nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

IZ MS refactored invites to use user.build

Browse source
This commit is contained in:
zhitomirskiyi 2010-11-03 13:16:45 -07:00
parent 3578daa14e
commit 0ac4c5b04f
4 changed files with 51 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/models/person.rb
View file

@ -45,6 +45,8 @@ class Person
scope :searchable, where('profile.searchable' => true) scope :searchable, where('profile.searchable' => true)
attr_accessible :profile
def self.search(query) def self.search(query)
return Person.searchable.all if query.to_s.empty? return Person.searchable.all if query.to_s.empty?
query_tokens = query.to_s.strip.split(" ") query_tokens = query.to_s.strip.split(" ")

49
app/models/user.rb
View file

@ -388,21 +388,16 @@ class User
def accept_invitation!(opts = {}) def accept_invitation!(opts = {})
if self.invited? if self.invited?
self.username = opts[:username]
self.setup(opts)
self.invitation_token = nil
self.password = opts[:password] self.password = opts[:password]
self.password_confirmation = opts[:password_confirmation] self.password_confirmation = opts[:password_confirmation]
opts[:person][:diaspora_handle] = "#{opts[:username]}@#{APP_CONFIG[:terse_pod_url]}"
opts[:person][:url] = APP_CONFIG[:pod_url]
opts[:serialized_private_key] = User.generate_key self.person.save!
self.serialized_private_key = opts[:serialized_private_key]
opts[:person][:serialized_public_key] = opts[:serialized_private_key].public_key
person_hash = opts.delete(:person)
self.person = Person.create(person_hash)
self.person.save
self.invitation_token = nil self.invitation_token = nil
self.save self.save!
self self
end end
end end
@ -410,24 +405,28 @@ class User
###Helpers############ ###Helpers############
def self.build(opts = {}) def self.build(opts = {})
u = User.new(opts) u = User.new(opts)
u.username = opts[:username]
u.email = opts[:email] u.email = opts[:email]
u.setup(opts)
opts[:person] ||= {}
opts[:person][:profile] ||= Profile.new
u.person = Person.new(opts[:person])
u.person.diaspora_handle = "#{opts[:username]}@#{APP_CONFIG[:terse_pod_url]}"
u.person.url = APP_CONFIG[:pod_url]
new_key = generate_key
u.serialized_private_key = new_key
u.person.serialized_public_key = new_key.public_key
u u
end end
def setup(opts)
self.username = opts[:username]
opts[:person] ||= {}
opts[:person][:profile] ||= Profile.new
self.person = Person.new(opts[:person])
self.person.diaspora_handle = "#{opts[:username]}@#{APP_CONFIG[:terse_pod_url]}"
self.person.url = APP_CONFIG[:pod_url]
new_key = User.generate_key
self.serialized_private_key = new_key
self.person.serialized_public_key = new_key.public_key
self
end
def seed_aspects def seed_aspects
self.aspects.create(:name => "Family") self.aspects.create(:name => "Family")
self.aspects.create(:name => "Work") self.aspects.create(:name => "Work")

5
spec/models/user/invite_spec.rb
View file

@ -35,6 +35,10 @@ describe User do
}.should change(User, :count).by(1) }.should change(User, :count).by(1)
end end
it 'creates it with an email' do
inviter.invite_user(:email => "joe@example.com", :aspect_id => aspect.id).email.should == "joe@example.com"
end
it 'sends email to the invited user' do it 'sends email to the invited user' do
::Devise.mailer.should_receive(:invitation).once ::Devise.mailer.should_receive(:invitation).once
inviter.invite_user(:email => "ian@example.com", :aspect_id => aspect.id) inviter.invite_user(:email => "ian@example.com", :aspect_id => aspect.id)
@ -135,6 +139,7 @@ def create_user_with_invitation(invitation_token, attributes={})
inviter = attributes.delete(:inviter) inviter = attributes.delete(:inviter)
user = User.new({:password => nil, :password_confirmation => nil}.update(attributes)) user = User.new({:password => nil, :password_confirmation => nil}.update(attributes))
#user.skip_confirmation! #user.skip_confirmation!
user.email = attributes[:email]
user.invitation_token = invitation_token user.invitation_token = invitation_token
user.invitation_sent_at = Time.now.utc user.invitation_sent_at = Time.now.utc
user.inviters << inviter user.inviters << inviter

21
spec/models/user_spec.rb
View file

@ -45,7 +45,7 @@ describe User do
user = Factory.build(:user) user = Factory.build(:user)
user.should be_valid user.should be_valid
user.person.update_attribute(:serialized_public_key, nil) user.person.serialized_public_key = nil
user.person.should_not be_valid user.person.should_not be_valid
user.should_not be_valid user.should_not be_valid
@ -191,6 +191,25 @@ describe User do
User.build(@invalid_params).save.should be_false User.build(@invalid_params).save.should be_false
end end
end end
describe "with malicious params" do
let(:person) {Factory.create :person}
before do
@invalid_params = {:username => "ohai",
:email => "ohai@example.com",
:password => "password",
:password_confirmation => "password",
:person =>
{:_id => person.id,
:profile =>
{:first_name => "O",
:last_name => "Hai"}
}
}
end
it "does not assign it to the person" do
User.build(@invalid_params).person.id.should_not == person.id
end
end
end end
describe ".find_for_authentication" do describe ".find_for_authentication" do