Skip to content
Snippets Groups Projects
Commit 7db98aa7 authored by Akihiko Odaki's avatar Akihiko Odaki Committed by Eugen Rochko
Browse files

Refactor User and spec (#3431) 

* Protect send_devise_notification of User

* Improve spec for User
parent e031fd60
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app/models/user.rb
+ 6
4
View file @ 7db98aa7
...@@ -68,10 +68,6 @@ class User < ApplicationRecord ...@@ -68,10 +68,6 @@ class User < ApplicationRecord
save! save!
end end
def send_devise_notification(notification, *args)
devise_mailer.send(notification, self, *args).deliver_later
end
def setting_default_privacy def setting_default_privacy
settings.default_privacy || (account.locked? ? 'private' : 'public') settings.default_privacy || (account.locked? ? 'private' : 'public')
end end
...@@ -88,6 +84,12 @@ class User < ApplicationRecord ...@@ -88,6 +84,12 @@ class User < ApplicationRecord
settings.auto_play_gif settings.auto_play_gif
end end
protected
def send_devise_notification(notification, *args)
devise_mailer.send(notification, self, *args).deliver_later
end
private private
def sanitize_languages def sanitize_languages
......
spec/models/user_spec.rb
+ 113
10
View file @ 7db98aa7
...@@ -4,6 +4,17 @@ require 'devise_two_factor/spec_helpers' ...@@ -4,6 +4,17 @@ require 'devise_two_factor/spec_helpers'
RSpec.describe User, type: :model do RSpec.describe User, type: :model do
it_behaves_like 'two_factor_backupable' it_behaves_like 'two_factor_backupable'
describe 'otp_secret' do
it 'is encrypted with OTP_SECRET environment variable' do
user = Fabricate(:user,
encrypted_otp_secret: "Fttsy7QAa0edaDfdfSz094rRLAxc8cJweDQ4BsWH/zozcdVA8o9GLqcKhn2b\nGi/V\n",
encrypted_otp_secret_iv: 'rys3THICkr60BoWC',
encrypted_otp_secret_salt: '_LMkAGvdg7a+sDIKjI3mR2Q==')
expect(user.otp_secret).to eq 'anotpsecretthatshouldbeencrypted'
end
end
describe 'validations' do describe 'validations' do
it 'is invalid without an account' do it 'is invalid without an account' do
user = Fabricate.build(:user, account: nil) user = Fabricate.build(:user, account: nil)
...@@ -85,6 +96,36 @@ RSpec.describe User, type: :model do ...@@ -85,6 +96,36 @@ RSpec.describe User, type: :model do
expect(User.confirmed).to match_array([user_2]) expect(User.confirmed).to match_array([user_2])
end end
end end
describe 'inactive' do
it 'returns a relation of inactive users' do
specified = Fabricate(:user, current_sign_in_at: 15.days.ago)
Fabricate(:user, current_sign_in_at: 13.days.ago)
expect(User.inactive).to match_array([specified])
end
end
describe 'matches_email' do
it 'returns a relation of users whose email starts with the given string' do
specified = Fabricate(:user, email: 'specified@spec')
Fabricate(:user, email: 'unspecified@spec')
expect(User.matches_email('specified')).to match_array([specified])
end
end
describe 'with_recent_ip_address' do
it 'returns a relation of users who is, or was at last time, online with the given IP address' do
specifieds = [
Fabricate(:user, current_sign_in_ip: '0.0.0.42', last_sign_in_ip: '0.0.0.0'),
Fabricate(:user, current_sign_in_ip: nil, last_sign_in_ip: '0.0.0.42')
]
Fabricate(:user, current_sign_in_ip: '0.0.0.0', last_sign_in_ip: '0.0.0.0')
expect(User.with_recent_ip_address('0.0.0.42')).to eq specifieds
end
end
end end
let(:account) { Fabricate(:account, username: 'alice') } let(:account) { Fabricate(:account, username: 'alice') }
...@@ -133,16 +174,73 @@ RSpec.describe User, type: :model do ...@@ -133,16 +174,73 @@ RSpec.describe User, type: :model do
end end
describe '#disable_two_factor!' do describe '#disable_two_factor!' do
it 'sets otp_required_for_login to false' do it 'saves false for otp_required_for_login' do
user = Fabricate.build(:user, otp_required_for_login: true) user = Fabricate.build(:user, otp_required_for_login: true)
user.disable_two_factor! user.disable_two_factor!
expect(user.otp_required_for_login).to be false expect(user.reload.otp_required_for_login).to be false
end end
it 'clears otp_backup_codes' do it 'saves cleared otp_backup_codes' do
user = Fabricate.build(:user, otp_backup_codes: %w[dummy dummy]) user = Fabricate.build(:user, otp_backup_codes: %w[dummy dummy])
user.disable_two_factor! user.disable_two_factor!
expect(user.otp_backup_codes.empty?).to be true expect(user.reload.otp_backup_codes.empty?).to be true
end
end
describe '#send_confirmation_instructions' do
around do |example|
queue_adapter = ActiveJob::Base.queue_adapter
example.run
ActiveJob::Base.queue_adapter = queue_adapter
end
it 'delivers confirmation instructions later' do
user = Fabricate(:user)
ActiveJob::Base.queue_adapter = :test
expect { user.send_confirmation_instructions }.to have_enqueued_job(ActionMailer::DeliveryJob)
end
end
describe '#setting_auto_play_gif' do
it 'returns auto-play gif setting' do
user = Fabricate(:user)
user.settings[:auto_play_gif] = false
expect(user.setting_auto_play_gif).to eq false
end
end
describe '#setting_boost_modal' do
it 'returns boost modal setting' do
user = Fabricate(:user)
user.settings[:boost_modal] = false
expect(user.setting_boost_modal).to eq false
end
end
describe '#setting_default_privacy' do
it 'returns default privacy setting if user has configured' do
user = Fabricate(:user)
user.settings[:default_privacy] = 'unlisted'
expect(user.setting_default_privacy).to eq 'unlisted'
end
it "returns 'private' if user has not configured default privacy setting and account is locked" do
user = Fabricate(:user, account: Fabricate(:account, locked: true))
expect(user.setting_default_privacy).to eq 'private'
end
it "returns 'public' if user has not configured default privacy setting and account is not locked" do
user = Fabricate(:user, account: Fabricate(:account, locked: false))
expect(user.setting_default_privacy).to eq 'public'
end
end
describe '#setting_delete_modal' do
it 'returns delete modal setting' do
user = Fabricate(:user)
user.settings[:delete_modal] = false
expect(user.setting_delete_modal).to eq false
end end
end end
...@@ -172,14 +270,19 @@ RSpec.describe User, type: :model do ...@@ -172,14 +270,19 @@ RSpec.describe User, type: :model do
expect(user.valid?).to be_falsey expect(user.valid?).to be_falsey
end end
it 'should not allow a user to be created with a specific blacklisted subdomain even if the top domain is whitelisted' do context do
old_blacklist = Rails.configuration.x.email_blacklist around do |example|
Rails.configuration.x.email_domains_blacklist = 'blacklisted.mastodon.space' old_blacklist = Rails.configuration.x.email_blacklist
example.run
Rails.configuration.x.email_domains_blacklist = old_blacklist
end
user = User.new(email: 'foo@blacklisted.mastodon.space', account: account, password: password) it 'should not allow a user to be created with a specific blacklisted subdomain even if the top domain is whitelisted' do
expect(user.valid?).to be_falsey Rails.configuration.x.email_domains_blacklist = 'blacklisted.mastodon.space'
Rails.configuration.x.email_domains_blacklist = old_blacklist user = User.new(email: 'foo@blacklisted.mastodon.space', account: account, password: password)
expect(user.valid?).to be_falsey
end
end end
end end
end end
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment