end
end
+ def test_new_view_logged_in
+ session[:user] = users(:normal_user).id
+
+ get :new
+ assert_response :redirect
+ assert_redirected_to user_new_path(:cookie_test => "true")
+ get :new, :cookie_test => "true"
+ assert_response :redirect
+ assert_redirected_to root_path
+
+ get :new, :referer => "/test"
+ assert_response :redirect
+ assert_redirected_to user_new_path(:referer => "/test", :cookie_test => "true")
+ get :new, :referer => "/test", :cookie_test => "true"
+ assert_response :redirect
+ assert_redirected_to "/test"
+ end
+
def test_new_success
user = new_user
assert_redirected_to "/test"
end
+ def test_logout_with_token
+ token = users(:normal_user).tokens.create
+
+ session[:token] = token.token
+
+ get :logout
+ assert_response :success
+ assert_template :logout
+ assert_select "input[name=referer][value=?]", ""
+ assert_equal token.token, session[:token]
+ assert_not_nil UserToken.where(:id => token.id).first
+
+ session_id = assert_select("input[name=session]").first["value"]
+
+ get :logout, :session => session_id
+ assert_response :redirect
+ assert_redirected_to root_path
+ assert_nil session[:token]
+ assert_nil UserToken.where(:id => token.id).first
+ end
+
def test_confirm_get
user = users(:inactive_user)
confirm_string = user.tokens.create.token
def test_terms_seen
user = users(:normal_user)
- get :terms, {}, { :user => user }
+ session[:user] = user.id
+
+ get :terms
+ assert_response :redirect
+ assert_redirected_to :action => :account, :display_name => user.display_name
+ end
+
+ def test_terms_not_seen_without_referer
+ user = users(:terms_not_seen_user)
+
+ session[:user] = user.id
+
+ get :terms
+ assert_response :success
+ assert_template :terms
+
+ post :save, :user => { :consider_pd => true }
assert_response :redirect
assert_redirected_to :action => :account, :display_name => user.display_name
+ assert_equal "Thanks for accepting the new contributor terms!", flash[:notice]
+
+ user.reload
+
+ assert_equal true, user.consider_pd
+ assert_not_nil user.terms_agreed
+ assert_equal true, user.terms_seen
end
- def test_terms_not_seen
+ def test_terms_not_seen_with_referer
user = users(:terms_not_seen_user)
- get :terms, {}, { :user => user }
+ session[:user] = user.id
+
+ get :terms, :referer => "/test"
assert_response :success
assert_template :terms
+
+ post :save, :user => { :consider_pd => true }, :referer => "/test"
+ assert_response :redirect
+ assert_redirected_to "/test"
+ assert_equal "Thanks for accepting the new contributor terms!", flash[:notice]
+
+ user.reload
+
+ assert_equal true, user.consider_pd
+ assert_not_nil user.terms_agreed
+ assert_equal true, user.terms_seen
end
def test_go_public
assert_select ".notice", /^User information updated successfully/
assert_select "form#accountForm > fieldset > div.form-row.accountImage input[name=image_action][checked]", false
+ # Adding external authentication should redirect to the auth provider
+ post :account, { :display_name => user.display_name, :user => user.attributes.merge(:auth_provider => "openid", :auth_uid => "gmail.com") }, { :user => user.id }
+ assert_response :redirect
+ assert_redirected_to auth_path(:provider => "openid", :openid_url => "https://www.google.com/accounts/o8/id", :origin => "/user/#{user.display_name}/account")
+
# Changing name to one that exists should fail
new_attributes = user.attributes.dup.merge(:display_name => users(:public_user).display_name)
post :account, { :display_name => user.display_name, :user => new_attributes }, { :user => user.id }
assert_select "div.flash.error", /your account has been suspended/
end
+ def test_login_email_password_blocked
+ user = users(:blocked_user)
+
+ get "/login"
+ assert_response :redirect
+ assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
+ follow_redirect!
+ assert_response :success
+
+ post "/login", :username => user.email, :password => "wrong", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "login"
+
+ post "/login", :username => user.email, :password => "test", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "user_blocks/show"
+ end
+
+ def test_login_email_password_blocked_upcase
+ user = users(:blocked_user)
+
+ get "/login"
+ assert_response :redirect
+ assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
+ follow_redirect!
+ assert_response :success
+
+ post "/login", :username => user.email.upcase, :password => "wrong", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "login"
+
+ post "/login", :username => user.email.upcase, :password => "test", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "user_blocks/show"
+ end
+
+ def test_login_email_password_blocked_titlecase
+ user = users(:blocked_user)
+
+ get "/login"
+ assert_response :redirect
+ assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
+ follow_redirect!
+ assert_response :success
+
+ post "/login", :username => user.email.titlecase, :password => "wrong", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "login"
+
+ post "/login", :username => user.email.titlecase, :password => "test", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "user_blocks/show"
+ end
+
def test_login_username_password_normal
user = users(:normal_user)
assert_select "div.flash.error", /your account has been suspended/
end
+ def test_login_username_password_blocked
+ user = users(:blocked_user)
+
+ get "/login"
+ assert_response :redirect
+ assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
+ follow_redirect!
+ assert_response :success
+
+ post "/login", :username => user.display_name, :password => "wrong", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "login"
+
+ post "/login", :username => user.display_name, :password => "test", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "user_blocks/show"
+ end
+
+ def test_login_username_password_blocked_upcase
+ user = users(:blocked_user)
+
+ get "/login"
+ assert_response :redirect
+ assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
+ follow_redirect!
+ assert_response :success
+
+ post "/login", :username => user.display_name.upcase, :password => "wrong", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "login"
+
+ post "/login", :username => user.display_name.upcase, :password => "test", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "user_blocks/show"
+ end
+
+ def test_login_username_password_blocked_titlecase
+ user = users(:blocked_user)
+
+ get "/login"
+ assert_response :redirect
+ assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
+ follow_redirect!
+ assert_response :success
+
+ post "/login", :username => user.display_name.titlecase, :password => "wrong", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "login"
+
+ post "/login", :username => user.display_name.titlecase, :password => "test", :referer => "/history"
+ assert_response :redirect
+ follow_redirect!
+ assert_response :success
+ assert_template "user_blocks/show"
+ end
+
def test_login_email_password_remember_me
user = users(:normal_user)
get_via_redirect "/login"
assert_response :success
assert_template "user/login"
- post "/login", "username" => user.email, "password" => "test", :referer => "/"
+ post "/login", :username => user.email, :password => "test", :referer => "/diary/new"
assert_response :redirect
# but now we need to look at the terms
- assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/"
+ assert_redirected_to :controller => :user, :action => :terms, :referer => "/diary/new"
follow_redirect!
assert_response :success
# don't agree to the terms, but hit decline
- post "/user/save", "decline" => "decline", "referer" => "/"
- assert_redirected_to "/"
+ post "/user/save", :decline => true, :referer => "/diary/new"
+ assert_redirected_to "/diary/new"
follow_redirect!
# should be carried through to a normal login with a message
get_via_redirect "/login"
assert_response :success
assert_template "user/login"
- post "/login", "username" => user.email, "password" => "test", :referer => "/"
+ post "/login", :username => user.email, :password => "test", :referer => "/diary/new"
assert_response :redirect
# but now we need to look at the terms
- assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/"
- follow_redirect!
- assert_response :success
+ assert_redirected_to :controller => :user, :action => :terms, :referer => "/diary/new"
# check that if we go somewhere else now, it redirects
# back to the terms page.
get "/traces/mine"
- assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/traces/mine"
- get "/traces/mine", :referer => "/test"
- assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/test"
+ assert_redirected_to :controller => :user, :action => :terms, :referer => "/traces/mine"
+ get "/traces/mine", :referer => "/diary/new"
+ assert_redirected_to :controller => :user, :action => :terms, :referer => "/diary/new"
end
end
projects / rails.git / commitdiff