##// END OF EJS Templates
jro_apps » redmine
RSS
Adds a test for #23346....
Jean-Philippe Lang -
r15394:009b383a37a2
parent child
Show More
Side by Side Unified
Context file:
r15394:009b383a37a2 Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,331 +1,346
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2016 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19
20 20 class AccountTest < Redmine::IntegrationTest
21 21 fixtures :users, :email_addresses, :roles
22 22
23 23 def test_login
24 24 get "/my/page"
25 25 assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage"
26 26 log_user('jsmith', 'jsmith')
27 27
28 28 get "/my/account"
29 29 assert_response :success
30 30 end
31 31
32 32 def test_login_should_set_session_token
33 33 assert_difference 'Token.count' do
34 34 log_user('jsmith', 'jsmith')
35 35
36 36 assert_equal 2, session[:user_id]
37 37 assert_not_nil session[:tk]
38 38 end
39 39 end
40 40
41 41 def test_autologin
42 42 user = User.find(1)
43 43 Token.delete_all
44 44
45 45 with_settings :autologin => '7' do
46 46 assert_difference 'Token.count', 2 do
47 47 # User logs in with 'autologin' checked
48 48 post '/login', :username => user.login, :password => 'admin', :autologin => 1
49 49 assert_redirected_to '/my/page'
50 50 end
51 51 token = Token.where(:action => 'autologin').order(:id => :desc).first
52 52 assert_not_nil token
53 53 assert_equal user, token.user
54 54 assert_equal 'autologin', token.action
55 55 assert_equal user.id, session[:user_id]
56 56 assert_equal token.value, cookies['autologin']
57 57
58 58 # Session is cleared
59 59 reset!
60 60 User.current = nil
61 61 # Clears user's last login timestamp
62 62 user.update_attribute :last_login_on, nil
63 63 assert_nil user.reload.last_login_on
64 64
65 65 # User comes back with user's autologin cookie
66 66 cookies[:autologin] = token.value
67 67 get '/my/page'
68 68 assert_response :success
69 69 assert_equal user.id, session[:user_id]
70 70 assert_not_nil user.reload.last_login_on
71 71 end
72 72 end
73 73
74 74 def test_autologin_should_use_autologin_cookie_name
75 75 Token.delete_all
76 76 Redmine::Configuration.stubs(:[]).with('autologin_cookie_name').returns('custom_autologin')
77 77 Redmine::Configuration.stubs(:[]).with('autologin_cookie_path').returns('/')
78 78 Redmine::Configuration.stubs(:[]).with('autologin_cookie_secure').returns(false)
79 79 Redmine::Configuration.stubs(:[]).with('sudo_mode_timeout').returns(15)
80 80
81 81 with_settings :autologin => '7' do
82 82 assert_difference 'Token.count', 2 do
83 83 post '/login', :username => 'admin', :password => 'admin', :autologin => 1
84 84 assert_response 302
85 85 end
86 86 assert cookies['custom_autologin'].present?
87 87 token = cookies['custom_autologin']
88 88
89 89 # Session is cleared
90 90 reset!
91 91 cookies['custom_autologin'] = token
92 92 get '/my/page'
93 93 assert_response :success
94 94
95 95 assert_difference 'Token.count', -2 do
96 96 post '/logout'
97 97 end
98 98 assert cookies['custom_autologin'].blank?
99 99 end
100 100 end
101 101
102 102 def test_lost_password
103 103 Token.delete_all
104 104
105 105 get "/account/lost_password"
106 106 assert_response :success
107 107 assert_select 'input[name=mail]'
108 108
109 109 post "/account/lost_password", :mail => 'jSmith@somenet.foo'
110 110 assert_redirected_to "/login"
111 111
112 112 token = Token.first
113 113 assert_equal 'recovery', token.action
114 114 assert_equal 'jsmith@somenet.foo', token.user.mail
115 115 assert !token.expired?
116 116
117 117 get "/account/lost_password", :token => token.value
118 118 assert_response :success
119 119 assert_select 'input[type=hidden][name=token][value=?]', token.value
120 120 assert_select 'input[name=new_password]'
121 121 assert_select 'input[name=new_password_confirmation]'
122 122
123 123 post "/account/lost_password",
124 124 :token => token.value, :new_password => 'newpass123',
125 125 :new_password_confirmation => 'newpass123'
126 126 assert_redirected_to "/login"
127 127 assert_equal 'Password was successfully updated.', flash[:notice]
128 128
129 129 log_user('jsmith', 'newpass123')
130 130 assert_equal false, Token.exists?(token.id), "Password recovery token was not deleted"
131 131 end
132 132
133 133 def test_user_with_must_change_passwd_should_be_forced_to_change_its_password
134 134 User.find_by_login('jsmith').update_attribute :must_change_passwd, true
135 135
136 136 post '/login', :username => 'jsmith', :password => 'jsmith'
137 137 assert_redirected_to '/my/page'
138 138 follow_redirect!
139 139 assert_redirected_to '/my/password'
140 140
141 141 get '/issues'
142 142 assert_redirected_to '/my/password'
143 143 end
144 144
145 def test_flash_message_should_use_user_language_when_redirecting_user_for_password_change
146 user = User.find_by_login('jsmith')
147 user.must_change_passwd = true
148 user.language = 'it'
149 user.save!
150
151 post '/login', :username => 'jsmith', :password => 'jsmith'
152 assert_redirected_to '/my/page'
153 follow_redirect!
154 assert_redirected_to '/my/password'
155 follow_redirect!
156
157 assert_select 'div.error', :text => /richiesto che sia cambiata/
158 end
159
145 160 def test_user_with_must_change_passwd_should_be_able_to_change_its_password
146 161 User.find_by_login('jsmith').update_attribute :must_change_passwd, true
147 162
148 163 post '/login', :username => 'jsmith', :password => 'jsmith'
149 164 assert_redirected_to '/my/page'
150 165 follow_redirect!
151 166 assert_redirected_to '/my/password'
152 167 follow_redirect!
153 168 assert_response :success
154 169 post '/my/password', :password => 'jsmith', :new_password => 'newpassword', :new_password_confirmation => 'newpassword'
155 170 assert_redirected_to '/my/account'
156 171 follow_redirect!
157 172 assert_response :success
158 173
159 174 assert_equal false, User.find_by_login('jsmith').must_change_passwd?
160 175 end
161 176
162 177 def test_user_with_expired_password_should_be_forced_to_change_its_password
163 178 User.find_by_login('jsmith').update_attribute :passwd_changed_on, 14.days.ago
164 179
165 180 with_settings :password_max_age => 7 do
166 181 post '/login', :username => 'jsmith', :password => 'jsmith'
167 182 assert_redirected_to '/my/page'
168 183 follow_redirect!
169 184 assert_redirected_to '/my/password'
170 185
171 186 get '/issues'
172 187 assert_redirected_to '/my/password'
173 188 end
174 189 end
175 190
176 191 def test_user_with_expired_password_should_be_able_to_change_its_password
177 192 User.find_by_login('jsmith').update_attribute :passwd_changed_on, 14.days.ago
178 193
179 194 with_settings :password_max_age => 7 do
180 195 post '/login', :username => 'jsmith', :password => 'jsmith'
181 196 assert_redirected_to '/my/page'
182 197 follow_redirect!
183 198 assert_redirected_to '/my/password'
184 199 follow_redirect!
185 200 assert_response :success
186 201 post '/my/password', :password => 'jsmith', :new_password => 'newpassword', :new_password_confirmation => 'newpassword'
187 202 assert_redirected_to '/my/account'
188 203 follow_redirect!
189 204 assert_response :success
190 205
191 206 assert_equal false, User.find_by_login('jsmith').must_change_passwd?
192 207 end
193 208
194 209 end
195 210
196 211 def test_register_with_automatic_activation
197 212 Setting.self_registration = '3'
198 213
199 214 get '/account/register'
200 215 assert_response :success
201 216
202 217 post '/account/register',
203 218 :user => {:login => "newuser", :language => "en",
204 219 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
205 220 :password => "newpass123", :password_confirmation => "newpass123"}
206 221 assert_redirected_to '/my/account'
207 222 follow_redirect!
208 223 assert_response :success
209 224
210 225 user = User.find_by_login('newuser')
211 226 assert_not_nil user
212 227 assert user.active?
213 228 assert_not_nil user.last_login_on
214 229 end
215 230
216 231 def test_register_with_manual_activation
217 232 Setting.self_registration = '2'
218 233
219 234 post '/account/register',
220 235 :user => {:login => "newuser", :language => "en",
221 236 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
222 237 :password => "newpass123", :password_confirmation => "newpass123"}
223 238 assert_redirected_to '/login'
224 239 assert !User.find_by_login('newuser').active?
225 240 end
226 241
227 242 def test_register_with_email_activation
228 243 Setting.self_registration = '1'
229 244 Token.delete_all
230 245
231 246 post '/account/register',
232 247 :user => {:login => "newuser", :language => "en",
233 248 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
234 249 :password => "newpass123", :password_confirmation => "newpass123"}
235 250 assert_redirected_to '/login'
236 251 assert !User.find_by_login('newuser').active?
237 252
238 253 token = Token.first
239 254 assert_equal 'register', token.action
240 255 assert_equal 'newuser@foo.bar', token.user.mail
241 256 assert !token.expired?
242 257
243 258 get '/account/activate', :token => token.value
244 259 assert_redirected_to '/login'
245 260 log_user('newuser', 'newpass123')
246 261 end
247 262
248 263 def test_onthefly_registration
249 264 # disable registration
250 265 Setting.self_registration = '0'
251 266 AuthSource.expects(:authenticate).returns(
252 267 {:login => 'foo', :firstname => 'Foo', :lastname => 'Smith',
253 268 :mail => 'foo@bar.com', :auth_source_id => 66})
254 269
255 270 post '/login', :username => 'foo', :password => 'bar'
256 271 assert_redirected_to '/my/page'
257 272
258 273 user = User.find_by_login('foo')
259 274 assert user.is_a?(User)
260 275 assert_equal 66, user.auth_source_id
261 276 assert user.hashed_password.blank?
262 277 end
263 278
264 279 def test_onthefly_registration_with_invalid_attributes
265 280 # disable registration
266 281 Setting.self_registration = '0'
267 282 AuthSource.expects(:authenticate).returns(
268 283 {:login => 'foo', :lastname => 'Smith', :auth_source_id => 66})
269 284
270 285 post '/login', :username => 'foo', :password => 'bar'
271 286 assert_response :success
272 287 assert_select 'input[name=?][value=""]', 'user[firstname]'
273 288 assert_select 'input[name=?][value=Smith]', 'user[lastname]'
274 289 assert_select 'input[name=?]', 'user[login]', 0
275 290 assert_select 'input[name=?]', 'user[password]', 0
276 291
277 292 post '/account/register',
278 293 :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
279 294 assert_redirected_to '/my/account'
280 295
281 296 user = User.find_by_login('foo')
282 297 assert user.is_a?(User)
283 298 assert_equal 66, user.auth_source_id
284 299 assert user.hashed_password.blank?
285 300 end
286 301
287 302 def test_registered_user_should_be_able_to_get_a_new_activation_email
288 303 Token.delete_all
289 304
290 305 with_settings :self_registration => '1', :default_language => 'en' do
291 306 # register a new account
292 307 assert_difference 'User.count' do
293 308 assert_difference 'Token.count' do
294 309 post '/account/register',
295 310 :user => {:login => "newuser", :language => "en",
296 311 :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
297 312 :password => "newpass123", :password_confirmation => "newpass123"}
298 313 end
299 314 end
300 315 user = User.order('id desc').first
301 316 assert_equal User::STATUS_REGISTERED, user.status
302 317 reset!
303 318
304 319 # try to use "lost password"
305 320 assert_no_difference 'ActionMailer::Base.deliveries.size' do
306 321 post '/account/lost_password', :mail => 'newuser@foo.bar'
307 322 end
308 323 assert_redirected_to '/account/lost_password'
309 324 follow_redirect!
310 325 assert_response :success
311 326 assert_select 'div.flash', :text => /new activation email/
312 327 assert_select 'div.flash a[href="/account/activation_email"]'
313 328
314 329 # request a new action activation email
315 330 assert_difference 'ActionMailer::Base.deliveries.size' do
316 331 get '/account/activation_email'
317 332 end
318 333 assert_redirected_to '/login'
319 334 token = Token.order('id desc').first
320 335 activation_path = "/account/activate?token=#{token.value}"
321 336 assert_include activation_path, mail_body(ActionMailer::Base.deliveries.last)
322 337
323 338 # activate the account
324 339 get activation_path
325 340 assert_redirected_to '/login'
326 341
327 342 post '/login', :username => 'newuser', :password => 'newpass123'
328 343 assert_redirected_to '/my/page'
329 344 end
330 345 end
331 346 end
General Comments 0
You need to be logged in to leave comments. Login now