set up devise authentication more srsly. Still doesn't pass the test though haha

2015-12-16 22:16:02 +08:00 · 2015-12-16 22:16:02 +08:00 · ae1117338a
commit ae1117338a
parent be3924aa54
11 changed files with 40 additions and 36 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -50,7 +50,6 @@ private
  end
  def authenticated?
    return nil if warden.nil? #rspec tests
    current_user
  end
@ -59,11 +58,9 @@ private
  end
  def get_invite_link
-    unless warden.nil? # rspec tests
+    unsafe_uri = request.env["REQUEST_URI"]
-      unsafe_uri = request.env["REQUEST_URI"]
+    valid_url = /^https?:\/\/([\w\.-]+)(:\d{1,5})?\/?$/
-      valid_url = /^https?:\/\/([\w\.-]+)(:\d{1,5})?\/?$/
+    safe_uri = (unsafe_uri.match(valid_url)) ? unsafe_uri : "http://metamaps.cc/"
-      safe_uri = (unsafe_uri.match(valid_url)) ? unsafe_uri : "http://metamaps.cc/"
+    @invite_link = "#{safe_uri}join" + (current_user ? "?code=#{current_user.code}" : "")
      @invite_link = "#{safe_uri}join" + (current_user ? "?code=#{current_user.code}" : "")
    end
  end
 end
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -101,5 +101,4 @@ class UsersController < ApplicationController
  def user_params
    params.require(:user).permit(:name, :email, :image, :password, :password_confirmation)
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -26,7 +26,7 @@ class User < ActiveRecord::Base
  validates_uniqueness_of :name # done by devise
  validates_uniqueness_of :email # done by devise
-  validates :joinedwithcode, :presence => true, :inclusion => { :in => $codes, :message => "%{value} is not valid" }, :on => :create
+  validates :joinedwithcode, :presence => true, :inclusion => { :in => User.all.pluck(:code), :message => "%{value} is not valid" }, :on => :create
  # This method associates the attribute ":image" with a file attachment
  has_attached_file :image, :styles => {
@ -64,7 +64,7 @@ class User < ActiveRecord::Base
  #generate a random 8 letter/digit code that they can use to invite people
  def generate_code
-	  self.code = rand(36**8).to_s(36)
+	  self.code ||= rand(36**8).to_s(36)
    $codes.push(self.code)
    self.generation = get_generation!
  end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20151025083043) do
+ActiveRecord::Schema.define(version: 20151028061513) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"
--- a/db/seeds.rb
+++ b/db/seeds.rb
@ -2,36 +2,36 @@
 # The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
 ## USERS
-User.create({
+User.new({
  name: 'user',
  email: 'user@user.com',
  password: 'toolsplusconsciousness',
  code: 'qwertyui',
  joinedwithcode: 'qwertyui',
-  admin: 'false',
+  admin: 'false'
-})
+}).save
-User.create({
+User.new({
  name: 'admin',
  email: 'admin@admin.com',
  password: 'toolsplusconsciousness',
  code: 'iuytrewq',
  joinedwithcode: 'iuytrewq',
-  admin: 'true',
+  admin: 'true'
-})
+}).save
 ## END USERS
 ## METACODES
 Metacode.create({
  name: 'Action',
  icon: 'https://s3.amazonaws.com/metamaps-assets/metacodes/blueprint/96px/bp_action.png',
-  color: '#BD6C85',
+  color: '#BD6C85'
 })
 Metacode.create({
  name: 'Activity',
  icon: 'https://s3.amazonaws.com/metamaps-assets/metacodes/blueprint/96px/bp_activity.png',
-  color: '#6EBF65',
+  color: '#6EBF65'
 })
 Metacode.create({
--- a/spec/controllers/metacodes_controller_spec.rb
+++ b/spec/controllers/metacodes_controller_spec.rb
@ -20,7 +20,7 @@ require 'rails_helper'
 RSpec.describe MetacodesController, :type => :controller do
  before :each do
-    @user = User.new(admin: true)
+    @user = create(:user, admin: true)
    sign_in @user
  end
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@ -3,7 +3,8 @@ FactoryGirl.define do
    name { random_string(10) }
    email { random_string(10) + '@' + random_string(10) + '.com' }
    code { random_string(8) }
-    joinedwithcode { random_string(8) }
+    joinedwithcode { code }
    password 'omgwtfbbq'
    to_create {|instance| instance.save(validate: false) } # bypass validation of the joinedwithcode
  end
 end
--- a/spec/rails_helper.rb
+++ b/spec/rails_helper.rb
@ -7,20 +7,8 @@ require 'spec_helper'
 require 'rspec/rails'
 # Add additional requires below this line. Rails is not loaded until this point!
-# Requires supporting ruby files with custom matchers and macros, etc, in
+# require all support files
-# spec/support/ and its subdirectories. Files matching `spec/**/*_spec.rb` are
+Dir[Rails.root.join('spec/support/**/*.rb')].each { |f| require f }
 # run as spec files by default. This means that files in spec/support that end
 # in _spec.rb will both be required and run as specs, causing the specs to be
 # run twice. It is recommended that you do not name files matching this glob to
 # end with _spec.rb. You can configure this pattern with the --pattern
 # option on the command line or in ~/.rspec, .rspec or `.rspec-local`.
 #
 # The following line is provided for convenience purposes. It has the downside
 # of increasing the boot-up time by auto-requiring all files in the support
 # directory. Alternatively, in the individual `*_spec.rb` files, manually
 # require only the support files necessary.
 #
 # Dir[Rails.root.join('spec/support/**/*.rb')].each { |f| require f }
 RSpec.configure do |config|
  # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
@ -47,5 +35,5 @@ RSpec.configure do |config|
  config.infer_spec_type_from_file_location!
  config.include Devise::TestHelpers, type: :controller
-
+  config.include ControllerHelpers, type: :controller
 end
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@ -16,6 +16,7 @@
 # users commonly want.
 #
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 RSpec.configure do |config|
  # rspec-expectations config goes here. You can use an alternate
  # assertion/expectation library such as wrong or the stdlib/minitest
--- a/spec/support/controller_helpers.rb
+++ b/spec/support/controller_helpers.rb
@ -0,0 +1,14 @@
 # https://github.com/plataformatec/devise/wiki/How-To:-Stub-authentication-in-controller-specs
 module ControllerHelpers
  def sign_in(user = create(:user))
    if user.nil?
      # simulate unauthenticated
      allow(request.env['warden']).to receive(:authenticate!).and_throw(:warden, {:scope => :user})
      allow(controller).to receive(:current_user).and_return(nil)
    else
      # simulate authenticated
      allow(request.env['warden']).to receive(:authenticate!).and_return(user)
      allow(controller).to receive(:current_user).and_return(user)
    end
  end
 end
--- a/spec/support/factory_girl.rb
+++ b/spec/support/factory_girl.rb
@ -0,0 +1,4 @@
 # lets you type create(:user) instead of FactoryGirl.create(:user)
 RSpec.configure do |config|
    config.include FactoryGirl::Syntax::Methods
 end