jro_apps/redmine Commit - r10398:3e706adddddf

1

# Redmine - project management software

1

# Redmine - project management software

2

3

#

3

#

4

# This program is free software; you can redistribute it and/or

4

# This program is free software; you can redistribute it and/or

5

# modify it under the terms of the GNU General Public License

5

# modify it under the terms of the GNU General Public License

6

# as published by the Free Software Foundation; either version 2

6

# as published by the Free Software Foundation; either version 2

7

# of the License, or (at your option) any later version.

7

# of the License, or (at your option) any later version.

8

#

8

#

9

# This program is distributed in the hope that it will be useful,

9

# This program is distributed in the hope that it will be useful,

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

12

# GNU General Public License for more details.

12

# GNU General Public License for more details.

13

#

13

#

14

# You should have received a copy of the GNU General Public License

14

# You should have received a copy of the GNU General Public License

15

# along with this program; if not, write to the Free Software

15

# along with this program; if not, write to the Free Software

16

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

16

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

17

18

require File.expand_path('../../test_helper', __FILE__)

18

require File.expand_path('../../test_helper', __FILE__)

19

require 'account_controller'

19

require 'account_controller'

20

21

# Re-raise errors caught by the controller.

21

# Re-raise errors caught by the controller.

22

class AccountController; def rescue_action(e) raise e end; end

22

class AccountController; def rescue_action(e) raise e end; end

23

24

class AccountControllerTest < ActionController::TestCase

24

class AccountControllerTest < ActionController::TestCase

25

fixtures :users, :roles

25

fixtures :users, :roles

26

27

def setup

27

def setup

28

@controller = AccountController.new

28

@controller = AccountController.new

29

@request = ActionController::TestRequest.new

29

@request = ActionController::TestRequest.new

30

@response = ActionController::TestResponse.new

30

@response = ActionController::TestResponse.new

31

User.current = nil

31

User.current = nil

32

end

32

end

33

34

def test_get_login

35

get :login

36

assert_response :success

37

assert_template 'login'

38

39

assert_select 'input[name=username]'

40

assert_select 'input[name=password]'

41

end

42

34

def test_login_should_redirect_to_back_url_param

43

def test_login_should_redirect_to_back_url_param

35

# request.uri is "test.host" in test environment

44

# request.uri is "test.host" in test environment

36

post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.host/issues/show/1'

45

post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.host/issues/show/1'

37

assert_redirected_to '/issues/show/1'

46

assert_redirected_to '/issues/show/1'

38

end

47

end

39

48

40

def test_login_should_not_redirect_to_another_host

49

def test_login_should_not_redirect_to_another_host

41

post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.foo/fake'

50

post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.foo/fake'

42

assert_redirected_to '/my/page'

51

assert_redirected_to '/my/page'

43

end

52

end

44

53

45

def test_login_with_wrong_password

54

def test_login_with_wrong_password

46

post :login, :username => 'admin', :password => 'bad'

55

post :login, :username => 'admin', :password => 'bad'

47

assert_response :success

56

assert_response :success

48

assert_template 'login'

57

assert_template 'login'

49

assert_tag 'div',

58

50

:attributes => { :class => "flash error" },

59

assert_select 'div.flash.error', :text => /Invalid user or password/

51

:content => /Invalid user or password/

60

assert_select 'input[name=username][value=admin]'

61

assert_select 'input[name=password]'

62

assert_select 'input[name=password][value]', 0

52

end

63

end

53

64

54

def test_login_should_rescue_auth_source_exception

65

def test_login_should_rescue_auth_source_exception

55

source = AuthSource.create!(:name => 'Test')

66

source = AuthSource.create!(:name => 'Test')

56

User.find(2).update_attribute :auth_source_id, source.id

67

User.find(2).update_attribute :auth_source_id, source.id

57

AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong"))

68

AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong"))

58

69

59

post :login, :username => 'jsmith', :password => 'jsmith'

70

post :login, :username => 'jsmith', :password => 'jsmith'

60

assert_response 500

71

assert_response 500

61

assert_error_tag :content => /Something wrong/

72

assert_error_tag :content => /Something wrong/

62

end

73

end

63

74

64

def test_login_should_reset_session

75

def test_login_should_reset_session

65

@controller.expects(:reset_session).once

76

@controller.expects(:reset_session).once

66

77

67

post :login, :username => 'jsmith', :password => 'jsmith'

78

post :login, :username => 'jsmith', :password => 'jsmith'

68

assert_response 302

79

assert_response 302

69

end

80

end

70

81

71

def test_logout

82

def test_logout

72

@request.session[:user_id] = 2

83

@request.session[:user_id] = 2

73

get :logout

84

get :logout

74

assert_redirected_to '/'

85

assert_redirected_to '/'

75

assert_nil @request.session[:user_id]

86

assert_nil @request.session[:user_id]

76

end

87

end

77

88

78

def test_logout_should_reset_session

89

def test_logout_should_reset_session

79

@controller.expects(:reset_session).once

90

@controller.expects(:reset_session).once

80

91

81

@request.session[:user_id] = 2

92

@request.session[:user_id] = 2

82

get :logout

93

get :logout

83

assert_response 302

94

assert_response 302

84

end

95

end

85

96

86

def test_get_register_with_registration_on

97

def test_get_register_with_registration_on

87

with_settings :self_registration => '3' do

98

with_settings :self_registration => '3' do

88

get :register

99

get :register

89

assert_response :success

100

assert_response :success

90

assert_template 'register'

101

assert_template 'register'

91

assert_not_nil assigns(:user)

102

assert_not_nil assigns(:user)

92

103

93

assert_tag 'input', :attributes => {:name => 'user[password]'}

104

assert_tag 'input', :attributes => {:name => 'user[password]'}

94

assert_tag 'input', :attributes => {:name => 'user[password_confirmation]'}

105

assert_tag 'input', :attributes => {:name => 'user[password_confirmation]'}

95

end

106

end

96

end

107

end

97

108

98

def test_get_register_with_registration_off_should_redirect

109

def test_get_register_with_registration_off_should_redirect

99

with_settings :self_registration => '0' do

110

with_settings :self_registration => '0' do

100

get :register

111

get :register

101

assert_redirected_to '/'

112

assert_redirected_to '/'

102

end

113

end

103

end

114

end

104

115

105

# See integration/account_test.rb for the full test

116

# See integration/account_test.rb for the full test

106

def test_post_register_with_registration_on

117

def test_post_register_with_registration_on

107

with_settings :self_registration => '3' do

118

with_settings :self_registration => '3' do

108

assert_difference 'User.count' do

119

assert_difference 'User.count' do

109

post :register, :user => {

120

post :register, :user => {

110

:login => 'register',

121

:login => 'register',

111

:password => 'test',

122

:password => 'test',

112

:password_confirmation => 'test',

123

:password_confirmation => 'test',

113

:firstname => 'John',

124

:firstname => 'John',

114

:lastname => 'Doe',

125

:lastname => 'Doe',

115

:mail => 'register@example.com'

126

:mail => 'register@example.com'

116

}

127

}

117

assert_redirected_to '/my/account'

128

assert_redirected_to '/my/account'

118

end

129

end

119

user = User.first(:order => 'id DESC')

130

user = User.first(:order => 'id DESC')

120

assert_equal 'register', user.login

131

assert_equal 'register', user.login

121

assert_equal 'John', user.firstname

132

assert_equal 'John', user.firstname

122

assert_equal 'Doe', user.lastname

133

assert_equal 'Doe', user.lastname

123

assert_equal 'register@example.com', user.mail

134

assert_equal 'register@example.com', user.mail

124

assert user.check_password?('test')

135

assert user.check_password?('test')

125

assert user.active?

136

assert user.active?

126

end

137

end

127

end

138

end

128

139

129

def test_post_register_with_registration_off_should_redirect

140

def test_post_register_with_registration_off_should_redirect

130

with_settings :self_registration => '0' do

141

with_settings :self_registration => '0' do

131

assert_no_difference 'User.count' do

142

assert_no_difference 'User.count' do

132

post :register, :user => {

143

post :register, :user => {

133

:login => 'register',

144

:login => 'register',

134

:password => 'test',

145

:password => 'test',

135

:password_confirmation => 'test',

146

:password_confirmation => 'test',

136

:firstname => 'John',

147

:firstname => 'John',

137

:lastname => 'Doe',

148

:lastname => 'Doe',

138

:mail => 'register@example.com'

149

:mail => 'register@example.com'

139

}

150

}

140

assert_redirected_to '/'

151

assert_redirected_to '/'

141

end

152

end

142

end

153

end

143

end

154

end

144

155

145

def test_get_lost_password_should_display_lost_password_form

156

def test_get_lost_password_should_display_lost_password_form

146

get :lost_password

157

get :lost_password

147

assert_response :success

158

assert_response :success

148

assert_select 'input[name=mail]'

159

assert_select 'input[name=mail]'

149

end

160

end

150

161

151

def test_lost_password_for_active_user_should_create_a_token

162

def test_lost_password_for_active_user_should_create_a_token

152

Token.delete_all

163

Token.delete_all

153

ActionMailer::Base.deliveries.clear

164

ActionMailer::Base.deliveries.clear

154

assert_difference 'ActionMailer::Base.deliveries.size' do

165

assert_difference 'ActionMailer::Base.deliveries.size' do

155

assert_difference 'Token.count' do

166

assert_difference 'Token.count' do

156

with_settings :host_name => 'mydomain.foo', :protocol => 'http' do

167

with_settings :host_name => 'mydomain.foo', :protocol => 'http' do

157

post :lost_password, :mail => 'JSmith@somenet.foo'

168

post :lost_password, :mail => 'JSmith@somenet.foo'

158

assert_redirected_to '/login'

169

assert_redirected_to '/login'

159

end

170

end

160

end

171

end

161

end

172

end

162

173

163

token = Token.order('id DESC').first

174

token = Token.order('id DESC').first

164

assert_equal User.find(2), token.user

175

assert_equal User.find(2), token.user

165

assert_equal 'recovery', token.action

176

assert_equal 'recovery', token.action

166

177

167

assert_select_email do

178

assert_select_email do

168

assert_select "a[href=?]", "http://mydomain.foo/account/lost_password?token=#{token.value}"

179

assert_select "a[href=?]", "http://mydomain.foo/account/lost_password?token=#{token.value}"

169

end

180

end

170

end

181

end

171

182

172

def test_lost_password_for_unknown_user_should_fail

183

def test_lost_password_for_unknown_user_should_fail

173

Token.delete_all

184

Token.delete_all

174

assert_no_difference 'Token.count' do

185

assert_no_difference 'Token.count' do

175

post :lost_password, :mail => 'invalid@somenet.foo'

186

post :lost_password, :mail => 'invalid@somenet.foo'

176

assert_response :success

187

assert_response :success

177

end

188

end

178

end

189

end

179

190

180

def test_lost_password_for_non_active_user_should_fail

191

def test_lost_password_for_non_active_user_should_fail

181

Token.delete_all

192

Token.delete_all

182

assert User.find(2).lock!

193

assert User.find(2).lock!

183

194

184

assert_no_difference 'Token.count' do

195

assert_no_difference 'Token.count' do

185

post :lost_password, :mail => 'JSmith@somenet.foo'

196

post :lost_password, :mail => 'JSmith@somenet.foo'

186

assert_response :success

197

assert_response :success

187

end

198

end

188

end

199

end

189

200

190

def test_get_lost_password_with_token_should_display_the_password_recovery_form

201

def test_get_lost_password_with_token_should_display_the_password_recovery_form

191

user = User.find(2)

202

user = User.find(2)

192

token = Token.create!(:action => 'recovery', :user => user)

203

token = Token.create!(:action => 'recovery', :user => user)

193

204

194

get :lost_password, :token => token.value

205

get :lost_password, :token => token.value

195

assert_response :success

206

assert_response :success

196

assert_template 'password_recovery'

207

assert_template 'password_recovery'

197

208

198

assert_select 'input[type=hidden][name=token][value=?]', token.value

209

assert_select 'input[type=hidden][name=token][value=?]', token.value

199

end

210

end

200

211

201

def test_get_lost_password_with_invalid_token_should_redirect

212

def test_get_lost_password_with_invalid_token_should_redirect

202

get :lost_password, :token => "abcdef"

213

get :lost_password, :token => "abcdef"

203

assert_redirected_to '/'

214

assert_redirected_to '/'

204

end

215

end

205

216

206

def test_post_lost_password_with_token_should_change_the_user_password

217

def test_post_lost_password_with_token_should_change_the_user_password

207

user = User.find(2)

218

user = User.find(2)

208

token = Token.create!(:action => 'recovery', :user => user)

219

token = Token.create!(:action => 'recovery', :user => user)

209

220

210

post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'

221

post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'

211

assert_redirected_to '/login'

222

assert_redirected_to '/login'

212

user.reload

223

user.reload

213

assert user.check_password?('newpass')

224

assert user.check_password?('newpass')

214

assert_nil Token.find_by_id(token.id), "Token was not deleted"

225

assert_nil Token.find_by_id(token.id), "Token was not deleted"

215

end

226

end

216

227

217

def test_post_lost_password_with_token_for_non_active_user_should_fail

228

def test_post_lost_password_with_token_for_non_active_user_should_fail

218

user = User.find(2)

229

user = User.find(2)

219

token = Token.create!(:action => 'recovery', :user => user)

230

token = Token.create!(:action => 'recovery', :user => user)

220

user.lock!

231

user.lock!

221

232

222

post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'

233

post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'

223

assert_redirected_to '/'

234

assert_redirected_to '/'

224

assert ! user.check_password?('newpass')

235

assert ! user.check_password?('newpass')

225

end

236

end

226

237

227

def test_post_lost_password_with_token_and_password_confirmation_failure_should_redisplay_the_form

238

def test_post_lost_password_with_token_and_password_confirmation_failure_should_redisplay_the_form

228

user = User.find(2)

239

user = User.find(2)

229

token = Token.create!(:action => 'recovery', :user => user)

240

token = Token.create!(:action => 'recovery', :user => user)

230

241

231

post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'wrongpass'

242

post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'wrongpass'

232

assert_response :success

243

assert_response :success

233

assert_template 'password_recovery'

244

assert_template 'password_recovery'

234

assert_not_nil Token.find_by_id(token.id), "Token was deleted"

245

assert_not_nil Token.find_by_id(token.id), "Token was deleted"

235

246

236

assert_select 'input[type=hidden][name=token][value=?]', token.value

247

assert_select 'input[type=hidden][name=token][value=?]', token.value

237

end

248

end

238

249

239

def test_post_lost_password_with_invalid_token_should_redirect

250

def test_post_lost_password_with_invalid_token_should_redirect

240

post :lost_password, :token => "abcdef", :new_password => 'newpass', :new_password_confirmation => 'newpass'

251

post :lost_password, :token => "abcdef", :new_password => 'newpass', :new_password_confirmation => 'newpass'

241

assert_redirected_to '/'

252

assert_redirected_to '/'

242

end

253

end

243

end

254

end

             <%= call_hook :view_account_login_top %>
             <div id="login-form">
             <%= form_tag(signin_path) do %>
             <%= back_url_hidden_field_tag %>
             <table>
             <tr>
                 <td align="right"><label for="username"><%=l(:field_login)%>:</label></td>
-                <td align="left"><%= text_field_tag 'username', nil, :tabindex => '1' %></td>
+                <td align="left"><%= text_field_tag 'username', params[:username], :tabindex => '1' %></td>
             </tr>
             <tr>
                 <td align="right"><label for="password"><%=l(:field_password)%>:</label></td>
                 <td align="left"><%= password_field_tag 'password', nil, :tabindex => '2' %></td>
             </tr>
             <% if Setting.openid? %>
             <tr>
               <td align="right"><label for="openid_url"><%=l(:field_identity_url)%></label></td>
               <td align="left"><%= text_field_tag "openid_url", nil, :tabindex => '3' %></td>
             </tr>
             <% end %>
             <tr>
                 <td></td>
                 <td align="left">
                     <% if Setting.autologin? %>
                     <label for="autologin"><%= check_box_tag 'autologin', 1, false, :tabindex => 4 %> <%= l(:label_stay_logged_in) %></label>
                     <% end %>
                 </td>
             </tr>
             <tr>
                 <td align="left">
                     <% if Setting.lost_password? %>
                         <%= link_to l(:label_password_lost), lost_password_path %>
                     <% end %>
                 </td>
                 <td align="right">
                     <input type="submit" name="login" value="<%=l(:button_login)%> &#187;" tabindex="5"/>
                 </td>
             </tr>
             </table>
-            <%= javascript_tag "$('#username').focus();" %>
             <% end %>
             </div>
             <%= call_hook :view_account_login_bottom %>
+            <% if params[:username].present? %>
+            <%= javascript_tag "$('#password').focus();" %>
+            <% else %>
+            <%= javascript_tag "$('#username').focus();" %>
+            <% end %>

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # Redmine - project management software
             # Copyright (C) 2006-2012  Jean-Philippe Lang
             #
             # This program is free software; you can redistribute it and/or
             # modify it under the terms of the GNU General Public License
             # as published by the Free Software Foundation; either version 2
             # of the License, or (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program; if not, write to the Free Software
             # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
             require File.expand_path('../../test_helper', __FILE__)
             require 'account_controller'
             # Re-raise errors caught by the controller.
             class AccountController; def rescue_action(e) raise e end; end
             class AccountControllerTest < ActionController::TestCase
               fixtures :users, :roles
               def setup
                 @controller = AccountController.new
                 @request    = ActionController::TestRequest.new
                 @response   = ActionController::TestResponse.new
                 User.current = nil
               end
+              def test_get_login
+                get :login
+                assert_response :success
+                assert_template 'login'
+                assert_select 'input[name=username]'
+                assert_select 'input[name=password]'
+              end
               def test_login_should_redirect_to_back_url_param
                 # request.uri is "test.host" in test environment
                 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.host/issues/show/1'
                 assert_redirected_to '/issues/show/1'
               end
               def test_login_should_not_redirect_to_another_host
                 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.foo/fake'
                 assert_redirected_to '/my/page'
               end
               def test_login_with_wrong_password
                 post :login, :username => 'admin', :password => 'bad'
                 assert_response :success
                 assert_template 'login'
-                assert_tag 'div',
-                           :attributes => { :class => "flash error" },
+                assert_select 'div.flash.error', :text => /Invalid user or password/
-                           :content => /Invalid user or password/
+                assert_select 'input[name=username][value=admin]'
+                assert_select 'input[name=password]'
+                assert_select 'input[name=password][value]', 0
               end
               def test_login_should_rescue_auth_source_exception
                 source = AuthSource.create!(:name => 'Test')
                 User.find(2).update_attribute :auth_source_id, source.id
                 AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong"))
                 post :login, :username => 'jsmith', :password => 'jsmith'
                 assert_response 500
                 assert_error_tag :content => /Something wrong/
               end
               def test_login_should_reset_session
                 @controller.expects(:reset_session).once
                 post :login, :username => 'jsmith', :password => 'jsmith'
                 assert_response 302
               end
               def test_logout
                 @request.session[:user_id] = 2
                 get :logout
                 assert_redirected_to '/'
                 assert_nil @request.session[:user_id]
               end
               def test_logout_should_reset_session
                 @controller.expects(:reset_session).once
                 @request.session[:user_id] = 2
                 get :logout
                 assert_response 302
               end
               def test_get_register_with_registration_on
                 with_settings :self_registration => '3' do
                   get :register
                   assert_response :success
                   assert_template 'register'
                   assert_not_nil assigns(:user)
                   assert_tag 'input', :attributes => {:name => 'user[password]'}
                   assert_tag 'input', :attributes => {:name => 'user[password_confirmation]'}
                 end
               end
               def test_get_register_with_registration_off_should_redirect
                 with_settings :self_registration => '0' do
                   get :register
                   assert_redirected_to '/'
                 end
               end
               # See integration/account_test.rb for the full test
               def test_post_register_with_registration_on
                 with_settings :self_registration => '3' do
                   assert_difference 'User.count' do
                     post :register, :user => {
                       :login => 'register',
                       :password => 'test',
                       :password_confirmation => 'test',
                       :firstname => 'John',
                       :lastname => 'Doe',
                       :mail => 'register@example.com'
                     }
                     assert_redirected_to '/my/account'
                   end
                   user = User.first(:order => 'id DESC')
                   assert_equal 'register', user.login
                   assert_equal 'John', user.firstname
                   assert_equal 'Doe', user.lastname
                   assert_equal 'register@example.com', user.mail
                   assert user.check_password?('test')
                   assert user.active?
                 end
               end
               def test_post_register_with_registration_off_should_redirect
                 with_settings :self_registration => '0' do
                   assert_no_difference 'User.count' do
                     post :register, :user => {
                       :login => 'register',
                       :password => 'test',
                       :password_confirmation => 'test',
                       :firstname => 'John',
                       :lastname => 'Doe',
                       :mail => 'register@example.com'
                     }
                     assert_redirected_to '/'
                   end
                 end
               end
               def test_get_lost_password_should_display_lost_password_form
                 get :lost_password
                 assert_response :success
                 assert_select 'input[name=mail]'
               end
               def test_lost_password_for_active_user_should_create_a_token
                 Token.delete_all
                 ActionMailer::Base.deliveries.clear
                 assert_difference 'ActionMailer::Base.deliveries.size' do
                   assert_difference 'Token.count' do
                     with_settings :host_name => 'mydomain.foo', :protocol => 'http' do
                       post :lost_password, :mail => 'JSmith@somenet.foo'
                       assert_redirected_to '/login'
                     end
                   end
                 end
                 token = Token.order('id DESC').first
                 assert_equal User.find(2), token.user
                 assert_equal 'recovery', token.action
                 assert_select_email do
                   assert_select "a[href=?]", "http://mydomain.foo/account/lost_password?token=#{token.value}"
                 end
               end
               def test_lost_password_for_unknown_user_should_fail
                 Token.delete_all
                 assert_no_difference 'Token.count' do
                   post :lost_password, :mail => 'invalid@somenet.foo'
                   assert_response :success
                 end
               end
               def test_lost_password_for_non_active_user_should_fail
                 Token.delete_all
                 assert User.find(2).lock!
                 assert_no_difference 'Token.count' do
                   post :lost_password, :mail => 'JSmith@somenet.foo'
                   assert_response :success
                 end
               end
               def test_get_lost_password_with_token_should_display_the_password_recovery_form
                 user = User.find(2)
                 token = Token.create!(:action => 'recovery', :user => user)
                 get :lost_password, :token => token.value
                 assert_response :success
                 assert_template 'password_recovery'
                 assert_select 'input[type=hidden][name=token][value=?]', token.value
               end
               def test_get_lost_password_with_invalid_token_should_redirect
                 get :lost_password, :token => "abcdef"
                 assert_redirected_to '/'
               end
               def test_post_lost_password_with_token_should_change_the_user_password
                 user = User.find(2)
                 token = Token.create!(:action => 'recovery', :user => user)
                 post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
                 assert_redirected_to '/login'
                 user.reload
                 assert user.check_password?('newpass')
                 assert_nil Token.find_by_id(token.id), "Token was not deleted"
               end
               def test_post_lost_password_with_token_for_non_active_user_should_fail
                 user = User.find(2)
                 token = Token.create!(:action => 'recovery', :user => user)
                 user.lock!
                 post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
                 assert_redirected_to '/'
                 assert ! user.check_password?('newpass')
               end
               def test_post_lost_password_with_token_and_password_confirmation_failure_should_redisplay_the_form
                 user = User.find(2)
                 token = Token.create!(:action => 'recovery', :user => user)
                 post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'wrongpass'
                 assert_response :success
                 assert_template 'password_recovery'
                 assert_not_nil Token.find_by_id(token.id), "Token was deleted"
                 assert_select 'input[type=hidden][name=token][value=?]', token.value
               end
               def test_post_lost_password_with_invalid_token_should_redirect
                 post :lost_password, :token => "abcdef", :new_password => 'newpass', :new_password_confirmation => 'newpass'
                 assert_redirected_to '/'
               end
             end