##// END OF EJS Templates
jro_apps » redmine
RSS
Missing fixtures....
Jean-Philippe Lang -
r13507:193bb9362de0
parent child
Show More
Side by Side Unified
Context file:
r13507:193bb9362de0 Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,424 +1,424
1 # Redmine - project management software
1 # Redmine - project management software
2 # Copyright (C) 2006-2015 Jean-Philippe Lang
2 # Copyright (C) 2006-2015 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 require File.expand_path('../../test_helper', __FILE__)
18 require File.expand_path('../../test_helper', __FILE__)
19
19
20 class AccountControllerTest < ActionController::TestCase
20 class AccountControllerTest < ActionController::TestCase
21 fixtures :users, :roles
21 fixtures :users, :email_addresses, :roles
22
22
23 def setup
23 def setup
24 User.current = nil
24 User.current = nil
25 end
25 end
26
26
27 def test_get_login
27 def test_get_login
28 get :login
28 get :login
29 assert_response :success
29 assert_response :success
30 assert_template 'login'
30 assert_template 'login'
31
31
32 assert_select 'input[name=username]'
32 assert_select 'input[name=username]'
33 assert_select 'input[name=password]'
33 assert_select 'input[name=password]'
34 end
34 end
35
35
36 def test_get_login_while_logged_in_should_redirect_to_back_url_if_present
36 def test_get_login_while_logged_in_should_redirect_to_back_url_if_present
37 @request.session[:user_id] = 2
37 @request.session[:user_id] = 2
38 @request.env["HTTP_REFERER"] = 'http://test.host/issues/show/1'
38 @request.env["HTTP_REFERER"] = 'http://test.host/issues/show/1'
39
39
40 get :login, :back_url => 'http://test.host/issues/show/1'
40 get :login, :back_url => 'http://test.host/issues/show/1'
41 assert_redirected_to '/issues/show/1'
41 assert_redirected_to '/issues/show/1'
42 assert_equal 2, @request.session[:user_id]
42 assert_equal 2, @request.session[:user_id]
43 end
43 end
44
44
45 def test_get_login_while_logged_in_should_redirect_to_referer_without_back_url
45 def test_get_login_while_logged_in_should_redirect_to_referer_without_back_url
46 @request.session[:user_id] = 2
46 @request.session[:user_id] = 2
47 @request.env["HTTP_REFERER"] = 'http://test.host/issues/show/1'
47 @request.env["HTTP_REFERER"] = 'http://test.host/issues/show/1'
48
48
49 get :login
49 get :login
50 assert_redirected_to '/issues/show/1'
50 assert_redirected_to '/issues/show/1'
51 assert_equal 2, @request.session[:user_id]
51 assert_equal 2, @request.session[:user_id]
52 end
52 end
53
53
54 def test_get_login_while_logged_in_should_redirect_to_home_by_default
54 def test_get_login_while_logged_in_should_redirect_to_home_by_default
55 @request.session[:user_id] = 2
55 @request.session[:user_id] = 2
56
56
57 get :login
57 get :login
58 assert_redirected_to '/'
58 assert_redirected_to '/'
59 assert_equal 2, @request.session[:user_id]
59 assert_equal 2, @request.session[:user_id]
60 end
60 end
61
61
62 def test_login_should_redirect_to_back_url_param
62 def test_login_should_redirect_to_back_url_param
63 # request.uri is "test.host" in test environment
63 # request.uri is "test.host" in test environment
64 back_urls = [
64 back_urls = [
65 'http://test.host/issues/show/1',
65 'http://test.host/issues/show/1',
66 '/'
66 '/'
67 ]
67 ]
68 back_urls.each do |back_url|
68 back_urls.each do |back_url|
69 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
69 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
70 assert_redirected_to back_url
70 assert_redirected_to back_url
71 end
71 end
72 end
72 end
73
73
74 def test_login_with_suburi_should_redirect_to_back_url_param
74 def test_login_with_suburi_should_redirect_to_back_url_param
75 @relative_url_root = Redmine::Utils.relative_url_root
75 @relative_url_root = Redmine::Utils.relative_url_root
76 Redmine::Utils.relative_url_root = '/redmine'
76 Redmine::Utils.relative_url_root = '/redmine'
77
77
78 back_urls = [
78 back_urls = [
79 'http://test.host/redmine/issues/show/1',
79 'http://test.host/redmine/issues/show/1',
80 '/redmine'
80 '/redmine'
81 ]
81 ]
82 back_urls.each do |back_url|
82 back_urls.each do |back_url|
83 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
83 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
84 assert_redirected_to back_url
84 assert_redirected_to back_url
85 end
85 end
86 ensure
86 ensure
87 Redmine::Utils.relative_url_root = @relative_url_root
87 Redmine::Utils.relative_url_root = @relative_url_root
88 end
88 end
89
89
90 def test_login_should_not_redirect_to_another_host
90 def test_login_should_not_redirect_to_another_host
91 back_urls = [
91 back_urls = [
92 'http://test.foo/fake',
92 'http://test.foo/fake',
93 '//test.foo/fake'
93 '//test.foo/fake'
94 ]
94 ]
95 back_urls.each do |back_url|
95 back_urls.each do |back_url|
96 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
96 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
97 assert_redirected_to '/my/page'
97 assert_redirected_to '/my/page'
98 end
98 end
99 end
99 end
100
100
101 def test_login_with_suburi_should_not_redirect_to_another_suburi
101 def test_login_with_suburi_should_not_redirect_to_another_suburi
102 @relative_url_root = Redmine::Utils.relative_url_root
102 @relative_url_root = Redmine::Utils.relative_url_root
103 Redmine::Utils.relative_url_root = '/redmine'
103 Redmine::Utils.relative_url_root = '/redmine'
104
104
105 back_urls = [
105 back_urls = [
106 'http://test.host/',
106 'http://test.host/',
107 'http://test.host/fake',
107 'http://test.host/fake',
108 'http://test.host/fake/issues',
108 'http://test.host/fake/issues',
109 'http://test.host/redmine/../fake',
109 'http://test.host/redmine/../fake',
110 'http://test.host/redmine/../fake/issues',
110 'http://test.host/redmine/../fake/issues',
111 'http://test.host/redmine/%2e%2e/fake'
111 'http://test.host/redmine/%2e%2e/fake'
112 ]
112 ]
113 back_urls.each do |back_url|
113 back_urls.each do |back_url|
114 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
114 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => back_url
115 assert_redirected_to '/my/page'
115 assert_redirected_to '/my/page'
116 end
116 end
117 ensure
117 ensure
118 Redmine::Utils.relative_url_root = @relative_url_root
118 Redmine::Utils.relative_url_root = @relative_url_root
119 end
119 end
120
120
121 def test_login_with_wrong_password
121 def test_login_with_wrong_password
122 post :login, :username => 'admin', :password => 'bad'
122 post :login, :username => 'admin', :password => 'bad'
123 assert_response :success
123 assert_response :success
124 assert_template 'login'
124 assert_template 'login'
125
125
126 assert_select 'div.flash.error', :text => /Invalid user or password/
126 assert_select 'div.flash.error', :text => /Invalid user or password/
127 assert_select 'input[name=username][value=admin]'
127 assert_select 'input[name=username][value=admin]'
128 assert_select 'input[name=password]'
128 assert_select 'input[name=password]'
129 assert_select 'input[name=password][value]', 0
129 assert_select 'input[name=password][value]', 0
130 end
130 end
131
131
132 def test_login_with_locked_account_should_fail
132 def test_login_with_locked_account_should_fail
133 User.find(2).update_attribute :status, User::STATUS_LOCKED
133 User.find(2).update_attribute :status, User::STATUS_LOCKED
134
134
135 post :login, :username => 'jsmith', :password => 'jsmith'
135 post :login, :username => 'jsmith', :password => 'jsmith'
136 assert_redirected_to '/login'
136 assert_redirected_to '/login'
137 assert_include 'locked', flash[:error]
137 assert_include 'locked', flash[:error]
138 assert_nil @request.session[:user_id]
138 assert_nil @request.session[:user_id]
139 end
139 end
140
140
141 def test_login_as_registered_user_with_manual_activation_should_inform_user
141 def test_login_as_registered_user_with_manual_activation_should_inform_user
142 User.find(2).update_attribute :status, User::STATUS_REGISTERED
142 User.find(2).update_attribute :status, User::STATUS_REGISTERED
143
143
144 with_settings :self_registration => '2', :default_language => 'en' do
144 with_settings :self_registration => '2', :default_language => 'en' do
145 post :login, :username => 'jsmith', :password => 'jsmith'
145 post :login, :username => 'jsmith', :password => 'jsmith'
146 assert_redirected_to '/login'
146 assert_redirected_to '/login'
147 assert_include 'pending administrator approval', flash[:error]
147 assert_include 'pending administrator approval', flash[:error]
148 end
148 end
149 end
149 end
150
150
151 def test_login_as_registered_user_with_email_activation_should_propose_new_activation_email
151 def test_login_as_registered_user_with_email_activation_should_propose_new_activation_email
152 User.find(2).update_attribute :status, User::STATUS_REGISTERED
152 User.find(2).update_attribute :status, User::STATUS_REGISTERED
153
153
154 with_settings :self_registration => '1', :default_language => 'en' do
154 with_settings :self_registration => '1', :default_language => 'en' do
155 post :login, :username => 'jsmith', :password => 'jsmith'
155 post :login, :username => 'jsmith', :password => 'jsmith'
156 assert_redirected_to '/login'
156 assert_redirected_to '/login'
157 assert_equal 2, @request.session[:registered_user_id]
157 assert_equal 2, @request.session[:registered_user_id]
158 assert_include 'new activation email', flash[:error]
158 assert_include 'new activation email', flash[:error]
159 end
159 end
160 end
160 end
161
161
162 def test_login_should_rescue_auth_source_exception
162 def test_login_should_rescue_auth_source_exception
163 source = AuthSource.create!(:name => 'Test')
163 source = AuthSource.create!(:name => 'Test')
164 User.find(2).update_attribute :auth_source_id, source.id
164 User.find(2).update_attribute :auth_source_id, source.id
165 AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong"))
165 AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong"))
166
166
167 post :login, :username => 'jsmith', :password => 'jsmith'
167 post :login, :username => 'jsmith', :password => 'jsmith'
168 assert_response 500
168 assert_response 500
169 assert_select_error /Something wrong/
169 assert_select_error /Something wrong/
170 end
170 end
171
171
172 def test_login_should_reset_session
172 def test_login_should_reset_session
173 @controller.expects(:reset_session).once
173 @controller.expects(:reset_session).once
174
174
175 post :login, :username => 'jsmith', :password => 'jsmith'
175 post :login, :username => 'jsmith', :password => 'jsmith'
176 assert_response 302
176 assert_response 302
177 end
177 end
178
178
179 def test_get_logout_should_not_logout
179 def test_get_logout_should_not_logout
180 @request.session[:user_id] = 2
180 @request.session[:user_id] = 2
181 get :logout
181 get :logout
182 assert_response :success
182 assert_response :success
183 assert_template 'logout'
183 assert_template 'logout'
184
184
185 assert_equal 2, @request.session[:user_id]
185 assert_equal 2, @request.session[:user_id]
186 end
186 end
187
187
188 def test_get_logout_with_anonymous_should_redirect
188 def test_get_logout_with_anonymous_should_redirect
189 get :logout
189 get :logout
190 assert_redirected_to '/'
190 assert_redirected_to '/'
191 end
191 end
192
192
193 def test_logout
193 def test_logout
194 @request.session[:user_id] = 2
194 @request.session[:user_id] = 2
195 post :logout
195 post :logout
196 assert_redirected_to '/'
196 assert_redirected_to '/'
197 assert_nil @request.session[:user_id]
197 assert_nil @request.session[:user_id]
198 end
198 end
199
199
200 def test_logout_should_reset_session
200 def test_logout_should_reset_session
201 @controller.expects(:reset_session).once
201 @controller.expects(:reset_session).once
202
202
203 @request.session[:user_id] = 2
203 @request.session[:user_id] = 2
204 post :logout
204 post :logout
205 assert_response 302
205 assert_response 302
206 end
206 end
207
207
208 def test_get_register_with_registration_on
208 def test_get_register_with_registration_on
209 with_settings :self_registration => '3' do
209 with_settings :self_registration => '3' do
210 get :register
210 get :register
211 assert_response :success
211 assert_response :success
212 assert_template 'register'
212 assert_template 'register'
213 assert_not_nil assigns(:user)
213 assert_not_nil assigns(:user)
214
214
215 assert_select 'input[name=?]', 'user[password]'
215 assert_select 'input[name=?]', 'user[password]'
216 assert_select 'input[name=?]', 'user[password_confirmation]'
216 assert_select 'input[name=?]', 'user[password_confirmation]'
217 end
217 end
218 end
218 end
219
219
220 def test_get_register_should_detect_user_language
220 def test_get_register_should_detect_user_language
221 with_settings :self_registration => '3' do
221 with_settings :self_registration => '3' do
222 @request.env['HTTP_ACCEPT_LANGUAGE'] = 'fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3'
222 @request.env['HTTP_ACCEPT_LANGUAGE'] = 'fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3'
223 get :register
223 get :register
224 assert_response :success
224 assert_response :success
225 assert_not_nil assigns(:user)
225 assert_not_nil assigns(:user)
226 assert_equal 'fr', assigns(:user).language
226 assert_equal 'fr', assigns(:user).language
227 assert_select 'select[name=?]', 'user[language]' do
227 assert_select 'select[name=?]', 'user[language]' do
228 assert_select 'option[value=fr][selected=selected]'
228 assert_select 'option[value=fr][selected=selected]'
229 end
229 end
230 end
230 end
231 end
231 end
232
232
233 def test_get_register_with_registration_off_should_redirect
233 def test_get_register_with_registration_off_should_redirect
234 with_settings :self_registration => '0' do
234 with_settings :self_registration => '0' do
235 get :register
235 get :register
236 assert_redirected_to '/'
236 assert_redirected_to '/'
237 end
237 end
238 end
238 end
239
239
240 # See integration/account_test.rb for the full test
240 # See integration/account_test.rb for the full test
241 def test_post_register_with_registration_on
241 def test_post_register_with_registration_on
242 with_settings :self_registration => '3' do
242 with_settings :self_registration => '3' do
243 assert_difference 'User.count' do
243 assert_difference 'User.count' do
244 post :register, :user => {
244 post :register, :user => {
245 :login => 'register',
245 :login => 'register',
246 :password => 'secret123',
246 :password => 'secret123',
247 :password_confirmation => 'secret123',
247 :password_confirmation => 'secret123',
248 :firstname => 'John',
248 :firstname => 'John',
249 :lastname => 'Doe',
249 :lastname => 'Doe',
250 :mail => 'register@example.com'
250 :mail => 'register@example.com'
251 }
251 }
252 assert_redirected_to '/my/account'
252 assert_redirected_to '/my/account'
253 end
253 end
254 user = User.order('id DESC').first
254 user = User.order('id DESC').first
255 assert_equal 'register', user.login
255 assert_equal 'register', user.login
256 assert_equal 'John', user.firstname
256 assert_equal 'John', user.firstname
257 assert_equal 'Doe', user.lastname
257 assert_equal 'Doe', user.lastname
258 assert_equal 'register@example.com', user.mail
258 assert_equal 'register@example.com', user.mail
259 assert user.check_password?('secret123')
259 assert user.check_password?('secret123')
260 assert user.active?
260 assert user.active?
261 end
261 end
262 end
262 end
263
263
264 def test_post_register_with_registration_off_should_redirect
264 def test_post_register_with_registration_off_should_redirect
265 with_settings :self_registration => '0' do
265 with_settings :self_registration => '0' do
266 assert_no_difference 'User.count' do
266 assert_no_difference 'User.count' do
267 post :register, :user => {
267 post :register, :user => {
268 :login => 'register',
268 :login => 'register',
269 :password => 'test',
269 :password => 'test',
270 :password_confirmation => 'test',
270 :password_confirmation => 'test',
271 :firstname => 'John',
271 :firstname => 'John',
272 :lastname => 'Doe',
272 :lastname => 'Doe',
273 :mail => 'register@example.com'
273 :mail => 'register@example.com'
274 }
274 }
275 assert_redirected_to '/'
275 assert_redirected_to '/'
276 end
276 end
277 end
277 end
278 end
278 end
279
279
280 def test_get_lost_password_should_display_lost_password_form
280 def test_get_lost_password_should_display_lost_password_form
281 get :lost_password
281 get :lost_password
282 assert_response :success
282 assert_response :success
283 assert_select 'input[name=mail]'
283 assert_select 'input[name=mail]'
284 end
284 end
285
285
286 def test_lost_password_for_active_user_should_create_a_token
286 def test_lost_password_for_active_user_should_create_a_token
287 Token.delete_all
287 Token.delete_all
288 ActionMailer::Base.deliveries.clear
288 ActionMailer::Base.deliveries.clear
289 assert_difference 'ActionMailer::Base.deliveries.size' do
289 assert_difference 'ActionMailer::Base.deliveries.size' do
290 assert_difference 'Token.count' do
290 assert_difference 'Token.count' do
291 with_settings :host_name => 'mydomain.foo', :protocol => 'http' do
291 with_settings :host_name => 'mydomain.foo', :protocol => 'http' do
292 post :lost_password, :mail => 'JSmith@somenet.foo'
292 post :lost_password, :mail => 'JSmith@somenet.foo'
293 assert_redirected_to '/login'
293 assert_redirected_to '/login'
294 end
294 end
295 end
295 end
296 end
296 end
297
297
298 token = Token.order('id DESC').first
298 token = Token.order('id DESC').first
299 assert_equal User.find(2), token.user
299 assert_equal User.find(2), token.user
300 assert_equal 'recovery', token.action
300 assert_equal 'recovery', token.action
301
301
302 assert_select_email do
302 assert_select_email do
303 assert_select "a[href=?]", "http://mydomain.foo/account/lost_password?token=#{token.value}"
303 assert_select "a[href=?]", "http://mydomain.foo/account/lost_password?token=#{token.value}"
304 end
304 end
305 end
305 end
306
306
307 def test_lost_password_using_additional_email_address_should_send_email_to_the_address
307 def test_lost_password_using_additional_email_address_should_send_email_to_the_address
308 EmailAddress.create!(:user_id => 2, :address => 'anotherAddress@foo.bar')
308 EmailAddress.create!(:user_id => 2, :address => 'anotherAddress@foo.bar')
309 Token.delete_all
309 Token.delete_all
310
310
311 assert_difference 'ActionMailer::Base.deliveries.size' do
311 assert_difference 'ActionMailer::Base.deliveries.size' do
312 assert_difference 'Token.count' do
312 assert_difference 'Token.count' do
313 post :lost_password, :mail => 'ANOTHERaddress@foo.bar'
313 post :lost_password, :mail => 'ANOTHERaddress@foo.bar'
314 assert_redirected_to '/login'
314 assert_redirected_to '/login'
315 end
315 end
316 end
316 end
317 mail = ActionMailer::Base.deliveries.last
317 mail = ActionMailer::Base.deliveries.last
318 assert_equal ['anotherAddress@foo.bar'], mail.bcc
318 assert_equal ['anotherAddress@foo.bar'], mail.bcc
319 end
319 end
320
320
321 def test_lost_password_for_unknown_user_should_fail
321 def test_lost_password_for_unknown_user_should_fail
322 Token.delete_all
322 Token.delete_all
323 assert_no_difference 'Token.count' do
323 assert_no_difference 'Token.count' do
324 post :lost_password, :mail => 'invalid@somenet.foo'
324 post :lost_password, :mail => 'invalid@somenet.foo'
325 assert_response :success
325 assert_response :success
326 end
326 end
327 end
327 end
328
328
329 def test_lost_password_for_non_active_user_should_fail
329 def test_lost_password_for_non_active_user_should_fail
330 Token.delete_all
330 Token.delete_all
331 assert User.find(2).lock!
331 assert User.find(2).lock!
332
332
333 assert_no_difference 'Token.count' do
333 assert_no_difference 'Token.count' do
334 post :lost_password, :mail => 'JSmith@somenet.foo'
334 post :lost_password, :mail => 'JSmith@somenet.foo'
335 assert_redirected_to '/account/lost_password'
335 assert_redirected_to '/account/lost_password'
336 end
336 end
337 end
337 end
338
338
339 def test_lost_password_for_user_who_cannot_change_password_should_fail
339 def test_lost_password_for_user_who_cannot_change_password_should_fail
340 User.any_instance.stubs(:change_password_allowed?).returns(false)
340 User.any_instance.stubs(:change_password_allowed?).returns(false)
341
341
342 assert_no_difference 'Token.count' do
342 assert_no_difference 'Token.count' do
343 post :lost_password, :mail => 'JSmith@somenet.foo'
343 post :lost_password, :mail => 'JSmith@somenet.foo'
344 assert_response :success
344 assert_response :success
345 end
345 end
346 end
346 end
347
347
348 def test_get_lost_password_with_token_should_display_the_password_recovery_form
348 def test_get_lost_password_with_token_should_display_the_password_recovery_form
349 user = User.find(2)
349 user = User.find(2)
350 token = Token.create!(:action => 'recovery', :user => user)
350 token = Token.create!(:action => 'recovery', :user => user)
351
351
352 get :lost_password, :token => token.value
352 get :lost_password, :token => token.value
353 assert_response :success
353 assert_response :success
354 assert_template 'password_recovery'
354 assert_template 'password_recovery'
355
355
356 assert_select 'input[type=hidden][name=token][value=?]', token.value
356 assert_select 'input[type=hidden][name=token][value=?]', token.value
357 end
357 end
358
358
359 def test_get_lost_password_with_invalid_token_should_redirect
359 def test_get_lost_password_with_invalid_token_should_redirect
360 get :lost_password, :token => "abcdef"
360 get :lost_password, :token => "abcdef"
361 assert_redirected_to '/'
361 assert_redirected_to '/'
362 end
362 end
363
363
364 def test_post_lost_password_with_token_should_change_the_user_password
364 def test_post_lost_password_with_token_should_change_the_user_password
365 user = User.find(2)
365 user = User.find(2)
366 token = Token.create!(:action => 'recovery', :user => user)
366 token = Token.create!(:action => 'recovery', :user => user)
367
367
368 post :lost_password, :token => token.value, :new_password => 'newpass123', :new_password_confirmation => 'newpass123'
368 post :lost_password, :token => token.value, :new_password => 'newpass123', :new_password_confirmation => 'newpass123'
369 assert_redirected_to '/login'
369 assert_redirected_to '/login'
370 user.reload
370 user.reload
371 assert user.check_password?('newpass123')
371 assert user.check_password?('newpass123')
372 assert_nil Token.find_by_id(token.id), "Token was not deleted"
372 assert_nil Token.find_by_id(token.id), "Token was not deleted"
373 end
373 end
374
374
375 def test_post_lost_password_with_token_for_non_active_user_should_fail
375 def test_post_lost_password_with_token_for_non_active_user_should_fail
376 user = User.find(2)
376 user = User.find(2)
377 token = Token.create!(:action => 'recovery', :user => user)
377 token = Token.create!(:action => 'recovery', :user => user)
378 user.lock!
378 user.lock!
379
379
380 post :lost_password, :token => token.value, :new_password => 'newpass123', :new_password_confirmation => 'newpass123'
380 post :lost_password, :token => token.value, :new_password => 'newpass123', :new_password_confirmation => 'newpass123'
381 assert_redirected_to '/'
381 assert_redirected_to '/'
382 assert ! user.check_password?('newpass123')
382 assert ! user.check_password?('newpass123')
383 end
383 end
384
384
385 def test_post_lost_password_with_token_and_password_confirmation_failure_should_redisplay_the_form
385 def test_post_lost_password_with_token_and_password_confirmation_failure_should_redisplay_the_form
386 user = User.find(2)
386 user = User.find(2)
387 token = Token.create!(:action => 'recovery', :user => user)
387 token = Token.create!(:action => 'recovery', :user => user)
388
388
389 post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'wrongpass'
389 post :lost_password, :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'wrongpass'
390 assert_response :success
390 assert_response :success
391 assert_template 'password_recovery'
391 assert_template 'password_recovery'
392 assert_not_nil Token.find_by_id(token.id), "Token was deleted"
392 assert_not_nil Token.find_by_id(token.id), "Token was deleted"
393
393
394 assert_select 'input[type=hidden][name=token][value=?]', token.value
394 assert_select 'input[type=hidden][name=token][value=?]', token.value
395 end
395 end
396
396
397 def test_post_lost_password_with_invalid_token_should_redirect
397 def test_post_lost_password_with_invalid_token_should_redirect
398 post :lost_password, :token => "abcdef", :new_password => 'newpass', :new_password_confirmation => 'newpass'
398 post :lost_password, :token => "abcdef", :new_password => 'newpass', :new_password_confirmation => 'newpass'
399 assert_redirected_to '/'
399 assert_redirected_to '/'
400 end
400 end
401
401
402 def test_activation_email_should_send_an_activation_email
402 def test_activation_email_should_send_an_activation_email
403 User.find(2).update_attribute :status, User::STATUS_REGISTERED
403 User.find(2).update_attribute :status, User::STATUS_REGISTERED
404 @request.session[:registered_user_id] = 2
404 @request.session[:registered_user_id] = 2
405
405
406 with_settings :self_registration => '1' do
406 with_settings :self_registration => '1' do
407 assert_difference 'ActionMailer::Base.deliveries.size' do
407 assert_difference 'ActionMailer::Base.deliveries.size' do
408 get :activation_email
408 get :activation_email
409 assert_redirected_to '/login'
409 assert_redirected_to '/login'
410 end
410 end
411 end
411 end
412 end
412 end
413
413
414 def test_activation_email_without_session_data_should_fail
414 def test_activation_email_without_session_data_should_fail
415 User.find(2).update_attribute :status, User::STATUS_REGISTERED
415 User.find(2).update_attribute :status, User::STATUS_REGISTERED
416
416
417 with_settings :self_registration => '1' do
417 with_settings :self_registration => '1' do
418 assert_no_difference 'ActionMailer::Base.deliveries.size' do
418 assert_no_difference 'ActionMailer::Base.deliveries.size' do
419 get :activation_email
419 get :activation_email
420 assert_redirected_to '/'
420 assert_redirected_to '/'
421 end
421 end
422 end
422 end
423 end
423 end
424 end
424 end
Show file before | Show file after | Hide comments
@@ -1,64 +1,64
1 # Redmine - project management software
1 # Redmine - project management software
2 # Copyright (C) 2006-2015 Jean-Philippe Lang
2 # Copyright (C) 2006-2015 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 require File.expand_path('../../test_helper', __FILE__)
18 require File.expand_path('../../test_helper', __FILE__)
19
19
20 class CommentsControllerTest < ActionController::TestCase
20 class CommentsControllerTest < ActionController::TestCase
21 fixtures :projects, :users, :roles, :members, :member_roles, :enabled_modules, :news, :comments
21 fixtures :projects, :users, :email_addresses, :roles, :members, :member_roles, :enabled_modules, :news, :comments
22
22
23 def setup
23 def setup
24 User.current = nil
24 User.current = nil
25 end
25 end
26
26
27 def test_add_comment
27 def test_add_comment
28 @request.session[:user_id] = 2
28 @request.session[:user_id] = 2
29 post :create, :id => 1, :comment => { :comments => 'This is a test comment' }
29 post :create, :id => 1, :comment => { :comments => 'This is a test comment' }
30 assert_redirected_to '/news/1'
30 assert_redirected_to '/news/1'
31
31
32 comment = News.find(1).comments.last
32 comment = News.find(1).comments.last
33 assert_not_nil comment
33 assert_not_nil comment
34 assert_equal 'This is a test comment', comment.comments
34 assert_equal 'This is a test comment', comment.comments
35 assert_equal User.find(2), comment.author
35 assert_equal User.find(2), comment.author
36 end
36 end
37
37
38 def test_empty_comment_should_not_be_added
38 def test_empty_comment_should_not_be_added
39 @request.session[:user_id] = 2
39 @request.session[:user_id] = 2
40 assert_no_difference 'Comment.count' do
40 assert_no_difference 'Comment.count' do
41 post :create, :id => 1, :comment => { :comments => '' }
41 post :create, :id => 1, :comment => { :comments => '' }
42 assert_response :redirect
42 assert_response :redirect
43 assert_redirected_to '/news/1'
43 assert_redirected_to '/news/1'
44 end
44 end
45 end
45 end
46
46
47 def test_create_should_be_denied_if_news_is_not_commentable
47 def test_create_should_be_denied_if_news_is_not_commentable
48 News.any_instance.stubs(:commentable?).returns(false)
48 News.any_instance.stubs(:commentable?).returns(false)
49 @request.session[:user_id] = 2
49 @request.session[:user_id] = 2
50 assert_no_difference 'Comment.count' do
50 assert_no_difference 'Comment.count' do
51 post :create, :id => 1, :comment => { :comments => 'This is a test comment' }
51 post :create, :id => 1, :comment => { :comments => 'This is a test comment' }
52 assert_response 403
52 assert_response 403
53 end
53 end
54 end
54 end
55
55
56 def test_destroy_comment
56 def test_destroy_comment
57 comments_count = News.find(1).comments.size
57 comments_count = News.find(1).comments.size
58 @request.session[:user_id] = 2
58 @request.session[:user_id] = 2
59 delete :destroy, :id => 1, :comment_id => 2
59 delete :destroy, :id => 1, :comment_id => 2
60 assert_redirected_to '/news/1'
60 assert_redirected_to '/news/1'
61 assert_nil Comment.find_by_id(2)
61 assert_nil Comment.find_by_id(2)
62 assert_equal comments_count - 1, News.find(1).comments.size
62 assert_equal comments_count - 1, News.find(1).comments.size
63 end
63 end
64 end
64 end
General Comments 0
You need to be logged in to leave comments. Login now