forked from External/greenlight
Merge v2.6-alpha (#1672)
* GRN2-xx: Switch the relation between users and roles to make queries cleaner and faster (#1299)
* First steps
* Fixes in account creation flow
* Fixed most testcases
* more test fixes
* Fixed more test cases
* Passing tests and rubocop
* Added rake task to remove rooms
* Adding translation (#1510)
* Update _account.html.erb
* Update en.yml
* Fix "for" attribute for label elements (#1488)
Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>
* Fix some issues reported by LGTM (#1478)
* Declare local JavaScript variables (reported by LGTM)
Signed-off-by: Stefan Weil <sw@weilnetz.de>
* Remove unused local JavaScript variable (reported by LGTM)
Signed-off-by: Stefan Weil <sw@weilnetz.de>
* Puma Worker Configuration (#1332)
We noticed that the current default settings perform very poorly under
load. We managed to literally take down Greenlight during a larger event
when people where accessing the landing page for rooms and when doing
some tests, I was more or less able to DoS Greenlight on my own.
This patch adds a default worker configuration which significantly
improves the situation. The small, 4 core machine I was testing on could
handle about thrice the amount of requests.
While the new default configuration should be reasonably well suited for
most deployments, this patch further allows users to easily configure
the worker pool on their own in the environment file.
* Made name and email readonly for no greenlight accounts (#1534)
* Fixed hardcoded string (#1532)
* fixed spelling error that was bugging me :) - sep a rat e (#1535)
Co-authored-by: Dave Lane <dave@oerfoundation.org>
* Improve Server Rooms View (#1524)
* Order rooms by status
* Cleaned up order function
* Now displays Started/Created/Ended
* Added participant count to rooms list
* Fix rake task user:create so that users can be created when terms are present (#1565)
* Changed user create task to always accept terms
* clean up
* More secure room ID (#1451)
* Legal and privpolicy link (#1421)
* add customizable Links to Imprint and Privacy Policy
* fix copy&paste error in spec
* replace "imprint" with "legal" since that is the correct term
* remove german translation of new strings, transifex will take care of them later
* GRN2-295:Refactored update profile and update password (#1591)
* Refactored update profile and update password
* Relowered rubocop settings
* Fixed email sending when not supposed to (#1592)
* Design changes for small screens (#1580)
* now rap for pagination
* Update _subtitle.html.erb
* Update _rooms.html.erb
* Update _recordings.html.erb
* Update _rooms.html.erb
* Update _users.html.erb
* Update cant_create_rooms.html.erb
* Update room.js
* Update edit.html.erb
* Update new.html.erb
* Update cant_create_rooms.html.erb
* Update _sessions.html.erb
* Update _account.html.erb
* Make Greenlight work with Ruby 2.7 (#1560)
Greenlight's failure to start up with Ruby 2.7 seems to be caused by [an
issue in bootsnap](https://github.com/Shopify/bootsnap/issues/258).
Updating that library makes Greenlight work again.
However, there are still a lot of deprecation warnings. But that's
something to deal with separately.
This fixes #1558
* use email input for sign in (#1199)
* use email input for sign in
* use email input for registration
* use email input for invitation
* use email input for account settings
Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>
* Fix Gemfile (#1593)
* Fixed invalid token for password reset (#1632)
* HELP_URL env variable now works as expected (#1636)
* #1372 Fix for long Text in Table + Remove invalid HTML Tag (#1403)
* removed invalid HTML Tag
* removed invalid HTML Tag
* Update _public_recording_row.html.erb
* Update _recording_row.html.erb
* Update _server_recording_row.html.erb
form-inline replaced by own css
* Update _server_room_row.html.erb
* Update _public_recording_row.html.erb
* Update _recording_row.html.erb
* Update _public_recording_row.html.erb
* Update _recordings.html.erb
* Update _rooms.html.erb
* Update main.scss
fix for long text
* Update main.scss
* Update _public_recording_row.html.erb
* Added more validation on profile image (#1644)
* Users who can't create rooms but have shared rooms now have a different view (#1649)
* Revert "Puma Worker Configuration (#1332)" (#1667)
This reverts commit 78ed8d7460.
* Removed html safe from all flash messages (#1668)
* Remove hardcoded guest=true if require mod approval is set (#1669)
* Change random generation for room uid (#1670)
* GRN2-290: Update gems and update to Rails 5.2.4.3 (#1671)
* Update gems and update to Rails 5.2.4.3
* remove gemfile error
Co-authored-by: MrKeksi <mrkeksi@users.noreply.github.com>
Co-authored-by: Florian Weber <fnwbr@users.noreply.github.com>
Co-authored-by: Stefan Weil <sw@weilnetz.de>
Co-authored-by: Lars Kiesow <lkiesow@uos.de>
Co-authored-by: Dave Lane <dave@lane.net.nz>
Co-authored-by: Dave Lane <dave@oerfoundation.org>
Co-authored-by: Henning <hng@users.noreply.github.com>
Co-authored-by: Marcel Waldvogel <marcel@waldvogel.family>
Co-authored-by: Christian Marg <marg@rz.tu-clausthal.de>
Co-authored-by: Klaus <klaus@jsxc.org>
This commit is contained in:
Ahmad Farhat
GitHub
@ -70,7 +70,8 @@ describe AccountActivationsController, type: :controller do
|
||||
it "redirects a pending user to root with a flash" do
|
||||
@user = create(:user, email_verified: false, provider: "greenlight")
|
||||
|
||||
@user.add_role :pending
|
||||
@user.set_role :pending
|
||||
@user.reload
|
||||
|
||||
get :edit, params: { token: @user.create_activation_token }
|
||||
|
||||
|
||||
@ -25,7 +25,7 @@ describe AdminsController, type: :controller do
|
||||
|
||||
@user = create(:user, provider: "provider1")
|
||||
@admin = create(:user, provider: "provider1")
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
end
|
||||
|
||||
describe "User Roles" do
|
||||
@ -78,7 +78,7 @@ describe AdminsController, type: :controller do
|
||||
context "POST #unban" do
|
||||
it "unbans the user from the application" do
|
||||
@request.session[:user_id] = @admin.id
|
||||
@user.add_role :denied
|
||||
@user.set_role :denied
|
||||
|
||||
expect(@user.has_role?(:denied)).to eq(true)
|
||||
|
||||
@ -153,7 +153,7 @@ describe AdminsController, type: :controller do
|
||||
it "approves a pending user" do
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
@user.add_role :pending
|
||||
@user.set_role :pending
|
||||
|
||||
post :approve, params: { user_uid: @user.uid }
|
||||
|
||||
@ -167,7 +167,7 @@ describe AdminsController, type: :controller do
|
||||
it "sends the user an email telling them theyre approved" do
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
@user.add_role :pending
|
||||
@user.set_role :pending
|
||||
params = { user_uid: @user.uid }
|
||||
expect { post :approve, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
|
||||
end
|
||||
@ -245,7 +245,7 @@ describe AdminsController, type: :controller do
|
||||
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_manage_users: true)
|
||||
|
||||
@user2 = create(:user)
|
||||
@user2.add_role(:test)
|
||||
@user2.set_role(:test)
|
||||
|
||||
# Random manage user action test
|
||||
|
||||
@ -266,7 +266,7 @@ describe AdminsController, type: :controller do
|
||||
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_manage_users: false)
|
||||
|
||||
@user2 = create(:user)
|
||||
@user2.add_role(:test)
|
||||
@user2.set_role(:test)
|
||||
|
||||
# Random manage user action test
|
||||
|
||||
@ -299,6 +299,40 @@ describe AdminsController, type: :controller do
|
||||
end
|
||||
end
|
||||
|
||||
context "POST #legal" do
|
||||
it "changes the legal link on the page" do
|
||||
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
|
||||
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
|
||||
|
||||
@request.session[:user_id] = @admin.id
|
||||
fake_url = "example.com"
|
||||
|
||||
post :update_settings, params: { setting: "Legal URL", value: fake_url }
|
||||
|
||||
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Legal URL")
|
||||
|
||||
expect(feature[:value]).to eq(fake_url)
|
||||
expect(response).to redirect_to(admin_site_settings_path)
|
||||
end
|
||||
end
|
||||
|
||||
context "POST #privpolicy" do
|
||||
it "changes the privacy policy on the page" do
|
||||
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
|
||||
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
|
||||
|
||||
@request.session[:user_id] = @admin.id
|
||||
fake_url = "example.com"
|
||||
|
||||
post :update_settings, params: { setting: "Privacy Policy URL", value: fake_url }
|
||||
|
||||
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Privacy Policy URL")
|
||||
|
||||
expect(feature[:value]).to eq(fake_url)
|
||||
expect(response).to redirect_to(admin_site_settings_path)
|
||||
end
|
||||
end
|
||||
|
||||
context "POST #coloring" do
|
||||
it "changes the primary on the page" do
|
||||
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
|
||||
@ -450,7 +484,7 @@ describe AdminsController, type: :controller do
|
||||
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
@admin.add_role :super_admin
|
||||
@admin.set_role :super_admin
|
||||
@admin.update_attribute(:provider, "greenlight")
|
||||
@user2 = create(:user, provider: "provider1")
|
||||
@user3 = create(:user, provider: "provider1")
|
||||
@ -479,7 +513,7 @@ describe AdminsController, type: :controller do
|
||||
it "changes the log level" do
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
@admin.add_role :super_admin
|
||||
@admin.set_role :super_admin
|
||||
|
||||
expect(Rails.logger.level).to eq(0)
|
||||
post :log_level, params: { value: 2 }
|
||||
@ -492,7 +526,7 @@ describe AdminsController, type: :controller do
|
||||
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_edit_site_settings: true)
|
||||
|
||||
@user2 = create(:user)
|
||||
@user2.add_role(:test)
|
||||
@user2.set_role(:test)
|
||||
|
||||
# Random edit site settings action test
|
||||
|
||||
@ -510,7 +544,7 @@ describe AdminsController, type: :controller do
|
||||
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_manage_users: true)
|
||||
|
||||
@user2 = create(:user)
|
||||
@user2.add_role(:test)
|
||||
@user2.set_role(:test)
|
||||
|
||||
# Random edit site settings action test
|
||||
|
||||
@ -610,7 +644,7 @@ describe AdminsController, type: :controller do
|
||||
new_role2 = Role.create_new_role("test2", "provider1")
|
||||
new_role2.update_permission("can_edit_roles", "true")
|
||||
|
||||
@user.roles << new_role2
|
||||
@user.role = new_role2
|
||||
@user.save!
|
||||
|
||||
@request.session[:user_id] = @user.id
|
||||
@ -657,7 +691,7 @@ describe AdminsController, type: :controller do
|
||||
new_role2 = Role.create(name: "test2", priority: 2, provider: "provider1")
|
||||
new_role2.update_permission("can_edit_roles", "true")
|
||||
|
||||
@user.roles << new_role2
|
||||
@user.role = new_role2
|
||||
@user.save!
|
||||
|
||||
@request.session[:user_id] = @user.id
|
||||
@ -743,7 +777,7 @@ describe AdminsController, type: :controller do
|
||||
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_edit_roles: true)
|
||||
|
||||
@user2 = create(:user)
|
||||
@user2.add_role(:test)
|
||||
@user2.set_role(:test)
|
||||
|
||||
# Random edit roles action test
|
||||
|
||||
@ -764,7 +798,7 @@ describe AdminsController, type: :controller do
|
||||
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_manage_users: false)
|
||||
|
||||
@user2 = create(:user)
|
||||
@user2.add_role(:test)
|
||||
@user2.set_role(:test)
|
||||
|
||||
# Random edit roles action test
|
||||
|
||||
|
||||
@ -43,7 +43,7 @@ describe ApplicationController do
|
||||
end
|
||||
|
||||
it "redirects a banned user to a 401 and logs them out" do
|
||||
@user.add_role :denied
|
||||
@user.set_role :denied
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
get :index
|
||||
@ -53,7 +53,7 @@ describe ApplicationController do
|
||||
end
|
||||
|
||||
it "redirects a pending user to a 401 and logs them out" do
|
||||
@user.add_role :pending
|
||||
@user.set_role :pending
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
get :index
|
||||
|
||||
@ -19,7 +19,7 @@
|
||||
require "rails_helper"
|
||||
|
||||
def random_valid_user_params
|
||||
pass = Faker::Internet.password(8)
|
||||
pass = Faker::Internet.password(min_length: 8)
|
||||
{
|
||||
user: {
|
||||
name: Faker::Name.first_name,
|
||||
@ -76,11 +76,12 @@ describe PasswordResetsController, type: :controller do
|
||||
describe "PATCH #update" do
|
||||
before do
|
||||
allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
|
||||
@user = create(:user, provider: "greenlight")
|
||||
end
|
||||
|
||||
context "valid user" do
|
||||
it "reloads page with notice if password is empty" do
|
||||
token = "reset_token"
|
||||
token = @user.create_reset_digest
|
||||
allow(controller).to receive(:check_expiration).and_return(nil)
|
||||
|
||||
params = {
|
||||
@ -95,7 +96,7 @@ describe PasswordResetsController, type: :controller do
|
||||
end
|
||||
|
||||
it "reloads page with notice if password is confirmation doesn't match" do
|
||||
token = "reset_token"
|
||||
token = @user.create_reset_digest
|
||||
|
||||
allow(controller).to receive(:check_expiration).and_return(nil)
|
||||
|
||||
|
||||
@ -63,19 +63,6 @@ describe RoomsController, type: :controller do
|
||||
expect(response).to render_template(:join)
|
||||
end
|
||||
|
||||
it "should render cant_create_rooms if user doesn't have permission to create rooms" do
|
||||
user_role = @user.highest_priority_role
|
||||
|
||||
user_role.update_permission("can_create_rooms", "false")
|
||||
user_role.save!
|
||||
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
get :show, params: { room_uid: @user.main_room }
|
||||
|
||||
expect(response).to render_template(:cant_create_rooms)
|
||||
end
|
||||
|
||||
it "should be able to search public recordings if user is not owner" do
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
@ -117,7 +104,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "redirects to admin if user is a super_admin" do
|
||||
@request.session[:user_id] = @owner.id
|
||||
@owner.add_role :super_admin
|
||||
@owner.set_role :super_admin
|
||||
|
||||
get :show, params: { room_uid: @owner.main_room, search: :none }
|
||||
|
||||
@ -140,7 +127,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "redirects to root if owner is pending" do
|
||||
@request.session[:user_id] = @owner.id
|
||||
@owner.add_role :pending
|
||||
@owner.set_role :pending
|
||||
|
||||
get :show, params: { room_uid: @owner.main_room, search: :none }
|
||||
|
||||
@ -149,7 +136,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "redirects to root if owner is banned" do
|
||||
@request.session[:user_id] = @owner.id
|
||||
@owner.add_role :denied
|
||||
@owner.set_role :denied
|
||||
|
||||
get :show, params: { room_uid: @owner.main_room, search: :none }
|
||||
|
||||
@ -157,6 +144,35 @@ describe RoomsController, type: :controller do
|
||||
end
|
||||
end
|
||||
|
||||
describe "GET #cant_create_rooms" do
|
||||
before do
|
||||
@user = create(:user)
|
||||
@owner = create(:user)
|
||||
end
|
||||
|
||||
it "renders cant_create_rooms if user doesn't have permission to create rooms and has no shared rooms" do
|
||||
@user.role.update_permission("can_create_rooms", "false")
|
||||
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
get :cant_create_rooms
|
||||
|
||||
expect(response).to render_template(:cant_create_rooms)
|
||||
end
|
||||
|
||||
it "displays the room if the user can't create rooms but has a shared room" do
|
||||
@user.role.update_permission("can_create_rooms", "false")
|
||||
|
||||
SharedAccess.create(room_id: @owner.main_room.id, user_id: @user.id)
|
||||
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
get :cant_create_rooms
|
||||
|
||||
expect(response).to redirect_to(@owner.main_room)
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST #create" do
|
||||
before do
|
||||
@owner = create(:user)
|
||||
@ -406,7 +422,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "redirects to root if owner is pending" do
|
||||
@request.session[:user_id] = @owner.id
|
||||
@owner.add_role :pending
|
||||
@owner.set_role :pending
|
||||
|
||||
post :join, params: { room_uid: @room }
|
||||
|
||||
@ -415,7 +431,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "redirects to root if owner is banned" do
|
||||
@request.session[:user_id] = @owner.id
|
||||
@owner.add_role :denied
|
||||
@owner.set_role :denied
|
||||
|
||||
post :join, params: { room_uid: @room }
|
||||
|
||||
@ -456,7 +472,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "allows admin to delete room" do
|
||||
@admin = create(:user)
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
expect do
|
||||
@ -468,7 +484,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "does not allow admin to delete a users home room" do
|
||||
@admin = create(:user)
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
expect do
|
||||
@ -483,7 +499,7 @@ describe RoomsController, type: :controller do
|
||||
allow_any_instance_of(User).to receive(:admin_of?).and_return(false)
|
||||
|
||||
@admin = create(:user)
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
expect do
|
||||
@ -527,7 +543,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "redirects to join path if admin" do
|
||||
@admin = create(:user)
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
post :start, params: { room_uid: @user.main_room }
|
||||
@ -538,7 +554,7 @@ describe RoomsController, type: :controller do
|
||||
it "redirects to root path if not admin of current user" do
|
||||
allow_any_instance_of(User).to receive(:admin_of?).and_return(false)
|
||||
@admin = create(:user)
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
post :start, params: { room_uid: @user.main_room }
|
||||
@ -587,7 +603,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "allows admin to update room settings" do
|
||||
@admin = create(:user)
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
room_params = { "mute_on_join": "1", "name": @secondary_room.name }
|
||||
@ -603,7 +619,7 @@ describe RoomsController, type: :controller do
|
||||
it "does not allow admins from a different context to update room settings" do
|
||||
allow_any_instance_of(User).to receive(:admin_of?).and_return(false)
|
||||
@admin = create(:user)
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
room_params = { "mute_on_join": "1", "name": @secondary_room.name }
|
||||
@ -743,7 +759,7 @@ describe RoomsController, type: :controller do
|
||||
|
||||
it "allows admins to update room access" do
|
||||
@admin = create(:user)
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
post :shared_access, params: { room_uid: @room.uid, add: [@user1.uid] }
|
||||
@ -756,7 +772,7 @@ describe RoomsController, type: :controller do
|
||||
it "redirects to root path if not admin of current user" do
|
||||
allow_any_instance_of(User).to receive(:admin_of?).and_return(false)
|
||||
@admin = create(:user)
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
@request.session[:user_id] = @admin.id
|
||||
|
||||
post :shared_access, params: { room_uid: @room.uid, add: [] }
|
||||
|
||||
@ -75,7 +75,7 @@ describe SessionsController, type: :controller do
|
||||
before(:each) do
|
||||
user = create(:user, provider: "greenlight")
|
||||
@request.session[:user_id] = user.id
|
||||
get :destroy
|
||||
post :destroy
|
||||
end
|
||||
|
||||
it "should logout user" do
|
||||
@ -221,7 +221,7 @@ describe SessionsController, type: :controller do
|
||||
it "redirects to the admins page for admins" do
|
||||
user = create(:user, provider: "greenlight",
|
||||
password: "example", password_confirmation: 'example')
|
||||
user.add_role :super_admin
|
||||
user.set_role :super_admin
|
||||
|
||||
post :create, params: {
|
||||
session: {
|
||||
@ -235,7 +235,7 @@ describe SessionsController, type: :controller do
|
||||
end
|
||||
|
||||
it "should migrate old rooms from the twitter account to the new user" do
|
||||
twitter_user = User.create(name: "Twitter User", email: "user@twitter.com", image: "example.png",
|
||||
twitter_user = create(:user, name: "Twitter User", email: "user@twitter.com", image: "example.png",
|
||||
username: "twitteruser", email_verified: true, provider: 'twitter', social_uid: "twitter-user")
|
||||
|
||||
room = Room.new(name: "Test")
|
||||
@ -383,7 +383,7 @@ describe SessionsController, type: :controller do
|
||||
|
||||
it "should notify twitter users that twitter is deprecated" do
|
||||
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
|
||||
twitter_user = User.create(name: "Twitter User", email: "user@twitter.com", image: "example.png",
|
||||
twitter_user = create(:user, name: "Twitter User", email: "user@twitter.com", image: "example.png",
|
||||
username: "twitteruser", email_verified: true, provider: 'twitter', social_uid: "twitter-user")
|
||||
|
||||
request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:twitter]
|
||||
@ -394,7 +394,7 @@ describe SessionsController, type: :controller do
|
||||
end
|
||||
|
||||
it "should migrate rooms from the twitter account to the google account" do
|
||||
twitter_user = User.create(name: "Twitter User", email: "user@twitter.com", image: "example.png",
|
||||
twitter_user = create(:user, name: "Twitter User", email: "user@twitter.com", image: "example.png",
|
||||
username: "twitteruser", email_verified: true, provider: 'twitter', social_uid: "twitter-user")
|
||||
|
||||
room = Room.new(name: "Test")
|
||||
@ -419,7 +419,7 @@ describe SessionsController, type: :controller do
|
||||
allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
|
||||
@user = create(:user, provider: "greenlight")
|
||||
@admin = create(:user, provider: "greenlight", email: "test@example.com")
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
end
|
||||
|
||||
it "should notify admin on new user signup with approve/reject registration" do
|
||||
|
||||
@ -19,7 +19,7 @@
|
||||
require "rails_helper"
|
||||
|
||||
def random_valid_user_params
|
||||
pass = Faker::Internet.password(8)
|
||||
pass = Faker::Internet.password(min_length: 8)
|
||||
{
|
||||
user: {
|
||||
name: Faker::Name.first_name,
|
||||
@ -75,7 +75,7 @@ describe UsersController, type: :controller do
|
||||
controller.instance_variable_set(:@user_domain, "provider1")
|
||||
|
||||
user = create(:user, provider: "provider1")
|
||||
user.add_role :admin
|
||||
user.set_role :admin
|
||||
user2 = create(:user, provider: "provider1")
|
||||
|
||||
@request.session[:user_id] = user.id
|
||||
@ -174,7 +174,7 @@ describe UsersController, type: :controller do
|
||||
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
|
||||
@user = create(:user, provider: "greenlight")
|
||||
@admin = create(:user, provider: "greenlight", email: "test@example.com")
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
end
|
||||
|
||||
it "should notify admins that user signed up" do
|
||||
@ -232,7 +232,7 @@ describe UsersController, type: :controller do
|
||||
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
|
||||
@user = create(:user, provider: "greenlight")
|
||||
@admin = create(:user, provider: "greenlight", email: "test@example.com")
|
||||
@admin.add_role :admin
|
||||
@admin.set_role :admin
|
||||
end
|
||||
|
||||
it "allows any user to sign up" do
|
||||
@ -278,13 +278,13 @@ describe UsersController, type: :controller do
|
||||
end
|
||||
end
|
||||
|
||||
describe "PATCH #update" do
|
||||
describe "POST #update" do
|
||||
it "properly updates user attributes" do
|
||||
user = create(:user)
|
||||
@request.session[:user_id] = user.id
|
||||
|
||||
params = random_valid_user_params
|
||||
patch :update, params: params.merge!(user_uid: user)
|
||||
post :update, params: params.merge!(user_uid: user)
|
||||
user.reload
|
||||
|
||||
expect(user.name).to eql(params[:user][:name])
|
||||
@ -293,11 +293,26 @@ describe UsersController, type: :controller do
|
||||
expect(response).to redirect_to(edit_user_path(user))
|
||||
end
|
||||
|
||||
it "properly updates user attributes" do
|
||||
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(false)
|
||||
user = create(:user)
|
||||
@request.session[:user_id] = user.id
|
||||
|
||||
params = random_valid_user_params
|
||||
post :update, params: params.merge!(user_uid: user)
|
||||
user.reload
|
||||
|
||||
expect(user.name).not_to eql(params[:user][:name])
|
||||
expect(user.email).not_to eql(params[:user][:email])
|
||||
expect(flash[:success]).to be_present
|
||||
expect(response).to redirect_to(edit_user_path(user))
|
||||
end
|
||||
|
||||
it "renders #edit on unsuccessful save" do
|
||||
@user = create(:user)
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
patch :update, params: invalid_params.merge!(user_uid: @user)
|
||||
post :update, params: invalid_params.merge!(user_uid: @user)
|
||||
expect(response).to render_template(:edit)
|
||||
end
|
||||
|
||||
@ -306,7 +321,7 @@ describe UsersController, type: :controller do
|
||||
user = create(:user)
|
||||
@request.session[:user_id] = user.id
|
||||
|
||||
user_role = user.highest_priority_role
|
||||
user_role = user.role
|
||||
|
||||
user_role.update_permission("can_manage_users", "true")
|
||||
|
||||
@ -315,30 +330,7 @@ describe UsersController, type: :controller do
|
||||
tmp_role = Role.create(name: "test", priority: -4, provider: "greenlight")
|
||||
|
||||
params = random_valid_user_params
|
||||
patch :update, params: params.merge!(user_uid: user, user: { role_ids: tmp_role.id.to_s })
|
||||
|
||||
expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_assignment"))
|
||||
expect(response).to render_template(:edit)
|
||||
end
|
||||
|
||||
it "should fail to update roles if a user tries to remove a role with a higher priority than their own" do
|
||||
user = create(:user)
|
||||
admin = create(:user)
|
||||
|
||||
admin.add_role :admin
|
||||
|
||||
@request.session[:user_id] = user.id
|
||||
|
||||
user_role = user.highest_priority_role
|
||||
|
||||
user_role.update_permission("can_manage_users", "true")
|
||||
|
||||
user_role.save!
|
||||
|
||||
params = random_valid_user_params
|
||||
patch :update, params: params.merge!(user_uid: admin, user: { role_ids: "" })
|
||||
|
||||
user.reload
|
||||
post :update, params: params.merge!(user_uid: user, user: { role_id: tmp_role.id.to_s })
|
||||
|
||||
expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_assignment"))
|
||||
expect(response).to render_template(:edit)
|
||||
@ -350,53 +342,88 @@ describe UsersController, type: :controller do
|
||||
user = create(:user)
|
||||
admin = create(:user)
|
||||
|
||||
admin.add_role :admin
|
||||
admin.set_role :admin
|
||||
|
||||
@request.session[:user_id] = admin.id
|
||||
|
||||
tmp_role1 = Role.create(name: "test1", priority: 2, provider: "greenlight")
|
||||
tmp_role1.update_permission("send_promoted_email", "true")
|
||||
tmp_role2 = Role.create(name: "test2", priority: 3, provider: "greenlight")
|
||||
|
||||
params = random_valid_user_params
|
||||
params = params.merge!(user_uid: user, user: { role_ids: "#{tmp_role1.id} #{tmp_role2.id}" })
|
||||
params = params.merge!(user_uid: user, user: { role_id: tmp_role1.id.to_s })
|
||||
|
||||
expect { patch :update, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
|
||||
expect { post :update, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
|
||||
|
||||
user.reload
|
||||
expect(user.roles.count).to eq(2)
|
||||
expect(user.highest_priority_role.name).to eq("test1")
|
||||
expect(response).to redirect_to(admins_path)
|
||||
end
|
||||
|
||||
it "all users must at least have the user role" do
|
||||
allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
|
||||
|
||||
user = create(:user)
|
||||
admin = create(:user)
|
||||
|
||||
admin.add_role :admin
|
||||
|
||||
tmp_role1 = Role.create(name: "test1", priority: 2, provider: "greenlight")
|
||||
tmp_role1.update_permission("send_demoted_email", "true")
|
||||
user.roles << tmp_role1
|
||||
user.save!
|
||||
|
||||
@request.session[:user_id] = admin.id
|
||||
|
||||
params = random_valid_user_params
|
||||
params = params.merge!(user_uid: user, user: { role_ids: "" })
|
||||
|
||||
expect { patch :update, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
|
||||
expect(user.roles.count).to eq(1)
|
||||
expect(user.highest_priority_role.name).to eq("user")
|
||||
expect(user.role.name).to eq("test1")
|
||||
expect(response).to redirect_to(admins_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST #update_password" do
|
||||
before do
|
||||
@user = create(:user)
|
||||
@password = Faker::Internet.password(min_length: 8)
|
||||
end
|
||||
|
||||
it "properly updates users password" do
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
params = {
|
||||
user: {
|
||||
password: @user.password,
|
||||
new_password: @password,
|
||||
password_confirmation: @password,
|
||||
}
|
||||
}
|
||||
post :update_password, params: params.merge!(user_uid: @user)
|
||||
@user.reload
|
||||
|
||||
expect(@user.authenticate(@password)).not_to be false
|
||||
expect(@user.errors).to be_empty
|
||||
expect(flash[:success]).to be_present
|
||||
expect(response).to redirect_to(change_password_path(@user))
|
||||
end
|
||||
|
||||
it "doesn't update the users password if initial password is incorrect" do
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
params = {
|
||||
user: {
|
||||
password: "incorrect_password",
|
||||
new_password: @password,
|
||||
password_confirmation: @password,
|
||||
}
|
||||
}
|
||||
post :update_password, params: params.merge!(user_uid: @user)
|
||||
@user.reload
|
||||
expect(@user.authenticate(@password)).to be false
|
||||
expect(response).to render_template(:change_password)
|
||||
end
|
||||
|
||||
it "doesn't update the users password if new passwords don't match" do
|
||||
@request.session[:user_id] = @user.id
|
||||
|
||||
params = {
|
||||
user: {
|
||||
password: "incorrect_password",
|
||||
new_password: @password,
|
||||
password_confirmation: @password + "_random_string",
|
||||
}
|
||||
}
|
||||
post :update_password, params: params.merge!(user_uid: @user)
|
||||
@user.reload
|
||||
expect(@user.authenticate(@password)).to be false
|
||||
expect(response).to render_template(:change_password)
|
||||
end
|
||||
end
|
||||
|
||||
describe "DELETE #user" do
|
||||
before { allow(Rails.configuration).to receive(:allow_user_signup).and_return(true) }
|
||||
before do
|
||||
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
|
||||
Role.create_default_roles("provider1")
|
||||
end
|
||||
|
||||
it "permanently deletes user" do
|
||||
user = create(:user)
|
||||
@ -416,7 +443,7 @@ describe UsersController, type: :controller do
|
||||
|
||||
user = create(:user, provider: "provider1")
|
||||
admin = create(:user, provider: "provider1")
|
||||
admin.add_role :admin
|
||||
admin.set_role :admin
|
||||
@request.session[:user_id] = admin.id
|
||||
|
||||
delete :destroy, params: { user_uid: user.uid }
|
||||
@ -434,7 +461,7 @@ describe UsersController, type: :controller do
|
||||
|
||||
user = create(:user, provider: "provider1")
|
||||
admin = create(:user, provider: "provider1")
|
||||
admin.add_role :admin
|
||||
admin.set_role :admin
|
||||
@request.session[:user_id] = admin.id
|
||||
|
||||
delete :destroy, params: { user_uid: user.uid, permanent: "true" }
|
||||
@ -452,7 +479,7 @@ describe UsersController, type: :controller do
|
||||
|
||||
user = create(:user, provider: "provider1")
|
||||
admin = create(:user, provider: "provider1")
|
||||
admin.add_role :admin
|
||||
admin.set_role :admin
|
||||
@request.session[:user_id] = admin.id
|
||||
uid = user.main_room.uid
|
||||
|
||||
@ -473,7 +500,7 @@ describe UsersController, type: :controller do
|
||||
|
||||
user = create(:user, provider: "provider1")
|
||||
admin = create(:user, provider: "provider2")
|
||||
admin.add_role :admin
|
||||
admin.set_role :admin
|
||||
@request.session[:user_id] = admin.id
|
||||
|
||||
delete :destroy, params: { user_uid: user.uid }
|
||||
|
||||
Reference in New Issue
Block a user