summaryrefslogtreecommitdiff
path: root/test/integration/browser/account_livecycle_test.rb
blob: cfab44492b6879622c4b59e5a70fd3b6de1042e9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
require 'test_helper'

class AccountLivecycleTest < BrowserIntegrationTest

  include ActionView::Helpers::SanitizeHelper

  teardown do
    Identity.destroy_all_orphaned
  end

  test "signup successfully when invited" do
    username, password = submit_signup
    assert_successful_login username
    click_on 'Log Out'
    assert page.has_content?("Log In")
    assert_equal '/', current_path
    assert user = User.find_by_login(username)
    user.account.destroy
  end

  test "signup successfully without invitation" do
    with_config invite_required: false do

      username ||= "test_#{SecureRandom.urlsafe_base64}".downcase
      password ||= SecureRandom.base64

      visit '/signup'
      fill_in 'Username', with: username
      fill_in 'Password', with: password, match: :prefer_exact
      fill_in 'Password confirmation', with: password
      click_on 'Sign Up'

      assert_successful_login username
    end
  end

  test "signup with username ending in dot json" do
    username = Faker::Internet.user_name + '.json'
    submit_signup username
    assert_successful_login username
  end

  test "signup with reserved username" do
    username = 'certmaster'
    submit_signup username
    assert page.has_content?("is reserved.")
  end

  test "successful login" do
    username, password = submit_signup
    click_on 'Log Out'
    attempt_login(username, password)
    assert_successful_login username
    within('.sidenav li.active') do
      assert page.has_content?("Overview")
    end
    User.find_by_login(username).account.destroy
  end

  test "failed login" do
    visit '/'
    attempt_login("username", "wrong password")
    assert_invalid_login(page)
  end

  test "account destruction" do
    username, password = submit_signup

    click_on I18n.t('account_settings')
    click_on I18n.t('destroy_my_account')
    assert page.has_content?(I18n.t('account_destroyed'))
    assert_equal 1, Identity.by_address.key("#{username}@test.me").count
    attempt_login(username, password)
    assert_invalid_login(page)
  end

  test "handle blocked after account destruction" do
    username, password = submit_signup
    click_on I18n.t('account_settings')
    click_on I18n.t('destroy_my_account')
    submit_signup(username)
    assert page.has_content?('has already been taken')
  end

  test "handle available after non blocking account destruction" do
    username, password = submit_signup
    click_on I18n.t('account_settings')
    uncheck I18n.t('keep_username_blocked')
    click_on I18n.t('destroy_my_account')
    submit_signup(username)
    assert_successful_login username
  end

  test "change pgp key" do
    with_config user_actions: ['change_pgp_key'] do
      pgp_key = FactoryGirl.build :pgp_key
      username, _password = submit_signup
      click_on "Account Settings"
      within('#update_pgp_key') do
        fill_in 'Public key', with: pgp_key
        click_on 'Save'
      end
      page.assert_selector 'input[value="Saving..."]'
      # at some point we're done:
      page.assert_no_selector 'input[value="Saving..."]'
      assert page.has_field? 'Public key', with: pgp_key.to_s
      assert_equal pgp_key, User.find_by_login(username).public_key
    end
  end

  def attempt_login(username, password)
    click_on 'Log In'
    fill_in 'Username', with: username
    fill_in 'Password', with: password
    click_on 'Log In'
  end

  def assert_invalid_login(page)
    assert page.has_selector? '.btn-primary.disabled'
    assert page.has_content? sanitize(I18n.t(:invalid_user_pass), tags: [])
    assert page.has_no_selector? '.btn-primary.disabled'
  end

  def assert_successful_login(username)
    assert page.has_content?("Welcome #{username}")
  end
end