# Redmine - project management software
# Copyright (C) 2006-2013 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
require File.expand_path('../../test_helper', __FILE__)
begin
require 'mocha'
rescue
# Won't run some tests
end
class AccountTest < ActionController::IntegrationTest
fixtures :users, :roles
# Replace this with your real tests.
def test_login
get "my/page"
assert_redirected_to "/login"
log_user('jsmith', 'jsmith')
get "my/account"
assert_response :success
assert_template "my/account"
end
def test_autologin
user = User.find(1)
Setting.autologin = "7"
Token.delete_all
# User logs in with 'autologin' checked
post '/login', :username => user.login, :password => 'admin', :autologin => 1
assert_redirected_to '/users/1'
token = Token.first
assert_not_nil token
assert_equal user, token.user
assert_equal 'autologin', token.action
assert_equal user.id, session[:user_id]
assert_equal token.value, cookies['autologin']
# Session is cleared
reset!
User.current = nil
# Clears user's last login timestamp
user.update_attribute :last_login_on, nil
assert_nil user.reload.last_login_on
# User comes back with his autologin cookie
cookies[:autologin] = token.value
get '/my/page'
assert_response :success
assert_template 'my/page'
assert_equal user.id, session[:user_id]
assert_not_nil user.reload.last_login_on
end
def test_autologin_should_use_autologin_cookie_name
Token.delete_all
Redmine::Configuration.stubs(:[]).with('autologin_cookie_name').returns('custom_autologin')
Redmine::Configuration.stubs(:[]).with('autologin_cookie_path').returns('/')
Redmine::Configuration.stubs(:[]).with('autologin_cookie_secure').returns(false)
Redmine::Configuration.stubs(:[]).with('max_concurrent_ajax_uploads').returns(2)
with_settings :autologin => '7' do
assert_difference 'Token.count' do
post '/login', :username => 'admin', :password => 'admin', :autologin => 1
end
assert_response 302
assert cookies['custom_autologin'].present?
token = cookies['custom_autologin']
# Session is cleared
reset!
cookies['custom_autologin'] = token
get '/my/account'
assert_response :success
post '/logout'
assert cookies['custom_autologin'].blank?
end
end
def test_lost_password
Token.delete_all
get "account/lost_password"
assert_response :success
assert_template "account/lost_password"
assert_select 'input[name=mail]'
post "account/lost_password", :mail => 'jSmith@somenet.foo'
assert_redirected_to "/login"
token = Token.first
assert_equal 'recovery', token.action
assert_equal 'jsmith@somenet.foo', token.user.mail
assert !token.expired?
get "account/lost_password", :token => token.value
assert_response :success
assert_template "account/password_recovery"
assert_select 'input[type=hidden][name=token][value=?]', token.value
assert_select 'input[name=new_password]'
assert_select 'input[name=new_password_confirmation]'
post "account/lost_password", :token => token.value, :new_password => 'newpass123', :new_password_confirmation => 'newpass123'
assert_redirected_to "/login"
assert_equal 'Password was successfully updated.', flash[:notice]
log_user('jsmith', 'newpass123')
assert_equal 0, Token.count
end
def test_register_with_automatic_activation
Setting.self_registration = '3'
get 'account/register'
assert_response :success
assert_template 'account/register'
post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
:password => "newpass123", :password_confirmation => "newpass123"}
assert_redirected_to '/my/account'
follow_redirect!
assert_response :success
assert_template 'my/account'
user = User.find_by_login('newuser')
assert_not_nil user
assert user.active?
assert_not_nil user.last_login_on
end
def test_register_with_manual_activation
Setting.self_registration = '2'
post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
:password => "newpass123", :password_confirmation => "newpass123"}
assert_redirected_to '/login'
assert !User.find_by_login('newuser').active?
end
def test_register_with_email_activation
Setting.self_registration = '1'
Token.delete_all
post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar",
:password => "newpass123", :password_confirmation => "newpass123"}
assert_redirected_to '/login'
assert !User.find_by_login('newuser').active?
token = Token.first
assert_equal 'register', token.action
assert_equal 'newuser@foo.bar', token.user.mail
assert !token.expired?
get 'account/activate', :token => token.value
assert_redirected_to '/login'
log_user('newuser', 'newpass123')
end
def test_onthefly_registration
# disable registration
Setting.self_registration = '0'
AuthSource.expects(:authenticate).returns({:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66})
post '/login', :username => 'foo', :password => 'bar'
assert_redirected_to '/my/page'
user = User.find_by_login('foo')
assert user.is_a?(User)
assert_equal 66, user.auth_source_id
assert user.hashed_password.blank?
end
def test_onthefly_registration_with_invalid_attributes
# disable registration
Setting.self_registration = '0'
AuthSource.expects(:authenticate).returns({:login => 'foo', :lastname => 'Smith', :auth_source_id => 66})
post '/login', :username => 'foo', :password => 'bar'
assert_response :success
assert_template 'account/register'
assert_tag :input, :attributes => { :name => 'user[firstname]', :value => '' }
assert_tag :input, :attributes => { :name => 'user[lastname]', :value => 'Smith' }
assert_no_tag :input, :attributes => { :name => 'user[login]' }
assert_no_tag :input, :attributes => { :name => 'user[password]' }
post 'account/register', :user => {:firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com'}
assert_redirected_to '/my/account'
user = User.find_by_login('foo')
assert user.is_a?(User)
assert_equal 66, user.auth_source_id
assert user.hashed_password.blank?
end
end