diff options
Diffstat (limited to 'spec/features/users')
| -rw-r--r-- | spec/features/users/anonymous_sessions_spec.rb | 24 | ||||
| -rw-r--r-- | spec/features/users/login_spec.rb | 13 | ||||
| -rw-r--r-- | spec/features/users/show_spec.rb | 59 |
3 files changed, 77 insertions, 19 deletions
diff --git a/spec/features/users/anonymous_sessions_spec.rb b/spec/features/users/anonymous_sessions_spec.rb index 273d3aa346f..6b21412ae3d 100644 --- a/spec/features/users/anonymous_sessions_spec.rb +++ b/spec/features/users/anonymous_sessions_spec.rb @@ -3,6 +3,8 @@ require 'spec_helper' RSpec.describe 'Session TTLs', :clean_gitlab_redis_shared_state do + include SessionHelpers + it 'creates a session with a short TTL when login fails' do visit new_user_session_path # The session key only gets created after a post @@ -12,7 +14,7 @@ RSpec.describe 'Session TTLs', :clean_gitlab_redis_shared_state do expect(page).to have_content('Invalid login or password') - expect_single_session_with_expiration(Settings.gitlab['unauthenticated_session_expire_delay']) + expect_single_session_with_short_ttl end it 'increases the TTL when the login succeeds' do @@ -21,21 +23,17 @@ RSpec.describe 'Session TTLs', :clean_gitlab_redis_shared_state do expect(page).to have_content(user.name) - expect_single_session_with_expiration(Settings.gitlab['session_expire_delay'] * 60) + expect_single_session_with_authenticated_ttl end - def expect_single_session_with_expiration(expiration) - session_keys = get_session_keys - - expect(session_keys.size).to eq(1) - expect(get_ttl(session_keys.first)).to eq expiration - end + context 'with an unauthorized project' do + let_it_be(:project) { create(:project, :repository) } - def get_session_keys - Gitlab::Redis::SharedState.with { |redis| redis.scan_each(match: 'session:gitlab:*').to_a } - end + it 'creates a session with a short TTL' do + visit project_raw_path(project, 'master/README.md') - def get_ttl(key) - Gitlab::Redis::SharedState.with { |redis| redis.ttl(key) } + expect_single_session_with_short_ttl + expect(page).to have_current_path(new_user_session_path) + end end end diff --git a/spec/features/users/login_spec.rb b/spec/features/users/login_spec.rb index 6c38d5d8b24..afd750d02eb 100644 --- a/spec/features/users/login_spec.rb +++ b/spec/features/users/login_spec.rb @@ -2,9 +2,10 @@ require 'spec_helper' -RSpec.describe 'Login' do +RSpec.describe 'Login', :clean_gitlab_redis_shared_state do include TermsHelper include UserLoginHelper + include SessionHelpers before do stub_authentication_activity_metrics(debug: true) @@ -59,6 +60,7 @@ RSpec.describe 'Login' do fill_in 'user_password', with: 'password' click_button 'Sign in' + expect_single_session_with_authenticated_ttl expect(current_path).to eq root_path end @@ -192,6 +194,7 @@ RSpec.describe 'Login' do enter_code(user.current_otp) expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated')) + expect_single_session_with_authenticated_ttl end it 'does not allow sign-in if the user password is updated before entering a one-time code' do @@ -210,6 +213,7 @@ RSpec.describe 'Login' do enter_code(user.current_otp) + expect_single_session_with_authenticated_ttl expect(current_path).to eq root_path end @@ -237,6 +241,8 @@ RSpec.describe 'Login' do expect(page).to have_content('Invalid two-factor code') enter_code(user.current_otp) + + expect_single_session_with_authenticated_ttl expect(current_path).to eq root_path end @@ -353,6 +359,7 @@ RSpec.describe 'Login' do sign_in_using_saml! + expect_single_session_with_authenticated_ttl expect(page).not_to have_content('Two-Factor Authentication') expect(current_path).to eq root_path end @@ -371,6 +378,7 @@ RSpec.describe 'Login' do enter_code(user.current_otp) + expect_single_session_with_authenticated_ttl expect(current_path).to eq root_path end end @@ -391,6 +399,7 @@ RSpec.describe 'Login' do gitlab_sign_in(user) + expect_single_session_with_authenticated_ttl expect(current_path).to eq root_path expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated')) end @@ -402,6 +411,7 @@ RSpec.describe 'Login' do gitlab_sign_in(user) visit new_user_session_path + expect_single_session_with_authenticated_ttl expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated')) end @@ -443,6 +453,7 @@ RSpec.describe 'Login' do gitlab_sign_in(user) + expect_single_session_with_short_ttl expect(page).to have_content('Invalid login or password.') end end diff --git a/spec/features/users/show_spec.rb b/spec/features/users/show_spec.rb index fb2873f1c96..e629d329033 100644 --- a/spec/features/users/show_spec.rb +++ b/spec/features/users/show_spec.rb @@ -5,7 +5,7 @@ require 'spec_helper' RSpec.describe 'User page' do include ExternalAuthorizationServiceHelpers - let_it_be(:user) { create(:user, bio: '**Lorem** _ipsum_ dolor sit [amet](https://example.com)') } + let_it_be(:user) { create(:user, bio: '<b>Lorem</b> <i>ipsum</i> dolor sit <a href="https://example.com">amet</a>') } subject(:visit_profile) { visit(user_path(user)) } @@ -186,7 +186,17 @@ RSpec.describe 'User page' do end context 'with blocked profile' do - let_it_be(:user) { create(:user, state: :blocked) } + let_it_be(:user) do + create( + :user, + state: :blocked, + organization: 'GitLab - work info test', + job_title: 'Frontend Engineer', + pronunciation: 'pruh-nuhn-see-ay-shn' + ) + end + + let_it_be(:status) { create(:user_status, user: user, message: "Working hard!") } it 'shows no tab' do subject @@ -211,7 +221,10 @@ RSpec.describe 'User page' do subject expect(page).not_to have_css(".profile-user-bio") - expect(page).not_to have_css(".profile-link-holder") + expect(page).not_to have_content('GitLab - work info test') + expect(page).not_to have_content('Frontend Engineer') + expect(page).not_to have_content('Working hard!') + expect(page).not_to have_content("Pronounced as: pruh-nuhn-see-ay-shn") end it 'shows username' do @@ -222,7 +235,17 @@ RSpec.describe 'User page' do end context 'with unconfirmed user' do - let_it_be(:user) { create(:user, :unconfirmed) } + let_it_be(:user) do + create( + :user, + :unconfirmed, + organization: 'GitLab - work info test', + job_title: 'Frontend Engineer', + pronunciation: 'pruh-nuhn-see-ay-shn' + ) + end + + let_it_be(:status) { create(:user_status, user: user, message: "Working hard!") } shared_examples 'unconfirmed user profile' do before do @@ -240,7 +263,10 @@ RSpec.describe 'User page' do it 'shows no additional fields' do expect(page).not_to have_css(".profile-user-bio") - expect(page).not_to have_css(".profile-link-holder") + expect(page).not_to have_content('GitLab - work info test') + expect(page).not_to have_content('Frontend Engineer') + expect(page).not_to have_content('Working hard!') + expect(page).not_to have_content("Pronounced as: pruh-nuhn-see-ay-shn") end it 'shows private profile message' do @@ -403,4 +429,27 @@ RSpec.describe 'User page' do end end end + + context 'GPG keys' do + context 'when user has verified GPG keys' do + let_it_be(:user) { create(:user, email: GpgHelpers::User1.emails.first) } + let_it_be(:gpg_key) { create(:gpg_key, user: user, key: GpgHelpers::User1.public_key) } + let_it_be(:gpg_key2) { create(:gpg_key, user: user, key: GpgHelpers::User1.public_key2) } + + it 'shows link to public GPG keys' do + subject + + expect(page).to have_link('View public GPG keys', href: user_gpg_keys_path(user)) + end + end + + context 'when user does not have verified GPG keys' do + it 'does not show link to public GPG keys' do + subject + + expect(page).not_to have_link('View public GPG key', href: user_gpg_keys_path(user)) + expect(page).not_to have_link('View public GPG keys', href: user_gpg_keys_path(user)) + end + end + end end |