1 # redMine - project management software
2 # Copyright (C) 2006 Jean-Philippe Lang
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 require File.dirname(__FILE__) + '/../test_helper'
20 class UserTest < ActiveSupport::TestCase
21 fixtures :users, :members, :projects, :roles, :member_roles, :auth_sources
25 @jsmith = User.find(2)
26 @dlopper = User.find(3)
29 test 'object_daddy creation' do
30 User.generate_with_protected!(:firstname => 'Testing connection')
31 User.generate_with_protected!(:firstname => 'Testing connection')
32 assert_equal 2, User.count(:all, :conditions => {:firstname => 'Testing connection'})
36 assert_kind_of User, @jsmith
39 def test_mail_should_be_stripped
41 u.mail = " foo@bar.com "
42 assert_equal "foo@bar.com", u.mail
46 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
49 user.password, user.password_confirmation = "password", "password"
52 assert_equal 1, user.errors.count
54 user.login = "newuser"
55 user.password, user.password_confirmation = "passwd", "password"
56 # password confirmation
58 assert_equal 1, user.errors.count
60 user.password, user.password_confirmation = "password", "password"
64 context "User.login" do
65 should "be case-insensitive." do
66 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
68 u.password, u.password_confirmation = "password", "password"
71 u = User.new(:firstname => "Similar", :lastname => "User", :mail => "similaruser@somenet.foo")
73 u.password, u.password_confirmation = "password", "password"
75 assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:login)
79 def test_mail_uniqueness_should_not_be_case_sensitive
80 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
82 u.password, u.password_confirmation = "password", "password"
85 u = User.new(:firstname => "new", :lastname => "user", :mail => "newUser@Somenet.foo")
87 u.password, u.password_confirmation = "password", "password"
89 assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:mail)
93 assert_equal "admin", @admin.login
95 assert @admin.save, @admin.errors.full_messages.join("; ")
97 assert_equal "john", @admin.login
102 assert_nil User.find_by_id(2)
103 assert Member.find_all_by_user_id(2).empty?
109 assert_equal 1, @admin.errors.count
112 context "User#try_to_login" do
113 should "fall-back to case-insensitive if user login is not found as-typed." do
114 user = User.try_to_login("AdMin", "admin")
115 assert_kind_of User, user
116 assert_equal "admin", user.login
119 should "select the exact matching user first" do
120 case_sensitive_user = User.generate_with_protected!(:login => 'changed', :password => 'admin', :password_confirmation => 'admin')
121 # bypass validations to make it appear like existing data
122 case_sensitive_user.update_attribute(:login, 'ADMIN')
124 user = User.try_to_login("ADMIN", "admin")
125 assert_kind_of User, user
126 assert_equal "ADMIN", user.login
132 user = User.try_to_login("admin", "admin")
133 assert_kind_of User, user
134 assert_equal "admin", user.login
135 user.password = "hello"
138 user = User.try_to_login("admin", "hello")
139 assert_kind_of User, user
140 assert_equal "admin", user.login
141 assert_equal User.hash_password("hello"), user.hashed_password
145 assert_equal 'Smith, John', @jsmith.name(:lastname_coma_firstname)
146 Setting.user_format = :firstname_lastname
147 assert_equal 'John Smith', @jsmith.reload.name
148 Setting.user_format = :username
149 assert_equal 'jsmith', @jsmith.reload.name
153 user = User.try_to_login("jsmith", "jsmith")
154 assert_equal @jsmith, user
156 @jsmith.status = User::STATUS_LOCKED
159 user = User.try_to_login("jsmith", "jsmith")
160 assert_equal nil, user
164 context "#try_to_login using LDAP" do
165 context "with failed connection to the LDAP server" do
166 should "return nil" do
167 @auth_source = AuthSourceLdap.find(1)
168 AuthSource.any_instance.stubs(:initialize_ldap_con).raises(Net::LDAP::LdapError, 'Cannot connect')
170 assert_equal nil, User.try_to_login('edavis', 'wrong')
174 context "with an unsuccessful authentication" do
175 should "return nil" do
176 assert_equal nil, User.try_to_login('edavis', 'wrong')
180 context "on the fly registration" do
182 @auth_source = AuthSourceLdap.find(1)
185 context "with a successful authentication" do
186 should "create a new user account if it doesn't exist" do
187 assert_difference('User.count') do
188 user = User.try_to_login('edavis', '123456')
193 should "retrieve existing user" do
194 user = User.try_to_login('edavis', '123456')
198 assert_no_difference('User.count') do
199 user = User.try_to_login('edavis', '123456')
208 puts "Skipping LDAP tests."
211 def test_create_anonymous
212 AnonymousUser.delete_all
213 anon = User.anonymous
214 assert !anon.new_record?
215 assert_kind_of AnonymousUser, anon
218 should_have_one :rss_token
221 assert_nil @jsmith.rss_token
222 key = @jsmith.rss_key
223 assert_equal 40, key.length
226 assert_equal key, @jsmith.rss_key
230 should_have_one :api_token
232 context "User#api_key" do
233 should "generate a new one if the user doesn't have one" do
234 user = User.generate_with_protected!(:api_token => nil)
235 assert_nil user.api_token
238 assert_equal 40, key.length
240 assert_equal key, user.api_key
243 should "return the existing api token value" do
244 user = User.generate_with_protected!
245 token = Token.generate!(:action => 'api')
246 user.api_token = token
249 assert_equal token.value, user.api_key
253 context "User#find_by_api_key" do
254 should "return nil if no matching key is found" do
255 assert_nil User.find_by_api_key('zzzzzzzzz')
258 should "return nil if the key is found for an inactive user" do
259 user = User.generate_with_protected!(:status => User::STATUS_LOCKED)
260 token = Token.generate!(:action => 'api')
261 user.api_token = token
264 assert_nil User.find_by_api_key(token.value)
267 should "return the user if the key is found for an active user" do
268 user = User.generate_with_protected!(:status => User::STATUS_ACTIVE)
269 token = Token.generate!(:action => 'api')
270 user.api_token = token
273 assert_equal user, User.find_by_api_key(token.value)
277 def test_roles_for_project
279 roles = @jsmith.roles_for_project(Project.find(1))
280 assert_kind_of Role, roles.first
281 assert_equal "Manager", roles.first.name
284 assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?}
287 def test_mail_notification_all
288 @jsmith.mail_notification = true
289 @jsmith.notified_project_ids = []
292 assert @jsmith.projects.first.recipients.include?(@jsmith.mail)
295 def test_mail_notification_selected
296 @jsmith.mail_notification = false
297 @jsmith.notified_project_ids = [1]
300 assert Project.find(1).recipients.include?(@jsmith.mail)
303 def test_mail_notification_none
304 @jsmith.mail_notification = false
305 @jsmith.notified_project_ids = []
308 assert !@jsmith.projects.first.recipients.include?(@jsmith.mail)
311 def test_comments_sorting_preference
312 assert !@jsmith.wants_comments_in_reverse_order?
313 @jsmith.pref.comments_sorting = 'asc'
314 assert !@jsmith.wants_comments_in_reverse_order?
315 @jsmith.pref.comments_sorting = 'desc'
316 assert @jsmith.wants_comments_in_reverse_order?
319 def test_find_by_mail_should_be_case_insensitive
320 u = User.find_by_mail('JSmith@somenet.foo')
322 assert_equal 'jsmith@somenet.foo', u.mail
325 def test_random_password
328 assert !u.password.blank?
329 assert !u.password_confirmation.blank?
332 context "#change_password_allowed?" do
333 should "be allowed if no auth source is set" do
334 user = User.generate_with_protected!
335 assert user.change_password_allowed?
338 should "delegate to the auth source" do
339 user = User.generate_with_protected!
341 allowed_auth_source = AuthSource.generate!
342 def allowed_auth_source.allow_password_changes?; true; end
344 denied_auth_source = AuthSource.generate!
345 def denied_auth_source.allow_password_changes?; false; end
347 assert user.change_password_allowed?
349 user.auth_source = allowed_auth_source
350 assert user.change_password_allowed?, "User not allowed to change password, though auth source does"
352 user.auth_source = denied_auth_source
353 assert !user.change_password_allowed?, "User allowed to change password, though auth source does not"
358 context "#allowed_to?" do
359 context "with a unique project" do
360 should "return false if project is archived" do
361 project = Project.find(1)
362 Project.any_instance.stubs(:status).returns(Project::STATUS_ARCHIVED)
363 assert ! @admin.allowed_to?(:view_issues, Project.find(1))
366 should "return false if related module is disabled" do
367 project = Project.find(1)
368 project.enabled_module_names = ["issue_tracking"]
369 assert @admin.allowed_to?(:add_issues, project)
370 assert ! @admin.allowed_to?(:view_wiki_pages, project)
373 should "authorize nearly everything for admin users" do
374 project = Project.find(1)
375 assert ! @admin.member_of?(project)
376 %w(edit_issues delete_issues manage_news manage_documents manage_wiki).each do |p|
377 assert @admin.allowed_to?(p.to_sym, project)
381 should "authorize normal users depending on their roles" do
382 project = Project.find(1)
383 assert @jsmith.allowed_to?(:delete_messages, project) #Manager
384 assert ! @dlopper.allowed_to?(:delete_messages, project) #Developper
388 context "with options[:global]" do
389 should "authorize if user has at least one role that has this permission" do
390 @dlopper2 = User.find(5) #only Developper on a project, not Manager anywhere
391 @anonymous = User.find(6)
392 assert @jsmith.allowed_to?(:delete_issue_watchers, nil, :global => true)
393 assert ! @dlopper2.allowed_to?(:delete_issue_watchers, nil, :global => true)
394 assert @dlopper2.allowed_to?(:add_issues, nil, :global => true)
395 assert ! @anonymous.allowed_to?(:add_issues, nil, :global => true)
396 assert @anonymous.allowed_to?(:view_issues, nil, :global => true)
401 if Object.const_defined?(:OpenID)
403 def test_setting_identity_url
404 normalized_open_id_url = 'http://example.com/'
405 u = User.new( :identity_url => 'http://example.com/' )
406 assert_equal normalized_open_id_url, u.identity_url
409 def test_setting_identity_url_without_trailing_slash
410 normalized_open_id_url = 'http://example.com/'
411 u = User.new( :identity_url => 'http://example.com' )
412 assert_equal normalized_open_id_url, u.identity_url
415 def test_setting_identity_url_without_protocol
416 normalized_open_id_url = 'http://example.com/'
417 u = User.new( :identity_url => 'example.com' )
418 assert_equal normalized_open_id_url, u.identity_url
421 def test_setting_blank_identity_url
422 u = User.new( :identity_url => 'example.com' )
424 assert u.identity_url.blank?
427 def test_setting_invalid_identity_url
428 u = User.new( :identity_url => 'this is not an openid url' )
429 assert u.identity_url.blank?
433 puts "Skipping openid tests."