BigW Consortium Gitlab

admin_users_spec.rb 7.38 KB
Newer Older
gitlabhq committed
1 2
require 'spec_helper'

3
describe "Admin::Users", feature: true  do
4 5
  include WaitForAjax

gitlabhq committed
6 7 8
  before { login_as :admin }

  describe "GET /admin/users" do
Nihad Abbasov committed
9
    before do
gitlabhq committed
10 11 12
      visit admin_users_path
    end

13
    it "is ok" do
14
      expect(current_path).to eq(admin_users_path)
gitlabhq committed
15 16
    end

17
    it "has users list" do
18 19
      expect(page).to have_content(@user.email)
      expect(page).to have_content(@user.name)
gitlabhq committed
20
    end
21 22 23

    describe 'Two-factor Authentication filters' do
      it 'counts users who have enabled 2FA' do
24
        create(:user, :two_factor)
25 26 27 28 29 30 31 32 33

        visit admin_users_path

        page.within('.filter-two-factor-enabled small') do
          expect(page).to have_content('1')
        end
      end

      it 'filters by users who have enabled 2FA' do
34
        user = create(:user, :two_factor)
35 36 37 38 39 40 41 42

        visit admin_users_path
        click_link '2FA Enabled'

        expect(page).to have_content(user.email)
      end

      it 'counts users who have not enabled 2FA' do
43
        create(:user)
44 45 46 47 48 49 50 51 52

        visit admin_users_path

        page.within('.filter-two-factor-disabled small') do
          expect(page).to have_content('2') # Including admin
        end
      end

      it 'filters by users who have not enabled 2FA' do
53
        user = create(:user)
54 55 56 57 58 59 60

        visit admin_users_path
        click_link '2FA Disabled'

        expect(page).to have_content(user.email)
      end
    end
gitlabhq committed
61 62
  end

Nihad Abbasov committed
63 64
  describe "GET /admin/users/new" do
    before do
gitlabhq committed
65
      visit new_admin_user_path
66
      fill_in "user_name", with: "Big Bang"
67
      fill_in "user_username", with: "bang"
68
      fill_in "user_email", with: "bigbang@mail.com"
gitlabhq committed
69 70
    end

71
    it "creates new user" do
72
      expect { click_button "Create user" }.to change {User.count}.by(1)
gitlabhq committed
73 74
    end

75
    it "applies defaults to user" do
76
      click_button "Create user"
Dmitriy Zaporozhets committed
77
      user = User.find_by(username: 'bang')
78 79 80 81
      expect(user.projects_limit).
        to eq(Gitlab.config.gitlab.default_projects_limit)
      expect(user.can_create_group).
        to eq(Gitlab.config.gitlab.default_can_create_group)
82 83
    end

84
    it "creates user with valid data" do
85
      click_button "Create user"
Dmitriy Zaporozhets committed
86
      user = User.find_by(username: 'bang')
87 88
      expect(user.name).to eq('Big Bang')
      expect(user.email).to eq('bigbang@mail.com')
gitlabhq committed
89 90
    end

91
    it "calls send mail" do
Valery Sizov committed
92
      expect_any_instance_of(NotificationService).to receive(:new_user)
93

94
      click_button "Create user"
gitlabhq committed
95 96
    end

97
    it "sends valid email to user with email & password" do
Valery Sizov committed
98 99 100 101
      perform_enqueued_jobs do
        click_button "Create user"
      end

Dmitriy Zaporozhets committed
102
      user = User.find_by(username: 'bang')
103
      email = ActionMailer::Base.deliveries.last
104
      expect(email.subject).to have_content('Account was created')
105 106
      expect(email.text_part.body).to have_content(user.email)
      expect(email.text_part.body).to have_content('password')
Marin Jankovski committed
107
    end
gitlabhq committed
108 109
  end

Nihad Abbasov committed
110
  describe "GET /admin/users/:id" do
111
    it "has user info" do
gitlabhq committed
112
      visit admin_users_path
113
      click_link @user.name
gitlabhq committed
114

115 116
      expect(page).to have_content(@user.email)
      expect(page).to have_content(@user.name)
gitlabhq committed
117
    end
118

119 120 121
    describe 'Impersonation' do
      let(:another_user) { create(:user) }
      before { visit admin_user_path(another_user) }
122

123 124 125 126
      context 'before impersonating' do
        it 'shows impersonate button for other users' do
          expect(page).to have_content('Impersonate')
        end
127

128
        it 'does not show impersonate button for admin itself' do
129
          visit admin_user_path(@user)
130

131
          expect(page).not_to have_content('Impersonate')
132
        end
133

134
        it 'does not show impersonate button for blocked user' do
135 136 137 138 139 140 141 142
          another_user.block

          visit admin_user_path(another_user)

          expect(page).not_to have_content('Impersonate')

          another_user.activate
        end
143 144
      end

145 146 147 148
      context 'when impersonating' do
        before { click_link 'Impersonate' }

        it 'logs in as the user when impersonate is clicked' do
149
          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eql(another_user.username)
150 151 152 153 154
        end

        it 'sees impersonation log out icon' do
          icon = first('.fa.fa-user-secret')

155
          expect(icon).not_to eql nil
156 157
        end

158
        it 'logs out of impersonated user back to original user' do
159 160
          find(:css, 'li.impersonation a').click

161
          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eql(@user.username)
162 163 164 165 166 167 168
        end

        it 'is redirected back to the impersonated users page in the admin after stopping' do
          find(:css, 'li.impersonation a').click

          expect(current_path).to eql "/admin/users/#{another_user.username}"
        end
169 170 171
      end
    end

172 173
    describe 'Two-factor Authentication status' do
      it 'shows when enabled' do
174
        @user.update_attribute(:otp_required_for_login, true)
175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192

        visit admin_user_path(@user)

        expect_two_factor_status('Enabled')
      end

      it 'shows when disabled' do
        visit admin_user_path(@user)

        expect_two_factor_status('Disabled')
      end

      def expect_two_factor_status(status)
        page.within('.two-factor-status') do
          expect(page).to have_content(status)
        end
      end
    end
gitlabhq committed
193 194
  end

Nihad Abbasov committed
195 196
  describe "GET /admin/users/:id/edit" do
    before do
197
      @simple_user = create(:user)
gitlabhq committed
198 199 200 201
      visit admin_users_path
      click_link "edit_user_#{@simple_user.id}"
    end

202
    it "has user edit page" do
203 204
      expect(page).to have_content('Name')
      expect(page).to have_content('Password')
gitlabhq committed
205 206 207
    end

    describe "Update user" do
Nihad Abbasov committed
208
      before do
209 210
        fill_in "user_name", with: "Big Bang"
        fill_in "user_email", with: "bigbang@mail.com"
211 212
        fill_in "user_password", with: "AValidPassword1"
        fill_in "user_password_confirmation", with: "AValidPassword1"
gitlabhq committed
213
        check "user_admin"
214
        click_button "Save changes"
gitlabhq committed
215 216
      end

217
      it "shows page with  new data" do
218 219
        expect(page).to have_content('bigbang@mail.com')
        expect(page).to have_content('Big Bang')
gitlabhq committed
220 221
      end

222
      it "changes user entry" do
gitlabhq committed
223
        @simple_user.reload
224
        expect(@simple_user.name).to eq('Big Bang')
225
        expect(@simple_user.is_admin?).to be_truthy
226
        expect(@simple_user.password_expires_at).to be <= Time.now
gitlabhq committed
227 228 229
      end
    end
  end
230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256

  describe "GET /admin/users/:id/projects" do
    before do
      @group = create(:group)
      @project = create(:project, group: @group)
      @simple_user = create(:user)
      @group.add_developer(@simple_user)

      visit projects_admin_user_path(@simple_user)
    end

    it "lists group projects" do
      within(:css, '.append-bottom-default + .panel') do
        expect(page).to have_content 'Group projects'
        expect(page).to have_link @group.name, admin_group_path(@group)
      end
    end

    it 'allows navigation to the group details' do
      within(:css, '.append-bottom-default + .panel') do
        click_link @group.name
      end
      within(:css, 'h3.page-title') do
        expect(page).to have_content "Group: #{@group.name}"
      end
      expect(page).to have_content @project.name
    end
257 258 259 260 261 262 263 264 265 266 267 268 269 270 271

    it 'shows the group access level' do
      within(:css, '.append-bottom-default + .panel') do
        expect(page).to have_content 'Developer'
      end
    end

    it 'allows group membership to be revoked', js: true do
      page.within(first('.group_member')) do
        find('.btn-remove').click
      end
      wait_for_ajax

      expect(page).not_to have_selector('.group_member')
    end
272
  end
gitlabhq committed
273
end