Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Tree: 9edee425a9
Branches Tags
zammad
/
spec
/
graphql
/
gql
/
mutations
/
user
/
signup_verify_spec.rb

signup_verify_spec.rb 2.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. 

  5. # Session handling works only via controller, so use type: request.
    6. 

  6. RSpec.describe Gql::Mutations::User::SignupVerify, :aggregate_failures, type: :request do
    7. 

  7.   context 'when verifying signed up user' do
    8. 

  8.     let(:user) do
    9. 

  9.       create(:role, name: 'user_preferences_device', default_at_signup: true, permission_names: ['user_preferences.device'])
    10. 

  10.       create(:user, verified: false)
    11. 

  11.     end
    12. 

  12.     let(:query) do
    13. 

  13.       <<~QUERY
    14. 

  14.         mutation userSignupVerify($token: String!) {
    15. 

  15.           userSignupVerify(token: $token) {
    16. 

  16.             session {
    17. 

  17.               id
    18. 

  18.               afterAuth {
    19. 

  19.                 type
    20. 

  20.                 data
    21. 

  21.               }
    22. 

  22.             }
    23. 

  23.             errors {
    24. 

  24.               message
    25. 

  25.             }
    26. 

  26.           }
    27. 

  27.         }
    28. 

  28.       QUERY
    29. 

  29.     end
    30. 

  30. 

  31.     let(:variables) { { token: token } }
    32. 

  32. 

  33.     let(:headers) do
    34. 

  34.       {
    35. 

  35.         'X-Browser-Fingerprint' => 'some-fingerprint',
    36. 

  36.       }
    37. 

  37.     end
    38. 

  38. 

  39.     let(:graphql_response) do
    40. 

  40.       execute_graphql_query
    41. 

  41.       json_response
    42. 

  42.     end
    43. 

  43. 

  44.     def execute_graphql_query
    45. 

  45.       post '/graphql', params: { query: query, variables: variables }, headers: headers, as: :json
    46. 

  46.     end
    47. 

  47. 

  48.     shared_examples 'returning an error' do |message|
    49. 

  49.       it 'returns an error' do
    50. 

  50.         expect(graphql_response['data']['userSignupVerify']).to include({ 'errors' => include({ 'message' => message }) }).and include({ 'session' => nil })
    51. 

  51.       end
    52. 

  52.     end
    53. 

  53. 

  54.     shared_examples 'returning a session' do
    55. 

  55.       it 'returns the session' do
    56. 

  56.         expect(graphql_response['data']['userSignupVerify']).to include({ 'session' => include({ 'id' => a_kind_of(String) }) }).and include({ 'errors' => nil })
    57. 

  57.       end
    58. 

  58.     end
    59. 

  59. 

  60.     context 'with disabled user signup' do
    61. 

  61.       before do
    62. 

  62.         Setting.set('user_create_account', false)
    63. 

  63.       end
    64. 

  64. 

  65.       let(:token) { SecureRandom.urlsafe_base64(48) }
    66. 

  66. 

  67.       it 'raises an gql error' do
    68. 

  68.         expect(graphql_response['errors'].first['message']).to eq('This feature is not enabled.')
    69. 

  69.       end
    70. 

  70.     end
    71. 

  71. 

  72.     context 'with a valid token' do
    73. 

  73.       let(:token) { User.signup_new_token(user)[:token].token } # NB: Don't ask!
    74. 

  74. 

  75.       it_behaves_like 'returning a session'
    76. 

  76.     end
    77. 

  77. 

  78.     context 'with an invalid token' do
    79. 

  79.       let(:token) { SecureRandom.urlsafe_base64(48) }
    80. 

  80. 

  81.       it_behaves_like 'returning an error', 'The provided token is invalid.'
    82. 

  82.     end
    83. 

  83.   end
    84. 

  84. end
    85.