4 files changed, 245 insertions, 2 deletions

diff --git a/t/app/controller/auth.t b/t/app/controller/auth.t
index 388216a1f..cb7d16969 100644
--- a/t/app/controller/auth.t
+++ b/t/app/controller/auth.t
@@ -5,6 +5,7 @@ my $mech = FixMyStreet::TestMech->new;
 
 my $test_email    = 'test@example.com';
 my $test_email2   = 'test@example.net';
+my $test_email3   = 'newuser@example.org';
 my $test_password = 'foobar';
 
 END {
@@ -279,6 +280,94 @@ subtest "sign in but have email form autofilled" => sub {
     is $mech->uri->path, '/my', "redirected to correct page";
 };
 
+$mech->log_out_ok;
 
-# more test:
-# TODO: test that email are always lowercased
+subtest "sign in with uppercase email" => sub {
+    $mech->get_ok('/auth');
+    my $uc_test_email = uc $test_email;
+    $mech->submit_form_ok(
+        {
+            form_name => 'general_auth',
+            fields    => {
+                email    => $uc_test_email,
+                password_sign_in => $test_password,
+            },
+            button => 'sign_in',
+        },
+        "sign in with '$uc_test_email' and auto-completed name"
+    );
+    is $mech->uri->path, '/my', "redirected to correct page";
+
+    $mech->content_contains($test_email);
+    $mech->content_lacks($uc_test_email);
+
+    my $count = FixMyStreet::App->model('DB::User')->search( { email => $uc_test_email } )->count;
+    is $count, 0, "uppercase user wasn't created";
+};
+
+
+FixMyStreet::override_config {
+    SIGNUPS_DISABLED => 1,
+}, sub {
+    subtest 'signing in with an unknown email address disallowed' => sub {
+        $mech->log_out_ok;
+        # create a new account
+        $mech->clear_emails_ok;
+        $mech->get_ok('/auth');
+        $mech->submit_form_ok(
+            {
+                form_name => 'general_auth',
+                fields    => { email => $test_email3, },
+                button    => 'email_sign_in',
+            },
+            "create a new account"
+        );
+
+        ok $mech->email_count_is(0);
+
+        my $count = FixMyStreet::App->model('DB::User')->search( { email => $test_email3 } )->count;
+        is $count, 0, "no user exists";
+    };
+
+    subtest 'signing in as known email address with new password is allowed' => sub {
+        my $new_password = "myshinynewpassword";
+
+        $mech->clear_emails_ok;
+        $mech->get_ok('/auth');
+        $mech->submit_form_ok(
+            {
+                form_name => 'general_auth',
+                fields    => {
+                    email             => "$test_email",
+                    password_register => $new_password,
+                    r                 => 'faq', # Just as a test
+                },
+                button    => 'email_sign_in',
+            },
+            "email_sign_in with '$test_email'"
+        );
+
+        $mech->not_logged_in_ok;
+
+        ok $mech->email_count_is(1);
+        my $link = $mech->get_link_from_email;
+        $mech->get_ok($link);
+        is $mech->uri->path, '/faq', "redirected to the Help page";
+
+        $mech->log_out_ok;
+
+        $mech->get_ok('/auth');
+        $mech->submit_form_ok(
+            {
+                form_name => 'general_auth',
+                fields    => {
+                    email    => $test_email,
+                    password_sign_in => $new_password,
+                },
+                button => 'sign_in',
+            },
+            "sign in with '$test_email' and new password"
+        );
+        is $mech->uri->path, '/my', "redirected to correct page";
+    };
+};
diff --git a/t/app/controller/report_inspect.t b/t/app/controller/report_inspect.t
index 4000a9da8..68f9063cf 100644
--- a/t/app/controller/report_inspect.t
+++ b/t/app/controller/report_inspect.t
@@ -190,6 +190,42 @@ FixMyStreet::override_config {
         $report->update({ state => $old_state });
     };
 
+    subtest "post-inspect redirect is to the right place if URL set" => sub {
+        $user->user_body_permissions->create({ body => $oxon, permission_type => 'planned_reports' });
+        $mech->get_ok("/report/$report_id");
+        my $update_text = "This text was entered as an update by the user.";
+        $mech->submit_form_ok({ button => 'save', with_fields => {
+            public_update => $update_text,
+            include_update => "1",
+            post_inspect_url => "/"
+        }});
+        is $mech->res->code, 200, "got 200";
+        is $mech->res->previous->code, 302, "got 302 for redirect";
+        is $mech->uri->path, '/', 'redirected to front page';
+        $user->user_body_permissions->search({ body_id => $oxon->id, permission_type => 'planned_reports' })->delete;
+    };
+
+    subtest "post-inspect redirect is to the right place if URL not set" => sub {
+        $user->user_body_permissions->create({ body => $oxon, permission_type => 'planned_reports' });
+        $user->set_extra_metadata(categories => [ $contact->id ]);
+        $user->update;
+        $mech->get_ok("/report/$report_id");
+        my $update_text = "This text was entered as an update by the user.";
+        $mech->submit_form_ok({ button => 'save', with_fields => {
+            public_update => $update_text,
+            include_update => "1",
+            post_inspect_url => ""
+        }});
+        is $mech->res->code, 200, "got 200";
+        is $mech->res->previous->code, 302, "got 302 for redirect";
+        is $mech->uri->path, '/around', 'redirected to /around';
+        my %params = $mech->uri->query_form;
+        is $params{lat}, $report->latitude, "latitude param is correct";
+        is $params{lon}, $report->longitude, "longitude param is correct";
+        is $params{filter_category}, $contact->category, "categories param is correct";
+        $user->user_body_permissions->search({ body_id => $oxon->id, permission_type => 'planned_reports' })->delete;
+    };
+
     foreach my $test (
         { type => 'report_edit_priority', priority => 1 },
         { type => 'report_edit_category', category => 1 },
diff --git a/t/app/controller/root.t b/t/app/controller/root.t
new file mode 100644
index 000000000..413341d89
--- /dev/null
+++ b/t/app/controller/root.t
@@ -0,0 +1,76 @@
+use FixMyStreet::TestMech;
+
+ok( my $mech = FixMyStreet::TestMech->new, 'Created mech object' );
+
+my @urls = (
+    "/",
+    "/reports",
+    "/about/faq",
+    "/around?longitude=-1.351488&latitude=51.847235"
+);
+
+
+FixMyStreet::override_config {
+    LOGIN_REQUIRED => 0,
+    MAPIT_URL => 'http://mapit.uk/'
+}, sub {
+    subtest 'LOGIN_REQUIRED = 0 behaves correctly' => sub {
+        foreach my $url (@urls) {
+            $mech->get_ok($url);
+            is $mech->res->code, 200, "got 200 for page";
+            is $mech->res->previous, undef, 'No redirect';
+        }
+    };
+};
+
+
+FixMyStreet::override_config {
+    LOGIN_REQUIRED => 1,
+    MAPIT_URL => 'http://mapit.uk/'
+}, sub {
+    subtest 'LOGIN_REQUIRED = 1 redirects to /auth if not logged in' => sub {
+        foreach my $url (@urls) {
+            $mech->get_ok($url);
+            is $mech->res->code, 200, "got 200 for final destination";
+            is $mech->res->previous->code, 302, "got 302 for redirect";
+            is $mech->uri->path, '/auth';
+        }
+    };
+
+    subtest 'LOGIN_REQUIRED = 1 does not redirect if logged in' => sub {
+        $mech->log_in_ok('user@example.org');
+        foreach my $url (@urls) {
+            $mech->get_ok($url);
+            is $mech->res->code, 200, "got 200 for final destination";
+            is $mech->res->previous, undef, 'No redirect';
+        }
+        $mech->log_out_ok;
+    };
+
+    subtest 'LOGIN_REQUIRED = 1 allows whitelisted URLs' => sub {
+        my @whitelist = (
+            '/auth',
+            '/js/translation_strings.en-gb.js'
+        );
+
+        foreach my $url (@whitelist) {
+            $mech->get_ok($url);
+            is $mech->res->code, 200, "got 200 for final destination";
+            is $mech->res->previous, undef, 'No redirect';
+        }
+    };
+
+    subtest 'LOGIN_REQUIRED = 1 404s blacklisted URLs' => sub {
+        my @blacklist = (
+            '/offline/appcache',
+        );
+
+        foreach my $url (@blacklist) {
+            $mech->get($url);
+            ok !$mech->res->is_success(), "want a bad response";
+            is $mech->res->code, 404, "got 404";
+        }
+    };
+};
+
+done_testing();
diff --git a/t/app/model/extra.t b/t/app/model/extra.t
index 17f34c6c1..a5e3e3574 100644
--- a/t/app/model/extra.t
+++ b/t/app/model/extra.t
@@ -98,4 +98,46 @@ subtest 'Default hash layout' => sub {
     };
 };
 
+subtest 'Get named field values' => sub {
+    my $user = $db->resultset('User')->create({
+        email => 'test-moderation@example.com',
+        name => 'Test User'
+    });
+    my $report = $db->resultset('Problem')->create(
+    {
+        postcode           => 'BR1 3SB',
+        bodies_str         => "",
+        areas              => "",
+        category           => 'Other',
+        title              => 'Good bad good',
+        detail             => 'Good bad bad bad good bad',
+        used_map           => 't',
+        name               => 'Test User 2',
+        anonymous          => 'f',
+        state              => 'confirmed',
+        lang               => 'en-gb',
+        service            => '',
+        cobrand            => 'default',
+        latitude           => '51.4129',
+        longitude          => '0.007831',
+        user_id            => $user->id,
+    });
+
+    $report->push_extra_fields(
+        {
+            name => "field1",
+            description => "This is a test field",
+            value => "value 1",
+        },
+        {
+            name => "field 2",
+            description => "Another test",
+            value => "this is a test value",
+        }
+    );
+
+    is $report->get_extra_field_value("field1"), "value 1", "field1 has correct value";
+    is $report->get_extra_field_value("field 2"), "this is a test value", "field 2 has correct value";
+};
+
 done_testing();