BigW Consortium Gitlab

admin_users_spec.rb 11.4 KB
Newer Older
gitlabhq committed
1 2
require 'spec_helper'

3 4 5 6 7 8
describe "Admin::Users", feature: true do
  let!(:user) do
    create(:omniauth_user, provider: 'twitter', extern_uid: '123456')
  end

  let!(:current_user) { login_as :admin }
gitlabhq committed
9 10

  describe "GET /admin/users" do
Nihad Abbasov committed
11
    before do
gitlabhq committed
12 13 14
      visit admin_users_path
    end

15
    it "is ok" do
16
      expect(current_path).to eq(admin_users_path)
gitlabhq committed
17 18
    end

19
    it "has users list" do
20 21 22 23
      expect(page).to have_content(current_user.email)
      expect(page).to have_content(current_user.name)
      expect(page).to have_content(user.email)
      expect(page).to have_content(user.name)
24
      expect(page).to have_link('Block', href: block_admin_user_path(user))
25 26
      expect(page).to have_link('Remove user', href: admin_user_path(user))
      expect(page).to have_link('Remove user and contributions', href: admin_user_path(user, hard_delete: true))
gitlabhq committed
27
    end
28 29 30

    describe 'Two-factor Authentication filters' do
      it 'counts users who have enabled 2FA' do
31
        create(:user, :two_factor)
32 33 34 35 36 37 38 39 40

        visit admin_users_path

        page.within('.filter-two-factor-enabled small') do
          expect(page).to have_content('1')
        end
      end

      it 'filters by users who have enabled 2FA' do
41
        user = create(:user, :two_factor)
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63

        visit admin_users_path
        click_link '2FA Enabled'

        expect(page).to have_content(user.email)
      end

      it 'counts users who have not enabled 2FA' do
        visit admin_users_path

        page.within('.filter-two-factor-disabled small') do
          expect(page).to have_content('2') # Including admin
        end
      end

      it 'filters by users who have not enabled 2FA' do
        visit admin_users_path
        click_link '2FA Disabled'

        expect(page).to have_content(user.email)
      end
    end
gitlabhq committed
64 65
  end

Nihad Abbasov committed
66 67
  describe "GET /admin/users/new" do
    before do
gitlabhq committed
68
      visit new_admin_user_path
69
      fill_in "user_name", with: "Big Bang"
70
      fill_in "user_username", with: "bang"
71
      fill_in "user_email", with: "bigbang@mail.com"
gitlabhq committed
72 73
    end

74
    it "creates new user" do
75
      expect { click_button "Create user" }.to change {User.count}.by(1)
gitlabhq committed
76 77
    end

78
    it "applies defaults to user" do
79
      click_button "Create user"
Dmitriy Zaporozhets committed
80
      user = User.find_by(username: 'bang')
81 82 83 84
      expect(user.projects_limit).
        to eq(Gitlab.config.gitlab.default_projects_limit)
      expect(user.can_create_group).
        to eq(Gitlab.config.gitlab.default_can_create_group)
85 86
    end

87
    it "creates user with valid data" do
88
      click_button "Create user"
Dmitriy Zaporozhets committed
89
      user = User.find_by(username: 'bang')
90 91
      expect(user.name).to eq('Big Bang')
      expect(user.email).to eq('bigbang@mail.com')
gitlabhq committed
92 93
    end

94
    it "calls send mail" do
Valery Sizov committed
95
      expect_any_instance_of(NotificationService).to receive(:new_user)
96

97
      click_button "Create user"
gitlabhq committed
98 99
    end

100
    it "sends valid email to user with email & password" do
Valery Sizov committed
101 102 103 104
      perform_enqueued_jobs do
        click_button "Create user"
      end

Dmitriy Zaporozhets committed
105
      user = User.find_by(username: 'bang')
106
      email = ActionMailer::Base.deliveries.last
107
      expect(email.subject).to have_content('Account was created')
108 109
      expect(email.text_part.body).to have_content(user.email)
      expect(email.text_part.body).to have_content('password')
Marin Jankovski committed
110
    end
gitlabhq committed
111 112
  end

Nihad Abbasov committed
113
  describe "GET /admin/users/:id" do
114
    it "has user info" do
gitlabhq committed
115
      visit admin_users_path
116
      click_link user.name
gitlabhq committed
117

118 119
      expect(page).to have_content(user.email)
      expect(page).to have_content(user.name)
120 121 122
      expect(page).to have_link('Block user', href: block_admin_user_path(user))
      expect(page).to have_link('Remove user', href: admin_user_path(user))
      expect(page).to have_link('Remove user and contributions', href: admin_user_path(user, hard_delete: true))
gitlabhq committed
123
    end
124

125 126 127
    describe 'Impersonation' do
      let(:another_user) { create(:user) }
      before { visit admin_user_path(another_user) }
128

129 130 131 132
      context 'before impersonating' do
        it 'shows impersonate button for other users' do
          expect(page).to have_content('Impersonate')
        end
133

134
        it 'does not show impersonate button for admin itself' do
135
          visit admin_user_path(current_user)
136

137
          expect(page).not_to have_content('Impersonate')
138
        end
139

140
        it 'does not show impersonate button for blocked user' do
141 142 143 144 145 146 147 148
          another_user.block

          visit admin_user_path(another_user)

          expect(page).not_to have_content('Impersonate')

          another_user.activate
        end
149 150
      end

151 152 153 154
      context 'when impersonating' do
        before { click_link 'Impersonate' }

        it 'logs in as the user when impersonate is clicked' do
155
          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eql(another_user.username)
156 157 158 159 160
        end

        it 'sees impersonation log out icon' do
          icon = first('.fa.fa-user-secret')

161
          expect(icon).not_to eql nil
162 163
        end

164
        it 'logs out of impersonated user back to original user' do
165 166
          find(:css, 'li.impersonation a').click

167
          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eql(current_user.username)
168 169 170 171 172 173 174
        end

        it 'is redirected back to the impersonated users page in the admin after stopping' do
          find(:css, 'li.impersonation a').click

          expect(current_path).to eql "/admin/users/#{another_user.username}"
        end
175 176 177
      end
    end

178 179
    describe 'Two-factor Authentication status' do
      it 'shows when enabled' do
180
        user.update_attribute(:otp_required_for_login, true)
181

182
        visit admin_user_path(user)
183 184 185 186 187

        expect_two_factor_status('Enabled')
      end

      it 'shows when disabled' do
188
        visit admin_user_path(user)
189 190 191 192 193 194 195 196 197 198

        expect_two_factor_status('Disabled')
      end

      def expect_two_factor_status(status)
        page.within('.two-factor-status') do
          expect(page).to have_content(status)
        end
      end
    end
gitlabhq committed
199 200
  end

Nihad Abbasov committed
201 202
  describe "GET /admin/users/:id/edit" do
    before do
gitlabhq committed
203
      visit admin_users_path
204
      click_link "edit_user_#{user.id}"
gitlabhq committed
205 206
    end

207
    it "has user edit page" do
208 209
      expect(page).to have_content('Name')
      expect(page).to have_content('Password')
gitlabhq committed
210 211 212
    end

    describe "Update user" do
Nihad Abbasov committed
213
      before do
214 215
        fill_in "user_name", with: "Big Bang"
        fill_in "user_email", with: "bigbang@mail.com"
216 217
        fill_in "user_password", with: "AValidPassword1"
        fill_in "user_password_confirmation", with: "AValidPassword1"
218
        choose "user_access_level_admin"
219
        click_button "Save changes"
gitlabhq committed
220 221
      end

222
      it "shows page with new data" do
223 224
        expect(page).to have_content('bigbang@mail.com')
        expect(page).to have_content('Big Bang')
gitlabhq committed
225 226
      end

227
      it "changes user entry" do
228 229
        user.reload
        expect(user.name).to eq('Big Bang')
230
        expect(user.admin?).to be_truthy
231 232 233 234 235 236 237 238 239 240 241 242 243 244
        expect(user.password_expires_at).to be <= Time.now
      end
    end

    describe 'update username to non ascii char' do
      it do
        fill_in 'user_username', with: '\u3042\u3044'
        click_button('Save')

        page.within '#error_explanation' do
          expect(page).to have_content('Username')
        end

        expect(page).to have_selector(%(form[action="/admin/users/#{user.username}"]))
gitlabhq committed
245 246 247
      end
    end
  end
248 249

  describe "GET /admin/users/:id/projects" do
250 251 252
    let(:group) { create(:group) }
    let!(:project) { create(:project, group: group) }

253
    before do
254
      group.add_developer(user)
255

256
      visit projects_admin_user_path(user)
257 258 259 260 261
    end

    it "lists group projects" do
      within(:css, '.append-bottom-default + .panel') do
        expect(page).to have_content 'Group projects'
262
        expect(page).to have_link group.name, admin_group_path(group)
263 264 265 266 267
      end
    end

    it 'allows navigation to the group details' do
      within(:css, '.append-bottom-default + .panel') do
268
        click_link group.name
269 270
      end
      within(:css, 'h3.page-title') do
271
        expect(page).to have_content "Group: #{group.name}"
272
      end
273
      expect(page).to have_content project.name
274
    end
275 276 277 278 279 280 281 282 283 284 285

    it 'shows the group access level' do
      within(:css, '.append-bottom-default + .panel') do
        expect(page).to have_content 'Developer'
      end
    end

    it 'allows group membership to be revoked', js: true do
      page.within(first('.group_member')) do
        find('.btn-remove').click
      end
286
      wait_for_requests
287 288 289

      expect(page).not_to have_selector('.group_member')
    end
290
  end
291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385

  describe 'show user attributes' do
    it do
      visit admin_users_path

      click_link user.name

      expect(page).to have_content 'Account'
      expect(page).to have_content 'Personal projects limit'
    end
  end

  describe 'remove users secondary email', js: true do
    let!(:secondary_email) do
      create :email, email: 'secondary@example.com', user: user
    end

    it do
      visit admin_user_path(user.username)

      expect(page).to have_content("Secondary email: #{secondary_email.email}")

      find("#remove_email_#{secondary_email.id}").click

      expect(page).not_to have_content(secondary_email.email)
    end
  end

  describe 'show user keys' do
    let!(:key1) do
      create(:key, user: user, title: "ssh-rsa Key1", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4FIEBXGi4bPU8kzxMefudPIJ08/gNprdNTaO9BR/ndy3+58s2HCTw2xCHcsuBmq+TsAqgEidVq4skpqoTMB+Uot5Uzp9z4764rc48dZiI661izoREoKnuRQSsRqUTHg5wrLzwxlQbl1MVfRWQpqiz/5KjBC7yLEb9AbusjnWBk8wvC1bQPQ1uLAauEA7d836tgaIsym9BrLsMVnR4P1boWD3Xp1B1T/ImJwAGHvRmP/ycIqmKdSpMdJXwxcb40efWVj0Ibbe7ii9eeoLdHACqevUZi6fwfbymdow+FeqlkPoHyGg3Cu4vD/D8+8cRc7mE/zGCWcQ15Var83Tczour Key1")
    end

    let!(:key2) do
      create(:key, user: user, title: "ssh-rsa Key2", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQSTWXhJAX/He+nG78MiRRRn7m0Pb0XbcgTxE0etArgoFoh9WtvDf36HG6tOSg/0UUNcp0dICsNAmhBKdncp6cIyPaXJTURPRAGvhI0/VDk4bi27bRnccGbJ/hDaUxZMLhhrzY0r22mjVf8PF6dvv5QUIQVm1/LeaWYsHHvLgiIjwrXirUZPnFrZw6VLREoBKG8uWvfSXw1L5eapmstqfsME8099oi+vWLR8MgEysZQmD28M73fgW4zek6LDQzKQyJx9nB+hJkKUDvcuziZjGmRFlNgSA2mguERwL1OXonD8WYUrBDGKroIvBT39zS5d9tQDnidEJZ9Y8gv5ViYP7x Key2")
    end

    it do
      visit admin_users_path

      click_link user.name
      click_link 'SSH keys'

      expect(page).to have_content(key1.title)
      expect(page).to have_content(key2.title)

      click_link key2.title

      expect(page).to have_content(key2.title)
      expect(page).to have_content(key2.key)

      click_link 'Remove'

      expect(page).not_to have_content(key2.title)
    end
  end

  describe 'show user identities' do
    it 'shows user identities' do
      visit admin_user_identities_path(user)

      expect(page).to have_content(user.name)
      expect(page).to have_content('twitter')
    end
  end

  describe 'update user identities' do
    before do
      allow(Gitlab::OAuth::Provider).to receive(:providers).and_return([:twitter, :twitter_updated])
    end

    it 'modifies twitter identity' do
      visit admin_user_identities_path(user)

      find('.table').find(:link, 'Edit').click
      fill_in 'identity_extern_uid', with: '654321'
      select 'twitter_updated', from: 'identity_provider'
      click_button 'Save changes'

      expect(page).to have_content(user.name)
      expect(page).to have_content('twitter_updated')
      expect(page).to have_content('654321')
    end
  end

  describe 'remove user with identities' do
    it 'removes user with twitter identity' do
      visit admin_user_identities_path(user)

      click_link 'Delete'

      expect(page).to have_content(user.name)
      expect(page).not_to have_content('twitter')
    end
  end
gitlabhq committed
386
end