]> git.openstreetmap.org Git - rails.git/blob - test/integration/user_creation_test.rb
Check if db is writable on oauth authorization pages
[rails.git] / test / integration / user_creation_test.rb
1 require "test_helper"
2
3 class UserCreationTest < ActionDispatch::IntegrationTest
4   def setup
5     OmniAuth.config.test_mode = true
6
7     stub_request(:get, /.*gravatar.com.*d=404/).to_return(:status => 404)
8   end
9
10   def teardown
11     OmniAuth.config.mock_auth[:openid] = nil
12     OmniAuth.config.mock_auth[:google] = nil
13     OmniAuth.config.mock_auth[:facebook] = nil
14     OmniAuth.config.mock_auth[:microsoft] = nil
15     OmniAuth.config.mock_auth[:github] = nil
16     OmniAuth.config.mock_auth[:wikipedia] = nil
17     OmniAuth.config.test_mode = false
18   end
19
20   def test_create_user_form
21     get "/user/new"
22     follow_redirect!
23     assert_response :success
24     assert_template "users/new"
25   end
26
27   def test_user_create_submit_duplicate_email
28     dup_email = create(:user).email
29     display_name = "new_tester"
30     assert_difference("User.count", 0) do
31       assert_difference("ActionMailer::Base.deliveries.size", 0) do
32         perform_enqueued_jobs do
33           post "/user/new",
34                :params => { :user => { :email => dup_email,
35                                        :display_name => display_name,
36                                        :pass_crypt => "testtest",
37                                        :pass_crypt_confirmation => "testtest",
38                                        :consider_pd => "1" } }
39         end
40       end
41     end
42     assert_response :success
43     assert_template "users/new"
44     assert_select "form"
45     assert_select "form > div > input.is-invalid#user_email"
46   end
47
48   def test_user_create_association_submit_duplicate_email
49     dup_email = create(:user).email
50     display_name = "new_tester"
51     assert_difference("User.count", 0) do
52       assert_no_difference("ActionMailer::Base.deliveries.size") do
53         perform_enqueued_jobs do
54           post "/user/new",
55                :params => { :user => { :email => dup_email,
56                                        :display_name => display_name,
57                                        :pass_crypt => "testtest",
58                                        :pass_crypt_confirmation => "testtest",
59                                        :auth_provider => "google",
60                                        :auth_uid => "123454321",
61                                        :consider_pd => "1" } }
62         end
63       end
64     end
65     assert_response :success
66     assert_template "users/new"
67     assert_select "form"
68     assert_select "form > div > input.is-invalid#user_email"
69   end
70
71   def test_user_create_submit_duplicate_username
72     dup_display_name = create(:user).display_name
73     email = "new_tester"
74     assert_difference("User.count", 0) do
75       assert_difference("ActionMailer::Base.deliveries.size", 0) do
76         perform_enqueued_jobs do
77           post "/user/new",
78                :params => { :user => { :email => email,
79                                        :display_name => dup_display_name,
80                                        :pass_crypt => "testtest",
81                                        :pass_crypt_confirmation => "testtest" } }
82         end
83       end
84     end
85     assert_response :success
86     assert_template "users/new"
87     assert_select "form > div > input.is-invalid#user_display_name"
88   end
89
90   def test_user_create_submit_mismatched_passwords
91     email = "newtester@osm.org"
92     display_name = "new_tester"
93     assert_difference("User.count", 0) do
94       assert_difference("ActionMailer::Base.deliveries.size", 0) do
95         perform_enqueued_jobs do
96           post "/user/new",
97                :params => { :user => { :email => email,
98                                        :display_name => display_name,
99                                        :pass_crypt => "testtest",
100                                        :pass_crypt_confirmation => "blahblah",
101                                        :consider_pd => "1" } }
102         end
103       end
104     end
105     assert_response :success
106     assert_template "users/new"
107     assert_select "form > div > div > div > input.is-invalid#user_pass_crypt_confirmation"
108   end
109
110   def test_user_create_association_submit_duplicate_username
111     dup_display_name = create(:user).display_name
112     email = "new_tester"
113     assert_difference("User.count", 0) do
114       assert_no_difference("ActionMailer::Base.deliveries.size") do
115         perform_enqueued_jobs do
116           post "/user/new",
117                :params => { :user => { :email => email,
118                                        :display_name => dup_display_name,
119                                        :auth_provider => "google",
120                                        :auth_uid => "123454321",
121                                        :consider_pd => "1" } }
122         end
123       end
124     end
125     assert_response :success
126     assert_template "users/new"
127     assert_select "form > div > input.is-invalid#user_display_name"
128   end
129
130   def test_user_create_success
131     new_email = "newtester@osm.org"
132     display_name = "new_tester"
133
134     assert_difference("User.count", 1) do
135       assert_difference("ActionMailer::Base.deliveries.size", 1) do
136         perform_enqueued_jobs do
137           post "/user/new",
138                :params => { :user => { :email => new_email,
139                                        :display_name => display_name,
140                                        :pass_crypt => "testtest",
141                                        :pass_crypt_confirmation => "testtest",
142                                        :consider_pd => "1" } }
143           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
144           follow_redirect!
145         end
146       end
147     end
148
149     assert_response :success
150     assert_template "confirmations/confirm"
151
152     user = User.find_by(:email => "newtester@osm.org")
153     assert_not_nil user
154     assert_not_predicate user, :active?
155
156     register_email = ActionMailer::Base.deliveries.first
157     assert_equal register_email.to.first, new_email
158     found_confirmation_url = register_email.parts.first.parts.first.to_s =~ %r{\shttp://test.host(/\S+)\s}
159     assert found_confirmation_url
160     confirmation_url = Regexp.last_match(1)
161     ActionMailer::Base.deliveries.clear
162
163     post confirmation_url
164
165     assert_redirected_to welcome_path
166
167     user.reload
168     assert_predicate user, :active?
169
170     assert_equal user, User.authenticate(:username => new_email, :password => "testtest")
171   end
172
173   # Check that the user can successfully recover their password
174   # def test_lost_password_recovery_success
175   #   Open the lost password form
176   #   Submit the lost password form
177   #   Check the e-mail
178   #   Submit the reset password token
179   #   Check that the password has changed, and the user can login
180   # end
181
182   def test_user_create_redirect
183     new_email = "redirect_tester@osm.org"
184     display_name = "redirect_tester"
185     password = "testtest"
186     # nothing special about this page, just need a protected page to redirect back to.
187     referer = "/traces/mine"
188     assert_difference("User.count") do
189       assert_difference("ActionMailer::Base.deliveries.size", 1) do
190         perform_enqueued_jobs do
191           post "/user/new",
192                :params => { :user => { :email => new_email,
193                                        :display_name => display_name,
194                                        :pass_crypt => password,
195                                        :pass_crypt_confirmation => password,
196                                        :consider_pd => "1" },
197                             :referer => referer }
198           assert_response(:redirect)
199           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
200           follow_redirect!
201         end
202       end
203     end
204
205     # Check the e-mail
206     register_email = ActionMailer::Base.deliveries.first
207
208     assert_equal register_email.to.first, new_email
209     # Check that the confirm account url is correct
210     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
211     email_text_parts(register_email).each do |part|
212       assert_match confirm_regex, part.body.to_s
213     end
214     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
215
216     # Check the page
217     assert_response :success
218     assert_template "confirmations/confirm"
219
220     ActionMailer::Base.deliveries.clear
221
222     # Go to the confirmation page
223     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
224     assert_response :success
225     assert_template "confirmations/confirm"
226
227     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
228     assert_response :redirect
229     follow_redirect!
230     assert_response :success
231     assert_template "site/welcome"
232   end
233
234   def test_user_create_openid_success
235     new_email = "newtester-openid@osm.org"
236     display_name = "new_tester-openid"
237     openid_url = "http://localhost:1000/new.tester"
238     auth_uid = "http://localhost:1123/new.tester"
239
240     OmniAuth.config.add_mock(:openid,
241                              :uid => auth_uid,
242                              :info => { :email => new_email, :name => display_name })
243
244     assert_difference("User.count") do
245       assert_difference("ActionMailer::Base.deliveries.size", 1) do
246         perform_enqueued_jobs do
247           post auth_path(:provider => "openid", :openid_url => openid_url, :origin => "/user/new")
248           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => openid_url, :origin => "/user/new")
249           follow_redirect!
250           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email,
251                                :auth_provider => "openid", :auth_uid => auth_uid
252           follow_redirect!
253           post "/user/new",
254                :params => { :user => { :email => new_email,
255                                        :display_name => display_name,
256                                        :auth_provider => "openid",
257                                        :auth_uid => auth_uid,
258                                        :consider_pd => "1" } }
259         end
260       end
261     end
262
263     # Check the page
264     assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
265
266     ActionMailer::Base.deliveries.clear
267   end
268
269   def test_user_create_openid_duplicate_email
270     dup_user = create(:user)
271     display_name = "new_tester-openid"
272     auth_uid = "123454321"
273
274     OmniAuth.config.add_mock(:openid,
275                              :uid => auth_uid,
276                              :info => { :email => dup_user.email, :name => display_name })
277
278     post auth_path(:provider => "openid", :origin => "/user/new")
279     assert_redirected_to auth_success_path(:provider => "openid", :origin => "/user/new")
280     follow_redirect!
281     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
282                          :auth_provider => "openid", :auth_uid => auth_uid
283     follow_redirect!
284
285     assert_response :success
286     assert_template "users/new"
287     assert_select "form > div > input.is-invalid#user_email"
288
289     ActionMailer::Base.deliveries.clear
290   end
291
292   def test_user_create_openid_failure
293     OmniAuth.config.mock_auth[:openid] = :connection_failed
294
295     assert_difference("User.count", 0) do
296       assert_difference("ActionMailer::Base.deliveries.size", 0) do
297         perform_enqueued_jobs do
298           post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
299           follow_redirect!
300           assert_redirected_to auth_failure_path(:strategy => "openid", :message => "connection_failed", :origin => "/user/new")
301           follow_redirect!
302           assert_redirected_to "/user/new"
303         end
304       end
305     end
306
307     ActionMailer::Base.deliveries.clear
308   end
309
310   def test_user_create_openid_redirect
311     openid_url = "http://localhost:1000/new.tester"
312     auth_uid = "http://localhost:1123/new.tester"
313     new_email = "redirect_tester_openid@osm.org"
314     display_name = "redirect_tester_openid"
315
316     OmniAuth.config.add_mock(:openid,
317                              :uid => auth_uid,
318                              :info => { :email => new_email, :name => display_name })
319
320     assert_difference("User.count") do
321       assert_difference("ActionMailer::Base.deliveries.size", 1) do
322         perform_enqueued_jobs do
323           post auth_path(:provider => "openid", :openid_url => openid_url, :origin => "/user/new")
324           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => openid_url, :origin => "/user/new")
325           follow_redirect!
326           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email,
327                                :auth_provider => "openid", :auth_uid => auth_uid
328           follow_redirect!
329           post "/user/new",
330                :params => { :user => { :email => new_email,
331                                        :display_name => display_name,
332                                        :auth_provider => "openid",
333                                        :auth_uid => auth_uid,
334                                        :consider_pd => "1" } }
335           follow_redirect!
336         end
337       end
338     end
339
340     # Check the e-mail
341     register_email = ActionMailer::Base.deliveries.first
342
343     assert_equal register_email.to.first, new_email
344     # Check that the confirm account url is correct
345     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
346     email_text_parts(register_email).each do |part|
347       assert_match confirm_regex, part.body.to_s
348     end
349     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
350
351     # Check the page
352     assert_response :success
353     assert_template "confirmations/confirm"
354
355     ActionMailer::Base.deliveries.clear
356
357     # Go to the confirmation page
358     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
359     assert_response :success
360     assert_template "confirmations/confirm"
361
362     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
363     assert_response :redirect
364     follow_redirect!
365     assert_response :success
366     assert_template "site/welcome"
367   end
368
369   def test_user_create_google_success
370     new_email = "newtester-google@osm.org"
371     email_hmac = UsersController.message_hmac(new_email)
372     display_name = "new_tester-google"
373     auth_uid = "123454321"
374
375     OmniAuth.config.add_mock(:google,
376                              :uid => auth_uid,
377                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
378                              :info => { :email => new_email, :name => display_name })
379
380     assert_difference("User.count") do
381       assert_no_difference("ActionMailer::Base.deliveries.size") do
382         perform_enqueued_jobs do
383           post auth_path(:provider => "google", :origin => "/user/new")
384           assert_redirected_to auth_success_path(:provider => "google")
385           follow_redirect!
386           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
387                                :email => new_email, :email_hmac => email_hmac,
388                                :auth_provider => "google", :auth_uid => auth_uid
389           follow_redirect!
390
391           post "/user/new",
392                :params => { :user => { :email => new_email,
393                                        :display_name => display_name,
394                                        :auth_provider => "google",
395                                        :auth_uid => auth_uid,
396                                        :consider_pd => "1" },
397                             :email_hmac => email_hmac }
398           assert_redirected_to welcome_path
399           follow_redirect!
400         end
401       end
402     end
403
404     # Check the page
405     assert_response :success
406     assert_template "site/welcome"
407
408     ActionMailer::Base.deliveries.clear
409   end
410
411   def test_user_create_google_duplicate_email
412     dup_user = create(:user)
413     display_name = "new_tester-google"
414     auth_uid = "123454321"
415
416     OmniAuth.config.add_mock(:google,
417                              :uid => auth_uid,
418                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
419                              :info => { :email => dup_user.email, :name => display_name })
420
421     post auth_path(:provider => "google", :origin => "/user/new")
422     assert_redirected_to auth_success_path(:provider => "google")
423     follow_redirect!
424     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
425                          :email_hmac => UsersController.message_hmac(dup_user.email),
426                          :auth_provider => "google", :auth_uid => auth_uid
427     follow_redirect!
428
429     assert_response :success
430     assert_template "users/new"
431     assert_select "form > div > input.is-invalid#user_email"
432
433     ActionMailer::Base.deliveries.clear
434   end
435
436   def test_user_create_google_failure
437     OmniAuth.config.mock_auth[:google] = :connection_failed
438
439     assert_difference("User.count", 0) do
440       assert_difference("ActionMailer::Base.deliveries.size", 0) do
441         perform_enqueued_jobs do
442           post auth_path(:provider => "google", :origin => "/user/new")
443           assert_response :redirect
444           follow_redirect!
445           assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new")
446           follow_redirect!
447           assert_redirected_to "/user/new"
448         end
449       end
450     end
451
452     ActionMailer::Base.deliveries.clear
453   end
454
455   def test_user_create_google_redirect
456     orig_email = "redirect_tester_google_orig@google.com"
457     email_hmac = UsersController.message_hmac(orig_email)
458     new_email =  "redirect_tester_google@osm.org"
459     display_name = "redirect_tester_google"
460     auth_uid = "123454321"
461
462     OmniAuth.config.add_mock(:google,
463                              :uid => auth_uid,
464                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
465                              :info => { :email => orig_email, :name => display_name })
466
467     assert_difference("User.count") do
468       assert_difference("ActionMailer::Base.deliveries.size", 1) do
469         perform_enqueued_jobs do
470           post auth_path(:provider => "google", :origin => "/user/new")
471           assert_redirected_to auth_success_path(:provider => "google")
472           follow_redirect!
473           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
474                                :email => orig_email, :email_hmac => email_hmac,
475                                :auth_provider => "google", :auth_uid => auth_uid
476           follow_redirect!
477           post "/user/new",
478                :params => { :user => { :email => new_email,
479                                        :email_hmac => email_hmac,
480                                        :display_name => display_name,
481                                        :auth_provider => "google",
482                                        :auth_uid => auth_uid,
483                                        :consider_pd => "1" } }
484           assert_response :redirect
485           follow_redirect!
486         end
487       end
488     end
489
490     # Check the e-mail
491     register_email = ActionMailer::Base.deliveries.first
492
493     assert_equal register_email.to.first, new_email
494     # Check that the confirm account url is correct
495     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
496     email_text_parts(register_email).each do |part|
497       assert_match confirm_regex, part.body.to_s
498     end
499     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
500
501     # Check the page
502     assert_response :success
503     assert_template "confirmations/confirm"
504
505     ActionMailer::Base.deliveries.clear
506
507     # Go to the confirmation page
508     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
509     assert_response :success
510     assert_template "confirmations/confirm"
511
512     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
513     assert_response :redirect
514     follow_redirect!
515     assert_response :success
516     assert_template "site/welcome"
517   end
518
519   def test_user_create_facebook_success
520     new_email = "newtester-facebook@osm.org"
521     email_hmac = UsersController.message_hmac(new_email)
522     display_name = "new_tester-facebook"
523     auth_uid = "123454321"
524
525     OmniAuth.config.add_mock(:facebook,
526                              :uid => auth_uid,
527                              :info => { "email" => new_email, :name => display_name })
528
529     assert_difference("User.count") do
530       assert_no_difference("ActionMailer::Base.deliveries.size") do
531         perform_enqueued_jobs do
532           post auth_path(:provider => "facebook", :origin => "/user/new")
533           assert_redirected_to auth_success_path(:provider => "facebook")
534           follow_redirect!
535           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
536                                :email => new_email, :email_hmac => email_hmac,
537                                :auth_provider => "facebook", :auth_uid => auth_uid
538           follow_redirect!
539
540           post "/user/new",
541                :params => { :user => { :email => new_email,
542                                        :display_name => display_name,
543                                        :auth_provider => "facebook",
544                                        :auth_uid => auth_uid,
545                                        :consider_pd => "1" },
546                             :email_hmac => email_hmac }
547           assert_redirected_to welcome_path
548           follow_redirect!
549         end
550       end
551     end
552
553     # Check the page
554     assert_response :success
555     assert_template "site/welcome"
556
557     ActionMailer::Base.deliveries.clear
558   end
559
560   def test_user_create_facebook_duplicate_email
561     dup_user = create(:user)
562     display_name = "new_tester-facebook"
563     auth_uid = "123454321"
564
565     OmniAuth.config.add_mock(:facebook,
566                              :uid => auth_uid,
567                              :info => { :email => dup_user.email, :name => display_name })
568
569     post auth_path(:provider => "facebook", :origin => "/user/new")
570     assert_redirected_to auth_success_path(:provider => "facebook")
571     follow_redirect!
572     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
573                          :email_hmac => UsersController.message_hmac(dup_user.email),
574                          :auth_provider => "facebook", :auth_uid => auth_uid
575     follow_redirect!
576
577     assert_response :success
578     assert_template "users/new"
579     assert_select "form > div > input.is-invalid#user_email"
580
581     ActionMailer::Base.deliveries.clear
582   end
583
584   def test_user_create_facebook_failure
585     OmniAuth.config.mock_auth[:facebook] = :connection_failed
586
587     assert_difference("User.count", 0) do
588       assert_difference("ActionMailer::Base.deliveries.size", 0) do
589         perform_enqueued_jobs do
590           post auth_path(:provider => "facebook", :origin => "/user/new")
591           assert_response :redirect
592           follow_redirect!
593           assert_redirected_to auth_failure_path(:strategy => "facebook", :message => "connection_failed", :origin => "/user/new")
594           follow_redirect!
595           assert_redirected_to "/user/new"
596         end
597       end
598     end
599
600     ActionMailer::Base.deliveries.clear
601   end
602
603   def test_user_create_facebook_redirect
604     orig_email = "redirect_tester_facebook_orig@osm.org"
605     email_hmac = UsersController.message_hmac(orig_email)
606     new_email = "redirect_tester_facebook@osm.org"
607     display_name = "redirect_tester_facebook"
608     auth_uid = "123454321"
609
610     OmniAuth.config.add_mock(:facebook,
611                              :uid => auth_uid,
612                              :info => { :email => orig_email, :name => display_name })
613
614     # nothing special about this page, just need a protected page to redirect back to.
615     assert_difference("User.count") do
616       assert_difference("ActionMailer::Base.deliveries.size", 1) do
617         perform_enqueued_jobs do
618           post auth_path(:provider => "facebook", :origin => "/user/new")
619           assert_redirected_to auth_success_path(:provider => "facebook")
620           follow_redirect!
621           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
622                                :email => orig_email, :email_hmac => email_hmac,
623                                :auth_provider => "facebook", :auth_uid => auth_uid
624           follow_redirect!
625
626           post "/user/new",
627                :params => { :user => { :email => new_email,
628                                        :email_hmac => email_hmac,
629                                        :display_name => display_name,
630                                        :auth_provider => "facebook",
631                                        :auth_uid => auth_uid,
632                                        :consider_pd => "1" } }
633           assert_response :redirect
634           follow_redirect!
635         end
636       end
637     end
638
639     # Check the e-mail
640     register_email = ActionMailer::Base.deliveries.first
641
642     assert_equal register_email.to.first, new_email
643     # Check that the confirm account url is correct
644     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
645     email_text_parts(register_email).each do |part|
646       assert_match confirm_regex, part.body.to_s
647     end
648     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
649
650     # Check the page
651     assert_response :success
652     assert_template "confirmations/confirm"
653
654     ActionMailer::Base.deliveries.clear
655
656     # Go to the confirmation page
657     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
658     assert_response :success
659     assert_template "confirmations/confirm"
660
661     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
662     assert_response :redirect
663     follow_redirect!
664     assert_response :success
665     assert_template "site/welcome"
666   end
667
668   def test_user_create_microsoft_success
669     new_email = "newtester-microsoft@osm.org"
670     email_hmac = UsersController.message_hmac(new_email)
671     display_name = "new_tester-microsoft"
672     auth_uid = "123454321"
673
674     OmniAuth.config.add_mock(:microsoft,
675                              :uid => auth_uid,
676                              :info => { "email" => new_email, :name => display_name })
677
678     assert_difference("User.count") do
679       assert_difference("ActionMailer::Base.deliveries.size", 0) do
680         perform_enqueued_jobs do
681           post auth_path(:provider => "microsoft", :origin => "/user/new")
682           assert_redirected_to auth_success_path(:provider => "microsoft")
683           follow_redirect!
684           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
685                                :email => new_email, :email_hmac => email_hmac,
686                                :auth_provider => "microsoft", :auth_uid => auth_uid
687           follow_redirect!
688           post "/user/new",
689                :params => { :user => { :email => new_email,
690                                        :display_name => display_name,
691                                        :auth_provider => "microsoft",
692                                        :auth_uid => auth_uid,
693                                        :consider_pd => "1" },
694                             :email_hmac => email_hmac }
695           assert_redirected_to welcome_path
696           follow_redirect!
697         end
698       end
699     end
700
701     # Check the page
702     assert_response :success
703     assert_template "site/welcome"
704
705     ActionMailer::Base.deliveries.clear
706   end
707
708   def test_user_create_microsoft_duplicate_email
709     dup_user = create(:user)
710     display_name = "new_tester-microsoft"
711     auth_uid = "123454321"
712
713     OmniAuth.config.add_mock(:microsoft,
714                              :uid => auth_uid,
715                              :info => { :email => dup_user.email, :name => display_name })
716
717     post auth_path(:provider => "microsoft", :origin => "/user/new")
718     assert_redirected_to auth_success_path(:provider => "microsoft")
719     follow_redirect!
720     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
721                          :email_hmac => UsersController.message_hmac(dup_user.email),
722                          :auth_provider => "microsoft", :auth_uid => auth_uid
723     follow_redirect!
724
725     assert_response :success
726     assert_template "users/new"
727     assert_select "form > div > input.is-invalid#user_email"
728
729     ActionMailer::Base.deliveries.clear
730   end
731
732   def test_user_create_microsoft_failure
733     OmniAuth.config.mock_auth[:microsoft] = :connection_failed
734
735     assert_difference("User.count", 0) do
736       assert_difference("ActionMailer::Base.deliveries.size", 0) do
737         perform_enqueued_jobs do
738           post auth_path(:provider => "microsoft", :origin => "/user/new")
739           assert_response :redirect
740           follow_redirect!
741           assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/user/new")
742           follow_redirect!
743           assert_redirected_to "/user/new"
744         end
745       end
746     end
747
748     ActionMailer::Base.deliveries.clear
749   end
750
751   def test_user_create_microsoft_redirect
752     orig_email = "redirect_tester_microsoft_orig@osm.org"
753     email_hmac = UsersController.message_hmac(orig_email)
754     new_email = "redirect_tester_microsoft@osm.org"
755     display_name = "redirect_tester_microsoft"
756     auth_uid = "123454321"
757
758     OmniAuth.config.add_mock(:microsoft,
759                              :uid => auth_uid,
760                              :info => { :email => orig_email, :name => display_name })
761
762     assert_difference("User.count") do
763       assert_difference("ActionMailer::Base.deliveries.size", 1) do
764         perform_enqueued_jobs do
765           post auth_path(:provider => "microsoft", :origin => "/user/new")
766           assert_redirected_to auth_success_path(:provider => "microsoft")
767           follow_redirect!
768           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
769                                :email => orig_email, :email_hmac => email_hmac,
770                                :auth_provider => "microsoft", :auth_uid => auth_uid
771           follow_redirect!
772
773           post "/user/new",
774                :params => { :user => { :email => new_email,
775                                        :email_hmac => email_hmac,
776                                        :display_name => display_name,
777                                        :auth_provider => "microsoft",
778                                        :auth_uid => auth_uid,
779                                        :consider_pd => "1" } }
780           assert_response :redirect
781           follow_redirect!
782         end
783       end
784     end
785
786     # Check the e-mail
787     register_email = ActionMailer::Base.deliveries.first
788
789     assert_equal register_email.to.first, new_email
790     # Check that the confirm account url is correct
791     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
792     email_text_parts(register_email).each do |part|
793       assert_match confirm_regex, part.body.to_s
794     end
795     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
796
797     # Check the page
798     assert_response :success
799     assert_template "confirmations/confirm"
800
801     ActionMailer::Base.deliveries.clear
802
803     # Go to the confirmation page
804     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
805     assert_response :success
806     assert_template "confirmations/confirm"
807
808     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
809     assert_response :redirect
810     follow_redirect!
811     assert_response :success
812     assert_template "site/welcome"
813   end
814
815   def test_user_create_github_success
816     new_email = "newtester-github@osm.org"
817     email_hmac = UsersController.message_hmac(new_email)
818     display_name = "new_tester-github"
819     password = "testtest"
820     auth_uid = "123454321"
821
822     OmniAuth.config.add_mock(:github,
823                              :uid => auth_uid,
824                              :info => { "email" => new_email, :name => display_name })
825
826     assert_difference("User.count") do
827       assert_no_difference("ActionMailer::Base.deliveries.size") do
828         perform_enqueued_jobs do
829           post auth_path(:provider => "github", :origin => "/user/new")
830           assert_redirected_to auth_success_path(:provider => "github")
831           follow_redirect!
832           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
833                                :email => new_email, :email_hmac => email_hmac,
834                                :auth_provider => "github", :auth_uid => auth_uid
835           follow_redirect!
836
837           post "/user/new",
838                :params => { :user => { :email => new_email,
839                                        :display_name => display_name,
840                                        :auth_provider => "github",
841                                        :auth_uid => "123454321",
842                                        :pass_crypt => password,
843                                        :pass_crypt_confirmation => password },
844                             :read_ct => 1,
845                             :read_tou => 1,
846                             :email_hmac => email_hmac }
847           assert_redirected_to welcome_path
848           follow_redirect!
849         end
850       end
851     end
852
853     # Check the page
854     assert_response :success
855     assert_template "site/welcome"
856
857     ActionMailer::Base.deliveries.clear
858   end
859
860   def test_user_create_github_duplicate_email
861     dup_user = create(:user)
862     display_name = "new_tester-github"
863     auth_uid = "123454321"
864
865     OmniAuth.config.add_mock(:github,
866                              :uid => auth_uid,
867                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
868                              :info => { :email => dup_user.email, :name => display_name })
869
870     post auth_path(:provider => "github", :origin => "/user/new")
871     assert_redirected_to auth_success_path(:provider => "github")
872     follow_redirect!
873     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
874                          :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
875                          :auth_provider => "github", :auth_uid => auth_uid
876     follow_redirect!
877
878     assert_response :success
879     assert_template "users/new"
880     assert_select "form > div > input.is-invalid#user_email"
881
882     ActionMailer::Base.deliveries.clear
883   end
884
885   def test_user_create_github_failure
886     OmniAuth.config.mock_auth[:github] = :connection_failed
887
888     assert_difference("User.count", 0) do
889       assert_difference("ActionMailer::Base.deliveries.size", 0) do
890         perform_enqueued_jobs do
891           post auth_path(:provider => "github", :origin => "/user/new")
892           follow_redirect!
893           assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/user/new")
894           follow_redirect!
895           assert_redirected_to "/user/new"
896         end
897       end
898     end
899
900     ActionMailer::Base.deliveries.clear
901   end
902
903   def test_user_create_github_redirect
904     orig_email = "redirect_tester_github_orig@osm.org"
905     email_hmac = UsersController.message_hmac(orig_email)
906     new_email = "redirect_tester_github@osm.org"
907     display_name = "redirect_tester_github"
908     auth_uid = "123454321"
909
910     OmniAuth.config.add_mock(:github,
911                              :uid => auth_uid,
912                              :info => { :email => orig_email, :name => display_name })
913
914     assert_difference("User.count") do
915       assert_difference("ActionMailer::Base.deliveries.size", 1) do
916         perform_enqueued_jobs do
917           post auth_path(:provider => "github", :origin => "/user/new")
918           assert_redirected_to auth_success_path(:provider => "github")
919           follow_redirect!
920           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
921                                :email => orig_email, :email_hmac => email_hmac,
922                                :auth_provider => "github", :auth_uid => auth_uid
923           follow_redirect!
924           post "/user/new",
925                :params => { :user => { :email => new_email,
926                                        :email_hmac => email_hmac,
927                                        :display_name => display_name,
928                                        :auth_provider => "github",
929                                        :auth_uid => auth_uid,
930                                        :consider_pd => "1" } }
931           assert_response :redirect
932           follow_redirect!
933         end
934       end
935     end
936
937     # Check the e-mail
938     register_email = ActionMailer::Base.deliveries.first
939
940     assert_equal register_email.to.first, new_email
941     # Check that the confirm account url is correct
942     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
943     email_text_parts(register_email).each do |part|
944       assert_match confirm_regex, part.body.to_s
945     end
946     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
947
948     # Check the page
949     assert_response :success
950     assert_template "confirmations/confirm"
951
952     ActionMailer::Base.deliveries.clear
953
954     # Go to the confirmation page
955     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
956     assert_response :success
957     assert_template "confirmations/confirm"
958
959     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
960     assert_response :redirect
961     follow_redirect!
962     assert_response :success
963     assert_template "site/welcome"
964   end
965
966   def test_user_create_wikipedia_success
967     new_email = "newtester-wikipedia@osm.org"
968     email_hmac = UsersController.message_hmac(new_email)
969     display_name = "new_tester-wikipedia"
970     password = "testtest"
971     auth_uid = "123454321"
972
973     OmniAuth.config.add_mock(:wikipedia,
974                              :uid => auth_uid,
975                              :info => { :email => new_email, :name => display_name })
976
977     assert_difference("User.count") do
978       assert_no_difference("ActionMailer::Base.deliveries.size") do
979         perform_enqueued_jobs do
980           post auth_path(:provider => "wikipedia", :origin => "/user/new")
981           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
982           follow_redirect!
983           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
984                                :email => new_email, :email_hmac => email_hmac,
985                                :auth_provider => "wikipedia", :auth_uid => auth_uid
986           follow_redirect!
987           post "/user/new",
988                :params => { :user => { :email => new_email,
989                                        :display_name => display_name,
990                                        :auth_provider => "wikipedia",
991                                        :auth_uid => "123454321",
992                                        :pass_crypt => password,
993                                        :pass_crypt_confirmation => password },
994                             :read_ct => 1,
995                             :read_tou => 1,
996                             :email_hmac => email_hmac }
997           assert_redirected_to welcome_path
998           follow_redirect!
999         end
1000       end
1001     end
1002
1003     # Check the page
1004     assert_response :success
1005     assert_template "site/welcome"
1006   end
1007
1008   def test_user_create_wikipedia_duplicate_email
1009     dup_user = create(:user)
1010     display_name = "new_tester-wikipedia"
1011     auth_uid = "123454321"
1012
1013     OmniAuth.config.add_mock(:wikipedia,
1014                              :uid => auth_uid,
1015                              :info => { "email" => dup_user.email, :name => display_name })
1016
1017     post auth_path(:provider => "wikipedia", :origin => "/user/new")
1018     assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1019     follow_redirect!
1020     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
1021                          :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
1022                          :auth_provider => "wikipedia", :auth_uid => auth_uid
1023     follow_redirect!
1024
1025     assert_response :success
1026     assert_template "users/new"
1027     assert_select "form > div > input.is-invalid#user_email"
1028
1029     ActionMailer::Base.deliveries.clear
1030   end
1031
1032   def test_user_create_wikipedia_failure
1033     OmniAuth.config.mock_auth[:wikipedia] = :connection_failed
1034
1035     assert_difference("User.count", 0) do
1036       assert_difference("ActionMailer::Base.deliveries.size", 0) do
1037         perform_enqueued_jobs do
1038           post auth_path(:provider => "wikipedia", :origin => "/user/new")
1039           assert_response :redirect
1040           follow_redirect!
1041           assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/user/new")
1042           follow_redirect!
1043           assert_redirected_to "/user/new"
1044         end
1045       end
1046     end
1047
1048     ActionMailer::Base.deliveries.clear
1049   end
1050
1051   def test_user_create_wikipedia_redirect
1052     orig_email = "redirect_tester_wikipedia_orig@osm.org"
1053     email_hmac = UsersController.message_hmac(orig_email)
1054     new_email = "redirect_tester_wikipedia@osm.org"
1055     display_name = "redirect_tester_wikipedia"
1056     auth_uid = "123454321"
1057
1058     OmniAuth.config.add_mock(:wikipedia,
1059                              :uid => auth_uid,
1060                              :info => { :email => orig_email, :name => display_name })
1061
1062     # nothing special about this page, just need a protected page to redirect back to.
1063     assert_difference("User.count") do
1064       assert_difference("ActionMailer::Base.deliveries.size", 1) do
1065         perform_enqueued_jobs do
1066           post auth_path(:provider => "wikipedia", :origin => "/user/new")
1067           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1068           follow_redirect!
1069           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
1070                                :email => orig_email, :email_hmac => email_hmac,
1071                                :auth_provider => "wikipedia", :auth_uid => auth_uid
1072           follow_redirect!
1073
1074           post "/user/new",
1075                :params => { :user => { :email => new_email,
1076                                        :email_hmac => email_hmac,
1077                                        :display_name => display_name,
1078                                        :auth_provider => "wikipedia",
1079                                        :auth_uid => auth_uid,
1080                                        :consider_pd => "1" } }
1081           assert_response :redirect
1082           follow_redirect!
1083         end
1084       end
1085     end
1086
1087     # Check the e-mail
1088     register_email = ActionMailer::Base.deliveries.first
1089
1090     assert_equal register_email.to.first, new_email
1091     # Check that the confirm account url is correct
1092     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
1093     email_text_parts(register_email).each do |part|
1094       assert_match confirm_regex, part.body.to_s
1095     end
1096     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
1097
1098     # Check the page
1099     assert_response :success
1100     assert_template "confirmations/confirm"
1101
1102     ActionMailer::Base.deliveries.clear
1103
1104     # Go to the confirmation page
1105     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1106     assert_response :success
1107     assert_template "confirmations/confirm"
1108
1109     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1110     assert_response :redirect
1111     follow_redirect!
1112     assert_response :success
1113     assert_template "site/welcome"
1114   end
1115 end