diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-02-05 07:33:24 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-02-05 07:33:24 +0000 |
| commit | 5d70fce6ce4c481f058fc1b89d567c1389cb7e54 (patch) | |
| tree | fe7c5a9602d73ef312b544783efb0ff645bc7f1d /test/functional/email_addresses_controller_test.rb | |
| parent | 40e6a74d4834f171bd8080dce39c587d84fb86da (diff) | |
| download | redmine-5d70fce6ce4c481f058fc1b89d567c1389cb7e54.tar.gz redmine-5d70fce6ce4c481f058fc1b89d567c1389cb7e54.zip | |
Security notifications when password or email adress is changed (#21421).
Patch by Jan Schulz-Hofen.
git-svn-id: http://svn.redmine.org/redmine/trunk@15145 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/functional/email_addresses_controller_test.rb')
| -rw-r--r-- | test/functional/email_addresses_controller_test.rb | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/test/functional/email_addresses_controller_test.rb b/test/functional/email_addresses_controller_test.rb index 7c52d9c1d..3d2d6dea2 100644 --- a/test/functional/email_addresses_controller_test.rb +++ b/test/functional/email_addresses_controller_test.rb @@ -92,6 +92,22 @@ class EmailAddressesControllerTest < ActionController::TestCase end end + def test_create_should_send_security_notification + @request.session[:user_id] = 2 + ActionMailer::Base.deliveries.clear + post :create, :user_id => 2, :email_address => {:address => 'something@example.fr'} + + assert_not_nil (mail = ActionMailer::Base.deliveries.last) + assert_mail_body_match '0.0.0.0', mail + assert_mail_body_match I18n.t(:mail_body_security_notification_add, field: I18n.t(:field_mail), value: 'something@example.fr'), mail + assert_select_email do + assert_select 'a[href^=?]', 'http://localhost:3000/my/account', :text => 'My account' + end + # The old email address should be notified about a new address for security purposes + assert [mail.bcc, mail.cc].flatten.include?(User.find(2).mail) + assert [mail.bcc, mail.cc].flatten.include?('something@example.fr') + end + def test_update @request.session[:user_id] = 2 email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo') @@ -112,6 +128,21 @@ class EmailAddressesControllerTest < ActionController::TestCase assert_equal false, email.reload.notify end + def test_update_should_send_security_notification + @request.session[:user_id] = 2 + email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo') + + ActionMailer::Base.deliveries.clear + xhr :put, :update, :user_id => 2, :id => email.id, :notify => '0' + + assert_not_nil (mail = ActionMailer::Base.deliveries.last) + assert_mail_body_match I18n.t(:mail_body_security_notification_notify_disabled, value: 'another@somenet.foo'), mail + + # The changed address should be notified for security purposes + assert [mail.bcc, mail.cc].flatten.include?('another@somenet.foo') + end + + def test_destroy @request.session[:user_id] = 2 email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo') @@ -141,4 +172,18 @@ class EmailAddressesControllerTest < ActionController::TestCase assert_response 404 end end + + def test_destroy_should_send_security_notification + @request.session[:user_id] = 2 + email = EmailAddress.create!(:user_id => 2, :address => 'another@somenet.foo') + + ActionMailer::Base.deliveries.clear + xhr :delete, :destroy, :user_id => 2, :id => email.id + + assert_not_nil (mail = ActionMailer::Base.deliveries.last) + assert_mail_body_match I18n.t(:mail_body_security_notification_remove, field: I18n.t(:field_mail), value: 'another@somenet.foo'), mail + + # The removed address should be notified for security purposes + assert [mail.bcc, mail.cc].flatten.include?('another@somenet.foo') + end end |