Skip to content

Expand controller coverage for Phase 1.3#438

Open
willnet wants to merge 1 commit into
mainfrom
phase-1-3-controller-coverage
Open

Expand controller coverage for Phase 1.3#438
willnet wants to merge 1 commit into
mainfrom
phase-1-3-controller-coverage

Conversation

@willnet

@willnet willnet commented May 12, 2026

Copy link
Copy Markdown
Member

Cover Sorcery::Controller core and controller submodule edge cases so the refactor roadmap has stronger regression protection. Mark Phase 1.3 complete after verifying the full spec suite passes.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR expands the Sorcery controller spec suite to cover additional edge cases across Sorcery::Controller core behavior and several controller submodules, and marks Phase 1.3 as completed in the roadmap.

Changes:

  • Added specs for Sorcery::Controller core behaviors (failure-reason yielding on login failure, direct current_user assignment, after_login_lock callback execution, and invalid user_class configuration).
  • Added targeted edge-case coverage for controller submodules: session timeout invalidation guards, remember-me cookie/login edge cases, OAuth provider URL/token behaviors and incomplete-user session storage, HTTP Basic auth preconditions and realm lookup, brute-force lock behavior, and activity logging when logged out.
  • Updated V1_ROADMAP.md to mark Phase 1.3 tasks as complete.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated no comments.

Show a summary per file
File Description
V1_ROADMAP.md Marks Phase 1.3 controller coverage work as complete.
spec/controllers/sorcery_controller_spec.rb Adds core controller edge-case coverage (login failure reason yielding, callbacks, config error).
spec/controllers/sorcery_controller_session_timeout_spec.rb Adds guard-condition coverage for invalidate_active_sessions!.
spec/controllers/sorcery_controller_remember_me_spec.rb Adds direct force_forget_me! behavior and missing-cookie login edge case coverage.
spec/controllers/sorcery_controller_oauth_spec.rb Adds OAuth edge-case tests (unsupported providers, callback URL fixups, access_token accessor, incomplete-user session storage, build-from behavior).
spec/controllers/sorcery_controller_http_basic_auth_spec.rb Adds coverage for “explicit request” precondition and unmapped realm lookup.
spec/controllers/sorcery_controller_brute_force_protection_spec.rb Adds coverage for avoiding failed-login increments when already locked.
spec/controllers/sorcery_controller_activity_logging_spec.rb Adds coverage for skipping activity logging when not logged in.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Cover Sorcery::Controller core and controller submodule edge cases so the refactor roadmap has stronger regression protection. Mark Phase 1.3 complete after verifying the full spec suite passes.
@willnet willnet force-pushed the phase-1-3-controller-coverage branch from 336daf0 to 95c3f73 Compare June 17, 2026 10:17
@willnet willnet marked this pull request as ready for review June 17, 2026 10:18
@willnet willnet requested a review from a team June 17, 2026 10:18

@brendon brendon left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good work. I think get the AI to generate a new code coverage report to check that it's improved to 100% coverage in that area. Also, given the mock issues I found, it might pay to double-check the other tests aren't doing similar things.

Comment thread spec/controllers/sorcery_controller_spec.rb
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants