From 0ac511a31a6652ab00bbc765079b1c56128b191f Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Thu, 24 Mar 2016 09:03:30 +0100
Subject: split up integration account test

AccountLivecycleTest -> CRUD accounts
SecurityTest -> security specific tests
AdminTest -> admin specific tests
---
 test/integration/browser/account_livecycle_test.rb | 114 +++++++++++++++++++++
 1 file changed, 114 insertions(+)
 create mode 100644 test/integration/browser/account_livecycle_test.rb

(limited to 'test/integration/browser/account_livecycle_test.rb')

diff --git a/test/integration/browser/account_livecycle_test.rb b/test/integration/browser/account_livecycle_test.rb
new file mode 100644
index 0000000..604f456
--- /dev/null
+++ b/test/integration/browser/account_livecycle_test.rb
@@ -0,0 +1,114 @@
+require 'test_helper'
+
+class AccountLivecycleTest < BrowserIntegrationTest
+
+  teardown do
+    Identity.destroy_all_orphaned
+  end
+
+  test "signup successfully when invited" do
+    username, password = submit_signup
+    assert page.has_content?("Welcome #{username}")
+    click_on 'Log Out'
+    assert page.has_content?("Log In")
+    assert_equal '/', current_path
+    assert user = User.find_by_login(username)
+    user.account.destroy
+  end
+
+  test "signup successfully without invitation" do
+    with_config invite_required: false do
+
+      username ||= "test_#{SecureRandom.urlsafe_base64}".downcase
+      password ||= SecureRandom.base64
+
+      visit '/users/new'
+      fill_in 'Username', with: username
+      fill_in 'Password', with: password
+      fill_in 'Password confirmation', with: password
+      click_on 'Sign Up'
+
+      assert page.has_content?("Welcome #{username}")
+    end
+  end
+
+  test "signup with username ending in dot json" do
+    username = Faker::Internet.user_name + '.json'
+    submit_signup username
+    assert page.has_content?("Welcome #{username}")
+  end
+
+  test "signup with reserved username" do
+    username = 'certmaster'
+    submit_signup username
+    assert page.has_content?("is reserved.")
+  end
+
+  test "successful login" do
+    username, password = submit_signup
+    click_on 'Log Out'
+    attempt_login(username, password)
+    assert page.has_content?("Welcome #{username}")
+    within('.sidenav li.active') do
+      assert page.has_content?("Overview")
+    end
+    User.find_by_login(username).account.destroy
+  end
+
+  test "failed login" do
+    visit '/'
+    attempt_login("username", "wrong password")
+    assert_invalid_login(page)
+  end
+
+  test "account destruction" do
+    username, password = submit_signup
+
+    click_on I18n.t('account_settings')
+    click_on I18n.t('destroy_my_account')
+    assert page.has_content?(I18n.t('account_destroyed'))
+    assert_equal 1, Identity.by_address.key("#{username}@test.me").count
+    attempt_login(username, password)
+    assert_invalid_login(page)
+  end
+
+  test "handle blocked after account destruction" do
+    username, password = submit_signup
+    click_on I18n.t('account_settings')
+    click_on I18n.t('destroy_my_account')
+    submit_signup(username)
+    assert page.has_content?('has already been taken')
+  end
+
+  test "change pgp key" do
+    with_config user_actions: ['change_pgp_key'] do
+      pgp_key = FactoryGirl.build :pgp_key
+      login
+      click_on "Account Settings"
+      within('#update_pgp_key') do
+        fill_in 'Public key', with: pgp_key
+        click_on 'Save'
+      end
+      page.assert_selector 'input[value="Saving..."]'
+      # at some point we're done:
+      page.assert_no_selector 'input[value="Saving..."]'
+      assert page.has_field? 'Public key', with: pgp_key.to_s
+      @user.reload
+      assert_equal pgp_key, @user.public_key
+    end
+  end
+
+  def attempt_login(username, password)
+    click_on 'Log In'
+    fill_in 'Username', with: username
+    fill_in 'Password', with: password
+    click_on 'Log In'
+  end
+
+  def assert_invalid_login(page)
+    assert page.has_selector? '.btn-primary.disabled'
+    assert page.has_content? I18n.t(:invalid_user_pass)
+    assert page.has_no_selector? '.btn-primary.disabled'
+  end
+
+end
-- 
cgit v1.2.3


From f47fc9d6522886cf81cfea26ec1f396219c539ba Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Mon, 23 May 2016 12:17:31 +0200
Subject: move signup from users to account_controller

There was a lot of special case handling going on in the users_controller
for this. Lot simpler this way.
---
 test/integration/browser/account_livecycle_test.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'test/integration/browser/account_livecycle_test.rb')

diff --git a/test/integration/browser/account_livecycle_test.rb b/test/integration/browser/account_livecycle_test.rb
index 604f456..85dbf13 100644
--- a/test/integration/browser/account_livecycle_test.rb
+++ b/test/integration/browser/account_livecycle_test.rb
@@ -22,7 +22,7 @@ class AccountLivecycleTest < BrowserIntegrationTest
       username ||= "test_#{SecureRandom.urlsafe_base64}".downcase
       password ||= SecureRandom.base64
 
-      visit '/users/new'
+      visit '/signup'
       fill_in 'Username', with: username
       fill_in 'Password', with: password
       fill_in 'Password confirmation', with: password
-- 
cgit v1.2.3