- def test_logout_without_referer
- get :logout
- assert_response :success
- assert_template :logout
- assert_select "input[name=referer][value=?]", ""
-
- session_id = assert_select("input[name=session]").first["value"]
-
- get :logout, :params => { :session => session_id }
- assert_response :redirect
- assert_redirected_to root_path
- end
-
- def test_logout_with_referer
- get :logout, :params => { :referer => "/test" }
- assert_response :success
- assert_template :logout
- assert_select "input[name=referer][value=?]", "/test"
-
- session_id = assert_select("input[name=session]").first["value"]
-
- get :logout, :params => { :session => session_id, :referer => "/test" }
- assert_response :redirect
- assert_redirected_to "/test"
- end
-
- def test_logout_with_token
- token = create(:user).tokens.create
-
- session[:token] = token.token
-
- get :logout
- assert_response :success
- assert_template :logout
- assert_select "input[name=referer][value=?]", ""
- assert_equal token.token, session[:token]
- assert_not_nil UserToken.where(:id => token.id).first
-
- session_id = assert_select("input[name=session]").first["value"]
-
- get :logout, :params => { :session => session_id }
- assert_response :redirect
- assert_redirected_to root_path
- assert_nil session[:token]
- assert_nil UserToken.where(:id => token.id).first
- end
-
- def test_confirm_get
- user = create(:user, :pending)
- confirm_string = user.tokens.create.token
-
- @request.cookies["_osm_session"] = user.display_name
- get :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
- assert_response :success
- assert_template :confirm
- end
-
- def test_confirm_get_already_confirmed
- user = create(:user)
- confirm_string = user.tokens.create.token
-
- @request.cookies["_osm_session"] = user.display_name
- get :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
- assert_response :redirect
- assert_redirected_to root_path
- end
-
- def test_confirm_success_no_token_no_referer
- user = create(:user, :pending)
- stub_gravatar_request(user.email)
- confirm_string = user.tokens.create.token
-
- @request.cookies["_osm_session"] = user.display_name
- post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
- assert_redirected_to login_path
- assert_match(/Confirmed your account/, flash[:notice])
- end
-
- def test_confirm_success_good_token_no_referer
- user = create(:user, :pending)
- stub_gravatar_request(user.email)
- confirm_string = user.tokens.create.token
- token = user.tokens.create.token
-
- @request.cookies["_osm_session"] = user.display_name
- post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
- assert_redirected_to welcome_path
- end
-
- def test_confirm_success_bad_token_no_referer
- user = create(:user, :pending)
- stub_gravatar_request(user.email)
- confirm_string = user.tokens.create.token
- token = create(:user).tokens.create.token
-
- @request.cookies["_osm_session"] = user.display_name
- post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
- assert_redirected_to login_path
- assert_match(/Confirmed your account/, flash[:notice])
- end
-
- def test_confirm_success_no_token_with_referer
- user = create(:user, :pending)
- stub_gravatar_request(user.email)
- confirm_string = user.tokens.create(:referer => diary_new_path).token
-
- @request.cookies["_osm_session"] = user.display_name
- post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
- assert_redirected_to login_path(:referer => diary_new_path)
- assert_match(/Confirmed your account/, flash[:notice])
- end
-
- def test_confirm_success_good_token_with_referer
- user = create(:user, :pending)
- stub_gravatar_request(user.email)
- confirm_string = user.tokens.create(:referer => diary_new_path).token
- token = user.tokens.create.token
-
- @request.cookies["_osm_session"] = user.display_name
- post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
- assert_redirected_to diary_new_path
- end
-
- def test_confirm_success_bad_token_with_referer
- user = create(:user, :pending)
- stub_gravatar_request(user.email)
- confirm_string = user.tokens.create(:referer => diary_new_path).token
- token = create(:user).tokens.create.token
-
- @request.cookies["_osm_session"] = user.display_name
- post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
- assert_redirected_to login_path(:referer => diary_new_path)
- assert_match(/Confirmed your account/, flash[:notice])
- end
-
- def test_confirm_expired_token
- user = create(:user, :pending)
- confirm_string = user.tokens.create(:expiry => 1.day.ago).token
-
- @request.cookies["_osm_session"] = user.display_name
- post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
- assert_redirected_to :action => "confirm"
- assert_match(/confirmation code has expired/, flash[:error])
- end
-
- def test_confirm_already_confirmed
- user = create(:user)
- confirm_string = user.tokens.create(:referer => diary_new_path).token
-
- @request.cookies["_osm_session"] = user.display_name
- post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
- assert_redirected_to :action => "login"
- assert_match(/already been confirmed/, flash[:error])
- end
-
- def test_confirm_resend_success
- user = create(:user, :pending)
- session[:token] = user.tokens.create.token
-
- assert_difference "ActionMailer::Base.deliveries.size", 1 do
- perform_enqueued_jobs do
- get :confirm_resend, :params => { :display_name => user.display_name }
- end
- end
-
- assert_response :redirect
- assert_redirected_to login_path
- assert_match(/sent a new confirmation/, flash[:notice])
-
- email = ActionMailer::Base.deliveries.last
-
- assert_equal user.email, email.to.first
-
- ActionMailer::Base.deliveries.clear
- end
-
- def test_confirm_resend_no_token
- user = create(:user, :pending)
- assert_no_difference "ActionMailer::Base.deliveries.size" do
- perform_enqueued_jobs do
- get :confirm_resend, :params => { :display_name => user.display_name }
- end
- end
-
- assert_response :redirect
- assert_redirected_to login_path
- assert_match "User #{user.display_name} not found.", flash[:error]
- end
-
- def test_confirm_resend_unknown_user
- assert_no_difference "ActionMailer::Base.deliveries.size" do
- perform_enqueued_jobs do
- get :confirm_resend, :params => { :display_name => "No Such User" }
- end
- end
-
- assert_response :redirect
- assert_redirected_to login_path
- assert_match "User No Such User not found.", flash[:error]
- end
-
- def test_confirm_email_get
- user = create(:user)
- confirm_string = user.tokens.create.token
-
- get :confirm_email, :params => { :confirm_string => confirm_string }
- assert_response :success
- assert_template :confirm_email
- end
-
- def test_confirm_email_success
- user = create(:user, :new_email => "test-new@example.com")
- stub_gravatar_request(user.new_email)
- confirm_string = user.tokens.create.token
-
- post :confirm_email, :params => { :confirm_string => confirm_string }
- assert_response :redirect
- assert_redirected_to :action => :account, :display_name => user.display_name
- assert_match(/Confirmed your change of email address/, flash[:notice])
- end
-
- def test_confirm_email_already_confirmed
- user = create(:user)
- confirm_string = user.tokens.create.token
-
- post :confirm_email, :params => { :confirm_string => confirm_string }
- assert_response :redirect
- assert_redirected_to :action => :account, :display_name => user.display_name
- assert_match(/already been confirmed/, flash[:error])
- end
-
- def test_confirm_email_bad_token
- post :confirm_email, :params => { :confirm_string => "XXXXX" }
- assert_response :success
- assert_template :confirm_email
- assert_match(/confirmation code has expired or does not exist/, flash[:error])
- end
-
- ##
- # test if testing for a gravatar works
- # this happens when the email is actually changed
- # which is triggered by the confirmation mail
- def test_gravatar_auto_enable
- # switch to email that has a gravatar
- user = create(:user, :new_email => "test-new@example.com")
- stub_gravatar_request(user.new_email, 200)
- confirm_string = user.tokens.create.token
- # precondition gravatar should be turned off
- assert_not user.image_use_gravatar
- post :confirm_email, :params => { :confirm_string => confirm_string }
- assert_response :redirect
- assert_redirected_to :action => :account, :display_name => user.display_name
- assert_match(/Confirmed your change of email address/, flash[:notice])
- # gravatar use should now be enabled
- assert User.find(user.id).image_use_gravatar
- end
-
- def test_gravatar_auto_disable
- # switch to email without a gravatar
- user = create(:user, :new_email => "test-new@example.com", :image_use_gravatar => true)
- stub_gravatar_request(user.new_email, 404)
- confirm_string = user.tokens.create.token
- # precondition gravatar should be turned on
- assert user.image_use_gravatar
- post :confirm_email, :params => { :confirm_string => confirm_string }
- assert_response :redirect
- assert_redirected_to :action => :account, :display_name => user.display_name
- assert_match(/Confirmed your change of email address/, flash[:notice])
- # gravatar use should now be disabled
- assert_not User.find(user.id).image_use_gravatar
- end
-
- def test_terms_new_user
- get :terms, :session => { :new_user => User.new }
- assert_response :success
- assert_template :terms
- end
-