Tests for registrar ip whitelist

2025-07-22 10:45:58 +02:00 · 2015-05-20 16:32:54 +03:00 · 2015-05-20 16:32:54 +03:00 · a7a984d999
commit a7a984d999
parent 9fd54025f5
3 changed files with 32 additions and 4 deletions
--- a/app/controllers/registrar/sessions_controller.rb
+++ b/app/controllers/registrar/sessions_controller.rb
@ -15,7 +15,7 @@ class Registrar::SessionsController < ::SessionsController
  # rubocop:disable Metrics/CyclomaticComplexity
  def create
    @depp_user = Depp::User.new(params[:depp_user].merge(
-      pki: !Rails.env.development?
+      pki: !(Rails.env.development? || Rails.env.test?)
      )
    )

--- a/app/models/white_ip.rb
+++ b/app/models/white_ip.rb
@ -34,7 +34,7 @@ class WhiteIp < ActiveRecord::Base
        ).and(
          at[:ipv4].eq(ip)
        )
-      )
+      ).any?
    end
  end
 end
--- a/spec/features/registrar/sessions_spec.rb
+++ b/spec/features/registrar/sessions_spec.rb
@ -1,11 +1,35 @@
 require 'rails_helper'

 feature 'Sessions', type: :feature do
-  before :all do
-    Fabricate(:api_user)
+  context 'with invalid ip' do
+    it 'should not see login page' do
+      WhiteIp.destroy_all
+      visit registrar_login_path
+      page.should have_text('IP is not whitelisted')
+    end
+
+    it 'should see log in' do
+      @fixed_registrar.white_ips = [Fabricate(:white_ip_registrar)]
+      visit registrar_login_path
+      page.should have_text('Log in')
+    end
+
+    it 'should not get in with invalid ip' do
+      Fabricate(:registrar, white_ips: [Fabricate(:white_ip), Fabricate(:white_ip_registrar)])
+      @api_user_invalid_ip = Fabricate(:api_user, identity_code: '37810013294', registrar: Fabricate(:registrar, white_ips: []))
+      visit registrar_login_path
+      fill_in 'depp_user_tag', with: @api_user_invalid_ip.username
+      fill_in 'depp_user_password', with: @api_user_invalid_ip.password
+      click_button 'Log in'
+      page.should have_text('IP is not whitelisted')
+    end
  end

  context 'as unknown user' do
+    before :all do
+      Fabricate(:api_user)
+    end
+
    it 'should not get in' do
      client = instance_double("Digidoc::Client")
      allow(client).to receive(:authenticate).and_return(
@ -28,6 +52,10 @@ feature 'Sessions', type: :feature do
  end

  context 'as known api user' do
+    before :all do
+      Fabricate(:api_user)
+    end
+
    it 'should not get in when external service fails' do
      client = instance_double("Digidoc::Client")
      allow(client).to receive(:authenticate).and_return(