2015-10-07 14:18:55 +02:00
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
|
|
describe Users::SessionsController, type: :controller do
|
2016-02-11 16:12:59 +01:00
|
|
|
let(:loged_in_with_france_connect) { 'particulier' }
|
2015-10-08 11:26:12 +02:00
|
|
|
let(:user) { create(:user, loged_in_with_france_connect: loged_in_with_france_connect) }
|
2015-10-07 16:38:29 +02:00
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
@request.env["devise.mapping"] = Devise.mappings[:user]
|
|
|
|
|
end
|
2015-10-07 14:18:55 +02:00
|
|
|
|
2018-03-20 16:00:30 +01:00
|
|
|
describe '#create' do
|
2015-12-09 15:10:11 +01:00
|
|
|
it { expect(described_class).to be < Sessions::SessionsController }
|
2015-10-08 11:26:12 +02:00
|
|
|
|
2015-12-09 15:10:11 +01:00
|
|
|
describe 'France Connect attribut' do
|
|
|
|
|
before do
|
2018-01-16 13:34:24 +01:00
|
|
|
post :create, params: { user: { email: user.email, password: user.password } }
|
2015-12-09 15:10:11 +01:00
|
|
|
user.reload
|
|
|
|
|
end
|
2015-10-08 11:26:12 +02:00
|
|
|
|
2015-12-24 10:12:23 +01:00
|
|
|
subject { user.loged_in_with_france_connect? }
|
2015-12-09 15:10:11 +01:00
|
|
|
|
|
|
|
|
it { is_expected.to be_falsey }
|
|
|
|
|
end
|
2016-10-11 11:12:45 +02:00
|
|
|
|
2016-10-18 15:49:04 +02:00
|
|
|
context "unified login" do
|
2016-12-07 17:03:36 +01:00
|
|
|
let(:email) { 'unique@plop.com' }
|
|
|
|
|
let(:password) { 'password' }
|
|
|
|
|
|
|
|
|
|
let(:user) { create(:user, email: email, password: password) }
|
|
|
|
|
let(:gestionnaire) { create(:gestionnaire, email: email, password: password) }
|
|
|
|
|
let(:administrateur) { create(:administrateur, email: email, password: password) }
|
|
|
|
|
|
2016-10-11 11:12:45 +02:00
|
|
|
it 'signs user in' do
|
2018-01-16 13:34:24 +01:00
|
|
|
post :create, params: { user: { email: user.email, password: user.password } }
|
2016-10-11 11:12:45 +02:00
|
|
|
expect(@response.redirect?).to be(true)
|
|
|
|
|
expect(subject.current_user).to eq(user)
|
|
|
|
|
expect(subject.current_gestionnaire).to be(nil)
|
2016-12-07 17:03:36 +01:00
|
|
|
expect(subject.current_administrateur).to be(nil)
|
2016-10-11 11:12:45 +02:00
|
|
|
expect(user.reload.loged_in_with_france_connect).to be(nil)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'signs gestionnaire in' do
|
2018-01-16 13:34:24 +01:00
|
|
|
post :create, params: { user: { email: gestionnaire.email, password: gestionnaire.password } }
|
2016-10-11 11:12:45 +02:00
|
|
|
expect(@response.redirect?).to be(true)
|
|
|
|
|
expect(subject.current_user).to be(nil)
|
|
|
|
|
expect(subject.current_gestionnaire).to eq(gestionnaire)
|
2016-12-07 17:03:36 +01:00
|
|
|
expect(subject.current_administrateur).to be(nil)
|
2016-10-11 11:12:45 +02:00
|
|
|
end
|
|
|
|
|
|
2016-12-07 17:03:36 +01:00
|
|
|
it 'signs administrateur in' do
|
2018-01-16 13:34:24 +01:00
|
|
|
post :create, params: { user: { email: administrateur.email, password: administrateur.password } }
|
2016-10-11 11:12:45 +02:00
|
|
|
expect(@response.redirect?).to be(true)
|
2016-12-07 17:03:36 +01:00
|
|
|
expect(subject.current_user).to be(nil)
|
|
|
|
|
expect(subject.current_gestionnaire).to be(nil)
|
|
|
|
|
expect(subject.current_administrateur).to eq(administrateur)
|
2016-10-11 11:12:45 +02:00
|
|
|
end
|
|
|
|
|
|
2016-12-07 17:03:36 +01:00
|
|
|
context {
|
|
|
|
|
before do
|
|
|
|
|
user
|
|
|
|
|
gestionnaire
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'signs user + gestionnaire + administrateur in' do
|
2018-01-16 13:34:24 +01:00
|
|
|
post :create, params: { user: { email: administrateur.email, password: administrateur.password } }
|
2016-12-07 17:03:36 +01:00
|
|
|
expect(@response.redirect?).to be(true)
|
|
|
|
|
expect(subject.current_user).to eq(user)
|
|
|
|
|
expect(subject.current_gestionnaire).to eq(gestionnaire)
|
|
|
|
|
expect(subject.current_administrateur).to eq(administrateur)
|
|
|
|
|
expect(user.reload.loged_in_with_france_connect).to be(nil)
|
|
|
|
|
end
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-11 11:12:45 +02:00
|
|
|
it 'fails to sign in with bad credentials' do
|
2018-01-16 13:34:24 +01:00
|
|
|
post :create, params: { user: { email: user.email, password: 'wrong_password' } }
|
2016-10-11 11:12:45 +02:00
|
|
|
expect(@response.unauthorized?).to be(true)
|
|
|
|
|
expect(subject.current_user).to be(nil)
|
|
|
|
|
expect(subject.current_gestionnaire).to be(nil)
|
2016-12-07 17:03:36 +01:00
|
|
|
expect(subject.current_administrateur).to be(nil)
|
2016-10-11 11:12:45 +02:00
|
|
|
end
|
2017-02-07 16:56:21 +01:00
|
|
|
|
|
|
|
|
context 'with different passwords' do
|
|
|
|
|
let!(:gestionnaire) { create(:gestionnaire, email: email, password: 'another_password') }
|
|
|
|
|
let!(:administrateur) { create(:administrateur, email: email, password: 'another_password') }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
user
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'should sync passwords on login' do
|
|
|
|
|
post :create, params: { user: { email: email, password: password } }
|
|
|
|
|
gestionnaire.reload
|
|
|
|
|
administrateur.reload
|
|
|
|
|
expect(user.valid_password?(password)).to be(true)
|
|
|
|
|
expect(gestionnaire.valid_password?(password)).to be(true)
|
|
|
|
|
expect(administrateur.valid_password?(password)).to be(true)
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-10-11 11:12:45 +02:00
|
|
|
end
|
2015-10-07 16:38:29 +02:00
|
|
|
end
|
2015-10-07 14:18:55 +02:00
|
|
|
|
2018-03-20 16:00:30 +01:00
|
|
|
describe '#destroy' do
|
2015-10-07 14:18:55 +02:00
|
|
|
before do
|
2015-10-07 16:38:29 +02:00
|
|
|
sign_in user
|
|
|
|
|
delete :destroy
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'user is sign out' do
|
|
|
|
|
expect(subject.current_user).to be_nil
|
2015-10-07 14:18:55 +02:00
|
|
|
end
|
|
|
|
|
|
2015-12-24 10:12:23 +01:00
|
|
|
it 'loged_in_with_france_connect current_user attribut is nil' do
|
2015-10-07 14:18:55 +02:00
|
|
|
user.reload
|
2015-12-24 10:12:23 +01:00
|
|
|
expect(user.loged_in_with_france_connect?).to be_falsey
|
2015-10-07 14:18:55 +02:00
|
|
|
end
|
2015-10-07 16:38:29 +02:00
|
|
|
|
2016-02-11 16:12:59 +01:00
|
|
|
context 'when user is connect with france connect particulier' do
|
2015-12-24 10:12:23 +01:00
|
|
|
let(:loged_in_with_france_connect) { 'particulier' }
|
|
|
|
|
|
|
|
|
|
it 'redirect to france connect logout page' do
|
2018-01-11 14:04:24 +01:00
|
|
|
expect(response).to redirect_to(FRANCE_CONNECT[:particulier][:logout_endpoint])
|
2015-12-24 10:12:23 +01:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2015-10-07 16:38:29 +02:00
|
|
|
context 'when user is not connect with france connect' do
|
2015-12-24 10:12:23 +01:00
|
|
|
let(:loged_in_with_france_connect) { '' }
|
2015-12-09 15:10:11 +01:00
|
|
|
|
2015-10-07 16:38:29 +02:00
|
|
|
it 'redirect to root page' do
|
|
|
|
|
expect(response).to redirect_to(root_path)
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-10-11 11:12:45 +02:00
|
|
|
|
|
|
|
|
context "when associated gestionnaire" do
|
|
|
|
|
let(:user) { create(:user, email: 'unique@plop.com', password: 'password') }
|
|
|
|
|
let(:gestionnaire) { create(:gestionnaire, email: 'unique@plop.com', password: 'password') }
|
|
|
|
|
|
|
|
|
|
it 'signs user out' do
|
|
|
|
|
sign_in user
|
|
|
|
|
delete :destroy
|
|
|
|
|
expect(@response.redirect?).to be(true)
|
|
|
|
|
expect(subject.current_user).to be(nil)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'signs gestionnaire out' do
|
|
|
|
|
sign_in gestionnaire
|
|
|
|
|
delete :destroy
|
|
|
|
|
expect(@response.redirect?).to be(true)
|
|
|
|
|
expect(subject.current_gestionnaire).to be(nil)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'signs user + gestionnaire out' do
|
|
|
|
|
sign_in user
|
|
|
|
|
sign_in gestionnaire
|
|
|
|
|
delete :destroy
|
|
|
|
|
expect(@response.redirect?).to be(true)
|
|
|
|
|
expect(subject.current_user).to be(nil)
|
|
|
|
|
expect(subject.current_gestionnaire).to be(nil)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'signs user out from france connect' do
|
2018-03-02 16:27:03 +01:00
|
|
|
user.update(loged_in_with_france_connect: 'particulier')
|
2016-10-11 11:12:45 +02:00
|
|
|
sign_in user
|
|
|
|
|
delete :destroy
|
2018-01-11 14:04:24 +01:00
|
|
|
expect(@response.headers["Location"]).to eq(FRANCE_CONNECT[:particulier][:logout_endpoint])
|
2016-10-11 11:12:45 +02:00
|
|
|
end
|
2016-12-07 17:03:36 +01:00
|
|
|
|
|
|
|
|
context "when associated administrateur" do
|
|
|
|
|
let(:administrateur) { create(:administrateur, email: 'unique@plop.com', password: 'password') }
|
|
|
|
|
|
|
|
|
|
it 'signs user + gestionnaire + administrateur out' do
|
|
|
|
|
sign_in user
|
|
|
|
|
sign_in gestionnaire
|
|
|
|
|
sign_in administrateur
|
|
|
|
|
delete :destroy
|
|
|
|
|
expect(@response.redirect?).to be(true)
|
|
|
|
|
expect(subject.current_user).to be(nil)
|
|
|
|
|
expect(subject.current_gestionnaire).to be(nil)
|
|
|
|
|
expect(subject.current_administrateur).to be(nil)
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-10-11 11:12:45 +02:00
|
|
|
end
|
2015-10-07 14:18:55 +02:00
|
|
|
end
|
2016-05-26 15:59:50 +02:00
|
|
|
|
2018-03-20 16:00:30 +01:00
|
|
|
describe '#new' do
|
2016-05-26 15:59:50 +02:00
|
|
|
subject { get :new }
|
|
|
|
|
|
|
|
|
|
context 'when procedure_id is not present in user_return_to session params' do
|
2016-11-15 05:54:27 +01:00
|
|
|
it { expect(subject.status).to eq 200 }
|
2016-05-26 15:59:50 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when procedure_id is present in user_return_to session params' do
|
|
|
|
|
context 'when procedure_id does not exist' do
|
|
|
|
|
before do
|
|
|
|
|
session["user_return_to"] = '?procedure_id=0'
|
|
|
|
|
end
|
|
|
|
|
|
2016-11-15 05:54:27 +01:00
|
|
|
it { expect(subject.status).to eq 302 }
|
2016-05-26 15:59:50 +02:00
|
|
|
it { expect(subject).to redirect_to root_path }
|
|
|
|
|
end
|
|
|
|
|
|
2016-06-09 17:49:38 +02:00
|
|
|
context 'when procedure is not published' do
|
2018-05-16 17:21:12 +02:00
|
|
|
let(:procedure) { create :procedure }
|
2016-06-09 17:49:38 +02:00
|
|
|
before do
|
|
|
|
|
session["user_return_to"] = "?procedure_id=#{procedure.id}"
|
|
|
|
|
end
|
|
|
|
|
|
2016-11-15 05:54:27 +01:00
|
|
|
it { expect(subject.status).to eq 302 }
|
2016-06-09 17:49:38 +02:00
|
|
|
it { expect(subject).to redirect_to root_path }
|
|
|
|
|
end
|
|
|
|
|
|
2016-05-26 15:59:50 +02:00
|
|
|
context 'when procedure_id exist' do
|
2018-05-16 17:21:12 +02:00
|
|
|
let(:procedure) { create :procedure, :published }
|
2016-05-26 15:59:50 +02:00
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
session["user_return_to"] = "?procedure_id=#{procedure.id}"
|
|
|
|
|
end
|
|
|
|
|
|
2016-11-15 05:54:27 +01:00
|
|
|
it { expect(subject.status).to eq 200 }
|
2016-05-26 15:59:50 +02:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-10-11 11:12:45 +02:00
|
|
|
end
|
