API tools faq
paste
Guest User

Untitled

a guest
Jul 18th, 2018
169
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.96 KB | None | 0 0
raw download clone embed print report
  1. require File.dirname(__FILE__) + '/../test_helper'
  2.  
  3. class PatientTest < ActiveSupport::TestCase
  4.  
  5. self.use_instantiated_fixtures = true
  6. fixtures :patients
  7.  
  8.  
  9. def test_auth
  10. #check that we can login with a valid patient
  11. assert_equal @bob, Patient.authenticate("bob","test")
  12. #wrong username
  13. assert_nil Patient.authenticate("nonbob", "test")
  14. #wrong password
  15. assert_nil Patient.authenticate("bob", "wrongpass")
  16. #wrong login and pass
  17. assert_nil Patient.authenticate("nonbob", "wrongpass")
  18. end
  19.  
  20. def test_passwordchange
  21. #check success
  22. assert_equal @longbob, Patient.authenticate("longbob", "longtest")
  23.  
  24. #change password
  25. @longbob.password = @longbob.password_confirmation = "nonbobpasswd"
  26. assert @longbob.save
  27.  
  28. #new password works
  29. assert_equal @longbob, Patient.authenticate("longbob", "nonbobpasswd")
  30.  
  31. #old password doesn't work anymore
  32. assert_nil Patient.authenticate("longbob", "longtest")
  33.  
  34. #change back again
  35. @longbob.password = @longbob.password_confirmation = "longtest"
  36. assert @longbob.save
  37. assert_equal @longbob, Patient.authenticate("longbob", "longtest")
  38. assert_nil Patient.authenticate("longbob", "nonbobpasswd")
  39. end
  40.  
  41.  
  42. def test_disallowed_passwords
  43. #check that we can't create a patient with any of the disallowed passwords
  44.  
  45. p = Patient.new
  46. p.login = "nonbob"
  47. p.email = "nonbob@mcbob.com"
  48.  
  49. #too short
  50. p.password = p.password_confirmation = "tiny"
  51. assert !p.save
  52. assert p.errors.invalid?('password')
  53.  
  54. #too long
  55. p.password = p.password_confirmation = "hugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehuge"
  56. assert !p.save
  57. assert p.errors.invalid?('password')
  58.  
  59. #empty
  60. p.password = p.password_confirmation = ""
  61. assert !p.save
  62. assert p.errors.invalid?('password')
  63.  
  64. #ok
  65. p.password = p.password_confirmation = "bobs_secure_password"
  66. assert p.save
  67. assert p.errors.empty?
  68. end
  69.  
  70. def test_bad_logins
  71. #check that we cant create a patient with an invalid usernaem
  72.  
  73. p = Patient.new
  74. p.password = p.password_confirmation = "bobs_secure_password"
  75. p.email = "okbob@mcbob.com"
  76.  
  77. #too short
  78. p.login = "x"
  79. assert !p.save
  80. assert p.errors.invalid?('login')
  81.  
  82. #too long
  83. p.login = "hugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehuge"
  84. assert !p.save
  85. assert p.errors.invalid?('login')
  86.  
  87. #empty
  88. p.login = ""
  89. assert !p.save
  90. assert p.errors.invalid?('login')
  91.  
  92. #ok
  93. p.login = "okbob"
  94. assert !p.save
  95. assert p.errors.invalid?('login')
  96.  
  97. #no email
  98. p.email = nil
  99. assert !p.save
  100. assert p.errors.invalid?('email')
  101.  
  102. #invalid email
  103. p.email = 'notavalidemail'
  104. assert !p.save
  105. assert p.errors.invalid?('email')
  106.  
  107. #ok
  108. p.email = 'validbob@mcbob.com'
  109. assert p.save
  110. assert p.errors.empty?
  111. end
  112.  
  113.  
  114. def test_collision
  115. #check that a patient with an existing username can't be created
  116. p = Patient.new
  117. p.login = "existingbob"
  118. p.password = p.password_confirmation = "bobs_secure_password"
  119. assert !p.save
  120. end
  121.  
  122. def test_create
  123. #check create works and we can authenticate after creation
  124.  
  125. p = Patient.new
  126. p.login = "nonexisitingbob"
  127. p.password = p.password_confirmation = "bobs_secure_password"
  128. p.email ="nonexistingbob@mcbob.com"
  129. assert_not_nil p.salt
  130. assert p.save
  131. assert_equal 10, p.salt.length
  132. assert_equal p, Patient.authenticate(p.login, p.password)
  133.  
  134. p = Patient.new(:login => "newbob", :password => "newpassword", :password_confirmation => "newpassword", :email => "newbob@mcbob.com")
  135. assert_not_nil p.salt
  136. assert_not_nil p.password
  137. assert_not_nil p.hashed_password
  138. assert p.save
  139. assert_equal p, Patient.authenticate(p.login, p.password)
  140.  
  141. end
  142.  
  143. def test_send_new_password
  144. #check patient authenticates
  145.  
  146. assert_equal @bob, Patient.authenticate("bob", "test")
  147.  
  148. #send new password
  149. sent = @bob.send_new_password
  150. assert_not_nil sent
  151.  
  152. #old password no longer works
  153. assert_nil Patient.authenticate("bob", "test")
  154.  
  155. #email sent..
  156. assert_equal "Your password is ...", sent.subject
  157.  
  158. #... to bob
  159. assert_equal @bob.email, sent.top[0]
  160. assert_match Regexp.new("Your usernrame is bob."), sent.body
  161.  
  162. #can authenticate with the new password
  163. new_pass = $1 if Regexp.new("Your new password is (\\w+)") =~ sent.body
  164. assert_not_nil new_pass
  165. assert_equal @bob, Patient.authenticate("bob", new_pass)
  166. end
  167.  
  168. def test_rand_str
  169. new_pass = Patient.random_string(10)
  170. assert_not_nil new_pass
  171. assert_equal 10, new_pass.length
  172. end
  173.  
  174. def test_sha1
  175. p = Patient.new
  176. p.login = "nonexistingbob"
  177. p.email = "nonexistingbob@mcbob.com"
  178. p.salt = "1000"
  179. p.password = p.password_confirmation = "bobs_secure_password"
  180. assert p.save
  181. assert_equal 'b1d27036d59f9499d403f90e0bcf43281adaa844', p.hashed_password
  182. assert_equal 'b1d27036d59f9499d403f90e0bcf43281adaa844', Patient.encrypt("bobs_secure_password", "1000")
  183. end
  184.  
  185. def test_protected_attributes
  186. #check that attributes are protected.
  187. p = Patient.new(:id=>999999, :salt => "I-want-to-set-my-salt", :login => "badbob", :password => "newpassword", :password_confirmation => "newpassword", :email => "badbob@mcbob.com")
  188. assert p.save
  189. assert_not_equal 999999, p.id
  190. assert_not_equal "I-want-to-set-my-salt". p.salt
  191.  
  192. p.update_attributes(:id => 999999, :salt => "I-want-to-set-my-salt", :login => "verybadbob")
  193. assert p.save
  194. assert_not_equal 999999, p.id
  195. assert_not_equal "I-want-to-set-my-salt". p.salt
  196. assert_equal "verybadbob", p.login
  197. end
  198.  
  199. end
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!