registrations_controller_spec.rb 7.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255
  1. require 'rails_helper'
  2. RSpec.describe Auth::RegistrationsController, type: :controller do
  3. render_views
  4. shared_examples 'checks for enabled registrations' do |path|
  5. around do |example|
  6. registrations_mode = Setting.registrations_mode
  7. example.run
  8. Setting.registrations_mode = registrations_mode
  9. end
  10. it 'redirects if it is in single user mode while it is open for registration' do
  11. Fabricate(:account)
  12. Setting.registrations_mode = 'open'
  13. expect(Rails.configuration.x).to receive(:single_user_mode).and_return(true)
  14. get path
  15. expect(response).to redirect_to '/'
  16. end
  17. it 'redirects if it is not open for registration while it is not in single user mode' do
  18. Setting.registrations_mode = 'none'
  19. expect(Rails.configuration.x).to receive(:single_user_mode).and_return(false)
  20. get path
  21. expect(response).to redirect_to '/'
  22. end
  23. end
  24. describe 'GET #edit' do
  25. it 'returns http success' do
  26. request.env["devise.mapping"] = Devise.mappings[:user]
  27. sign_in(Fabricate(:user))
  28. get :edit
  29. expect(response).to have_http_status(200)
  30. end
  31. end
  32. describe 'GET #update' do
  33. it 'returns http success' do
  34. request.env["devise.mapping"] = Devise.mappings[:user]
  35. sign_in(Fabricate(:user), scope: :user)
  36. post :update
  37. expect(response).to have_http_status(200)
  38. end
  39. context 'when suspended' do
  40. it 'returns http forbidden' do
  41. request.env["devise.mapping"] = Devise.mappings[:user]
  42. sign_in(Fabricate(:user, account_attributes: { username: 'test', suspended_at: Time.now.utc }), scope: :user)
  43. post :update
  44. expect(response).to have_http_status(403)
  45. end
  46. end
  47. end
  48. describe 'GET #new' do
  49. before do
  50. request.env["devise.mapping"] = Devise.mappings[:user]
  51. end
  52. context do
  53. around do |example|
  54. registrations_mode = Setting.registrations_mode
  55. example.run
  56. Setting.registrations_mode = registrations_mode
  57. end
  58. it 'returns http success' do
  59. Setting.registrations_mode = 'open'
  60. get :new
  61. expect(response).to have_http_status(200)
  62. end
  63. end
  64. include_examples 'checks for enabled registrations', :new
  65. end
  66. describe 'POST #create' do
  67. let(:accept_language) { Rails.application.config.i18n.available_locales.sample.to_s }
  68. before do
  69. session[:registration_form_time] = 5.seconds.ago
  70. end
  71. around do |example|
  72. current_locale = I18n.locale
  73. example.run
  74. I18n.locale = current_locale
  75. end
  76. before { request.env["devise.mapping"] = Devise.mappings[:user] }
  77. context do
  78. around do |example|
  79. registrations_mode = Setting.registrations_mode
  80. example.run
  81. Setting.registrations_mode = registrations_mode
  82. end
  83. subject do
  84. Setting.registrations_mode = 'open'
  85. request.headers["Accept-Language"] = accept_language
  86. post :create, params: { user: { account_attributes: { username: 'test' }, email: 'test@example.com', password: '12345678', password_confirmation: '12345678', agreement: 'true' } }
  87. end
  88. it 'redirects to setup' do
  89. subject
  90. expect(response).to redirect_to auth_setup_path
  91. end
  92. it 'creates user' do
  93. subject
  94. user = User.find_by(email: 'test@example.com')
  95. expect(user).to_not be_nil
  96. expect(user.locale).to eq(accept_language)
  97. end
  98. end
  99. context 'when user has not agreed to terms of service' do
  100. around do |example|
  101. registrations_mode = Setting.registrations_mode
  102. example.run
  103. Setting.registrations_mode = registrations_mode
  104. end
  105. subject do
  106. Setting.registrations_mode = 'open'
  107. request.headers["Accept-Language"] = accept_language
  108. post :create, params: { user: { account_attributes: { username: 'test' }, email: 'test@example.com', password: '12345678', password_confirmation: '12345678', agreement: 'false' } }
  109. end
  110. it 'does not create user' do
  111. subject
  112. user = User.find_by(email: 'test@example.com')
  113. expect(user).to be_nil
  114. end
  115. end
  116. context 'approval-based registrations without invite' do
  117. around do |example|
  118. registrations_mode = Setting.registrations_mode
  119. example.run
  120. Setting.registrations_mode = registrations_mode
  121. end
  122. subject do
  123. Setting.registrations_mode = 'approved'
  124. request.headers["Accept-Language"] = accept_language
  125. post :create, params: { user: { account_attributes: { username: 'test' }, email: 'test@example.com', password: '12345678', password_confirmation: '12345678', agreement: 'true' } }
  126. end
  127. it 'redirects to setup' do
  128. subject
  129. expect(response).to redirect_to auth_setup_path
  130. end
  131. it 'creates user' do
  132. subject
  133. user = User.find_by(email: 'test@example.com')
  134. expect(user).to_not be_nil
  135. expect(user.locale).to eq(accept_language)
  136. expect(user.approved).to eq(false)
  137. end
  138. end
  139. context 'approval-based registrations with expired invite' do
  140. around do |example|
  141. registrations_mode = Setting.registrations_mode
  142. example.run
  143. Setting.registrations_mode = registrations_mode
  144. end
  145. subject do
  146. Setting.registrations_mode = 'approved'
  147. request.headers["Accept-Language"] = accept_language
  148. invite = Fabricate(:invite, max_uses: nil, expires_at: 1.hour.ago)
  149. post :create, params: { user: { account_attributes: { username: 'test' }, email: 'test@example.com', password: '12345678', password_confirmation: '12345678', 'invite_code': invite.code, agreement: 'true' } }
  150. end
  151. it 'redirects to setup' do
  152. subject
  153. expect(response).to redirect_to auth_setup_path
  154. end
  155. it 'creates user' do
  156. subject
  157. user = User.find_by(email: 'test@example.com')
  158. expect(user).to_not be_nil
  159. expect(user.locale).to eq(accept_language)
  160. expect(user.approved).to eq(false)
  161. end
  162. end
  163. context 'approval-based registrations with valid invite and required invite text' do
  164. around do |example|
  165. registrations_mode = Setting.registrations_mode
  166. require_invite_text = Setting.require_invite_text
  167. example.run
  168. Setting.require_invite_text = require_invite_text
  169. Setting.registrations_mode = registrations_mode
  170. end
  171. subject do
  172. inviter = Fabricate(:user, confirmed_at: 2.days.ago)
  173. Setting.registrations_mode = 'approved'
  174. Setting.require_invite_text = true
  175. request.headers["Accept-Language"] = accept_language
  176. invite = Fabricate(:invite, user: inviter, max_uses: nil, expires_at: 1.hour.from_now)
  177. post :create, params: { user: { account_attributes: { username: 'test' }, email: 'test@example.com', password: '12345678', password_confirmation: '12345678', 'invite_code': invite.code, agreement: 'true' } }
  178. end
  179. it 'redirects to setup' do
  180. subject
  181. expect(response).to redirect_to auth_setup_path
  182. end
  183. it 'creates user' do
  184. subject
  185. user = User.find_by(email: 'test@example.com')
  186. expect(user).to_not be_nil
  187. expect(user.locale).to eq(accept_language)
  188. expect(user.approved).to eq(true)
  189. end
  190. end
  191. it 'does nothing if user already exists' do
  192. Fabricate(:account, username: 'test')
  193. subject
  194. end
  195. include_examples 'checks for enabled registrations', :create
  196. end
  197. describe 'DELETE #destroy' do
  198. let(:user) { Fabricate(:user) }
  199. before do
  200. request.env['devise.mapping'] = Devise.mappings[:user]
  201. sign_in(user, scope: :user)
  202. delete :destroy
  203. end
  204. it 'returns http not found' do
  205. expect(response).to have_http_status(:not_found)
  206. end
  207. it 'does not delete user' do
  208. expect(User.find(user.id)).to_not be_nil
  209. end
  210. end
  211. end