admin_password_auth_spec.rb 1.7 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465
  1. # Copyright (C) 2012-2023 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe 'Admin password auth', type: :system do
  4. before do
  5. Setting.set('user_show_password_login', false)
  6. Setting.set('auth_saml', true)
  7. end
  8. context 'when logged in already' do
  9. before do
  10. visit 'admin_password_auth'
  11. end
  12. it 'logged in user cannot open admin password auth' do
  13. expect(page).to have_no_text 'password'
  14. end
  15. end
  16. context 'when not logged in', authenticated_as: false do
  17. def request_admin_password_auth
  18. visit 'admin_password_auth'
  19. fill_in 'username', with: username
  20. click '.btn--primary'
  21. end
  22. before do
  23. freeze_time
  24. request_admin_password_auth
  25. end
  26. context 'with non-existant user' do
  27. let(:username) { 'nonexisting' }
  28. it 'pretends to proceed' do
  29. expect(page).to have_text 'sent admin password login instructions'
  30. end
  31. end
  32. context 'with existing admin' do
  33. let(:user) { create(:admin) }
  34. let(:username) { user.email }
  35. let(:generated_tokens) { Token.where(action: 'AdminAuth', user_id: user.id) }
  36. it 'login is possible' do
  37. expect(page).to have_text 'sent admin password login instructions'
  38. expect(generated_tokens.count).to eq 1
  39. expect(generated_tokens.first.persistent).to be false
  40. visit "/#login/admin/#{generated_tokens.first.token}"
  41. expect(page).to have_selector '#username'
  42. end
  43. end
  44. end
  45. context 'with invalid token', authenticated_as: false do
  46. it 'login is not possible' do
  47. visit '/#login/admin/invalid-token'
  48. expect(page).to have_text 'The token for the admin password login is invalid.'
  49. end
  50. end
  51. end