1 require File.dirname(__FILE__) + '/../test_helper'
3 class UserTermsSeenTest < ActionController::IntegrationTest
6 def auth_header(user, pass)
7 {"HTTP_AUTHORIZATION" => "Basic %s" % Base64.encode64("#{user}:#{pass}")}
12 user = users(:terms_not_seen_user)
14 get "/api/#{API_VERSION}/user/preferences", nil, auth_header(user.display_name, "test")
15 assert_response :forbidden
17 # touch it so that the user has seen the terms
18 user.terms_seen = true
21 get "/api/#{API_VERSION}/user/preferences", nil, auth_header(user.display_name, "test")
22 assert_response :success
26 def test_terms_presented_at_login
28 user = users(:terms_not_seen_user)
31 get_via_redirect "/login"
32 assert_response :success
33 assert_template 'user/login'
34 post "/login", {'username' => user.email, 'password' => 'test', :referer => "/"}
35 assert_response :redirect
36 # but now we need to look at the terms
37 assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/"
39 assert_response :success
41 # don't agree to the terms, but hit decline
42 post "/user/#{user.display_name}/save", {'decline' => 'decline', 'referer' => '/'}
43 assert_redirected_to "/"
46 # should be carried through to a normal login with a message
47 assert_response :success
48 assert !flash[:notice].nil?
52 def test_terms_cant_be_circumvented
54 user = users(:terms_not_seen_user)
57 get_via_redirect "/login"
58 assert_response :success
59 assert_template 'user/login'
60 post "/login", {'username' => user.email, 'password' => 'test', :referer => "/"}
61 assert_response :redirect
62 # but now we need to look at the terms
63 assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/"
65 assert_response :success
67 # check that if we go somewhere else now, it redirects
68 # back to the terms page.
70 assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/traces/mine"