3 class UserTermsSeenTest < ActionDispatch::IntegrationTest
5 user = create(:user, :terms_seen => false, :terms_agreed => nil)
7 get "/api/#{Settings.api_version}/user/preferences", :headers => auth_header(user.display_name, "test")
8 assert_response :forbidden
10 # touch it so that the user has seen the terms
11 user.terms_seen = true
14 get "/api/#{Settings.api_version}/user/preferences", :headers => auth_header(user.display_name, "test")
15 assert_response :success
18 def test_terms_presented_at_login
19 user = create(:user, :terms_seen => false, :terms_agreed => nil)
24 assert_response :success
25 assert_template "users/login"
26 post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
27 assert_response :redirect
28 # but now we need to look at the terms
29 assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
31 assert_response :success
33 # don't agree to the terms, but hit decline
34 post "/user/save", :params => { :decline => true, :referer => "/diary/new" }
35 assert_redirected_to "/diary/new"
38 # should be carried through to a normal login with a message
39 assert_response :success
40 assert_not flash[:notice].nil?
43 def test_terms_cant_be_circumvented
44 user = create(:user, :terms_seen => false, :terms_agreed => nil)
49 assert_response :success
50 assert_template "users/login"
51 post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
52 assert_response :redirect
53 # but now we need to look at the terms
54 assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
56 # check that if we go somewhere else now, it redirects
57 # back to the terms page.
59 assert_redirected_to :controller => :users, :action => :terms, :referer => "/traces/mine"
60 get "/traces/mine", :params => { :referer => "/diary/new" }
61 assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
66 def auth_header(user, pass)
67 { "HTTP_AUTHORIZATION" => format("Basic %<auth>s", :auth => Base64.encode64("#{user}:#{pass}")) }