##// END OF EJS Templates
jro_apps » redmine
RSS
Moved tests about session reset to functional tests....
Jean-Philippe Lang -
r8894:39aa4cac86be
parent child
Show More
Side by Side Unified
Context file:
r8894:39aa4cac86be Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,232 +1,247
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19 require 'account_controller'
20 20
21 21 # Re-raise errors caught by the controller.
22 22 class AccountController; def rescue_action(e) raise e end; end
23 23
24 24 class AccountControllerTest < ActionController::TestCase
25 25 fixtures :users, :roles
26 26
27 27 def setup
28 28 @controller = AccountController.new
29 29 @request = ActionController::TestRequest.new
30 30 @response = ActionController::TestResponse.new
31 31 User.current = nil
32 32 end
33 33
34 34 def test_login_should_redirect_to_back_url_param
35 35 # request.uri is "test.host" in test environment
36 36 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.host%2Fissues%2Fshow%2F1'
37 37 assert_redirected_to '/issues/show/1'
38 38 end
39 39
40 40 def test_login_should_not_redirect_to_another_host
41 41 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.foo%2Ffake'
42 42 assert_redirected_to '/my/page'
43 43 end
44 44
45 45 def test_login_with_wrong_password
46 46 post :login, :username => 'admin', :password => 'bad'
47 47 assert_response :success
48 48 assert_template 'login'
49 49 assert_tag 'div',
50 50 :attributes => { :class => "flash error" },
51 51 :content => /Invalid user or password/
52 52 end
53 53
54 54 def test_login_should_rescue_auth_source_exception
55 55 source = AuthSource.create!(:name => 'Test')
56 56 User.find(2).update_attribute :auth_source_id, source.id
57 57 AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong"))
58 58
59 59 post :login, :username => 'jsmith', :password => 'jsmith'
60 60 assert_response 500
61 61 assert_error_tag :content => /Something wrong/
62 62 end
63 63
64 def test_login_should_reset_session
65 @controller.expects(:reset_session).once
66
67 post :login, :username => 'jsmith', :password => 'jsmith'
68 assert_response 302
69 end
70
64 71 if Object.const_defined?(:OpenID)
65 72
66 73 def test_login_with_openid_for_existing_user
67 74 Setting.self_registration = '3'
68 75 Setting.openid = '1'
69 76 existing_user = User.new(:firstname => 'Cool',
70 77 :lastname => 'User',
71 78 :mail => 'user@somedomain.com',
72 79 :identity_url => 'http://openid.example.com/good_user')
73 80 existing_user.login = 'cool_user'
74 81 assert existing_user.save!
75 82
76 83 post :login, :openid_url => existing_user.identity_url
77 84 assert_redirected_to '/my/page'
78 85 end
79 86
80 87 def test_login_with_invalid_openid_provider
81 88 Setting.self_registration = '0'
82 89 Setting.openid = '1'
83 90 post :login, :openid_url => 'http;//openid.example.com/good_user'
84 91 assert_redirected_to home_url
85 92 end
86 93
87 94 def test_login_with_openid_for_existing_non_active_user
88 95 Setting.self_registration = '2'
89 96 Setting.openid = '1'
90 97 existing_user = User.new(:firstname => 'Cool',
91 98 :lastname => 'User',
92 99 :mail => 'user@somedomain.com',
93 100 :identity_url => 'http://openid.example.com/good_user',
94 101 :status => User::STATUS_REGISTERED)
95 102 existing_user.login = 'cool_user'
96 103 assert existing_user.save!
97 104
98 105 post :login, :openid_url => existing_user.identity_url
99 106 assert_redirected_to '/login'
100 107 end
101 108
102 109 def test_login_with_openid_with_new_user_created
103 110 Setting.self_registration = '3'
104 111 Setting.openid = '1'
105 112 post :login, :openid_url => 'http://openid.example.com/good_user'
106 113 assert_redirected_to '/my/account'
107 114 user = User.find_by_login('cool_user')
108 115 assert user
109 116 assert_equal 'Cool', user.firstname
110 117 assert_equal 'User', user.lastname
111 118 end
112 119
113 120 def test_login_with_openid_with_new_user_and_self_registration_off
114 121 Setting.self_registration = '0'
115 122 Setting.openid = '1'
116 123 post :login, :openid_url => 'http://openid.example.com/good_user'
117 124 assert_redirected_to home_url
118 125 user = User.find_by_login('cool_user')
119 126 assert ! user
120 127 end
121 128
122 129 def test_login_with_openid_with_new_user_created_with_email_activation_should_have_a_token
123 130 Setting.self_registration = '1'
124 131 Setting.openid = '1'
125 132 post :login, :openid_url => 'http://openid.example.com/good_user'
126 133 assert_redirected_to '/login'
127 134 user = User.find_by_login('cool_user')
128 135 assert user
129 136
130 137 token = Token.find_by_user_id_and_action(user.id, 'register')
131 138 assert token
132 139 end
133 140
134 141 def test_login_with_openid_with_new_user_created_with_manual_activation
135 142 Setting.self_registration = '2'
136 143 Setting.openid = '1'
137 144 post :login, :openid_url => 'http://openid.example.com/good_user'
138 145 assert_redirected_to '/login'
139 146 user = User.find_by_login('cool_user')
140 147 assert user
141 148 assert_equal User::STATUS_REGISTERED, user.status
142 149 end
143 150
144 151 def test_login_with_openid_with_new_user_with_conflict_should_register
145 152 Setting.self_registration = '3'
146 153 Setting.openid = '1'
147 154 existing_user = User.new(:firstname => 'Cool', :lastname => 'User', :mail => 'user@somedomain.com')
148 155 existing_user.login = 'cool_user'
149 156 assert existing_user.save!
150 157
151 158 post :login, :openid_url => 'http://openid.example.com/good_user'
152 159 assert_response :success
153 160 assert_template 'register'
154 161 assert assigns(:user)
155 162 assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]
156 163 end
157 164
158 165 def test_setting_openid_should_return_true_when_set_to_true
159 166 Setting.openid = '1'
160 167 assert_equal true, Setting.openid?
161 168 end
162 169
163 170 else
164 171 puts "Skipping openid tests."
165 172 end
166 173
167 174 def test_logout
168 175 @request.session[:user_id] = 2
169 176 get :logout
170 177 assert_redirected_to '/'
171 178 assert_nil @request.session[:user_id]
172 179 end
173 180
181 def test_logout_should_reset_session
182 @controller.expects(:reset_session).once
183
184 @request.session[:user_id] = 2
185 get :logout
186 assert_response 302
187 end
188
174 189 def test_get_register_with_registration_on
175 190 with_settings :self_registration => '3' do
176 191 get :register
177 192 assert_response :success
178 193 assert_template 'register'
179 194 assert_not_nil assigns(:user)
180 195
181 196 assert_tag 'input', :attributes => {:name => 'user[password]'}
182 197 assert_tag 'input', :attributes => {:name => 'user[password_confirmation]'}
183 198 end
184 199 end
185 200
186 201 def test_get_register_with_registration_off_should_redirect
187 202 with_settings :self_registration => '0' do
188 203 get :register
189 204 assert_redirected_to '/'
190 205 end
191 206 end
192 207
193 208 # See integration/account_test.rb for the full test
194 209 def test_post_register_with_registration_on
195 210 with_settings :self_registration => '3' do
196 211 assert_difference 'User.count' do
197 212 post :register, :user => {
198 213 :login => 'register',
199 214 :password => 'test',
200 215 :password_confirmation => 'test',
201 216 :firstname => 'John',
202 217 :lastname => 'Doe',
203 218 :mail => 'register@example.com'
204 219 }
205 220 assert_redirected_to '/my/account'
206 221 end
207 222 user = User.first(:order => 'id DESC')
208 223 assert_equal 'register', user.login
209 224 assert_equal 'John', user.firstname
210 225 assert_equal 'Doe', user.lastname
211 226 assert_equal 'register@example.com', user.mail
212 227 assert user.check_password?('test')
213 228 assert user.active?
214 229 end
215 230 end
216 231
217 232 def test_post_register_with_registration_off_should_redirect
218 233 with_settings :self_registration => '0' do
219 234 assert_no_difference 'User.count' do
220 235 post :register, :user => {
221 236 :login => 'register',
222 237 :password => 'test',
223 238 :password_confirmation => 'test',
224 239 :firstname => 'John',
225 240 :lastname => 'Doe',
226 241 :mail => 'register@example.com'
227 242 }
228 243 assert_redirected_to '/'
229 244 end
230 245 end
231 246 end
232 247 end
Show file before | Show file after | Hide comments
@@ -1,200 +1,182
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19
20 20 begin
21 21 require 'mocha'
22 22 rescue
23 23 # Won't run some tests
24 24 end
25 25
26 26 class AccountTest < ActionController::IntegrationTest
27 27 fixtures :users, :roles
28 28
29 29 # Replace this with your real tests.
30 30 def test_login
31 31 get "my/page"
32 32 assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage"
33 33 log_user('jsmith', 'jsmith')
34 34
35 35 get "my/account"
36 36 assert_response :success
37 37 assert_template "my/account"
38 38 end
39 39
40 40 def test_autologin
41 41 user = User.find(1)
42 42 Setting.autologin = "7"
43 43 Token.delete_all
44 44
45 45 # User logs in with 'autologin' checked
46 46 post '/login', :username => user.login, :password => 'admin', :autologin => 1
47 47 assert_redirected_to '/my/page'
48 48 token = Token.find :first
49 49 assert_not_nil token
50 50 assert_equal user, token.user
51 51 assert_equal 'autologin', token.action
52 52 assert_equal user.id, session[:user_id]
53 53 assert_equal token.value, cookies['autologin']
54 54
55 55 # Session is cleared
56 56 reset!
57 57 User.current = nil
58 58 # Clears user's last login timestamp
59 59 user.update_attribute :last_login_on, nil
60 60 assert_nil user.reload.last_login_on
61 61
62 62 # User comes back with his autologin cookie
63 63 cookies[:autologin] = token.value
64 64 get '/my/page'
65 65 assert_response :success
66 66 assert_template 'my/page'
67 67 assert_equal user.id, session[:user_id]
68 68 assert_not_nil user.reload.last_login_on
69 69 assert user.last_login_on.utc > 10.second.ago.utc
70 70 end
71 71
72 72 def test_lost_password
73 73 Token.delete_all
74 74
75 75 get "account/lost_password"
76 76 assert_response :success
77 77 assert_template "account/lost_password"
78 78
79 79 post "account/lost_password", :mail => 'jSmith@somenet.foo'
80 80 assert_redirected_to "/login"
81 81
82 82 token = Token.find(:first)
83 83 assert_equal 'recovery', token.action
84 84 assert_equal 'jsmith@somenet.foo', token.user.mail
85 85 assert !token.expired?
86 86
87 87 get "account/lost_password", :token => token.value
88 88 assert_response :success
89 89 assert_template "account/password_recovery"
90 90
91 91 post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
92 92 assert_redirected_to "/login"
93 93 assert_equal 'Password was successfully updated.', flash[:notice]
94 94
95 95 log_user('jsmith', 'newpass')
96 96 assert_equal 0, Token.count
97 97 end
98 98
99 99 def test_register_with_automatic_activation
100 100 Setting.self_registration = '3'
101 101
102 102 get 'account/register'
103 103 assert_response :success
104 104 assert_template 'account/register'
105 105
106 106 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
107 107 :password => "newpass", :password_confirmation => "newpass"}
108 108 assert_redirected_to '/my/account'
109 109 follow_redirect!
110 110 assert_response :success
111 111 assert_template 'my/account'
112 112
113 113 user = User.find_by_login('newuser')
114 114 assert_not_nil user
115 115 assert user.active?
116 116 assert_not_nil user.last_login_on
117 117 end
118 118
119 119 def test_register_with_manual_activation
120 120 Setting.self_registration = '2'
121 121
122 122 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
123 123 :password => "newpass", :password_confirmation => "newpass"}
124 124 assert_redirected_to '/login'
125 125 assert !User.find_by_login('newuser').active?
126 126 end
127 127
128 128 def test_register_with_email_activation
129 129 Setting.self_registration = '1'
130 130 Token.delete_all
131 131
132 132 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
133 133 :password => "newpass", :password_confirmation => "newpass"}
134 134 assert_redirected_to '/login'
135 135 assert !User.find_by_login('newuser').active?
136 136
137 137 token = Token.find(:first)
138 138 assert_equal 'register', token.action
139 139 assert_equal 'newuser@foo.bar', token.user.mail
140 140 assert !token.expired?
141 141
142 142 get 'account/activate', :token => token.value
143 143 assert_redirected_to '/login'
144 144 log_user('newuser', 'newpass')
145 145 end
146 146
147 147 def test_onthefly_registration
148 148 # disable registration
149 149 Setting.self_registration = '0'
150 150 AuthSource.expects(:authenticate).returns({:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66})
151 151
152 152 post '/login', :username => 'foo', :password => 'bar'
153 153 assert_redirected_to '/my/page'
154 154
155 155 user = User.find_by_login('foo')
156 156 assert user.is_a?(User)
157 157 assert_equal 66, user.auth_source_id
158 158 assert user.hashed_password.blank?
159 159 end
160 160
161 161 def test_onthefly_registration_with_invalid_attributes
162 162 # disable registration
163 163 Setting.self_registration = '0'
164 164 AuthSource.expects(:authenticate).returns({:login => 'foo', :lastname => 'Smith', :auth_source_id => 66})
165 165
166 166 post '/login', :username => 'foo', :password => 'bar'
167 167 assert_response :success
168 168 assert_template 'account/register'
169 169 assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
170 170 assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
171 171 assert_no_tag :input, :attributes => { :name => 'user[login]' }
172 172 assert_no_tag :input, :attributes => { :name => 'user[password]' }
173 173
174 174 post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
175 175 assert_redirected_to '/my/account'
176 176
177 177 user = User.find_by_login('foo')
178 178 assert user.is_a?(User)
179 179 assert_equal 66, user.auth_source_id
180 180 assert user.hashed_password.blank?
181 181 end
182
183 def test_login_and_logout_should_clear_session
184 get '/login'
185 sid = session[:session_id]
186
187 post '/login', :username => 'admin', :password => 'admin'
188 assert_redirected_to '/my/page'
189 assert_not_equal sid, session[:session_id], "login should reset session"
190 assert_equal 1, session[:user_id]
191 sid = session[:session_id]
192
193 get '/'
194 assert_equal sid, session[:session_id]
195
196 get '/logout'
197 assert_not_equal sid, session[:session_id], "logout should reset session"
198 assert_nil session[:user_id]
199 end
200 182 end
General Comments 0
You need to be logged in to leave comments. Login now