##// END OF EJS Templates
jro_apps » redmine
RSS
Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...
Eric Davis -
r2420:aed1787d510f
parent child
Show More
Side by Side Unified
Context file:
r2420:aed1787d510f Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,278 +1,286
1 # Redmine - project management software
1 # Redmine - project management software
2 # Copyright (C) 2006-2008 Jean-Philippe Lang
2 # Copyright (C) 2006-2008 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 class AccountController < ApplicationController
18 class AccountController < ApplicationController
19 helper :custom_fields
19 helper :custom_fields
20 include CustomFieldsHelper
20 include CustomFieldsHelper
21
21
22 # prevents login action to be filtered by check_if_login_required application scope filter
22 # prevents login action to be filtered by check_if_login_required application scope filter
23 skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]
23 skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]
24
24
25 # Show user's account
25 # Show user's account
26 def show
26 def show
27 @user = User.active.find(params[:id])
27 @user = User.active.find(params[:id])
28 @custom_values = @user.custom_values
28 @custom_values = @user.custom_values
29
29
30 # show only public projects and private projects that the logged in user is also a member of
30 # show only public projects and private projects that the logged in user is also a member of
31 @memberships = @user.memberships.select do |membership|
31 @memberships = @user.memberships.select do |membership|
32 membership.project.is_public? || (User.current.member_of?(membership.project))
32 membership.project.is_public? || (User.current.member_of?(membership.project))
33 end
33 end
34
34
35 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
35 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
36 @events_by_day = events.group_by(&:event_date)
36 @events_by_day = events.group_by(&:event_date)
37
37
38 rescue ActiveRecord::RecordNotFound
38 rescue ActiveRecord::RecordNotFound
39 render_404
39 render_404
40 end
40 end
41
41
42 # Login request and validation
42 # Login request and validation
43 def login
43 def login
44 if request.get?
44 if request.get?
45 # Logout user
45 # Logout user
46 self.logged_user = nil
46 self.logged_user = nil
47 else
47 else
48 # Authenticate user
48 # Authenticate user
49 if Setting.openid? && using_open_id?
49 if Setting.openid? && using_open_id?
50 open_id_authenticate(params[:openid_url])
50 open_id_authenticate(params[:openid_url])
51 else
51 else
52 password_authentication
52 password_authentication
53 end
53 end
54 end
54 end
55 end
55 end
56
56
57 # Log out current user and redirect to welcome page
57 # Log out current user and redirect to welcome page
58 def logout
58 def logout
59 cookies.delete :autologin
59 cookies.delete :autologin
60 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
60 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
61 self.logged_user = nil
61 self.logged_user = nil
62 redirect_to home_url
62 redirect_to home_url
63 end
63 end
64
64
65 # Enable user to choose a new password
65 # Enable user to choose a new password
66 def lost_password
66 def lost_password
67 redirect_to(home_url) && return unless Setting.lost_password?
67 redirect_to(home_url) && return unless Setting.lost_password?
68 if params[:token]
68 if params[:token]
69 @token = Token.find_by_action_and_value("recovery", params[:token])
69 @token = Token.find_by_action_and_value("recovery", params[:token])
70 redirect_to(home_url) && return unless @token and !@token.expired?
70 redirect_to(home_url) && return unless @token and !@token.expired?
71 @user = @token.user
71 @user = @token.user
72 if request.post?
72 if request.post?
73 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
73 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
74 if @user.save
74 if @user.save
75 @token.destroy
75 @token.destroy
76 flash[:notice] = l(:notice_account_password_updated)
76 flash[:notice] = l(:notice_account_password_updated)
77 redirect_to :action => 'login'
77 redirect_to :action => 'login'
78 return
78 return
79 end
79 end
80 end
80 end
81 render :template => "account/password_recovery"
81 render :template => "account/password_recovery"
82 return
82 return
83 else
83 else
84 if request.post?
84 if request.post?
85 user = User.find_by_mail(params[:mail])
85 user = User.find_by_mail(params[:mail])
86 # user not found in db
86 # user not found in db
87 flash.now[:error] = l(:notice_account_unknown_email) and return unless user
87 flash.now[:error] = l(:notice_account_unknown_email) and return unless user
88 # user uses an external authentification
88 # user uses an external authentification
89 flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
89 flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
90 # create a new token for password recovery
90 # create a new token for password recovery
91 token = Token.new(:user => user, :action => "recovery")
91 token = Token.new(:user => user, :action => "recovery")
92 if token.save
92 if token.save
93 Mailer.deliver_lost_password(token)
93 Mailer.deliver_lost_password(token)
94 flash[:notice] = l(:notice_account_lost_email_sent)
94 flash[:notice] = l(:notice_account_lost_email_sent)
95 redirect_to :action => 'login'
95 redirect_to :action => 'login'
96 return
96 return
97 end
97 end
98 end
98 end
99 end
99 end
100 end
100 end
101
101
102 # User self-registration
102 # User self-registration
103 def register
103 def register
104 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
104 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
105 if request.get?
105 if request.get?
106 session[:auth_source_registration] = nil
106 session[:auth_source_registration] = nil
107 @user = User.new(:language => Setting.default_language)
107 @user = User.new(:language => Setting.default_language)
108 else
108 else
109 @user = User.new(params[:user])
109 @user = User.new(params[:user])
110 @user.admin = false
110 @user.admin = false
111 @user.status = User::STATUS_REGISTERED
111 @user.status = User::STATUS_REGISTERED
112 if session[:auth_source_registration]
112 if session[:auth_source_registration]
113 @user.status = User::STATUS_ACTIVE
113 @user.status = User::STATUS_ACTIVE
114 @user.login = session[:auth_source_registration][:login]
114 @user.login = session[:auth_source_registration][:login]
115 @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
115 @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
116 if @user.save
116 if @user.save
117 session[:auth_source_registration] = nil
117 session[:auth_source_registration] = nil
118 self.logged_user = @user
118 self.logged_user = @user
119 flash[:notice] = l(:notice_account_activated)
119 flash[:notice] = l(:notice_account_activated)
120 redirect_to :controller => 'my', :action => 'account'
120 redirect_to :controller => 'my', :action => 'account'
121 end
121 end
122 else
122 else
123 @user.login = params[:user][:login]
123 @user.login = params[:user][:login]
124 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
124 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
125
125
126 case Setting.self_registration
126 case Setting.self_registration
127 when '1'
127 when '1'
128 register_by_email_activation(@user)
128 register_by_email_activation(@user)
129 when '3'
129 when '3'
130 register_automatically(@user)
130 register_automatically(@user)
131 else
131 else
132 register_manually_by_administrator(@user)
132 register_manually_by_administrator(@user)
133 end
133 end
134 end
134 end
135 end
135 end
136 end
136 end
137
137
138 # Token based account activation
138 # Token based account activation
139 def activate
139 def activate
140 redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
140 redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
141 token = Token.find_by_action_and_value('register', params[:token])
141 token = Token.find_by_action_and_value('register', params[:token])
142 redirect_to(home_url) && return unless token and !token.expired?
142 redirect_to(home_url) && return unless token and !token.expired?
143 user = token.user
143 user = token.user
144 redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
144 redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
145 user.status = User::STATUS_ACTIVE
145 user.status = User::STATUS_ACTIVE
146 if user.save
146 if user.save
147 token.destroy
147 token.destroy
148 flash[:notice] = l(:notice_account_activated)
148 flash[:notice] = l(:notice_account_activated)
149 end
149 end
150 redirect_to :action => 'login'
150 redirect_to :action => 'login'
151 end
151 end
152
152
153 private
153 private
154 def logged_user=(user)
154 def logged_user=(user)
155 if user && user.is_a?(User)
155 if user && user.is_a?(User)
156 User.current = user
156 User.current = user
157 session[:user_id] = user.id
157 session[:user_id] = user.id
158 else
158 else
159 User.current = User.anonymous
159 User.current = User.anonymous
160 session[:user_id] = nil
160 session[:user_id] = nil
161 end
161 end
162 end
162 end
163
163
164 def password_authentication
164 def password_authentication
165 user = User.try_to_login(params[:username], params[:password])
165 user = User.try_to_login(params[:username], params[:password])
166 if user.nil?
166 if user.nil?
167 # Invalid credentials
167 # Invalid credentials
168 flash.now[:error] = l(:notice_account_invalid_creditentials)
168 flash.now[:error] = l(:notice_account_invalid_creditentials)
169 elsif user.new_record?
169 elsif user.new_record?
170 # Onthefly creation failed, display the registration form to fill/fix attributes
170 # Onthefly creation failed, display the registration form to fill/fix attributes
171 @user = user
171 @user = user
172 session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
172 session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
173 render :action => 'register'
173 render :action => 'register'
174 else
174 else
175 # Valid user
175 # Valid user
176 successful_authentication(user)
176 successful_authentication(user)
177 end
177 end
178 end
178 end
179
179
180
180
181 def open_id_authenticate(openid_url)
181 def open_id_authenticate(openid_url)
182 authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|
182 authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|
183 if result.successful?
183 if result.successful?
184 user = User.find_or_initialize_by_identity_url(identity_url)
184 user = User.find_or_initialize_by_identity_url(identity_url)
185 if user.new_record?
185 if user.new_record?
186 # Self-registration off
186 # Self-registration off
187 redirect_to(home_url) && return unless Setting.self_registration?
187 redirect_to(home_url) && return unless Setting.self_registration?
188
188
189 # Create on the fly
189 # Create on the fly
190 user.login = registration['nickname'] unless registration['nickname'].nil?
190 user.login = registration['nickname'] unless registration['nickname'].nil?
191 user.mail = registration['email'] unless registration['email'].nil?
191 user.mail = registration['email'] unless registration['email'].nil?
192 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
192 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
193 user.random_password
193 user.random_password
194 user.status = User::STATUS_REGISTERED
194 user.status = User::STATUS_REGISTERED
195
195
196 case Setting.self_registration
196 case Setting.self_registration
197 when '1'
197 when '1'
198 register_by_email_activation(user) do
198 register_by_email_activation(user) do
199 onthefly_creation_failed(user, {:login => user.login, :identity_url => identity_url })
199 onthefly_creation_failed(user, {:login => user.login, :identity_url => identity_url })
200 end
200 end
201 when '3'
201 when '3'
202 register_automatically(user) do
202 register_automatically(user) do
203 onthefly_creation_failed(user, {:login => user.login, :identity_url => identity_url })
203 onthefly_creation_failed(user, {:login => user.login, :identity_url => identity_url })
204 end
204 end
205 else
205 else
206 register_manually_by_administrator(user) do
206 register_manually_by_administrator(user) do
207 onthefly_creation_failed(user, {:login => user.login, :identity_url => identity_url })
207 onthefly_creation_failed(user, {:login => user.login, :identity_url => identity_url })
208 end
208 end
209 end
209 end
210 else
210 else
211 # Existing record
211 # Existing record
212 if user.active?
212 successful_authentication(user)
213 successful_authentication(user)
214 else
215 account_pending
216 end
213 end
217 end
214 end
218 end
215 end
219 end
216 end
220 end
217
221
218 def successful_authentication(user)
222 def successful_authentication(user)
219 # Valid user
223 # Valid user
220 self.logged_user = user
224 self.logged_user = user
221 # generate a key and set cookie if autologin
225 # generate a key and set cookie if autologin
222 if params[:autologin] && Setting.autologin?
226 if params[:autologin] && Setting.autologin?
223 token = Token.create(:user => user, :action => 'autologin')
227 token = Token.create(:user => user, :action => 'autologin')
224 cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
228 cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
225 end
229 end
226 redirect_back_or_default :controller => 'my', :action => 'page'
230 redirect_back_or_default :controller => 'my', :action => 'page'
227 end
231 end
228
232
229 # Onthefly creation failed, display the registration form to fill/fix attributes
233 # Onthefly creation failed, display the registration form to fill/fix attributes
230 def onthefly_creation_failed(user, auth_source_options = { })
234 def onthefly_creation_failed(user, auth_source_options = { })
231 @user = user
235 @user = user
232 session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
236 session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
233 render :action => 'register'
237 render :action => 'register'
234 end
238 end
235
239
236 # Register a user for email activation.
240 # Register a user for email activation.
237 #
241 #
238 # Pass a block for behavior when a user fails to save
242 # Pass a block for behavior when a user fails to save
239 def register_by_email_activation(user, &block)
243 def register_by_email_activation(user, &block)
240 token = Token.new(:user => user, :action => "register")
244 token = Token.new(:user => user, :action => "register")
241 if user.save and token.save
245 if user.save and token.save
242 Mailer.deliver_register(token)
246 Mailer.deliver_register(token)
243 flash[:notice] = l(:notice_account_register_done)
247 flash[:notice] = l(:notice_account_register_done)
244 redirect_to :action => 'login'
248 redirect_to :action => 'login'
245 else
249 else
246 yield if block_given?
250 yield if block_given?
247 end
251 end
248 end
252 end
249
253
250 # Automatically register a user
254 # Automatically register a user
251 #
255 #
252 # Pass a block for behavior when a user fails to save
256 # Pass a block for behavior when a user fails to save
253 def register_automatically(user, &block)
257 def register_automatically(user, &block)
254 # Automatic activation
258 # Automatic activation
255 user.status = User::STATUS_ACTIVE
259 user.status = User::STATUS_ACTIVE
256 if user.save
260 if user.save
257 self.logged_user = user
261 self.logged_user = user
258 flash[:notice] = l(:notice_account_activated)
262 flash[:notice] = l(:notice_account_activated)
259 redirect_to :controller => 'my', :action => 'account'
263 redirect_to :controller => 'my', :action => 'account'
260 else
264 else
261 yield if block_given?
265 yield if block_given?
262 end
266 end
263 end
267 end
264
268
265 # Manual activation by the administrator
269 # Manual activation by the administrator
266 #
270 #
267 # Pass a block for behavior when a user fails to save
271 # Pass a block for behavior when a user fails to save
268 def register_manually_by_administrator(user, &block)
272 def register_manually_by_administrator(user, &block)
269 if user.save
273 if user.save
270 # Sends an email to the administrators
274 # Sends an email to the administrators
271 Mailer.deliver_account_activation_request(user)
275 Mailer.deliver_account_activation_request(user)
272 flash[:notice] = l(:notice_account_pending)
276 account_pending
273 redirect_to :action => 'login'
274 else
277 else
275 yield if block_given?
278 yield if block_given?
276 end
279 end
277 end
280 end
281
282 def account_pending
283 flash[:notice] = l(:notice_account_pending)
284 redirect_to :action => 'login'
285 end
278 end
286 end
Show file before | Show file after | Hide comments
@@ -1,166 +1,181
1 # redMine - project management software
1 # redMine - project management software
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 require File.dirname(__FILE__) + '/../test_helper'
18 require File.dirname(__FILE__) + '/../test_helper'
19 require 'account_controller'
19 require 'account_controller'
20
20
21 # Re-raise errors caught by the controller.
21 # Re-raise errors caught by the controller.
22 class AccountController; def rescue_action(e) raise e end; end
22 class AccountController; def rescue_action(e) raise e end; end
23
23
24 class AccountControllerTest < Test::Unit::TestCase
24 class AccountControllerTest < Test::Unit::TestCase
25 fixtures :users, :roles
25 fixtures :users, :roles
26
26
27 def setup
27 def setup
28 @controller = AccountController.new
28 @controller = AccountController.new
29 @request = ActionController::TestRequest.new
29 @request = ActionController::TestRequest.new
30 @response = ActionController::TestResponse.new
30 @response = ActionController::TestResponse.new
31 User.current = nil
31 User.current = nil
32 end
32 end
33
33
34 def test_show
34 def test_show
35 get :show, :id => 2
35 get :show, :id => 2
36 assert_response :success
36 assert_response :success
37 assert_template 'show'
37 assert_template 'show'
38 assert_not_nil assigns(:user)
38 assert_not_nil assigns(:user)
39 end
39 end
40
40
41 def test_show_inactive
41 def test_show_inactive
42 get :show, :id => 5
42 get :show, :id => 5
43 assert_response 404
43 assert_response 404
44 assert_nil assigns(:user)
44 assert_nil assigns(:user)
45 end
45 end
46
46
47 def test_login_should_redirect_to_back_url_param
47 def test_login_should_redirect_to_back_url_param
48 # request.uri is "test.host" in test environment
48 # request.uri is "test.host" in test environment
49 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.host%2Fissues%2Fshow%2F1'
49 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.host%2Fissues%2Fshow%2F1'
50 assert_redirected_to '/issues/show/1'
50 assert_redirected_to '/issues/show/1'
51 end
51 end
52
52
53 def test_login_should_not_redirect_to_another_host
53 def test_login_should_not_redirect_to_another_host
54 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.foo%2Ffake'
54 post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.foo%2Ffake'
55 assert_redirected_to '/my/page'
55 assert_redirected_to '/my/page'
56 end
56 end
57
57
58 def test_login_with_wrong_password
58 def test_login_with_wrong_password
59 post :login, :username => 'admin', :password => 'bad'
59 post :login, :username => 'admin', :password => 'bad'
60 assert_response :success
60 assert_response :success
61 assert_template 'login'
61 assert_template 'login'
62 assert_tag 'div',
62 assert_tag 'div',
63 :attributes => { :class => "flash error" },
63 :attributes => { :class => "flash error" },
64 :content => /Invalid user or password/
64 :content => /Invalid user or password/
65 end
65 end
66
66
67 if Object.const_defined?(:OpenID)
67 if Object.const_defined?(:OpenID)
68
68
69 def test_login_with_openid_for_existing_user
69 def test_login_with_openid_for_existing_user
70 Setting.self_registration = '3'
70 Setting.self_registration = '3'
71 Setting.openid = '1'
71 Setting.openid = '1'
72 existing_user = User.new(:firstname => 'Cool',
72 existing_user = User.new(:firstname => 'Cool',
73 :lastname => 'User',
73 :lastname => 'User',
74 :mail => 'user@somedomain.com',
74 :mail => 'user@somedomain.com',
75 :identity_url => 'http://openid.example.com/good_user')
75 :identity_url => 'http://openid.example.com/good_user')
76 existing_user.login = 'cool_user'
76 existing_user.login = 'cool_user'
77 assert existing_user.save!
77 assert existing_user.save!
78
78
79 post :login, :openid_url => existing_user.identity_url
79 post :login, :openid_url => existing_user.identity_url
80 assert_redirected_to 'my/page'
80 assert_redirected_to 'my/page'
81 end
81 end
82
82
83 def test_login_with_openid_for_existing_non_active_user
84 Setting.self_registration = '2'
85 Setting.openid = '1'
86 existing_user = User.new(:firstname => 'Cool',
87 :lastname => 'User',
88 :mail => 'user@somedomain.com',
89 :identity_url => 'http://openid.example.com/good_user',
90 :status => User::STATUS_REGISTERED)
91 existing_user.login = 'cool_user'
92 assert existing_user.save!
93
94 post :login, :openid_url => existing_user.identity_url
95 assert_redirected_to 'login'
96 end
97
83 def test_login_with_openid_with_new_user_created
98 def test_login_with_openid_with_new_user_created
84 Setting.self_registration = '3'
99 Setting.self_registration = '3'
85 Setting.openid = '1'
100 Setting.openid = '1'
86 post :login, :openid_url => 'http://openid.example.com/good_user'
101 post :login, :openid_url => 'http://openid.example.com/good_user'
87 assert_redirected_to 'my/account'
102 assert_redirected_to 'my/account'
88 user = User.find_by_login('cool_user')
103 user = User.find_by_login('cool_user')
89 assert user
104 assert user
90 assert_equal 'Cool', user.firstname
105 assert_equal 'Cool', user.firstname
91 assert_equal 'User', user.lastname
106 assert_equal 'User', user.lastname
92 end
107 end
93
108
94 def test_login_with_openid_with_new_user_and_self_registration_off
109 def test_login_with_openid_with_new_user_and_self_registration_off
95 Setting.self_registration = '0'
110 Setting.self_registration = '0'
96 Setting.openid = '1'
111 Setting.openid = '1'
97 post :login, :openid_url => 'http://openid.example.com/good_user'
112 post :login, :openid_url => 'http://openid.example.com/good_user'
98 assert_redirected_to home_url
113 assert_redirected_to home_url
99 user = User.find_by_login('cool_user')
114 user = User.find_by_login('cool_user')
100 assert ! user
115 assert ! user
101 end
116 end
102
117
103 def test_login_with_openid_with_new_user_created_with_email_activation_should_have_a_token
118 def test_login_with_openid_with_new_user_created_with_email_activation_should_have_a_token
104 Setting.self_registration = '1'
119 Setting.self_registration = '1'
105 Setting.openid = '1'
120 Setting.openid = '1'
106 post :login, :openid_url => 'http://openid.example.com/good_user'
121 post :login, :openid_url => 'http://openid.example.com/good_user'
107 assert_redirected_to 'login'
122 assert_redirected_to 'login'
108 user = User.find_by_login('cool_user')
123 user = User.find_by_login('cool_user')
109 assert user
124 assert user
110
125
111 token = Token.find_by_user_id_and_action(user.id, 'register')
126 token = Token.find_by_user_id_and_action(user.id, 'register')
112 assert token
127 assert token
113 end
128 end
114
129
115 def test_login_with_openid_with_new_user_created_with_manual_activation
130 def test_login_with_openid_with_new_user_created_with_manual_activation
116 Setting.self_registration = '2'
131 Setting.self_registration = '2'
117 Setting.openid = '1'
132 Setting.openid = '1'
118 post :login, :openid_url => 'http://openid.example.com/good_user'
133 post :login, :openid_url => 'http://openid.example.com/good_user'
119 assert_redirected_to 'login'
134 assert_redirected_to 'login'
120 user = User.find_by_login('cool_user')
135 user = User.find_by_login('cool_user')
121 assert user
136 assert user
122 assert_equal User::STATUS_REGISTERED, user.status
137 assert_equal User::STATUS_REGISTERED, user.status
123 end
138 end
124
139
125 def test_login_with_openid_with_new_user_with_conflict_should_register
140 def test_login_with_openid_with_new_user_with_conflict_should_register
126 Setting.self_registration = '3'
141 Setting.self_registration = '3'
127 Setting.openid = '1'
142 Setting.openid = '1'
128 existing_user = User.new(:firstname => 'Cool', :lastname => 'User', :mail => 'user@somedomain.com')
143 existing_user = User.new(:firstname => 'Cool', :lastname => 'User', :mail => 'user@somedomain.com')
129 existing_user.login = 'cool_user'
144 existing_user.login = 'cool_user'
130 assert existing_user.save!
145 assert existing_user.save!
131
146
132 post :login, :openid_url => 'http://openid.example.com/good_user'
147 post :login, :openid_url => 'http://openid.example.com/good_user'
133 assert_response :success
148 assert_response :success
134 assert_template 'register'
149 assert_template 'register'
135 assert assigns(:user)
150 assert assigns(:user)
136 assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]
151 assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]
137 end
152 end
138
153
139 def test_setting_openid_should_return_true_when_set_to_true
154 def test_setting_openid_should_return_true_when_set_to_true
140 Setting.openid = '1'
155 Setting.openid = '1'
141 assert_equal true, Setting.openid?
156 assert_equal true, Setting.openid?
142 end
157 end
143
158
144 else
159 else
145 puts "Skipping openid tests."
160 puts "Skipping openid tests."
146 end
161 end
147
162
148
163
149 def test_autologin
164 def test_autologin
150 Setting.autologin = "7"
165 Setting.autologin = "7"
151 Token.delete_all
166 Token.delete_all
152 post :login, :username => 'admin', :password => 'admin', :autologin => 1
167 post :login, :username => 'admin', :password => 'admin', :autologin => 1
153 assert_redirected_to 'my/page'
168 assert_redirected_to 'my/page'
154 token = Token.find :first
169 token = Token.find :first
155 assert_not_nil token
170 assert_not_nil token
156 assert_equal User.find_by_login('admin'), token.user
171 assert_equal User.find_by_login('admin'), token.user
157 assert_equal 'autologin', token.action
172 assert_equal 'autologin', token.action
158 end
173 end
159
174
160 def test_logout
175 def test_logout
161 @request.session[:user_id] = 2
176 @request.session[:user_id] = 2
162 get :logout
177 get :logout
163 assert_redirected_to ''
178 assert_redirected_to ''
164 assert_nil @request.session[:user_id]
179 assert_nil @request.session[:user_id]
165 end
180 end
166 end
181 end
General Comments 0
You need to be logged in to leave comments. Login now