github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-24 23:31:21 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Fix all the errors to get our tests green on Rails 5.1.

Browse Source
This commit is contained in:
Guo Xiang Tan
2017-08-31 12:06:56 +08:00
parent 898ee93547
commit 77d4c4d8dc
989 changed files with 5114 additions and 3117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

209
spec/controllers/session_controller_spec.rb
View File

@ -13,14 +13,14 @@ describe SessionController do
it "does not work when not in development mode" do
Rails.env.stubs(:development?).returns(false)
get :become, session_id: user.username
get :become, params: { session_id: user.username }, format: :json
expect(response).not_to be_redirect
expect(session[:current_user_id]).to be_blank
end
it "works in developmenet mode" do
Rails.env.stubs(:development?).returns(true)
get :become, session_id: user.username
get :become, params: { session_id: user.username }, format: :json
expect(response).to be_redirect
expect(session[:current_user_id]).to eq(user.id)
end
@ -64,7 +64,7 @@ describe SessionController do
sso.external_id = 'abc'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('/')
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
@ -87,7 +87,7 @@ describe SessionController do
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns(screened_ip.ip_address)
sso = sso_for_ip_specs
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user).to eq(nil)
@ -101,7 +101,7 @@ describe SessionController do
screened_ip = Fabricate(:screened_ip_address)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns(screened_ip.ip_address)
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user).to be_blank
end
@ -114,7 +114,7 @@ describe SessionController do
sso.username = 'sam'
ScreenedEmail.block('bob@bob.com')
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user).to eq(nil)
@ -130,7 +130,7 @@ describe SessionController do
sso.custom_fields["shop_name"] = "Sam"
sso.admin = true
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user.admin).to eq(true)
@ -143,7 +143,7 @@ describe SessionController do
sso.name = 'Sam Saffron'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('/b/')
end
@ -156,7 +156,7 @@ describe SessionController do
sso.name = 'Sam Saffron'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('https://gusundtrout.com')
end
@ -167,7 +167,7 @@ describe SessionController do
sso.name = 'Sam Saffron'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('/')
end
@ -178,7 +178,7 @@ describe SessionController do
sso.name = 'Sam Saffron'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('/')
end
@ -192,7 +192,7 @@ describe SessionController do
sso.custom_fields["shop_name"] = "Sam"
events = DiscourseEvent.track_events do
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
end
expect(events.map { |event| event[:event_name] }).to include(
@ -229,7 +229,7 @@ describe SessionController do
sso.username = 'sam'
sso.require_activation = true
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user).to eq(nil)
@ -244,7 +244,7 @@ describe SessionController do
sso.username = 'sam'
sso.require_activation = true
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
end
end
@ -259,7 +259,7 @@ describe SessionController do
user.create_single_sign_on_record(external_id: '997', last_payload: '')
user.stubs(:active?).returns(true)
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(user.id).to eq(logged_on_user.id)
@ -275,7 +275,7 @@ describe SessionController do
user = Fabricate(:user)
user.create_single_sign_on_record(external_id: '997', last_payload: '')
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
user.single_sign_on_record.reload
expect(user.single_sign_on_record.last_payload).to eq(sso.unsigned_payload)
@ -286,7 +286,7 @@ describe SessionController do
expect(user.id).to eq(logged_on_user.id)
# nonce is bad now
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response.code).to eq('419')
end
@ -307,12 +307,15 @@ describe SessionController do
end
it "successfully logs in and redirects user to return_sso_url when the user is not logged in" do
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
get :sso_provider, params: Rack::Utils.parse_query(@sso.payload)
expect(response).to redirect_to("/login")
xhr :post, :create, login: @user.username, password: "frogs", format: :json
post :create,
params: { login: @user.username, password: "frogs" },
format: :json,
xhr: true
location = cookies[:sso_destination_url]
location = response.cookies["sso_destination_url"]
# javascript code will handle redirection of user to return_sso_url
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
@ -330,7 +333,7 @@ describe SessionController do
it "successfully redirects user to return_sso_url when the user is logged in" do
log_in_user(@user)
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
get :sso_provider, params: Rack::Utils.parse_query(@sso.payload)
location = response.header["Location"]
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
@ -371,7 +374,7 @@ describe SessionController do
end
it 'stores the external attributes' do
get :sso_login, Rack::Utils.parse_query(@sso.payload)
get :sso_login, params: Rack::Utils.parse_query(@sso.payload)
@user.single_sign_on_record.reload
expect(@user.single_sign_on_record.external_username).to eq(@sso.username)
expect(@user.single_sign_on_record.external_email).to eq(@sso.email)
@ -379,7 +382,7 @@ describe SessionController do
end
it 'overrides attributes' do
get :sso_login, Rack::Utils.parse_query(@sso.payload)
get :sso_login, params: Rack::Utils.parse_query(@sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user.username).to eq(@suggested_username)
@ -392,7 +395,7 @@ describe SessionController do
@sso.name = @user.name
@sso.email = @user.email
get :sso_login, Rack::Utils.parse_query(@sso.payload)
get :sso_login, params: Rack::Utils.parse_query(@sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user.username).to eq(@user.username)
@ -420,12 +423,15 @@ describe SessionController do
end
it "successfully logs in and redirects user to return_sso_url when the user is not logged in" do
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
get :sso_provider, params: Rack::Utils.parse_query(@sso.payload)
expect(response).to redirect_to("/login")
xhr :post, :create, login: @user.username, password: "frogs", format: :json
post :create,
params: { login: @user.username, password: "frogs" },
format: :json,
xhr: true
location = cookies[:sso_destination_url]
location = response.cookies["sso_destination_url"]
# javascript code will handle redirection of user to return_sso_url
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
@ -443,7 +449,7 @@ describe SessionController do
it "successfully redirects user to return_sso_url when the user is logged in" do
log_in_user(@user)
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
get :sso_provider, params: Rack::Utils.parse_query(@sso.payload)
location = response.header["Location"]
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
@ -467,7 +473,10 @@ describe SessionController do
context 'local login is disabled' do
before do
SiteSetting.enable_local_logins = false
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
end
it_behaves_like "failed to continue local login"
end
@ -475,7 +484,10 @@ describe SessionController do
context 'SSO is enabled' do
before do
SiteSetting.enable_sso = true
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
end
it_behaves_like "failed to continue local login"
end
@ -487,12 +499,17 @@ describe SessionController do
end
it "raises an error when the login isn't present" do
expect { xhr :post, :create }.to raise_error(ActionController::ParameterMissing)
expect do
post :create, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
describe 'invalid password' do
it "should return an error with an invalid password" do
xhr :post, :create, login: user.username, password: 'sssss'
post :create, params: {
login: user.username, password: 'sssss'
}, format: :json
expect(::JSON.parse(response.body)['error']).to be_present
end
end
@ -500,7 +517,10 @@ describe SessionController do
describe 'invalid password' do
it "should return an error with an invalid password if too long" do
User.any_instance.expects(:confirm_password?).never
xhr :post, :create, login: user.username, password: ('s' * (User.max_password_length + 1))
post :create, params: {
login: user.username, password: ('s' * (User.max_password_length + 1))
}, format: :json
expect(::JSON.parse(response.body)['error']).to be_present
end
end
@ -511,7 +531,9 @@ describe SessionController do
user.suspended_at = Time.now
user.save!
StaffActionLogger.new(user).log_user_suspend(user, "<strike>banned</strike>")
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
error = ::JSON.parse(response.body)['error']
expect(error).to be_present
@ -523,7 +545,11 @@ describe SessionController do
describe 'deactivated user' do
it 'should return an error' do
User.any_instance.stubs(:active).returns(false)
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(JSON.parse(response.body)['error']).to eq(I18n.t('login.not_activated'))
end
end
@ -531,7 +557,9 @@ describe SessionController do
describe 'success by username' do
it 'logs in correctly' do
events = DiscourseEvent.track_events do
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
end
expect(events.map { |event| event[:event_name] }).to include(
@ -550,7 +578,10 @@ describe SessionController do
before do
screened_ip = Fabricate(:screened_ip_address)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns(screened_ip.ip_address)
xhr :post, :create, login: "@" + user.username, password: 'myawesomepassword'
post :create, params: {
login: "@" + user.username, password: 'myawesomepassword'
}, format: :json
user.reload
end
@ -561,7 +592,10 @@ describe SessionController do
describe 'strips leading @ symbol' do
before do
xhr :post, :create, login: "@" + user.username, password: 'myawesomepassword'
post :create, params: {
login: "@" + user.username, password: 'myawesomepassword'
}, format: :json
user.reload
end
@ -572,7 +606,9 @@ describe SessionController do
describe 'also allow login by email' do
before do
xhr :post, :create, login: user.email, password: 'myawesomepassword'
post :create, params: {
login: user.email, password: 'myawesomepassword'
}, format: :json
end
it 'sets a session id' do
@ -585,12 +621,18 @@ describe SessionController do
let(:email) { " #{user.email} " }
it "strips spaces from the username" do
xhr :post, :create, login: username, password: 'myawesomepassword'
post :create, params: {
login: username, password: 'myawesomepassword'
}, format: :json
expect(::JSON.parse(response.body)['error']).not_to be_present
end
it "strips spaces from the email" do
xhr :post, :create, login: email, password: 'myawesomepassword'
post :create, params: {
login: email, password: 'myawesomepassword'
}, format: :json
expect(::JSON.parse(response.body)['error']).not_to be_present
end
end
@ -602,7 +644,9 @@ describe SessionController do
context 'with an unapproved user' do
before do
xhr :post, :create, login: user.email, password: 'myawesomepassword'
post :create, params: {
login: user.email, password: 'myawesomepassword'
}, format: :json
end
it "doesn't log in the user" do
@ -619,7 +663,10 @@ describe SessionController do
context "with an unapproved user who is an admin" do
before do
User.any_instance.stubs(:admin?).returns(true)
xhr :post, :create, login: user.email, password: 'myawesomepassword'
post :create, params: {
login: user.email, password: 'myawesomepassword'
}, format: :json
end
it 'sets a session id' do
@ -638,14 +685,22 @@ describe SessionController do
it 'is successful for admin at the ip address' do
User.any_instance.stubs(:admin?).returns(true)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns(permitted_ip_address)
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(session[:current_user_id]).to eq(user.id)
end
it 'returns an error for admin not at the ip address' do
User.any_instance.stubs(:admin?).returns(true)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns("111.234.23.12")
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(JSON.parse(response.body)['error']).to be_present
expect(session[:current_user_id]).not_to eq(user.id)
end
@ -653,7 +708,11 @@ describe SessionController do
it 'is successful for non-admin not at the ip address' do
User.any_instance.stubs(:admin?).returns(false)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns("111.234.23.12")
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(session[:current_user_id]).to eq(user.id)
end
end
@ -661,7 +720,9 @@ describe SessionController do
context 'when email has not been confirmed' do
def post_login
xhr :post, :create, login: user.email, password: 'myawesomepassword'
post :create, params: {
login: user.email, password: 'myawesomepassword'
}, format: :json
end
it "doesn't log in the user" do
@ -695,10 +756,17 @@ describe SessionController do
RateLimiter.clear_all!
2.times do
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(response).to be_success
end
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(response).not_to be_success
json = JSON.parse(response.body)
expect(json["error_type"]).to eq("rate_limit")
@ -709,7 +777,7 @@ describe SessionController do
describe '.destroy' do
before do
@user = log_in
xhr :delete, :destroy, id: @user.username
delete :destroy, params: { id: @user.username }, format: :json
end
it 'removes the session variable' do
@ -717,24 +785,28 @@ describe SessionController do
end
it 'removes the auth token cookie' do
expect(cookies[:_t]).to be_blank
expect(response.cookies["_t"]).to be_blank
end
end
describe '.forgot_password' do
it 'raises an error without a username parameter' do
expect { xhr :post, :forgot_password }.to raise_error(ActionController::ParameterMissing)
expect do
post :forgot_password, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
context 'for a non existant username' do
it "doesn't generate a new token for a made up username" do
expect { xhr :post, :forgot_password, login: 'made_up' }.not_to change(EmailToken, :count)
expect do
post :forgot_password, params: { login: 'made_up' }, format: :json
end.not_to change(EmailToken, :count)
end
it "doesn't enqueue an email" do
Jobs.expects(:enqueue).with(:user_mail, anything).never
xhr :post, :forgot_password, login: 'made_up'
post :forgot_password, params: { login: 'made_up' }, format: :json
end
end
@ -744,7 +816,7 @@ describe SessionController do
context 'local login is disabled' do
before do
SiteSetting.enable_local_logins = false
xhr :post, :forgot_password, login: user.username
post :forgot_password, params: { login: user.username }, format: :json
end
it_behaves_like "failed to continue local login"
end
@ -752,18 +824,23 @@ describe SessionController do
context 'SSO is enabled' do
before do
SiteSetting.enable_sso = true
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
end
it_behaves_like "failed to continue local login"
end
it "generates a new token for a made up username" do
expect { xhr :post, :forgot_password, login: user.username }.to change(EmailToken, :count)
expect do
post :forgot_password, params: { login: user.username }, format: :json
end.to change(EmailToken, :count)
end
it "enqueues an email" do
Jobs.expects(:enqueue).with(:critical_user_email, has_entries(type: :forgot_password, user_id: user.id))
xhr :post, :forgot_password, login: user.username
post :forgot_password, params: { login: user.username }, format: :json
end
end
@ -771,12 +848,14 @@ describe SessionController do
let(:system) { Discourse.system_user }
it 'generates no token for system username' do
expect { xhr :post, :forgot_password, login: system.username }.not_to change(EmailToken, :count)
expect do
post :forgot_password, params: { login: system.username }, format: :json
end.not_to change(EmailToken, :count)
end
it 'enqueues no email' do
Jobs.expects(:enqueue).never
xhr :post, :forgot_password, login: system.username
post :forgot_password, params: { login: system.username }, format: :json
end
end
@ -784,12 +863,14 @@ describe SessionController do
let!(:staged) { Fabricate(:staged) }
it 'generates no token for staged username' do
expect { xhr :post, :forgot_password, login: staged.username }.not_to change(EmailToken, :count)
expect do
post :forgot_password, params: { login: staged.username }, format: :json
end.not_to change(EmailToken, :count)
end
it 'enqueues no email' do
Jobs.expects(:enqueue).never
xhr :post, :forgot_password, login: staged.username
post :forgot_password, params: { login: staged.username }, format: :json
end
end
end
@ -797,7 +878,7 @@ describe SessionController do
describe '.current' do
context "when not logged in" do
it "retuns 404" do
xhr :get, :current
get :current, format: :json
expect(response).not_to be_success
end
end
@ -806,7 +887,7 @@ describe SessionController do
let!(:user) { log_in }
it "returns the JSON for the user" do
xhr :get, :current
get :current, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json['current_user']).to be_present