mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
0e62667047
This reverts commit dd779c9686
.
239 lines
8.5 KiB
Ruby
239 lines
8.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require "cases/helper"
|
|
require "models/user"
|
|
require "models/visitor"
|
|
|
|
class SecurePasswordTest < ActiveModel::TestCase
|
|
setup do
|
|
# Used only to speed up tests
|
|
@original_min_cost = ActiveModel::SecurePassword.min_cost
|
|
ActiveModel::SecurePassword.min_cost = true
|
|
|
|
@user = User.new
|
|
@visitor = Visitor.new
|
|
|
|
# Simulate loading an existing user from the DB
|
|
@existing_user = User.new
|
|
@existing_user.password_digest = BCrypt::Password.create("password", cost: BCrypt::Engine::MIN_COST)
|
|
end
|
|
|
|
teardown do
|
|
ActiveModel::SecurePassword.min_cost = @original_min_cost
|
|
end
|
|
|
|
test "automatically include ActiveModel::Validations when validations are enabled" do
|
|
assert_respond_to @user, :valid?
|
|
end
|
|
|
|
test "don't include ActiveModel::Validations when validations are disabled" do
|
|
assert_not_respond_to @visitor, :valid?
|
|
end
|
|
|
|
test "create a new user with validations and valid password/confirmation" do
|
|
@user.password = "password"
|
|
@user.password_confirmation = "password"
|
|
|
|
assert @user.valid?(:create), "user should be valid"
|
|
|
|
@user.password = "a" * 72
|
|
@user.password_confirmation = "a" * 72
|
|
|
|
assert @user.valid?(:create), "user should be valid"
|
|
end
|
|
|
|
test "create a new user with validation and a spaces only password" do
|
|
@user.password = " " * 72
|
|
assert @user.valid?(:create), "user should be valid"
|
|
end
|
|
|
|
test "create a new user with validation and a blank password" do
|
|
@user.password = ""
|
|
assert_not @user.valid?(:create), "user should be invalid"
|
|
assert_equal 1, @user.errors.count
|
|
assert_equal ["can't be blank"], @user.errors[:password]
|
|
end
|
|
|
|
test "create a new user with validation and a nil password" do
|
|
@user.password = nil
|
|
assert_not @user.valid?(:create), "user should be invalid"
|
|
assert_equal 1, @user.errors.count
|
|
assert_equal ["can't be blank"], @user.errors[:password]
|
|
end
|
|
|
|
test "create a new user with validation and password length greater than 72" do
|
|
@user.password = "a" * 73
|
|
@user.password_confirmation = "a" * 73
|
|
assert_not @user.valid?(:create), "user should be invalid"
|
|
assert_equal 1, @user.errors.count
|
|
assert_equal ["is too long (maximum is 72 characters)"], @user.errors[:password]
|
|
end
|
|
|
|
test "create a new user with validation and a blank password confirmation" do
|
|
@user.password = "password"
|
|
@user.password_confirmation = ""
|
|
assert_not @user.valid?(:create), "user should be invalid"
|
|
assert_equal 1, @user.errors.count
|
|
assert_equal ["doesn't match Password"], @user.errors[:password_confirmation]
|
|
end
|
|
|
|
test "create a new user with validation and a nil password confirmation" do
|
|
@user.password = "password"
|
|
@user.password_confirmation = nil
|
|
assert @user.valid?(:create), "user should be valid"
|
|
end
|
|
|
|
test "create a new user with validation and an incorrect password confirmation" do
|
|
@user.password = "password"
|
|
@user.password_confirmation = "something else"
|
|
assert_not @user.valid?(:create), "user should be invalid"
|
|
assert_equal 1, @user.errors.count
|
|
assert_equal ["doesn't match Password"], @user.errors[:password_confirmation]
|
|
end
|
|
|
|
test "update an existing user with validation and no change in password" do
|
|
assert @existing_user.valid?(:update), "user should be valid"
|
|
end
|
|
|
|
test "update an existing user with validations and valid password/confirmation" do
|
|
@existing_user.password = "password"
|
|
@existing_user.password_confirmation = "password"
|
|
|
|
assert @existing_user.valid?(:update), "user should be valid"
|
|
|
|
@existing_user.password = "a" * 72
|
|
@existing_user.password_confirmation = "a" * 72
|
|
|
|
assert @existing_user.valid?(:update), "user should be valid"
|
|
end
|
|
|
|
test "updating an existing user with validation and a blank password" do
|
|
@existing_user.password = ""
|
|
assert @existing_user.valid?(:update), "user should be valid"
|
|
end
|
|
|
|
test "updating an existing user with validation and a spaces only password" do
|
|
@user.password = " " * 72
|
|
assert @user.valid?(:update), "user should be valid"
|
|
end
|
|
|
|
test "updating an existing user with validation and a blank password and password_confirmation" do
|
|
@existing_user.password = ""
|
|
@existing_user.password_confirmation = ""
|
|
assert @existing_user.valid?(:update), "user should be valid"
|
|
end
|
|
|
|
test "updating an existing user with validation and a nil password" do
|
|
@existing_user.password = nil
|
|
assert_not @existing_user.valid?(:update), "user should be invalid"
|
|
assert_equal 1, @existing_user.errors.count
|
|
assert_equal ["can't be blank"], @existing_user.errors[:password]
|
|
end
|
|
|
|
test "updating an existing user with validation and password length greater than 72" do
|
|
@existing_user.password = "a" * 73
|
|
@existing_user.password_confirmation = "a" * 73
|
|
assert_not @existing_user.valid?(:update), "user should be invalid"
|
|
assert_equal 1, @existing_user.errors.count
|
|
assert_equal ["is too long (maximum is 72 characters)"], @existing_user.errors[:password]
|
|
end
|
|
|
|
test "updating an existing user with validation and a blank password confirmation" do
|
|
@existing_user.password = "password"
|
|
@existing_user.password_confirmation = ""
|
|
assert_not @existing_user.valid?(:update), "user should be invalid"
|
|
assert_equal 1, @existing_user.errors.count
|
|
assert_equal ["doesn't match Password"], @existing_user.errors[:password_confirmation]
|
|
end
|
|
|
|
test "updating an existing user with validation and a nil password confirmation" do
|
|
@existing_user.password = "password"
|
|
@existing_user.password_confirmation = nil
|
|
assert @existing_user.valid?(:update), "user should be valid"
|
|
end
|
|
|
|
test "updating an existing user with validation and an incorrect password confirmation" do
|
|
@existing_user.password = "password"
|
|
@existing_user.password_confirmation = "something else"
|
|
assert_not @existing_user.valid?(:update), "user should be invalid"
|
|
assert_equal 1, @existing_user.errors.count
|
|
assert_equal ["doesn't match Password"], @existing_user.errors[:password_confirmation]
|
|
end
|
|
|
|
test "updating an existing user with validation and a blank password digest" do
|
|
@existing_user.password_digest = ""
|
|
assert_not @existing_user.valid?(:update), "user should be invalid"
|
|
assert_equal 1, @existing_user.errors.count
|
|
assert_equal ["can't be blank"], @existing_user.errors[:password]
|
|
end
|
|
|
|
test "updating an existing user with validation and a nil password digest" do
|
|
@existing_user.password_digest = nil
|
|
assert_not @existing_user.valid?(:update), "user should be invalid"
|
|
assert_equal 1, @existing_user.errors.count
|
|
assert_equal ["can't be blank"], @existing_user.errors[:password]
|
|
end
|
|
|
|
test "setting a blank password should not change an existing password" do
|
|
@existing_user.password = ""
|
|
assert @existing_user.password_digest == "password"
|
|
end
|
|
|
|
test "setting a nil password should clear an existing password" do
|
|
@existing_user.password = nil
|
|
assert_nil @existing_user.password_digest
|
|
end
|
|
|
|
test "override secure password attribute" do
|
|
assert_nil @user.password_called
|
|
|
|
@user.password = "secret"
|
|
|
|
assert_equal "secret", @user.password
|
|
assert_equal 1, @user.password_called
|
|
|
|
@user.password = "terces"
|
|
|
|
assert_equal "terces", @user.password
|
|
assert_equal 2, @user.password_called
|
|
end
|
|
|
|
test "authenticate" do
|
|
@user.password = "secret"
|
|
@user.recovery_password = "42password"
|
|
|
|
assert_equal false, @user.authenticate("wrong")
|
|
assert_equal @user, @user.authenticate("secret")
|
|
|
|
assert_equal false, @user.authenticate_password("wrong")
|
|
assert_equal @user, @user.authenticate_password("secret")
|
|
|
|
assert_equal false, @user.authenticate_recovery_password("wrong")
|
|
assert_equal @user, @user.authenticate_recovery_password("42password")
|
|
end
|
|
|
|
test "Password digest cost defaults to bcrypt default cost when min_cost is false" do
|
|
ActiveModel::SecurePassword.min_cost = false
|
|
|
|
@user.password = "secret"
|
|
assert_equal BCrypt::Engine::DEFAULT_COST, @user.password_digest.cost
|
|
end
|
|
|
|
test "Password digest cost honors bcrypt cost attribute when min_cost is false" do
|
|
original_bcrypt_cost = BCrypt::Engine.cost
|
|
ActiveModel::SecurePassword.min_cost = false
|
|
BCrypt::Engine.cost = 5
|
|
|
|
@user.password = "secret"
|
|
assert_equal BCrypt::Engine.cost, @user.password_digest.cost
|
|
ensure
|
|
BCrypt::Engine.cost = original_bcrypt_cost
|
|
end
|
|
|
|
test "Password digest cost can be set to bcrypt min cost to speed up tests" do
|
|
ActiveModel::SecurePassword.min_cost = true
|
|
|
|
@user.password = "secret"
|
|
assert_equal BCrypt::Engine::MIN_COST, @user.password_digest.cost
|
|
end
|
|
end
|