]> git.openstreetmap.org Git - rails.git/blob - test/integration/user_creation_test.rb
Be paranoid when sending password reset emails
[rails.git] / test / integration / user_creation_test.rb
1 require "test_helper"
2
3 class UserCreationTest < ActionDispatch::IntegrationTest
4   def setup
5     OmniAuth.config.test_mode = true
6
7     stub_request(:get, /.*gravatar.com.*d=404/).to_return(:status => 404)
8   end
9
10   def teardown
11     OmniAuth.config.mock_auth[:openid] = nil
12     OmniAuth.config.mock_auth[:google] = nil
13     OmniAuth.config.mock_auth[:facebook] = nil
14     OmniAuth.config.mock_auth[:microsoft] = nil
15     OmniAuth.config.mock_auth[:github] = nil
16     OmniAuth.config.mock_auth[:wikipedia] = nil
17     OmniAuth.config.test_mode = false
18   end
19
20   def test_create_user_form
21     get "/user/new"
22     follow_redirect!
23     assert_response :success
24     assert_template "users/new"
25   end
26
27   def test_user_create_submit_duplicate_email
28     dup_email = create(:user).email
29     display_name = "new_tester"
30     assert_difference("User.count", 0) do
31       assert_difference("ActionMailer::Base.deliveries.size", 0) do
32         perform_enqueued_jobs do
33           post "/user/new",
34                :params => { :user => { :email => dup_email,
35                                        :email_confirmation => dup_email,
36                                        :display_name => display_name,
37                                        :pass_crypt => "testtest",
38                                        :pass_crypt_confirmation => "testtest" } }
39         end
40       end
41     end
42     assert_response :success
43     assert_template "users/new"
44     assert_select "form"
45     assert_select "form > div > input.is-invalid#user_email"
46   end
47
48   def test_user_create_submit_duplicate_username
49     dup_display_name = create(:user).display_name
50     email = "new_tester"
51     assert_difference("User.count", 0) do
52       assert_difference("ActionMailer::Base.deliveries.size", 0) do
53         perform_enqueued_jobs do
54           post "/user/new",
55                :params => { :user => { :email => email,
56                                        :email_confirmation => email,
57                                        :display_name => dup_display_name,
58                                        :pass_crypt => "testtest",
59                                        :pass_crypt_confirmation => "testtest" } }
60         end
61       end
62     end
63     assert_response :success
64     assert_template "users/new"
65     assert_select "form > div > input.is-invalid#user_display_name"
66   end
67
68   def test_user_create_submit_mismatched_passwords
69     email = "newtester@osm.org"
70     display_name = "new_tester"
71     assert_difference("User.count", 0) do
72       assert_difference("ActionMailer::Base.deliveries.size", 0) do
73         perform_enqueued_jobs do
74           post "/user/new",
75                :params => { :user => { :email => email,
76                                        :email_confirmation => email,
77                                        :display_name => display_name,
78                                        :pass_crypt => "testtest",
79                                        :pass_crypt_confirmation => "blahblah" } }
80         end
81       end
82     end
83     assert_response :success
84     assert_template "users/new"
85     assert_select "form > div > input.is-invalid#user_pass_crypt_confirmation"
86   end
87
88   def test_user_create_success
89     new_email = "newtester@osm.org"
90     display_name = "new_tester"
91
92     assert_difference("User.count", 0) do
93       assert_difference("ActionMailer::Base.deliveries.size", 0) do
94         perform_enqueued_jobs do
95           post "/user/new",
96                :params => { :user => { :email => new_email,
97                                        :email_confirmation => new_email,
98                                        :display_name => display_name,
99                                        :pass_crypt => "testtest",
100                                        :pass_crypt_confirmation => "testtest" } }
101         end
102       end
103     end
104
105     assert_redirected_to "/user/terms"
106
107     assert_difference("User.count") do
108       assert_difference("ActionMailer::Base.deliveries.size", 1) do
109         perform_enqueued_jobs do
110           post "/user/save",
111                :params => { :read_ct => 1, :read_tou => 1 }
112           follow_redirect!
113         end
114       end
115     end
116
117     assert_response :success
118     assert_template "confirmations/confirm"
119
120     user = User.find_by(:email => "newtester@osm.org")
121     assert_not_nil user
122     assert_not_predicate user, :active?
123
124     register_email = ActionMailer::Base.deliveries.first
125     assert_equal register_email.to.first, new_email
126     found_confirmation_url = register_email.parts.first.parts.first.to_s =~ %r{\shttp://test.host(/\S+)\s}
127     assert found_confirmation_url
128     confirmation_url = Regexp.last_match(1)
129     ActionMailer::Base.deliveries.clear
130
131     post confirmation_url
132
133     assert_response :redirect
134     assert_redirected_to welcome_path
135
136     user.reload
137     assert_predicate user, :active?
138
139     assert_equal user, User.authenticate(:username => new_email, :password => "testtest")
140   end
141
142   def test_user_create_no_tou_failure
143     new_email = "#newtester@osm.org"
144     display_name = "new_tester"
145
146     assert_difference("User.count", 0) do
147       assert_difference("ActionMailer::Base.deliveries.size", 0) do
148         perform_enqueued_jobs do
149           post "/user/new",
150                :params => { :user => { :email => new_email,
151                                        :email_confirmation => new_email,
152                                        :display_name => display_name,
153                                        :pass_crypt => "testtest",
154                                        :pass_crypt_confirmation => "testtest" } }
155         end
156       end
157     end
158
159     assert_redirected_to "/user/terms"
160
161     perform_enqueued_jobs do
162       post "/user/save"
163       assert_redirected_to "/user/terms"
164     end
165
166     ActionMailer::Base.deliveries.clear
167   end
168
169   # Check that the user can successfully recover their password
170   def test_lost_password_recovery_success
171     # Open the lost password form
172     # Submit the lost password form
173     # Check the e-mail
174     # Submit the reset password token
175     # Check that the password has changed, and the user can login
176   end
177
178   def test_user_create_redirect
179     new_email = "redirect_tester@osm.org"
180     display_name = "redirect_tester"
181     password = "testtest"
182     # nothing special about this page, just need a protected page to redirect back to.
183     referer = "/traces/mine"
184     assert_difference("User.count") do
185       assert_difference("ActionMailer::Base.deliveries.size", 1) do
186         perform_enqueued_jobs do
187           post "/user/new",
188                :params => { :user => { :email => new_email,
189                                        :email_confirmation => new_email,
190                                        :display_name => display_name,
191                                        :pass_crypt => password,
192                                        :pass_crypt_confirmation => password },
193                             :referer => referer }
194           assert_redirected_to "/user/terms"
195           post "/user/save",
196                :params => { :user => { :email => new_email,
197                                        :email_confirmation => new_email,
198                                        :display_name => display_name,
199                                        :pass_crypt => password,
200                                        :pass_crypt_confirmation => password },
201                             :read_ct => 1, :read_tou => 1 }
202           follow_redirect!
203         end
204       end
205     end
206
207     # Check the e-mail
208     register_email = ActionMailer::Base.deliveries.first
209
210     assert_equal register_email.to.first, new_email
211     # Check that the confirm account url is correct
212     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
213     email_text_parts(register_email).each do |part|
214       assert_match confirm_regex, part.body.to_s
215     end
216     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
217
218     # Check the page
219     assert_response :success
220     assert_template "confirmations/confirm"
221
222     ActionMailer::Base.deliveries.clear
223
224     # Go to the confirmation page
225     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
226     assert_response :success
227     assert_template "confirmations/confirm"
228
229     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
230     assert_response :redirect
231     follow_redirect!
232     assert_response :success
233     assert_template "site/welcome"
234   end
235
236   def test_user_create_openid_success
237     OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/new.tester")
238
239     new_email = "newtester-openid@osm.org"
240     display_name = "new_tester-openid"
241     password = "testtest"
242     assert_difference("User.count") do
243       assert_difference("ActionMailer::Base.deliveries.size", 1) do
244         perform_enqueued_jobs do
245           post "/user/new",
246                :params => { :user => { :email => new_email,
247                                        :email_confirmation => new_email,
248                                        :display_name => display_name,
249                                        :auth_provider => "openid",
250                                        :auth_uid => "http://localhost:1123/new.tester",
251                                        :pass_crypt => "",
252                                        :pass_crypt_confirmation => "" } }
253           assert_response :redirect
254           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
255           post response.location
256           assert_response :redirect
257           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
258           follow_redirect!
259           assert_response :redirect
260           assert_redirected_to "/user/terms"
261           post "/user/save",
262                :params => { :user => { :email => new_email,
263                                        :email_confirmation => new_email,
264                                        :display_name => display_name,
265                                        :auth_provider => "openid",
266                                        :auth_uid => "http://localhost:1123/new.tester",
267                                        :pass_crypt => password,
268                                        :pass_crypt_confirmation => password },
269                             :read_ct => 1, :read_tou => 1 }
270           assert_response :redirect
271           follow_redirect!
272         end
273       end
274     end
275
276     # Check the page
277     assert_response :success
278     assert_template "confirmations/confirm"
279
280     ActionMailer::Base.deliveries.clear
281   end
282
283   def test_user_create_openid_failure
284     OmniAuth.config.mock_auth[:openid] = :connection_failed
285
286     new_email = "newtester-openid2@osm.org"
287     display_name = "new_tester-openid2"
288     assert_difference("User.count", 0) do
289       assert_difference("ActionMailer::Base.deliveries.size", 0) do
290         perform_enqueued_jobs do
291           post "/user/new",
292                :params => { :user => { :email => new_email,
293                                        :email_confirmation => new_email,
294                                        :display_name => display_name,
295                                        :auth_provider => "openid",
296                                        :auth_uid => "http://localhost:1123/new.tester",
297                                        :pass_crypt => "",
298                                        :pass_crypt_confirmation => "" } }
299           assert_response :redirect
300           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
301           post response.location
302           assert_response :redirect
303           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
304           follow_redirect!
305           assert_response :redirect
306           assert_redirected_to auth_failure_path(:strategy => "openid", :message => "connection_failed", :origin => "/user/new")
307           follow_redirect!
308           assert_response :redirect
309           follow_redirect!
310           assert_response :success
311           assert_template "users/new"
312         end
313       end
314     end
315
316     ActionMailer::Base.deliveries.clear
317   end
318
319   def test_user_create_openid_redirect
320     OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/new.tester")
321
322     new_email = "redirect_tester_openid@osm.org"
323     display_name = "redirect_tester_openid"
324     # nothing special about this page, just need a protected page to redirect back to.
325     referer = "/traces/mine"
326     assert_difference("User.count") do
327       assert_difference("ActionMailer::Base.deliveries.size", 1) do
328         perform_enqueued_jobs do
329           post "/user/new",
330                :params => { :user => { :email => new_email,
331                                        :email_confirmation => new_email,
332                                        :display_name => display_name,
333                                        :auth_provider => "openid",
334                                        :auth_uid => "http://localhost:1123/new.tester",
335                                        :pass_crypt => "",
336                                        :pass_crypt_confirmation => "" },
337                             :referer => referer }
338           assert_response :redirect
339           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
340           post response.location
341           assert_response :redirect
342           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
343           follow_redirect!
344           assert_response :redirect
345           assert_redirected_to "/user/terms"
346           post "/user/save",
347                :params => { :user => { :email => new_email,
348                                        :email_confirmation => new_email,
349                                        :display_name => display_name,
350                                        :auth_provider => "openid",
351                                        :auth_uid => "http://localhost:1123/new.tester",
352                                        :pass_crypt => "testtest",
353                                        :pass_crypt_confirmation => "testtest" },
354                             :read_ct => 1, :read_tou => 1 }
355           follow_redirect!
356         end
357       end
358     end
359
360     # Check the e-mail
361     register_email = ActionMailer::Base.deliveries.first
362
363     assert_equal register_email.to.first, new_email
364     # Check that the confirm account url is correct
365     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
366     email_text_parts(register_email).each do |part|
367       assert_match confirm_regex, part.body.to_s
368     end
369     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
370
371     # Check the page
372     assert_response :success
373     assert_template "confirmations/confirm"
374
375     ActionMailer::Base.deliveries.clear
376
377     # Go to the confirmation page
378     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
379     assert_response :success
380     assert_template "confirmations/confirm"
381
382     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
383     assert_response :redirect
384     follow_redirect!
385     assert_response :success
386     assert_template "site/welcome"
387   end
388
389   def test_user_create_google_success
390     new_email = "newtester-google@osm.org"
391     display_name = "new_tester-google"
392     password = "testtest"
393
394     OmniAuth.config.add_mock(:google, :uid => "123454321", :info => { "email" => new_email })
395
396     assert_difference("User.count") do
397       assert_no_difference("ActionMailer::Base.deliveries.size") do
398         perform_enqueued_jobs do
399           post "/user/new",
400                :params => { :user => { :email => new_email,
401                                        :email_confirmation => new_email,
402                                        :display_name => display_name,
403                                        :auth_provider => "google",
404                                        :pass_crypt => "",
405                                        :pass_crypt_confirmation => "" } }
406           assert_response :redirect
407           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
408           post response.location
409           assert_response :redirect
410           assert_redirected_to auth_success_path(:provider => "google")
411           follow_redirect!
412           assert_response :redirect
413           assert_redirected_to "/user/terms"
414           post "/user/save",
415                :params => { :user => { :email => new_email,
416                                        :email_confirmation => new_email,
417                                        :display_name => display_name,
418                                        :auth_provider => "google",
419                                        :auth_uid => "123454321",
420                                        :pass_crypt => password,
421                                        :pass_crypt_confirmation => password },
422                             :read_ct => 1, :read_tou => 1 }
423           assert_response :redirect
424           assert_redirected_to welcome_path
425           follow_redirect!
426         end
427       end
428     end
429
430     # Check the page
431     assert_response :success
432     assert_template "site/welcome"
433
434     ActionMailer::Base.deliveries.clear
435   end
436
437   def test_user_create_google_failure
438     OmniAuth.config.mock_auth[:google] = :connection_failed
439
440     new_email = "newtester-google2@osm.org"
441     display_name = "new_tester-google2"
442     assert_difference("User.count", 0) do
443       assert_difference("ActionMailer::Base.deliveries.size", 0) do
444         perform_enqueued_jobs do
445           post "/user/new",
446                :params => { :user => { :email => new_email,
447                                        :email_confirmation => new_email,
448                                        :display_name => display_name,
449                                        :auth_provider => "google",
450                                        :pass_crypt => "",
451                                        :pass_crypt_confirmation => "" } }
452           assert_response :redirect
453           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
454           post response.location
455           assert_response :redirect
456           assert_redirected_to auth_success_path(:provider => "google")
457           follow_redirect!
458           assert_response :redirect
459           assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new")
460           follow_redirect!
461           assert_response :redirect
462           follow_redirect!
463           assert_response :success
464           assert_template "users/new"
465         end
466       end
467     end
468
469     ActionMailer::Base.deliveries.clear
470   end
471
472   def test_user_create_google_redirect
473     OmniAuth.config.add_mock(:google, :uid => "123454321", :extra => {
474                                :id_info => { "openid_id" => "http://localhost:1123/new.tester" }
475                              })
476
477     new_email = "redirect_tester_google@osm.org"
478     display_name = "redirect_tester_google"
479     # nothing special about this page, just need a protected page to redirect back to.
480     referer = "/traces/mine"
481     assert_difference("User.count") do
482       assert_difference("ActionMailer::Base.deliveries.size", 1) do
483         perform_enqueued_jobs do
484           post "/user/new",
485                :params => { :user => { :email => new_email,
486                                        :email_confirmation => new_email,
487                                        :display_name => display_name,
488                                        :auth_provider => "google",
489                                        :pass_crypt => "",
490                                        :pass_crypt_confirmation => "" },
491                             :referer => referer }
492           assert_response :redirect
493           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
494           post response.location
495           assert_response :redirect
496           assert_redirected_to auth_success_path(:provider => "google")
497           follow_redirect!
498           assert_response :redirect
499           assert_redirected_to "/user/terms"
500           post "/user/save",
501                :params => { :user => { :email => new_email,
502                                        :email_confirmation => new_email,
503                                        :display_name => display_name,
504                                        :auth_provider => "google",
505                                        :auth_uid => "http://localhost:1123/new.tester",
506                                        :pass_crypt => "testtest",
507                                        :pass_crypt_confirmation => "testtest" },
508                             :read_ct => 1, :read_tou => 1 }
509           follow_redirect!
510         end
511       end
512     end
513
514     # Check the e-mail
515     register_email = ActionMailer::Base.deliveries.first
516
517     assert_equal register_email.to.first, new_email
518     # Check that the confirm account url is correct
519     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
520     email_text_parts(register_email).each do |part|
521       assert_match confirm_regex, part.body.to_s
522     end
523     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
524
525     # Check the page
526     assert_response :success
527     assert_template "confirmations/confirm"
528
529     ActionMailer::Base.deliveries.clear
530
531     # Go to the confirmation page
532     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
533     assert_response :success
534     assert_template "confirmations/confirm"
535
536     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
537     assert_response :redirect
538     follow_redirect!
539     assert_response :success
540     assert_template "site/welcome"
541   end
542
543   def test_user_create_facebook_success
544     new_email = "newtester-facebook@osm.org"
545     display_name = "new_tester-facebook"
546     password = "testtest"
547
548     OmniAuth.config.add_mock(:facebook, :uid => "123454321", :info => { "email" => new_email })
549
550     assert_difference("User.count") do
551       assert_no_difference("ActionMailer::Base.deliveries.size") do
552         perform_enqueued_jobs do
553           post "/user/new",
554                :params => { :user => { :email => new_email,
555                                        :email_confirmation => new_email,
556                                        :display_name => display_name,
557                                        :auth_provider => "facebook",
558                                        :pass_crypt => "",
559                                        :pass_crypt_confirmation => "" } }
560           assert_response :redirect
561           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
562           post response.location
563           assert_response :redirect
564           assert_redirected_to auth_success_path(:provider => "facebook")
565           follow_redirect!
566           assert_response :redirect
567           assert_redirected_to "/user/terms"
568           post "/user/save",
569                :params => { :user => { :email => new_email,
570                                        :email_confirmation => new_email,
571                                        :display_name => display_name,
572                                        :auth_provider => "facebook",
573                                        :auth_uid => "123454321",
574                                        :pass_crypt => password,
575                                        :pass_crypt_confirmation => password },
576                             :read_ct => 1, :read_tou => 1 }
577           assert_response :redirect
578           assert_redirected_to welcome_path
579           follow_redirect!
580         end
581       end
582     end
583
584     # Check the page
585     assert_response :success
586     assert_template "site/welcome"
587
588     ActionMailer::Base.deliveries.clear
589   end
590
591   def test_user_create_facebook_failure
592     OmniAuth.config.mock_auth[:facebook] = :connection_failed
593
594     new_email = "newtester-facebook2@osm.org"
595     display_name = "new_tester-facebook2"
596     assert_difference("User.count", 0) do
597       assert_difference("ActionMailer::Base.deliveries.size", 0) do
598         perform_enqueued_jobs do
599           post "/user/new",
600                :params => { :user => { :email => new_email,
601                                        :email_confirmation => new_email,
602                                        :display_name => display_name,
603                                        :auth_provider => "facebook",
604                                        :pass_crypt => "",
605                                        :pass_crypt_confirmation => "" } }
606           assert_response :redirect
607           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
608           post response.location
609           assert_response :redirect
610           assert_redirected_to auth_success_path(:provider => "facebook")
611           follow_redirect!
612           assert_response :redirect
613           assert_redirected_to auth_failure_path(:strategy => "facebook", :message => "connection_failed", :origin => "/user/new")
614           follow_redirect!
615           assert_response :redirect
616           follow_redirect!
617           assert_response :success
618           assert_template "users/new"
619         end
620       end
621     end
622
623     ActionMailer::Base.deliveries.clear
624   end
625
626   def test_user_create_facebook_redirect
627     OmniAuth.config.add_mock(:facebook, :uid => "123454321")
628
629     new_email = "redirect_tester_facebook@osm.org"
630     display_name = "redirect_tester_facebook"
631     # nothing special about this page, just need a protected page to redirect back to.
632     referer = "/traces/mine"
633     assert_difference("User.count") do
634       assert_difference("ActionMailer::Base.deliveries.size", 1) do
635         perform_enqueued_jobs do
636           post "/user/new",
637                :params => { :user => { :email => new_email,
638                                        :email_confirmation => new_email,
639                                        :display_name => display_name,
640                                        :auth_provider => "facebook",
641                                        :pass_crypt => "",
642                                        :pass_crypt_confirmation => "" },
643                             :referer => referer }
644           assert_response :redirect
645           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
646           post response.location
647           assert_response :redirect
648           assert_redirected_to auth_success_path(:provider => "facebook")
649           follow_redirect!
650           assert_response :redirect
651           assert_redirected_to "/user/terms"
652           post "/user/save",
653                :params => { :user => { :email => new_email,
654                                        :email_confirmation => new_email,
655                                        :display_name => display_name,
656                                        :auth_provider => "facebook",
657                                        :auth_uid => "http://localhost:1123/new.tester",
658                                        :pass_crypt => "testtest",
659                                        :pass_crypt_confirmation => "testtest" },
660                             :read_ct => 1, :read_tou => 1 }
661           follow_redirect!
662         end
663       end
664     end
665
666     # Check the e-mail
667     register_email = ActionMailer::Base.deliveries.first
668
669     assert_equal register_email.to.first, new_email
670     # Check that the confirm account url is correct
671     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
672     email_text_parts(register_email).each do |part|
673       assert_match confirm_regex, part.body.to_s
674     end
675     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
676
677     # Check the page
678     assert_response :success
679     assert_template "confirmations/confirm"
680
681     ActionMailer::Base.deliveries.clear
682
683     # Go to the confirmation page
684     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
685     assert_response :success
686     assert_template "confirmations/confirm"
687
688     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
689     assert_response :redirect
690     follow_redirect!
691     assert_response :success
692     assert_template "site/welcome"
693   end
694
695   def test_user_create_microsoft_success
696     new_email = "newtester-microsoft@osm.org"
697     display_name = "new_tester-microsoft"
698     password = "testtest"
699
700     OmniAuth.config.add_mock(:microsoft, :uid => "123454321", :info => { "email" => new_email })
701
702     assert_difference("User.count") do
703       assert_difference("ActionMailer::Base.deliveries.size", 0) do
704         perform_enqueued_jobs do
705           post "/user/new",
706                :params => { :user => { :email => new_email,
707                                        :email_confirmation => new_email,
708                                        :display_name => display_name,
709                                        :auth_provider => "microsoft",
710                                        :pass_crypt => "",
711                                        :pass_crypt_confirmation => "" } }
712           assert_response :redirect
713           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
714           post response.location
715           assert_response :redirect
716           assert_redirected_to auth_success_path(:provider => "microsoft")
717           follow_redirect!
718           assert_response :redirect
719           assert_redirected_to "/user/terms"
720           post "/user/save",
721                :params => { :user => { :email => new_email,
722                                        :email_confirmation => new_email,
723                                        :display_name => display_name,
724                                        :auth_provider => "microsoft",
725                                        :auth_uid => "123454321",
726                                        :pass_crypt => password,
727                                        :pass_crypt_confirmation => password },
728                             :read_ct => 1, :read_tou => 1 }
729           assert_response :redirect
730           assert_redirected_to welcome_path
731           follow_redirect!
732         end
733       end
734     end
735
736     # Check the page
737     assert_response :success
738     assert_template "site/welcome"
739
740     ActionMailer::Base.deliveries.clear
741   end
742
743   def test_user_create_microsoft_failure
744     OmniAuth.config.mock_auth[:microsoft] = :connection_failed
745
746     new_email = "newtester-microsoft2@osm.org"
747     display_name = "new_tester-microsoft2"
748     assert_difference("User.count", 0) do
749       assert_difference("ActionMailer::Base.deliveries.size", 0) do
750         perform_enqueued_jobs do
751           post "/user/new",
752                :params => { :user => { :email => new_email,
753                                        :email_confirmation => new_email,
754                                        :display_name => display_name,
755                                        :auth_provider => "microsoft",
756                                        :pass_crypt => "",
757                                        :pass_crypt_confirmation => "" } }
758           assert_response :redirect
759           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
760           post response.location
761           assert_response :redirect
762           assert_redirected_to auth_success_path(:provider => "microsoft")
763           follow_redirect!
764           assert_response :redirect
765           assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/user/new")
766           follow_redirect!
767           assert_response :redirect
768           follow_redirect!
769           assert_response :success
770           assert_template "users/new"
771         end
772       end
773     end
774
775     ActionMailer::Base.deliveries.clear
776   end
777
778   def test_user_create_microsoft_redirect
779     OmniAuth.config.add_mock(:microsoft, :uid => "123454321")
780
781     new_email = "redirect_tester_microsoft@osm.org"
782     display_name = "redirect_tester_microsoft"
783     # nothing special about this page, just need a protected page to redirect back to.
784     referer = "/traces/mine"
785     assert_difference("User.count") do
786       assert_difference("ActionMailer::Base.deliveries.size", 1) do
787         perform_enqueued_jobs do
788           post "/user/new",
789                :params => { :user => { :email => new_email,
790                                        :email_confirmation => new_email,
791                                        :display_name => display_name,
792                                        :auth_provider => "microsoft",
793                                        :pass_crypt => "",
794                                        :pass_crypt_confirmation => "" },
795                             :referer => referer }
796           assert_response :redirect
797           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
798           post response.location
799           assert_response :redirect
800           assert_redirected_to auth_success_path(:provider => "microsoft")
801           follow_redirect!
802           assert_response :redirect
803           assert_redirected_to "/user/terms"
804           post "/user/save",
805                :params => { :user => { :email => new_email,
806                                        :email_confirmation => new_email,
807                                        :display_name => display_name,
808                                        :auth_provider => "microsoft",
809                                        :auth_uid => "http://localhost:1123/new.tester",
810                                        :pass_crypt => "testtest",
811                                        :pass_crypt_confirmation => "testtest" },
812                             :read_ct => 1, :read_tou => 1 }
813           follow_redirect!
814         end
815       end
816     end
817
818     # Check the e-mail
819     register_email = ActionMailer::Base.deliveries.first
820
821     assert_equal register_email.to.first, new_email
822     # Check that the confirm account url is correct
823     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
824     email_text_parts(register_email).each do |part|
825       assert_match confirm_regex, part.body.to_s
826     end
827     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
828
829     # Check the page
830     assert_response :success
831     assert_template "confirmations/confirm"
832
833     ActionMailer::Base.deliveries.clear
834
835     # Go to the confirmation page
836     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
837     assert_response :success
838     assert_template "confirmations/confirm"
839
840     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
841     assert_response :redirect
842     follow_redirect!
843     assert_response :success
844     assert_template "site/welcome"
845   end
846
847   def test_user_create_github_success
848     new_email = "newtester-github@osm.org"
849     display_name = "new_tester-github"
850     password = "testtest"
851
852     OmniAuth.config.add_mock(:github, :uid => "123454321", :info => { "email" => new_email })
853
854     assert_difference("User.count") do
855       assert_no_difference("ActionMailer::Base.deliveries.size") do
856         perform_enqueued_jobs do
857           post "/user/new",
858                :params => { :user => { :email => new_email,
859                                        :email_confirmation => new_email,
860                                        :display_name => display_name,
861                                        :auth_provider => "github",
862                                        :pass_crypt => "",
863                                        :pass_crypt_confirmation => "" } }
864           assert_response :redirect
865           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
866           post response.location
867           assert_response :redirect
868           assert_redirected_to auth_success_path(:provider => "github")
869           follow_redirect!
870           assert_response :redirect
871           assert_redirected_to "/user/terms"
872           post "/user/save",
873                :params => { :user => { :email => new_email,
874                                        :email_confirmation => new_email,
875                                        :display_name => display_name,
876                                        :auth_provider => "github",
877                                        :auth_uid => "123454321",
878                                        :pass_crypt => password,
879                                        :pass_crypt_confirmation => password },
880                             :read_ct => 1,
881                             :read_tou => 1 }
882           assert_response :redirect
883           assert_redirected_to welcome_path
884           follow_redirect!
885         end
886       end
887     end
888
889     # Check the page
890     assert_response :success
891     assert_template "site/welcome"
892
893     ActionMailer::Base.deliveries.clear
894   end
895
896   def test_user_create_github_failure
897     OmniAuth.config.mock_auth[:github] = :connection_failed
898
899     new_email = "newtester-github2@osm.org"
900     display_name = "new_tester-github2"
901     assert_difference("User.count", 0) do
902       assert_difference("ActionMailer::Base.deliveries.size", 0) do
903         perform_enqueued_jobs do
904           post "/user/new",
905                :params => { :user => { :email => new_email,
906                                        :email_confirmation => new_email,
907                                        :display_name => display_name,
908                                        :auth_provider => "github",
909                                        :pass_crypt => "",
910                                        :pass_crypt_confirmation => "" } }
911           assert_response :redirect
912           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
913           post response.location
914           assert_response :redirect
915           assert_redirected_to auth_success_path(:provider => "github")
916           follow_redirect!
917           assert_response :redirect
918           assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/user/new")
919           follow_redirect!
920           assert_response :redirect
921           follow_redirect!
922           assert_response :success
923           assert_template "users/new"
924         end
925       end
926     end
927
928     ActionMailer::Base.deliveries.clear
929   end
930
931   def test_user_create_github_redirect
932     OmniAuth.config.add_mock(:github, :uid => "123454321")
933
934     new_email = "redirect_tester_github@osm.org"
935     display_name = "redirect_tester_github"
936     # nothing special about this page, just need a protected page to redirect back to.
937     referer = "/traces/mine"
938     assert_difference("User.count") do
939       assert_difference("ActionMailer::Base.deliveries.size", 1) do
940         perform_enqueued_jobs do
941           post "/user/new",
942                :params => { :user => { :email => new_email,
943                                        :email_confirmation => new_email,
944                                        :display_name => display_name,
945                                        :auth_provider => "github",
946                                        :pass_crypt => "",
947                                        :pass_crypt_confirmation => "" },
948                             :referer => referer }
949           assert_response :redirect
950           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
951           post response.location
952           assert_response :redirect
953           assert_redirected_to auth_success_path(:provider => "github")
954           follow_redirect!
955           assert_response :redirect
956           assert_redirected_to "/user/terms"
957           post "/user/save",
958                :params => { :user => { :email => new_email,
959                                        :email_confirmation => new_email,
960                                        :display_name => display_name,
961                                        :auth_provider => "github",
962                                        :auth_uid => "http://localhost:1123/new.tester",
963                                        :pass_crypt => "testtest",
964                                        :pass_crypt_confirmation => "testtest" },
965                             :read_ct => 1,
966                             :read_tou => 1 }
967           follow_redirect!
968         end
969       end
970     end
971
972     # Check the e-mail
973     register_email = ActionMailer::Base.deliveries.first
974
975     assert_equal register_email.to.first, new_email
976     # Check that the confirm account url is correct
977     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
978     email_text_parts(register_email).each do |part|
979       assert_match confirm_regex, part.body.to_s
980     end
981     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
982
983     # Check the page
984     assert_response :success
985     assert_template "confirmations/confirm"
986
987     ActionMailer::Base.deliveries.clear
988
989     # Go to the confirmation page
990     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
991     assert_response :success
992     assert_template "confirmations/confirm"
993
994     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
995     assert_response :redirect
996     follow_redirect!
997     assert_response :success
998     assert_template "site/welcome"
999   end
1000
1001   def test_user_create_wikipedia_success
1002     new_email = "newtester-wikipedia@osm.org"
1003     display_name = "new_tester-wikipedia"
1004     password = "testtest"
1005
1006     OmniAuth.config.add_mock(:wikipedia, :uid => "123454321", :info => { "email" => new_email })
1007
1008     assert_difference("User.count") do
1009       assert_no_difference("ActionMailer::Base.deliveries.size") do
1010         perform_enqueued_jobs do
1011           post "/user/new",
1012                :params => { :user => { :email => new_email,
1013                                        :email_confirmation => new_email,
1014                                        :display_name => display_name,
1015                                        :auth_provider => "wikipedia",
1016                                        :pass_crypt => "",
1017                                        :pass_crypt_confirmation => "" } }
1018           assert_response :redirect
1019           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
1020           post response.location
1021           assert_response :redirect
1022           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1023           follow_redirect!
1024           assert_response :redirect
1025           assert_redirected_to "/user/terms"
1026           post "/user/save",
1027                :params => { :user => { :email => new_email,
1028                                        :email_confirmation => new_email,
1029                                        :display_name => display_name,
1030                                        :auth_provider => "wikipedia",
1031                                        :auth_uid => "123454321",
1032                                        :pass_crypt => password,
1033                                        :pass_crypt_confirmation => password },
1034                             :read_ct => 1,
1035                             :read_tou => 1 }
1036           assert_response :redirect
1037           assert_redirected_to welcome_path
1038           follow_redirect!
1039         end
1040       end
1041     end
1042
1043     # Check the page
1044     assert_response :success
1045     assert_template "site/welcome"
1046
1047     ActionMailer::Base.deliveries.clear
1048   end
1049
1050   def test_user_create_wikipedia_failure
1051     OmniAuth.config.mock_auth[:wikipedia] = :connection_failed
1052
1053     new_email = "newtester-wikipedia2@osm.org"
1054     display_name = "new_tester-wikipedia2"
1055     assert_difference("User.count", 0) do
1056       assert_difference("ActionMailer::Base.deliveries.size", 0) do
1057         perform_enqueued_jobs do
1058           post "/user/new",
1059                :params => { :user => { :email => new_email,
1060                                        :email_confirmation => new_email,
1061                                        :display_name => display_name,
1062                                        :auth_provider => "wikipedia",
1063                                        :pass_crypt => "",
1064                                        :pass_crypt_confirmation => "" } }
1065           assert_response :redirect
1066           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
1067           post response.location
1068           assert_response :redirect
1069           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1070           follow_redirect!
1071           assert_response :redirect
1072           assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/user/new")
1073           follow_redirect!
1074           assert_response :redirect
1075           follow_redirect!
1076           assert_response :success
1077           assert_template "users/new"
1078         end
1079       end
1080     end
1081
1082     ActionMailer::Base.deliveries.clear
1083   end
1084
1085   def test_user_create_wikipedia_redirect
1086     OmniAuth.config.add_mock(:wikipedia, :uid => "123454321")
1087
1088     new_email = "redirect_tester_wikipedia@osm.org"
1089     display_name = "redirect_tester_wikipedia"
1090     # nothing special about this page, just need a protected page to redirect back to.
1091     referer = "/traces/mine"
1092     assert_difference("User.count") do
1093       assert_difference("ActionMailer::Base.deliveries.size", 1) do
1094         perform_enqueued_jobs do
1095           post "/user/new",
1096                :params => { :user => { :email => new_email,
1097                                        :email_confirmation => new_email,
1098                                        :display_name => display_name,
1099                                        :auth_provider => "wikipedia",
1100                                        :pass_crypt => "",
1101                                        :pass_crypt_confirmation => "" },
1102                             :referer => referer }
1103           assert_response :redirect
1104           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
1105           post response.location
1106           assert_response :redirect
1107           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1108           follow_redirect!
1109           assert_response :redirect
1110           assert_redirected_to "/user/terms"
1111           post "/user/save",
1112                :params => { :user => { :email => new_email,
1113                                        :email_confirmation => new_email,
1114                                        :display_name => display_name,
1115                                        :auth_provider => "wikipedia",
1116                                        :auth_uid => "http://localhost:1123/new.tester",
1117                                        :pass_crypt => "testtest",
1118                                        :pass_crypt_confirmation => "testtest" },
1119                             :read_ct => 1,
1120                             :read_tou => 1 }
1121           follow_redirect!
1122         end
1123       end
1124     end
1125
1126     # Check the e-mail
1127     register_email = ActionMailer::Base.deliveries.first
1128
1129     assert_equal register_email.to.first, new_email
1130     # Check that the confirm account url is correct
1131     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
1132     email_text_parts(register_email).each do |part|
1133       assert_match confirm_regex, part.body.to_s
1134     end
1135     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
1136
1137     # Check the page
1138     assert_response :success
1139     assert_template "confirmations/confirm"
1140
1141     ActionMailer::Base.deliveries.clear
1142
1143     # Go to the confirmation page
1144     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1145     assert_response :success
1146     assert_template "confirmations/confirm"
1147
1148     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1149     assert_response :redirect
1150     follow_redirect!
1151     assert_response :success
1152     assert_template "site/welcome"
1153   end
1154 end