Rails - Apr 2009 - restful_authentication: 3 unit tests break!

Hi all

I have installed restful_authentication. However, I didn''t active the
email-verification option in the first way, so I tried to activate it
manually some time later. But now I have problems with my application
and I''m trying to solve them bit by bit.

First of all, my unit tests don''t work:

  1) Failure:
test_should_initialize_activation_code_upon_creation(UserTest)
    [./test/unit/user_test.rb:18:in
`test_should_initialize_activation_code_upon_creation''
    
/Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in
`__send__''
    
/Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in
`run'']:
<nil> expected to not be nil.

  2) Failure:
test_should_unsuspend_user_to_active_state(UserTest)
    [./test/unit/user_test.rb:130:in
`test_should_unsuspend_user_to_active_state''
    
/Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in
`__send__''
    
/Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in
`run'']:
<false> is not true.

  3) Failure:
test_suspended_user_should_not_authenticate(UserTest)
    [./test/unit/user_test.rb:123:in
`test_suspended_user_should_not_authenticate''
    
/Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in
`__send__''
    
/Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in
`run'']:
<#<User id: 1, login: "quentin", email:
"quentin-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org",
crypted_password: "00742970dc9e6319f8019fd54864d3ea740f04b1", salt:
"7e3041ebc2fc05a40c60028e2c4901a81035d3cd", created_at:
"2009-04-15
15:13:00", updated_at: "2009-04-20 15:13:01", remember_token:
nil,
remember_token_expires_at: nil, first_name: "Quentin", last_name:
"Tarantino", activation_code: nil, state: "suspended",
activated_at:
nil, deleted_at: nil>> expected to be != to
<#<User id: 1, login: "quentin", email:
"quentin-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org",
crypted_password: "00742970dc9e6319f8019fd54864d3ea740f04b1", salt:
"7e3041ebc2fc05a40c60028e2c4901a81035d3cd", created_at:
"2009-04-15
15:13:00", updated_at: "2009-04-20 15:13:01", remember_token:
nil,
remember_token_expires_at: nil, first_name: "Quentin", last_name:
"Tarantino", activation_code: nil, state: "suspended",
activated_at:
nil, deleted_at: nil>>.

43 tests, 83 assertions, 3 failures, 0 errors
rake aborted!
Command failed with status (1):
[/System/Library/Frameworks/Ruby.framework/...]

(See full trace by running task with --trace)

Sadly I have no idea how to fix them... what could be wrong? My user
model looks the following:

require ''digest/sha1''
class User < ActiveRecord::Base
  # Virtual attribute for the unencrypted password
  attr_accessor :password

  validates_presence_of     :login,
    :email,
    :first_name,
    :last_name
  validates_presence_of     :password,                   :if =>
:password_required?
  validates_presence_of     :password_confirmation,      :if =>
:password_required?
  validates_length_of       :password, :within => 4..40, :if =>
:password_required?
  validates_confirmation_of :password,                   :if =>
:password_required?
  validates_length_of       :login,    :within => 3..40
  validates_length_of       :email,    :within => 3..100
  validates_uniqueness_of   :login, :email, :case_sensitive => false
  before_save :encrypt_password

  has_many :comments,
    :dependent => :destroy

  has_many :blogs,
    :dependent => :destroy

  # prevents a user from submitting a crafted form that bypasses
activation
  # anything else you want your user to change should be added here.
  attr_accessible :login,
    :email,
    :first_name,
    :last_name,
    :password,
    :password_confirmation

  acts_as_state_machine :initial => :pending
  state :passive
  state :pending, :enter => :make_activation_code
  state :active,  :enter => :do_activate
  state :suspended
  state :deleted, :enter => :do_delete

  event :register do
    transitions :from => :passive, :to => :pending, :guard => Proc.new
{|u| !(u.crypted_password.blank? && u.password.blank?) }
  end

  event :activate do
    transitions :from => :pending, :to => :active
  end

  event :suspend do
    transitions :from => [:passive, :pending, :active], :to =>
:suspended
  end

  event :delete do
    transitions :from => [:passive, :pending, :active, :suspended], :to
=> :deleted
  end

  event :unsuspend do
    transitions :from => :suspended, :to => :active,  :guard =>
Proc.new
{|u| !u.activated_at.blank? }
    transitions :from => :suspended, :to => :pending, :guard =>
Proc.new
{|u| !u.activation_code.blank? }
    transitions :from => :suspended, :to => :passive
  end

  # Authenticates a user by their login name and unencrypted password.
Returns the user or nil.
  def self.authenticate(login, password)
    u = find_by_login(login) # need to get the salt
    u && u.authenticated?(password) ? u : nil
  end

  # Encrypts some data with the salt.
  def self.encrypt(password, salt)
    Digest::SHA1.hexdigest("--#{salt}--#{password}--")
  end

  # Encrypts the password with the user salt
  def encrypt(password)
    self.class.encrypt(password, salt)
  end

  def authenticated?(password)
    crypted_password == encrypt(password)
  end

  def remember_token?
    remember_token_expires_at && Time.now.utc <
remember_token_expires_at
  end

  # These create and unset the fields required for remembering users
between browser closes
  def remember_me
    remember_me_for 2.weeks
  end

  def remember_me_for(time)
    remember_me_until time.from_now.utc
  end

  def remember_me_until(time)
    self.remember_token_expires_at = time
    self.remember_token           
encrypt("#{email}--#{remember_token_expires_at}")
    save(false)
  end

  def forget_me
    self.remember_token_expires_at = nil
    self.remember_token            = nil
    save(false)
  end

  # Returns true if the user has just been activated.
  def recently_activated?
    @activated
  end

  def forgot_password
    @forgotten_password = true
    self.make_password_reset_code
  end

  def reset_password
    # First update the password_reset_code before setting the
    # reset_password flag to avoid duplicate email notifications.
    update_attributes(:password_reset_code => nil)
    @reset_password = true
  end

  def recently_forgot_password?
    @forgotten_password
  end

  def recently_reset_password?
    @reset_password
  end

  def display_name
    "#{first_name} #{last_name}"
  end

protected
  # before filter
  def encrypt_password
    return if password.blank?
    self.salt =
Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--")
if new_record?
    self.crypted_password = encrypt(password)
  end

  def password_required?
    crypted_password.blank? || !password.blank?
  end

  def make_activation_code
    self.deleted_at = nil
    self.activation_code = Digest::SHA1.hexdigest(
Time.now.to_s.split(//).sort_by {rand}.join )
  end

  def do_delete
    self.deleted_at = Time.now.utc
  end

  def do_activate
    @activated = true
    self.activated_at = Time.now.utc
    self.deleted_at = self.activation_code = nil
  end

  def make_password_reset_code
    self.password_reset_code = Digest::SHA1.hexdigest(
Time.now.to_s.split(//).sort_by {rand}.join )
  end
end

It''s basically the original model, but I added first_name and
last_name.

I''d be very thankful for some debugging help...
Josh
-- 
Posted via http://www.ruby-forum.com/.

OK, the first error could be solved. I did not call register! when 
creating the object.

protected
  def create_user(options = {})
    record = User.new({ :login => ''quire'',
                        :email =>
''quire-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org'',
                        :first_name => ''Quire'',
                        :last_name => ''Quare'',
                        :password => ''quire'',
                        :password_confirmation => ''quire'',
                        :state => ''pending''
                      }.merge(options))
    record.register! if record.valid? # Here I just called record.save 
before
    record
  end

Anyway, why do I have to call record.register! here? What''s the 
difference to record.save? I guess it has something to do with 
acts_as_state_machine?
-- 
Posted via http://www.ruby-forum.com/.

> I guess it has something to do with acts_as_state_machine?
Yes. Don''t you read the source code of your plugins before using them? 
That''s bold.
-- 
Posted via http://www.ruby-forum.com/.

Fernando Perez wrote:
>> I guess it has something to do with acts_as_state_machine?
> 
> Yes. Don''t you read the source code of your plugins before using
them?
> That''s bold.
Thanks for your very helpful answer. ;-)
-- 
Posted via http://www.ruby-forum.com/.

Fernando Perez wrote:
>> I guess it has something to do with acts_as_state_machine?
> 
> Yes. Don''t you read the source code of your plugins before using
them?
> That''s bold.
OK, I read some of the source code of the plugin. Sadly I''m no very 
experienced Ruby programmer, so I have a question.

Where does a new record get saved to the DB when calling register!?
>> record = User.new({ :login => ''quire'', :email
=> ''quire-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org'',
:password => ''quire'', :password_confirmation =>
''quire'' })
=> #<User id: nil, first_name: nil, last_name: nil, login:
"quire",
email: "quire-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org",
remember_token: nil, crypted_password: nil,
password_reset_code: nil, salt: nil, activation_code: nil, 
remember_token_expires_at: nil, activated_at: nil, deleted_at: nil, 
state: "passive", created_at: nil, updated_at:
nil>
>> record.new_record?
=> true
>> record.register!
=> true
>> record.new_record?
=> false

I''m trying to get into this plugin, but it seems very tricky to me...
-- 
Posted via http://www.ruby-forum.com/.

On Apr 20, 2:55 pm, Joshua Muheim
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
wrote:
> Fernando Perez wrote:
> >> I guess it has something to do with acts_as_state_machine?
>
> > Yes. Don''t you read the source code of your plugins before
using them?
> > That''s bold.
>
> OK, I read some of the source code of the plugin. Sadly I''m no
very
> experienced Ruby programmer, so I have a question.
>
> Where does a new record get saved to the DB when calling register!?
>
> >> record = User.new({ :login => ''quire'', :email
=> ''qu...@example.com'', :password =>
''quire'', :password_confirmation =>
''quire'' })
>
> => #<User id: nil, first_name: nil, last_name: nil, login:
"quire",
> email: "qu...-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org",
remember_token: nil, crypted_password: nil,
> password_reset_code: nil, salt: nil, activation_code: nil,
> remember_token_expires_at: nil, activated_at: nil, deleted_at: nil,
> state: "passive", created_at: nil, updated_at: nil>>>
record.new_record?
> => true
> >> record.register!
> => true
> >> record.new_record?
>
> => false
>
> I''m trying to get into this plugin, but it seems very tricky to
me...
> --
> Posted viahttp://www.ruby-forum.com/.

The record gets saved by aasm (acts_as_state_machine). By using this
plugin, your model has different "states" that is stored most likely
in a :state column. When you call register or register! on your model,
it is telling aasm to change the state of your model:

event :register do
    transitions :from => :passive, :to => :pending, :guard => Proc.new
{|u| !(u.crypted_password.blank? && u.password.blank?) }
end

In this case, it''s changing your model from the :passive state to
the :pending state. What happens at this point is that
make_activation_code is called because of this line:

state :pending, :enter => :make_activation_code.

Your model is saved after you call register because aasm changes the
state of the model and then saves that model.

Hopefully this helps.

Jon