+ def test_confirm_success_bad_token_no_referer
+ user = create(:user, :pending)
+ stub_gravatar_request(user.email)
+ confirm_string = user.tokens.create.token
+ token = create(:user).tokens.create.token
+
+ @request.cookies["_osm_session"] = user.display_name
+ post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
+ assert_redirected_to login_path
+ assert_match /Confirmed your account/, flash[:notice]
+ end
+
+ def test_confirm_success_no_token_with_referer
+ user = create(:user, :pending)
+ stub_gravatar_request(user.email)
+ confirm_string = user.tokens.create(:referer => diary_new_path).token
+
+ @request.cookies["_osm_session"] = user.display_name
+ post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
+ assert_redirected_to login_path(:referer => diary_new_path)
+ assert_match /Confirmed your account/, flash[:notice]
+ end
+
+ def test_confirm_success_good_token_with_referer
+ user = create(:user, :pending)
+ stub_gravatar_request(user.email)
+ confirm_string = user.tokens.create(:referer => diary_new_path).token
+ token = user.tokens.create.token
+
+ @request.cookies["_osm_session"] = user.display_name
+ post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
+ assert_redirected_to diary_new_path
+ end
+
+ def test_confirm_success_bad_token_with_referer
+ user = create(:user, :pending)
+ stub_gravatar_request(user.email)
+ confirm_string = user.tokens.create(:referer => diary_new_path).token
+ token = create(:user).tokens.create.token
+
+ @request.cookies["_osm_session"] = user.display_name
+ post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
+ assert_redirected_to login_path(:referer => diary_new_path)
+ assert_match /Confirmed your account/, flash[:notice]
+ end
+
+ def test_confirm_expired_token
+ user = create(:user, :pending)
+ confirm_string = user.tokens.create(:expiry => 1.day.ago).token
+
+ @request.cookies["_osm_session"] = user.display_name
+ post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
+ assert_redirected_to :action => "confirm"
+ assert_match /confirmation code has expired/, flash[:error]
+ end
+
+ def test_confirm_already_confirmed
+ user = create(:user)
+ confirm_string = user.tokens.create(:referer => diary_new_path).token
+
+ @request.cookies["_osm_session"] = user.display_name
+ post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
+ assert_redirected_to :action => "login"
+ assert_match /already been confirmed/, flash[:error]
+ end
+
+ def test_confirm_resend_success
+ user = create(:user, :pending)
+ session[:token] = user.tokens.create.token
+
+ assert_difference "ActionMailer::Base.deliveries.size", 1 do
+ get :confirm_resend, :params => { :display_name => user.display_name }
+ end
+
+ assert_response :redirect
+ assert_redirected_to login_path
+ assert_match /sent a new confirmation/, flash[:notice]
+
+ email = ActionMailer::Base.deliveries.last
+
+ assert_equal user.email, email.to.first
+
+ ActionMailer::Base.deliveries.clear
+ end
+
+ def test_confirm_resend_no_token
+ user = create(:user, :pending)
+ assert_no_difference "ActionMailer::Base.deliveries.size" do
+ get :confirm_resend, :params => { :display_name => user.display_name }
+ end
+
+ assert_response :redirect
+ assert_redirected_to login_path
+ assert_match "User #{user.display_name} not found.", flash[:error]
+ end
+
+ def test_confirm_resend_unknown_user
+ assert_no_difference "ActionMailer::Base.deliveries.size" do
+ get :confirm_resend, :params => { :display_name => "No Such User" }
+ end
+
+ assert_response :redirect
+ assert_redirected_to login_path
+ assert_match "User No Such User not found.", flash[:error]
+ end
+
+ def test_confirm_email_get
+ user = create(:user)
+ confirm_string = user.tokens.create.token
+
+ get :confirm_email, :params => { :confirm_string => confirm_string }
+ assert_response :success
+ assert_template :confirm_email
+ end
+
+ def test_confirm_email_success
+ user = create(:user, :new_email => "test-new@example.com")
+ stub_gravatar_request(user.new_email)
+ confirm_string = user.tokens.create.token
+
+ post :confirm_email, :params => { :confirm_string => confirm_string }
+ assert_response :redirect
+ assert_redirected_to :action => :account, :display_name => user.display_name
+ assert_match /Confirmed your change of email address/, flash[:notice]
+ end
+
+ def test_confirm_email_already_confirmed
+ user = create(:user)
+ confirm_string = user.tokens.create.token
+
+ post :confirm_email, :params => { :confirm_string => confirm_string }
+ assert_response :redirect
+ assert_redirected_to :action => :account, :display_name => user.display_name
+ assert_match /already been confirmed/, flash[:error]
+ end
+
+ def test_confirm_email_bad_token
+ post :confirm_email, :params => { :confirm_string => "XXXXX" }
+ assert_response :success
+ assert_template :confirm_email
+ assert_match /confirmation code has expired or does not exist/, flash[:error]
+ end
+
+ ##
+ # test if testing for a gravatar works
+ # this happens when the email is actually changed
+ # which is triggered by the confirmation mail
+ def test_gravatar_auto_enable
+ # switch to email that has a gravatar
+ user = create(:user, :new_email => "test-new@example.com")
+ stub_gravatar_request(user.new_email, 200)
+ confirm_string = user.tokens.create.token
+ # precondition gravatar should be turned off
+ assert !user.image_use_gravatar
+ post :confirm_email, :params => { :confirm_string => confirm_string }
+ assert_response :redirect
+ assert_redirected_to :action => :account, :display_name => user.display_name
+ assert_match /Confirmed your change of email address/, flash[:notice]
+ # gravatar use should now be enabled
+ assert User.find(user.id).image_use_gravatar
+ end
+
+ def test_gravatar_auto_disable
+ # switch to email without a gravatar
+ user = create(:user, :new_email => "test-new@example.com", :image_use_gravatar => true)
+ stub_gravatar_request(user.new_email, 404)
+ confirm_string = user.tokens.create.token
+ # precondition gravatar should be turned on
+ assert user.image_use_gravatar
+ post :confirm_email, :params => { :confirm_string => confirm_string }
+ assert_response :redirect
+ assert_redirected_to :action => :account, :display_name => user.display_name
+ assert_match /Confirmed your change of email address/, flash[:notice]
+ # gravatar use should now be disabled
+ assert !User.find(user.id).image_use_gravatar
+ end
+
+ def test_terms_new_user
+ get :terms, :session => { :new_user => User.new }