Mercurial > hg > soundsoftware-site

comparison test/functional/account_controller_test.rb @ 1526:404aa68d4227

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge from live branch
author Chris Cannam
date Thu, 11 Sep 2014 12:46:20 +0100
parents dffacf8a6908
children
comparison
equal deleted inserted replaced
1493:a5f2bdf3b486 1526:404aa68d4227
1 # Redmine - project management software 1 # Redmine - project management software
2 # Copyright (C) 2006-2012 Jean-Philippe Lang 2 # Copyright (C) 2006-2014 Jean-Philippe Lang
3 # 3 #
4 # This program is free software; you can redistribute it and/or 4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License 5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2 6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version. 7 # of the License, or (at your option) any later version.
14 # You should have received a copy of the GNU General Public License 14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software 15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 require File.expand_path('../../test_helper', __FILE__) 18 require File.expand_path('../../test_helper', __FILE__)
19 require 'account_controller'
20
21 # Re-raise errors caught by the controller.
22 class AccountController; def rescue_action(e) raise e end; end
23 19
24 class AccountControllerTest < ActionController::TestCase 20 class AccountControllerTest < ActionController::TestCase
25 fixtures :users, :roles 21 fixtures :users, :roles
26 22
27 def setup 23 def setup
28 @controller = AccountController.new
29 @request = ActionController::TestRequest.new
30 @response = ActionController::TestResponse.new
31 User.current = nil 24 User.current = nil
32 end 25 end
33 26
34 def test_get_login 27 def test_get_login
35 get :login 28 get :login
38 31
39 assert_select 'input[name=username]' 32 assert_select 'input[name=username]'
40 assert_select 'input[name=password]' 33 assert_select 'input[name=password]'
41 end 34 end
42 35
36 def test_get_login_while_logged_in_should_redirect_to_back_url_if_present
37 @request.session[:user_id] = 2
38 @request.env["HTTP_REFERER"] = 'http://test.host/issues/show/1'
39
40 get :login, :back_url => 'http://test.host/issues/show/1'
41 assert_redirected_to '/issues/show/1'
42 assert_equal 2, @request.session[:user_id]
43 end
44
45 def test_get_login_while_logged_in_should_redirect_to_referer_without_back_url
46 @request.session[:user_id] = 2
47 @request.env["HTTP_REFERER"] = 'http://test.host/issues/show/1'
48
49 get :login
50 assert_redirected_to '/issues/show/1'
51 assert_equal 2, @request.session[:user_id]
52 end
53
54 def test_get_login_while_logged_in_should_redirect_to_home_by_default
55 @request.session[:user_id] = 2
56
57 get :login
58 assert_redirected_to '/'
59 assert_equal 2, @request.session[:user_id]
60 end
61
43 def test_login_should_redirect_to_back_url_param 62 def test_login_should_redirect_to_back_url_param
44 # request.uri is "test.host" in test environment 63 # request.uri is "test.host" in test environment
45 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.host/issues/show/1' 64 back_urls = [
46 assert_redirected_to '/issues/show/1' 65 'http://test.host/issues/show/1',
66 '/'
67 ]
68 back_urls.each do |back_url|
69 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
70 assert_redirected_to back_url
71 end
72 end
73
74 def test_login_with_suburi_should_redirect_to_back_url_param
75 @relative_url_root = ApplicationController.relative_url_root
76 ApplicationController.relative_url_root = '/redmine'
77
78 back_urls = [
79 'http://test.host/redmine/issues/show/1',
80 '/redmine'
81 ]
82 back_urls.each do |back_url|
83 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
84 assert_redirected_to back_url
85 end
86 ensure
87 ApplicationController.relative_url_root = @relative_url_root
47 end 88 end
48 89
49 def test_login_should_not_redirect_to_another_host 90 def test_login_should_not_redirect_to_another_host
50 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http://test.foo/fake' 91 back_urls = [
51 assert_redirected_to '/my/page' 92 'http://test.foo/fake',
93 '//test.foo/fake'
94 ]
95 back_urls.each do |back_url|
96 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
97 assert_redirected_to '/my/page'
98 end
99 end
100
101 def test_login_with_suburi_should_not_redirect_to_another_suburi
102 @relative_url_root = ApplicationController.relative_url_root
103 ApplicationController.relative_url_root = '/redmine'
104
105 back_urls = [
106 'http://test.host/',
107 'http://test.host/fake',
108 'http://test.host/fake/issues',
109 'http://test.host/redmine/../fake',
110 'http://test.host/redmine/../fake/issues',
111 'http://test.host/redmine/%2e%2e/fake'
112 ]
113 back_urls.each do |back_url|
114 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
115 assert_redirected_to '/my/page'
116 end
117 ensure
118 ApplicationController.relative_url_root = @relative_url_root
52 end 119 end
53 120
54 def test_login_with_wrong_password 121 def test_login_with_wrong_password
55 post :login, :username => 'admin', :password => 'bad' 122 post :login, :username => 'admin', :password => 'bad'
56 assert_response :success 123 assert_response :success
60 assert_select 'input[name=username][value=admin]' 127 assert_select 'input[name=username][value=admin]'
61 assert_select 'input[name=password]' 128 assert_select 'input[name=password]'
62 assert_select 'input[name=password][value]', 0 129 assert_select 'input[name=password][value]', 0
63 end 130 end
64 131
132 def test_login_with_locked_account_should_fail
133 User.find(2).update_attribute :status, User::STATUS_LOCKED
134
135 post :login, :username => 'jsmith', :password => 'jsmith'
136 assert_redirected_to '/login'
137 assert_include 'locked', flash[:error]
138 assert_nil @request.session[:user_id]
139 end
140
141 def test_login_as_registered_user_with_manual_activation_should_inform_user
142 User.find(2).update_attribute :status, User::STATUS_REGISTERED
143
144 with_settings :self_registration => '2', :default_language => 'en' do
145 post :login, :username => 'jsmith', :password => 'jsmith'
146 assert_redirected_to '/login'
147 assert_include 'pending administrator approval', flash[:error]
148 end
149 end
150
151 def test_login_as_registered_user_with_email_activation_should_propose_new_activation_email
152 User.find(2).update_attribute :status, User::STATUS_REGISTERED
153
154 with_settings :self_registration => '1', :default_language => 'en' do
155 post :login, :username => 'jsmith', :password => 'jsmith'
156 assert_redirected_to '/login'
157 assert_equal 2, @request.session[:registered_user_id]
158 assert_include 'new activation email', flash[:error]
159 end
160 end
161
65 def test_login_should_rescue_auth_source_exception 162 def test_login_should_rescue_auth_source_exception
66 source = AuthSource.create!(:name => 'Test') 163 source = AuthSource.create!(:name => 'Test')
67 User.find(2).update_attribute :auth_source_id, source.id 164 User.find(2).update_attribute :auth_source_id, source.id
68 AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong")) 165 AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong"))
69 166
77 174
78 post :login, :username => 'jsmith', :password => 'jsmith' 175 post :login, :username => 'jsmith', :password => 'jsmith'
79 assert_response 302 176 assert_response 302
80 end 177 end
81 178
179 def test_get_logout_should_not_logout
180 @request.session[:user_id] = 2
181 get :logout
182 assert_response :success
183 assert_template 'logout'
184
185 assert_equal 2, @request.session[:user_id]
186 end
187
188 def test_get_logout_with_anonymous_should_redirect
189 get :logout
190 assert_redirected_to '/'
191 end
192
82 def test_logout 193 def test_logout
83 @request.session[:user_id] = 2 194 @request.session[:user_id] = 2
84 get :logout 195 post :logout
85 assert_redirected_to '/' 196 assert_redirected_to '/'
86 assert_nil @request.session[:user_id] 197 assert_nil @request.session[:user_id]
87 end 198 end
88 199
89 def test_logout_should_reset_session 200 def test_logout_should_reset_session
90 @controller.expects(:reset_session).once 201 @controller.expects(:reset_session).once
91 202
92 @request.session[:user_id] = 2 203 @request.session[:user_id] = 2
93 get :logout 204 post :logout
94 assert_response 302 205 assert_response 302
95 end 206 end
96 207
97 def test_get_register_with_registration_on 208 def test_get_register_with_registration_on
98 with_settings :self_registration => '3' do 209 with_settings :self_registration => '3' do
99 get :register 210 get :register
100 assert_response :success 211 assert_response :success
101 assert_template 'register' 212 assert_template 'register'
102 assert_not_nil assigns(:user) 213 assert_not_nil assigns(:user)
103 214
104 assert_tag 'input', :attributes => {:name => 'user[password]'} 215 assert_select 'input[name=?]', 'user[password]'
105 assert_tag 'input', :attributes => {:name => 'user[password_confirmation]'} 216 assert_select 'input[name=?]', 'user[password_confirmation]'
217 end
218 end
219
220 def test_get_register_should_detect_user_language
221 with_settings :self_registration => '3' do
222 @request.env['HTTP_ACCEPT_LANGUAGE'] = 'fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3'
223 get :register
224 assert_response :success
225 assert_not_nil assigns(:user)
226 assert_equal 'fr', assigns(:user).language
227 assert_select 'select[name=?]', 'user[language]' do
228 assert_select 'option[value=fr][selected=selected]'
229 end
106 end 230 end
107 end 231 end
108 232
109 def test_get_register_with_registration_off_should_redirect 233 def test_get_register_with_registration_off_should_redirect
110 with_settings :self_registration => '0' do 234 with_settings :self_registration => '0' do
125 :lastname => 'Doe', 249 :lastname => 'Doe',
126 :mail => 'register@example.com' 250 :mail => 'register@example.com'
127 } 251 }
128 assert_redirected_to '/my/account' 252 assert_redirected_to '/my/account'
129 end 253 end
130 user = User.first(:order => 'id DESC') 254 user = User.order('id DESC').first
131 assert_equal 'register', user.login 255 assert_equal 'register', user.login
132 assert_equal 'John', user.firstname 256 assert_equal 'John', user.firstname
133 assert_equal 'Doe', user.lastname 257 assert_equal 'Doe', user.lastname
134 assert_equal 'register@example.com', user.mail 258 assert_equal 'register@example.com', user.mail
135 assert user.check_password?('secret123') 259 assert user.check_password?('secret123')
192 Token.delete_all 316 Token.delete_all
193 assert User.find(2).lock! 317 assert User.find(2).lock!
194 318
195 assert_no_difference 'Token.count' do 319 assert_no_difference 'Token.count' do
196 post :lost_password, :mail => 'JSmith@somenet.foo' 320 post :lost_password, :mail => 'JSmith@somenet.foo'
321 assert_redirected_to '/account/lost_password'
322 end
323 end
324
325 def test_lost_password_for_user_who_cannot_change_password_should_fail
326 User.any_instance.stubs(:change_password_allowed?).returns(false)
327
328 assert_no_difference 'Token.count' do
329 post :lost_password, :mail => 'JSmith@somenet.foo'
197 assert_response :success 330 assert_response :success
198 end 331 end
199 end 332 end
200 333
201 def test_get_lost_password_with_token_should_display_the_password_recovery_form 334 def test_get_lost_password_with_token_should_display_the_password_recovery_form
249 382
250 def test_post_lost_password_with_invalid_token_should_redirect 383 def test_post_lost_password_with_invalid_token_should_redirect
251 post :lost_password, :token => "abcdef", :new_password => 'newpass', :new_password_confirmation => 'newpass' 384 post :lost_password, :token => "abcdef", :new_password => 'newpass', :new_password_confirmation => 'newpass'
252 assert_redirected_to '/' 385 assert_redirected_to '/'
253 end 386 end
387
388 def test_activation_email_should_send_an_activation_email
389 User.find(2).update_attribute :status, User::STATUS_REGISTERED
390 @request.session[:registered_user_id] = 2
391
392 with_settings :self_registration => '1' do
393 assert_difference 'ActionMailer::Base.deliveries.size' do
394 get :activation_email
395 assert_redirected_to '/login'
396 end
397 end
398 end
399
400 def test_activation_email_without_session_data_should_fail
401 User.find(2).update_attribute :status, User::STATUS_REGISTERED
402
403 with_settings :self_registration => '1' do
404 assert_no_difference 'ActionMailer::Base.deliveries.size' do
405 get :activation_email
406 assert_redirected_to '/'
407 end
408 end
409 end
254 end 410 end