diff --git a/README.md b/README.md index e47a09f..ef44683 100644 --- a/README.md +++ b/README.md @@ -100,6 +100,13 @@ This happens when the 'pepper' key defined in config/initializers/devise.rb does not match the one on your old server. Simply update the pepper and restart the application. +___ + +I am getting an undefined method 'devise' on the app/modles/user.rb object when running tests or trying to start the service. + +This happens when you have not created a copy of the devise.rb.example initializer file. To correct it copy the file and update its parameters accordingly: +> > cp config/initializers/devise.rb.example config/initializers/devise.rb + #### Support Issues should be reported here on [Github Issues](https://github.com/DMPRoadmap/roadmap/issues) Please be advised though that we can only provide limited support for your local installations. diff --git a/app/views/shared/_register_form.html.erb b/app/views/shared/_register_form.html.erb index b026327..fd9150e 100644 --- a/app/views/shared/_register_form.html.erb +++ b/app/views/shared/_register_form.html.erb @@ -20,6 +20,10 @@ <%= f.text_field :surname, placeholder: t('helpers.last_name'), :as => :string, :class => 'text_field' %> <% end %> + <% if resource.user_identifiers.count > 0 %> + <% scheme = resource.user_identifiers.identifier_scheme.name %> + <%= f.hidden_field "user_identifiers[#{scheme}]" value: resource.user_identifiers.first.identifier%> + <% end %>
  • <%= collection_select(:user, :organisation_id, Organisation.where("parent_id IS NULL").order("sort_name ASC, name ASC"), :id, :name, {include_blank: constant("organisation_types.organisation")}, { :class => 'typeahead org_sign_up' }) %>
    • diff --git a/test/functional/registrations_controller_test.rb b/test/functional/registrations_controller_test.rb new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/test/functional/registrations_controller_test.rb diff --git a/test/functional/users/omniauth_callbacks_controller_test.rb b/test/functional/users/omniauth_callbacks_controller_test.rb index e2e43da..0ea505a 100644 --- a/test/functional/users/omniauth_callbacks_controller_test.rb +++ b/test/functional/users/omniauth_callbacks_controller_test.rb @@ -24,12 +24,14 @@ # ------------------------------------------------------------- test "User is not signed in and valid OAuth2 response does not match a User record in DB: should redirect to registration page" do - @schemes.each do |scheme| post @callback_uris[scheme.name] assert_equal I18n.t('identifier_schemes.new_login_success'), flash[:notice], "Expected a success message when simulating a valid callback from #{scheme.name}" assert_redirected_to "#{new_user_registration_url}?locale=#{I18n.locale}", "Expected a redirect to the registration page when the user is not logged in and we received a valid callback from #{scheme.name}" + + # make sure that the omniauth identifier is a hidden field on the registration page + assert_not "#user_identifiers[#{scheme.name}]".nil? end end @@ -58,6 +60,10 @@ assert_equal I18n.t('identifier_schemes.connect_success').gsub('%{scheme}', scheme.name), flash[:notice], "Expected a success message when simulating a valid callback from #{scheme.name}" assert_redirected_to "#{edit_user_registration_path}?locale=#{I18n.locale}", "Expected a redirect to the edit profile page, #{projects_url}, when omniauth returns with a valid identifier for a user that is already signed in!" + + # reload the user record and make sure the omniauth value was attached to their record + usr = User.find(@user) + assert_equal usr.user_identifiers.find_by(identifier_scheme: scheme).identifier, 'foo:bar' end end diff --git a/test/integration/authentication_test.rb b/test/integration/authentication_test.rb new file mode 100644 index 0000000..c416898 --- /dev/null +++ b/test/integration/authentication_test.rb @@ -0,0 +1,80 @@ +require 'test_helper' + +class AuthenticationFlowTest < ActionDispatch::IntegrationTest + + setup do + @user = User.first + end + + # ---------------------------------------------------------- + test 'can sign in with valid email and password' do + get root_path + assert_response :success + + sign_in + + # Make sure that the user is sent to the page that lists their plans + assert_response :success + assert_select '.main_page_content h1', I18n.t('helpers.project.projects_title') + end + + # ---------------------------------------------------------- + test 'can sign in with shibboleth' do + + end + + # ---------------------------------------------------------- + test 'can sign out' do + get root_path + assert_response :success + + sign_in + + delete destroy_user_session_path + + assert_response :redirect + follow_redirect! + + # Make sure that the user is sent to the page that lists their plans + assert_response :success + assert_select '.welcome-message h2', I18n.t('welcome_title') + end + + # ---------------------------------------------------------- + test 'can NOT sign in with an invalid email and/or password' do + get root_path + assert_response :success + + users = [{email: @user.email, password: 'bAd_pas$word1', remember_me: true}, + {email: 'unknown@institution.org', password: 'password123', remember_me: true}] + + users.each do |params| + post user_session_path, user: params + + assert_response :redirect + follow_redirect! + + # Make sure that the user is sent to the page that lists their plans + assert_response :success + assert_select '.welcome-message h2', I18n.t('welcome_title') + end + end + + + private + # ---------------------------------------------------------- + def sign_in + post user_session_path, user: { + email: @user.email, + password: 'password123', + remember_me: false + } + + # The Devise auth gem will end up performing 2 redirects while generating the user's + # session and sending them to the main landing page + 2.times do + assert_response :redirect + follow_redirect! + end + end +end