captcha_spec.rb 1.7 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546
  1. # frozen_string_literal: true
  2. require 'rails_helper'
  3. RSpec.describe 'email confirmation flow when captcha is enabled' do
  4. let(:user) { Fabricate(:user, confirmed_at: nil, confirmation_token: 'foobar', created_by_application: client_app) }
  5. let(:client_app) { nil }
  6. before do
  7. allow(Auth::ConfirmationsController).to receive(:new).and_return(stubbed_controller)
  8. end
  9. context 'when the user signed up through an app' do
  10. let(:client_app) { Fabricate(:application) }
  11. it 'logs in' do
  12. visit "/auth/confirmation?confirmation_token=#{user.confirmation_token}&redirect_to_app=true"
  13. # It presents the user with a captcha form
  14. expect(page).to have_title(I18n.t('auth.captcha_confirmation.title'))
  15. # It redirects to app and confirms user
  16. expect { click_on I18n.t('challenge.confirm') }
  17. .to change { user.reload.confirmed? }.from(false).to(true)
  18. expect(page).to have_current_path(/\A#{client_app.confirmation_redirect_uri}/, url: true)
  19. # Browsers will generally reload the original page upon redirection
  20. # to external handlers, so test this as well
  21. visit "/auth/confirmation?confirmation_token=#{user.confirmation_token}&redirect_to_app=true"
  22. # It presents a page with a link to the app callback
  23. expect(page)
  24. .to have_content(I18n.t('auth.confirmations.registration_complete', domain: 'cb6e6126.ngrok.io'))
  25. .and have_link(I18n.t('auth.confirmations.clicking_this_link'), href: client_app.confirmation_redirect_uri)
  26. end
  27. end
  28. private
  29. def stubbed_controller
  30. Auth::ConfirmationsController.new.tap do |controller|
  31. allow(controller).to receive_messages(captcha_enabled?: true, check_captcha!: true, render_captcha: nil)
  32. end
  33. end
  34. end