Chris@1295: # Redmine - project management software Chris@1295: # Copyright (C) 2006-2013 Jean-Philippe Lang Chris@1295: # Chris@1295: # This program is free software; you can redistribute it and/or Chris@1295: # modify it under the terms of the GNU General Public License Chris@1295: # as published by the Free Software Foundation; either version 2 Chris@1295: # of the License, or (at your option) any later version. Chris@1295: # Chris@1295: # This program is distributed in the hope that it will be useful, Chris@1295: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@1295: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@1295: # GNU General Public License for more details. Chris@1295: # Chris@1295: # You should have received a copy of the GNU General Public License Chris@1295: # along with this program; if not, write to the Free Software Chris@1295: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@1295: Chris@1295: require File.expand_path('../../test_helper', __FILE__) Chris@1295: Chris@1295: begin Chris@1295: require 'mocha' Chris@1295: rescue Chris@1295: # Won't run some tests Chris@1295: end Chris@1295: Chris@1295: class AccountTest < ActionController::IntegrationTest Chris@1295: fixtures :users, :roles Chris@1295: Chris@1295: # Replace this with your real tests. Chris@1295: def test_login Chris@1295: get "my/page" Chris@1295: assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage" Chris@1295: log_user('jsmith', 'jsmith') Chris@1295: Chris@1295: get "my/account" Chris@1295: assert_response :success Chris@1295: assert_template "my/account" Chris@1295: end Chris@1295: Chris@1295: def test_autologin Chris@1295: user = User.find(1) Chris@1295: Setting.autologin = "7" Chris@1295: Token.delete_all Chris@1295: Chris@1295: # User logs in with 'autologin' checked Chris@1295: post '/login', :username => user.login, :password => 'admin', :autologin => 1 Chris@1295: assert_redirected_to '/my/page' Chris@1295: token = Token.first Chris@1295: assert_not_nil token Chris@1295: assert_equal user, token.user Chris@1295: assert_equal 'autologin', token.action Chris@1295: assert_equal user.id, session[:user_id] Chris@1295: assert_equal token.value, cookies['autologin'] Chris@1295: Chris@1295: # Session is cleared Chris@1295: reset! Chris@1295: User.current = nil Chris@1295: # Clears user's last login timestamp Chris@1295: user.update_attribute :last_login_on, nil Chris@1295: assert_nil user.reload.last_login_on Chris@1295: Chris@1295: # User comes back with his autologin cookie Chris@1295: cookies[:autologin] = token.value Chris@1295: get '/my/page' Chris@1295: assert_response :success Chris@1295: assert_template 'my/page' Chris@1295: assert_equal user.id, session[:user_id] Chris@1295: assert_not_nil user.reload.last_login_on Chris@1295: end Chris@1295: Chris@1295: def test_autologin_should_use_autologin_cookie_name Chris@1295: Token.delete_all Chris@1295: Redmine::Configuration.stubs(:[]).with('autologin_cookie_name').returns('custom_autologin') Chris@1295: Redmine::Configuration.stubs(:[]).with('autologin_cookie_path').returns('/') Chris@1295: Redmine::Configuration.stubs(:[]).with('autologin_cookie_secure').returns(false) Chris@1295: Chris@1295: with_settings :autologin => '7' do Chris@1295: assert_difference 'Token.count' do Chris@1295: post '/login', :username => 'admin', :password => 'admin', :autologin => 1 Chris@1295: end Chris@1295: assert_response 302 Chris@1295: assert cookies['custom_autologin'].present? Chris@1295: token = cookies['custom_autologin'] Chris@1295: Chris@1295: # Session is cleared Chris@1295: reset! Chris@1295: cookies['custom_autologin'] = token Chris@1295: get '/my/page' Chris@1295: assert_response :success Chris@1295: Chris@1295: assert_difference 'Token.count', -1 do Chris@1295: post '/logout' Chris@1295: end Chris@1295: assert cookies['custom_autologin'].blank? Chris@1295: end Chris@1295: end Chris@1295: Chris@1295: def test_lost_password Chris@1295: Token.delete_all Chris@1295: Chris@1295: get "account/lost_password" Chris@1295: assert_response :success Chris@1295: assert_template "account/lost_password" Chris@1295: assert_select 'input[name=mail]' Chris@1295: Chris@1295: post "account/lost_password", :mail => 'jSmith@somenet.foo' Chris@1295: assert_redirected_to "/login" Chris@1295: Chris@1295: token = Token.first Chris@1295: assert_equal 'recovery', token.action Chris@1295: assert_equal 'jsmith@somenet.foo', token.user.mail Chris@1295: assert !token.expired? Chris@1295: Chris@1295: get "account/lost_password", :token => token.value Chris@1295: assert_response :success Chris@1295: assert_template "account/password_recovery" Chris@1295: assert_select 'input[type=hidden][name=token][value=?]', token.value Chris@1295: assert_select 'input[name=new_password]' Chris@1295: assert_select 'input[name=new_password_confirmation]' Chris@1295: Chris@1295: post "account/lost_password", :token => token.value, :new_password => 'newpass123', :new_password_confirmation => 'newpass123' Chris@1295: assert_redirected_to "/login" Chris@1295: assert_equal 'Password was successfully updated.', flash[:notice] Chris@1295: Chris@1295: log_user('jsmith', 'newpass123') Chris@1295: assert_equal 0, Token.count Chris@1295: end Chris@1295: Chris@1295: def test_register_with_automatic_activation Chris@1295: Setting.self_registration = '3' Chris@1295: Chris@1295: get 'account/register' Chris@1295: assert_response :success Chris@1295: assert_template 'account/register' Chris@1295: Chris@1295: post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar", Chris@1295: :password => "newpass123", :password_confirmation => "newpass123"} Chris@1295: assert_redirected_to '/my/account' Chris@1295: follow_redirect! Chris@1295: assert_response :success Chris@1295: assert_template 'my/account' Chris@1295: Chris@1295: user = User.find_by_login('newuser') Chris@1295: assert_not_nil user Chris@1295: assert user.active? Chris@1295: assert_not_nil user.last_login_on Chris@1295: end Chris@1295: Chris@1295: def test_register_with_manual_activation Chris@1295: Setting.self_registration = '2' Chris@1295: Chris@1295: post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar", Chris@1295: :password => "newpass123", :password_confirmation => "newpass123"} Chris@1295: assert_redirected_to '/login' Chris@1295: assert !User.find_by_login('newuser').active? Chris@1295: end Chris@1295: Chris@1295: def test_register_with_email_activation Chris@1295: Setting.self_registration = '1' Chris@1295: Token.delete_all Chris@1295: Chris@1295: post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar", Chris@1295: :password => "newpass123", :password_confirmation => "newpass123"} Chris@1295: assert_redirected_to '/login' Chris@1295: assert !User.find_by_login('newuser').active? Chris@1295: Chris@1295: token = Token.first Chris@1295: assert_equal 'register', token.action Chris@1295: assert_equal 'newuser@foo.bar', token.user.mail Chris@1295: assert !token.expired? Chris@1295: Chris@1295: get 'account/activate', :token => token.value Chris@1295: assert_redirected_to '/login' Chris@1295: log_user('newuser', 'newpass123') Chris@1295: end Chris@1295: Chris@1295: def test_onthefly_registration Chris@1295: # disable registration Chris@1295: Setting.self_registration = '0' Chris@1295: AuthSource.expects(:authenticate).returns({:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66}) Chris@1295: Chris@1295: post '/login', :username => 'foo', :password => 'bar' Chris@1295: assert_redirected_to '/my/page' Chris@1295: Chris@1295: user = User.find_by_login('foo') Chris@1295: assert user.is_a?(User) Chris@1295: assert_equal 66, user.auth_source_id Chris@1295: assert user.hashed_password.blank? Chris@1295: end Chris@1295: Chris@1295: def test_onthefly_registration_with_invalid_attributes Chris@1295: # disable registration Chris@1295: Setting.self_registration = '0' Chris@1295: AuthSource.expects(:authenticate).returns({:login => 'foo', :lastname => 'Smith', :auth_source_id => 66}) Chris@1295: Chris@1295: post '/login', :username => 'foo', :password => 'bar' Chris@1295: assert_response :success Chris@1295: assert_template 'account/register' Chris@1295: assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' } Chris@1295: assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' } Chris@1295: assert_no_tag :input, :attributes => { :name => 'user[login]' } Chris@1295: assert_no_tag :input, :attributes => { :name => 'user[password]' } Chris@1295: Chris@1295: post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'} Chris@1295: assert_redirected_to '/my/account' Chris@1295: Chris@1295: user = User.find_by_login('foo') Chris@1295: assert user.is_a?(User) Chris@1295: assert_equal 66, user.auth_source_id Chris@1295: assert user.hashed_password.blank? Chris@1295: end Chris@1295: end