jro_apps/redmine Files · test/integration/sudo_mode_test.rb

Speeds up rendering of the project list for users who belong to hundreds of projects....

Speeds up rendering of the project list for users who belong to hundreds of projects. git-svn-id: http://svn.redmine.org/redmine/trunk@16123 e93f8b46-1217-0410-a6f0-8f06a7374b81

Jean-Philippe Lang - - Load All Authors

File last commit:

r15730:e8cffd614e4a


                r15741:f8df935dcada

Download file

             sudo_mode_test.rb
        
                    195 lines
            
             | 6.6 KiB
            
                | text/x-ruby
            
             |
                RubyLexer
            
             / test / integration / sudo_mode_test.rb
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
      require File.expand_path('../../test_helper', __FILE__)

        Jean-Philippe Lang
    
Adds a UI test (#19851)....

              r13963
            
      class SudoModeTest < Redmine::IntegrationTest

        fixtures :projects, :members, :member_roles, :roles, :users, :email_addresses

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
        def setup

        Jean-Philippe Lang
    
Adds a configuration setting to enable sudo mode, disabled by default (#19851)....

              r13954
            
          Redmine::SudoMode.stubs(:enabled?).returns(true)

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
        end

        Jean-Philippe Lang
    
Fixed that reported test duration can be wrong....

              r15730
            
        def teardown

          travel_back

        end

        Jean-Philippe Lang
    
Activate sudo mode after password based login (#20589)....

              r14253
            
        def test_sudo_mode_should_be_active_after_login

          log_user("admin", "admin")

          get "/users/new"

          assert_response :success

          post "/users",

               :user => { :login => "psmith", :firstname => "Paul",

                          :lastname => "Smith", :mail => "psmith@somenet.foo",

                          :language => "en", :password => "psmith09",

                          :password_confirmation => "psmith09" }

          assert_response 302

          user = User.find_by_login("psmith")

          assert_kind_of User, user

        end

        Jean-Philippe Lang
    
Adds a configuration setting to enable sudo mode, disabled by default (#19851)....

              r13954
            
        def test_add_user

          log_user("admin", "admin")

        Jean-Philippe Lang
    
Activate sudo mode after password based login (#20589)....

              r14253
            
          expire_sudo_mode!

        Jean-Philippe Lang
    
Adds a configuration setting to enable sudo mode, disabled by default (#19851)....

              r13954
            
          get "/users/new"

          assert_response :success

          post "/users",

               :user => { :login => "psmith", :firstname => "Paul",

                          :lastname => "Smith", :mail => "psmith@somenet.foo",

                          :language => "en", :password => "psmith09",

                          :password_confirmation => "psmith09" }

          assert_response :success

          assert_nil User.find_by_login("psmith")

        Jean-Philippe Lang
    
Tests that submitted data is present in the sudo form (#19851)....

              r13962
            
          assert_select 'input[name=?][value=?]', 'user[login]', 'psmith'

          assert_select 'input[name=?][value=?]', 'user[firstname]', 'Paul'

        Jean-Philippe Lang
    
Adds a configuration setting to enable sudo mode, disabled by default (#19851)....

              r13954
            
          post "/users",

               :user => { :login => "psmith", :firstname => "Paul",

                          :lastname => "Smith", :mail => "psmith@somenet.foo",

                          :language => "en", :password => "psmith09",

                          :password_confirmation => "psmith09" },

               :sudo_password => 'admin'

          assert_response 302

          user = User.find_by_login("psmith")

          assert_kind_of User, user

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
        end

        def test_create_member_xhr

          log_user 'admin', 'admin'

        Jean-Philippe Lang
    
Activate sudo mode after password based login (#20589)....

              r14253
            
          expire_sudo_mode!

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
          get '/projects/ecookbook/settings/members'

          assert_response :success

          assert_no_difference 'Member.count' do

            xhr :post, '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}

          end

          assert_no_difference 'Member.count' do

            xhr :post, '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: ''

          end

          assert_no_difference 'Member.count' do

            xhr :post, '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: 'wrong'

          end

          assert_difference 'Member.count' do

            xhr :post, '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: 'admin'

          end

          assert User.find(7).member_of?(Project.find(1))

        end

        def test_create_member

          log_user 'admin', 'admin'

        Jean-Philippe Lang
    
Activate sudo mode after password based login (#20589)....

              r14253
            
          expire_sudo_mode!

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
          get '/projects/ecookbook/settings/members'

          assert_response :success

          assert_no_difference 'Member.count' do

            post '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}

          end

          assert_no_difference 'Member.count' do

            post '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: ''

          end

          assert_no_difference 'Member.count' do

            post '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: 'wrong'

          end

          assert_difference 'Member.count' do

            post '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: 'admin'

          end

          assert_redirected_to '/projects/ecookbook/settings/members'

          assert User.find(7).member_of?(Project.find(1))

        end

        def test_create_role

          log_user 'admin', 'admin'

        Jean-Philippe Lang
    
Activate sudo mode after password based login (#20589)....

              r14253
            
          expire_sudo_mode!

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
          get '/roles'

          assert_response :success

          get '/roles/new'

          assert_response :success

          post '/roles', role: { }

          assert_response :success

          assert_select 'h2', 'Confirm your password to continue'

          assert_select 'form[action="/roles"]'

        Jean-Philippe Lang
    
Removes calls to #assert_template and #assigns in integration tests....

              r15345
            
          assert_select '#flash_error', 0

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
          post '/roles', role: { name: 'new role', issues_visibility: 'all' }

          assert_response :success

          assert_select 'h2', 'Confirm your password to continue'

          assert_select 'form[action="/roles"]'

        Jean-Philippe Lang
    
Removes calls to #assert_template and #assigns in integration tests....

              r15345
            
          assert_select 'input[type=hidden][name=?][value=?]', 'role[name]', 'new role'

          assert_select '#flash_error', 0

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
          post '/roles', role: { name: 'new role', issues_visibility: 'all' }, sudo_password: 'wrong'

          assert_response :success

          assert_select 'h2', 'Confirm your password to continue'

          assert_select 'form[action="/roles"]'

        Jean-Philippe Lang
    
Removes calls to #assert_template and #assigns in integration tests....

              r15345
            
          assert_select 'input[type=hidden][name=?][value=?]', 'role[name]', 'new role'

          assert_select '#flash_error'

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
          assert_difference 'Role.count' do

            post '/roles', role: { name: 'new role', issues_visibility: 'all', assignable: '1', permissions: %w(view_calendar) }, sudo_password: 'admin'

          end

          assert_redirected_to '/roles'

        end

        def test_update_email_address

          log_user 'jsmith', 'jsmith'

        Jean-Philippe Lang
    
Activate sudo mode after password based login (#20589)....

              r14253
            
          expire_sudo_mode!

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
          get '/my/account'

          assert_response :success

          post '/my/account', user: { mail: 'newmail@test.com' }

          assert_response :success

          assert_select 'h2', 'Confirm your password to continue'

          assert_select 'form[action="/my/account"]'

        Jean-Philippe Lang
    
Removes calls to #assert_template and #assigns in integration tests....

              r15345
            
          assert_select 'input[type=hidden][name=?][value=?]', 'user[mail]', 'newmail@test.com'

          assert_select '#flash_error', 0

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
          # wrong password

          post '/my/account', user: { mail: 'newmail@test.com' }, sudo_password: 'wrong'

          assert_response :success

          assert_select 'h2', 'Confirm your password to continue'

          assert_select 'form[action="/my/account"]'

        Jean-Philippe Lang
    
Removes calls to #assert_template and #assigns in integration tests....

              r15345
            
          assert_select 'input[type=hidden][name=?][value=?]', 'user[mail]', 'newmail@test.com'

          assert_select '#flash_error'

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
          # correct password

          post '/my/account', user: { mail: 'newmail@test.com' }, sudo_password: 'jsmith'

          assert_redirected_to '/my/account'

          assert_equal 'newmail@test.com', User.find_by_login('jsmith').mail

          # sudo mode should now be active and not require password again

          post '/my/account', user: { mail: 'even.newer.mail@test.com' }

          assert_redirected_to '/my/account'

          assert_equal 'even.newer.mail@test.com', User.find_by_login('jsmith').mail

        end

        Jean-Philippe Lang
    
Don't use SudoMode.disable! to skip API requests (#19851)....

              r13956
            
        def test_sudo_mode_should_skip_api_requests

          with_settings :rest_api_enabled => '1' do

            assert_difference('User.count') do

              post '/users.json', {

                :user => {

                  :login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname',

                  :mail => 'foo@example.net', :password => 'secret123',

                  :mail_notification => 'only_assigned'}

                },

                credentials('admin')

              assert_response :created

            end

          end

        end

        Jean-Philippe Lang
    
Activate sudo mode after password based login (#20589)....

              r14253
            
        private

        # sudo mode is active after sign, let it expire by advancing the time

        def expire_sudo_mode!

          travel_to 20.minutes.from_now

        end

        Jean-Philippe Lang
    
Require password re-entry for sensitive actions (#19851)....

              r13951
            
      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951	require File.expand_path('../../test_helper', __FILE__)

Jean-Philippe Lang Adds a UI test (#19851)....	r13963	class SudoModeTest < Redmine::IntegrationTest
		fixtures :projects, :members, :member_roles, :roles, :users, :email_addresses
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951
		def setup
Jean-Philippe Lang Adds a configuration setting to enable sudo mode, disabled by default (#19851)....	r13954	Redmine::SudoMode.stubs(:enabled?).returns(true)
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951	end

Jean-Philippe Lang Fixed that reported test duration can be wrong....	r15730	def teardown
		travel_back
		end

Jean-Philippe Lang Activate sudo mode after password based login (#20589)....	r14253	def test_sudo_mode_should_be_active_after_login
		log_user("admin", "admin")
		get "/users/new"
		assert_response :success
		post "/users",
		:user => { :login => "psmith", :firstname => "Paul",
		:lastname => "Smith", :mail => "psmith@somenet.foo",
		:language => "en", :password => "psmith09",
		:password_confirmation => "psmith09" }
		assert_response 302

		user = User.find_by_login("psmith")
		assert_kind_of User, user
		end

Jean-Philippe Lang Adds a configuration setting to enable sudo mode, disabled by default (#19851)....	r13954	def test_add_user
		log_user("admin", "admin")
Jean-Philippe Lang Activate sudo mode after password based login (#20589)....	r14253	expire_sudo_mode!
Jean-Philippe Lang Adds a configuration setting to enable sudo mode, disabled by default (#19851)....	r13954	get "/users/new"
		assert_response :success
		post "/users",
		:user => { :login => "psmith", :firstname => "Paul",
		:lastname => "Smith", :mail => "psmith@somenet.foo",
		:language => "en", :password => "psmith09",
		:password_confirmation => "psmith09" }
		assert_response :success
		assert_nil User.find_by_login("psmith")

Jean-Philippe Lang Tests that submitted data is present in the sudo form (#19851)....	r13962	assert_select 'input[name=?][value=?]', 'user[login]', 'psmith'
		assert_select 'input[name=?][value=?]', 'user[firstname]', 'Paul'

Jean-Philippe Lang Adds a configuration setting to enable sudo mode, disabled by default (#19851)....	r13954	post "/users",
		:user => { :login => "psmith", :firstname => "Paul",
		:lastname => "Smith", :mail => "psmith@somenet.foo",
		:language => "en", :password => "psmith09",
		:password_confirmation => "psmith09" },
		:sudo_password => 'admin'
		assert_response 302

		user = User.find_by_login("psmith")
		assert_kind_of User, user
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951	end

		def test_create_member_xhr
		log_user 'admin', 'admin'
Jean-Philippe Lang Activate sudo mode after password based login (#20589)....	r14253	expire_sudo_mode!
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951	get '/projects/ecookbook/settings/members'
		assert_response :success

		assert_no_difference 'Member.count' do
		xhr :post, '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}
		end

		assert_no_difference 'Member.count' do
		xhr :post, '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: ''
		end

		assert_no_difference 'Member.count' do
		xhr :post, '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: 'wrong'
		end

		assert_difference 'Member.count' do
		xhr :post, '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: 'admin'
		end
		assert User.find(7).member_of?(Project.find(1))
		end

		def test_create_member
		log_user 'admin', 'admin'
Jean-Philippe Lang Activate sudo mode after password based login (#20589)....	r14253	expire_sudo_mode!
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951	get '/projects/ecookbook/settings/members'
		assert_response :success

		assert_no_difference 'Member.count' do
		post '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}
		end

		assert_no_difference 'Member.count' do
		post '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: ''
		end

		assert_no_difference 'Member.count' do
		post '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: 'wrong'
		end

		assert_difference 'Member.count' do
		post '/projects/ecookbook/memberships', membership: {role_ids: [1], user_id: 7}, sudo_password: 'admin'
		end

		assert_redirected_to '/projects/ecookbook/settings/members'
		assert User.find(7).member_of?(Project.find(1))
		end

		def test_create_role
		log_user 'admin', 'admin'
Jean-Philippe Lang Activate sudo mode after password based login (#20589)....	r14253	expire_sudo_mode!
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951	get '/roles'
		assert_response :success

		get '/roles/new'
		assert_response :success

		post '/roles', role: { }
		assert_response :success
		assert_select 'h2', 'Confirm your password to continue'
		assert_select 'form[action="/roles"]'
Jean-Philippe Lang Removes calls to #assert_template and #assigns in integration tests....	r15345	assert_select '#flash_error', 0
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951
		post '/roles', role: { name: 'new role', issues_visibility: 'all' }
		assert_response :success
		assert_select 'h2', 'Confirm your password to continue'
		assert_select 'form[action="/roles"]'
Jean-Philippe Lang Removes calls to #assert_template and #assigns in integration tests....	r15345	assert_select 'input[type=hidden][name=?][value=?]', 'role[name]', 'new role'
		assert_select '#flash_error', 0
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951
		post '/roles', role: { name: 'new role', issues_visibility: 'all' }, sudo_password: 'wrong'
		assert_response :success
		assert_select 'h2', 'Confirm your password to continue'
		assert_select 'form[action="/roles"]'
Jean-Philippe Lang Removes calls to #assert_template and #assigns in integration tests....	r15345	assert_select 'input[type=hidden][name=?][value=?]', 'role[name]', 'new role'
		assert_select '#flash_error'
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951
		assert_difference 'Role.count' do
		post '/roles', role: { name: 'new role', issues_visibility: 'all', assignable: '1', permissions: %w(view_calendar) }, sudo_password: 'admin'
		end
		assert_redirected_to '/roles'
		end

		def test_update_email_address
		log_user 'jsmith', 'jsmith'
Jean-Philippe Lang Activate sudo mode after password based login (#20589)....	r14253	expire_sudo_mode!
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951	get '/my/account'
		assert_response :success
		post '/my/account', user: { mail: 'newmail@test.com' }
		assert_response :success
		assert_select 'h2', 'Confirm your password to continue'
		assert_select 'form[action="/my/account"]'
Jean-Philippe Lang Removes calls to #assert_template and #assigns in integration tests....	r15345	assert_select 'input[type=hidden][name=?][value=?]', 'user[mail]', 'newmail@test.com'
		assert_select '#flash_error', 0
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951
		# wrong password
		post '/my/account', user: { mail: 'newmail@test.com' }, sudo_password: 'wrong'
		assert_response :success
		assert_select 'h2', 'Confirm your password to continue'
		assert_select 'form[action="/my/account"]'
Jean-Philippe Lang Removes calls to #assert_template and #assigns in integration tests....	r15345	assert_select 'input[type=hidden][name=?][value=?]', 'user[mail]', 'newmail@test.com'
		assert_select '#flash_error'
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951
		# correct password
		post '/my/account', user: { mail: 'newmail@test.com' }, sudo_password: 'jsmith'
		assert_redirected_to '/my/account'
		assert_equal 'newmail@test.com', User.find_by_login('jsmith').mail

		# sudo mode should now be active and not require password again
		post '/my/account', user: { mail: 'even.newer.mail@test.com' }
		assert_redirected_to '/my/account'
		assert_equal 'even.newer.mail@test.com', User.find_by_login('jsmith').mail
		end

Jean-Philippe Lang Don't use SudoMode.disable! to skip API requests (#19851)....	r13956	def test_sudo_mode_should_skip_api_requests
		with_settings :rest_api_enabled => '1' do
		assert_difference('User.count') do
		post '/users.json', {
		:user => {
		:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname',
		:mail => 'foo@example.net', :password => 'secret123',
		:mail_notification => 'only_assigned'}
		},
		credentials('admin')

		assert_response :created
		end
		end
		end
Jean-Philippe Lang Activate sudo mode after password based login (#20589)....	r14253
		private

		# sudo mode is active after sign, let it expire by advancing the time
		def expire_sudo_mode!
		travel_to 20.minutes.from_now
		end
Jean-Philippe Lang Require password re-entry for sensitive actions (#19851)....	r13951	end