OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
openproject/spec/contracts/users/create_contract_spec.rb

111 lines
3.2 KiB

#-- encoding: UTF-8
#-- copyright
# OpenProject is an open source project management software.
# Copyright (C) 2012-2021 the OpenProject GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See docs/COPYRIGHT.rdoc for more details.
#++
require 'spec_helper'
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
require 'contracts/shared/model_contract_shared_context'
describe Users::CreateContract do
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
include_context 'ModelContract shared context'
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
let(:user) { FactoryBot.build_stubbed(:user) }
let(:contract) { described_class.new(user, current_user) }
context 'when admin' do
let(:current_user) { FactoryBot.build_stubbed(:admin) }
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
it_behaves_like 'contract is valid'
describe 'requires a password set when active' do
before do
user.password = nil
user.activate
end
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
it_behaves_like 'contract is invalid', password: :blank
context 'when password is set' do
before do
user.password = user.password_confirmation = 'password!password!'
end
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
it_behaves_like 'contract is valid'
end
end
end
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
context 'when global user' do
shared_let(:current_user) { FactoryBot.create :user, global_permission: :add_user }
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
describe 'can invite user' do
before do
user.password = user.password_confirmation = nil
user.mail = 'foo@example.com'
user.invite
end
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
it_behaves_like 'contract is valid'
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
end
describe 'cannot set the password' do
before do
user.password = user.password_confirmation = 'password!password!'
end
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
it_behaves_like 'contract is invalid', password: :error_readonly
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
end
describe 'can set the auth_source' do
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
let!(:auth_source) { FactoryBot.create :auth_source }
before do
user.password = user.password_confirmation = nil
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
user.auth_source = auth_source
end
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
it_behaves_like 'contract is valid'
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
end
describe 'cannot set the identity url' do
before do
user.identity_url = 'saml:123412foo'
end
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
it_behaves_like 'contract is invalid', identity_url: :error_readonly
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
end
end
context 'when unauthorized user' do
let(:current_user) { FactoryBot.build_stubbed(:user) }
Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de>
4 years ago
it_behaves_like 'contract user is unauthorized'
end
end