From 3c5bfc952086bb82bc498047f29974b03921e0bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Mon, 12 Oct 2009 08:37:28 -0300 Subject: [PATCH] Kick tests back to life. --- app/controllers/confirmations_controller.rb | 8 +- app/controllers/passwords_controller.rb | 7 +- app/controllers/sessions_controller.rb | 18 ++- app/views/sessions/new.html.erb | 2 +- config/locales/en.yml | 2 +- lib/devise.rb | 54 ++------- lib/devise/action_controller.rb | 13 --- lib/devise/action_view.rb | 11 -- lib/devise/active_record.rb | 13 ++- lib/devise/controllers/authenticable.rb | 51 --------- lib/devise/controllers/filters.rb | 54 +++++++-- lib/devise/controllers/resources.rb | 32 ------ lib/devise/initializers/warden.rb | 8 +- lib/devise/models/authenticable.rb | 4 +- lib/devise/models/confirmable.rb | 12 +- lib/devise/models/perishable.rb | 2 +- lib/devise/models/recoverable.rb | 4 +- lib/devise/models/validatable.rb | 2 +- .../integration/admins/authentication_test.rb | 83 -------------- test/integration/admins/confirmation_test.rb | 49 -------- .../admins/password_recovery_test.rb | 104 ----------------- test/integration/authentication_test.rb | 50 -------- test/integration/users/confirmation_test.rb | 52 --------- .../users/password_recovery_test.rb | 107 ------------------ test/map_test.rb | 44 ------- test/models/confirmable_test.rb | 6 - test/rails_app/config/initializers/devise.rb | 2 +- test/routes/confirmation_routing_test.rb | 28 ----- test/routes/map_routing_test.rb | 28 ----- test/routes/password_routing_test.rb | 36 ------ test/routes/session_routing_test.rb | 28 ----- 31 files changed, 100 insertions(+), 814 deletions(-) delete mode 100644 lib/devise/action_controller.rb delete mode 100644 lib/devise/action_view.rb delete mode 100644 lib/devise/controllers/authenticable.rb delete mode 100644 lib/devise/controllers/resources.rb delete mode 100644 test/integration/admins/authentication_test.rb delete mode 100644 test/integration/admins/confirmation_test.rb delete mode 100644 test/integration/admins/password_recovery_test.rb delete mode 100644 test/integration/authentication_test.rb delete mode 100644 test/integration/users/confirmation_test.rb delete mode 100644 test/integration/users/password_recovery_test.rb delete mode 100644 test/map_test.rb delete mode 100644 test/routes/confirmation_routing_test.rb delete mode 100644 test/routes/map_routing_test.rb delete mode 100644 test/routes/password_routing_test.rb delete mode 100644 test/routes/session_routing_test.rb diff --git a/app/controllers/confirmations_controller.rb b/app/controllers/confirmations_controller.rb index 2692e37f..e83f2309 100644 --- a/app/controllers/confirmations_controller.rb +++ b/app/controllers/confirmations_controller.rb @@ -1,5 +1,5 @@ class ConfirmationsController < ApplicationController - before_filter :find_resource_class + before_filter :is_devise_resource? # GET /confirmation/new # @@ -10,8 +10,9 @@ class ConfirmationsController < ApplicationController # def create self.resource = resource_class.send_confirmation_instructions(params[resource_name]) + if resource.errors.empty? - flash[:success] = I18n.t(:send_instructions, :scope => [:devise, :confirmations], :default => 'You will receive an email with instructions about how to confirm your account in a few minutes.') + set_flash_message :success, :send_instructions redirect_to new_session_path(resource_name) else render :new @@ -22,8 +23,9 @@ class ConfirmationsController < ApplicationController # def show self.resource = resource_class.confirm!(:perishable_token => params[:perishable_token]) + if resource.errors.empty? - flash[:success] = I18n.t(:confirm, :scope => [:devise, :confirmations], :default => 'Your account was successfully confirmed!') + set_flash_message :success, :confirmed redirect_to new_session_path(resource_name) else render :new diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 8f75dca7..32dbc7c2 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -1,5 +1,5 @@ class PasswordsController < ApplicationController - before_filter :find_resource_class, :require_no_authentication + before_filter :is_devise_resource?, :require_no_authentication # GET /password/new # @@ -10,8 +10,9 @@ class PasswordsController < ApplicationController # def create self.resource = resource_class.send_reset_password_instructions(params[resource_name]) + if resource.errors.empty? - flash[:success] = I18n.t(:send_instructions, :scope => [:devise, :passwords], :default => 'You will receive an email with instructions about how to reset your password in a few minutes.') + set_flash_message :success, :send_instructions redirect_to new_session_path(resource_name) else render :new @@ -30,7 +31,7 @@ class PasswordsController < ApplicationController def update self.resource = resource_class.reset_password!(params[resource_name]) if resource.errors.empty? - flash[:success] = I18n.t(:update, :scope => [:devise, :passwords], :default => 'Your password was changed successfully.') + set_flash_message :success, :updated redirect_to new_session_path(resource_name) else render :edit diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 6bc771fb..66fe2d62 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -1,10 +1,10 @@ class SessionsController < ApplicationController - before_filter :find_resource_class + before_filter :is_devise_resource? + before_filter :require_no_authentication, :only => [ :new, :create ] # GET /session/sign_in - # TODO Test me def new - set_flash_message :failure, params[:message].to_sym, true if params[:message] + unauthenticated! if params[:unauthenticated] end # POST /session/sign_in @@ -13,7 +13,7 @@ class SessionsController < ApplicationController set_flash_message :success, :signed_in redirect_to root_path else - set_flash_message :failure, :unauthenticated, true + unauthenticated! render :new end end @@ -21,9 +21,15 @@ class SessionsController < ApplicationController # GET /session/sign_out # DELETE /session/sign_out def destroy + set_flash_message :success, :signed_out if authenticated?(resource_name) logout(resource_name) - # TODO Do not show me unless logged in - set_flash_message :success, :signed_out redirect_to root_path end + + protected + + def unauthenticated! + flash.now[:failure] = I18n.t(:"#{resource_name}.unauthenticated", + :scope => [:devise, :sessions], :default => :unauthenticated) + end end diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb index 775cc04f..ad13da9a 100644 --- a/app/views/sessions/new.html.erb +++ b/app/views/sessions/new.html.erb @@ -1,6 +1,6 @@

Sign in

-<% form_for :session, :url => session_path(resource_name) do |f| -%> +<% form_for resource_name, :url => session_path(resource_name) do |f| -%>

<%= f.label :email %>

<%= f.text_field :email %>

diff --git a/config/locales/en.yml b/config/locales/en.yml index 6a00b4a5..5b71a3da 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -6,7 +6,7 @@ en: unauthenticated: 'Invalid email or password.' passwords: send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.' - update: 'Your password was changed successfully.' + updated: 'Your password was changed successfully.' confirmations: send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.' confirmed: 'Your account was successfully confirmed!' diff --git a/lib/devise.rb b/lib/devise.rb index 475dd5e1..c9d97bf9 100644 --- a/lib/devise.rb +++ b/lib/devise.rb @@ -6,56 +6,18 @@ rescue end require 'devise/initializers/warden' - -module Devise - class Mapping - attr_reader :name, :as, :for - - def initialize(name, options) - @name = name - @for = Array(options[:for]) - @klass = (options[:to] || name.to_s.classify).to_s - @as = (options[:as] || name.to_s.pluralize).to_sym - end - - # Reload mapped class each time when cache_classes is false. - # - def to - return @to if @to - klass = @klass.constantize - @to = klass if Rails.configuration.cache_classes - klass - end - end - - mattr_accessor :mappings - self.mappings = {} - - def self.map(mapping, options={}) - raise ArgumentError, "Need to provide :for option for Devise.map" unless options.key?(:for) - options.assert_valid_keys(:to, :for, :as) - self.mappings[mapping] = Mapping.new(mapping, options) - end - - # TODO Test me - def self.find_mapping_by_path(path) - route = path.split("/")[1] - return nil unless route - - route = route.to_sym - mappings.each do |key, map| - return map if map.as == route.to_sym - end - nil - end -end +require 'devise/mapping' # Ensure to include Devise modules only after Rails initialization. # This way application should have already defined Devise mappings and we are # able to create default filters. # Rails.configuration.after_initialize do - ActiveRecord::Base.send :extend, Devise::ActiveRecord - ActionController::Base.send :include, Devise::ActionController - ActionView::Base.send :include, Devise::ActionView + ActiveRecord::Base.extend Devise::ActiveRecord + + ActionController::Base.send :include, Devise::Controllers::Filters + ActionController::Base.send :include, Devise::Controllers::Helpers + ActionController::Base.send :include, Devise::Controllers::UrlHelpers + + ActionView::Base.send :include, Devise::Controllers::UrlHelpers end diff --git a/lib/devise/action_controller.rb b/lib/devise/action_controller.rb deleted file mode 100644 index a9ec7263..00000000 --- a/lib/devise/action_controller.rb +++ /dev/null @@ -1,13 +0,0 @@ -module Devise - module ActionController - - def self.included(base) - base.class_eval do - include Devise::Controllers::Authenticable - include Devise::Controllers::Resources - include Devise::Controllers::UrlHelpers - include Devise::Controllers::Filters - end - end - end -end diff --git a/lib/devise/action_view.rb b/lib/devise/action_view.rb deleted file mode 100644 index 479e8f2d..00000000 --- a/lib/devise/action_view.rb +++ /dev/null @@ -1,11 +0,0 @@ -module Devise - module ActionView - - def self.included(base) - base.class_eval do - include Devise::Controllers::Resources - include Devise::Controllers::UrlHelpers - end - end - end -end diff --git a/lib/devise/active_record.rb b/lib/devise/active_record.rb index 1ac9c5a9..bbfab865 100644 --- a/lib/devise/active_record.rb +++ b/lib/devise/active_record.rb @@ -1,25 +1,32 @@ module Devise module ActiveRecord # Shortcut method for including all devise modules inside your User class + # # Examples: + # # # include only authenticable module (default) # devise + # # # include authenticable + confirmable modules # devise :confirmable + # # # include authenticable + recoverable modules # devise :recoverable + # # # include authenticable + validatable modules # devise :validatable + # # # include all modules # devise :confirmable, :recoverable, :validatable + # # # shortcut to include all modules (same as above) # devise :all # def devise(*options) include Devise::Models::Authenticable - include Devise::Models::Confirmable if [:all, :confirmable].any?{|o| options.include?(o) } - include Devise::Models::Recoverable if [:all, :recoverable].any?{|o| options.include?(o) } - include Devise::Models::Validatable if [:all, :validatable].any?{|o| options.include?(o) } + include Devise::Models::Confirmable unless ([:all, :confirmable] & options).empty? + include Devise::Models::Recoverable unless ([:all, :recoverable] & options).empty? + include Devise::Models::Validatable unless ([:all, :validatable] & options).empty? end end end diff --git a/lib/devise/controllers/authenticable.rb b/lib/devise/controllers/authenticable.rb deleted file mode 100644 index f88a7cb7..00000000 --- a/lib/devise/controllers/authenticable.rb +++ /dev/null @@ -1,51 +0,0 @@ -module Devise - module Controllers - - # Some helpers taken from RailsWarden. - module Authenticable - - def self.included(base) - base.class_eval do - helper_method :warden, :current_user, :signed_in? - end - end - - # The main accessor for the warden proxy instance - # - def warden - request.env['warden'] - end - - # Proxy to the authenticated? method on warden - # - def authenticated?(scope=:default) - warden.authenticated?(scope.to_sym) - end - alias_method :signed_in?, :authenticated? - - # Access the currently logged in user based on the scope - # - def current_user(scope=resource_name) - warden.user(scope) - end - - def current_user=(user) - warden.set_user(user, :scope => resource_name) - end - - # Logout the current user based on scope - # TODO Test me - # - def logout(*args) - warden.raw_session.inspect # Without this inspect here. The session does not clear :| - warden.logout(*args) - end - - # TODO Test me - def set_flash_message(key, kind, now=false) - hash = now ? flash.now : flash - hash[key] = I18n.t(:"#{resource_name}.#{kind}", :scope => [:devise, controller_name.to_sym], :default => kind) - end - end - end -end diff --git a/lib/devise/controllers/filters.rb b/lib/devise/controllers/filters.rb index bc200681..06f21f4c 100644 --- a/lib/devise/controllers/filters.rb +++ b/lib/devise/controllers/filters.rb @@ -4,41 +4,79 @@ module Devise protected + # The main accessor for the warden proxy instance + # + def warden + request.env['warden'] + end + + # Check if a user is authenticated or not performing the proper action. + # + def authenticate!(scope) + warden.authenticate!(:scope => scope) + end + + # Proxy to the authenticated? method on warden + # + def authenticated?(scope) + warden.authenticated?(scope) + end + alias :signed_in? :authenticated? + + # Logout based on scope + # + def logout(scope, *args) + warden.raw_session.inspect # Without this inspect here. The session does not clear. + warden.logout(scope, *args) + end + # Define authentication filters based on mappings. These filters should be # used inside the controllers as before_filters, so you can control the # scope of the user who should be signed in to access that specific # controller/action. # # Example: + # # Maps: # Devise.map :users, :for => [:authenticable] # Devise.map :admin, :for => [:authenticable] + # # Generated Filters: # user_authenticate! # admin_authenticate! + # # Use: # before_filter :user_authenticate! # Tell devise to use :user map # before_filter :admin_authenticate! # Tell devise to use :admin map # Devise.mappings.each_key do |mapping| - class_eval <<-METHOD + class_eval <<-METHODS, __FILE__, __LINE__ def #{mapping}_authenticate! - warden.authenticate!(:devise, :scope => :#{mapping}) + warden.authenticate!(:scope => :#{mapping}) end - METHOD + + def #{mapping}_authenticated? + warden.authenticated?(:#{mapping}) + end + + def current_#{mapping} + @current_#{mapping} ||= warden.user(:#{mapping}) + end + METHODS end # Helper for use in before_filters where no authentication is required. - # Please note that all scopes will be tested within this filter, and if - # one of then is authenticated the filter will redirect. # # Example: # before_filter :require_no_authentication, :only => :new # def require_no_authentication - Devise.mappings.each_key do |map| - redirect_to root_path if authenticated?(map) - end + redirect_to root_path if warden.authenticated?(resource_name) + end + + # TODO Test me + def is_devise_resource? + render :status => :not_found unless devise_mapping && devise_mapping.allows?(controller_name) end end diff --git a/lib/devise/controllers/resources.rb b/lib/devise/controllers/resources.rb deleted file mode 100644 index 9253d447..00000000 --- a/lib/devise/controllers/resources.rb +++ /dev/null @@ -1,32 +0,0 @@ -module Devise - module Controllers - module Resources - - def resource - instance_variable_get(:"@#{resource_name}") - end - - def resource=(new_resource) - instance_variable_set(:"@#{resource_name}", new_resource) - end - - def resource_name - devise_mapping.name - end - - def resource_class - devise_mapping.to - end - - def devise_mapping - @devise_mapping ||= Devise.find_mapping_by_path(request.path) - end - - # TODO Test me - def find_resource_class - render :status => :not_found unless devise_mapping - end - - end - end -end diff --git a/lib/devise/initializers/warden.rb b/lib/devise/initializers/warden.rb index f84e7ee0..14e81132 100644 --- a/lib/devise/initializers/warden.rb +++ b/lib/devise/initializers/warden.rb @@ -38,7 +38,7 @@ end # Default strategy for signing in a user, based on his email and password. # If no email and no password are present, no authentication is tryed. # -Warden::Strategies.add(:devise) do +Warden::Strategies.add(:authenticable) do def valid? raise "You need to give a scope for Devise authentication" unless scope @@ -54,14 +54,14 @@ Warden::Strategies.add(:devise) do if valid_session? && resource = @mapping.to.authenticate(session) success!(resource) else - redirect!("/#{@mapping.as}/session/new", :message => :unauthenticated) + redirect!("/#{@mapping.as}/session/new", :unauthenticated => true) end end # Find the session for the current mapping. # def session - @session ||= request.params[:session] + @session ||= request.params[scope] end # Check for the right keys. @@ -76,6 +76,6 @@ end # strategy and also the controller who will manage not authenticated users. # Rails.configuration.middleware.use Warden::Manager do |manager| - manager.default_strategies :devise + manager.default_strategies :authenticable manager.failure_app = SessionsController end diff --git a/lib/devise/models/authenticable.rb b/lib/devise/models/authenticable.rb index 40b0ac23..95754f30 100644 --- a/lib/devise/models/authenticable.rb +++ b/lib/devise/models/authenticable.rb @@ -1,3 +1,5 @@ +require 'digest/sha1' + module Devise module Models @@ -16,8 +18,6 @@ module Devise # User.find(1).valid_password?('password123') # returns true/false # module Authenticable - require 'digest/sha1' - mattr_accessor :pepper, :stretches # Pepper for encrypting password diff --git a/lib/devise/models/confirmable.rb b/lib/devise/models/confirmable.rb index 94fb982f..f211f5ca 100644 --- a/lib/devise/models/confirmable.rb +++ b/lib/devise/models/confirmable.rb @@ -1,3 +1,5 @@ +require 'devise/models/perishable' + module Devise module Models @@ -20,7 +22,6 @@ module Devise # User.find(1).reset_confirmation! # reset confirmation status and send instructions # module Confirmable - require 'devise/models/perishable' def self.included(base) base.class_eval do @@ -77,15 +78,6 @@ module Devise end module ClassMethods - - # Hook default authenticate to test whether the account is confirmed or not - # Returns the authenticated_user if it's confirmed, otherwise returns nil - # - def authenticate(attributes={}) - confirmable = super - confirmable if confirmable.confirmed? unless confirmable.nil? - end - # Attempt to find a user by it's email. If a record is found, send new # confirmation instructions to it. If not user is found, returns a new user # with an email not found error. diff --git a/lib/devise/models/perishable.rb b/lib/devise/models/perishable.rb index f895f533..e13330e2 100644 --- a/lib/devise/models/perishable.rb +++ b/lib/devise/models/perishable.rb @@ -18,7 +18,6 @@ module Devise def self.included(base) base.class_eval do extend ClassMethods - before_create :reset_perishable_token end end @@ -58,6 +57,7 @@ module Devise end perishable end + end end end diff --git a/lib/devise/models/recoverable.rb b/lib/devise/models/recoverable.rb index 95a0a03a..057872c5 100644 --- a/lib/devise/models/recoverable.rb +++ b/lib/devise/models/recoverable.rb @@ -1,3 +1,5 @@ +require 'devise/models/perishable' + module Devise module Models @@ -13,8 +15,6 @@ module Devise # User.find(1).send_reset_password_instructions # module Recoverable - require 'devise/models/perishable' - def self.included(base) base.class_eval do include ::Devise::Models::Perishable diff --git a/lib/devise/models/validatable.rb b/lib/devise/models/validatable.rb index 35682733..5e3946d7 100644 --- a/lib/devise/models/validatable.rb +++ b/lib/devise/models/validatable.rb @@ -8,7 +8,7 @@ module Devise # module Validatable - # Email regex used to validate email formats + # Email regex used to validate email formats. Retrieved from authlogic. # EMAIL_REGEX = /\A[\w\.%\+\-]+@(?:[A-Z0-9\-]+\.)+(?:[A-Z]{2,4}|museum|travel)\z/i diff --git a/test/integration/admins/authentication_test.rb b/test/integration/admins/authentication_test.rb deleted file mode 100644 index baf7d1e2..00000000 --- a/test/integration/admins/authentication_test.rb +++ /dev/null @@ -1,83 +0,0 @@ -require 'test/test_helper' - -class AdminsAuthenticationTest < ActionController::IntegrationTest - - test 'not signed in as admin should not be able to access admins actions' do - get admins_path - - assert_redirected_to new_admin_session_path(:message => :unauthenticated) - assert_not warden.authenticated?(:admin) - end - - test 'signed in as user should not be able to access admins actions' do - sign_in_as_user - assert warden.authenticated?(:user) - assert_not warden.authenticated?(:admin) - - get admins_path - assert_redirected_to new_admin_session_path(:message => :unauthenticated) - end - - test 'signed in as admin should be able to access admin actions successfully' do - sign_in_as_admin - assert warden.authenticated?(:admin) - assert_not warden.authenticated?(:user) - - get admins_path - - assert_response :success - assert_template 'admins/index' - assert_contain 'Welcome Admin' - end - - test 'admin signing in with invalid email should return to sign in form with error message' do - sign_in_as_admin do - fill_in 'email', :with => 'wrongemail@test.com' - end - - assert_response :success - assert_template 'sessions/new' - assert_contain 'Invalid email or password' - assert_not warden.authenticated?(:admin) - end - - test 'admin signing in with invalid pasword should return to sign in form with error message' do - sign_in_as_admin do - fill_in 'password', :with => 'abcdef' - end - - assert_response :success - assert_template 'sessions/new' - assert_contain 'Invalid email or password' - assert_not warden.authenticated?(:admin) - end - - # TODO This test should not pass - test 'not confirmed admin should not be able to login' do - sign_in_as_admin(:confirm => false) - - assert_contain 'Invalid email or password' - assert_not warden.authenticated?(:admin) - end - - test 'already confirmed admin should be able to sign in successfully' do - sign_in_as_admin - - assert_response :success - assert_template 'home/index' - assert_contain 'Signed in successfully' - assert_not_contain 'Sign In' - assert warden.authenticated?(:admin) - assert_not warden.authenticated?(:user) - end - - test 'authenticated admin should be able to sign out' do - sign_in_as_admin - assert warden.authenticated?(:admin) - - delete admin_session_path - assert_response :redirect - assert_redirected_to root_path - assert_not warden.authenticated?(:admin) - end -end diff --git a/test/integration/admins/confirmation_test.rb b/test/integration/admins/confirmation_test.rb deleted file mode 100644 index 5501eeca..00000000 --- a/test/integration/admins/confirmation_test.rb +++ /dev/null @@ -1,49 +0,0 @@ -require 'test/test_helper' - -class AdminsConfirmationTest < ActionController::IntegrationTest - - test 'admin should be able to request a new confirmation' do - admin = create_admin - ActionMailer::Base.deliveries.clear - - visit new_admin_session_path - click_link 'Didn\'t receive confirmation instructions?' - - fill_in 'email', :with => admin.email - click_button 'Resend confirmation instructions' - - assert_template 'sessions/new' - assert_contain 'You will receive an email with instructions about how to confirm your account in a few minutes' - assert_equal 1, ActionMailer::Base.deliveries.size - end - - test 'admin with invalid perishable token should not be able to confirm an account' do - visit user_confirmation_path(:perishable_token => 'invalid_perishable') - - assert_response :success - assert_template 'confirmations/new' - assert_have_selector '#errorExplanation' - assert_contain 'invalid confirmation' - end - - test 'admin with valid perishable token should be able to confirm an account' do - admin = create_admin(:confirm => false) - assert_not admin.confirmed? - - visit admin_confirmation_path(:perishable_token => admin.perishable_token) - - assert_template 'sessions/new' - assert_contain 'Your account was successfully confirmed!' - - assert admin.reload.confirmed? - end - - test 'admin already confirmed user should not be able to confirm the account again' do - admin = create_admin - visit admin_confirmation_path(:perishable_token => admin.perishable_token) - - assert_template 'confirmations/new' - assert_have_selector '#errorExplanation' - assert_contain 'already confirmed' - end -end diff --git a/test/integration/admins/password_recovery_test.rb b/test/integration/admins/password_recovery_test.rb deleted file mode 100644 index 079f3257..00000000 --- a/test/integration/admins/password_recovery_test.rb +++ /dev/null @@ -1,104 +0,0 @@ -require 'test/test_helper' - -class AdminsPasswordRecoveryTest < ActionController::IntegrationTest - - def visit_new_password_path - visit new_admin_session_path - click_link 'Forgot password?' - end - - def request_forgot_password(&block) - visit_new_password_path - - assert_response :success - assert_template 'passwords/new' - assert_not warden.authenticated?(:admin) - - fill_in 'email', :with => 'admin@test.com' - yield if block_given? - click_button 'Send me reset password instructions' - end - - def reset_password(options={}, &block) - visit edit_admin_password_path(:perishable_token => options[:perishable_token]) - assert_response :success - assert_template 'passwords/edit' - - fill_in 'Password', :with => '987654321' - fill_in 'Password confirmation', :with => '987654321' - yield if block_given? - click_button 'Change my password' - end - - test 'authenticated admin should not be able to visit forgot password page' do - sign_in_as_admin - assert warden.authenticated?(:admin) - - get new_admin_password_path - - assert_response :redirect - assert_redirected_to root_path - end - - test 'not authenticated admin should be able to request a forgot password' do - create_admin - request_forgot_password - - assert_template 'sessions/new' - assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.' - end - - test 'not authenticated admin with invalid email should receive an error message' do - request_forgot_password do - fill_in 'email', :with => 'invalid.test@test.com' - end - - assert_response :success - assert_template 'passwords/new' - assert_have_selector 'input[type=text][value=\'invalid.test@test.com\']' - assert_contain 'Email not found' - end - - test 'authenticated admin should not be able to visit edit password page' do - sign_in_as_admin - - get edit_admin_password_path - - assert_response :redirect - assert_redirected_to root_path - assert warden.authenticated?(:admin) - end - - test 'not authenticated admin with invalid perishable token should not be able to change his password' do - admin = create_admin - reset_password :perishable_token => 'invalid_perishable' - - assert_response :success - assert_template 'passwords/edit' - assert_have_selector '#errorExplanation' - assert_contain 'invalid confirmation' - assert_not admin.reload.valid_password?('987654321') - end - - test 'not authenticated admin with valid perisable token but invalid password should not be able to change his password' do - admin = create_admin - reset_password :perishable_token => admin.perishable_token do - fill_in 'Password confirmation', :with => 'other_password' - end - - assert_response :success - assert_template 'passwords/edit' - assert_have_selector '#errorExplanation' - assert_contain 'Password doesn\'t match confirmation' - assert_not admin.reload.valid_password?('987654321') - end - - test 'not authenticated admin with valid data should be able to change his password' do - admin = create_admin - reset_password :perishable_token => admin.perishable_token - - assert_template 'sessions/new' - assert_contain 'Your password was changed successfully.' - assert admin.reload.valid_password?('987654321') - end -end diff --git a/test/integration/authentication_test.rb b/test/integration/authentication_test.rb deleted file mode 100644 index 39fad50b..00000000 --- a/test/integration/authentication_test.rb +++ /dev/null @@ -1,50 +0,0 @@ -require 'test/test_helper' - -class AuthenticationTest < ActionController::IntegrationTest - - test 'home should be accessible without signed in admins' do - visit '/' - assert_response :success - assert_template 'home/index' - end - - test 'sign in as user should not authenticate admin scope' do - sign_in_as_user - - assert warden.authenticated?(:user) - assert_not warden.authenticated?(:admin) - end - - test 'sign in as admin should not authenticate user scope' do - sign_in_as_admin - - assert warden.authenticated?(:admin) - assert_not warden.authenticated?(:user) - end - - test 'sign in as both user and admin at same time' do - sign_in_as_user - sign_in_as_admin - - assert warden.authenticated?(:user) - assert warden.authenticated?(:admin) - end - - test 'sign out as user should not touch admin authentication' do - sign_in_as_user - sign_in_as_admin - - delete user_session_path - assert_not warden.authenticated?(:user) - assert warden.authenticated?(:admin) - end - - test 'sign out as admin should not touch user authentication' do - sign_in_as_user - sign_in_as_admin - - delete admin_session_path - assert_not warden.authenticated?(:admin) - assert warden.authenticated?(:user) - end -end diff --git a/test/integration/users/confirmation_test.rb b/test/integration/users/confirmation_test.rb deleted file mode 100644 index a09e1996..00000000 --- a/test/integration/users/confirmation_test.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'test/test_helper' - -class UsersConfirmationTest < ActionController::IntegrationTest - - test 'user should be able to request a new confirmation' do - user = create_user - ActionMailer::Base.deliveries.clear - - visit new_user_session_path - click_link 'Didn\'t receive confirmation instructions?' - - fill_in 'email', :with => user.email - click_button 'Resend confirmation instructions' - -# assert_response :redirect -# assert_redirected_to root_path - assert_template 'sessions/new' - assert_contain 'You will receive an email with instructions about how to confirm your account in a few minutes' - assert_equal 1, ActionMailer::Base.deliveries.size - end - - test 'user with invalid perishable token should not be able to confirm an account' do - visit user_confirmation_path(:perishable_token => 'invalid_perishable') - - assert_response :success - assert_template 'confirmations/new' - assert_have_selector '#errorExplanation' - assert_contain 'invalid confirmation' - end - - test 'user with valid perishable token should be able to confirm an account' do - user = create_user(:confirm => false) - assert_not user.confirmed? - - visit user_confirmation_path(:perishable_token => user.perishable_token) - -# assert_response :redirect - assert_template 'sessions/new' - assert_contain 'Your account was successfully confirmed!' - - assert user.reload.confirmed? - end - - test 'user already confirmed user should not be able to confirm the account again' do - user = create_user - visit user_confirmation_path(:perishable_token => user.perishable_token) - - assert_template 'confirmations/new' - assert_have_selector '#errorExplanation' - assert_contain 'already confirmed' - end -end diff --git a/test/integration/users/password_recovery_test.rb b/test/integration/users/password_recovery_test.rb deleted file mode 100644 index 78ccb8e9..00000000 --- a/test/integration/users/password_recovery_test.rb +++ /dev/null @@ -1,107 +0,0 @@ -require 'test/test_helper' - -class UsersPasswordRecoveryTest < ActionController::IntegrationTest - - def visit_new_password_path - visit new_user_session_path - click_link 'Forgot password?' - end - - def request_forgot_password(&block) - visit_new_password_path - - assert_response :success - assert_template 'passwords/new' - assert_not warden.authenticated?(:user) - - fill_in 'email', :with => 'user@test.com' - yield if block_given? - click_button 'Send me reset password instructions' - end - - def reset_password(options={}, &block) - visit edit_user_password_path(:perishable_token => options[:perishable_token]) - assert_response :success - assert_template 'passwords/edit' - - fill_in 'Password', :with => '987654321' - fill_in 'Password confirmation', :with => '987654321' - yield if block_given? - click_button 'Change my password' - end - - test 'authenticated user should not be able to visit forgot password page' do - sign_in_as_user - assert warden.authenticated?(:user) - - get new_user_password_path - - assert_response :redirect - assert_redirected_to root_path - end - - test 'not authenticated user should be able to request a forgot password' do - create_user - request_forgot_password - - assert_template 'sessions/new' - # TODO: what's going on with webrat? It's not detecting redirects -# assert_response :redirect -# assert_redirected_to new_session_path - assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.' - end - - test 'not authenticated user with invalid email should receive an error message' do - request_forgot_password do - fill_in 'email', :with => 'invalid.test@test.com' - end - - assert_response :success - assert_template 'passwords/new' - assert_have_selector 'input[type=text][value=\'invalid.test@test.com\']' - assert_contain 'Email not found' - end - - test 'authenticated user should not be able to visit edit password page' do - sign_in_as_user - - get edit_user_password_path - - assert_response :redirect - assert_redirected_to root_path - assert warden.authenticated?(:user) - end - - test 'not authenticated user with invalid perishable token should not be able to change his password' do - user = create_user - reset_password :perishable_token => 'invalid_perishable' - - assert_response :success - assert_template 'passwords/edit' - assert_have_selector '#errorExplanation' - assert_contain 'invalid confirmation' - assert_not user.reload.valid_password?('987654321') - end - - test 'not authenticated user with valid perisable token but invalid password should not be able to change his password' do - user = create_user - reset_password :perishable_token => user.perishable_token do - fill_in 'Password confirmation', :with => 'other_password' - end - - assert_response :success - assert_template 'passwords/edit' - assert_have_selector '#errorExplanation' - assert_contain 'Password doesn\'t match confirmation' - assert_not user.reload.valid_password?('987654321') - end - - test 'not authenticated user with valid data should be able to change his password' do - user = create_user - reset_password :perishable_token => user.perishable_token - - assert_template 'sessions/new' - assert_contain 'Your password was changed successfully.' - assert user.reload.valid_password?('987654321') - end -end diff --git a/test/map_test.rb b/test/map_test.rb deleted file mode 100644 index 200aff0b..00000000 --- a/test/map_test.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'test/test_helper' - -class Participant < User; end -class Organizer < User; end - -class MapTest < ActiveSupport::TestCase - - def setup - @mappings = Devise.mappings - Devise.mappings = {} - end - - def teardown - Devise.mappings = @mappings - end - - test 'store options' do - Devise.map :participant, :to => Participant, :for => :authenticable - - mappings = Devise.mappings - assert_not mappings.empty? - - assert_equal Participant, mappings[:participant].to - assert_equal [:authenticable], mappings[:participant].for - assert_equal :participants, mappings[:participant].as - end - - test 'require :for option' do - assert_raise ArgumentError do - Devise.map :participant, :to => Participant - end - end - - test 'assert valid keys in options' do - assert_raise ArgumentError do - Devise.map :participant, :to => Participant, :for => [:authenticable], :other => 123 - end - end - - test 'use map name pluralized to :as option if none is given' do - Devise.map :participant, :for => [:authenticable] - assert_equal :participants, Devise.mappings[:participant].as - end -end diff --git a/test/models/confirmable_test.rb b/test/models/confirmable_test.rb index a62a306b..0f9d8c45 100644 --- a/test/models/confirmable_test.rb +++ b/test/models/confirmable_test.rb @@ -61,12 +61,6 @@ class ConfirmableTest < ActiveSupport::TestCase assert confirmed_user.errors[:email] end - test 'should not authenticate a user not confirmed' do - user = create_user - authenticated_user = User.authenticate(:email => user.email, :password => user.password) - assert_nil authenticated_user - end - test 'should authenticate a confirmed user' do user = create_user user.confirm! diff --git a/test/rails_app/config/initializers/devise.rb b/test/rails_app/config/initializers/devise.rb index 9b237014..5e17f135 100644 --- a/test/rails_app/config/initializers/devise.rb +++ b/test/rails_app/config/initializers/devise.rb @@ -1,2 +1,2 @@ -Devise.map :user, :for => [:authenticable, :recoverable, :confirmable, :validatable] +Devise.map :user, :for => [:authenticable, :confirmable, :validatable] Devise.map :admin, :for => [:authenticable, :recoverable, :confirmable, :validatable], :as => 'admin_area' diff --git a/test/routes/confirmation_routing_test.rb b/test/routes/confirmation_routing_test.rb deleted file mode 100644 index e00d8bd9..00000000 --- a/test/routes/confirmation_routing_test.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'test/test_helper' - -class ConfirmationRoutingTest < ActionController::TestCase - - test 'new user session route' do - assert_recognizes({:controller => 'confirmations', :action => 'new'}, 'users/confirmation/new') - end - - test 'create user confirmation route' do - assert_recognizes({:controller => 'confirmations', :action => 'create'}, {:path => 'users/confirmation', :method => :post}) - end - - test 'show user confirmation route' do - assert_recognizes({:controller => 'confirmations', :action => 'show'}, 'users/confirmation') - end - - test 'new admin session route' do - assert_recognizes({:controller => 'confirmations', :action => 'new'}, 'admin_area/confirmation/new') - end - - test 'create admin confirmation route' do - assert_recognizes({:controller => 'confirmations', :action => 'create'}, {:path => 'admin_area/confirmation', :method => :post}) - end - - test 'show admin confirmation route' do - assert_recognizes({:controller => 'confirmations', :action => 'show'}, 'admin_area/confirmation') - end -end diff --git a/test/routes/map_routing_test.rb b/test/routes/map_routing_test.rb deleted file mode 100644 index 819faa16..00000000 --- a/test/routes/map_routing_test.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'test/test_helper' - -class MapRoutingTest < ActionController::TestCase - - test 'map devise user session' do - assert_recognizes({:controller => 'sessions', :action => 'new'}, 'users/session/new') - end - - test 'map devise user confirmation' do - assert_recognizes({:controller => 'confirmations', :action => 'new'}, 'users/confirmation/new') - end - - test 'map devise user password' do - assert_recognizes({:controller => 'passwords', :action => 'new'}, 'users/password/new') - end - - test 'map devise admin session with :as option' do - assert_recognizes({:controller => 'sessions', :action => 'new'}, 'admin_area/session/new') - end - - test 'map devise admin confirmation with :as option' do - assert_recognizes({:controller => 'confirmations', :action => 'new'}, 'admin_area/confirmation/new') - end - - test 'map devise admin password with :as option' do - assert_recognizes({:controller => 'passwords', :action => 'new'}, 'admin_area/password/new') - end -end diff --git a/test/routes/password_routing_test.rb b/test/routes/password_routing_test.rb deleted file mode 100644 index e96443d6..00000000 --- a/test/routes/password_routing_test.rb +++ /dev/null @@ -1,36 +0,0 @@ -require 'test/test_helper' - -class PasswordRoutingTest < ActionController::TestCase - - test 'new user password route' do - assert_recognizes({:controller => 'passwords', :action => 'new'}, 'users/password/new') - end - - test 'create user password route' do - assert_recognizes({:controller => 'passwords', :action => 'create'}, {:path => 'users/password', :method => :post}) - end - - test 'edit user password route' do - assert_recognizes({:controller => 'passwords', :action => 'edit'}, 'users/password/edit') - end - - test 'update user password route' do - assert_recognizes({:controller => 'passwords', :action => 'update'}, {:path => 'users/password', :method => :put}) - end - - test 'new admin password route' do - assert_recognizes({:controller => 'passwords', :action => 'new'}, 'admin_area/password/new') - end - - test 'create admin password route' do - assert_recognizes({:controller => 'passwords', :action => 'create'}, {:path => 'admin_area/password', :method => :post}) - end - - test 'edit admin password route' do - assert_recognizes({:controller => 'passwords', :action => 'edit'}, 'admin_area/password/edit') - end - - test 'update admin password route' do - assert_recognizes({:controller => 'passwords', :action => 'update'}, {:path => 'admin_area/password', :method => :put}) - end -end diff --git a/test/routes/session_routing_test.rb b/test/routes/session_routing_test.rb deleted file mode 100644 index e1359ee3..00000000 --- a/test/routes/session_routing_test.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'test/test_helper' - -class SessionRoutingTest < ActionController::TestCase - - test 'new user session route' do - assert_recognizes({:controller => 'sessions', :action => 'new'}, 'users/session/new') - end - - test 'create user session route' do - assert_recognizes({:controller => 'sessions', :action => 'create'}, {:path => 'users/session', :method => :post}) - end - - test 'destroy user session route' do - assert_recognizes({:controller => 'sessions', :action => 'destroy'}, {:path => 'users/session', :method => :delete}) - end - - test 'new admin session route' do - assert_recognizes({:controller => 'sessions', :action => 'new'}, 'admin_area/session/new') - end - - test 'create admin session route' do - assert_recognizes({:controller => 'sessions', :action => 'create'}, {:path => 'admin_area/session', :method => :post}) - end - - test 'destroy admin session route' do - assert_recognizes({:controller => 'sessions', :action => 'destroy'}, {:path => 'admin_area/session', :method => :delete}) - end -end