<%= render :partial => "shared/section_divider", :locals => { :text => t(".or") } %>
<% end %>
+<% if current_user %>
+ <div class="alert alert-warning pb-0">
+ <p>
+ <%= t ".already_logged_in_html", :user => tag.strong(current_user.display_name) %>
+ </p>
+ <% if @safe_referer %>
+ <p>
+ <%= t ".access_another_page" %>
+ </p>
+ <p class="text-center">
+ <%= link_to t(".visit_referring_page"), @safe_referer, :id => "referer_link", :class => "btn btn-warning" %>
+ </p>
+ <% end %>
+ </div>
+<% end %>
+
<%= bootstrap_form_tag(:action => "login", :html => { :id => "login_form" }) do |f| %>
<%= hidden_field_tag("referer", h(params[:referer]), :autocomplete => "off") %>
new:
tab_title: "Log In"
login_to_authorize_html: "Log in to OpenStreetMap to access %{client_app_name}."
+ already_logged_in_html: "You are already logged in as %{user}. Logging in again will change your current account."
+ access_another_page: "You arrived here while trying to access another page. If you want to access that page using your current account, click the button below:"
+ visit_referring_page: "Visit referring page"
email or username: "Email Address or Username"
password: "Password"
remember: "Remember me"
--- /dev/null
+require "application_system_test_case"
+
+class UserLoginTest < ApplicationSystemTestCase
+ test "Warn on login page when already logged in" do
+ user1 = create(:user, :display_name => "First User")
+ user2 = create(:user, :display_name => "Second User")
+ sign_in_as(user1)
+
+ visit login_path
+
+ assert_button "First User"
+ within_content_body do
+ assert_text "logged in as First User"
+ assert_no_link "Visit referring page"
+ end
+
+ fill_in "username", :with => user2.email
+ fill_in "password", :with => "test"
+ click_on "Log in"
+
+ assert_button "Second User"
+ end
+
+ test "Warn on login page when already logged in with referer link" do
+ user1 = create(:user, :display_name => "First User")
+ sign_in_as(user1)
+
+ visit login_path(:referer => copyright_path, :anchor => "trademarks")
+
+ assert_button "First User"
+ within_content_body do
+ assert_text "logged in as First User"
+ assert_link "Visit referring page"
+
+ click_on "Visit referring page"
+ end
+
+ assert_current_path copyright_path
+ assert_equal "#trademarks", execute_script("return location.hash")
+ end
+
+ test "Only show safe referer links inside warnings" do
+ user1 = create(:user, :display_name => "First User")
+ sign_in_as(user1)
+
+ visit login_path(:referer => "https://example.com/")
+
+ assert_button "First User"
+ within_content_body do
+ assert_text "logged in as First User"
+ assert_no_link "Visit referring page"
+ end
+ end
+
+ test "Show OpenID form when OpenID provider button is clicked" do
+ visit login_path
+
+ within_content_body do
+ assert_no_field "OpenID URL"
+ assert_no_button "Continue"
+
+ click_on "Log in with OpenID"
+
+ assert_field "OpenID URL"
+ assert_button "Continue"
+ end
+ end
+end
assert_content "Confirm Password"
end
end
-
- test "Show OpenID form when OpenID provider button is clicked" do
- visit login_path
-
- within_content_body do
- assert_no_field "OpenID URL"
- assert_no_button "Continue"
-
- click_on "Log in with OpenID"
-
- assert_field "OpenID URL"
- assert_button "Continue"
- end
- end
end
projects / rails.git / commitdiff