spree_auth_devise 4.1.0.rc1 → 4.3.2

data/lib/spree_auth_devise.rb

@@ -1,5 +1,4 @@
 require 'spree_core'
 require 'spree/auth/devise'
 require 'spree/authentication_helpers'
-require 'deface'
 require 'spree_extension'

data/lib/views/backend/spree/admin/user_passwords/new.html.erb

@@ -5,7 +5,7 @@
 
   <p><%= Spree.t(:instructions_to_reset_password) %></p>
 
-  <%= form_for Spree::User.new, :as => :spree_user, :url => spree.reset_password_path do |f| %>
+  <%= form_for Spree.user_class.new, :as => :spree_user, :url => spree.reset_password_path do |f| %>
     <p>
       <%= f.label :email, Spree.t(:email) %><br />
       <%= f.email_field :email %>

data/lib/views/backend/spree/admin/user_sessions/new.html.erb

@@ -4,7 +4,7 @@
 
 <div data-hook="login" class="card border-0">
   <div class="card-body">
-    <%= form_for Spree::User.new, :as => :spree_user, :url => spree.admin_create_new_session_path do |f| %>
+    <%= form_for Spree.user_class.new, :as => :spree_user, :url => spree.admin_create_new_session_path do |f| %>
       <div id="password-credentials">
         <div class="form-group text-center">
           <%= f.label :email, Spree.t(:email) %>

data/spec/controllers/spree/api/v2/storefront/passwords_controller_spec.rb

@@ -0,0 +1,63 @@
+RSpec.describe Spree::Api::V2::Storefront::PasswordsController, type: :controller do
+  let(:user) { create(:user) }
+  let(:password) { 'new_password' }
+  let(:store) { create(:store) }
+
+  describe 'POST create' do
+    before { post :create, params: params }
+
+    context 'when the user email has not been specified' do
+      let(:params) { { user: { email: '' } } }
+      it 'responds with not found status' do
+        expect(response.code).to eq('404')
+      end
+    end
+
+    context 'when the user email not found' do
+      let(:params) { { user: { email: 'dummy_email@example.com' } } }
+      it 'responds with not found status' do
+        expect(response.code).to eq('404')
+      end
+    end
+
+    context 'when the user email has been specified' do
+      let(:params) { { user: { email: user.email } } }
+      it_behaves_like 'returns 200 HTTP status'
+    end
+  end
+
+  describe 'PATCH update' do
+    before { patch :update, params: params }
+
+    context 'when updating password with blank password' do
+      let(:params) {
+        {
+          id: user.send_reset_password_instructions(Spree::Store.current),
+          user: {
+            password: '',
+            password_confirmation: ''
+          }
+        }
+      }
+
+      it 'responds with error' do
+        expect(response.code).to eq('422')
+        expect(JSON.parse(response.body)['error']).to eq("Password can't be blank")
+      end
+    end
+
+    context 'when updating password with specified password' do
+      let(:params) {
+        {
+          id: user.send_reset_password_instructions(Spree::Store.current),
+          user: {
+            password: password,
+            password_confirmation: password
+          }
+        }
+      }
+
+      it_behaves_like 'returns 200 HTTP status'
+    end
+  end
+end

data/spec/controllers/spree/user_registrations_controller_spec.rb

@@ -25,7 +25,7 @@ RSpec.describe Spree::UserRegistrationsController, type: :controller do
           order = create(:order, guest_token: 'ABC', user_id: nil, created_by_id: nil)
         end
         post :create, params: { spree_user: { email: 'foobar@example.com', password: 'foobar123', password_confirmation: 'foobar123' }}
-        user = Spree::User.find_by_email('foobar@example.com')
+        user = Spree.user_class.find_by_email('foobar@example.com')
 
         order.reload
         expect(order.user_id).to eq user.id

data/spec/features/admin/sign_in_spec.rb

@@ -34,8 +34,14 @@ RSpec.feature 'Admin - Sign In', type: :feature do
     fill_in 'Email', with: user.email
     fill_in 'Password', with: 'secret'
     click_button 'Log in'
-    within '.user-menu' do
-      expect(page).to have_text 'admin@person.com'
+    if Spree.version.to_f > 4.1
+      within '.navbar .dropdown-menu' do
+        expect(page).to have_text 'admin@person.com'
+      end
+    else
+      within '.user-menu' do
+        expect(page).to have_text 'admin@person.com'
+      end
     end
     expect(current_path).to eq '/admin/orders'
   end

data/spec/features/checkout_spec.rb

@@ -60,7 +60,7 @@ RSpec.feature 'Checkout', :js, type: :feature do
       find('a.cart-icon').click
 
       expect(page).to have_text 'RoR Mug'
-      within('h1') { expect(page).to have_text 'YOUR SHOPPING BAG' }
+      within('h1') { expect(page).to have_text 'YOUR SHOPPING CART' }
 
       click_link 'checkout'
 
@@ -87,9 +87,9 @@ RSpec.feature 'Checkout', :js, type: :feature do
       # The 'plain-text' version is sent in the email and there's one way to get that!
       reset_password_email = ActionMailer::Base.deliveries.first
       token_url_regex = /^http:\/\/www.example.com\/user\/spree_user\/password\/edit\?reset_password_token=(.*)$/
-      token = token_url_regex.match(reset_password_email.body.to_s)[1]
+      token = token_url_regex.match(reset_password_email.body.encoded)[1]
 
-      visit spree.edit_spree_user_password_path(reset_password_token: token)
+      visit spree.edit_spree_user_password_path(reset_password_token: token).tr("%0D","")
       fill_in 'Password', with: 'password'
       fill_in 'Password Confirmation', with: 'password'
       click_button 'Update'
@@ -126,7 +126,7 @@ RSpec.feature 'Checkout', :js, type: :feature do
       click_button 'Save and Continue'
 
       expect(page).to have_text 'Order placed successfully'
-      expect(Spree::Order.first.user).to eq Spree::User.find_by_email('test@person.com')
+      expect(Spree::Order.first.user).to eq Spree.user_class.find_by_email('test@person.com')
     end
   end
 end

data/spec/features/confirmation_spec.rb

@@ -3,7 +3,7 @@ require 'spec_helper'
 RSpec.feature 'Confirmation', type: :feature, reload_user: true do
   before do
     set_confirmable_option(true)
-    Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
+    expect(Spree::UserMailer).to receive(:confirmation_instructions).with(anything, anything, { current_store_id: Spree::Store.current.id }).and_return(double(deliver: true))
   end
 
   after(:each) { set_confirmable_option(false) }
@@ -20,7 +20,7 @@ RSpec.feature 'Confirmation', type: :feature, reload_user: true do
     fill_in 'Password Confirmation', with: 'password'
     click_button 'Sign Up'
 
-    expect(page).to have_text 'You have signed up successfully.'
-    expect(Spree::User.last.confirmed?).to be(false)
+    expect(page).to have_text I18n.t('devise.user_registrations.signed_up_but_unconfirmed')
+    expect(Spree.user_class.last.confirmed?).to be(false)
   end
 end

data/spec/features/sign_in_spec.rb

@@ -35,17 +35,23 @@ RSpec.feature 'Sign In', type: :feature do
     fill_in 'Password', with: user.password
     click_button 'Log in'
 
-    within '.user-menu' do
-      expect(page).to have_text 'admin@person.com'
+    if Spree.version.to_f > 4.1
+      within '.navbar .dropdown-menu' do
+        expect(page).to have_text 'admin@person.com'
+      end
+    else
+      within '.user-menu' do
+        expect(page).to have_text 'admin@person.com'
+      end
     end
     expect(current_path).to eq '/admin/orders'
   end
 
-  xit "should store the user previous location" do
+  it 'should store the user previous location' do
     visit spree.account_path
-    fill_in "Email", with: @user.email
-    fill_in "Password", with: @user.password
-    click_button "Login"
-    expect(current_path).to eq "/account"
+    fill_in 'Email', with: @user.email
+    fill_in 'Password', with: @user.password
+    click_button 'Log in'
+    expect(current_path).to eq '/account'
   end
 end

data/spec/features/sign_out_spec.rb

@@ -26,9 +26,7 @@ RSpec.feature 'Sign Out', type: :feature, js: true do
     let!(:other_user) { create(:user) }
 
     it 'clears token cookies' do
-      add_to_cart(mug) do
-        find('.close').click
-      end
+      add_to_cart(mug)
 
       log_out
 

data/spec/features/sign_up_spec.rb

@@ -10,7 +10,7 @@ RSpec.feature 'Sign Up', type: :feature do
       click_button 'Sign Up'
 
       expect(page).to have_text 'You have signed up successfully.'
-      expect(Spree::User.count).to eq(1)
+      expect(Spree.user_class.count).to eq(1)
     end
   end
 
@@ -25,7 +25,7 @@ RSpec.feature 'Sign Up', type: :feature do
       click_button 'Sign Up'
 
       expect(page).to have_css '#errorExplanation'
-      expect(Spree::User.count).to eq(0)
+      expect(Spree.user_class.count).to eq(0)
     end
   end
 end

data/spec/mailers/user_mailer_spec.rb

@@ -5,7 +5,7 @@ RSpec.describe Spree::UserMailer, type: :mailer do
   describe '#reset_password_instructions' do
     describe 'message contents' do
       before do
-        @message = described_class.reset_password_instructions(user, 'token goes here')
+        @message = described_class.reset_password_instructions(user, 'token goes here', { current_store_id: Spree::Store.current.id })
       end
 
       context 'subject includes' do
@@ -22,7 +22,7 @@ RSpec.describe Spree::UserMailer, type: :mailer do
 
       context 'body includes' do
         it 'password reset url' do
-          expect(@message.body.raw_source).to include "http://#{store.url}/user/spree_user/password/edit"
+          expect(@message.body.encoded).to include "http://#{store.url}/user/spree_user/password/edit"
         end
       end
     end
@@ -30,7 +30,7 @@ RSpec.describe Spree::UserMailer, type: :mailer do
     describe 'legacy support for User object' do
       it 'sends an email' do
         expect {
-          described_class.reset_password_instructions(user, 'token goes here').deliver_now
+          described_class.reset_password_instructions(user, 'token goes here', { current_store_id: Spree::Store.current.id }).deliver_now
         }.to change(ActionMailer::Base.deliveries, :size).by(1)
       end
     end

data/spec/models/user_spec.rb

@@ -1,5 +1,6 @@
 RSpec.describe Spree::User, type: :model do
   before(:all) { Spree::Role.create name: 'admin' }
+  let!(:store) { create(:store) }
 
   it '#admin?' do
     expect(create(:admin_user).admin?).to be true
@@ -8,8 +9,9 @@ RSpec.describe Spree::User, type: :model do
 
   it 'generates the reset password token' do
     user = build(:user)
-    expect(Spree::UserMailer).to receive(:reset_password_instructions).with(user, anything, {}).and_return(double(deliver: true))
-    user.send_reset_password_instructions
+    current_store = Spree::Store.current
+    expect(Spree::UserMailer).to receive(:reset_password_instructions).with(user, anything, { current_store_id: current_store.id }).and_return(double(deliver: true))
+    user.send_reset_password_instructions(current_store)
     expect(user.reset_password_token).not_to be_nil
   end
 
@@ -31,9 +33,9 @@ RSpec.describe Spree::User, type: :model do
       order.save
       user = order.user
       user.destroy
-      expect(Spree::User.find_by_id(user.id)).to be_nil
-      expect(Spree::User.with_deleted.find_by_id(user.id).id).to eq(user.id)
-      expect(Spree::User.with_deleted.find_by_id(user.id).orders.first).to eq(order)
+      expect(Spree.user_class.find_by_id(user.id)).to be_nil
+      expect(Spree.user_class.with_deleted.find_by_id(user.id).id).to eq(user.id)
+      expect(Spree.user_class.with_deleted.find_by_id(user.id).orders.first).to eq(order)
 
       expect(Spree::Order.find_by_user_id(user.id)).not_to be_nil
       expect(Spree::Order.where(user_id: user.id).first).to eq(order)
@@ -66,14 +68,14 @@ RSpec.describe Spree::User, type: :model do
   describe "confirmable", reload_user: true do
     it "is confirmable if the confirmable option is enabled" do
       set_confirmable_option(true)
-      Spree::UserMailer.stub(:confirmation_instructions).and_return(double(deliver: true))
-      expect(Spree::User.devise_modules).to include(:confirmable)
+      Spree::UserMailer.stub(:confirmation_instructions).with(anything, anything, { current_store_id: Spree::Store.current.id }).and_return(double(deliver: true))
+      expect(Spree.user_class.devise_modules).to include(:confirmable)
       set_confirmable_option(false)
     end
 
     it "is not confirmable if the confirmable option is disabled" do
       set_confirmable_option(false)
-      expect(Spree::User.devise_modules).to_not include(:confirmable)
+      expect(Spree.user_class.devise_modules).to_not include(:confirmable)
     end
   end
 end

data/spec/requests/spree/api/v2/storefront/account_confirmation_spec.rb

@@ -0,0 +1,48 @@
+require 'spec_helper'
+
+describe 'Storefront API v2 Account Confirmation spec', type: :request do
+  describe 'account_confirmations#show' do
+
+    before do
+      Spree::User.stub(:confirm_by_token, confirmation_token: confirmation_token).and_return user
+      get "/api/v2/storefront/account_confirmations/#{confirmation_token}"
+    end
+
+    context 'valid confirmation_token param' do
+      let(:user) { create(:user, confirmation_token: '12345') }
+      let(:confirmation_token) { user.confirmation_token }
+
+      it_behaves_like 'returns 200 HTTP status'
+
+      it 'returns user state' do
+        expect(JSON.parse(response.body)['data']['state']).to eq('')
+      end
+    end
+
+    context 'invalid confirmation_token param' do
+      let(:user) do
+        user = create(:user)
+        user.errors.add(:confirmation_token, :invalid)
+        return user
+      end
+      let(:confirmation_token) { 'dummy_token' }
+
+      it 'return 422 status' do
+        expect(response.code).to eq('422')
+      end
+
+      it 'return JSON API payload of error' do
+        expect(JSON.parse(response.body)['error']).to eq("Confirmation token is invalid")
+      end
+    end
+
+    context 'blank confirmation_token param' do
+      let(:user) { build(:user) }
+      let(:confirmation_token) { '' }
+
+      it 'return 301 status' do
+        expect(response.code).to eq('301')
+      end
+    end
+  end
+end

data/spec/requests/spree/api/v2/storefront/account_spec.rb

@@ -0,0 +1,101 @@
+require 'spec_helper'
+
+describe 'Storefront API v2 Account spec', type: :request do
+  describe 'account#create' do
+    before { post '/api/v2/storefront/account', params: params }
+
+    context 'valid user params' do
+      let(:params) do
+        {
+          "user": {
+            "email": "hello@example.com",
+            "password": "password123",
+            "password_confirmation": "password123"
+          }
+        }
+      end
+
+      it_behaves_like 'returns 200 HTTP status'
+
+      it 'return JSON API payload of User' do
+        expect(JSON.parse(response.body)['data']['attributes']['email']).to eq('hello@example.com')
+      end
+    end
+
+    context 'invalid user params' do
+      let(:params) do
+        {
+          "user": {
+            "email": "hello@example.com",
+            "password": "password123",
+            "password_confirmation": ""
+          }
+        }
+      end
+
+      it 'return JSON API payload of error' do
+        expect(JSON.parse(response.body)['error']).to eq("Password Confirmation doesn't match Password")
+      end
+    end
+
+  end
+
+  describe 'account#update' do
+    include_context 'API v2 tokens'
+
+    let!(:user)  { create(:user_with_addresses) }
+    let(:headers) { headers_bearer }
+
+    before { patch '/api/v2/storefront/account', params: params, headers: headers }
+
+    context 'valid user params' do
+      let(:params) do
+        {
+          "user": {
+            "email": "spree@example.com",
+            "password": "password123",
+            "password_confirmation": "password123"
+          }
+        }
+      end
+
+      it_behaves_like 'returns 200 HTTP status'
+
+      it 'return JSON API payload of User' do
+        expect(JSON.parse(response.body)['data']['attributes']['email']).to eq('spree@example.com')
+      end
+    end
+
+    context 'valid user params without passwords' do
+      let(:params) do
+        {
+          "user": {
+            "email": "spree@example.com"
+          }
+        }
+      end
+
+      it_behaves_like 'returns 200 HTTP status'
+
+      it 'return JSON API payload of User' do
+        expect(JSON.parse(response.body)['data']['attributes']['email']).to eq('spree@example.com')
+      end
+    end
+
+    context 'invalid user params' do
+      let(:params) do
+        {
+          "user": {
+            "email": "spree@example.com",
+            "password": "password123",
+            "password_confirmation": ""
+          }
+        }
+      end
+
+      it 'return JSON API payload of error' do
+        expect(JSON.parse(response.body)['error']).to eq("Password Confirmation doesn't match Password")
+      end
+    end
+  end
+end