3 files changed, 98 insertions, 3 deletions

diff --git a/test/unit/account_test.rb b/test/unit/account_test.rb
index d56541a..058e196 100644
--- a/test/unit/account_test.rb
+++ b/test/unit/account_test.rb
@@ -26,6 +26,7 @@ class AccountTest < ActiveSupport::TestCase
       user = Account.create(FactoryGirl.attributes_for(:user))
       assert !user.valid?, "user should not be valid"
       assert !user.persisted?, "user should not have been saved"
+      assert_has_errors user, invite_code: "This is not a valid code"
     end
   end
 
@@ -47,6 +48,25 @@ class AccountTest < ActiveSupport::TestCase
     end
   end
 
+  test "error on reused username" do
+    with_config invite_required: false do
+      attributes = FactoryGirl.attributes_for :user
+      user = Account.create attributes
+      dup = Account.create attributes
+      assert !dup.valid?
+      assert_has_errors dup, login: "has already been taken"
+      user.account.destroy
+    end
+  end
+
+  test "error on invalid username" do
+    with_config invite_required: false do
+      attributes = FactoryGirl.attributes_for :user, login: "a"
+      user = Account.create attributes
+      assert !user.valid?
+      assert_has_errors user, login: "Must have at least two characters"
+    end
+  end
 
   test "create and remove a user account" do
     # We keep an identity that will block the handle from being reused.
@@ -76,6 +96,42 @@ class AccountTest < ActiveSupport::TestCase
     user.account.destroy
   end
 
+  test "create recovery code if it does not exist" do
+    user = Account.create(FactoryGirl.attributes_for(:user, :invite_code => @testcode.invite_code))
+    user.account.update(:recovery_code_verifier => "abc", :recovery_code_salt => "123")
+    user.reload
+
+    assert_equal "abc", user.recovery_code_verifier
+    assert_equal "123", user.recovery_code_salt
+
+    user.account.destroy
+  end
+
+  test "update recovery code that already exists" do
+    user = Account.create(FactoryGirl.attributes_for(:user,
+      :invite_code => @testcode.invite_code,
+      :recovery_code_verifier => "000",
+      :recovery_code_salt => "111"))
+
+    user.account.update(:recovery_code_verifier => "abc", :recovery_code_salt => "123")
+    user.reload
+
+    assert_equal "abc", user.recovery_code_verifier
+    assert_equal "123", user.recovery_code_salt
+
+    user.account.destroy
+  end
+
+  test "update password" do
+    user = Account.create(FactoryGirl.attributes_for(:user, :invite_code => @testcode.invite_code))
+    user.account.update(:password_verifier => "551A8B", :password_salt => "551A8B")
+
+    assert_equal "551A8B", user.password_verifier
+    assert_equal "551A8B", user.password_salt
+
+    user.account.destroy
+  end
+
   test "Invite code count goes up by 1 when the invite code is entered" do
     with_config invite_required: true do
       user = Account.create(FactoryGirl.attributes_for(:user, :invite_code => @testcode.invite_code))
@@ -110,4 +166,32 @@ class AccountTest < ActiveSupport::TestCase
     user.account.enable
     assert_equal(cert.fingerprint, Identity.for(user).cert_fingerprints.keys.first)
   end
+
+  # Pixelated relies on the ability to test invite codes without sending a
+  # username and password yet.
+  # So we better make sure we return the appropriate errors
+  test "errors trying to create account with invite only" do
+    with_config invite_required: true do
+      user = Account.create invite_code: @testcode.invite_code
+      assert user.errors[:invite_code].blank?
+    end
+  end
+
+  test "errors trying to create account with invalid invite only" do
+    with_config invite_required: true do
+      user = Account.create invite_code: "wrong_invite_code"
+      assert_has_errors user, invite_code: "This is not a valid code"
+    end
+  end
+
+  # Tests for the presence of the errors given.
+  # Does not test for the absence of other errors - so there may be more.
+  def assert_has_errors(record, errors)
+    errors.each do |field, field_errors|
+      Array(field_errors).each do |error|
+        assert_includes record.errors[field], error
+      end
+    end
+  end
+
 end
diff --git a/test/unit/identity_test.rb b/test/unit/identity_test.rb
index e9173af..6836487 100644
--- a/test/unit/identity_test.rb
+++ b/test/unit/identity_test.rb
@@ -122,8 +122,8 @@ class IdentityTest < ActiveSupport::TestCase
     @id = Identity.for(@user)
     @id.orphan!
     assert_equal @user.email_address, @id.address
-    assert_equal nil, @id.destination
-    assert_equal nil, @id.user
+    assert_nil @id.destination
+    assert_nil @id.user
     assert @id.orphaned?
     assert @id.valid?
   end
diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb
index 02e94df..ab7add0 100644
--- a/test/unit/user_test.rb
+++ b/test/unit/user_test.rb
@@ -28,6 +28,16 @@ class UserTest < ActiveSupport::TestCase
     assert !@user.valid?
   end
 
+  test "validates hex for recovery_code_verifier" do
+    @user.recovery_code_verifier = "1234567abcdef"
+    assert @user.valid?
+  end
+
+  test "validates recovery_code_verifier with non hex chars" do
+    @user.recovery_code_verifier = "gkpq"
+    assert !@user.valid?
+  end
+
   test "test require alphanumerical for login" do
     @user.login = "qw#r"
     assert !@user.valid?
@@ -73,7 +83,8 @@ class UserTest < ActiveSupport::TestCase
 
   test "user to hash includes id, login, valid and enabled" do
     hash = @user.to_hash
-    assert_equal @user.id, hash[:id]
+    assert_nil @user.id
+    assert_nil hash[:id]
     assert_equal @user.valid?, hash[:ok]
     assert_equal @user.login, hash[:login]
     assert_equal @user.enabled?, hash[:enabled]