123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- RSpec.describe 'Password Reset', type: :system do
- context 'when logged in already' do
- before do
- visit 'password_reset'
- end
- it 'logged in user cannot open password reset' do
- expect(page).to have_no_text 'password'
- end
- end
- context 'when not logged in', authenticated_as: false do
- def request_reset
- visit 'password_reset'
- fill_in 'username', with: username
- click '.reset_password .btn--primary'
- end
- before do
- freeze_time
- request_reset
- end
- context 'with non-existant user' do
- let(:username) { 'nonexisting' }
- it 'pretends to proceed' do
- expect(page).to have_text 'Password reset instructions were sent'
- end
- end
- context 'with existing user' do
- let(:user) { create(:agent) }
- let(:username) { user.email }
- let(:generated_tokens) { Token.where(action: 'PasswordReset', user_id: user.id) }
- it 'proceeds' do
- expect(page).to have_text 'Password reset instructions were sent'
- end
- it 'creates a token' do
- expect(generated_tokens.count).to eq 1
- end
- it 'token will expire' do
- expect(generated_tokens.first.persistent).to be false
- end
- context 'when submitting multiple times' do
- before do
- refresh
- request_reset # a second time now
- end
- it 'proceeds' do
- expect(page).to have_text 'Password reset instructions were sent'
- end
- it 'discards the previous token' do
- expect(generated_tokens.count).to eq 1
- end
- end
- end
- end
- end
|