BigW Consortium Gitlab

session_spec.rb 3.53 KB
Newer Older
1 2
require 'spec_helper'

3
describe API::Session do
4
  let(:user) { create(:user) }
5 6 7

  describe "POST /session" do
    context "when valid password" do
8
      it "returns private token" do
9
        post api("/session"), email: user.email, password: '12345678'
10
        expect(response).to have_http_status(201)
11

12 13
        expect(json_response['email']).to eq(user.email)
        expect(json_response['private_token']).to eq(user.private_token)
14
        expect(json_response['is_admin']).to eq(user.admin?)
15 16
        expect(json_response['can_create_project']).to eq(user.can_create_project?)
        expect(json_response['can_create_group']).to eq(user.can_create_group?)
17
      end
18 19 20 21 22 23 24 25

      context 'with 2FA enabled' do
        it 'rejects sign in attempts' do
          user = create(:user, :two_factor)

          post api('/session'), email: user.email, password: user.password

          expect(response).to have_http_status(401)
26
          expect(response.body).to include('You have 2FA enabled.')
27 28
        end
      end
29 30
    end

31
    context 'when email has case-typo and password is valid' do
32
      it 'returns private token' do
33 34 35 36 37
        post api('/session'), email: user.email.upcase, password: '12345678'
        expect(response.status).to eq 201

        expect(json_response['email']).to eq user.email
        expect(json_response['private_token']).to eq user.private_token
38
        expect(json_response['is_admin']).to eq user.admin?
39 40 41 42 43 44
        expect(json_response['can_create_project']).to eq user.can_create_project?
        expect(json_response['can_create_group']).to eq user.can_create_group?
      end
    end

    context 'when login has case-typo and password is valid' do
45
      it 'returns private token' do
46 47 48 49 50
        post api('/session'), login: user.username.upcase, password: '12345678'
        expect(response.status).to eq 201

        expect(json_response['email']).to eq user.email
        expect(json_response['private_token']).to eq user.private_token
51
        expect(json_response['is_admin']).to eq user.admin?
52 53 54 55 56
        expect(json_response['can_create_project']).to eq user.can_create_project?
        expect(json_response['can_create_group']).to eq user.can_create_group?
      end
    end

57
    context "when invalid password" do
58
      it "returns authentication error" do
59
        post api("/session"), email: user.email, password: '123'
60
        expect(response).to have_http_status(401)
61

62 63
        expect(json_response['email']).to be_nil
        expect(json_response['private_token']).to be_nil
64 65 66 67
      end
    end

    context "when empty password" do
68
      it "returns authentication error with email" do
69 70
        post api("/session"), email: user.email

71 72 73 74 75 76 77
        expect(response).to have_http_status(400)
      end

      it "returns authentication error with username" do
        post api("/session"), email: user.username

        expect(response).to have_http_status(400)
78 79
      end
    end
80 81

    context "when empty name" do
82
      it "returns authentication error" do
83 84
        post api("/session"), password: user.password

85
        expect(response).to have_http_status(400)
86 87
      end
    end
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105

    context "when user is blocked" do
      it "returns authentication error" do
        user.block
        post api("/session"), email: user.username, password: user.password

        expect(response).to have_http_status(401)
      end
    end

    context "when user is ldap_blocked" do
      it "returns authentication error" do
        user.ldap_block
        post api("/session"), email: user.username, password: user.password

        expect(response).to have_http_status(401)
      end
    end
106 107
  end
end