admin_users_spec.rb 6.27 KB
Newer Older
gitlabhq's avatar
gitlabhq committed
1 2
require 'spec_helper'

3
describe "Admin::Users", feature: true  do
gitlabhq's avatar
gitlabhq committed
4 5 6
  before { login_as :admin }

  describe "GET /admin/users" do
Nihad Abbasov's avatar
Nihad Abbasov committed
7
    before do
gitlabhq's avatar
gitlabhq committed
8 9 10 11
      visit admin_users_path
    end

    it "should be ok" do
12
      expect(current_path).to eq(admin_users_path)
gitlabhq's avatar
gitlabhq committed
13 14
    end

Nihad Abbasov's avatar
Nihad Abbasov committed
15
    it "should have users list" do
16 17
      expect(page).to have_content(@user.email)
      expect(page).to have_content(@user.name)
gitlabhq's avatar
gitlabhq committed
18
    end
19 20 21

    describe 'Two-factor Authentication filters' do
      it 'counts users who have enabled 2FA' do
22
        create(:user, :two_factor)
23 24 25 26 27 28 29 30 31

        visit admin_users_path

        page.within('.filter-two-factor-enabled small') do
          expect(page).to have_content('1')
        end
      end

      it 'filters by users who have enabled 2FA' do
32
        user = create(:user, :two_factor)
33 34 35 36 37 38 39 40

        visit admin_users_path
        click_link '2FA Enabled'

        expect(page).to have_content(user.email)
      end

      it 'counts users who have not enabled 2FA' do
41
        create(:user)
42 43 44 45 46 47 48 49 50

        visit admin_users_path

        page.within('.filter-two-factor-disabled small') do
          expect(page).to have_content('2') # Including admin
        end
      end

      it 'filters by users who have not enabled 2FA' do
51
        user = create(:user)
52 53 54 55 56 57 58

        visit admin_users_path
        click_link '2FA Disabled'

        expect(page).to have_content(user.email)
      end
    end
gitlabhq's avatar
gitlabhq committed
59 60
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
61 62
  describe "GET /admin/users/new" do
    before do
gitlabhq's avatar
gitlabhq committed
63
      visit new_admin_user_path
64
      fill_in "user_name", with: "Big Bang"
65
      fill_in "user_username", with: "bang"
66
      fill_in "user_email", with: "bigbang@mail.com"
gitlabhq's avatar
gitlabhq committed
67 68
    end

Nihad Abbasov's avatar
Nihad Abbasov committed
69
    it "should create new user" do
70
      expect { click_button "Create user" }.to change {User.count}.by(1)
gitlabhq's avatar
gitlabhq committed
71 72
    end

73 74
    it "should apply defaults to user" do
      click_button "Create user"
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
75
      user = User.find_by(username: 'bang')
76 77 78 79
      expect(user.projects_limit).
        to eq(Gitlab.config.gitlab.default_projects_limit)
      expect(user.can_create_group).
        to eq(Gitlab.config.gitlab.default_can_create_group)
80 81
    end

Nihad Abbasov's avatar
Nihad Abbasov committed
82
    it "should create user with valid data" do
83
      click_button "Create user"
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
84
      user = User.find_by(username: 'bang')
85 86
      expect(user.name).to eq('Big Bang')
      expect(user.email).to eq('bigbang@mail.com')
gitlabhq's avatar
gitlabhq committed
87 88
    end

Nihad Abbasov's avatar
Nihad Abbasov committed
89
    it "should call send mail" do
Valery Sizov's avatar
Valery Sizov committed
90
      expect_any_instance_of(NotificationService).to receive(:new_user)
91

92
      click_button "Create user"
gitlabhq's avatar
gitlabhq committed
93 94
    end

Nihad Abbasov's avatar
Nihad Abbasov committed
95
    it "should send valid email to user with email & password" do
Valery Sizov's avatar
Valery Sizov committed
96 97 98 99
      perform_enqueued_jobs do
        click_button "Create user"
      end

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
100
      user = User.find_by(username: 'bang')
101
      email = ActionMailer::Base.deliveries.last
102
      expect(email.subject).to have_content('Account was created')
103 104
      expect(email.text_part.body).to have_content(user.email)
      expect(email.text_part.body).to have_content('password')
Marin Jankovski's avatar
Marin Jankovski committed
105
    end
gitlabhq's avatar
gitlabhq committed
106 107
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
108
  describe "GET /admin/users/:id" do
109
    it "should have user info" do
gitlabhq's avatar
gitlabhq committed
110
      visit admin_users_path
111
      click_link @user.name
gitlabhq's avatar
gitlabhq committed
112

113 114
      expect(page).to have_content(@user.email)
      expect(page).to have_content(@user.name)
gitlabhq's avatar
gitlabhq committed
115
    end
116

117 118 119
    describe 'Impersonation' do
      let(:another_user) { create(:user) }
      before { visit admin_user_path(another_user) }
120

121 122 123 124
      context 'before impersonating' do
        it 'shows impersonate button for other users' do
          expect(page).to have_content('Impersonate')
        end
125

126 127
        it 'should not show impersonate button for admin itself' do
          visit admin_user_path(@user)
128

129
          expect(page).not_to have_content('Impersonate')
130
        end
131 132 133 134 135 136 137 138 139 140

        it 'should not show impersonate button for blocked user' do
          another_user.block

          visit admin_user_path(another_user)

          expect(page).not_to have_content('Impersonate')

          another_user.activate
        end
141 142
      end

143 144 145 146 147 148 149 150 151 152 153 154
      context 'when impersonating' do
        before { click_link 'Impersonate' }

        it 'logs in as the user when impersonate is clicked' do
          page.within '.sidebar-user .username' do
            expect(page).to have_content(another_user.username)
          end
        end

        it 'sees impersonation log out icon' do
          icon = first('.fa.fa-user-secret')

155
          expect(icon).not_to eql nil
156 157 158 159 160 161 162 163 164 165 166 167 168 169 170
        end

        it 'can log out of impersonated user back to original user' do
          find(:css, 'li.impersonation a').click

          page.within '.sidebar-user .username' do
            expect(page).to have_content(@user.username)
          end
        end

        it 'is redirected back to the impersonated users page in the admin after stopping' do
          find(:css, 'li.impersonation a').click

          expect(current_path).to eql "/admin/users/#{another_user.username}"
        end
171 172 173
      end
    end

174 175
    describe 'Two-factor Authentication status' do
      it 'shows when enabled' do
176
        @user.update_attribute(:otp_required_for_login, true)
177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194

        visit admin_user_path(@user)

        expect_two_factor_status('Enabled')
      end

      it 'shows when disabled' do
        visit admin_user_path(@user)

        expect_two_factor_status('Disabled')
      end

      def expect_two_factor_status(status)
        page.within('.two-factor-status') do
          expect(page).to have_content(status)
        end
      end
    end
gitlabhq's avatar
gitlabhq committed
195 196
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
197 198
  describe "GET /admin/users/:id/edit" do
    before do
199
      @simple_user = create(:user)
gitlabhq's avatar
gitlabhq committed
200 201 202 203
      visit admin_users_path
      click_link "edit_user_#{@simple_user.id}"
    end

Nihad Abbasov's avatar
Nihad Abbasov committed
204
    it "should have user edit page" do
205 206
      expect(page).to have_content('Name')
      expect(page).to have_content('Password')
gitlabhq's avatar
gitlabhq committed
207 208 209
    end

    describe "Update user" do
Nihad Abbasov's avatar
Nihad Abbasov committed
210
      before do
211 212
        fill_in "user_name", with: "Big Bang"
        fill_in "user_email", with: "bigbang@mail.com"
213 214
        fill_in "user_password", with: "AValidPassword1"
        fill_in "user_password_confirmation", with: "AValidPassword1"
gitlabhq's avatar
gitlabhq committed
215
        check "user_admin"
216
        click_button "Save changes"
gitlabhq's avatar
gitlabhq committed
217 218
      end

Nihad Abbasov's avatar
Nihad Abbasov committed
219
      it "should show page with  new data" do
220 221
        expect(page).to have_content('bigbang@mail.com')
        expect(page).to have_content('Big Bang')
gitlabhq's avatar
gitlabhq committed
222 223
      end

Nihad Abbasov's avatar
Nihad Abbasov committed
224
      it "should change user entry" do
gitlabhq's avatar
gitlabhq committed
225
        @simple_user.reload
226
        expect(@simple_user.name).to eq('Big Bang')
227
        expect(@simple_user.is_admin?).to be_truthy
228
        expect(@simple_user.password_expires_at).to be <= Time.now
gitlabhq's avatar
gitlabhq committed
229 230 231 232
      end
    end
  end
end