mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
Kick tests back to life.
This commit is contained in:
parent
b012bc800b
commit
3c5bfc9520
31 changed files with 100 additions and 814 deletions
|
@ -1,5 +1,5 @@
|
|||
class ConfirmationsController < ApplicationController
|
||||
before_filter :find_resource_class
|
||||
before_filter :is_devise_resource?
|
||||
|
||||
# GET /confirmation/new
|
||||
#
|
||||
|
@ -10,8 +10,9 @@ class ConfirmationsController < ApplicationController
|
|||
#
|
||||
def create
|
||||
self.resource = resource_class.send_confirmation_instructions(params[resource_name])
|
||||
|
||||
if resource.errors.empty?
|
||||
flash[:success] = I18n.t(:send_instructions, :scope => [:devise, :confirmations], :default => 'You will receive an email with instructions about how to confirm your account in a few minutes.')
|
||||
set_flash_message :success, :send_instructions
|
||||
redirect_to new_session_path(resource_name)
|
||||
else
|
||||
render :new
|
||||
|
@ -22,8 +23,9 @@ class ConfirmationsController < ApplicationController
|
|||
#
|
||||
def show
|
||||
self.resource = resource_class.confirm!(:perishable_token => params[:perishable_token])
|
||||
|
||||
if resource.errors.empty?
|
||||
flash[:success] = I18n.t(:confirm, :scope => [:devise, :confirmations], :default => 'Your account was successfully confirmed!')
|
||||
set_flash_message :success, :confirmed
|
||||
redirect_to new_session_path(resource_name)
|
||||
else
|
||||
render :new
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
class PasswordsController < ApplicationController
|
||||
before_filter :find_resource_class, :require_no_authentication
|
||||
before_filter :is_devise_resource?, :require_no_authentication
|
||||
|
||||
# GET /password/new
|
||||
#
|
||||
|
@ -10,8 +10,9 @@ class PasswordsController < ApplicationController
|
|||
#
|
||||
def create
|
||||
self.resource = resource_class.send_reset_password_instructions(params[resource_name])
|
||||
|
||||
if resource.errors.empty?
|
||||
flash[:success] = I18n.t(:send_instructions, :scope => [:devise, :passwords], :default => 'You will receive an email with instructions about how to reset your password in a few minutes.')
|
||||
set_flash_message :success, :send_instructions
|
||||
redirect_to new_session_path(resource_name)
|
||||
else
|
||||
render :new
|
||||
|
@ -30,7 +31,7 @@ class PasswordsController < ApplicationController
|
|||
def update
|
||||
self.resource = resource_class.reset_password!(params[resource_name])
|
||||
if resource.errors.empty?
|
||||
flash[:success] = I18n.t(:update, :scope => [:devise, :passwords], :default => 'Your password was changed successfully.')
|
||||
set_flash_message :success, :updated
|
||||
redirect_to new_session_path(resource_name)
|
||||
else
|
||||
render :edit
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
class SessionsController < ApplicationController
|
||||
before_filter :find_resource_class
|
||||
before_filter :is_devise_resource?
|
||||
before_filter :require_no_authentication, :only => [ :new, :create ]
|
||||
|
||||
# GET /session/sign_in
|
||||
# TODO Test me
|
||||
def new
|
||||
set_flash_message :failure, params[:message].to_sym, true if params[:message]
|
||||
unauthenticated! if params[:unauthenticated]
|
||||
end
|
||||
|
||||
# POST /session/sign_in
|
||||
|
@ -13,7 +13,7 @@ class SessionsController < ApplicationController
|
|||
set_flash_message :success, :signed_in
|
||||
redirect_to root_path
|
||||
else
|
||||
set_flash_message :failure, :unauthenticated, true
|
||||
unauthenticated!
|
||||
render :new
|
||||
end
|
||||
end
|
||||
|
@ -21,9 +21,15 @@ class SessionsController < ApplicationController
|
|||
# GET /session/sign_out
|
||||
# DELETE /session/sign_out
|
||||
def destroy
|
||||
set_flash_message :success, :signed_out if authenticated?(resource_name)
|
||||
logout(resource_name)
|
||||
# TODO Do not show me unless logged in
|
||||
set_flash_message :success, :signed_out
|
||||
redirect_to root_path
|
||||
end
|
||||
|
||||
protected
|
||||
|
||||
def unauthenticated!
|
||||
flash.now[:failure] = I18n.t(:"#{resource_name}.unauthenticated",
|
||||
:scope => [:devise, :sessions], :default => :unauthenticated)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
<h2>Sign in</h2>
|
||||
|
||||
<% form_for :session, :url => session_path(resource_name) do |f| -%>
|
||||
<% form_for resource_name, :url => session_path(resource_name) do |f| -%>
|
||||
<p><%= f.label :email %></p>
|
||||
<p><%= f.text_field :email %></p>
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ en:
|
|||
unauthenticated: 'Invalid email or password.'
|
||||
passwords:
|
||||
send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
|
||||
update: 'Your password was changed successfully.'
|
||||
updated: 'Your password was changed successfully.'
|
||||
confirmations:
|
||||
send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.'
|
||||
confirmed: 'Your account was successfully confirmed!'
|
||||
|
|
|
@ -6,56 +6,18 @@ rescue
|
|||
end
|
||||
|
||||
require 'devise/initializers/warden'
|
||||
|
||||
module Devise
|
||||
class Mapping
|
||||
attr_reader :name, :as, :for
|
||||
|
||||
def initialize(name, options)
|
||||
@name = name
|
||||
@for = Array(options[:for])
|
||||
@klass = (options[:to] || name.to_s.classify).to_s
|
||||
@as = (options[:as] || name.to_s.pluralize).to_sym
|
||||
end
|
||||
|
||||
# Reload mapped class each time when cache_classes is false.
|
||||
#
|
||||
def to
|
||||
return @to if @to
|
||||
klass = @klass.constantize
|
||||
@to = klass if Rails.configuration.cache_classes
|
||||
klass
|
||||
end
|
||||
end
|
||||
|
||||
mattr_accessor :mappings
|
||||
self.mappings = {}
|
||||
|
||||
def self.map(mapping, options={})
|
||||
raise ArgumentError, "Need to provide :for option for Devise.map" unless options.key?(:for)
|
||||
options.assert_valid_keys(:to, :for, :as)
|
||||
self.mappings[mapping] = Mapping.new(mapping, options)
|
||||
end
|
||||
|
||||
# TODO Test me
|
||||
def self.find_mapping_by_path(path)
|
||||
route = path.split("/")[1]
|
||||
return nil unless route
|
||||
|
||||
route = route.to_sym
|
||||
mappings.each do |key, map|
|
||||
return map if map.as == route.to_sym
|
||||
end
|
||||
nil
|
||||
end
|
||||
end
|
||||
require 'devise/mapping'
|
||||
|
||||
# Ensure to include Devise modules only after Rails initialization.
|
||||
# This way application should have already defined Devise mappings and we are
|
||||
# able to create default filters.
|
||||
#
|
||||
Rails.configuration.after_initialize do
|
||||
ActiveRecord::Base.send :extend, Devise::ActiveRecord
|
||||
ActionController::Base.send :include, Devise::ActionController
|
||||
ActionView::Base.send :include, Devise::ActionView
|
||||
ActiveRecord::Base.extend Devise::ActiveRecord
|
||||
|
||||
ActionController::Base.send :include, Devise::Controllers::Filters
|
||||
ActionController::Base.send :include, Devise::Controllers::Helpers
|
||||
ActionController::Base.send :include, Devise::Controllers::UrlHelpers
|
||||
|
||||
ActionView::Base.send :include, Devise::Controllers::UrlHelpers
|
||||
end
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
module Devise
|
||||
module ActionController
|
||||
|
||||
def self.included(base)
|
||||
base.class_eval do
|
||||
include Devise::Controllers::Authenticable
|
||||
include Devise::Controllers::Resources
|
||||
include Devise::Controllers::UrlHelpers
|
||||
include Devise::Controllers::Filters
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,11 +0,0 @@
|
|||
module Devise
|
||||
module ActionView
|
||||
|
||||
def self.included(base)
|
||||
base.class_eval do
|
||||
include Devise::Controllers::Resources
|
||||
include Devise::Controllers::UrlHelpers
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,25 +1,32 @@
|
|||
module Devise
|
||||
module ActiveRecord
|
||||
# Shortcut method for including all devise modules inside your User class
|
||||
#
|
||||
# Examples:
|
||||
#
|
||||
# # include only authenticable module (default)
|
||||
# devise
|
||||
#
|
||||
# # include authenticable + confirmable modules
|
||||
# devise :confirmable
|
||||
#
|
||||
# # include authenticable + recoverable modules
|
||||
# devise :recoverable
|
||||
#
|
||||
# # include authenticable + validatable modules
|
||||
# devise :validatable
|
||||
#
|
||||
# # include all modules
|
||||
# devise :confirmable, :recoverable, :validatable
|
||||
#
|
||||
# # shortcut to include all modules (same as above)
|
||||
# devise :all
|
||||
#
|
||||
def devise(*options)
|
||||
include Devise::Models::Authenticable
|
||||
include Devise::Models::Confirmable if [:all, :confirmable].any?{|o| options.include?(o) }
|
||||
include Devise::Models::Recoverable if [:all, :recoverable].any?{|o| options.include?(o) }
|
||||
include Devise::Models::Validatable if [:all, :validatable].any?{|o| options.include?(o) }
|
||||
include Devise::Models::Confirmable unless ([:all, :confirmable] & options).empty?
|
||||
include Devise::Models::Recoverable unless ([:all, :recoverable] & options).empty?
|
||||
include Devise::Models::Validatable unless ([:all, :validatable] & options).empty?
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,51 +0,0 @@
|
|||
module Devise
|
||||
module Controllers
|
||||
|
||||
# Some helpers taken from RailsWarden.
|
||||
module Authenticable
|
||||
|
||||
def self.included(base)
|
||||
base.class_eval do
|
||||
helper_method :warden, :current_user, :signed_in?
|
||||
end
|
||||
end
|
||||
|
||||
# The main accessor for the warden proxy instance
|
||||
#
|
||||
def warden
|
||||
request.env['warden']
|
||||
end
|
||||
|
||||
# Proxy to the authenticated? method on warden
|
||||
#
|
||||
def authenticated?(scope=:default)
|
||||
warden.authenticated?(scope.to_sym)
|
||||
end
|
||||
alias_method :signed_in?, :authenticated?
|
||||
|
||||
# Access the currently logged in user based on the scope
|
||||
#
|
||||
def current_user(scope=resource_name)
|
||||
warden.user(scope)
|
||||
end
|
||||
|
||||
def current_user=(user)
|
||||
warden.set_user(user, :scope => resource_name)
|
||||
end
|
||||
|
||||
# Logout the current user based on scope
|
||||
# TODO Test me
|
||||
#
|
||||
def logout(*args)
|
||||
warden.raw_session.inspect # Without this inspect here. The session does not clear :|
|
||||
warden.logout(*args)
|
||||
end
|
||||
|
||||
# TODO Test me
|
||||
def set_flash_message(key, kind, now=false)
|
||||
hash = now ? flash.now : flash
|
||||
hash[key] = I18n.t(:"#{resource_name}.#{kind}", :scope => [:devise, controller_name.to_sym], :default => kind)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -4,41 +4,79 @@ module Devise
|
|||
|
||||
protected
|
||||
|
||||
# The main accessor for the warden proxy instance
|
||||
#
|
||||
def warden
|
||||
request.env['warden']
|
||||
end
|
||||
|
||||
# Check if a user is authenticated or not performing the proper action.
|
||||
#
|
||||
def authenticate!(scope)
|
||||
warden.authenticate!(:scope => scope)
|
||||
end
|
||||
|
||||
# Proxy to the authenticated? method on warden
|
||||
#
|
||||
def authenticated?(scope)
|
||||
warden.authenticated?(scope)
|
||||
end
|
||||
alias :signed_in? :authenticated?
|
||||
|
||||
# Logout based on scope
|
||||
#
|
||||
def logout(scope, *args)
|
||||
warden.raw_session.inspect # Without this inspect here. The session does not clear.
|
||||
warden.logout(scope, *args)
|
||||
end
|
||||
|
||||
# Define authentication filters based on mappings. These filters should be
|
||||
# used inside the controllers as before_filters, so you can control the
|
||||
# scope of the user who should be signed in to access that specific
|
||||
# controller/action.
|
||||
#
|
||||
# Example:
|
||||
#
|
||||
# Maps:
|
||||
# Devise.map :users, :for => [:authenticable]
|
||||
# Devise.map :admin, :for => [:authenticable]
|
||||
#
|
||||
# Generated Filters:
|
||||
# user_authenticate!
|
||||
# admin_authenticate!
|
||||
#
|
||||
# Use:
|
||||
# before_filter :user_authenticate! # Tell devise to use :user map
|
||||
# before_filter :admin_authenticate! # Tell devise to use :admin map
|
||||
#
|
||||
Devise.mappings.each_key do |mapping|
|
||||
class_eval <<-METHOD
|
||||
class_eval <<-METHODS, __FILE__, __LINE__
|
||||
def #{mapping}_authenticate!
|
||||
warden.authenticate!(:devise, :scope => :#{mapping})
|
||||
warden.authenticate!(:scope => :#{mapping})
|
||||
end
|
||||
METHOD
|
||||
|
||||
def #{mapping}_authenticated?
|
||||
warden.authenticated?(:#{mapping})
|
||||
end
|
||||
|
||||
def current_#{mapping}
|
||||
@current_#{mapping} ||= warden.user(:#{mapping})
|
||||
end
|
||||
METHODS
|
||||
end
|
||||
|
||||
# Helper for use in before_filters where no authentication is required.
|
||||
# Please note that all scopes will be tested within this filter, and if
|
||||
# one of then is authenticated the filter will redirect.
|
||||
#
|
||||
# Example:
|
||||
# before_filter :require_no_authentication, :only => :new
|
||||
#
|
||||
def require_no_authentication
|
||||
Devise.mappings.each_key do |map|
|
||||
redirect_to root_path if authenticated?(map)
|
||||
redirect_to root_path if warden.authenticated?(resource_name)
|
||||
end
|
||||
|
||||
# TODO Test me
|
||||
def is_devise_resource?
|
||||
render :status => :not_found unless devise_mapping && devise_mapping.allows?(controller_name)
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -1,32 +0,0 @@
|
|||
module Devise
|
||||
module Controllers
|
||||
module Resources
|
||||
|
||||
def resource
|
||||
instance_variable_get(:"@#{resource_name}")
|
||||
end
|
||||
|
||||
def resource=(new_resource)
|
||||
instance_variable_set(:"@#{resource_name}", new_resource)
|
||||
end
|
||||
|
||||
def resource_name
|
||||
devise_mapping.name
|
||||
end
|
||||
|
||||
def resource_class
|
||||
devise_mapping.to
|
||||
end
|
||||
|
||||
def devise_mapping
|
||||
@devise_mapping ||= Devise.find_mapping_by_path(request.path)
|
||||
end
|
||||
|
||||
# TODO Test me
|
||||
def find_resource_class
|
||||
render :status => :not_found unless devise_mapping
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
end
|
|
@ -38,7 +38,7 @@ end
|
|||
# Default strategy for signing in a user, based on his email and password.
|
||||
# If no email and no password are present, no authentication is tryed.
|
||||
#
|
||||
Warden::Strategies.add(:devise) do
|
||||
Warden::Strategies.add(:authenticable) do
|
||||
|
||||
def valid?
|
||||
raise "You need to give a scope for Devise authentication" unless scope
|
||||
|
@ -54,14 +54,14 @@ Warden::Strategies.add(:devise) do
|
|||
if valid_session? && resource = @mapping.to.authenticate(session)
|
||||
success!(resource)
|
||||
else
|
||||
redirect!("/#{@mapping.as}/session/new", :message => :unauthenticated)
|
||||
redirect!("/#{@mapping.as}/session/new", :unauthenticated => true)
|
||||
end
|
||||
end
|
||||
|
||||
# Find the session for the current mapping.
|
||||
#
|
||||
def session
|
||||
@session ||= request.params[:session]
|
||||
@session ||= request.params[scope]
|
||||
end
|
||||
|
||||
# Check for the right keys.
|
||||
|
@ -76,6 +76,6 @@ end
|
|||
# strategy and also the controller who will manage not authenticated users.
|
||||
#
|
||||
Rails.configuration.middleware.use Warden::Manager do |manager|
|
||||
manager.default_strategies :devise
|
||||
manager.default_strategies :authenticable
|
||||
manager.failure_app = SessionsController
|
||||
end
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
require 'digest/sha1'
|
||||
|
||||
module Devise
|
||||
module Models
|
||||
|
||||
|
@ -16,8 +18,6 @@ module Devise
|
|||
# User.find(1).valid_password?('password123') # returns true/false
|
||||
#
|
||||
module Authenticable
|
||||
require 'digest/sha1'
|
||||
|
||||
mattr_accessor :pepper, :stretches
|
||||
|
||||
# Pepper for encrypting password
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
require 'devise/models/perishable'
|
||||
|
||||
module Devise
|
||||
module Models
|
||||
|
||||
|
@ -20,7 +22,6 @@ module Devise
|
|||
# User.find(1).reset_confirmation! # reset confirmation status and send instructions
|
||||
#
|
||||
module Confirmable
|
||||
require 'devise/models/perishable'
|
||||
|
||||
def self.included(base)
|
||||
base.class_eval do
|
||||
|
@ -77,15 +78,6 @@ module Devise
|
|||
end
|
||||
|
||||
module ClassMethods
|
||||
|
||||
# Hook default authenticate to test whether the account is confirmed or not
|
||||
# Returns the authenticated_user if it's confirmed, otherwise returns nil
|
||||
#
|
||||
def authenticate(attributes={})
|
||||
confirmable = super
|
||||
confirmable if confirmable.confirmed? unless confirmable.nil?
|
||||
end
|
||||
|
||||
# Attempt to find a user by it's email. If a record is found, send new
|
||||
# confirmation instructions to it. If not user is found, returns a new user
|
||||
# with an email not found error.
|
||||
|
|
|
@ -18,7 +18,6 @@ module Devise
|
|||
def self.included(base)
|
||||
base.class_eval do
|
||||
extend ClassMethods
|
||||
|
||||
before_create :reset_perishable_token
|
||||
end
|
||||
end
|
||||
|
@ -58,6 +57,7 @@ module Devise
|
|||
end
|
||||
perishable
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
require 'devise/models/perishable'
|
||||
|
||||
module Devise
|
||||
module Models
|
||||
|
||||
|
@ -13,8 +15,6 @@ module Devise
|
|||
# User.find(1).send_reset_password_instructions
|
||||
#
|
||||
module Recoverable
|
||||
require 'devise/models/perishable'
|
||||
|
||||
def self.included(base)
|
||||
base.class_eval do
|
||||
include ::Devise::Models::Perishable
|
||||
|
|
|
@ -8,7 +8,7 @@ module Devise
|
|||
#
|
||||
module Validatable
|
||||
|
||||
# Email regex used to validate email formats
|
||||
# Email regex used to validate email formats. Retrieved from authlogic.
|
||||
#
|
||||
EMAIL_REGEX = /\A[\w\.%\+\-]+@(?:[A-Z0-9\-]+\.)+(?:[A-Z]{2,4}|museum|travel)\z/i
|
||||
|
||||
|
|
|
@ -1,83 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class AdminsAuthenticationTest < ActionController::IntegrationTest
|
||||
|
||||
test 'not signed in as admin should not be able to access admins actions' do
|
||||
get admins_path
|
||||
|
||||
assert_redirected_to new_admin_session_path(:message => :unauthenticated)
|
||||
assert_not warden.authenticated?(:admin)
|
||||
end
|
||||
|
||||
test 'signed in as user should not be able to access admins actions' do
|
||||
sign_in_as_user
|
||||
assert warden.authenticated?(:user)
|
||||
assert_not warden.authenticated?(:admin)
|
||||
|
||||
get admins_path
|
||||
assert_redirected_to new_admin_session_path(:message => :unauthenticated)
|
||||
end
|
||||
|
||||
test 'signed in as admin should be able to access admin actions successfully' do
|
||||
sign_in_as_admin
|
||||
assert warden.authenticated?(:admin)
|
||||
assert_not warden.authenticated?(:user)
|
||||
|
||||
get admins_path
|
||||
|
||||
assert_response :success
|
||||
assert_template 'admins/index'
|
||||
assert_contain 'Welcome Admin'
|
||||
end
|
||||
|
||||
test 'admin signing in with invalid email should return to sign in form with error message' do
|
||||
sign_in_as_admin do
|
||||
fill_in 'email', :with => 'wrongemail@test.com'
|
||||
end
|
||||
|
||||
assert_response :success
|
||||
assert_template 'sessions/new'
|
||||
assert_contain 'Invalid email or password'
|
||||
assert_not warden.authenticated?(:admin)
|
||||
end
|
||||
|
||||
test 'admin signing in with invalid pasword should return to sign in form with error message' do
|
||||
sign_in_as_admin do
|
||||
fill_in 'password', :with => 'abcdef'
|
||||
end
|
||||
|
||||
assert_response :success
|
||||
assert_template 'sessions/new'
|
||||
assert_contain 'Invalid email or password'
|
||||
assert_not warden.authenticated?(:admin)
|
||||
end
|
||||
|
||||
# TODO This test should not pass
|
||||
test 'not confirmed admin should not be able to login' do
|
||||
sign_in_as_admin(:confirm => false)
|
||||
|
||||
assert_contain 'Invalid email or password'
|
||||
assert_not warden.authenticated?(:admin)
|
||||
end
|
||||
|
||||
test 'already confirmed admin should be able to sign in successfully' do
|
||||
sign_in_as_admin
|
||||
|
||||
assert_response :success
|
||||
assert_template 'home/index'
|
||||
assert_contain 'Signed in successfully'
|
||||
assert_not_contain 'Sign In'
|
||||
assert warden.authenticated?(:admin)
|
||||
assert_not warden.authenticated?(:user)
|
||||
end
|
||||
|
||||
test 'authenticated admin should be able to sign out' do
|
||||
sign_in_as_admin
|
||||
assert warden.authenticated?(:admin)
|
||||
|
||||
delete admin_session_path
|
||||
assert_response :redirect
|
||||
assert_redirected_to root_path
|
||||
assert_not warden.authenticated?(:admin)
|
||||
end
|
||||
end
|
|
@ -1,49 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class AdminsConfirmationTest < ActionController::IntegrationTest
|
||||
|
||||
test 'admin should be able to request a new confirmation' do
|
||||
admin = create_admin
|
||||
ActionMailer::Base.deliveries.clear
|
||||
|
||||
visit new_admin_session_path
|
||||
click_link 'Didn\'t receive confirmation instructions?'
|
||||
|
||||
fill_in 'email', :with => admin.email
|
||||
click_button 'Resend confirmation instructions'
|
||||
|
||||
assert_template 'sessions/new'
|
||||
assert_contain 'You will receive an email with instructions about how to confirm your account in a few minutes'
|
||||
assert_equal 1, ActionMailer::Base.deliveries.size
|
||||
end
|
||||
|
||||
test 'admin with invalid perishable token should not be able to confirm an account' do
|
||||
visit user_confirmation_path(:perishable_token => 'invalid_perishable')
|
||||
|
||||
assert_response :success
|
||||
assert_template 'confirmations/new'
|
||||
assert_have_selector '#errorExplanation'
|
||||
assert_contain 'invalid confirmation'
|
||||
end
|
||||
|
||||
test 'admin with valid perishable token should be able to confirm an account' do
|
||||
admin = create_admin(:confirm => false)
|
||||
assert_not admin.confirmed?
|
||||
|
||||
visit admin_confirmation_path(:perishable_token => admin.perishable_token)
|
||||
|
||||
assert_template 'sessions/new'
|
||||
assert_contain 'Your account was successfully confirmed!'
|
||||
|
||||
assert admin.reload.confirmed?
|
||||
end
|
||||
|
||||
test 'admin already confirmed user should not be able to confirm the account again' do
|
||||
admin = create_admin
|
||||
visit admin_confirmation_path(:perishable_token => admin.perishable_token)
|
||||
|
||||
assert_template 'confirmations/new'
|
||||
assert_have_selector '#errorExplanation'
|
||||
assert_contain 'already confirmed'
|
||||
end
|
||||
end
|
|
@ -1,104 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class AdminsPasswordRecoveryTest < ActionController::IntegrationTest
|
||||
|
||||
def visit_new_password_path
|
||||
visit new_admin_session_path
|
||||
click_link 'Forgot password?'
|
||||
end
|
||||
|
||||
def request_forgot_password(&block)
|
||||
visit_new_password_path
|
||||
|
||||
assert_response :success
|
||||
assert_template 'passwords/new'
|
||||
assert_not warden.authenticated?(:admin)
|
||||
|
||||
fill_in 'email', :with => 'admin@test.com'
|
||||
yield if block_given?
|
||||
click_button 'Send me reset password instructions'
|
||||
end
|
||||
|
||||
def reset_password(options={}, &block)
|
||||
visit edit_admin_password_path(:perishable_token => options[:perishable_token])
|
||||
assert_response :success
|
||||
assert_template 'passwords/edit'
|
||||
|
||||
fill_in 'Password', :with => '987654321'
|
||||
fill_in 'Password confirmation', :with => '987654321'
|
||||
yield if block_given?
|
||||
click_button 'Change my password'
|
||||
end
|
||||
|
||||
test 'authenticated admin should not be able to visit forgot password page' do
|
||||
sign_in_as_admin
|
||||
assert warden.authenticated?(:admin)
|
||||
|
||||
get new_admin_password_path
|
||||
|
||||
assert_response :redirect
|
||||
assert_redirected_to root_path
|
||||
end
|
||||
|
||||
test 'not authenticated admin should be able to request a forgot password' do
|
||||
create_admin
|
||||
request_forgot_password
|
||||
|
||||
assert_template 'sessions/new'
|
||||
assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
|
||||
end
|
||||
|
||||
test 'not authenticated admin with invalid email should receive an error message' do
|
||||
request_forgot_password do
|
||||
fill_in 'email', :with => 'invalid.test@test.com'
|
||||
end
|
||||
|
||||
assert_response :success
|
||||
assert_template 'passwords/new'
|
||||
assert_have_selector 'input[type=text][value=\'invalid.test@test.com\']'
|
||||
assert_contain 'Email not found'
|
||||
end
|
||||
|
||||
test 'authenticated admin should not be able to visit edit password page' do
|
||||
sign_in_as_admin
|
||||
|
||||
get edit_admin_password_path
|
||||
|
||||
assert_response :redirect
|
||||
assert_redirected_to root_path
|
||||
assert warden.authenticated?(:admin)
|
||||
end
|
||||
|
||||
test 'not authenticated admin with invalid perishable token should not be able to change his password' do
|
||||
admin = create_admin
|
||||
reset_password :perishable_token => 'invalid_perishable'
|
||||
|
||||
assert_response :success
|
||||
assert_template 'passwords/edit'
|
||||
assert_have_selector '#errorExplanation'
|
||||
assert_contain 'invalid confirmation'
|
||||
assert_not admin.reload.valid_password?('987654321')
|
||||
end
|
||||
|
||||
test 'not authenticated admin with valid perisable token but invalid password should not be able to change his password' do
|
||||
admin = create_admin
|
||||
reset_password :perishable_token => admin.perishable_token do
|
||||
fill_in 'Password confirmation', :with => 'other_password'
|
||||
end
|
||||
|
||||
assert_response :success
|
||||
assert_template 'passwords/edit'
|
||||
assert_have_selector '#errorExplanation'
|
||||
assert_contain 'Password doesn\'t match confirmation'
|
||||
assert_not admin.reload.valid_password?('987654321')
|
||||
end
|
||||
|
||||
test 'not authenticated admin with valid data should be able to change his password' do
|
||||
admin = create_admin
|
||||
reset_password :perishable_token => admin.perishable_token
|
||||
|
||||
assert_template 'sessions/new'
|
||||
assert_contain 'Your password was changed successfully.'
|
||||
assert admin.reload.valid_password?('987654321')
|
||||
end
|
||||
end
|
|
@ -1,50 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class AuthenticationTest < ActionController::IntegrationTest
|
||||
|
||||
test 'home should be accessible without signed in admins' do
|
||||
visit '/'
|
||||
assert_response :success
|
||||
assert_template 'home/index'
|
||||
end
|
||||
|
||||
test 'sign in as user should not authenticate admin scope' do
|
||||
sign_in_as_user
|
||||
|
||||
assert warden.authenticated?(:user)
|
||||
assert_not warden.authenticated?(:admin)
|
||||
end
|
||||
|
||||
test 'sign in as admin should not authenticate user scope' do
|
||||
sign_in_as_admin
|
||||
|
||||
assert warden.authenticated?(:admin)
|
||||
assert_not warden.authenticated?(:user)
|
||||
end
|
||||
|
||||
test 'sign in as both user and admin at same time' do
|
||||
sign_in_as_user
|
||||
sign_in_as_admin
|
||||
|
||||
assert warden.authenticated?(:user)
|
||||
assert warden.authenticated?(:admin)
|
||||
end
|
||||
|
||||
test 'sign out as user should not touch admin authentication' do
|
||||
sign_in_as_user
|
||||
sign_in_as_admin
|
||||
|
||||
delete user_session_path
|
||||
assert_not warden.authenticated?(:user)
|
||||
assert warden.authenticated?(:admin)
|
||||
end
|
||||
|
||||
test 'sign out as admin should not touch user authentication' do
|
||||
sign_in_as_user
|
||||
sign_in_as_admin
|
||||
|
||||
delete admin_session_path
|
||||
assert_not warden.authenticated?(:admin)
|
||||
assert warden.authenticated?(:user)
|
||||
end
|
||||
end
|
|
@ -1,52 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class UsersConfirmationTest < ActionController::IntegrationTest
|
||||
|
||||
test 'user should be able to request a new confirmation' do
|
||||
user = create_user
|
||||
ActionMailer::Base.deliveries.clear
|
||||
|
||||
visit new_user_session_path
|
||||
click_link 'Didn\'t receive confirmation instructions?'
|
||||
|
||||
fill_in 'email', :with => user.email
|
||||
click_button 'Resend confirmation instructions'
|
||||
|
||||
# assert_response :redirect
|
||||
# assert_redirected_to root_path
|
||||
assert_template 'sessions/new'
|
||||
assert_contain 'You will receive an email with instructions about how to confirm your account in a few minutes'
|
||||
assert_equal 1, ActionMailer::Base.deliveries.size
|
||||
end
|
||||
|
||||
test 'user with invalid perishable token should not be able to confirm an account' do
|
||||
visit user_confirmation_path(:perishable_token => 'invalid_perishable')
|
||||
|
||||
assert_response :success
|
||||
assert_template 'confirmations/new'
|
||||
assert_have_selector '#errorExplanation'
|
||||
assert_contain 'invalid confirmation'
|
||||
end
|
||||
|
||||
test 'user with valid perishable token should be able to confirm an account' do
|
||||
user = create_user(:confirm => false)
|
||||
assert_not user.confirmed?
|
||||
|
||||
visit user_confirmation_path(:perishable_token => user.perishable_token)
|
||||
|
||||
# assert_response :redirect
|
||||
assert_template 'sessions/new'
|
||||
assert_contain 'Your account was successfully confirmed!'
|
||||
|
||||
assert user.reload.confirmed?
|
||||
end
|
||||
|
||||
test 'user already confirmed user should not be able to confirm the account again' do
|
||||
user = create_user
|
||||
visit user_confirmation_path(:perishable_token => user.perishable_token)
|
||||
|
||||
assert_template 'confirmations/new'
|
||||
assert_have_selector '#errorExplanation'
|
||||
assert_contain 'already confirmed'
|
||||
end
|
||||
end
|
|
@ -1,107 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class UsersPasswordRecoveryTest < ActionController::IntegrationTest
|
||||
|
||||
def visit_new_password_path
|
||||
visit new_user_session_path
|
||||
click_link 'Forgot password?'
|
||||
end
|
||||
|
||||
def request_forgot_password(&block)
|
||||
visit_new_password_path
|
||||
|
||||
assert_response :success
|
||||
assert_template 'passwords/new'
|
||||
assert_not warden.authenticated?(:user)
|
||||
|
||||
fill_in 'email', :with => 'user@test.com'
|
||||
yield if block_given?
|
||||
click_button 'Send me reset password instructions'
|
||||
end
|
||||
|
||||
def reset_password(options={}, &block)
|
||||
visit edit_user_password_path(:perishable_token => options[:perishable_token])
|
||||
assert_response :success
|
||||
assert_template 'passwords/edit'
|
||||
|
||||
fill_in 'Password', :with => '987654321'
|
||||
fill_in 'Password confirmation', :with => '987654321'
|
||||
yield if block_given?
|
||||
click_button 'Change my password'
|
||||
end
|
||||
|
||||
test 'authenticated user should not be able to visit forgot password page' do
|
||||
sign_in_as_user
|
||||
assert warden.authenticated?(:user)
|
||||
|
||||
get new_user_password_path
|
||||
|
||||
assert_response :redirect
|
||||
assert_redirected_to root_path
|
||||
end
|
||||
|
||||
test 'not authenticated user should be able to request a forgot password' do
|
||||
create_user
|
||||
request_forgot_password
|
||||
|
||||
assert_template 'sessions/new'
|
||||
# TODO: what's going on with webrat? It's not detecting redirects
|
||||
# assert_response :redirect
|
||||
# assert_redirected_to new_session_path
|
||||
assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
|
||||
end
|
||||
|
||||
test 'not authenticated user with invalid email should receive an error message' do
|
||||
request_forgot_password do
|
||||
fill_in 'email', :with => 'invalid.test@test.com'
|
||||
end
|
||||
|
||||
assert_response :success
|
||||
assert_template 'passwords/new'
|
||||
assert_have_selector 'input[type=text][value=\'invalid.test@test.com\']'
|
||||
assert_contain 'Email not found'
|
||||
end
|
||||
|
||||
test 'authenticated user should not be able to visit edit password page' do
|
||||
sign_in_as_user
|
||||
|
||||
get edit_user_password_path
|
||||
|
||||
assert_response :redirect
|
||||
assert_redirected_to root_path
|
||||
assert warden.authenticated?(:user)
|
||||
end
|
||||
|
||||
test 'not authenticated user with invalid perishable token should not be able to change his password' do
|
||||
user = create_user
|
||||
reset_password :perishable_token => 'invalid_perishable'
|
||||
|
||||
assert_response :success
|
||||
assert_template 'passwords/edit'
|
||||
assert_have_selector '#errorExplanation'
|
||||
assert_contain 'invalid confirmation'
|
||||
assert_not user.reload.valid_password?('987654321')
|
||||
end
|
||||
|
||||
test 'not authenticated user with valid perisable token but invalid password should not be able to change his password' do
|
||||
user = create_user
|
||||
reset_password :perishable_token => user.perishable_token do
|
||||
fill_in 'Password confirmation', :with => 'other_password'
|
||||
end
|
||||
|
||||
assert_response :success
|
||||
assert_template 'passwords/edit'
|
||||
assert_have_selector '#errorExplanation'
|
||||
assert_contain 'Password doesn\'t match confirmation'
|
||||
assert_not user.reload.valid_password?('987654321')
|
||||
end
|
||||
|
||||
test 'not authenticated user with valid data should be able to change his password' do
|
||||
user = create_user
|
||||
reset_password :perishable_token => user.perishable_token
|
||||
|
||||
assert_template 'sessions/new'
|
||||
assert_contain 'Your password was changed successfully.'
|
||||
assert user.reload.valid_password?('987654321')
|
||||
end
|
||||
end
|
|
@ -1,44 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class Participant < User; end
|
||||
class Organizer < User; end
|
||||
|
||||
class MapTest < ActiveSupport::TestCase
|
||||
|
||||
def setup
|
||||
@mappings = Devise.mappings
|
||||
Devise.mappings = {}
|
||||
end
|
||||
|
||||
def teardown
|
||||
Devise.mappings = @mappings
|
||||
end
|
||||
|
||||
test 'store options' do
|
||||
Devise.map :participant, :to => Participant, :for => :authenticable
|
||||
|
||||
mappings = Devise.mappings
|
||||
assert_not mappings.empty?
|
||||
|
||||
assert_equal Participant, mappings[:participant].to
|
||||
assert_equal [:authenticable], mappings[:participant].for
|
||||
assert_equal :participants, mappings[:participant].as
|
||||
end
|
||||
|
||||
test 'require :for option' do
|
||||
assert_raise ArgumentError do
|
||||
Devise.map :participant, :to => Participant
|
||||
end
|
||||
end
|
||||
|
||||
test 'assert valid keys in options' do
|
||||
assert_raise ArgumentError do
|
||||
Devise.map :participant, :to => Participant, :for => [:authenticable], :other => 123
|
||||
end
|
||||
end
|
||||
|
||||
test 'use map name pluralized to :as option if none is given' do
|
||||
Devise.map :participant, :for => [:authenticable]
|
||||
assert_equal :participants, Devise.mappings[:participant].as
|
||||
end
|
||||
end
|
|
@ -61,12 +61,6 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|||
assert confirmed_user.errors[:email]
|
||||
end
|
||||
|
||||
test 'should not authenticate a user not confirmed' do
|
||||
user = create_user
|
||||
authenticated_user = User.authenticate(:email => user.email, :password => user.password)
|
||||
assert_nil authenticated_user
|
||||
end
|
||||
|
||||
test 'should authenticate a confirmed user' do
|
||||
user = create_user
|
||||
user.confirm!
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
Devise.map :user, :for => [:authenticable, :recoverable, :confirmable, :validatable]
|
||||
Devise.map :user, :for => [:authenticable, :confirmable, :validatable]
|
||||
Devise.map :admin, :for => [:authenticable, :recoverable, :confirmable, :validatable], :as => 'admin_area'
|
||||
|
|
|
@ -1,28 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class ConfirmationRoutingTest < ActionController::TestCase
|
||||
|
||||
test 'new user session route' do
|
||||
assert_recognizes({:controller => 'confirmations', :action => 'new'}, 'users/confirmation/new')
|
||||
end
|
||||
|
||||
test 'create user confirmation route' do
|
||||
assert_recognizes({:controller => 'confirmations', :action => 'create'}, {:path => 'users/confirmation', :method => :post})
|
||||
end
|
||||
|
||||
test 'show user confirmation route' do
|
||||
assert_recognizes({:controller => 'confirmations', :action => 'show'}, 'users/confirmation')
|
||||
end
|
||||
|
||||
test 'new admin session route' do
|
||||
assert_recognizes({:controller => 'confirmations', :action => 'new'}, 'admin_area/confirmation/new')
|
||||
end
|
||||
|
||||
test 'create admin confirmation route' do
|
||||
assert_recognizes({:controller => 'confirmations', :action => 'create'}, {:path => 'admin_area/confirmation', :method => :post})
|
||||
end
|
||||
|
||||
test 'show admin confirmation route' do
|
||||
assert_recognizes({:controller => 'confirmations', :action => 'show'}, 'admin_area/confirmation')
|
||||
end
|
||||
end
|
|
@ -1,28 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class MapRoutingTest < ActionController::TestCase
|
||||
|
||||
test 'map devise user session' do
|
||||
assert_recognizes({:controller => 'sessions', :action => 'new'}, 'users/session/new')
|
||||
end
|
||||
|
||||
test 'map devise user confirmation' do
|
||||
assert_recognizes({:controller => 'confirmations', :action => 'new'}, 'users/confirmation/new')
|
||||
end
|
||||
|
||||
test 'map devise user password' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'new'}, 'users/password/new')
|
||||
end
|
||||
|
||||
test 'map devise admin session with :as option' do
|
||||
assert_recognizes({:controller => 'sessions', :action => 'new'}, 'admin_area/session/new')
|
||||
end
|
||||
|
||||
test 'map devise admin confirmation with :as option' do
|
||||
assert_recognizes({:controller => 'confirmations', :action => 'new'}, 'admin_area/confirmation/new')
|
||||
end
|
||||
|
||||
test 'map devise admin password with :as option' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'new'}, 'admin_area/password/new')
|
||||
end
|
||||
end
|
|
@ -1,36 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class PasswordRoutingTest < ActionController::TestCase
|
||||
|
||||
test 'new user password route' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'new'}, 'users/password/new')
|
||||
end
|
||||
|
||||
test 'create user password route' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'create'}, {:path => 'users/password', :method => :post})
|
||||
end
|
||||
|
||||
test 'edit user password route' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'edit'}, 'users/password/edit')
|
||||
end
|
||||
|
||||
test 'update user password route' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'update'}, {:path => 'users/password', :method => :put})
|
||||
end
|
||||
|
||||
test 'new admin password route' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'new'}, 'admin_area/password/new')
|
||||
end
|
||||
|
||||
test 'create admin password route' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'create'}, {:path => 'admin_area/password', :method => :post})
|
||||
end
|
||||
|
||||
test 'edit admin password route' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'edit'}, 'admin_area/password/edit')
|
||||
end
|
||||
|
||||
test 'update admin password route' do
|
||||
assert_recognizes({:controller => 'passwords', :action => 'update'}, {:path => 'admin_area/password', :method => :put})
|
||||
end
|
||||
end
|
|
@ -1,28 +0,0 @@
|
|||
require 'test/test_helper'
|
||||
|
||||
class SessionRoutingTest < ActionController::TestCase
|
||||
|
||||
test 'new user session route' do
|
||||
assert_recognizes({:controller => 'sessions', :action => 'new'}, 'users/session/new')
|
||||
end
|
||||
|
||||
test 'create user session route' do
|
||||
assert_recognizes({:controller => 'sessions', :action => 'create'}, {:path => 'users/session', :method => :post})
|
||||
end
|
||||
|
||||
test 'destroy user session route' do
|
||||
assert_recognizes({:controller => 'sessions', :action => 'destroy'}, {:path => 'users/session', :method => :delete})
|
||||
end
|
||||
|
||||
test 'new admin session route' do
|
||||
assert_recognizes({:controller => 'sessions', :action => 'new'}, 'admin_area/session/new')
|
||||
end
|
||||
|
||||
test 'create admin session route' do
|
||||
assert_recognizes({:controller => 'sessions', :action => 'create'}, {:path => 'admin_area/session', :method => :post})
|
||||
end
|
||||
|
||||
test 'destroy admin session route' do
|
||||
assert_recognizes({:controller => 'sessions', :action => 'destroy'}, {:path => 'admin_area/session', :method => :delete})
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue