| @@ -1,113 +1,117 | |||
|
|
1 | 1 | # Redmine - project management software |
|
|
2 | 2 | # Copyright (C) 2006-2012 Jean-Philippe Lang |
|
|
3 | 3 | # |
|
|
4 | 4 | # This program is free software; you can redistribute it and/or |
|
|
5 | 5 | # modify it under the terms of the GNU General Public License |
|
|
6 | 6 | # as published by the Free Software Foundation; either version 2 |
|
|
7 | 7 | # of the License, or (at your option) any later version. |
|
|
8 | 8 | # |
|
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
|
12 | 12 | # GNU General Public License for more details. |
|
|
13 | 13 | # |
|
|
14 | 14 | # You should have received a copy of the GNU General Public License |
|
|
15 | 15 | # along with this program; if not, write to the Free Software |
|
|
16 | 16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
|
|
17 | 17 | |
|
|
18 | 18 | require File.expand_path('../../test_helper', __FILE__) |
|
|
19 | 19 | |
|
|
20 | 20 | class SessionStartTest < ActionController::TestCase |
|
|
21 | 21 | tests AccountController |
|
|
22 | 22 | |
|
|
23 | fixtures :users | |
|
|
24 | ||
|
|
23 | 25 | def test_login_should_set_session_timestamps |
|
|
24 | 26 | post :login, :username => 'jsmith', :password => 'jsmith' |
|
|
25 | 27 | assert_response 302 |
|
|
26 | 28 | assert_equal 2, session[:user_id] |
|
|
27 | 29 | assert_not_nil session[:ctime] |
|
|
28 | 30 | assert_not_nil session[:atime] |
|
|
29 | 31 | end |
|
|
30 | 32 | end |
|
|
31 | 33 | |
|
|
32 | 34 | class SessionsTest < ActionController::TestCase |
|
|
33 | 35 | tests WelcomeController |
|
|
34 | 36 | |
|
|
37 | fixtures :users | |
|
|
38 | ||
|
|
35 | 39 | def test_atime_from_user_session_should_be_updated |
|
|
36 | 40 | created = 2.hours.ago.utc.to_i |
|
|
37 | 41 | get :index, {}, {:user_id => 2, :ctime => created, :atime => created} |
|
|
38 | 42 | assert_response :success |
|
|
39 | 43 | assert_equal created, session[:ctime] |
|
|
40 | 44 | assert_not_equal created, session[:atime] |
|
|
41 | 45 | assert session[:atime] > created |
|
|
42 | 46 | end |
|
|
43 | 47 | |
|
|
44 | 48 | def test_user_session_should_not_be_reset_if_lifetime_and_timeout_disabled |
|
|
45 | 49 | with_settings :session_lifetime => '0', :session_timeout => '0' do |
|
|
46 | 50 | get :index, {}, {:user_id => 2} |
|
|
47 | 51 | assert_response :success |
|
|
48 | 52 | end |
|
|
49 | 53 | end |
|
|
50 | 54 | |
|
|
51 | 55 | def test_user_session_without_ctime_should_be_reset_if_lifetime_enabled |
|
|
52 | 56 | with_settings :session_lifetime => '720' do |
|
|
53 | 57 | get :index, {}, {:user_id => 2} |
|
|
54 | 58 | assert_redirected_to '/login' |
|
|
55 | 59 | end |
|
|
56 | 60 | end |
|
|
57 | 61 | |
|
|
58 | 62 | def test_user_session_with_expired_ctime_should_be_reset_if_lifetime_enabled |
|
|
59 | 63 | with_settings :session_timeout => '720' do |
|
|
60 | 64 | get :index, {}, {:user_id => 2, :atime => 2.days.ago.utc.to_i} |
|
|
61 | 65 | assert_redirected_to '/login' |
|
|
62 | 66 | end |
|
|
63 | 67 | end |
|
|
64 | 68 | |
|
|
65 | 69 | def test_user_session_with_valid_ctime_should_not_be_reset_if_lifetime_enabled |
|
|
66 | 70 | with_settings :session_timeout => '720' do |
|
|
67 | 71 | get :index, {}, {:user_id => 2, :atime => 3.hours.ago.utc.to_i} |
|
|
68 | 72 | assert_response :success |
|
|
69 | 73 | end |
|
|
70 | 74 | end |
|
|
71 | 75 | |
|
|
72 | 76 | def test_user_session_without_atime_should_be_reset_if_timeout_enabled |
|
|
73 | 77 | with_settings :session_timeout => '60' do |
|
|
74 | 78 | get :index, {}, {:user_id => 2} |
|
|
75 | 79 | assert_redirected_to '/login' |
|
|
76 | 80 | end |
|
|
77 | 81 | end |
|
|
78 | 82 | |
|
|
79 | 83 | def test_user_session_with_expired_atime_should_be_reset_if_timeout_enabled |
|
|
80 | 84 | with_settings :session_timeout => '60' do |
|
|
81 | 85 | get :index, {}, {:user_id => 2, :atime => 4.hours.ago.utc.to_i} |
|
|
82 | 86 | assert_redirected_to '/login' |
|
|
83 | 87 | end |
|
|
84 | 88 | end |
|
|
85 | 89 | |
|
|
86 | 90 | def test_user_session_with_valid_atime_should_not_be_reset_if_timeout_enabled |
|
|
87 | 91 | with_settings :session_timeout => '60' do |
|
|
88 | 92 | get :index, {}, {:user_id => 2, :atime => 10.minutes.ago.utc.to_i} |
|
|
89 | 93 | assert_response :success |
|
|
90 | 94 | end |
|
|
91 | 95 | end |
|
|
92 | 96 | |
|
|
93 | 97 | def test_expired_user_session_should_be_restarted_if_autologin |
|
|
94 | 98 | with_settings :session_lifetime => '720', :session_timeout => '60', :autologin => 7 do |
|
|
95 | 99 | token = Token.create!(:user_id => 2, :action => 'autologin', :created_on => 1.day.ago) |
|
|
96 | 100 | @request.cookies['autologin'] = token.value |
|
|
97 | 101 | created = 2.hours.ago.utc.to_i |
|
|
98 | 102 | |
|
|
99 | 103 | get :index, {}, {:user_id => 2, :ctime => created, :atime => created} |
|
|
100 | 104 | assert_equal 2, session[:user_id] |
|
|
101 | 105 | assert_response :success |
|
|
102 | 106 | assert_not_equal created, session[:ctime] |
|
|
103 | 107 | assert session[:ctime] >= created |
|
|
104 | 108 | end |
|
|
105 | 109 | end |
|
|
106 | 110 | |
|
|
107 | 111 | def test_anonymous_session_should_not_be_reset |
|
|
108 | 112 | with_settings :session_lifetime => '720', :session_timeout => '60' do |
|
|
109 | 113 | get :index |
|
|
110 | 114 | assert_response :success |
|
|
111 | 115 | end |
|
|
112 | 116 | end |
|
|
113 | 117 | end |
General Comments 0
You need to be logged in to leave comments.
Login now