X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/452879ee03951f017ef356f47bda79a7fc7b3cf4..d38e476fa66a69285639ca4d6f94f7aa676e1d88:/test/integration/user_terms_seen_test.rb diff --git a/test/integration/user_terms_seen_test.rb b/test/integration/user_terms_seen_test.rb index f9c266ba0..64a101024 100644 --- a/test/integration/user_terms_seen_test.rb +++ b/test/integration/user_terms_seen_test.rb @@ -11,14 +11,14 @@ class UserTermsSeenTest < ActionController::IntegrationTest if REQUIRE_TERMS_SEEN user = users(:terms_not_seen_user) - get "/api/#{API_VERSION}/user/details", nil, auth_header(user.display_name, "test") + get "/api/#{API_VERSION}/user/preferences", nil, auth_header(user.display_name, "test") assert_response :forbidden # touch it so that the user has seen the terms user.terms_seen = true user.save - get "/api/#{API_VERSION}/user/details", nil, auth_header(user.display_name, "test") + get "/api/#{API_VERSION}/user/preferences", nil, auth_header(user.display_name, "test") assert_response :success end end @@ -31,7 +31,7 @@ class UserTermsSeenTest < ActionController::IntegrationTest get_via_redirect "/login" assert_response :success assert_template 'user/login' - post "/login", {'user[email]' => user.email, 'user[password]' => 'test', :referer => "/"} + post "/login", {'username' => user.email, 'password' => 'test', :referer => "/"} assert_response :redirect # but now we need to look at the terms assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/" @@ -39,11 +39,35 @@ class UserTermsSeenTest < ActionController::IntegrationTest assert_response :success # don't agree to the terms, but hit decline - - # should be carried through to a normal login + post "/user/save", {'decline' => 'decline', 'referer' => '/'} + assert_redirected_to "/" + follow_redirect! + + # should be carried through to a normal login with a message + assert_response :success + assert !flash[:notice].nil? end end -end + def test_terms_cant_be_circumvented + if REQUIRE_TERMS_SEEN + user = users(:terms_not_seen_user) - + # try to log in + get_via_redirect "/login" + assert_response :success + assert_template 'user/login' + post "/login", {'username' => user.email, 'password' => 'test', :referer => "/"} + assert_response :redirect + # but now we need to look at the terms + assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/" + follow_redirect! + assert_response :success + + # check that if we go somewhere else now, it redirects + # back to the terms page. + get "/traces/mine" + assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/traces/mine" + end + end +end