demarches-normaliennes/spec/models/administrateur_spec.rb

require 'spec_helper'

describe Administrateur, type: :model do
  let(:administration) { create(:administration) }

  describe 'assocations' do
    it { is_expected.to have_and_belong_to_many(:gestionnaires) }
    it { is_expected.to have_many(:procedures) }
  end

  context 'unified login' do
    it 'syncs credentials to associated user' do
      administrateur = create(:administrateur)
      user = create(:user, email: administrateur.email)

      administrateur.update(email: 'whoami@plop.com', password: 'voilà un super mdp')

      user.reload
      expect(user.email).to eq('whoami@plop.com')
      expect(user.valid_password?('voilà un super mdp')).to be(true)
    end

    it 'syncs credentials to associated administrateur' do
      administrateur = create(:administrateur)
      gestionnaire = create(:gestionnaire, email: administrateur.email)

      administrateur.update(email: 'whoami@plop.com', password: 'et encore un autre mdp')

      gestionnaire.reload
      expect(gestionnaire.email).to eq('whoami@plop.com')
      expect(gestionnaire.valid_password?('et encore un autre mdp')).to be(true)
    end
  end

  describe "#renew_api_token" do
    let!(:administrateur) { create(:administrateur) }
    let!(:token) { administrateur.renew_api_token }

    it { expect(BCrypt::Password.new(administrateur.encrypted_token)).to eq(token) }

    context 'when it s called twice' do
      let!(:new_token) { administrateur.renew_api_token }

      it { expect(new_token).not_to eq(token) }
    end
  end

  describe '#find_inactive_by_token' do
    let(:administrateur) { create(:administration).invite_admin('paul@tps.fr') }
    let(:reset_password_token) { administrateur.invite!(administration.id) }

    it { expect(Administrateur.find_inactive_by_token(reset_password_token)).not_to be_nil }
  end

  describe '#reset_password' do
    let(:administrateur) { create(:administration).invite_admin('paul@tps.fr') }
    let(:reset_password_token) { administrateur.invite!(administration.id) }

    it { expect(Administrateur.reset_password(reset_password_token, "j'aime manger des radis").errors).to be_empty }
    it { expect(Administrateur.reset_password('123', "j'aime manger des radis").errors).not_to be_empty }
    it { expect(Administrateur.reset_password(reset_password_token, '').errors).not_to be_empty }
  end

  describe '#feature_enabled?' do
    let(:administrateur) { create(:administrateur) }

    before do
      administrateur.enable_feature(:champ_pj)
    end

    it { expect(administrateur.feature_enabled?(:champ_siret)).to be_falsey }
    it { expect(administrateur.feature_enabled?(:champ_pj)).to be_truthy }
  end

  describe "#password_complexity" do
    let(:administrateur) { build(:administrateur, password: password) }

    subject do
      administrateur.save
      administrateur.errors[:password]
    end

    context "with a strong password" do
      let(:password) { "la démat c'est simple" }
      it { expect(subject).to eq([]) }
    end

    context "with a weak password" do
      let(:password) { "12345678" }
      it { expect(subject).to include "n'est pas assez complexe" }
      it { expect(subject).not_to include "est trop court" }
    end

    context "with a short password" do
      let(:password) { "1" }
      it { expect(subject).to include "est trop court" }
      it { expect(subject).not_to include "n'est pas assez complexe" }
    end
  end
end
Revu de code 2015-11-04 17:27:01 +01:00			`require 'spec_helper'`
Add Administrateurs role and his connexion is ok. 2015-10-23 16:19:55 +02:00
Revu de code 2015-11-04 17:27:01 +01:00			`describe Administrateur, type: :model do`
[Fix #1735] Sign the admin account creation email 2018-05-31 18:07:19 +02:00			`let(:administration) { create(:administration) }`

Create relation between Administrateur, Gestionnaire and Procedure 2015-11-10 10:23:15 +01:00			`describe 'assocations' do`
Migrate Admin / Gestionnaire / Procédure gestion in database 2016-05-20 15:39:17 +02:00			`it { is_expected.to have_and_belong_to_many(:gestionnaires) }`
Create relation between Administrateur, Gestionnaire and Procedure 2015-11-10 10:23:15 +01:00			`it { is_expected.to have_many(:procedures) }`
			`end`

Sync credentials between user, gestionnaire and administrateur account 2016-12-07 17:24:01 +01:00			`context 'unified login' do`
			`it 'syncs credentials to associated user' do`
			`administrateur = create(:administrateur)`
			`user = create(:user, email: administrateur.email)`

[Fix #1285] Password strength is ensured when saving an administrateur 2018-01-25 10:50:06 +01:00			`administrateur.update(email: 'whoami@plop.com', password: 'voilà un super mdp')`
Sync credentials between user, gestionnaire and administrateur account 2016-12-07 17:24:01 +01:00
			`user.reload`
			`expect(user.email).to eq('whoami@plop.com')`
[Fix #1285] Password strength is ensured when saving an administrateur 2018-01-25 10:50:06 +01:00			`expect(user.valid_password?('voilà un super mdp')).to be(true)`
Sync credentials between user, gestionnaire and administrateur account 2016-12-07 17:24:01 +01:00			`end`

			`it 'syncs credentials to associated administrateur' do`
			`administrateur = create(:administrateur)`
			`gestionnaire = create(:gestionnaire, email: administrateur.email)`

[Fix #1285] Password strength is ensured when saving an administrateur 2018-01-25 10:50:06 +01:00			`administrateur.update(email: 'whoami@plop.com', password: 'et encore un autre mdp')`
Sync credentials between user, gestionnaire and administrateur account 2016-12-07 17:24:01 +01:00
			`gestionnaire.reload`
			`expect(gestionnaire.email).to eq('whoami@plop.com')`
[Fix #1285] Password strength is ensured when saving an administrateur 2018-01-25 10:50:06 +01:00			`expect(gestionnaire.valid_password?('et encore un autre mdp')).to be(true)`
Sync credentials between user, gestionnaire and administrateur account 2016-12-07 17:24:01 +01:00			`end`
			`end`
Add invitation related methods to administrateur model 2018-01-11 14:17:50 +01:00
Api Token: store token in an encrypted form 2018-08-24 16:45:43 +02:00			`describe "#renew_api_token" do`
Administrateur: do not save api_token in clear text anymore 2018-09-26 17:22:36 +02:00			`let!(:administrateur) { create(:administrateur) }`
			`let!(:token) { administrateur.renew_api_token }`
Api Token: store token in an encrypted form 2018-08-24 16:45:43 +02:00
Administrateur: do not save api_token in clear text anymore 2018-09-26 17:22:36 +02:00			`it { expect(BCrypt::Password.new(administrateur.encrypted_token)).to eq(token) }`
Api Token: store token in an encrypted form 2018-08-24 16:45:43 +02:00
			`context 'when it s called twice' do`
Administrateur: do not save api_token in clear text anymore 2018-09-26 17:22:36 +02:00			`let!(:new_token) { administrateur.renew_api_token }`
Api Token: store token in an encrypted form 2018-08-24 16:45:43 +02:00
Administrateur: do not save api_token in clear text anymore 2018-09-26 17:22:36 +02:00			`it { expect(new_token).not_to eq(token) }`
Api Token: store token in an encrypted form 2018-08-24 16:45:43 +02:00			`end`
			`end`

Add invitation related methods to administrateur model 2018-01-11 14:17:50 +01:00			`describe '#find_inactive_by_token' do`
			`let(:administrateur) { create(:administration).invite_admin('paul@tps.fr') }`
[Fix #1735] Sign the admin account creation email 2018-05-31 18:07:19 +02:00			`let(:reset_password_token) { administrateur.invite!(administration.id) }`
Add invitation related methods to administrateur model 2018-01-11 14:17:50 +01:00
			`it { expect(Administrateur.find_inactive_by_token(reset_password_token)).not_to be_nil }`
			`end`

			`describe '#reset_password' do`
			`let(:administrateur) { create(:administration).invite_admin('paul@tps.fr') }`
[Fix #1735] Sign the admin account creation email 2018-05-31 18:07:19 +02:00			`let(:reset_password_token) { administrateur.invite!(administration.id) }`
Add invitation related methods to administrateur model 2018-01-11 14:17:50 +01:00
[Fix #1285] Password strength is ensured when saving an administrateur 2018-01-25 10:50:06 +01:00			`it { expect(Administrateur.reset_password(reset_password_token, "j'aime manger des radis").errors).to be_empty }`
			`it { expect(Administrateur.reset_password('123', "j'aime manger des radis").errors).not_to be_empty }`
Add invitation related methods to administrateur model 2018-01-11 14:17:50 +01:00			`it { expect(Administrateur.reset_password(reset_password_token, '').errors).not_to be_empty }`
			`end`
Add administrateur#feature_enabled? method 2018-03-27 15:43:59 +02:00
			`describe '#feature_enabled?' do`
			`let(:administrateur) { create(:administrateur) }`

			`before do`
Add flipflop config 2018-04-18 12:16:25 +02:00			`administrateur.enable_feature(:champ_pj)`
Add administrateur#feature_enabled? method 2018-03-27 15:43:59 +02:00			`end`

Add flipflop config 2018-04-18 12:16:25 +02:00			`it { expect(administrateur.feature_enabled?(:champ_siret)).to be_falsey }`
			`it { expect(administrateur.feature_enabled?(:champ_pj)).to be_truthy }`
Add administrateur#feature_enabled? method 2018-03-27 15:43:59 +02:00			`end`
[Fix #1285] Password strength is ensured when saving an administrateur 2018-01-25 10:50:06 +01:00
			`describe "#password_complexity" do`
			`let(:administrateur) { build(:administrateur, password: password) }`

			`subject do`
			`administrateur.save`
			`administrateur.errors[:password]`
			`end`

			`context "with a strong password" do`
			`let(:password) { "la démat c'est simple" }`
			`it { expect(subject).to eq([]) }`
			`end`

			`context "with a weak password" do`
			`let(:password) { "12345678" }`
			`it { expect(subject).to include "n'est pas assez complexe" }`
			`it { expect(subject).not_to include "est trop court" }`
			`end`

			`context "with a short password" do`
			`let(:password) { "1" }`
			`it { expect(subject).to include "est trop court" }`
			`it { expect(subject).not_to include "n'est pas assez complexe" }`
			`end`
			`end`
Add Administrateurs role and his connexion is ok. 2015-10-23 16:19:55 +02:00			`end`