restful_authentication: 3 unit tests break!

Hi all

I have installed restful_authentication. However, I didn't active the email-verification option in the first way, so I tried to activate it manually some time later. But now I have problems with my application and I'm trying to solve them bit by bit.

First of all, my unit tests don't work:

  1) Failure: test_should_initialize_activation_code_upon_creation(UserTest)     [./test/unit/user_test.rb:18:in `test_should_initialize_activation_code_upon_creation'      /Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in `__send__'      /Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in `run']: <nil> expected to not be nil.

  2) Failure: test_should_unsuspend_user_to_active_state(UserTest)     [./test/unit/user_test.rb:130:in `test_should_unsuspend_user_to_active_state'      /Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in `__send__'      /Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in `run']: <false> is not true.

  3) Failure: test_suspended_user_should_not_authenticate(UserTest)     [./test/unit/user_test.rb:123:in `test_suspended_user_should_not_authenticate'      /Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in `__send__'      /Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/testing/setup_and_teardown.rb:33:in `run']: <#<User id: 1, login: "quentin", email: "quentin@example.com", crypted_password: "00742970dc9e6319f8019fd54864d3ea740f04b1", salt: "7e3041ebc2fc05a40c60028e2c4901a81035d3cd", created_at: "2009-04-15 15:13:00", updated_at: "2009-04-20 15:13:01", remember_token: nil, remember_token_expires_at: nil, first_name: "Quentin", last_name: "Tarantino", activation_code: nil, state: "suspended", activated_at: nil, deleted_at: nil>> expected to be != to <#<User id: 1, login: "quentin", email: "quentin@example.com", crypted_password: "00742970dc9e6319f8019fd54864d3ea740f04b1", salt: "7e3041ebc2fc05a40c60028e2c4901a81035d3cd", created_at: "2009-04-15 15:13:00", updated_at: "2009-04-20 15:13:01", remember_token: nil, remember_token_expires_at: nil, first_name: "Quentin", last_name: "Tarantino", activation_code: nil, state: "suspended", activated_at: nil, deleted_at: nil>>.

43 tests, 83 assertions, 3 failures, 0 errors rake aborted! Command failed with status (1): [/System/Library/Frameworks/Ruby.framework/...]

(See full trace by running task with --trace)

Sadly I have no idea how to fix them... what could be wrong? My user model looks the following:

require 'digest/sha1' class User < ActiveRecord::Base   # Virtual attribute for the unencrypted password   attr_accessor :password

  validates_presence_of :login,     :email,     :first_name,     :last_name   validates_presence_of :password, :if => :password_required?   validates_presence_of :password_confirmation, :if => :password_required?   validates_length_of :password, :within => 4..40, :if => :password_required?   validates_confirmation_of :password, :if => :password_required?   validates_length_of :login, :within => 3..40   validates_length_of :email, :within => 3..100   validates_uniqueness_of :login, :email, :case_sensitive => false   before_save :encrypt_password

  has_many :comments,     :dependent => :destroy

  has_many :blogs,     :dependent => :destroy

  # prevents a user from submitting a crafted form that bypasses activation   # anything else you want your user to change should be added here.   attr_accessible :login,     :email,     :first_name,     :last_name,     :password,     :password_confirmation

  acts_as_state_machine :initial => :pending   state :passive   state :pending, :enter => :make_activation_code   state :active, :enter => :do_activate   state :suspended   state :deleted, :enter => :do_delete

  event :register do     transitions :from => :passive, :to => :pending, :guard => Proc.new {|u| !(u.crypted_password.blank? && u.password.blank?) }   end

  event :activate do     transitions :from => :pending, :to => :active   end

  event :suspend do     transitions :from => [:passive, :pending, :active], :to => :suspended   end

  event :delete do     transitions :from => [:passive, :pending, :active, :suspended], :to => :deleted   end

  event :unsuspend do     transitions :from => :suspended, :to => :active, :guard => Proc.new {|u| !u.activated_at.blank? }     transitions :from => :suspended, :to => :pending, :guard => Proc.new {|u| !u.activation_code.blank? }     transitions :from => :suspended, :to => :passive   end

  # Authenticates a user by their login name and unencrypted password. Returns the user or nil.   def self.authenticate(login, password)     u = find_by_login(login) # need to get the salt     u && u.authenticated?(password) ? u : nil   end

  # Encrypts some data with the salt.   def self.encrypt(password, salt)     Digest::SHA1.hexdigest("--#{salt}--#{password}--")   end

  # Encrypts the password with the user salt   def encrypt(password)     self.class.encrypt(password, salt)   end

  def authenticated?(password)     crypted_password == encrypt(password)   end

  def remember_token?     remember_token_expires_at && Time.now.utc < remember_token_expires_at   end

  # These create and unset the fields required for remembering users between browser closes   def remember_me     remember_me_for 2.weeks   end

  def remember_me_for(time)     remember_me_until time.from_now.utc   end

  def remember_me_until(time)     self.remember_token_expires_at = time     self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")     save(false)   end

  def forget_me     self.remember_token_expires_at = nil     self.remember_token = nil     save(false)   end

  # Returns true if the user has just been activated.   def recently_activated?     @activated   end

  def forgot_password     @forgotten_password = true     self.make_password_reset_code   end

  def reset_password     # First update the password_reset_code before setting the     # reset_password flag to avoid duplicate email notifications.     update_attributes(:password_reset_code => nil)     @reset_password = true   end

  def recently_forgot_password?     @forgotten_password   end

  def recently_reset_password?     @reset_password   end

  def display_name     "#{first_name} #{last_name}"   end

protected   # before filter   def encrypt_password     return if password.blank?     self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record?     self.crypted_password = encrypt(password)   end

  def password_required?     crypted_password.blank? || !password.blank?   end

  def make_activation_code     self.deleted_at = nil     self.activation_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )   end

  def do_delete     self.deleted_at = Time.now.utc   end

  def do_activate     @activated = true     self.activated_at = Time.now.utc     self.deleted_at = self.activation_code = nil   end

  def make_password_reset_code     self.password_reset_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )   end end

It's basically the original model, but I added first_name and last_name.

I'd be very thankful for some debugging help... Josh

OK, the first error could be solved. I did not call register! when creating the object.

protected   def create_user(options = {})     record = User.new({ :login => 'quire',                         :email => 'quire@example.com',                         :first_name => 'Quire',                         :last_name => 'Quare',                         :password => 'quire',                         :password_confirmation => 'quire',                         :state => 'pending'                       }.merge(options))     record.register! if record.valid? # Here I just called record.save before     record   end

Anyway, why do I have to call record.register! here? What's the difference to record.save? I guess it has something to do with acts_as_state_machine?

I guess it has something to do with acts_as_state_machine?

Yes. Don't you read the source code of your plugins before using them? That's bold.

Fernando Perez wrote:

I guess it has something to do with acts_as_state_machine?

Yes. Don't you read the source code of your plugins before using them? That's bold.

Thanks for your very helpful answer.

Fernando Perez wrote:

I guess it has something to do with acts_as_state_machine?

Yes. Don't you read the source code of your plugins before using them? That's bold.

OK, I read some of the source code of the plugin. Sadly I'm no very experienced Ruby programmer, so I have a question.

Where does a new record get saved to the DB when calling register!?

record = User.new({ :login => 'quire', :email => 'quire@example.com', :password => 'quire', :password_confirmation => 'quire' })

=> #<User id: nil, first_name: nil, last_name: nil, login: "quire", email: "quire@example.com", remember_token: nil, crypted_password: nil, password_reset_code: nil, salt: nil, activation_code: nil, remember_token_expires_at: nil, activated_at: nil, deleted_at: nil, state: "passive", created_at: nil, updated_at: nil>

record.new_record?

=> true

record.register!

=> true

record.new_record?

=> false

I'm trying to get into this plugin, but it seems very tricky to me...

The record gets saved by aasm (acts_as_state_machine). By using this plugin, your model has different "states" that is stored most likely in a :state column. When you call register or register! on your model, it is telling aasm to change the state of your model:

event :register do     transitions :from => :passive, :to => :pending, :guard => Proc.new {|u| !(u.crypted_password.blank? && u.password.blank?) } end

In this case, it's changing your model from the :passive state to the :pending state. What happens at this point is that make_activation_code is called because of this line:

state :pending, :enter => :make_activation_code.

Your model is saved after you call register because aasm changes the state of the model and then saves that model.

Hopefully this helps.

Jon