/
session_controller_test.rb
134 lines (110 loc) · 4.33 KB
/
session_controller_test.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
require 'test_helper'
class SessionControllerTest < ActionController::TestCase
setup do
@user = users(:dexter)
@email_credential = credentials(:dexter_email)
@password_credential = credentials(:dexter_password)
end
test "user home page" do
set_session_current_user @user
get :show
assert_equal @user, assigns(:user)
assert_equal @user.profile, assigns(:profile)
assert_select 'a[href="/_/session"][data-method="delete"]', 'Sign out'
end
test "user home page for user without profile" do
user = users(:disconnected)
set_session_current_user user
get :show
assert_equal user.email, assigns(:profile).display_email
assert_select 'a[href="/_/session"][data-method="delete"]', 'Sign out'
end
test "user login works and purges old sessions" do
old_token = credentials(:dexter_session_token)
old_token.updated_at = Time.now - 1.year
old_token.save!
post :create, session: { email: @email_credential.email,
password: 'pa55w0rd' }
assert_equal @user, session_current_user, 'session'
assert_redirected_to session_url
assert_nil Tokens::Base.with_code(old_token.code).first,
'old session not purged'
end
test "user logged in JSON request" do
set_session_current_user @user
get :show, format: 'json'
assert_equal @user.exuid,
ActiveSupport::JSON.decode(response.body)['user']['exuid']
end
test "application welcome page" do
get :show
assert_equal User.count, assigns(:stats)[:users], 'users'
assert_equal Repository.count, assigns(:stats)[:repositories], 'repos'
assert_equal Commit.count, assigns(:stats)[:commits], 'commits'
assert_equal Blob.count, assigns(:stats)[:files], 'files'
assert_select 'a[href="/_/session/new"]', 'Sign in'
end
test "user not logged in with JSON request" do
get :show, format: 'json'
assert_equal({}, ActiveSupport::JSON.decode(response.body))
end
test "user login page" do
get :new
assert_template :new
assert_select 'form[action=?]', session_path do
assert_select 'input[name=?]', 'session[email]'
assert_select 'input[name=?]', 'session[password]'
assert_select 'button[name="login"][type="submit"]'
assert_select 'button[name="reset_password"][type="submit"]'
end
end
test "e-mail verification link" do
token_credential = credentials(:costan_email_token)
email_credential = credentials(:costan_email)
get :token, code: token_credential.code
assert_redirected_to session_url
assert email_credential.reload.verified?, 'Email not verified'
end
test "password reset link" do
password_credential = credentials(:dexter_password)
get :token, code: credentials(:dexter_password_token).code
assert_redirected_to change_password_session_url
assert_nil Credential.where(id: password_credential.id).first,
'Password not cleared'
end
test "password change form" do
set_session_current_user @user
get :password_change
assert_select 'span[class="password_age"]'
assert_select 'form[action=?][method="post"]',
change_password_session_path do
assert_select 'input[name=?]', 'credential[old_password]'
assert_select 'input[name=?]', 'credential[password]'
assert_select 'input[name=?]', 'credential[password_confirmation]'
assert_select 'button[type="submit"]'
end
end
test "password reset form" do
set_session_current_user @user
@password_credential.destroy
get :password_change
assert_select 'span[class="password_age"]', count: 0
assert_select 'form[action=?][method="post"]',
change_password_session_path do
assert_select 'input[name=?]', 'credential[old_password]', count: 0
assert_select 'input[name=?]', 'credential[password]'
assert_select 'input[name=?]', 'credential[password_confirmation]'
assert_select 'button[type="submit"]'
end
end
test "password reset request" do
ActionMailer::Base.deliveries = []
assert_difference 'Credential.count', 1 do
post :reset_password, session: { email: @email_credential.email }
end
assert !ActionMailer::Base.deliveries.empty?, 'email generated'
email = ActionMailer::Base.deliveries.last
assert_equal [@email_credential.email], email.to
assert_redirected_to new_session_url
end
end