Mercurial > hg > soundsoftware-site

annotate test/integration/account_test.rb @ 1516:b450a9d58aed redmine-2.4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Redmine SVN revision 13356 on 2.4-stable branch
author Chris Cannam
date Tue, 09 Sep 2014 09:28:31 +0100
parents e248c7af89ec
children
rev   line source
Chris@909 1 # Redmine - project management software
Chris@1494 2 # Copyright (C) 2006-2014 Jean-Philippe Lang
Chris@0 3 #
Chris@0 4 # This program is free software; you can redistribute it and/or
Chris@0 5 # modify it under the terms of the GNU General Public License
Chris@0 6 # as published by the Free Software Foundation; either version 2
Chris@0 7 # of the License, or (at your option) any later version.
Chris@909 8 #
Chris@0 9 # This program is distributed in the hope that it will be useful,
Chris@0 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@0 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@0 12 # GNU General Public License for more details.
Chris@909 13 #
Chris@0 14 # You should have received a copy of the GNU General Public License
Chris@0 15 # along with this program; if not, write to the Free Software
Chris@0 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@0 17
Chris@119 18 require File.expand_path('../../test_helper', __FILE__)
Chris@0 19
Chris@0 20 begin
Chris@1464 21 require 'mocha/setup'
Chris@0 22 rescue
Chris@0 23 # Won't run some tests
Chris@0 24 end
Chris@0 25
Chris@0 26 class AccountTest < ActionController::IntegrationTest
Chris@0 27 fixtures :users, :roles
Chris@0 28
Chris@0 29 # Replace this with your real tests.
Chris@0 30 def test_login
Chris@0 31 get "my/page"
Chris@0 32 assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage"
Chris@0 33 log_user('jsmith', 'jsmith')
Chris@909 34
Chris@0 35 get "my/account"
Chris@0 36 assert_response :success
Chris@909 37 assert_template "my/account"
Chris@0 38 end
Chris@909 39
Chris@0 40 def test_autologin
Chris@0 41 user = User.find(1)
Chris@0 42 Setting.autologin = "7"
Chris@0 43 Token.delete_all
Chris@909 44
Chris@0 45 # User logs in with 'autologin' checked
Chris@0 46 post '/login', :username => user.login, :password => 'admin', :autologin => 1
chris@37 47 assert_redirected_to '/my/page'
Chris@1464 48 token = Token.first
Chris@0 49 assert_not_nil token
Chris@0 50 assert_equal user, token.user
Chris@0 51 assert_equal 'autologin', token.action
Chris@0 52 assert_equal user.id, session[:user_id]
Chris@0 53 assert_equal token.value, cookies['autologin']
Chris@909 54
Chris@0 55 # Session is cleared
Chris@0 56 reset!
Chris@0 57 User.current = nil
Chris@0 58 # Clears user's last login timestamp
Chris@0 59 user.update_attribute :last_login_on, nil
Chris@0 60 assert_nil user.reload.last_login_on
Chris@909 61
Chris@1464 62 # User comes back with user's autologin cookie
Chris@0 63 cookies[:autologin] = token.value
Chris@0 64 get '/my/page'
Chris@0 65 assert_response :success
Chris@0 66 assert_template 'my/page'
Chris@0 67 assert_equal user.id, session[:user_id]
Chris@0 68 assert_not_nil user.reload.last_login_on
Chris@0 69 end
Chris@909 70
Chris@1464 71 def test_autologin_should_use_autologin_cookie_name
Chris@1464 72 Token.delete_all
Chris@1464 73 Redmine::Configuration.stubs(:[]).with('autologin_cookie_name').returns('custom_autologin')
Chris@1464 74 Redmine::Configuration.stubs(:[]).with('autologin_cookie_path').returns('/')
Chris@1464 75 Redmine::Configuration.stubs(:[]).with('autologin_cookie_secure').returns(false)
Chris@1464 76
Chris@1464 77 with_settings :autologin => '7' do
Chris@1464 78 assert_difference 'Token.count' do
Chris@1464 79 post '/login', :username => 'admin', :password => 'admin', :autologin => 1
Chris@1464 80 end
Chris@1464 81 assert_response 302
Chris@1464 82 assert cookies['custom_autologin'].present?
Chris@1464 83 token = cookies['custom_autologin']
Chris@1464 84
Chris@1464 85 # Session is cleared
Chris@1464 86 reset!
Chris@1464 87 cookies['custom_autologin'] = token
Chris@1464 88 get '/my/page'
Chris@1464 89 assert_response :success
Chris@1464 90
Chris@1464 91 assert_difference 'Token.count', -1 do
Chris@1464 92 post '/logout'
Chris@1464 93 end
Chris@1464 94 assert cookies['custom_autologin'].blank?
Chris@1464 95 end
Chris@1464 96 end
Chris@1464 97
Chris@0 98 def test_lost_password
Chris@0 99 Token.delete_all
Chris@909 100
Chris@0 101 get "account/lost_password"
Chris@0 102 assert_response :success
Chris@0 103 assert_template "account/lost_password"
Chris@1115 104 assert_select 'input[name=mail]'
Chris@909 105
Chris@0 106 post "account/lost_password", :mail => 'jSmith@somenet.foo'
Chris@0 107 assert_redirected_to "/login"
Chris@909 108
Chris@1464 109 token = Token.first
Chris@0 110 assert_equal 'recovery', token.action
Chris@0 111 assert_equal 'jsmith@somenet.foo', token.user.mail
Chris@0 112 assert !token.expired?
Chris@909 113
Chris@0 114 get "account/lost_password", :token => token.value
Chris@0 115 assert_response :success
Chris@0 116 assert_template "account/password_recovery"
Chris@1115 117 assert_select 'input[type=hidden][name=token][value=?]', token.value
Chris@1115 118 assert_select 'input[name=new_password]'
Chris@1115 119 assert_select 'input[name=new_password_confirmation]'
Chris@909 120
Chris@1464 121 post "account/lost_password",
Chris@1464 122 :token => token.value, :new_password => 'newpass123',
Chris@1464 123 :new_password_confirmation => 'newpass123'
Chris@0 124 assert_redirected_to "/login"
Chris@0 125 assert_equal 'Password was successfully updated.', flash[:notice]
Chris@909 126
Chris@1115 127 log_user('jsmith', 'newpass123')
Chris@909 128 assert_equal 0, Token.count
Chris@0 129 end
Chris@909 130
Chris@1464 131 def test_user_with_must_change_passwd_should_be_forced_to_change_its_password
Chris@1464 132 User.find_by_login('jsmith').update_attribute :must_change_passwd, true
Chris@1464 133
Chris@1464 134 post '/login', :username => 'jsmith', :password => 'jsmith'
Chris@1464 135 assert_redirected_to '/my/page'
Chris@1464 136 follow_redirect!
Chris@1464 137 assert_redirected_to '/my/password'
Chris@1464 138
Chris@1464 139 get '/issues'
Chris@1464 140 assert_redirected_to '/my/password'
Chris@1464 141 end
Chris@1464 142
Chris@1464 143 def test_user_with_must_change_passwd_should_be_able_to_change_its_password
Chris@1464 144 User.find_by_login('jsmith').update_attribute :must_change_passwd, true
Chris@1464 145
Chris@1464 146 post '/login', :username => 'jsmith', :password => 'jsmith'
Chris@1464 147 assert_redirected_to '/my/page'
Chris@1464 148 follow_redirect!
Chris@1464 149 assert_redirected_to '/my/password'
Chris@1464 150 follow_redirect!
Chris@1464 151 assert_response :success
Chris@1464 152 post '/my/password', :password => 'jsmith', :new_password => 'newpassword', :new_password_confirmation => 'newpassword'
Chris@1464 153 assert_redirected_to '/my/account'
Chris@1464 154 follow_redirect!
Chris@1464 155 assert_response :success
Chris@1464 156
Chris@1464 157 assert_equal false, User.find_by_login('jsmith').must_change_passwd?
Chris@1464 158 end
Chris@1464 159
Chris@0 160 def test_register_with_automatic_activation
Chris@0 161 Setting.self_registration = '3'
Chris@909 162
Chris@0 163 get 'account/register'
Chris@0 164 assert_response :success
Chris@0 165 assert_template 'account/register'
Chris@909 166
Chris@1464 167 post 'account/register',
Chris@1464 168 :user => {:login => "newuser", :language => "en",
Chris@1464 169 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
Chris@1464 170 :password => "newpass123", :password_confirmation => "newpass123"}
chris@37 171 assert_redirected_to '/my/account'
Chris@0 172 follow_redirect!
Chris@0 173 assert_response :success
Chris@0 174 assert_template 'my/account'
Chris@909 175
Chris@0 176 user = User.find_by_login('newuser')
Chris@0 177 assert_not_nil user
Chris@0 178 assert user.active?
Chris@0 179 assert_not_nil user.last_login_on
Chris@0 180 end
Chris@909 181
Chris@0 182 def test_register_with_manual_activation
Chris@0 183 Setting.self_registration = '2'
Chris@909 184
Chris@1464 185 post 'account/register',
Chris@1464 186 :user => {:login => "newuser", :language => "en",
Chris@1464 187 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
Chris@1464 188 :password => "newpass123", :password_confirmation => "newpass123"}
Chris@0 189 assert_redirected_to '/login'
Chris@0 190 assert !User.find_by_login('newuser').active?
Chris@0 191 end
Chris@909 192
Chris@0 193 def test_register_with_email_activation
Chris@0 194 Setting.self_registration = '1'
Chris@0 195 Token.delete_all
Chris@909 196
Chris@1464 197 post 'account/register',
Chris@1464 198 :user => {:login => "newuser", :language => "en",
Chris@1464 199 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
Chris@1464 200 :password => "newpass123", :password_confirmation => "newpass123"}
Chris@0 201 assert_redirected_to '/login'
Chris@0 202 assert !User.find_by_login('newuser').active?
Chris@909 203
Chris@1464 204 token = Token.first
Chris@0 205 assert_equal 'register', token.action
Chris@0 206 assert_equal 'newuser@foo.bar', token.user.mail
Chris@0 207 assert !token.expired?
Chris@909 208
Chris@0 209 get 'account/activate', :token => token.value
Chris@0 210 assert_redirected_to '/login'
Chris@1115 211 log_user('newuser', 'newpass123')
Chris@0 212 end
Chris@909 213
Chris@0 214 def test_onthefly_registration
Chris@0 215 # disable registration
Chris@0 216 Setting.self_registration = '0'
Chris@1464 217 AuthSource.expects(:authenticate).returns(
Chris@1464 218 {:login => 'foo', :firstname => 'Foo', :lastname => 'Smith',
Chris@1464 219 :mail => 'foo@bar.com', :auth_source_id => 66})
Chris@909 220
Chris@1115 221 post '/login', :username => 'foo', :password => 'bar'
chris@37 222 assert_redirected_to '/my/page'
Chris@909 223
Chris@0 224 user = User.find_by_login('foo')
Chris@0 225 assert user.is_a?(User)
Chris@0 226 assert_equal 66, user.auth_source_id
Chris@0 227 assert user.hashed_password.blank?
Chris@0 228 end
Chris@909 229
Chris@0 230 def test_onthefly_registration_with_invalid_attributes
Chris@0 231 # disable registration
Chris@0 232 Setting.self_registration = '0'
Chris@1464 233 AuthSource.expects(:authenticate).returns(
Chris@1464 234 {:login => 'foo', :lastname => 'Smith', :auth_source_id => 66})
Chris@909 235
Chris@1115 236 post '/login', :username => 'foo', :password => 'bar'
Chris@0 237 assert_response :success
Chris@0 238 assert_template 'account/register'
Chris@0 239 assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
Chris@0 240 assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
Chris@0 241 assert_no_tag :input, :attributes => { :name => 'user[login]' }
Chris@0 242 assert_no_tag :input, :attributes => { :name => 'user[password]' }
Chris@909 243
Chris@1464 244 post 'account/register',
Chris@1464 245 :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
Chris@0 246 assert_redirected_to '/my/account'
Chris@909 247
Chris@0 248 user = User.find_by_login('foo')
Chris@0 249 assert user.is_a?(User)
Chris@0 250 assert_equal 66, user.auth_source_id
Chris@0 251 assert user.hashed_password.blank?
Chris@0 252 end
Chris@1464 253
Chris@1464 254 def test_registered_user_should_be_able_to_get_a_new_activation_email
Chris@1464 255 Token.delete_all
Chris@1464 256
Chris@1464 257 with_settings :self_registration => '1', :default_language => 'en' do
Chris@1464 258 # register a new account
Chris@1464 259 assert_difference 'User.count' do
Chris@1464 260 assert_difference 'Token.count' do
Chris@1464 261 post 'account/register',
Chris@1464 262 :user => {:login => "newuser", :language => "en",
Chris@1464 263 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
Chris@1464 264 :password => "newpass123", :password_confirmation => "newpass123"}
Chris@1464 265 end
Chris@1464 266 end
Chris@1464 267 user = User.order('id desc').first
Chris@1464 268 assert_equal User::STATUS_REGISTERED, user.status
Chris@1464 269 reset!
Chris@1464 270
Chris@1464 271 # try to use "lost password"
Chris@1464 272 assert_no_difference 'ActionMailer::Base.deliveries.size' do
Chris@1464 273 post '/account/lost_password', :mail => 'newuser@foo.bar'
Chris@1464 274 end
Chris@1464 275 assert_redirected_to '/account/lost_password'
Chris@1464 276 follow_redirect!
Chris@1464 277 assert_response :success
Chris@1464 278 assert_select 'div.flash', :text => /new activation email/
Chris@1464 279 assert_select 'div.flash a[href=/account/activation_email]'
Chris@1464 280
Chris@1464 281 # request a new action activation email
Chris@1464 282 assert_difference 'ActionMailer::Base.deliveries.size' do
Chris@1464 283 get '/account/activation_email'
Chris@1464 284 end
Chris@1464 285 assert_redirected_to '/login'
Chris@1464 286 token = Token.order('id desc').first
Chris@1464 287 activation_path = "/account/activate?token=#{token.value}"
Chris@1464 288 assert_include activation_path, mail_body(ActionMailer::Base.deliveries.last)
Chris@1464 289
Chris@1464 290 # activate the account
Chris@1464 291 get activation_path
Chris@1464 292 assert_redirected_to '/login'
Chris@1464 293
Chris@1464 294 post '/login', :username => 'newuser', :password => 'newpass123'
Chris@1464 295 assert_redirected_to '/my/page'
Chris@1464 296 end
Chris@1464 297 end
Chris@0 298 end