diff options
Diffstat (limited to 'spec/requests/sessions_spec.rb')
| -rw-r--r-- | spec/requests/sessions_spec.rb | 42 |
1 files changed, 19 insertions, 23 deletions
diff --git a/spec/requests/sessions_spec.rb b/spec/requests/sessions_spec.rb index 8e069427678..3428e607305 100644 --- a/spec/requests/sessions_spec.rb +++ b/spec/requests/sessions_spec.rb @@ -5,9 +5,9 @@ require 'spec_helper' RSpec.describe 'Sessions', feature_category: :system_access do include SessionHelpers - context 'authentication', :allow_forgery_protection do - let(:user) { create(:user) } + let(:user) { create(:user) } + context 'for authentication', :allow_forgery_protection do it 'logout does not require a csrf token' do login_as(user) @@ -17,29 +17,36 @@ RSpec.describe 'Sessions', feature_category: :system_access do end end - describe 'about_gitlab_active_user' do - before do - allow(::Gitlab).to receive(:com?).and_return(true) - end - - let(:user) { create(:user) } + describe 'gitlab_user cookie', :saas do + let_it_be(:user) { create(:user) } context 'when user signs in' do it 'sets marketing cookie' do post user_session_path(user: { login: user.username, password: user.password }) - expect(response.cookies['about_gitlab_active_user']).to be_present + expect(response.cookies['gitlab_user']).to be_present end end context 'when user uses remember_me' do it 'sets marketing cookie' do post user_session_path(user: { login: user.username, password: user.password, remember_me: true }) - expect(response.cookies['about_gitlab_active_user']).to be_present + expect(response.cookies['gitlab_user']).to be_present + end + end + + context 'when user has pending invitations' do + it 'accepts the invitations and stores a user location' do + create(:group_member, :invited, invite_email: user.email) + member = create(:group_member, :invited, invite_email: user.email) + + post user_session_path(user: { login: user.username, password: user.password }) + + expect(response).to redirect_to(activity_group_path(member.source)) end end context 'when using two-factor authentication via OTP' do - let(:user) { create(:user, :two_factor, :invalid) } + let_it_be(:user) { create(:user, :two_factor, :invalid) } let(:user_params) { { login: user.username, password: user.password } } def authenticate_2fa(otp_attempt:) @@ -67,17 +74,6 @@ RSpec.describe 'Sessions', feature_category: :system_access do end end - context 'when user signs out' do - before do - post user_session_path(user: { login: user.username, password: user.password }) - end - - it 'deletes marketing cookie' do - post(destroy_user_session_path) - expect(response.cookies['about_gitlab_active_user']).to be_nil - end - end - context 'when user is not using GitLab SaaS' do before do allow(::Gitlab).to receive(:com?).and_return(false) @@ -85,7 +81,7 @@ RSpec.describe 'Sessions', feature_category: :system_access do it 'does not set marketing cookie' do post user_session_path(user: { login: user.username, password: user.password }) - expect(response.cookies['about_gitlab_active_user']).to be_nil + expect(response.cookies['gitlab_user']).to be_nil end end end |