jam-cloud/ruby/spec/jam_ruby/models/user_spec.rb

require 'spec_helper'

RESET_PASSWORD_URL = "/reset_token"

describe User do

  before do
    @user = User.new(first_name: "Example", last_name: "User", email: "user@example.com",
                     password: "foobar", password_confirmation: "foobar", city: "Apex", state: "NC", country: "US", terms_of_service: true, musician: true)
    @user.musician_instruments << FactoryGirl.build(:musician_instrument, user: @user)
  end

  subject { @user }

  it { should respond_to(:first_name) }
  it { should respond_to(:last_name) }
  it { should respond_to(:email) }
  it { should respond_to(:password) }
  it { should respond_to(:password_confirmation) }
  it { should respond_to(:remember_token) }
  it { should respond_to(:admin) }
  it { should respond_to(:valid_password?) }
  it { should respond_to(:can_invite) }

  it { should be_valid }
  it { should_not be_admin }

  describe "accessible attributes" do
    it "should not allow access to admin" do
      userish = User.new(admin: true)
      userish.admin.should == false # the .new style above will be ignored
      userish.admin = true # but deliberate property setting will work
      userish.admin.should == true
    end
  end

  describe "with admin attribute set to 'true'" do
    before do
      @user.save!
      @user.toggle!(:admin)
    end

    it { should be_admin }
  end
  

  describe "when first name is not present" do
    before { @user.first_name = " " }
    it { should_not be_valid }
  end

  describe "when last name is not present" do
    before { @user.last_name = " " }
    it { should_not be_valid }
  end

  describe "when email is not present" do
    before { @user.email = " " }
    it { should_not be_valid }
  end

  describe "when first name is too long" do
    before { @user.first_name = "a" * 51 }
    it { should_not be_valid }
  end

  describe "when last name is too long" do
    before { @user.last_name = "a" * 51 }
    it { should_not be_valid }
  end

  describe "first or last name cant have profanity" do
    it "should not let the first name have profanity" do
      @user.first_name = "fuck you"
      @user.save
      @user.should_not be_valid
    end
    
    it "should not let the last name have profanity" do
      @user.last_name = "fuck you"
      @user.save
      @user.should_not be_valid
    end
  end

  describe "when email format is invalid" do
    it "should be invalid" do
      addresses = %w[user@foo,com user_at_foo.org example.user@foo.]
      addresses.each do |invalid_address|
        @user.email = invalid_address
        @user.should_not be_valid
      end
    end
  end

  describe "when email format is valid" do
    it "should be valid" do
      addresses = %w[user@foo.COM A_US-ER@f.b.org frst.lst@foo.jp a+b@baz.cn]
      addresses.each do |valid_address|
        @user.email = valid_address
        @user.should be_valid
      end
    end
  end

  describe "when email address is already taken" do
    before do
      user_with_same_email = @user.dup
      user_with_same_email.email = @user.email.upcase
      user_with_same_email.save
    end

    it { should_not be_valid }
  end

  describe "email address with mixed case" do
    let(:mixed_case_email) { "Foo@ExAMPle.CoM" }


    it "should be saved as all lower-case" do
      pending
      @user.email = mixed_case_email
      @user.save!
      @user.reload.email.should == mixed_case_email.downcase
    end
  end

  describe "when password is not present" do
    before { @user.password = @user.password_confirmation = " " }
    it { should_not be_valid }
  end

  describe "when password doesn't match confirmation" do
    before { @user.password_confirmation = "mismatch" }
    it { should_not be_valid }
  end

  describe "when password confirmation is nil" do
    before { @user.password_confirmation = nil }
    it { should_not be_valid }
  end

  describe "with a password that's too short" do
    before { @user.password = @user.password_confirmation = "a" * 5 }
    it { should be_invalid }
  end


  describe "set_password" do
    before do
      @user.confirm_email!
      @user.save.should be_true
      UserMailer.deliveries.clear
    end

    it "setting a new password should work" do
      @user.set_password("foobar", "newpassword", "newpassword")
      User.authenticate(@user.email, "newpassword").should_not be_nil
      UserMailer.deliveries.length.should == 1
    end
    
    it "setting a new password should fail if old one doesnt match" do
      @user.set_password("wrongold", "newpassword", "newpassword")
      @user.errors.any?.should be_true
      @user.errors[:current_password].length.should == 1
      UserMailer.deliveries.length.should == 0
    end

    it "setting a new password should fail if new ones dont match" do
      @user.set_password("foobar", "newpassword", "newpassword2")
      @user.errors.any?.should be_true
      @user.errors[:password].length.should == 1
      UserMailer.deliveries.length.should == 0
    end
    
    it "setting a new password should fail if new one doesnt validate" do
      @user.set_password("foobar", "a", "a")
      @user.errors.any?.should be_true
      @user.errors[:password].length.should == 1
      UserMailer.deliveries.length.should == 0
    end

    it "setting a new password should fail if the new one is null" do
      @user.set_password("foobar", nil, nil)
      @user.errors.any?.should be_true
      @user.errors[:password].length.should == 1
      UserMailer.deliveries.length.should == 0
    end
    
  end
  
  describe "reset_password" do
    before do
      @user.confirm_email!
      @user.save
    end
    
    it "fails if the provided email address is unrecognized" do
      expect { User.reset_password("invalidemail@invalid.com", RESET_PASSWORD_URL) }.to raise_error(JamRuby::JamArgumentError)
    end

    it "assigns a reset_token and reset_token_created on reset" do
      User.reset_password(@user.email, RESET_PASSWORD_URL)
      @user.reload
      @user.reset_password_token.should_not be_nil
      @user.reset_password_token_created.should_not be_nil
      @user.reset_password_token_created.should <= Time.now
      @user.reset_password_token_created.should >= Time.now - 1.minute
    end

    it "errors if the wrong token comes in" do
      User.reset_password(@user.email, RESET_PASSWORD_URL)
      @user.reload
      expect { User.set_password_from_token(@user.email, "wrongtoken", "newpassword", "newpassword") }.to raise_error
    end

    it "changes the password if the token is right" do
      User.reset_password(@user.email, RESET_PASSWORD_URL)
      @user.reload
      User.set_password_from_token(@user.email, @user.reset_password_token, "newpassword", "newpassword")
      User.authenticate(@user.email, "newpassword").should_not be_nil
      @user.reload
    end
  end

  describe "return value of authenticate method" do
    before { @user.save }
    let(:found_user) { User.find_by_email(@user.email) }

    describe "with valid password" do
      it { found_user.valid_password?(@user.password).should be_true }
    end

    describe "with invalid password" do
      let(:user_for_invalid_password) { found_user.valid_password?("invalid") }

      it { should_not == user_for_invalid_password }
      specify { user_for_invalid_password.should be_false }
    end
  end

  describe "remember token" do
    before { @user.save }
    its(:remember_token) { should_not be_blank }
  end

  describe "user progression only touches once" do
    it "allows first touch" do
      @user.update_progression_field (:first_downloaded_client_at)
      @user.errors.any?.should be_false
      @user.first_downloaded_client_at.should_not be_nil
    end

    it "ignores second touch" do
      time = DateTime.now - 1
      @user.update_progression_field(:first_downloaded_client_at, time)
      first_value = @user.first_downloaded_client_at
      @user.update_progression_field(:first_downloaded_client_at)
      @user.errors.any?.should be_false
      @user.first_downloaded_client_at.should == first_value
    end
  end

  describe "authenticate (class-instance)" do
    before { @user.email_confirmed=true; @user.save }
    
    describe "with valid password" do
      it { should == User.authenticate(@user.email, @user.password) }
    end

    describe "with invalid password" do
      it { User.authenticate(@user.email, "invalid").should be_nil }
    end

    describe "with invalid email" do
      it { User.authenticate("junk", "invalid").should be_nil }
    end

    describe "with nil args" do
      it { User.authenticate(nil, nil).should be_nil }
    end

    describe "with empty args" do
      it { User.authenticate("", "").should be_nil }
    end
  end

  describe "create_dev_user" do
    before { @dev_user = User.create_dev_user("Seth", "Call", "seth@jamkazam.com", "Jam123", "Austin", "Texas", "US", nil, nil)  }

    subject { @dev_user }

    describe "creates a valid record" do
      it { should be_valid }
    end

    describe "should not be a new record" do
      it { should be_persisted }
    end
    
    describe "updates record" do
      before { @dev_user = User.create_dev_user("Seth", "Call2", "seth@jamkazam.com", "Jam123", "Austin", "Texas", "US", nil, nil) }

      it { should be_valid }

      its(:last_name) { should == "Call2" }

    end
  end

  describe "update email" do

    before do
      UserMailer.deliveries.clear
    end

    describe "begin email update" do
      describe "success" do
        before do
          @user.begin_update_email("somenewemail@blah.com", "foobar", "http://www.jamkazam.com/confirm_email_update?token=")
        end

        # useful to see contents of email without actually running the app and sending it
        it { @user.errors.any?.should be_false }
        it { @user.update_email.should == "somenewemail@blah.com" }
        it { @user.update_email_confirmation_url.should == "http://www.jamkazam.com/confirm_email_update?token=#{@user.update_email_token}" }
        it { UserMailer.deliveries.length.should == 1 }

      end

      it "no email on error" do
        @user.begin_update_email("somenewemail@blah.com", "wrong password", "http://www.jamkazam.com/confirm_email_update?token=")

        UserMailer.deliveries.length.should == 0
      end

      it "bad password validation" do
        @user.begin_update_email("somenewemail@blah.com", "wrong password", "http://www.jamkazam.com/confirm_email_update?token=")

        @user.errors[:current_password][0].should == ValidationMessages::NOT_YOUR_PASSWORD
      end

      it "matches current email" do
        @user.begin_update_email(@user.email, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")

        @user.errors[:update_email][0].should == ValidationMessages::EMAIL_MATCHES_CURRENT
      end

      it "existing email of another user" do
        another_user = FactoryGirl.create(:user)
        @user.begin_update_email(another_user.email, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")

        @user.errors[:update_email][0].should == ValidationMessages::EMAIL_ALREADY_TAKEN
      end

      it "bogus email" do
        @user.begin_update_email("not_an_email", "foobar", "http://www.jamkazam.com/confirm_email_update?token=")

        @user.errors[:update_email][0].should == "is invalid"
      end

      it "empty email" do
        @user.begin_update_email(nil, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")

        @user.errors[:update_email][0].should == "can't be blank"
      end
    end

    describe "finalize email update" do
      before do
        @user.begin_update_email("somenewemail@blah.com", "foobar", "http://www.jamkazam.com/confirm_email_update?token=")
        UserMailer.deliveries.clear
      end

      describe "success" do

        before do
          @finalized = User.finalize_update_email(@user.update_email_token)
        end

        it { @finalized.should == @user }
        it { @finalized.email.should == "somenewemail@blah.com" }
        it { UserMailer.deliveries.length.should == 1 }
      end

      it "no email on unsuccessful finalize" do
        expect { User.finalize_update_email("wrong_token") }.to raise_error(ActiveRecord::RecordNotFound)
        UserMailer.deliveries.length.should == 0
      end

      it "bad token" do
        expect { User.finalize_update_email("wrong_token") }.to raise_error(ActiveRecord::RecordNotFound)
      end

      it "empty token" do
        expect { User.finalize_update_email(nil) }.to raise_error(ActiveRecord::RecordNotFound)
      end
    end
  end

  describe "user_authorizations" do

    it "can create" do
      @user.user_authorizations.build  provider: 'facebook',
                                       uid: '1',
                                       token: '1',
                                       token_expiration: Time.now,
                                       user: @user
      @user.save!
    end

    it "fails on duplicate" do
      @user.user_authorizations.build  provider: 'facebook',
                                       uid: '1',
                                       token: '1',
                                       token_expiration: Time.now,
                                       user: @user
      @user.save!

      @user2 = FactoryGirl.create(:user)
      @user2.user_authorizations.build  provider: 'facebook',
                                       uid: '1',
                                       token: '1',
                                       token_expiration: Time.now,
                                       user: @user2
      @user2.save.should be_false
      @user2.errors[:user_authorizations].should == ['is invalid']
    end


  end
=begin
  describe "update avatar" do

    describe "success" do

      let(:s3_path) { "/public/avatars/#{@user.id}/avatar.jpg" }
      let(:original) { { "url" => "http://filepicker.io/blah", "key" => "/public/avatars/#{@user.id}/originals/avatar.jpg" } }
      let(:clipped) { { "url" => "http://filepicker.io/blah", "key" =>  s3_path } }

      before(:each) do
        @user.update_avatar(original, clipped, "jamkazam")
      end

      it { @user.errors.any?.should be_false }
      it { @user.original_fpfile.class == String }
      it { @user.cropped_fpfile.class == String }
      it { @user.photo_url = S3Util.url("jamkazam", s3_path, :secure => false ) }
    end

    describe "bad fpfiles" do
      let(:s3_path) { "/public/avatars/#{@user.id}/avatar.jpg" }
      let(:original) { { "url" => "http://filepicker.io/blah"  } } # take out 'key', which is required by model
      let(:clipped) { { "url" => "http://filepicker.io/blah", } } # take out 'key', which is required by model

      before(:each) do
        @user.update_avatar(original, clipped, "jamkazam")
      end

      it { @user.errors.any?.should be_true }
      it { @user.errors[:original_fpfile][0].should == ValidationMessages::INVALID_FPFILE }
      it { @user.errors[:cropped_fpfile][0].should == ValidationMessages::INVALID_FPFILE }
    end

  end
=end

end
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`require 'spec_helper'`

* VRFS-300 and VRFS-386 done-all emails are styled using a common template 2013-06-24 21:31:40 +00:00			`RESET_PASSWORD_URL = "/reset_token"`

* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`describe User do`

			`before do`
VRFS-89, VRFS-90 remove name from user model 2012-11-15 03:24:30 +00:00			`@user = User.new(first_name: "Example", last_name: "User", email: "user@example.com",`
vrfs-774: changing country value from USA to US for max_mind_geo support 2013-11-03 07:49:51 +00:00			`password: "foobar", password_confirmation: "foobar", city: "Apex", state: "NC", country: "US", terms_of_service: true, musician: true)`
* VRFS-259: beta signup 2013-03-15 04:22:31 +00:00			`@user.musician_instruments << FactoryGirl.build(:musician_instrument, user: @user)`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`end`

			`subject { @user }`

added first and last name fields 2012-11-11 04:23:38 +00:00			`it { should respond_to(:first_name) }`
			`it { should respond_to(:last_name) }`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`it { should respond_to(:email) }`
			`it { should respond_to(:password) }`
			`it { should respond_to(:password_confirmation) }`
			`it { should respond_to(:remember_token) }`
			`it { should respond_to(:admin) }`
* VRFS-259: beta signup 2013-03-15 04:22:31 +00:00			`it { should respond_to(:valid_password?) }`
VRFS-194: added can_invite attribute, defaults to true, but false for invited users 2013-01-04 10:13:39 +00:00			`it { should respond_to(:can_invite) }`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00
			`it { should be_valid }`
			`it { should_not be_admin }`

			`describe "accessible attributes" do`
			`it "should not allow access to admin" do`
* jam-ruby updated to include jam_session model and tests 2012-08-18 18:48:43 +00:00			`userish = User.new(admin: true)`
			`userish.admin.should == false # the .new style above will be ignored`
			`userish.admin = true # but deliberate property setting will work`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`userish.admin.should == true`
			`end`
			`end`

			`describe "with admin attribute set to 'true'" do`
			`before do`
			`@user.save!`
			`@user.toggle!(:admin)`
			`end`

			`it { should be_admin }`
			`end`
Added profanity filter - VRFS-219 2013-07-26 08:07:24 +00:00
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00
added first and last name fields 2012-11-11 04:23:38 +00:00			`describe "when first name is not present" do`
			`before { @user.first_name = " " }`
			`it { should_not be_valid }`
			`end`

			`describe "when last name is not present" do`
			`before { @user.last_name = " " }`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`it { should_not be_valid }`
			`end`

			`describe "when email is not present" do`
			`before { @user.email = " " }`
			`it { should_not be_valid }`
			`end`

added first and last name fields 2012-11-11 04:23:38 +00:00			`describe "when first name is too long" do`
			`before { @user.first_name = "a" * 51 }`
			`it { should_not be_valid }`
			`end`

			`describe "when last name is too long" do`
			`before { @user.last_name = "a" * 51 }`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`it { should_not be_valid }`
			`end`

Added profanity filter - VRFS-219 2013-07-26 08:07:24 +00:00			`describe "first or last name cant have profanity" do`
			`it "should not let the first name have profanity" do`
			`@user.first_name = "fuck you"`
			`@user.save`
			`@user.should_not be_valid`
			`end`

			`it "should not let the last name have profanity" do`
			`@user.last_name = "fuck you"`
			`@user.save`
			`@user.should_not be_valid`
			`end`
			`end`

* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`describe "when email format is invalid" do`
			`it "should be invalid" do`
			`addresses = %w[user@foo,com user_at_foo.org example.user@foo.]`
			`addresses.each do \|invalid_address\|`
			`@user.email = invalid_address`
			`@user.should_not be_valid`
			`end`
			`end`
			`end`

			`describe "when email format is valid" do`
			`it "should be valid" do`
			`addresses = %w[user@foo.COM A_US-ER@f.b.org frst.lst@foo.jp a+b@baz.cn]`
			`addresses.each do \|valid_address\|`
			`@user.email = valid_address`
			`@user.should be_valid`
			`end`
			`end`
			`end`

			`describe "when email address is already taken" do`
			`before do`
			`user_with_same_email = @user.dup`
			`user_with_same_email.email = @user.email.upcase`
			`user_with_same_email.save`
			`end`

			`it { should_not be_valid }`
			`end`

			`describe "email address with mixed case" do`
			`let(:mixed_case_email) { "Foo@ExAMPle.CoM" }`

* VRFS-417; allowing emails to go in with case preservation; but check for existing using case insensitivity 2013-07-10 20:18:25 +00:00
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`it "should be saved as all lower-case" do`
* adding in updated jnlp files 2013-12-17 23:55:10 +00:00			`pending`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`@user.email = mixed_case_email`
* VRFS-417; allowing emails to go in with case preservation; but check for existing using case insensitivity 2013-07-10 20:18:25 +00:00			`@user.save!`
MiXeD case email test, I decided the problem was with the test 2013-11-12 05:56:04 +00:00			`@user.reload.email.should == mixed_case_email.downcase`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`end`
			`end`

			`describe "when password is not present" do`
			`before { @user.password = @user.password_confirmation = " " }`
			`it { should_not be_valid }`
			`end`

			`describe "when password doesn't match confirmation" do`
			`before { @user.password_confirmation = "mismatch" }`
			`it { should_not be_valid }`
			`end`

			`describe "when password confirmation is nil" do`
			`before { @user.password_confirmation = nil }`
			`it { should_not be_valid }`
			`end`

			`describe "with a password that's too short" do`
			`before { @user.password = @user.password_confirmation = "a" * 5 }`
			`it { should be_invalid }`
			`end`

* allow user model to permit null first/last on administrative signup 2013-03-01 13:35:50 +00:00
set_password plus some refactoring 2012-12-14 03:32:23 +00:00			`describe "set_password" do`
			`before do`
			`@user.confirm_email!`
* VRFS-312 in-app password updates 2013-05-14 19:02:22 +00:00			`@user.save.should be_true`
			`UserMailer.deliveries.clear`
set_password plus some refactoring 2012-12-14 03:32:23 +00:00			`end`

			`it "setting a new password should work" do`
* VRFS-312 in-app password updates 2013-05-14 19:02:22 +00:00			`@user.set_password("foobar", "newpassword", "newpassword")`
			`User.authenticate(@user.email, "newpassword").should_not be_nil`
			`UserMailer.deliveries.length.should == 1`
set_password plus some refactoring 2012-12-14 03:32:23 +00:00			`end`
more work 2012-12-13 17:15:47 +00:00
set_password plus some refactoring 2012-12-14 03:32:23 +00:00			`it "setting a new password should fail if old one doesnt match" do`
* VRFS-312 in-app password updates 2013-05-14 19:02:22 +00:00			`@user.set_password("wrongold", "newpassword", "newpassword")`
			`@user.errors.any?.should be_true`
			`@user.errors[:current_password].length.should == 1`
			`UserMailer.deliveries.length.should == 0`
set_password plus some refactoring 2012-12-14 03:32:23 +00:00			`end`

			`it "setting a new password should fail if new ones dont match" do`
			`@user.set_password("foobar", "newpassword", "newpassword2")`
* VRFS-312 in-app password updates 2013-05-14 19:02:22 +00:00			`@user.errors.any?.should be_true`
			`@user.errors[:password].length.should == 1`
			`UserMailer.deliveries.length.should == 0`
set_password plus some refactoring 2012-12-14 03:32:23 +00:00			`end`
more work 2012-12-13 17:15:47 +00:00
set_password plus some refactoring 2012-12-14 03:32:23 +00:00			`it "setting a new password should fail if new one doesnt validate" do`
			`@user.set_password("foobar", "a", "a")`
* VRFS-312 in-app password updates 2013-05-14 19:02:22 +00:00			`@user.errors.any?.should be_true`
			`@user.errors[:password].length.should == 1`
			`UserMailer.deliveries.length.should == 0`
			`end`

			`it "setting a new password should fail if the new one is null" do`
			`@user.set_password("foobar", nil, nil)`
			`@user.errors.any?.should be_true`
			`@user.errors[:password].length.should == 1`
			`UserMailer.deliveries.length.should == 0`
set_password plus some refactoring 2012-12-14 03:32:23 +00:00			`end`
more work 2012-12-13 17:15:47 +00:00
			`end`
set_password plus some refactoring 2012-12-14 03:32:23 +00:00
reset password work 2012-12-22 00:56:16 +00:00			`describe "reset_password" do`
			`before do`
			`@user.confirm_email!`
			`@user.save`
			`end`

			`it "fails if the provided email address is unrecognized" do`
* VRFS-1532 - launch in chrome, ff, or IE10/11. otherwise show instructions to go run it yourself * VRFS-1541 - alphabetically order recordings * VRFS-1563 - password reset page should have no crashes anymore. 2014-04-01 23:38:36 +00:00			`expect { User.reset_password("invalidemail@invalid.com", RESET_PASSWORD_URL) }.to raise_error(JamRuby::JamArgumentError)`
reset password work 2012-12-22 00:56:16 +00:00			`end`
more work 2012-12-13 17:15:47 +00:00
reset password work 2012-12-22 00:56:16 +00:00			`it "assigns a reset_token and reset_token_created on reset" do`
* VRFS-300 and VRFS-386 done-all emails are styled using a common template 2013-06-24 21:31:40 +00:00			`User.reset_password(@user.email, RESET_PASSWORD_URL)`
reset password work 2012-12-22 00:56:16 +00:00			`@user.reload`
			`@user.reset_password_token.should_not be_nil`
			`@user.reset_password_token_created.should_not be_nil`
			`@user.reset_password_token_created.should <= Time.now`
			`@user.reset_password_token_created.should >= Time.now - 1.minute`
			`end`

VFRS-402 2013-07-05 08:24:12 +00:00			`it "errors if the wrong token comes in" do`
* VRFS-300 and VRFS-386 done-all emails are styled using a common template 2013-06-24 21:31:40 +00:00			`User.reset_password(@user.email, RESET_PASSWORD_URL)`
reset password work 2012-12-22 00:56:16 +00:00			`@user.reload`
			`expect { User.set_password_from_token(@user.email, "wrongtoken", "newpassword", "newpassword") }.to raise_error`
			`end`

			`it "changes the password if the token is right" do`
* VRFS-300 and VRFS-386 done-all emails are styled using a common template 2013-06-24 21:31:40 +00:00			`User.reset_password(@user.email, RESET_PASSWORD_URL)`
reset password work 2012-12-22 00:56:16 +00:00			`@user.reload`
			`User.set_password_from_token(@user.email, @user.reset_password_token, "newpassword", "newpassword")`
			`User.authenticate(@user.email, "newpassword").should_not be_nil`
			`@user.reload`
			`end`
			`end`
more work 2012-12-13 17:15:47 +00:00
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`describe "return value of authenticate method" do`
			`before { @user.save }`
			`let(:found_user) { User.find_by_email(@user.email) }`

			`describe "with valid password" do`
* VRFS-259: beta signup 2013-03-15 04:22:31 +00:00			`it { found_user.valid_password?(@user.password).should be_true }`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00			`end`

			`describe "with invalid password" do`
* VRFS-259: beta signup 2013-03-15 04:22:31 +00:00			`let(:user_for_invalid_password) { found_user.valid_password?("invalid") }`
* ported user model from rails tutorial; and it's tests 2012-08-06 03:01:00 +00:00
			`it { should_not == user_for_invalid_password }`
			`specify { user_for_invalid_password.should be_false }`
			`end`
			`end`

			`describe "remember token" do`
			`before { @user.save }`
			`its(:remember_token) { should_not be_blank }`
			`end`
* moving user_manager out of jam_ruby, but moving alot of logic within user_manager to User model 2012-11-14 05:37:18 +00:00
* VRFS-734 - adding all user progression tracking that is possible currently 2013-09-30 02:37:22 +00:00			`describe "user progression only touches once" do`
			`it "allows first touch" do`
			`@user.update_progression_field (:first_downloaded_client_at)`
			`@user.errors.any?.should be_false`
			`@user.first_downloaded_client_at.should_not be_nil`
			`end`

			`it "ignores second touch" do`
			`time = DateTime.now - 1`
			`@user.update_progression_field(:first_downloaded_client_at, time)`
			`first_value = @user.first_downloaded_client_at`
			`@user.update_progression_field(:first_downloaded_client_at)`
			`@user.errors.any?.should be_false`
			`@user.first_downloaded_client_at.should == first_value`
			`end`
			`end`

* moving user_manager out of jam_ruby, but moving alot of logic within user_manager to User model 2012-11-14 05:37:18 +00:00			`describe "authenticate (class-instance)" do`
			`before { @user.email_confirmed=true; @user.save }`

			`describe "with valid password" do`
			`it { should == User.authenticate(@user.email, @user.password) }`
			`end`

			`describe "with invalid password" do`
			`it { User.authenticate(@user.email, "invalid").should be_nil }`
			`end`

			`describe "with invalid email" do`
			`it { User.authenticate("junk", "invalid").should be_nil }`
			`end`

			`describe "with nil args" do`
			`it { User.authenticate(nil, nil).should be_nil }`
			`end`

			`describe "with empty args" do`
			`it { User.authenticate("", "").should be_nil }`
			`end`
			`end`
* VRFS-149; bootstrap dev users 2012-12-09 20:56:35 +00:00
			`describe "create_dev_user" do`
vrfs-774: changing country value from USA to US for max_mind_geo support 2013-11-03 07:49:51 +00:00			`before { @dev_user = User.create_dev_user("Seth", "Call", "seth@jamkazam.com", "Jam123", "Austin", "Texas", "US", nil, nil) }`
* VRFS-149; bootstrap dev users 2012-12-09 20:56:35 +00:00
			`subject { @dev_user }`

			`describe "creates a valid record" do`
			`it { should be_valid }`
			`end`

			`describe "should not be a new record" do`
			`it { should be_persisted }`
			`end`

			`describe "updates record" do`
vrfs-774: changing country value from USA to US for max_mind_geo support 2013-11-03 07:49:51 +00:00			`before { @dev_user = User.create_dev_user("Seth", "Call2", "seth@jamkazam.com", "Jam123", "Austin", "Texas", "US", nil, nil) }`
* VRFS-149; bootstrap dev users 2012-12-09 20:56:35 +00:00
			`it { should be_valid }`

			`its(:last_name) { should == "Call2" }`

			`end`
			`end`
* VRFS-311 - emailing and user model business logic done 2013-05-10 12:10:33 +00:00
			`describe "update email" do`

			`before do`
			`UserMailer.deliveries.clear`
			`end`

			`describe "begin email update" do`
			`describe "success" do`
			`before do`
			`@user.begin_update_email("somenewemail@blah.com", "foobar", "http://www.jamkazam.com/confirm_email_update?token=")`
			`end`

			`# useful to see contents of email without actually running the app and sending it`
			`it { @user.errors.any?.should be_false }`
			`it { @user.update_email.should == "somenewemail@blah.com" }`
			`it { @user.update_email_confirmation_url.should == "http://www.jamkazam.com/confirm_email_update?token=#{@user.update_email_token}" }`
			`it { UserMailer.deliveries.length.should == 1 }`

			`end`

			`it "no email on error" do`
			`@user.begin_update_email("somenewemail@blah.com", "wrong password", "http://www.jamkazam.com/confirm_email_update?token=")`

			`UserMailer.deliveries.length.should == 0`
			`end`

			`it "bad password validation" do`
			`@user.begin_update_email("somenewemail@blah.com", "wrong password", "http://www.jamkazam.com/confirm_email_update?token=")`

* VRFS-312 in-app password updates 2013-05-14 19:02:22 +00:00			`@user.errors[:current_password][0].should == ValidationMessages::NOT_YOUR_PASSWORD`
* VRFS-311 - emailing and user model business logic done 2013-05-10 12:10:33 +00:00			`end`

* VRFS-311; reject users that try to set their email to the same email as it currently is 2013-05-13 03:27:12 +00:00			`it "matches current email" do`
			`@user.begin_update_email(@user.email, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")`

			`@user.errors[:update_email][0].should == ValidationMessages::EMAIL_MATCHES_CURRENT`
			`end`

* VRFS-311 - emailing and user model business logic done 2013-05-10 12:10:33 +00:00			`it "existing email of another user" do`
			`another_user = FactoryGirl.create(:user)`
			`@user.begin_update_email(another_user.email, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")`

			`@user.errors[:update_email][0].should == ValidationMessages::EMAIL_ALREADY_TAKEN`
			`end`

			`it "bogus email" do`
			`@user.begin_update_email("not_an_email", "foobar", "http://www.jamkazam.com/confirm_email_update?token=")`

			`@user.errors[:update_email][0].should == "is invalid"`
			`end`

			`it "empty email" do`
			`@user.begin_update_email(nil, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")`

			`@user.errors[:update_email][0].should == "can't be blank"`
			`end`
			`end`

			`describe "finalize email update" do`
			`before do`
			`@user.begin_update_email("somenewemail@blah.com", "foobar", "http://www.jamkazam.com/confirm_email_update?token=")`
			`UserMailer.deliveries.clear`
			`end`

			`describe "success" do`

			`before do`
			`@finalized = User.finalize_update_email(@user.update_email_token)`
			`end`

			`it { @finalized.should == @user }`
			`it { @finalized.email.should == "somenewemail@blah.com" }`
			`it { UserMailer.deliveries.length.should == 1 }`
			`end`

			`it "no email on unsuccessful finalize" do`
			`expect { User.finalize_update_email("wrong_token") }.to raise_error(ActiveRecord::RecordNotFound)`
			`UserMailer.deliveries.length.should == 0`
			`end`

			`it "bad token" do`
			`expect { User.finalize_update_email("wrong_token") }.to raise_error(ActiveRecord::RecordNotFound)`
			`end`

			`it "empty token" do`
			`expect { User.finalize_update_email(nil) }.to raise_error(ActiveRecord::RecordNotFound)`
			`end`
			`end`
			`end`
* avatar changes to user model 2013-05-31 01:59:37 +00:00
* VRFS-1025 finished 2014-02-03 21:19:14 +00:00			`describe "user_authorizations" do`

			`it "can create" do`
			`@user.user_authorizations.build provider: 'facebook',`
			`uid: '1',`
			`token: '1',`
* VRFS-1083 user_authorizations require user now; found some bugs 2014-02-07 17:18:57 +00:00			`token_expiration: Time.now,`
			`user: @user`
* VRFS-1025 finished 2014-02-03 21:19:14 +00:00			`@user.save!`
			`end`

			`it "fails on duplicate" do`
			`@user.user_authorizations.build provider: 'facebook',`
			`uid: '1',`
			`token: '1',`
* VRFS-1083 user_authorizations require user now; found some bugs 2014-02-07 17:18:57 +00:00			`token_expiration: Time.now,`
			`user: @user`
* VRFS-1025 finished 2014-02-03 21:19:14 +00:00			`@user.save!`

			`@user2 = FactoryGirl.create(:user)`
			`@user2.user_authorizations.build provider: 'facebook',`
			`uid: '1',`
			`token: '1',`
* VRFS-1083 user_authorizations require user now; found some bugs 2014-02-07 17:18:57 +00:00			`token_expiration: Time.now,`
			`user: @user2`
* VRFS-1025 finished 2014-02-03 21:19:14 +00:00			`@user2.save.should be_false`
			`@user2.errors[:user_authorizations].should == ['is invalid']`
			`end`


			`end`
* avatar changes to user model 2013-05-31 01:59:37 +00:00			`=begin`
			`describe "update avatar" do`

			`describe "success" do`

			`let(:s3_path) { "/public/avatars/#{@user.id}/avatar.jpg" }`
			`let(:original) { { "url" => "http://filepicker.io/blah", "key" => "/public/avatars/#{@user.id}/originals/avatar.jpg" } }`
			`let(:clipped) { { "url" => "http://filepicker.io/blah", "key" => s3_path } }`

			`before(:each) do`
			`@user.update_avatar(original, clipped, "jamkazam")`
			`end`

			`it { @user.errors.any?.should be_false }`
			`it { @user.original_fpfile.class == String }`
			`it { @user.cropped_fpfile.class == String }`
			`it { @user.photo_url = S3Util.url("jamkazam", s3_path, :secure => false ) }`
			`end`

			`describe "bad fpfiles" do`
			`let(:s3_path) { "/public/avatars/#{@user.id}/avatar.jpg" }`
			`let(:original) { { "url" => "http://filepicker.io/blah" } } # take out 'key', which is required by model`
			`let(:clipped) { { "url" => "http://filepicker.io/blah", } } # take out 'key', which is required by model`

			`before(:each) do`
			`@user.update_avatar(original, clipped, "jamkazam")`
			`end`

			`it { @user.errors.any?.should be_true }`
			`it { @user.errors[:original_fpfile][0].should == ValidationMessages::INVALID_FPFILE }`
			`it { @user.errors[:cropped_fpfile][0].should == ValidationMessages::INVALID_FPFILE }`
			`end`

			`end`
			`=end`

reset password work 2012-12-22 00:56:16 +00:00			`end`