From abc843d671365365bd3e88441721c39f0bb12ca5 Mon Sep 17 00:00:00 2001 From: Dave Arter Date: Thu, 8 Jun 2017 17:05:38 +0100 Subject: Add LOGIN_REQUIRED config key If set to 1, this restricts all pages on the site to logged-in users. --- t/app/controller/root.t | 76 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 t/app/controller/root.t (limited to 't/app/controller/root.t') diff --git a/t/app/controller/root.t b/t/app/controller/root.t new file mode 100644 index 000000000..413341d89 --- /dev/null +++ b/t/app/controller/root.t @@ -0,0 +1,76 @@ +use FixMyStreet::TestMech; + +ok( my $mech = FixMyStreet::TestMech->new, 'Created mech object' ); + +my @urls = ( + "/", + "/reports", + "/about/faq", + "/around?longitude=-1.351488&latitude=51.847235" +); + + +FixMyStreet::override_config { + LOGIN_REQUIRED => 0, + MAPIT_URL => 'http://mapit.uk/' +}, sub { + subtest 'LOGIN_REQUIRED = 0 behaves correctly' => sub { + foreach my $url (@urls) { + $mech->get_ok($url); + is $mech->res->code, 200, "got 200 for page"; + is $mech->res->previous, undef, 'No redirect'; + } + }; +}; + + +FixMyStreet::override_config { + LOGIN_REQUIRED => 1, + MAPIT_URL => 'http://mapit.uk/' +}, sub { + subtest 'LOGIN_REQUIRED = 1 redirects to /auth if not logged in' => sub { + foreach my $url (@urls) { + $mech->get_ok($url); + is $mech->res->code, 200, "got 200 for final destination"; + is $mech->res->previous->code, 302, "got 302 for redirect"; + is $mech->uri->path, '/auth'; + } + }; + + subtest 'LOGIN_REQUIRED = 1 does not redirect if logged in' => sub { + $mech->log_in_ok('user@example.org'); + foreach my $url (@urls) { + $mech->get_ok($url); + is $mech->res->code, 200, "got 200 for final destination"; + is $mech->res->previous, undef, 'No redirect'; + } + $mech->log_out_ok; + }; + + subtest 'LOGIN_REQUIRED = 1 allows whitelisted URLs' => sub { + my @whitelist = ( + '/auth', + '/js/translation_strings.en-gb.js' + ); + + foreach my $url (@whitelist) { + $mech->get_ok($url); + is $mech->res->code, 200, "got 200 for final destination"; + is $mech->res->previous, undef, 'No redirect'; + } + }; + + subtest 'LOGIN_REQUIRED = 1 404s blacklisted URLs' => sub { + my @blacklist = ( + '/offline/appcache', + ); + + foreach my $url (@blacklist) { + $mech->get($url); + ok !$mech->res->is_success(), "want a bad response"; + is $mech->res->code, 404, "got 404"; + } + }; +}; + +done_testing(); -- cgit v1.2.3 From fd42c29f4aaa5110f39993511bc6cdeb3ca6dba7 Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Wed, 6 Sep 2017 09:14:54 +0100 Subject: Prevent race condition in root.t test. This test assumed /reports would load, which it wouldn't if run in parallel and the data hadn't been generated by reports.t. Test a different page instead. --- t/app/controller/root.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 't/app/controller/root.t') diff --git a/t/app/controller/root.t b/t/app/controller/root.t index 413341d89..ddf659b77 100644 --- a/t/app/controller/root.t +++ b/t/app/controller/root.t @@ -4,7 +4,7 @@ ok( my $mech = FixMyStreet::TestMech->new, 'Created mech object' ); my @urls = ( "/", - "/reports", + "/contact", "/about/faq", "/around?longitude=-1.351488&latitude=51.847235" ); -- cgit v1.2.3