##// END OF EJS Templates
jro_apps » redmine
RSS
Fixed registration form broken by r8479....
Jean-Philippe Lang -
r8662:9f6496b0bccb
parent child
Show More
Side by Side Unified
Context file:
r8662:9f6496b0bccb Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,283 +1,283
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class AccountController < ApplicationController
19 19 helper :custom_fields
20 20 include CustomFieldsHelper
21 21
22 22 # prevents login action to be filtered by check_if_login_required application scope filter
23 23 skip_before_filter :check_if_login_required
24 24
25 25 # Login request and validation
26 26 def login
27 27 if request.get?
28 28 logout_user
29 29 else
30 30 authenticate_user
31 31 end
32 32 end
33 33
34 34 # Log out current user and redirect to welcome page
35 35 def logout
36 36 logout_user
37 37 redirect_to home_url
38 38 end
39 39
40 40 # Enable user to choose a new password
41 41 def lost_password
42 42 redirect_to(home_url) && return unless Setting.lost_password?
43 43 if params[:token]
44 44 @token = Token.find_by_action_and_value("recovery", params[:token])
45 45 redirect_to(home_url) && return unless @token and !@token.expired?
46 46 @user = @token.user
47 47 if request.post?
48 48 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
49 49 if @user.save
50 50 @token.destroy
51 51 flash[:notice] = l(:notice_account_password_updated)
52 52 redirect_to :action => 'login'
53 53 return
54 54 end
55 55 end
56 56 render :template => "account/password_recovery"
57 57 return
58 58 else
59 59 if request.post?
60 60 user = User.find_by_mail(params[:mail])
61 61 # user not found in db
62 62 (flash.now[:error] = l(:notice_account_unknown_email); return) unless user
63 63 # user uses an external authentification
64 64 (flash.now[:error] = l(:notice_can_t_change_password); return) if user.auth_source_id
65 65 # create a new token for password recovery
66 66 token = Token.new(:user => user, :action => "recovery")
67 67 if token.save
68 68 Mailer.deliver_lost_password(token)
69 69 flash[:notice] = l(:notice_account_lost_email_sent)
70 70 redirect_to :action => 'login'
71 71 return
72 72 end
73 73 end
74 74 end
75 75 end
76 76
77 77 # User self-registration
78 78 def register
79 79 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
80 80 if request.get?
81 81 session[:auth_source_registration] = nil
82 82 @user = User.new(:language => Setting.default_language)
83 83 else
84 84 @user = User.new(params[:user])
85 85 @user.admin = false
86 86 @user.register
87 87 if session[:auth_source_registration]
88 88 @user.activate
89 89 @user.login = session[:auth_source_registration][:login]
90 90 @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
91 91 if @user.save
92 92 session[:auth_source_registration] = nil
93 93 self.logged_user = @user
94 94 flash[:notice] = l(:notice_account_activated)
95 95 redirect_to :controller => 'my', :action => 'account'
96 96 end
97 97 else
98 98 @user.login = params[:user][:login]
99 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
99 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
100 100
101 101 case Setting.self_registration
102 102 when '1'
103 103 register_by_email_activation(@user)
104 104 when '3'
105 105 register_automatically(@user)
106 106 else
107 107 register_manually_by_administrator(@user)
108 108 end
109 109 end
110 110 end
111 111 end
112 112
113 113 # Token based account activation
114 114 def activate
115 115 redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
116 116 token = Token.find_by_action_and_value('register', params[:token])
117 117 redirect_to(home_url) && return unless token and !token.expired?
118 118 user = token.user
119 119 redirect_to(home_url) && return unless user.registered?
120 120 user.activate
121 121 if user.save
122 122 token.destroy
123 123 flash[:notice] = l(:notice_account_activated)
124 124 end
125 125 redirect_to :action => 'login'
126 126 end
127 127
128 128 private
129 129
130 130 def logout_user
131 131 if User.current.logged?
132 132 cookies.delete :autologin
133 133 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin'])
134 134 self.logged_user = nil
135 135 end
136 136 end
137 137
138 138 def authenticate_user
139 139 if Setting.openid? && using_open_id?
140 140 open_id_authenticate(params[:openid_url])
141 141 else
142 142 password_authentication
143 143 end
144 144 end
145 145
146 146 def password_authentication
147 147 user = User.try_to_login(params[:username], params[:password])
148 148
149 149 if user.nil?
150 150 invalid_credentials
151 151 elsif user.new_record?
152 152 onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
153 153 else
154 154 # Valid user
155 155 successful_authentication(user)
156 156 end
157 157 end
158 158
159 159 def open_id_authenticate(openid_url)
160 160 authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|
161 161 if result.successful?
162 162 user = User.find_or_initialize_by_identity_url(identity_url)
163 163 if user.new_record?
164 164 # Self-registration off
165 165 redirect_to(home_url) && return unless Setting.self_registration?
166 166
167 167 # Create on the fly
168 168 user.login = registration['nickname'] unless registration['nickname'].nil?
169 169 user.mail = registration['email'] unless registration['email'].nil?
170 170 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
171 171 user.random_password
172 172 user.register
173 173
174 174 case Setting.self_registration
175 175 when '1'
176 176 register_by_email_activation(user) do
177 177 onthefly_creation_failed(user)
178 178 end
179 179 when '3'
180 180 register_automatically(user) do
181 181 onthefly_creation_failed(user)
182 182 end
183 183 else
184 184 register_manually_by_administrator(user) do
185 185 onthefly_creation_failed(user)
186 186 end
187 187 end
188 188 else
189 189 # Existing record
190 190 if user.active?
191 191 successful_authentication(user)
192 192 else
193 193 account_pending
194 194 end
195 195 end
196 196 end
197 197 end
198 198 end
199 199
200 200 def successful_authentication(user)
201 201 # Valid user
202 202 self.logged_user = user
203 203 # generate a key and set cookie if autologin
204 204 if params[:autologin] && Setting.autologin?
205 205 set_autologin_cookie(user)
206 206 end
207 207 call_hook(:controller_account_success_authentication_after, {:user => user })
208 208 redirect_back_or_default :controller => 'my', :action => 'page'
209 209 end
210 210
211 211 def set_autologin_cookie(user)
212 212 token = Token.create(:user => user, :action => 'autologin')
213 213 cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin'
214 214 cookie_options = {
215 215 :value => token.value,
216 216 :expires => 1.year.from_now,
217 217 :path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
218 218 :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),
219 219 :httponly => true
220 220 }
221 221 cookies[cookie_name] = cookie_options
222 222 end
223 223
224 224 # Onthefly creation failed, display the registration form to fill/fix attributes
225 225 def onthefly_creation_failed(user, auth_source_options = { })
226 226 @user = user
227 227 session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
228 228 render :action => 'register'
229 229 end
230 230
231 231 def invalid_credentials
232 232 logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
233 233 flash.now[:error] = l(:notice_account_invalid_creditentials)
234 234 end
235 235
236 236 # Register a user for email activation.
237 237 #
238 238 # Pass a block for behavior when a user fails to save
239 239 def register_by_email_activation(user, &block)
240 240 token = Token.new(:user => user, :action => "register")
241 241 if user.save and token.save
242 242 Mailer.deliver_register(token)
243 243 flash[:notice] = l(:notice_account_register_done)
244 244 redirect_to :action => 'login'
245 245 else
246 246 yield if block_given?
247 247 end
248 248 end
249 249
250 250 # Automatically register a user
251 251 #
252 252 # Pass a block for behavior when a user fails to save
253 253 def register_automatically(user, &block)
254 254 # Automatic activation
255 255 user.activate
256 256 user.last_login_on = Time.now
257 257 if user.save
258 258 self.logged_user = user
259 259 flash[:notice] = l(:notice_account_activated)
260 260 redirect_to :controller => 'my', :action => 'account'
261 261 else
262 262 yield if block_given?
263 263 end
264 264 end
265 265
266 266 # Manual activation by the administrator
267 267 #
268 268 # Pass a block for behavior when a user fails to save
269 269 def register_manually_by_administrator(user, &block)
270 270 if user.save
271 271 # Sends an email to the administrators
272 272 Mailer.deliver_account_activation_request(user)
273 273 account_pending
274 274 else
275 275 yield if block_given?
276 276 end
277 277 end
278 278
279 279 def account_pending
280 280 flash[:notice] = l(:notice_account_pending)
281 281 redirect_to :action => 'login'
282 282 end
283 283 end
Show file before | Show file after | Hide comments
@@ -1,215 +1,222
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19 require 'account_controller'
20 20
21 21 # Re-raise errors caught by the controller.
22 22 class AccountController; def rescue_action(e) raise e end; end
23 23
24 24 class AccountControllerTest < ActionController::TestCase
25 25 fixtures :users, :roles
26 26
27 27 def setup
28 28 @controller = AccountController.new
29 29 @request = ActionController::TestRequest.new
30 30 @response = ActionController::TestResponse.new
31 31 User.current = nil
32 32 end
33 33
34 34 def test_login_should_redirect_to_back_url_param
35 35 # request.uri is "test.host" in test environment
36 36 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.host%2Fissues%2Fshow%2F1'
37 37 assert_redirected_to '/issues/show/1'
38 38 end
39 39
40 40 def test_login_should_not_redirect_to_another_host
41 41 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.foo%2Ffake'
42 42 assert_redirected_to '/my/page'
43 43 end
44 44
45 45 def test_login_with_wrong_password
46 46 post :login, :username => 'admin', :password => 'bad'
47 47 assert_response :success
48 48 assert_template 'login'
49 49 assert_tag 'div',
50 50 :attributes => { :class => "flash error" },
51 51 :content => /Invalid user or password/
52 52 end
53 53
54 54 if Object.const_defined?(:OpenID)
55 55
56 56 def test_login_with_openid_for_existing_user
57 57 Setting.self_registration = '3'
58 58 Setting.openid = '1'
59 59 existing_user = User.new(:firstname => 'Cool',
60 60 :lastname => 'User',
61 61 :mail => 'user@somedomain.com',
62 62 :identity_url => 'http://openid.example.com/good_user')
63 63 existing_user.login = 'cool_user'
64 64 assert existing_user.save!
65 65
66 66 post :login, :openid_url => existing_user.identity_url
67 67 assert_redirected_to '/my/page'
68 68 end
69 69
70 70 def test_login_with_invalid_openid_provider
71 71 Setting.self_registration = '0'
72 72 Setting.openid = '1'
73 73 post :login, :openid_url => 'http;//openid.example.com/good_user'
74 74 assert_redirected_to home_url
75 75 end
76 76
77 77 def test_login_with_openid_for_existing_non_active_user
78 78 Setting.self_registration = '2'
79 79 Setting.openid = '1'
80 80 existing_user = User.new(:firstname => 'Cool',
81 81 :lastname => 'User',
82 82 :mail => 'user@somedomain.com',
83 83 :identity_url => 'http://openid.example.com/good_user',
84 84 :status => User::STATUS_REGISTERED)
85 85 existing_user.login = 'cool_user'
86 86 assert existing_user.save!
87 87
88 88 post :login, :openid_url => existing_user.identity_url
89 89 assert_redirected_to '/login'
90 90 end
91 91
92 92 def test_login_with_openid_with_new_user_created
93 93 Setting.self_registration = '3'
94 94 Setting.openid = '1'
95 95 post :login, :openid_url => 'http://openid.example.com/good_user'
96 96 assert_redirected_to '/my/account'
97 97 user = User.find_by_login('cool_user')
98 98 assert user
99 99 assert_equal 'Cool', user.firstname
100 100 assert_equal 'User', user.lastname
101 101 end
102 102
103 103 def test_login_with_openid_with_new_user_and_self_registration_off
104 104 Setting.self_registration = '0'
105 105 Setting.openid = '1'
106 106 post :login, :openid_url => 'http://openid.example.com/good_user'
107 107 assert_redirected_to home_url
108 108 user = User.find_by_login('cool_user')
109 109 assert ! user
110 110 end
111 111
112 112 def test_login_with_openid_with_new_user_created_with_email_activation_should_have_a_token
113 113 Setting.self_registration = '1'
114 114 Setting.openid = '1'
115 115 post :login, :openid_url => 'http://openid.example.com/good_user'
116 116 assert_redirected_to '/login'
117 117 user = User.find_by_login('cool_user')
118 118 assert user
119 119
120 120 token = Token.find_by_user_id_and_action(user.id, 'register')
121 121 assert token
122 122 end
123 123
124 124 def test_login_with_openid_with_new_user_created_with_manual_activation
125 125 Setting.self_registration = '2'
126 126 Setting.openid = '1'
127 127 post :login, :openid_url => 'http://openid.example.com/good_user'
128 128 assert_redirected_to '/login'
129 129 user = User.find_by_login('cool_user')
130 130 assert user
131 131 assert_equal User::STATUS_REGISTERED, user.status
132 132 end
133 133
134 134 def test_login_with_openid_with_new_user_with_conflict_should_register
135 135 Setting.self_registration = '3'
136 136 Setting.openid = '1'
137 137 existing_user = User.new(:firstname => 'Cool', :lastname => 'User', :mail => 'user@somedomain.com')
138 138 existing_user.login = 'cool_user'
139 139 assert existing_user.save!
140 140
141 141 post :login, :openid_url => 'http://openid.example.com/good_user'
142 142 assert_response :success
143 143 assert_template 'register'
144 144 assert assigns(:user)
145 145 assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]
146 146 end
147 147
148 148 def test_setting_openid_should_return_true_when_set_to_true
149 149 Setting.openid = '1'
150 150 assert_equal true, Setting.openid?
151 151 end
152 152
153 153 else
154 154 puts "Skipping openid tests."
155 155 end
156 156
157 157 def test_logout
158 158 @request.session[:user_id] = 2
159 159 get :logout
160 160 assert_redirected_to '/'
161 161 assert_nil @request.session[:user_id]
162 162 end
163 163
164 164 def test_get_register_with_registration_on
165 165 with_settings :self_registration => '3' do
166 166 get :register
167 167 assert_response :success
168 168 assert_template 'register'
169 169 assert_not_nil assigns(:user)
170
171 assert_tag 'input', :attributes => {:name => 'user[password]'}
172 assert_tag 'input', :attributes => {:name => 'user[password_confirmation]'}
170 173 end
171 174 end
172 175
173 176 def test_get_register_with_registration_off_should_redirect
174 177 with_settings :self_registration => '0' do
175 178 get :register
176 179 assert_redirected_to '/'
177 180 end
178 181 end
179 182
180 183 # See integration/account_test.rb for the full test
181 184 def test_post_register_with_registration_on
182 185 with_settings :self_registration => '3' do
183 186 assert_difference 'User.count' do
184 187 post :register, :user => {
185 188 :login => 'register',
186 189 :password => 'test',
187 190 :password_confirmation => 'test',
188 191 :firstname => 'John',
189 192 :lastname => 'Doe',
190 193 :mail => 'register@example.com'
191 194 }
192 195 assert_redirected_to '/my/account'
193 196 end
194 197 user = User.first(:order => 'id DESC')
195 198 assert_equal 'register', user.login
199 assert_equal 'John', user.firstname
200 assert_equal 'Doe', user.lastname
201 assert_equal 'register@example.com', user.mail
202 assert user.check_password?('test')
196 203 assert user.active?
197 204 end
198 205 end
199 206
200 207 def test_post_register_with_registration_off_should_redirect
201 208 with_settings :self_registration => '0' do
202 209 assert_no_difference 'User.count' do
203 210 post :register, :user => {
204 211 :login => 'register',
205 212 :password => 'test',
206 213 :password_confirmation => 'test',
207 214 :firstname => 'John',
208 215 :lastname => 'Doe',
209 216 :mail => 'register@example.com'
210 217 }
211 218 assert_redirected_to '/'
212 219 end
213 220 end
214 221 end
215 222 end
Show file before | Show file after | Hide comments
@@ -1,206 +1,206
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19
20 20 begin
21 21 require 'mocha'
22 22 rescue
23 23 # Won't run some tests
24 24 end
25 25
26 26 class AccountTest < ActionController::IntegrationTest
27 27 fixtures :users, :roles
28 28
29 29 # Replace this with your real tests.
30 30 def test_login
31 31 get "my/page"
32 32 assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage"
33 33 log_user('jsmith', 'jsmith')
34 34
35 35 get "my/account"
36 36 assert_response :success
37 37 assert_template "my/account"
38 38 end
39 39
40 40 def test_autologin
41 41 user = User.find(1)
42 42 Setting.autologin = "7"
43 43 Token.delete_all
44 44
45 45 # User logs in with 'autologin' checked
46 46 post '/login', :username => user.login, :password => 'admin', :autologin => 1
47 47 assert_redirected_to '/my/page'
48 48 token = Token.find :first
49 49 assert_not_nil token
50 50 assert_equal user, token.user
51 51 assert_equal 'autologin', token.action
52 52 assert_equal user.id, session[:user_id]
53 53 assert_equal token.value, cookies['autologin']
54 54
55 55 # Session is cleared
56 56 reset!
57 57 User.current = nil
58 58 # Clears user's last login timestamp
59 59 user.update_attribute :last_login_on, nil
60 60 assert_nil user.reload.last_login_on
61 61
62 62 # User comes back with his autologin cookie
63 63 cookies[:autologin] = token.value
64 64 get '/my/page'
65 65 assert_response :success
66 66 assert_template 'my/page'
67 67 assert_equal user.id, session[:user_id]
68 68 assert_not_nil user.reload.last_login_on
69 69 assert user.last_login_on.utc > 10.second.ago.utc
70 70 end
71 71
72 72 def test_lost_password
73 73 Token.delete_all
74 74
75 75 get "account/lost_password"
76 76 assert_response :success
77 77 assert_template "account/lost_password"
78 78
79 79 post "account/lost_password", :mail => 'jSmith@somenet.foo'
80 80 assert_redirected_to "/login"
81 81
82 82 token = Token.find(:first)
83 83 assert_equal 'recovery', token.action
84 84 assert_equal 'jsmith@somenet.foo', token.user.mail
85 85 assert !token.expired?
86 86
87 87 get "account/lost_password", :token => token.value
88 88 assert_response :success
89 89 assert_template "account/password_recovery"
90 90
91 91 post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
92 92 assert_redirected_to "/login"
93 93 assert_equal 'Password was successfully updated.', flash[:notice]
94 94
95 95 log_user('jsmith', 'newpass')
96 96 assert_equal 0, Token.count
97 97 end
98 98
99 99 def test_register_with_automatic_activation
100 100 Setting.self_registration = '3'
101 101
102 102 get 'account/register'
103 103 assert_response :success
104 104 assert_template 'account/register'
105 105
106 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
107 :password => "newpass", :password_confirmation => "newpass"
106 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
107 :password => "newpass", :password_confirmation => "newpass"}
108 108 assert_redirected_to '/my/account'
109 109 follow_redirect!
110 110 assert_response :success
111 111 assert_template 'my/account'
112 112
113 113 user = User.find_by_login('newuser')
114 114 assert_not_nil user
115 115 assert user.active?
116 116 assert_not_nil user.last_login_on
117 117 end
118 118
119 119 def test_register_with_manual_activation
120 120 Setting.self_registration = '2'
121 121
122 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
123 :password => "newpass", :password_confirmation => "newpass"
122 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
123 :password => "newpass", :password_confirmation => "newpass"}
124 124 assert_redirected_to '/login'
125 125 assert !User.find_by_login('newuser').active?
126 126 end
127 127
128 128 def test_register_with_email_activation
129 129 Setting.self_registration = '1'
130 130 Token.delete_all
131 131
132 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
133 :password => "newpass", :password_confirmation => "newpass"
132 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
133 :password => "newpass", :password_confirmation => "newpass"}
134 134 assert_redirected_to '/login'
135 135 assert !User.find_by_login('newuser').active?
136 136
137 137 token = Token.find(:first)
138 138 assert_equal 'register', token.action
139 139 assert_equal 'newuser@foo.bar', token.user.mail
140 140 assert !token.expired?
141 141
142 142 get 'account/activate', :token => token.value
143 143 assert_redirected_to '/login'
144 144 log_user('newuser', 'newpass')
145 145 end
146 146
147 147 if Object.const_defined?(:Mocha)
148 148
149 149 def test_onthefly_registration
150 150 # disable registration
151 151 Setting.self_registration = '0'
152 152 AuthSource.expects(:authenticate).returns({:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66})
153 153
154 154 post '/login', :username => 'foo', :password => 'bar'
155 155 assert_redirected_to '/my/page'
156 156
157 157 user = User.find_by_login('foo')
158 158 assert user.is_a?(User)
159 159 assert_equal 66, user.auth_source_id
160 160 assert user.hashed_password.blank?
161 161 end
162 162
163 163 def test_onthefly_registration_with_invalid_attributes
164 164 # disable registration
165 165 Setting.self_registration = '0'
166 166 AuthSource.expects(:authenticate).returns({:login => 'foo', :lastname => 'Smith', :auth_source_id => 66})
167 167
168 168 post '/login', :username => 'foo', :password => 'bar'
169 169 assert_response :success
170 170 assert_template 'account/register'
171 171 assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
172 172 assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
173 173 assert_no_tag :input, :attributes => { :name => 'user[login]' }
174 174 assert_no_tag :input, :attributes => { :name => 'user[password]' }
175 175
176 176 post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
177 177 assert_redirected_to '/my/account'
178 178
179 179 user = User.find_by_login('foo')
180 180 assert user.is_a?(User)
181 181 assert_equal 66, user.auth_source_id
182 182 assert user.hashed_password.blank?
183 183 end
184 184
185 185 def test_login_and_logout_should_clear_session
186 186 get '/login'
187 187 sid = session[:session_id]
188 188
189 189 post '/login', :username => 'admin', :password => 'admin'
190 190 assert_redirected_to '/my/page'
191 191 assert_not_equal sid, session[:session_id], "login should reset session"
192 192 assert_equal 1, session[:user_id]
193 193 sid = session[:session_id]
194 194
195 195 get '/'
196 196 assert_equal sid, session[:session_id]
197 197
198 198 get '/logout'
199 199 assert_not_equal sid, session[:session_id], "logout should reset session"
200 200 assert_nil session[:user_id]
201 201 end
202 202
203 203 else
204 204 puts 'Mocha is missing. Skipping tests.'
205 205 end
206 206 end
General Comments 0
You need to be logged in to leave comments. Login now