jro_apps/redmine Commit - r8894:39aa4cac86be

Moved tests about session reset to functional tests....

Jean-Philippe Lang -

r8894:39aa4cac86be

parent child

Context file:

r8894:39aa4cac86be

Collapse all files

test/functional/account_controller_test.rb +15 0

             # Redmine - project management software
             # Copyright (C) 2006-2011  Jean-Philippe Lang
             #
             # This program is free software; you can redistribute it and/or
             # modify it under the terms of the GNU General Public License
             # as published by the Free Software Foundation; either version 2
             # of the License, or (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program; if not, write to the Free Software
             # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
             require File.expand_path('../../test_helper', __FILE__)
             require 'account_controller'
             # Re-raise errors caught by the controller.
             class AccountController; def rescue_action(e) raise e end; end
             class AccountControllerTest < ActionController::TestCase
               fixtures :users, :roles
               def setup
                 @controller = AccountController.new
                 @request    = ActionController::TestRequest.new
                 @response   = ActionController::TestResponse.new
                 User.current = nil
               end
               def test_login_should_redirect_to_back_url_param
                 # request.uri is "test.host" in test environment
                 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.host%2Fissues%2Fshow%2F1'
                 assert_redirected_to '/issues/show/1'
               end
               def test_login_should_not_redirect_to_another_host
                 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.foo%2Ffake'
                 assert_redirected_to '/my/page'
               end
               def test_login_with_wrong_password
                 post :login, :username => 'admin', :password => 'bad'
                 assert_response :success
                 assert_template 'login'
                 assert_tag 'div',
                            :attributes => { :class => "flash error" },
                            :content => /Invalid user or password/
               end
               def test_login_should_rescue_auth_source_exception
                 source = AuthSource.create!(:name => 'Test')
                 User.find(2).update_attribute :auth_source_id, source.id
                 AuthSource.any_instance.stubs(:authenticate).raises(AuthSourceException.new("Something wrong"))
                 post :login, :username => 'jsmith', :password => 'jsmith'
                 assert_response 500
                 assert_error_tag :content => /Something wrong/
               end
+              def test_login_should_reset_session
+                @controller.expects(:reset_session).once
+                post :login, :username => 'jsmith', :password => 'jsmith'
+                assert_response 302
+              end
               if Object.const_defined?(:OpenID)
               def test_login_with_openid_for_existing_user
                 Setting.self_registration = '3'
                 Setting.openid = '1'
                 existing_user = User.new(:firstname => 'Cool',
                                          :lastname => 'User',
                                          :mail => 'user@somedomain.com',
                                          :identity_url => 'http://openid.example.com/good_user')
                 existing_user.login = 'cool_user'
                 assert existing_user.save!
                 post :login, :openid_url => existing_user.identity_url
                 assert_redirected_to '/my/page'
               end
               def test_login_with_invalid_openid_provider
                 Setting.self_registration = '0'
                 Setting.openid = '1'
                 post :login, :openid_url => 'http;//openid.example.com/good_user'
                 assert_redirected_to home_url
               end
               def test_login_with_openid_for_existing_non_active_user
                 Setting.self_registration = '2'
                 Setting.openid = '1'
                 existing_user = User.new(:firstname => 'Cool',
                                          :lastname => 'User',
                                          :mail => 'user@somedomain.com',
                                          :identity_url => 'http://openid.example.com/good_user',
                                          :status => User::STATUS_REGISTERED)
                 existing_user.login = 'cool_user'
                 assert existing_user.save!
                 post :login, :openid_url => existing_user.identity_url
                 assert_redirected_to '/login'
               end
               def test_login_with_openid_with_new_user_created
                 Setting.self_registration = '3'
                 Setting.openid = '1'
                 post :login, :openid_url => 'http://openid.example.com/good_user'
                 assert_redirected_to '/my/account'
                 user = User.find_by_login('cool_user')
                 assert user
                 assert_equal 'Cool', user.firstname
                 assert_equal 'User', user.lastname
               end
               def test_login_with_openid_with_new_user_and_self_registration_off
                 Setting.self_registration = '0'
                 Setting.openid = '1'
                 post :login, :openid_url => 'http://openid.example.com/good_user'
                 assert_redirected_to home_url
                 user = User.find_by_login('cool_user')
                 assert ! user
               end
               def test_login_with_openid_with_new_user_created_with_email_activation_should_have_a_token
                 Setting.self_registration = '1'
                 Setting.openid = '1'
                 post :login, :openid_url => 'http://openid.example.com/good_user'
                 assert_redirected_to '/login'
                 user = User.find_by_login('cool_user')
                 assert user
                 token = Token.find_by_user_id_and_action(user.id, 'register')
                 assert token
               end
               def test_login_with_openid_with_new_user_created_with_manual_activation
                 Setting.self_registration = '2'
                 Setting.openid = '1'
                 post :login, :openid_url => 'http://openid.example.com/good_user'
                 assert_redirected_to '/login'
                 user = User.find_by_login('cool_user')
                 assert user
                 assert_equal User::STATUS_REGISTERED, user.status
               end
               def test_login_with_openid_with_new_user_with_conflict_should_register
                 Setting.self_registration = '3'
                 Setting.openid = '1'
                 existing_user = User.new(:firstname => 'Cool', :lastname => 'User', :mail => 'user@somedomain.com')
                 existing_user.login = 'cool_user'
                 assert existing_user.save!
                 post :login, :openid_url => 'http://openid.example.com/good_user'
                 assert_response :success
                 assert_template 'register'
                 assert assigns(:user)
                 assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]
               end
               def test_setting_openid_should_return_true_when_set_to_true
                 Setting.openid = '1'
                 assert_equal true, Setting.openid?
               end
               else
                 puts "Skipping openid tests."
               end
               def test_logout
                 @request.session[:user_id] = 2
                 get :logout
                 assert_redirected_to '/'
                 assert_nil @request.session[:user_id]
               end
+              def test_logout_should_reset_session
+                @controller.expects(:reset_session).once
+                @request.session[:user_id] = 2
+                get :logout
+                assert_response 302
+              end
               def test_get_register_with_registration_on
                 with_settings :self_registration => '3' do
                   get :register
                   assert_response :success
                   assert_template 'register'
                   assert_not_nil assigns(:user)
                   assert_tag 'input', :attributes => {:name => 'user[password]'}
                   assert_tag 'input', :attributes => {:name => 'user[password_confirmation]'}
                 end
               end
               def test_get_register_with_registration_off_should_redirect
                 with_settings :self_registration => '0' do
                   get :register
                   assert_redirected_to '/'
                 end
               end
               # See integration/account_test.rb for the full test
               def test_post_register_with_registration_on
                 with_settings :self_registration => '3' do
                   assert_difference 'User.count' do
                     post :register, :user => {
                       :login => 'register',
                       :password => 'test',
                       :password_confirmation => 'test',
                       :firstname => 'John',
                       :lastname => 'Doe',
                       :mail => 'register@example.com'
                     }
                     assert_redirected_to '/my/account'
                   end
                   user = User.first(:order => 'id DESC')
                   assert_equal 'register', user.login
                   assert_equal 'John', user.firstname
                   assert_equal 'Doe', user.lastname
                   assert_equal 'register@example.com', user.mail
                   assert user.check_password?('test')
                   assert user.active?
                 end
               end
               def test_post_register_with_registration_off_should_redirect
                 with_settings :self_registration => '0' do
                   assert_no_difference 'User.count' do
                     post :register, :user => {
                       :login => 'register',
                       :password => 'test',
                       :password_confirmation => 'test',
                       :firstname => 'John',
                       :lastname => 'Doe',
                       :mail => 'register@example.com'
                     }
                     assert_redirected_to '/'
                   end
                 end
               end
             end

test/integration/account_test.rb 0 -18

             # Redmine - project management software
             # Copyright (C) 2006-2011  Jean-Philippe Lang
             #
             # This program is free software; you can redistribute it and/or
             # modify it under the terms of the GNU General Public License
             # as published by the Free Software Foundation; either version 2
             # of the License, or (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program; if not, write to the Free Software
             # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
             require File.expand_path('../../test_helper', __FILE__)
             begin
               require 'mocha'
             rescue
               # Won't run some tests
             end
             class AccountTest < ActionController::IntegrationTest
               fixtures :users, :roles
               # Replace this with your real tests.
               def test_login
                 get "my/page"
                 assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage"
                 log_user('jsmith', 'jsmith')
                 get "my/account"
                 assert_response :success
                 assert_template "my/account"
               end
               def test_autologin
                 user = User.find(1)
                 Setting.autologin = "7"
                 Token.delete_all
                 # User logs in with 'autologin' checked
                 post '/login', :username => user.login, :password => 'admin', :autologin => 1
                 assert_redirected_to '/my/page'
                 token = Token.find :first
                 assert_not_nil token
                 assert_equal user, token.user
                 assert_equal 'autologin', token.action
                 assert_equal user.id, session[:user_id]
                 assert_equal token.value, cookies['autologin']
                 # Session is cleared
                 reset!
                 User.current = nil
                 # Clears user's last login timestamp
                 user.update_attribute :last_login_on, nil
                 assert_nil user.reload.last_login_on
                 # User comes back with his autologin cookie
                 cookies[:autologin] = token.value
                 get '/my/page'
                 assert_response :success
                 assert_template 'my/page'
                 assert_equal user.id, session[:user_id]
                 assert_not_nil user.reload.last_login_on
                 assert user.last_login_on.utc > 10.second.ago.utc
               end
               def test_lost_password
                 Token.delete_all
                 get "account/lost_password"
                 assert_response :success
                 assert_template "account/lost_password"
                 post "account/lost_password", :mail => 'jSmith@somenet.foo'
                 assert_redirected_to "/login"
                 token = Token.find(:first)
                 assert_equal 'recovery', token.action
                 assert_equal 'jsmith@somenet.foo', token.user.mail
                 assert !token.expired?
                 get "account/lost_password", :token => token.value
                 assert_response :success
                 assert_template "account/password_recovery"
                 post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
                 assert_redirected_to "/login"
                 assert_equal 'Password was successfully updated.', flash[:notice]
                 log_user('jsmith', 'newpass')
                 assert_equal 0, Token.count
               end
               def test_register_with_automatic_activation
                 Setting.self_registration = '3'
                 get 'account/register'
                 assert_response :success
                 assert_template 'account/register'
                 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
                                          :password => "newpass", :password_confirmation => "newpass"}
                 assert_redirected_to '/my/account'
                 follow_redirect!
                 assert_response :success
                 assert_template 'my/account'
                 user = User.find_by_login('newuser')
                 assert_not_nil user
                 assert user.active?
                 assert_not_nil user.last_login_on
               end
               def test_register_with_manual_activation
                 Setting.self_registration = '2'
                 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
                                          :password => "newpass", :password_confirmation => "newpass"}
                 assert_redirected_to '/login'
                 assert !User.find_by_login('newuser').active?
               end
               def test_register_with_email_activation
                 Setting.self_registration = '1'
                 Token.delete_all
                 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
                                          :password => "newpass", :password_confirmation => "newpass"}
                 assert_redirected_to '/login'
                 assert !User.find_by_login('newuser').active?
                 token = Token.find(:first)
                 assert_equal 'register', token.action
                 assert_equal 'newuser@foo.bar', token.user.mail
                 assert !token.expired?
                 get 'account/activate', :token => token.value
                 assert_redirected_to '/login'
                 log_user('newuser', 'newpass')
               end
               def test_onthefly_registration
                 # disable registration
                 Setting.self_registration = '0'
                 AuthSource.expects(:authenticate).returns({:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66})
                 post '/login', :username => 'foo', :password => 'bar'
                 assert_redirected_to '/my/page'
                 user = User.find_by_login('foo')
                 assert user.is_a?(User)
                 assert_equal 66, user.auth_source_id
                 assert user.hashed_password.blank?
               end
               def test_onthefly_registration_with_invalid_attributes
                 # disable registration
                 Setting.self_registration = '0'
                 AuthSource.expects(:authenticate).returns({:login => 'foo', :lastname => 'Smith', :auth_source_id => 66})
                 post '/login', :username => 'foo', :password => 'bar'
                 assert_response :success
                 assert_template 'account/register'
                 assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
                 assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
                 assert_no_tag :input, :attributes => { :name => 'user[login]' }
                 assert_no_tag :input, :attributes => { :name => 'user[password]' }
                 post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
                 assert_redirected_to '/my/account'
                 user = User.find_by_login('foo')
                 assert user.is_a?(User)
                 assert_equal 66, user.auth_source_id
                 assert user.hashed_password.blank?
               end
-              def test_login_and_logout_should_clear_session
-                get '/login'
-                sid = session[:session_id]
-                post '/login', :username => 'admin', :password => 'admin'
-                assert_redirected_to '/my/page'
-                assert_not_equal sid, session[:session_id], "login should reset session"
-                assert_equal 1, session[:user_id]
-                sid = session[:session_id]
-                get '/'
-                assert_equal sid, session[:session_id]
-                get '/logout'
-                assert_not_equal sid, session[:session_id], "logout should reset session"
-                assert_nil session[:user_id]
-              end
             end

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages