3 class UserTermsSeenTest < ActionDispatch::IntegrationTest
9 user = create(:user, :terms_seen => false, :terms_agreed => nil)
11 get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test")
12 assert_response :forbidden
14 # touch it so that the user has seen the terms
15 user.terms_seen = true
18 get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test")
19 assert_response :success
22 def test_terms_presented_at_login
23 user = create(:user, :terms_seen => false, :terms_agreed => nil)
28 assert_response :success
29 assert_template "users/login"
30 post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
31 assert_response :redirect
32 # but now we need to look at the terms
33 assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
35 assert_response :success
37 # don't agree to the terms, but hit decline
38 post "/user/save", :params => { :decline => true, :referer => "/diary/new" }
39 assert_redirected_to "/diary/new"
42 # should be carried through to a normal login with a message
43 assert_response :success
44 assert_not flash[:notice].nil?
47 def test_terms_cant_be_circumvented
48 user = create(:user, :terms_seen => false, :terms_agreed => nil)
53 assert_response :success
54 assert_template "users/login"
55 post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
56 assert_response :redirect
57 # but now we need to look at the terms
58 assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
60 # check that if we go somewhere else now, it redirects
61 # back to the terms page.
63 assert_redirected_to :controller => :users, :action => :terms, :referer => "/traces/mine"
64 get "/traces/mine", :params => { :referer => "/diary/new" }
65 assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
70 def auth_header(user, pass)
71 { "HTTP_AUTHORIZATION" => format("Basic %{auth}", :auth => Base64.encode64("#{user}:#{pass}")) }