]> git.openstreetmap.org Git - rails.git/blob - test/integration/user_creation_test.rb
projects / rails.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Make api changeset show path resourceful
[rails.git] / test / integration / user_creation_test.rb
1 require "test_helper"
2
3 class UserCreationTest < ActionDispatch::IntegrationTest
4   def setup
5     OmniAuth.config.test_mode = true
6
7     stub_request(:get, /.*gravatar.com.*d=404/).to_return(:status => 404)
8   end
9
10   def teardown
11     OmniAuth.config.mock_auth[:openid] = nil
12     OmniAuth.config.mock_auth[:google] = nil
13     OmniAuth.config.mock_auth[:facebook] = nil
14     OmniAuth.config.mock_auth[:microsoft] = nil
15     OmniAuth.config.mock_auth[:github] = nil
16     OmniAuth.config.mock_auth[:wikipedia] = nil
17     OmniAuth.config.test_mode = false
18   end
19
20   def test_create_user_form
21     get "/user/new"
22     follow_redirect!
23     assert_response :success
24     assert_template "users/new"
25   end
26
27   def test_user_create_submit_duplicate_email
28     dup_email = create(:user).email
29     display_name = "new_tester"
30     assert_difference("User.count", 0) do
31       assert_difference("ActionMailer::Base.deliveries.size", 0) do
32         perform_enqueued_jobs do
33           post "/user",
34                :params => { :user => { :email => dup_email,
35                                        :display_name => display_name,
36                                        :pass_crypt => "testtest",
37                                        :pass_crypt_confirmation => "testtest" } }
38         end
39       end
40     end
41     assert_response :success
42     assert_template "users/new"
43     assert_select "form"
44     assert_select "form > div > input.is-invalid#user_email"
45   end
46
47   def test_user_create_association_submit_duplicate_email
48     dup_email = create(:user).email
49     display_name = "new_tester"
50     assert_difference("User.count", 0) do
51       assert_no_difference("ActionMailer::Base.deliveries.size") do
52         perform_enqueued_jobs do
53           post "/user",
54                :params => { :user => { :email => dup_email,
55                                        :display_name => display_name,
56                                        :pass_crypt => "testtest",
57                                        :pass_crypt_confirmation => "testtest",
58                                        :auth_provider => "google",
59                                        :auth_uid => "123454321" } }
60         end
61       end
62     end
63     assert_response :success
64     assert_template "users/new"
65     assert_select "form"
66     assert_select "form > div > input.is-invalid#user_email"
67   end
68
69   def test_user_create_submit_duplicate_username
70     dup_display_name = create(:user).display_name
71     email = "new_tester"
72     assert_difference("User.count", 0) do
73       assert_difference("ActionMailer::Base.deliveries.size", 0) do
74         perform_enqueued_jobs do
75           post "/user",
76                :params => { :user => { :email => email,
77                                        :display_name => dup_display_name,
78                                        :pass_crypt => "testtest",
79                                        :pass_crypt_confirmation => "testtest" } }
80         end
81       end
82     end
83     assert_response :success
84     assert_template "users/new"
85     assert_select "form > div > input.is-invalid#user_display_name"
86   end
87
88   def test_user_create_submit_mismatched_passwords
89     email = "newtester@osm.org"
90     display_name = "new_tester"
91     assert_difference("User.count", 0) do
92       assert_difference("ActionMailer::Base.deliveries.size", 0) do
93         perform_enqueued_jobs do
94           post "/user",
95                :params => { :user => { :email => email,
96                                        :display_name => display_name,
97                                        :pass_crypt => "testtest",
98                                        :pass_crypt_confirmation => "blahblah" } }
99         end
100       end
101     end
102     assert_response :success
103     assert_template "users/new"
104     assert_select "form > div > div > div > input.is-invalid#user_pass_crypt_confirmation"
105   end
106
107   def test_user_create_association_submit_duplicate_username
108     dup_display_name = create(:user).display_name
109     email = "new_tester"
110     assert_difference("User.count", 0) do
111       assert_no_difference("ActionMailer::Base.deliveries.size") do
112         perform_enqueued_jobs do
113           post "/user",
114                :params => { :user => { :email => email,
115                                        :display_name => dup_display_name,
116                                        :auth_provider => "google",
117                                        :auth_uid => "123454321" } }
118         end
119       end
120     end
121     assert_response :success
122     assert_template "users/new"
123     assert_select "form > div > input.is-invalid#user_display_name"
124   end
125
126   def test_user_create_success
127     new_email = "newtester@osm.org"
128     display_name = "new_tester"
129
130     assert_difference("User.count", 1) do
131       assert_difference("ActionMailer::Base.deliveries.size", 1) do
132         perform_enqueued_jobs do
133           post "/user",
134                :params => { :user => { :email => new_email,
135                                        :display_name => display_name,
136                                        :pass_crypt => "testtest",
137                                        :pass_crypt_confirmation => "testtest" } }
138           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
139           follow_redirect!
140         end
141       end
142     end
143
144     assert_response :success
145     assert_template "confirmations/confirm"
146
147     user = User.find_by(:email => "newtester@osm.org")
148     assert_not_nil user
149     assert_not_predicate user, :active?
150
151     register_email = ActionMailer::Base.deliveries.first
152     assert_equal register_email.to.first, new_email
153     found_confirmation_url = register_email.parts.first.parts.first.to_s =~ %r{\shttp://test.host(/\S+)\s}
154     assert found_confirmation_url
155     confirmation_url = Regexp.last_match(1)
156
157     post confirmation_url
158
159     assert_redirected_to welcome_path
160
161     user.reload
162     assert_predicate user, :active?
163
164     assert_equal user, User.authenticate(:username => new_email, :password => "testtest")
165   end
166
167   # Check that the user can successfully recover their password
168   # def test_lost_password_recovery_success
169   #   Open the lost password form
170   #   Submit the lost password form
171   #   Check the e-mail
172   #   Submit the reset password token
173   #   Check that the password has changed, and the user can login
174   # end
175
176   def test_user_create_redirect
177     new_email = "redirect_tester@osm.org"
178     display_name = "redirect_tester"
179     password = "testtest"
180     # nothing special about this page, just need a protected page to redirect back to.
181     referer = "/traces/mine"
182     assert_difference("User.count") do
183       assert_difference("ActionMailer::Base.deliveries.size", 1) do
184         perform_enqueued_jobs do
185           post "/user",
186                :params => { :user => { :email => new_email,
187                                        :display_name => display_name,
188                                        :pass_crypt => password,
189                                        :pass_crypt_confirmation => password },
190                             :referer => referer }
191           assert_response(:redirect)
192           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
193           follow_redirect!
194         end
195       end
196     end
197
198     # Check the e-mail
199     register_email = ActionMailer::Base.deliveries.first
200
201     assert_equal register_email.to.first, new_email
202     # Check that the confirm account url is correct
203     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
204     email_text_parts(register_email).each do |part|
205       assert_match confirm_regex, part.body.to_s
206     end
207     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
208
209     # Check the page
210     assert_response :success
211     assert_template "confirmations/confirm"
212
213     # Go to the confirmation page
214     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
215     assert_response :success
216     assert_template "confirmations/confirm"
217
218     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
219     assert_response :redirect
220     follow_redirect!
221     assert_response :success
222     assert_template "site/welcome"
223   end
224
225   def test_user_create_openid_success
226     new_email = "newtester-openid@osm.org"
227     display_name = "new_tester-openid"
228     openid_url = "http://localhost:1000/new.tester"
229     auth_uid = "http://localhost:1123/new.tester"
230
231     OmniAuth.config.add_mock(:openid,
232                              :uid => auth_uid,
233                              :info => { :email => new_email, :name => display_name })
234
235     assert_difference("User.count") do
236       assert_difference("ActionMailer::Base.deliveries.size", 1) do
237         perform_enqueued_jobs do
238           post auth_path(:provider => "openid", :openid_url => openid_url, :origin => "/user/new")
239           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => openid_url, :origin => "/user/new")
240           follow_redirect!
241           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email,
242                                :auth_provider => "openid", :auth_uid => auth_uid
243           follow_redirect!
244           post "/user",
245                :params => { :user => { :email => new_email,
246                                        :display_name => display_name,
247                                        :auth_provider => "openid",
248                                        :auth_uid => auth_uid } }
249         end
250       end
251     end
252
253     # Check the page
254     assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
255   end
256
257   def test_user_create_openid_duplicate_email
258     dup_user = create(:user)
259     display_name = "new_tester-openid"
260     auth_uid = "123454321"
261
262     OmniAuth.config.add_mock(:openid,
263                              :uid => auth_uid,
264                              :info => { :email => dup_user.email, :name => display_name })
265
266     post auth_path(:provider => "openid", :origin => "/user/new")
267     assert_redirected_to auth_success_path(:provider => "openid", :origin => "/user/new")
268     follow_redirect!
269     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
270                          :auth_provider => "openid", :auth_uid => auth_uid
271     follow_redirect!
272
273     assert_response :success
274     assert_template "users/new"
275     assert_select "form > div > input.is-invalid#user_email"
276   end
277
278   def test_user_create_openid_failure
279     OmniAuth.config.mock_auth[:openid] = :connection_failed
280
281     assert_difference("User.count", 0) do
282       assert_difference("ActionMailer::Base.deliveries.size", 0) do
283         perform_enqueued_jobs do
284           post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
285           follow_redirect!
286           assert_redirected_to auth_failure_path(:strategy => "openid", :message => "connection_failed", :origin => "/user/new")
287           follow_redirect!
288           assert_redirected_to "/user/new"
289         end
290       end
291     end
292   end
293
294   def test_user_create_openid_redirect
295     openid_url = "http://localhost:1000/new.tester"
296     auth_uid = "http://localhost:1123/new.tester"
297     new_email = "redirect_tester_openid@osm.org"
298     display_name = "redirect_tester_openid"
299
300     OmniAuth.config.add_mock(:openid,
301                              :uid => auth_uid,
302                              :info => { :email => new_email, :name => display_name })
303
304     assert_difference("User.count") do
305       assert_difference("ActionMailer::Base.deliveries.size", 1) do
306         perform_enqueued_jobs do
307           post auth_path(:provider => "openid", :openid_url => openid_url, :origin => "/user/new")
308           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => openid_url, :origin => "/user/new")
309           follow_redirect!
310           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email,
311                                :auth_provider => "openid", :auth_uid => auth_uid
312           follow_redirect!
313           post "/user",
314                :params => { :user => { :email => new_email,
315                                        :display_name => display_name,
316                                        :auth_provider => "openid",
317                                        :auth_uid => auth_uid } }
318           follow_redirect!
319         end
320       end
321     end
322
323     # Check the e-mail
324     register_email = ActionMailer::Base.deliveries.first
325
326     assert_equal register_email.to.first, new_email
327     # Check that the confirm account url is correct
328     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
329     email_text_parts(register_email).each do |part|
330       assert_match confirm_regex, part.body.to_s
331     end
332     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
333
334     # Check the page
335     assert_response :success
336     assert_template "confirmations/confirm"
337
338     # Go to the confirmation page
339     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
340     assert_response :success
341     assert_template "confirmations/confirm"
342
343     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
344     assert_response :redirect
345     follow_redirect!
346     assert_response :success
347     assert_template "site/welcome"
348   end
349
350   def test_user_create_google_success
351     new_email = "newtester-google@osm.org"
352     email_hmac = UsersController.message_hmac(new_email)
353     display_name = "new_tester-google"
354     auth_uid = "123454321"
355
356     OmniAuth.config.add_mock(:google,
357                              :uid => auth_uid,
358                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
359                              :info => { :email => new_email, :name => display_name })
360
361     assert_difference("User.count") do
362       assert_no_difference("ActionMailer::Base.deliveries.size") do
363         perform_enqueued_jobs do
364           post auth_path(:provider => "google", :origin => "/user/new")
365           assert_redirected_to auth_success_path(:provider => "google")
366           follow_redirect!
367           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
368                                :email => new_email, :email_hmac => email_hmac,
369                                :auth_provider => "google", :auth_uid => auth_uid
370           follow_redirect!
371
372           post "/user",
373                :params => { :user => { :email => new_email,
374                                        :display_name => display_name,
375                                        :auth_provider => "google",
376                                        :auth_uid => auth_uid },
377                             :email_hmac => email_hmac }
378           assert_redirected_to welcome_path
379           follow_redirect!
380         end
381       end
382     end
383
384     # Check the page
385     assert_response :success
386     assert_template "site/welcome"
387   end
388
389   def test_user_create_google_duplicate_email
390     dup_user = create(:user)
391     display_name = "new_tester-google"
392     auth_uid = "123454321"
393
394     OmniAuth.config.add_mock(:google,
395                              :uid => auth_uid,
396                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
397                              :info => { :email => dup_user.email, :name => display_name })
398
399     post auth_path(:provider => "google", :origin => "/user/new")
400     assert_redirected_to auth_success_path(:provider => "google")
401     follow_redirect!
402     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
403                          :email_hmac => UsersController.message_hmac(dup_user.email),
404                          :auth_provider => "google", :auth_uid => auth_uid
405     follow_redirect!
406
407     assert_response :success
408     assert_template "users/new"
409     assert_select "form > div > input.is-invalid#user_email"
410   end
411
412   def test_user_create_google_failure
413     OmniAuth.config.mock_auth[:google] = :connection_failed
414
415     assert_difference("User.count", 0) do
416       assert_difference("ActionMailer::Base.deliveries.size", 0) do
417         perform_enqueued_jobs do
418           post auth_path(:provider => "google", :origin => "/user/new")
419           assert_response :redirect
420           follow_redirect!
421           assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new")
422           follow_redirect!
423           assert_redirected_to "/user/new"
424         end
425       end
426     end
427   end
428
429   def test_user_create_google_redirect
430     orig_email = "redirect_tester_google_orig@google.com"
431     email_hmac = UsersController.message_hmac(orig_email)
432     new_email =  "redirect_tester_google@osm.org"
433     display_name = "redirect_tester_google"
434     auth_uid = "123454321"
435
436     OmniAuth.config.add_mock(:google,
437                              :uid => auth_uid,
438                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
439                              :info => { :email => orig_email, :name => display_name })
440
441     assert_difference("User.count") do
442       assert_difference("ActionMailer::Base.deliveries.size", 1) do
443         perform_enqueued_jobs do
444           post auth_path(:provider => "google", :origin => "/user/new")
445           assert_redirected_to auth_success_path(:provider => "google")
446           follow_redirect!
447           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
448                                :email => orig_email, :email_hmac => email_hmac,
449                                :auth_provider => "google", :auth_uid => auth_uid
450           follow_redirect!
451           post "/user",
452                :params => { :user => { :email => new_email,
453                                        :email_hmac => email_hmac,
454                                        :display_name => display_name,
455                                        :auth_provider => "google",
456                                        :auth_uid => auth_uid } }
457           assert_response :redirect
458           follow_redirect!
459         end
460       end
461     end
462
463     # Check the e-mail
464     register_email = ActionMailer::Base.deliveries.first
465
466     assert_equal register_email.to.first, new_email
467     # Check that the confirm account url is correct
468     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
469     email_text_parts(register_email).each do |part|
470       assert_match confirm_regex, part.body.to_s
471     end
472     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
473
474     # Check the page
475     assert_response :success
476     assert_template "confirmations/confirm"
477
478     # Go to the confirmation page
479     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
480     assert_response :success
481     assert_template "confirmations/confirm"
482
483     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
484     assert_response :redirect
485     follow_redirect!
486     assert_response :success
487     assert_template "site/welcome"
488   end
489
490   def test_user_create_facebook_success
491     new_email = "newtester-facebook@osm.org"
492     email_hmac = UsersController.message_hmac(new_email)
493     display_name = "new_tester-facebook"
494     auth_uid = "123454321"
495
496     OmniAuth.config.add_mock(:facebook,
497                              :uid => auth_uid,
498                              :info => { "email" => new_email, :name => display_name })
499
500     assert_difference("User.count") do
501       assert_no_difference("ActionMailer::Base.deliveries.size") do
502         perform_enqueued_jobs do
503           post auth_path(:provider => "facebook", :origin => "/user/new")
504           assert_redirected_to auth_success_path(:provider => "facebook")
505           follow_redirect!
506           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
507                                :email => new_email, :email_hmac => email_hmac,
508                                :auth_provider => "facebook", :auth_uid => auth_uid
509           follow_redirect!
510
511           post "/user",
512                :params => { :user => { :email => new_email,
513                                        :display_name => display_name,
514                                        :auth_provider => "facebook",
515                                        :auth_uid => auth_uid },
516                             :email_hmac => email_hmac }
517           assert_redirected_to welcome_path
518           follow_redirect!
519         end
520       end
521     end
522
523     # Check the page
524     assert_response :success
525     assert_template "site/welcome"
526   end
527
528   def test_user_create_facebook_duplicate_email
529     dup_user = create(:user)
530     display_name = "new_tester-facebook"
531     auth_uid = "123454321"
532
533     OmniAuth.config.add_mock(:facebook,
534                              :uid => auth_uid,
535                              :info => { :email => dup_user.email, :name => display_name })
536
537     post auth_path(:provider => "facebook", :origin => "/user/new")
538     assert_redirected_to auth_success_path(:provider => "facebook")
539     follow_redirect!
540     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
541                          :email_hmac => UsersController.message_hmac(dup_user.email),
542                          :auth_provider => "facebook", :auth_uid => auth_uid
543     follow_redirect!
544
545     assert_response :success
546     assert_template "users/new"
547     assert_select "form > div > input.is-invalid#user_email"
548   end
549
550   def test_user_create_facebook_failure
551     OmniAuth.config.mock_auth[:facebook] = :connection_failed
552
553     assert_difference("User.count", 0) do
554       assert_difference("ActionMailer::Base.deliveries.size", 0) do
555         perform_enqueued_jobs do
556           post auth_path(:provider => "facebook", :origin => "/user/new")
557           assert_response :redirect
558           follow_redirect!
559           assert_redirected_to auth_failure_path(:strategy => "facebook", :message => "connection_failed", :origin => "/user/new")
560           follow_redirect!
561           assert_redirected_to "/user/new"
562         end
563       end
564     end
565   end
566
567   def test_user_create_facebook_redirect
568     orig_email = "redirect_tester_facebook_orig@osm.org"
569     email_hmac = UsersController.message_hmac(orig_email)
570     new_email = "redirect_tester_facebook@osm.org"
571     display_name = "redirect_tester_facebook"
572     auth_uid = "123454321"
573
574     OmniAuth.config.add_mock(:facebook,
575                              :uid => auth_uid,
576                              :info => { :email => orig_email, :name => display_name })
577
578     # nothing special about this page, just need a protected page to redirect back to.
579     assert_difference("User.count") do
580       assert_difference("ActionMailer::Base.deliveries.size", 1) do
581         perform_enqueued_jobs do
582           post auth_path(:provider => "facebook", :origin => "/user/new")
583           assert_redirected_to auth_success_path(:provider => "facebook")
584           follow_redirect!
585           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
586                                :email => orig_email, :email_hmac => email_hmac,
587                                :auth_provider => "facebook", :auth_uid => auth_uid
588           follow_redirect!
589
590           post "/user",
591                :params => { :user => { :email => new_email,
592                                        :email_hmac => email_hmac,
593                                        :display_name => display_name,
594                                        :auth_provider => "facebook",
595                                        :auth_uid => auth_uid } }
596           assert_response :redirect
597           follow_redirect!
598         end
599       end
600     end
601
602     # Check the e-mail
603     register_email = ActionMailer::Base.deliveries.first
604
605     assert_equal register_email.to.first, new_email
606     # Check that the confirm account url is correct
607     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
608     email_text_parts(register_email).each do |part|
609       assert_match confirm_regex, part.body.to_s
610     end
611     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
612
613     # Check the page
614     assert_response :success
615     assert_template "confirmations/confirm"
616
617     # Go to the confirmation page
618     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
619     assert_response :success
620     assert_template "confirmations/confirm"
621
622     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
623     assert_response :redirect
624     follow_redirect!
625     assert_response :success
626     assert_template "site/welcome"
627   end
628
629   def test_user_create_microsoft_success
630     new_email = "newtester-microsoft@osm.org"
631     email_hmac = UsersController.message_hmac(new_email)
632     display_name = "new_tester-microsoft"
633     auth_uid = "123454321"
634
635     OmniAuth.config.add_mock(:microsoft,
636                              :uid => auth_uid,
637                              :info => { "email" => new_email, :name => display_name })
638
639     assert_difference("User.count") do
640       assert_difference("ActionMailer::Base.deliveries.size", 0) do
641         perform_enqueued_jobs do
642           post auth_path(:provider => "microsoft", :origin => "/user/new")
643           assert_redirected_to auth_success_path(:provider => "microsoft")
644           follow_redirect!
645           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
646                                :email => new_email, :email_hmac => email_hmac,
647                                :auth_provider => "microsoft", :auth_uid => auth_uid
648           follow_redirect!
649           post "/user",
650                :params => { :user => { :email => new_email,
651                                        :display_name => display_name,
652                                        :auth_provider => "microsoft",
653                                        :auth_uid => auth_uid },
654                             :email_hmac => email_hmac }
655           assert_redirected_to welcome_path
656           follow_redirect!
657         end
658       end
659     end
660
661     # Check the page
662     assert_response :success
663     assert_template "site/welcome"
664   end
665
666   def test_user_create_microsoft_duplicate_email
667     dup_user = create(:user)
668     display_name = "new_tester-microsoft"
669     auth_uid = "123454321"
670
671     OmniAuth.config.add_mock(:microsoft,
672                              :uid => auth_uid,
673                              :info => { :email => dup_user.email, :name => display_name })
674
675     post auth_path(:provider => "microsoft", :origin => "/user/new")
676     assert_redirected_to auth_success_path(:provider => "microsoft")
677     follow_redirect!
678     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
679                          :email_hmac => UsersController.message_hmac(dup_user.email),
680                          :auth_provider => "microsoft", :auth_uid => auth_uid
681     follow_redirect!
682
683     assert_response :success
684     assert_template "users/new"
685     assert_select "form > div > input.is-invalid#user_email"
686   end
687
688   def test_user_create_microsoft_failure
689     OmniAuth.config.mock_auth[:microsoft] = :connection_failed
690
691     assert_difference("User.count", 0) do
692       assert_difference("ActionMailer::Base.deliveries.size", 0) do
693         perform_enqueued_jobs do
694           post auth_path(:provider => "microsoft", :origin => "/user/new")
695           assert_response :redirect
696           follow_redirect!
697           assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/user/new")
698           follow_redirect!
699           assert_redirected_to "/user/new"
700         end
701       end
702     end
703   end
704
705   def test_user_create_microsoft_redirect
706     orig_email = "redirect_tester_microsoft_orig@osm.org"
707     email_hmac = UsersController.message_hmac(orig_email)
708     new_email = "redirect_tester_microsoft@osm.org"
709     display_name = "redirect_tester_microsoft"
710     auth_uid = "123454321"
711
712     OmniAuth.config.add_mock(:microsoft,
713                              :uid => auth_uid,
714                              :info => { :email => orig_email, :name => display_name })
715
716     assert_difference("User.count") do
717       assert_difference("ActionMailer::Base.deliveries.size", 1) do
718         perform_enqueued_jobs do
719           post auth_path(:provider => "microsoft", :origin => "/user/new")
720           assert_redirected_to auth_success_path(:provider => "microsoft")
721           follow_redirect!
722           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
723                                :email => orig_email, :email_hmac => email_hmac,
724                                :auth_provider => "microsoft", :auth_uid => auth_uid
725           follow_redirect!
726
727           post "/user",
728                :params => { :user => { :email => new_email,
729                                        :email_hmac => email_hmac,
730                                        :display_name => display_name,
731                                        :auth_provider => "microsoft",
732                                        :auth_uid => auth_uid } }
733           assert_response :redirect
734           follow_redirect!
735         end
736       end
737     end
738
739     # Check the e-mail
740     register_email = ActionMailer::Base.deliveries.first
741
742     assert_equal register_email.to.first, new_email
743     # Check that the confirm account url is correct
744     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
745     email_text_parts(register_email).each do |part|
746       assert_match confirm_regex, part.body.to_s
747     end
748     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
749
750     # Check the page
751     assert_response :success
752     assert_template "confirmations/confirm"
753
754     # Go to the confirmation page
755     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
756     assert_response :success
757     assert_template "confirmations/confirm"
758
759     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
760     assert_response :redirect
761     follow_redirect!
762     assert_response :success
763     assert_template "site/welcome"
764   end
765
766   def test_user_create_github_success
767     new_email = "newtester-github@osm.org"
768     email_hmac = UsersController.message_hmac(new_email)
769     display_name = "new_tester-github"
770     password = "testtest"
771     auth_uid = "123454321"
772
773     OmniAuth.config.add_mock(:github,
774                              :uid => auth_uid,
775                              :info => { "email" => new_email, :name => display_name })
776
777     assert_difference("User.count") do
778       assert_no_difference("ActionMailer::Base.deliveries.size") do
779         perform_enqueued_jobs do
780           post auth_path(:provider => "github", :origin => "/user/new")
781           assert_redirected_to auth_success_path(:provider => "github")
782           follow_redirect!
783           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
784                                :email => new_email, :email_hmac => email_hmac,
785                                :auth_provider => "github", :auth_uid => auth_uid
786           follow_redirect!
787
788           post "/user",
789                :params => { :user => { :email => new_email,
790                                        :display_name => display_name,
791                                        :auth_provider => "github",
792                                        :auth_uid => "123454321",
793                                        :pass_crypt => password,
794                                        :pass_crypt_confirmation => password },
795                             :read_ct => 1,
796                             :read_tou => 1,
797                             :email_hmac => email_hmac }
798           assert_redirected_to welcome_path
799           follow_redirect!
800         end
801       end
802     end
803
804     # Check the page
805     assert_response :success
806     assert_template "site/welcome"
807   end
808
809   def test_user_create_github_duplicate_email
810     dup_user = create(:user)
811     display_name = "new_tester-github"
812     auth_uid = "123454321"
813
814     OmniAuth.config.add_mock(:github,
815                              :uid => auth_uid,
816                              :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
817                              :info => { :email => dup_user.email, :name => display_name })
818
819     post auth_path(:provider => "github", :origin => "/user/new")
820     assert_redirected_to auth_success_path(:provider => "github")
821     follow_redirect!
822     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
823                          :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
824                          :auth_provider => "github", :auth_uid => auth_uid
825     follow_redirect!
826
827     assert_response :success
828     assert_template "users/new"
829     assert_select "form > div > input.is-invalid#user_email"
830   end
831
832   def test_user_create_github_failure
833     OmniAuth.config.mock_auth[:github] = :connection_failed
834
835     assert_difference("User.count", 0) do
836       assert_difference("ActionMailer::Base.deliveries.size", 0) do
837         perform_enqueued_jobs do
838           post auth_path(:provider => "github", :origin => "/user/new")
839           follow_redirect!
840           assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/user/new")
841           follow_redirect!
842           assert_redirected_to "/user/new"
843         end
844       end
845     end
846   end
847
848   def test_user_create_github_redirect
849     orig_email = "redirect_tester_github_orig@osm.org"
850     email_hmac = UsersController.message_hmac(orig_email)
851     new_email = "redirect_tester_github@osm.org"
852     display_name = "redirect_tester_github"
853     auth_uid = "123454321"
854
855     OmniAuth.config.add_mock(:github,
856                              :uid => auth_uid,
857                              :info => { :email => orig_email, :name => display_name })
858
859     assert_difference("User.count") do
860       assert_difference("ActionMailer::Base.deliveries.size", 1) do
861         perform_enqueued_jobs do
862           post auth_path(:provider => "github", :origin => "/user/new")
863           assert_redirected_to auth_success_path(:provider => "github")
864           follow_redirect!
865           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
866                                :email => orig_email, :email_hmac => email_hmac,
867                                :auth_provider => "github", :auth_uid => auth_uid
868           follow_redirect!
869           post "/user",
870                :params => { :user => { :email => new_email,
871                                        :email_hmac => email_hmac,
872                                        :display_name => display_name,
873                                        :auth_provider => "github",
874                                        :auth_uid => auth_uid } }
875           assert_response :redirect
876           follow_redirect!
877         end
878       end
879     end
880
881     # Check the e-mail
882     register_email = ActionMailer::Base.deliveries.first
883
884     assert_equal register_email.to.first, new_email
885     # Check that the confirm account url is correct
886     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
887     email_text_parts(register_email).each do |part|
888       assert_match confirm_regex, part.body.to_s
889     end
890     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
891
892     # Check the page
893     assert_response :success
894     assert_template "confirmations/confirm"
895
896     # Go to the confirmation page
897     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
898     assert_response :success
899     assert_template "confirmations/confirm"
900
901     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
902     assert_response :redirect
903     follow_redirect!
904     assert_response :success
905     assert_template "site/welcome"
906   end
907
908   def test_user_create_wikipedia_success
909     new_email = "newtester-wikipedia@osm.org"
910     email_hmac = UsersController.message_hmac(new_email)
911     display_name = "new_tester-wikipedia"
912     password = "testtest"
913     auth_uid = "123454321"
914
915     OmniAuth.config.add_mock(:wikipedia,
916                              :uid => auth_uid,
917                              :info => { :email => new_email, :name => display_name })
918
919     assert_difference("User.count") do
920       assert_no_difference("ActionMailer::Base.deliveries.size") do
921         perform_enqueued_jobs do
922           post auth_path(:provider => "wikipedia", :origin => "/user/new")
923           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
924           follow_redirect!
925           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
926                                :email => new_email, :email_hmac => email_hmac,
927                                :auth_provider => "wikipedia", :auth_uid => auth_uid
928           follow_redirect!
929           post "/user",
930                :params => { :user => { :email => new_email,
931                                        :display_name => display_name,
932                                        :auth_provider => "wikipedia",
933                                        :auth_uid => "123454321",
934                                        :pass_crypt => password,
935                                        :pass_crypt_confirmation => password },
936                             :read_ct => 1,
937                             :read_tou => 1,
938                             :email_hmac => email_hmac }
939           assert_redirected_to welcome_path
940           follow_redirect!
941         end
942       end
943     end
944
945     # Check the page
946     assert_response :success
947     assert_template "site/welcome"
948   end
949
950   def test_user_create_wikipedia_duplicate_email
951     dup_user = create(:user)
952     display_name = "new_tester-wikipedia"
953     auth_uid = "123454321"
954
955     OmniAuth.config.add_mock(:wikipedia,
956                              :uid => auth_uid,
957                              :info => { "email" => dup_user.email, :name => display_name })
958
959     post auth_path(:provider => "wikipedia", :origin => "/user/new")
960     assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
961     follow_redirect!
962     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
963                          :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
964                          :auth_provider => "wikipedia", :auth_uid => auth_uid
965     follow_redirect!
966
967     assert_response :success
968     assert_template "users/new"
969     assert_select "form > div > input.is-invalid#user_email"
970   end
971
972   def test_user_create_wikipedia_failure
973     OmniAuth.config.mock_auth[:wikipedia] = :connection_failed
974
975     assert_difference("User.count", 0) do
976       assert_difference("ActionMailer::Base.deliveries.size", 0) do
977         perform_enqueued_jobs do
978           post auth_path(:provider => "wikipedia", :origin => "/user/new")
979           assert_response :redirect
980           follow_redirect!
981           assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/user/new")
982           follow_redirect!
983           assert_redirected_to "/user/new"
984         end
985       end
986     end
987   end
988
989   def test_user_create_wikipedia_redirect
990     orig_email = "redirect_tester_wikipedia_orig@osm.org"
991     email_hmac = UsersController.message_hmac(orig_email)
992     new_email = "redirect_tester_wikipedia@osm.org"
993     display_name = "redirect_tester_wikipedia"
994     auth_uid = "123454321"
995
996     OmniAuth.config.add_mock(:wikipedia,
997                              :uid => auth_uid,
998                              :info => { :email => orig_email, :name => display_name })
999
1000     # nothing special about this page, just need a protected page to redirect back to.
1001     assert_difference("User.count") do
1002       assert_difference("ActionMailer::Base.deliveries.size", 1) do
1003         perform_enqueued_jobs do
1004           post auth_path(:provider => "wikipedia", :origin => "/user/new")
1005           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
1006           follow_redirect!
1007           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
1008                                :email => orig_email, :email_hmac => email_hmac,
1009                                :auth_provider => "wikipedia", :auth_uid => auth_uid
1010           follow_redirect!
1011
1012           post "/user",
1013                :params => { :user => { :email => new_email,
1014                                        :email_hmac => email_hmac,
1015                                        :display_name => display_name,
1016                                        :auth_provider => "wikipedia",
1017                                        :auth_uid => auth_uid } }
1018           assert_response :redirect
1019           follow_redirect!
1020         end
1021       end
1022     end
1023
1024     # Check the e-mail
1025     register_email = ActionMailer::Base.deliveries.first
1026
1027     assert_equal register_email.to.first, new_email
1028     # Check that the confirm account url is correct
1029     confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
1030     email_text_parts(register_email).each do |part|
1031       assert_match confirm_regex, part.body.to_s
1032     end
1033     confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
1034
1035     # Check the page
1036     assert_response :success
1037     assert_template "confirmations/confirm"
1038
1039     # Go to the confirmation page
1040     get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1041     assert_response :success
1042     assert_template "confirmations/confirm"
1043
1044     post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
1045     assert_response :redirect
1046     follow_redirect!
1047     assert_response :success
1048     assert_template "site/welcome"
1049   end
1050 end
The OpenStreetMap web site