##// END OF EJS Templates
jro_apps » redmine
RSS
Disabled on the fly registration for auth_source fixture....
Jean-Philippe Lang -
r8793:dedfdefcf300
parent child
Show More
Side by Side Unified
Context file:
r8793:dedfdefcf300 Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,13 +1,13
1 1 ---
2 2 auth_sources_001:
3 3 id: 1
4 4 type: AuthSourceLdap
5 5 name: 'LDAP test server'
6 6 host: '127.0.0.1'
7 7 port: 389
8 8 base_dn: 'OU=Person,DC=redmine,DC=org'
9 9 attr_login: uid
10 10 attr_firstname: givenName
11 11 attr_lastname: sn
12 12 attr_mail: mail
13 onthefly_register: true
13 onthefly_register: false
Show file before | Show file after | Hide comments
@@ -1,89 +1,90
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19
20 20 class AuthSourceLdapTest < ActiveSupport::TestCase
21 21 fixtures :auth_sources
22 22
23 23 def setup
24 24 end
25 25
26 26 def test_create
27 27 a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :base_dn => 'dc=example,dc=net', :attr_login => 'sAMAccountName')
28 28 assert a.save
29 29 end
30 30
31 31 def test_should_strip_ldap_attributes
32 32 a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :base_dn => 'dc=example,dc=net', :attr_login => 'sAMAccountName',
33 33 :attr_firstname => 'givenName ')
34 34 assert a.save
35 35 assert_equal 'givenName', a.reload.attr_firstname
36 36 end
37 37
38 38 def test_replace_port_zero_to_389
39 39 a = AuthSourceLdap.new(
40 40 :name => 'My LDAP', :host => 'ldap.example.net', :port => 0,
41 41 :base_dn => 'dc=example,dc=net', :attr_login => 'sAMAccountName',
42 42 :attr_firstname => 'givenName ')
43 43 assert a.save
44 44 assert_equal 389, a.port
45 45 end
46 46
47 47 if ldap_configured?
48 48 context '#authenticate' do
49 49 setup do
50 50 @auth = AuthSourceLdap.find(1)
51 @auth.update_attribute :onthefly_register, true
51 52 end
52 53
53 54 context 'with a valid LDAP user' do
54 55 should 'return the user attributes' do
55 56 attributes = @auth.authenticate('example1','123456')
56 57 assert attributes.is_a?(Hash), "An hash was not returned"
57 58 assert_equal 'Example', attributes[:firstname]
58 59 assert_equal 'One', attributes[:lastname]
59 60 assert_equal 'example1@redmine.org', attributes[:mail]
60 61 assert_equal @auth.id, attributes[:auth_source_id]
61 62 attributes.keys.each do |attribute|
62 63 assert User.new.respond_to?("#{attribute}="), "Unexpected :#{attribute} attribute returned"
63 64 end
64 65 end
65 66 end
66 67
67 68 context 'with an invalid LDAP user' do
68 69 should 'return nil' do
69 70 assert_equal nil, @auth.authenticate('nouser','123456')
70 71 end
71 72 end
72 73
73 74 context 'without a login' do
74 75 should 'return nil' do
75 76 assert_equal nil, @auth.authenticate('','123456')
76 77 end
77 78 end
78 79
79 80 context 'without a password' do
80 81 should 'return nil' do
81 82 assert_equal nil, @auth.authenticate('edavis','')
82 83 end
83 84 end
84 85
85 86 end
86 87 else
87 88 puts '(Test LDAP server not configured)'
88 89 end
89 90 end
Show file before | Show file after | Hide comments
@@ -1,891 +1,892
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19
20 20 class UserTest < ActiveSupport::TestCase
21 21 fixtures :users, :members, :projects, :roles, :member_roles, :auth_sources,
22 22 :trackers, :issue_statuses,
23 23 :projects_trackers,
24 24 :watchers,
25 25 :issue_categories, :enumerations, :issues,
26 26 :journals, :journal_details,
27 27 :groups_users,
28 28 :enabled_modules,
29 29 :workflows
30 30
31 31 def setup
32 32 @admin = User.find(1)
33 33 @jsmith = User.find(2)
34 34 @dlopper = User.find(3)
35 35 end
36 36
37 37 test 'object_daddy creation' do
38 38 User.generate_with_protected!(:firstname => 'Testing connection')
39 39 User.generate_with_protected!(:firstname => 'Testing connection')
40 40 assert_equal 2, User.count(:all, :conditions => {:firstname => 'Testing connection'})
41 41 end
42 42
43 43 def test_truth
44 44 assert_kind_of User, @jsmith
45 45 end
46 46
47 47 def test_mail_should_be_stripped
48 48 u = User.new
49 49 u.mail = " foo@bar.com "
50 50 assert_equal "foo@bar.com", u.mail
51 51 end
52 52
53 53 def test_mail_validation
54 54 u = User.new
55 55 u.mail = ''
56 56 assert !u.valid?
57 57 assert_equal I18n.translate('activerecord.errors.messages.blank'),
58 58 u.errors[:mail].to_s
59 59 end
60 60
61 61 def test_login_length_validation
62 62 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
63 63 user.login = "x" * (User::LOGIN_LENGTH_LIMIT+1)
64 64 assert !user.valid?
65 65
66 66 user.login = "x" * (User::LOGIN_LENGTH_LIMIT)
67 67 assert user.valid?
68 68 assert user.save
69 69 end
70 70
71 71 def test_create
72 72 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
73 73
74 74 user.login = "jsmith"
75 75 user.password, user.password_confirmation = "password", "password"
76 76 # login uniqueness
77 77 assert !user.save
78 78 assert_equal 1, user.errors.count
79 79
80 80 user.login = "newuser"
81 81 user.password, user.password_confirmation = "passwd", "password"
82 82 # password confirmation
83 83 assert !user.save
84 84 assert_equal 1, user.errors.count
85 85
86 86 user.password, user.password_confirmation = "password", "password"
87 87 assert user.save
88 88 end
89 89
90 90 context "User#before_create" do
91 91 should "set the mail_notification to the default Setting" do
92 92 @user1 = User.generate_with_protected!
93 93 assert_equal 'only_my_events', @user1.mail_notification
94 94
95 95 with_settings :default_notification_option => 'all' do
96 96 @user2 = User.generate_with_protected!
97 97 assert_equal 'all', @user2.mail_notification
98 98 end
99 99 end
100 100 end
101 101
102 102 context "User.login" do
103 103 should "be case-insensitive." do
104 104 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
105 105 u.login = 'newuser'
106 106 u.password, u.password_confirmation = "password", "password"
107 107 assert u.save
108 108
109 109 u = User.new(:firstname => "Similar", :lastname => "User", :mail => "similaruser@somenet.foo")
110 110 u.login = 'NewUser'
111 111 u.password, u.password_confirmation = "password", "password"
112 112 assert !u.save
113 113 assert_equal I18n.translate('activerecord.errors.messages.taken'),
114 114 u.errors[:login].to_s
115 115 end
116 116 end
117 117
118 118 def test_mail_uniqueness_should_not_be_case_sensitive
119 119 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
120 120 u.login = 'newuser1'
121 121 u.password, u.password_confirmation = "password", "password"
122 122 assert u.save
123 123
124 124 u = User.new(:firstname => "new", :lastname => "user", :mail => "newUser@Somenet.foo")
125 125 u.login = 'newuser2'
126 126 u.password, u.password_confirmation = "password", "password"
127 127 assert !u.save
128 128 assert_equal I18n.translate('activerecord.errors.messages.taken'),
129 129 u.errors[:mail].to_s
130 130 end
131 131
132 132 def test_update
133 133 assert_equal "admin", @admin.login
134 134 @admin.login = "john"
135 135 assert @admin.save, @admin.errors.full_messages.join("; ")
136 136 @admin.reload
137 137 assert_equal "john", @admin.login
138 138 end
139 139
140 140 def test_destroy_should_delete_members_and_roles
141 141 members = Member.find_all_by_user_id(2)
142 142 ms = members.size
143 143 rs = members.collect(&:roles).flatten.size
144 144
145 145 assert_difference 'Member.count', - ms do
146 146 assert_difference 'MemberRole.count', - rs do
147 147 User.find(2).destroy
148 148 end
149 149 end
150 150
151 151 assert_nil User.find_by_id(2)
152 152 assert Member.find_all_by_user_id(2).empty?
153 153 end
154 154
155 155 def test_destroy_should_update_attachments
156 156 attachment = Attachment.create!(:container => Project.find(1),
157 157 :file => uploaded_test_file("testfile.txt", "text/plain"),
158 158 :author_id => 2)
159 159
160 160 User.find(2).destroy
161 161 assert_nil User.find_by_id(2)
162 162 assert_equal User.anonymous, attachment.reload.author
163 163 end
164 164
165 165 def test_destroy_should_update_comments
166 166 comment = Comment.create!(
167 167 :commented => News.create!(:project_id => 1, :author_id => 1, :title => 'foo', :description => 'foo'),
168 168 :author => User.find(2),
169 169 :comments => 'foo'
170 170 )
171 171
172 172 User.find(2).destroy
173 173 assert_nil User.find_by_id(2)
174 174 assert_equal User.anonymous, comment.reload.author
175 175 end
176 176
177 177 def test_destroy_should_update_issues
178 178 issue = Issue.create!(:project_id => 1, :author_id => 2, :tracker_id => 1, :subject => 'foo')
179 179
180 180 User.find(2).destroy
181 181 assert_nil User.find_by_id(2)
182 182 assert_equal User.anonymous, issue.reload.author
183 183 end
184 184
185 185 def test_destroy_should_unassign_issues
186 186 issue = Issue.create!(:project_id => 1, :author_id => 1, :tracker_id => 1, :subject => 'foo', :assigned_to_id => 2)
187 187
188 188 User.find(2).destroy
189 189 assert_nil User.find_by_id(2)
190 190 assert_nil issue.reload.assigned_to
191 191 end
192 192
193 193 def test_destroy_should_update_journals
194 194 issue = Issue.create!(:project_id => 1, :author_id => 2, :tracker_id => 1, :subject => 'foo')
195 195 issue.init_journal(User.find(2), "update")
196 196 issue.save!
197 197
198 198 User.find(2).destroy
199 199 assert_nil User.find_by_id(2)
200 200 assert_equal User.anonymous, issue.journals.first.reload.user
201 201 end
202 202
203 203 def test_destroy_should_update_journal_details_old_value
204 204 issue = Issue.create!(:project_id => 1, :author_id => 1, :tracker_id => 1, :subject => 'foo', :assigned_to_id => 2)
205 205 issue.init_journal(User.find(1), "update")
206 206 issue.assigned_to_id = nil
207 207 assert_difference 'JournalDetail.count' do
208 208 issue.save!
209 209 end
210 210 journal_detail = JournalDetail.first(:order => 'id DESC')
211 211 assert_equal '2', journal_detail.old_value
212 212
213 213 User.find(2).destroy
214 214 assert_nil User.find_by_id(2)
215 215 assert_equal User.anonymous.id.to_s, journal_detail.reload.old_value
216 216 end
217 217
218 218 def test_destroy_should_update_journal_details_value
219 219 issue = Issue.create!(:project_id => 1, :author_id => 1, :tracker_id => 1, :subject => 'foo')
220 220 issue.init_journal(User.find(1), "update")
221 221 issue.assigned_to_id = 2
222 222 assert_difference 'JournalDetail.count' do
223 223 issue.save!
224 224 end
225 225 journal_detail = JournalDetail.first(:order => 'id DESC')
226 226 assert_equal '2', journal_detail.value
227 227
228 228 User.find(2).destroy
229 229 assert_nil User.find_by_id(2)
230 230 assert_equal User.anonymous.id.to_s, journal_detail.reload.value
231 231 end
232 232
233 233 def test_destroy_should_update_messages
234 234 board = Board.create!(:project_id => 1, :name => 'Board', :description => 'Board')
235 235 message = Message.create!(:board_id => board.id, :author_id => 2, :subject => 'foo', :content => 'foo')
236 236
237 237 User.find(2).destroy
238 238 assert_nil User.find_by_id(2)
239 239 assert_equal User.anonymous, message.reload.author
240 240 end
241 241
242 242 def test_destroy_should_update_news
243 243 news = News.create!(:project_id => 1, :author_id => 2, :title => 'foo', :description => 'foo')
244 244
245 245 User.find(2).destroy
246 246 assert_nil User.find_by_id(2)
247 247 assert_equal User.anonymous, news.reload.author
248 248 end
249 249
250 250 def test_destroy_should_delete_private_queries
251 251 query = Query.new(:name => 'foo', :is_public => false)
252 252 query.project_id = 1
253 253 query.user_id = 2
254 254 query.save!
255 255
256 256 User.find(2).destroy
257 257 assert_nil User.find_by_id(2)
258 258 assert_nil Query.find_by_id(query.id)
259 259 end
260 260
261 261 def test_destroy_should_update_public_queries
262 262 query = Query.new(:name => 'foo', :is_public => true)
263 263 query.project_id = 1
264 264 query.user_id = 2
265 265 query.save!
266 266
267 267 User.find(2).destroy
268 268 assert_nil User.find_by_id(2)
269 269 assert_equal User.anonymous, query.reload.user
270 270 end
271 271
272 272 def test_destroy_should_update_time_entries
273 273 entry = TimeEntry.new(:hours => '2', :spent_on => Date.today, :activity => TimeEntryActivity.create!(:name => 'foo'))
274 274 entry.project_id = 1
275 275 entry.user_id = 2
276 276 entry.save!
277 277
278 278 User.find(2).destroy
279 279 assert_nil User.find_by_id(2)
280 280 assert_equal User.anonymous, entry.reload.user
281 281 end
282 282
283 283 def test_destroy_should_delete_tokens
284 284 token = Token.create!(:user_id => 2, :value => 'foo')
285 285
286 286 User.find(2).destroy
287 287 assert_nil User.find_by_id(2)
288 288 assert_nil Token.find_by_id(token.id)
289 289 end
290 290
291 291 def test_destroy_should_delete_watchers
292 292 issue = Issue.create!(:project_id => 1, :author_id => 1, :tracker_id => 1, :subject => 'foo')
293 293 watcher = Watcher.create!(:user_id => 2, :watchable => issue)
294 294
295 295 User.find(2).destroy
296 296 assert_nil User.find_by_id(2)
297 297 assert_nil Watcher.find_by_id(watcher.id)
298 298 end
299 299
300 300 def test_destroy_should_update_wiki_contents
301 301 wiki_content = WikiContent.create!(
302 302 :text => 'foo',
303 303 :author_id => 2,
304 304 :page => WikiPage.create!(:title => 'Foo', :wiki => Wiki.create!(:project_id => 1, :start_page => 'Start'))
305 305 )
306 306 wiki_content.text = 'bar'
307 307 assert_difference 'WikiContent::Version.count' do
308 308 wiki_content.save!
309 309 end
310 310
311 311 User.find(2).destroy
312 312 assert_nil User.find_by_id(2)
313 313 assert_equal User.anonymous, wiki_content.reload.author
314 314 wiki_content.versions.each do |version|
315 315 assert_equal User.anonymous, version.reload.author
316 316 end
317 317 end
318 318
319 319 def test_destroy_should_nullify_issue_categories
320 320 category = IssueCategory.create!(:project_id => 1, :assigned_to_id => 2, :name => 'foo')
321 321
322 322 User.find(2).destroy
323 323 assert_nil User.find_by_id(2)
324 324 assert_nil category.reload.assigned_to_id
325 325 end
326 326
327 327 def test_destroy_should_nullify_changesets
328 328 changeset = Changeset.create!(
329 329 :repository => Repository::Subversion.generate!(
330 330 :project_id => 1
331 331 ),
332 332 :revision => '12',
333 333 :committed_on => Time.now,
334 334 :committer => 'jsmith'
335 335 )
336 336 assert_equal 2, changeset.user_id
337 337
338 338 User.find(2).destroy
339 339 assert_nil User.find_by_id(2)
340 340 assert_nil changeset.reload.user_id
341 341 end
342 342
343 343 def test_anonymous_user_should_not_be_destroyable
344 344 assert_no_difference 'User.count' do
345 345 assert_equal false, User.anonymous.destroy
346 346 end
347 347 end
348 348
349 349 def test_validate_login_presence
350 350 @admin.login = ""
351 351 assert !@admin.save
352 352 assert_equal 1, @admin.errors.count
353 353 end
354 354
355 355 def test_validate_mail_notification_inclusion
356 356 u = User.new
357 357 u.mail_notification = 'foo'
358 358 u.save
359 359 assert_not_nil u.errors[:mail_notification]
360 360 end
361 361
362 362 context "User#try_to_login" do
363 363 should "fall-back to case-insensitive if user login is not found as-typed." do
364 364 user = User.try_to_login("AdMin", "admin")
365 365 assert_kind_of User, user
366 366 assert_equal "admin", user.login
367 367 end
368 368
369 369 should "select the exact matching user first" do
370 370 case_sensitive_user = User.generate_with_protected!(
371 371 :login => 'changed', :password => 'admin',
372 372 :password_confirmation => 'admin')
373 373 # bypass validations to make it appear like existing data
374 374 case_sensitive_user.update_attribute(:login, 'ADMIN')
375 375
376 376 user = User.try_to_login("ADMIN", "admin")
377 377 assert_kind_of User, user
378 378 assert_equal "ADMIN", user.login
379 379
380 380 end
381 381 end
382 382
383 383 def test_password
384 384 user = User.try_to_login("admin", "admin")
385 385 assert_kind_of User, user
386 386 assert_equal "admin", user.login
387 387 user.password = "hello"
388 388 assert user.save
389 389
390 390 user = User.try_to_login("admin", "hello")
391 391 assert_kind_of User, user
392 392 assert_equal "admin", user.login
393 393 end
394 394
395 395 def test_validate_password_length
396 396 with_settings :password_min_length => '100' do
397 397 user = User.new(:firstname => "new100", :lastname => "user100", :mail => "newuser100@somenet.foo")
398 398 user.login = "newuser100"
399 399 user.password, user.password_confirmation = "password100", "password100"
400 400 assert !user.save
401 401 assert_equal 1, user.errors.count
402 402 end
403 403 end
404 404
405 405 def test_name_format
406 406 assert_equal 'Smith, John', @jsmith.name(:lastname_coma_firstname)
407 407 with_settings :user_format => :firstname_lastname do
408 408 assert_equal 'John Smith', @jsmith.reload.name
409 409 end
410 410 with_settings :user_format => :username do
411 411 assert_equal 'jsmith', @jsmith.reload.name
412 412 end
413 413 end
414 414
415 415 def test_fields_for_order_statement_should_return_fields_according_user_format_setting
416 416 with_settings :user_format => 'lastname_coma_firstname' do
417 417 assert_equal ['users.lastname', 'users.firstname', 'users.id'], User.fields_for_order_statement
418 418 end
419 419 end
420 420
421 421 def test_fields_for_order_statement_width_table_name_should_prepend_table_name
422 422 with_settings :user_format => 'lastname_firstname' do
423 423 assert_equal ['authors.lastname', 'authors.firstname', 'authors.id'], User.fields_for_order_statement('authors')
424 424 end
425 425 end
426 426
427 427 def test_fields_for_order_statement_with_blank_format_should_return_default
428 428 with_settings :user_format => '' do
429 429 assert_equal ['users.firstname', 'users.lastname', 'users.id'], User.fields_for_order_statement
430 430 end
431 431 end
432 432
433 433 def test_fields_for_order_statement_with_invalid_format_should_return_default
434 434 with_settings :user_format => 'foo' do
435 435 assert_equal ['users.firstname', 'users.lastname', 'users.id'], User.fields_for_order_statement
436 436 end
437 437 end
438 438
439 439 def test_lock
440 440 user = User.try_to_login("jsmith", "jsmith")
441 441 assert_equal @jsmith, user
442 442
443 443 @jsmith.status = User::STATUS_LOCKED
444 444 assert @jsmith.save
445 445
446 446 user = User.try_to_login("jsmith", "jsmith")
447 447 assert_equal nil, user
448 448 end
449 449
450 450 context ".try_to_login" do
451 451 context "with good credentials" do
452 452 should "return the user" do
453 453 user = User.try_to_login("admin", "admin")
454 454 assert_kind_of User, user
455 455 assert_equal "admin", user.login
456 456 end
457 457 end
458 458
459 459 context "with wrong credentials" do
460 460 should "return nil" do
461 461 assert_nil User.try_to_login("admin", "foo")
462 462 end
463 463 end
464 464 end
465 465
466 466 if ldap_configured?
467 467 context "#try_to_login using LDAP" do
468 468 context "with failed connection to the LDAP server" do
469 469 should "return nil" do
470 470 @auth_source = AuthSourceLdap.find(1)
471 471 AuthSource.any_instance.stubs(:initialize_ldap_con).raises(Net::LDAP::LdapError, 'Cannot connect')
472 472
473 473 assert_equal nil, User.try_to_login('edavis', 'wrong')
474 474 end
475 475 end
476 476
477 477 context "with an unsuccessful authentication" do
478 478 should "return nil" do
479 479 assert_equal nil, User.try_to_login('edavis', 'wrong')
480 480 end
481 481 end
482 482
483 483 context "on the fly registration" do
484 484 setup do
485 485 @auth_source = AuthSourceLdap.find(1)
486 @auth.update_attribute :onthefly_register, true
486 487 end
487 488
488 489 context "with a successful authentication" do
489 490 should "create a new user account if it doesn't exist" do
490 491 assert_difference('User.count') do
491 492 user = User.try_to_login('edavis', '123456')
492 493 assert !user.admin?
493 494 end
494 495 end
495 496
496 497 should "retrieve existing user" do
497 498 user = User.try_to_login('edavis', '123456')
498 499 user.admin = true
499 500 user.save!
500 501
501 502 assert_no_difference('User.count') do
502 503 user = User.try_to_login('edavis', '123456')
503 504 assert user.admin?
504 505 end
505 506 end
506 507 end
507 508 end
508 509 end
509 510
510 511 else
511 512 puts "Skipping LDAP tests."
512 513 end
513 514
514 515 def test_create_anonymous
515 516 AnonymousUser.delete_all
516 517 anon = User.anonymous
517 518 assert !anon.new_record?
518 519 assert_kind_of AnonymousUser, anon
519 520 end
520 521
521 522 def test_ensure_single_anonymous_user
522 523 AnonymousUser.delete_all
523 524 anon1 = User.anonymous
524 525 assert !anon1.new_record?
525 526 assert_kind_of AnonymousUser, anon1
526 527 anon2 = AnonymousUser.create(
527 528 :lastname => 'Anonymous', :firstname => '',
528 529 :mail => '', :login => '', :status => 0)
529 530 assert_equal 1, anon2.errors.count
530 531 end
531 532
532 533 should_have_one :rss_token
533 534
534 535 def test_rss_key
535 536 assert_nil @jsmith.rss_token
536 537 key = @jsmith.rss_key
537 538 assert_equal 40, key.length
538 539
539 540 @jsmith.reload
540 541 assert_equal key, @jsmith.rss_key
541 542 end
542 543
543 544
544 545 should_have_one :api_token
545 546
546 547 context "User#api_key" do
547 548 should "generate a new one if the user doesn't have one" do
548 549 user = User.generate_with_protected!(:api_token => nil)
549 550 assert_nil user.api_token
550 551
551 552 key = user.api_key
552 553 assert_equal 40, key.length
553 554 user.reload
554 555 assert_equal key, user.api_key
555 556 end
556 557
557 558 should "return the existing api token value" do
558 559 user = User.generate_with_protected!
559 560 token = Token.generate!(:action => 'api')
560 561 user.api_token = token
561 562 assert user.save
562 563
563 564 assert_equal token.value, user.api_key
564 565 end
565 566 end
566 567
567 568 context "User#find_by_api_key" do
568 569 should "return nil if no matching key is found" do
569 570 assert_nil User.find_by_api_key('zzzzzzzzz')
570 571 end
571 572
572 573 should "return nil if the key is found for an inactive user" do
573 574 user = User.generate_with_protected!(:status => User::STATUS_LOCKED)
574 575 token = Token.generate!(:action => 'api')
575 576 user.api_token = token
576 577 user.save
577 578
578 579 assert_nil User.find_by_api_key(token.value)
579 580 end
580 581
581 582 should "return the user if the key is found for an active user" do
582 583 user = User.generate_with_protected!(:status => User::STATUS_ACTIVE)
583 584 token = Token.generate!(:action => 'api')
584 585 user.api_token = token
585 586 user.save
586 587
587 588 assert_equal user, User.find_by_api_key(token.value)
588 589 end
589 590 end
590 591
591 592 def test_roles_for_project
592 593 # user with a role
593 594 roles = @jsmith.roles_for_project(Project.find(1))
594 595 assert_kind_of Role, roles.first
595 596 assert_equal "Manager", roles.first.name
596 597
597 598 # user with no role
598 599 assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?}
599 600 end
600 601
601 602 def test_projects_by_role_for_user_with_role
602 603 user = User.find(2)
603 604 assert_kind_of Hash, user.projects_by_role
604 605 assert_equal 2, user.projects_by_role.size
605 606 assert_equal [1,5], user.projects_by_role[Role.find(1)].collect(&:id).sort
606 607 assert_equal [2], user.projects_by_role[Role.find(2)].collect(&:id).sort
607 608 end
608 609
609 610 def test_projects_by_role_for_user_with_no_role
610 611 user = User.generate!
611 612 assert_equal({}, user.projects_by_role)
612 613 end
613 614
614 615 def test_projects_by_role_for_anonymous
615 616 assert_equal({}, User.anonymous.projects_by_role)
616 617 end
617 618
618 619 def test_valid_notification_options
619 620 # without memberships
620 621 assert_equal 5, User.find(7).valid_notification_options.size
621 622 # with memberships
622 623 assert_equal 6, User.find(2).valid_notification_options.size
623 624 end
624 625
625 626 def test_valid_notification_options_class_method
626 627 assert_equal 5, User.valid_notification_options.size
627 628 assert_equal 5, User.valid_notification_options(User.find(7)).size
628 629 assert_equal 6, User.valid_notification_options(User.find(2)).size
629 630 end
630 631
631 632 def test_mail_notification_all
632 633 @jsmith.mail_notification = 'all'
633 634 @jsmith.notified_project_ids = []
634 635 @jsmith.save
635 636 @jsmith.reload
636 637 assert @jsmith.projects.first.recipients.include?(@jsmith.mail)
637 638 end
638 639
639 640 def test_mail_notification_selected
640 641 @jsmith.mail_notification = 'selected'
641 642 @jsmith.notified_project_ids = [1]
642 643 @jsmith.save
643 644 @jsmith.reload
644 645 assert Project.find(1).recipients.include?(@jsmith.mail)
645 646 end
646 647
647 648 def test_mail_notification_only_my_events
648 649 @jsmith.mail_notification = 'only_my_events'
649 650 @jsmith.notified_project_ids = []
650 651 @jsmith.save
651 652 @jsmith.reload
652 653 assert !@jsmith.projects.first.recipients.include?(@jsmith.mail)
653 654 end
654 655
655 656 def test_comments_sorting_preference
656 657 assert !@jsmith.wants_comments_in_reverse_order?
657 658 @jsmith.pref.comments_sorting = 'asc'
658 659 assert !@jsmith.wants_comments_in_reverse_order?
659 660 @jsmith.pref.comments_sorting = 'desc'
660 661 assert @jsmith.wants_comments_in_reverse_order?
661 662 end
662 663
663 664 def test_find_by_mail_should_be_case_insensitive
664 665 u = User.find_by_mail('JSmith@somenet.foo')
665 666 assert_not_nil u
666 667 assert_equal 'jsmith@somenet.foo', u.mail
667 668 end
668 669
669 670 def test_random_password
670 671 u = User.new
671 672 u.random_password
672 673 assert !u.password.blank?
673 674 assert !u.password_confirmation.blank?
674 675 end
675 676
676 677 context "#change_password_allowed?" do
677 678 should "be allowed if no auth source is set" do
678 679 user = User.generate_with_protected!
679 680 assert user.change_password_allowed?
680 681 end
681 682
682 683 should "delegate to the auth source" do
683 684 user = User.generate_with_protected!
684 685
685 686 allowed_auth_source = AuthSource.generate!
686 687 def allowed_auth_source.allow_password_changes?; true; end
687 688
688 689 denied_auth_source = AuthSource.generate!
689 690 def denied_auth_source.allow_password_changes?; false; end
690 691
691 692 assert user.change_password_allowed?
692 693
693 694 user.auth_source = allowed_auth_source
694 695 assert user.change_password_allowed?, "User not allowed to change password, though auth source does"
695 696
696 697 user.auth_source = denied_auth_source
697 698 assert !user.change_password_allowed?, "User allowed to change password, though auth source does not"
698 699 end
699 700
700 701 end
701 702
702 703 context "#allowed_to?" do
703 704 context "with a unique project" do
704 705 should "return false if project is archived" do
705 706 project = Project.find(1)
706 707 Project.any_instance.stubs(:status).returns(Project::STATUS_ARCHIVED)
707 708 assert ! @admin.allowed_to?(:view_issues, Project.find(1))
708 709 end
709 710
710 711 should "return false if related module is disabled" do
711 712 project = Project.find(1)
712 713 project.enabled_module_names = ["issue_tracking"]
713 714 assert @admin.allowed_to?(:add_issues, project)
714 715 assert ! @admin.allowed_to?(:view_wiki_pages, project)
715 716 end
716 717
717 718 should "authorize nearly everything for admin users" do
718 719 project = Project.find(1)
719 720 assert ! @admin.member_of?(project)
720 721 %w(edit_issues delete_issues manage_news manage_documents manage_wiki).each do |p|
721 722 assert @admin.allowed_to?(p.to_sym, project)
722 723 end
723 724 end
724 725
725 726 should "authorize normal users depending on their roles" do
726 727 project = Project.find(1)
727 728 assert @jsmith.allowed_to?(:delete_messages, project) #Manager
728 729 assert ! @dlopper.allowed_to?(:delete_messages, project) #Developper
729 730 end
730 731 end
731 732
732 733 context "with multiple projects" do
733 734 should "return false if array is empty" do
734 735 assert ! @admin.allowed_to?(:view_project, [])
735 736 end
736 737
737 738 should "return true only if user has permission on all these projects" do
738 739 assert @admin.allowed_to?(:view_project, Project.all)
739 740 assert ! @dlopper.allowed_to?(:view_project, Project.all) #cannot see Project(2)
740 741 assert @jsmith.allowed_to?(:edit_issues, @jsmith.projects) #Manager or Developer everywhere
741 742 assert ! @jsmith.allowed_to?(:delete_issue_watchers, @jsmith.projects) #Dev cannot delete_issue_watchers
742 743 end
743 744
744 745 should "behave correctly with arrays of 1 project" do
745 746 assert ! User.anonymous.allowed_to?(:delete_issues, [Project.first])
746 747 end
747 748 end
748 749
749 750 context "with options[:global]" do
750 751 should "authorize if user has at least one role that has this permission" do
751 752 @dlopper2 = User.find(5) #only Developper on a project, not Manager anywhere
752 753 @anonymous = User.find(6)
753 754 assert @jsmith.allowed_to?(:delete_issue_watchers, nil, :global => true)
754 755 assert ! @dlopper2.allowed_to?(:delete_issue_watchers, nil, :global => true)
755 756 assert @dlopper2.allowed_to?(:add_issues, nil, :global => true)
756 757 assert ! @anonymous.allowed_to?(:add_issues, nil, :global => true)
757 758 assert @anonymous.allowed_to?(:view_issues, nil, :global => true)
758 759 end
759 760 end
760 761 end
761 762
762 763 context "User#notify_about?" do
763 764 context "Issues" do
764 765 setup do
765 766 @project = Project.find(1)
766 767 @author = User.generate_with_protected!
767 768 @assignee = User.generate_with_protected!
768 769 @issue = Issue.generate_for_project!(@project, :assigned_to => @assignee, :author => @author)
769 770 end
770 771
771 772 should "be true for a user with :all" do
772 773 @author.update_attribute(:mail_notification, 'all')
773 774 assert @author.notify_about?(@issue)
774 775 end
775 776
776 777 should "be false for a user with :none" do
777 778 @author.update_attribute(:mail_notification, 'none')
778 779 assert ! @author.notify_about?(@issue)
779 780 end
780 781
781 782 should "be false for a user with :only_my_events and isn't an author, creator, or assignee" do
782 783 @user = User.generate_with_protected!(:mail_notification => 'only_my_events')
783 784 Member.create!(:user => @user, :project => @project, :role_ids => [1])
784 785 assert ! @user.notify_about?(@issue)
785 786 end
786 787
787 788 should "be true for a user with :only_my_events and is the author" do
788 789 @author.update_attribute(:mail_notification, 'only_my_events')
789 790 assert @author.notify_about?(@issue)
790 791 end
791 792
792 793 should "be true for a user with :only_my_events and is the assignee" do
793 794 @assignee.update_attribute(:mail_notification, 'only_my_events')
794 795 assert @assignee.notify_about?(@issue)
795 796 end
796 797
797 798 should "be true for a user with :only_assigned and is the assignee" do
798 799 @assignee.update_attribute(:mail_notification, 'only_assigned')
799 800 assert @assignee.notify_about?(@issue)
800 801 end
801 802
802 803 should "be false for a user with :only_assigned and is not the assignee" do
803 804 @author.update_attribute(:mail_notification, 'only_assigned')
804 805 assert ! @author.notify_about?(@issue)
805 806 end
806 807
807 808 should "be true for a user with :only_owner and is the author" do
808 809 @author.update_attribute(:mail_notification, 'only_owner')
809 810 assert @author.notify_about?(@issue)
810 811 end
811 812
812 813 should "be false for a user with :only_owner and is not the author" do
813 814 @assignee.update_attribute(:mail_notification, 'only_owner')
814 815 assert ! @assignee.notify_about?(@issue)
815 816 end
816 817
817 818 should "be true for a user with :selected and is the author" do
818 819 @author.update_attribute(:mail_notification, 'selected')
819 820 assert @author.notify_about?(@issue)
820 821 end
821 822
822 823 should "be true for a user with :selected and is the assignee" do
823 824 @assignee.update_attribute(:mail_notification, 'selected')
824 825 assert @assignee.notify_about?(@issue)
825 826 end
826 827
827 828 should "be false for a user with :selected and is not the author or assignee" do
828 829 @user = User.generate_with_protected!(:mail_notification => 'selected')
829 830 Member.create!(:user => @user, :project => @project, :role_ids => [1])
830 831 assert ! @user.notify_about?(@issue)
831 832 end
832 833 end
833 834
834 835 context "other events" do
835 836 should 'be added and tested'
836 837 end
837 838 end
838 839
839 840 def test_salt_unsalted_passwords
840 841 # Restore a user with an unsalted password
841 842 user = User.find(1)
842 843 user.salt = nil
843 844 user.hashed_password = User.hash_password("unsalted")
844 845 user.save!
845 846
846 847 User.salt_unsalted_passwords!
847 848
848 849 user.reload
849 850 # Salt added
850 851 assert !user.salt.blank?
851 852 # Password still valid
852 853 assert user.check_password?("unsalted")
853 854 assert_equal user, User.try_to_login(user.login, "unsalted")
854 855 end
855 856
856 857 if Object.const_defined?(:OpenID)
857 858
858 859 def test_setting_identity_url
859 860 normalized_open_id_url = 'http://example.com/'
860 861 u = User.new( :identity_url => 'http://example.com/' )
861 862 assert_equal normalized_open_id_url, u.identity_url
862 863 end
863 864
864 865 def test_setting_identity_url_without_trailing_slash
865 866 normalized_open_id_url = 'http://example.com/'
866 867 u = User.new( :identity_url => 'http://example.com' )
867 868 assert_equal normalized_open_id_url, u.identity_url
868 869 end
869 870
870 871 def test_setting_identity_url_without_protocol
871 872 normalized_open_id_url = 'http://example.com/'
872 873 u = User.new( :identity_url => 'example.com' )
873 874 assert_equal normalized_open_id_url, u.identity_url
874 875 end
875 876
876 877 def test_setting_blank_identity_url
877 878 u = User.new( :identity_url => 'example.com' )
878 879 u.identity_url = ''
879 880 assert u.identity_url.blank?
880 881 end
881 882
882 883 def test_setting_invalid_identity_url
883 884 u = User.new( :identity_url => 'this is not an openid url' )
884 885 assert u.identity_url.blank?
885 886 end
886 887
887 888 else
888 889 puts "Skipping openid tests."
889 890 end
890 891
891 892 end
General Comments 0
You need to be logged in to leave comments. Login now