2024-04-29 00:17:15 +02:00
|
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2023-11-06 15:15:51 +01:00
|
|
|
|
describe 'Managing password:', js: true do
|
2019-08-14 17:26:47 +02:00
|
|
|
|
context 'for simple users' do
|
|
|
|
|
let(:user) { create(:user) }
|
2024-09-03 17:45:37 +02:00
|
|
|
|
let(:new_password) { 'a new, long, and complicated password!' }
|
2019-08-14 17:26:47 +02:00
|
|
|
|
|
|
|
|
|
scenario 'a simple user can reset their password' do
|
|
|
|
|
visit root_path
|
2022-08-18 17:06:58 +02:00
|
|
|
|
within('.fr-header .fr-container .fr-header__tools .fr-btns-group') do
|
2022-10-05 16:38:49 +02:00
|
|
|
|
click_on 'Se connecter'
|
2022-08-18 17:06:58 +02:00
|
|
|
|
end
|
2021-04-15 17:37:23 +02:00
|
|
|
|
click_on 'Mot de passe oublié ?'
|
2019-08-14 17:26:47 +02:00
|
|
|
|
expect(page).to have_current_path(new_user_password_path)
|
|
|
|
|
|
2023-08-30 18:39:17 +02:00
|
|
|
|
fill_in 'Adresse électronique', with: user.email
|
2019-08-14 17:26:47 +02:00
|
|
|
|
perform_enqueued_jobs do
|
2021-04-15 17:18:27 +02:00
|
|
|
|
click_on 'Demander un nouveau mot de passe'
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|
2023-05-10 18:46:49 +02:00
|
|
|
|
expect(page).to have_text 'nous vous avons envoyé un email'
|
2021-04-22 12:07:35 +02:00
|
|
|
|
expect(page).to have_text user.email
|
2019-08-14 17:26:47 +02:00
|
|
|
|
|
|
|
|
|
click_reset_password_link_for user.email
|
|
|
|
|
expect(page).to have_content 'Changement de mot de passe'
|
|
|
|
|
|
|
|
|
|
fill_in 'user_password', with: new_password
|
|
|
|
|
fill_in 'user_password_confirmation', with: new_password
|
|
|
|
|
click_on 'Changer le mot de passe'
|
2020-09-01 15:28:31 +02:00
|
|
|
|
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for admins' do
|
2024-06-01 22:50:48 +02:00
|
|
|
|
let(:administrateur) { administrateurs(:default_admin) }
|
2021-09-02 21:20:30 +02:00
|
|
|
|
let(:user) { administrateur.user }
|
2024-09-16 14:58:37 +02:00
|
|
|
|
let(:weak_password) { '000000000000' }
|
2021-09-02 21:20:30 +02:00
|
|
|
|
let(:strong_password) { 'a new, long, and complicated password!' }
|
2019-08-14 17:26:47 +02:00
|
|
|
|
|
2024-09-10 23:53:04 +02:00
|
|
|
|
scenario 'an admin can reset their password' do
|
2019-08-14 17:26:47 +02:00
|
|
|
|
visit root_path
|
2022-08-18 17:06:58 +02:00
|
|
|
|
within('.fr-header .fr-container .fr-header__tools .fr-btns-group') do
|
2022-10-05 16:38:49 +02:00
|
|
|
|
click_on 'Se connecter'
|
2022-08-18 17:06:58 +02:00
|
|
|
|
end
|
2021-04-15 17:37:23 +02:00
|
|
|
|
click_on 'Mot de passe oublié ?'
|
2019-08-14 17:26:47 +02:00
|
|
|
|
expect(page).to have_current_path(new_user_password_path)
|
|
|
|
|
|
2023-08-30 18:39:17 +02:00
|
|
|
|
fill_in 'Adresse électronique', with: user.email
|
2019-08-14 17:26:47 +02:00
|
|
|
|
perform_enqueued_jobs do
|
2021-04-15 17:18:27 +02:00
|
|
|
|
click_on 'Demander un nouveau mot de passe'
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|
2023-05-10 18:46:49 +02:00
|
|
|
|
expect(page).to have_text 'nous vous avons envoyé un email'
|
2021-04-22 12:07:35 +02:00
|
|
|
|
expect(page).to have_text user.email
|
2019-08-14 17:26:47 +02:00
|
|
|
|
|
|
|
|
|
click_reset_password_link_for user.email
|
|
|
|
|
|
|
|
|
|
expect(page).to have_content 'Changement de mot de passe'
|
|
|
|
|
|
2021-09-02 21:20:30 +02:00
|
|
|
|
fill_in 'user_password', with: weak_password
|
|
|
|
|
fill_in 'user_password_confirmation', with: weak_password
|
|
|
|
|
expect(page).to have_text('Mot de passe très vulnérable')
|
|
|
|
|
expect(page).to have_button('Changer le mot de passe', disabled: true)
|
|
|
|
|
|
|
|
|
|
fill_in 'user_password', with: strong_password
|
|
|
|
|
fill_in 'user_password_confirmation', with: strong_password
|
|
|
|
|
expect(page).to have_text('Mot de passe suffisamment fort et sécurisé')
|
|
|
|
|
expect(page).to have_button('Changer le mot de passe', disabled: false)
|
|
|
|
|
|
2019-08-14 17:26:47 +02:00
|
|
|
|
click_on 'Changer le mot de passe'
|
2020-09-01 15:28:31 +02:00
|
|
|
|
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|
|
|
|
|
end
|
2021-09-02 21:21:10 +02:00
|
|
|
|
|
|
|
|
|
context 'for super-admins' do
|
|
|
|
|
let(:super_admin) { create(:super_admin) }
|
2024-09-16 14:58:37 +02:00
|
|
|
|
let(:weak_password) { '000000000000' }
|
2021-09-02 21:21:10 +02:00
|
|
|
|
let(:strong_password) { 'a new, long, and complicated password!' }
|
|
|
|
|
|
2024-09-10 23:53:04 +02:00
|
|
|
|
scenario 'a super-admin can reset their password' do
|
2021-09-02 21:21:10 +02:00
|
|
|
|
visit manager_root_path
|
|
|
|
|
click_on 'Mot de passe oublié'
|
|
|
|
|
expect(page).to have_current_path(new_super_admin_password_path)
|
|
|
|
|
|
2023-08-30 18:39:17 +02:00
|
|
|
|
fill_in 'Adresse électronique', with: super_admin.email
|
2021-09-02 21:21:10 +02:00
|
|
|
|
perform_enqueued_jobs do
|
|
|
|
|
click_on 'Demander un nouveau mot de passe'
|
|
|
|
|
end
|
|
|
|
|
expect(page).to have_text 'vous recevrez un lien vous permettant de récupérer votre mot de passe'
|
|
|
|
|
|
|
|
|
|
click_reset_password_link_for super_admin.email
|
|
|
|
|
|
|
|
|
|
expect(page).to have_content 'Changement de mot de passe'
|
|
|
|
|
|
|
|
|
|
fill_in 'super_admin_password', with: weak_password
|
2021-08-27 06:29:18 +02:00
|
|
|
|
fill_in 'super_admin_password_confirmation', with: weak_password
|
2021-09-02 21:21:10 +02:00
|
|
|
|
expect(page).to have_text('Mot de passe très vulnérable')
|
|
|
|
|
expect(page).to have_button('Changer le mot de passe', disabled: true)
|
|
|
|
|
|
|
|
|
|
fill_in 'super_admin_password', with: strong_password
|
2021-08-27 06:29:18 +02:00
|
|
|
|
fill_in 'super_admin_password_confirmation', with: strong_password
|
2021-09-02 21:21:10 +02:00
|
|
|
|
expect(page).to have_text('Mot de passe suffisamment fort et sécurisé')
|
|
|
|
|
expect(page).to have_button('Changer le mot de passe', disabled: false)
|
|
|
|
|
|
|
|
|
|
click_on 'Changer le mot de passe'
|
|
|
|
|
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
|
|
|
|
end
|
|
|
|
|
end
|
2021-09-16 18:42:18 +02:00
|
|
|
|
|
|
|
|
|
scenario 'the password reset token has expired' do
|
|
|
|
|
visit edit_user_password_path(reset_password_token: 'invalid-password-token')
|
|
|
|
|
expect(page).to have_content 'Changement de mot de passe'
|
|
|
|
|
|
2024-09-16 14:58:37 +02:00
|
|
|
|
fill_in 'user_password', with: SECURE_PASSWORD
|
|
|
|
|
fill_in 'user_password_confirmation', with: SECURE_PASSWORD
|
2021-09-16 18:42:18 +02:00
|
|
|
|
click_on 'Changer le mot de passe'
|
|
|
|
|
expect(page).to have_content('Votre lien de nouveau mot de passe a expiré')
|
|
|
|
|
end
|
2019-08-14 17:26:47 +02:00
|
|
|
|
end
|