# -*- coding: utf-8 -*-require File.dirname(__FILE__) + '/../spec_helper'#

1. # -*- coding: utf-8 -*-
2. require File.dirname(__FILE__) + '/../spec_helper'
3.  
4. # Be sure to include AuthenticatedTestHelper in spec/spec_helper.rb instead.
5. # Then, you can remove it from this and the functional test.
6. include AuthenticatedTestHelper
7.  
8. describe User do
9. fixtures :users
10.  
11. describe 'being created' do
12. before do
13. @user = nil
14. @creating_user = lambda do
15. @user = create_user
16. violated "#{@user.errors.full_messages.to_sentence}" if @user.new_record?
17. end
18. end
19.  
20. it 'increments User#count' do
21. @creating_user.should change(User, :count).by(1)
22. end
23. end
24.  
25. #
26. # Validations
27. #
28.  
29.  
30.  
31. it 'requires login' do
32. lambda do
33. u = create_user(:login => nil)
34. u.errors.on(:login).should_not be_nil
35. end.should_not change(User, :count)
36. end
37.  
38. describe 'allows legitimate logins:' do
39. ['123', '1234567890_234567890_234567890_234567890',
40. 'hello.-_there@funnychar.com'].each do |login_str|
41. it "'#{login_str}'" do
42. lambda do
43. u = create_user(:login => login_str)
44. u.errors.on(:login).should be_nil
45. end.should change(User, :count).by(1)
46. end
47. end
48. end
49. describe 'disallows illegitimate logins:' do
50. ['12', '1234567890_234567890_234567890_234567890_', "tab\t", "newline\n",
51. "Iñtërnâtiônàlizætiøn hasn't happened to ruby 1.8 yet",
52. 'semicolon;', 'quote"', 'tick\'', 'backtick`', 'percent%', 'plus+', 'space '].each do |login_str|
53. it "'#{login_str}'" do
54. lambda do
55. u = create_user(:login => login_str)
56. u.errors.on(:login).should_not be_nil
57. end.should_not change(User, :count)
58. end
59. end
60. end
61.  
62. it 'requires password' do
63. lambda do
64. u = create_user(:password => nil)
65. u.errors.on(:password).should_not be_nil
66. end.should_not change(User, :count)
67. end
68.  
69. it 'requires password confirmation' do
70. lambda do
71. u = create_user(:password_confirmation => nil)
72. u.errors.on(:password_confirmation).should_not be_nil
73. end.should_not change(User, :count)
74. end
75.  
76. it 'requires email' do
77. lambda do
78. u = create_user(:email => nil)
79. u.errors.on(:email).should_not be_nil
80. end.should_not change(User, :count)
81. end
82.  
83. describe 'allows legitimate emails:' do
84. ['foo@bar.com', 'foo@newskool-tld.museum', 'foo@twoletter-tld.de', 'foo@nonexistant-tld.qq',
85. 'r@a.wk', '1234567890-234567890-234567890-234567890-234567890-234567890-234567890-234567890-234567890@gmail.com',
86. 'hello.-_there@funnychar.com', 'uucp%addr@gmail.com', 'hello+routing-str@gmail.com',
87. 'domain@can.haz.many.sub.doma.in', 'student.name@university.edu'
88. ].each do |email_str|
89. it "'#{email_str}'" do
90. lambda do
91. u = create_user(:email => email_str)
92. u.errors.on(:email).should be_nil
93. end.should change(User, :count).by(1)
94. end
95. end
96. end
97. describe 'disallows illegitimate emails' do
98. ['!!@nobadchars.com', 'foo@no-rep-dots..com', 'foo@badtld.xxx', 'foo@toolongtld.abcdefg',
99. 'Iñtërnâtiônàlizætiøn@hasnt.happened.to.email', 'need.domain.and.tld@de', "tab\t", "newline\n",
100. 'r@.wk', '1234567890-234567890-234567890-234567890-234567890-234567890-234567890-234567890-234567890@gmail2.com',
101. # these are technically allowed but not seen in practice:
102. 'uucp!addr@gmail.com', 'semicolon;@gmail.com', 'quote"@gmail.com', 'tick\'@gmail.com', 'backtick`@gmail.com', 'space @gmail.com', 'bracket<@gmail.com', 'bracket>@gmail.com'
103. ].each do |email_str|
104. it "'#{email_str}'" do
105. lambda do
106. u = create_user(:email => email_str)
107. u.errors.on(:email).should_not be_nil
108. end.should_not change(User, :count)
109. end
110. end
111. end
112.  
113. describe 'allows legitimate names:' do
114. ['Andre The Giant (7\'4", 520 lb.) -- has a posse',
115. '', '1234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890',
116. ].each do |name_str|
117. it "'#{name_str}'" do
118. lambda do
119. u = create_user(:name => name_str)
120. u.errors.on(:name).should be_nil
121. end.should change(User, :count).by(1)
122. end
123. end
124. end
125. describe "disallows illegitimate names" do
126. ["tab\t", "newline\n",
127. '1234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_234567890_',
128. ].each do |name_str|
129. it "'#{name_str}'" do
130. lambda do
131. u = create_user(:name => name_str)
132. u.errors.on(:name).should_not be_nil
133. end.should_not change(User, :count)
134. end
135. end
136. end
137.  
138. it 'resets password' do
139. users(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
140. User.authenticate('quentin', 'new password').should == users(:quentin)
141. end
142.  
143. it 'does not rehash password' do
144. users(:quentin).update_attributes(:login => 'quentin2')
145. User.authenticate('quentin2', 'monkey').should == users(:quentin)
146. end
147.  
148. #
149. # Authentication
150. #
151.  
152. it 'authenticates user' do
153. User.authenticate('quentin', 'monkey').should == users(:quentin)
154. end
155.  
156. it "doesn't authenticate user with bad password" do
157. User.authenticate('quentin', 'invalid_password').should be_nil
158. end
159.  
160. if REST_AUTH_SITE_KEY.blank?
161. # old-school passwords
162. it "authenticates a user against a hard-coded old-style password" do
163. User.authenticate('old_password_holder', 'test').should == users(:old_password_holder)
164. end
165. else
166. it "doesn't authenticate a user against a hard-coded old-style password" do
167. User.authenticate('old_password_holder', 'test').should be_nil
168. end
169.  
170. # New installs should bump this up and set REST_AUTH_DIGEST_STRETCHES to give a 10ms encrypt time or so
171. desired_encryption_expensiveness_ms = 0.1
172. it "takes longer than #{desired_encryption_expensiveness_ms}ms to encrypt a password" do
173. test_reps = 100
174. start_time = Time.now; test_reps.times{ User.authenticate('quentin', 'monkey'+rand.to_s) }; end_time = Time.now
175. auth_time_ms = 1000 * (end_time - start_time)/test_reps
176. auth_time_ms.should > desired_encryption_expensiveness_ms
177. end
178. end
179.  
180. #
181. # Authentication
182. #
183.  
184. it 'sets remember token' do
185. users(:quentin).remember_me
186. users(:quentin).remember_token.should_not be_nil
187. users(:quentin).remember_token_expires_at.should_not be_nil
188. end
189.  
190. it 'unsets remember token' do
191. users(:quentin).remember_me
192. users(:quentin).remember_token.should_not be_nil
193. users(:quentin).forget_me
194. users(:quentin).remember_token.should be_nil
195. end
196.  
197. it 'remembers me for one week' do
198. before = 1.week.from_now.utc
199. users(:quentin).remember_me_for 1.week
200. after = 1.week.from_now.utc
201. users(:quentin).remember_token.should_not be_nil
202. users(:quentin).remember_token_expires_at.should_not be_nil
203. users(:quentin).remember_token_expires_at.between?(before, after).should be_true
204. end
205.  
206. it 'remembers me until one week' do
207. time = 1.week.from_now.utc
208. users(:quentin).remember_me_until time
209. users(:quentin).remember_token.should_not be_nil
210. users(:quentin).remember_token_expires_at.should_not be_nil
211. users(:quentin).remember_token_expires_at.should == time
212. end
213.  
214. it 'remembers me default two weeks' do
215. before = 2.weeks.from_now.utc
216. users(:quentin).remember_me
217. after = 2.weeks.from_now.utc
218. users(:quentin).remember_token.should_not be_nil
219. users(:quentin).remember_token_expires_at.should_not be_nil
220. users(:quentin).remember_token_expires_at.between?(before, after).should be_true
221. end
222.  
223. it { should validates_presence_of(:login) }
224.  
225. protected
226. def create_user(options = {})
227. record = User.new({ :login => 'quire', :email => 'quire@example.com', :password => 'quire69', :password_confirmation => 'quire69' }.merge(options))
228. record.save
229. record
230. end
231. end