diff options
author | Patricio Cano <suprnova32@gmail.com> | 2016-07-14 21:19:40 +0300 |
---|---|---|
committer | Patricio Cano <suprnova32@gmail.com> | 2016-07-19 01:52:29 +0300 |
commit | defb8660c08a904a385b584280f72fc6a5a94c6e (patch) | |
tree | 1a93c424e4ad3ffb3d18350fdaaaa6c43879bad1 /spec/models/user_spec.rb | |
parent | 777a080892f710915c8f4d62864813ef388a1873 (diff) |
Added the ability to block sign ups using a domain blacklist.
Diffstat (limited to 'spec/models/user_spec.rb')
-rw-r--r-- | spec/models/user_spec.rb | 53 |
1 files changed, 50 insertions, 3 deletions
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index fc74488ac0e..79f77d116a7 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -89,7 +89,7 @@ describe User, models: true do end describe 'email' do - context 'when no signup domains listed' do + context 'when no signup domains white listed' do before do allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return([]) end @@ -100,7 +100,7 @@ describe User, models: true do end end - context 'when a signup domain is listed and subdomains are allowed' do + context 'when a signup domain is white listed and subdomains are allowed' do before do allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['example.com', '*.example.com']) end @@ -121,7 +121,7 @@ describe User, models: true do end end - context 'when a signup domain is listed and subdomains are not allowed' do + context 'when a signup domain is white listed and subdomains are not allowed' do before do allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['example.com']) end @@ -142,6 +142,53 @@ describe User, models: true do end end + context 'domain blacklist' do + before do + allow_any_instance_of(ApplicationSetting).to receive(:domain_blacklist_enabled?).and_return(true) + allow_any_instance_of(ApplicationSetting).to receive(:domain_blacklist).and_return(['example.com']) + end + + context 'when a signup domain is black listed' do + it 'accepts info@test.com' do + user = build(:user, email: 'info@test.com') + expect(user).to be_valid + end + + it 'rejects info@example.com' do + user = build(:user, email: 'info@example.com') + expect(user).not_to be_valid + end + end + + context 'when a signup domain is black listed but a wildcard subdomain is allowed' do + before do + allow_any_instance_of(ApplicationSetting).to receive(:domain_blacklist).and_return(['test.example.com']) + allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['*.example.com']) + end + + it 'should give priority to whitelist and allow info@test.example.com' do + user = build(:user, email: 'info@test.example.com') + expect(user).to be_valid + end + end + + context 'with both lists containing a domain' do + before do + allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['test.com']) + end + + it 'accepts info@test.com' do + user = build(:user, email: 'info@test.com') + expect(user).to be_valid + end + + it 'rejects info@example.com' do + user = build(:user, email: 'info@example.com') + expect(user).not_to be_valid + end + end + end + context 'owns_notification_email' do it 'accepts temp_oauth_email emails' do user = build(:user, email: "temp-email-for-oauth@example.com") |