##// END OF EJS Templates
Backported r3080 from trunk (#4248)....
Jean-Philippe Lang -
r2967:be146d492a23
parent child
Show More
@@ -1,199 +1,199
1 # Redmine - project management software
1 # Redmine - project management software
2 # Copyright (C) 2006-2008 Jean-Philippe Lang
2 # Copyright (C) 2006-2008 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 class AccountController < ApplicationController
18 class AccountController < ApplicationController
19 helper :custom_fields
19 helper :custom_fields
20 include CustomFieldsHelper
20 include CustomFieldsHelper
21
21
22 # prevents login action to be filtered by check_if_login_required application scope filter
22 # prevents login action to be filtered by check_if_login_required application scope filter
23 skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]
23 skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]
24
24
25 # Show user's account
25 # Show user's account
26 def show
26 def show
27 @user = User.active.find(params[:id])
27 @user = User.active.find(params[:id])
28 @custom_values = @user.custom_values
28 @custom_values = @user.custom_values
29
29
30 # show only public projects and private projects that the logged in user is also a member of
30 # show only public projects and private projects that the logged in user is also a member of
31 @memberships = @user.memberships.select do |membership|
31 @memberships = @user.memberships.select do |membership|
32 membership.project.is_public? || (User.current.member_of?(membership.project))
32 membership.project.is_public? || (User.current.member_of?(membership.project))
33 end
33 end
34
34
35 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
35 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
36 @events_by_day = events.group_by(&:event_date)
36 @events_by_day = events.group_by(&:event_date)
37
37
38 if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty?
38 if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty?
39 render_404 and return
39 render_404 and return
40 end
40 end
41
41
42 rescue ActiveRecord::RecordNotFound
42 rescue ActiveRecord::RecordNotFound
43 render_404
43 render_404
44 end
44 end
45
45
46 # Login request and validation
46 # Login request and validation
47 def login
47 def login
48 if request.get?
48 if request.get?
49 # Logout user
49 # Logout user
50 self.logged_user = nil
50 self.logged_user = nil
51 else
51 else
52 # Authenticate user
52 # Authenticate user
53 user = User.try_to_login(params[:username], params[:password])
53 user = User.try_to_login(params[:username], params[:password])
54 if user.nil?
54 if user.nil?
55 # Invalid credentials
55 # Invalid credentials
56 flash.now[:error] = l(:notice_account_invalid_creditentials)
56 flash.now[:error] = l(:notice_account_invalid_creditentials)
57 elsif user.new_record?
57 elsif user.new_record?
58 # Onthefly creation failed, display the registration form to fill/fix attributes
58 # Onthefly creation failed, display the registration form to fill/fix attributes
59 @user = user
59 @user = user
60 session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
60 session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
61 render :action => 'register'
61 render :action => 'register'
62 else
62 else
63 # Valid user
63 # Valid user
64 self.logged_user = user
64 self.logged_user = user
65 # generate a key and set cookie if autologin
65 # generate a key and set cookie if autologin
66 if params[:autologin] && Setting.autologin?
66 if params[:autologin] && Setting.autologin?
67 token = Token.create(:user => user, :action => 'autologin')
67 token = Token.create(:user => user, :action => 'autologin')
68 cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
68 cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
69 end
69 end
70 call_hook(:controller_account_success_authentication_after, {:user => user })
70 call_hook(:controller_account_success_authentication_after, {:user => user })
71 redirect_back_or_default :controller => 'my', :action => 'page'
71 redirect_back_or_default :controller => 'my', :action => 'page'
72 end
72 end
73 end
73 end
74 end
74 end
75
75
76 # Log out current user and redirect to welcome page
76 # Log out current user and redirect to welcome page
77 def logout
77 def logout
78 cookies.delete :autologin
78 cookies.delete :autologin
79 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
79 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
80 self.logged_user = nil
80 self.logged_user = nil
81 redirect_to home_url
81 redirect_to home_url
82 end
82 end
83
83
84 # Enable user to choose a new password
84 # Enable user to choose a new password
85 def lost_password
85 def lost_password
86 redirect_to(home_url) && return unless Setting.lost_password?
86 redirect_to(home_url) && return unless Setting.lost_password?
87 if params[:token]
87 if params[:token]
88 @token = Token.find_by_action_and_value("recovery", params[:token])
88 @token = Token.find_by_action_and_value("recovery", params[:token])
89 redirect_to(home_url) && return unless @token and !@token.expired?
89 redirect_to(home_url) && return unless @token and !@token.expired?
90 @user = @token.user
90 @user = @token.user
91 if request.post?
91 if request.post?
92 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
92 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
93 if @user.save
93 if @user.save
94 @token.destroy
94 @token.destroy
95 flash[:notice] = l(:notice_account_password_updated)
95 flash[:notice] = l(:notice_account_password_updated)
96 redirect_to :action => 'login'
96 redirect_to :action => 'login'
97 return
97 return
98 end
98 end
99 end
99 end
100 render :template => "account/password_recovery"
100 render :template => "account/password_recovery"
101 return
101 return
102 else
102 else
103 if request.post?
103 if request.post?
104 user = User.find_by_mail(params[:mail])
104 user = User.find_by_mail(params[:mail])
105 # user not found in db
105 # user not found in db
106 flash.now[:error] = l(:notice_account_unknown_email) and return unless user
106 flash.now[:error] = l(:notice_account_unknown_email) and return unless user
107 # user uses an external authentification
107 # user uses an external authentification
108 flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
108 flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
109 # create a new token for password recovery
109 # create a new token for password recovery
110 token = Token.new(:user => user, :action => "recovery")
110 token = Token.new(:user => user, :action => "recovery")
111 if token.save
111 if token.save
112 Mailer.deliver_lost_password(token)
112 Mailer.deliver_lost_password(token)
113 flash[:notice] = l(:notice_account_lost_email_sent)
113 flash[:notice] = l(:notice_account_lost_email_sent)
114 redirect_to :action => 'login'
114 redirect_to :action => 'login'
115 return
115 return
116 end
116 end
117 end
117 end
118 end
118 end
119 end
119 end
120
120
121 # User self-registration
121 # User self-registration
122 def register
122 def register
123 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
123 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
124 if request.get?
124 if request.get?
125 session[:auth_source_registration] = nil
125 session[:auth_source_registration] = nil
126 @user = User.new(:language => Setting.default_language)
126 @user = User.new(:language => Setting.default_language)
127 else
127 else
128 @user = User.new(params[:user])
128 @user = User.new(params[:user])
129 @user.admin = false
129 @user.admin = false
130 @user.status = User::STATUS_REGISTERED
130 @user.status = User::STATUS_REGISTERED
131 if session[:auth_source_registration]
131 if session[:auth_source_registration]
132 @user.status = User::STATUS_ACTIVE
132 @user.status = User::STATUS_ACTIVE
133 @user.login = session[:auth_source_registration][:login]
133 @user.login = session[:auth_source_registration][:login]
134 @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
134 @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
135 if @user.save
135 if @user.save
136 session[:auth_source_registration] = nil
136 session[:auth_source_registration] = nil
137 self.logged_user = @user
137 self.logged_user = @user
138 flash[:notice] = l(:notice_account_activated)
138 flash[:notice] = l(:notice_account_activated)
139 redirect_to :controller => 'my', :action => 'account'
139 redirect_to :controller => 'my', :action => 'account'
140 end
140 end
141 else
141 else
142 @user.login = params[:user][:login]
142 @user.login = params[:user][:login]
143 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
143 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
144 case Setting.self_registration
144 case Setting.self_registration
145 when '1'
145 when '1'
146 # Email activation
146 # Email activation
147 token = Token.new(:user => @user, :action => "register")
147 token = Token.new(:user => @user, :action => "register")
148 if @user.save and token.save
148 if @user.save and token.save
149 Mailer.deliver_register(token)
149 Mailer.deliver_register(token)
150 flash[:notice] = l(:notice_account_register_done)
150 flash[:notice] = l(:notice_account_register_done)
151 redirect_to :action => 'login'
151 redirect_to :action => 'login'
152 end
152 end
153 when '3'
153 when '3'
154 # Automatic activation
154 # Automatic activation
155 @user.status = User::STATUS_ACTIVE
155 @user.status = User::STATUS_ACTIVE
156 if @user.save
156 if @user.save
157 self.logged_user = @user
157 self.logged_user = @user
158 flash[:notice] = l(:notice_account_activated)
158 flash[:notice] = l(:notice_account_activated)
159 redirect_to :controller => 'my', :action => 'account'
159 redirect_to :controller => 'my', :action => 'account'
160 end
160 end
161 else
161 else
162 # Manual activation by the administrator
162 # Manual activation by the administrator
163 if @user.save
163 if @user.save
164 # Sends an email to the administrators
164 # Sends an email to the administrators
165 Mailer.deliver_account_activation_request(@user)
165 Mailer.deliver_account_activation_request(@user)
166 flash[:notice] = l(:notice_account_pending)
166 flash[:notice] = l(:notice_account_pending)
167 redirect_to :action => 'login'
167 redirect_to :action => 'login'
168 end
168 end
169 end
169 end
170 end
170 end
171 end
171 end
172 end
172 end
173
173
174 # Token based account activation
174 # Token based account activation
175 def activate
175 def activate
176 redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
176 redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
177 token = Token.find_by_action_and_value('register', params[:token])
177 token = Token.find_by_action_and_value('register', params[:token])
178 redirect_to(home_url) && return unless token and !token.expired?
178 redirect_to(home_url) && return unless token and !token.expired?
179 user = token.user
179 user = token.user
180 redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
180 redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
181 user.status = User::STATUS_ACTIVE
181 user.status = User::STATUS_ACTIVE
182 if user.save
182 if user.save
183 token.destroy
183 token.destroy
184 flash[:notice] = l(:notice_account_activated)
184 flash[:notice] = l(:notice_account_activated)
185 end
185 end
186 redirect_to :action => 'login'
186 redirect_to :action => 'login'
187 end
187 end
188
188
189 private
189 private
190 def logged_user=(user)
190 def logged_user=(user)
191 reset_session
191 if user && user.is_a?(User)
192 if user && user.is_a?(User)
192 User.current = user
193 User.current = user
193 session[:user_id] = user.id
194 session[:user_id] = user.id
194 else
195 else
195 User.current = User.anonymous
196 User.current = User.anonymous
196 session[:user_id] = nil
197 end
197 end
198 end
198 end
199 end
199 end
@@ -1,153 +1,171
1 # redMine - project management software
1 # redMine - project management software
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 require "#{File.dirname(__FILE__)}/../test_helper"
18 require "#{File.dirname(__FILE__)}/../test_helper"
19
19
20 begin
20 begin
21 require 'mocha'
21 require 'mocha'
22 rescue
22 rescue
23 # Won't run some tests
23 # Won't run some tests
24 end
24 end
25
25
26 class AccountTest < ActionController::IntegrationTest
26 class AccountTest < ActionController::IntegrationTest
27 fixtures :users
27 fixtures :users
28
28
29 # Replace this with your real tests.
29 # Replace this with your real tests.
30 def test_login
30 def test_login
31 get "my/page"
31 get "my/page"
32 assert_redirected_to "account/login"
32 assert_redirected_to "account/login"
33 log_user('jsmith', 'jsmith')
33 log_user('jsmith', 'jsmith')
34
34
35 get "my/account"
35 get "my/account"
36 assert_response :success
36 assert_response :success
37 assert_template "my/account"
37 assert_template "my/account"
38 end
38 end
39
39
40 def test_lost_password
40 def test_lost_password
41 Token.delete_all
41 Token.delete_all
42
42
43 get "account/lost_password"
43 get "account/lost_password"
44 assert_response :success
44 assert_response :success
45 assert_template "account/lost_password"
45 assert_template "account/lost_password"
46
46
47 post "account/lost_password", :mail => 'jSmith@somenet.foo'
47 post "account/lost_password", :mail => 'jSmith@somenet.foo'
48 assert_redirected_to "account/login"
48 assert_redirected_to "account/login"
49
49
50 token = Token.find(:first)
50 token = Token.find(:first)
51 assert_equal 'recovery', token.action
51 assert_equal 'recovery', token.action
52 assert_equal 'jsmith@somenet.foo', token.user.mail
52 assert_equal 'jsmith@somenet.foo', token.user.mail
53 assert !token.expired?
53 assert !token.expired?
54
54
55 get "account/lost_password", :token => token.value
55 get "account/lost_password", :token => token.value
56 assert_response :success
56 assert_response :success
57 assert_template "account/password_recovery"
57 assert_template "account/password_recovery"
58
58
59 post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
59 post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
60 assert_redirected_to "account/login"
60 assert_redirected_to "account/login"
61 assert_equal 'Password was successfully updated.', flash[:notice]
61 assert_equal 'Password was successfully updated.', flash[:notice]
62
62
63 log_user('jsmith', 'newpass')
63 log_user('jsmith', 'newpass')
64 assert_equal 0, Token.count
64 assert_equal 0, Token.count
65 end
65 end
66
66
67 def test_register_with_automatic_activation
67 def test_register_with_automatic_activation
68 Setting.self_registration = '3'
68 Setting.self_registration = '3'
69
69
70 get 'account/register'
70 get 'account/register'
71 assert_response :success
71 assert_response :success
72 assert_template 'account/register'
72 assert_template 'account/register'
73
73
74 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
74 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
75 :password => "newpass", :password_confirmation => "newpass"
75 :password => "newpass", :password_confirmation => "newpass"
76 assert_redirected_to 'my/account'
76 assert_redirected_to 'my/account'
77 follow_redirect!
77 follow_redirect!
78 assert_response :success
78 assert_response :success
79 assert_template 'my/account'
79 assert_template 'my/account'
80
80
81 assert User.find_by_login('newuser').active?
81 assert User.find_by_login('newuser').active?
82 end
82 end
83
83
84 def test_register_with_manual_activation
84 def test_register_with_manual_activation
85 Setting.self_registration = '2'
85 Setting.self_registration = '2'
86
86
87 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
87 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
88 :password => "newpass", :password_confirmation => "newpass"
88 :password => "newpass", :password_confirmation => "newpass"
89 assert_redirected_to 'account/login'
89 assert_redirected_to 'account/login'
90 assert !User.find_by_login('newuser').active?
90 assert !User.find_by_login('newuser').active?
91 end
91 end
92
92
93 def test_register_with_email_activation
93 def test_register_with_email_activation
94 Setting.self_registration = '1'
94 Setting.self_registration = '1'
95 Token.delete_all
95 Token.delete_all
96
96
97 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
97 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
98 :password => "newpass", :password_confirmation => "newpass"
98 :password => "newpass", :password_confirmation => "newpass"
99 assert_redirected_to 'account/login'
99 assert_redirected_to 'account/login'
100 assert !User.find_by_login('newuser').active?
100 assert !User.find_by_login('newuser').active?
101
101
102 token = Token.find(:first)
102 token = Token.find(:first)
103 assert_equal 'register', token.action
103 assert_equal 'register', token.action
104 assert_equal 'newuser@foo.bar', token.user.mail
104 assert_equal 'newuser@foo.bar', token.user.mail
105 assert !token.expired?
105 assert !token.expired?
106
106
107 get 'account/activate', :token => token.value
107 get 'account/activate', :token => token.value
108 assert_redirected_to 'account/login'
108 assert_redirected_to 'account/login'
109 log_user('newuser', 'newpass')
109 log_user('newuser', 'newpass')
110 end
110 end
111
111
112 if Object.const_defined?(:Mocha)
112 if Object.const_defined?(:Mocha)
113
113
114 def test_onthefly_registration
114 def test_onthefly_registration
115 # disable registration
115 # disable registration
116 Setting.self_registration = '0'
116 Setting.self_registration = '0'
117 AuthSource.expects(:authenticate).returns([:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66])
117 AuthSource.expects(:authenticate).returns([:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66])
118
118
119 post 'account/login', :username => 'foo', :password => 'bar'
119 post 'account/login', :username => 'foo', :password => 'bar'
120 assert_redirected_to 'my/page'
120 assert_redirected_to 'my/page'
121
121
122 user = User.find_by_login('foo')
122 user = User.find_by_login('foo')
123 assert user.is_a?(User)
123 assert user.is_a?(User)
124 assert_equal 66, user.auth_source_id
124 assert_equal 66, user.auth_source_id
125 assert user.hashed_password.blank?
125 assert user.hashed_password.blank?
126 end
126 end
127
127
128 def test_onthefly_registration_with_invalid_attributes
128 def test_onthefly_registration_with_invalid_attributes
129 # disable registration
129 # disable registration
130 Setting.self_registration = '0'
130 Setting.self_registration = '0'
131 AuthSource.expects(:authenticate).returns([:login => 'foo', :lastname => 'Smith', :auth_source_id => 66])
131 AuthSource.expects(:authenticate).returns([:login => 'foo', :lastname => 'Smith', :auth_source_id => 66])
132
132
133 post 'account/login', :username => 'foo', :password => 'bar'
133 post 'account/login', :username => 'foo', :password => 'bar'
134 assert_response :success
134 assert_response :success
135 assert_template 'account/register'
135 assert_template 'account/register'
136 assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
136 assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
137 assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
137 assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
138 assert_no_tag :input, :attributes => { :name => 'user[login]' }
138 assert_no_tag :input, :attributes => { :name => 'user[login]' }
139 assert_no_tag :input, :attributes => { :name => 'user[password]' }
139 assert_no_tag :input, :attributes => { :name => 'user[password]' }
140
140
141 post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
141 post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
142 assert_redirected_to 'my/account'
142 assert_redirected_to 'my/account'
143
143
144 user = User.find_by_login('foo')
144 user = User.find_by_login('foo')
145 assert user.is_a?(User)
145 assert user.is_a?(User)
146 assert_equal 66, user.auth_source_id
146 assert_equal 66, user.auth_source_id
147 assert user.hashed_password.blank?
147 assert user.hashed_password.blank?
148 end
148 end
149
149
150 def test_login_and_logout_should_clear_session
151 get '/login'
152 sid = session.session_id
153
154 post '/login', :username => 'admin', :password => 'admin'
155 assert_redirected_to 'my/page'
156 assert_not_equal sid, session.session_id, "login should reset session"
157 assert_equal 1, session[:user_id]
158 sid = session.session_id
159
160 get '/'
161 assert_equal sid, session.session_id
162
163 get '/logout'
164 assert_not_equal sid, session.session_id, "logout should reset session"
165 assert_nil session[:user_id]
166 end
167
150 else
168 else
151 puts 'Mocha is missing. Skipping tests.'
169 puts 'Mocha is missing. Skipping tests.'
152 end
170 end
153 end
171 end
General Comments 0
You need to be logged in to leave comments. Login now