debian-mirror-gitlab/spec/features/oauth_registration_spec.rb

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe 'OAuth Registration', :js, :allow_forgery_protection do
  include LoginHelpers
  include TermsHelper
  using RSpec::Parameterized::TableSyntax

  let(:uid) { 'my-uid' }
  let(:email) { 'user@example.com' }

  around do |example|
    with_omniauth_full_host { example.run }
  end

  where(:provider, :additional_info) do
    :github         | {}
    :twitter        | {}
    :bitbucket      | {}
    :gitlab         | {}
    :google_oauth2  | {}
    :facebook       | {}
    :cas3           | {}
    :auth0          | {}
    :authentiq      | {}
    :salesforce     | { extra: { email_verified: true } }
    :dingtalk       | {}
    :alicloud       | {}
  end

  with_them do
    before do
      stub_omniauth_provider(provider)
      stub_feature_flags(update_oauth_registration_flow: true)
    end

    context 'when block_auto_created_users is true' do
      before do
        stub_omniauth_setting(block_auto_created_users: true)
      end

      it 'redirects back to the sign-in page' do
        register_via(provider, uid, email, additional_info: additional_info)

        expect(page).to have_current_path new_user_session_path
        expect(page).to have_content('Your account is pending approval')
      end
    end

    context 'when block_auto_created_users is false' do
      before do
        stub_omniauth_setting(block_auto_created_users: false)
      end

      it 'redirects to the initial welcome path' do
        register_via(provider, uid, email, additional_info: additional_info)

        expect(page).to have_current_path users_sign_up_welcome_path
        expect(page).to have_content('Welcome to GitLab, mockuser!')
      end

      context 'when terms are enforced' do
        before do
          enforce_terms
        end

        it 'auto accepts terms and redirects to the initial welcome path' do
          register_via(provider, uid, email, additional_info: additional_info)

          expect(page).to have_current_path users_sign_up_welcome_path
          expect(page).to have_content('Welcome to GitLab, mockuser!')
        end
      end

      context 'when provider does not send a verified email address' do
        let(:email) { 'temp-email-for-oauth@email.com' }

        it 'redirects to the profile path' do
          register_via(provider, uid, email, additional_info: additional_info)

          expect(page).to have_current_path profile_path
          expect(page).to have_content('Please complete your profile with email address')
        end
      end

      context 'when registering via an invitation email' do
        let_it_be(:owner) { create(:user) }
        let_it_be(:group) { create(:group, name: 'Owned') }
        let_it_be(:project) { create(:project, :repository, namespace: group) }

        let(:invite_email) { generate(:email) }
        let(:extra_params) { { invite_type: Emails::Members::INITIAL_INVITE } }
        let(:group_invite) do
          create(
            :group_member, :invited,
            group: group,
            invite_email: invite_email,
            created_by: owner
          )
        end

        before do
          project.add_maintainer(owner)
          group.add_owner(owner)
          group_invite.generate_invite_token!

          mock_auth_hash(provider, uid, invite_email, additional_info: additional_info)
        end

        it 'redirects to the activity page with all the projects/groups invitations accepted' do
          visit invite_path(group_invite.raw_invite_token, extra_params)
          click_link_or_button "oauth-login-#{provider}"
          fill_in_welcome_form

          expect(page).to have_content('You have been granted Owner access to group Owned.')
          expect(page).to have_current_path(activity_group_path(group), ignore_query: true)
        end
      end
    end
  end

  context 'when update_oauth_registration_flow is disabled' do
    before do
      stub_omniauth_provider(:github)
      stub_omniauth_setting(block_auto_created_users: false)
      stub_feature_flags(update_oauth_registration_flow: false)

      enforce_terms
    end

    it 'presents the terms page' do
      register_via(:github, uid, email)

      expect(page).to have_content('These are the terms')
    end
  end

  def fill_in_welcome_form
    select 'Software Developer', from: 'user_role'
    click_button 'Get started!'
  end
end
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`# frozen_string_literal: true`

			`require 'spec_helper'`

			`RSpec.describe 'OAuth Registration', :js, :allow_forgery_protection do`
			`include LoginHelpers`
			`include TermsHelper`
			`using RSpec::Parameterized::TableSyntax`

New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`let(:uid) { 'my-uid' }`
			`let(:email) { 'user@example.com' }`

New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`around do \|example\|`
			`with_omniauth_full_host { example.run }`
			`end`

New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`where(:provider, :additional_info) do`
			`:github \| {}`
			`:twitter \| {}`
			`:bitbucket \| {}`
			`:gitlab \| {}`
			`:google_oauth2 \| {}`
			`:facebook \| {}`
			`:cas3 \| {}`
			`:auth0 \| {}`
			`:authentiq \| {}`
			`:salesforce \| { extra: { email_verified: true } }`
			`:dingtalk \| {}`
			`:alicloud \| {}`
			`end`

			`with_them do`
			`before do`
			`stub_omniauth_provider(provider)`
			`stub_feature_flags(update_oauth_registration_flow: true)`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`end`

New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`context 'when block_auto_created_users is true' do`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`before do`
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`stub_omniauth_setting(block_auto_created_users: true)`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`end`

New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`it 'redirects back to the sign-in page' do`
			`register_via(provider, uid, email, additional_info: additional_info)`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`expect(page).to have_current_path new_user_session_path`
			`expect(page).to have_content('Your account is pending approval')`
			`end`
			`end`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`context 'when block_auto_created_users is false' do`
			`before do`
			`stub_omniauth_setting(block_auto_created_users: false)`
			`end`

			`it 'redirects to the initial welcome path' do`
			`register_via(provider, uid, email, additional_info: additional_info)`

			`expect(page).to have_current_path users_sign_up_welcome_path`
			`expect(page).to have_content('Welcome to GitLab, mockuser!')`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`end`

New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`context 'when terms are enforced' do`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`before do`
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`enforce_terms`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`end`

New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`it 'auto accepts terms and redirects to the initial welcome path' do`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`register_via(provider, uid, email, additional_info: additional_info)`

			`expect(page).to have_current_path users_sign_up_welcome_path`
			`expect(page).to have_content('Welcome to GitLab, mockuser!')`
			`end`
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`end`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`context 'when provider does not send a verified email address' do`
			`let(:email) { 'temp-email-for-oauth@email.com' }`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`it 'redirects to the profile path' do`
			`register_via(provider, uid, email, additional_info: additional_info)`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`expect(page).to have_current_path profile_path`
			`expect(page).to have_content('Please complete your profile with email address')`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`end`
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`end`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`context 'when registering via an invitation email' do`
			`let_it_be(:owner) { create(:user) }`
			`let_it_be(:group) { create(:group, name: 'Owned') }`
			`let_it_be(:project) { create(:project, :repository, namespace: group) }`

			`let(:invite_email) { generate(:email) }`
			`let(:extra_params) { { invite_type: Emails::Members::INITIAL_INVITE } }`
			`let(:group_invite) do`
			`create(`
			`:group_member, :invited,`
			`group: group,`
			`invite_email: invite_email,`
			`created_by: owner`
			`)`
			`end`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`before do`
			`project.add_maintainer(owner)`
			`group.add_owner(owner)`
			`group_invite.generate_invite_token!`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`mock_auth_hash(provider, uid, invite_email, additional_info: additional_info)`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`end`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`it 'redirects to the activity page with all the projects/groups invitations accepted' do`
			`visit invite_path(group_invite.raw_invite_token, extra_params)`
			`click_link_or_button "oauth-login-#{provider}"`
			`fill_in_welcome_form`

			`expect(page).to have_content('You have been granted Owner access to group Owned.')`
			`expect(page).to have_current_path(activity_group_path(group), ignore_query: true)`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`end`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`end`
			`end`
			`end`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`context 'when update_oauth_registration_flow is disabled' do`
			`before do`
			`stub_omniauth_provider(:github)`
			`stub_omniauth_setting(block_auto_created_users: false)`
			`stub_feature_flags(update_oauth_registration_flow: false)`

			`enforce_terms`
			`end`

			`it 'presents the terms page' do`
			`register_via(:github, uid, email)`

			`expect(page).to have_content('These are the terms')`
			`end`
			`end`

New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`def fill_in_welcome_form`
			`select 'Software Developer', from: 'user_role'`
			`click_button 'Get started!'`
			`end`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`end`