valexl/bitrix_auth_spec.rb Secret

## bitrix_auth_spec.rb
require 'rails_helper'

RSpec.describe VAlexL::RCCW::Auth::Bitrix do
  before(:each) do
    @session = {}
    @session[:bitrix_user] = {}
    @session[:bitrix_user][:email]   = "New_User_email#{User.count}_#{rand(100000)}@example.ru" #usually I use Forgery for generating email and another example stuff
    @session[:bitrix_user][:user_id] = 777
    @name     = 'Jhon'
    @lastname = "Jhonkovich"
    @session[:bitrix_user][:login]   = "#{@name}.#{@lastname}"
    @company = FactoryGirl.create(:company)
    @auth    = VAlexL::RCCW::Auth::Bitrix.new @company, @session[:bitrix_user]
  end

  describe 'has method sign_in_to_bitrix?' do
    it 'return true if user is sign in bitrix' do
      expect(@auth.sign_in_to_bitrix?).to eq(true)
    end

    it 'return false if user do not sign in bitrix' do
      @auth = VAlexL::RCCW::Auth::Bitrix.new @company, {}
      expect(@auth.sign_in_to_bitrix?).to eq(false)
    end
  end

  describe 'has method current_user' do
    it 'return nil if user do not sign_in_to_bitrix?' do
      session  = {}
      session[:bitrix_user] = {}
      @auth = VAlexL::RCCW::Auth::Bitrix.new @company, {}
      expect(@auth.current_user.instance_of?(User)).to eq(false)
    end

    it 'return instance of user if sign_in_to_bitrix?' do
      expect(@auth.current_user.instance_of?(User)).to eq(true)
    end

    it 'craete new user if can not find by bitrix email' do
      expect(User.where(email: @session[:bitrix_user][:email]).count).to eq(0) #user with same email does not exist
      expect(User.where(email: @session[:bitrix_user][:email].downcase).count).to eq(0) #user with same email does not exist
      expect(@auth.current_user.name).to eq(@name)
      expect(@auth.current_user.lastname).to eq(@lastname)
      expect(@auth.current_user.email).to eq(@session[:bitrix_user][:email].downcase)
      expect(@auth.current_user.bitrix_user_id).to eq(@session[:bitrix_user][:user_id])

      expect(User.where(email: @session[:bitrix_user][:email].downcase).count).to eq(1) #user with same email exists
    end

    it 'update exist user if information about him exist in database' do
      exist_user = FactoryGirl.build(:user, email: @session[:bitrix_user][:email])
      exist_user.name = exist_user.lastname = exist_user.bitrix_user_id = nil #we get just information about e-mail
      exist_user.save!

      expect(User.where(email: @session[:bitrix_user][:email].downcase).count).to eq(1) #user exists
      expect(@auth.current_user.name).to eq(@name)
      expect(@auth.current_user.lastname).to eq(@lastname)
      expect(@auth.current_user.email)  .to eq(@session[:bitrix_user][:email].downcase)
      expect(@auth.current_user.bitrix_user_id).to eq(@session[:bitrix_user][:user_id])
    end

  end
end

## main_auth_spec.rb
require 'rails_helper'

RSpec.describe VAlexL::RCCW::Auth::Main do
  before(:all) do
    Company.destroy_all
    User.destroy_all

    @company = FactoryGirl.create(:company)
    @user    = FactoryGirl.create(:user)

    @session = {}
    @session[:user_id]     = @user.id
    @session[:last_touch]  = Time.now
    @session[:bitrix_user] = {}
    @session[:bitrix_user][:email]   = "new_user_email#{User.count}_#{rand(100000)}@example.ru" #уникальный email
    @session[:bitrix_user][:user_id] = 777 # уникальность в системе определяется по email поэтому побарабану на это поле
    @name     = 'Jhon'
    @lastname = "Jhonkovich"
    @session[:bitrix_user][:login]   = "#{@name}.#{@lastname}"

    @auth    = VAlexL::RCCW::Auth::Main.new @company, @session
  end

  describe 'has method current_user' do
    before(:each) do
      @params = @session.clone
    end

    it 'return nil if can find user from session but this user is inactive' do
      @params[:bitrix_user] = nil
      @user.status = 'inactive' and @user.save!
      @auth    = VAlexL::RCCW::Auth::Main.new @company, @params
      expect(@auth.current_user).to eq(nil)
      @user.status = 'active' and @user.save!
    end

    it 'return bitrix_user if session does not have user_id' do
      @params[:user_id] = nil

      exist_user = FactoryGirl.build(:user, email: @params[:bitrix_user][:email])
      exist_user.name = exist_user.lastname = exist_user.bitrix_user_id = nil #just email information
      exist_user.save!

      @auth    = VAlexL::RCCW::Auth::Main.new @company, @params
      expect(User.where(email: @params[:bitrix_user][:email]).count).to eq(1) #user exists
      expect(@auth.current_user).to eq(exist_user)
    end

    it 'return user if session has user information' do
      @params[:bitrix_user] = nil
      @auth    = VAlexL::RCCW::Auth::Main.new @company, @params
      expect(@auth.current_user).to eq(@user)

    end
  end

  describe 'has method user_sign_in?' do
    it 'return true if current_user is present and this user is active' do
      allow(@user).to receive(:is_active?) {true}
      allow(@auth).to receive(:current_user) {@user}
      expect(@auth.user_sign_in?).to eq(true)
    end

    it 'return true if user signed in to bitrix but session is blank' do
      allow(VAlexL::RCCW::Auth::Bitrix).to receive(:new){
        object = double
        allow(object).to receive(:sign_in_to_bitrix?).and_return(true)
        allow(object).to receive(:current_user).and_return(@user)
        object
      }

      session = {}
      @auth = VAlexL::RCCW::Auth::Main.new @company, session
      expect(@auth.user_sign_in?).to eq(true)
    end

    it 'return false if current_user is not present' do
      allow(@auth).to receive(:current_user) {nil}
      expect(@auth.user_sign_in?).to eq(false)
    end

    it 'return false if time of session less than 24.hours' do
      session = {}
      session[:user_id] = @user.id
      session[:last_touch] = Time.now - 25.hours
      @auth = VAlexL::RCCW::Auth::Main.new @company, session
      allow(@auth).to receive(:current_user) {@user}
      expect(@auth.user_sign_in?).to eq(false)
    end


  end

end

## manually_auth_spec.rb
require 'rails_helper'

RSpec.describe VAlexL::RCCW::Auth::Manually do
  before(:all) do
    Company.destroy_all
    User.destroy_all
    @company = FactoryGirl.create(:company)
    @user    = FactoryGirl.create(:user, email: 'new_user@mail.ru', password: '123')
  end

  before(:each) do
    @user = User.single_users.first || FactoryGirl.create(:user, email: '', comapny: @company)
    @user.set_active!
  end

  describe 'access denied if' do
    after(:each) do
      expect(@auth.check_permission!).to eq(false)
    end

    it 'receives nonexisten email' do
      @auth = VAlexL::RCCW::Auth::Manually.new @company, email: 'incorrect_mail@mail.ls', password: 'incorrect'
    end

    it 'receives existen email but incorrect password' do
      @auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: 'incorrect'
    end

    it 'has correct email and password but this user is inactive' do
      @user.set_inactive!
      @auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: '123'
    end
  end

  it 'allows access if has correct email and correct password' do
    @auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: '123'

    expect(@auth.password.present?).to eq(true) #user exists
    expect(@auth.current_user.present?).to eq(true) #password was given
    expect(@auth.current_user.encrypted_password.present?).to eq(true) #password was given

    expect(@auth.check_permission!).to eq(true)
  end

  describe 'has method errors' do
    it 'return instance of ActiveModel::Errors' do
      @auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: '123'
      expect(@auth.errors.class).to eq(ActiveModel::Errors)
    end

    it "return '#{I18n.t('activerecord.errors.libs.auth.inactive_user')}' if user is inactive" do
      @user.set_inactive!
      @auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: '123'
      @auth.check_permission!
      expect(@auth.errors.full_messages.count).to eq(1)
      expect(@auth.errors.full_messages.first).to eq(I18n.t('activerecord.errors.libs.auth.inactive_user'))
    end

    it "return '#{I18n.t('activerecord.errors.libs.auth.access_denied')}' if password incorrect" do
      @auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: 'incorrect'
      @auth.check_permission!
      expect(@auth.errors.full_messages.count).to eq(1)
      expect(@auth.errors.full_messages.first).to eq(I18n.t('activerecord.errors.libs.auth.access_denied'))
    end

    it "return '#{I18n.t('activerecord.errors.libs.auth.access_denied')}' if password comapny doesn't has user with email" do
      @auth = VAlexL::RCCW::Auth::Manually.new @company, email: 'incorrect_mail', password: 'incorrect'
      @auth.check_permission!
      expect(@auth.errors.full_messages.count).to eq(1)
      expect(@auth.errors.full_messages.first).to eq(I18n.t('activerecord.errors.libs.auth.access_denied'))
    end

    it "doesn't return '#{I18n.t('activerecord.errors.libs.auth.inactive_user')}' if incorrect password " do
      @user.set_inactive!
      @auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: 'incorrect'
      @auth.check_permission!
      expect(@auth.errors.full_messages.count).to eq(1)
      expect(@auth.errors.full_messages.first).to eq(I18n.t('activerecord.errors.libs.auth.access_denied'))
    end
  end


end
	require 'rails_helper'

	RSpec.describe VAlexL::RCCW::Auth::Bitrix do
	before(:each) do
	@session = {}
	@session[:bitrix_user] = {}
	@session[:bitrix_user][:email] = "New_User_email#{User.count}_#{rand(100000)}@example.ru" #usually I use Forgery for generating email and another example stuff
	@session[:bitrix_user][:user_id] = 777
	@name = 'Jhon'
	@lastname = "Jhonkovich"
	@session[:bitrix_user][:login] = "#{@name}.#{@lastname}"
	@company = FactoryGirl.create(:company)
	@auth = VAlexL::RCCW::Auth::Bitrix.new @company, @session[:bitrix_user]
	end

	describe 'has method sign_in_to_bitrix?' do
	it 'return true if user is sign in bitrix' do
	expect(@auth.sign_in_to_bitrix?).to eq(true)
	end

	it 'return false if user do not sign in bitrix' do
	@auth = VAlexL::RCCW::Auth::Bitrix.new @company, {}
	expect(@auth.sign_in_to_bitrix?).to eq(false)
	end
	end

	describe 'has method current_user' do
	it 'return nil if user do not sign_in_to_bitrix?' do
	session = {}
	session[:bitrix_user] = {}
	@auth = VAlexL::RCCW::Auth::Bitrix.new @company, {}
	expect(@auth.current_user.instance_of?(User)).to eq(false)
	end

	it 'return instance of user if sign_in_to_bitrix?' do
	expect(@auth.current_user.instance_of?(User)).to eq(true)
	end

	it 'craete new user if can not find by bitrix email' do
	expect(User.where(email: @session[:bitrix_user][:email]).count).to eq(0) #user with same email does not exist
	expect(User.where(email: @session[:bitrix_user][:email].downcase).count).to eq(0) #user with same email does not exist
	expect(@auth.current_user.name).to eq(@name)
	expect(@auth.current_user.lastname).to eq(@lastname)
	expect(@auth.current_user.email).to eq(@session[:bitrix_user][:email].downcase)
	expect(@auth.current_user.bitrix_user_id).to eq(@session[:bitrix_user][:user_id])

	expect(User.where(email: @session[:bitrix_user][:email].downcase).count).to eq(1) #user with same email exists
	end

	it 'update exist user if information about him exist in database' do
	exist_user = FactoryGirl.build(:user, email: @session[:bitrix_user][:email])
	exist_user.name = exist_user.lastname = exist_user.bitrix_user_id = nil #we get just information about e-mail
	exist_user.save!

	expect(User.where(email: @session[:bitrix_user][:email].downcase).count).to eq(1) #user exists
	expect(@auth.current_user.name).to eq(@name)
	expect(@auth.current_user.lastname).to eq(@lastname)
	expect(@auth.current_user.email) .to eq(@session[:bitrix_user][:email].downcase)
	expect(@auth.current_user.bitrix_user_id).to eq(@session[:bitrix_user][:user_id])
	end

	end
	end
	require 'rails_helper'

	RSpec.describe VAlexL::RCCW::Auth::Main do
	before(:all) do
	Company.destroy_all
	User.destroy_all

	@company = FactoryGirl.create(:company)
	@user = FactoryGirl.create(:user)

	@session = {}
	@session[:user_id] = @user.id
	@session[:last_touch] = Time.now
	@session[:bitrix_user] = {}
	@session[:bitrix_user][:email] = "new_user_email#{User.count}_#{rand(100000)}@example.ru" #уникальный email
	@session[:bitrix_user][:user_id] = 777 # уникальность в системе определяется по email поэтому побарабану на это поле
	@name = 'Jhon'
	@lastname = "Jhonkovich"
	@session[:bitrix_user][:login] = "#{@name}.#{@lastname}"

	@auth = VAlexL::RCCW::Auth::Main.new @company, @session
	end

	describe 'has method current_user' do
	before(:each) do
	@params = @session.clone
	end

	it 'return nil if can find user from session but this user is inactive' do
	@params[:bitrix_user] = nil
	@user.status = 'inactive' and @user.save!
	@auth = VAlexL::RCCW::Auth::Main.new @company, @params
	expect(@auth.current_user).to eq(nil)
	@user.status = 'active' and @user.save!
	end

	it 'return bitrix_user if session does not have user_id' do
	@params[:user_id] = nil

	exist_user = FactoryGirl.build(:user, email: @params[:bitrix_user][:email])
	exist_user.name = exist_user.lastname = exist_user.bitrix_user_id = nil #just email information
	exist_user.save!

	@auth = VAlexL::RCCW::Auth::Main.new @company, @params
	expect(User.where(email: @params[:bitrix_user][:email]).count).to eq(1) #user exists
	expect(@auth.current_user).to eq(exist_user)
	end

	it 'return user if session has user information' do
	@params[:bitrix_user] = nil
	@auth = VAlexL::RCCW::Auth::Main.new @company, @params
	expect(@auth.current_user).to eq(@user)

	end
	end

	describe 'has method user_sign_in?' do
	it 'return true if current_user is present and this user is active' do
	allow(@user).to receive(:is_active?) {true}
	allow(@auth).to receive(:current_user) {@user}
	expect(@auth.user_sign_in?).to eq(true)
	end

	it 'return true if user signed in to bitrix but session is blank' do
	allow(VAlexL::RCCW::Auth::Bitrix).to receive(:new){
	object = double
	allow(object).to receive(:sign_in_to_bitrix?).and_return(true)
	allow(object).to receive(:current_user).and_return(@user)
	object
	}

	session = {}
	@auth = VAlexL::RCCW::Auth::Main.new @company, session
	expect(@auth.user_sign_in?).to eq(true)
	end

	it 'return false if current_user is not present' do
	allow(@auth).to receive(:current_user) {nil}
	expect(@auth.user_sign_in?).to eq(false)
	end

	it 'return false if time of session less than 24.hours' do
	session = {}
	session[:user_id] = @user.id
	session[:last_touch] = Time.now - 25.hours
	@auth = VAlexL::RCCW::Auth::Main.new @company, session
	allow(@auth).to receive(:current_user) {@user}
	expect(@auth.user_sign_in?).to eq(false)
	end


	end

	end
	require 'rails_helper'

	RSpec.describe VAlexL::RCCW::Auth::Manually do
	before(:all) do
	Company.destroy_all
	User.destroy_all
	@company = FactoryGirl.create(:company)
	@user = FactoryGirl.create(:user, email: 'new_user@mail.ru', password: '123')
	end

	before(:each) do
	@user = User.single_users.first \|\| FactoryGirl.create(:user, email: '', comapny: @company)
	@user.set_active!
	end

	describe 'access denied if' do
	after(:each) do
	expect(@auth.check_permission!).to eq(false)
	end

	it 'receives nonexisten email' do
	@auth = VAlexL::RCCW::Auth::Manually.new @company, email: 'incorrect_mail@mail.ls', password: 'incorrect'
	end

	it 'receives existen email but incorrect password' do
	@auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: 'incorrect'
	end

	it 'has correct email and password but this user is inactive' do
	@user.set_inactive!
	@auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: '123'
	end
	end

	it 'allows access if has correct email and correct password' do
	@auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: '123'

	expect(@auth.password.present?).to eq(true) #user exists
	expect(@auth.current_user.present?).to eq(true) #password was given
	expect(@auth.current_user.encrypted_password.present?).to eq(true) #password was given

	expect(@auth.check_permission!).to eq(true)
	end

	describe 'has method errors' do
	it 'return instance of ActiveModel::Errors' do
	@auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: '123'
	expect(@auth.errors.class).to eq(ActiveModel::Errors)
	end

	it "return '#{I18n.t('activerecord.errors.libs.auth.inactive_user')}' if user is inactive" do
	@user.set_inactive!
	@auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: '123'
	@auth.check_permission!
	expect(@auth.errors.full_messages.count).to eq(1)
	expect(@auth.errors.full_messages.first).to eq(I18n.t('activerecord.errors.libs.auth.inactive_user'))
	end

	it "return '#{I18n.t('activerecord.errors.libs.auth.access_denied')}' if password incorrect" do
	@auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: 'incorrect'
	@auth.check_permission!
	expect(@auth.errors.full_messages.count).to eq(1)
	expect(@auth.errors.full_messages.first).to eq(I18n.t('activerecord.errors.libs.auth.access_denied'))
	end

	it "return '#{I18n.t('activerecord.errors.libs.auth.access_denied')}' if password comapny doesn't has user with email" do
	@auth = VAlexL::RCCW::Auth::Manually.new @company, email: 'incorrect_mail', password: 'incorrect'
	@auth.check_permission!
	expect(@auth.errors.full_messages.count).to eq(1)
	expect(@auth.errors.full_messages.first).to eq(I18n.t('activerecord.errors.libs.auth.access_denied'))
	end

	it "doesn't return '#{I18n.t('activerecord.errors.libs.auth.inactive_user')}' if incorrect password " do
	@user.set_inactive!
	@auth = VAlexL::RCCW::Auth::Manually.new @company, email: @user.email, password: 'incorrect'
	@auth.check_permission!
	expect(@auth.errors.full_messages.count).to eq(1)
	expect(@auth.errors.full_messages.first).to eq(I18n.t('activerecord.errors.libs.auth.access_denied'))
	end
	end


	end