jro_apps/redmine Files · test/integration/account_test.rb

Reset session on login/logout (#4248)....

Reset session on login/logout (#4248). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3080 e93f8b46-1217-0410-a6f0-8f06a7374b81

Jean-Philippe Lang - - Load All Authors

File last commit:

r2966:0485d3a52408


                r2966:0485d3a52408

Download file

             account_test.rb
        
                    206 lines
            
             | 7.0 KiB
            
                | text/x-ruby
            
             |
                RubyLexer
            
             / test / integration / account_test.rb
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        Jean-Philippe Lang
    
v0.2.0...

              r5
            
      # redMine - project management software

        Jean-Philippe Lang
    
Moved functional tests for MyController...

              r484
            
      # Copyright (C) 2006-2007  Jean-Philippe Lang

        Jean-Philippe Lang
    
v0.2.0...

              r5
            
      #

      # This program is free software; you can redistribute it and/or

      # modify it under the terms of the GNU General Public License

      # as published by the Free Software Foundation; either version 2

      # of the License, or (at your option) any later version.

      # 

      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

      # 

      # You should have received a copy of the GNU General Public License

      # along with this program; if not, write to the Free Software

      # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

      require "#{File.dirname(__FILE__)}/../test_helper"

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
      begin

        require 'mocha'

      rescue

        # Won't run some tests

      end

        Jean-Philippe Lang
    
v0.2.0...

              r5
            
      class AccountTest < ActionController::IntegrationTest

        fixtures :users

        # Replace this with your real tests.

        def test_login

        Jean-Philippe Lang
    
- new controller "myController"...

              r60
            
          get "my/page"

        Jean-Philippe Lang
    
Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....

              r2430
            
          assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage"

        Jean-Philippe Lang
    
0.3 unstable...

              r10
            
          log_user('jsmith', 'jsmith')

        Jean-Philippe Lang
    
v0.2.0...

              r5
            
        Jean-Philippe Lang
    
- new controller "myController"...

              r60
            
          get "my/account"

        Jean-Philippe Lang
    
v0.2.0...

              r5
            
          assert_response :success

        Jean-Philippe Lang
    
- new controller "myController"...

              r60
            
          assert_template "my/account"    

        Jean-Philippe Lang
    
v0.2.0...

              r5
            
        end

        Jean-Philippe Lang
    
Fixed: When logging in via an autologin cookie the user's last_login_on should be updated (#2820)....

              r2460
            
        def test_autologin

          user = User.find(1)

          Setting.autologin = "7"

          Token.delete_all

          # User logs in with 'autologin' checked

          post '/login', :username => user.login, :password => 'admin', :autologin => 1

          assert_redirected_to 'my/page'

          token = Token.find :first

          assert_not_nil token

          assert_equal user, token.user

          assert_equal 'autologin', token.action

          assert_equal user.id, session[:user_id]

          assert_equal token.value, cookies['autologin']

          # Session is cleared

          reset!

          User.current = nil

          # Clears user's last login timestamp

          user.update_attribute :last_login_on, nil

          assert_nil user.reload.last_login_on

          # User comes back with his autologin cookie

          cookies[:autologin] = token.value

          get '/my/page'

          assert_response :success

          assert_template 'my/page'

          assert_equal user.id, session[:user_id]

          assert_not_nil user.reload.last_login_on

        Jean-Philippe Lang
    
Test failure (#3041)....

              r2551
            
          assert user.last_login_on.utc > 10.second.ago.utc

        Jean-Philippe Lang
    
Fixed: When logging in via an autologin cookie the user's last_login_on should be updated (#2820)....

              r2460
            
        end

        Jean-Philippe Lang
    
0.3 unstable...

              r10
            
        def test_lost_password

        Jean-Philippe Lang
    
empty tokens table...

              r214
            
          Token.delete_all

        Jean-Philippe Lang
    
0.3 unstable...

              r10
            
          get "account/lost_password"

          assert_response :success

          assert_template "account/lost_password"

        Jean-Philippe Lang
    
Makes User.find_by_mail case-insensitive (password reminder #2322, repo users mapping)....

              r2120
            
          post "account/lost_password", :mail => 'jSmith@somenet.foo'

        Jean-Philippe Lang
    
Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....

              r2430
            
          assert_redirected_to "/login"

        Jean-Philippe Lang
    
0.3 unstable...

              r10
            
          token = Token.find(:first)

          assert_equal 'recovery', token.action

          assert_equal 'jsmith@somenet.foo', token.user.mail

          assert !token.expired?

          get "account/lost_password", :token => token.value

          assert_response :success

          assert_template "account/password_recovery"

          post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'

        Jean-Philippe Lang
    
Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....

              r2430
            
          assert_redirected_to "/login"

        Jean-Philippe Lang
    
0.3 unstable...

              r10
            
          assert_equal 'Password was successfully updated.', flash[:notice]

          log_user('jsmith', 'newpass')

          assert_equal 0, Token.count    

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
        end

        def test_register_with_automatic_activation

          Setting.self_registration = '3'

          get 'account/register'

          assert_response :success

          assert_template 'account/register'

          post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"}, 

                                   :password => "newpass", :password_confirmation => "newpass"

        Jean-Philippe Lang
    
Log the user in after registration if account activation is not needed....

              r1507
            
          assert_redirected_to 'my/account'

          follow_redirect!

          assert_response :success

          assert_template 'my/account'

        Jean-Philippe Lang
    
Fixes that user's last_login_on was not set when using registration with automatic activation....

              r2526
            
          user = User.find_by_login('newuser')

          assert_not_nil user

          assert user.active?

          assert_not_nil user.last_login_on

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
        end

        def test_register_with_manual_activation

          Setting.self_registration = '2'

          post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"}, 

                                   :password => "newpass", :password_confirmation => "newpass"

        Jean-Philippe Lang
    
Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....

              r2430
            
          assert_redirected_to '/login'

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
          assert !User.find_by_login('newuser').active?

        end

        def test_register_with_email_activation

          Setting.self_registration = '1'

          Token.delete_all

          post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"}, 

                                   :password => "newpass", :password_confirmation => "newpass"

        Jean-Philippe Lang
    
Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....

              r2430
            
          assert_redirected_to '/login'

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
          assert !User.find_by_login('newuser').active?

          token = Token.find(:first)

          assert_equal 'register', token.action

          assert_equal 'newuser@foo.bar', token.user.mail

          assert !token.expired?

          get 'account/activate', :token => token.value

        Jean-Philippe Lang
    
Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....

              r2430
            
          assert_redirected_to '/login'

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
          log_user('newuser', 'newpass')

        end

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
        if Object.const_defined?(:Mocha)

        def test_onthefly_registration

          # disable registration

          Setting.self_registration = '0'

          AuthSource.expects(:authenticate).returns([:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66])

          post 'account/login', :username => 'foo', :password => 'bar'

          assert_redirected_to 'my/page'

          user = User.find_by_login('foo')

          assert user.is_a?(User)

          assert_equal 66, user.auth_source_id

          assert user.hashed_password.blank?

        end

        def test_onthefly_registration_with_invalid_attributes

          # disable registration

          Setting.self_registration = '0'

          AuthSource.expects(:authenticate).returns([:login => 'foo', :lastname => 'Smith', :auth_source_id => 66])

          post 'account/login', :username => 'foo', :password => 'bar'

          assert_response :success

          assert_template 'account/register'

          assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }

          assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }

          assert_no_tag :input, :attributes => { :name => 'user[login]' }

          assert_no_tag :input, :attributes => { :name => 'user[password]' }

          post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}

        Jean-Philippe Lang
    
Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....

              r2430
            
          assert_redirected_to '/my/account'

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
          user = User.find_by_login('foo')

          assert user.is_a?(User)

          assert_equal 66, user.auth_source_id

          assert user.hashed_password.blank?

        end

        Jean-Philippe Lang
    
Reset session on login/logout (#4248)....

              r2966
            
        def test_login_and_logout_should_clear_session

          get '/login'

          sid = session[:session_id]

          post '/login', :username => 'admin', :password => 'admin'

          assert_redirected_to 'my/page'

          assert_not_equal sid, session[:session_id], "login should reset session"

          assert_equal 1, session[:user_id]

          sid = session[:session_id]

          get '/'

          assert_equal sid, session[:session_id]

          get '/logout'

          assert_not_equal sid, session[:session_id], "logout should reset session"

          assert_nil session[:user_id]

        end

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
        else

          puts 'Mocha is missing. Skipping tests.'

        end

        Jean-Philippe Lang
    
v0.2.0...

              r5
            
      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

Jean-Philippe Lang v0.2.0...	r5	# redMine - project management software
Jean-Philippe Lang Moved functional tests for MyController...	r484	# Copyright (C) 2006-2007 Jean-Philippe Lang
Jean-Philippe Lang v0.2.0...	r5	#
		# This program is free software; you can redistribute it and/or
		# modify it under the terms of the GNU General Public License
		# as published by the Free Software Foundation; either version 2
		# of the License, or (at your option) any later version.
		#
		# This program is distributed in the hope that it will be useful,
		# but WITHOUT ANY WARRANTY; without even the implied warranty of
		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		# GNU General Public License for more details.
		#
		# You should have received a copy of the GNU General Public License
		# along with this program; if not, write to the Free Software
		# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

		require "#{File.dirname(__FILE__)}/../test_helper"

Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	begin
		require 'mocha'
		rescue
		# Won't run some tests
		end

Jean-Philippe Lang v0.2.0...	r5	class AccountTest < ActionController::IntegrationTest
		fixtures :users

		# Replace this with your real tests.
		def test_login
Jean-Philippe Lang - new controller "myController"...	r60	get "my/page"
Jean-Philippe Lang Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....	r2430	assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage"
Jean-Philippe Lang 0.3 unstable...	r10	log_user('jsmith', 'jsmith')
Jean-Philippe Lang v0.2.0...	r5
Jean-Philippe Lang - new controller "myController"...	r60	get "my/account"
Jean-Philippe Lang v0.2.0...	r5	assert_response :success
Jean-Philippe Lang - new controller "myController"...	r60	assert_template "my/account"
Jean-Philippe Lang v0.2.0...	r5	end

Jean-Philippe Lang Fixed: When logging in via an autologin cookie the user's last_login_on should be updated (#2820)....	r2460	def test_autologin
		user = User.find(1)
		Setting.autologin = "7"
		Token.delete_all

		# User logs in with 'autologin' checked
		post '/login', :username => user.login, :password => 'admin', :autologin => 1
		assert_redirected_to 'my/page'
		token = Token.find :first
		assert_not_nil token
		assert_equal user, token.user
		assert_equal 'autologin', token.action
		assert_equal user.id, session[:user_id]
		assert_equal token.value, cookies['autologin']

		# Session is cleared
		reset!
		User.current = nil
		# Clears user's last login timestamp
		user.update_attribute :last_login_on, nil
		assert_nil user.reload.last_login_on

		# User comes back with his autologin cookie
		cookies[:autologin] = token.value
		get '/my/page'
		assert_response :success
		assert_template 'my/page'
		assert_equal user.id, session[:user_id]
		assert_not_nil user.reload.last_login_on
Jean-Philippe Lang Test failure (#3041)....	r2551	assert user.last_login_on.utc > 10.second.ago.utc
Jean-Philippe Lang Fixed: When logging in via an autologin cookie the user's last_login_on should be updated (#2820)....	r2460	end

Jean-Philippe Lang 0.3 unstable...	r10	def test_lost_password
Jean-Philippe Lang empty tokens table...	r214	Token.delete_all

Jean-Philippe Lang 0.3 unstable...	r10	get "account/lost_password"
		assert_response :success
		assert_template "account/lost_password"

Jean-Philippe Lang Makes User.find_by_mail case-insensitive (password reminder #2322, repo users mapping)....	r2120	post "account/lost_password", :mail => 'jSmith@somenet.foo'
Jean-Philippe Lang Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....	r2430	assert_redirected_to "/login"
Jean-Philippe Lang 0.3 unstable...	r10
		token = Token.find(:first)
		assert_equal 'recovery', token.action
		assert_equal 'jsmith@somenet.foo', token.user.mail
		assert !token.expired?

		get "account/lost_password", :token => token.value
		assert_response :success
		assert_template "account/password_recovery"

		post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
Jean-Philippe Lang Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....	r2430	assert_redirected_to "/login"
Jean-Philippe Lang 0.3 unstable...	r10	assert_equal 'Password was successfully updated.', flash[:notice]

		log_user('jsmith', 'newpass')
		assert_equal 0, Token.count
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	end

		def test_register_with_automatic_activation
		Setting.self_registration = '3'

		get 'account/register'
		assert_response :success
		assert_template 'account/register'

		post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
		:password => "newpass", :password_confirmation => "newpass"
Jean-Philippe Lang Log the user in after registration if account activation is not needed....	r1507	assert_redirected_to 'my/account'
		follow_redirect!
		assert_response :success
		assert_template 'my/account'

Jean-Philippe Lang Fixes that user's last_login_on was not set when using registration with automatic activation....	r2526	user = User.find_by_login('newuser')
		assert_not_nil user
		assert user.active?
		assert_not_nil user.last_login_on
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	end

		def test_register_with_manual_activation
		Setting.self_registration = '2'

		post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
		:password => "newpass", :password_confirmation => "newpass"
Jean-Philippe Lang Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....	r2430	assert_redirected_to '/login'
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	assert !User.find_by_login('newuser').active?
		end

		def test_register_with_email_activation
		Setting.self_registration = '1'
		Token.delete_all

		post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
		:password => "newpass", :password_confirmation => "newpass"
Jean-Philippe Lang Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....	r2430	assert_redirected_to '/login'
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	assert !User.find_by_login('newuser').active?

		token = Token.find(:first)
		assert_equal 'register', token.action
		assert_equal 'newuser@foo.bar', token.user.mail
		assert !token.expired?

		get 'account/activate', :token => token.value
Jean-Philippe Lang Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....	r2430	assert_redirected_to '/login'
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	log_user('newuser', 'newpass')
		end
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661
		if Object.const_defined?(:Mocha)

		def test_onthefly_registration
		# disable registration
		Setting.self_registration = '0'
		AuthSource.expects(:authenticate).returns([:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66])

		post 'account/login', :username => 'foo', :password => 'bar'
		assert_redirected_to 'my/page'

		user = User.find_by_login('foo')
		assert user.is_a?(User)
		assert_equal 66, user.auth_source_id
		assert user.hashed_password.blank?
		end

		def test_onthefly_registration_with_invalid_attributes
		# disable registration
		Setting.self_registration = '0'
		AuthSource.expects(:authenticate).returns([:login => 'foo', :lastname => 'Smith', :auth_source_id => 66])

		post 'account/login', :username => 'foo', :password => 'bar'
		assert_response :success
		assert_template 'account/register'
		assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
		assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
		assert_no_tag :input, :attributes => { :name => 'user[login]' }
		assert_no_tag :input, :attributes => { :name => 'user[password]' }

		post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
Jean-Philippe Lang Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2....	r2430	assert_redirected_to '/my/account'
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661
		user = User.find_by_login('foo')
		assert user.is_a?(User)
		assert_equal 66, user.auth_source_id
		assert user.hashed_password.blank?
		end

Jean-Philippe Lang Reset session on login/logout (#4248)....	r2966	def test_login_and_logout_should_clear_session
		get '/login'
		sid = session[:session_id]

		post '/login', :username => 'admin', :password => 'admin'
		assert_redirected_to 'my/page'
		assert_not_equal sid, session[:session_id], "login should reset session"
		assert_equal 1, session[:user_id]
		sid = session[:session_id]

		get '/'
		assert_equal sid, session[:session_id]

		get '/logout'
		assert_not_equal sid, session[:session_id], "logout should reset session"
		assert_nil session[:user_id]
		end

Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	else
		puts 'Mocha is missing. Skipping tests.'
		end
Jean-Philippe Lang v0.2.0...	r5	end