From 9c361f9b2bf1617fa97d3731a83a926db31e21c9 Mon Sep 17 00:00:00 2001 From: Edmund von der Burg Date: Thu, 3 Mar 2011 15:29:56 +0000 Subject: Allow users to create an account, confirm it and logout --- t/app/controller/auth.t | 127 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 127 insertions(+) create mode 100644 t/app/controller/auth.t (limited to 't/app/controller/auth.t') diff --git a/t/app/controller/auth.t b/t/app/controller/auth.t new file mode 100644 index 000000000..0a0280494 --- /dev/null +++ b/t/app/controller/auth.t @@ -0,0 +1,127 @@ +use strict; +use warnings; + +BEGIN { + use FixMyStreet; + FixMyStreet->test_mode(1); +} + +use Test::More tests => 44; +use Email::Send::Test; + +use FixMyStreet::App; + +use Test::WWW::Mechanize::Catalyst 'FixMyStreet::App'; +my $mech = Test::WWW::Mechanize::Catalyst->new; + +my $test_email = 'test@example.com'; + +END { + ok( + FixMyStreet::App->model('DB::User')->find( { email => $test_email } ) + ->delete, + "delete test user" + ); +} + +$mech->get_ok('/auth'); + +# check that we can't reach a page that is only available to authenticated users +is $mech->get('/auth/check_auth')->code, 401, "got 401 at check_auth"; + +# check that submitting form with no / bad email creates an error. +$mech->get_ok('/auth'); + +for my $test ( + [ '' => 'enter an email address' ], + [ 'not an email' => 'check your email address is correct' ], + [ 'bob@foo' => 'check your email address is correct' ], + [ 'bob@foonaoedudnueu.co.uk' => 'check your email address is correct' ], + ) +{ + my ( $email, $error_message ) = @$test; + pass "--- testing bad email '$email' gives error '$error_message'"; + $mech->get_ok('/auth'); + $mech->content_lacks($error_message); + $mech->submit_form_ok( + { + form_name => 'general_auth', + fields => { email => $email, }, + button => 'create_account', + }, + "try to create an account with email '$email'" + ); + is $mech->uri->path, '/auth', "still on auth page"; + $mech->content_contains($error_message); +} + +# create a new account +Email::Send::Test->clear; +$mech->get_ok('/auth'); +$mech->submit_form_ok( + { + form_name => 'general_auth', + fields => { email => $test_email, }, + button => 'create_account', + }, + "create an account for '$test_email'" +); +is $mech->uri->path, '/auth/welcome', "redirected to welcome page"; + +# check that we are now logged in +$mech->get_ok("/auth/check_auth"); + +# check that we got one email +{ + my @emails = Email::Send::Test->emails; + Email::Send::Test->clear; + + is scalar(@emails), 1, "got one email"; + is $emails[0]->header('Subject'), "Your new FixMyStreet.com account", + "subject is correct"; + is $emails[0]->header('To'), $test_email, "to is correct"; + + # extract the link + my ($link) = $emails[0]->body =~ m{(http://\S+)}; + ok $link, "Found a link in email '$link'"; + + # check that the user is currently not confirmed + my $user = + FixMyStreet::App->model('DB::User')->find( { email => $test_email } ); + ok $user, "got a user"; + ok !$user->is_confirmed, "user has not been confirmed"; + + # visit the confirm link (with bad token) and check user no confirmed + $mech->get_ok( $link . 'XXX' ); + $user->discard_changes; + ok !$user->is_confirmed, "user has not been confirmed"; + + # visit the confirm link and check user is confirmed + $mech->get_ok($link); + $user->discard_changes; + ok $user->is_confirmed, "user has been confirmed"; +} + +# logout +$mech->get_ok("/auth/logout"); +is $mech->get('/auth/check_auth')->code, 401, "got 401 at check_auth"; + +# login using valid details + +# logout + +# try to login with bad details + +# try to create an account with bad details + +# get a password reset email (for bad email address) + +# get a password reminder (for good email address) + +# try using bad reset token + +# use the good reset token and change the password + +# try to use the good token again + +# delete the test user -- cgit v1.2.3