spree_auth_devise 4.0.0.rc2 → 4.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +41 -0
- data/.gitignore +1 -0
- data/.travis.yml +3 -21
- data/Appraisals +3 -19
- data/Gemfile +2 -2
- data/README.md +3 -12
- data/app/controllers/spree/user_confirmations_controller.rb +24 -0
- data/app/controllers/spree/user_passwords_controller.rb +2 -0
- data/app/controllers/spree/user_registrations_controller.rb +27 -1
- data/app/controllers/spree/user_sessions_controller.rb +23 -1
- data/app/views/spree/user_passwords/edit.html.erb +20 -17
- data/app/views/spree/user_passwords/new.html.erb +17 -15
- data/app/views/spree/user_registrations/new.html.erb +12 -17
- data/app/views/spree/user_sessions/new.html.erb +11 -12
- data/config/locales/en.yml +3 -1
- data/config/routes.rb +2 -3
- data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb +2 -2
- data/gemfiles/{spree_3_5.gemfile → spree_4_1.gemfile} +1 -1
- data/lib/controllers/frontend/spree/checkout_controller_decorator.rb +2 -2
- data/lib/controllers/frontend/spree/users_controller.rb +11 -6
- data/lib/generators/spree/auth/install/install_generator.rb +0 -4
- data/lib/spree/testing_support/auth_helpers.rb +36 -0
- data/lib/spree/testing_support/checkout_helpers.rb +24 -0
- data/lib/views/backend/spree/admin/user_passwords/new.html.erb +1 -1
- data/lib/views/backend/spree/admin/user_sessions/new.html.erb +1 -1
- data/spec/controllers/spree/admin/orders_controller_spec.rb +1 -1
- data/spec/controllers/spree/admin/user_sessions_controller_spec.rb +1 -1
- data/spec/controllers/spree/checkout_controller_spec.rb +15 -16
- data/spec/controllers/spree/products_controller_spec.rb +1 -1
- data/spec/controllers/spree/user_passwords_controller_spec.rb +4 -4
- data/spec/controllers/spree/user_registrations_controller_spec.rb +8 -8
- data/spec/controllers/spree/user_sessions_controller_spec.rb +17 -17
- data/spec/controllers/spree/users_controller_spec.rb +4 -4
- data/spec/features/account_spec.rb +10 -8
- data/spec/features/admin/password_reset_spec.rb +2 -4
- data/spec/features/admin/sign_in_spec.rb +5 -7
- data/spec/features/admin/sign_out_spec.rb +1 -1
- data/spec/features/admin_permissions_spec.rb +1 -1
- data/spec/features/change_email_spec.rb +1 -7
- data/spec/features/checkout_spec.rb +38 -63
- data/spec/features/confirmation_spec.rb +3 -5
- data/spec/features/order_spec.rb +9 -15
- data/spec/features/password_reset_spec.rb +2 -4
- data/spec/features/sign_in_spec.rb +7 -9
- data/spec/features/sign_out_spec.rb +16 -23
- data/spec/features/sign_up_spec.rb +6 -4
- data/spec/mailers/user_mailer_spec.rb +1 -1
- data/spec/models/user_spec.rb +5 -5
- data/spec/requests/spree/frontend/user_update_spec.rb +42 -0
- data/spec/spec_helper.rb +16 -0
- data/spec/support/add_to_cart.rb +11 -4
- data/spec/support/authentication_helpers.rb +1 -1
- data/spec/support/capybara.rb +15 -8
- data/spree_auth_devise.gemspec +14 -10
- metadata +104 -74
- data/app/overrides/auth_shared_login_bar.rb +0 -6
- data/app/views/spree/shared/_login.html.erb +0 -18
- data/app/views/spree/shared/_user_form.html.erb +0 -17
- data/gemfiles/spree_3_2.gemfile +0 -8
- data/gemfiles/spree_3_7.gemfile +0 -9
- data/gemfiles/spree_4_0.gemfile +0 -8
- data/lib/assets/javascripts/spree/backend/spree_auth.js.erb +0 -1
- data/lib/assets/javascripts/spree/frontend/account.js +0 -8
- data/lib/assets/javascripts/spree/frontend/spree_auth.js.erb +0 -2
- data/lib/assets/stylesheets/spree/backend/spree_auth.css.erb +0 -3
- data/lib/assets/stylesheets/spree/frontend/spree_auth.css.erb +0 -3
- data/lib/controllers/frontend/spree/store_controller_decorator.rb +0 -7
- data/lib/views/frontend/spree/checkout/_new_user.html.erb +0 -20
- data/lib/views/frontend/spree/checkout/registration.html.erb +0 -25
- data/lib/views/frontend/spree/shared/_link_to_account.html.erb +0 -6
- data/lib/views/frontend/spree/users/edit.html.erb +0 -17
- data/lib/views/frontend/spree/users/show.html.erb +0 -48
@@ -1,5 +1,4 @@
|
|
1
1
|
RSpec.feature 'Checkout', :js, type: :feature do
|
2
|
-
given!(:store) { create(:store) }
|
3
2
|
given!(:country) { create(:country, name: 'United States', states_required: true) }
|
4
3
|
given!(:state) { create(:state, name: 'Maryland', country: country) }
|
5
4
|
given!(:shipping_method) do
|
@@ -9,12 +8,13 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
9
8
|
shipping_method.tap(&:save)
|
10
9
|
end
|
11
10
|
|
11
|
+
given!(:user) { create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password') }
|
12
12
|
given!(:zone) { create(:zone) }
|
13
13
|
given!(:address) { create(:address, state: state, country: country) }
|
14
|
+
given!(:mug) { create(:product, name: 'RoR Mug') }
|
14
15
|
|
15
16
|
background do
|
16
|
-
|
17
|
-
@product.master.stock_items.first.update_column(:count_on_hand, 1)
|
17
|
+
mug.master.stock_items.first.update_column(:count_on_hand, 1)
|
18
18
|
|
19
19
|
# Bypass gateway error on checkout | ..or stub a gateway
|
20
20
|
Spree::Config[:allow_checkout_on_gateway_error] = true
|
@@ -31,71 +31,56 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
31
31
|
|
32
32
|
scenario 'allow a visitor to checkout as guest, without registration' do
|
33
33
|
Spree::Auth::Config.set(registration_step: true)
|
34
|
-
add_to_cart
|
35
|
-
|
34
|
+
add_to_cart(mug)
|
35
|
+
click_link 'checkout'
|
36
36
|
|
37
|
-
expect(page).to
|
37
|
+
expect(page).to have_selector(:button, 'Continue as a guest')
|
38
38
|
|
39
|
-
within('#
|
39
|
+
within('#checkout_form_registration') { fill_in 'Email', with: 'spree@test.com' }
|
40
40
|
click_button 'Continue'
|
41
41
|
|
42
42
|
expect(page).to have_text(/Billing Address/i)
|
43
43
|
expect(page).to have_text(/Shipping Address/i)
|
44
44
|
|
45
|
-
|
46
|
-
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
47
|
-
%w(firstname lastname address1 city zipcode phone).each do |field|
|
48
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
49
|
-
end
|
50
|
-
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
51
|
-
check 'order_use_billing'
|
52
|
-
|
45
|
+
fill_in_address
|
53
46
|
click_button 'Save and Continue'
|
54
47
|
click_button 'Save and Continue'
|
55
48
|
|
56
|
-
expect(page).to have_text '
|
49
|
+
expect(page).to have_text 'Order placed successfully'
|
57
50
|
end
|
58
51
|
|
59
52
|
scenario 'associate an uncompleted guest order with user after logging in' do
|
60
|
-
|
61
|
-
add_to_cart 'RoR Mug'
|
53
|
+
add_to_cart(mug)
|
62
54
|
|
63
55
|
visit spree.login_path
|
64
56
|
fill_in 'Email', with: user.email
|
65
57
|
fill_in 'Password', with: user.password
|
66
|
-
click_button '
|
67
|
-
expect(page).to have_text('
|
68
|
-
|
58
|
+
click_button 'Log in'
|
59
|
+
expect(page).to have_text('Logged in successfully')
|
60
|
+
find('a.cart-icon').click
|
69
61
|
|
70
62
|
expect(page).to have_text 'RoR Mug'
|
71
|
-
within('h1') { expect(page).to have_text '
|
72
|
-
|
73
|
-
click_button 'Checkout'
|
63
|
+
within('h1') { expect(page).to have_text 'YOUR SHOPPING BAG' }
|
74
64
|
|
75
|
-
|
76
|
-
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
77
|
-
%w(firstname lastname address1 city zipcode phone).each do |field|
|
78
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
79
|
-
end
|
80
|
-
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
81
|
-
check 'order_use_billing'
|
65
|
+
click_link 'checkout'
|
82
66
|
|
67
|
+
fill_in_address
|
83
68
|
click_button 'Save and Continue'
|
84
69
|
click_button 'Save and Continue'
|
85
70
|
|
86
|
-
expect(page).to have_text '
|
71
|
+
expect(page).to have_text 'Order placed successfully'
|
87
72
|
expect(Spree::Order.first.user).to eq user
|
88
73
|
end
|
89
74
|
|
90
75
|
# Regression test for #890
|
91
76
|
scenario 'associate an incomplete guest order with user after successful password reset' do
|
92
|
-
|
93
|
-
user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
|
94
|
-
add_to_cart 'RoR Mug'
|
77
|
+
add_to_cart(mug)
|
95
78
|
|
96
79
|
visit spree.login_path
|
97
|
-
click_link 'Forgot
|
98
|
-
fill_in
|
80
|
+
click_link 'Forgot password?'
|
81
|
+
fill_in('Email', with: 'email@person.com')
|
82
|
+
find('#spree_user_email').set('email@person.com')
|
83
|
+
|
99
84
|
click_button 'Reset my password'
|
100
85
|
|
101
86
|
# Need to do this now because the token stored in the DB is the encrypted version
|
@@ -109,49 +94,39 @@ RSpec.feature 'Checkout', :js, type: :feature do
|
|
109
94
|
fill_in 'Password Confirmation', with: 'password'
|
110
95
|
click_button 'Update'
|
111
96
|
|
112
|
-
expect(page).to have_text('
|
113
|
-
|
97
|
+
expect(page).to have_text('Your password was changed successfully')
|
98
|
+
find('a.cart-icon').click
|
114
99
|
expect(page).to have_text('RoR Mug')
|
115
|
-
|
116
|
-
|
117
|
-
str_addr = 'bill_address'
|
118
|
-
select 'United States', from: "order_#{str_addr}_attributes_country_id"
|
119
|
-
%w(firstname lastname address1 city zipcode phone).each do |field|
|
120
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
121
|
-
end
|
122
|
-
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
123
|
-
check 'order_use_billing'
|
100
|
+
click_link 'checkout'
|
124
101
|
|
102
|
+
fill_in_address
|
125
103
|
click_button 'Save and Continue'
|
126
104
|
|
127
105
|
expect(page).not_to have_text 'Email is invalid'
|
128
106
|
end
|
129
107
|
|
130
108
|
scenario 'allow a user to register during checkout' do
|
131
|
-
add_to_cart
|
132
|
-
|
109
|
+
add_to_cart(mug)
|
110
|
+
click_link 'checkout'
|
133
111
|
|
134
|
-
expect(page).to
|
112
|
+
expect(page).to have_selector(:link, 'Sign Up')
|
135
113
|
|
136
|
-
|
114
|
+
click_link 'Sign Up'
|
115
|
+
|
116
|
+
fill_in 'Email', with: 'test@person.com'
|
137
117
|
fill_in 'Password', with: 'spree123'
|
138
118
|
fill_in 'Password Confirmation', with: 'spree123'
|
139
|
-
click_button 'Create'
|
140
|
-
expect(page).to have_text 'You have signed up successfully.'
|
141
119
|
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
fill_in "order_#{str_addr}_attributes_#{field}", with: address.send(field).to_s
|
146
|
-
end
|
147
|
-
select address.state.name.to_s, from: "order_#{str_addr}_attributes_state_id"
|
148
|
-
check 'order_use_billing'
|
120
|
+
click_button 'Sign Up'
|
121
|
+
|
122
|
+
expect(page).to have_text 'You have signed up successfully.'
|
149
123
|
|
124
|
+
fill_in_address
|
150
125
|
click_button 'Save and Continue'
|
151
126
|
click_button 'Save and Continue'
|
152
127
|
|
153
|
-
expect(page).to have_text '
|
154
|
-
expect(Spree::Order.first.user).to eq Spree
|
128
|
+
expect(page).to have_text 'Order placed successfully'
|
129
|
+
expect(Spree::Order.first.user).to eq Spree.user_class.find_by_email('test@person.com')
|
155
130
|
end
|
156
131
|
end
|
157
132
|
end
|
@@ -8,8 +8,6 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
|
|
8
8
|
|
9
9
|
after(:each) { set_confirmable_option(false) }
|
10
10
|
|
11
|
-
let!(:store) { create(:store) }
|
12
|
-
|
13
11
|
background do
|
14
12
|
ActionMailer::Base.default_url_options[:host] = 'http://example.com'
|
15
13
|
end
|
@@ -20,9 +18,9 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
|
|
20
18
|
fill_in 'Email', with: 'email@person.com'
|
21
19
|
fill_in 'Password', with: 'password'
|
22
20
|
fill_in 'Password Confirmation', with: 'password'
|
23
|
-
click_button '
|
21
|
+
click_button 'Sign Up'
|
24
22
|
|
25
|
-
expect(page).to have_text '
|
26
|
-
expect(Spree
|
23
|
+
expect(page).to have_text I18n.t('devise.user_registrations.signed_up_but_unconfirmed')
|
24
|
+
expect(Spree.user_class.last.confirmed?).to be(false)
|
27
25
|
end
|
28
26
|
end
|
data/spec/features/order_spec.rb
CHANGED
@@ -6,46 +6,40 @@ RSpec.feature 'Orders', :js, type: :feature do
|
|
6
6
|
|
7
7
|
# regression test for spree/spree#1687
|
8
8
|
scenario 'merge incomplete orders from different sessions' do
|
9
|
-
|
10
|
-
|
11
|
-
https://github.com/spree/spree_auth_devise/commit/3157b47b22c559817d34ec34024587d8aa6136dc
|
12
|
-
I dont think we can decode these sessions anymore since Rails 4 switched to encrypted cookies I believe devise stores session encrypted.
|
13
|
-
}
|
14
|
-
create(:product, name: 'RoR Mug')
|
15
|
-
create(:product, name: 'RoR Shirt')
|
9
|
+
ror_mug = create(:product, name: 'RoR Mug')
|
10
|
+
ror_shirt = create(:product, name: 'RoR Shirt')
|
16
11
|
|
17
12
|
user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
|
18
13
|
|
19
14
|
using_session('first') do
|
20
|
-
add_to_cart
|
15
|
+
add_to_cart ror_mug
|
21
16
|
|
22
17
|
visit spree.login_path
|
23
18
|
fill_in 'Email', with: user.email
|
24
19
|
fill_in 'Password', with: user.password
|
25
|
-
click_button '
|
20
|
+
click_button 'Log in'
|
26
21
|
|
27
|
-
|
22
|
+
visit spree.cart_path
|
28
23
|
expect(page).to have_text 'RoR Mug'
|
29
24
|
end
|
30
25
|
|
31
26
|
using_session('second') do
|
32
|
-
add_to_cart
|
27
|
+
add_to_cart ror_shirt
|
33
28
|
|
34
29
|
visit spree.login_path
|
35
30
|
fill_in 'Email', with: user.email
|
36
31
|
fill_in 'Password', with: user.password
|
37
|
-
click_button '
|
32
|
+
click_button 'Log in'
|
38
33
|
|
39
34
|
# Order should have been merged with first session
|
40
|
-
|
35
|
+
visit spree.cart_path
|
41
36
|
expect(page).to have_text 'RoR Mug'
|
42
37
|
expect(page).to have_text 'RoR Shirt'
|
43
38
|
end
|
44
39
|
|
45
40
|
using_session('first') do
|
46
41
|
visit spree.root_path
|
47
|
-
|
48
|
-
click_link 'Cart'
|
42
|
+
visit spree.cart_path
|
49
43
|
|
50
44
|
# Order should have been merged with second session
|
51
45
|
expect(page).to have_text 'RoR Mug'
|
@@ -1,6 +1,4 @@
|
|
1
1
|
RSpec.feature 'Reset Password', type: :feature do
|
2
|
-
let!(:store) { create(:store) }
|
3
|
-
|
4
2
|
background do
|
5
3
|
ActionMailer::Base.default_url_options[:host] = 'http://example.com'
|
6
4
|
end
|
@@ -8,7 +6,7 @@ RSpec.feature 'Reset Password', type: :feature do
|
|
8
6
|
scenario 'allow a user to supply an email for the password reset' do
|
9
7
|
user = create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret')
|
10
8
|
visit spree.login_path
|
11
|
-
click_link 'Forgot
|
9
|
+
click_link 'Forgot password?'
|
12
10
|
fill_in 'Email', with: 'foobar@example.com'
|
13
11
|
click_button 'Reset my password'
|
14
12
|
expect(page).to have_text 'You will receive an email with instructions'
|
@@ -16,7 +14,7 @@ RSpec.feature 'Reset Password', type: :feature do
|
|
16
14
|
|
17
15
|
scenario 'shows errors if no email is supplied' do
|
18
16
|
visit spree.login_path
|
19
|
-
click_link 'Forgot
|
17
|
+
click_link 'Forgot password?'
|
20
18
|
click_button 'Reset my password'
|
21
19
|
expect(page).to have_text "Email can't be blank"
|
22
20
|
end
|
@@ -10,23 +10,21 @@ RSpec.feature 'Sign In', type: :feature do
|
|
10
10
|
end
|
11
11
|
|
12
12
|
scenario 'let a user sign in successfully', js: true do
|
13
|
-
|
14
|
-
|
15
|
-
click_button 'Login'
|
13
|
+
log_in(email: @user.email, password: @user.password)
|
14
|
+
show_user_menu
|
16
15
|
|
17
|
-
expect(page).to have_text 'Logged in successfully'
|
18
16
|
expect(page).not_to have_text 'Login'
|
19
|
-
expect(page).to have_text '
|
20
|
-
expect(current_path).to eq '/'
|
17
|
+
expect(page).to have_text 'LOG OUT'
|
18
|
+
expect(current_path).to eq '/account'
|
21
19
|
end
|
22
20
|
|
23
21
|
scenario 'show validation erros' do
|
24
22
|
fill_in 'Email', with: @user.email
|
25
23
|
fill_in 'Password', with: 'wrong_password'
|
26
|
-
click_button '
|
24
|
+
click_button 'Log in'
|
27
25
|
|
28
26
|
expect(page).to have_text 'Invalid email or password'
|
29
|
-
expect(page).to have_text '
|
27
|
+
expect(page).to have_text 'Log in'
|
30
28
|
end
|
31
29
|
|
32
30
|
scenario 'allow a user to access a restricted page after logging in' do
|
@@ -35,7 +33,7 @@ RSpec.feature 'Sign In', type: :feature do
|
|
35
33
|
|
36
34
|
fill_in 'Email', with: user.email
|
37
35
|
fill_in 'Password', with: user.password
|
38
|
-
click_button '
|
36
|
+
click_button 'Log in'
|
39
37
|
|
40
38
|
within '.user-menu' do
|
41
39
|
expect(page).to have_text 'admin@person.com'
|
@@ -7,44 +7,37 @@ RSpec.feature 'Sign Out', type: :feature, js: true do
|
|
7
7
|
end
|
8
8
|
|
9
9
|
background do
|
10
|
-
|
11
|
-
fill_in 'Email', with: user.email
|
12
|
-
fill_in 'Password', with: user.password
|
13
|
-
# Regression test for #1257
|
14
|
-
check 'Remember me'
|
15
|
-
click_button 'Login'
|
10
|
+
log_in(email: user.email, password: user.password)
|
16
11
|
end
|
17
12
|
|
18
13
|
scenario 'allow a signed in user to logout' do
|
19
|
-
|
14
|
+
log_out
|
15
|
+
|
20
16
|
visit spree.root_path
|
21
|
-
|
22
|
-
|
17
|
+
show_user_menu
|
18
|
+
|
19
|
+
expect(page).to have_link 'LOG IN'
|
20
|
+
expect(page).not_to have_link 'LOG OUT'
|
23
21
|
end
|
24
22
|
|
25
23
|
describe 'before_logout' do
|
26
|
-
|
27
|
-
create(:product, name: 'RoR
|
28
|
-
create(:product, name: 'RoR Shirt')
|
29
|
-
end
|
30
|
-
|
24
|
+
let!(:mug) { create(:product_in_stock, name: 'RoR Mug') }
|
25
|
+
let!(:shirt) { create(:product, name: 'RoR Shirt') }
|
31
26
|
let!(:other_user) { create(:user) }
|
32
27
|
|
33
28
|
it 'clears token cookies' do
|
34
|
-
add_to_cart
|
35
|
-
|
29
|
+
add_to_cart(mug) do
|
30
|
+
find('.close').click
|
31
|
+
end
|
36
32
|
|
37
|
-
|
33
|
+
log_out
|
38
34
|
|
39
|
-
|
35
|
+
find('#link-to-cart').click
|
40
36
|
expect(page).to have_text Spree.t(:your_cart_is_empty)
|
41
37
|
|
42
|
-
|
43
|
-
|
44
|
-
fill_in 'Password', with: other_user.password
|
45
|
-
click_button 'Login'
|
38
|
+
log_in(email: other_user.email, password: user.password)
|
39
|
+
find('#link-to-cart').click
|
46
40
|
|
47
|
-
click_link 'Cart'
|
48
41
|
expect(page).to have_text Spree.t(:your_cart_is_empty)
|
49
42
|
end
|
50
43
|
end
|
@@ -6,10 +6,11 @@ RSpec.feature 'Sign Up', type: :feature do
|
|
6
6
|
fill_in 'Email', with: 'email@person.com'
|
7
7
|
fill_in 'Password', with: 'password'
|
8
8
|
fill_in 'Password Confirmation', with: 'password'
|
9
|
-
|
9
|
+
|
10
|
+
click_button 'Sign Up'
|
10
11
|
|
11
12
|
expect(page).to have_text 'You have signed up successfully.'
|
12
|
-
expect(Spree
|
13
|
+
expect(Spree.user_class.count).to eq(1)
|
13
14
|
end
|
14
15
|
end
|
15
16
|
|
@@ -20,10 +21,11 @@ RSpec.feature 'Sign Up', type: :feature do
|
|
20
21
|
fill_in 'Email', with: 'email@person.com'
|
21
22
|
fill_in 'Password', with: 'password'
|
22
23
|
fill_in 'Password Confirmation', with: ''
|
23
|
-
|
24
|
+
|
25
|
+
click_button 'Sign Up'
|
24
26
|
|
25
27
|
expect(page).to have_css '#errorExplanation'
|
26
|
-
expect(Spree
|
28
|
+
expect(Spree.user_class.count).to eq(0)
|
27
29
|
end
|
28
30
|
end
|
29
31
|
end
|
data/spec/models/user_spec.rb
CHANGED
@@ -31,9 +31,9 @@ RSpec.describe Spree::User, type: :model do
|
|
31
31
|
order.save
|
32
32
|
user = order.user
|
33
33
|
user.destroy
|
34
|
-
expect(Spree
|
35
|
-
expect(Spree
|
36
|
-
expect(Spree
|
34
|
+
expect(Spree.user_class.find_by_id(user.id)).to be_nil
|
35
|
+
expect(Spree.user_class.with_deleted.find_by_id(user.id).id).to eq(user.id)
|
36
|
+
expect(Spree.user_class.with_deleted.find_by_id(user.id).orders.first).to eq(order)
|
37
37
|
|
38
38
|
expect(Spree::Order.find_by_user_id(user.id)).not_to be_nil
|
39
39
|
expect(Spree::Order.where(user_id: user.id).first).to eq(order)
|
@@ -67,13 +67,13 @@ RSpec.describe Spree::User, type: :model do
|
|
67
67
|
it "is confirmable if the confirmable option is enabled" do
|
68
68
|
set_confirmable_option(true)
|
69
69
|
Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
|
70
|
-
expect(Spree
|
70
|
+
expect(Spree.user_class.devise_modules).to include(:confirmable)
|
71
71
|
set_confirmable_option(false)
|
72
72
|
end
|
73
73
|
|
74
74
|
it "is not confirmable if the confirmable option is disabled" do
|
75
75
|
set_confirmable_option(false)
|
76
|
-
expect(Spree
|
76
|
+
expect(Spree.user_class.devise_modules).to_not include(:confirmable)
|
77
77
|
end
|
78
78
|
end
|
79
79
|
end
|
@@ -0,0 +1,42 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
RSpec.feature 'User update', type: :request do
|
4
|
+
context 'CSRF protection' do
|
5
|
+
%i[exception reset_session null_session].each do |strategy|
|
6
|
+
# Completely clean the configuration of forgery protection for the
|
7
|
+
# controller and reset it after the expectations. However, besides `:with`,
|
8
|
+
# the options given to `protect_from_forgery` are processed on the fly.
|
9
|
+
# I.e., there's no way to retain them. The initial setup corresponds to the
|
10
|
+
# dummy application, which uses the default Rails skeleton in that regard.
|
11
|
+
# So, if at some point Rails changed the given options, we should update it
|
12
|
+
# here.
|
13
|
+
around do |example|
|
14
|
+
controller = Spree::UsersController
|
15
|
+
old_allow_forgery_protection_value = controller.allow_forgery_protection
|
16
|
+
old_forgery_protection_strategy = controller.forgery_protection_strategy
|
17
|
+
controller.skip_forgery_protection
|
18
|
+
controller.allow_forgery_protection = true
|
19
|
+
controller.protect_from_forgery with: strategy
|
20
|
+
|
21
|
+
example.run
|
22
|
+
|
23
|
+
controller.allow_forgery_protection = old_allow_forgery_protection_value
|
24
|
+
controller.forgery_protection_strategy = old_forgery_protection_strategy
|
25
|
+
end
|
26
|
+
|
27
|
+
it "is not possible to take account over with the #{strategy} forgery protection strategy" do
|
28
|
+
user = create(:user, email: 'legit@mail.com', password: 'password')
|
29
|
+
|
30
|
+
post '/login', params: "spree_user[email]=legit@mail.com&spree_user[password]=password"
|
31
|
+
begin
|
32
|
+
put '/users/123456', params: 'user[email]=hacked@example.com'
|
33
|
+
rescue
|
34
|
+
# testing that the account is not compromised regardless of any raised
|
35
|
+
# exception
|
36
|
+
end
|
37
|
+
|
38
|
+
expect(user.reload.email).to eq('legit@mail.com')
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
data/spec/spec_helper.rb
CHANGED
@@ -8,6 +8,16 @@ require File.expand_path('../dummy/config/environment', __FILE__)
|
|
8
8
|
require 'rspec/rails'
|
9
9
|
require 'shoulda-matchers'
|
10
10
|
require 'ffaker'
|
11
|
+
require 'pry'
|
12
|
+
|
13
|
+
require 'spree/testing_support/auth_helpers'
|
14
|
+
require 'spree/testing_support/checkout_helpers'
|
15
|
+
|
16
|
+
require 'spree/testing_support/authorization_helpers'
|
17
|
+
require 'spree/testing_support/capybara_ext'
|
18
|
+
require 'spree/testing_support/controller_requests'
|
19
|
+
require 'spree/testing_support/factories'
|
20
|
+
require 'spree/testing_support/url_helpers'
|
11
21
|
|
12
22
|
RSpec.configure do |config|
|
13
23
|
config.filter_run focus: true
|
@@ -27,7 +37,13 @@ RSpec.configure do |config|
|
|
27
37
|
allow(RSpec::Rails::ViewRendering::EmptyTemplateHandler)
|
28
38
|
.to receive(:call)
|
29
39
|
.and_return(%("")) if Rails.gem_version >= Gem::Version.new('6.0.0.beta1')
|
40
|
+
|
41
|
+
create(:store)
|
30
42
|
end
|
43
|
+
|
44
|
+
config.include Spree::TestingSupport::AuthHelpers, type: :feature
|
45
|
+
config.include Spree::TestingSupport::CheckoutHelpers, type: :feature
|
46
|
+
config.include Spree::TestingSupport::UrlHelpers
|
31
47
|
end
|
32
48
|
|
33
49
|
Dir[File.join(File.dirname(__FILE__), 'support/**/*.rb')].each { |f| require f }
|
data/spec/support/add_to_cart.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
|
-
def add_to_cart(
|
2
|
-
visit spree.
|
3
|
-
|
1
|
+
def add_to_cart(product)
|
2
|
+
visit spree.product_path(product)
|
3
|
+
|
4
4
|
if Spree.version.to_f > 3.6
|
5
5
|
expect(page).to have_selector('form#add-to-cart-form')
|
6
6
|
expect(page).to have_selector('button#add-to-cart-button')
|
@@ -10,6 +10,13 @@ def add_to_cart(product_name)
|
|
10
10
|
end
|
11
11
|
click_button 'Add To Cart'
|
12
12
|
wait_for_condition do
|
13
|
-
expect(page).to have_content(Spree.t(:
|
13
|
+
expect(page).to have_content(Spree.t(:added_to_cart))
|
14
|
+
end
|
15
|
+
|
16
|
+
if block_given?
|
17
|
+
yield
|
18
|
+
else
|
19
|
+
click_link 'View cart'
|
20
|
+
expect(page).to have_content 'YOUR SHOPPING BAG'
|
14
21
|
end
|
15
22
|
end
|
data/spec/support/capybara.rb
CHANGED
@@ -1,16 +1,23 @@
|
|
1
1
|
require 'capybara/rspec'
|
2
|
-
require 'capybara
|
2
|
+
require 'capybara-screenshot'
|
3
3
|
require 'capybara-screenshot/rspec'
|
4
|
-
require '
|
5
|
-
|
6
|
-
RSpec.configure do |_config|
|
7
|
-
Capybara.save_and_open_page_path = ENV['CIRCLE_ARTIFACTS'] if ENV['CIRCLE_ARTIFACTS']
|
4
|
+
require 'capybara/rails'
|
5
|
+
require 'selenium/webdriver'
|
8
6
|
|
7
|
+
RSpec.configure do
|
9
8
|
Capybara.register_driver :chrome do |app|
|
9
|
+
Selenium::WebDriver.logger.level = :error
|
10
|
+
|
10
11
|
Capybara::Selenium::Driver.new app,
|
11
12
|
browser: :chrome,
|
12
|
-
options: Selenium::WebDriver::Chrome::Options.new(
|
13
|
+
options: Selenium::WebDriver::Chrome::Options.new(
|
14
|
+
args: %w[headless disable-gpu window-size=1920,1080 --enable-features=NetworkService,NetworkServiceInProcess --disable-features=VizDisplayCompositor],
|
15
|
+
log_level: :error
|
16
|
+
)
|
13
17
|
end
|
14
|
-
|
15
18
|
Capybara.javascript_driver = :chrome
|
16
|
-
|
19
|
+
|
20
|
+
Capybara::Screenshot.register_driver(:chrome) do |driver, path|
|
21
|
+
driver.browser.save_screenshot(path)
|
22
|
+
end
|
23
|
+
end
|
data/spree_auth_devise.gemspec
CHANGED
@@ -3,11 +3,11 @@
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.platform = Gem::Platform::RUBY
|
5
5
|
s.name = 'spree_auth_devise'
|
6
|
-
s.version = '4.
|
6
|
+
s.version = '4.1.1'
|
7
7
|
s.summary = 'Provides authentication and authorization services for use with Spree by using Devise and CanCan.'
|
8
8
|
s.description = s.summary
|
9
9
|
|
10
|
-
s.required_ruby_version = '>= 2.
|
10
|
+
s.required_ruby_version = '>= 2.5.0'
|
11
11
|
|
12
12
|
s.author = 'Sean Schofield'
|
13
13
|
s.email = 'sean@spreecommerce.com'
|
@@ -19,18 +19,19 @@ Gem::Specification.new do |s|
|
|
19
19
|
s.require_path = 'lib'
|
20
20
|
s.requirements << 'none'
|
21
21
|
|
22
|
+
s.add_dependency 'deface', '~> 1.0'
|
23
|
+
|
22
24
|
s.add_dependency 'devise', '~> 4.7'
|
23
25
|
s.add_dependency 'devise-encryptable', '0.2.0'
|
24
26
|
|
25
|
-
spree_version = '>=
|
27
|
+
spree_version = '>= 4.1.0.alpha', '< 4.2'
|
26
28
|
s.add_dependency 'spree_core', spree_version
|
27
29
|
s.add_dependency 'spree_extension'
|
28
|
-
s.add_dependency 'deface', '~> 1.0'
|
29
30
|
|
30
|
-
s.add_development_dependency '
|
31
|
+
s.add_development_dependency 'appraisal'
|
32
|
+
s.add_development_dependency 'capybara'
|
31
33
|
s.add_development_dependency 'capybara-screenshot'
|
32
34
|
s.add_development_dependency 'coffee-rails', '~> 4.2'
|
33
|
-
s.add_development_dependency 'sass-rails'
|
34
35
|
s.add_development_dependency 'database_cleaner', '~> 1.5'
|
35
36
|
s.add_development_dependency 'email_spec', '~> 2.1'
|
36
37
|
s.add_development_dependency 'factory_bot', '~> 4.7'
|
@@ -38,13 +39,16 @@ Gem::Specification.new do |s|
|
|
38
39
|
s.add_development_dependency 'launchy'
|
39
40
|
s.add_development_dependency 'mysql2'
|
40
41
|
s.add_development_dependency 'pg'
|
41
|
-
s.add_development_dependency 'selenium-webdriver'
|
42
42
|
s.add_development_dependency 'pry'
|
43
|
-
s.add_development_dependency '
|
44
|
-
s.add_development_dependency '
|
43
|
+
s.add_development_dependency 'puma'
|
44
|
+
s.add_development_dependency 'rails-controller-testing'
|
45
|
+
s.add_development_dependency 'rspec-rails', '~> 4.0.0.beta2'
|
46
|
+
s.add_development_dependency 'sass-rails'
|
47
|
+
s.add_development_dependency 'selenium-webdriver'
|
48
|
+
s.add_development_dependency 'shoulda-matchers', '~> 4.3'
|
45
49
|
s.add_development_dependency 'simplecov', '~> 0.12'
|
46
50
|
s.add_development_dependency 'spree_backend', spree_version
|
47
51
|
s.add_development_dependency 'spree_frontend', spree_version
|
48
52
|
s.add_development_dependency 'sqlite3'
|
49
|
-
s.add_development_dependency '
|
53
|
+
s.add_development_dependency 'webdrivers', '~> 4.2.0'
|
50
54
|
end
|