fill_in 'Email', with: user.email
|
37
35
|
fill_in 'Password', with: user.password
|
38
|
-
click_button '
|
36
|
+
click_button 'Log in'
|
39
37
|
|
40
38
|
within '.user-menu' do
|
41
39
|
expect(page).to have_text 'admin@person.com'
|
@@ -7,44 +7,37 @@ RSpec.feature 'Sign Out', type: :feature, js: true do
|
|
7
7
|
end
|
8
8
|
|
9
9
|
background do
|
10
|
-
|
11
|
-
fill_in 'Email', with: user.email
|
12
|
-
fill_in 'Password', with: user.password
|
13
|
-
# Regression test for #1257
|
14
|
-
check 'Remember me'
|
15
|
-
click_button 'Login'
|
10
|
+
log_in(email: user.email, password: user.password)
|
16
11
|
end
|
17
12
|
|
18
13
|
scenario 'allow a signed in user to logout' do
|
19
|
-
|
14
|
+
log_out
|
15
|
+
|
20
16
|
visit spree.root_path
|
21
|
-
|
22
|
-
|
17
|
+
show_user_menu
|
18
|
+
|
19
|
+
expect(page).to have_link 'LOG IN'
|
20
|
+
expect(page).not_to have_link 'LOG OUT'
|
23
21
|
end
|
24
22
|
|
25
23
|
describe 'before_logout' do
|
26
|
-
|
27
|
-
create(:product, name: 'RoR
|
28
|
-
create(:product, name: 'RoR Shirt')
|
29
|
-
end
|
30
|
-
|
24
|
+
let!(:mug) { create(:product_in_stock, name: 'RoR Mug') }
|
25
|
+
let!(:shirt) { create(:product, name: 'RoR Shirt') }
|
31
26
|
let!(:other_user) { create(:user) }
|
32
27
|
|
33
28
|
it 'clears token cookies' do
|
34
|
-
add_to_cart
|
35
|
-
|
29
|
+
add_to_cart(mug) do
|
30
|
+
find('.close').click
|
31
|
+
end
|
36
32
|
|
37
|
-
|
33
|
+
log_out
|
38
34
|
|
39
|
-
|
35
|
+
find('#link-to-cart').click
|
40
36
|
expect(page).to have_text Spree.t(:your_cart_is_empty)
|
41
37
|
|
42
|
-
|
43
|
-
|
44
|
-
fill_in 'Password', with: other_user.password
|
45
|
-
click_button 'Login'
|
38
|
+
log_in(email: other_user.email, password: user.password)
|
39
|
+
find('#link-to-cart').click
|
46
40
|
|
47
|
-
click_link 'Cart'
|
48
41
|
expect(page).to have_text Spree.t(:your_cart_is_empty)
|
49
42
|
end
|
50
43
|
end
|
@@ -6,10 +6,11 @@ RSpec.feature 'Sign Up', type: :feature do
|
|
6
6
|
fill_in 'Email', with: 'email@person.com'
|
7
7
|
fill_in 'Password', with: 'password'
|
8
8
|
fill_in 'Password Confirmation', with: 'password'
|
9
|
-
|
9
|
+
|
10
|
+
click_button 'Sign Up'
|
10
11
|
|
11
12
|
expect(page).to have_text 'You have signed up successfully.'
|
12
|
-
expect(Spree
|
13
|
+
expect(Spree.user_class.count).to eq(1)
|
13
14
|
end
|
14
15
|
end
|
15
16
|
|
@@ -20,10 +21,11 @@ RSpec.feature 'Sign Up', type: :feature do
|
|
20
21
|
fill_in 'Email', with: 'email@person.com'
|
21
22
|
fill_in 'Password', with: 'password'
|
22
23
|
fill_in 'Password Confirmation', with: ''
|
23
|
-
|
24
|
+
|
25
|
+
click_button 'Sign Up'
|
24
26
|
|
25
27
|
expect(page).to have_css '#errorExplanation'
|
26
|
-
expect(Spree
|
28
|
+
expect(Spree.user_class.count).to eq(0)
|
27
29
|
end
|
28
30
|
end
|
29
31
|
end
|
data/spec/models/user_spec.rb
CHANGED
@@ -31,9 +31,9 @@ RSpec.describe Spree::User, type: :model do
|
|
31
31
|
order.save
|
32
32
|
user = order.user
|
33
33
|
user.destroy
|
34
|
-
expect(Spree
|
35
|
-
expect(Spree
|
36
|
-
expect(Spree
|
34
|
+
expect(Spree.user_class.find_by_id(user.id)).to be_nil
|
35
|
+
expect(Spree.user_class.with_deleted.find_by_id(user.id).id).to eq(user.id)
|
36
|
+
expect(Spree.user_class.with_deleted.find_by_id(user.id).orders.first).to eq(order)
|
37
37
|
|
38
38
|
expect(Spree::Order.find_by_user_id(user.id)).not_to be_nil
|
39
39
|
expect(Spree::Order.where(user_id: user.id).first).to eq(order)
|
@@ -67,13 +67,13 @@ RSpec.describe Spree::User, type: :model do
|
|
67
67
|
it "is confirmable if the confirmable option is enabled" do
|
68
68
|
set_confirmable_option(true)
|
69
69
|
Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
|
70
|
-
expect(Spree
|
70
|
+
expect(Spree.user_class.devise_modules).to include(:confirmable)
|
71
71
|
set_confirmable_option(false)
|
72
72
|
end
|
73
73
|
|
74
74
|
it "is not confirmable if the confirmable option is disabled" do
|
75
75
|
set_confirmable_option(false)
|
76
|
-
expect(Spree
|
76
|
+
expect(Spree.user_class.devise_modules).to_not include(:confirmable)
|
77
77
|
end
|
78
78
|
end
|
79
79
|
end
|
@@ -0,0 +1,42 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
RSpec.feature 'User update', type: :request do
|
4
|
+
context 'CSRF protection' do
|
5
|
+
%i[exception reset_session null_session].each do |strategy|
|
6
|
+
# Completely clean the configuration of forgery protection for the
|
7
|
+
# controller and reset it after the expectations. However, besides `:with`,
|
8
|
+
# the options given to `protect_from_forgery` are processed on the fly.
|
9
|
+
# I.e., there's no way to retain them. The initial setup corresponds to the
|
10
|
+
# dummy application, which uses the default Rails skeleton in that regard.
|
11
|
+
# So, if at some point Rails changed the given options, we should update it
|
12
|
+
# here.
|
13
|
+
around do |example|
|
14
|
+
controller = Spree::UsersController
|
15
|
+
old_allow_forgery_protection_value = controller.allow_forgery_protection
|
16
|
+
old_forgery_protection_strategy = controller.forgery_protection_strategy
|
17
|
+
controller.skip_forgery_protection
|
18
|
+
controller.allow_forgery_protection = true
|
19
|
+
controller.protect_from_forgery with: strategy
|
20
|
+
|
21
|
+
example.run
|
22
|
+
|
23
|
+
controller.allow_forgery_protection = old_allow_forgery_protection_value
|
24
|
+
controller.forgery_protection_strategy = old_forgery_protection_strategy
|
25
|
+
end
|
26
|
+
|
27
|
+
it "is not possible to take account over with the #{strategy} forgery protection strategy" do
|
28
|
+
user = create(:user, email: 'legit@mail.com', password: 'password')
|
29
|
+
|
30
|
+
post '/login', params: "spree_user[email]=legit@mail.com&spree_user[password]=password"
|
31
|
+
begin
|
32
|
+
put '/users/123456', params: 'user[email]=hacked@example.com'
|
33
|
+
rescue
|
34
|
+
# testing that the account is not compromised regardless of any raised
|
35
|
+
# exception
|
36
|
+
end
|
37
|
+
|
38
|
+
expect(user.reload.email).to eq('legit@mail.com')
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
data/spec/spec_helper.rb
CHANGED
@@ -8,6 +8,16 @@ require File.expand_path('../dummy/config/environment', __FILE__)
|
|
8
8
|
require 'rspec/rails'
|
9
9
|
require 'shoulda-matchers'
|
10
10
|
require 'ffaker'
|
11
|
+
require 'pry'
|
12
|
+
|
13
|
+
require 'spree/testing_support/auth_helpers'
|
14
|
+
require 'spree/testing_support/checkout_helpers'
|
15
|
+
|
16
|
+
require 'spree/testing_support/authorization_helpers'
|
17
|
+
require 'spree/testing_support/capybara_ext'
|
18
|
+
require 'spree/testing_support/controller_requests'
|
19
|
+
require 'spree/testing_support/factories'
|
20
|
+
require 'spree/testing_support/url_helpers'
|
11
21
|
|
12
22
|
RSpec.configure do |config|
|
13
23
|
config.filter_run focus: true
|
@@ -27,7 +37,13 @@ RSpec.configure do |config|
|
|
27
37
|
allow(RSpec::Rails::ViewRendering::EmptyTemplateHandler)
|
28
38
|
.to receive(:call)
|
29
39
|
.and_return(%("")) if Rails.gem_version >= Gem::Version.new('6.0.0.beta1')
|
40
|
+
|
41
|
+
create(:store)
|
30
42
|
end
|
43
|
+
|
44
|
+
config.include Spree::TestingSupport::AuthHelpers, type: :feature
|
45
|
+
config.include Spree::TestingSupport::CheckoutHelpers, type: :feature
|
46
|
+
config.include Spree::TestingSupport::UrlHelpers
|
31
47
|
end
|
32
48
|
|
33
49
|
Dir[File.join(File.dirname(__FILE__), 'support/**/*.rb')].each { |f| require f }
|
data/spec/support/add_to_cart.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
|
-
def add_to_cart(
|
2
|
-
visit spree.
|
3
|
-
|
1
|
+
def add_to_cart(product)
|
2
|
+
visit spree.product_path(product)
|
3
|
+
|
4
4
|
if Spree.version.to_f > 3.6
|
5
5
|
expect(page).to have_selector('form#add-to-cart-form')
|
6
6
|
expect(page).to have_selector('button#add-to-cart-button')
|
@@ -10,6 +10,13 @@ def add_to_cart(product_name)
|
|
10
10
|
end
|
11
11
|
click_button 'Add To Cart'
|
12
12
|
wait_for_condition do
|
13
|
-
expect(page).to have_content(Spree.t(:
|
13
|
+
expect(page).to have_content(Spree.t(:added_to_cart))
|
14
|
+
end
|
15
|
+
|
16
|
+
if block_given?
|
17
|
+
yield
|
18
|
+
else
|
19
|
+
click_link 'View cart'
|
20
|
+
expect(page).to have_content 'YOUR SHOPPING BAG'
|
14
21
|
end
|
15
22
|
end
|
data/spec/support/capybara.rb
CHANGED
@@ -1,16 +1,23 @@
|
|
1
1
|
require 'capybara/rspec'
|
2
|
-
require 'capybara
|
2
|
+
require 'capybara-screenshot'
|
3
3
|
require 'capybara-screenshot/rspec'
|
4
|
-
require '
|
5
|
-
|
6
|
-
RSpec.configure do |_config|
|
7
|
-
Capybara.save_and_open_page_path = ENV['CIRCLE_ARTIFACTS'] if ENV['CIRCLE_ARTIFACTS']
|
4
|
+
require 'capybara/rails'
|
5
|
+
require 'selenium/webdriver'
|
8
6
|
|
7
|
+
RSpec.configure do
|
9
8
|
Capybara.register_driver :chrome do |app|
|
9
|
+
Selenium::WebDriver.logger.level = :error
|
10
|
+
|
10
11
|
Capybara::Selenium::Driver.new app,
|
11
12
|
browser: :chrome,
|
12
|
-
options: Selenium::WebDriver::Chrome::Options.new(
|
13
|
+
options: Selenium::WebDriver::Chrome::Options.new(
|
14
|
+
args: %w[headless disable-gpu window-size=1920,1080 --enable-features=NetworkService,NetworkServiceInProcess --disable-features=VizDisplayCompositor],
|
15
|
+
log_level: :error
|
16
|
+
)
|
13
17
|
end
|
14
|
-
|
15
18
|
Capybara.javascript_driver = :chrome
|
16
|
-
|
19
|
+
|
20
|
+
Capybara::Screenshot.register_driver(:chrome) do |driver, path|
|
21
|
+
driver.browser.save_screenshot(path)
|
22
|
+
end
|
23
|
+
end
|
data/spree_auth_devise.gemspec
CHANGED
@@ -3,11 +3,11 @@
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.platform = Gem::Platform::RUBY
|
5
5
|
s.name = 'spree_auth_devise'
|
6
|
-
s.version = '4.
|
6
|
+
s.version = '4.1.1'
|
7
7
|
s.summary = 'Provides authentication and authorization services for use with Spree by using Devise and CanCan.'
|
8
8
|
s.description = s.summary
|
9
9
|
|
10
|
-
s.required_ruby_version = '>= 2.
|
10
|
+
s.required_ruby_version = '>= 2.5.0'
|
11
11
|
|
12
12
|
s.author = 'Sean Schofield'
|
13
13
|
s.email = 'sean@spreecommerce.com'
|
@@ -19,18 +19,19 @@ Gem::Specification.new do |s|
|
|
19
19
|
s.require_path = 'lib'
|
20
20
|
s.requirements << 'none'
|
21
21
|
|
22
|
+
s.add_dependency 'deface', '~> 1.0'
|
23
|
+
|
22
24
|
s.add_dependency 'devise', '~> 4.7'
|
23
25
|
s.add_dependency 'devise-encryptable', '0.2.0'
|
24
26
|
|
25
|
-
spree_version = '>=
|
27
|
+
spree_version = '>= 4.1.0.alpha', '< 4.2'
|
26
28
|
s.add_dependency 'spree_core', spree_version
|
27
29
|
s.add_dependency 'spree_extension'
|
28
|
-
s.add_dependency 'deface', '~> 1.0'
|
29
30
|
|
30
|
-
s.add_development_dependency '
|
31
|
+
s.add_development_dependency 'appraisal'
|
32
|
+
s.add_development_dependency 'capybara'
|
31
33
|
s.add_development_dependency 'capybara-screenshot'
|
32
34
|
s.add_development_dependency 'coffee-rails', '~> 4.2'
|
33
|
-
s.add_development_dependency 'sass-rails'
|
34
35
|
s.add_development_dependency 'database_cleaner', '~> 1.5'
|
35
36
|
s.add_development_dependency 'email_spec', '~> 2.1'
|
36
37
|
s.add_development_dependency 'factory_bot', '~> 4.7'
|
@@ -38,13 +39,16 @@ Gem::Specification.new do |s|
|
|
38
39
|
s.add_development_dependency 'launchy'
|
39
40
|
s.add_development_dependency 'mysql2'
|
40
41
|
s.add_development_dependency 'pg'
|
41
|
-
s.add_development_dependency 'selenium-webdriver'
|
42
42
|
s.add_development_dependency 'pry'
|
43
|
-
s.add_development_dependency '
|
44
|
-
s.add_development_dependency '
|
43
|
+
s.add_development_dependency 'puma'
|
44
|
+
s.add_development_dependency 'rails-controller-testing'
|
45
|
+
s.add_development_dependency 'rspec-rails', '~> 4.0.0.beta2'
|
46
|
+
s.add_development_dependency 'sass-rails'
|
47
|
+
s.add_development_dependency 'selenium-webdriver'
|
48
|
+
s.add_development_dependency 'shoulda-matchers', '~> 4.3'
|
45
49
|
s.add_development_dependency 'simplecov', '~> 0.12'
|
46
50
|
s.add_development_dependency 'spree_backend', spree_version
|
47
51
|
s.add_development_dependency 'spree_frontend', spree_version
|
48
52
|
s.add_development_dependency 'sqlite3'
|
49
|
-
s.add_development_dependency '
|
53
|
+
s.add_development_dependency 'webdrivers', '~> 4.2.0'
|
50
54
|
end
|