Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

229 lines (183 sloc) 6.256 kb
require 'spec_helper'
describe User do
# db
it { should have_db_index(:email) }
it { should have_db_index(:remember_token) }
# signing up
describe "When signing up" do
it { should validate_presence_of(:email) }
it { should validate_presence_of(:password) }
it { should allow_value("foo@example.co.uk").for(:email) }
it { should allow_value("foo@example.com").for(:email) }
it { should_not allow_value("foo@").for(:email) }
it { should_not allow_value("foo@example..com").for(:email) }
it { should_not allow_value("foo@.example.com").for(:email) }
it { should_not allow_value("foo").for(:email) }
it { should_not allow_value("example.com").for(:email) }
it "should initialize salt" do
Factory(:user).salt.should_not be_nil
end
describe "encrypt password" do
before do
@salt = "salt"
@user = Factory.build(:user, :salt => @salt)
def @user.initialize_salt; end
@user.save!
@password = @user.password
@user.send(:encrypt, @password)
@expected = Digest::SHA1.hexdigest("--#{@salt}--#{@password}--")
end
it "should create an encrypted password using SHA1 encryption" do
@user.encrypted_password.should == @expected
end
end
it "should store email in down case" do
user = Factory(:user, :email => "John.Doe@example.com")
user.email.should == "john.doe@example.com"
end
end
describe "When multiple users have signed up" do
before { Factory(:user) }
it { should validate_uniqueness_of(:email) }
end
# authenticating
describe "A user" do
before do
@user = Factory(:user)
@password = @user.password
end
it "is authenticated with correct email and password" do
(::User.authenticate(@user.email, @password)).should be
@user.should be_authenticated(@password)
end
it "is authenticated with correct uppercased email and correct password" do
(::User.authenticate(@user.email.upcase, @password)).should be
@user.should be_authenticated(@password)
end
it "is authenticated with incorrect credentials" do
(::User.authenticate(@user.email, 'bad_password')).should_not be
@user.should_not be_authenticated('bad password')
end
end
# resetting remember token
describe "When resetting authentication with reset_remember_token!" do
before do
@user = Factory(:user)
@user.remember_token = "old-token"
@user.reset_remember_token!
end
it "should change the remember token" do
@user.remember_token.should_not == "old-token"
end
end
# updating password
describe "An email confirmed user" do
before do
@user = Factory(:user)
@old_encrypted_password = @user.encrypted_password
end
describe "who updates password" do
before do
@user.update_password("new_password")
end
it "should change encrypted password" do
@user.encrypted_password.should_not == @old_encrypted_password
end
end
end
it "should not generate the same remember token for users with the same password at the same time" do
Time.stubs(:now => Time.now)
password = 'secret'
first_user = Factory(:user, :password => password)
second_user = Factory(:user, :password => password)
second_user.remember_token.should_not == first_user.remember_token
end
# recovering forgotten password
describe "An user" do
before do
@user = Factory(:user)
@old_encrypted_password = @user.encrypted_password
end
describe "who requests password reminder" do
before do
@user.confirmation_token.should be_nil
@user.forgot_password!
end
it "should generate confirmation token" do
@user.confirmation_token.should_not be_nil
end
describe "and then updates password" do
describe 'with password' do
before do
@user.update_password("new_password")
end
it "should change encrypted password" do
@user.encrypted_password.should_not == @old_encrypted_password
end
it "should clear confirmation token" do
@user.confirmation_token.should be_nil
end
end
describe 'with blank password' do
before do
@user.update_password("")
end
it "does not change encrypted password" do
@user.encrypted_password.should == @old_encrypted_password
end
it "does not clear confirmation token" do
@user.confirmation_token.should_not be_nil
end
end
end
end
end
# optional email/password fields
describe "a user with an optional email" do
before do
@user = User.new
class << @user
def email_optional?
true
end
end
end
subject { @user }
it { should allow_value(nil).for(:email) }
it { should allow_value("").for(:email) }
end
describe "a user with an optional password" do
before do
@user = User.new
class << @user
def password_optional?
true
end
end
end
subject { @user }
it { should allow_value(nil).for(:password) }
it { should allow_value("").for(:password) }
end
describe "user factory" do
it "should create a valid user with just an overridden password" do
Factory.build(:user, :password => "test").should be_valid
end
end
describe "when user exists before Clearance was installed" do
before do
@user = Factory(:user)
sql = "update users set salt = NULL, encrypted_password = NULL, remember_token = NULL where id = #{@user.id}"
ActiveRecord::Base.connection.update(sql)
@user.reload.salt.should be_nil
@user.reload.encrypted_password.should be_nil
@user.reload.remember_token.should be_nil
end
it "should initialize salt, generate remember token, and save encrypted password on update_password" do
@user.update_password('password')
@user.salt.should_not be_nil
@user.encrypted_password.should_not be_nil
@user.remember_token.should_not be_nil
end
end
end
Jump to Line
Something went wrong with that request. Please try again.