heartcombo--devise/test/models/database_authenticatable_test.rb

require 'test_helper'
require 'test_models'
require 'digest/sha1'

class DatabaseAuthenticatableTest < ActiveSupport::TestCase
  test 'should downcase case insensitive keys when saving' do
    # case_insensitive_keys is set to :email by default.
    email = 'Foo@Bar.com'
    user = new_user(:email => email)

    assert_equal email, user.email
    user.save!
    assert_equal email.downcase, user.email
  end

  test 'should downcase case insensitive keys that refer to virtual attributes when saving' do
    email        = 'Foo@Bar1.com'
    confirmation = 'Foo@Bar1.com'
    attributes   = valid_attributes(:email => email, :email_confirmation => confirmation)
    user = UserWithVirtualAttributes.new(attributes)

    assert_equal confirmation, user.email_confirmation
    user.save!
    assert_equal confirmation.downcase, user.email_confirmation
  end

  test 'should remove whitespace from strip whitespace keys when saving' do
    # strip_whitespace_keys is set to :email by default.
    email = ' foo@bar.com '
    user = new_user(:email => email)

    assert_equal email, user.email
    user.save!
    assert_equal email.strip, user.email
  end

  test "doesn't throw exception when globally configured strip_whitespace_keys are not present on a model" do
    swap Devise, :strip_whitespace_keys => [:fake_key] do
      assert_nothing_raised { create_user }
    end
  end

  test "doesn't throw exception when globally configured case_insensitive_keys are not present on a model" do
    swap Devise, :case_insensitive_keys => [:fake_key] do
      assert_nothing_raised { create_user }
    end
  end

  test "param filter should not convert booleans and integer to strings" do
    conditions = { "login" => "foo@bar.com", "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => (1..10) }
    conditions = Devise::ParamFilter.new([], []).filter(conditions)
    assert_equal( { "login" => "foo@bar.com", "bool1" => "true", "bool2" => "false", "fixnum" => "123", "will_be_converted" => "1..10" }, conditions)
  end

  test 'should respond to password and password confirmation' do
    user = new_user
    assert user.respond_to?(:password)
    assert user.respond_to?(:password_confirmation)
  end

  test 'should generate encrypted password while setting password' do
    user = new_user
    assert_present user.encrypted_password
  end

  test 'allow authenticatable_salt to work even with nil encrypted password' do
    user = User.new
    user.encrypted_password = nil
    assert_nil user.authenticatable_salt
  end

  test 'should not generate encrypted password if password is blank' do
    assert_blank new_user(:password => nil).encrypted_password
    assert_blank new_user(:password => '').encrypted_password
  end

  test 'should encrypt password again if password has changed' do
    user = create_user
    encrypted_password = user.encrypted_password
    user.password = user.password_confirmation = 'new_password'
    user.save!
    assert_not_equal encrypted_password, user.encrypted_password
  end

  test 'should test for a valid password' do
    user = create_user
    assert user.valid_password?('12345678')
    assert_not user.valid_password?('654321')
  end

  test 'should not raise error with an empty password' do
    user = create_user
    user.encrypted_password = ''
    assert_nothing_raised { user.valid_password?('12345678') }
  end

  test 'should be an invalid password if the user has an empty password' do
    user = create_user
    user.encrypted_password = ''
    assert_not user.valid_password?('654321')
  end

  test 'should respond to current password' do
    assert new_user.respond_to?(:current_password)
  end

  test 'should update password with valid current password' do
    user = create_user
    assert user.update_with_password(:current_password => '12345678',
      :password => 'pass4321', :password_confirmation => 'pass4321')
    assert user.reload.valid_password?('pass4321')
  end

  test 'should update password with valid current password and :as option' do
    user = create_user
    assert user.update_with_password(:current_password => '12345678',
      :password => 'pass4321', :password_confirmation => 'pass4321', :as => :admin)
    assert user.reload.valid_password?('pass4321')
  end

  test 'should add an error to current password when it is invalid' do
    user = create_user
    assert_not user.update_with_password(:current_password => 'other',
      :password => 'pass4321', :password_confirmation => 'pass4321')
    assert user.reload.valid_password?('12345678')
    assert_match "is invalid", user.errors[:current_password].join
  end

  test 'should add an error to current password when it is blank' do
    user = create_user
    assert_not user.update_with_password(:password => 'pass4321',
      :password_confirmation => 'pass4321')
    assert user.reload.valid_password?('12345678')
    assert_match "can't be blank", user.errors[:current_password].join
  end

  test 'should run validations even when current password is invalid or blank' do
    user = UserWithValidation.create!(valid_attributes)
    user.save
    assert user.persisted?
    assert_not user.update_with_password(:username => "")
    assert_match "usertest", user.reload.username
    assert_match "can't be blank", user.errors[:username].join
  end

  test 'should ignore password and its confirmation if they are blank' do
    user = create_user
    assert user.update_with_password(:current_password => '12345678', :email => "new@example.com")
    assert_equal "new@example.com", user.email
  end

  test 'should not update password with invalid confirmation' do
    user = create_user
    assert_not user.update_with_password(:current_password => '12345678',
      :password => 'pass4321', :password_confirmation => 'other')
    assert user.reload.valid_password?('12345678')
  end

  test 'should clean up password fields on failure' do
    user = create_user
    assert_not user.update_with_password(:current_password => '12345678',
      :password => 'pass4321', :password_confirmation => 'other')
    assert user.password.blank?
    assert user.password_confirmation.blank?
  end

  test 'should update the user without password' do
    user = create_user
    user.update_without_password(:email => 'new@example.com')
    assert_equal 'new@example.com', user.email
  end

  test 'should update the user without password with :as option' do
    user = create_user
    user.update_without_password(:email => 'new@example.com', :as => :admin)
    assert_equal 'new@example.com', user.email
  end

  test 'should not update password without password' do
    user = create_user
    user.update_without_password(:password => 'pass4321', :password_confirmation => 'pass4321')
    assert !user.reload.valid_password?('pass4321')
    assert user.valid_password?('12345678')
  end

  test 'downcase_keys with validation' do
    user = User.create(:email => "HEllO@example.com", :password => "123456")
    user = User.create(:email => "HEllO@example.com", :password => "123456")
    assert !user.valid?
  end

  test 'required_fiels should be encryptable_password and the email field by default' do
    assert_same_content Devise::Models::DatabaseAuthenticatable.required_fields(User), [
      :email,
      :encrypted_password
    ]
  end

  test 'required_fields should be encryptable_password and the login when the login is on authentication_keys' do
    swap Devise, :authentication_keys => [:login] do
      assert_same_content Devise::Models::DatabaseAuthenticatable.required_fields(User), [
        :encrypted_password,
        :login
      ]
    end
  end
end
Compatibility with Ruby 1.9.1 and 1.9.2. 2010-03-26 06:27:19 -04:00			`require 'test_helper'`
Move test models into their own file so they can be used elsewhere 2012-12-01 22:06:03 -05:00			`require 'test_models'`
Authenticable module: generating salt and encrypting password 2009-09-17 08:24:33 -04:00			`require 'digest/sha1'`

Initial work on making the authentication stack more flexible. 2010-03-29 10:13:19 -04:00			`class DatabaseAuthenticatableTest < ActiveSupport::TestCase`
add unit and integration tests for case insensitive keys 2010-11-20 09:54:01 -05:00			`test 'should downcase case insensitive keys when saving' do`
			`# case_insensitive_keys is set to :email by default.`
			`email = 'Foo@Bar.com'`
			`user = new_user(:email => email)`
Update DatabaseAuthenticatable#valid_password? to not raise error on empty password Signed-off-by: José Valim <jose.valim@gmail.com> 2011-04-16 02:13:17 -04:00
add unit and integration tests for case insensitive keys 2010-11-20 09:54:01 -05:00			`assert_equal email, user.email`
			`user.save!`
			`assert_equal email.downcase, user.email`
			`end`
Added required_fields to database_authenticatable 2012-02-17 11:52:42 -05:00
Add failing test for #2129 2012-12-01 22:06:11 -05:00			`test 'should downcase case insensitive keys that refer to virtual attributes when saving' do`
Refactor a bit to avoid two model attributes lookup Tidy up tests a bit. 2012-12-04 14:37:12 -05:00			`email = 'Foo@Bar1.com'`
Add failing test for #2129 2012-12-01 22:06:11 -05:00			`confirmation = 'Foo@Bar1.com'`
Refactor a bit to avoid two model attributes lookup Tidy up tests a bit. 2012-12-04 14:37:12 -05:00			`attributes = valid_attributes(:email => email, :email_confirmation => confirmation)`
			`user = UserWithVirtualAttributes.new(attributes)`

Remove nothing raised assertion Let the test raise if that is the case, no need for assert that nothing was raised. Hopefully fix the build :sparkles: 2012-12-04 14:48:49 -05:00			`assert_equal confirmation, user.email_confirmation`
			`user.save!`
Refactor a bit to avoid two model attributes lookup Tidy up tests a bit. 2012-12-04 14:37:12 -05:00			`assert_equal confirmation.downcase, user.email_confirmation`
Add failing test for #2129 2012-12-01 22:06:11 -05:00			`end`

Add strip_whitespace_keys which works like case_insensitive_keys but strips whitespace from emails 2011-06-10 04:37:43 -04:00			`test 'should remove whitespace from strip whitespace keys when saving' do`
			`# strip_whitespace_keys is set to :email by default.`
			`email = ' foo@bar.com '`
			`user = new_user(:email => email)`

			`assert_equal email, user.email`
			`user.save!`
			`assert_equal email.strip, user.email`
			`end`
Update DatabaseAuthenticatable#valid_password? to not raise error on empty password Signed-off-by: José Valim <jose.valim@gmail.com> 2011-04-16 02:13:17 -04:00
Add failing tests for Issue #2204 For a point release upgrade, Devise should not throw an exception when trying to downcase or strip globally configured keys. This would be a breaking change in functionality and this test demonstrates the issue. 2013-01-09 12:41:20 -05:00			`test "doesn't throw exception when globally configured strip_whitespace_keys are not present on a model" do`
			`swap Devise, :strip_whitespace_keys => [:fake_key] do`
			`assert_nothing_raised { create_user }`
			`end`
			`end`

			`test "doesn't throw exception when globally configured case_insensitive_keys are not present on a model" do`
			`swap Devise, :case_insensitive_keys => [:fake_key] do`
			`assert_nothing_raised { create_user }`
			`end`
			`end`

Move param filtering to its own object and make all finder methods pass through it, closes #1413. 2011-11-10 07:14:02 -05:00			`test "param filter should not convert booleans and integer to strings" do`
Require string conversion for all values 2013-01-26 13:42:25 -05:00			`conditions = { "login" => "foo@bar.com", "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => (1..10) }`
Move param filtering to its own object and make all finder methods pass through it, closes #1413. 2011-11-10 07:14:02 -05:00			`conditions = Devise::ParamFilter.new([], []).filter(conditions)`
Require string conversion for all values 2013-01-26 13:42:25 -05:00			`assert_equal( { "login" => "foo@bar.com", "bool1" => "true", "bool2" => "false", "fixnum" => "123", "will_be_converted" => "1..10" }, conditions)`
Allow regular expressions to avoid string conversion for parameter filtering. 2011-12-14 11:41:24 -05:00			`end`

Authenticable module: generating salt and encrypting password 2009-09-17 08:24:33 -04:00			`test 'should respond to password and password confirmation' do`
			`user = new_user`
			`assert user.respond_to?(:password)`
			`assert user.respond_to?(:password_confirmation)`
			`end`

Extract encryptors into their own module for better bcrypt support. 2010-09-25 10:08:46 -04:00			`test 'should generate encrypted password while setting password' do`
Refactor tests a little bit and gain more speed (from 12s to 9s in my machine). 2009-11-24 20:19:12 -05:00			`user = new_user`
			`assert_present user.encrypted_password`
Refactoring generating salt and encrypting password only before saving the record. 2009-10-08 19:57:10 -04:00			`end`

Ensure authenticatable_salt can be nil. 2010-11-11 16:51:19 -05:00			`test 'allow authenticatable_salt to work even with nil encrypted password' do`
			`user = User.new`
			`user.encrypted_password = nil`
			`assert_nil user.authenticatable_salt`
			`end`

Refactor tests a little bit and gain more speed (from 12s to 9s in my machine). 2009-11-24 20:19:12 -05:00			`test 'should not generate encrypted password if password is blank' do`
			`assert_blank new_user(:password => nil).encrypted_password`
			`assert_blank new_user(:password => '').encrypted_password`
Authenticable module: generating salt and encrypting password 2009-09-17 08:24:33 -04:00			`end`

			`test 'should encrypt password again if password has changed' do`
			`user = create_user`
			`encrypted_password = user.encrypted_password`
Refactoring generating salt and encrypting password only before saving the record. 2009-10-08 19:57:10 -04:00			`user.password = user.password_confirmation = 'new_password'`
			`user.save!`
Authenticable module: generating salt and encrypting password 2009-09-17 08:24:33 -04:00			`assert_not_equal encrypted_password, user.encrypted_password`
			`end`

Adding confirmable module, generating confirmation code and confirming a user account. 2009-09-17 10:06:46 -04:00			`test 'should test for a valid password' do`
			`user = create_user`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`assert user.valid_password?('12345678')`
Adding validatable module containing some default email and password validations. 2009-09-18 11:03:41 -04:00			`assert_not user.valid_password?('654321')`
Adding confirmable module, generating confirmation code and confirming a user account. 2009-09-17 10:06:46 -04:00			`end`

Update DatabaseAuthenticatable#valid_password? to not raise error on empty password Signed-off-by: José Valim <jose.valim@gmail.com> 2011-04-16 02:13:17 -04:00			`test 'should not raise error with an empty password' do`
			`user = create_user`
			`user.encrypted_password = ''`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`assert_nothing_raised { user.valid_password?('12345678') }`
Update DatabaseAuthenticatable#valid_password? to not raise error on empty password Signed-off-by: José Valim <jose.valim@gmail.com> 2011-04-16 02:13:17 -04:00			`end`

			`test 'should be an invalid password if the user has an empty password' do`
			`user = create_user`
			`user.encrypted_password = ''`
			`assert_not user.valid_password?('654321')`
			`end`

More work on edit. 2010-02-08 14:38:47 -05:00			`test 'should respond to current password' do`
			`assert new_user.respond_to?(:current_password)`
Adding old_password reader method to authenticatable 2009-12-14 20:25:45 -05:00			`end`

More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`test 'should update password with valid current password' do`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`user = create_user`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`assert user.update_with_password(:current_password => '12345678',`
			`:password => 'pass4321', :password_confirmation => 'pass4321')`
			`assert user.reload.valid_password?('pass4321')`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`end`
Added required_fields to database_authenticatable 2012-02-17 11:52:42 -05:00
Added support for rails 3.1 new mass assignment conventions 2011-11-24 03:51:03 -05:00			`test 'should update password with valid current password and :as option' do`
			`user = create_user`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`assert user.update_with_password(:current_password => '12345678',`
			`:password => 'pass4321', :password_confirmation => 'pass4321', :as => :admin)`
			`assert user.reload.valid_password?('pass4321')`
Added support for rails 3.1 new mass assignment conventions 2011-11-24 03:51:03 -05:00			`end`
Added required_fields to database_authenticatable 2012-02-17 11:52:42 -05:00
More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`test 'should add an error to current password when it is invalid' do`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`user = create_user`
More work on edit. 2010-02-08 14:38:47 -05:00			`assert_not user.update_with_password(:current_password => 'other',`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`:password => 'pass4321', :password_confirmation => 'pass4321')`
			`assert user.reload.valid_password?('12345678')`
Got all tests in test/models and failure app ones passing. 369 tests, 805 assertions, 13 failures, 2 errors. 2010-02-16 11:00:36 -05:00			`assert_match "is invalid", user.errors[:current_password].join`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`end`

More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`test 'should add an error to current password when it is blank' do`
			`user = create_user`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`assert_not user.update_with_password(:password => 'pass4321',`
			`:password_confirmation => 'pass4321')`
			`assert user.reload.valid_password?('12345678')`
Got all tests in test/models and failure app ones passing. 369 tests, 805 assertions, 13 failures, 2 errors. 2010-02-16 11:00:36 -05:00			`assert_match "can't be blank", user.errors[:current_password].join`
More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`end`

Test for previous commit 2011-06-21 20:45:07 -04:00			`test 'should run validations even when current password is invalid or blank' do`
			`user = UserWithValidation.create!(valid_attributes)`
			`user.save`
			`assert user.persisted?`
			`assert_not user.update_with_password(:username => "")`
			`assert_match "usertest", user.reload.username`
			`assert_match "can't be blank", user.errors[:username].join`
			`end`

More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`test 'should ignore password and its confirmation if they are blank' do`
			`user = create_user`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`assert user.update_with_password(:current_password => '12345678', :email => "new@example.com")`
Change test email addresses to ues RFC 2606 reserved domain example.com 2011-04-17 21:14:56 -04:00			`assert_equal "new@example.com", user.email`
More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`end`

Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`test 'should not update password with invalid confirmation' do`
			`user = create_user`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`assert_not user.update_with_password(:current_password => '12345678',`
			`:password => 'pass4321', :password_confirmation => 'other')`
			`assert user.reload.valid_password?('12345678')`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`end`
More changes in update_with_password. 2010-02-08 17:14:03 -05:00
			`test 'should clean up password fields on failure' do`
			`user = create_user`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`assert_not user.update_with_password(:current_password => '12345678',`
			`:password => 'pass4321', :password_confirmation => 'other')`
More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`assert user.password.blank?`
			`assert user.password_confirmation.blank?`
			`end`
Downcase keys before validation. 2011-04-16 06:52:59 -04:00
added update_without_password method 2011-05-05 03:24:21 -04:00			`test 'should update the user without password' do`
			`user = create_user`
			`user.update_without_password(:email => 'new@example.com')`
			`assert_equal 'new@example.com', user.email`
			`end`
Added required_fields to database_authenticatable 2012-02-17 11:52:42 -05:00
Added support for rails 3.1 new mass assignment conventions 2011-11-24 03:51:03 -05:00			`test 'should update the user without password with :as option' do`
			`user = create_user`
			`user.update_without_password(:email => 'new@example.com', :as => :admin)`
			`assert_equal 'new@example.com', user.email`
			`end`
added update_without_password method 2011-05-05 03:24:21 -04:00
			`test 'should not update password without password' do`
			`user = create_user`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`user.update_without_password(:password => 'pass4321', :password_confirmation => 'pass4321')`
			`assert !user.reload.valid_password?('pass4321')`
			`assert user.valid_password?('12345678')`
added update_without_password method 2011-05-05 03:24:21 -04:00			`end`

Downcase keys before validation. 2011-04-16 06:52:59 -04:00			`test 'downcase_keys with validation' do`
			`user = User.create(:email => "HEllO@example.com", :password => "123456")`
			`user = User.create(:email => "HEllO@example.com", :password => "123456")`
			`assert !user.valid?`
			`end`
Added required_fields to database_authenticatable 2012-02-17 11:52:42 -05:00
			`test 'required_fiels should be encryptable_password and the email field by default' do`
No need to sort anymore 2012-02-20 07:17:32 -05:00			`assert_same_content Devise::Models::DatabaseAuthenticatable.required_fields(User), [`
Added required_fields to database_authenticatable 2012-02-17 11:52:42 -05:00			`:email,`
			`:encrypted_password`
			`]`
			`end`

			`test 'required_fields should be encryptable_password and the login when the login is on authentication_keys' do`
Test, you shall pass! 2012-02-20 06:36:27 -05:00			`swap Devise, :authentication_keys => [:login] do`
No need to sort anymore 2012-02-20 07:17:32 -05:00			`assert_same_content Devise::Models::DatabaseAuthenticatable.required_fields(User), [`
Added required_fields to database_authenticatable 2012-02-17 11:52:42 -05:00			`:encrypted_password,`
			`:login`
			`]`
			`end`
			`end`
Change the minimum password length to 8 2012-07-06 10:46:46 -04:00			`end`