Mercurial > hg > soundsoftware-site

comparison test/unit/user_test.rb @ 1464:261b3d9a4903 redmine-2.4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Redmine 2.4 branch rev 12663
author Chris Cannam
date Tue, 14 Jan 2014 14:37:42 +0000
parents 433d4f72a19b
children e248c7af89ec
comparison
equal deleted inserted replaced
1296:038ba2d95de8 1464:261b3d9a4903
1 # Redmine - project management software 1 # Redmine - project management software
2 # Copyright (C) 2006-2012 Jean-Philippe Lang 2 # Copyright (C) 2006-2013 Jean-Philippe Lang
3 # 3 #
4 # This program is free software; you can redistribute it and/or 4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License 5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2 6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version. 7 # of the License, or (at your option) any later version.
23 :projects_trackers, 23 :projects_trackers,
24 :watchers, 24 :watchers,
25 :issue_categories, :enumerations, :issues, 25 :issue_categories, :enumerations, :issues,
26 :journals, :journal_details, 26 :journals, :journal_details,
27 :groups_users, 27 :groups_users,
28 :enabled_modules, 28 :enabled_modules
29 :workflows
30 29
31 def setup 30 def setup
32 @admin = User.find(1) 31 @admin = User.find(1)
33 @jsmith = User.find(2) 32 @jsmith = User.find(2)
34 @dlopper = User.find(3) 33 @dlopper = User.find(3)
35 end 34 end
36 35
36 def test_sorted_scope_should_sort_user_by_display_name
37 assert_equal User.all.map(&:name).map(&:downcase).sort, User.sorted.all.map(&:name).map(&:downcase)
38 end
39
37 def test_generate 40 def test_generate
38 User.generate!(:firstname => 'Testing connection') 41 User.generate!(:firstname => 'Testing connection')
39 User.generate!(:firstname => 'Testing connection') 42 User.generate!(:firstname => 'Testing connection')
40 assert_equal 2, User.count(:all, :conditions => {:firstname => 'Testing connection'}) 43 assert_equal 2, User.where(:firstname => 'Testing connection').count
41 end 44 end
42 45
43 def test_truth 46 def test_truth
44 assert_kind_of User, @jsmith 47 assert_kind_of User, @jsmith
45 end 48 end
63 assert !user.valid? 66 assert !user.valid?
64 67
65 user.login = "x" * (User::LOGIN_LENGTH_LIMIT) 68 user.login = "x" * (User::LOGIN_LENGTH_LIMIT)
66 assert user.valid? 69 assert user.valid?
67 assert user.save 70 assert user.save
71 end
72
73 def test_generate_password_should_respect_minimum_password_length
74 with_settings :password_min_length => 15 do
75 user = User.generate!(:generate_password => true)
76 assert user.password.length >= 15
77 end
78 end
79
80 def test_generate_password_should_not_generate_password_with_less_than_10_characters
81 with_settings :password_min_length => 4 do
82 user = User.generate!(:generate_password => true)
83 assert user.password.length >= 10
84 end
85 end
86
87 def test_generate_password_on_create_should_set_password
88 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
89 user.login = "newuser"
90 user.generate_password = true
91 assert user.save
92
93 password = user.password
94 assert user.check_password?(password)
95 end
96
97 def test_generate_password_on_update_should_update_password
98 user = User.find(2)
99 hash = user.hashed_password
100 user.generate_password = true
101 assert user.save
102
103 password = user.password
104 assert user.check_password?(password)
105 assert_not_equal hash, user.reload.hashed_password
68 end 106 end
69 107
70 def test_create 108 def test_create
71 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo") 109 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
72 110
251 assert_nil User.find_by_id(2) 289 assert_nil User.find_by_id(2)
252 assert_equal User.anonymous, news.reload.author 290 assert_equal User.anonymous, news.reload.author
253 end 291 end
254 292
255 def test_destroy_should_delete_private_queries 293 def test_destroy_should_delete_private_queries
256 query = Query.new(:name => 'foo', :is_public => false) 294 query = Query.new(:name => 'foo', :visibility => Query::VISIBILITY_PRIVATE)
257 query.project_id = 1 295 query.project_id = 1
258 query.user_id = 2 296 query.user_id = 2
259 query.save! 297 query.save!
260 298
261 User.find(2).destroy 299 User.find(2).destroy
262 assert_nil User.find_by_id(2) 300 assert_nil User.find_by_id(2)
263 assert_nil Query.find_by_id(query.id) 301 assert_nil Query.find_by_id(query.id)
264 end 302 end
265 303
266 def test_destroy_should_update_public_queries 304 def test_destroy_should_update_public_queries
267 query = Query.new(:name => 'foo', :is_public => true) 305 query = Query.new(:name => 'foo', :visibility => Query::VISIBILITY_PUBLIC)
268 query.project_id = 1 306 query.project_id = 1
269 query.user_id = 2 307 query.user_id = 2
270 query.save! 308 query.save!
271 309
272 User.find(2).destroy 310 User.find(2).destroy
361 399
362 def test_validate_mail_notification_inclusion 400 def test_validate_mail_notification_inclusion
363 u = User.new 401 u = User.new
364 u.mail_notification = 'foo' 402 u.mail_notification = 'foo'
365 u.save 403 u.save
366 assert_not_nil u.errors[:mail_notification] 404 assert_not_equal [], u.errors[:mail_notification]
367 end
368
369 context "User#try_to_login" do
370 should "fall-back to case-insensitive if user login is not found as-typed." do
371 user = User.try_to_login("AdMin", "admin")
372 assert_kind_of User, user
373 assert_equal "admin", user.login
374 end
375
376 should "select the exact matching user first" do
377 case_sensitive_user = User.generate! do |user|
378 user.password = "admin123"
379 end
380 # bypass validations to make it appear like existing data
381 case_sensitive_user.update_attribute(:login, 'ADMIN')
382
383 user = User.try_to_login("ADMIN", "admin123")
384 assert_kind_of User, user
385 assert_equal "ADMIN", user.login
386
387 end
388 end 405 end
389 406
390 def test_password 407 def test_password
391 user = User.try_to_login("admin", "admin") 408 user = User.try_to_login("admin", "admin")
392 assert_kind_of User, user 409 assert_kind_of User, user
457 def test_fields_for_order_statement_should_return_fields_according_user_format_setting 474 def test_fields_for_order_statement_should_return_fields_according_user_format_setting
458 with_settings :user_format => 'lastname_coma_firstname' do 475 with_settings :user_format => 'lastname_coma_firstname' do
459 assert_equal ['users.lastname', 'users.firstname', 'users.id'], User.fields_for_order_statement 476 assert_equal ['users.lastname', 'users.firstname', 'users.id'], User.fields_for_order_statement
460 end 477 end
461 end 478 end
462 479
463 def test_fields_for_order_statement_width_table_name_should_prepend_table_name 480 def test_fields_for_order_statement_width_table_name_should_prepend_table_name
464 with_settings :user_format => 'lastname_firstname' do 481 with_settings :user_format => 'lastname_firstname' do
465 assert_equal ['authors.lastname', 'authors.firstname', 'authors.id'], User.fields_for_order_statement('authors') 482 assert_equal ['authors.lastname', 'authors.firstname', 'authors.id'], User.fields_for_order_statement('authors')
466 end 483 end
467 end 484 end
468 485
469 def test_fields_for_order_statement_with_blank_format_should_return_default 486 def test_fields_for_order_statement_with_blank_format_should_return_default
470 with_settings :user_format => '' do 487 with_settings :user_format => '' do
471 assert_equal ['users.firstname', 'users.lastname', 'users.id'], User.fields_for_order_statement 488 assert_equal ['users.firstname', 'users.lastname', 'users.id'], User.fields_for_order_statement
472 end 489 end
473 end 490 end
474 491
475 def test_fields_for_order_statement_with_invalid_format_should_return_default 492 def test_fields_for_order_statement_with_invalid_format_should_return_default
476 with_settings :user_format => 'foo' do 493 with_settings :user_format => 'foo' do
477 assert_equal ['users.firstname', 'users.lastname', 'users.id'], User.fields_for_order_statement 494 assert_equal ['users.firstname', 'users.lastname', 'users.id'], User.fields_for_order_statement
478 end 495 end
479 end 496 end
480 497
481 def test_lock 498 test ".try_to_login with good credentials should return the user" do
482 user = User.try_to_login("jsmith", "jsmith") 499 user = User.try_to_login("admin", "admin")
483 assert_equal @jsmith, user 500 assert_kind_of User, user
484 501 assert_equal "admin", user.login
502 end
503
504 test ".try_to_login with wrong credentials should return nil" do
505 assert_nil User.try_to_login("admin", "foo")
506 end
507
508 def test_try_to_login_with_locked_user_should_return_nil
485 @jsmith.status = User::STATUS_LOCKED 509 @jsmith.status = User::STATUS_LOCKED
486 assert @jsmith.save 510 @jsmith.save!
487 511
488 user = User.try_to_login("jsmith", "jsmith") 512 user = User.try_to_login("jsmith", "jsmith")
489 assert_equal nil, user 513 assert_equal nil, user
490 end 514 end
491 515
492 context ".try_to_login" do 516 def test_try_to_login_with_locked_user_and_not_active_only_should_return_user
493 context "with good credentials" do 517 @jsmith.status = User::STATUS_LOCKED
494 should "return the user" do 518 @jsmith.save!
495 user = User.try_to_login("admin", "admin") 519
496 assert_kind_of User, user 520 user = User.try_to_login("jsmith", "jsmith", false)
497 assert_equal "admin", user.login 521 assert_equal @jsmith, user
498 end 522 end
499 end 523
500 524 test ".try_to_login should fall-back to case-insensitive if user login is not found as-typed" do
501 context "with wrong credentials" do 525 user = User.try_to_login("AdMin", "admin")
502 should "return nil" do 526 assert_kind_of User, user
503 assert_nil User.try_to_login("admin", "foo") 527 assert_equal "admin", user.login
504 end 528 end
505 end 529
530 test ".try_to_login should select the exact matching user first" do
531 case_sensitive_user = User.generate! do |user|
532 user.password = "admin123"
533 end
534 # bypass validations to make it appear like existing data
535 case_sensitive_user.update_attribute(:login, 'ADMIN')
536
537 user = User.try_to_login("ADMIN", "admin123")
538 assert_kind_of User, user
539 assert_equal "ADMIN", user.login
506 end 540 end
507 541
508 if ldap_configured? 542 if ldap_configured?
509 context "#try_to_login using LDAP" do 543 context "#try_to_login using LDAP" do
510 context "with failed connection to the LDAP server" do 544 context "with failed connection to the LDAP server" do
578 @auth_source = AuthSourceLdap.find(1) 612 @auth_source = AuthSourceLdap.find(1)
579 @auth_source.account = "uid=$login,ou=Person,dc=redmine,dc=org" 613 @auth_source.account = "uid=$login,ou=Person,dc=redmine,dc=org"
580 @auth_source.account_password = '' 614 @auth_source.account_password = ''
581 @auth_source.save! 615 @auth_source.save!
582 end 616 end
583 617
584 context "with a successful authentication" do 618 context "with a successful authentication" do
585 should "create a new user account if it doesn't exist" do 619 should "create a new user account if it doesn't exist" do
586 assert_difference('User.count') do 620 assert_difference('User.count') do
587 user = User.try_to_login('example1', '123456') 621 user = User.try_to_login('example1', '123456')
588 assert_kind_of User, user 622 assert_kind_of User, user
589 end 623 end
590 end 624 end
591 end 625 end
592 626
593 context "with an unsuccessful authentication" do 627 context "with an unsuccessful authentication" do
594 should "return nil" do 628 should "return nil" do
595 assert_nil User.try_to_login('example1', '11111') 629 assert_nil User.try_to_login('example1', '11111')
596 end 630 end
597 end 631 end
644 key2 = @jsmith.api_key 678 key2 = @jsmith.api_key
645 assert_equal key1, key2 679 assert_equal key1, key2
646 end 680 end
647 end 681 end
648 682
649 context "User#api_key" do 683 test "#api_key should generate a new one if the user doesn't have one" do
650 should "generate a new one if the user doesn't have one" do 684 user = User.generate!(:api_token => nil)
651 user = User.generate!(:api_token => nil) 685 assert_nil user.api_token
652 assert_nil user.api_token 686
653 687 key = user.api_key
654 key = user.api_key 688 assert_equal 40, key.length
655 assert_equal 40, key.length 689 user.reload
656 user.reload 690 assert_equal key, user.api_key
657 assert_equal key, user.api_key 691 end
658 end 692
659 693 test "#api_key should return the existing api token value" do
660 should "return the existing api token value" do 694 user = User.generate!
661 user = User.generate! 695 token = Token.create!(:action => 'api')
662 token = Token.create!(:action => 'api') 696 user.api_token = token
663 user.api_token = token 697 assert user.save
664 assert user.save 698
665 699 assert_equal token.value, user.api_key
666 assert_equal token.value, user.api_key 700 end
667 end 701
668 end 702 test "#find_by_api_key should return nil if no matching key is found" do
669 703 assert_nil User.find_by_api_key('zzzzzzzzz')
670 context "User#find_by_api_key" do 704 end
671 should "return nil if no matching key is found" do 705
672 assert_nil User.find_by_api_key('zzzzzzzzz') 706 test "#find_by_api_key should return nil if the key is found for an inactive user" do
673 end 707 user = User.generate!
674 708 user.status = User::STATUS_LOCKED
675 should "return nil if the key is found for an inactive user" do 709 token = Token.create!(:action => 'api')
676 user = User.generate! 710 user.api_token = token
677 user.status = User::STATUS_LOCKED 711 user.save
678 token = Token.create!(:action => 'api') 712
679 user.api_token = token 713 assert_nil User.find_by_api_key(token.value)
680 user.save 714 end
681 715
682 assert_nil User.find_by_api_key(token.value) 716 test "#find_by_api_key should return the user if the key is found for an active user" do
683 end 717 user = User.generate!
684 718 token = Token.create!(:action => 'api')
685 should "return the user if the key is found for an active user" do 719 user.api_token = token
686 user = User.generate! 720 user.save
687 token = Token.create!(:action => 'api') 721
688 user.api_token = token 722 assert_equal user, User.find_by_api_key(token.value)
689 user.save
690
691 assert_equal user, User.find_by_api_key(token.value)
692 end
693 end 723 end
694 724
695 def test_default_admin_account_changed_should_return_false_if_account_was_not_changed 725 def test_default_admin_account_changed_should_return_false_if_account_was_not_changed
696 user = User.find_by_login("admin") 726 user = User.find_by_login("admin")
697 user.password = "admin" 727 user.password = "admin"
720 def test_default_admin_account_changed_should_return_true_if_account_does_not_exist 750 def test_default_admin_account_changed_should_return_true_if_account_does_not_exist
721 user = User.find_by_login("admin") 751 user = User.find_by_login("admin")
722 user.destroy 752 user.destroy
723 753
724 assert_equal true, User.default_admin_account_changed? 754 assert_equal true, User.default_admin_account_changed?
755 end
756
757 def test_membership_with_project_should_return_membership
758 project = Project.find(1)
759
760 membership = @jsmith.membership(project)
761 assert_kind_of Member, membership
762 assert_equal @jsmith, membership.user
763 assert_equal project, membership.project
764 end
765
766 def test_membership_with_project_id_should_return_membership
767 project = Project.find(1)
768
769 membership = @jsmith.membership(1)
770 assert_kind_of Member, membership
771 assert_equal @jsmith, membership.user
772 assert_equal project, membership.project
773 end
774
775 def test_membership_for_non_member_should_return_nil
776 project = Project.find(1)
777
778 user = User.generate!
779 membership = user.membership(1)
780 assert_nil membership
725 end 781 end
726 782
727 def test_roles_for_project 783 def test_roles_for_project
728 # user with a role 784 # user with a role
729 roles = @jsmith.roles_for_project(Project.find(1)) 785 roles = @jsmith.roles_for_project(Project.find(1))
814 u.random_password 870 u.random_password
815 assert !u.password.blank? 871 assert !u.password.blank?
816 assert !u.password_confirmation.blank? 872 assert !u.password_confirmation.blank?
817 end 873 end
818 874
819 context "#change_password_allowed?" do 875 test "#change_password_allowed? should be allowed if no auth source is set" do
820 should "be allowed if no auth source is set" do 876 user = User.generate!
821 user = User.generate! 877 assert user.change_password_allowed?
822 assert user.change_password_allowed? 878 end
823 end 879
824 880 test "#change_password_allowed? should delegate to the auth source" do
825 should "delegate to the auth source" do 881 user = User.generate!
826 user = User.generate! 882
827 883 allowed_auth_source = AuthSource.generate!
828 allowed_auth_source = AuthSource.generate! 884 def allowed_auth_source.allow_password_changes?; true; end
829 def allowed_auth_source.allow_password_changes?; true; end 885
830 886 denied_auth_source = AuthSource.generate!
831 denied_auth_source = AuthSource.generate! 887 def denied_auth_source.allow_password_changes?; false; end
832 def denied_auth_source.allow_password_changes?; false; end 888
833 889 assert user.change_password_allowed?
834 assert user.change_password_allowed? 890
835 891 user.auth_source = allowed_auth_source
836 user.auth_source = allowed_auth_source 892 assert user.change_password_allowed?, "User not allowed to change password, though auth source does"
837 assert user.change_password_allowed?, "User not allowed to change password, though auth source does" 893
838 894 user.auth_source = denied_auth_source
839 user.auth_source = denied_auth_source 895 assert !user.change_password_allowed?, "User allowed to change password, though auth source does not"
840 assert !user.change_password_allowed?, "User allowed to change password, though auth source does not"
841 end
842 end 896 end
843 897
844 def test_own_account_deletable_should_be_true_with_unsubscrive_enabled 898 def test_own_account_deletable_should_be_true_with_unsubscrive_enabled
845 with_settings :unsubscribe => '1' do 899 with_settings :unsubscribe => '1' do
846 assert_equal true, User.find(2).own_account_deletable? 900 assert_equal true, User.find(2).own_account_deletable?
899 end 953 end
900 954
901 should "authorize nearly everything for admin users" do 955 should "authorize nearly everything for admin users" do
902 project = Project.find(1) 956 project = Project.find(1)
903 assert ! @admin.member_of?(project) 957 assert ! @admin.member_of?(project)
904 %w(edit_issues delete_issues manage_news manage_documents manage_wiki).each do |p| 958 %w(edit_issues delete_issues manage_news add_documents manage_wiki).each do |p|
905 assert_equal true, @admin.allowed_to?(p.to_sym, project) 959 assert_equal true, @admin.allowed_to?(p.to_sym, project)
906 end 960 end
907 end 961 end
908 962
909 should "authorize normal users depending on their roles" do 963 should "authorize normal users depending on their roles" do
1012 @user = User.generate!(:mail_notification => 'selected') 1066 @user = User.generate!(:mail_notification => 'selected')
1013 Member.create!(:user => @user, :project => @project, :role_ids => [1]) 1067 Member.create!(:user => @user, :project => @project, :role_ids => [1])
1014 assert ! @user.notify_about?(@issue) 1068 assert ! @user.notify_about?(@issue)
1015 end 1069 end
1016 end 1070 end
1017 1071 end
1018 context "other events" do 1072
1019 should 'be added and tested' 1073 def test_notify_about_news
1074 user = User.generate!
1075 news = News.new
1076
1077 User::MAIL_NOTIFICATION_OPTIONS.map(&:first).each do |option|
1078 user.mail_notification = option
1079 assert_equal (option != 'none'), user.notify_about?(news)
1020 end 1080 end
1021 end 1081 end
1022 1082
1023 def test_salt_unsalted_passwords 1083 def test_salt_unsalted_passwords
1024 # Restore a user with an unsalted password 1084 # Restore a user with an unsalted password