summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2014-05-28 10:45:14 +0200
committerAzul <azul@leap.se>2014-05-28 10:55:42 +0200
commit154d32bbc7cfe21d83141ff2c9a3d805165231b8 (patch)
treeedbb82449a9a50c0b5141e435939150bef7dee57
parent1d0d61389011a8d0d169bc139590d90a6fbbac60 (diff)
use Identity for testing login availability
We create an identity alongside each user. Make sure the identity is valid when creating the user. This also ensures that the login picked is available because otherwise the identities address would not be available anymore.
-rw-r--r--app/models/identity.rb30
-rw-r--r--app/models/user.rb13
-rw-r--r--test/integration/browser/account_test.rb7
3 files changed, 25 insertions, 25 deletions
diff --git a/app/models/identity.rb b/app/models/identity.rb
index a4225e7..2be396c 100644
--- a/app/models/identity.rb
+++ b/app/models/identity.rb
@@ -10,8 +10,9 @@ class Identity < CouchRest::Model::Base
property :keys, HashWithIndifferentAccess
property :cert_fingerprints, Hash
- validate :unique_forward
validate :alias_available
+ validates :destination, presence: true,
+ uniqueness: {scope: :address}
validate :address_local_email
validate :destination_email
@@ -44,13 +45,12 @@ class Identity < CouchRest::Model::Base
end
- def self.for(user, attributes = {})
- find_for(user, attributes) || build_for(user, attributes)
+ def self.for(user)
+ find_for(user) || build_for(user)
end
- def self.find_for(user, attributes = {})
- attributes.reverse_merge! attributes_from_user(user)
- find_by_address_and_destination [attributes[:address], attributes[:destination]]
+ def self.find_for(user)
+ find_by_user_id(user.id) if user && user.persisted?
end
def self.build_for(user, attributes = {})
@@ -125,23 +125,17 @@ class Identity < CouchRest::Model::Base
protected
- def unique_forward
- same = Identity.find_by_address_and_destination([address, destination])
- if same && same != self
- errors.add :base, "This alias already exists"
- end
- end
-
def alias_available
- same = Identity.find_by_address(address)
- if same && same.user != self.user
- errors.add :base, "This email has already been taken"
+ same_address = Identity.by_address.key(address)
+ if same_address.detect { |other| other.user !=self.user }
+ errors.add :address, :taken
end
end
def address_local_email
- return if address.valid? #this ensures it is LocalEmail
- self.errors.add(:address, address.errors.messages[:email].first) #assumes only one error
+ return if address.valid?
+ # we only hand on the first error for now.
+ self.errors.add(:address, address.errors.messages.values.first)
end
def destination_email
diff --git a/app/models/user.rb b/app/models/user.rb
index 6678de6..6b4d1a9 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -24,7 +24,7 @@ class User < CouchRest::Model::Base
:uniqueness => true,
:if => :serverside?
- validate :login_is_unique_alias
+ validate :identity_is_valid
validates :password_salt, :password_verifier,
:format => { :with => /\A[\dA-Fa-f]+\z/, :message => "Only hex numbers allowed" }
@@ -161,12 +161,11 @@ class User < CouchRest::Model::Base
# Validation Functions
##
- def login_is_unique_alias
- alias_identity = Identity.find_by_address(self.email_address)
- return if alias_identity.blank?
- if alias_identity.user != self
- errors.add(:login, "has already been taken")
- end
+ def identity_is_valid
+ refresh_identity
+ return if identity.valid?
+ # hand on the first error only for now
+ self.errors.add(:login, identity.errors.messages.values.first)
end
def password
diff --git a/test/integration/browser/account_test.rb b/test/integration/browser/account_test.rb
index 491a9e1..82bb043 100644
--- a/test/integration/browser/account_test.rb
+++ b/test/integration/browser/account_test.rb
@@ -22,6 +22,12 @@ class AccountTest < BrowserIntegrationTest
assert page.has_content?("Welcome #{username}")
end
+ test "signup with reserved username" do
+ username = 'certmaster'
+ submit_signup username
+ assert page.has_content?("is reserved.")
+ end
+
test "successful login" do
username, password = submit_signup
click_on 'Logout'
@@ -44,6 +50,7 @@ class AccountTest < BrowserIntegrationTest
click_on I18n.t('account_settings')
click_on I18n.t('destroy_my_account')
assert page.has_content?(I18n.t('account_destroyed'))
+ assert_equal 1, Identity.by_address.key("#{username}@test.me").count
attempt_login(username, password)
assert_invalid_login(page)
end