require File.dirname(__FILE__) + '/../test_helper' require_dependency 'account_controller' require 'breakpoint' # ADD to fix advance_by_days= problem require File.dirname(__FILE__) + '/../mocks/test/time' # Raise errors beyond the default web-based presentation class AccountController; def rescue_action(e) raise e end; end class AccountControllerTest < Test::Unit::TestCase fixtures :people, LoginEngine.config(:user_table).to_sym, :subscribers #fixtures :people, :users def setup LoginEngine::CONFIG[:salt] = "test-salt" @controller = AccountController.new @request, @response = ActionController::TestRequest.new, ActionController::TestResponse.new @request.host = "localhost" end """ _ _ _ __ ___ ___ _ _ __| | ___ ___ _ __ | |_ _ | '_ \/ __|/ _ \ | | |/ _` |/ _ \ / _ \| '_ \| | | | | | |_) \__ \ __/ |_| | (_| | (_) | | (_) | | | | | |_| | | .__/|___/\___|\__,_|\__,_|\___/ \___/|_| |_|_|\__, | |_| |___/ """ def test_signup post :login, :person => { :name => "my_bob", :email => "" }, :user => { :password => "" } assert_not_nil session[:person] assert_nil session[:user] end def test_login_logoff_no_password post :login, :person => { :name => "bob_other", :email => "" }, :user => { :password => "" } assert_equal people(:bob_other), @request.session[:person] assert_nil session[:user] get :logout assert_nil session[:person] end def test_bad_pseudo post :login, :person => { :name => "yo", :email => "" }, :user => { :password => "" } assert_invalid_column_on_record "person", :name assert_success assert_nil session[:person] end """ _ _ __ __ _ ___ _____ _____ _ __ __| | | '_ \ / _` / __/ __\ \ /\ / / _ \| '__/ _` | | |_) | (_| \__ \__ \\ V V / (_) | | | (_| | | .__/ \__,_|___/___/ \_/\_/ \___/|_| \__,_| |_| """ def test_password_protect post :login, :person => { :name => "bob_another", :email => "" }, :user => { :password => "atest" } assert_not_nil session[:person] assert_not_nil session[:user] end def test_auth_bob post :login, :person => { :name => "bob", :email => "" }, :user => { :password => "atest" } assert_equal people(:bob), @response.session[:person] assert_not_nil session[:person] assert_not_nil session[:user] end def test_bad_password post :login, :person => { :name => "newbob", :email => "" }, :user => { :password => "newpassword", :password_confirmation => "wrong" } #assert_invalid_column_on_record "user", :password assert_success end def test_login_logoff_password post :login, :person => { :name => "my_bob", :email => "" }, :user => { :password => "my_bob" } assert_not_nil session[:person] get :logout assert_nil session[:user] end def test_invalid_password post :login, :person => { :name => "my_bob", :email => "" }, :user => { :password => "my_bob" } assert_not_nil session[:person] assert_not_nil session[:user] get :logout post :login, :person => { :name => "my_bob", :email => "" }, :user => { :password => "my_bo" } assert_nil session[:person] assert_nil session[:user] #assert_template_has "login" end """ _ _ ___ _ __ ___ __ _(_) | / _ \ '_ ` _ \ / _` | | | | __/ | | | | | (_| | | | \___|_| |_| |_|\__,_|_|_| """ def test_password_and_email_protect post :login, :person => { :name => "my_bob", :email => "manu@noos.fr" }, :user => { :password => "my_bob" } assert_not_nil session[:person] assert_not_nil session[:user] assert_equal "my_bob", @request.session[:person].name assert_equal "manu@noos.fr", @request.session[:user].email assert_not_equal @request.session[:person].email, @request.session[:user].email assert_not_nil @request.session[:user].security_token end def invalid_email post :login, :person => { :name => "bob", :email => "" }, :user => { :password => "not_correct" } assert_nil session[:person] assert_nil session[:user] assert_template_has "login" end def test_email_protect LoginEngine::CONFIG[:use_email_notification] = true ActionMailer::Base.deliveries = [] #@request.session['return-to'] = "/bogus/location" assert_equal 5, User.count post :login, :person => { :name => "newbob", :email => "newbob@test.com" }, :user => { :password => "newpassword" } assert_not_nil session[:person] assert_not_nil session[:user] assert_equal 6, User.count assert_equal 1, ActionMailer::Base.deliveries.size mail = ActionMailer::Base.deliveries[0] assert_equal "newbob@test.com", mail.to_addrs[0].to_s assert_match /login:\s+\w+\n/, mail.encoded assert_match /password:\s+\w+\n/, mail.encoded mail.encoded =~ /key=(.*?)"/ key = $1 user = User.find_by_email("newbob@test.com") person = Person.find_by_name(user.login) assert_not_nil user assert_not_nil person assert_equal 1, user.verified assert_not_equal user.email, person.email # First past the expiration. Time.advance_by_days = 1 get :check_key, :user=> { :id => "#{user.id}" }, :key => "#{key}" Time.advance_by_days = 0 user = User.find_by_email("newbob@test.com") person = Person.find_by_name(user.login) assert_not_equal user.email, person.email # Then a bogus key. get :check_key, :user=> { :id => "#{user.id}" }, :key => "boguskey" user = User.find_by_email("newbob@test.com") person = Person.find_by_name(user.login) if user != nil assert_not_equal user.email, person.email # Now the real one. get :check_key, :user=> { :id => "#{user.id}" }, :key => "#{key}" user = User.find_by_email("newbob@test.com") person = Person.find_by_name(user.login) assert_equal user.email, person.email post :login, :person => { :name => "newbob", :email => "" }, :user => { :password => "newpassword" } assert_not_nil session[:person] assert_not_nil session[:user] get :logout end def test_forgotten_password LoginEngine::CONFIG[:use_email_notification] = true ActionMailer::Base.deliveries = [] post :login, :person => { :name => "bob", :email => "bob@test.com" }, :user => { :password => "" } assert_nil session[:person] assert_nil session[:user] assert_equal 1, ActionMailer::Base.deliveries.size mail = ActionMailer::Base.deliveries[0] assert_equal "bob@test.com", mail.to_addrs[0].to_s mail.encoded =~ /key=(.*?)"/ key = $1 # First past the expiration. Time.advance_by_days = 1 post :login, :person => { :name => "bob", :email => key }, :user => { :password => "newpassword" } assert_nil session[:person] assert_nil session[:user] Time.advance_by_days = 0 # Then a bogus key. post :login, :person => { :name => "bob", :email => "boguskey" }, :user => { :password => "newpassword" } assert_nil session[:person] assert_nil session[:user] # Now the real one. post :login, :person => { :name => "bob", :email => key }, :user => { :password => "newpassword" } assert_not_nil session[:person] assert_not_nil session[:user] get :logout post :login, :person => { :name => "bob", :email => "" }, :user => { :password => "password" } assert_nil session[:person] assert_nil session[:user] post :login, :person => { :name => "bob", :email => "" }, :user => { :password => "newpassword" } assert_not_nil session[:person] assert_not_nil session[:user] get :logout end end