##// END OF EJS Templates
remove trailing white-spaces from test/unit/user_test.rb....
Toshi MARUYAMA -
r6595:569a10db1d4b
parent child
Show More
@@ -1,822 +1,822
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 #
8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 #
13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19
20 20 class UserTest < ActiveSupport::TestCase
21 21 fixtures :users, :members, :projects, :roles, :member_roles, :auth_sources
22 22
23 23 def setup
24 24 @admin = User.find(1)
25 25 @jsmith = User.find(2)
26 26 @dlopper = User.find(3)
27 27 end
28 28
29 29 test 'object_daddy creation' do
30 30 User.generate_with_protected!(:firstname => 'Testing connection')
31 31 User.generate_with_protected!(:firstname => 'Testing connection')
32 32 assert_equal 2, User.count(:all, :conditions => {:firstname => 'Testing connection'})
33 33 end
34
34
35 35 def test_truth
36 36 assert_kind_of User, @jsmith
37 37 end
38
38
39 39 def test_mail_should_be_stripped
40 40 u = User.new
41 41 u.mail = " foo@bar.com "
42 42 assert_equal "foo@bar.com", u.mail
43 43 end
44
44
45 45 def test_mail_validation
46 46 u = User.new
47 47 u.mail = ''
48 48 assert !u.valid?
49 49 assert_equal I18n.translate('activerecord.errors.messages.blank'), u.errors.on(:mail)
50 50 end
51 51
52 52 def test_create
53 53 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
54
54
55 55 user.login = "jsmith"
56 56 user.password, user.password_confirmation = "password", "password"
57 57 # login uniqueness
58 58 assert !user.save
59 59 assert_equal 1, user.errors.count
60
60
61 61 user.login = "newuser"
62 62 user.password, user.password_confirmation = "passwd", "password"
63 63 # password confirmation
64 64 assert !user.save
65 65 assert_equal 1, user.errors.count
66 66
67 67 user.password, user.password_confirmation = "password", "password"
68 68 assert user.save
69 69 end
70 70
71 71 context "User#before_create" do
72 72 should "set the mail_notification to the default Setting" do
73 73 @user1 = User.generate_with_protected!
74 74 assert_equal 'only_my_events', @user1.mail_notification
75 75
76 76 with_settings :default_notification_option => 'all' do
77 77 @user2 = User.generate_with_protected!
78 78 assert_equal 'all', @user2.mail_notification
79 79 end
80 80 end
81 81 end
82
82
83 83 context "User.login" do
84 84 should "be case-insensitive." do
85 85 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
86 86 u.login = 'newuser'
87 87 u.password, u.password_confirmation = "password", "password"
88 88 assert u.save
89
89
90 90 u = User.new(:firstname => "Similar", :lastname => "User", :mail => "similaruser@somenet.foo")
91 91 u.login = 'NewUser'
92 92 u.password, u.password_confirmation = "password", "password"
93 93 assert !u.save
94 94 assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:login)
95 95 end
96 96 end
97 97
98 98 def test_mail_uniqueness_should_not_be_case_sensitive
99 99 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
100 100 u.login = 'newuser1'
101 101 u.password, u.password_confirmation = "password", "password"
102 102 assert u.save
103
103
104 104 u = User.new(:firstname => "new", :lastname => "user", :mail => "newUser@Somenet.foo")
105 105 u.login = 'newuser2'
106 106 u.password, u.password_confirmation = "password", "password"
107 107 assert !u.save
108 108 assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:mail)
109 109 end
110 110
111 111 def test_update
112 112 assert_equal "admin", @admin.login
113 113 @admin.login = "john"
114 114 assert @admin.save, @admin.errors.full_messages.join("; ")
115 115 @admin.reload
116 116 assert_equal "john", @admin.login
117 117 end
118
118
119 119 def test_destroy_should_delete_members_and_roles
120 120 members = Member.find_all_by_user_id(2)
121 121 ms = members.size
122 122 rs = members.collect(&:roles).flatten.size
123
123
124 124 assert_difference 'Member.count', - ms do
125 125 assert_difference 'MemberRole.count', - rs do
126 126 User.find(2).destroy
127 127 end
128 128 end
129
129
130 130 assert_nil User.find_by_id(2)
131 131 assert Member.find_all_by_user_id(2).empty?
132 132 end
133
133
134 134 def test_destroy_should_update_attachments
135 135 attachment = Attachment.create!(:container => Project.find(1),
136 136 :file => uploaded_test_file("testfile.txt", "text/plain"),
137 137 :author_id => 2)
138
138
139 139 User.find(2).destroy
140 140 assert_nil User.find_by_id(2)
141 141 assert_equal User.anonymous, attachment.reload.author
142 142 end
143
143
144 144 def test_destroy_should_update_comments
145 145 comment = Comment.create!(
146 146 :commented => News.create!(:project_id => 1, :author_id => 1, :title => 'foo', :description => 'foo'),
147 147 :author => User.find(2),
148 148 :comments => 'foo'
149 149 )
150
150
151 151 User.find(2).destroy
152 152 assert_nil User.find_by_id(2)
153 153 assert_equal User.anonymous, comment.reload.author
154 154 end
155
155
156 156 def test_destroy_should_update_issues
157 157 issue = Issue.create!(:project_id => 1, :author_id => 2, :tracker_id => 1, :subject => 'foo')
158
158
159 159 User.find(2).destroy
160 160 assert_nil User.find_by_id(2)
161 161 assert_equal User.anonymous, issue.reload.author
162 162 end
163
163
164 164 def test_destroy_should_unassign_issues
165 165 issue = Issue.create!(:project_id => 1, :author_id => 1, :tracker_id => 1, :subject => 'foo', :assigned_to_id => 2)
166
166
167 167 User.find(2).destroy
168 168 assert_nil User.find_by_id(2)
169 169 assert_nil issue.reload.assigned_to
170 170 end
171
171
172 172 def test_destroy_should_update_journals
173 173 issue = Issue.create!(:project_id => 1, :author_id => 2, :tracker_id => 1, :subject => 'foo')
174 174 issue.init_journal(User.find(2), "update")
175 175 issue.save!
176
176
177 177 User.find(2).destroy
178 178 assert_nil User.find_by_id(2)
179 179 assert_equal User.anonymous, issue.journals.first.reload.user
180 180 end
181
181
182 182 def test_destroy_should_update_journal_details_old_value
183 183 issue = Issue.create!(:project_id => 1, :author_id => 1, :tracker_id => 1, :subject => 'foo', :assigned_to_id => 2)
184 184 issue.init_journal(User.find(1), "update")
185 185 issue.assigned_to_id = nil
186 186 assert_difference 'JournalDetail.count' do
187 187 issue.save!
188 188 end
189 189 journal_detail = JournalDetail.first(:order => 'id DESC')
190 190 assert_equal '2', journal_detail.old_value
191
191
192 192 User.find(2).destroy
193 193 assert_nil User.find_by_id(2)
194 194 assert_equal User.anonymous.id.to_s, journal_detail.reload.old_value
195 195 end
196
196
197 197 def test_destroy_should_update_journal_details_value
198 198 issue = Issue.create!(:project_id => 1, :author_id => 1, :tracker_id => 1, :subject => 'foo')
199 199 issue.init_journal(User.find(1), "update")
200 200 issue.assigned_to_id = 2
201 201 assert_difference 'JournalDetail.count' do
202 202 issue.save!
203 203 end
204 204 journal_detail = JournalDetail.first(:order => 'id DESC')
205 205 assert_equal '2', journal_detail.value
206
206
207 207 User.find(2).destroy
208 208 assert_nil User.find_by_id(2)
209 209 assert_equal User.anonymous.id.to_s, journal_detail.reload.value
210 210 end
211
211
212 212 def test_destroy_should_update_messages
213 213 board = Board.create!(:project_id => 1, :name => 'Board', :description => 'Board')
214 214 message = Message.create!(:board_id => board.id, :author_id => 2, :subject => 'foo', :content => 'foo')
215
215
216 216 User.find(2).destroy
217 217 assert_nil User.find_by_id(2)
218 218 assert_equal User.anonymous, message.reload.author
219 219 end
220
220
221 221 def test_destroy_should_update_news
222 222 news = News.create!(:project_id => 1, :author_id => 2, :title => 'foo', :description => 'foo')
223
223
224 224 User.find(2).destroy
225 225 assert_nil User.find_by_id(2)
226 226 assert_equal User.anonymous, news.reload.author
227 227 end
228
228
229 229 def test_destroy_should_delete_private_queries
230 230 query = Query.new(:name => 'foo', :is_public => false)
231 231 query.project_id = 1
232 232 query.user_id = 2
233 233 query.save!
234
234
235 235 User.find(2).destroy
236 236 assert_nil User.find_by_id(2)
237 237 assert_nil Query.find_by_id(query.id)
238 238 end
239
239
240 240 def test_destroy_should_update_public_queries
241 241 query = Query.new(:name => 'foo', :is_public => true)
242 242 query.project_id = 1
243 243 query.user_id = 2
244 244 query.save!
245
245
246 246 User.find(2).destroy
247 247 assert_nil User.find_by_id(2)
248 248 assert_equal User.anonymous, query.reload.user
249 249 end
250
250
251 251 def test_destroy_should_update_time_entries
252 252 entry = TimeEntry.new(:hours => '2', :spent_on => Date.today, :activity => TimeEntryActivity.create!(:name => 'foo'))
253 253 entry.project_id = 1
254 254 entry.user_id = 2
255 255 entry.save!
256
256
257 257 User.find(2).destroy
258 258 assert_nil User.find_by_id(2)
259 259 assert_equal User.anonymous, entry.reload.user
260 260 end
261
261
262 262 def test_destroy_should_delete_tokens
263 263 token = Token.create!(:user_id => 2, :value => 'foo')
264
264
265 265 User.find(2).destroy
266 266 assert_nil User.find_by_id(2)
267 267 assert_nil Token.find_by_id(token.id)
268 268 end
269
269
270 270 def test_destroy_should_delete_watchers
271 271 issue = Issue.create!(:project_id => 1, :author_id => 1, :tracker_id => 1, :subject => 'foo')
272 272 watcher = Watcher.create!(:user_id => 2, :watchable => issue)
273
273
274 274 User.find(2).destroy
275 275 assert_nil User.find_by_id(2)
276 276 assert_nil Watcher.find_by_id(watcher.id)
277 277 end
278
278
279 279 def test_destroy_should_update_wiki_contents
280 280 wiki_content = WikiContent.create!(
281 281 :text => 'foo',
282 282 :author_id => 2,
283 283 :page => WikiPage.create!(:title => 'Foo', :wiki => Wiki.create!(:project_id => 1, :start_page => 'Start'))
284 284 )
285 285 wiki_content.text = 'bar'
286 286 assert_difference 'WikiContent::Version.count' do
287 287 wiki_content.save!
288 288 end
289
289
290 290 User.find(2).destroy
291 291 assert_nil User.find_by_id(2)
292 292 assert_equal User.anonymous, wiki_content.reload.author
293 293 wiki_content.versions.each do |version|
294 294 assert_equal User.anonymous, version.reload.author
295 295 end
296 296 end
297
297
298 298 def test_destroy_should_nullify_issue_categories
299 299 category = IssueCategory.create!(:project_id => 1, :assigned_to_id => 2, :name => 'foo')
300
300
301 301 User.find(2).destroy
302 302 assert_nil User.find_by_id(2)
303 303 assert_nil category.reload.assigned_to_id
304 304 end
305
305
306 306 def test_destroy_should_nullify_changesets
307 307 changeset = Changeset.create!(
308 308 :repository => Repository::Subversion.create!(
309 309 :project_id => 1,
310 310 :url => 'file:///var/svn'
311 311 ),
312 312 :revision => '12',
313 313 :committed_on => Time.now,
314 314 :committer => 'jsmith'
315 315 )
316 316 assert_equal 2, changeset.user_id
317
317
318 318 User.find(2).destroy
319 319 assert_nil User.find_by_id(2)
320 320 assert_nil changeset.reload.user_id
321 321 end
322
322
323 323 def test_anonymous_user_should_not_be_destroyable
324 324 assert_no_difference 'User.count' do
325 325 assert_equal false, User.anonymous.destroy
326 326 end
327 327 end
328
328
329 329 def test_validate_login_presence
330 330 @admin.login = ""
331 331 assert !@admin.save
332 332 assert_equal 1, @admin.errors.count
333 333 end
334
334
335 335 def test_validate_mail_notification_inclusion
336 336 u = User.new
337 337 u.mail_notification = 'foo'
338 338 u.save
339 339 assert_not_nil u.errors.on(:mail_notification)
340 340 end
341
341
342 342 context "User#try_to_login" do
343 343 should "fall-back to case-insensitive if user login is not found as-typed." do
344 344 user = User.try_to_login("AdMin", "admin")
345 345 assert_kind_of User, user
346 346 assert_equal "admin", user.login
347 347 end
348 348
349 349 should "select the exact matching user first" do
350 350 case_sensitive_user = User.generate_with_protected!(:login => 'changed', :password => 'admin', :password_confirmation => 'admin')
351 351 # bypass validations to make it appear like existing data
352 352 case_sensitive_user.update_attribute(:login, 'ADMIN')
353 353
354 354 user = User.try_to_login("ADMIN", "admin")
355 355 assert_kind_of User, user
356 356 assert_equal "ADMIN", user.login
357 357
358 358 end
359 359 end
360 360
361 361 def test_password
362 362 user = User.try_to_login("admin", "admin")
363 363 assert_kind_of User, user
364 364 assert_equal "admin", user.login
365 365 user.password = "hello"
366 366 assert user.save
367
367
368 368 user = User.try_to_login("admin", "hello")
369 369 assert_kind_of User, user
370 370 assert_equal "admin", user.login
371 371 end
372
372
373 373 def test_name_format
374 374 assert_equal 'Smith, John', @jsmith.name(:lastname_coma_firstname)
375 375 Setting.user_format = :firstname_lastname
376 376 assert_equal 'John Smith', @jsmith.reload.name
377 377 Setting.user_format = :username
378 378 assert_equal 'jsmith', @jsmith.reload.name
379 379 end
380
380
381 381 def test_lock
382 382 user = User.try_to_login("jsmith", "jsmith")
383 383 assert_equal @jsmith, user
384
384
385 385 @jsmith.status = User::STATUS_LOCKED
386 386 assert @jsmith.save
387
387
388 388 user = User.try_to_login("jsmith", "jsmith")
389 assert_equal nil, user
389 assert_equal nil, user
390 390 end
391
391
392 392 context ".try_to_login" do
393 393 context "with good credentials" do
394 394 should "return the user" do
395 395 user = User.try_to_login("admin", "admin")
396 396 assert_kind_of User, user
397 397 assert_equal "admin", user.login
398 398 end
399 399 end
400
400
401 401 context "with wrong credentials" do
402 402 should "return nil" do
403 403 assert_nil User.try_to_login("admin", "foo")
404 404 end
405 405 end
406 406 end
407
407
408 408 if ldap_configured?
409 409 context "#try_to_login using LDAP" do
410 410 context "with failed connection to the LDAP server" do
411 411 should "return nil" do
412 412 @auth_source = AuthSourceLdap.find(1)
413 413 AuthSource.any_instance.stubs(:initialize_ldap_con).raises(Net::LDAP::LdapError, 'Cannot connect')
414
414
415 415 assert_equal nil, User.try_to_login('edavis', 'wrong')
416 416 end
417 417 end
418 418
419 419 context "with an unsuccessful authentication" do
420 420 should "return nil" do
421 421 assert_equal nil, User.try_to_login('edavis', 'wrong')
422 422 end
423 423 end
424
424
425 425 context "on the fly registration" do
426 426 setup do
427 427 @auth_source = AuthSourceLdap.find(1)
428 428 end
429 429
430 430 context "with a successful authentication" do
431 431 should "create a new user account if it doesn't exist" do
432 432 assert_difference('User.count') do
433 433 user = User.try_to_login('edavis', '123456')
434 434 assert !user.admin?
435 435 end
436 436 end
437
437
438 438 should "retrieve existing user" do
439 439 user = User.try_to_login('edavis', '123456')
440 440 user.admin = true
441 441 user.save!
442
442
443 443 assert_no_difference('User.count') do
444 444 user = User.try_to_login('edavis', '123456')
445 445 assert user.admin?
446 446 end
447 447 end
448 448 end
449 449 end
450 450 end
451 451
452 452 else
453 453 puts "Skipping LDAP tests."
454 454 end
455
455
456 456 def test_create_anonymous
457 457 AnonymousUser.delete_all
458 458 anon = User.anonymous
459 459 assert !anon.new_record?
460 460 assert_kind_of AnonymousUser, anon
461 461 end
462 462
463 463 should_have_one :rss_token
464 464
465 465 def test_rss_key
466 466 assert_nil @jsmith.rss_token
467 467 key = @jsmith.rss_key
468 468 assert_equal 40, key.length
469
469
470 470 @jsmith.reload
471 471 assert_equal key, @jsmith.rss_key
472 472 end
473 473
474
474
475 475 should_have_one :api_token
476 476
477 477 context "User#api_key" do
478 478 should "generate a new one if the user doesn't have one" do
479 479 user = User.generate_with_protected!(:api_token => nil)
480 480 assert_nil user.api_token
481 481
482 482 key = user.api_key
483 483 assert_equal 40, key.length
484 484 user.reload
485 485 assert_equal key, user.api_key
486 486 end
487 487
488 488 should "return the existing api token value" do
489 489 user = User.generate_with_protected!
490 490 token = Token.generate!(:action => 'api')
491 491 user.api_token = token
492 492 assert user.save
493
493
494 494 assert_equal token.value, user.api_key
495 495 end
496 496 end
497 497
498 498 context "User#find_by_api_key" do
499 499 should "return nil if no matching key is found" do
500 500 assert_nil User.find_by_api_key('zzzzzzzzz')
501 501 end
502 502
503 503 should "return nil if the key is found for an inactive user" do
504 504 user = User.generate_with_protected!(:status => User::STATUS_LOCKED)
505 505 token = Token.generate!(:action => 'api')
506 506 user.api_token = token
507 507 user.save
508 508
509 509 assert_nil User.find_by_api_key(token.value)
510 510 end
511 511
512 512 should "return the user if the key is found for an active user" do
513 513 user = User.generate_with_protected!(:status => User::STATUS_ACTIVE)
514 514 token = Token.generate!(:action => 'api')
515 515 user.api_token = token
516 516 user.save
517
517
518 518 assert_equal user, User.find_by_api_key(token.value)
519 519 end
520 520 end
521 521
522 522 def test_roles_for_project
523 523 # user with a role
524 524 roles = @jsmith.roles_for_project(Project.find(1))
525 525 assert_kind_of Role, roles.first
526 526 assert_equal "Manager", roles.first.name
527
527
528 528 # user with no role
529 529 assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?}
530 530 end
531
531
532 532 def test_projects_by_role_for_user_with_role
533 533 user = User.find(2)
534 534 assert_kind_of Hash, user.projects_by_role
535 535 assert_equal 2, user.projects_by_role.size
536 536 assert_equal [1,5], user.projects_by_role[Role.find(1)].collect(&:id).sort
537 537 assert_equal [2], user.projects_by_role[Role.find(2)].collect(&:id).sort
538 538 end
539
539
540 540 def test_projects_by_role_for_user_with_no_role
541 541 user = User.generate!
542 542 assert_equal({}, user.projects_by_role)
543 543 end
544
544
545 545 def test_projects_by_role_for_anonymous
546 546 assert_equal({}, User.anonymous.projects_by_role)
547 547 end
548 548
549 549 def test_valid_notification_options
550 550 # without memberships
551 551 assert_equal 5, User.find(7).valid_notification_options.size
552 552 # with memberships
553 553 assert_equal 6, User.find(2).valid_notification_options.size
554 554 end
555
555
556 556 def test_valid_notification_options_class_method
557 557 assert_equal 5, User.valid_notification_options.size
558 558 assert_equal 5, User.valid_notification_options(User.find(7)).size
559 559 assert_equal 6, User.valid_notification_options(User.find(2)).size
560 560 end
561
561
562 562 def test_mail_notification_all
563 563 @jsmith.mail_notification = 'all'
564 564 @jsmith.notified_project_ids = []
565 565 @jsmith.save
566 566 @jsmith.reload
567 567 assert @jsmith.projects.first.recipients.include?(@jsmith.mail)
568 568 end
569
569
570 570 def test_mail_notification_selected
571 571 @jsmith.mail_notification = 'selected'
572 572 @jsmith.notified_project_ids = [1]
573 573 @jsmith.save
574 574 @jsmith.reload
575 575 assert Project.find(1).recipients.include?(@jsmith.mail)
576 576 end
577
577
578 578 def test_mail_notification_only_my_events
579 579 @jsmith.mail_notification = 'only_my_events'
580 580 @jsmith.notified_project_ids = []
581 581 @jsmith.save
582 582 @jsmith.reload
583 583 assert !@jsmith.projects.first.recipients.include?(@jsmith.mail)
584 584 end
585
585
586 586 def test_comments_sorting_preference
587 587 assert !@jsmith.wants_comments_in_reverse_order?
588 588 @jsmith.pref.comments_sorting = 'asc'
589 589 assert !@jsmith.wants_comments_in_reverse_order?
590 590 @jsmith.pref.comments_sorting = 'desc'
591 591 assert @jsmith.wants_comments_in_reverse_order?
592 592 end
593
593
594 594 def test_find_by_mail_should_be_case_insensitive
595 595 u = User.find_by_mail('JSmith@somenet.foo')
596 596 assert_not_nil u
597 597 assert_equal 'jsmith@somenet.foo', u.mail
598 598 end
599
599
600 600 def test_random_password
601 601 u = User.new
602 602 u.random_password
603 603 assert !u.password.blank?
604 604 assert !u.password_confirmation.blank?
605 605 end
606 606
607 607 context "#change_password_allowed?" do
608 608 should "be allowed if no auth source is set" do
609 609 user = User.generate_with_protected!
610 610 assert user.change_password_allowed?
611 611 end
612 612
613 613 should "delegate to the auth source" do
614 614 user = User.generate_with_protected!
615
615
616 616 allowed_auth_source = AuthSource.generate!
617 617 def allowed_auth_source.allow_password_changes?; true; end
618 618
619 619 denied_auth_source = AuthSource.generate!
620 620 def denied_auth_source.allow_password_changes?; false; end
621 621
622 622 assert user.change_password_allowed?
623 623
624 624 user.auth_source = allowed_auth_source
625 625 assert user.change_password_allowed?, "User not allowed to change password, though auth source does"
626 626
627 627 user.auth_source = denied_auth_source
628 628 assert !user.change_password_allowed?, "User allowed to change password, though auth source does not"
629 629 end
630 630
631 631 end
632
632
633 633 context "#allowed_to?" do
634 634 context "with a unique project" do
635 635 should "return false if project is archived" do
636 636 project = Project.find(1)
637 637 Project.any_instance.stubs(:status).returns(Project::STATUS_ARCHIVED)
638 638 assert ! @admin.allowed_to?(:view_issues, Project.find(1))
639 639 end
640
640
641 641 should "return false if related module is disabled" do
642 642 project = Project.find(1)
643 643 project.enabled_module_names = ["issue_tracking"]
644 644 assert @admin.allowed_to?(:add_issues, project)
645 645 assert ! @admin.allowed_to?(:view_wiki_pages, project)
646 646 end
647
647
648 648 should "authorize nearly everything for admin users" do
649 649 project = Project.find(1)
650 650 assert ! @admin.member_of?(project)
651 651 %w(edit_issues delete_issues manage_news manage_documents manage_wiki).each do |p|
652 652 assert @admin.allowed_to?(p.to_sym, project)
653 653 end
654 654 end
655
655
656 656 should "authorize normal users depending on their roles" do
657 657 project = Project.find(1)
658 658 assert @jsmith.allowed_to?(:delete_messages, project) #Manager
659 659 assert ! @dlopper.allowed_to?(:delete_messages, project) #Developper
660 660 end
661 661 end
662 662
663 663 context "with multiple projects" do
664 664 should "return false if array is empty" do
665 665 assert ! @admin.allowed_to?(:view_project, [])
666 666 end
667
667
668 668 should "return true only if user has permission on all these projects" do
669 669 assert @admin.allowed_to?(:view_project, Project.all)
670 670 assert ! @dlopper.allowed_to?(:view_project, Project.all) #cannot see Project(2)
671 671 assert @jsmith.allowed_to?(:edit_issues, @jsmith.projects) #Manager or Developer everywhere
672 672 assert ! @jsmith.allowed_to?(:delete_issue_watchers, @jsmith.projects) #Dev cannot delete_issue_watchers
673 673 end
674
674
675 675 should "behave correctly with arrays of 1 project" do
676 676 assert ! User.anonymous.allowed_to?(:delete_issues, [Project.first])
677 677 end
678 678 end
679
679
680 680 context "with options[:global]" do
681 681 should "authorize if user has at least one role that has this permission" do
682 682 @dlopper2 = User.find(5) #only Developper on a project, not Manager anywhere
683 683 @anonymous = User.find(6)
684 684 assert @jsmith.allowed_to?(:delete_issue_watchers, nil, :global => true)
685 685 assert ! @dlopper2.allowed_to?(:delete_issue_watchers, nil, :global => true)
686 686 assert @dlopper2.allowed_to?(:add_issues, nil, :global => true)
687 687 assert ! @anonymous.allowed_to?(:add_issues, nil, :global => true)
688 688 assert @anonymous.allowed_to?(:view_issues, nil, :global => true)
689 689 end
690 690 end
691 691 end
692
692
693 693 context "User#notify_about?" do
694 694 context "Issues" do
695 695 setup do
696 696 @project = Project.find(1)
697 697 @author = User.generate_with_protected!
698 698 @assignee = User.generate_with_protected!
699 699 @issue = Issue.generate_for_project!(@project, :assigned_to => @assignee, :author => @author)
700 700 end
701 701
702 702 should "be true for a user with :all" do
703 703 @author.update_attribute(:mail_notification, 'all')
704 704 assert @author.notify_about?(@issue)
705 705 end
706
706
707 707 should "be false for a user with :none" do
708 708 @author.update_attribute(:mail_notification, 'none')
709 709 assert ! @author.notify_about?(@issue)
710 710 end
711
711
712 712 should "be false for a user with :only_my_events and isn't an author, creator, or assignee" do
713 713 @user = User.generate_with_protected!(:mail_notification => 'only_my_events')
714 714 Member.create!(:user => @user, :project => @project, :role_ids => [1])
715 715 assert ! @user.notify_about?(@issue)
716 716 end
717
717
718 718 should "be true for a user with :only_my_events and is the author" do
719 719 @author.update_attribute(:mail_notification, 'only_my_events')
720 720 assert @author.notify_about?(@issue)
721 721 end
722
722
723 723 should "be true for a user with :only_my_events and is the assignee" do
724 724 @assignee.update_attribute(:mail_notification, 'only_my_events')
725 725 assert @assignee.notify_about?(@issue)
726 726 end
727
727
728 728 should "be true for a user with :only_assigned and is the assignee" do
729 729 @assignee.update_attribute(:mail_notification, 'only_assigned')
730 730 assert @assignee.notify_about?(@issue)
731 731 end
732
732
733 733 should "be false for a user with :only_assigned and is not the assignee" do
734 734 @author.update_attribute(:mail_notification, 'only_assigned')
735 735 assert ! @author.notify_about?(@issue)
736 736 end
737
737
738 738 should "be true for a user with :only_owner and is the author" do
739 739 @author.update_attribute(:mail_notification, 'only_owner')
740 740 assert @author.notify_about?(@issue)
741 741 end
742
742
743 743 should "be false for a user with :only_owner and is not the author" do
744 744 @assignee.update_attribute(:mail_notification, 'only_owner')
745 745 assert ! @assignee.notify_about?(@issue)
746 746 end
747
747
748 748 should "be true for a user with :selected and is the author" do
749 749 @author.update_attribute(:mail_notification, 'selected')
750 750 assert @author.notify_about?(@issue)
751 751 end
752
752
753 753 should "be true for a user with :selected and is the assignee" do
754 754 @assignee.update_attribute(:mail_notification, 'selected')
755 755 assert @assignee.notify_about?(@issue)
756 756 end
757
757
758 758 should "be false for a user with :selected and is not the author or assignee" do
759 759 @user = User.generate_with_protected!(:mail_notification => 'selected')
760 760 Member.create!(:user => @user, :project => @project, :role_ids => [1])
761 761 assert ! @user.notify_about?(@issue)
762 762 end
763 763 end
764 764
765 765 context "other events" do
766 766 should 'be added and tested'
767 767 end
768 768 end
769 769
770 770 def test_salt_unsalted_passwords
771 771 # Restore a user with an unsalted password
772 772 user = User.find(1)
773 773 user.salt = nil
774 774 user.hashed_password = User.hash_password("unsalted")
775 775 user.save!
776
776
777 777 User.salt_unsalted_passwords!
778
778
779 779 user.reload
780 780 # Salt added
781 781 assert !user.salt.blank?
782 782 # Password still valid
783 783 assert user.check_password?("unsalted")
784 784 assert_equal user, User.try_to_login(user.login, "unsalted")
785 785 end
786
786
787 787 if Object.const_defined?(:OpenID)
788
788
789 789 def test_setting_identity_url
790 790 normalized_open_id_url = 'http://example.com/'
791 791 u = User.new( :identity_url => 'http://example.com/' )
792 792 assert_equal normalized_open_id_url, u.identity_url
793 793 end
794 794
795 795 def test_setting_identity_url_without_trailing_slash
796 796 normalized_open_id_url = 'http://example.com/'
797 797 u = User.new( :identity_url => 'http://example.com' )
798 798 assert_equal normalized_open_id_url, u.identity_url
799 799 end
800 800
801 801 def test_setting_identity_url_without_protocol
802 802 normalized_open_id_url = 'http://example.com/'
803 803 u = User.new( :identity_url => 'example.com' )
804 804 assert_equal normalized_open_id_url, u.identity_url
805 805 end
806
806
807 807 def test_setting_blank_identity_url
808 808 u = User.new( :identity_url => 'example.com' )
809 809 u.identity_url = ''
810 810 assert u.identity_url.blank?
811 811 end
812
812
813 813 def test_setting_invalid_identity_url
814 814 u = User.new( :identity_url => 'this is not an openid url' )
815 815 assert u.identity_url.blank?
816 816 end
817
817
818 818 else
819 819 puts "Skipping openid tests."
820 820 end
821 821
822 822 end
General Comments 0
You need to be logged in to leave comments. Login now