spree_auth_devise 4.0.0 → 4.3.1

data/spec/features/confirmation_spec.rb

@@ -3,13 +3,11 @@ require 'spec_helper'
 RSpec.feature 'Confirmation', type: :feature, reload_user: true do
   before do
     set_confirmable_option(true)
-    Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
+    expect(Spree::UserMailer).to receive(:confirmation_instructions).with(anything, anything, { current_store_id: Spree::Store.current.id }).and_return(double(deliver: true))
   end
 
   after(:each) { set_confirmable_option(false) }
 
-  let!(:store) { create(:store) }
-
   background do
     ActionMailer::Base.default_url_options[:host] = 'http://example.com'
   end
@@ -20,9 +18,9 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
     fill_in 'Email', with: 'email@person.com'
     fill_in 'Password', with: 'password'
     fill_in 'Password Confirmation', with: 'password'
-    click_button 'Create'
+    click_button 'Sign Up'
 
-    expect(page).to have_text 'You have signed up successfully.'
-    expect(Spree::User.last.confirmed?).to be(false)
+    expect(page).to have_text I18n.t('devise.user_registrations.signed_up_but_unconfirmed')
+    expect(Spree.user_class.last.confirmed?).to be(false)
   end
 end

data/spec/features/order_spec.rb

@@ -6,46 +6,40 @@ RSpec.feature 'Orders', :js, type: :feature do
 
   # regression test for spree/spree#1687
   scenario 'merge incomplete orders from different sessions' do
-    skip %{
-      TODO: has been broken for ~2 months as of:
-      https://github.com/spree/spree_auth_devise/commit/3157b47b22c559817d34ec34024587d8aa6136dc
-      I dont think we can decode these sessions anymore since Rails 4 switched to encrypted cookies I believe devise stores session encrypted.
-    }
-    create(:product, name: 'RoR Mug')
-    create(:product, name: 'RoR Shirt')
+    ror_mug = create(:product, name: 'RoR Mug')
+    ror_shirt = create(:product, name: 'RoR Shirt')
 
     user = create(:user, email: 'email@person.com', password: 'password', password_confirmation: 'password')
 
     using_session('first') do
-      add_to_cart 'RoR Mug'
+      add_to_cart ror_mug
 
       visit spree.login_path
       fill_in 'Email', with: user.email
       fill_in 'Password', with: user.password
-      click_button 'Login'
+      click_button 'Log in'
 
-      click_link 'Cart'
+      visit spree.cart_path
       expect(page).to have_text 'RoR Mug'
     end
 
     using_session('second') do
-      add_to_cart 'RoR Shirt'
+      add_to_cart ror_shirt
 
       visit spree.login_path
       fill_in 'Email', with: user.email
       fill_in 'Password', with: user.password
-      click_button 'Login'
+      click_button 'Log in'
 
       # Order should have been merged with first session
-      click_link 'Cart'
+      visit spree.cart_path
       expect(page).to have_text 'RoR Mug'
       expect(page).to have_text 'RoR Shirt'
     end
 
     using_session('first') do
       visit spree.root_path
-
-      click_link 'Cart'
+      visit spree.cart_path
 
       # Order should have been merged with second session
       expect(page).to have_text 'RoR Mug'

data/spec/features/password_reset_spec.rb

@@ -1,6 +1,4 @@
 RSpec.feature 'Reset Password', type: :feature do
-  let!(:store) { create(:store) }
-
   background do
     ActionMailer::Base.default_url_options[:host] = 'http://example.com'
   end
@@ -8,7 +6,7 @@ RSpec.feature 'Reset Password', type: :feature do
   scenario 'allow a user to supply an email for the password reset' do
     user = create(:user, email: 'foobar@example.com', password: 'secret', password_confirmation: 'secret')
     visit spree.login_path
-    click_link 'Forgot Password?'
+    click_link 'Forgot password?'
     fill_in 'Email', with: 'foobar@example.com'
     click_button 'Reset my password'
     expect(page).to have_text 'You will receive an email with instructions'
@@ -16,7 +14,7 @@ RSpec.feature 'Reset Password', type: :feature do
 
   scenario 'shows errors if no email is supplied' do
     visit spree.login_path
-    click_link 'Forgot Password?'
+    click_link 'Forgot password?'
     click_button 'Reset my password'
     expect(page).to have_text "Email can't be blank"
   end

data/spec/features/sign_in_spec.rb

@@ -10,23 +10,21 @@ RSpec.feature 'Sign In', type: :feature do
   end
 
   scenario 'let a user sign in successfully', js: true do
-    fill_in 'Email', with: @user.email
-    fill_in 'Password', with: @user.password
-    click_button 'Login'
+    log_in(email: @user.email, password: @user.password)
+    show_user_menu
 
-    expect(page).to have_text 'Logged in successfully'
     expect(page).not_to have_text 'Login'
-    expect(page).to have_text 'Logout'
-    expect(current_path).to eq '/'
+    expect(page).to have_text 'LOG OUT'
+    expect(current_path).to eq '/account'
   end
 
   scenario 'show validation erros' do
     fill_in 'Email', with: @user.email
     fill_in 'Password', with: 'wrong_password'
-    click_button 'Login'
+    click_button 'Log in'
 
     expect(page).to have_text 'Invalid email or password'
-    expect(page).to have_text 'Login'
+    expect(page).to have_text 'Log in'
   end
 
   scenario 'allow a user to access a restricted page after logging in' do
@@ -35,19 +33,25 @@ RSpec.feature 'Sign In', type: :feature do
 
     fill_in 'Email', with: user.email
     fill_in 'Password', with: user.password
-    click_button 'Login'
-
-    within '.user-menu' do
-      expect(page).to have_text 'admin@person.com'
+    click_button 'Log in'
+
+    if Spree.version.to_f > 4.1
+      within '.navbar .dropdown-menu' do
+        expect(page).to have_text 'admin@person.com'
+      end
+    else
+      within '.user-menu' do
+        expect(page).to have_text 'admin@person.com'
+      end
     end
     expect(current_path).to eq '/admin/orders'
   end
 
-  xit "should store the user previous location" do
+  it 'should store the user previous location' do
     visit spree.account_path
-    fill_in "Email", with: @user.email
-    fill_in "Password", with: @user.password
-    click_button "Login"
-    expect(current_path).to eq "/account"
+    fill_in 'Email', with: @user.email
+    fill_in 'Password', with: @user.password
+    click_button 'Log in'
+    expect(current_path).to eq '/account'
   end
 end

data/spec/features/sign_out_spec.rb

@@ -7,44 +7,35 @@ RSpec.feature 'Sign Out', type: :feature, js: true do
   end
 
   background do
-    visit spree.login_path
-    fill_in 'Email', with: user.email
-    fill_in 'Password', with: user.password
-    # Regression test for #1257
-    check 'Remember me'
-    click_button 'Login'
+    log_in(email: user.email, password: user.password)
   end
 
   scenario 'allow a signed in user to logout' do
-    click_link 'Logout'
+    log_out
+
     visit spree.root_path
-    expect(page).to have_text 'Login'
-    expect(page).not_to have_text 'Logout'
+    show_user_menu
+
+    expect(page).to have_link 'LOG IN'
+    expect(page).not_to have_link 'LOG OUT'
   end
 
   describe 'before_logout' do
-    before do
-      create(:product, name: 'RoR Mug')
-      create(:product, name: 'RoR Shirt')
-    end
-
+    let!(:mug)        { create(:product_in_stock, name: 'RoR Mug') }
+    let!(:shirt)      { create(:product, name: 'RoR Shirt') }
     let!(:other_user) { create(:user) }
 
     it 'clears token cookies' do
-      add_to_cart 'RoR Mug'
-      expect(page).to have_text 'RoR Mug'
+      add_to_cart(mug)
 
-      click_link 'Logout'
+      log_out
 
-      click_link 'Cart'
+      find('#link-to-cart').click
       expect(page).to have_text Spree.t(:your_cart_is_empty)
 
-      visit spree.login_path
-      fill_in 'Email', with: other_user.email
-      fill_in 'Password', with: other_user.password
-      click_button 'Login'
+      log_in(email: other_user.email, password: user.password)
+      find('#link-to-cart').click
 
-      click_link 'Cart'
       expect(page).to have_text Spree.t(:your_cart_is_empty)
     end
   end

data/spec/features/sign_up_spec.rb

@@ -6,10 +6,11 @@ RSpec.feature 'Sign Up', type: :feature do
       fill_in 'Email', with: 'email@person.com'
       fill_in 'Password', with: 'password'
       fill_in 'Password Confirmation', with: 'password'
-      click_button 'Create'
+
+      click_button 'Sign Up'
 
       expect(page).to have_text 'You have signed up successfully.'
-      expect(Spree::User.count).to eq(1)
+      expect(Spree.user_class.count).to eq(1)
     end
   end
 
@@ -20,10 +21,11 @@ RSpec.feature 'Sign Up', type: :feature do
       fill_in 'Email', with: 'email@person.com'
       fill_in 'Password', with: 'password'
       fill_in 'Password Confirmation', with: ''
-      click_button 'Create'
+
+      click_button 'Sign Up'
 
       expect(page).to have_css '#errorExplanation'
-      expect(Spree::User.count).to eq(0)
+      expect(Spree.user_class.count).to eq(0)
     end
   end
 end

data/spec/mailers/user_mailer_spec.rb

@@ -1,11 +1,11 @@
 RSpec.describe Spree::UserMailer, type: :mailer do
-  let!(:store) { create(:store) }
   let(:user) { create(:user) }
+  let(:store) { Spree::Store.default }
 
   describe '#reset_password_instructions' do
     describe 'message contents' do
       before do
-        @message = described_class.reset_password_instructions(user, 'token goes here')
+        @message = described_class.reset_password_instructions(user, 'token goes here', { current_store_id: Spree::Store.current.id })
       end
 
       context 'subject includes' do
@@ -22,7 +22,7 @@ RSpec.describe Spree::UserMailer, type: :mailer do
 
       context 'body includes' do
         it 'password reset url' do
-          expect(@message.body.raw_source).to include "http://#{store.url}/user/spree_user/password/edit"
+          expect(@message.body.encoded).to include "http://#{store.url}/user/spree_user/password/edit"
         end
       end
     end
@@ -30,7 +30,7 @@ RSpec.describe Spree::UserMailer, type: :mailer do
     describe 'legacy support for User object' do
       it 'sends an email' do
         expect {
-          described_class.reset_password_instructions(user, 'token goes here').deliver_now
+          described_class.reset_password_instructions(user, 'token goes here', { current_store_id: Spree::Store.current.id }).deliver_now
         }.to change(ActionMailer::Base.deliveries, :size).by(1)
       end
     end

data/spec/models/user_spec.rb

@@ -1,5 +1,6 @@
 RSpec.describe Spree::User, type: :model do
   before(:all) { Spree::Role.create name: 'admin' }
+  let!(:store) { create(:store) }
 
   it '#admin?' do
     expect(create(:admin_user).admin?).to be true
@@ -8,8 +9,9 @@ RSpec.describe Spree::User, type: :model do
 
   it 'generates the reset password token' do
     user = build(:user)
-    expect(Spree::UserMailer).to receive(:reset_password_instructions).with(user, anything, {}).and_return(double(deliver: true))
-    user.send_reset_password_instructions
+    current_store = Spree::Store.current
+    expect(Spree::UserMailer).to receive(:reset_password_instructions).with(user, anything, { current_store_id: current_store.id }).and_return(double(deliver: true))
+    user.send_reset_password_instructions(current_store)
     expect(user.reset_password_token).not_to be_nil
   end
 
@@ -31,9 +33,9 @@ RSpec.describe Spree::User, type: :model do
       order.save
       user = order.user
       user.destroy
-      expect(Spree::User.find_by_id(user.id)).to be_nil
-      expect(Spree::User.with_deleted.find_by_id(user.id).id).to eq(user.id)
-      expect(Spree::User.with_deleted.find_by_id(user.id).orders.first).to eq(order)
+      expect(Spree.user_class.find_by_id(user.id)).to be_nil
+      expect(Spree.user_class.with_deleted.find_by_id(user.id).id).to eq(user.id)
+      expect(Spree.user_class.with_deleted.find_by_id(user.id).orders.first).to eq(order)
 
       expect(Spree::Order.find_by_user_id(user.id)).not_to be_nil
       expect(Spree::Order.where(user_id: user.id).first).to eq(order)
@@ -66,14 +68,14 @@ RSpec.describe Spree::User, type: :model do
   describe "confirmable", reload_user: true do
     it "is confirmable if the confirmable option is enabled" do
       set_confirmable_option(true)
-      Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
-      expect(Spree::User.devise_modules).to include(:confirmable)
+      Spree::UserMailer.stub(:confirmation_instructions).with(anything, anything, { current_store_id: Spree::Store.current.id }).and_return(double(deliver: true))
+      expect(Spree.user_class.devise_modules).to include(:confirmable)
       set_confirmable_option(false)
     end
 
     it "is not confirmable if the confirmable option is disabled" do
       set_confirmable_option(false)
-      expect(Spree::User.devise_modules).to_not include(:confirmable)
+      expect(Spree.user_class.devise_modules).to_not include(:confirmable)
     end
   end
 end

data/spec/requests/spree/api/v2/storefront/account_confirmation_spec.rb

@@ -0,0 +1,48 @@
+require 'spec_helper'
+
+describe 'Storefront API v2 Account Confirmation spec', type: :request do
+  describe 'account_confirmations#show' do
+
+    before do
+      Spree::User.stub(:confirm_by_token, confirmation_token: confirmation_token).and_return user
+      get "/api/v2/storefront/account_confirmations/#{confirmation_token}"
+    end
+
+    context 'valid confirmation_token param' do
+      let(:user) { create(:user, confirmation_token: '12345') }
+      let(:confirmation_token) { user.confirmation_token }
+
+      it_behaves_like 'returns 200 HTTP status'
+
+      it 'returns user state' do
+        expect(JSON.parse(response.body)['data']['state']).to eq('')
+      end
+    end
+
+    context 'invalid confirmation_token param' do
+      let(:user) do
+        user = create(:user)
+        user.errors.add(:confirmation_token, :invalid)
+        return user
+      end
+      let(:confirmation_token) { 'dummy_token' }
+
+      it 'return 422 status' do
+        expect(response.code).to eq('422')
+      end
+
+      it 'return JSON API payload of error' do
+        expect(JSON.parse(response.body)['error']).to eq("Confirmation token is invalid")
+      end
+    end
+
+    context 'blank confirmation_token param' do
+      let(:user) { build(:user) }
+      let(:confirmation_token) { '' }
+
+      it 'return 301 status' do
+        expect(response.code).to eq('301')
+      end
+    end
+  end
+end

data/spec/requests/spree/api/v2/storefront/account_spec.rb

@@ -0,0 +1,101 @@
+require 'spec_helper'
+
+describe 'Storefront API v2 Account spec', type: :request do
+  describe 'account#create' do
+    before { post '/api/v2/storefront/account', params: params }
+
+    context 'valid user params' do
+      let(:params) do
+        {
+          "user": {
+            "email": "hello@example.com",
+            "password": "password123",
+            "password_confirmation": "password123"
+          }
+        }
+      end
+
+      it_behaves_like 'returns 200 HTTP status'
+
+      it 'return JSON API payload of User' do
+        expect(JSON.parse(response.body)['data']['attributes']['email']).to eq('hello@example.com')
+      end
+    end
+
+    context 'invalid user params' do
+      let(:params) do
+        {
+          "user": {
+            "email": "hello@example.com",
+            "password": "password123",
+            "password_confirmation": ""
+          }
+        }
+      end
+
+      it 'return JSON API payload of error' do
+        expect(JSON.parse(response.body)['error']).to eq("Password Confirmation doesn't match Password")
+      end
+    end
+
+  end
+
+  describe 'account#update' do
+    include_context 'API v2 tokens'
+
+    let!(:user)  { create(:user_with_addresses) }
+    let(:headers) { headers_bearer }
+
+    before { patch '/api/v2/storefront/account', params: params, headers: headers }
+
+    context 'valid user params' do
+      let(:params) do
+        {
+          "user": {
+            "email": "spree@example.com",
+            "password": "password123",
+            "password_confirmation": "password123"
+          }
+        }
+      end
+
+      it_behaves_like 'returns 200 HTTP status'
+
+      it 'return JSON API payload of User' do
+        expect(JSON.parse(response.body)['data']['attributes']['email']).to eq('spree@example.com')
+      end
+    end
+
+    context 'valid user params without passwords' do
+      let(:params) do
+        {
+          "user": {
+            "email": "spree@example.com"
+          }
+        }
+      end
+
+      it_behaves_like 'returns 200 HTTP status'
+
+      it 'return JSON API payload of User' do
+        expect(JSON.parse(response.body)['data']['attributes']['email']).to eq('spree@example.com')
+      end
+    end
+
+    context 'invalid user params' do
+      let(:params) do
+        {
+          "user": {
+            "email": "spree@example.com",
+            "password": "password123",
+            "password_confirmation": ""
+          }
+        }
+      end
+
+      it 'return JSON API payload of error' do
+        expect(JSON.parse(response.body)['error']).to eq("Password Confirmation doesn't match Password")
+      end
+    end
+  end
+end