test/unit/user_test.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

require 'test_helper'

class UserTest < ActiveSupport::TestCase

  include SRP::Util
  setup do
    InviteCodeValidator.any_instance.stubs(:validate)
    @user = FactoryBot.build(:user)
  end

  test "don't find a user with login nil" do
    @user.save
    assert_nil User.find_by_login(nil)
  end

  test "design docs in database are authorative" do
    assert !User.design_doc.auto_update,
      "Automatic update of design docs should be disabled"
  end

  test "test set of attributes should be valid" do
    @user.valid?
    assert_equal Hash.new, @user.errors.messages
  end

  test "test require hex for password_verifier" do
    @user.password_verifier = "QWER"
    assert !@user.valid?
  end

  test "validates hex for recovery_code_verifier" do
    @user.recovery_code_verifier = "1234567abcdef"
    assert @user.valid?
  end

  test "validates recovery_code_verifier with non hex chars" do
    @user.recovery_code_verifier = "gkpq"
    assert !@user.valid?
  end

  test "test require alphanumerical for login" do
    @user.login = "qw#r"
    assert !@user.valid?
  end

  test "verifier returns number for the hex in password_verifier" do
    assert_equal @user.password_verifier.hex, @user.verifier
  end

  test "salt returns number for the hex in password_salt" do
    assert_equal @user.password_salt.hex, @user.salt
  end

  test 'normal user is no admin' do
    assert !@user.is_admin?
  end

  test 'user with login in APP_CONFIG is an admin' do
    admin_login = APP_CONFIG['admins'].first
    @user.login = admin_login
    assert @user.is_admin?
  end

  test "login needs to be unique" do
    other_user = FactoryBot.create :user, login: @user.login
    assert !@user.valid?
    other_user.destroy
  end

  test "login needs to be unique amongst aliases" do
    other_user = FactoryBot.create :user
    id = Identity.create_for other_user, address: @user.login
    assert !@user.valid?
    id.destroy
    other_user.destroy
  end

  test "deprecated public key api still works" do
    key = SecureRandom.base64(4096)
    @user.public_key = key
    assert_equal key, @user.public_key
  end

  test "user to hash includes id, login, valid and enabled" do
    hash = @user.to_hash
    assert_nil @user.id
    assert_nil hash[:id]
    assert_equal @user.valid?, hash[:ok]
    assert_equal @user.login, hash[:login]
    assert_equal @user.enabled?, hash[:enabled]
  end


  #
  ## Regression tests
  #
  test "make sure valid does not crash" do
    assert !User.new.valid?
  end

end