abunchtell
/
mastodon
1
0
Fork 0
Code Issues 0 Activity
The code powering m.abunchtell.com https://m.abunchtell.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6106 Commits
1 Branch
94 MiB
 
 
 
 
Tree: f194857ac9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f194857ac9'
${ noResults }
mastodon/spec/models/user_spec.rb

542 lines
15 KiB
Raw Blame History 

  1. require 'rails_helper'

  2. require 'devise_two_factor/spec_helpers'

  3. 

  4. RSpec.describe User, type: :model do

  5.   it_behaves_like 'two_factor_backupable'

  6. 

  7.   describe 'otp_secret' do

  8.     it 'is encrypted with OTP_SECRET environment variable' do

  9.       user = Fabricate(:user,

  10.                        encrypted_otp_secret: "Fttsy7QAa0edaDfdfSz094rRLAxc8cJweDQ4BsWH/zozcdVA8o9GLqcKhn2b\nGi/V\n",

  11.                        encrypted_otp_secret_iv: 'rys3THICkr60BoWC',

  12.                        encrypted_otp_secret_salt: '_LMkAGvdg7a+sDIKjI3mR2Q==')

  13. 

  14.       expect(user.otp_secret).to eq 'anotpsecretthatshouldbeencrypted'

  15.     end

  16.   end

  17. 

  18.   describe 'validations' do

  19.     it 'is invalid without an account' do

  20.       user = Fabricate.build(:user, account: nil)

  21.       user.valid?

  22.       expect(user).to model_have_error_on_field(:account)

  23.     end

  24. 

  25.     it 'is invalid without a valid locale' do

  26.       user = Fabricate.build(:user, locale: 'toto')

  27.       user.valid?

  28.       expect(user).to model_have_error_on_field(:locale)

  29.     end

  30. 

  31.     it 'is invalid without a valid email' do

  32.       user = Fabricate.build(:user, email: 'john@')

  33.       user.valid?

  34.       expect(user).to model_have_error_on_field(:email)

  35.     end

  36. 

  37.     it 'is valid with an invalid e-mail that has already been saved' do

  38.       user = Fabricate.build(:user, email: 'invalid-email')

  39.       user.save(validate: false)

  40.       expect(user.valid?).to be true

  41.     end

  42. 

  43.     it 'cleans out empty string from languages' do

  44.       user = Fabricate.build(:user, chosen_languages: [''])

  45.       user.valid?

  46.       expect(user.chosen_languages).to eq nil

  47.     end

  48.   end

  49. 

  50.   describe 'scopes' do

  51.     describe 'recent' do

  52.       it 'returns an array of recent users ordered by id' do

  53.         user_1 = Fabricate(:user)

  54.         user_2 = Fabricate(:user)

  55.         expect(User.recent).to eq [user_2, user_1]

  56.       end

  57.     end

  58. 

  59.     describe 'admins' do

  60.       it 'returns an array of users who are admin' do

  61.         user_1 = Fabricate(:user, admin: false)

  62.         user_2 = Fabricate(:user, admin: true)

  63.         expect(User.admins).to match_array([user_2])

  64.       end

  65.     end

  66. 

  67.     describe 'confirmed' do

  68.       it 'returns an array of users who are confirmed' do

  69.         user_1 = Fabricate(:user, confirmed_at: nil)

  70.         user_2 = Fabricate(:user, confirmed_at: Time.zone.now)

  71.         expect(User.confirmed).to match_array([user_2])

  72.       end

  73.     end

  74. 

  75.     describe 'inactive' do

  76.       it 'returns a relation of inactive users' do

  77.         specified = Fabricate(:user, current_sign_in_at: 15.days.ago)

  78.         Fabricate(:user, current_sign_in_at: 6.days.ago)

  79. 

  80.         expect(User.inactive).to match_array([specified])

  81.       end

  82.     end

  83. 

  84.     describe 'matches_email' do

  85.       it 'returns a relation of users whose email starts with the given string' do

  86.         specified = Fabricate(:user, email: 'specified@spec')

  87.         Fabricate(:user, email: 'unspecified@spec')

  88. 

  89.         expect(User.matches_email('specified')).to match_array([specified])

  90.       end

  91.     end

  92. 

  93.     describe 'with_recent_ip_address' do

  94.       it 'returns a relation of users who is, or was at last time, online with the given IP address' do

  95.         specifieds = [

  96.           Fabricate(:user, current_sign_in_ip: '0.0.0.42', last_sign_in_ip: '0.0.0.0'),

  97.           Fabricate(:user, current_sign_in_ip: nil, last_sign_in_ip: '0.0.0.42')

  98.         ]

  99.         Fabricate(:user, current_sign_in_ip: '0.0.0.0', last_sign_in_ip: '0.0.0.0')

  100. 

  101.         expect(User.with_recent_ip_address('0.0.0.42')).to match_array(specifieds)

  102.       end

  103.     end

  104.   end

  105. 

  106.   let(:account) { Fabricate(:account, username: 'alice') }

  107.   let(:password) { 'abcd1234' }

  108. 

  109.   describe 'blacklist' do

  110.     around(:each) do |example|

  111.       old_blacklist = Rails.configuration.x.email_blacklist

  112. 

  113.       Rails.configuration.x.email_domains_blacklist = 'mvrht.com'

  114. 

  115.       example.run

  116. 

  117.       Rails.configuration.x.email_domains_blacklist = old_blacklist

  118.     end

  119. 

  120.     it 'should allow a non-blacklisted user to be created' do

  121.       user = User.new(email: 'foo@example.com', account: account, password: password)

  122. 

  123.       expect(user.valid?).to be_truthy

  124.     end

  125. 

  126.     it 'should not allow a blacklisted user to be created' do

  127.       user = User.new(email: 'foo@mvrht.com', account: account, password: password)

  128. 

  129.       expect(user.valid?).to be_falsey

  130.     end

  131. 

  132.     it 'should not allow a subdomain blacklisted user to be created' do

  133.       user = User.new(email: 'foo@mvrht.com.topdomain.tld', account: account, password: password)

  134. 

  135.       expect(user.valid?).to be_falsey

  136.     end

  137.   end

  138. 

  139.   describe '#confirmed?' do

  140.     it 'returns true when a confirmed_at is set' do

  141.       user = Fabricate.build(:user, confirmed_at: Time.now.utc)

  142.       expect(user.confirmed?).to be true

  143.     end

  144. 

  145.     it 'returns false if a confirmed_at is nil' do

  146.       user = Fabricate.build(:user, confirmed_at: nil)

  147.       expect(user.confirmed?).to be false

  148.     end

  149.   end

  150. 

  151.   describe '#confirm' do

  152.     it 'sets email to unconfirmed_email' do

  153.       user = Fabricate.build(:user, confirmed_at: Time.now.utc, unconfirmed_email: 'new-email@example.com')

  154.       user.confirm

  155.       expect(user.email).to eq 'new-email@example.com'

  156.     end

  157.   end

  158. 

  159.   describe '#disable_two_factor!' do

  160.     it 'saves false for otp_required_for_login' do

  161.       user = Fabricate.build(:user, otp_required_for_login: true)

  162.       user.disable_two_factor!

  163.       expect(user.reload.otp_required_for_login).to be false

  164.     end

  165. 

  166.     it 'saves cleared otp_backup_codes' do

  167.       user = Fabricate.build(:user, otp_backup_codes: %w(dummy dummy))

  168.       user.disable_two_factor!

  169.       expect(user.reload.otp_backup_codes.empty?).to be true

  170.     end

  171.   end

  172. 

  173.   describe '#send_confirmation_instructions' do

  174.     around do |example|

  175.       queue_adapter = ActiveJob::Base.queue_adapter

  176.       example.run

  177.       ActiveJob::Base.queue_adapter = queue_adapter

  178.     end

  179. 

  180.     it 'delivers confirmation instructions later' do

  181.       user = Fabricate(:user)

  182.       ActiveJob::Base.queue_adapter = :test

  183. 

  184.       expect { user.send_confirmation_instructions }.to have_enqueued_job(ActionMailer::DeliveryJob)

  185.     end

  186.   end

  187. 

  188.   describe 'settings' do

  189.     it 'is instance of Settings::ScopedSettings' do

  190.       user = Fabricate(:user)

  191.       expect(user.settings).to be_kind_of Settings::ScopedSettings

  192.     end

  193.   end

  194. 

  195.   describe '#setting_default_privacy' do

  196.     it 'returns default privacy setting if user has configured' do

  197.       user = Fabricate(:user)

  198.       user.settings[:default_privacy] = 'unlisted'

  199.       expect(user.setting_default_privacy).to eq 'unlisted'

  200.     end

  201. 

  202.     it "returns 'private' if user has not configured default privacy setting and account is locked" do

  203.       user = Fabricate(:user, account: Fabricate(:account, locked: true))

  204.       expect(user.setting_default_privacy).to eq 'private'

  205.     end

  206. 

  207.     it "returns 'public' if user has not configured default privacy setting and account is not locked" do

  208.       user = Fabricate(:user, account: Fabricate(:account, locked: false))

  209.       expect(user.setting_default_privacy).to eq 'public'

  210.     end

  211.   end

  212. 

  213.   describe 'whitelist' do

  214.     around(:each) do |example|

  215.       old_whitelist = Rails.configuration.x.email_whitelist

  216. 

  217.       Rails.configuration.x.email_domains_whitelist = 'mastodon.space'

  218. 

  219.       example.run

  220. 

  221.       Rails.configuration.x.email_domains_whitelist = old_whitelist

  222.     end

  223. 

  224.     it 'should not allow a user to be created unless they are whitelisted' do

  225.       user = User.new(email: 'foo@example.com', account: account, password: password)

  226.       expect(user.valid?).to be_falsey

  227.     end

  228. 

  229.     it 'should allow a user to be created if they are whitelisted' do

  230.       user = User.new(email: 'foo@mastodon.space', account: account, password: password)

  231.       expect(user.valid?).to be_truthy

  232.     end

  233. 

  234.     it 'should not allow a user with a whitelisted top domain as subdomain in their email address to be created' do

  235.       user = User.new(email: 'foo@mastodon.space.userdomain.com', account: account, password: password)

  236.       expect(user.valid?).to be_falsey

  237.     end

  238. 

  239.     context do

  240.       around do |example|

  241.         old_blacklist = Rails.configuration.x.email_blacklist

  242.         example.run

  243.         Rails.configuration.x.email_domains_blacklist = old_blacklist

  244.       end

  245. 

  246.       it 'should not allow a user to be created with a specific blacklisted subdomain even if the top domain is whitelisted' do

  247.         Rails.configuration.x.email_domains_blacklist = 'blacklisted.mastodon.space'

  248. 

  249.         user = User.new(email: 'foo@blacklisted.mastodon.space', account: account, password: password)

  250.         expect(user.valid?).to be_falsey

  251.       end

  252.     end

  253.   end

  254. 

  255.   it_behaves_like 'Settings-extended' do

  256.     def create!

  257.       User.create!(account: Fabricate(:account), email: 'foo@mastodon.space', password: 'abcd1234')

  258.     end

  259. 

  260.     def fabricate

  261.       Fabricate(:user)

  262.     end

  263.   end

  264. 

  265.   describe 'token_for_app' do

  266.     let(:user) { Fabricate(:user) }

  267.     let(:app) { Fabricate(:application, owner: user) }

  268. 

  269.     it 'returns a token' do

  270.       expect(user.token_for_app(app)).to be_a(Doorkeeper::AccessToken)

  271.     end

  272. 

  273.     it 'persists a token' do

  274.       t = user.token_for_app(app)

  275.       expect(user.token_for_app(app)).to eql(t)

  276.     end

  277. 

  278.     it 'is nil if user does not own app' do

  279.       app.update!(owner: nil)

  280. 

  281.       expect(user.token_for_app(app)).to be_nil

  282.     end

  283.   end

  284. 

  285.   describe '#role' do

  286.     it 'returns admin for admin' do

  287.       user = User.new(admin: true)

  288.       expect(user.role).to eq 'admin'

  289.     end

  290. 

  291.     it 'returns moderator for moderator' do

  292.       user = User.new(moderator: true)

  293.       expect(user.role).to eq 'moderator'

  294.     end

  295. 

  296.     it 'returns user otherwise' do

  297.       user = User.new

  298.       expect(user.role).to eq 'user'

  299.     end

  300.   end

  301. 

  302.   describe '#role?' do

  303.     it 'returns false when invalid role requested' do

  304.       user = User.new(admin: true)

  305.       expect(user.role?('disabled')).to be false

  306.     end

  307. 

  308.     it 'returns true when exact role match' do

  309.       user  = User.new

  310.       mod   = User.new(moderator: true)

  311.       admin = User.new(admin: true)

  312. 

  313.       expect(user.role?('user')).to be true

  314.       expect(mod.role?('moderator')).to be true

  315.       expect(admin.role?('admin')).to be true

  316.     end

  317. 

  318.     it 'returns true when role higher than needed' do

  319.       mod   = User.new(moderator: true)

  320.       admin = User.new(admin: true)

  321. 

  322.       expect(mod.role?('user')).to be true

  323.       expect(admin.role?('user')).to be true

  324.       expect(admin.role?('moderator')).to be true

  325.     end

  326.   end

  327. 

  328.   describe '#disable!' do

  329.     subject(:user) { Fabricate(:user, disabled: false, current_sign_in_at: current_sign_in_at, last_sign_in_at: nil) }

  330.     let(:current_sign_in_at) { Time.zone.now }

  331. 

  332.     before do

  333.       user.disable!

  334.     end

  335. 

  336.     it 'disables user' do

  337.       expect(user).to have_attributes(disabled: true, current_sign_in_at: nil, last_sign_in_at: current_sign_in_at)

  338.     end

  339.   end

  340. 

  341.   describe '#disable!' do

  342.     subject(:user) { Fabricate(:user, disabled: false, current_sign_in_at: current_sign_in_at, last_sign_in_at: nil) }

  343.     let(:current_sign_in_at) { Time.zone.now }

  344. 

  345.     before do

  346.       user.disable!

  347.     end

  348. 

  349.     it 'disables user' do

  350.       expect(user).to have_attributes(disabled: true, current_sign_in_at: nil, last_sign_in_at: current_sign_in_at)

  351.     end

  352.   end

  353. 

  354.   describe '#enable!' do

  355.     subject(:user) { Fabricate(:user, disabled: true) }

  356. 

  357.     before do

  358.       user.enable!

  359.     end

  360. 

  361.     it 'enables user' do

  362.       expect(user).to have_attributes(disabled: false)

  363.     end

  364.   end

  365. 

  366.   describe '#confirm!' do

  367.     subject(:user) { Fabricate(:user, confirmed_at: confirmed_at) }

  368. 

  369.     before do

  370.       ActionMailer::Base.deliveries.clear

  371.       user.confirm!

  372.     end

  373. 

  374.     after { ActionMailer::Base.deliveries.clear }

  375. 

  376.     context 'when user is new' do

  377.       let(:confirmed_at) { nil }

  378. 

  379.       it 'confirms user' do

  380.         expect(user.confirmed_at).to be_present

  381.       end

  382. 

  383.       it 'delivers mails' do

  384.         expect(ActionMailer::Base.deliveries.count).to eq 2

  385.       end

  386.     end

  387. 

  388.     context 'when user is not new' do

  389.       let(:confirmed_at) { Time.zone.now }

  390. 

  391.       it 'confirms user' do

  392.         expect(user.confirmed_at).to be_present

  393.       end

  394. 

  395.       it 'does not deliver mail' do

  396.         expect(ActionMailer::Base.deliveries.count).to eq 0

  397.       end

  398.     end

  399.   end

  400. 

  401.   describe '#promote!' do

  402.     subject(:user) { Fabricate(:user, admin: is_admin, moderator: is_moderator) }

  403. 

  404.     before do

  405.       user.promote!

  406.     end

  407. 

  408.     context 'when user is an admin' do

  409.       let(:is_admin) { true }

  410. 

  411.       context 'when user is a moderator' do

  412.         let(:is_moderator) { true }

  413. 

  414.         it 'changes moderator filed false' do

  415.           expect(user).to be_admin

  416.           expect(user).not_to be_moderator

  417.         end

  418.       end

  419. 

  420.       context 'when user is not a moderator' do

  421.         let(:is_moderator) { false }

  422. 

  423.         it 'does not change status' do

  424.           expect(user).to be_admin

  425.           expect(user).not_to be_moderator

  426.         end

  427.       end

  428.     end

  429. 

  430.     context 'when user is not admin' do

  431.       let(:is_admin) { false }

  432. 

  433.       context 'when user is a moderator' do

  434.         let(:is_moderator) { true }

  435. 

  436.         it 'changes user into an admin' do

  437.           expect(user).to be_admin

  438.           expect(user).not_to be_moderator

  439.         end

  440.       end

  441. 

  442.       context 'when user is not a moderator' do

  443.         let(:is_moderator) { false }

  444. 

  445.         it 'changes user into a moderator' do

  446.           expect(user).not_to be_admin

  447.           expect(user).to be_moderator

  448.         end

  449.       end

  450.     end

  451.   end

  452. 

  453.   describe '#demote!' do

  454.     subject(:user) { Fabricate(:user, admin: admin, moderator: moderator) }

  455. 

  456.     before do

  457.       user.demote!

  458.     end

  459. 

  460.     context 'when user is an admin' do

  461.       let(:admin) { true }

  462. 

  463.       context 'when user is a moderator' do

  464.         let(:moderator) { true }

  465. 

  466.         it 'changes user into a moderator' do

  467.           expect(user).not_to be_admin

  468.           expect(user).to be_moderator

  469.         end

  470.       end

  471. 

  472.       context 'when user is not a moderator' do

  473.         let(:moderator) { false }

  474. 

  475.         it 'changes user into a moderator' do

  476.           expect(user).not_to be_admin

  477.           expect(user).to be_moderator

  478.         end

  479.       end

  480.     end

  481. 

  482.     context 'when user is not an admin' do

  483.       let(:admin) { false }

  484. 

  485.       context 'when user is a moderator' do

  486.         let(:moderator) { true }

  487. 

  488.         it 'changes user into a plain user' do

  489.           expect(user).not_to be_admin

  490.           expect(user).not_to be_moderator

  491.         end

  492.       end

  493. 

  494.       context 'when user is not a moderator' do

  495.         let(:moderator) { false }

  496. 

  497.         it 'does not change any fields' do

  498.           expect(user).not_to be_admin

  499.           expect(user).not_to be_moderator

  500.         end

  501.       end

  502.     end

  503.   end

  504. 

  505.   describe '#active_for_authentication?' do

  506.     subject { user.active_for_authentication? }

  507.     let(:user) { Fabricate(:user, disabled: disabled, confirmed_at: confirmed_at) }

  508. 

  509.     context 'when user is disabled' do

  510.       let(:disabled) { true }

  511. 

  512.       context 'when user is confirmed' do

  513.         let(:confirmed_at) { Time.zone.now }

  514. 

  515.         it { is_expected.to be true }

  516.       end

  517. 

  518.       context 'when user is not confirmed' do

  519.         let(:confirmed_at) { nil }

  520. 

  521.         it { is_expected.to be false }

  522.       end

  523.     end

  524. 

  525.     context 'when user is not disabled' do

  526.       let(:disabled) { false }

  527. 

  528.       context 'when user is confirmed' do

  529.         let(:confirmed_at) { Time.zone.now }

  530. 

  531.         it { is_expected.to be true }

  532.       end

  533. 

  534.       context 'when user is not confirmed' do

  535.         let(:confirmed_at) { nil }

  536. 

  537.         it { is_expected.to be false }

  538.       end

  539.     end

  540.   end

  541. end