@@ -2,5 +2,4 @@ test/rails_root/log/*.log *.DS_Store *.swp .rake_tasks -test/rails_root/vendor/plugins -test/rails_root/db/migrate +test/rails_root/* .gitignore @@ -11,11 +11,11 @@ namespace :test do task.pattern = test_files_pattern task.verbose = false end - + Cucumber::Rake::Task.new(:features) do |t| t.cucumber_opts = "--format pretty" t.feature_pattern = 'test/rails_root/features/*.feature' - end + end end generators = %w(clearance clearance_features) @@ -27,17 +27,17 @@ namespace :generator do FileList["generators/#{generator}/templates/**/*.*"].each do |each| file = "test/rails_root/#{each.gsub("generators/#{generator}/templates/",'')}" File.delete(file) if File.exists?(file) - end + end end - + FileList["test/rails_root/db/**/*"].each do |each| FileUtils.rm_rf(each) end FileUtils.rm_rf("test/rails_root/vendor/plugins/clearance") system "mkdir -p test/rails_root/vendor/plugins/clearance" - system "cp -R generators test/rails_root/vendor/plugins/clearance" + system "cp -R generators test/rails_root/vendor/plugins/clearance" end - + desc "Run the generator on the tests" task :generate do generators.each do |generator| Rakefile @@ -74,7 +74,7 @@ module Clearance def deny_access(flash_message = nil, opts = {}) store_location flash[:failure] = flash_message if flash_message - render :template => "/sessions/new", :status => :unauthorized + render :template => "/sessions/new", :status => :unauthorized end end lib/clearance/app/controllers/application_controller.rb @@ -2,19 +2,19 @@ module Clearance module App module Controllers module ConfirmationsController - + def self.included(controller) controller.send(:include, Actions) controller.send(:include, PrivateMethods) - + controller.class_eval do before_filter :forbid_confirmed_user, :only => :new before_filter :forbid_missing_token, :only => :new before_filter :forbid_non_existant_user, :only => :new - filter_parameter_logging :token + filter_parameter_logging :token end end - + module Actions def new create @@ -23,29 +23,29 @@ module Clearance def create @user = User.find_by_id_and_token(params[:user_id], params[:token]) @user.confirm_email! - + sign_user_in(@user) flash[:success] = "Confirmed email and signed in." redirect_to url_after_create end end - + module PrivateMethods private - + def forbid_confirmed_user user = User.find_by_id(params[:user_id]) if user && user.email_confirmed? raise ActionController::Forbidden, "confirmed user" end end - + def forbid_missing_token if params[:token].blank? raise ActionController::Forbidden, "missing token" end end - + def forbid_non_existant_user unless User.find_by_id_and_token(params[:user_id], params[:token]) raise ActionController::Forbidden, "non-existant user" @@ -56,7 +56,7 @@ module Clearance root_url end end - + end end end lib/clearance/app/controllers/confirmations_controller.rb @@ -15,7 +15,7 @@ module Clearance module Actions def create - @user = User.authenticate(params[:session][:email], + @user = User.authenticate(params[:session][:email], params[:session][:password]) if @user.nil? flash.now[:notice] = "Bad email or password." @@ -50,7 +50,7 @@ module Clearance def remember(user) user.remember_me! - cookies[:remember_token] = { :value => user.token, + cookies[:remember_token] = { :value => user.token, :expires => user.token_expires_at } end lib/clearance/app/controllers/sessions_controller.rb @@ -6,13 +6,13 @@ module Clearance def self.included(controller) controller.send(:include, Actions) controller.send(:include, PrivateMethods) - + controller.class_eval do before_filter :redirect_to_root, :only => [:new, :create], :if => :signed_in? - filter_parameter_logging :password + filter_parameter_logging :password end end - + module Actions def new @user = User.new(params[:user]) @@ -30,10 +30,10 @@ module Clearance end end end - + module PrivateMethods private - + def url_after_create new_session_url end lib/clearance/app/controllers/users_controller.rb @@ -2,7 +2,7 @@ module Clearance module App module Models module ClearanceMailer - + def change_password(user) from DO_NOT_REPLY recipients user.email @@ -16,7 +16,7 @@ module Clearance subject "Account confirmation" body :user => user end - + end end end lib/clearance/app/models/clearance_mailer.rb @@ -10,12 +10,12 @@ module Clearance context "a user whose email has not been confirmed" do setup { @user = Factory(:user) } - + should "have a token" do assert_not_nil @user.token assert_not_equal "", @user.token end - + context "on GET to #new with correct id and token" do setup do get :new, :user_id => @user.to_param, :token => @user.token @@ -28,20 +28,20 @@ module Clearance end context "with an incorrect token" do - setup do + setup do @bad_token = "bad token" assert_not_equal @bad_token, @user.token end - + should_forbid "on GET to #new with incorrect token" do get :new, :user_id => @user.to_param, :token => @bad_token end end - + should_forbid "on GET to #new with blank token" do get :new, :user_id => @user.to_param, :token => "" end - + should_forbid "on GET to #new with no token" do get :new, :user_id => @user.to_param end @@ -57,7 +57,7 @@ module Clearance context "no users" do setup { assert_equal 0, User.count } - + should_forbid "on GET to #new with nonexistent id and token" do get :new, :user_id => '123', :token => '123' end lib/clearance/test/functional/confirmations_controller_test.rb @@ -6,7 +6,7 @@ module Clearance def self.included(controller_test) controller_test.class_eval do - should_route :get, '/users/1/password/edit', + should_route :get, '/users/1/password/edit', :action => 'edit', :user_id => '1' context "a signed up user" do @@ -27,9 +27,9 @@ module Clearance ActionMailer::Base.deliveries.clear post :create, :password => { :email => @user.email } end - + should "generate a token for the change your password email" do - assert_not_nil @user.reload.token + assert_not_nil @user.reload.token end should "send the change your password email" do @@ -37,7 +37,7 @@ module Clearance email.subject =~ /change your password/i end end - + should_set_the_flash_to /password/i should_redirect_to_url_after_create end @@ -51,15 +51,15 @@ module Clearance post :create, :password => { :email => email } end - + should "not generate a token for the change your password email" do - assert_equal @user.token, @user.reload.token - end + assert_equal @user.token, @user.reload.token + end should "not send a password reminder email" do assert ActionMailer::Base.deliveries.empty? end - + should "set a :notice flash" do assert_not_nil flash.now[:notice] end @@ -68,41 +68,41 @@ module Clearance end end end - + context "a signed up user and forgotten password" do setup do @user = Factory(:user) @user.forgot_password! end - + context "on GET to #edit with correct id and token" do setup do get :edit, :user_id => @user.to_param, :token => @user.token end - + should "find the user" do assert_equal @user, assigns(:user) end - + should_respond_with :success should_render_template "edit" should_display_a_password_update_form end - + should_forbid "on GET to #edit with correct id but blank token" do get :edit, :user_id => @user.to_param, :token => "" end - + should_forbid "on GET to #edit with correct id but no token" do get :edit, :user_id => @user.to_param end - + context "on PUT to #update with matching password and password confirmation" do setup do new_password = "new_password" @encrypted_new_password = @user.encrypt(new_password) assert_not_equal @encrypted_new_password, @user.encrypted_password - + put(:update, :user_id => @user, :token => @user.token, @@ -112,24 +112,24 @@ module Clearance }) @user.reload end - + should "update password" do assert_equal @encrypted_new_password, @user.encrypted_password end - + should "clear token" do assert_nil @user.token - end - + end + should_be_signed_in_as { @user } should_redirect_to_url_after_update end - + context "on PUT to #update with password but blank password confirmation" do setup do new_password = "new_password" @encrypted_new_password = @user.encrypt(new_password) - + put(:update, :user_id => @user.to_param, :token => @user.token, @@ -139,27 +139,27 @@ module Clearance }) @user.reload end - + should "not update password" do assert_not_equal @encrypted_new_password, @user.encrypted_password end - + should "not clear token" do assert_not_nil @user.token - end - + end + should_not_be_signed_in should_respond_with :success should_render_template :edit - - should_display_a_password_update_form + + should_display_a_password_update_form end - + should_forbid "on PUT to #update with id but no token" do put :update, :user_id => @user.to_param, :token => "" end end - + context "given two users and user one signs in" do setup do @user_one = Factory(:user) @@ -170,7 +170,7 @@ module Clearance should_forbid "when user one tries to change user two's password on GET with no token" do get :edit, :user_id => @user_two.to_param end - end + end end end lib/clearance/test/functional/passwords_controller_test.rb @@ -46,8 +46,8 @@ module Clearance context "a POST to #create with good credentials" do setup do - post :create, :session => { - :email => @user.email, + post :create, :session => { + :email => @user.email, :password => @user.password } end @@ -58,8 +58,8 @@ module Clearance context "a POST to #create with bad credentials" do setup do - post :create, :session => { - :email => @user.email, + post :create, :session => { + :email => @user.email, :password => "bad value" } end @@ -71,9 +71,9 @@ module Clearance context "a POST to #create with good credentials and remember me" do setup do - post :create, :session => { - :email => @user.email, - :password => @user.password, + post :create, :session => { + :email => @user.email, + :password => @user.password, :remember_me => '1' } end @@ -93,9 +93,9 @@ module Clearance context "a POST to #create with bad credentials and remember me" do setup do - post :create, :session => { - :email => @user.email, - :password => "bad value", + post :create, :session => { + :email => @user.email, + :password => "bad value", :remember_me => '1' } end @@ -128,8 +128,8 @@ module Clearance context "in the request" do setup do - post :create, :session => { - :email => @user.email, + post :create, :session => { + :email => @user.email, :password => @user.password }, :return_to => '/url_in_the_request' end @@ -140,8 +140,8 @@ module Clearance context "in the request and in the session" do setup do @request.session[:return_to] = '/url_in_the_session' - post :create, :session => { - :email => @user.email, + post :create, :session => { + :email => @user.email, :password => @user.password }, :return_to => '/url_in_the_request' end lib/clearance/test/functional/sessions_controller_test.rb @@ -5,20 +5,20 @@ module Clearance def self.included(controller_test) controller_test.class_eval do - + should_filter_params :password - + public_context do context "When getting new User view" do setup { get :new } - + should_respond_with :success should_render_template :new should_not_set_the_flash - + should_display_a_sign_up_form end - + context "Given email parameter when getting new User view" do setup do @email = "a@example.com" @@ -35,7 +35,7 @@ module Clearance user_attributes = Factory.attributes_for(:user) post :create, :user => user_attributes end - + should_create_user_successfully end end @@ -51,7 +51,7 @@ module Clearance should_redirect_to "root_url" end end - + end end end lib/clearance/test/functional/users_controller_test.rb @@ -2,10 +2,10 @@ module Clearance module Test module Unit module ClearanceMailerTest - + def self.included(mailer_test) mailer_test.class_eval do - + context "A change password email" do setup do @user = Factory(:user) @@ -30,7 +30,7 @@ module Clearance assert_match /Change your password/, @email.subject end end - + context "A confirmation email" do setup do @user = Factory(:user) @@ -55,11 +55,11 @@ module Clearance assert_match regexp, @email.body end end - + end end end - end + end end end lib/clearance/test/unit/clearance_mailer_test.rb @@ -6,8 +6,8 @@ module Clearance def self.included(unit_test) unit_test.class_eval do - should_not_allow_mass_assignment_of :email_confirmed, - :salt, :encrypted_password, + should_not_allow_mass_assignment_of :email_confirmed, + :salt, :encrypted_password, :token, :token_expires_at # signing up @@ -19,9 +19,9 @@ module Clearance should_not_allow_values_for :email, "example.com" should "require password confirmation on create" do - user = Factory.build(:user, :password => 'blah', + user = Factory.build(:user, :password => 'blah', :password_confirmation => 'boogidy') - assert !user.save + assert ! user.save assert user.errors.on(:password) end @@ -121,13 +121,13 @@ module Clearance end should "remember user when token expires in the future" do - @user.update_attribute :token_expires_at, + @user.update_attribute :token_expires_at, 2.weeks.from_now.utc assert @user.remember? end should "not remember user when token has already expired" do - @user.update_attribute :token_expires_at, + @user.update_attribute :token_expires_at, 2.weeks.ago.utc assert ! @user.remember? end @@ -167,7 +167,7 @@ module Clearance end should "change encrypted password" do - assert_not_equal @user.encrypted_password, + assert_not_equal @user.encrypted_password, @old_encrypted_password end end @@ -199,7 +199,7 @@ module Clearance end should "change encrypted password" do - assert_not_equal @user.encrypted_password, + assert_not_equal @user.encrypted_password, @old_encrypted_password end lib/clearance/test/unit/user_test.rb @@ -1,4 +1,4 @@ -module Clearance +module Clearance module Shoulda # STATE OF AUTHENTICATION @@ -6,25 +6,25 @@ module Clearance def should_be_signed_in_as(&block) should "be signed in as #{block.bind(self).call}" do user = block.bind(self).call - assert_not_nil user, + assert_not_nil user, "please pass a User. try: should_be_signed_in_as { @user }" - assert_equal user.id, session[:user_id], + assert_equal user.id, session[:user_id], "session[:user_id] is not set to User's id" end end def should_be_signed_in_and_email_confirmed_as(&block) should_be_signed_in_as &block - + should "have confirmed email" do user = block.bind(self).call - + assert_not_nil user assert_equal user, assigns(:user) assert assigns(:user).email_confirmed? end end - + def should_not_be_signed_in should "not be signed in" do assert_nil session[:user_id] @@ -44,17 +44,17 @@ module Clearance else should_not_set_the_flash end - + should "respond with 401 Unauthorized and render sign_in template" do - assert_response :unauthorized, + assert_response :unauthorized, "access was expected to be denied (401 unauthorized)" assert_template "sessions/new", "template was expected to be sign in (sessions/new)" end end - + # HTTP FLUENCY - + def should_forbid(description, &block) should "forbid #{description}" do assert_raises ActionController::Forbidden do @@ -62,7 +62,7 @@ module Clearance end end end - + # CONTEXTS def signed_in_user_context(&blk) @@ -82,65 +82,65 @@ module Clearance merge_block(&blk) end end - + # CREATING USERS - + def should_create_user_successfully should_assign_to :user should_change 'User.count', :by => 1 - + should "send the confirmation email" do assert_sent_email do |email| email.subject =~ /account confirmation/i end end - + should_set_the_flash_to /confirm/i should_redirect_to_url_after_create end - + # RENDERING - + def should_render_nothing should "render nothing" do assert @response.body.blank? end end - + # REDIRECTS - + def should_redirect_to_url_after_create should_redirect_to "@controller.send(:url_after_create)" end - + def should_redirect_to_url_after_update should_redirect_to "@controller.send(:url_after_update)" end - + def should_redirect_to_url_after_destroy should_redirect_to "@controller.send(:url_after_destroy)" end - + # VALIDATIONS - + def should_validate_confirmation_of(attribute, opts = {}) raise ArgumentError if opts[:factory].nil? - - context "on save" do + + context "on save" do should_validate_confirmation_is_not_blank opts[:factory], attribute should_validate_confirmation_is_not_bad opts[:factory], attribute end end - + def should_validate_confirmation_is_not_blank(factory, attribute, opts = {}) should "validate #{attribute}_confirmation is not blank" do model = Factory.build(factory, blank_confirmation_options(attribute)) model.save - assert_confirmation_error(model, attribute, + assert_confirmation_error(model, attribute, "#{attribute}_confirmation cannot be blank") end end - + def should_validate_confirmation_is_not_bad(factory, attribute, opts = {}) should "validate #{attribute}_confirmation is different than #{attribute}" do model = Factory.build(factory, bad_confirmation_options(attribute)) @@ -149,9 +149,9 @@ module Clearance "#{attribute}_confirmation cannot be different than #{attribute}") end end - + # FORMS - + def should_display_a_password_update_form should "have a form for the user's token, password, and password confirm" do update_path = ERB::Util.h( @@ -163,39 +163,39 @@ module Clearance assert_select 'input[name=?]', 'user[password]' assert_select 'input[name=?]', 'user[password_confirmation]' end - end + end end - + def should_display_a_sign_up_form should "display a form to sign up" do - assert_select "form[action=#{users_path}][method=post]", + assert_select "form[action=#{users_path}][method=post]", true, "There must be a form to sign up" do - assert_select "input[type=text][name=?]", + assert_select "input[type=text][name=?]", "user[email]", true, "There must be an email field" - assert_select "input[type=password][name=?]", + assert_select "input[type=password][name=?]", "user[password]", true, "There must be a password field" - assert_select "input[type=password][name=?]", - "user[password_confirmation]", true, "There must be a password confirmation field" - assert_select "input[type=submit]", true, + assert_select "input[type=password][name=?]", + "user[password_confirmation]", true, "There must be a password confirmation field" + assert_select "input[type=submit]", true, "There must be a submit button" end - end + end end - - def should_display_a_sign_in_form + + def should_display_a_sign_in_form should 'display a "sign in" form' do - assert_select "form[action=#{session_path}][method=post]", + assert_select "form[action=#{session_path}][method=post]", true, "There must be a form to sign in" do - assert_select "input[type=text][name=?]", + assert_select "input[type=text][name=?]", "session[email]", true, "There must be an email field" - assert_select "input[type=password][name=?]", + assert_select "input[type=password][name=?]", "session[password]", true, "There must be a password field" - assert_select "input[type=checkbox][name=?]", + assert_select "input[type=checkbox][name=?]", "session[remember_me]", true, "There must be a 'remember me' check box" - assert_select "input[type=submit]", true, + assert_select "input[type=submit]", true, "There must be a submit button" - end - end + end + end end end end @@ -212,22 +212,22 @@ module Clearance return user end - def sign_out + def sign_out @request.session[:user_id] = nil end - + def blank_confirmation_options(attribute) opts = { attribute => attribute.to_s } opts.merge("#{attribute}_confirmation".to_sym => "") end - + def bad_confirmation_options(attribute) opts = { attribute => attribute.to_s } opts.merge("#{attribute}_confirmation".to_sym => "not_#{attribute}") end - + def assert_confirmation_error(model, attribute, message = "confirmation error") - assert model.errors.on(attribute).include?("doesn't match confirmation"), + assert model.errors.on(attribute).include?("doesn't match confirmation"), message end end shoulda_macros/clearance.rb @@ -25,9 +25,9 @@ HOST = "localhost" config.gem 'thoughtbot-shoulda', :lib => 'shoulda', - :source => "http://gems.github.com", + :source => "http://gems.github.com", :version => '>= 2.9.1' config.gem 'thoughtbot-factory_girl', :lib => 'factory_girl', - :source => "http://gems.github.com", + :source => "http://gems.github.com", :version => '>= 1.2.0' test/rails_root/config/environments/test.rb @@ -3,6 +3,6 @@ ActionController::Routing::Routes.draw do |map| map.resources :passwords map.resource :session map.resource :account - + map.root :controller => 'accounts', :action => 'edit' end test/rails_root/config/routes.rb @@ -5,17 +5,17 @@ class AccountsControllerTest < ActionController::TestCase should_deny_access_on 'get :edit' should_deny_access_on 'put :update' end - + context "on POST to create" do setup do post :create end should_deny_access - + should "not store location" do assert session[:return_to].nil? end end - + end test/rails_root/test/functional/accounts_controller_test.rb 21594fa1353cfae04d1636137d16b61fef244aff Nick Quaranto nick@quaran.to http://github.com/thoughtbot/clearance/commit/65f22b9c59dab052b851e53ed2be3a065aff2d94 65f22b9c59dab052b851e53ed2be3a065aff2d94 2009-03-03T05:42:40-08:00 2009-03-03T05:42:40-08:00 Cleaning up some whitespace issues ace8866655c4e0404e4a7d91bc729cf96d77172d Nick Quaranto nick@quaran.to