diff --git a/Gemfile b/Gemfile index f0f2e4395..83ec9b4a7 100644 --- a/Gemfile +++ b/Gemfile @@ -157,4 +157,5 @@ end group :test do gem 'database_cleaner' gem 'factory_girl_rails' + gem 'webmock' end diff --git a/Gemfile.lock b/Gemfile.lock index f608c4c9f..31ecaeb02 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -257,6 +257,7 @@ GEM haml (>= 4.0.6, < 5.0) html2haml (>= 1.0.1) railties (>= 4.0.1) + hashdiff (0.3.1) hashie (3.4.2) hashie-forbidden_attributes (0.1.1) hashie (>= 3.0) @@ -556,6 +557,10 @@ GEM wasabi (3.5.0) httpi (~> 2.0) nokogiri (>= 1.4.2) + webmock (2.1.0) + addressable (>= 2.3.6) + crack (>= 0.3.2) + hashdiff websocket-driver (0.6.2) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.2) @@ -647,6 +652,7 @@ DEPENDENCIES unicorn uuidtools (= 2.1.5) validates_email_format_of (= 1.6.3) + webmock whenever (= 0.9.4) BUNDLED WITH diff --git a/app/models/admin_user.rb b/app/models/admin_user.rb index e062bb1d6..d76c42dec 100644 --- a/app/models/admin_user.rb +++ b/app/models/admin_user.rb @@ -11,6 +11,10 @@ class AdminUser < User devise :database_authenticatable, :rememberable, :trackable, :validatable, :lockable + def self.min_password_length + Devise.password_length.min + end + def to_s username end diff --git a/spec/factories/admin_user.rb b/spec/factories/admin_user.rb new file mode 100644 index 000000000..8ee6b93b9 --- /dev/null +++ b/spec/factories/admin_user.rb @@ -0,0 +1,10 @@ +FactoryGirl.define do + factory :admin_user do + username 'test' + email 'test@test.com' + password 'a' * AdminUser.min_password_length + password_confirmation { password } + country_code 'de' + roles ['admin'] + end +end diff --git a/spec/factories/api_user.rb b/spec/factories/api_user.rb new file mode 100644 index 000000000..d5a3c777d --- /dev/null +++ b/spec/factories/api_user.rb @@ -0,0 +1,8 @@ +FactoryGirl.define do + factory :api_user do + sequence(:username) { |n| "test#{n}" } + password 'a' * 6 + roles ['super'] + registrar + end +end diff --git a/spec/features/registrar/sessions_spec.rb b/spec/features/registrar/sessions_spec.rb deleted file mode 100644 index 649fac952..000000000 --- a/spec/features/registrar/sessions_spec.rb +++ /dev/null @@ -1,151 +0,0 @@ -require 'rails_helper' - -RSpec.feature 'Sessions', db: true do - context 'with invalid ip' do - it 'should not see login page' do - Setting.registrar_ip_whitelist_enabled = true - WhiteIp.destroy_all - visit registrar_login_path - page.should have_text('Access denied') - end - - it 'should see login page when whitelist disabled' do - Setting.registrar_ip_whitelist_enabled = false - WhiteIp.destroy_all - visit registrar_login_path - page.should_not have_text('Access denied') - Setting.registrar_ip_whitelist_enabled = true - end - - it 'should see Login' do - @fixed_registrar = Fabricate(:registrar, name: 'fixed registrar', code: 'FIXED') - @fixed_registrar.white_ips = [Fabricate(:white_ip_registrar)] - visit registrar_login_path - page.should have_text('Login') - end - - it 'should not get in with invalid ip' do - Fabricate(:registrar, white_ips: [Fabricate(:white_ip), Fabricate(:white_ip_registrar)]) - @api_user_invalid_ip = Fabricate( - :api_user, identity_code: '37810013294', registrar: Fabricate(:registrar, white_ips: []) - ) - visit registrar_login_path - fill_in 'depp_user_tag', with: @api_user_invalid_ip.username - fill_in 'depp_user_password', with: @api_user_invalid_ip.password - click_button 'Login' - page.should have_text('IP is not whitelisted') - end - end - - context 'as unknown user' do - before :example do - Fabricate(:api_user) - end - - it 'should not get in' do - client = instance_double("Digidoc::Client") - allow(client).to receive(:authenticate).and_return( - OpenStruct.new( - user_id_code: '123' - ) - ) - - allow(Digidoc::Client).to receive(:new) { client } - - visit registrar_login_path - page.should have_css('a[href="/registrar/login/mid"]') - - page.find('a[href="/registrar/login/mid"]').click - - fill_in 'user_phone', with: '00007' - click_button 'Login' - page.should have_text('No such user') - end - end - - context 'as known api user' do - before :example do - Fabricate(:api_user) - end - - it 'should not get in when external service fails' do - client = instance_double("Digidoc::Client") - allow(client).to receive(:authenticate).and_return( - OpenStruct.new( - faultcode: 'Fault', - detail: OpenStruct.new( - message: 'Something is wrong' - ) - ) - ) - - allow(Digidoc::Client).to receive(:new) { client } - - visit registrar_login_path - page.should have_css('a[href="/registrar/login/mid"]') - - page.find('a[href="/registrar/login/mid"]').click - - fill_in 'user_phone', with: '00007' - click_button 'Login' - page.should have_text('Something is wrong') - end - - it 'should not get in when there is a sim error', js: true do - client = instance_double("Digidoc::Client", session_code: '123') - - allow(client).to receive('session_code=') - - allow(client).to receive(:authenticate).and_return( - OpenStruct.new( - user_id_code: '14212128025' - ) - ) - - allow(client).to receive('authentication_status').and_return( - OpenStruct.new(status: 'SIM_ERROR') - ) - - allow(Digidoc::Client).to receive(:new) { client } - - visit registrar_login_path - page.should have_css('a[href="/registrar/login/mid"]') - - page.find('a[href="/registrar/login/mid"]').click - - fill_in 'user_phone', with: '00007' - click_button 'Login' - - page.should have_text('Confirmation sms was sent to your phone. Verification code is') - page.should have_text('SIM application error') - end - - it 'should Login successfully', js: true do - client = instance_double("Digidoc::Client", session_code: '123') - - allow(client).to receive('session_code=') - - allow(client).to receive(:authenticate).and_return( - OpenStruct.new( - user_id_code: '14212128025' - ) - ) - - allow(client).to receive('authentication_status').and_return( - OpenStruct.new(status: 'USER_AUTHENTICATED') - ) - - allow(Digidoc::Client).to receive(:new) { client } - - visit registrar_login_path - page.should have_css('a[href="/registrar/login/mid"]') - - page.find('a[href="/registrar/login/mid"]').click - - fill_in 'user_phone', with: '00007' - click_button 'Login' - - page.should have_text('Confirmation sms was sent to your phone. Verification code is') - end - end -end diff --git a/spec/models/admin_user_spec.rb b/spec/models/admin_user_spec.rb index a6b668a5d..eeb47107b 100644 --- a/spec/models/admin_user_spec.rb +++ b/spec/models/admin_user_spec.rb @@ -1,24 +1,9 @@ require 'rails_helper' -require 'cancan/matchers' -describe AdminUser do +RSpec.describe AdminUser do context 'with invalid attribute' do - before :all do - @admin_user = AdminUser.new - end - - it 'should not be valid' do - @admin_user.valid? - @admin_user.errors.full_messages.should match_array([ - "Country code is missing", - "Email Email is missing", - "Email Email is missing", - "Password Password is missing", - "Password Password is missing", - "Password confirmation is missing", - "Roles is missing", - "Username Username is missing" - ]) + before do + @admin_user = described_class.new end it 'should not have any versions' do @@ -27,21 +12,10 @@ describe AdminUser do end context 'with valid attributes' do - before :all do + before do @admin_user = Fabricate(:admin_user) end - it 'should be valid' do - @admin_user.valid? - @admin_user.errors.full_messages.should match_array([]) - end - - it 'should be valid twice' do - @admin_user = Fabricate(:admin_user) - @admin_user.valid? - @admin_user.errors.full_messages.should match_array([]) - end - it 'should have one version' do with_versioning do @admin_user.versions.should == [] @@ -56,9 +30,13 @@ describe AdminUser do @admin_user.valid?.should == true @admin_user.password = 'not confirmed' @admin_user.valid? - @admin_user.errors.full_messages.should match_array([ - "Password confirmation doesn't match Password" - ]) + @admin_user.errors.full_messages.should match_array(["Password confirmation doesn't match Password"]) + end + end + + describe '::min_password_length' do + it 'returns minimum password length' do + expect(described_class.min_password_length).to eq(8) end end end diff --git a/spec/models/domain_spec.rb b/spec/models/domain_spec.rb index 78ada6d51..186fbc685 100644 --- a/spec/models/domain_spec.rb +++ b/spec/models/domain_spec.rb @@ -482,7 +482,7 @@ RSpec.describe Domain do invalid = [ 'a.ee', "#{'a' * 64}.ee", 'ab.eu', 'test.ab.ee', '-test.ee', '-test-.ee', - 'test-.ee', 'te--st.ee', 'õ.pri.ee', 'test.com', 'www.ab.ee', 'test.eu', ' .ee', 'a b.ee', + 'test-.ee', 'te--st.ee', 'õ.pri.ee', 'www.ab.ee', 'test.eu', ' .ee', 'a b.ee', 'Ž .ee', 'test.edu.ee' ] diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index 9411702f5..ba0b3c53f 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -5,6 +5,8 @@ require 'rspec/rails' require 'capybara/poltergeist' require 'paper_trail/frameworks/rspec' require 'money-rails/test_helpers' +require 'support/requests/session_helpers' +require 'support/features/session_helpers' if ENV['ROBOT'] require 'simplecov' @@ -23,10 +25,28 @@ ActiveRecord::Migration.maintain_test_schema! RSpec.configure do |config| config.include ActionView::TestCase::Behavior, type: :presenter config.include ActiveSupport::Testing::TimeHelpers + config.include Requests::SessionHelpers, type: :request + config.include Features::SessionHelpers, type: :feature + config.include AbstractController::Translation, type: :feature - config.define_derived_metadata(file_path: %r{/spec/presenters/}) do |metadata| + config.define_derived_metadata(file_path: %r[/spec/features/]) do |metadata| + metadata[:db] = true if metadata[:db].nil? + end + + config.define_derived_metadata(file_path: %r[/spec/models/]) do |metadata| + metadata[:db] = true if metadata[:db].nil? + end + + config.define_derived_metadata(file_path: %r[/spec/presenters/]) do |metadata| metadata[:type] = :presenter - metadata[:db] = false + end + + config.define_derived_metadata(file_path: %r[/spec/requests/]) do |metadata| + metadata[:db] = true if metadata[:db].nil? + end + + config.define_derived_metadata(file_path: %r[/spec/api/]) do |metadata| + metadata[:type] = :request end config.use_transactional_fixtures = false diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 9e1e69d61..68a2c0be1 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,5 @@ +require 'webmock/rspec' + RSpec.configure do |config| # https://github.com/rspec/rspec-rails/issues/1076 config.around :each, type: :view do |example| diff --git a/spec/support/database_cleaner.rb b/spec/support/database_cleaner.rb index 68a5de946..a65caba89 100644 --- a/spec/support/database_cleaner.rb +++ b/spec/support/database_cleaner.rb @@ -11,7 +11,7 @@ RSpec.configure do |config| end config.before :example do |example| - if example.metadata[:db] || (%i(model).include?(example.metadata[:type]) && example.metadata[:db].nil?) + if example.metadata[:db] db_connection_names.each do |connection_name| ActiveRecord::Base.establish_connection(connection_name) DatabaseCleaner[:active_record, connection: connection_name].start @@ -20,7 +20,7 @@ RSpec.configure do |config| end config.after :example do |example| - if example.metadata[:db] || (%i(model).include?(example.metadata[:type]) && example.metadata[:db].nil?) + if example.metadata[:db] db_connection_names.each do |connection_name| ActiveRecord::Base.establish_connection(connection_name) DatabaseCleaner[:active_record, connection: connection_name].clean diff --git a/spec/support/features/session_helpers.rb b/spec/support/features/session_helpers.rb new file mode 100644 index 000000000..a23609891 --- /dev/null +++ b/spec/support/features/session_helpers.rb @@ -0,0 +1,12 @@ +module Features + module SessionHelpers + def sign_in_to_registrar_area(user: FactoryGirl.create(:api_user)) + visit registrar_login_url + + fill_in 'depp_user_tag', with: user.username + fill_in 'depp_user_password', with: user.password + + click_button 'Login' + end + end +end diff --git a/spec/support/requests/session_helpers.rb b/spec/support/requests/session_helpers.rb new file mode 100644 index 000000000..d4019c5f9 --- /dev/null +++ b/spec/support/requests/session_helpers.rb @@ -0,0 +1,32 @@ +module Requests + module SessionHelpers + def sign_in_to_epp_area(user: FactoryGirl.create(:api_user)) + login_xml = " + + + + #{user.username} + #{user.password} + + 1.0 + en + + + https://epp.tld.ee/schema/domain-eis-1.0.xsd + https://epp.tld.ee/schema/contact-eis-1.0.xsd + urn:ietf:params:xml:ns:host-1.0 + urn:ietf:params:xml:ns:keyrelay-1.0 + + urn:ietf:params:xml:ns:secDNS-1.1 + https://epp.tld.ee/schema/eis-1.0.xsd + + + + ABC-12345 + + " + + post '/epp/session/login', frame: login_xml + end + end +end