Mercurial > hg > soundsoftware-site

annotate test/integration/account_test.rb @ 1628:9c5f8e24dadc live tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Quieten this cron script
author Chris Cannam
date Tue, 25 Aug 2020 11:38:49 +0100
parents e248c7af89ec
children
rev   line source
Chris@909 1 # Redmine - project management software
Chris@1494 2 # Copyright (C) 2006-2014 Jean-Philippe Lang
Chris@0 3 #
Chris@0 4 # This program is free software; you can redistribute it and/or
Chris@0 5 # modify it under the terms of the GNU General Public License
Chris@0 6 # as published by the Free Software Foundation; either version 2
Chris@0 7 # of the License, or (at your option) any later version.
Chris@909 8 #
Chris@0 9 # This program is distributed in the hope that it will be useful,
Chris@0 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@0 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@0 12 # GNU General Public License for more details.
Chris@909 13 #
Chris@0 14 # You should have received a copy of the GNU General Public License
Chris@0 15 # along with this program; if not, write to the Free Software
Chris@0 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@0 17
Chris@119 18 require File.expand_path('../../test_helper', __FILE__)
Chris@0 19
Chris@0 20 begin
Chris@1464 21 require 'mocha/setup'
Chris@0 22 rescue
Chris@0 23 # Won't run some tests
Chris@0 24 end
Chris@0 25
Chris@0 26 class AccountTest < ActionController::IntegrationTest
Chris@0 27 fixtures :users, :roles
Chris@0 28
Chris@0 29 # Replace this with your real tests.
Chris@0 30 def test_login
Chris@0 31 get "my/page"
Chris@0 32 assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage"
Chris@0 33 log_user('jsmith', 'jsmith')
Chris@909 34
Chris@0 35 get "my/account"
Chris@0 36 assert_response :success
Chris@909 37 assert_template "my/account"
Chris@0 38 end
Chris@909 39
Chris@0 40 def test_autologin
Chris@0 41 user = User.find(1)
Chris@0 42 Setting.autologin = "7"
Chris@0 43 Token.delete_all
Chris@909 44
Chris@0 45 # User logs in with 'autologin' checked
Chris@0 46 post '/login', :username => user.login, :password => 'admin', :autologin => 1
chris@37 47 assert_redirected_to '/my/page'
Chris@1464 48 token = Token.first
Chris@0 49 assert_not_nil token
Chris@0 50 assert_equal user, token.user
Chris@0 51 assert_equal 'autologin', token.action
Chris@0 52 assert_equal user.id, session[:user_id]
Chris@0 53 assert_equal token.value, cookies['autologin']
Chris@909 54
Chris@0 55 # Session is cleared
Chris@0 56 reset!
Chris@0 57 User.current = nil
Chris@0 58 # Clears user's last login timestamp
Chris@0 59 user.update_attribute :last_login_on, nil
Chris@0 60 assert_nil user.reload.last_login_on
Chris@909 61
Chris@1464 62 # User comes back with user's autologin cookie
Chris@0 63 cookies[:autologin] = token.value
Chris@0 64 get '/my/page'
Chris@0 65 assert_response :success
Chris@0 66 assert_template 'my/page'
Chris@0 67 assert_equal user.id, session[:user_id]
Chris@0 68 assert_not_nil user.reload.last_login_on
Chris@0 69 end
Chris@909 70
Chris@1464 71 def test_autologin_should_use_autologin_cookie_name
Chris@1464 72 Token.delete_all
Chris@1464 73 Redmine::Configuration.stubs(:[]).with('autologin_cookie_name').returns('custom_autologin')
Chris@1464 74 Redmine::Configuration.stubs(:[]).with('autologin_cookie_path').returns('/')
Chris@1464 75 Redmine::Configuration.stubs(:[]).with('autologin_cookie_secure').returns(false)
Chris@1464 76
Chris@1464 77 with_settings :autologin => '7' do
Chris@1464 78 assert_difference 'Token.count' do
Chris@1464 79 post '/login', :username => 'admin', :password => 'admin', :autologin => 1
Chris@1464 80 end
Chris@1464 81 assert_response 302
Chris@1464 82 assert cookies['custom_autologin'].present?
Chris@1464 83 token = cookies['custom_autologin']
Chris@1464 84
Chris@1464 85 # Session is cleared
Chris@1464 86 reset!
Chris@1464 87 cookies['custom_autologin'] = token
Chris@1464 88 get '/my/page'
Chris@1464 89 assert_response :success
Chris@1464 90
Chris@1464 91 assert_difference 'Token.count', -1 do
Chris@1464 92 post '/logout'
Chris@1464 93 end
Chris@1464 94 assert cookies['custom_autologin'].blank?
Chris@1464 95 end
Chris@1464 96 end
Chris@1464 97
Chris@0 98 def test_lost_password
Chris@0 99 Token.delete_all
Chris@909 100
Chris@0 101 get "account/lost_password"
Chris@0 102 assert_response :success
Chris@0 103 assert_template "account/lost_password"
Chris@1115 104 assert_select 'input[name=mail]'
Chris@909 105
Chris@0 106 post "account/lost_password", :mail => 'jSmith@somenet.foo'
Chris@0 107 assert_redirected_to "/login"
Chris@909 108
Chris@1464 109 token = Token.first
Chris@0 110 assert_equal 'recovery', token.action
Chris@0 111 assert_equal 'jsmith@somenet.foo', token.user.mail
Chris@0 112 assert !token.expired?
Chris@909 113
Chris@0 114 get "account/lost_password", :token => token.value
Chris@0 115 assert_response :success
Chris@0 116 assert_template "account/password_recovery"
Chris@1115 117 assert_select 'input[type=hidden][name=token][value=?]', token.value
Chris@1115 118 assert_select 'input[name=new_password]'
Chris@1115 119 assert_select 'input[name=new_password_confirmation]'
Chris@909 120
Chris@1464 121 post "account/lost_password",
Chris@1464 122 :token => token.value, :new_password => 'newpass123',
Chris@1464 123 :new_password_confirmation => 'newpass123'
Chris@0 124 assert_redirected_to "/login"
Chris@0 125 assert_equal 'Password was successfully updated.', flash[:notice]
Chris@909 126
Chris@1115 127 log_user('jsmith', 'newpass123')
Chris@909 128 assert_equal 0, Token.count
Chris@0 129 end
Chris@909 130
Chris@1464 131 def test_user_with_must_change_passwd_should_be_forced_to_change_its_password
Chris@1464 132 User.find_by_login('jsmith').update_attribute :must_change_passwd, true
Chris@1464 133
Chris@1464 134 post '/login', :username => 'jsmith', :password => 'jsmith'
Chris@1464 135 assert_redirected_to '/my/page'
Chris@1464 136 follow_redirect!
Chris@1464 137 assert_redirected_to '/my/password'
Chris@1464 138
Chris@1464 139 get '/issues'
Chris@1464 140 assert_redirected_to '/my/password'
Chris@1464 141 end
Chris@1464 142
Chris@1464 143 def test_user_with_must_change_passwd_should_be_able_to_change_its_password
Chris@1464 144 User.find_by_login('jsmith').update_attribute :must_change_passwd, true
Chris@1464 145
Chris@1464 146 post '/login', :username => 'jsmith', :password => 'jsmith'
Chris@1464 147 assert_redirected_to '/my/page'
Chris@1464 148 follow_redirect!
Chris@1464 149 assert_redirected_to '/my/password'
Chris@1464 150 follow_redirect!
Chris@1464 151 assert_response :success
Chris@1464 152 post '/my/password', :password => 'jsmith', :new_password => 'newpassword', :new_password_confirmation => 'newpassword'
Chris@1464 153 assert_redirected_to '/my/account'
Chris@1464 154 follow_redirect!
Chris@1464 155 assert_response :success
Chris@1464 156
Chris@1464 157 assert_equal false, User.find_by_login('jsmith').must_change_passwd?
Chris@1464 158 end
Chris@1464 159
Chris@0 160 def test_register_with_automatic_activation
Chris@0 161 Setting.self_registration = '3'
Chris@909 162
Chris@0 163 get 'account/register'
Chris@0 164 assert_response :success
Chris@0 165 assert_template 'account/register'
Chris@909 166
Chris@1464 167 post 'account/register',
Chris@1464 168 :user => {:login => "newuser", :language => "en",
Chris@1464 169 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
Chris@1464 170 :password => "newpass123", :password_confirmation => "newpass123"}
chris@37 171 assert_redirected_to '/my/account'
Chris@0 172 follow_redirect!
Chris@0 173 assert_response :success
Chris@0 174 assert_template 'my/account'
Chris@909 175
Chris@0 176 user = User.find_by_login('newuser')
Chris@0 177 assert_not_nil user
Chris@0 178 assert user.active?
Chris@0 179 assert_not_nil user.last_login_on
Chris@0 180 end
Chris@909 181
Chris@0 182 def test_register_with_manual_activation
Chris@0 183 Setting.self_registration = '2'
Chris@909 184
Chris@1464 185 post 'account/register',
Chris@1464 186 :user => {:login => "newuser", :language => "en",
Chris@1464 187 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
Chris@1464 188 :password => "newpass123", :password_confirmation => "newpass123"}
Chris@0 189 assert_redirected_to '/login'
Chris@0 190 assert !User.find_by_login('newuser').active?
Chris@0 191 end
Chris@909 192
Chris@0 193 def test_register_with_email_activation
Chris@0 194 Setting.self_registration = '1'
Chris@0 195 Token.delete_all
Chris@909 196
Chris@1464 197 post 'account/register',
Chris@1464 198 :user => {:login => "newuser", :language => "en",
Chris@1464 199 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
Chris@1464 200 :password => "newpass123", :password_confirmation => "newpass123"}
Chris@0 201 assert_redirected_to '/login'
Chris@0 202 assert !User.find_by_login('newuser').active?
Chris@909 203
Chris@1464 204 token = Token.first
Chris@0 205 assert_equal 'register', token.action
Chris@0 206 assert_equal 'newuser@foo.bar', token.user.mail
Chris@0 207 assert !token.expired?
Chris@909 208
Chris@0 209 get 'account/activate', :token => token.value
Chris@0 210 assert_redirected_to '/login'
Chris@1115 211 log_user('newuser', 'newpass123')
Chris@0 212 end
Chris@909 213
Chris@0 214 def test_onthefly_registration
Chris@0 215 # disable registration
Chris@0 216 Setting.self_registration = '0'
Chris@1464 217 AuthSource.expects(:authenticate).returns(
Chris@1464 218 {:login => 'foo', :firstname => 'Foo', :lastname => 'Smith',
Chris@1464 219 :mail => 'foo@bar.com', :auth_source_id => 66})
Chris@909 220
Chris@1115 221 post '/login', :username => 'foo', :password => 'bar'
chris@37 222 assert_redirected_to '/my/page'
Chris@909 223
Chris@0 224 user = User.find_by_login('foo')
Chris@0 225 assert user.is_a?(User)
Chris@0 226 assert_equal 66, user.auth_source_id
Chris@0 227 assert user.hashed_password.blank?
Chris@0 228 end
Chris@909 229
Chris@0 230 def test_onthefly_registration_with_invalid_attributes
Chris@0 231 # disable registration
Chris@0 232 Setting.self_registration = '0'
Chris@1464 233 AuthSource.expects(:authenticate).returns(
Chris@1464 234 {:login => 'foo', :lastname => 'Smith', :auth_source_id => 66})
Chris@909 235
Chris@1115 236 post '/login', :username => 'foo', :password => 'bar'
Chris@0 237 assert_response :success
Chris@0 238 assert_template 'account/register'
Chris@0 239 assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
Chris@0 240 assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
Chris@0 241 assert_no_tag :input, :attributes => { :name => 'user[login]' }
Chris@0 242 assert_no_tag :input, :attributes => { :name => 'user[password]' }
Chris@909 243
Chris@1464 244 post 'account/register',
Chris@1464 245 :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
Chris@0 246 assert_redirected_to '/my/account'
Chris@909 247
Chris@0 248 user = User.find_by_login('foo')
Chris@0 249 assert user.is_a?(User)
Chris@0 250 assert_equal 66, user.auth_source_id
Chris@0 251 assert user.hashed_password.blank?
Chris@0 252 end
Chris@1464 253
Chris@1464 254 def test_registered_user_should_be_able_to_get_a_new_activation_email
Chris@1464 255 Token.delete_all
Chris@1464 256
Chris@1464 257 with_settings :self_registration => '1', :default_language => 'en' do
Chris@1464 258 # register a new account
Chris@1464 259 assert_difference 'User.count' do
Chris@1464 260 assert_difference 'Token.count' do
Chris@1464 261 post 'account/register',
Chris@1464 262 :user => {:login => "newuser", :language => "en",
Chris@1464 263 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
Chris@1464 264 :password => "newpass123", :password_confirmation => "newpass123"}
Chris@1464 265 end
Chris@1464 266 end
Chris@1464 267 user = User.order('id desc').first
Chris@1464 268 assert_equal User::STATUS_REGISTERED, user.status
Chris@1464 269 reset!
Chris@1464 270
Chris@1464 271 # try to use "lost password"
Chris@1464 272 assert_no_difference 'ActionMailer::Base.deliveries.size' do
Chris@1464 273 post '/account/lost_password', :mail => 'newuser@foo.bar'
Chris@1464 274 end
Chris@1464 275 assert_redirected_to '/account/lost_password'
Chris@1464 276 follow_redirect!
Chris@1464 277 assert_response :success
Chris@1464 278 assert_select 'div.flash', :text => /new activation email/
Chris@1464 279 assert_select 'div.flash a[href=/account/activation_email]'
Chris@1464 280
Chris@1464 281 # request a new action activation email
Chris@1464 282 assert_difference 'ActionMailer::Base.deliveries.size' do
Chris@1464 283 get '/account/activation_email'
Chris@1464 284 end
Chris@1464 285 assert_redirected_to '/login'
Chris@1464 286 token = Token.order('id desc').first
Chris@1464 287 activation_path = "/account/activate?token=#{token.value}"
Chris@1464 288 assert_include activation_path, mail_body(ActionMailer::Base.deliveries.last)
Chris@1464 289
Chris@1464 290 # activate the account
Chris@1464 291 get activation_path
Chris@1464 292 assert_redirected_to '/login'
Chris@1464 293
Chris@1464 294 post '/login', :username => 'newuser', :password => 'newpass123'
Chris@1464 295 assert_redirected_to '/my/page'
Chris@1464 296 end
Chris@1464 297 end
Chris@0 298 end