forked from heartcombo/devise
-
Notifications
You must be signed in to change notification settings - Fork 0
/
recoverable_test.rb
160 lines (127 loc) · 5.38 KB
/
recoverable_test.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
require 'test_helper'
class PasswordTest < ActionController::IntegrationTest
def visit_new_password_path
visit new_user_session_path
click_link 'Forgot your password?'
end
def request_forgot_password(&block)
visit_new_password_path
assert_response :success
assert_not warden.authenticated?(:user)
fill_in 'email', :with => 'user@test.com'
yield if block_given?
click_button 'Send me reset password instructions'
end
def reset_password(options={}, &block)
visit edit_user_password_path(:reset_password_token => options[:reset_password_token]) unless options[:visit] == false
assert_response :success
fill_in 'New password', :with => '987654321'
fill_in 'Confirm new password', :with => '987654321'
yield if block_given?
click_button 'Change my password'
end
test 'reset password with email of different case should succeed when email is in the list of case insensitive keys' do
create_user(:email => 'Foo@Bar.com')
request_forgot_password do
fill_in 'email', :with => 'foo@bar.com'
end
assert_current_url '/users/sign_in'
assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
end
test 'reset password with email of different case should fail when email is NOT the list of case insensitive keys' do
swap Devise, :case_insensitive_keys => [] do
create_user(:email => 'Foo@Bar.com')
request_forgot_password do
fill_in 'email', :with => 'foo@bar.com'
end
assert_response :success
assert_current_url '/users/password'
assert_have_selector "input[type=email][value='foo@bar.com']"
assert_contain 'not found'
end
end
test 'authenticated user should not be able to visit forgot password page' do
sign_in_as_user
assert warden.authenticated?(:user)
get new_user_password_path
assert_response :redirect
assert_redirected_to root_path
end
test 'not authenticated user should be able to request a forgot password' do
create_user
request_forgot_password
assert_current_url '/users/sign_in'
assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
end
test 'not authenticated user with invalid email should receive an error message' do
request_forgot_password do
fill_in 'email', :with => 'invalid.test@test.com'
end
assert_response :success
assert_current_url '/users/password'
assert_have_selector "input[type=email][value='invalid.test@test.com']"
assert_contain 'not found'
end
test 'authenticated user should not be able to visit edit password page' do
sign_in_as_user
get edit_user_password_path
assert_response :redirect
assert_redirected_to root_path
assert warden.authenticated?(:user)
end
test 'not authenticated user with invalid reset password token should not be able to change his password' do
user = create_user
reset_password :reset_password_token => 'invalid_reset_password'
assert_response :success
assert_current_url '/users/password'
assert_have_selector '#error_explanation'
assert_contain /Reset password token(.*)invalid/
assert_not user.reload.valid_password?('987654321')
end
test 'not authenticated user with valid reset password token but invalid password should not be able to change his password' do
user = create_user
request_forgot_password
reset_password :reset_password_token => user.reload.reset_password_token do
fill_in 'Confirm new password', :with => 'other_password'
end
assert_response :success
assert_current_url '/users/password'
assert_have_selector '#error_explanation'
assert_contain 'Password doesn\'t match confirmation'
assert_not user.reload.valid_password?('987654321')
end
test 'not authenticated user with valid data should be able to change his password' do
user = create_user
request_forgot_password
reset_password :reset_password_token => user.reload.reset_password_token
assert_current_url '/'
assert_contain 'Your password was changed successfully.'
assert user.reload.valid_password?('987654321')
end
test 'after entering invalid data user should still be able to change his password' do
user = create_user
request_forgot_password
reset_password :reset_password_token => user.reload.reset_password_token do
fill_in 'Confirm new password', :with => 'other_password'
end
assert_response :success
assert_have_selector '#error_explanation'
assert_not user.reload.valid_password?('987654321')
reset_password :reset_password_token => user.reload.reset_password_token, :visit => false
assert_contain 'Your password was changed successfully.'
assert user.reload.valid_password?('987654321')
end
test 'sign in user automatically after changing it\'s password' do
user = create_user
request_forgot_password
reset_password :reset_password_token => user.reload.reset_password_token
assert warden.authenticated?(:user)
end
test 'does not sign in user automatically after changing it\'s password if it\'s not active' do
user = create_user(:confirm => false)
request_forgot_password
reset_password :reset_password_token => user.reload.reset_password_token
assert_equal new_user_session_path, @request.path
assert !warden.authenticated?(:user)
end
end