password_spec.rb 4.12 KB
Newer Older
1 2
require 'spec_helper'

3
describe 'Profile > Password' do
4 5 6 7 8 9 10 11 12
  let(:user) { create(:user) }

  def fill_passwords(password, confirmation)
    fill_in 'New password',          with: password
    fill_in 'Password confirmation', with: confirmation

    click_button 'Save password'
  end

13 14
  context 'Password authentication enabled' do
    let(:user) { create(:user, password_automatically_set: true) }
15

16 17 18 19
    before do
      sign_in(user)
      visit edit_profile_password_path
    end
20

21 22 23 24
    context 'User with password automatically set' do
      describe 'User puts different passwords in the field and in the confirmation' do
        it 'shows an error message' do
          fill_passwords('mypassword', 'mypassword2')
25

26 27 28 29 30 31 32
          page.within('.alert-danger') do
            expect(page).to have_content("Password confirmation doesn't match Password")
          end
        end

        it 'does not contain the current password field after an error' do
          fill_passwords('mypassword', 'mypassword2')
33

34
          expect(page).to have_no_field('user[current_password]')
35 36 37
        end
      end

38 39 40
      describe 'User puts the same passwords in the field and in the confirmation' do
        it 'shows a success message' do
          fill_passwords('mypassword', 'mypassword')
41

42 43 44 45
          page.within('.flash-notice') do
            expect(page).to have_content('Password was successfully updated. Please login with it')
          end
        end
46 47
      end
    end
48
  end
49

50 51 52 53
  context 'Password authentication unavailable' do
    before do
      gitlab_sign_in(user)
    end
54

55 56 57
    context 'Regular user' do
      let(:user) { create(:user) }

58 59 60
      it 'renders 404 when password authentication is disabled for the web interface and Git' do
        stub_application_setting(password_authentication_enabled_for_web: false)
        stub_application_setting(password_authentication_enabled_for_git: false)
61 62 63

        visit edit_profile_password_path

64
        expect(page).to have_gitlab_http_status(404)
65 66 67 68 69 70 71 72 73
      end
    end

    context 'LDAP user' do
      let(:user) { create(:omniauth_user, provider: 'ldapmain') }

      it 'renders 404' do
        visit edit_profile_password_path

74
        expect(page).to have_gitlab_http_status(404)
75 76 77
      end
    end
  end
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119

  context 'Change passowrd' do
    before do
      sign_in(user)
      visit(edit_profile_password_path)
    end

    it 'does not change user passowrd without old one' do
      page.within '.update-password' do
        fill_passwords('22233344', '22233344')
      end

      page.within '.flash-container' do
        expect(page).to have_content 'You must provide a valid current password'
      end
    end

    it 'does not change password with invalid old password' do
      page.within '.update-password' do
        fill_in 'user_current_password', with: 'invalid'
        fill_passwords('password', 'confirmation')
      end

      page.within '.flash-container' do
        expect(page).to have_content 'You must provide a valid current password'
      end
    end

    it 'changes user password' do
      page.within '.update-password' do
        fill_in "user_current_password", with: user.password
        fill_passwords('22233344', '22233344')
      end

      expect(current_path).to eq new_user_session_path
    end
  end

  context 'when password is expired' do
    before do
      sign_in(user)

Lin Jen-Shin's avatar
Lin Jen-Shin committed
120
      user.update(password_expires_at: 1.hour.ago)
121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136
      user.identities.delete
      expect(user.ldap_user?).to eq false
    end

    it 'needs change user password' do
      visit edit_profile_password_path

      expect(current_path).to eq new_profile_password_path

      fill_in :user_current_password,      with: user.password
      fill_in :user_password,              with: '12345678'
      fill_in :user_password_confirmation, with: '12345678'
      click_button 'Set new password'

      expect(current_path).to eq new_user_session_path
    end
137 138 139 140 141 142 143 144 145 146

    context 'when global require_two_factor_authentication is enabled' do
      it 'needs change user password' do
        stub_application_setting(require_two_factor_authentication: true)

        visit profile_path

        expect(current_path).to eq new_profile_password_path
      end
    end
147
  end
148
end