Test new session controller

7 years ago · 6f801bf445
parent 2042760abd
commit 6f801bf445
4 changed files with 112 additions and 3 deletions
--- a/config/test.exs
+++ b/config/test.exs
@ -4,6 +4,7 @@ use Mix.Config
 # you can enable the server option below.
 config :asciinema, Asciinema.Endpoint,
  http: [port: 4001],
+  secret_key_base: "ssecretkeybasesecretkeybasesecretkeybasesecretkeybaseecretkeybase",
  server: false

 # Print only warnings and errors during test
--- a/lib/asciinema/auth.ex
+++ b/lib/asciinema/auth.ex
@ -8,6 +8,9 @@ defmodule Asciinema.Auth do
    opts
  end

+  def call(%Plug.Conn{assigns: %{current_user: %User{}}} = conn, _opts) do
+    conn
+  end
  def call(conn, _opts) do
    user_id = get_session(conn, @user_key)
    user = user_id && Repo.get(User, user_id)
--- a/test/controllers/session_controller_test.exs
+++ b/test/controllers/session_controller_test.exs
@ -0,0 +1,104 @@
+defmodule Asciinema.SessionControllerTest do
+  use Asciinema.ConnCase
+  alias Asciinema.{Users, User, ApiToken}
+
+  @revoked_token "eb927b31-9ca3-4a6a-8a0c-dfba318e2e84"
+  @regular_user_token "c4ecd96a-9a16-464d-be6a-bc1f3c50c4ae"
+  @other_regular_user_token "b26c2fe0-603b-4b10-b0fa-f6ec85628831"
+  @tmp_user_token "863f6ae5-3f32-4ffc-8d47-284222d6225f"
+  @other_tmp_user_token "2eafaa20-80c8-47fc-b014-74072027edae"
+
+  setup %{conn: conn} do
+    %User{} = Users.get_user_with_api_token("revoked", @revoked_token)
+    @revoked_token |> Users.get_api_token! |> Users.revoke_api_token!
+
+    regular_user = fixture(:user)
+    ApiToken.create_changeset(regular_user, @regular_user_token) |> Repo.insert!
+
+    other_regular_user = fixture(:user, %{username: "other", email: "other@example.com"})
+    ApiToken.create_changeset(other_regular_user, @other_regular_user_token) |> Repo.insert!
+
+    %User{} = tmp_user = Users.get_user_with_api_token("tmp", @tmp_user_token)
+
+    %User{} = Users.get_user_with_api_token("other_tmp", @other_tmp_user_token)
+
+    {:ok, conn: conn, regular_user: regular_user, tmp_user: tmp_user}
+  end
+
+  test "invalid token", %{conn: conn} do
+    conn = get conn, "/connect/nopenope"
+    assert redirected_to(conn, 302) == "/"
+    assert get_rails_flash(conn, :alert) =~ ~r/invalid token/i
+  end
+
+  test "revoked token", %{conn: conn} do
+    conn = get conn, "/connect/#{@revoked_token}"
+    assert redirected_to(conn, 302) == "/"
+    assert get_rails_flash(conn, :alert) =~ ~r/been revoked/i
+  end
+
+  test "guest with tmp user token", %{conn: conn} do
+    conn = get conn, "/connect/#{@tmp_user_token}"
+    assert redirected_to(conn, 302) == "/user/edit"
+    assert get_rails_flash(conn, :notice) =~ ~r/welcome.+username.+email/i
+  end
+
+  test "guest with regular user token", %{conn: conn} do
+    conn = get conn, "/connect/#{@regular_user_token}"
+    assert redirected_to(conn, 302) == "/~test"
+    assert get_rails_flash(conn, :notice) =~ ~r/welcome back/i
+  end
+
+  test "tmp user with his own token", %{conn: conn, tmp_user: user} do
+    conn = login_as(conn, user)
+    conn = get conn, "/connect/#{@tmp_user_token}"
+    assert redirected_to(conn, 302) == "/user/edit"
+    assert get_rails_flash(conn, :notice)
+  end
+
+  test "tmp user with other tmp user token", %{conn: conn, tmp_user: user} do
+    conn = login_as(conn, user)
+    conn = get conn, "/connect/#{@other_tmp_user_token}"
+    assert redirected_to(conn, 302) == "/user/edit"
+    assert get_rails_flash(conn, :notice)
+  end
+
+  test "tmp user with other regular user token", %{conn: conn, tmp_user: user} do
+    conn = login_as(conn, user)
+    conn = get conn, "/connect/#{@regular_user_token}"
+    assert redirected_to(conn, 302) == "/~test"
+    assert get_rails_flash(conn, :notice)
+  end
+
+  test "regular user with other tmp user token", %{conn: conn, regular_user: user} do
+    conn = login_as(conn, user)
+    conn = get conn, "/connect/#{@tmp_user_token}"
+    assert redirected_to(conn, 302) == "/~test"
+    assert get_rails_flash(conn, :notice)
+  end
+
+  test "regular user with his own token", %{conn: conn, regular_user: user} do
+    conn = login_as(conn, user)
+    conn = get conn, "/connect/#{@regular_user_token}"
+    assert redirected_to(conn, 302) == "/~test"
+    assert get_rails_flash(conn, :notice)
+  end
+
+  test "regular user with other regular user token", %{conn: conn, regular_user: user} do
+    conn = login_as(conn, user)
+    conn = get conn, "/connect/#{@other_regular_user_token}"
+    assert redirected_to(conn, 302) == "/~test"
+    assert get_rails_flash(conn, :alert)
+  end
+
+  defp get_rails_flash(conn, key) do
+    conn
+    |> get_session(:flash)
+    |> get_in([:flashes, key])
+  end
+
+  defp login_as(conn, user) do
+    assign(conn, :current_user, user)
+  end
+
+end
--- a/test/support/fixtures.ex
+++ b/test/support/fixtures.ex
@ -11,9 +11,10 @@ defmodule Asciinema.Fixtures do
                 content_type: "application/json"}
  end

-  def fixture(:user, _attrs) do
-    attrs = %{username: "test",
-              auth_token: "authy-auth-auth"}
+  def fixture(:user, attrs) do
+    attrs = Map.merge(%{username: "test",
+                        email: "test@example.com",
+                        auth_token: "authy-auth-auth"}, attrs)
    Repo.insert!(User.changeset(%User{}, attrs))
  end