mirrors
/
redmine
mirror of https://github.com/redmine/redmine.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 199 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17119 Commits
33 Branches
Tree: 9955844da1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9955844da1'
${ noResults }
redmine/test/functional/email_addresses_controller_...

email_addresses_controller_test.rb 8.1KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305 
  1. # frozen_string_literal: true

  2. 

  3. # Redmine - project management software

  4. # Copyright (C) 2006-2021  Jean-Philippe Lang

  5. #

  6. # This program is free software; you can redistribute it and/or

  7. # modify it under the terms of the GNU General Public License

  8. # as published by the Free Software Foundation; either version 2

  9. # of the License, or (at your option) any later version.

  10. #

  11. # This program is distributed in the hope that it will be useful,

  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  14. # GNU General Public License for more details.

  15. #

  16. # You should have received a copy of the GNU General Public License

  17. # along with this program; if not, write to the Free Software

  18. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19. 

  20. require File.expand_path('../../test_helper', __FILE__)

  21. 

  22. class EmailAddressesControllerTest < Redmine::ControllerTest

  23.   fixtures :users, :email_addresses

  24. 

  25.   def setup

  26.     User.current = nil

  27.   end

  28. 

  29.   def test_index_with_no_additional_emails

  30.     @request.session[:user_id] = 2

  31.     get(:index, :params => {:user_id => 2})

  32.     assert_response :success

  33.   end

  34. 

  35.   def test_index_with_additional_emails

  36.     @request.session[:user_id] = 2

  37.     EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo')

  38. 

  39.     get(:index, :params => {:user_id => 2})

  40.     assert_response :success

  41.     assert_select '.email', :text => 'another@somenet.foo'

  42.   end

  43. 

  44.   def test_index_with_additional_emails_as_js

  45.     @request.session[:user_id] = 2

  46.     EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo')

  47. 

  48.     get(:index, :params => {:user_id => 2}, :xhr => true)

  49.     assert_response :success

  50.     assert_include 'another@somenet.foo', response.body

  51.   end

  52. 

  53.   def test_index_by_admin_should_be_allowed

  54.     @request.session[:user_id] = 1

  55.     get(:index, :params => {:user_id => 2})

  56.     assert_response :success

  57.   end

  58. 

  59.   def test_index_by_another_user_should_be_denied

  60.     @request.session[:user_id] = 3

  61.     get(:index, :params => {:user_id => 2})

  62.     assert_response 403

  63.   end

  64. 

  65.   def test_create

  66.     @request.session[:user_id] = 2

  67.     assert_difference 'EmailAddress.count' do

  68.       post(

  69.         :create,

  70.         :params => {

  71.           :user_id => 2,

  72.           :email_address => {

  73.             :address => 'another@somenet.foo'

  74.           }

  75.         }

  76.       )

  77.       assert_response 302

  78.       assert_redirected_to '/users/2/email_addresses'

  79.     end

  80.     email = EmailAddress.order('id DESC').first

  81.     assert_equal 2, email.user_id

  82.     assert_equal 'another@somenet.foo', email.address

  83.   end

  84. 

  85.   def test_create_as_js

  86.     @request.session[:user_id] = 2

  87.     assert_difference 'EmailAddress.count' do

  88.       post(

  89.         :create,

  90.         :params => {

  91.           :user_id => 2,

  92.           :email_address => {

  93.             :address => 'another@somenet.foo'

  94.           }

  95.         },

  96.         :xhr => true

  97.       )

  98.       assert_response 200

  99.     end

  100.   end

  101. 

  102.   def test_create_with_failure

  103.     @request.session[:user_id] = 2

  104.     assert_no_difference 'EmailAddress.count' do

  105.       post(

  106.         :create,

  107.         :params => {

  108.           :user_id => 2,

  109.           :email_address => {

  110.             :address => 'invalid'

  111.           }

  112.         }

  113.       )

  114.       assert_response :success

  115.       assert_select_error /email is invalid/i

  116.     end

  117.   end

  118. 

  119.   def test_create_with_disallowed_domain_should_fail

  120.     @request.session[:user_id] = 2

  121. 

  122.     with_settings :email_domains_denied => 'black.example' do

  123.       assert_no_difference 'EmailAddress.count' do

  124.         post(

  125.           :create,

  126.           :params => {

  127.             :user_id => 2,

  128.             :email_address => {

  129.               :address => 'another@black.example'

  130.             }

  131.           }

  132.         )

  133.         assert_response :success

  134.         assert_select_error 'Email is invalid'

  135.       end

  136.     end

  137. 

  138.     with_settings :email_domains_allowed => 'white.example' do

  139.       assert_no_difference 'EmailAddress.count' do

  140.         post(

  141.           :create,

  142.           :params => {

  143.             :user_id => 2,

  144.             :email_address => {

  145.               :address => 'something@example.fr'

  146.             }

  147.           }

  148.         )

  149.         assert_response :success

  150.         assert_select_error 'Email is invalid'

  151.       end

  152.     end

  153.   end

  154. 

  155.   def test_create_should_send_security_notification

  156.     @request.session[:user_id] = 2

  157.     ActionMailer::Base.deliveries.clear

  158.     post(

  159.       :create,

  160.       :params => {

  161.         :user_id => 2,

  162.         :email_address => {

  163.           :address => 'something@example.fr'

  164.         }

  165.       }

  166.     )

  167.     mail = ActionMailer::Base.deliveries.last

  168.     assert_not_nil mail

  169.     assert_mail_body_match '0.0.0.0', mail

  170.     assert_mail_body_match I18n.t(:mail_body_security_notification_add, field: I18n.t(:field_mail), value: 'something@example.fr'), mail

  171.     assert_select_email do

  172.       assert_select 'a[href^=?]', 'http://localhost:3000/my/account', :text => 'My account'

  173.     end

  174.     # The old email address should be notified about a new address for security purposes

  175.     assert mail.to.include?(User.find(2).mail)

  176.     assert mail.to.include?('something@example.fr')

  177.   end

  178. 

  179.   def test_update

  180.     @request.session[:user_id] = 2

  181.     email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo')

  182. 

  183.     put(

  184.       :update,

  185.       :params => {

  186.         :user_id => 2,

  187.         :id => email.id,

  188.         :notify => '0'

  189.       }

  190.     )

  191.     assert_response 302

  192. 

  193.     assert_equal false, email.reload.notify

  194.   end

  195. 

  196.   def test_update_as_js

  197.     @request.session[:user_id] = 2

  198.     email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo')

  199. 

  200.     put(

  201.       :update,

  202.       :params => {

  203.         :user_id => 2,

  204.         :id => email.id,

  205.         :notify => '0'

  206.       },

  207.       :xhr => true

  208.     )

  209.     assert_response 200

  210. 

  211.     assert_equal false, email.reload.notify

  212.   end

  213. 

  214.   def test_update_should_send_security_notification

  215.     @request.session[:user_id] = 2

  216.     email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo')

  217. 

  218.     ActionMailer::Base.deliveries.clear

  219.     put(

  220.       :update,

  221.       :params => {

  222.         :user_id => 2,

  223.         :id => email.id,

  224.         :notify => '0'

  225.       },

  226.       :xhr => true

  227.     )

  228.     mail = ActionMailer::Base.deliveries.last

  229.     assert_not_nil mail

  230.     assert_mail_body_match I18n.t(:mail_body_security_notification_notify_disabled, value: 'another@somenet.foo'), mail

  231. 

  232.     # The changed address should be notified for security purposes

  233.     assert mail.to.include?('another@somenet.foo')

  234.   end

  235. 

  236.   def test_destroy

  237.     @request.session[:user_id] = 2

  238.     email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo')

  239. 

  240.     assert_difference 'EmailAddress.count', -1 do

  241.       delete(

  242.         :destroy,

  243.         :params => {

  244.           :user_id => 2,

  245.           :id => email.id

  246.         }

  247.       )

  248.       assert_response 302

  249.       assert_redirected_to '/users/2/email_addresses'

  250.     end

  251.   end

  252. 

  253.   def test_destroy_as_js

  254.     @request.session[:user_id] = 2

  255.     email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo')

  256. 

  257.     assert_difference 'EmailAddress.count', -1 do

  258.       delete(

  259.         :destroy,

  260.         :params => {

  261.           :user_id => 2,

  262.           :id => email.id

  263.         },

  264.         :xhr => true

  265.       )

  266.       assert_response 200

  267.     end

  268.   end

  269. 

  270.   def test_should_not_destroy_default

  271.     @request.session[:user_id] = 2

  272. 

  273.     assert_no_difference 'EmailAddress.count' do

  274.       delete(

  275.         :destroy,

  276.         :params => {

  277.           :user_id => 2,

  278.           :id => User.find(2).email_address.id

  279.         }

  280.       )

  281.       assert_response 404

  282.     end

  283.   end

  284. 

  285.   def test_destroy_should_send_security_notification

  286.     @request.session[:user_id] = 2

  287.     email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo')

  288. 

  289.     ActionMailer::Base.deliveries.clear

  290.     delete(

  291.       :destroy,

  292.       :params => {

  293.         :user_id => 2,

  294.         :id => email.id

  295.       },

  296.       :xhr => true

  297.     )

  298.     mail = ActionMailer::Base.deliveries.last

  299.     assert_not_nil mail

  300.     assert_mail_body_match I18n.t(:mail_body_security_notification_remove, field: I18n.t(:field_mail), value: 'another@somenet.foo'), mail

  301. 

  302.     # The removed address should be notified for security purposes

  303.     assert mail.to.include?('another@somenet.foo')

  304.   end

  305. end