You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

267 lines
8.6 KiB

7 years ago
7 years ago
7 years ago
  1. require 'rails_helper'
  2. require 'devise_two_factor/spec_helpers'
  3. RSpec.describe User, type: :model do
  4. it_behaves_like 'two_factor_backupable'
  5. describe 'otp_secret' do
  6. it 'is encrypted with OTP_SECRET environment variable' do
  7. user = Fabricate(:user,
  8. encrypted_otp_secret: "Fttsy7QAa0edaDfdfSz094rRLAxc8cJweDQ4BsWH/zozcdVA8o9GLqcKhn2b\nGi/V\n",
  9. encrypted_otp_secret_iv: 'rys3THICkr60BoWC',
  10. encrypted_otp_secret_salt: '_LMkAGvdg7a+sDIKjI3mR2Q==')
  11. expect(user.otp_secret).to eq 'anotpsecretthatshouldbeencrypted'
  12. end
  13. end
  14. describe 'validations' do
  15. it 'is invalid without an account' do
  16. user = Fabricate.build(:user, account: nil)
  17. user.valid?
  18. expect(user).to model_have_error_on_field(:account)
  19. end
  20. it 'is invalid without a valid locale' do
  21. user = Fabricate.build(:user, locale: 'toto')
  22. user.valid?
  23. expect(user).to model_have_error_on_field(:locale)
  24. end
  25. it 'is invalid without a valid email' do
  26. user = Fabricate.build(:user, email: 'john@')
  27. user.valid?
  28. expect(user).to model_have_error_on_field(:email)
  29. end
  30. it 'cleans out empty string from languages' do
  31. user = Fabricate.build(:user, filtered_languages: [''])
  32. user.valid?
  33. expect(user.filtered_languages).to eq []
  34. end
  35. end
  36. describe 'scopes' do
  37. describe 'recent' do
  38. it 'returns an array of recent users ordered by id' do
  39. user_1 = Fabricate(:user)
  40. user_2 = Fabricate(:user)
  41. expect(User.recent).to match_array([user_2, user_1])
  42. end
  43. end
  44. describe 'admins' do
  45. it 'returns an array of users who are admin' do
  46. user_1 = Fabricate(:user, admin: false)
  47. user_2 = Fabricate(:user, admin: true)
  48. expect(User.admins).to match_array([user_2])
  49. end
  50. end
  51. describe 'confirmed' do
  52. it 'returns an array of users who are confirmed' do
  53. user_1 = Fabricate(:user, confirmed_at: nil)
  54. user_2 = Fabricate(:user, confirmed_at: Time.now)
  55. expect(User.confirmed).to match_array([user_2])
  56. end
  57. end
  58. describe 'inactive' do
  59. it 'returns a relation of inactive users' do
  60. specified = Fabricate(:user, current_sign_in_at: 15.days.ago)
  61. Fabricate(:user, current_sign_in_at: 13.days.ago)
  62. expect(User.inactive).to match_array([specified])
  63. end
  64. end
  65. describe 'matches_email' do
  66. it 'returns a relation of users whose email starts with the given string' do
  67. specified = Fabricate(:user, email: 'specified@spec')
  68. Fabricate(:user, email: 'unspecified@spec')
  69. expect(User.matches_email('specified')).to match_array([specified])
  70. end
  71. end
  72. describe 'with_recent_ip_address' do
  73. it 'returns a relation of users who is, or was at last time, online with the given IP address' do
  74. specifieds = [
  75. Fabricate(:user, current_sign_in_ip: '0.0.0.42', last_sign_in_ip: '0.0.0.0'),
  76. Fabricate(:user, current_sign_in_ip: nil, last_sign_in_ip: '0.0.0.42')
  77. ]
  78. Fabricate(:user, current_sign_in_ip: '0.0.0.0', last_sign_in_ip: '0.0.0.0')
  79. expect(User.with_recent_ip_address('0.0.0.42')).to eq specifieds
  80. end
  81. end
  82. end
  83. let(:account) { Fabricate(:account, username: 'alice') }
  84. let(:password) { 'abcd1234' }
  85. describe 'blacklist' do
  86. around(:each) do |example|
  87. old_blacklist = Rails.configuration.x.email_blacklist
  88. Rails.configuration.x.email_domains_blacklist = 'mvrht.com'
  89. example.run
  90. Rails.configuration.x.email_domains_blacklist = old_blacklist
  91. end
  92. it 'should allow a non-blacklisted user to be created' do
  93. user = User.new(email: 'foo@example.com', account: account, password: password)
  94. expect(user.valid?).to be_truthy
  95. end
  96. it 'should not allow a blacklisted user to be created' do
  97. user = User.new(email: 'foo@mvrht.com', account: account, password: password)
  98. expect(user.valid?).to be_falsey
  99. end
  100. it 'should not allow a subdomain blacklisted user to be created' do
  101. user = User.new(email: 'foo@mvrht.com.topdomain.tld', account: account, password: password)
  102. expect(user.valid?).to be_falsey
  103. end
  104. end
  105. describe '#confirmed?' do
  106. it 'returns true when a confirmed_at is set' do
  107. user = Fabricate.build(:user, confirmed_at: Time.now.utc)
  108. expect(user.confirmed?).to be true
  109. end
  110. it 'returns false if a confirmed_at is nil' do
  111. user = Fabricate.build(:user, confirmed_at: nil)
  112. expect(user.confirmed?).to be false
  113. end
  114. end
  115. describe '#disable_two_factor!' do
  116. it 'saves false for otp_required_for_login' do
  117. user = Fabricate.build(:user, otp_required_for_login: true)
  118. user.disable_two_factor!
  119. expect(user.reload.otp_required_for_login).to be false
  120. end
  121. it 'saves cleared otp_backup_codes' do
  122. user = Fabricate.build(:user, otp_backup_codes: %w[dummy dummy])
  123. user.disable_two_factor!
  124. expect(user.reload.otp_backup_codes.empty?).to be true
  125. end
  126. end
  127. describe '#send_confirmation_instructions' do
  128. around do |example|
  129. queue_adapter = ActiveJob::Base.queue_adapter
  130. example.run
  131. ActiveJob::Base.queue_adapter = queue_adapter
  132. end
  133. it 'delivers confirmation instructions later' do
  134. user = Fabricate(:user)
  135. ActiveJob::Base.queue_adapter = :test
  136. expect { user.send_confirmation_instructions }.to have_enqueued_job(ActionMailer::DeliveryJob)
  137. end
  138. end
  139. describe '#setting_auto_play_gif' do
  140. it 'returns auto-play gif setting' do
  141. user = Fabricate(:user)
  142. user.settings[:auto_play_gif] = false
  143. expect(user.setting_auto_play_gif).to eq false
  144. end
  145. end
  146. describe '#setting_boost_modal' do
  147. it 'returns boost modal setting' do
  148. user = Fabricate(:user)
  149. user.settings[:boost_modal] = false
  150. expect(user.setting_boost_modal).to eq false
  151. end
  152. end
  153. describe '#setting_default_privacy' do
  154. it 'returns default privacy setting if user has configured' do
  155. user = Fabricate(:user)
  156. user.settings[:default_privacy] = 'unlisted'
  157. expect(user.setting_default_privacy).to eq 'unlisted'
  158. end
  159. it "returns 'private' if user has not configured default privacy setting and account is locked" do
  160. user = Fabricate(:user, account: Fabricate(:account, locked: true))
  161. expect(user.setting_default_privacy).to eq 'private'
  162. end
  163. it "returns 'public' if user has not configured default privacy setting and account is not locked" do
  164. user = Fabricate(:user, account: Fabricate(:account, locked: false))
  165. expect(user.setting_default_privacy).to eq 'public'
  166. end
  167. end
  168. describe '#setting_delete_modal' do
  169. it 'returns delete modal setting' do
  170. user = Fabricate(:user)
  171. user.settings[:delete_modal] = false
  172. expect(user.setting_delete_modal).to eq false
  173. end
  174. end
  175. describe 'whitelist' do
  176. around(:each) do |example|
  177. old_whitelist = Rails.configuration.x.email_whitelist
  178. Rails.configuration.x.email_domains_whitelist = 'mastodon.space'
  179. example.run
  180. Rails.configuration.x.email_domains_whitelist = old_whitelist
  181. end
  182. it 'should not allow a user to be created unless they are whitelisted' do
  183. user = User.new(email: 'foo@example.com', account: account, password: password)
  184. expect(user.valid?).to be_falsey
  185. end
  186. it 'should allow a user to be created if they are whitelisted' do
  187. user = User.new(email: 'foo@mastodon.space', account: account, password: password)
  188. expect(user.valid?).to be_truthy
  189. end
  190. it 'should not allow a user with a whitelisted top domain as subdomain in their email address to be created' do
  191. user = User.new(email: 'foo@mastodon.space.userdomain.com', account: account, password: password)
  192. expect(user.valid?).to be_falsey
  193. end
  194. context do
  195. around do |example|
  196. old_blacklist = Rails.configuration.x.email_blacklist
  197. example.run
  198. Rails.configuration.x.email_domains_blacklist = old_blacklist
  199. end
  200. it 'should not allow a user to be created with a specific blacklisted subdomain even if the top domain is whitelisted' do
  201. Rails.configuration.x.email_domains_blacklist = 'blacklisted.mastodon.space'
  202. user = User.new(email: 'foo@blacklisted.mastodon.space', account: account, password: password)
  203. expect(user.valid?).to be_falsey
  204. end
  205. end
  206. end
  207. it_behaves_like 'Settings-extended' do
  208. def create!
  209. User.create!(account: Fabricate(:account), email: 'foo@mastodon.space', password: 'abcd1234' )
  210. end
  211. def fabricate
  212. Fabricate(:user)
  213. end
  214. end
  215. end