Home Explore Help
Sign In
RISCI_ATOM
/
mastodon
mirror of https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Files Issues 8 Wiki
Tree: 6aef76b5cd
Branches Tags
mastodon
/
spec
/
models
/
user_spec.rb

user_spec.rb 16 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563 
  1. require 'rails_helper'
    2. 

  2. require 'devise_two_factor/spec_helpers'
    3. 

  3. 

  4. RSpec.describe User, type: :model do
    5. 

  5.   it_behaves_like 'two_factor_backupable'
    6. 

  6. 

  7.   describe 'otp_secret' do
    8. 

  8.     it 'is encrypted with OTP_SECRET environment variable' do
    9. 

  9.       user = Fabricate(:user,
    10. 

  10.                        encrypted_otp_secret: "Fttsy7QAa0edaDfdfSz094rRLAxc8cJweDQ4BsWH/zozcdVA8o9GLqcKhn2b\nGi/V\n",
    11. 

  11.                        encrypted_otp_secret_iv: 'rys3THICkr60BoWC',
    12. 

  12.                        encrypted_otp_secret_salt: '_LMkAGvdg7a+sDIKjI3mR2Q==')
    13. 

  13. 

  14.       expect(user.otp_secret).to eq 'anotpsecretthatshouldbeencrypted'
    15. 

  15.     end
    16. 

  16.   end
    17. 

  17. 

  18.   describe 'validations' do
    19. 

  19.     it 'is invalid without an account' do
    20. 

  20.       user = Fabricate.build(:user, account: nil)
    21. 

  21.       user.valid?
    22. 

  22.       expect(user).to model_have_error_on_field(:account)
    23. 

  23.     end
    24. 

  24. 

  25.     it 'is invalid without a valid locale' do
    26. 

  26.       user = Fabricate.build(:user, locale: 'toto')
    27. 

  27.       user.valid?
    28. 

  28.       expect(user).to model_have_error_on_field(:locale)
    29. 

  29.     end
    30. 

  30. 

  31.     it 'is invalid without a valid email' do
    32. 

  32.       user = Fabricate.build(:user, email: 'john@')
    33. 

  33.       user.valid?
    34. 

  34.       expect(user).to model_have_error_on_field(:email)
    35. 

  35.     end
    36. 

  36. 

  37.     it 'is valid with an invalid e-mail that has already been saved' do
    38. 

  38.       user = Fabricate.build(:user, email: 'invalid-email')
    39. 

  39.       user.save(validate: false)
    40. 

  40.       expect(user.valid?).to be true
    41. 

  41.     end
    42. 

  42. 

  43.     it 'cleans out empty string from languages' do
    44. 

  44.       user = Fabricate.build(:user, chosen_languages: [''])
    45. 

  45.       user.valid?
    46. 

  46.       expect(user.chosen_languages).to eq nil
    47. 

  47.     end
    48. 

  48.   end
    49. 

  49. 

  50.   describe 'scopes' do
    51. 

  51.     describe 'recent' do
    52. 

  52.       it 'returns an array of recent users ordered by id' do
    53. 

  53.         user_1 = Fabricate(:user)
    54. 

  54.         user_2 = Fabricate(:user)
    55. 

  55.         expect(User.recent).to eq [user_2, user_1]
    56. 

  56.       end
    57. 

  57.     end
    58. 

  58. 

  59.     describe 'admins' do
    60. 

  60.       it 'returns an array of users who are admin' do
    61. 

  61.         user_1 = Fabricate(:user, admin: false)
    62. 

  62.         user_2 = Fabricate(:user, admin: true)
    63. 

  63.         expect(User.admins).to match_array([user_2])
    64. 

  64.       end
    65. 

  65.     end
    66. 

  66. 

  67.     describe 'confirmed' do
    68. 

  68.       it 'returns an array of users who are confirmed' do
    69. 

  69.         user_1 = Fabricate(:user, confirmed_at: nil)
    70. 

  70.         user_2 = Fabricate(:user, confirmed_at: Time.zone.now)
    71. 

  71.         expect(User.confirmed).to match_array([user_2])
    72. 

  72.       end
    73. 

  73.     end
    74. 

  74. 

  75.     describe 'inactive' do
    76. 

  76.       it 'returns a relation of inactive users' do
    77. 

  77.         specified = Fabricate(:user, current_sign_in_at: 15.days.ago)
    78. 

  78.         Fabricate(:user, current_sign_in_at: 6.days.ago)
    79. 

  79. 

  80.         expect(User.inactive).to match_array([specified])
    81. 

  81.       end
    82. 

  82.     end
    83. 

  83. 

  84.     describe 'matches_email' do
    85. 

  85.       it 'returns a relation of users whose email starts with the given string' do
    86. 

  86.         specified = Fabricate(:user, email: 'specified@spec')
    87. 

  87.         Fabricate(:user, email: 'unspecified@spec')
    88. 

  88. 

  89.         expect(User.matches_email('specified')).to match_array([specified])
    90. 

  90.       end
    91. 

  91.     end
    92. 

  92. 

  93.     describe 'matches_ip' do
    94. 

  94.       it 'returns a relation of users whose ip address is matching with the given CIDR' do
    95. 

  95.         user1 = Fabricate(:user)
    96. 

  96.         user2 = Fabricate(:user)
    97. 

  97.         Fabricate(:session_activation, user: user1, ip: '2160:2160::22', session_id: '1')
    98. 

  98.         Fabricate(:session_activation, user: user1, ip: '2160:2160::23', session_id: '2')
    99. 

  99.         Fabricate(:session_activation, user: user2, ip: '2160:8888::24', session_id: '3')
    100. 

  100.         Fabricate(:session_activation, user: user2, ip: '2160:8888::25', session_id: '4')
    101. 

  101. 

  102.         expect(User.matches_ip('2160:2160::/32')).to match_array([user1])
    103. 

  103.       end
    104. 

  104.     end
    105. 

  105.   end
    106. 

  106. 

  107.   let(:account) { Fabricate(:account, username: 'alice') }
    108. 

  108.   let(:password) { 'abcd1234' }
    109. 

  109. 

  110.   describe 'blacklist' do
    111. 

  111.     around(:each) do |example|
    112. 

  112.       old_blacklist = Rails.configuration.x.email_blacklist
    113. 

  113. 

  114.       Rails.configuration.x.email_domains_blacklist = 'mvrht.com'
    115. 

  115. 

  116.       example.run
    117. 

  117. 

  118.       Rails.configuration.x.email_domains_blacklist = old_blacklist
    119. 

  119.     end
    120. 

  120. 

  121.     it 'should allow a non-blacklisted user to be created' do
    122. 

  122.       user = User.new(email: 'foo@example.com', account: account, password: password, agreement: true)
    123. 

  123. 

  124.       expect(user.valid?).to be_truthy
    125. 

  125.     end
    126. 

  126. 

  127.     it 'should not allow a blacklisted user to be created' do
    128. 

  128.       user = User.new(email: 'foo@mvrht.com', account: account, password: password, agreement: true)
    129. 

  129. 

  130.       expect(user.valid?).to be_falsey
    131. 

  131.     end
    132. 

  132. 

  133.     it 'should not allow a subdomain blacklisted user to be created' do
    134. 

  134.       user = User.new(email: 'foo@mvrht.com.topdomain.tld', account: account, password: password, agreement: true)
    135. 

  135. 

  136.       expect(user.valid?).to be_falsey
    137. 

  137.     end
    138. 

  138.   end
    139. 

  139. 

  140.   describe '#confirmed?' do
    141. 

  141.     it 'returns true when a confirmed_at is set' do
    142. 

  142.       user = Fabricate.build(:user, confirmed_at: Time.now.utc)
    143. 

  143.       expect(user.confirmed?).to be true
    144. 

  144.     end
    145. 

  145. 

  146.     it 'returns false if a confirmed_at is nil' do
    147. 

  147.       user = Fabricate.build(:user, confirmed_at: nil)
    148. 

  148.       expect(user.confirmed?).to be false
    149. 

  149.     end
    150. 

  150.   end
    151. 

  151. 

  152.   describe '#confirm' do
    153. 

  153.     it 'sets email to unconfirmed_email' do
    154. 

  154.       user = Fabricate.build(:user, confirmed_at: Time.now.utc, unconfirmed_email: 'new-email@example.com')
    155. 

  155.       user.confirm
    156. 

  156.       expect(user.email).to eq 'new-email@example.com'
    157. 

  157.     end
    158. 

  158.   end
    159. 

  159. 

  160.   describe '#disable_two_factor!' do
    161. 

  161.     it 'saves false for otp_required_for_login' do
    162. 

  162.       user = Fabricate.build(:user, otp_required_for_login: true)
    163. 

  163.       user.disable_two_factor!
    164. 

  164.       expect(user.reload.otp_required_for_login).to be false
    165. 

  165.     end
    166. 

  166. 

  167.     it 'saves nil for otp_secret' do
    168. 

  168.       user = Fabricate.build(:user, otp_secret: 'oldotpcode')
    169. 

  169.       user.disable_two_factor!
    170. 

  170.       expect(user.reload.otp_secret).to be nil
    171. 

  171.     end
    172. 

  172. 

  173.     it 'saves cleared otp_backup_codes' do
    174. 

  174.       user = Fabricate.build(:user, otp_backup_codes: %w(dummy dummy))
    175. 

  175.       user.disable_two_factor!
    176. 

  176.       expect(user.reload.otp_backup_codes.empty?).to be true
    177. 

  177.     end
    178. 

  178.   end
    179. 

  179. 

  180.   describe '#send_confirmation_instructions' do
    181. 

  181.     around do |example|
    182. 

  182.       queue_adapter = ActiveJob::Base.queue_adapter
    183. 

  183.       example.run
    184. 

  184.       ActiveJob::Base.queue_adapter = queue_adapter
    185. 

  185.     end
    186. 

  186. 

  187.     it 'delivers confirmation instructions later' do
    188. 

  188.       user = Fabricate(:user)
    189. 

  189.       ActiveJob::Base.queue_adapter = :test
    190. 

  190. 

  191.       expect { user.send_confirmation_instructions }.to have_enqueued_job(ActionMailer::MailDeliveryJob)
    192. 

  192.     end
    193. 

  193.   end
    194. 

  194. 

  195.   describe 'settings' do
    196. 

  196.     it 'is instance of Settings::ScopedSettings' do
    197. 

  197.       user = Fabricate(:user)
    198. 

  198.       expect(user.settings).to be_kind_of Settings::ScopedSettings
    199. 

  199.     end
    200. 

  200.   end
    201. 

  201. 

  202.   describe '#setting_default_privacy' do
    203. 

  203.     it 'returns default privacy setting if user has configured' do
    204. 

  204.       user = Fabricate(:user)
    205. 

  205.       user.settings[:default_privacy] = 'unlisted'
    206. 

  206.       expect(user.setting_default_privacy).to eq 'unlisted'
    207. 

  207.     end
    208. 

  208. 

  209.     it "returns 'private' if user has not configured default privacy setting and account is locked" do
    210. 

  210.       user = Fabricate(:account, locked: true).user
    211. 

  211.       expect(user.setting_default_privacy).to eq 'private'
    212. 

  212.     end
    213. 

  213. 

  214.     it "returns 'public' if user has not configured default privacy setting and account is not locked" do
    215. 

  215.       user = Fabricate(:account, locked: false).user
    216. 

  216.       expect(user.setting_default_privacy).to eq 'public'
    217. 

  217.     end
    218. 

  218.   end
    219. 

  219. 

  220.   describe 'whitelist' do
    221. 

  221.     around(:each) do |example|
    222. 

  222.       old_whitelist = Rails.configuration.x.email_domains_whitelist
    223. 

  223. 

  224.       Rails.configuration.x.email_domains_whitelist = 'mastodon.space'
    225. 

  225. 

  226.       example.run
    227. 

  227. 

  228.       Rails.configuration.x.email_domains_whitelist = old_whitelist
    229. 

  229.     end
    230. 

  230. 

  231.     it 'should not allow a user to be created unless they are whitelisted' do
    232. 

  232.       user = User.new(email: 'foo@example.com', account: account, password: password, agreement: true)
    233. 

  233.       expect(user.valid?).to be_falsey
    234. 

  234.     end
    235. 

  235. 

  236.     it 'should allow a user to be created if they are whitelisted' do
    237. 

  237.       user = User.new(email: 'foo@mastodon.space', account: account, password: password, agreement: true)
    238. 

  238.       expect(user.valid?).to be_truthy
    239. 

  239.     end
    240. 

  240. 

  241.     it 'should not allow a user with a whitelisted top domain as subdomain in their email address to be created' do
    242. 

  242.       user = User.new(email: 'foo@mastodon.space.userdomain.com', account: account, password: password, agreement: true)
    243. 

  243.       expect(user.valid?).to be_falsey
    244. 

  244.     end
    245. 

  245. 

  246.     context do
    247. 

  247.       around do |example|
    248. 

  248.         old_blacklist = Rails.configuration.x.email_blacklist
    249. 

  249.         example.run
    250. 

  250.         Rails.configuration.x.email_domains_blacklist = old_blacklist
    251. 

  251.       end
    252. 

  252. 

  253.       it 'should not allow a user to be created with a specific blacklisted subdomain even if the top domain is whitelisted' do
    254. 

  254.         Rails.configuration.x.email_domains_blacklist = 'blacklisted.mastodon.space'
    255. 

  255. 

  256.         user = User.new(email: 'foo@blacklisted.mastodon.space', account: account, password: password)
    257. 

  257.         expect(user.valid?).to be_falsey
    258. 

  258.       end
    259. 

  259.     end
    260. 

  260.   end
    261. 

  261. 

  262.   it_behaves_like 'Settings-extended' do
    263. 

  263.     def create!
    264. 

  264.       User.create!(account: Fabricate(:account, user: nil), email: 'foo@mastodon.space', password: 'abcd1234', agreement: true)
    265. 

  265.     end
    266. 

  266. 

  267.     def fabricate
    268. 

  268.       Fabricate(:user)
    269. 

  269.     end
    270. 

  270.   end
    271. 

  271. 

  272.   describe 'token_for_app' do
    273. 

  273.     let(:user) { Fabricate(:user) }
    274. 

  274.     let(:app) { Fabricate(:application, owner: user) }
    275. 

  275. 

  276.     it 'returns a token' do
    277. 

  277.       expect(user.token_for_app(app)).to be_a(Doorkeeper::AccessToken)
    278. 

  278.     end
    279. 

  279. 

  280.     it 'persists a token' do
    281. 

  281.       t = user.token_for_app(app)
    282. 

  282.       expect(user.token_for_app(app)).to eql(t)
    283. 

  283.     end
    284. 

  284. 

  285.     it 'is nil if user does not own app' do
    286. 

  286.       app.update!(owner: nil)
    287. 

  287. 

  288.       expect(user.token_for_app(app)).to be_nil
    289. 

  289.     end
    290. 

  290.   end
    291. 

  291. 

  292.   describe '#role' do
    293. 

  293.     it 'returns admin for admin' do
    294. 

  294.       user = User.new(admin: true)
    295. 

  295.       expect(user.role).to eq 'admin'
    296. 

  296.     end
    297. 

  297. 

  298.     it 'returns moderator for moderator' do
    299. 

  299.       user = User.new(moderator: true)
    300. 

  300.       expect(user.role).to eq 'moderator'
    301. 

  301.     end
    302. 

  302. 

  303.     it 'returns user otherwise' do
    304. 

  304.       user = User.new
    305. 

  305.       expect(user.role).to eq 'user'
    306. 

  306.     end
    307. 

  307.   end
    308. 

  308. 

  309.   describe '#role?' do
    310. 

  310.     it 'returns false when invalid role requested' do
    311. 

  311.       user = User.new(admin: true)
    312. 

  312.       expect(user.role?('disabled')).to be false
    313. 

  313.     end
    314. 

  314. 

  315.     it 'returns true when exact role match' do
    316. 

  316.       user  = User.new
    317. 

  317.       mod   = User.new(moderator: true)
    318. 

  318.       admin = User.new(admin: true)
    319. 

  319. 

  320.       expect(user.role?('user')).to be true
    321. 

  321.       expect(mod.role?('moderator')).to be true
    322. 

  322.       expect(admin.role?('admin')).to be true
    323. 

  323.     end
    324. 

  324. 

  325.     it 'returns true when role higher than needed' do
    326. 

  326.       mod   = User.new(moderator: true)
    327. 

  327.       admin = User.new(admin: true)
    328. 

  328. 

  329.       expect(mod.role?('user')).to be true
    330. 

  330.       expect(admin.role?('user')).to be true
    331. 

  331.       expect(admin.role?('moderator')).to be true
    332. 

  332.     end
    333. 

  333.   end
    334. 

  334. 

  335.   describe '#disable!' do
    336. 

  336.     subject(:user) { Fabricate(:user, disabled: false, current_sign_in_at: current_sign_in_at, last_sign_in_at: nil) }
    337. 

  337.     let(:current_sign_in_at) { Time.zone.now }
    338. 

  338. 

  339.     before do
    340. 

  340.       user.disable!
    341. 

  341.     end
    342. 

  342. 

  343.     it 'disables user' do
    344. 

  344.       expect(user).to have_attributes(disabled: true)
    345. 

  345.     end
    346. 

  346.   end
    347. 

  347. 

  348.   describe '#enable!' do
    349. 

  349.     subject(:user) { Fabricate(:user, disabled: true) }
    350. 

  350. 

  351.     before do
    352. 

  352.       user.enable!
    353. 

  353.     end
    354. 

  354. 

  355.     it 'enables user' do
    356. 

  356.       expect(user).to have_attributes(disabled: false)
    357. 

  357.     end
    358. 

  358.   end
    359. 

  359. 

  360.   describe '#reset_password!' do
    361. 

  361.     subject(:user) { Fabricate(:user, password: 'foobar12345') }
    362. 

  362. 

  363.     let!(:session_activation) { Fabricate(:session_activation, user: user) }
    364. 

  364.     let!(:access_token) { Fabricate(:access_token, resource_owner_id: user.id) }
    365. 

  365.     let!(:web_push_subscription) { Fabricate(:web_push_subscription, access_token: access_token) }
    366. 

  366. 

  367.     before do
    368. 

  368.       user.reset_password!
    369. 

  369.     end
    370. 

  370. 

  371.     it 'changes the password immediately' do
    372. 

  372.       expect(user.external_or_valid_password?('foobar12345')).to be false
    373. 

  373.     end
    374. 

  374. 

  375.     it 'deactivates all sessions' do
    376. 

  376.       expect(user.session_activations.count).to eq 0
    377. 

  377.     end
    378. 

  378. 

  379.     it 'revokes all access tokens' do
    380. 

  380.       expect(Doorkeeper::AccessToken.active_for(user).count).to eq 0
    381. 

  381.     end
    382. 

  382. 

  383.     it 'removes push subscriptions' do
    384. 

  384.       expect(Web::PushSubscription.where(user: user).or(Web::PushSubscription.where(access_token: access_token)).count).to eq 0
    385. 

  385.     end
    386. 

  386.   end
    387. 

  387. 

  388.   describe '#confirm!' do
    389. 

  389.     subject(:user) { Fabricate(:user, confirmed_at: confirmed_at) }
    390. 

  390. 

  391.     before do
    392. 

  392.       ActionMailer::Base.deliveries.clear
    393. 

  393.       user.confirm!
    394. 

  394.     end
    395. 

  395. 

  396.     after { ActionMailer::Base.deliveries.clear }
    397. 

  397. 

  398.     context 'when user is new' do
    399. 

  399.       let(:confirmed_at) { nil }
    400. 

  400. 

  401.       it 'confirms user' do
    402. 

  402.         expect(user.confirmed_at).to be_present
    403. 

  403.       end
    404. 

  404. 

  405.       it 'delivers mails' do
    406. 

  406.         expect(ActionMailer::Base.deliveries.count).to eq 2
    407. 

  407.       end
    408. 

  408.     end
    409. 

  409. 

  410.     context 'when user is not new' do
    411. 

  411.       let(:confirmed_at) { Time.zone.now }
    412. 

  412. 

  413.       it 'confirms user' do
    414. 

  414.         expect(user.confirmed_at).to be_present
    415. 

  415.       end
    416. 

  416. 

  417.       it 'does not deliver mail' do
    418. 

  418.         expect(ActionMailer::Base.deliveries.count).to eq 0
    419. 

  419.       end
    420. 

  420.     end
    421. 

  421.   end
    422. 

  422. 

  423.   describe '#promote!' do
    424. 

  424.     subject(:user) { Fabricate(:user, admin: is_admin, moderator: is_moderator) }
    425. 

  425. 

  426.     before do
    427. 

  427.       user.promote!
    428. 

  428.     end
    429. 

  429. 

  430.     context 'when user is an admin' do
    431. 

  431.       let(:is_admin) { true }
    432. 

  432. 

  433.       context 'when user is a moderator' do
    434. 

  434.         let(:is_moderator) { true }
    435. 

  435. 

  436.         it 'changes moderator filed false' do
    437. 

  437.           expect(user).to be_admin
    438. 

  438.           expect(user).not_to be_moderator
    439. 

  439.         end
    440. 

  440.       end
    441. 

  441. 

  442.       context 'when user is not a moderator' do
    443. 

  443.         let(:is_moderator) { false }
    444. 

  444. 

  445.         it 'does not change status' do
    446. 

  446.           expect(user).to be_admin
    447. 

  447.           expect(user).not_to be_moderator
    448. 

  448.         end
    449. 

  449.       end
    450. 

  450.     end
    451. 

  451. 

  452.     context 'when user is not admin' do
    453. 

  453.       let(:is_admin) { false }
    454. 

  454. 

  455.       context 'when user is a moderator' do
    456. 

  456.         let(:is_moderator) { true }
    457. 

  457. 

  458.         it 'changes user into an admin' do
    459. 

  459.           expect(user).to be_admin
    460. 

  460.           expect(user).not_to be_moderator
    461. 

  461.         end
    462. 

  462.       end
    463. 

  463. 

  464.       context 'when user is not a moderator' do
    465. 

  465.         let(:is_moderator) { false }
    466. 

  466. 

  467.         it 'changes user into a moderator' do
    468. 

  468.           expect(user).not_to be_admin
    469. 

  469.           expect(user).to be_moderator
    470. 

  470.         end
    471. 

  471.       end
    472. 

  472.     end
    473. 

  473.   end
    474. 

  474. 

  475.   describe '#demote!' do
    476. 

  476.     subject(:user) { Fabricate(:user, admin: admin, moderator: moderator) }
    477. 

  477. 

  478.     before do
    479. 

  479.       user.demote!
    480. 

  480.     end
    481. 

  481. 

  482.     context 'when user is an admin' do
    483. 

  483.       let(:admin) { true }
    484. 

  484. 

  485.       context 'when user is a moderator' do
    486. 

  486.         let(:moderator) { true }
    487. 

  487. 

  488.         it 'changes user into a moderator' do
    489. 

  489.           expect(user).not_to be_admin
    490. 

  490.           expect(user).to be_moderator
    491. 

  491.         end
    492. 

  492.       end
    493. 

  493. 

  494.       context 'when user is not a moderator' do
    495. 

  495.         let(:moderator) { false }
    496. 

  496. 

  497.         it 'changes user into a moderator' do
    498. 

  498.           expect(user).not_to be_admin
    499. 

  499.           expect(user).to be_moderator
    500. 

  500.         end
    501. 

  501.       end
    502. 

  502.     end
    503. 

  503. 

  504.     context 'when user is not an admin' do
    505. 

  505.       let(:admin) { false }
    506. 

  506. 

  507.       context 'when user is a moderator' do
    508. 

  508.         let(:moderator) { true }
    509. 

  509. 

  510.         it 'changes user into a plain user' do
    511. 

  511.           expect(user).not_to be_admin
    512. 

  512.           expect(user).not_to be_moderator
    513. 

  513.         end
    514. 

  514.       end
    515. 

  515. 

  516.       context 'when user is not a moderator' do
    517. 

  517.         let(:moderator) { false }
    518. 

  518. 

  519.         it 'does not change any fields' do
    520. 

  520.           expect(user).not_to be_admin
    521. 

  521.           expect(user).not_to be_moderator
    522. 

  522.         end
    523. 

  523.       end
    524. 

  524.     end
    525. 

  525.   end
    526. 

  526. 

  527.   describe '#active_for_authentication?' do
    528. 

  528.     subject { user.active_for_authentication? }
    529. 

  529.     let(:user) { Fabricate(:user, disabled: disabled, confirmed_at: confirmed_at) }
    530. 

  530. 

  531.     context 'when user is disabled' do
    532. 

  532.       let(:disabled) { true }
    533. 

  533. 

  534.       context 'when user is confirmed' do
    535. 

  535.         let(:confirmed_at) { Time.zone.now }
    536. 

  536. 

  537.         it { is_expected.to be true }
    538. 

  538.       end
    539. 

  539. 

  540.       context 'when user is not confirmed' do
    541. 

  541.         let(:confirmed_at) { nil }
    542. 

  542. 

  543.         it { is_expected.to be true }
    544. 

  544.       end
    545. 

  545.     end
    546. 

  546. 

  547.     context 'when user is not disabled' do
    548. 

  548.       let(:disabled) { false }
    549. 

  549. 

  550.       context 'when user is confirmed' do
    551. 

  551.         let(:confirmed_at) { Time.zone.now }
    552. 

  552. 

  553.         it { is_expected.to be true }
    554. 

  554.       end
    555. 

  555. 

  556.       context 'when user is not confirmed' do
    557. 

  557.         let(:confirmed_at) { nil }
    558. 

  558. 

  559.         it { is_expected.to be true }
    560. 

  560.       end
    561. 

  561.     end
    562. 

  562.   end
    563. 

  563. end
    564.