test/models/authenticatable_test.rb in devise-0.9.2 vs test/models/authenticatable_test.rb in devise-1.0.0

@@ -117,42 +117,64 @@
     assert_nil authenticated_user
   end
 
   test 'should use authentication keys to retrieve users' do
     swap Devise, :authentication_keys => [:username] do
-      user = create_user(:username => "josevalim")
+      user = create_user
       assert_nil User.authenticate(:email => user.email, :password => user.password)
       assert_not_nil User.authenticate(:username => user.username, :password => user.password)
     end
   end
 
   test 'should allow overwriting find for authentication conditions' do
     admin = Admin.create!(valid_attributes)
     assert_not_nil Admin.authenticate(:email => admin.email, :password => admin.password)
   end
 
-  test 'should respond to old password' do
-    assert new_user.respond_to?(:old_password)
+  test 'should respond to current password' do
+    assert new_user.respond_to?(:current_password)
   end
 
-  test 'should update password with valid old password' do
+  test 'should update password with valid current password' do
     user = create_user
-    assert user.update_with_password(:old_password => '123456',
+    assert user.update_with_password(:current_password => '123456',
       :password => 'pass321', :password_confirmation => 'pass321')
     assert user.reload.valid_password?('pass321')
   end
 
-  test 'should add an error to old password when it is invalid' do
+  test 'should add an error to current password when it is invalid' do
     user = create_user
-    assert_not user.update_with_password(:old_password => 'other',
+    assert_not user.update_with_password(:current_password => 'other',
       :password => 'pass321', :password_confirmation => 'pass321')
     assert user.reload.valid_password?('123456')
-    assert_match /invalid/, user.errors[:old_password]
+    assert_match /invalid/, user.errors[:current_password]
   end
 
+  test 'should add an error to current password when it is blank' do
+    user = create_user
+    assert_not user.update_with_password(:password => 'pass321',
+      :password_confirmation => 'pass321')
+    assert user.reload.valid_password?('123456')
+    assert_match /blank/, user.errors[:current_password]
+  end
+
+  test 'should ignore password and its confirmation if they are blank' do
+    user = create_user
+    assert user.update_with_password(:current_password => '123456', :email => "new@email.com")
+    assert_equal "new@email.com", user.email
+  end
+
   test 'should not update password with invalid confirmation' do
     user = create_user
-    assert_not user.update_with_password(:old_password => '123456',
+    assert_not user.update_with_password(:current_password => '123456',
       :password => 'pass321', :password_confirmation => 'other')
     assert user.reload.valid_password?('123456')
+  end
+
+  test 'should clean up password fields on failure' do
+    user = create_user
+    assert_not user.update_with_password(:current_password => '123456',
+      :password => 'pass321', :password_confirmation => 'other')
+    assert user.password.blank?
+    assert user.password_confirmation.blank?
   end
 end