Skip to content
Browse files

* added new user fields to the User model

* added in tests to test for protected status of the User model
  • Loading branch information...
1 parent 91bc41c commit 502d245d76ff025ee583bae270397824baf85215 @hone committed
View
1 .gitignore
@@ -2,3 +2,4 @@ db/schema.rb
log/*.log
tmp/**/*
config/database.yml
+tags
View
7 app/helpers/application_helper.rb
@@ -1,3 +1,10 @@
# Methods added to this helper will be available to all templates in the application.
module ApplicationHelper
+ def display_boolean( boolean_value )
+ if boolean_value
+ "Yes"
+ else
+ "No"
+ end
+ end
end
View
2 app/models/user.rb
@@ -25,7 +25,7 @@ class User < ActiveRecord::Base
# HACK HACK HACK -- how to do attr_accessible from here?
# prevents a user from submitting a crafted form that bypasses activation
# anything else you want your user to change should be added here.
- attr_accessible :login, :email, :name, :password, :password_confirmation, :time_zone, :psn, :avatar_url
+ attr_accessible :email, :name, :password, :password_confirmation, :time_zone, :psn, :avatar_url, :headset, :usb_camera, :keyboard, :play_style
View
22 app/views/users/edit.html.erb
@@ -16,7 +16,7 @@
<p>
<%= f.label :email %><br />
<%= f.text_field :email %>
- <p>
+ </p>
<p>
<%= f.label :psn, "PSN" %><br />
@@ -24,6 +24,26 @@
</p>
<p>
+ <%= f.label :headset, "Headset" %><br />
+ <%= f.check_box :headset %>
+ </p>
+
+ <p>
+ <%= f.label :keyboard, "Keyboard" %><br />
+ <%= f.check_box :keyboard %>
+ </p>
+
+ <p>
+ <%= f.label :usb_camera, "USB Camera" %><br />
+ <%= f.check_box :usb_camera %>
+ </p>
+
+ <p>
+ <%= f.label :play_style, "Play Style" %><br />
+ <%= f.text_field :play_style %>
+ </p>
+
+ <p>
<%= f.label :time_zone %><br />
<%= f.time_zone_select :time_zone, @time_zones %>
</p>
View
16 app/views/users/show.html.erb
@@ -17,6 +17,22 @@
</p>
<p>
+ <b>Headset:</b> <%= h( display_boolean( @user.headset ) ) %>
+</p>
+
+<p>
+ <b>Keyboard:</b> <%= h( display_boolean( @user.keyboard ) ) %>
+</p>
+
+<p>
+ <b>USB Camera:</b> <%= h( display_boolean( @user.keyboard ) ) %>
+</p>
+
+<p>
+ <b>Play Style:</b> <%= h( @user.play_style ) %>
+</p>
+
+<p>
<b>Avatar:</b> <%= if not h( @user.avatar_url ).blank? then image_tag( h(@user.avatar_url) ) end -%>
</p>
View
19 db/migrate/20081221213737_add_fields2_to_users.rb
@@ -0,0 +1,19 @@
+class AddFields2ToUsers < ActiveRecord::Migration
+ def self.up
+ change_table :users do |t|
+ t.boolean :headset
+ t.boolean :keyboard
+ t.boolean :usb_camera
+ t.string :play_style
+ end
+ end
+
+ def self.down
+ change_table :users do |t|
+ t.remove :headset
+ t.remove :keyboard
+ t.remove :usb_camera
+ t.remove :play_style
+ end
+ end
+end
View
12 test/fixtures/users.yml
@@ -1,8 +1,11 @@
-
quentin:
- id: 1
login: quentin
email: quentin@example.com
+ psn: quentin
+ headset: false
+ keyboard: false
+ usb_camera: false
+ play_style: "Casual"
salt: 356a192b7913b04c54574d18c28d46e6395428ab # SHA1('0')
crypted_password: e687f06ce5edd525b5fa406ef5c8ac1e6f62d589 # 'monkey'
created_at: <%= 5.days.ago.to_s :db %>
@@ -10,9 +13,9 @@ quentin:
remember_token: 77de68daecd823babbb58edb1c8e14d7106e83bb
aaron:
- id: 2
login: aaron
email: aaron@example.com
+ psn: aaron
salt: da4b9237bacccdf19c0760cab7aec4a8359010b0 # SHA1('1')
crypted_password: e53d5bc30135b291be22fb659ed9fc4b8a0f01e1 # 'monkey'
created_at: <%= 1.days.ago.to_s :db %>
@@ -21,9 +24,10 @@ aaron:
old_password_holder:
- id: 3
login: old_password_holder
email: salty_dog@example.com
+ psn: old_password_holder
+ salt: da4b9237bacccdf19c0760cab7aec4a8359010b0 # SHA1('1')
salt: 7e3041ebc2fc05a40c60028e2c4901a81035d3cd
crypted_password: 00742970dc9e6319f8019fd54864d3ea740f04b1 # test
created_at: <%= 1.days.ago.to_s :db %>
View
76 test/unit/user_test.rb
@@ -1,9 +1,14 @@
require File.dirname(__FILE__) + '/../test_helper'
+class User
+ attr_reader :crypted_password
+end
+
class UserTest < ActiveSupport::TestCase
# Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead.
# Then, you can remove it from this and the functional test.
include AuthenticatedTestHelper
+ include
fixtures :users
def test_should_create_user
@@ -15,7 +20,7 @@ def test_should_create_user
def test_should_require_login
assert_no_difference 'User.count' do
- u = create_user(:login => nil)
+ u = create_user( {:login => nil}, false )
assert u.errors.on(:login)
end
end
@@ -41,18 +46,29 @@ def test_should_require_email
end
end
- def test_should_reset_password
- users(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
- assert_equal users(:quentin), User.authenticate('quentin', 'new password')
+ test "should require psn" do
+ assert_no_difference 'User.count' do
+ u = create_user(:psn => nil)
+ assert u.errors.on(:psn)
+ end
end
def test_should_not_rehash_password
- users(:quentin).update_attributes(:login => 'quentin2')
- assert_equal users(:quentin), User.authenticate('quentin2', 'monkey')
+ user = users(:quentin)
+ user.login = 'quentin2'
+ user.save!
+
+ assert_equal user, User.authenticate('quentin2', 'monkey')
end
def test_should_authenticate_user
- assert_equal users(:quentin), User.authenticate('quentin', 'monkey')
+ user = users(:quentin)
+ assert_equal user, User.authenticate('quentin', 'monkey')
+ end
+
+ def test_should_reset_password
+ users(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
+ assert_equal users(:quentin), User.authenticate('quentin', 'new password')
end
def test_should_set_remember_token
@@ -94,9 +110,51 @@ def test_should_remember_me_default_two_weeks
assert users(:quentin).remember_token_expires_at.between?(before, after)
end
+ test "should mass assign values" do
+ user = users(:quentin)
+ users_params = {"avatar_url"=>"http://en.gravatar.com/userimage/454952/8c557ff3c330.jpg", "usb_camera"=>"1", "psn"=>"quasar", "name"=>"Rufus Bolan", "keyboard"=>"1", "headset"=>"1", "time_zone"=>"Eastern Time (US & Canada)", "play_style"=>"PRO NOOB", "email"=>"hone02@gmail.com"}
+ user.update_attributes( users_params )
+
+ updated_user = User.find_by_login( 'quentin' )
+ assert_not_nil updated_user, "User 'quentin' does not exist."
+ # check the updated values
+ users_params.each do |key, value|
+ field_value = updated_user.send( key )
+ # special handling for booleans
+ if field_value.is_a?( FalseClass ) or field_value.is_a?( TrueClass )
+ corrected_value =
+ if value == "1"
+ true
+ else
+ false
+ end
+
+ assert_equal field_value, corrected_value
+ else
+ assert_equal field_value, value
+ end
+ end
+ end
+
+ test "should not mass assign values" do
+ user = users(:quentin)
+ user_params = { :login => "new_login", :salt => "new_salt", :crypted_password => "crypted_password" }
+ user.update_attributes( user_params )
+
+ updated_user = User.find_by_login( "quentin" )
+ assert_not_nil updated_user, "User 'quentin' does not exist."
+ # check that the values have not been updated
+ user_params.each do |key, value|
+ assert_not_equal updated_user.send( key ), value
+ end
+ end
+
protected
- def create_user(options = {})
- record = User.new({ :login => 'quire', :email => 'quire@example.com', :password => 'quire69', :password_confirmation => 'quire69' }.merge(options))
+ def create_user(options = {}, set_login = true)
+ record = User.new({ :email => 'quire@example.com', :password => 'quire69', :password_confirmation => 'quire69', :psn => 'quire' }.merge(options))
+ # can't mass assign login
+ record.login = 'quire' if set_login
+ record.login = options[:login] if options[:login]
record.save
record
end
View
5 vendor/plugins/restful-authentication/lib/authentication/by_password.rb
@@ -47,7 +47,7 @@ def encrypt(password)
end
def authenticated?(password)
- crypted_password == encrypt(password)
+ self[:crypted_password] == encrypt(password)
end
# before filter
@@ -56,8 +56,9 @@ def encrypt_password
self.salt = self.class.make_token if new_record?
self.crypted_password = encrypt(password)
end
+
def password_required?
- crypted_password.blank? || !password.blank?
+ self[:crypted_password].blank? || !password.blank?
end
end # instance methods
end

0 comments on commit 502d245

Please sign in to comment.
Something went wrong with that request. Please try again.