]> git.openstreetmap.org Git - rails.git/blob - test/integration/user_creation_test.rb
Merge remote-tracking branch 'upstream/pull/4455'
[rails.git] / test / integration / user_creation_test.rb
1 require "test_helper"
2
3 class UserCreationTest < ActionDispatch::IntegrationTest
4   def setup
5     OmniAuth.config.test_mode = true
6
7     stub_request(:get, /.*gravatar.com.*d=404/).to_return(:status => 404)
8   end
9
10   def teardown
11     OmniAuth.config.mock_auth[:openid] = nil
12     OmniAuth.config.mock_auth[:google] = nil
13     OmniAuth.config.mock_auth[:facebook] = nil
14     OmniAuth.config.mock_auth[:microsoft] = nil
15     OmniAuth.config.mock_auth[:github] = nil
16     OmniAuth.config.mock_auth[:wikipedia] = nil
17     OmniAuth.config.test_mode = false
18   end
19
20   def test_create_user_form
21     get "/user/new"
22     follow_redirect!
23     assert_response :success
24     assert_template "users/new"
25   end
26
27   def test_user_create_submit_duplicate_email
28     dup_email = create(:user).email
29     display_name = "new_tester"
30     assert_difference("User.count", 0) do
31       assert_difference("ActionMailer::Base.deliveries.size", 0) do
32         perform_enqueued_jobs do
33           post "/user/new",
34                :params => { :user => { :email => dup_email,
35                                        :display_name => display_name,
36                                        :pass_crypt => "testtest",
37                                        :pass_crypt_confirmation => "testtest",
38                                        :consider_pd => "1" } }
39         end
40       end
41     end
42     assert_response :success
43     assert_template "users/new"
44     assert_select "form"
45     assert_select "form > div > input.is-invalid#user_email"
46   end
47
48   def test_user_create_association_bad_auth_provider
49     assert_difference("User.count", 0) do
50       assert_no_difference("ActionMailer::Base.deliveries.size") do
51         perform_enqueued_jobs do
52           post "/user/new",
53                :params => { :user => { :email => "test@example.com",
54                                        :display_name => "new_tester",
55                                        :pass_crypt => "testtest",
56                                        :pass_crypt_confirmation => "testtest",
57                                        :auth_provider => "noprovider",
58                                        :auth_uid => "123454321",
59                                        :consider_pd => "1" } }
60           assert_redirected_to auth_path(:provider => "noprovider", :origin => "/user/new")
61           post response.location
62         end
63       end
64     end
65     assert_response :not_found
66   end
67
68   def test_user_create_association_no_auth_uid
69     OmniAuth.config.mock_auth[:google] = :invalid_credentials
70     assert_difference("User.count", 0) do
71       assert_no_difference("ActionMailer::Base.deliveries.size") do
72         perform_enqueued_jobs do
73           post "/user/new",
74                :params => { :user => { :email => "test@example.com",
75                                        :display_name => "new_tester",
76                                        :pass_crypt => "testtest",
77                                        :pass_crypt_confirmation => "testtest",
78                                        :auth_provider => "google",
79                                        :consider_pd => "1" } }
80           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
81           post response.location
82         end
83       end
84     end
85     follow_redirect!
86     assert_redirected_to auth_failure_path(:strategy => "google", :message => "invalid_credentials", :origin => "/user/new")
87   end
88
89   def test_user_create_association_submit_duplicate_email
90     dup_email = create(:user).email
91     display_name = "new_tester"
92     assert_difference("User.count", 0) do
93       assert_no_difference("ActionMailer::Base.deliveries.size") do
94         perform_enqueued_jobs do
95           post "/user/new",
96                :params => { :user => { :email => dup_email,
97                                        :display_name => display_name,
98                                        :pass_crypt => "testtest",
99                                        :pass_crypt_confirmation => "testtest",
100                                        :auth_provider => "google",
101                                        :auth_uid => "123454321",
102                                        :consider_pd => "1" } }
103         end
104       end
105     end
106     assert_response :success
107     assert_template "users/new"
108     assert_select "form"
109     assert_select "form > div > input.is-invalid#user_email"
110   end
111
112   def test_user_create_submit_duplicate_username
113     dup_display_name = create(:user).display_name
114     email = "new_tester"
115     assert_difference("User.count", 0) do
116       assert_difference("ActionMailer::Base.deliveries.size", 0) do
117         perform_enqueued_jobs do
118           post "/user/new",
119                :params => { :user => { :email => email,
120                                        :display_name => dup_display_name,
121                                        :pass_crypt => "testtest",
122                                        :pass_crypt_confirmation => "testtest" } }
123         end
124       end
125     end
126     assert_response :success
127     assert_template "users/new"
128     assert_select "form > div > input.is-invalid#user_display_name"
129   end
130
131   def test_user_create_submit_mismatched_passwords
132     email = "newtester@osm.org"
133     display_name = "new_tester"
134     assert_difference("User.count", 0) do
135       assert_difference("ActionMailer::Base.deliveries.size", 0) do
136         perform_enqueued_jobs do
137           post "/user/new",
138                :params => { :user => { :email => email,
139                                        :display_name => display_name,
140                                        :pass_crypt => "testtest",
141                                        :pass_crypt_confirmation => "blahblah",
142                                        :consider_pd => "1" } }
143         end
144       end
145     end
146     assert_response :success
147     assert_template "users/new"
148     assert_select "form > div > div > div > input.is-invalid#user_pass_crypt_confirmation"
149   end
150
151   def test_user_create_association_submit_duplicate_username
152     dup_display_name = create(:user).display_name
153     email = "new_tester"
154     assert_difference("User.count", 0) do
155       assert_no_difference("ActionMailer::Base.deliveries.size") do
156         perform_enqueued_jobs do
157           post "/user/new",
158                :params => { :user => { :email => email,
159                                        :display_name => dup_display_name,
160                                        :auth_provider => "google",
161                                        :auth_uid => "123454321",
162                                        :consider_pd => "1" } }
163         end
164       end
165     end
166     assert_response :success
167     assert_template "users/new"
168     assert_select "form > div > input.is-invalid#user_display_name"
169   end
170
171   def test_user_create_success
172     new_email = "newtester@osm.org"
173     display_name = "new_tester"
174
175     assert_difference("User.count", 1) do
176       assert_difference("ActionMailer::Base.deliveries.size", 1) do
177         perform_enqueued_jobs do
178           post "/user/new",
179                :params => { :user => { :email => new_email,
180                                        :display_name => display_name,
181                                        :pass_crypt => "testtest",
182                                        :pass_crypt_confirmation => "testtest",
183                                        :consider_pd => "1" } }
184           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
185           follow_redirect!
186         end
187       end
188     end
189
190     assert_response :success
191     assert_template "confirmations/confirm"
192
193     user = User.find_by(:email => "newtester@osm.org")
194     assert_not_nil user
195     assert_not_predicate user, :active?
196
197     register_email = ActionMailer::Base.deliveries.first
198     assert_equal register_email.to.first, new_email
199     found_confirmation_url = register_email.parts.first.parts.first.to_s =~ %r{\shttp://test.host(/\S+)\s}
200     assert found_confirmation_url
201     confirmation_url = Regexp.last_match(1)
202     ActionMailer::Base.deliveries.clear
203
204     post confirmation_url
205
206     assert_redirected_to welcome_path
207
208     user.reload
209     assert_predicate user, :active?
210
211     assert_equal user, User.authenticate(:username => new_email, :password => "testtest")
212   end
213
214   # Check that the user can successfully recover their password
215   def test_lost_password_recovery_success
216     # Open the lost password form
217     # Submit the lost password form
218     # Check the e-mail
219     # Submit the reset password token
220     # Check that the password has changed, and the user can login
221   end
222
223   def test_user_create_redirect
224     new_email = "redirect_tester@osm.org"
225     display_name = "redirect_tester"
226     password = "testtest"
227     # nothing special about this page, just need a protected page to redirect back to.
228     referer = "/traces/mine"
229     assert_difference("User.count") do
230       assert_difference("ActionMailer::Base.deliveries.size", 1) do
231         perform_enqueued_jobs do
232           post "/user/new",
233                :params => { :user => { :email => new_email,
234                                        :display_name => display_name,
235                                        :pass_crypt => password,
236                                        :pass_crypt_confirmation => password,
237                                        :consider_pd => "1" },
238                             :referer => referer }
239           assert_response(:redirect)
240           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
241           follow_redirect!
242         end
243       end
244     end
245
246     # Check the e-mail
247     register_email = ActionMailer::Base.deliveries.first
248
249     assert_equal register_email.to.first, new_email
250     # Check that the confirm account url is correct
251     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
252     email_text_parts(register_email).each do |part|
253       assert_match confirm_regex, part.body.to_s
254     end
255     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
256
257     # Check the page
258     assert_response :success
259     assert_template "confirmations/confirm"
260
261     ActionMailer::Base.deliveries.clear
262
263     # Go to the confirmation page
264     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
265     assert_response :success
266     assert_template "confirmations/confirm"
267
268     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
269     assert_response :redirect
270     follow_redirect!
271     assert_response :success
272     assert_template "site/welcome"
273   end
274
275   def test_user_create_openid_success
276     new_email = "newtester-openid@osm.org"
277     display_name = "new_tester-openid"
278     auth_uid = "http://localhost:1123/new.tester"
279
280     OmniAuth.config.add_mock(:openid,
281                              :uid => auth_uid,
282                              :info => { :email => new_email, :name => display_name })
283
284     assert_difference("User.count") do
285       assert_difference("ActionMailer::Base.deliveries.size", 1) do
286         perform_enqueued_jobs do
287           post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
288           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
289           follow_redirect!
290           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email,
291                                :auth_provider => "openid", :auth_uid => auth_uid
292           follow_redirect!
293           post "/user/new",
294                :params => { :user => { :email => new_email,
295                                        :display_name => display_name,
296                                        :auth_provider => "openid",
297                                        :auth_uid => "http://localhost:1123/new.tester",
298                                        :consider_pd => "1" } }
299           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
300           post response.location
301           follow_redirect!
302         end
303       end
304     end
305
306     # Check the page
307     assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
308
309     ActionMailer::Base.deliveries.clear
310   end
311
312   def test_user_create_openid_duplicate_email
313     dup_user = create(:user)
314     display_name = "new_tester-openid"
315     auth_uid = "123454321"
316
317     OmniAuth.config.add_mock(:openid,
318                              :uid => auth_uid,
319                              :info => { :email => dup_user.email, :name => display_name })
320
321     post auth_path(:provider => "openid", :origin => "/user/new")
322     assert_redirected_to auth_success_path(:provider => "openid", :origin => "/user/new")
323     follow_redirect!
324     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
325                          :auth_provider => "openid", :auth_uid => auth_uid
326     follow_redirect!
327
328     assert_response :success
329     assert_template "users/new"
330     assert_select "form > div > input.is-invalid#user_email"
331
332     ActionMailer::Base.deliveries.clear
333   end
334
335   def test_user_create_openid_failure
336     OmniAuth.config.mock_auth[:openid] = :connection_failed
337
338     new_email = "newtester-openid2@osm.org"
339     display_name = "new_tester-openid2"
340     assert_difference("User.count", 0) do
341       assert_difference("ActionMailer::Base.deliveries.size", 0) do
342         perform_enqueued_jobs do
343           post "/user/new",
344                :params => { :user => { :email => new_email,
345                                        :email_confirmation => new_email,
346                                        :display_name => display_name,
347                                        :auth_provider => "openid",
348                                        :auth_uid => "http://localhost:1123/new.tester",
349                                        :pass_crypt => "",
350                                        :pass_crypt_confirmation => "" } }
351           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
352           post response.location
353           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
354           follow_redirect!
355           assert_redirected_to auth_failure_path(:strategy => "openid", :message => "connection_failed", :origin => "/user/new")
356           follow_redirect!
357           assert_redirected_to "/user/new"
358         end
359       end
360     end
361
362     ActionMailer::Base.deliveries.clear
363   end
364
365   def test_user_create_openid_redirect
366     auth_uid = "http://localhost:1123/new.tester"
367     new_email = "redirect_tester_openid@osm.org"
368     display_name = "redirect_tester_openid"
369
370     OmniAuth.config.add_mock(:openid,
371                              :uid => auth_uid,
372                              :info => { :email => new_email, :name => display_name })
373
374     assert_difference("User.count") do
375       assert_difference("ActionMailer::Base.deliveries.size", 1) do
376         perform_enqueued_jobs do
377           post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
378           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
379           follow_redirect!
380           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email,
381                                :auth_provider => "openid", :auth_uid => auth_uid
382           follow_redirect!
383           post "/user/new",
384                :params => { :user => { :email => new_email,
385                                        :display_name => display_name,
386                                        :auth_provider => "openid",
387                                        :auth_uid => auth_uid,
388                                        :consider_pd => "1" } }
389           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
390           post response.location
391           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
392           follow_redirect!
393           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
394           follow_redirect!
395         end
396       end
397     end
398
399     # Check the e-mail
400     register_email = ActionMailer::Base.deliveries.first
401
402     assert_equal register_email.to.first, new_email
403     # Check that the confirm account url is correct
404     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
405     email_text_parts(register_email).each do |part|
406       assert_match confirm_regex, part.body.to_s
407     end
408     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
409
410     # Check the page
411     assert_response :success
412     assert_template "confirmations/confirm"
413
414     ActionMailer::Base.deliveries.clear
415
416     # Go to the confirmation page
417     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
418     assert_response :success
419     assert_template "confirmations/confirm"
420
421     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
422     assert_response :redirect
423     follow_redirect!
424     assert_response :success
425     assert_template "site/welcome"
426   end
427
428   def test_user_create_google_success
429     new_email = "newtester-google@osm.org"
430     email_hmac = UsersController.message_hmac(new_email)
431     display_name = "new_tester-google"
432     auth_uid = "123454321"
433
434     OmniAuth.config.add_mock(:google,
435                              :uid => auth_uid,
436                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
437                              :info => { :email => new_email, :name => display_name })
438
439     assert_difference("User.count") do
440       assert_no_difference("ActionMailer::Base.deliveries.size") do
441         perform_enqueued_jobs do
442           post auth_path(:provider => "google", :origin => "/user/new")
443           assert_redirected_to auth_success_path(:provider => "google")
444           follow_redirect!
445           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
446                                :email => new_email, :email_hmac => email_hmac,
447                                :auth_provider => "google", :auth_uid => auth_uid
448           follow_redirect!
449
450           post "/user/new",
451                :params => { :user => { :email => new_email,
452                                        :display_name => display_name,
453                                        :auth_provider => "google",
454                                        :auth_uid => auth_uid,
455                                        :consider_pd => "1" },
456                             :email_hmac => email_hmac }
457           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
458           post response.location
459           assert_redirected_to auth_success_path(:provider => "google")
460           follow_redirect!
461           assert_redirected_to welcome_path
462           follow_redirect!
463         end
464       end
465     end
466
467     # Check the page
468     assert_response :success
469     assert_template "site/welcome"
470
471     ActionMailer::Base.deliveries.clear
472   end
473
474   def test_user_create_google_duplicate_email
475     dup_user = create(:user)
476     display_name = "new_tester-google"
477     auth_uid = "123454321"
478
479     OmniAuth.config.add_mock(:google,
480                              :uid => auth_uid,
481                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
482                              :info => { :email => dup_user.email, :name => display_name })
483
484     post auth_path(:provider => "google", :origin => "/user/new")
485     assert_redirected_to auth_success_path(:provider => "google")
486     follow_redirect!
487     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
488                          :email_hmac => UsersController.message_hmac(dup_user.email),
489                          :auth_provider => "google", :auth_uid => auth_uid
490     follow_redirect!
491
492     assert_response :success
493     assert_template "users/new"
494     assert_select "form > div > input.is-invalid#user_email"
495
496     ActionMailer::Base.deliveries.clear
497   end
498
499   def test_user_create_google_failure
500     OmniAuth.config.mock_auth[:google] = :connection_failed
501
502     new_email = "newtester-google2@osm.org"
503     display_name = "new_tester-google2"
504     assert_difference("User.count", 0) do
505       assert_difference("ActionMailer::Base.deliveries.size", 0) do
506         perform_enqueued_jobs do
507           post "/user/new",
508                :params => { :user => { :email => new_email,
509                                        :email_confirmation => new_email,
510                                        :display_name => display_name,
511                                        :auth_provider => "google",
512                                        :auth_uid => "123454321",
513                                        :pass_crypt => "",
514                                        :pass_crypt_confirmation => "" } }
515           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
516           post response.location
517           assert_redirected_to auth_success_path(:provider => "google")
518           follow_redirect!
519           assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new")
520           follow_redirect!
521           assert_redirected_to "/user/new"
522         end
523       end
524     end
525
526     ActionMailer::Base.deliveries.clear
527   end
528
529   def test_user_create_google_redirect
530     orig_email = "redirect_tester_google_orig@google.com"
531     email_hmac = UsersController.message_hmac(orig_email)
532     new_email =  "redirect_tester_google@osm.org"
533     display_name = "redirect_tester_google"
534     auth_uid = "123454321"
535
536     OmniAuth.config.add_mock(:google,
537                              :uid => auth_uid,
538                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
539                              :info => { :email => orig_email, :name => display_name })
540
541     assert_difference("User.count") do
542       assert_difference("ActionMailer::Base.deliveries.size", 1) do
543         perform_enqueued_jobs do
544           post auth_path(:provider => "google", :origin => "/user/new")
545           assert_redirected_to auth_success_path(:provider => "google")
546           follow_redirect!
547           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
548                                :email => orig_email, :email_hmac => email_hmac,
549                                :auth_provider => "google", :auth_uid => auth_uid
550           follow_redirect!
551           post "/user/new",
552                :params => { :user => { :email => new_email,
553                                        :email_hmac => email_hmac,
554                                        :display_name => display_name,
555                                        :auth_provider => "google",
556                                        :auth_uid => auth_uid,
557                                        :consider_pd => "1" } }
558           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
559           post response.location
560           assert_redirected_to auth_success_path(:provider => "google")
561           follow_redirect!
562           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
563           follow_redirect!
564         end
565       end
566     end
567
568     # Check the e-mail
569     register_email = ActionMailer::Base.deliveries.first
570
571     assert_equal register_email.to.first, new_email
572     # Check that the confirm account url is correct
573     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
574     email_text_parts(register_email).each do |part|
575       assert_match confirm_regex, part.body.to_s
576     end
577     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
578
579     # Check the page
580     assert_response :success
581     assert_template "confirmations/confirm"
582
583     ActionMailer::Base.deliveries.clear
584
585     # Go to the confirmation page
586     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
587     assert_response :success
588     assert_template "confirmations/confirm"
589
590     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
591     assert_response :redirect
592     follow_redirect!
593     assert_response :success
594     assert_template "site/welcome"
595   end
596
597   def test_user_create_facebook_success
598     new_email = "newtester-facebook@osm.org"
599     email_hmac = UsersController.message_hmac(new_email)
600     display_name = "new_tester-facebook"
601     auth_uid = "123454321"
602
603     OmniAuth.config.add_mock(:facebook,
604                              :uid => auth_uid,
605                              :info => { "email" => new_email, :name => display_name })
606
607     assert_difference("User.count") do
608       assert_no_difference("ActionMailer::Base.deliveries.size") do
609         perform_enqueued_jobs do
610           post auth_path(:provider => "facebook", :origin => "/user/new")
611           assert_redirected_to auth_success_path(:provider => "facebook")
612           follow_redirect!
613           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
614                                :email => new_email, :email_hmac => email_hmac,
615                                :auth_provider => "facebook", :auth_uid => auth_uid
616           follow_redirect!
617
618           post "/user/new",
619                :params => { :user => { :email => new_email,
620                                        :display_name => display_name,
621                                        :auth_provider => "facebook",
622                                        :auth_uid => auth_uid,
623                                        :consider_pd => "1" },
624                             :email_hmac => email_hmac }
625           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
626           post response.location
627           assert_redirected_to auth_success_path(:provider => "facebook")
628           follow_redirect!
629           assert_redirected_to welcome_path
630           follow_redirect!
631         end
632       end
633     end
634
635     # Check the page
636     assert_response :success
637     assert_template "site/welcome"
638
639     ActionMailer::Base.deliveries.clear
640   end
641
642   def test_user_create_facebook_duplicate_email
643     dup_user = create(:user)
644     display_name = "new_tester-facebook"
645     auth_uid = "123454321"
646
647     OmniAuth.config.add_mock(:facebook,
648                              :uid => auth_uid,
649                              :info => { :email => dup_user.email, :name => display_name })
650
651     post auth_path(:provider => "facebook", :origin => "/user/new")
652     assert_redirected_to auth_success_path(:provider => "facebook")
653     follow_redirect!
654     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
655                          :email_hmac => UsersController.message_hmac(dup_user.email),
656                          :auth_provider => "facebook", :auth_uid => auth_uid
657     follow_redirect!
658
659     assert_response :success
660     assert_template "users/new"
661     assert_select "form > div > input.is-invalid#user_email"
662
663     ActionMailer::Base.deliveries.clear
664   end
665
666   def test_user_create_facebook_failure
667     OmniAuth.config.mock_auth[:facebook] = :connection_failed
668
669     new_email = "newtester-facebook2@osm.org"
670     display_name = "new_tester-facebook2"
671     assert_difference("User.count", 0) do
672       assert_difference("ActionMailer::Base.deliveries.size", 0) do
673         perform_enqueued_jobs do
674           post "/user/new",
675                :params => { :user => { :email => new_email,
676                                        :email_confirmation => new_email,
677                                        :display_name => display_name,
678                                        :auth_provider => "facebook",
679                                        :auth_uid => "123454321",
680                                        :pass_crypt => "",
681                                        :pass_crypt_confirmation => "" } }
682           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
683           post response.location
684           assert_redirected_to auth_success_path(:provider => "facebook")
685           follow_redirect!
686           assert_redirected_to auth_failure_path(:strategy => "facebook", :message => "connection_failed", :origin => "/user/new")
687           follow_redirect!
688           assert_redirected_to "/user/new"
689         end
690       end
691     end
692
693     ActionMailer::Base.deliveries.clear
694   end
695
696   def test_user_create_facebook_redirect
697     orig_email = "redirect_tester_facebook_orig@osm.org"
698     email_hmac = UsersController.message_hmac(orig_email)
699     new_email = "redirect_tester_facebook@osm.org"
700     display_name = "redirect_tester_facebook"
701     auth_uid = "123454321"
702
703     OmniAuth.config.add_mock(:facebook,
704                              :uid => auth_uid,
705                              :info => { :email => orig_email, :name => display_name })
706
707     # nothing special about this page, just need a protected page to redirect back to.
708     assert_difference("User.count") do
709       assert_difference("ActionMailer::Base.deliveries.size", 1) do
710         perform_enqueued_jobs do
711           post auth_path(:provider => "facebook", :origin => "/user/new")
712           assert_redirected_to auth_success_path(:provider => "facebook")
713           follow_redirect!
714           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
715                                :email => orig_email, :email_hmac => email_hmac,
716                                :auth_provider => "facebook", :auth_uid => auth_uid
717           follow_redirect!
718
719           post "/user/new",
720                :params => { :user => { :email => new_email,
721                                        :email_hmac => email_hmac,
722                                        :display_name => display_name,
723                                        :auth_provider => "facebook",
724                                        :auth_uid => auth_uid,
725                                        :consider_pd => "1" } }
726           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
727           post response.location
728           assert_redirected_to auth_success_path(:provider => "facebook")
729           follow_redirect!
730           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
731           assert_response :redirect
732           follow_redirect!
733         end
734       end
735     end
736
737     # Check the e-mail
738     register_email = ActionMailer::Base.deliveries.first
739
740     assert_equal register_email.to.first, new_email
741     # Check that the confirm account url is correct
742     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
743     email_text_parts(register_email).each do |part|
744       assert_match confirm_regex, part.body.to_s
745     end
746     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
747
748     # Check the page
749     assert_response :success
750     assert_template "confirmations/confirm"
751
752     ActionMailer::Base.deliveries.clear
753
754     # Go to the confirmation page
755     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
756     assert_response :success
757     assert_template "confirmations/confirm"
758
759     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
760     assert_response :redirect
761     follow_redirect!
762     assert_response :success
763     assert_template "site/welcome"
764   end
765
766   def test_user_create_microsoft_success
767     new_email = "newtester-microsoft@osm.org"
768     email_hmac = UsersController.message_hmac(new_email)
769     display_name = "new_tester-microsoft"
770     auth_uid = "123454321"
771
772     OmniAuth.config.add_mock(:microsoft,
773                              :uid => auth_uid,
774                              :info => { "email" => new_email, :name => display_name })
775
776     assert_difference("User.count") do
777       assert_difference("ActionMailer::Base.deliveries.size", 0) do
778         perform_enqueued_jobs do
779           post auth_path(:provider => "microsoft", :origin => "/user/new")
780           assert_redirected_to auth_success_path(:provider => "microsoft")
781           follow_redirect!
782           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
783                                :email => new_email, :email_hmac => email_hmac,
784                                :auth_provider => "microsoft", :auth_uid => auth_uid
785           follow_redirect!
786           post "/user/new",
787                :params => { :user => { :email => new_email,
788                                        :display_name => display_name,
789                                        :auth_provider => "microsoft",
790                                        :auth_uid => auth_uid,
791                                        :consider_pd => "1" },
792                             :email_hmac => email_hmac }
793           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
794           post response.location
795           assert_redirected_to auth_success_path(:provider => "microsoft")
796           follow_redirect!
797           assert_redirected_to welcome_path
798           follow_redirect!
799         end
800       end
801     end
802
803     # Check the page
804     assert_response :success
805     assert_template "site/welcome"
806
807     ActionMailer::Base.deliveries.clear
808   end
809
810   def test_user_create_microsoft_duplicate_email
811     dup_user = create(:user)
812     display_name = "new_tester-microsoft"
813     auth_uid = "123454321"
814
815     OmniAuth.config.add_mock(:microsoft,
816                              :uid => auth_uid,
817                              :info => { :email => dup_user.email, :name => display_name })
818
819     post auth_path(:provider => "microsoft", :origin => "/user/new")
820     assert_redirected_to auth_success_path(:provider => "microsoft")
821     follow_redirect!
822     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
823                          :email_hmac => UsersController.message_hmac(dup_user.email),
824                          :auth_provider => "microsoft", :auth_uid => auth_uid
825     follow_redirect!
826
827     assert_response :success
828     assert_template "users/new"
829     assert_select "form > div > input.is-invalid#user_email"
830
831     ActionMailer::Base.deliveries.clear
832   end
833
834   def test_user_create_microsoft_failure
835     OmniAuth.config.mock_auth[:microsoft] = :connection_failed
836
837     new_email = "newtester-microsoft2@osm.org"
838     display_name = "new_tester-microsoft2"
839     assert_difference("User.count", 0) do
840       assert_difference("ActionMailer::Base.deliveries.size", 0) do
841         perform_enqueued_jobs do
842           post "/user/new",
843                :params => { :user => { :email => new_email,
844                                        :email_confirmation => new_email,
845                                        :display_name => display_name,
846                                        :auth_provider => "microsoft",
847                                        :auth_uid => "123454321",
848                                        :pass_crypt => "",
849                                        :pass_crypt_confirmation => "" } }
850           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
851           post response.location
852           assert_redirected_to auth_success_path(:provider => "microsoft")
853           follow_redirect!
854           assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/user/new")
855           follow_redirect!
856           assert_redirected_to "/user/new"
857         end
858       end
859     end
860
861     ActionMailer::Base.deliveries.clear
862   end
863
864   def test_user_create_microsoft_redirect
865     orig_email = "redirect_tester_microsoft_orig@osm.org"
866     email_hmac = UsersController.message_hmac(orig_email)
867     new_email = "redirect_tester_microsoft@osm.org"
868     display_name = "redirect_tester_microsoft"
869     auth_uid = "123454321"
870
871     OmniAuth.config.add_mock(:microsoft,
872                              :uid => auth_uid,
873                              :info => { :email => orig_email, :name => display_name })
874
875     assert_difference("User.count") do
876       assert_difference("ActionMailer::Base.deliveries.size", 1) do
877         perform_enqueued_jobs do
878           post auth_path(:provider => "microsoft", :origin => "/user/new")
879           assert_redirected_to auth_success_path(:provider => "microsoft")
880           follow_redirect!
881           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
882                                :email => orig_email, :email_hmac => email_hmac,
883                                :auth_provider => "microsoft", :auth_uid => auth_uid
884           follow_redirect!
885
886           post "/user/new",
887                :params => { :user => { :email => new_email,
888                                        :email_hmac => email_hmac,
889                                        :display_name => display_name,
890                                        :auth_provider => "microsoft",
891                                        :auth_uid => auth_uid,
892                                        :consider_pd => "1" } }
893           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
894           post response.location
895           assert_redirected_to auth_success_path(:provider => "microsoft")
896           follow_redirect!
897           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
898           assert_response :redirect
899           follow_redirect!
900         end
901       end
902     end
903
904     # Check the e-mail
905     register_email = ActionMailer::Base.deliveries.first
906
907     assert_equal register_email.to.first, new_email
908     # Check that the confirm account url is correct
909     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
910     email_text_parts(register_email).each do |part|
911       assert_match confirm_regex, part.body.to_s
912     end
913     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
914
915     # Check the page
916     assert_response :success
917     assert_template "confirmations/confirm"
918
919     ActionMailer::Base.deliveries.clear
920
921     # Go to the confirmation page
922     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
923     assert_response :success
924     assert_template "confirmations/confirm"
925
926     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
927     assert_response :redirect
928     follow_redirect!
929     assert_response :success
930     assert_template "site/welcome"
931   end
932
933   def test_user_create_github_success
934     new_email = "newtester-github@osm.org"
935     email_hmac = UsersController.message_hmac(new_email)
936     display_name = "new_tester-github"
937     password = "testtest"
938     auth_uid = "123454321"
939
940     OmniAuth.config.add_mock(:github,
941                              :uid => auth_uid,
942                              :info => { "email" => new_email, :name => display_name })
943
944     assert_difference("User.count") do
945       assert_no_difference("ActionMailer::Base.deliveries.size") do
946         perform_enqueued_jobs do
947           post auth_path(:provider => "github", :origin => "/user/new")
948           assert_redirected_to auth_success_path(:provider => "github")
949           follow_redirect!
950           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
951                                :email => new_email, :email_hmac => email_hmac,
952                                :auth_provider => "github", :auth_uid => auth_uid
953           follow_redirect!
954
955           post "/user/new",
956                :params => { :user => { :email => new_email,
957                                        :display_name => display_name,
958                                        :auth_provider => "github",
959                                        :auth_uid => "123454321",
960                                        :pass_crypt => password,
961                                        :pass_crypt_confirmation => password },
962                             :read_ct => 1,
963                             :read_tou => 1,
964                             :email_hmac => email_hmac }
965           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
966           post response.location
967           assert_redirected_to auth_success_path(:provider => "github")
968           follow_redirect!
969           assert_redirected_to welcome_path
970           follow_redirect!
971         end
972       end
973     end
974
975     # Check the page
976     assert_response :success
977     assert_template "site/welcome"
978
979     ActionMailer::Base.deliveries.clear
980   end
981
982   def test_user_create_github_duplicate_email
983     dup_user = create(:user)
984     display_name = "new_tester-github"
985     auth_uid = "123454321"
986
987     OmniAuth.config.add_mock(:github,
988                              :uid => auth_uid,
989                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
990                              :info => { :email => dup_user.email, :name => display_name })
991
992     post auth_path(:provider => "github", :origin => "/user/new")
993     assert_redirected_to auth_success_path(:provider => "github")
994     follow_redirect!
995     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
996                          :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
997                          :auth_provider => "github", :auth_uid => auth_uid
998     follow_redirect!
999
1000     assert_response :success
1001     assert_template "users/new"
1002     assert_select "form > div > input.is-invalid#user_email"
1003
1004     ActionMailer::Base.deliveries.clear
1005   end
1006
1007   def test_user_create_github_failure
1008     OmniAuth.config.mock_auth[:github] = :connection_failed
1009
1010     new_email = "newtester-github2@osm.org"
1011     display_name = "new_tester-github2"
1012     assert_difference("User.count", 0) do
1013       assert_difference("ActionMailer::Base.deliveries.size", 0) do
1014         perform_enqueued_jobs do
1015           post "/user/new",
1016                :params => { :user => { :email => new_email,
1017                                        :email_confirmation => new_email,
1018                                        :display_name => display_name,
1019                                        :auth_provider => "github",
1020                                        :auth_uid => "123454321",
1021                                        :pass_crypt => "",
1022                                        :pass_crypt_confirmation => "" } }
1023           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
1024           post response.location
1025           assert_redirected_to auth_success_path(:provider => "github")
1026           follow_redirect!
1027           assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/user/new")
1028           follow_redirect!
1029           assert_redirected_to "/user/new"
1030         end
1031       end
1032     end
1033
1034     ActionMailer::Base.deliveries.clear
1035   end
1036
1037   def test_user_create_github_redirect
1038     orig_email = "redirect_tester_github_orig@osm.org"
1039     email_hmac = UsersController.message_hmac(orig_email)
1040     new_email = "redirect_tester_github@osm.org"
1041     display_name = "redirect_tester_github"
1042     auth_uid = "123454321"
1043
1044     OmniAuth.config.add_mock(:github,
1045                              :uid => auth_uid,
1046                              :info => { :email => orig_email, :name => display_name })
1047
1048     assert_difference("User.count") do
1049       assert_difference("ActionMailer::Base.deliveries.size", 1) do
1050         perform_enqueued_jobs do
1051           post auth_path(:provider => "github", :origin => "/user/new")
1052           assert_redirected_to auth_success_path(:provider => "github")
1053           follow_redirect!
1054           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
1055                                :email => orig_email, :email_hmac => email_hmac,
1056                                :auth_provider => "github", :auth_uid => auth_uid
1057           follow_redirect!
1058           post "/user/new",
1059                :params => { :user => { :email => new_email,
1060                                        :email_hmac => email_hmac,
1061                                        :display_name => display_name,
1062                                        :auth_provider => "github",
1063                                        :auth_uid => auth_uid,
1064                                        :consider_pd => "1" } }
1065           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
1066           post response.location
1067           assert_redirected_to auth_success_path(:provider => "github")
1068           follow_redirect!
1069           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
1070           assert_response :redirect
1071           follow_redirect!
1072         end
1073       end
1074     end
1075
1076     # Check the e-mail
1077     register_email = ActionMailer::Base.deliveries.first
1078
1079     assert_equal register_email.to.first, new_email
1080     # Check that the confirm account url is correct
1081     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
1082     email_text_parts(register_email).each do |part|
1083       assert_match confirm_regex, part.body.to_s
1084     end
1085     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
1086
1087     # Check the page
1088     assert_response :success
1089     assert_template "confirmations/confirm"
1090
1091     ActionMailer::Base.deliveries.clear
1092
1093     # Go to the confirmation page
1094     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1095     assert_response :success
1096     assert_template "confirmations/confirm"
1097
1098     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1099     assert_response :redirect
1100     follow_redirect!
1101     assert_response :success
1102     assert_template "site/welcome"
1103   end
1104
1105   def test_user_create_wikipedia_success
1106     new_email = "newtester-wikipedia@osm.org"
1107     email_hmac = UsersController.message_hmac(new_email)
1108     display_name = "new_tester-wikipedia"
1109     password = "testtest"
1110     auth_uid = "123454321"
1111
1112     OmniAuth.config.add_mock(:wikipedia,
1113                              :uid => auth_uid,
1114                              :info => { :email => new_email, :name => display_name })
1115
1116     assert_difference("User.count") do
1117       assert_no_difference("ActionMailer::Base.deliveries.size") do
1118         perform_enqueued_jobs do
1119           post auth_path(:provider => "wikipedia", :origin => "/user/new")
1120           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1121           follow_redirect!
1122           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
1123                                :email => new_email, :email_hmac => email_hmac,
1124                                :auth_provider => "wikipedia", :auth_uid => auth_uid
1125           follow_redirect!
1126           post "/user/new",
1127                :params => { :user => { :email => new_email,
1128                                        :display_name => display_name,
1129                                        :auth_provider => "wikipedia",
1130                                        :auth_uid => "123454321",
1131                                        :pass_crypt => password,
1132                                        :pass_crypt_confirmation => password },
1133                             :read_ct => 1,
1134                             :read_tou => 1,
1135                             :email_hmac => email_hmac }
1136           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
1137           post response.location
1138           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1139           follow_redirect!
1140           assert_redirected_to welcome_path
1141           follow_redirect!
1142         end
1143       end
1144     end
1145
1146     # Check the page
1147     assert_response :success
1148     assert_template "site/welcome"
1149   end
1150
1151   def test_user_create_wikipedia_duplicate_email
1152     dup_user = create(:user)
1153     display_name = "new_tester-wikipedia"
1154     auth_uid = "123454321"
1155
1156     OmniAuth.config.add_mock(:wikipedia,
1157                              :uid => auth_uid,
1158                              :info => { "email" => dup_user.email, :name => display_name })
1159
1160     post auth_path(:provider => "wikipedia", :origin => "/user/new")
1161     assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1162     follow_redirect!
1163     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
1164                          :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
1165                          :auth_provider => "wikipedia", :auth_uid => auth_uid
1166     follow_redirect!
1167
1168     assert_response :success
1169     assert_template "users/new"
1170     assert_select "form > div > input.is-invalid#user_email"
1171
1172     ActionMailer::Base.deliveries.clear
1173   end
1174
1175   def test_user_create_wikipedia_failure
1176     OmniAuth.config.mock_auth[:wikipedia] = :connection_failed
1177
1178     new_email = "newtester-wikipedia2@osm.org"
1179     display_name = "new_tester-wikipedia2"
1180     assert_difference("User.count", 0) do
1181       assert_difference("ActionMailer::Base.deliveries.size", 0) do
1182         perform_enqueued_jobs do
1183           post "/user/new",
1184                :params => { :user => { :email => new_email,
1185                                        :email_confirmation => new_email,
1186                                        :display_name => display_name,
1187                                        :auth_provider => "wikipedia",
1188                                        :auth_uid => "123454321",
1189                                        :pass_crypt => "",
1190                                        :pass_crypt_confirmation => "" } }
1191           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
1192           post response.location
1193           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1194           follow_redirect!
1195           assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/user/new")
1196           follow_redirect!
1197           assert_redirected_to "/user/new"
1198         end
1199       end
1200     end
1201
1202     ActionMailer::Base.deliveries.clear
1203   end
1204
1205   def test_user_create_wikipedia_redirect
1206     orig_email = "redirect_tester_wikipedia_orig@osm.org"
1207     email_hmac = UsersController.message_hmac(orig_email)
1208     new_email = "redirect_tester_wikipedia@osm.org"
1209     display_name = "redirect_tester_wikipedia"
1210     auth_uid = "123454321"
1211
1212     OmniAuth.config.add_mock(:wikipedia,
1213                              :uid => auth_uid,
1214                              :info => { :email => orig_email, :name => display_name })
1215
1216     # nothing special about this page, just need a protected page to redirect back to.
1217     assert_difference("User.count") do
1218       assert_difference("ActionMailer::Base.deliveries.size", 1) do
1219         perform_enqueued_jobs do
1220           post auth_path(:provider => "wikipedia", :origin => "/user/new")
1221           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1222           follow_redirect!
1223           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
1224                                :email => orig_email, :email_hmac => email_hmac,
1225                                :auth_provider => "wikipedia", :auth_uid => auth_uid
1226           follow_redirect!
1227
1228           post "/user/new",
1229                :params => { :user => { :email => new_email,
1230                                        :email_hmac => email_hmac,
1231                                        :display_name => display_name,
1232                                        :auth_provider => "wikipedia",
1233                                        :auth_uid => auth_uid,
1234                                        :consider_pd => "1" } }
1235           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
1236           post response.location
1237           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1238           follow_redirect!
1239           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
1240           assert_response :redirect
1241           follow_redirect!
1242         end
1243       end
1244     end
1245
1246     # Check the e-mail
1247     register_email = ActionMailer::Base.deliveries.first
1248
1249     assert_equal register_email.to.first, new_email
1250     # Check that the confirm account url is correct
1251     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
1252     email_text_parts(register_email).each do |part|
1253       assert_match confirm_regex, part.body.to_s
1254     end
1255     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
1256
1257     # Check the page
1258     assert_response :success
1259     assert_template "confirmations/confirm"
1260
1261     ActionMailer::Base.deliveries.clear
1262
1263     # Go to the confirmation page
1264     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1265     assert_response :success
1266     assert_template "confirmations/confirm"
1267
1268     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1269     assert_response :redirect
1270     follow_redirect!
1271     assert_response :success
1272     assert_template "site/welcome"
1273   end
1274 end