openproject/spec/services/users/login_service_spec.rb

#-- copyright
# OpenProject is an open source project management software.
# Copyright (C) 2012-2021 the OpenProject GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
#
# See docs/COPYRIGHT.rdoc for more details.
#++

require 'spec_helper'

describe ::Users::LoginService, type: :model do
  let(:input_user) { FactoryBot.build_stubbed(:user) }
  let(:controller) { double('ApplicationController') }
  let(:session) { {} }
  let(:flash) { ActionDispatch::Flash::FlashHash.new }

  let(:instance) { described_class.new(controller: controller) }

  subject { instance.call(input_user) }

  describe 'session' do
    context 'with an SSO provider' do
      let(:sso_provider) do
        {
          name: 'saml',
          retain_from_session: %i[foo bar]
        }
      end

      before do
        allow(::OpenProject::Plugins::AuthPlugin)
          .to(receive(:login_provider_for))
          .and_return sso_provider

        allow(controller)
          .to(receive(:session))
          .and_return session

        allow(controller)
          .to(receive(:flash))
          .and_return flash

        allow(controller)
          .to(receive(:reset_session)) do
          session.clear
          flash.clear
        end

        allow(input_user)
          .to receive(:log_successful_login)
      end

      context 'if provider retains session values' do
        let(:retained_values) { %i[foo bar] }

        it 'retains present session values' do
          session[:foo] = 'foo value'
          session[:what] = 'should be cleared'

          subject

          expect(session[:foo]).to be_present
          expect(session[:what]).to eq nil
          expect(session[:user_id]).to eq input_user.id
        end
      end

      it 'retains present flash values' do
        flash[:notice] = 'bar'

        subject

        expect(controller.flash[:notice]).to eq 'bar'
      end
    end
  end
end
Add spec to test taking over session values 4 years ago			`#-- copyright`
			`# OpenProject is an open source project management software.`
update copyright to 2021 (#8925) Updates the copyright to 2021 for all files that have a copyright. Files in our source code without the copyright header still do not receive one automatically. Additionally, backlisted files are also excluded. Previously the copyright of chiliproject which references redmine stated a copyright of redmine up to and including 2017 which is not true for the code we have in here. Because of that I changed that to 2013 4 years ago			`# Copyright (C) 2012-2021 the OpenProject GmbH`
Add spec to test taking over session values 4 years ago			`#`
			`# This program is free software; you can redistribute it and/or`
			`# modify it under the terms of the GNU General Public License version 3.`
			`#`
			`# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:`
update copyright to 2021 (#8925) Updates the copyright to 2021 for all files that have a copyright. Files in our source code without the copyright header still do not receive one automatically. Additionally, backlisted files are also excluded. Previously the copyright of chiliproject which references redmine stated a copyright of redmine up to and including 2017 which is not true for the code we have in here. Because of that I changed that to 2013 4 years ago			`# Copyright (C) 2006-2013 Jean-Philippe Lang`
Add spec to test taking over session values 4 years ago			`# Copyright (C) 2010-2013 the ChiliProject Team`
			`#`
			`# This program is free software; you can redistribute it and/or`
			`# modify it under the terms of the GNU General Public License`
			`# as published by the Free Software Foundation; either version 2`
			`# of the License, or (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU General Public License`
			`# along with this program; if not, write to the Free Software`
			`# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.`
			`#`
			`# See docs/COPYRIGHT.rdoc for more details.`
			`#++`

			`require 'spec_helper'`

			`describe ::Users::LoginService, type: :model do`
			`let(:input_user) { FactoryBot.build_stubbed(:user) }`
			`let(:controller) { double('ApplicationController') }`
			`let(:session) { {} }`
safe automatic fixes by rubocop (#8994) 4 years ago			`let(:flash) { ActionDispatch::Flash::FlashHash.new }`
Add spec to test taking over session values 4 years ago
			`let(:instance) { described_class.new(controller: controller) }`

			`subject { instance.call(input_user) }`

			`describe 'session' do`
			`context 'with an SSO provider' do`
			`let(:sso_provider) do`
			`{`
			`name: 'saml',`
			`retain_from_session: %i[foo bar]`
			`}`
			`end`

			`before do`
Move provider finder into auth plugin 4 years ago			`allow(::OpenProject::Plugins::AuthPlugin)`
Add spec to test taking over session values 4 years ago			`.to(receive(:login_provider_for))`
			`.and_return sso_provider`

			`allow(controller)`
			`.to(receive(:session))`
			`.and_return session`

Add spec for flash retaining in session override of LoginService 4 years ago			`allow(controller)`
			`.to(receive(:flash))`
			`.and_return flash`

Add spec to test taking over session values 4 years ago			`allow(controller)`
			`.to(receive(:reset_session)) do`
			`session.clear`
Add spec for flash retaining in session override of LoginService 4 years ago			`flash.clear`
Add spec to test taking over session values 4 years ago			`end`
Avoid updating the just created user to retain id information We need to track whether the user was just created to show a different message. For this, avoid any calls that save the user _after_ RegisterUserService. 4 years ago
			`allow(input_user)`
			`.to receive(:log_successful_login)`
Add spec to test taking over session values 4 years ago			`end`

			`context 'if provider retains session values' do`
			`let(:retained_values) { %i[foo bar] }`

			`it 'retains present session values' do`
			`session[:foo] = 'foo value'`
			`session[:what] = 'should be cleared'`

			`subject`

			`expect(session[:foo]).to be_present`
extend spec to check for removed value 4 years ago			`expect(session[:what]).to eq nil`
Add spec to test taking over session values 4 years ago			`expect(session[:user_id]).to eq input_user.id`
			`end`
			`end`
Add spec for flash retaining in session override of LoginService 4 years ago
			`it 'retains present flash values' do`
			`flash[:notice] = 'bar'`

			`subject`

			`expect(controller.flash[:notice]).to eq 'bar'`
			`end`
Add spec to test taking over session values 4 years ago			`end`
			`end`
			`end`