GRN2-6: Added the ability for admins to specify registration method (#520)

* Added the ability to invite users * Small bug fix * Added the ability to approve/decline users * Small bug fixes * More bug fixes * More minor changes * Final changes
2019-05-17 16:26:49 -04:00
parent adf4b68008
commit 720dac6012
37 changed files with 928 additions and 101 deletions
--- a/spec/controllers/account_activations_controller_spec.rb
+++ b/spec/controllers/account_activations_controller_spec.rb
@ -72,6 +72,17 @@ describe AccountActivationsController, type: :controller do
      expect(flash[:alert]).to be_present
      expect(response).to redirect_to(root_path)
    end
+
+    it "redirects a pending user to root with a flash" do
+      @user = create(:user, email_verified: false, provider: "greenlight")
+
+      @user.add_role :pending
+
+      get :edit, params: { email: @user.email, token: @user.activation_token }
+
+      expect(flash[:success]).to be_present
+      expect(response).to redirect_to(root_path)
+    end
  end

  describe "GET #resend" do
--- a/spec/controllers/admins_controller_spec.rb
+++ b/spec/controllers/admins_controller_spec.rb
@ -109,6 +109,56 @@ describe AdminsController, type: :controller do
        expect(response).to redirect_to(admins_path)
      end
    end
+
+    context "POST #invite" do
+      before do
+        allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
+        allow_any_instance_of(ApplicationController).to receive(:allow_greenlight_users?).and_return(true)
+        allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
+      end
+
+      it "invites a user" do
+        @request.session[:user_id] = @admin.id
+        email = Faker::Internet.email
+        post :invite, params: { invite_user: { email: email } }
+
+        invite = Invitation.find_by(email: email, provider: "greenlight")
+
+        expect(invite.present?).to eq(true)
+        expect(flash[:success]).to be_present
+        expect(response).to redirect_to(admins_path)
+      end
+
+      it "sends an invitation email" do
+        @request.session[:user_id] = @admin.id
+        email = Faker::Internet.email
+
+        params = { invite_user: { email: email } }
+        expect { post :invite, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
+      end
+    end
+
+    context "POST #approve" do
+      it "approves a pending user" do
+        @request.session[:user_id] = @admin.id
+
+        @user.add_role :pending
+
+        post :approve, params: { user_uid: @user.uid }
+
+        expect(@user.has_role?(:pending)).to eq(false)
+        expect(flash[:success]).to be_present
+        expect(response).to redirect_to(admins_path)
+      end
+
+      it "sends the user an email telling them theyre approved" do
+        @request.session[:user_id] = @admin.id
+
+        @user.add_role :pending
+        params = { user_uid: @user.uid }
+        expect { post :approve, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
+      end
+    end
  end

  describe "User Design" do
@ -142,7 +192,38 @@ describe AdminsController, type: :controller do
        feature = Setting.find_by(provider: "provider1").features.find_by(name: "Primary Color")

        expect(feature[:value]).to eq(primary_color)
-        expect(response).to redirect_to(admins_path(setting: "site_settings"))
+        expect(response).to redirect_to(admins_path)
+      end
+    end
+
+    context "POST #registration_method" do
+      it "changes the registration method for the given context" do
+        allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
+        allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
+        allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
+
+        @request.session[:user_id] = @admin.id
+
+        post :registration_method, params: { method: "invite" }
+
+        feature = Setting.find_by(provider: "provider1").features.find_by(name: "Registration Method")
+
+        expect(feature[:value]).to eq(Rails.configuration.registration_methods[:invite])
+        expect(flash[:success]).to be_present
+        expect(response).to redirect_to(admins_path)
+      end
+
+      it "does not allow the user to change to invite if emails are off" do
+        allow(Rails.configuration).to receive(:enable_email_verification).and_return(false)
+        allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
+        allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
+
+        @request.session[:user_id] = @admin.id
+
+        post :registration_method, params: { method: "invite" }
+
+        expect(flash[:alert]).to be_present
+        expect(response).to redirect_to(admins_path)
      end
    end
  end
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@ -32,14 +32,28 @@ describe ApplicationController do
  end

  context "roles" do
-    it "redirects a banned user to a 401 and logs them out" do
+    before do
      @user = create(:user)
+    end
+
+    it "redirects a banned user to a 401 and logs them out" do
      @user.add_role :denied
      @request.session[:user_id] = @user.id

      get :index
      expect(@request.session[:user_id]).to be_nil
-      expect(response).to redirect_to(unauthorized_path)
+      expect(flash[:alert]).to be_present
+      expect(response).to redirect_to(root_path)
+    end
+
+    it "redirects a pending user to a 401 and logs them out" do
+      @user.add_role :pending
+      @request.session[:user_id] = @user.id
+
+      get :index
+      expect(@request.session[:user_id]).to be_nil
+      expect(flash[:alert]).to be_present
+      expect(response).to redirect_to(root_path)
    end
  end
 end
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@ -169,7 +169,9 @@ describe UsersController, type: :controller do
    end

    context "allow email verification" do
-      before { allow(Rails.configuration).to receive(:enable_email_verification).and_return(true) }
+      before do
+        allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
+      end

      it "should raise if there there is a delivery failure" do
        params = random_valid_user_params
@ -179,6 +181,91 @@ describe UsersController, type: :controller do
          raise :anyerror
        end.to raise_error { :anyerror }
      end
+
+      context "enable invite registration" do
+        before do
+          allow_any_instance_of(Registrar).to receive(:invite_registration).and_return(true)
+          allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
+        end
+
+        it "rejects the user if they are not invited" do
+          get :new
+
+          expect(flash[:alert]).to be_present
+          expect(response).to redirect_to(root_path)
+        end
+
+        it "allows the user to signup if they are invited" do
+          allow(Rails.configuration).to receive(:enable_email_verification).and_return(false)
+
+          params = random_valid_user_params
+          invite = Invitation.create(email: params[:user][:name], provider: "greenlight")
+          @request.session[:invite_token] = invite.invite_token
+
+          post :create, params: params
+
+          u = User.find_by(name: params[:user][:name], email: params[:user][:email])
+          expect(response).to redirect_to(u.main_room)
+        end
+
+        it "verifies the user if they sign up with the email they receieved the invite with" do
+          allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
+
+          params = random_valid_user_params
+          invite = Invitation.create(email: params[:user][:email], provider: "greenlight")
+          @request.session[:invite_token] = invite.invite_token
+
+          post :create, params: params
+
+          u = User.find_by(name: params[:user][:name], email: params[:user][:email])
+          expect(response).to redirect_to(u.main_room)
+        end
+
+        it "asks the user to verify if they signup with a different email" do
+          allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
+
+          params = random_valid_user_params
+          invite = Invitation.create(email: Faker::Internet.email, provider: "greenlight")
+          @request.session[:invite_token] = invite.invite_token
+
+          post :create, params: params
+
+          expect(User.exists?(name: params[:user][:name], email: params[:user][:email])).to eq(true)
+          expect(flash[:success]).to be_present
+          expect(response).to redirect_to(root_path)
+        end
+      end
+
+      context "enable approval registration" do
+        before do
+          allow_any_instance_of(Registrar).to receive(:approval_registration).and_return(true)
+          allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
+        end
+
+        it "allows any user to sign up" do
+          allow(Rails.configuration).to receive(:enable_email_verification).and_return(false)
+
+          params = random_valid_user_params
+
+          post :create, params: params
+
+          expect(User.exists?(name: params[:user][:name], email: params[:user][:email])).to eq(true)
+          expect(flash[:success]).to be_present
+          expect(response).to redirect_to(root_path)
+        end
+
+        it "sets the user to pending on sign up" do
+          allow(Rails.configuration).to receive(:enable_email_verification).and_return(false)
+
+          params = random_valid_user_params
+
+          post :create, params: params
+
+          u = User.find_by(name: params[:user][:name], email: params[:user][:email])
+
+          expect(u.has_role?(:pending)).to eq(true)
+        end
+      end
    end

    it "redirects to main room if already authenticated" do