Chris@909: # Redmine - project management software Chris@1295: # Copyright (C) 2006-2013 Jean-Philippe Lang Chris@0: # Chris@0: # This program is free software; you can redistribute it and/or Chris@0: # modify it under the terms of the GNU General Public License Chris@0: # as published by the Free Software Foundation; either version 2 Chris@0: # of the License, or (at your option) any later version. Chris@909: # Chris@0: # This program is distributed in the hope that it will be useful, Chris@0: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@0: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@0: # GNU General Public License for more details. Chris@909: # Chris@0: # You should have received a copy of the GNU General Public License Chris@0: # along with this program; if not, write to the Free Software Chris@0: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@0: Chris@119: require File.expand_path('../../test_helper', __FILE__) Chris@0: Chris@0: begin Chris@0: require 'mocha' Chris@0: rescue Chris@0: # Won't run some tests Chris@0: end Chris@0: Chris@0: class AccountTest < ActionController::IntegrationTest Chris@0: fixtures :users, :roles Chris@0: Chris@0: # Replace this with your real tests. Chris@0: def test_login Chris@0: get "my/page" Chris@0: assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage" Chris@0: log_user('jsmith', 'jsmith') Chris@909: Chris@0: get "my/account" Chris@0: assert_response :success Chris@909: assert_template "my/account" Chris@0: end Chris@909: Chris@0: def test_autologin Chris@0: user = User.find(1) Chris@0: Setting.autologin = "7" Chris@0: Token.delete_all Chris@909: Chris@0: # User logs in with 'autologin' checked Chris@0: post '/login', :username => user.login, :password => 'admin', :autologin => 1 chris@37: assert_redirected_to '/my/page' Chris@1295: token = Token.first Chris@0: assert_not_nil token Chris@0: assert_equal user, token.user Chris@0: assert_equal 'autologin', token.action Chris@0: assert_equal user.id, session[:user_id] Chris@0: assert_equal token.value, cookies['autologin'] Chris@909: Chris@0: # Session is cleared Chris@0: reset! Chris@0: User.current = nil Chris@0: # Clears user's last login timestamp Chris@0: user.update_attribute :last_login_on, nil Chris@0: assert_nil user.reload.last_login_on Chris@909: Chris@0: # User comes back with his autologin cookie Chris@0: cookies[:autologin] = token.value Chris@0: get '/my/page' Chris@0: assert_response :success Chris@0: assert_template 'my/page' Chris@0: assert_equal user.id, session[:user_id] Chris@0: assert_not_nil user.reload.last_login_on Chris@0: end Chris@909: Chris@1295: def test_autologin_should_use_autologin_cookie_name Chris@1295: Token.delete_all Chris@1295: Redmine::Configuration.stubs(:[]).with('autologin_cookie_name').returns('custom_autologin') Chris@1295: Redmine::Configuration.stubs(:[]).with('autologin_cookie_path').returns('/') Chris@1295: Redmine::Configuration.stubs(:[]).with('autologin_cookie_secure').returns(false) Chris@1295: Chris@1295: with_settings :autologin => '7' do Chris@1295: assert_difference 'Token.count' do Chris@1295: post '/login', :username => 'admin', :password => 'admin', :autologin => 1 Chris@1295: end Chris@1295: assert_response 302 Chris@1295: assert cookies['custom_autologin'].present? Chris@1295: token = cookies['custom_autologin'] Chris@1295: Chris@1295: # Session is cleared Chris@1295: reset! Chris@1295: cookies['custom_autologin'] = token Chris@1295: get '/my/page' Chris@1295: assert_response :success Chris@1295: Chris@1295: assert_difference 'Token.count', -1 do Chris@1295: post '/logout' Chris@1295: end Chris@1295: assert cookies['custom_autologin'].blank? Chris@1295: end Chris@1295: end Chris@1295: Chris@0: def test_lost_password Chris@0: Token.delete_all Chris@909: Chris@0: get "account/lost_password" Chris@0: assert_response :success Chris@0: assert_template "account/lost_password" Chris@1115: assert_select 'input[name=mail]' Chris@909: Chris@0: post "account/lost_password", :mail => 'jSmith@somenet.foo' Chris@0: assert_redirected_to "/login" Chris@909: Chris@1295: token = Token.first Chris@0: assert_equal 'recovery', token.action Chris@0: assert_equal 'jsmith@somenet.foo', token.user.mail Chris@0: assert !token.expired? Chris@909: Chris@0: get "account/lost_password", :token => token.value Chris@0: assert_response :success Chris@0: assert_template "account/password_recovery" Chris@1115: assert_select 'input[type=hidden][name=token][value=?]', token.value Chris@1115: assert_select 'input[name=new_password]' Chris@1115: assert_select 'input[name=new_password_confirmation]' Chris@909: Chris@1115: post "account/lost_password", :token => token.value, :new_password => 'newpass123', :new_password_confirmation => 'newpass123' Chris@0: assert_redirected_to "/login" Chris@0: assert_equal 'Password was successfully updated.', flash[:notice] Chris@909: Chris@1115: log_user('jsmith', 'newpass123') Chris@909: assert_equal 0, Token.count Chris@0: end Chris@909: Chris@0: def test_register_with_automatic_activation Chris@0: Setting.self_registration = '3' Chris@909: Chris@0: get 'account/register' Chris@0: assert_response :success Chris@0: assert_template 'account/register' Chris@909: Chris@1115: post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar", Chris@1115: :password => "newpass123", :password_confirmation => "newpass123"} chris@37: assert_redirected_to '/my/account' Chris@0: follow_redirect! Chris@0: assert_response :success Chris@0: assert_template 'my/account' Chris@909: Chris@0: user = User.find_by_login('newuser') Chris@0: assert_not_nil user Chris@0: assert user.active? Chris@0: assert_not_nil user.last_login_on Chris@0: end Chris@909: Chris@0: def test_register_with_manual_activation Chris@0: Setting.self_registration = '2' Chris@909: Chris@1115: post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar", Chris@1115: :password => "newpass123", :password_confirmation => "newpass123"} Chris@0: assert_redirected_to '/login' Chris@0: assert !User.find_by_login('newuser').active? Chris@0: end Chris@909: Chris@0: def test_register_with_email_activation Chris@0: Setting.self_registration = '1' Chris@0: Token.delete_all Chris@909: Chris@1115: post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar", Chris@1115: :password => "newpass123", :password_confirmation => "newpass123"} Chris@0: assert_redirected_to '/login' Chris@0: assert !User.find_by_login('newuser').active? Chris@909: Chris@1295: token = Token.first Chris@0: assert_equal 'register', token.action Chris@0: assert_equal 'newuser@foo.bar', token.user.mail Chris@0: assert !token.expired? Chris@909: Chris@0: get 'account/activate', :token => token.value Chris@0: assert_redirected_to '/login' Chris@1115: log_user('newuser', 'newpass123') Chris@0: end Chris@909: Chris@0: def test_onthefly_registration Chris@0: # disable registration Chris@0: Setting.self_registration = '0' Chris@0: AuthSource.expects(:authenticate).returns({:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66}) Chris@909: Chris@1115: post '/login', :username => 'foo', :password => 'bar' chris@37: assert_redirected_to '/my/page' Chris@909: Chris@0: user = User.find_by_login('foo') Chris@0: assert user.is_a?(User) Chris@0: assert_equal 66, user.auth_source_id Chris@0: assert user.hashed_password.blank? Chris@0: end Chris@909: Chris@0: def test_onthefly_registration_with_invalid_attributes Chris@0: # disable registration Chris@0: Setting.self_registration = '0' Chris@0: AuthSource.expects(:authenticate).returns({:login => 'foo', :lastname => 'Smith', :auth_source_id => 66}) Chris@909: Chris@1115: post '/login', :username => 'foo', :password => 'bar' Chris@0: assert_response :success Chris@0: assert_template 'account/register' Chris@0: assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' } Chris@0: assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' } Chris@0: assert_no_tag :input, :attributes => { :name => 'user[login]' } Chris@0: assert_no_tag :input, :attributes => { :name => 'user[password]' } Chris@909: Chris@0: post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'} Chris@0: assert_redirected_to '/my/account' Chris@909: Chris@0: user = User.find_by_login('foo') Chris@0: assert user.is_a?(User) Chris@0: assert_equal 66, user.auth_source_id Chris@0: assert user.hashed_password.blank? Chris@0: end Chris@0: end