use Identity for testing login availability

We create an identity alongside each user. Make sure the identity
is valid when creating the user. This also ensures that the login
picked is available because otherwise the identities address would
not be available anymore.

3 files changed, 25 insertions, 25 deletions

diff --git a/app/models/identity.rb b/app/models/identity.rb
index a4225e7..2be396c 100644
--- a/app/models/identity.rb
+++ b/app/models/identity.rb
@@ -10,8 +10,9 @@ class Identity < CouchRest::Model::Base
   property :keys, HashWithIndifferentAccess
   property :cert_fingerprints, Hash
 
-  validate :unique_forward
   validate :alias_available
+  validates :destination, presence: true,
+   uniqueness: {scope: :address}
   validate :address_local_email
   validate :destination_email
 
@@ -44,13 +45,12 @@ class Identity < CouchRest::Model::Base
 
   end
 
-  def self.for(user, attributes = {})
-    find_for(user, attributes) || build_for(user, attributes)
+  def self.for(user)
+    find_for(user) || build_for(user)
   end
 
-  def self.find_for(user, attributes = {})
-    attributes.reverse_merge! attributes_from_user(user)
-    find_by_address_and_destination [attributes[:address], attributes[:destination]]
+  def self.find_for(user)
+    find_by_user_id(user.id) if user && user.persisted?
   end
 
   def self.build_for(user, attributes = {})
@@ -125,23 +125,17 @@ class Identity < CouchRest::Model::Base
 
   protected
 
-  def unique_forward
-    same = Identity.find_by_address_and_destination([address, destination])
-    if same && same != self
-      errors.add :base, "This alias already exists"
-    end
-  end
-
   def alias_available
-    same = Identity.find_by_address(address)
-    if same && same.user != self.user
-      errors.add :base, "This email has already been taken"
+    same_address = Identity.by_address.key(address)
+    if same_address.detect { |other| other.user !=self.user }
+      errors.add :address, :taken
     end
   end
 
   def address_local_email
-    return if address.valid? #this ensures it is LocalEmail
-    self.errors.add(:address, address.errors.messages[:email].first) #assumes only one error
+    return if address.valid?
+    # we only hand on the first error for now.
+    self.errors.add(:address, address.errors.messages.values.first)
   end
 
   def destination_email
diff --git a/app/models/user.rb b/app/models/user.rb
index 6678de6..6b4d1a9 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -24,7 +24,7 @@ class User < CouchRest::Model::Base
     :uniqueness => true,
     :if => :serverside?
 
-  validate :login_is_unique_alias
+  validate :identity_is_valid
 
   validates :password_salt, :password_verifier,
     :format => { :with => /\A[\dA-Fa-f]+\z/, :message => "Only hex numbers allowed" }
@@ -161,12 +161,11 @@ class User < CouchRest::Model::Base
   #  Validation Functions
   ##
 
-  def login_is_unique_alias
-    alias_identity = Identity.find_by_address(self.email_address)
-    return if alias_identity.blank?
-    if alias_identity.user != self
-      errors.add(:login, "has already been taken")
-    end
+  def identity_is_valid
+    refresh_identity
+    return if identity.valid?
+    # hand on the first error only for now
+    self.errors.add(:login, identity.errors.messages.values.first)
   end
 
   def password
diff --git a/test/integration/browser/account_test.rb b/test/integration/browser/account_test.rb
index 491a9e1..82bb043 100644
--- a/test/integration/browser/account_test.rb
+++ b/test/integration/browser/account_test.rb
@@ -22,6 +22,12 @@ class AccountTest < BrowserIntegrationTest
     assert page.has_content?("Welcome #{username}")
   end
 
+  test "signup with reserved username" do
+    username = 'certmaster'
+    submit_signup username
+    assert page.has_content?("is reserved.")
+  end
+
   test "successful login" do
     username, password = submit_signup
     click_on 'Logout'
@@ -44,6 +50,7 @@ class AccountTest < BrowserIntegrationTest
     click_on I18n.t('account_settings')
     click_on I18n.t('destroy_my_account')
     assert page.has_content?(I18n.t('account_destroyed'))
+    assert_equal 1, Identity.by_address.key("#{username}@test.me").count
     attempt_login(username, password)
     assert_invalid_login(page)
   end