X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/a6b84a0294a2929006ff056f56103be549c5b5a2..53eadb36fcec6c0d07ba550a2f72c4d3932ffead:/test/integration/user_terms_seen_test.rb?ds=sidebyside diff --git a/test/integration/user_terms_seen_test.rb b/test/integration/user_terms_seen_test.rb index 3a42aa6bd..811883f5f 100644 --- a/test/integration/user_terms_seen_test.rb +++ b/test/integration/user_terms_seen_test.rb @@ -1,76 +1,80 @@ require "test_helper" class UserTermsSeenTest < ActionDispatch::IntegrationTest - fixtures :users + def setup + stub_hostip_requests + end def test_api_blocked with_terms_seen(true) do - user = users(:terms_not_seen_user) + user = create(:user, :terms_seen => false) - get "/api/#{API_VERSION}/user/preferences", nil, auth_header(user.display_name, "test") + get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test") assert_response :forbidden # touch it so that the user has seen the terms user.terms_seen = true user.save - get "/api/#{API_VERSION}/user/preferences", nil, auth_header(user.display_name, "test") + get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test") assert_response :success end end def test_terms_presented_at_login with_terms_seen(true) do - user = users(:terms_not_seen_user) + user = create(:user, :terms_seen => false) # try to log in - get_via_redirect "/login" + get "/login" + follow_redirect! assert_response :success assert_template "user/login" - post "/login", "username" => user.email, "password" => "test", :referer => "/" + post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" } assert_response :redirect # but now we need to look at the terms - assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/" + assert_redirected_to :controller => :user, :action => :terms, :referer => "/diary/new" follow_redirect! assert_response :success # don't agree to the terms, but hit decline - post "/user/save", "decline" => "decline", "referer" => "/" - assert_redirected_to "/" + post "/user/save", :params => { :decline => true, :referer => "/diary/new" } + assert_redirected_to "/diary/new" follow_redirect! # should be carried through to a normal login with a message assert_response :success - assert !flash[:notice].nil? + assert_not flash[:notice].nil? end end def test_terms_cant_be_circumvented with_terms_seen(true) do - user = users(:terms_not_seen_user) + user = create(:user, :terms_seen => false) # try to log in - get_via_redirect "/login" + get "/login" + follow_redirect! assert_response :success assert_template "user/login" - post "/login", "username" => user.email, "password" => "test", :referer => "/" + post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" } assert_response :redirect # but now we need to look at the terms - assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/" - follow_redirect! - assert_response :success + assert_redirected_to :controller => :user, :action => :terms, :referer => "/diary/new" # check that if we go somewhere else now, it redirects # back to the terms page. get "/traces/mine" - assert_redirected_to "controller" => "user", "action" => "terms", :referer => "/traces/mine" + assert_redirected_to :controller => :user, :action => :terms, :referer => "/traces/mine" + get "/traces/mine", :params => { :referer => "/diary/new" } + assert_redirected_to :controller => :user, :action => :terms, :referer => "/diary/new" end end private def auth_header(user, pass) - { "HTTP_AUTHORIZATION" => format("Basic %s", Base64.encode64("#{user}:#{pass}")) } + { "HTTP_AUTHORIZATION" => format("Basic %{auth}", :auth => Base64.encode64("#{user}:#{pass}")) } end def with_terms_seen(value)