annotate .svn/pristine/2d/2d6ad8e6f87f6d379c227b9a81e69b5a26399856.svn-base @ 1295:622f24f53b42 redmine-2.3

Update to Redmine SVN revision 11972 on 2.3-stable branch
author Chris Cannam
date Fri, 14 Jun 2013 09:02:21 +0100
parents
children
rev   line source
Chris@1295 1 # Redmine - project management software
Chris@1295 2 # Copyright (C) 2006-2012 Jean-Philippe Lang
Chris@1295 3 #
Chris@1295 4 # This program is free software; you can redistribute it and/or
Chris@1295 5 # modify it under the terms of the GNU General Public License
Chris@1295 6 # as published by the Free Software Foundation; either version 2
Chris@1295 7 # of the License, or (at your option) any later version.
Chris@1295 8 #
Chris@1295 9 # This program is distributed in the hope that it will be useful,
Chris@1295 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@1295 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@1295 12 # GNU General Public License for more details.
Chris@1295 13 #
Chris@1295 14 # You should have received a copy of the GNU General Public License
Chris@1295 15 # along with this program; if not, write to the Free Software
Chris@1295 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@1295 17
Chris@1295 18 require File.expand_path('../../test_helper', __FILE__)
Chris@1295 19 require 'account_controller'
Chris@1295 20
Chris@1295 21 # Re-raise errors caught by the controller.
Chris@1295 22 class AccountController; def rescue_action(e) raise e end; end
Chris@1295 23
Chris@1295 24 class AccountControllerTest < ActionController::TestCase
Chris@1295 25 fixtures :users, :roles
Chris@1295 26
Chris@1295 27 def setup
Chris@1295 28 @controller = AccountController.new
Chris@1295 29 @request = ActionController::TestRequest.new
Chris@1295 30 @response = ActionController::TestResponse.new
Chris@1295 31 User.current = nil
Chris@1295 32 end
Chris@1295 33
Chris@1295 34 def test_get_login
Chris@1295 35 get :login
Chris@1295 36 assert_response :success
Chris@1295 37 assert_template 'login'
Chris@1295 38
Chris@1295 39 assert_select 'input[name=username]'
Chris@1295 40 assert_select 'input[name=password]'
Chris@1295 41 end
Chris@1295 42
Chris@1295 43 def test_login_should_redirect_to_back_url_param
Chris@1295 44 # request.uri is "test.host" in test environment
Chris@1295 45 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.host/issues/show/1'
Chris@1295 46 assert_redirected_to '/issues/show/1'
Chris@1295 47 end
Chris@1295 48
Chris@1295 49 def test_login_should_not_redirect_to_another_host
Chris@1295 50 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.foo/fake'
Chris@1295 51 assert_redirected_to '/my/page'
Chris@1295 52 end
Chris@1295 53
Chris@1295 54 def test_login_with_wrong_password
Chris@1295 55 post :login, :username => 'admin', :password => 'bad'
Chris@1295 56 assert_response :success
Chris@1295 57 assert_template 'login'
Chris@1295 58
Chris@1295 59 assert_select 'div.flash.error', :text => /Invalid user or password/
Chris@1295 60 assert_select 'input[name=username][value=admin]'
Chris@1295 61 assert_select 'input[name=password]'
Chris@1295 62 assert_select 'input[name=password][value]', 0
Chris@1295 63 end
Chris@1295 64
Chris@1295 65 def test_login_should_rescue_auth_source_exception
Chris@1295 66 source = AuthSource.create!(:name => 'Test')
Chris@1295 67 User.find(2).update_attribute :auth_source_id, source.id
Chris@1295 68 AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong"))
Chris@1295 69
Chris@1295 70 post :login, :username => 'jsmith', :password => 'jsmith'
Chris@1295 71 assert_response 500
Chris@1295 72 assert_error_tag :content => /Something wrong/
Chris@1295 73 end
Chris@1295 74
Chris@1295 75 def test_login_should_reset_session
Chris@1295 76 @controller.expects(:reset_session).once
Chris@1295 77
Chris@1295 78 post :login, :username => 'jsmith', :password => 'jsmith'
Chris@1295 79 assert_response 302
Chris@1295 80 end
Chris@1295 81
Chris@1295 82 def test_logout
Chris@1295 83 @request.session[:user_id] = 2
Chris@1295 84 get :logout
Chris@1295 85 assert_redirected_to '/'
Chris@1295 86 assert_nil @request.session[:user_id]
Chris@1295 87 end
Chris@1295 88
Chris@1295 89 def test_logout_should_reset_session
Chris@1295 90 @controller.expects(:reset_session).once
Chris@1295 91
Chris@1295 92 @request.session[:user_id] = 2
Chris@1295 93 get :logout
Chris@1295 94 assert_response 302
Chris@1295 95 end
Chris@1295 96
Chris@1295 97 def test_get_register_with_registration_on
Chris@1295 98 with_settings :self_registration => '3' do
Chris@1295 99 get :register
Chris@1295 100 assert_response :success
Chris@1295 101 assert_template 'register'
Chris@1295 102 assert_not_nil assigns(:user)
Chris@1295 103
Chris@1295 104 assert_tag 'input', :attributes => {:name => 'user[password]'}
Chris@1295 105 assert_tag 'input', :attributes => {:name => 'user[password_confirmation]'}
Chris@1295 106 end
Chris@1295 107 end
Chris@1295 108
Chris@1295 109 def test_get_register_with_registration_off_should_redirect
Chris@1295 110 with_settings :self_registration => '0' do
Chris@1295 111 get :register
Chris@1295 112 assert_redirected_to '/'
Chris@1295 113 end
Chris@1295 114 end
Chris@1295 115
Chris@1295 116 # See integration/account_test.rb for the full test
Chris@1295 117 def test_post_register_with_registration_on
Chris@1295 118 with_settings :self_registration => '3' do
Chris@1295 119 assert_difference 'User.count' do
Chris@1295 120 post :register, :user => {
Chris@1295 121 :login => 'register',
Chris@1295 122 :password => 'secret123',
Chris@1295 123 :password_confirmation => 'secret123',
Chris@1295 124 :firstname => 'John',
Chris@1295 125 :lastname => 'Doe',
Chris@1295 126 :mail => 'register@example.com'
Chris@1295 127 }
Chris@1295 128 assert_redirected_to '/my/account'
Chris@1295 129 end
Chris@1295 130 user = User.first(:order => 'id DESC')
Chris@1295 131 assert_equal 'register', user.login
Chris@1295 132 assert_equal 'John', user.firstname
Chris@1295 133 assert_equal 'Doe', user.lastname
Chris@1295 134 assert_equal 'register@example.com', user.mail
Chris@1295 135 assert user.check_password?('secret123')
Chris@1295 136 assert user.active?
Chris@1295 137 end
Chris@1295 138 end
Chris@1295 139
Chris@1295 140 def test_post_register_with_registration_off_should_redirect
Chris@1295 141 with_settings :self_registration => '0' do
Chris@1295 142 assert_no_difference 'User.count' do
Chris@1295 143 post :register, :user => {
Chris@1295 144 :login => 'register',
Chris@1295 145 :password => 'test',
Chris@1295 146 :password_confirmation => 'test',
Chris@1295 147 :firstname => 'John',
Chris@1295 148 :lastname => 'Doe',
Chris@1295 149 :mail => 'register@example.com'
Chris@1295 150 }
Chris@1295 151 assert_redirected_to '/'
Chris@1295 152 end
Chris@1295 153 end
Chris@1295 154 end
Chris@1295 155
Chris@1295 156 def test_get_lost_password_should_display_lost_password_form
Chris@1295 157 get :lost_password
Chris@1295 158 assert_response :success
Chris@1295 159 assert_select 'input[name=mail]'
Chris@1295 160 end
Chris@1295 161
Chris@1295 162 def test_lost_password_for_active_user_should_create_a_token
Chris@1295 163 Token.delete_all
Chris@1295 164 ActionMailer::Base.deliveries.clear
Chris@1295 165 assert_difference 'ActionMailer::Base.deliveries.size' do
Chris@1295 166 assert_difference 'Token.count' do
Chris@1295 167 with_settings :host_name => 'mydomain.foo', :protocol => 'http' do
Chris@1295 168 post :lost_password, :mail => 'JSmith@somenet.foo'
Chris@1295 169 assert_redirected_to '/login'
Chris@1295 170 end
Chris@1295 171 end
Chris@1295 172 end
Chris@1295 173
Chris@1295 174 token = Token.order('id DESC').first
Chris@1295 175 assert_equal User.find(2), token.user
Chris@1295 176 assert_equal 'recovery', token.action
Chris@1295 177
Chris@1295 178 assert_select_email do
Chris@1295 179 assert_select "a[href=?]", "http://mydomain.foo/account/lost_password?token=#{token.value}"
Chris@1295 180 end
Chris@1295 181 end
Chris@1295 182
Chris@1295 183 def test_lost_password_for_unknown_user_should_fail
Chris@1295 184 Token.delete_all
Chris@1295 185 assert_no_difference 'Token.count' do
Chris@1295 186 post :lost_password, :mail => 'invalid@somenet.foo'
Chris@1295 187 assert_response :success
Chris@1295 188 end
Chris@1295 189 end
Chris@1295 190
Chris@1295 191 def test_lost_password_for_non_active_user_should_fail
Chris@1295 192 Token.delete_all
Chris@1295 193 assert User.find(2).lock!
Chris@1295 194
Chris@1295 195 assert_no_difference 'Token.count' do
Chris@1295 196 post :lost_password, :mail => 'JSmith@somenet.foo'
Chris@1295 197 assert_response :success
Chris@1295 198 end
Chris@1295 199 end
Chris@1295 200
Chris@1295 201 def test_get_lost_password_with_token_should_display_the_password_recovery_form
Chris@1295 202 user = User.find(2)
Chris@1295 203 token = Token.create!(:action => 'recovery', :user => user)
Chris@1295 204
Chris@1295 205 get :lost_password, :token => token.value
Chris@1295 206 assert_response :success
Chris@1295 207 assert_template 'password_recovery'
Chris@1295 208
Chris@1295 209 assert_select 'input[type=hidden][name=token][value=?]', token.value
Chris@1295 210 end
Chris@1295 211
Chris@1295 212 def test_get_lost_password_with_invalid_token_should_redirect
Chris@1295 213 get :lost_password, :token => "abcdef"
Chris@1295 214 assert_redirected_to '/'
Chris@1295 215 end
Chris@1295 216
Chris@1295 217 def test_post_lost_password_with_token_should_change_the_user_password
Chris@1295 218 user = User.find(2)
Chris@1295 219 token = Token.create!(:action => 'recovery', :user => user)
Chris@1295 220
Chris@1295 221 post :lost_password, :token => token.value, :new_password => 'newpass123', :new_password_confirmation => 'newpass123'
Chris@1295 222 assert_redirected_to '/login'
Chris@1295 223 user.reload
Chris@1295 224 assert user.check_password?('newpass123')
Chris@1295 225 assert_nil Token.find_by_id(token.id), "Token was not deleted"
Chris@1295 226 end
Chris@1295 227
Chris@1295 228 def test_post_lost_password_with_token_for_non_active_user_should_fail
Chris@1295 229 user = User.find(2)
Chris@1295 230 token = Token.create!(:action => 'recovery', :user => user)
Chris@1295 231 user.lock!
Chris@1295 232
Chris@1295 233 post :lost_password, :token => token.value, :new_password => 'newpass123', :new_password_confirmation => 'newpass123'
Chris@1295 234 assert_redirected_to '/'
Chris@1295 235 assert ! user.check_password?('newpass123')
Chris@1295 236 end
Chris@1295 237
Chris@1295 238 def test_post_lost_password_with_token_and_password_confirmation_failure_should_redisplay_the_form
Chris@1295 239 user = User.find(2)
Chris@1295 240 token = Token.create!(:action => 'recovery', :user => user)
Chris@1295 241
Chris@1295 242 post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'wrongpass'
Chris@1295 243 assert_response :success
Chris@1295 244 assert_template 'password_recovery'
Chris@1295 245 assert_not_nil Token.find_by_id(token.id), "Token was deleted"
Chris@1295 246
Chris@1295 247 assert_select 'input[type=hidden][name=token][value=?]', token.value
Chris@1295 248 end
Chris@1295 249
Chris@1295 250 def test_post_lost_password_with_invalid_token_should_redirect
Chris@1295 251 post :lost_password, :token => "abcdef", :new_password => 'newpass', :new_password_confirmation => 'newpass'
Chris@1295 252 assert_redirected_to '/'
Chris@1295 253 end
Chris@1295 254 end