2019-08-14 17:26:47 +02:00
|
|
|
|
feature 'Managing password:' do
|
|
|
|
|
context 'for simple users' do
|
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
|
let(:new_password) { 'a simple password' }
|
|
|
|
|
|
|
|
|
|
scenario 'a simple user can reset their password' do
|
|
|
|
|
visit root_path
|
|
|
|
|
click_on 'Connexion'
|
2021-04-15 17:37:23 +02:00
|
|
|
|
click_on 'Mot de passe oublié ?'
|
2019-08-14 17:26:47 +02:00
|
|
|
|
expect(page).to have_current_path(new_user_password_path)
|
|
|
|
|
|
|
|
|
|
fill_in 'Email', with: user.email
|
|
|
|
|
perform_enqueued_jobs do
|
2021-04-15 17:18:27 +02:00
|
|
|
|
click_on 'Demander un nouveau mot de passe'
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|
2021-04-22 12:07:35 +02:00
|
|
|
|
expect(page).to have_text 'Nous vous avons envoyé un email'
|
|
|
|
|
expect(page).to have_text user.email
|
2019-08-14 17:26:47 +02:00
|
|
|
|
|
|
|
|
|
click_reset_password_link_for user.email
|
|
|
|
|
expect(page).to have_content 'Changement de mot de passe'
|
|
|
|
|
|
|
|
|
|
fill_in 'user_password', with: new_password
|
|
|
|
|
fill_in 'user_password_confirmation', with: new_password
|
|
|
|
|
click_on 'Changer le mot de passe'
|
2020-09-01 15:28:31 +02:00
|
|
|
|
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for admins' do
|
2021-09-02 21:20:30 +02:00
|
|
|
|
let(:administrateur) { create(:administrateur) }
|
|
|
|
|
let(:user) { administrateur.user }
|
|
|
|
|
let(:weak_password) { '12345678' }
|
|
|
|
|
let(:strong_password) { 'a new, long, and complicated password!' }
|
2019-08-14 17:26:47 +02:00
|
|
|
|
|
2021-09-02 21:20:30 +02:00
|
|
|
|
scenario 'an admin can reset their password', js: true do
|
2019-08-14 17:26:47 +02:00
|
|
|
|
visit root_path
|
|
|
|
|
click_on 'Connexion'
|
2021-04-15 17:37:23 +02:00
|
|
|
|
click_on 'Mot de passe oublié ?'
|
2019-08-14 17:26:47 +02:00
|
|
|
|
expect(page).to have_current_path(new_user_password_path)
|
|
|
|
|
|
|
|
|
|
fill_in 'Email', with: user.email
|
|
|
|
|
perform_enqueued_jobs do
|
2021-04-15 17:18:27 +02:00
|
|
|
|
click_on 'Demander un nouveau mot de passe'
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|
2021-04-22 12:07:35 +02:00
|
|
|
|
expect(page).to have_text 'Nous vous avons envoyé un email'
|
|
|
|
|
expect(page).to have_text user.email
|
2019-08-14 17:26:47 +02:00
|
|
|
|
|
|
|
|
|
click_reset_password_link_for user.email
|
|
|
|
|
|
|
|
|
|
expect(page).to have_content 'Changement de mot de passe'
|
|
|
|
|
|
2021-09-02 21:20:30 +02:00
|
|
|
|
fill_in 'user_password', with: weak_password
|
|
|
|
|
fill_in 'user_password_confirmation', with: weak_password
|
|
|
|
|
expect(page).to have_text('Mot de passe très vulnérable')
|
|
|
|
|
expect(page).to have_button('Changer le mot de passe', disabled: true)
|
|
|
|
|
|
|
|
|
|
fill_in 'user_password', with: strong_password
|
|
|
|
|
fill_in 'user_password_confirmation', with: strong_password
|
|
|
|
|
expect(page).to have_text('Mot de passe suffisamment fort et sécurisé')
|
|
|
|
|
expect(page).to have_button('Changer le mot de passe', disabled: false)
|
|
|
|
|
|
2019-08-14 17:26:47 +02:00
|
|
|
|
click_on 'Changer le mot de passe'
|
2020-09-01 15:28:31 +02:00
|
|
|
|
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|
|
|
|
|
end
|
2021-09-02 21:21:10 +02:00
|
|
|
|
|
|
|
|
|
context 'for super-admins' do
|
|
|
|
|
let(:super_admin) { create(:super_admin) }
|
|
|
|
|
let(:weak_password) { '12345678' }
|
|
|
|
|
let(:strong_password) { 'a new, long, and complicated password!' }
|
|
|
|
|
|
|
|
|
|
scenario 'a super-admin can reset their password', js: true do
|
|
|
|
|
visit manager_root_path
|
|
|
|
|
click_on 'Mot de passe oublié'
|
|
|
|
|
expect(page).to have_current_path(new_super_admin_password_path)
|
|
|
|
|
|
|
|
|
|
fill_in 'Email', with: super_admin.email
|
|
|
|
|
perform_enqueued_jobs do
|
|
|
|
|
click_on 'Demander un nouveau mot de passe'
|
|
|
|
|
end
|
|
|
|
|
expect(page).to have_text 'vous recevrez un lien vous permettant de récupérer votre mot de passe'
|
|
|
|
|
|
|
|
|
|
click_reset_password_link_for super_admin.email
|
|
|
|
|
|
|
|
|
|
expect(page).to have_content 'Changement de mot de passe'
|
|
|
|
|
|
|
|
|
|
fill_in 'super_admin_password', with: weak_password
|
2021-08-27 06:29:18 +02:00
|
|
|
|
fill_in 'super_admin_password_confirmation', with: weak_password
|
2021-09-02 21:21:10 +02:00
|
|
|
|
expect(page).to have_text('Mot de passe très vulnérable')
|
|
|
|
|
expect(page).to have_button('Changer le mot de passe', disabled: true)
|
|
|
|
|
|
|
|
|
|
fill_in 'super_admin_password', with: strong_password
|
2021-08-27 06:29:18 +02:00
|
|
|
|
fill_in 'super_admin_password_confirmation', with: strong_password
|
2021-09-02 21:21:10 +02:00
|
|
|
|
expect(page).to have_text('Mot de passe suffisamment fort et sécurisé')
|
|
|
|
|
expect(page).to have_button('Changer le mot de passe', disabled: false)
|
|
|
|
|
|
|
|
|
|
click_on 'Changer le mot de passe'
|
|
|
|
|
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
|
|
|
|
end
|
|
|
|
|
end
|
2021-09-16 18:42:18 +02:00
|
|
|
|
|
|
|
|
|
scenario 'the password reset token has expired' do
|
|
|
|
|
visit edit_user_password_path(reset_password_token: 'invalid-password-token')
|
|
|
|
|
expect(page).to have_content 'Changement de mot de passe'
|
|
|
|
|
|
|
|
|
|
fill_in 'user_password', with: 'SomePassword'
|
|
|
|
|
fill_in 'user_password_confirmation', with: 'SomePassword'
|
|
|
|
|
click_on 'Changer le mot de passe'
|
|
|
|
|
expect(page).to have_content('Votre lien de nouveau mot de passe a expiré')
|
|
|
|
|
end
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|