2015-10-07 14:18:55 +02:00
|
|
|
describe Users::SessionsController, type: :controller do
|
2019-01-09 13:47:52 +01:00
|
|
|
let(:email) { 'unique@plop.com' }
|
2023-03-03 14:16:15 +01:00
|
|
|
let(:password) { SECURE_PASSWORD }
|
2018-08-28 11:41:37 +02:00
|
|
|
let(:loged_in_with_france_connect) { User.loged_in_with_france_connects.fetch(:particulier) }
|
2019-01-09 13:47:52 +01:00
|
|
|
let!(:user) { create(:user, email: email, password: password, loged_in_with_france_connect: loged_in_with_france_connect) }
|
2015-10-07 16:38:29 +02:00
|
|
|
|
|
|
|
before do
|
|
|
|
@request.env["devise.mapping"] = Devise.mappings[:user]
|
|
|
|
end
|
2015-10-07 14:18:55 +02:00
|
|
|
|
2018-03-20 16:00:30 +01:00
|
|
|
describe '#create' do
|
2019-08-16 16:38:02 +02:00
|
|
|
let(:user) { create(:user, email: email, password: password, loged_in_with_france_connect: 'particulier') }
|
2019-08-16 11:52:40 +02:00
|
|
|
let(:send_password) { password }
|
2019-08-16 15:46:51 +02:00
|
|
|
let(:remember_me) { '0' }
|
2016-10-11 11:12:45 +02:00
|
|
|
|
2019-08-16 11:52:40 +02:00
|
|
|
subject do
|
2019-08-16 15:46:51 +02:00
|
|
|
post :create, params: {
|
|
|
|
user: {
|
|
|
|
email: email,
|
|
|
|
password: send_password,
|
|
|
|
remember_me: remember_me
|
|
|
|
}
|
|
|
|
}
|
2019-08-16 11:52:40 +02:00
|
|
|
end
|
2019-01-10 10:41:03 +01:00
|
|
|
|
2019-08-16 11:52:40 +02:00
|
|
|
context 'when the credentials are right' do
|
|
|
|
it 'signs in' do
|
2023-11-17 11:21:01 +01:00
|
|
|
expect { subject }.to change { user.reload.last_sign_in_at }
|
2019-01-09 13:47:52 +01:00
|
|
|
|
2019-08-16 12:25:28 +02:00
|
|
|
expect(response).to redirect_to(root_path)
|
2019-08-16 11:52:40 +02:00
|
|
|
expect(controller.current_user).to eq(user)
|
2019-08-16 16:38:02 +02:00
|
|
|
expect(user.reload.loged_in_with_france_connect).to be(nil)
|
2019-08-16 15:46:51 +02:00
|
|
|
expect(user.reload.remember_created_at).to be_nil
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when remember_me is specified' do
|
|
|
|
let(:remember_me) { '1' }
|
|
|
|
|
|
|
|
it 'remembers' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(user.reload.remember_created_at).to be_present
|
|
|
|
end
|
2018-10-30 18:24:29 +01:00
|
|
|
end
|
2019-08-16 12:25:28 +02:00
|
|
|
|
|
|
|
context 'when a previous path was registered' do
|
2023-04-27 13:21:20 +02:00
|
|
|
let(:stored_path) { '/a_path' }
|
2019-08-16 12:25:28 +02:00
|
|
|
|
|
|
|
before { controller.store_location_for(:user, stored_path) }
|
|
|
|
|
|
|
|
it 'redirects to that previous path' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to redirect_to(stored_path)
|
|
|
|
end
|
|
|
|
end
|
2019-08-16 14:17:39 +02:00
|
|
|
|
|
|
|
context 'when the user is locked' do
|
|
|
|
before { user.lock_access! }
|
|
|
|
|
|
|
|
it 'redirects to new_path' do
|
|
|
|
subject
|
|
|
|
|
2019-08-16 16:47:46 +02:00
|
|
|
expect(response).to render_template(:new)
|
2023-06-28 10:24:37 +02:00
|
|
|
expect(flash.alert).to eq("Adresse électronique ou mot de passe incorrect.")
|
2019-08-16 14:17:39 +02:00
|
|
|
end
|
|
|
|
end
|
2024-03-20 12:56:11 +01:00
|
|
|
|
|
|
|
context 'when user has not yet a preferred domain' do
|
|
|
|
before do
|
|
|
|
allow(Current).to receive(:host).and_return(ENV.fetch("APP_HOST"))
|
2024-04-08 21:45:04 +02:00
|
|
|
Flipper.enable(:switch_domain)
|
|
|
|
end
|
|
|
|
|
|
|
|
after do
|
|
|
|
Flipper.disable(:switch_domain)
|
2024-03-20 12:56:11 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'update preferred domain' do
|
|
|
|
subject
|
|
|
|
|
2024-04-08 21:45:04 +02:00
|
|
|
expect(user.reload.preferred_domain_demarches_gouv_fr?).to be_truthy
|
2024-03-20 12:56:11 +01:00
|
|
|
end
|
|
|
|
end
|
2019-08-16 11:52:40 +02:00
|
|
|
end
|
2018-10-30 18:24:29 +01:00
|
|
|
|
2019-08-16 11:52:40 +02:00
|
|
|
context 'when the credentials are wrong' do
|
|
|
|
let(:send_password) { 'wrong_password' }
|
2019-01-09 13:47:52 +01:00
|
|
|
|
2019-08-16 11:52:40 +02:00
|
|
|
it 'fails to sign in with bad credentials' do
|
|
|
|
subject
|
2019-01-10 10:41:03 +01:00
|
|
|
|
2019-08-16 16:41:28 +02:00
|
|
|
expect(response).to render_template(:new)
|
2019-08-16 11:52:40 +02:00
|
|
|
expect(controller.current_user).to be(nil)
|
2016-10-11 11:12:45 +02:00
|
|
|
end
|
|
|
|
end
|
2015-10-07 16:38:29 +02:00
|
|
|
end
|
2015-10-07 14:18:55 +02:00
|
|
|
|
2018-03-20 16:00:30 +01:00
|
|
|
describe '#destroy' do
|
2019-08-07 11:15:16 +02:00
|
|
|
let!(:user) { create(:user, email: email, password: password, loged_in_with_france_connect: loged_in_with_france_connect) }
|
2024-03-18 11:16:10 +01:00
|
|
|
let!(:instructeur) { create(:instructeur, user: user, agent_connect_id_token:) }
|
|
|
|
let(:agent_connect_id_token) { nil }
|
2019-08-07 11:15:16 +02:00
|
|
|
|
2015-10-07 14:18:55 +02:00
|
|
|
before do
|
2024-03-19 11:14:57 +01:00
|
|
|
stub_const("AGENT_CONNECT", { end_session_endpoint: 'http://agent-connect/logout' })
|
2015-10-07 16:38:29 +02:00
|
|
|
sign_in user
|
|
|
|
delete :destroy
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'user is sign out' do
|
|
|
|
expect(subject.current_user).to be_nil
|
2015-10-07 14:18:55 +02:00
|
|
|
end
|
|
|
|
|
2015-12-24 10:12:23 +01:00
|
|
|
it 'loged_in_with_france_connect current_user attribut is nil' do
|
2015-10-07 14:18:55 +02:00
|
|
|
user.reload
|
2018-12-18 22:48:56 +01:00
|
|
|
expect(user.loged_in_with_france_connect.present?).to be_falsey
|
2015-10-07 14:18:55 +02:00
|
|
|
end
|
2015-10-07 16:38:29 +02:00
|
|
|
|
2016-02-11 16:12:59 +01:00
|
|
|
context 'when user is connect with france connect particulier' do
|
2018-08-28 11:41:37 +02:00
|
|
|
let(:loged_in_with_france_connect) { User.loged_in_with_france_connects.fetch(:particulier) }
|
2015-12-24 10:12:23 +01:00
|
|
|
|
|
|
|
it 'redirect to france connect logout page' do
|
2018-01-11 14:04:24 +01:00
|
|
|
expect(response).to redirect_to(FRANCE_CONNECT[:particulier][:logout_endpoint])
|
2015-12-24 10:12:23 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-10-07 16:38:29 +02:00
|
|
|
context 'when user is not connect with france connect' do
|
2015-12-24 10:12:23 +01:00
|
|
|
let(:loged_in_with_france_connect) { '' }
|
2015-12-09 15:10:11 +01:00
|
|
|
|
2015-10-07 16:38:29 +02:00
|
|
|
it 'redirect to root page' do
|
|
|
|
expect(response).to redirect_to(root_path)
|
|
|
|
end
|
|
|
|
end
|
2024-03-18 11:16:10 +01:00
|
|
|
|
|
|
|
context 'when user is connect with agent connect' do
|
|
|
|
let(:loged_in_with_france_connect) { nil }
|
|
|
|
let(:agent_connect_id_token) { 'qwerty' }
|
|
|
|
|
|
|
|
it 'redirect to agent connect logout page' do
|
|
|
|
expect(response.location).to include(agent_connect_id_token)
|
|
|
|
expect(instructeur.reload.agent_connect_id_token).to be_nil
|
|
|
|
end
|
|
|
|
end
|
2015-10-07 14:18:55 +02:00
|
|
|
end
|
2016-05-26 15:59:50 +02:00
|
|
|
|
2018-03-20 16:00:30 +01:00
|
|
|
describe '#new' do
|
2016-05-26 15:59:50 +02:00
|
|
|
subject { get :new }
|
|
|
|
|
2019-01-14 16:25:48 +01:00
|
|
|
it { expect(subject.status).to eq 200 }
|
2016-05-26 15:59:50 +02:00
|
|
|
|
2019-01-14 16:25:48 +01:00
|
|
|
context 'when a procedure location has been stored' do
|
|
|
|
let(:procedure) { create :procedure, :published }
|
2016-06-09 17:49:38 +02:00
|
|
|
|
2019-01-14 16:25:48 +01:00
|
|
|
before do
|
2019-01-16 16:16:15 +01:00
|
|
|
controller.store_location_for(:user, commencer_path(path: procedure.path))
|
2016-06-09 17:49:38 +02:00
|
|
|
end
|
|
|
|
|
2019-01-14 16:25:48 +01:00
|
|
|
it 'makes the saved procedure available' do
|
|
|
|
expect(subject.status).to eq 200
|
|
|
|
expect(assigns(:procedure)).to eq procedure
|
2016-05-26 15:59:50 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2018-10-03 11:11:02 +02:00
|
|
|
|
|
|
|
describe '#sign_in_by_link' do
|
2019-08-06 11:02:54 +02:00
|
|
|
context 'when the instructeur has non other account' do
|
|
|
|
let(:instructeur) { create(:instructeur) }
|
|
|
|
let!(:good_jeton) { instructeur.create_trusted_device_token }
|
2019-08-27 10:05:12 +02:00
|
|
|
let(:jeton) { good_jeton }
|
2019-02-01 17:17:10 +01:00
|
|
|
let(:logged) { false }
|
2019-08-27 10:04:12 +02:00
|
|
|
let(:valid_token) { true }
|
2019-01-03 16:00:58 +01:00
|
|
|
|
2018-10-03 11:11:02 +02:00
|
|
|
before do
|
2019-02-01 17:17:10 +01:00
|
|
|
if logged
|
2019-08-07 11:15:16 +02:00
|
|
|
sign_in(instructeur.user)
|
2019-02-01 17:17:10 +01:00
|
|
|
end
|
2018-10-30 18:24:29 +01:00
|
|
|
allow(controller).to receive(:trust_device)
|
2019-02-01 17:17:10 +01:00
|
|
|
allow(controller).to receive(:send_login_token_or_bufferize)
|
2019-08-27 10:04:12 +02:00
|
|
|
allow_any_instance_of(TrustedDeviceToken).to receive(:token_valid?).and_return(valid_token)
|
2019-08-06 11:02:54 +02:00
|
|
|
post :sign_in_by_link, params: { id: instructeur.id, jeton: jeton }
|
2018-10-03 11:11:02 +02:00
|
|
|
end
|
|
|
|
|
2019-08-06 11:02:54 +02:00
|
|
|
context 'when the instructeur is not logged in' do
|
2019-02-01 17:17:10 +01:00
|
|
|
context 'when the token is valid' do
|
|
|
|
it { is_expected.to redirect_to new_user_session_path }
|
2019-08-06 11:02:54 +02:00
|
|
|
it { expect(controller.current_instructeur).to be_nil }
|
2019-02-01 17:17:10 +01:00
|
|
|
it { expect(controller).to have_received(:trust_device) }
|
|
|
|
end
|
2018-10-03 11:11:02 +02:00
|
|
|
|
2019-02-01 17:17:10 +01:00
|
|
|
context 'when the token is invalid' do
|
2019-08-27 10:04:12 +02:00
|
|
|
let(:valid_token) { false }
|
2018-10-03 11:11:02 +02:00
|
|
|
|
2019-08-06 11:02:54 +02:00
|
|
|
it { is_expected.to redirect_to link_sent_path(email: instructeur.email) }
|
|
|
|
it { expect(controller.current_instructeur).to be_nil }
|
2019-02-01 17:17:10 +01:00
|
|
|
it { expect(controller).not_to have_received(:trust_device) }
|
|
|
|
it { expect(controller).to have_received(:send_login_token_or_bufferize) }
|
|
|
|
end
|
2019-08-27 10:21:06 +02:00
|
|
|
|
|
|
|
context 'when the token does not exist' do
|
|
|
|
let(:jeton) { 'I do not exist' }
|
|
|
|
|
|
|
|
it { is_expected.to redirect_to root_path }
|
|
|
|
it { expect(controller.current_instructeur).to be_nil }
|
|
|
|
it { expect(controller).not_to have_received(:trust_device) }
|
|
|
|
it { expect(controller).not_to have_received(:send_login_token_or_bufferize) }
|
|
|
|
it { expect(flash.alert).to eq('Votre lien est invalide.') }
|
|
|
|
end
|
2018-10-03 11:11:02 +02:00
|
|
|
end
|
|
|
|
|
2019-08-06 11:02:54 +02:00
|
|
|
context 'when the instructeur is logged in' do
|
2019-02-01 17:17:10 +01:00
|
|
|
let(:logged) { true }
|
2018-10-03 11:11:02 +02:00
|
|
|
|
2019-02-01 17:17:10 +01:00
|
|
|
context 'when the token is valid' do
|
2019-08-06 11:02:54 +02:00
|
|
|
# redirect to root_path, then redirect to instructeur_procedures_path (see root_controller)
|
2019-02-01 17:17:10 +01:00
|
|
|
it { is_expected.to redirect_to root_path }
|
2019-08-06 11:02:54 +02:00
|
|
|
it { expect(controller.current_instructeur).to eq(instructeur) }
|
2019-02-01 17:17:10 +01:00
|
|
|
it { expect(controller).to have_received(:trust_device) }
|
|
|
|
end
|
2018-10-03 11:11:02 +02:00
|
|
|
|
2019-02-01 17:17:10 +01:00
|
|
|
context 'when the token is invalid' do
|
2019-08-27 10:04:12 +02:00
|
|
|
let(:valid_token) { false }
|
2018-10-03 11:11:02 +02:00
|
|
|
|
2019-08-06 11:02:54 +02:00
|
|
|
it { is_expected.to redirect_to link_sent_path(email: instructeur.email) }
|
|
|
|
it { expect(controller.current_instructeur).to eq(instructeur) }
|
2019-02-01 17:17:10 +01:00
|
|
|
it { expect(controller).not_to have_received(:trust_device) }
|
|
|
|
it { expect(controller).to have_received(:send_login_token_or_bufferize) }
|
|
|
|
end
|
2018-10-03 11:11:02 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2018-10-30 18:24:29 +01:00
|
|
|
|
|
|
|
describe '#trust_device and #trusted_device?' do
|
|
|
|
subject { controller.trusted_device? }
|
|
|
|
|
|
|
|
context 'when the trusted cookie is not present' do
|
|
|
|
it { is_expected.to be false }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the cookie is outdated' do
|
|
|
|
before do
|
2019-02-04 11:57:50 +01:00
|
|
|
emission_date = Time.zone.now - TrustedDeviceConcern::TRUSTED_DEVICE_PERIOD - 1.minute
|
|
|
|
controller.trust_device(emission_date)
|
2018-10-30 18:24:29 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
it { is_expected.to be false }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the cookie is ok' do
|
2019-02-01 17:17:10 +01:00
|
|
|
before { controller.trust_device(Time.zone.now) }
|
2018-10-30 18:24:29 +01:00
|
|
|
|
|
|
|
it { is_expected.to be true }
|
|
|
|
end
|
|
|
|
end
|
2021-12-15 13:44:12 +01:00
|
|
|
|
|
|
|
describe '#link_sent' do
|
|
|
|
render_views
|
|
|
|
|
2024-02-27 18:52:59 +01:00
|
|
|
before { get :link_sent, params: { email: signed_email } }
|
|
|
|
|
|
|
|
let(:signed_email) { controller.message_verifier.generate(link_email, purpose: :reset_link) }
|
2021-12-15 13:44:12 +01:00
|
|
|
|
|
|
|
context 'when the email is legit' do
|
|
|
|
let(:link_email) { 'a@a.com' }
|
|
|
|
|
|
|
|
it { expect(response.body).to include(link_email) }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the email is evil' do
|
2022-03-24 12:38:32 +01:00
|
|
|
[
|
|
|
|
'Hello, I am an evil email',
|
|
|
|
'a@a%C2%A0evil%C2%A0text%C2%A0with%C2%A0spaces'
|
|
|
|
].each do |evil_attempt|
|
|
|
|
let(:link_email) { evil_attempt }
|
2021-12-15 13:44:12 +01:00
|
|
|
|
2022-03-24 12:38:32 +01:00
|
|
|
it { expect(response).to redirect_to(root_path) }
|
|
|
|
end
|
2021-12-15 13:44:12 +01:00
|
|
|
end
|
|
|
|
end
|
2023-08-29 16:41:45 +02:00
|
|
|
|
|
|
|
describe '#reset_link_sent' do
|
|
|
|
let(:instructeur) { create(:instructeur, user: user) }
|
|
|
|
before { sign_in(user) }
|
|
|
|
subject { post :reset_link_sent }
|
|
|
|
|
|
|
|
context 'when the instructeur is signed without trust_device_token' do
|
|
|
|
it 'send InstructeurMailer.send_login_token' do
|
|
|
|
expect(InstructeurMailer).to receive(:send_login_token).with(instructeur, anything).and_return(double(deliver_later: true))
|
|
|
|
expect { subject }.to change { instructeur.trusted_device_tokens.count }.by(1)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the instructeur is signed with an young trust_device_token' do
|
|
|
|
before { instructeur.create_trusted_device_token }
|
|
|
|
it 'doesnot send InstructeurMailer.send_login_token' do
|
|
|
|
expect(InstructeurMailer).not_to receive(:send_login_token)
|
|
|
|
expect { subject }.to change { instructeur.trusted_device_tokens.count }.by(0)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the instructeur is signed with an old trust_device_token' do
|
|
|
|
let(:token) { instructeur.create_trusted_device_token }
|
|
|
|
before do
|
|
|
|
travel_to 15.minutes.from_now
|
|
|
|
end
|
|
|
|
it 'send InstructeurMailer.send_login_token' do
|
|
|
|
expect(InstructeurMailer).to receive(:send_login_token).with(instructeur, anything).and_return(double(deliver_later: true))
|
|
|
|
expect { subject }.to change { instructeur.trusted_device_tokens.count }.by(1)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-10-11 11:12:45 +02:00
|
|
|
end
|