2011-05-30 00:11:52 +04:00
|
|
|
#-- copyright
|
|
|
|
# ChiliProject is a project management system.
|
2011-05-30 22:52:25 +04:00
|
|
|
#
|
2011-05-30 00:11:52 +04:00
|
|
|
# Copyright (C) 2010-2011 the ChiliProject Team
|
2011-05-30 22:52:25 +04:00
|
|
|
#
|
2006-07-09 20:30:01 +04:00
|
|
|
# This program is free software; you can redistribute it and/or
|
|
|
|
# modify it under the terms of the GNU General Public License
|
|
|
|
# as published by the Free Software Foundation; either version 2
|
|
|
|
# of the License, or (at your option) any later version.
|
2011-05-30 22:52:25 +04:00
|
|
|
#
|
2011-05-30 00:11:52 +04:00
|
|
|
# See doc/COPYRIGHT.rdoc for more details.
|
|
|
|
#++
|
2010-12-13 02:24:34 +03:00
|
|
|
require File.expand_path('../../test_helper', __FILE__)
|
2006-07-09 20:30:01 +04:00
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
begin
|
|
|
|
require 'mocha'
|
|
|
|
rescue
|
|
|
|
# Won't run some tests
|
|
|
|
end
|
|
|
|
|
2006-07-09 20:30:01 +04:00
|
|
|
class AccountTest < ActionController::IntegrationTest
|
2009-12-06 13:28:20 +03:00
|
|
|
fixtures :users, :roles
|
2006-07-09 20:30:01 +04:00
|
|
|
|
|
|
|
# Replace this with your real tests.
|
|
|
|
def test_login
|
2006-12-03 22:55:45 +03:00
|
|
|
get "my/page"
|
2009-02-21 14:04:50 +03:00
|
|
|
assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fmy%2Fpage"
|
2006-07-29 13:32:58 +04:00
|
|
|
log_user('jsmith', 'jsmith')
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2006-12-03 22:55:45 +03:00
|
|
|
get "my/account"
|
2006-07-09 20:30:01 +04:00
|
|
|
assert_response :success
|
2011-05-30 22:52:25 +04:00
|
|
|
assert_template "my/account"
|
2006-07-09 20:30:01 +04:00
|
|
|
end
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2009-02-25 17:59:33 +03:00
|
|
|
def test_autologin
|
|
|
|
user = User.find(1)
|
|
|
|
Setting.autologin = "7"
|
|
|
|
Token.delete_all
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2009-02-25 17:59:33 +03:00
|
|
|
# User logs in with 'autologin' checked
|
|
|
|
post '/login', :username => user.login, :password => 'admin', :autologin => 1
|
2010-11-14 19:45:32 +03:00
|
|
|
assert_redirected_to '/my/page'
|
2009-02-25 17:59:33 +03:00
|
|
|
token = Token.find :first
|
|
|
|
assert_not_nil token
|
|
|
|
assert_equal user, token.user
|
|
|
|
assert_equal 'autologin', token.action
|
|
|
|
assert_equal user.id, session[:user_id]
|
2011-03-20 12:18:17 +03:00
|
|
|
assert_equal token.value, cookies[Redmine::Configuration['autologin_cookie_name']]
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2009-02-25 17:59:33 +03:00
|
|
|
# Session is cleared
|
|
|
|
reset!
|
|
|
|
User.current = nil
|
|
|
|
# Clears user's last login timestamp
|
|
|
|
user.update_attribute :last_login_on, nil
|
|
|
|
assert_nil user.reload.last_login_on
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2009-02-25 17:59:33 +03:00
|
|
|
# User comes back with his autologin cookie
|
2011-03-20 12:18:17 +03:00
|
|
|
cookies[Redmine::Configuration['autologin_cookie_name']] = token.value
|
2009-02-25 17:59:33 +03:00
|
|
|
get '/my/page'
|
|
|
|
assert_response :success
|
|
|
|
assert_template 'my/page'
|
|
|
|
assert_equal user.id, session[:user_id]
|
|
|
|
assert_not_nil user.reload.last_login_on
|
2009-03-28 15:30:48 +03:00
|
|
|
assert user.last_login_on.utc > 10.second.ago.utc
|
2009-02-25 17:59:33 +03:00
|
|
|
end
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2006-07-29 13:32:58 +04:00
|
|
|
def test_lost_password
|
2007-02-02 18:20:49 +03:00
|
|
|
Token.delete_all
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2006-07-29 13:32:58 +04:00
|
|
|
get "account/lost_password"
|
|
|
|
assert_response :success
|
|
|
|
assert_template "account/lost_password"
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2008-12-12 15:07:09 +03:00
|
|
|
post "account/lost_password", :mail => 'jSmith@somenet.foo'
|
2011-04-21 03:23:40 +04:00
|
|
|
assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2F"
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2006-07-29 13:32:58 +04:00
|
|
|
token = Token.find(:first)
|
|
|
|
assert_equal 'recovery', token.action
|
|
|
|
assert_equal 'jsmith@somenet.foo', token.user.mail
|
|
|
|
assert !token.expired?
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2006-07-29 13:32:58 +04:00
|
|
|
get "account/lost_password", :token => token.value
|
|
|
|
assert_response :success
|
|
|
|
assert_template "account/password_recovery"
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2006-07-29 13:32:58 +04:00
|
|
|
post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
|
2009-02-21 14:04:50 +03:00
|
|
|
assert_redirected_to "/login"
|
2006-07-29 13:32:58 +04:00
|
|
|
assert_equal 'Password was successfully updated.', flash[:notice]
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2006-07-29 13:32:58 +04:00
|
|
|
log_user('jsmith', 'newpass')
|
2011-05-30 22:52:25 +04:00
|
|
|
assert_equal 0, Token.count
|
2007-11-18 20:46:55 +03:00
|
|
|
end
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2007-11-18 20:46:55 +03:00
|
|
|
def test_register_with_automatic_activation
|
|
|
|
Setting.self_registration = '3'
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2007-11-18 20:46:55 +03:00
|
|
|
get 'account/register'
|
|
|
|
assert_response :success
|
|
|
|
assert_template 'account/register'
|
2011-05-30 22:52:25 +04:00
|
|
|
|
|
|
|
post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
|
2007-11-18 20:46:55 +03:00
|
|
|
:password => "newpass", :password_confirmation => "newpass"
|
2010-11-14 19:45:32 +03:00
|
|
|
assert_redirected_to '/my/account'
|
2008-06-09 22:59:15 +04:00
|
|
|
follow_redirect!
|
|
|
|
assert_response :success
|
|
|
|
assert_template 'my/account'
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2009-03-15 13:49:18 +03:00
|
|
|
user = User.find_by_login('newuser')
|
|
|
|
assert_not_nil user
|
|
|
|
assert user.active?
|
|
|
|
assert_not_nil user.last_login_on
|
2007-11-18 20:46:55 +03:00
|
|
|
end
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2007-11-18 20:46:55 +03:00
|
|
|
def test_register_with_manual_activation
|
|
|
|
Setting.self_registration = '2'
|
2011-05-30 22:52:25 +04:00
|
|
|
|
|
|
|
post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
|
2007-11-18 20:46:55 +03:00
|
|
|
:password => "newpass", :password_confirmation => "newpass"
|
2009-02-21 14:04:50 +03:00
|
|
|
assert_redirected_to '/login'
|
2007-11-18 20:46:55 +03:00
|
|
|
assert !User.find_by_login('newuser').active?
|
|
|
|
end
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2007-11-18 20:46:55 +03:00
|
|
|
def test_register_with_email_activation
|
|
|
|
Setting.self_registration = '1'
|
|
|
|
Token.delete_all
|
2011-05-30 22:52:25 +04:00
|
|
|
|
|
|
|
post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
|
2007-11-18 20:46:55 +03:00
|
|
|
:password => "newpass", :password_confirmation => "newpass"
|
2009-02-21 14:04:50 +03:00
|
|
|
assert_redirected_to '/login'
|
2007-11-18 20:46:55 +03:00
|
|
|
assert !User.find_by_login('newuser').active?
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2007-11-18 20:46:55 +03:00
|
|
|
token = Token.find(:first)
|
|
|
|
assert_equal 'register', token.action
|
|
|
|
assert_equal 'newuser@foo.bar', token.user.mail
|
|
|
|
assert !token.expired?
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2007-11-18 20:46:55 +03:00
|
|
|
get 'account/activate', :token => token.value
|
2009-02-21 14:04:50 +03:00
|
|
|
assert_redirected_to '/login'
|
2007-11-18 20:46:55 +03:00
|
|
|
log_user('newuser', 'newpass')
|
|
|
|
end
|
2011-04-21 03:23:40 +04:00
|
|
|
|
|
|
|
should_eventually "login after losing password should redirect back to home" do
|
|
|
|
visit "/login"
|
|
|
|
assert_response :success
|
|
|
|
|
|
|
|
click_link "Lost password"
|
|
|
|
assert_response :success
|
|
|
|
|
|
|
|
# Lost password form
|
|
|
|
fill_in "mail", :with => "admin@somenet.foo"
|
|
|
|
click_button "Submit"
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2011-04-21 03:23:40 +04:00
|
|
|
assert_response :success # back to login page
|
|
|
|
assert_equal "/login", current_path
|
|
|
|
|
|
|
|
fill_in "Login:", :with => 'admin'
|
|
|
|
fill_in "Password:", :with => 'test'
|
|
|
|
click_button "login"
|
|
|
|
|
|
|
|
assert_response :success
|
|
|
|
assert_equal "/", current_path
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2011-04-21 03:23:40 +04:00
|
|
|
end
|
2011-05-30 22:52:25 +04:00
|
|
|
|
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
if Object.const_defined?(:Mocha)
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
def test_onthefly_registration
|
|
|
|
# disable registration
|
|
|
|
Setting.self_registration = '0'
|
2010-02-26 12:13:12 +03:00
|
|
|
AuthSource.expects(:authenticate).returns({:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66})
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
post 'account/login', :username => 'foo', :password => 'bar'
|
2010-11-14 19:45:32 +03:00
|
|
|
assert_redirected_to '/my/page'
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
user = User.find_by_login('foo')
|
|
|
|
assert user.is_a?(User)
|
|
|
|
assert_equal 66, user.auth_source_id
|
|
|
|
assert user.hashed_password.blank?
|
|
|
|
end
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
def test_onthefly_registration_with_invalid_attributes
|
|
|
|
# disable registration
|
|
|
|
Setting.self_registration = '0'
|
2010-02-26 12:13:12 +03:00
|
|
|
AuthSource.expects(:authenticate).returns({:login => 'foo', :lastname => 'Smith', :auth_source_id => 66})
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
post 'account/login', :username => 'foo', :password => 'bar'
|
|
|
|
assert_response :success
|
|
|
|
assert_template 'account/register'
|
|
|
|
assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
|
|
|
|
assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
|
|
|
|
assert_no_tag :input, :attributes => { :name => 'user[login]' }
|
|
|
|
assert_no_tag :input, :attributes => { :name => 'user[password]' }
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
|
2009-02-21 14:04:50 +03:00
|
|
|
assert_redirected_to '/my/account'
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
user = User.find_by_login('foo')
|
|
|
|
assert user.is_a?(User)
|
|
|
|
assert_equal 66, user.auth_source_id
|
|
|
|
assert user.hashed_password.blank?
|
|
|
|
end
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2009-11-21 13:02:39 +03:00
|
|
|
def test_login_and_logout_should_clear_session
|
|
|
|
get '/login'
|
|
|
|
sid = session[:session_id]
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2009-11-21 13:02:39 +03:00
|
|
|
post '/login', :username => 'admin', :password => 'admin'
|
2010-11-14 19:45:32 +03:00
|
|
|
assert_redirected_to '/my/page'
|
2009-11-21 13:02:39 +03:00
|
|
|
assert_not_equal sid, session[:session_id], "login should reset session"
|
|
|
|
assert_equal 1, session[:user_id]
|
|
|
|
sid = session[:session_id]
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2009-11-21 13:02:39 +03:00
|
|
|
get '/'
|
|
|
|
assert_equal sid, session[:session_id]
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2009-11-21 13:02:39 +03:00
|
|
|
get '/logout'
|
|
|
|
assert_not_equal sid, session[:session_id], "logout should reset session"
|
|
|
|
assert_nil session[:user_id]
|
|
|
|
end
|
2011-05-30 22:52:25 +04:00
|
|
|
|
2008-07-19 14:47:19 +04:00
|
|
|
else
|
|
|
|
puts 'Mocha is missing. Skipping tests.'
|
|
|
|
end
|
2006-07-09 20:30:01 +04:00
|
|
|
end
|