6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
|
# File 'lib/clearance/test/functional/sessions_controller_test.rb', line 6
def self.included(controller_test)
controller_test.class_eval do
should_filter_params :password
context "on GET to /sessions/new" do
setup { get :new }
should_respond_with :success
should_render_template :new
should_not_set_the_flash
should_display_a_sign_in_form
end
context "Given a registered user" do
setup { @user = Factory(:registered_user) }
context "a POST to #create with good credentials" do
setup do
ActionMailer::Base.deliveries.clear
post :create, :session => {
:email => @user.email,
:password => @user.password }
end
should_deny_access(:flash => /confirm/i)
end
end
context "Given an email confirmed user" do
setup do
@user = Factory(:registered_user)
@user.confirm_email!
end
context "a POST to #create with good credentials" do
setup do
post :create, :session => {
:email => @user.email,
:password => @user.password }
end
should_set_the_flash_to /success/i
should_redirect_to_url_after_create
should_be_signed_in_as { @user }
end
context "a POST to #create with bad credentials" do
setup do
post :create, :session => {
:email => @user.email,
:password => "bad value" }
end
should_set_the_flash_to /bad/i
should_render_template :new
should_not_be_signed_in
end
context "a POST to #create with good credentials and remember me" do
setup do
post :create, :session => {
:email => @user.email,
:password => @user.password,
:remember_me => '1' }
end
should_set_the_flash_to /success/i
should_redirect_to_url_after_create
should_be_signed_in_as { @user }
should 'set the cookie' do
assert ! cookies['remember_token'].empty?
end
should 'set the token in users table' do
assert_not_nil @user.reload.token
assert_not_nil @user.reload.token_expires_at
end
end
context "a POST to #create with bad credentials and remember me" do
setup do
post :create, :session => {
:email => @user.email,
:password => "bad value",
:remember_me => '1' }
end
should_set_the_flash_to /bad/i
should_render_template :new
should_return_from_session :user_id, "nil"
should 'not create the cookie' do
assert_nil cookies['remember_token']
end
should 'not set the remember me token in users table' do
assert_nil @user.reload.token
assert_nil @user.reload.token_expires_at
end
end
context "a POST to #create with good credentials and A URL to return back" do
context "in the session" do
setup do
@request.session[:return_to] = '/url_in_the_session'
post :create, :session => {
:email => @user.email,
:password => @user.password }
end
should_redirect_to "'/url_in_the_session'"
end
context "in the request" do
setup do
post :create, :session => {
:email => @user.email,
:password => @user.password },
:return_to => '/url_in_the_request'
end
should_redirect_to "'/url_in_the_request'"
end
context "in the request and in the session" do
setup do
@request.session[:return_to] = '/url_in_the_session'
post :create, :session => {
:email => @user.email,
:password => @user.password },
:return_to => '/url_in_the_request'
end
should_redirect_to "'/url_in_the_session'"
end
end
end
public_context do
context "logging out again" do
setup { delete :destroy }
should_redirect_to_url_after_destroy
end
end
signed_in_user_context do
context "a DELETE to #destroy without a cookie" do
setup { delete :destroy }
should_set_the_flash_to(/signed out/i)
should_redirect_to_url_after_destroy
end
context 'a DELETE to #destroy with a cookie' do
setup do
cookies['remember_token'] = CGI::Cookie.new('token', 'value')
delete :destroy
end
should 'delete the cookie' do
assert cookies['remember_token'].empty?
end
should 'delete the remember me token in users table' do
assert_nil @user.reload.token
assert_nil @user.reload.token_expires_at
end
end
end
end
end
|