require 'test_helper'
class UserTest < ActiveSupport::TestCase
def setup
scaffold_plan
@user = User.create(email: 'me@example.edu',
password: 'password',
password_confirmation: 'password',
firstname: 'Test',
surname: 'User',
shibboleth_id: 'test-shib',
accept_terms: 'true',
org: Org.last,
api_token: 'ABC123',
language: Language.find_by(abbreviation: I18n.locale))
@notification = Notification.create!(
notification_type: Notification.notification_types[:global],
title: 'notification_1',
level: Notification.levels[:info],
body: 'notification 1',
dismissable: false,
starts_at: Date.today,
expires_at: Date.tomorrow)
end
# ---------------------------------------------------
test "required fields are required" do
assert_not User.new.valid?
assert_not User.new(password: 'password').valid?
assert_not User.new(email: 'me@example.org').valid?
assert_not User.new(firstname: 'test', surname: 'user').valid?
assert_not User.new(firstname: 'test', surname: 'user', password: 'password').valid?
assert_not User.new(firstname: 'test', surname: 'user', email: 'me@example.org').valid?
# Ensure the bar minimum and complete versions are valid
a = User.new(email: 'me_testing@example.edu', password: 'password')
assert a.valid?, "expected 'email' and 'password' to be enough to create a User - #{a.errors.map{|f, m| f.to_s + ' ' + m}.join(', ')}"
assert @user.valid?
end
# ---------------------------------------------------
test "email address must be unique" do
assert_not User.new(email: 'me@example.edu', password: 'password').valid?
end
# ---------------------------------------------------
test "password must be at least 8 characters" do
assert_not User.new(email: 'me@example.org', password: 'pass').valid?
assert_not User.new(email: 'me@example.org', password: 'pass12').valid?
assert_not User.new(email: 'me@example.org', password: 'Pass12').valid?
assert_not User.new(email: 'me@example.org', password: 'Pass12*').valid?
assert User.new(email: 'me@example.org', password: 'Password12*').valid?
assert User.new(email: 'me@example.org', password: 'passwords').valid?
assert User.new(email: 'me@example.org', password: 'Password').valid?
end
# ---------------------------------------------------
test "name returns the correct value" do
# Name should return 'First Last' if we do not specify email
assert @user.name(false).include?(@user.firstname), "expected the first name to be included when specifying non-email"
assert @user.name(false).include?(@user.surname), "expected the last name to be included when specifying non-email"
# Should return email if we do not pass in a variable
assert_equal @user.email, @user.name, "expected the email by default"
# Name should return the email if no first and last are present
@user.firstname = nil
@user.surname = nil
assert_equal @user.email, @user.name(false), "expected the email if there is no first and last name"
end
# ---------------------------------------------------
test "only accepts valid email addresses" do
assert @user.valid?
@user.email = 'testing'
assert_not @user.valid?
@user.email = 'testing.tester.org'
assert_not @user.valid?
@user.email = 'testing@tester'
assert_not @user.valid?
@user.email = 'testing@tester.org'
assert @user.valid?
end
# ---------------------------------------------------
test "api token is removed after call to remove_token" do
@user.api_token = 'ABCDEFGHIJKLMNOP'
@user.save!
assert_equal 'ABCDEFGHIJKLMNOP', @user.reload.api_token, "expected the api_token to have been initialized"
@user.remove_token!
assert_equal '', @user.reload.api_token, "expected the api_token to have been removed"
end
# ---------------------------------------------------
test "api token gets kept or created" do
@user.api_token = 'ABCDEFGHIJKLMNOP'
@user.save!
assert_equal 'ABCDEFGHIJKLMNOP', @user.reload.api_token, "expected the api_token to have been initialized"
@user.keep_or_generate_token!
assert_equal 'ABCDEFGHIJKLMNOP', @user.reload.api_token, "expected the api_token to have been kept"
@user.remove_token!
assert_equal '', @user.reload.api_token, "expected the api_token to have been removed"
@user.keep_or_generate_token!
assert_not_equal '', @user.reload.api_token, "expected the api_token to have been generated"
end
# ---------------------------------------------------
test "responds to all of the authentication options" do
super_admins = User.joins(:perms).where('perms.name = ?', 'add_organisations').to_a
org_admins = User.joins(:perms).where('perms.name = ?', 'modify_templates').to_a
users = User.includes(:perms).where(perms: {id: nil}).to_a
# remove all of the users who also have super_admin privileges
org_admins = org_admins.delete_if{|u| super_admins.include?(u) }
admin_methods = [:can_add_orgs?, :can_change_org?, :can_grant_api_to_orgs?]
org_admin_methods = [:can_grant_permissions?, :can_modify_templates?,
:can_modify_guidance?, :can_use_api?, :can_modify_org_details?]
[:can_super_admin?, :can_org_admin?].each do |auth|
assert_respond_to super_admins.first, auth, "expected User to respond to #{auth}"
end
# Super Admin - permission checks
admin_methods.each do |auth|
#assert super_admins.first.send(auth), "expected that Super Admin #{auth}"
assert_not org_admins.first.send(auth), "did NOT expect that Organisation Admin #{auth}"
assert_not @user.send(auth), "did NOT expect that User #{auth}"
end
# Organisational Admin - permission checks
org_admin_methods.each do |auth|
#assert super_admins.first.send(auth), "expected that the Super Admin #{auth}"
#assert org_admins.first.send(auth), "expected that the Organisational Admin #{auth}"
assert_not @user.send(auth), "did NOT expect that User #{auth}"
end
end
# ---------------------------------------------------
test "new user is active by default" do
assert @user.active?
end
# ---------------------------------------------------
test "can only have one identifier per IdentifierScheme" do
@scheme = IdentifierScheme.first
count = @user.user_identifiers.count
@user.user_identifiers << UserIdentifier.new(identifier_scheme: @scheme, identifier: 'abc')
@user.save!
@user.reload
assert_equal (count + 1), @user.user_identifiers.count, "Expected the initial identifier to be saved"
@user.user_identifiers << UserIdentifier.new(identifier_scheme: @scheme, identifier: 'abc')
assert_not @user.valid?, "Expected to NOT be able to add more than one identifier for the same scheme"
assert_equal (count + 1), @user.user_identifiers.count, "Expected the initial identifier to be saved"
end
# ---------------------------------------------------
test "can find a user via an OAuth response" do
scheme = IdentifierScheme.create!(name: 'tester', active: true)
@user.user_identifiers << UserIdentifier.new(identifier_scheme: scheme, identifier: '12345')
@user.save!
class Auth
def provider
"tester"
end
def uid
"12345"
end
end
assert_equal @user, User.from_omniauth(Auth.new)
class UnknownAuth
def provider
"unknown"
end
def uid
"12345"
end
end
assert_raise "'Unknown OAuth provider: unknown" do
User.from_omniauth(UnknownAuth.new)
end
end
# ---------------------------------------------------
test "Plans query filter is working properly" do
3.times do |i|
plan = Plan.create(title: "My test #{i}", template: @template, visibility: 1)
@user.roles << Role.new(plan: plan, access: 1)
end
@user.save!
plan = @user.plans.filter("2").first
assert_equal "My test 2", plan.title, "Expected the plans filter to search the title"
end
# ---------------------------------------------------
test "Returns the appropriate identifier for the specified scheme" do
3.times do |i|
scheme = IdentifierScheme.create!({name: "test-#{i}", active: true})
@user.user_identifiers << UserIdentifier.new(identifier_scheme: scheme, identifier: i.to_s)
end
@user.save!
3.times do |i|
scheme = IdentifierScheme.find_by(name: "test-#{i}")
assert_equal i.to_s, @user.identifier_for(scheme).identifier, "expected the identifier for #{scheme.name} to be '#{i.to_s}'"
end
end
# ---------------------------------------------------
test "can_super_admin is properly set" do
perms = Perm.where('name IN (?)', ['add_organisations', 'change_org_affiliation', 'grant_api_to_orgs'])
user = User.create!(email: 'tester@example.edu', password: 'password')
assert_not user.can_super_admin?, "expected a user with no permissions to NOT be a super_admin"
perms.each do |p|
last = p
user.perms.delete(last) unless last.nil?
user.perms << p
user.save!
assert user.can_super_admin?, "expected the addition of the #{p.name} perm to enable the user to become a super_admin"
end
user.perms = []
user.save!
user.perms = perms
user.save!
assert user.can_super_admin?, "expected the addition of all the super_admin perms to allow the user to be a super_admin"
end
# ---------------------------------------------------
test "can_org_admin is properly set" do
perms = Perm.where('name IN (?)', ['grant_permissions', 'modify_templates', 'modify_guidance', 'change_org_details'])
user = User.create!(email: 'tester@example.edu', password: 'password')
assert_not user.can_org_admin?, "expected a user with no permissions to NOT be a org_admin"
perms.each do |p|
last = p
user.perms.delete(last) unless last.nil?
user.perms << p
user.save!
assert user.can_org_admin?, "expected the addition of the #{p.name} perm to enable the user to become a org_admin"
end
user.perms = []
user.save!
user.perms = perms
user.save!
assert user.can_org_admin?, "expected the addition of all the super_admin perms to allow the user to be a org_admin"
end
# ---------------------------------------------------
test "can CRUD" do
usr = User.create(email: 'test@testing.org', password: 'testing1234')
assert_not usr.id.nil?, "was expecting to be able to create a new User: #{usr.errors.map{|f, m| f.to_s + ' ' + m}.join(', ')}"
usr.firstname = 'Tester'
usr.save!
usr.reload
assert_equal 'Tester', usr.firstname, "Was expecting to be able to update the firstname of the User!"
assert usr.destroy!, "Was unable to delete the User!"
end
# ---------------------------------------------------
test "can manage has_many relationship with Perms" do
perm = Perm.new(name: 'Added through test')
verify_has_many_relationship(@user, perm, @user.perms.count)
end
# ---------------------------------------------------
test "can manage has_many relationship with UserIdentifiers" do
id = UserIdentifier.new(identifier_scheme: IdentifierScheme.first, identifier: 'tester')
verify_has_many_relationship(@user, id, @user.user_identifiers.count)
end
# ---------------------------------------------------
test "can manage has_many relationship with Roles" do
role = Role.new(plan: @plan, access: 1)
verify_has_many_relationship(@user, role, @user.roles.count)
end
# ---------------------------------------------------
test "can manage has_many relationship with Answers" do
answer = Answer.new(plan: @plan,
question: @plan.template.phases.first.sections.first.questions.first,
text: 'Testing')
verify_has_many_relationship(@user, answer, @user.answers.count)
end
# ---------------------------------------------------
test "can manage has_many relationship with Notes" do
answer = Answer.create(plan: @plan,
question: @plan.template.phases.first.sections.first.questions.first,
text: 'Testing')
note = Note.new(answer: answer, text: 'Testing')
verify_has_many_relationship(@user, note, @user.notes.count)
end
# ---------------------------------------------------
test "can manage has_many relationship with ExportedPlans" do
plan = ExportedPlan.new(plan: @plan, format: ExportedPlan::VALID_FORMATS.last)
verify_has_many_relationship(@user, plan, @user.exported_plans.count)
end
# ---------------------------------------------------
test "can manage belongs_to relationship with Org" do
org = Org.new(name: 'Tester', abbreviation: 'TST', links: {"org":[]})
verify_belongs_to_relationship(@user, org)
end
# ---------------------------------------------------
test "can manage belongs_to relationship with Language" do
language = Language.new(name: 'esperonto', abbreviation: 'zz')
verify_belongs_to_relationship(@user, language)
end
test "after_save removes API token and its perms associated" do
previous_api_token = @user.api_token
@user.perms = [Perm.add_orgs, Perm.grant_permissions]
previous_perms = @user.perms.to_a
@user.org = Org.where.not(id: @user.org_id).first
@user.save
assert_not_equal(previous_api_token, @user.api_token)
assert_not_equal(previous_perms, @user.perms.to_a)
end
test "after_save does not remove API token and its perms associated if user can_change_org" do
previous_api_token = @user.api_token
@user.perms = [Perm.add_orgs, Perm.grant_permissions, Perm.change_affiliation]
previous_perms = @user.perms
@user.org = Org.where.not(id: @user.org_id).first
@user.save
assert_equal(previous_api_token, @user.api_token)
assert_equal(previous_perms, @user.perms)
end
# Cannot dismiss Notifications that are non-dismissable
test 'cannot acknowledge a notification that is not dismissable' do
@user.acknowledge(@notification)
assert_not(@notification.acknowledged?(@user))
end
# Can dismiss Notifications that are dismissable
test 'can acknowledge a notification' do
@notification.update!(dismissable: true)
@user.acknowledge(@notification)
assert(@notification.acknowledged?(@user))
end
end
Quentin Sonrel