X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/d3700e6201b4b78a70bbb2941572edc985b63c2c..b14342b6f10b2d9b2739744cad8ee60cbf67edbd:/test/integration/user_terms_seen_test.rb diff --git a/test/integration/user_terms_seen_test.rb b/test/integration/user_terms_seen_test.rb index 811883f5f..d419003d9 100644 --- a/test/integration/user_terms_seen_test.rb +++ b/test/integration/user_terms_seen_test.rb @@ -1,89 +1,61 @@ require "test_helper" class UserTermsSeenTest < ActionDispatch::IntegrationTest - def setup - stub_hostip_requests - end - def test_api_blocked - with_terms_seen(true) do - user = create(:user, :terms_seen => false) + user = create(:user, :terms_seen => false, :terms_agreed => nil) - get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test") - assert_response :forbidden + get "/api/#{Settings.api_version}/user/preferences", :headers => bearer_authorization_header(user) + assert_response :forbidden - # touch it so that the user has seen the terms - user.terms_seen = true - user.save + # touch it so that the user has seen the terms + user.terms_seen = true + user.save - get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test") - assert_response :success - end + get "/api/#{Settings.api_version}/user/preferences", :headers => bearer_authorization_header(user) + assert_response :success end def test_terms_presented_at_login - with_terms_seen(true) do - user = create(:user, :terms_seen => false) - - # try to log in - get "/login" - follow_redirect! - assert_response :success - assert_template "user/login" - post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" } - assert_response :redirect - # but now we need to look at the terms - assert_redirected_to :controller => :user, :action => :terms, :referer => "/diary/new" - follow_redirect! - assert_response :success - - # don't agree to the terms, but hit decline - post "/user/save", :params => { :decline => true, :referer => "/diary/new" } - assert_redirected_to "/diary/new" - follow_redirect! - - # should be carried through to a normal login with a message - assert_response :success - assert_not flash[:notice].nil? - end + user = create(:user, :terms_seen => false, :terms_agreed => nil) + + # try to log in + get "/login" + follow_redirect! + assert_response :success + assert_template "sessions/new" + post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" } + # but now we need to look at the terms + assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new" + follow_redirect! + assert_response :success + + # don't agree to the terms, but hit decline + post "/user/save", :params => { :decline => true, :referer => "/diary/new" } + assert_redirected_to "/diary/new" + follow_redirect! + + # should be carried through to a normal login with a message + assert_response :success + assert_not flash[:notice].nil? end def test_terms_cant_be_circumvented - with_terms_seen(true) do - user = create(:user, :terms_seen => false) - - # try to log in - get "/login" - follow_redirect! - assert_response :success - assert_template "user/login" - post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" } - assert_response :redirect - # but now we need to look at the terms - assert_redirected_to :controller => :user, :action => :terms, :referer => "/diary/new" - - # check that if we go somewhere else now, it redirects - # back to the terms page. - get "/traces/mine" - assert_redirected_to :controller => :user, :action => :terms, :referer => "/traces/mine" - get "/traces/mine", :params => { :referer => "/diary/new" } - assert_redirected_to :controller => :user, :action => :terms, :referer => "/diary/new" - end - end - - private - - def auth_header(user, pass) - { "HTTP_AUTHORIZATION" => format("Basic %{auth}", :auth => Base64.encode64("#{user}:#{pass}")) } - end - - def with_terms_seen(value) - require_terms_seen = Object.send("remove_const", "REQUIRE_TERMS_SEEN") - Object.const_set("REQUIRE_TERMS_SEEN", value) - - yield - - Object.send("remove_const", "REQUIRE_TERMS_SEEN") - Object.const_set("REQUIRE_TERMS_SEEN", require_terms_seen) + user = create(:user, :terms_seen => false, :terms_agreed => nil) + + # try to log in + get "/login" + follow_redirect! + assert_response :success + assert_template "sessions/new" + post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" } + # but now we need to look at the terms + assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new" + + # check that if we go somewhere else now, it redirects + # back to the terms page. + get "/traces/mine" + assert_redirected_to :controller => :users, :action => :terms, :referer => "/traces/mine" + get "/traces/mine", :params => { :referer => "/diary/new" } + assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new" end end