diff options
Diffstat (limited to 'activemodel/test/cases/secure_password_test.rb')
-rw-r--r-- | activemodel/test/cases/secure_password_test.rb | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/activemodel/test/cases/secure_password_test.rb b/activemodel/test/cases/secure_password_test.rb new file mode 100644 index 0000000000..4a47a7a226 --- /dev/null +++ b/activemodel/test/cases/secure_password_test.rb @@ -0,0 +1,45 @@ +require 'cases/helper' +require 'models/user' +require 'models/visitor' +require 'models/administrator' + +class SecurePasswordTest < ActiveModel::TestCase + + setup do + @user = User.new + end + + test "password must be present" do + assert !@user.valid? + assert_equal 1, @user.errors.size + end + + test "password must match confirmation" do + @user.password = "thiswillberight" + @user.password_confirmation = "wrong" + + assert !@user.valid? + + @user.password_confirmation = "thiswillberight" + + assert @user.valid? + end + + test "authenticate" do + @user.password = "secret" + + assert !@user.authenticate("wrong") + assert @user.authenticate("secret") + end + + test "visitor#password_digest should be protected against mass assignment" do + assert Visitor.active_authorizer.kind_of?(ActiveModel::MassAssignmentSecurity::BlackList) + assert Visitor.active_authorizer.include?(:password_digest) + end + + test "Administrator's mass_assignment_authorizer should be WhiteList" do + assert Administrator.active_authorizer.kind_of?(ActiveModel::MassAssignmentSecurity::WhiteList) + assert !Administrator.active_authorizer.include?(:password_digest) + assert Administrator.active_authorizer.include?(:name) + end +end |