3 class UserTermsSeenTest < ActionDispatch::IntegrationTest
5 user = create(:user, :terms_seen => false, :terms_agreed => nil)
7 get "/api/#{Settings.api_version}/user/preferences", :headers => bearer_authorization_header(user)
8 assert_response :forbidden
10 # touch it so that the user has seen the terms
11 user.terms_seen = true
14 get "/api/#{Settings.api_version}/user/preferences", :headers => bearer_authorization_header(user)
15 assert_response :success
18 def test_terms_presented_at_login
19 user = create(:user, :terms_seen => false, :terms_agreed => nil)
24 assert_response :success
25 assert_template "sessions/new"
26 post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
27 # but now we need to look at the terms
28 assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
30 assert_response :success
32 # don't agree to the terms, but hit decline
33 post "/user/save", :params => { :decline => true, :referer => "/diary/new" }
34 assert_redirected_to "/diary/new"
37 # should be carried through to a normal login with a message
38 assert_response :success
39 assert_not flash[:notice].nil?
42 def test_terms_cant_be_circumvented
43 user = create(:user, :terms_seen => false, :terms_agreed => nil)
48 assert_response :success
49 assert_template "sessions/new"
50 post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
51 # but now we need to look at the terms
52 assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
54 # check that if we go somewhere else now, it redirects
55 # back to the terms page.
57 assert_redirected_to :controller => :users, :action => :terms, :referer => "/traces/mine"
58 get "/traces/mine", :params => { :referer => "/diary/new" }
59 assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"