Skip to content
This repository
Fetching contributors…

Octocat-spinner-32-eaf2f5

Cannot retrieve contributors at this time

file 186 lines (146 sloc) 5.403 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185
require 'spec_helper'

describe Clearance::PasswordsController do
  it { should be_a Clearance::BaseController }

  describe 'a signed up user' do
    before do
      @user = create(:user)
    end

    describe 'on GET to #new' do
      before { get :new, user_id: @user.to_param }

      it { should respond_with(:success) }
      it { should render_template(:new) }
    end

    describe 'on POST to #create' do
      describe 'with correct email address' do
        before do
          ActionMailer::Base.deliveries.clear
          post :create, password: { email: @user.email }
        end

        it 'should generate a token for the change your password email' do
          @user.reload.confirmation_token.should_not be_nil
        end

        it 'sends an email with relevant subject' do
          email = ActionMailer::Base.deliveries.last
          email.subject.should match(/change your password/i)
        end

        it { should respond_with(:success) }
      end

      describe 'with correct email address capitalized differently' do
        before do
          ActionMailer::Base.deliveries.clear
          post :create, password: { email: @user.email.upcase }
        end

        it 'should generate a token for the change your password email' do
          @user.reload.confirmation_token.should_not be_nil
        end

        it 'sends an email with relevant subject' do
          email = ActionMailer::Base.deliveries.last
          email.subject.should match(/change your password/i)
        end

        it { should respond_with(:success) }
      end

      describe 'with incorrect email address' do
        before do
          email = 'user1@example.com'
          (Clearance.configuration.user_model.exists?(['email = ?', email])).should_not be
          ActionMailer::Base.deliveries.clear
          @user.reload.confirmation_token.should == @user.confirmation_token

          post :create, password: { email: email }
        end

        it 'should not generate a token for the change your password email' do
          @user.reload.confirmation_token.should == @user.confirmation_token
        end

        it 'should not send a password reminder email' do
          ActionMailer::Base.deliveries.should be_empty
        end

        it { should render_template(:create) }
      end
    end
  end

  describe 'a signed up user and forgotten password' do
    before do
      @user = create(:user)
      @user.forgot_password!
    end

    describe 'on GET to #edit with correct id and token' do
      before do
        get :edit, user_id: @user.to_param,
          token: @user.confirmation_token
      end

      it 'should find the user' do
        assigns(:user).should == @user
      end

      it { should respond_with(:success) }
      it { should render_template(:edit) }
    end

    describe 'on GET to #edit with correct id but blank token' do
      before do
        get :edit, user_id: @user.to_param, token: ''
      end

      it { should set_the_flash.to(/double check the URL/i).now }
      it { should render_template(:new) }
    end

    describe 'on GET to #edit with correct id but no token' do
      before do
        get :edit, user_id: @user.to_param
      end

      it { should set_the_flash.to(/double check the URL/i).now }
      it { should render_template(:new) }
    end

    describe 'on PUT to #update with password' do
      before do
        @new_password = 'new_password'
        @old_encrypted_password = @user.encrypted_password

        put :update, user_id: @user, token: @user.confirmation_token,
          password_reset: { password: @new_password }
        @user.reload
      end

      it 'should update password' do
        @user.encrypted_password.to_s.should_not eq @old_encrypted_password
      end

      it 'should clear confirmation token' do
        @user.confirmation_token.should be_nil
      end

      it 'should set remember token' do
        @user.remember_token.should_not be_nil
      end

      it { should redirect_to_url_after_update }
    end

    describe 'on PUT to #update with blank password' do
      before do
        put :update, user_id: @user.to_param, token: @user.confirmation_token,
          password_reset: { password: '' }
        @user.reload
      end

      it 'should not update password to be blank' do
        @user.encrypted_password.should_not be_blank
      end

      it 'should not clear token' do
        @user.confirmation_token.should_not be_nil
      end

      it 'should not be signed in' do
        cookies[:remember_token].should be_nil
      end

      it { should set_the_flash.to(/password can't be blank/i).now }
      it { should respond_with(:success) }
      it { should render_template(:edit) }
    end

    describe 'on PUT to #update with an empty token after the user sets a password' do
      before do
        put :update, user_id: @user.to_param, token: @user.confirmation_token,
          password_reset: { password: 'good password' }
        put :update, user_id: @user.to_param, token: [nil],
          password_reset: { password: 'new password' }
      end

      it { should set_the_flash.to(/double check the URL/i).now }
      it { should render_template(:new) }
    end
  end

  describe 'given two users and user one signs in' do
    before do
      @user_one = create(:user)
      @user_two = create(:user)
      sign_in_as @user_one
    end
  end
end
Something went wrong with that request. Please try again.