BigW Consortium Gitlab

admin_users_spec.rb 10.8 KB
Newer Older
gitlabhq committed
1 2
require 'spec_helper'

3 4 5 6 7 8
describe "Admin::Users", feature: true do
  let!(:user) do
    create(:omniauth_user, provider: 'twitter', extern_uid: '123456')
  end

  let!(:current_user) { login_as :admin }
gitlabhq committed
9 10

  describe "GET /admin/users" do
Nihad Abbasov committed
11
    before do
gitlabhq committed
12 13 14
      visit admin_users_path
    end

15
    it "is ok" do
16
      expect(current_path).to eq(admin_users_path)
gitlabhq committed
17 18
    end

19
    it "has users list" do
20 21 22 23
      expect(page).to have_content(current_user.email)
      expect(page).to have_content(current_user.name)
      expect(page).to have_content(user.email)
      expect(page).to have_content(user.name)
gitlabhq committed
24
    end
25 26 27

    describe 'Two-factor Authentication filters' do
      it 'counts users who have enabled 2FA' do
28
        create(:user, :two_factor)
29 30 31 32 33 34 35 36 37

        visit admin_users_path

        page.within('.filter-two-factor-enabled small') do
          expect(page).to have_content('1')
        end
      end

      it 'filters by users who have enabled 2FA' do
38
        user = create(:user, :two_factor)
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

        visit admin_users_path
        click_link '2FA Enabled'

        expect(page).to have_content(user.email)
      end

      it 'counts users who have not enabled 2FA' do
        visit admin_users_path

        page.within('.filter-two-factor-disabled small') do
          expect(page).to have_content('2') # Including admin
        end
      end

      it 'filters by users who have not enabled 2FA' do
        visit admin_users_path
        click_link '2FA Disabled'

        expect(page).to have_content(user.email)
      end
    end
gitlabhq committed
61 62
  end

Nihad Abbasov committed
63 64
  describe "GET /admin/users/new" do
    before do
gitlabhq committed
65
      visit new_admin_user_path
66
      fill_in "user_name", with: "Big Bang"
67
      fill_in "user_username", with: "bang"
68
      fill_in "user_email", with: "bigbang@mail.com"
gitlabhq committed
69 70
    end

71
    it "creates new user" do
72
      expect { click_button "Create user" }.to change {User.count}.by(1)
gitlabhq committed
73 74
    end

75
    it "applies defaults to user" do
76
      click_button "Create user"
Dmitriy Zaporozhets committed
77
      user = User.find_by(username: 'bang')
78 79 80 81
      expect(user.projects_limit).
        to eq(Gitlab.config.gitlab.default_projects_limit)
      expect(user.can_create_group).
        to eq(Gitlab.config.gitlab.default_can_create_group)
82 83
    end

84
    it "creates user with valid data" do
85
      click_button "Create user"
Dmitriy Zaporozhets committed
86
      user = User.find_by(username: 'bang')
87 88
      expect(user.name).to eq('Big Bang')
      expect(user.email).to eq('bigbang@mail.com')
gitlabhq committed
89 90
    end

91
    it "calls send mail" do
Valery Sizov committed
92
      expect_any_instance_of(NotificationService).to receive(:new_user)
93

94
      click_button "Create user"
gitlabhq committed
95 96
    end

97
    it "sends valid email to user with email & password" do
Valery Sizov committed
98 99 100 101
      perform_enqueued_jobs do
        click_button "Create user"
      end

Dmitriy Zaporozhets committed
102
      user = User.find_by(username: 'bang')
103
      email = ActionMailer::Base.deliveries.last
104
      expect(email.subject).to have_content('Account was created')
105 106
      expect(email.text_part.body).to have_content(user.email)
      expect(email.text_part.body).to have_content('password')
Marin Jankovski committed
107
    end
gitlabhq committed
108 109
  end

Nihad Abbasov committed
110
  describe "GET /admin/users/:id" do
111
    it "has user info" do
gitlabhq committed
112
      visit admin_users_path
113
      click_link user.name
gitlabhq committed
114

115 116
      expect(page).to have_content(user.email)
      expect(page).to have_content(user.name)
gitlabhq committed
117
    end
118

119 120 121
    describe 'Impersonation' do
      let(:another_user) { create(:user) }
      before { visit admin_user_path(another_user) }
122

123 124 125 126
      context 'before impersonating' do
        it 'shows impersonate button for other users' do
          expect(page).to have_content('Impersonate')
        end
127

128
        it 'does not show impersonate button for admin itself' do
129
          visit admin_user_path(current_user)
130

131
          expect(page).not_to have_content('Impersonate')
132
        end
133

134
        it 'does not show impersonate button for blocked user' do
135 136 137 138 139 140 141 142
          another_user.block

          visit admin_user_path(another_user)

          expect(page).not_to have_content('Impersonate')

          another_user.activate
        end
143 144
      end

145 146 147 148
      context 'when impersonating' do
        before { click_link 'Impersonate' }

        it 'logs in as the user when impersonate is clicked' do
149
          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eql(another_user.username)
150 151 152 153 154
        end

        it 'sees impersonation log out icon' do
          icon = first('.fa.fa-user-secret')

155
          expect(icon).not_to eql nil
156 157
        end

158
        it 'logs out of impersonated user back to original user' do
159 160
          find(:css, 'li.impersonation a').click

161
          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eql(current_user.username)
162 163 164 165 166 167 168
        end

        it 'is redirected back to the impersonated users page in the admin after stopping' do
          find(:css, 'li.impersonation a').click

          expect(current_path).to eql "/admin/users/#{another_user.username}"
        end
169 170 171
      end
    end

172 173
    describe 'Two-factor Authentication status' do
      it 'shows when enabled' do
174
        user.update_attribute(:otp_required_for_login, true)
175

176
        visit admin_user_path(user)
177 178 179 180 181

        expect_two_factor_status('Enabled')
      end

      it 'shows when disabled' do
182
        visit admin_user_path(user)
183 184 185 186 187 188 189 190 191 192

        expect_two_factor_status('Disabled')
      end

      def expect_two_factor_status(status)
        page.within('.two-factor-status') do
          expect(page).to have_content(status)
        end
      end
    end
gitlabhq committed
193 194
  end

Nihad Abbasov committed
195 196
  describe "GET /admin/users/:id/edit" do
    before do
gitlabhq committed
197
      visit admin_users_path
198
      click_link "edit_user_#{user.id}"
gitlabhq committed
199 200
    end

201
    it "has user edit page" do
202 203
      expect(page).to have_content('Name')
      expect(page).to have_content('Password')
gitlabhq committed
204 205 206
    end

    describe "Update user" do
Nihad Abbasov committed
207
      before do
208 209
        fill_in "user_name", with: "Big Bang"
        fill_in "user_email", with: "bigbang@mail.com"
210 211
        fill_in "user_password", with: "AValidPassword1"
        fill_in "user_password_confirmation", with: "AValidPassword1"
212
        choose "user_access_level_admin"
213
        click_button "Save changes"
gitlabhq committed
214 215
      end

216
      it "shows page with new data" do
217 218
        expect(page).to have_content('bigbang@mail.com')
        expect(page).to have_content('Big Bang')
gitlabhq committed
219 220
      end

221
      it "changes user entry" do
222 223
        user.reload
        expect(user.name).to eq('Big Bang')
224
        expect(user.admin?).to be_truthy
225 226 227 228 229 230 231 232 233 234 235 236 237 238
        expect(user.password_expires_at).to be <= Time.now
      end
    end

    describe 'update username to non ascii char' do
      it do
        fill_in 'user_username', with: '\u3042\u3044'
        click_button('Save')

        page.within '#error_explanation' do
          expect(page).to have_content('Username')
        end

        expect(page).to have_selector(%(form[action="/admin/users/#{user.username}"]))
gitlabhq committed
239 240 241
      end
    end
  end
242 243

  describe "GET /admin/users/:id/projects" do
244 245 246
    let(:group) { create(:group) }
    let!(:project) { create(:project, group: group) }

247
    before do
248
      group.add_developer(user)
249

250
      visit projects_admin_user_path(user)
251 252 253 254 255
    end

    it "lists group projects" do
      within(:css, '.append-bottom-default + .panel') do
        expect(page).to have_content 'Group projects'
256
        expect(page).to have_link group.name, admin_group_path(group)
257 258 259 260 261
      end
    end

    it 'allows navigation to the group details' do
      within(:css, '.append-bottom-default + .panel') do
262
        click_link group.name
263 264
      end
      within(:css, 'h3.page-title') do
265
        expect(page).to have_content "Group: #{group.name}"
266
      end
267
      expect(page).to have_content project.name
268
    end
269 270 271 272 273 274 275 276 277 278 279

    it 'shows the group access level' do
      within(:css, '.append-bottom-default + .panel') do
        expect(page).to have_content 'Developer'
      end
    end

    it 'allows group membership to be revoked', js: true do
      page.within(first('.group_member')) do
        find('.btn-remove').click
      end
280
      wait_for_requests
281 282 283

      expect(page).not_to have_selector('.group_member')
    end
284
  end
285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379

  describe 'show user attributes' do
    it do
      visit admin_users_path

      click_link user.name

      expect(page).to have_content 'Account'
      expect(page).to have_content 'Personal projects limit'
    end
  end

  describe 'remove users secondary email', js: true do
    let!(:secondary_email) do
      create :email, email: 'secondary@example.com', user: user
    end

    it do
      visit admin_user_path(user.username)

      expect(page).to have_content("Secondary email: #{secondary_email.email}")

      find("#remove_email_#{secondary_email.id}").click

      expect(page).not_to have_content(secondary_email.email)
    end
  end

  describe 'show user keys' do
    let!(:key1) do
      create(:key, user: user, title: "ssh-rsa Key1", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4FIEBXGi4bPU8kzxMefudPIJ08/gNprdNTaO9BR/ndy3+58s2HCTw2xCHcsuBmq+TsAqgEidVq4skpqoTMB+Uot5Uzp9z4764rc48dZiI661izoREoKnuRQSsRqUTHg5wrLzwxlQbl1MVfRWQpqiz/5KjBC7yLEb9AbusjnWBk8wvC1bQPQ1uLAauEA7d836tgaIsym9BrLsMVnR4P1boWD3Xp1B1T/ImJwAGHvRmP/ycIqmKdSpMdJXwxcb40efWVj0Ibbe7ii9eeoLdHACqevUZi6fwfbymdow+FeqlkPoHyGg3Cu4vD/D8+8cRc7mE/zGCWcQ15Var83Tczour Key1")
    end

    let!(:key2) do
      create(:key, user: user, title: "ssh-rsa Key2", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQSTWXhJAX/He+nG78MiRRRn7m0Pb0XbcgTxE0etArgoFoh9WtvDf36HG6tOSg/0UUNcp0dICsNAmhBKdncp6cIyPaXJTURPRAGvhI0/VDk4bi27bRnccGbJ/hDaUxZMLhhrzY0r22mjVf8PF6dvv5QUIQVm1/LeaWYsHHvLgiIjwrXirUZPnFrZw6VLREoBKG8uWvfSXw1L5eapmstqfsME8099oi+vWLR8MgEysZQmD28M73fgW4zek6LDQzKQyJx9nB+hJkKUDvcuziZjGmRFlNgSA2mguERwL1OXonD8WYUrBDGKroIvBT39zS5d9tQDnidEJZ9Y8gv5ViYP7x Key2")
    end

    it do
      visit admin_users_path

      click_link user.name
      click_link 'SSH keys'

      expect(page).to have_content(key1.title)
      expect(page).to have_content(key2.title)

      click_link key2.title

      expect(page).to have_content(key2.title)
      expect(page).to have_content(key2.key)

      click_link 'Remove'

      expect(page).not_to have_content(key2.title)
    end
  end

  describe 'show user identities' do
    it 'shows user identities' do
      visit admin_user_identities_path(user)

      expect(page).to have_content(user.name)
      expect(page).to have_content('twitter')
    end
  end

  describe 'update user identities' do
    before do
      allow(Gitlab::OAuth::Provider).to receive(:providers).and_return([:twitter, :twitter_updated])
    end

    it 'modifies twitter identity' do
      visit admin_user_identities_path(user)

      find('.table').find(:link, 'Edit').click
      fill_in 'identity_extern_uid', with: '654321'
      select 'twitter_updated', from: 'identity_provider'
      click_button 'Save changes'

      expect(page).to have_content(user.name)
      expect(page).to have_content('twitter_updated')
      expect(page).to have_content('654321')
    end
  end

  describe 'remove user with identities' do
    it 'removes user with twitter identity' do
      visit admin_user_identities_path(user)

      click_link 'Delete'

      expect(page).to have_content(user.name)
      expect(page).not_to have_content('twitter')
    end
  end
gitlabhq committed
380
end