6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
# File 'lib/clearance/test/functional/sessions_controller_test.rb', line 6
def self.included(base)
base.class_eval do
should_filter_params :password
context "on GET to /sessions/new" do
setup { get :new }
should_respond_with :success
should_render_template :new
should_not_set_the_flash
should_have_form :action => "session_path",
:fields => { "session[email]" => :text,
"session[password]" => :password,
"session[remember_me]" => :checkbox }
end
context "Given an unconfirmed user" do
setup do
@user = Factory(:user, :confirmed => false)
end
context "a POST to #create with good credentials" do
setup do
ActionMailer::Base.deliveries.clear
post :create, :session => {
:email => @user.email,
:password => @user.password
}
end
should_deny_access(:flash => /confirm/i)
should "send the confirmation email" do
assert_not_nil email = ActionMailer::Base.deliveries[0]
assert_match /account confirmation/i, email.subject
end
end
end
context "Given a confirmed user" do
setup { @user = Factory(:user, :confirmed => true) }
context "a POST to #create with good credentials" do
setup do
post :create, :session => { :email => @user.email,
:password => @user.password }
end
should_set_the_flash_to /success/i
should_redirect_to '@controller.send(:url_after_create)'
should_return_from_session :user_id, "@user.id"
end
context "a POST to #create with bad credentials" do
setup do
post :create, :session => { :email => @user.email,
:password => "bad value" }
end
should_set_the_flash_to /bad/i
should_render_template :new
should_return_from_session :user_id, "nil"
end
context "a POST to #create with good credentials and remember me" do
setup do
post :create, :session => { :email => @user.email,
:password => @user.password, :remember_me => '1' }
end
should_set_the_flash_to /success/i
should_redirect_to "@controller.send(:url_after_create)"
should_return_from_session :user_id, "@user.id"
should 'set the cookie' do
assert ! cookies['auth_token'].empty?
end
should 'set the remember me token in users table' do
assert_not_nil @user.reload.remember_token
assert_not_nil @user.reload.remember_token_expires_at
end
end
context "a POST to #create with bad credentials and remember me" do
setup do
post :create, :session => { :email => @user.email,
:password => "bad value", :remember_me => '1' }
end
should_set_the_flash_to /bad/i
should_render_template :new
should_return_from_session :user_id, "nil"
should 'not create the cookie' do
assert_nil cookies['auth_token']
end
should 'not set the remember me token in users table' do
assert_nil @user.reload.remember_token
assert_nil @user.reload.remember_token_expires_at
end
end
end
public_context do
context "logging out again" do
setup { delete :destroy }
should_redirect_to '@controller.send(:url_after_destroy)'
end
end
logged_in_user_context do
context "a DELETE to #destroy without a cookie" do
setup { delete :destroy }
should_set_the_flash_to(/logged out/i)
should_redirect_to '@controller.send(:url_after_destroy)'
end
context 'a DELETE to #destroy with a cookie' do
setup do
cookies['auth_token'] = CGI::Cookie.new 'token', 'value'
delete :destroy
end
should 'delete the cookie' do
assert cookies['auth_token'].empty?
end
should 'delete the remember me token in users table' do
assert_nil @user.reload.remember_token
assert_nil @user.reload.remember_token_expires_at
end
end
end
end
end
|