X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/9cb8311f02e1bd0e2188e3b1db623400aaf8da47..801944dbe4694fd895058b9444bacbe4e57d53e1:/test/integration/user_creation_test.rb?ds=sidebyside diff --git a/test/integration/user_creation_test.rb b/test/integration/user_creation_test.rb index 880fcb30a..4611860d0 100644 --- a/test/integration/user_creation_test.rb +++ b/test/integration/user_creation_test.rb @@ -1,111 +1,218 @@ -require File.dirname(__FILE__) + '/../test_helper' - -class UserCreationTest < ActionController::IntegrationTest - fixtures :users +require "test_helper" +class UserCreationTest < ActionDispatch::IntegrationTest def setup - begin - # Test if the ROTS (Ruby OpenID Test Server) is already running - rots_response = Net::HTTP.get_response(URI.parse("http://localhost:1123/")) - rescue - # It isn't, so start a new instance. - IO.popen(RAILS_ROOT + "/vendor/gems/rots-0.2.1/bin/rots --silent") - - # Wait for up to 30 seconds for the server to start and respond before continuing - for i in (1 .. 30) - begin - sleep 1 - rots_response = Net::HTTP.get_response(URI.parse("http://localhost:1123/")) - # If the rescue block doesn't fire, ROTS is up and running and we can continue - break - rescue - # If the connection failed, do nothing and repeat the loop - end - end - end + OmniAuth.config.test_mode = true + + stub_request(:get, /.*gravatar.com.*d=404/).to_return(:status => 404) end def teardown - #TODO: The ROTS server needs closing down again at some point, - # but we don't want to do it after every individual test + OmniAuth.config.mock_auth[:openid] = nil + OmniAuth.config.mock_auth[:google] = nil + OmniAuth.config.mock_auth[:facebook] = nil + OmniAuth.config.mock_auth[:microsoft] = nil + OmniAuth.config.mock_auth[:github] = nil + OmniAuth.config.mock_auth[:wikipedia] = nil + OmniAuth.config.test_mode = false end def test_create_user_form - I18n.available_locales.each do |locale| - get '/user/new', {}, {"accept_language" => locale.to_s} - assert_response :success - assert_template 'user/new' - end + get "/user/new" + follow_redirect! + assert_response :success + assert_template "users/new" end def test_user_create_submit_duplicate_email - I18n.available_locales.each do |localer| - dup_email = users(:public_user).email - display_name = "#{localer.to_s}_new_tester" - assert_difference('User.count', 0) do - assert_difference('ActionMailer::Base.deliveries.size', 0) do - post '/user/save', - {:user => { :email => dup_email, :email_confirmation => dup_email, :display_name => display_name, :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest"}}, - {"accept_language" => localer.to_s} + dup_email = create(:user).email + display_name = "new_tester" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => dup_email, + :display_name => display_name, + :pass_crypt => "testtest", + :pass_crypt_confirmation => "testtest", + :consider_pd => "1" } } + end + end + end + assert_response :success + assert_template "users/new" + assert_select "form" + assert_select "form > div > input.is-invalid#user_email" + end + + def test_user_create_association_bad_auth_provider + assert_difference("User.count", 0) do + assert_no_difference("ActionMailer::Base.deliveries.size") do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => "test@example.com", + :display_name => "new_tester", + :pass_crypt => "testtest", + :pass_crypt_confirmation => "testtest", + :auth_provider => "noprovider", + :auth_uid => "123454321", + :consider_pd => "1" } } + assert_redirected_to auth_path(:provider => "noprovider", :origin => "/user/new") + post response.location + end + end + end + assert_response :not_found + end + + def test_user_create_association_no_auth_uid + OmniAuth.config.mock_auth[:google] = :invalid_credentials + assert_difference("User.count", 0) do + assert_no_difference("ActionMailer::Base.deliveries.size") do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => "test@example.com", + :display_name => "new_tester", + :pass_crypt => "testtest", + :pass_crypt_confirmation => "testtest", + :auth_provider => "google", + :consider_pd => "1" } } + assert_redirected_to auth_path(:provider => "google", :origin => "/user/new") + post response.location + end + end + end + follow_redirect! + assert_redirected_to auth_failure_path(:strategy => "google", :message => "invalid_credentials", :origin => "/user/new") + end + + def test_user_create_association_submit_duplicate_email + dup_email = create(:user).email + display_name = "new_tester" + assert_difference("User.count", 0) do + assert_no_difference("ActionMailer::Base.deliveries.size") do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => dup_email, + :display_name => display_name, + :pass_crypt => "testtest", + :pass_crypt_confirmation => "testtest", + :auth_provider => "google", + :auth_uid => "123454321", + :consider_pd => "1" } } end end - assert_response :success - assert_template 'user/new' - assert_equal response.headers['Content-Language'][0..1], localer.to_s[0..1] unless localer == :root - assert_select "div#errorExplanation" - assert_select "table#signupForm > tr > td > div[class=fieldWithErrors] > input#user_email" - assert_no_missing_translations end + assert_response :success + assert_template "users/new" + assert_select "form" + assert_select "form > div > input.is-invalid#user_email" end def test_user_create_submit_duplicate_username - I18n.available_locales.each do |locale| - dup_display_name = users(:public_user).display_name - email = "#{locale.to_s}_new_tester" - assert_difference('User.count', 0) do - assert_difference('ActionMailer::Base.deliveries.size', 0) do - post '/user/save', - {:user => {:email => email, :email_confirmation => email, :display_name => dup_display_name, :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest"}}, - {"accept_language" => locale.to_s} + dup_display_name = create(:user).display_name + email = "new_tester" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => email, + :display_name => dup_display_name, + :pass_crypt => "testtest", + :pass_crypt_confirmation => "testtest" } } + end + end + end + assert_response :success + assert_template "users/new" + assert_select "form > div > input.is-invalid#user_display_name" + end + + def test_user_create_submit_mismatched_passwords + email = "newtester@osm.org" + display_name = "new_tester" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => email, + :display_name => display_name, + :pass_crypt => "testtest", + :pass_crypt_confirmation => "blahblah", + :consider_pd => "1" } } + end + end + end + assert_response :success + assert_template "users/new" + assert_select "form > div > div > div > input.is-invalid#user_pass_crypt_confirmation" + end + + def test_user_create_association_submit_duplicate_username + dup_display_name = create(:user).display_name + email = "new_tester" + assert_difference("User.count", 0) do + assert_no_difference("ActionMailer::Base.deliveries.size") do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => email, + :display_name => dup_display_name, + :auth_provider => "google", + :auth_uid => "123454321", + :consider_pd => "1" } } end end - assert_response :success - assert_template 'user/new' - assert_select "div#errorExplanation" - assert_select "table#signupForm > tr > td > div[class=fieldWithErrors] > input#user_display_name" - assert_no_missing_translations end + assert_response :success + assert_template "users/new" + assert_select "form > div > input.is-invalid#user_display_name" end def test_user_create_success - I18n.available_locales.each do |locale| - new_email = "#{locale.to_s}newtester@osm.org" - display_name = "#{locale.to_s}_new_tester" - assert_difference('User.count') do - assert_difference('ActionMailer::Base.deliveries.size', 1) do - post_via_redirect "/user/save", - {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest"}}, - {"accept_language" => "#{locale.to_s}"} + new_email = "newtester@osm.org" + display_name = "new_tester" + + assert_difference("User.count", 1) do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => new_email, + :display_name => display_name, + :pass_crypt => "testtest", + :pass_crypt_confirmation => "testtest", + :consider_pd => "1" } } + assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name + follow_redirect! end end + end - # Check the e-mail - register_email = ActionMailer::Base.deliveries.first + assert_response :success + assert_template "confirmations/confirm" - assert_equal register_email.to[0], new_email - # Check that the confirm account url is correct - assert_match /#{@url}/, register_email.body + user = User.find_by(:email => "newtester@osm.org") + assert_not_nil user + assert_not_predicate user, :active? - # Check the page - assert_response :success - assert_template 'login' + register_email = ActionMailer::Base.deliveries.first + assert_equal register_email.to.first, new_email + found_confirmation_url = register_email.parts.first.parts.first.to_s =~ %r{\shttp://test.host(/\S+)\s} + assert found_confirmation_url + confirmation_url = Regexp.last_match(1) + ActionMailer::Base.deliveries.clear - ActionMailer::Base.deliveries.clear - end + post confirmation_url + + assert_redirected_to welcome_path + + user.reload + assert_predicate user, :active? + + assert_equal user, User.authenticate(:username => new_email, :password => "testtest") end # Check that the user can successfully recover their password - def lost_password_recovery_success + def test_lost_password_recovery_success # Open the lost password form # Submit the lost password form # Check the e-mail @@ -119,86 +226,136 @@ class UserCreationTest < ActionController::IntegrationTest password = "testtest" # nothing special about this page, just need a protected page to redirect back to. referer = "/traces/mine" - assert_difference('User.count') do - assert_difference('ActionMailer::Base.deliveries.size', 1) do - post "/user/terms", - {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :pass_crypt => password, :pass_crypt_confirmation => password}, :referer => referer } - assert_response :success - assert_template 'terms' - post_via_redirect "/user/save", - {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :pass_crypt => password, :pass_crypt_confirmation => password} } + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => new_email, + :display_name => display_name, + :pass_crypt => password, + :pass_crypt_confirmation => password, + :consider_pd => "1" }, + :referer => referer } + assert_response(:redirect) + assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name + follow_redirect! + end end end # Check the e-mail register_email = ActionMailer::Base.deliveries.first - assert_equal register_email.to[0], new_email + assert_equal register_email.to.first, new_email # Check that the confirm account url is correct - confirm_regex = Regexp.new("/user/redirect_tester/confirm\\?confirm_string=([a-zA-Z0-9]*)") - assert_match(confirm_regex, register_email.body) - confirm_string = confirm_regex.match(register_email.body)[1] + confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)") + email_text_parts(register_email).each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1]) # Check the page assert_response :success - assert_template 'login' + assert_template "confirmations/confirm" ActionMailer::Base.deliveries.clear # Go to the confirmation page - get 'user/confirm', { :confirm_string => confirm_string } + get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } assert_response :success - assert_template 'user/confirm' + assert_template "confirmations/confirm" - post 'user/confirm', { :confirm_string => confirm_string, :confirm_action => 'submit' } - assert_response :redirect # to trace/mine in original referrer - follow_redirect! - assert_response :redirect # but it not redirects to /user//traces + post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :redirect follow_redirect! assert_response :success - assert_template "trace/list.html.erb" + assert_template "site/welcome" end def test_user_create_openid_success new_email = "newtester-openid@osm.org" display_name = "new_tester-openid" - password = "testtest" - assert_difference('User.count') do - assert_difference('ActionMailer::Base.deliveries.size', 1) do - post "/user/terms", - {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.success=newuser", :pass_crypt => "", :pass_crypt_confirmation => ""}} - assert_response :redirect - res = openid_request(@response.redirected_to) - post '/user/terms', res - assert_response :success - assert_template 'terms' - post '/user/save', - {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.success=newuser", :pass_crypt => password, :pass_crypt_confirmation => password}} - assert_response :redirect - follow_redirect! + auth_uid = "http://localhost:1123/new.tester" + + OmniAuth.config.add_mock(:openid, + :uid => auth_uid, + :info => { :email => new_email, :name => display_name }) + + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + perform_enqueued_jobs do + post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email, + :auth_provider => "openid", :auth_uid => auth_uid + follow_redirect! + post "/user/new", + :params => { :user => { :email => new_email, + :display_name => display_name, + :auth_provider => "openid", + :auth_uid => "http://localhost:1123/new.tester", + :consider_pd => "1" } } + assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new") + post response.location + follow_redirect! + end end end # Check the page + assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_openid_duplicate_email + dup_user = create(:user) + display_name = "new_tester-openid" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:openid, + :uid => auth_uid, + :info => { :email => dup_user.email, :name => display_name }) + + post auth_path(:provider => "openid", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "openid", :origin => "/user/new") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email, + :auth_provider => "openid", :auth_uid => auth_uid + follow_redirect! + assert_response :success - assert_template 'login' + assert_template "users/new" + assert_select "form > div > input.is-invalid#user_email" ActionMailer::Base.deliveries.clear end def test_user_create_openid_failure + OmniAuth.config.mock_auth[:openid] = :connection_failed + new_email = "newtester-openid2@osm.org" display_name = "new_tester-openid2" - password = "testtest2" - assert_difference('User.count',0) do - assert_difference('ActionMailer::Base.deliveries.size',0) do - post "/user/terms", - {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.failure=newuser", :pass_crypt => "", :pass_crypt_confirmation => ""}} - assert_response :redirect - res = openid_request(@response.redirected_to) - post '/user/terms', res - assert_response :success - assert_template 'user/new' + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => new_email, + :email_confirmation => new_email, + :display_name => display_name, + :auth_provider => "openid", + :auth_uid => "http://localhost:1123/new.tester", + :pass_crypt => "", + :pass_crypt_confirmation => "" } } + assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new") + follow_redirect! + assert_redirected_to auth_failure_path(:strategy => "openid", :message => "connection_failed", :origin => "/user/new") + follow_redirect! + assert_redirected_to "/user/new" + end end end @@ -206,51 +363,912 @@ class UserCreationTest < ActionController::IntegrationTest end def test_user_create_openid_redirect + auth_uid = "http://localhost:1123/new.tester" new_email = "redirect_tester_openid@osm.org" display_name = "redirect_tester_openid" - password = "" + + OmniAuth.config.add_mock(:openid, + :uid => auth_uid, + :info => { :email => new_email, :name => display_name }) + + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + perform_enqueued_jobs do + post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email, + :auth_provider => "openid", :auth_uid => auth_uid + follow_redirect! + post "/user/new", + :params => { :user => { :email => new_email, + :display_name => display_name, + :auth_provider => "openid", + :auth_uid => auth_uid, + :consider_pd => "1" } } + assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new") + follow_redirect! + assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name + follow_redirect! + end + end + end + + # Check the e-mail + register_email = ActionMailer::Base.deliveries.first + + assert_equal register_email.to.first, new_email + # Check that the confirm account url is correct + confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)") + email_text_parts(register_email).each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1]) + + # Check the page + assert_response :success + assert_template "confirmations/confirm" + + ActionMailer::Base.deliveries.clear + + # Go to the confirmation page + get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :success + assert_template "confirmations/confirm" + + post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "site/welcome" + end + + def test_user_create_google_success + new_email = "newtester-google@osm.org" + email_hmac = UsersController.message_hmac(new_email) + display_name = "new_tester-google" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:google, + :uid => auth_uid, + :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } }, + :info => { :email => new_email, :name => display_name }) + + assert_difference("User.count") do + assert_no_difference("ActionMailer::Base.deliveries.size") do + perform_enqueued_jobs do + post auth_path(:provider => "google", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => new_email, :email_hmac => email_hmac, + :auth_provider => "google", :auth_uid => auth_uid + follow_redirect! + + post "/user/new", + :params => { :user => { :email => new_email, + :display_name => display_name, + :auth_provider => "google", + :auth_uid => auth_uid, + :consider_pd => "1" }, + :email_hmac => email_hmac } + assert_redirected_to auth_path(:provider => "google", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_redirected_to welcome_path + follow_redirect! + end + end + end + + # Check the page + assert_response :success + assert_template "site/welcome" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_google_duplicate_email + dup_user = create(:user) + display_name = "new_tester-google" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:google, + :uid => auth_uid, + :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } }, + :info => { :email => dup_user.email, :name => display_name }) + + post auth_path(:provider => "google", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email, + :email_hmac => UsersController.message_hmac(dup_user.email), + :auth_provider => "google", :auth_uid => auth_uid + follow_redirect! + + assert_response :success + assert_template "users/new" + assert_select "form > div > input.is-invalid#user_email" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_google_failure + OmniAuth.config.mock_auth[:google] = :connection_failed + + new_email = "newtester-google2@osm.org" + display_name = "new_tester-google2" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => new_email, + :email_confirmation => new_email, + :display_name => display_name, + :auth_provider => "google", + :auth_uid => "123454321", + :pass_crypt => "", + :pass_crypt_confirmation => "" } } + assert_redirected_to auth_path(:provider => "google", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new") + follow_redirect! + assert_redirected_to "/user/new" + end + end + end + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_google_redirect + orig_email = "redirect_tester_google_orig@google.com" + email_hmac = UsersController.message_hmac(orig_email) + new_email = "redirect_tester_google@osm.org" + display_name = "redirect_tester_google" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:google, + :uid => auth_uid, + :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } }, + :info => { :email => orig_email, :name => display_name }) + + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + perform_enqueued_jobs do + post auth_path(:provider => "google", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => orig_email, :email_hmac => email_hmac, + :auth_provider => "google", :auth_uid => auth_uid + follow_redirect! + post "/user/new", + :params => { :user => { :email => new_email, + :email_hmac => email_hmac, + :display_name => display_name, + :auth_provider => "google", + :auth_uid => auth_uid, + :consider_pd => "1" } } + assert_redirected_to auth_path(:provider => "google", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name + follow_redirect! + end + end + end + + # Check the e-mail + register_email = ActionMailer::Base.deliveries.first + + assert_equal register_email.to.first, new_email + # Check that the confirm account url is correct + confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)") + email_text_parts(register_email).each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1]) + + # Check the page + assert_response :success + assert_template "confirmations/confirm" + + ActionMailer::Base.deliveries.clear + + # Go to the confirmation page + get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :success + assert_template "confirmations/confirm" + + post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "site/welcome" + end + + def test_user_create_facebook_success + new_email = "newtester-facebook@osm.org" + email_hmac = UsersController.message_hmac(new_email) + display_name = "new_tester-facebook" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:facebook, + :uid => auth_uid, + :info => { "email" => new_email, :name => display_name }) + + assert_difference("User.count") do + assert_no_difference("ActionMailer::Base.deliveries.size") do + perform_enqueued_jobs do + post auth_path(:provider => "facebook", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "facebook") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => new_email, :email_hmac => email_hmac, + :auth_provider => "facebook", :auth_uid => auth_uid + follow_redirect! + + post "/user/new", + :params => { :user => { :email => new_email, + :display_name => display_name, + :auth_provider => "facebook", + :auth_uid => auth_uid, + :consider_pd => "1" }, + :email_hmac => email_hmac } + assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "facebook") + follow_redirect! + assert_redirected_to welcome_path + follow_redirect! + end + end + end + + # Check the page + assert_response :success + assert_template "site/welcome" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_facebook_duplicate_email + dup_user = create(:user) + display_name = "new_tester-facebook" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:facebook, + :uid => auth_uid, + :info => { :email => dup_user.email, :name => display_name }) + + post auth_path(:provider => "facebook", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "facebook") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email, + :email_hmac => UsersController.message_hmac(dup_user.email), + :auth_provider => "facebook", :auth_uid => auth_uid + follow_redirect! + + assert_response :success + assert_template "users/new" + assert_select "form > div > input.is-invalid#user_email" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_facebook_failure + OmniAuth.config.mock_auth[:facebook] = :connection_failed + + new_email = "newtester-facebook2@osm.org" + display_name = "new_tester-facebook2" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => new_email, + :email_confirmation => new_email, + :display_name => display_name, + :auth_provider => "facebook", + :auth_uid => "123454321", + :pass_crypt => "", + :pass_crypt_confirmation => "" } } + assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "facebook") + follow_redirect! + assert_redirected_to auth_failure_path(:strategy => "facebook", :message => "connection_failed", :origin => "/user/new") + follow_redirect! + assert_redirected_to "/user/new" + end + end + end + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_facebook_redirect + orig_email = "redirect_tester_facebook_orig@osm.org" + email_hmac = UsersController.message_hmac(orig_email) + new_email = "redirect_tester_facebook@osm.org" + display_name = "redirect_tester_facebook" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:facebook, + :uid => auth_uid, + :info => { :email => orig_email, :name => display_name }) + # nothing special about this page, just need a protected page to redirect back to. - referer = "/traces/mine" - assert_difference('User.count') do - assert_difference('ActionMailer::Base.deliveries.size', 1) do - post "/user/terms", - {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.success=newuser", :pass_crypt => "", :pass_crypt_confirmation => ""}, :referer => referer } - assert_response :redirect - res = openid_request(@response.location) - post '/user/terms', res - assert_response :success - assert_template 'terms' - post_via_redirect "/user/save", - {:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :openid_url => "http://localhost:1123/john.doe?openid.success=newuser", :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest"} } + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + perform_enqueued_jobs do + post auth_path(:provider => "facebook", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "facebook") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => orig_email, :email_hmac => email_hmac, + :auth_provider => "facebook", :auth_uid => auth_uid + follow_redirect! + + post "/user/new", + :params => { :user => { :email => new_email, + :email_hmac => email_hmac, + :display_name => display_name, + :auth_provider => "facebook", + :auth_uid => auth_uid, + :consider_pd => "1" } } + assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "facebook") + follow_redirect! + assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name + assert_response :redirect + follow_redirect! + end end end # Check the e-mail register_email = ActionMailer::Base.deliveries.first - assert_equal register_email.to[0], new_email + assert_equal register_email.to.first, new_email # Check that the confirm account url is correct - confirm_regex = Regexp.new("/user/redirect_tester_openid/confirm\\?confirm_string=([a-zA-Z0-9]*)") - assert_match(confirm_regex, register_email.body) - confirm_string = confirm_regex.match(register_email.body)[1] + confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)") + email_text_parts(register_email).each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1]) # Check the page assert_response :success - assert_template 'login' + assert_template "confirmations/confirm" ActionMailer::Base.deliveries.clear # Go to the confirmation page - get 'user/confirm', { :confirm_string => confirm_string } + get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :success + assert_template "confirmations/confirm" + + post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :redirect + follow_redirect! assert_response :success - assert_template 'user/confirm' + assert_template "site/welcome" + end + + def test_user_create_microsoft_success + new_email = "newtester-microsoft@osm.org" + email_hmac = UsersController.message_hmac(new_email) + display_name = "new_tester-microsoft" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:microsoft, + :uid => auth_uid, + :info => { "email" => new_email, :name => display_name }) + + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post auth_path(:provider => "microsoft", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "microsoft") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => new_email, :email_hmac => email_hmac, + :auth_provider => "microsoft", :auth_uid => auth_uid + follow_redirect! + post "/user/new", + :params => { :user => { :email => new_email, + :display_name => display_name, + :auth_provider => "microsoft", + :auth_uid => auth_uid, + :consider_pd => "1" }, + :email_hmac => email_hmac } + assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "microsoft") + follow_redirect! + assert_redirected_to welcome_path + follow_redirect! + end + end + end + + # Check the page + assert_response :success + assert_template "site/welcome" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_microsoft_duplicate_email + dup_user = create(:user) + display_name = "new_tester-microsoft" + auth_uid = "123454321" - post 'user/confirm', { :confirm_string => confirm_string, :confirm_action => 'submit' } - assert_response :redirect # to trace/mine in original referrer + OmniAuth.config.add_mock(:microsoft, + :uid => auth_uid, + :info => { :email => dup_user.email, :name => display_name }) + + post auth_path(:provider => "microsoft", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "microsoft") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email, + :email_hmac => UsersController.message_hmac(dup_user.email), + :auth_provider => "microsoft", :auth_uid => auth_uid follow_redirect! - assert_response :redirect # but it not redirects to /user//traces + + assert_response :success + assert_template "users/new" + assert_select "form > div > input.is-invalid#user_email" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_microsoft_failure + OmniAuth.config.mock_auth[:microsoft] = :connection_failed + + new_email = "newtester-microsoft2@osm.org" + display_name = "new_tester-microsoft2" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => new_email, + :email_confirmation => new_email, + :display_name => display_name, + :auth_provider => "microsoft", + :auth_uid => "123454321", + :pass_crypt => "", + :pass_crypt_confirmation => "" } } + assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "microsoft") + follow_redirect! + assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/user/new") + follow_redirect! + assert_redirected_to "/user/new" + end + end + end + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_microsoft_redirect + orig_email = "redirect_tester_microsoft_orig@osm.org" + email_hmac = UsersController.message_hmac(orig_email) + new_email = "redirect_tester_microsoft@osm.org" + display_name = "redirect_tester_microsoft" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:microsoft, + :uid => auth_uid, + :info => { :email => orig_email, :name => display_name }) + + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + perform_enqueued_jobs do + post auth_path(:provider => "microsoft", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "microsoft") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => orig_email, :email_hmac => email_hmac, + :auth_provider => "microsoft", :auth_uid => auth_uid + follow_redirect! + + post "/user/new", + :params => { :user => { :email => new_email, + :email_hmac => email_hmac, + :display_name => display_name, + :auth_provider => "microsoft", + :auth_uid => auth_uid, + :consider_pd => "1" } } + assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "microsoft") + follow_redirect! + assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name + assert_response :redirect + follow_redirect! + end + end + end + + # Check the e-mail + register_email = ActionMailer::Base.deliveries.first + + assert_equal register_email.to.first, new_email + # Check that the confirm account url is correct + confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)") + email_text_parts(register_email).each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1]) + + # Check the page + assert_response :success + assert_template "confirmations/confirm" + + ActionMailer::Base.deliveries.clear + + # Go to the confirmation page + get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :success + assert_template "confirmations/confirm" + + post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "site/welcome" + end + + def test_user_create_github_success + new_email = "newtester-github@osm.org" + email_hmac = UsersController.message_hmac(new_email) + display_name = "new_tester-github" + password = "testtest" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:github, + :uid => auth_uid, + :info => { "email" => new_email, :name => display_name }) + + assert_difference("User.count") do + assert_no_difference("ActionMailer::Base.deliveries.size") do + perform_enqueued_jobs do + post auth_path(:provider => "github", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "github") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => new_email, :email_hmac => email_hmac, + :auth_provider => "github", :auth_uid => auth_uid + follow_redirect! + + post "/user/new", + :params => { :user => { :email => new_email, + :display_name => display_name, + :auth_provider => "github", + :auth_uid => "123454321", + :pass_crypt => password, + :pass_crypt_confirmation => password }, + :read_ct => 1, + :read_tou => 1, + :email_hmac => email_hmac } + assert_redirected_to auth_path(:provider => "github", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "github") + follow_redirect! + assert_redirected_to welcome_path + follow_redirect! + end + end + end + + # Check the page + assert_response :success + assert_template "site/welcome" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_github_duplicate_email + dup_user = create(:user) + display_name = "new_tester-github" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:github, + :uid => auth_uid, + :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } }, + :info => { :email => dup_user.email, :name => display_name }) + + post auth_path(:provider => "github", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "github") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email), + :auth_provider => "github", :auth_uid => auth_uid + follow_redirect! + + assert_response :success + assert_template "users/new" + assert_select "form > div > input.is-invalid#user_email" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_github_failure + OmniAuth.config.mock_auth[:github] = :connection_failed + + new_email = "newtester-github2@osm.org" + display_name = "new_tester-github2" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => new_email, + :email_confirmation => new_email, + :display_name => display_name, + :auth_provider => "github", + :auth_uid => "123454321", + :pass_crypt => "", + :pass_crypt_confirmation => "" } } + assert_redirected_to auth_path(:provider => "github", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "github") + follow_redirect! + assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/user/new") + follow_redirect! + assert_redirected_to "/user/new" + end + end + end + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_github_redirect + orig_email = "redirect_tester_github_orig@osm.org" + email_hmac = UsersController.message_hmac(orig_email) + new_email = "redirect_tester_github@osm.org" + display_name = "redirect_tester_github" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:github, + :uid => auth_uid, + :info => { :email => orig_email, :name => display_name }) + + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + perform_enqueued_jobs do + post auth_path(:provider => "github", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "github") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => orig_email, :email_hmac => email_hmac, + :auth_provider => "github", :auth_uid => auth_uid + follow_redirect! + post "/user/new", + :params => { :user => { :email => new_email, + :email_hmac => email_hmac, + :display_name => display_name, + :auth_provider => "github", + :auth_uid => auth_uid, + :consider_pd => "1" } } + assert_redirected_to auth_path(:provider => "github", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "github") + follow_redirect! + assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name + assert_response :redirect + follow_redirect! + end + end + end + + # Check the e-mail + register_email = ActionMailer::Base.deliveries.first + + assert_equal register_email.to.first, new_email + # Check that the confirm account url is correct + confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)") + email_text_parts(register_email).each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1]) + + # Check the page + assert_response :success + assert_template "confirmations/confirm" + + ActionMailer::Base.deliveries.clear + + # Go to the confirmation page + get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :success + assert_template "confirmations/confirm" + + post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "site/welcome" + end + + def test_user_create_wikipedia_success + new_email = "newtester-wikipedia@osm.org" + email_hmac = UsersController.message_hmac(new_email) + display_name = "new_tester-wikipedia" + password = "testtest" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:wikipedia, + :uid => auth_uid, + :info => { :email => new_email, :name => display_name }) + + assert_difference("User.count") do + assert_no_difference("ActionMailer::Base.deliveries.size") do + perform_enqueued_jobs do + post auth_path(:provider => "wikipedia", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => new_email, :email_hmac => email_hmac, + :auth_provider => "wikipedia", :auth_uid => auth_uid + follow_redirect! + post "/user/new", + :params => { :user => { :email => new_email, + :display_name => display_name, + :auth_provider => "wikipedia", + :auth_uid => "123454321", + :pass_crypt => password, + :pass_crypt_confirmation => password }, + :read_ct => 1, + :read_tou => 1, + :email_hmac => email_hmac } + assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_redirected_to welcome_path + follow_redirect! + end + end + end + + # Check the page + assert_response :success + assert_template "site/welcome" + end + + def test_user_create_wikipedia_duplicate_email + dup_user = create(:user) + display_name = "new_tester-wikipedia" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:wikipedia, + :uid => auth_uid, + :info => { "email" => dup_user.email, :name => display_name }) + + post auth_path(:provider => "wikipedia", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email), + :auth_provider => "wikipedia", :auth_uid => auth_uid + follow_redirect! + + assert_response :success + assert_template "users/new" + assert_select "form > div > input.is-invalid#user_email" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_wikipedia_failure + OmniAuth.config.mock_auth[:wikipedia] = :connection_failed + + new_email = "newtester-wikipedia2@osm.org" + display_name = "new_tester-wikipedia2" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + perform_enqueued_jobs do + post "/user/new", + :params => { :user => { :email => new_email, + :email_confirmation => new_email, + :display_name => display_name, + :auth_provider => "wikipedia", + :auth_uid => "123454321", + :pass_crypt => "", + :pass_crypt_confirmation => "" } } + assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/user/new") + follow_redirect! + assert_redirected_to "/user/new" + end + end + end + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_wikipedia_redirect + orig_email = "redirect_tester_wikipedia_orig@osm.org" + email_hmac = UsersController.message_hmac(orig_email) + new_email = "redirect_tester_wikipedia@osm.org" + display_name = "redirect_tester_wikipedia" + auth_uid = "123454321" + + OmniAuth.config.add_mock(:wikipedia, + :uid => auth_uid, + :info => { :email => orig_email, :name => display_name }) + + # nothing special about this page, just need a protected page to redirect back to. + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + perform_enqueued_jobs do + post auth_path(:provider => "wikipedia", :origin => "/user/new") + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, + :email => orig_email, :email_hmac => email_hmac, + :auth_provider => "wikipedia", :auth_uid => auth_uid + follow_redirect! + + post "/user/new", + :params => { :user => { :email => new_email, + :email_hmac => email_hmac, + :display_name => display_name, + :auth_provider => "wikipedia", + :auth_uid => auth_uid, + :consider_pd => "1" } } + assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new") + post response.location + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name + assert_response :redirect + follow_redirect! + end + end + end + + # Check the e-mail + register_email = ActionMailer::Base.deliveries.first + + assert_equal register_email.to.first, new_email + # Check that the confirm account url is correct + confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)") + email_text_parts(register_email).each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1]) + + # Check the page + assert_response :success + assert_template "confirmations/confirm" + + ActionMailer::Base.deliveries.clear + + # Go to the confirmation page + get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :success + assert_template "confirmations/confirm" + + post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string } + assert_response :redirect follow_redirect! assert_response :success - assert_template "trace/list.html.erb" + assert_template "site/welcome" end end