Chris@0: # redMine - project management software Chris@0: # Copyright (C) 2006 Jean-Philippe Lang Chris@0: # Chris@0: # This program is free software; you can redistribute it and/or Chris@0: # modify it under the terms of the GNU General Public License Chris@0: # as published by the Free Software Foundation; either version 2 Chris@0: # of the License, or (at your option) any later version. Chris@0: # Chris@0: # This program is distributed in the hope that it will be useful, Chris@0: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@0: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@0: # GNU General Public License for more details. Chris@0: # Chris@0: # You should have received a copy of the GNU General Public License Chris@0: # along with this program; if not, write to the Free Software Chris@0: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@0: Chris@0: require File.dirname(__FILE__) + '/../test_helper' Chris@0: Chris@0: class UserTest < ActiveSupport::TestCase Chris@0: fixtures :users, :members, :projects, :roles, :member_roles, :auth_sources Chris@0: Chris@0: def setup Chris@0: @admin = User.find(1) Chris@0: @jsmith = User.find(2) Chris@0: @dlopper = User.find(3) Chris@0: end Chris@0: Chris@0: test 'object_daddy creation' do Chris@0: User.generate_with_protected!(:firstname => 'Testing connection') Chris@0: User.generate_with_protected!(:firstname => 'Testing connection') Chris@0: assert_equal 2, User.count(:all, :conditions => {:firstname => 'Testing connection'}) Chris@0: end Chris@0: Chris@0: def test_truth Chris@0: assert_kind_of User, @jsmith Chris@0: end Chris@1: Chris@1: def test_mail_should_be_stripped Chris@1: u = User.new Chris@1: u.mail = " foo@bar.com " Chris@1: assert_equal "foo@bar.com", u.mail Chris@1: end Chris@0: Chris@0: def test_create Chris@0: user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo") Chris@0: Chris@0: user.login = "jsmith" Chris@0: user.password, user.password_confirmation = "password", "password" Chris@0: # login uniqueness Chris@0: assert !user.save Chris@0: assert_equal 1, user.errors.count Chris@0: Chris@0: user.login = "newuser" Chris@0: user.password, user.password_confirmation = "passwd", "password" Chris@0: # password confirmation Chris@0: assert !user.save Chris@0: assert_equal 1, user.errors.count Chris@0: Chris@0: user.password, user.password_confirmation = "password", "password" Chris@0: assert user.save Chris@0: end Chris@0: Chris@0: context "User.login" do Chris@0: should "be case-insensitive." do Chris@0: u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo") Chris@0: u.login = 'newuser' Chris@0: u.password, u.password_confirmation = "password", "password" Chris@0: assert u.save Chris@0: Chris@0: u = User.new(:firstname => "Similar", :lastname => "User", :mail => "similaruser@somenet.foo") Chris@0: u.login = 'NewUser' Chris@0: u.password, u.password_confirmation = "password", "password" Chris@0: assert !u.save Chris@0: assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:login) Chris@0: end Chris@0: end Chris@0: Chris@0: def test_mail_uniqueness_should_not_be_case_sensitive Chris@0: u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo") Chris@0: u.login = 'newuser1' Chris@0: u.password, u.password_confirmation = "password", "password" Chris@0: assert u.save Chris@0: Chris@0: u = User.new(:firstname => "new", :lastname => "user", :mail => "newUser@Somenet.foo") Chris@0: u.login = 'newuser2' Chris@0: u.password, u.password_confirmation = "password", "password" Chris@0: assert !u.save Chris@0: assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:mail) Chris@0: end Chris@0: Chris@0: def test_update Chris@0: assert_equal "admin", @admin.login Chris@0: @admin.login = "john" Chris@0: assert @admin.save, @admin.errors.full_messages.join("; ") Chris@0: @admin.reload Chris@0: assert_equal "john", @admin.login Chris@0: end Chris@0: Chris@0: def test_destroy Chris@0: User.find(2).destroy Chris@0: assert_nil User.find_by_id(2) Chris@0: assert Member.find_all_by_user_id(2).empty? Chris@0: end Chris@0: Chris@0: def test_validate Chris@0: @admin.login = "" Chris@0: assert !@admin.save Chris@0: assert_equal 1, @admin.errors.count Chris@0: end Chris@0: Chris@0: context "User#try_to_login" do Chris@0: should "fall-back to case-insensitive if user login is not found as-typed." do Chris@0: user = User.try_to_login("AdMin", "admin") Chris@0: assert_kind_of User, user Chris@0: assert_equal "admin", user.login Chris@0: end Chris@0: Chris@0: should "select the exact matching user first" do Chris@0: case_sensitive_user = User.generate_with_protected!(:login => 'changed', :password => 'admin', :password_confirmation => 'admin') Chris@0: # bypass validations to make it appear like existing data Chris@0: case_sensitive_user.update_attribute(:login, 'ADMIN') Chris@0: Chris@0: user = User.try_to_login("ADMIN", "admin") Chris@0: assert_kind_of User, user Chris@0: assert_equal "ADMIN", user.login Chris@0: Chris@0: end Chris@0: end Chris@0: Chris@0: def test_password Chris@0: user = User.try_to_login("admin", "admin") Chris@0: assert_kind_of User, user Chris@0: assert_equal "admin", user.login Chris@0: user.password = "hello" Chris@0: assert user.save Chris@0: Chris@0: user = User.try_to_login("admin", "hello") Chris@0: assert_kind_of User, user Chris@0: assert_equal "admin", user.login Chris@0: assert_equal User.hash_password("hello"), user.hashed_password Chris@0: end Chris@0: Chris@0: def test_name_format Chris@0: assert_equal 'Smith, John', @jsmith.name(:lastname_coma_firstname) Chris@0: Setting.user_format = :firstname_lastname Chris@0: assert_equal 'John Smith', @jsmith.reload.name Chris@0: Setting.user_format = :username Chris@0: assert_equal 'jsmith', @jsmith.reload.name Chris@0: end Chris@0: Chris@0: def test_lock Chris@0: user = User.try_to_login("jsmith", "jsmith") Chris@0: assert_equal @jsmith, user Chris@0: Chris@0: @jsmith.status = User::STATUS_LOCKED Chris@0: assert @jsmith.save Chris@0: Chris@0: user = User.try_to_login("jsmith", "jsmith") Chris@0: assert_equal nil, user Chris@0: end Chris@0: Chris@0: if ldap_configured? Chris@0: context "#try_to_login using LDAP" do Chris@0: context "with failed connection to the LDAP server" do Chris@0: should "return nil" do Chris@0: @auth_source = AuthSourceLdap.find(1) Chris@0: AuthSource.any_instance.stubs(:initialize_ldap_con).raises(Net::LDAP::LdapError, 'Cannot connect') Chris@0: Chris@0: assert_equal nil, User.try_to_login('edavis', 'wrong') Chris@0: end Chris@0: end Chris@0: Chris@0: context "with an unsuccessful authentication" do Chris@0: should "return nil" do Chris@0: assert_equal nil, User.try_to_login('edavis', 'wrong') Chris@0: end Chris@0: end Chris@0: Chris@0: context "on the fly registration" do Chris@0: setup do Chris@0: @auth_source = AuthSourceLdap.find(1) Chris@0: end Chris@0: Chris@0: context "with a successful authentication" do Chris@0: should "create a new user account if it doesn't exist" do Chris@0: assert_difference('User.count') do Chris@0: user = User.try_to_login('edavis', '123456') Chris@0: assert !user.admin? Chris@0: end Chris@0: end Chris@0: Chris@0: should "retrieve existing user" do Chris@0: user = User.try_to_login('edavis', '123456') Chris@0: user.admin = true Chris@0: user.save! Chris@0: Chris@0: assert_no_difference('User.count') do Chris@0: user = User.try_to_login('edavis', '123456') Chris@0: assert user.admin? Chris@0: end Chris@0: end Chris@0: end Chris@0: end Chris@0: end Chris@0: Chris@0: else Chris@0: puts "Skipping LDAP tests." Chris@0: end Chris@0: Chris@0: def test_create_anonymous Chris@0: AnonymousUser.delete_all Chris@0: anon = User.anonymous Chris@0: assert !anon.new_record? Chris@0: assert_kind_of AnonymousUser, anon Chris@0: end Chris@0: Chris@0: should_have_one :rss_token Chris@0: Chris@0: def test_rss_key Chris@0: assert_nil @jsmith.rss_token Chris@0: key = @jsmith.rss_key Chris@0: assert_equal 40, key.length Chris@0: Chris@0: @jsmith.reload Chris@0: assert_equal key, @jsmith.rss_key Chris@0: end Chris@0: Chris@0: Chris@0: should_have_one :api_token Chris@0: Chris@0: context "User#api_key" do Chris@0: should "generate a new one if the user doesn't have one" do Chris@0: user = User.generate_with_protected!(:api_token => nil) Chris@0: assert_nil user.api_token Chris@0: Chris@0: key = user.api_key Chris@0: assert_equal 40, key.length Chris@0: user.reload Chris@0: assert_equal key, user.api_key Chris@0: end Chris@0: Chris@0: should "return the existing api token value" do Chris@0: user = User.generate_with_protected! Chris@0: token = Token.generate!(:action => 'api') Chris@0: user.api_token = token Chris@0: assert user.save Chris@0: Chris@0: assert_equal token.value, user.api_key Chris@0: end Chris@0: end Chris@0: Chris@0: context "User#find_by_api_key" do Chris@0: should "return nil if no matching key is found" do Chris@0: assert_nil User.find_by_api_key('zzzzzzzzz') Chris@0: end Chris@0: Chris@0: should "return nil if the key is found for an inactive user" do Chris@0: user = User.generate_with_protected!(:status => User::STATUS_LOCKED) Chris@0: token = Token.generate!(:action => 'api') Chris@0: user.api_token = token Chris@0: user.save Chris@0: Chris@0: assert_nil User.find_by_api_key(token.value) Chris@0: end Chris@0: Chris@0: should "return the user if the key is found for an active user" do Chris@0: user = User.generate_with_protected!(:status => User::STATUS_ACTIVE) Chris@0: token = Token.generate!(:action => 'api') Chris@0: user.api_token = token Chris@0: user.save Chris@0: Chris@0: assert_equal user, User.find_by_api_key(token.value) Chris@0: end Chris@0: end Chris@0: Chris@0: def test_roles_for_project Chris@0: # user with a role Chris@0: roles = @jsmith.roles_for_project(Project.find(1)) Chris@0: assert_kind_of Role, roles.first Chris@0: assert_equal "Manager", roles.first.name Chris@0: Chris@0: # user with no role Chris@0: assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?} Chris@0: end Chris@0: Chris@0: def test_mail_notification_all Chris@0: @jsmith.mail_notification = true Chris@0: @jsmith.notified_project_ids = [] Chris@0: @jsmith.save Chris@0: @jsmith.reload Chris@0: assert @jsmith.projects.first.recipients.include?(@jsmith.mail) Chris@0: end Chris@0: Chris@0: def test_mail_notification_selected Chris@0: @jsmith.mail_notification = false Chris@0: @jsmith.notified_project_ids = [1] Chris@0: @jsmith.save Chris@0: @jsmith.reload Chris@0: assert Project.find(1).recipients.include?(@jsmith.mail) Chris@0: end Chris@0: Chris@0: def test_mail_notification_none Chris@0: @jsmith.mail_notification = false Chris@0: @jsmith.notified_project_ids = [] Chris@0: @jsmith.save Chris@0: @jsmith.reload Chris@0: assert !@jsmith.projects.first.recipients.include?(@jsmith.mail) Chris@0: end Chris@0: Chris@0: def test_comments_sorting_preference Chris@0: assert !@jsmith.wants_comments_in_reverse_order? Chris@0: @jsmith.pref.comments_sorting = 'asc' Chris@0: assert !@jsmith.wants_comments_in_reverse_order? Chris@0: @jsmith.pref.comments_sorting = 'desc' Chris@0: assert @jsmith.wants_comments_in_reverse_order? Chris@0: end Chris@0: Chris@0: def test_find_by_mail_should_be_case_insensitive Chris@0: u = User.find_by_mail('JSmith@somenet.foo') Chris@0: assert_not_nil u Chris@0: assert_equal 'jsmith@somenet.foo', u.mail Chris@0: end Chris@0: Chris@0: def test_random_password Chris@0: u = User.new Chris@0: u.random_password Chris@0: assert !u.password.blank? Chris@0: assert !u.password_confirmation.blank? Chris@0: end Chris@0: Chris@0: context "#change_password_allowed?" do Chris@0: should "be allowed if no auth source is set" do Chris@0: user = User.generate_with_protected! Chris@0: assert user.change_password_allowed? Chris@0: end Chris@0: Chris@0: should "delegate to the auth source" do Chris@0: user = User.generate_with_protected! Chris@0: Chris@0: allowed_auth_source = AuthSource.generate! Chris@0: def allowed_auth_source.allow_password_changes?; true; end Chris@0: Chris@0: denied_auth_source = AuthSource.generate! Chris@0: def denied_auth_source.allow_password_changes?; false; end Chris@0: Chris@0: assert user.change_password_allowed? Chris@0: Chris@0: user.auth_source = allowed_auth_source Chris@0: assert user.change_password_allowed?, "User not allowed to change password, though auth source does" Chris@0: Chris@0: user.auth_source = denied_auth_source Chris@0: assert !user.change_password_allowed?, "User allowed to change password, though auth source does not" Chris@0: end Chris@0: Chris@0: end Chris@0: chris@22: context "#allowed_to?" do chris@22: context "with a unique project" do chris@22: should "return false if project is archived" do chris@22: project = Project.find(1) chris@22: Project.any_instance.stubs(:status).returns(Project::STATUS_ARCHIVED) chris@22: assert ! @admin.allowed_to?(:view_issues, Project.find(1)) chris@22: end chris@22: chris@22: should "return false if related module is disabled" do chris@22: project = Project.find(1) chris@22: project.enabled_module_names = ["issue_tracking"] chris@22: assert @admin.allowed_to?(:add_issues, project) chris@22: assert ! @admin.allowed_to?(:view_wiki_pages, project) chris@22: end chris@22: chris@22: should "authorize nearly everything for admin users" do chris@22: project = Project.find(1) chris@22: assert ! @admin.member_of?(project) chris@22: %w(edit_issues delete_issues manage_news manage_documents manage_wiki).each do |p| chris@22: assert @admin.allowed_to?(p.to_sym, project) chris@22: end chris@22: end chris@22: chris@22: should "authorize normal users depending on their roles" do chris@22: project = Project.find(1) chris@22: assert @jsmith.allowed_to?(:delete_messages, project) #Manager chris@22: assert ! @dlopper.allowed_to?(:delete_messages, project) #Developper chris@22: end chris@22: end chris@22: chris@22: context "with options[:global]" do chris@22: should "authorize if user has at least one role that has this permission" do chris@22: @dlopper2 = User.find(5) #only Developper on a project, not Manager anywhere chris@22: @anonymous = User.find(6) chris@22: assert @jsmith.allowed_to?(:delete_issue_watchers, nil, :global => true) chris@22: assert ! @dlopper2.allowed_to?(:delete_issue_watchers, nil, :global => true) chris@22: assert @dlopper2.allowed_to?(:add_issues, nil, :global => true) chris@22: assert ! @anonymous.allowed_to?(:add_issues, nil, :global => true) chris@22: assert @anonymous.allowed_to?(:view_issues, nil, :global => true) chris@22: end chris@22: end chris@22: end chris@22: Chris@0: if Object.const_defined?(:OpenID) Chris@0: Chris@0: def test_setting_identity_url Chris@0: normalized_open_id_url = 'http://example.com/' Chris@0: u = User.new( :identity_url => 'http://example.com/' ) Chris@0: assert_equal normalized_open_id_url, u.identity_url Chris@0: end Chris@0: Chris@0: def test_setting_identity_url_without_trailing_slash Chris@0: normalized_open_id_url = 'http://example.com/' Chris@0: u = User.new( :identity_url => 'http://example.com' ) Chris@0: assert_equal normalized_open_id_url, u.identity_url Chris@0: end Chris@0: Chris@0: def test_setting_identity_url_without_protocol Chris@0: normalized_open_id_url = 'http://example.com/' Chris@0: u = User.new( :identity_url => 'example.com' ) Chris@0: assert_equal normalized_open_id_url, u.identity_url Chris@0: end Chris@0: Chris@0: def test_setting_blank_identity_url Chris@0: u = User.new( :identity_url => 'example.com' ) Chris@0: u.identity_url = '' Chris@0: assert u.identity_url.blank? Chris@0: end Chris@0: Chris@0: def test_setting_invalid_identity_url Chris@0: u = User.new( :identity_url => 'this is not an openid url' ) Chris@0: assert u.identity_url.blank? Chris@0: end Chris@0: Chris@0: else Chris@0: puts "Skipping openid tests." Chris@0: end Chris@0: Chris@0: end