]> git.openstreetmap.org Git - rails.git/blobdiff - test/integration/user_creation_test.rb
Reject referers that do not include an absolute path
[rails.git] / test / integration / user_creation_test.rb
index c9b71e3ca71d36386a427668d3e2b5bf69bfd79f..138911bb122e2c5d6f6e40124ce81d07c766feb7 100644 (file)
-require File.dirname(__FILE__) + '/../test_helper'
-
-class UserCreationTest < ActionController::IntegrationTest
-  fixtures :users
+require "test_helper"
 
+class UserCreationTest < ActionDispatch::IntegrationTest
   def setup
-    openid_setup
+    I18n.locale = "en"
+
+    OmniAuth.config.test_mode = true
+
+    stub_request(:get, /.*gravatar.com.*d=404/).to_return(:status => 404)
+  end
+
+  def teardown
+    I18n.locale = "en"
+
+    OmniAuth.config.mock_auth[:openid] = nil
+    OmniAuth.config.mock_auth[:google] = nil
+    OmniAuth.config.mock_auth[:facebook] = nil
+    OmniAuth.config.mock_auth[:windowslive] = nil
+    OmniAuth.config.mock_auth[:github] = nil
+    OmniAuth.config.mock_auth[:wikipedia] = nil
+    OmniAuth.config.test_mode = false
   end
 
   def test_create_user_form
     I18n.available_locales.each do |locale|
-      get '/user/new', {}, {"HTTP_ACCEPT_LANGUAGE" => locale.to_s}
+      reset!
+      get "/user/new", :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s }
+      follow_redirect!
       assert_response :success
-      assert_template 'user/new'
+      assert_template "users/new"
     end
   end
 
   def test_user_create_submit_duplicate_email
-    I18n.available_locales.each do |localer|
-      dup_email = users(:public_user).email
-      display_name = "#{localer.to_s}_new_tester"
-      assert_difference('User.count', 0) do
-        assert_difference('ActionMailer::Base.deliveries.size', 0) do
-          post '/user/save',
-            {:user => { :email => dup_email, :email_confirmation => dup_email, :display_name => display_name, :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest"}},
-            {"HTTP_ACCEPT_LANGUAGE" => localer.to_s}
+    Locale.available.each do |locale|
+      dup_email = create(:user).email
+      display_name = "#{locale}_new_tester"
+      assert_difference("User.count", 0) do
+        assert_difference("ActionMailer::Base.deliveries.size", 0) do
+          perform_enqueued_jobs do
+            post "/user/new",
+                 :params => { :user => { :email => dup_email,
+                                         :email_confirmation => dup_email,
+                                         :display_name => display_name,
+                                         :pass_crypt => "testtest",
+                                         :pass_crypt_confirmation => "testtest" } },
+                 :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s }
+          end
         end
       end
       assert_response :success
-      assert_template 'user/new'
-      assert_equal response.headers['Content-Language'][0..1], localer.to_s[0..1] unless localer == :root
-      assert_select "div#errorExplanation"
-      assert_select "table#signupForm > tr > td > div[class=field_with_errors] > input#user_email"
+      assert_template "users/new"
+      assert_equal locale.to_s, response.headers["Content-Language"]
+      assert_select "form"
+      assert_select "form > div.form-group > input.is-invalid#user_email"
       assert_no_missing_translations
     end
   end
 
   def test_user_create_submit_duplicate_username
     I18n.available_locales.each do |locale|
-      dup_display_name = users(:public_user).display_name
-      email = "#{locale.to_s}_new_tester"
-      assert_difference('User.count', 0) do
-        assert_difference('ActionMailer::Base.deliveries.size', 0) do
-          post '/user/save',
-          {:user => {:email => email, :email_confirmation => email, :display_name => dup_display_name, :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest"}},
-          {"HTTP_ACCEPT_LANGUAGE" => locale.to_s}
+      dup_display_name = create(:user).display_name
+      email = "#{locale}_new_tester"
+      assert_difference("User.count", 0) do
+        assert_difference("ActionMailer::Base.deliveries.size", 0) do
+          perform_enqueued_jobs do
+            post "/user/new",
+                 :params => { :user => { :email => email,
+                                         :email_confirmation => email,
+                                         :display_name => dup_display_name,
+                                         :pass_crypt => "testtest",
+                                         :pass_crypt_confirmation => "testtest" } },
+                 :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s }
+          end
         end
       end
       assert_response :success
-      assert_template 'user/new'
-      assert_select "div#errorExplanation"
-      assert_select "table#signupForm > tr > td > div[class=field_with_errors] > input#user_display_name"
+      assert_template "users/new"
+      assert_select "form > div.form-group > input.is-invalid#user_display_name"
       assert_no_missing_translations
     end
   end
 
   def test_user_create_success
     I18n.available_locales.each do |locale|
-      new_email = "#{locale.to_s}newtester@osm.org"
-      display_name = "#{locale.to_s}_new_tester"
-      assert_difference('User.count') do
-        assert_difference('ActionMailer::Base.deliveries.size', 1) do
-          post_via_redirect "/user/save",
-            {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest"}},
-            {"HTTP_ACCEPT_LANGUAGE" => "#{locale.to_s}"}
+      new_email = "#{locale}newtester@osm.org"
+      display_name = "#{locale}_new_tester"
+
+      assert_difference("User.count", 0) do
+        assert_difference("ActionMailer::Base.deliveries.size", 0) do
+          perform_enqueued_jobs do
+            post "/user/new",
+                 :params => { :user => { :email => new_email,
+                                         :email_confirmation => new_email,
+                                         :display_name => display_name,
+                                         :pass_crypt => "testtest",
+                                         :pass_crypt_confirmation => "testtest" } }
+          end
+        end
+      end
+
+      assert_redirected_to "/user/terms"
+
+      assert_difference("User.count") do
+        assert_difference("ActionMailer::Base.deliveries.size", 1) do
+          perform_enqueued_jobs do
+            post "/user/save",
+                 :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s },
+                 :params => { :read_ct => 1, :read_tou => 1 }
+            follow_redirect!
+          end
         end
       end
 
       # Check the e-mail
       register_email = ActionMailer::Base.deliveries.first
 
-      assert_equal register_email.to[0], new_email
+      assert_equal register_email.to.first, new_email
       # Check that the confirm account url is correct
-      assert_match /#{@url}/, register_email.body
+      assert_match(/#{@url}/, register_email.body.to_s)
 
       # Check the page
       assert_response :success
-      assert_template 'login'
+      assert_template "users/confirm"
+
+      ActionMailer::Base.deliveries.clear
+    end
+  end
+
+  def test_user_create_no_tou_failure
+    I18n.available_locales.each do |locale|
+      new_email = "#{locale}newtester@osm.org"
+      display_name = "#{locale}_new_tester"
+
+      assert_difference("User.count", 0) do
+        assert_difference("ActionMailer::Base.deliveries.size", 0) do
+          perform_enqueued_jobs do
+            post "/user/new",
+                 :params => { :user => { :email => new_email,
+                                         :email_confirmation => new_email,
+                                         :display_name => display_name,
+                                         :pass_crypt => "testtest",
+                                         :pass_crypt_confirmation => "testtest" } }
+          end
+        end
+      end
+
+      assert_redirected_to "/user/terms"
+
+      perform_enqueued_jobs do
+        post "/user/save",
+             :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s }
+        assert_redirected_to "/user/terms"
+      end
 
       ActionMailer::Base.deliveries.clear
     end
   end
 
   # Check that the user can successfully recover their password
-  def lost_password_recovery_success
+  def test_lost_password_recovery_success
     # Open the lost password form
     # Submit the lost password form
     # Check the e-mail
@@ -96,86 +172,135 @@ class UserCreationTest < ActionController::IntegrationTest
     password = "testtest"
     # nothing special about this page, just need a protected page to redirect back to.
     referer = "/traces/mine"
-    assert_difference('User.count') do
-      assert_difference('ActionMailer::Base.deliveries.size', 1) do
-        post "/user/terms",
-        {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :pass_crypt => password, :pass_crypt_confirmation => password}, :referer => referer }
-        assert_response :success
-        assert_template 'terms'
-        post_via_redirect "/user/save",
-        {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :pass_crypt => password, :pass_crypt_confirmation => password} }
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :pass_crypt => password,
+                                       :pass_crypt_confirmation => password },
+                            :referer => referer }
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :pass_crypt => password,
+                                       :pass_crypt_confirmation => password },
+                            :read_ct => 1, :read_tou => 1 }
+          follow_redirect!
+        end
       end
     end
 
     # Check the e-mail
     register_email = ActionMailer::Base.deliveries.first
 
-    assert_equal register_email.to[0], new_email
+    assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
     confirm_regex = Regexp.new("/user/redirect_tester/confirm\\?confirm_string=([a-zA-Z0-9]*)")
-    assert_match(confirm_regex, register_email.body)
-    confirm_string = register_email.body.match(confirm_regex)[1]
+    email_text_parts(register_email).each do |part|
+      assert_match confirm_regex, part.body.to_s
+    end
+    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
 
     # Check the page
     assert_response :success
-    assert_template 'login'
+    assert_template "users/confirm"
 
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
-    get 'user/confirm', { :confirm_string => confirm_string }
+    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
     assert_response :success
-    assert_template 'user/confirm'
+    assert_template "users/confirm"
 
-    post 'user/confirm', { :confirm_string => confirm_string, :confirm_action => 'submit' }
-    assert_response :redirect # to trace/mine in original referrer
-    follow_redirect!
-    assert_response :redirect # but it not redirects to /user/<display_name>/traces
+    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :redirect
     follow_redirect!
     assert_response :success
-    assert_template 'trace/list'
+    assert_template "site/welcome"
   end
 
   def test_user_create_openid_success
+    OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/new.tester")
+
     new_email = "newtester-openid@osm.org"
     display_name = "new_tester-openid"
     password = "testtest"
-    assert_difference('User.count') do
-      assert_difference('ActionMailer::Base.deliveries.size', 1) do
-        post "/user/terms",
-          {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.success=newuser", :pass_crypt => "", :pass_crypt_confirmation => ""}}
-        assert_response :redirect
-        res = openid_request(@response.redirected_to)
-        post '/user/terms', res
-        assert_response :success
-        assert_template 'terms'
-        post '/user/save',
-          {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.success=newuser", :pass_crypt => password, :pass_crypt_confirmation => password}}
-        assert_response :redirect
-        follow_redirect!
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "openid",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "openid",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => password,
+                                       :pass_crypt_confirmation => password },
+                            :read_ct => 1, :read_tou => 1 }
+          assert_response :redirect
+          follow_redirect!
+        end
       end
     end
 
     # Check the page
     assert_response :success
-    assert_template 'login'
+    assert_template "users/confirm"
 
     ActionMailer::Base.deliveries.clear
   end
 
   def test_user_create_openid_failure
+    OmniAuth.config.mock_auth[:openid] = :connection_failed
+
     new_email = "newtester-openid2@osm.org"
     display_name = "new_tester-openid2"
-    password = "testtest2"
-    assert_difference('User.count',0) do
-      assert_difference('ActionMailer::Base.deliveries.size',0) do
-        post "/user/terms",
-          {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.failure=newuser", :pass_crypt => "", :pass_crypt_confirmation => ""}}
-        assert_response :redirect
-        res = openid_request(@response.redirected_to)
-        post '/user/terms', res
-        assert_response :success
-        assert_template 'user/new'
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "openid",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to auth_failure_path(:strategy => "openid", :message => "connection_failed", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          follow_redirect!
+          assert_response :success
+          assert_template "users/new"
+        end
       end
     end
 
@@ -183,51 +308,830 @@ class UserCreationTest < ActionController::IntegrationTest
   end
 
   def test_user_create_openid_redirect
+    OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/new.tester")
+
     new_email = "redirect_tester_openid@osm.org"
     display_name = "redirect_tester_openid"
-    password = ""
     # nothing special about this page, just need a protected page to redirect back to.
     referer = "/traces/mine"
-    assert_difference('User.count') do
-      assert_difference('ActionMailer::Base.deliveries.size', 1) do
-       post "/user/terms",
-          {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.success=newuser", :pass_crypt => "", :pass_crypt_confirmation => ""}, :referer => referer }
-       assert_response :redirect
-        res = openid_request(@response.location)
-        post '/user/terms', res
-        assert_response :success
-        assert_template 'terms'
-        post_via_redirect "/user/save",
-          {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.success=newuser", :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest"} }
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "openid",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" },
+                            :referer => referer }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "openid",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" },
+                            :read_ct => 1, :read_tou => 1 }
+          follow_redirect!
+        end
       end
     end
 
     # Check the e-mail
     register_email = ActionMailer::Base.deliveries.first
 
-    assert_equal register_email.to[0], new_email
+    assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
     confirm_regex = Regexp.new("/user/redirect_tester_openid/confirm\\?confirm_string=([a-zA-Z0-9]*)")
-    assert_match(confirm_regex, register_email.body)
-    confirm_string = confirm_regex.match(register_email.body)[1]
+    email_text_parts(register_email).each do |part|
+      assert_match confirm_regex, part.body.to_s
+    end
+    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
 
     # Check the page
     assert_response :success
-    assert_template 'login'
+    assert_template "users/confirm"
 
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
-    get 'user/confirm', { :confirm_string => confirm_string }
+    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
     assert_response :success
-    assert_template 'user/confirm'
+    assert_template "users/confirm"
 
-    post 'user/confirm', { :confirm_string => confirm_string, :confirm_action => 'submit' }
-    assert_response :redirect # to trace/mine in original referrer
+    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :redirect
     follow_redirect!
-    assert_response :redirect # but it not redirects to /user/<display_name>/traces
+    assert_response :success
+    assert_template "site/welcome"
+  end
+
+  def test_user_create_google_success
+    OmniAuth.config.add_mock(:google, :uid => "123454321", :extra => {
+                               :id_info => { "openid_id" => "http://localhost:1123/new.tester" }
+                             })
+
+    new_email = "newtester-google@osm.org"
+    display_name = "new_tester-google"
+    password = "testtest"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "google",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "google")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "google",
+                                       :auth_uid => "123454321",
+                                       :pass_crypt => password,
+                                       :pass_crypt_confirmation => password },
+                            :read_ct => 1, :read_tou => 1 }
+          assert_response :redirect
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_google_failure
+    OmniAuth.config.mock_auth[:google] = :connection_failed
+
+    new_email = "newtester-google2@osm.org"
+    display_name = "new_tester-google2"
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "google",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "google")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          follow_redirect!
+          assert_response :success
+          assert_template "users/new"
+        end
+      end
+    end
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_google_redirect
+    OmniAuth.config.add_mock(:google, :uid => "123454321", :extra => {
+                               :id_info => { "openid_id" => "http://localhost:1123/new.tester" }
+                             })
+
+    new_email = "redirect_tester_google@osm.org"
+    display_name = "redirect_tester_google"
+    # nothing special about this page, just need a protected page to redirect back to.
+    referer = "/traces/mine"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "google",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" },
+                            :referer => referer }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "google")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "google",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" },
+                            :read_ct => 1, :read_tou => 1 }
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the e-mail
+    register_email = ActionMailer::Base.deliveries.first
+
+    assert_equal register_email.to.first, new_email
+    # Check that the confirm account url is correct
+    confirm_regex = Regexp.new("/user/redirect_tester_google/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    email_text_parts(register_email).each do |part|
+      assert_match confirm_regex, part.body.to_s
+    end
+    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+
+    # Go to the confirmation page
+    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :success
+    assert_template "users/confirm"
+
+    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :redirect
+    follow_redirect!
+    assert_response :success
+    assert_template "site/welcome"
+  end
+
+  def test_user_create_facebook_success
+    OmniAuth.config.add_mock(:facebook, :uid => "123454321")
+
+    new_email = "newtester-facebook@osm.org"
+    display_name = "new_tester-facebook"
+    password = "testtest"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "facebook",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "facebook")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "facebook",
+                                       :auth_uid => "123454321",
+                                       :pass_crypt => password,
+                                       :pass_crypt_confirmation => password },
+                            :read_ct => 1, :read_tou => 1 }
+          assert_response :redirect
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_facebook_failure
+    OmniAuth.config.mock_auth[:facebook] = :connection_failed
+
+    new_email = "newtester-facebook2@osm.org"
+    display_name = "new_tester-facebook2"
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "facebook",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "facebook")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to auth_failure_path(:strategy => "facebook", :message => "connection_failed", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          follow_redirect!
+          assert_response :success
+          assert_template "users/new"
+        end
+      end
+    end
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_facebook_redirect
+    OmniAuth.config.add_mock(:facebook, :uid => "123454321")
+
+    new_email = "redirect_tester_facebook@osm.org"
+    display_name = "redirect_tester_facebook"
+    # nothing special about this page, just need a protected page to redirect back to.
+    referer = "/traces/mine"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "facebook",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" },
+                            :referer => referer }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "facebook")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "facebook",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" },
+                            :read_ct => 1, :read_tou => 1 }
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the e-mail
+    register_email = ActionMailer::Base.deliveries.first
+
+    assert_equal register_email.to.first, new_email
+    # Check that the confirm account url is correct
+    confirm_regex = Regexp.new("/user/redirect_tester_facebook/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    email_text_parts(register_email).each do |part|
+      assert_match confirm_regex, part.body.to_s
+    end
+    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+
+    # Go to the confirmation page
+    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :success
+    assert_template "users/confirm"
+
+    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :redirect
+    follow_redirect!
+    assert_response :success
+    assert_template "site/welcome"
+  end
+
+  def test_user_create_windowslive_success
+    OmniAuth.config.add_mock(:windowslive, :uid => "123454321")
+
+    new_email = "newtester-windowslive@osm.org"
+    display_name = "new_tester-windowslive"
+    password = "testtest"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "windowslive",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "windowslive", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "windowslive")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "windowslive",
+                                       :auth_uid => "123454321",
+                                       :pass_crypt => password,
+                                       :pass_crypt_confirmation => password },
+                            :read_ct => 1, :read_tou => 1 }
+          assert_response :redirect
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_windowslive_failure
+    OmniAuth.config.mock_auth[:windowslive] = :connection_failed
+
+    new_email = "newtester-windowslive2@osm.org"
+    display_name = "new_tester-windowslive2"
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "windowslive",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "windowslive", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "windowslive")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to auth_failure_path(:strategy => "windowslive", :message => "connection_failed", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          follow_redirect!
+          assert_response :success
+          assert_template "users/new"
+        end
+      end
+    end
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_windowslive_redirect
+    OmniAuth.config.add_mock(:windowslive, :uid => "123454321")
+
+    new_email = "redirect_tester_windowslive@osm.org"
+    display_name = "redirect_tester_windowslive"
+    # nothing special about this page, just need a protected page to redirect back to.
+    referer = "/traces/mine"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "windowslive",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" },
+                            :referer => referer }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "windowslive", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "windowslive")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "windowslive",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" },
+                            :read_ct => 1, :read_tou => 1 }
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the e-mail
+    register_email = ActionMailer::Base.deliveries.first
+
+    assert_equal register_email.to.first, new_email
+    # Check that the confirm account url is correct
+    confirm_regex = Regexp.new("/user/redirect_tester_windowslive/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    email_text_parts(register_email).each do |part|
+      assert_match confirm_regex, part.body.to_s
+    end
+    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+
+    # Go to the confirmation page
+    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :success
+    assert_template "users/confirm"
+
+    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :redirect
+    follow_redirect!
+    assert_response :success
+    assert_template "site/welcome"
+  end
+
+  def test_user_create_github_success
+    OmniAuth.config.add_mock(:github, :uid => "123454321")
+
+    new_email = "newtester-github@osm.org"
+    display_name = "new_tester-github"
+    password = "testtest"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "github",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "github")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "github",
+                                       :auth_uid => "123454321",
+                                       :pass_crypt => password,
+                                       :pass_crypt_confirmation => password },
+                            :read_ct => 1,
+                            :read_tou => 1 }
+          assert_response :redirect
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_github_failure
+    OmniAuth.config.mock_auth[:github] = :connection_failed
+
+    new_email = "newtester-github2@osm.org"
+    display_name = "new_tester-github2"
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "github",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "github")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          follow_redirect!
+          assert_response :success
+          assert_template "users/new"
+        end
+      end
+    end
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_github_redirect
+    OmniAuth.config.add_mock(:github, :uid => "123454321")
+
+    new_email = "redirect_tester_github@osm.org"
+    display_name = "redirect_tester_github"
+    # nothing special about this page, just need a protected page to redirect back to.
+    referer = "/traces/mine"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "github",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" },
+                            :referer => referer }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "github")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "github",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" },
+                            :read_ct => 1,
+                            :read_tou => 1 }
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the e-mail
+    register_email = ActionMailer::Base.deliveries.first
+
+    assert_equal register_email.to.first, new_email
+    # Check that the confirm account url is correct
+    confirm_regex = Regexp.new("/user/redirect_tester_github/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    email_text_parts(register_email).each do |part|
+      assert_match confirm_regex, part.body.to_s
+    end
+    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+
+    # Go to the confirmation page
+    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :success
+    assert_template "users/confirm"
+
+    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :redirect
+    follow_redirect!
+    assert_response :success
+    assert_template "site/welcome"
+  end
+
+  def test_user_create_wikipedia_success
+    OmniAuth.config.add_mock(:wikipedia, :uid => "123454321")
+
+    new_email = "newtester-wikipedia@osm.org"
+    display_name = "new_tester-wikipedia"
+    password = "testtest"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "wikipedia",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "wikipedia",
+                                       :auth_uid => "123454321",
+                                       :pass_crypt => password,
+                                       :pass_crypt_confirmation => password },
+                            :read_ct => 1,
+                            :read_tou => 1 }
+          assert_response :redirect
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_wikipedia_failure
+    OmniAuth.config.mock_auth[:wikipedia] = :connection_failed
+
+    new_email = "newtester-wikipedia2@osm.org"
+    display_name = "new_tester-wikipedia2"
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "wikipedia",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          follow_redirect!
+          assert_response :success
+          assert_template "users/new"
+        end
+      end
+    end
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_wikipedia_redirect
+    OmniAuth.config.add_mock(:wikipedia, :uid => "123454321")
+
+    new_email = "redirect_tester_wikipedia@osm.org"
+    display_name = "redirect_tester_wikipedia"
+    # nothing special about this page, just need a protected page to redirect back to.
+    referer = "/traces/mine"
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "wikipedia",
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" },
+                            :referer => referer }
+          assert_response :redirect
+          assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
+          post response.location
+          assert_response :redirect
+          assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
+          follow_redirect!
+          assert_response :redirect
+          assert_redirected_to "/user/terms"
+          post "/user/save",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :auth_provider => "wikipedia",
+                                       :auth_uid => "http://localhost:1123/new.tester",
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" },
+                            :read_ct => 1,
+                            :read_tou => 1 }
+          follow_redirect!
+        end
+      end
+    end
+
+    # Check the e-mail
+    register_email = ActionMailer::Base.deliveries.first
+
+    assert_equal register_email.to.first, new_email
+    # Check that the confirm account url is correct
+    confirm_regex = Regexp.new("/user/redirect_tester_wikipedia/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    email_text_parts(register_email).each do |part|
+      assert_match confirm_regex, part.body.to_s
+    end
+    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+
+    # Check the page
+    assert_response :success
+    assert_template "users/confirm"
+
+    ActionMailer::Base.deliveries.clear
+
+    # Go to the confirmation page
+    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :success
+    assert_template "users/confirm"
+
+    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    assert_response :redirect
     follow_redirect!
     assert_response :success
-    assert_template "trace/list"
+    assert_template "site/welcome"
   end
 end