1 # frozen_string_literal: true
5 class UserTermsSeenTest < ActionDispatch::IntegrationTest
7 user = create(:user, :terms_seen => false, :terms_agreed => nil)
9 get "/api/#{Settings.api_version}/user/preferences", :headers => bearer_authorization_header(user)
10 assert_response :forbidden
12 # touch it so that the user has seen the terms
13 user.terms_seen = true
16 get "/api/#{Settings.api_version}/user/preferences", :headers => bearer_authorization_header(user)
17 assert_response :success
20 def test_terms_presented_at_login
21 user = create(:user, :terms_seen => false, :terms_agreed => nil)
26 assert_response :success
27 assert_template "sessions/new"
28 post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
29 # but now we need to look at the terms
30 assert_redirected_to account_terms_path(:referer => "/diary/new")
32 assert_response :success
34 # don't agree to the terms, but hit decline
35 put "/account/terms", :params => { :decline => true, :referer => "/diary/new" }
36 assert_redirected_to "/diary/new"
39 # should be carried through to a normal login with a message
40 assert_response :success
41 assert_not flash[:notice].nil?
44 def test_terms_cant_be_circumvented
45 user = create(:user, :terms_seen => false, :terms_agreed => nil)
50 assert_response :success
51 assert_template "sessions/new"
52 post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
53 # but now we need to look at the terms
54 assert_redirected_to account_terms_path(:referer => "/diary/new")
56 # check that if we go somewhere else now, it redirects
57 # back to the terms page.
59 assert_redirected_to account_terms_path(:referer => "/traces/mine")
60 get "/traces/mine", :params => { :referer => "/diary/new" }
61 assert_redirected_to account_terms_path(:referer => "/diary/new")
projects / rails.git / blob