To check out this repository please hg clone the following URL, or open the URL using EasyMercurial or your preferred Mercurial client.
root / .svn / pristine / 96 / 96bddf72bbbba13420a3f78b7972fb641229e83d.svn-base @ 1297:0a574315af3e
History | View | Annotate | Download (3.93 KB)
| 1 | 1296:038ba2d95de8 | Chris | # Redmine - project management software |
|---|---|---|---|
| 2 | # Copyright (C) 2006-2012 Jean-Philippe Lang |
||
| 3 | # |
||
| 4 | # This program is free software; you can redistribute it and/or |
||
| 5 | # modify it under the terms of the GNU General Public License |
||
| 6 | # as published by the Free Software Foundation; either version 2 |
||
| 7 | # of the License, or (at your option) any later version. |
||
| 8 | # |
||
| 9 | # This program is distributed in the hope that it will be useful, |
||
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
| 12 | # GNU General Public License for more details. |
||
| 13 | # |
||
| 14 | # You should have received a copy of the GNU General Public License |
||
| 15 | # along with this program; if not, write to the Free Software |
||
| 16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||
| 17 | |||
| 18 | require File.expand_path('../../test_helper', __FILE__)
|
||
| 19 | |||
| 20 | class SessionStartTest < ActionController::TestCase |
||
| 21 | tests AccountController |
||
| 22 | |||
| 23 | fixtures :users |
||
| 24 | |||
| 25 | def test_login_should_set_session_timestamps |
||
| 26 | post :login, :username => 'jsmith', :password => 'jsmith' |
||
| 27 | assert_response 302 |
||
| 28 | assert_equal 2, session[:user_id] |
||
| 29 | assert_not_nil session[:ctime] |
||
| 30 | assert_not_nil session[:atime] |
||
| 31 | end |
||
| 32 | end |
||
| 33 | |||
| 34 | class SessionsTest < ActionController::TestCase |
||
| 35 | tests WelcomeController |
||
| 36 | |||
| 37 | fixtures :users |
||
| 38 | |||
| 39 | def test_atime_from_user_session_should_be_updated |
||
| 40 | created = 2.hours.ago.utc.to_i |
||
| 41 | get :index, {}, {:user_id => 2, :ctime => created, :atime => created}
|
||
| 42 | assert_response :success |
||
| 43 | assert_equal created, session[:ctime] |
||
| 44 | assert_not_equal created, session[:atime] |
||
| 45 | assert session[:atime] > created |
||
| 46 | end |
||
| 47 | |||
| 48 | def test_user_session_should_not_be_reset_if_lifetime_and_timeout_disabled |
||
| 49 | with_settings :session_lifetime => '0', :session_timeout => '0' do |
||
| 50 | get :index, {}, {:user_id => 2}
|
||
| 51 | assert_response :success |
||
| 52 | end |
||
| 53 | end |
||
| 54 | |||
| 55 | def test_user_session_without_ctime_should_be_reset_if_lifetime_enabled |
||
| 56 | with_settings :session_lifetime => '720' do |
||
| 57 | get :index, {}, {:user_id => 2}
|
||
| 58 | assert_redirected_to '/login' |
||
| 59 | end |
||
| 60 | end |
||
| 61 | |||
| 62 | def test_user_session_with_expired_ctime_should_be_reset_if_lifetime_enabled |
||
| 63 | with_settings :session_timeout => '720' do |
||
| 64 | get :index, {}, {:user_id => 2, :atime => 2.days.ago.utc.to_i}
|
||
| 65 | assert_redirected_to '/login' |
||
| 66 | end |
||
| 67 | end |
||
| 68 | |||
| 69 | def test_user_session_with_valid_ctime_should_not_be_reset_if_lifetime_enabled |
||
| 70 | with_settings :session_timeout => '720' do |
||
| 71 | get :index, {}, {:user_id => 2, :atime => 3.hours.ago.utc.to_i}
|
||
| 72 | assert_response :success |
||
| 73 | end |
||
| 74 | end |
||
| 75 | |||
| 76 | def test_user_session_without_atime_should_be_reset_if_timeout_enabled |
||
| 77 | with_settings :session_timeout => '60' do |
||
| 78 | get :index, {}, {:user_id => 2}
|
||
| 79 | assert_redirected_to '/login' |
||
| 80 | end |
||
| 81 | end |
||
| 82 | |||
| 83 | def test_user_session_with_expired_atime_should_be_reset_if_timeout_enabled |
||
| 84 | with_settings :session_timeout => '60' do |
||
| 85 | get :index, {}, {:user_id => 2, :atime => 4.hours.ago.utc.to_i}
|
||
| 86 | assert_redirected_to '/login' |
||
| 87 | end |
||
| 88 | end |
||
| 89 | |||
| 90 | def test_user_session_with_valid_atime_should_not_be_reset_if_timeout_enabled |
||
| 91 | with_settings :session_timeout => '60' do |
||
| 92 | get :index, {}, {:user_id => 2, :atime => 10.minutes.ago.utc.to_i}
|
||
| 93 | assert_response :success |
||
| 94 | end |
||
| 95 | end |
||
| 96 | |||
| 97 | def test_expired_user_session_should_be_restarted_if_autologin |
||
| 98 | with_settings :session_lifetime => '720', :session_timeout => '60', :autologin => 7 do |
||
| 99 | token = Token.create!(:user_id => 2, :action => 'autologin', :created_on => 1.day.ago) |
||
| 100 | @request.cookies['autologin'] = token.value |
||
| 101 | created = 2.hours.ago.utc.to_i |
||
| 102 | |||
| 103 | get :index, {}, {:user_id => 2, :ctime => created, :atime => created}
|
||
| 104 | assert_equal 2, session[:user_id] |
||
| 105 | assert_response :success |
||
| 106 | assert_not_equal created, session[:ctime] |
||
| 107 | assert session[:ctime] >= created |
||
| 108 | end |
||
| 109 | end |
||
| 110 | |||
| 111 | def test_anonymous_session_should_not_be_reset |
||
| 112 | with_settings :session_lifetime => '720', :session_timeout => '60' do |
||
| 113 | get :index |
||
| 114 | assert_response :success |
||
| 115 | end |
||
| 116 | end |
||
| 117 | end |