123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- RSpec.describe 'User Device', performs_jobs: true, sends_notification_emails: true, type: :request do
- let!(:admin) do
- create(:admin, login: 'user-device-admin', password: 'adminpw', groups: Group.all)
- end
- let!(:agent) do
- create(:agent, login: 'user-device-agent', password: 'agentpw', groups: Group.all)
- end
- before do
- ENV['TEST_REMOTE_IP'] = '5.9.62.170' # de
- ENV['HTTP_USER_AGENT'] = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:46.0) Gecko/20100101 Firefox/46.0'
- ENV['SWITCHED_FROM_USER_ID'] = nil
- UserDevice.destroy_all
- end
- describe 'request handling' do
- it 'does index with nobody (01)' do
- get '/api/v1/signshow'
- expect(response).to have_http_status(:ok)
- expect(json_response).to be_a(Hash)
- expect(json_response['error']).to eq('no valid session')
- expect(json_response['config']).to be_truthy
- expect(controller.session[:user_device_fingerprint]).to be_falsey
- perform_enqueued_jobs
- end
- it 'does login index with admin without fingerprint (02)' do
- params = { without_fingerprint: 'none', username: 'user-device-admin', password: 'adminpw' }
- post '/api/v1/signin', params: params, as: :json
- expect(response).to have_http_status(:unprocessable_entity)
- expect(json_response).to be_a(Hash)
- expect(json_response['error']).to eq('Need fingerprint param!')
- expect(json_response['config']).to be_falsey
- expect(controller.session[:user_device_fingerprint]).to be_falsey
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(0)
- end
- it 'does login index with admin with fingerprint - I (03)' do
- params = { fingerprint: 'my_finger_print', username: 'user-device-admin', password: 'adminpw' }
- post '/api/v1/signin', params: params, as: :json
- expect(response).to have_http_status(:created)
- expect(json_response).to be_a(Hash)
- expect(json_response['error']).to be_falsey
- expect(json_response['config']).to be_truthy
- expect(controller.session[:user_device_fingerprint]).to eq('my_finger_print')
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- user_device_first = UserDevice.last
- sleep 2
- params = {}
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- expect(json_response).to be_a(Array)
- expect(controller.session[:user_device_fingerprint]).to eq('my_finger_print')
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- user_device_last = UserDevice.last
- expect(user_device_first.updated_at.to_s).to eq(user_device_last.updated_at.to_s)
- params = { fingerprint: 'my_finger_print' }
- get '/api/v1/signshow', params: params, as: :json
- expect(response).to have_http_status(:ok)
- expect(json_response).to be_a(Hash)
- expect(json_response['session']).to be_truthy
- expect(json_response['session']['login']).to eq('user-device-admin')
- expect(json_response['config']).to be_truthy
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- user_device_last = UserDevice.last
- expect(user_device_first.updated_at.to_s).to eq(user_device_last.updated_at.to_s)
- ENV['USER_DEVICE_UPDATED_AT'] = 4.hours.ago.to_s
- params = {}
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- expect(json_response).to be_a(Array)
- expect(controller.session[:user_device_fingerprint]).to eq('my_finger_print')
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- user_device_last = UserDevice.last
- expect(user_device_last.updated_at.to_s).not_to eq(user_device_first.updated_at.to_s)
- ENV['USER_DEVICE_UPDATED_AT'] = nil
- ENV['TEST_REMOTE_IP'] = '195.65.29.254' # ch
- # reset_notification_checks
- params = {}
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(2)
- # ip reset
- ENV['TEST_REMOTE_IP'] = '5.9.62.170' # de
- end
- it 'does login index with admin with fingerprint - II (04)' do
- create(
- :user_device,
- user_id: admin.id,
- fingerprint: 'fingerprintI',
- )
- params = { fingerprint: 'my_finger_print_II', username: 'user-device-admin', password: 'adminpw' }
- post '/api/v1/signin', params: params, as: :json
- expect(response).to have_http_status(:created)
- check_notification do
- perform_enqueued_jobs
- sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(2)
- expect(json_response).to be_a(Hash)
- expect(json_response['error']).to be_falsey
- expect(json_response['config']).to be_truthy
- expect(controller.session[:user_device_fingerprint]).to be_truthy
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- expect(json_response).to be_a(Array)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(2)
- params = { fingerprint: 'my_finger_print_II' }
- get '/api/v1/signshow', params: params, as: :json
- expect(response).to have_http_status(:ok)
- expect(json_response).to be_a(Hash)
- expect(json_response['session']).to be_truthy
- expect(json_response['session']['login']).to eq('user-device-admin')
- expect(json_response['config']).to be_truthy
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(2)
- ENV['TEST_REMOTE_IP'] = '195.65.29.254' # ch
- params = {}
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(3)
- # ip reset
- ENV['TEST_REMOTE_IP'] = '5.9.62.170' # de
- end
- it 'does login index with admin with fingerprint - II (05)' do
- UserDevice.add(
- ENV['HTTP_USER_AGENT'],
- ENV['TEST_REMOTE_IP'],
- admin.id,
- 'my_finger_print_II',
- 'session', # session|basic_auth|token_auth|sso
- )
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- params = { fingerprint: 'my_finger_print_II', username: 'user-device-admin', password: 'adminpw' }
- post '/api/v1/signin', params: params, as: :json
- expect(response).to have_http_status(:created)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- expect(json_response).to be_a(Hash)
- expect(json_response['error']).to be_falsey
- expect(json_response['config']).to be_truthy
- expect(controller.session[:user_device_fingerprint]).to be_truthy
- end
- it 'does login index with admin with basic auth (06)' do
- ENV['HTTP_USER_AGENT'] = 'curl 1.0.0'
- UserDevice.add(
- ENV['HTTP_USER_AGENT'],
- '127.0.0.1',
- admin.id,
- '',
- 'basic_auth', # session|basic_auth|token_auth|sso
- )
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- ENV['HTTP_USER_AGENT'] = 'curl 1.2.3'
- params = {}
- authenticated_as(admin, password: 'adminpw')
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- check_notification do
- perform_enqueued_jobs
- sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(2)
- expect(json_response).to be_a(Array)
- user_device_first = UserDevice.last
- sleep 2
- params = {}
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(2)
- expect(json_response).to be_a(Array)
- user_device_last = UserDevice.last
- expect(user_device_first.id).to eq(user_device_last.id)
- expect(user_device_first.updated_at.to_s).to eq(user_device_last.updated_at.to_s)
- user_device_last.updated_at = 4.hours.ago
- user_device_last.save!
- params = {}
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(2)
- expect(json_response).to be_a(Array)
- user_device_last = UserDevice.last
- expect(user_device_first.id).to eq(user_device_last.id)
- expect(user_device_last.updated_at > user_device_first.updated_at).to be_truthy
- end
- it 'does login index with admin with basic auth (07)' do
- ENV['HTTP_USER_AGENT'] = 'curl 1.2.3'
- UserDevice.add(
- ENV['HTTP_USER_AGENT'],
- ENV['TEST_REMOTE_IP'],
- admin.id,
- '',
- 'basic_auth', # session|basic_auth|token_auth|sso
- )
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- params = {}
- authenticated_as(admin, password: 'adminpw')
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- expect(json_response).to be_a(Array)
- end
- it 'does login index with agent with basic auth (08)' do
- ENV['HTTP_USER_AGENT'] = 'curl 1.2.3'
- params = {}
- authenticated_as(agent, password: 'agentpw')
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: agent,
- )
- not_sent(
- template: 'user_device_new_location',
- user: agent,
- )
- end
- expect(UserDevice.where(user_id: agent.id).count).to eq(1)
- expect(json_response).to be_a(Array)
- end
- it 'does login index with agent with basic auth (09)' do
- ENV['HTTP_USER_AGENT'] = 'curl 1.2.3'
- UserDevice.add(
- ENV['HTTP_USER_AGENT'],
- ENV['TEST_REMOTE_IP'],
- agent.id,
- '',
- 'basic_auth', # session|basic_auth|token_auth|sso
- )
- expect(UserDevice.where(user_id: agent.id).count).to eq(1)
- params = {}
- authenticated_as(agent, password: 'agentpw')
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: agent,
- )
- not_sent(
- template: 'user_device_new_location',
- user: agent,
- )
- end
- expect(UserDevice.where(user_id: agent.id).count).to eq(1)
- expect(json_response).to be_a(Array)
- end
- it 'does login with switched_from_user_id (10)' do
- expect(UserDevice.where(user_id: agent.id).count).to eq(0)
- ENV['SWITCHED_FROM_USER_ID'] = admin.id.to_s
- params = { fingerprint: 'my_finger_print_II', username: 'user-device-agent', password: 'agentpw' }
- post '/api/v1/signin', params: params, as: :json
- expect(response).to have_http_status(:created)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: agent,
- )
- not_sent(
- template: 'user_device_new_location',
- user: agent,
- )
- end
- expect(UserDevice.where(user_id: agent.id).count).to eq(0)
- expect(json_response).to be_a(Hash)
- expect(json_response['error']).to be_falsey
- expect(json_response['config']).to be_truthy
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: agent,
- )
- not_sent(
- template: 'user_device_new_location',
- user: agent,
- )
- end
- expect(UserDevice.where(user_id: agent.id).count).to eq(0)
- ENV['USER_DEVICE_UPDATED_AT'] = 4.hours.ago.to_s
- params = {}
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- expect(json_response).to be_a(Array)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: agent,
- )
- not_sent(
- template: 'user_device_new_location',
- user: agent,
- )
- end
- expect(UserDevice.where(user_id: agent.id).count).to eq(0)
- ENV['USER_DEVICE_UPDATED_AT'] = nil
- ENV['TEST_REMOTE_IP'] = '195.65.29.254' # ch
- params = {}
- get '/api/v1/users', params: params, as: :json
- expect(response).to have_http_status(:ok)
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: agent,
- )
- not_sent(
- template: 'user_device_new_location',
- user: agent,
- )
- end
- # ip reset
- ENV['TEST_REMOTE_IP'] = '5.9.62.170' # de
- expect(UserDevice.where(user_id: agent.id).count).to eq(0)
- end
- it 'does login with invalid fingerprint (11)' do
- params = { fingerprint: 'to_long_1234567890to_long_1234567890to_long_1234567890to_long_1234567890to_long_1234567890to_long_1234567890to_long_1234567890to_long_1234567890to_long_1234567890to_long_1234567890to_long_1234567890', username: 'user-device-admin', password: 'adminpw' }
- post '/api/v1/signin', params: params, as: :json
- expect(response).to have_http_status(:unprocessable_entity)
- expect(json_response).to be_a(Hash)
- expect(json_response['error']).to eq('fingerprint is 198 chars but can only be 160 chars!')
- expect(json_response['config']).to be_falsey
- expect(controller.session[:user_device_fingerprint]).to be_falsey
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(0)
- end
- it 'does login with integer as fingerprint (12)' do
- params = { fingerprint: 123_456_789, username: 'user-device-admin', password: 'adminpw' }
- post '/api/v1/signin', params: params, as: :json
- expect(response).to have_http_status(:created)
- expect(controller.session[:user_device_fingerprint]).to be_truthy
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(1)
- expect(json_response).to be_a(Hash)
- expect(json_response['error']).to be_nil
- end
- it 'does login form controller - check no user device logging (13)' do
- Setting.set('form_ticket_create', true)
- params = {
- fingerprint: 'long_1234567890long_1234567890long_1234567890long_1234567890long_1234567890long_1234567890long_1234567890long_1234567890long_1234567890long_1234567890long_1234567890'
- }
- authenticated_as(admin, password: 'adminpw')
- post '/api/v1/form_config', params: params, as: :json
- expect(response).to have_http_status(:ok)
- expect(json_response).to be_a(Hash)
- expect(json_response['error']).to be_falsey
- expect(json_response['endpoint']).to be_truthy
- expect(controller.session[:user_device_fingerprint]).to be_falsey
- check_notification do
- perform_enqueued_jobs
- not_sent(
- template: 'user_device_new',
- user: admin,
- )
- not_sent(
- template: 'user_device_new_location',
- user: admin,
- )
- end
- expect(UserDevice.where(user_id: admin.id).count).to eq(0)
- end
- end
- end
|