debian-mirror-gitlab/spec/features/invites_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

303 lines
11 KiB
Ruby
Raw Normal View History

2019-10-12 21:52:04 +05:30
# frozen_string_literal: true
2018-03-17 18:26:18 +05:30
require 'spec_helper'
2023-03-04 22:38:38 +05:30
RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_category: :experimentation_expansion do
2021-06-08 01:23:25 +05:30
let_it_be(:owner) { create(:user, name: 'John Doe') }
let_it_be(:group) { create(:group, name: 'Owned') }
let_it_be(:project) { create(:project, :repository, namespace: group) }
2018-11-08 19:23:39 +05:30
let(:group_invite) { group.group_members.invite.last }
2018-03-17 18:26:18 +05:30
before do
2022-10-11 01:57:18 +05:30
stub_feature_flags(arkose_labs_signup_challenge: false)
2021-01-29 00:20:46 +05:30
stub_application_setting(require_admin_approval_after_user_signup: false)
2018-11-18 11:00:15 +05:30
project.add_maintainer(owner)
2020-07-28 23:09:34 +05:30
group.add_owner(owner)
2018-11-08 19:23:39 +05:30
end
2019-10-12 21:52:04 +05:30
def confirm_email(new_user)
2018-11-08 19:23:39 +05:30
new_user_token = User.find_by_email(new_user.email).confirmation_token
visit user_confirmation_path(confirmation_token: new_user_token)
end
2021-06-08 01:23:25 +05:30
def fill_in_sign_up_form(new_user, submit_button_text = 'Register')
2021-01-03 14:25:43 +05:30
fill_in 'new_user_first_name', with: new_user.first_name
fill_in 'new_user_last_name', with: new_user.last_name
2020-07-28 23:09:34 +05:30
fill_in 'new_user_username', with: new_user.username
fill_in 'new_user_email', with: new_user.email
fill_in 'new_user_password', with: new_user.password
2021-06-08 01:23:25 +05:30
click_button submit_button_text
2018-11-08 19:23:39 +05:30
end
def fill_in_sign_in_form(user)
fill_in 'user_login', with: user.email
fill_in 'user_password', with: user.password
check 'user_remember_me'
click_button 'Sign in'
2018-03-17 18:26:18 +05:30
end
2020-11-24 15:15:51 +05:30
def fill_in_welcome_form
select 'Software Developer', from: 'user_role'
click_button 'Get started!'
end
2021-06-08 01:23:25 +05:30
context 'when inviting a registered user' do
let(:invite_email) { 'user@example.com' }
2018-03-17 18:26:18 +05:30
before do
2021-06-08 01:23:25 +05:30
group.add_developer(invite_email, owner)
group_invite.generate_invite_token!
2018-03-17 18:26:18 +05:30
end
2021-06-08 01:23:25 +05:30
context 'when signed out' do
context 'when analyzing the redirects and forms from invite link click' do
before do
visit invite_path(group_invite.raw_invite_token)
end
2018-03-17 18:26:18 +05:30
2021-06-08 01:23:25 +05:30
it 'renders sign up page with sign up notice' do
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(new_user_registration_path, ignore_query: true)
2021-06-08 01:23:25 +05:30
expect(page).to have_content('To accept this invitation, create an account or sign in')
end
2021-04-29 21:17:54 +05:30
2021-06-08 01:23:25 +05:30
it 'pre-fills the "Username or email" field on the sign in box with the invite_email from the invite' do
click_link 'Sign in'
2020-10-24 23:57:45 +05:30
2021-06-08 01:23:25 +05:30
expect(find_field('Username or email').value).to eq(group_invite.invite_email)
end
2020-10-24 23:57:45 +05:30
2021-06-08 01:23:25 +05:30
it 'pre-fills the Email field on the sign up box with the invite_email from the invite' do
expect(find_field('Email').value).to eq(group_invite.invite_email)
end
end
2021-04-29 21:17:54 +05:30
2022-08-13 15:12:31 +05:30
context 'when invite is sent before account is created - ldap or service sign in for manual acceptance edge case' do
2021-06-08 01:23:25 +05:30
let(:user) { create(:user, email: 'user@example.com') }
2018-03-17 18:26:18 +05:30
2021-06-08 01:23:25 +05:30
context 'when invite clicked and not signed in' do
before do
visit invite_path(group_invite.raw_invite_token)
end
2018-03-17 18:26:18 +05:30
2021-06-08 01:23:25 +05:30
it 'sign in, grants access and redirects to group activity page' do
click_link 'Sign in'
2018-03-17 18:26:18 +05:30
2021-06-08 01:23:25 +05:30
fill_in_sign_in_form(user)
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(activity_group_path(group), ignore_query: true)
2021-06-08 01:23:25 +05:30
end
end
context 'when signed in and an invite link is clicked' do
context 'when user is an existing member' do
before do
2021-08-04 16:29:09 +05:30
group.add_developer(user)
sign_in(user)
2021-06-08 01:23:25 +05:30
visit invite_path(group_invite.raw_invite_token)
end
it 'shows message user already a member' do
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(invite_path(group_invite.raw_invite_token), ignore_query: true)
2021-08-04 16:29:09 +05:30
expect(page).to have_link(user.name, href: user_path(user))
expect(page).to have_content('You are already a member of this group.')
2021-06-08 01:23:25 +05:30
end
end
2021-12-11 22:18:48 +05:30
context 'when email case doesnt match', :js do
let(:invite_email) { 'User@example.com' }
let(:user) { create(:user, email: 'user@example.com') }
before do
sign_in(user)
visit invite_path(group_invite.raw_invite_token)
end
it 'accepts invite' do
expect(page).to have_content('You have been granted Developer access to group Owned.')
end
end
2021-06-08 01:23:25 +05:30
end
context 'when declining the invitation from invitation reminder email' do
context 'when signed in' do
before do
sign_in(user)
visit decline_invite_path(group_invite.raw_invite_token)
end
it 'declines application and redirects to dashboard' do
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(dashboard_projects_path, ignore_query: true)
2021-06-08 01:23:25 +05:30
expect(page).to have_content('You have declined the invitation to join group Owned.')
expect { group_invite.reload }.to raise_error ActiveRecord::RecordNotFound
end
end
context 'when signed out with signup onboarding' do
before do
visit decline_invite_path(group_invite.raw_invite_token)
end
2020-10-24 23:57:45 +05:30
2021-06-08 01:23:25 +05:30
it 'declines application and redirects to sign in page' do
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(decline_invite_path(group_invite.raw_invite_token), ignore_query: true)
2021-06-08 01:23:25 +05:30
expect(page).not_to have_content('You have declined the invitation to join')
expect(page).to have_content('You successfully declined the invitation')
expect { group_invite.reload }.to raise_error ActiveRecord::RecordNotFound
end
end
end
end
2018-03-17 18:26:18 +05:30
end
end
2023-06-20 00:43:36 +05:30
context 'when inviting an unregistered user', :js do
2018-11-08 19:23:39 +05:30
let(:new_user) { build_stubbed(:user) }
let(:invite_email) { new_user.email }
2021-01-03 14:25:43 +05:30
let(:group_invite) { create(:group_member, :invited, group: group, invite_email: invite_email, created_by: owner) }
2021-10-27 15:23:28 +05:30
let(:extra_params) { { invite_type: Emails::Members::INITIAL_INVITE } }
2021-06-08 01:23:25 +05:30
before do
2023-03-04 22:38:38 +05:30
stub_application_setting_enum('email_confirmation_setting', 'hard')
2021-06-08 01:23:25 +05:30
end
2018-11-08 19:23:39 +05:30
2021-04-29 21:17:54 +05:30
context 'when registering using invitation email' do
2020-07-28 23:09:34 +05:30
before do
2021-10-27 15:23:28 +05:30
visit invite_path(group_invite.raw_invite_token, extra_params)
2021-01-29 00:20:46 +05:30
end
2021-04-29 21:17:54 +05:30
context 'with admin approval required enabled' do
2021-01-29 00:20:46 +05:30
before do
stub_application_setting(require_admin_approval_after_user_signup: true)
end
it 'does not sign the user in' do
fill_in_sign_up_form(new_user)
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(new_user_session_path, ignore_query: true)
2021-01-29 00:20:46 +05:30
expect(page).to have_content('You have signed up successfully. However, we could not sign you in because your account is awaiting approval from your GitLab administrator')
end
2018-11-08 19:23:39 +05:30
end
2020-07-28 23:09:34 +05:30
context 'email confirmation disabled' do
2023-03-04 22:38:38 +05:30
before do
stub_application_setting_enum('email_confirmation_setting', 'off')
end
2018-11-08 19:23:39 +05:30
2022-08-27 11:52:29 +05:30
context 'the user signs up for an account with the invitation email address' do
it 'redirects to the most recent membership activity page with all the projects/groups invitations automatically accepted' do
fill_in_sign_up_form(new_user)
fill_in_welcome_form
2018-11-08 19:23:39 +05:30
2022-08-27 11:52:29 +05:30
expect(page).to have_current_path(activity_group_path(group), ignore_query: true)
expect(page).to have_content('You have been granted Owner access to group Owned.')
end
2019-10-12 21:52:04 +05:30
end
2020-07-28 23:09:34 +05:30
context 'the user sign-up using a different email address' do
let(:invite_email) { build_stubbed(:user).email }
2019-10-12 21:52:04 +05:30
2021-06-08 01:23:25 +05:30
it 'signs up and redirects to the activity page' do
2020-07-28 23:09:34 +05:30
fill_in_sign_up_form(new_user)
2020-11-24 15:15:51 +05:30
fill_in_welcome_form
2020-03-13 15:44:24 +05:30
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(activity_group_path(group), ignore_query: true)
2020-07-28 23:09:34 +05:30
end
2019-10-12 21:52:04 +05:30
end
2018-11-08 19:23:39 +05:30
end
2020-07-28 23:09:34 +05:30
context 'email confirmation enabled' do
2021-11-11 11:23:49 +05:30
context 'when user is not valid in sign up form' do
2023-06-20 00:43:36 +05:30
let(:new_user) { build_stubbed(:user, password: '11111111') }
2021-11-11 11:23:49 +05:30
it 'fails sign up and redirects back to sign up', :aggregate_failures do
expect { fill_in_sign_up_form(new_user) }.not_to change { User.count }
expect(page).to have_content('prohibited this user from being saved')
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(user_registration_path, ignore_query: true)
2023-03-04 22:38:38 +05:30
expect(find_field('Email').value).to eq(group_invite.invite_email)
2021-11-11 11:23:49 +05:30
end
end
2021-10-27 15:23:28 +05:30
context 'with invite email acceptance', :snowplow do
2021-06-08 01:23:25 +05:30
it 'tracks the accepted invite' do
2021-10-27 15:23:28 +05:30
fill_in_sign_up_form(new_user)
expect_snowplow_event(
category: 'RegistrationsController',
action: 'accepted',
label: 'invite_email',
2022-08-13 15:12:31 +05:30
property: group_invite.id.to_s,
user: group_invite.reload.user
2021-10-27 15:23:28 +05:30
)
end
end
2022-08-27 11:52:29 +05:30
context 'the user signs up for an account with the invitation email address' do
it 'redirects to the most recent membership activity page with all the projects/groups invitations automatically accepted' do
fill_in_sign_up_form(new_user)
fill_in_welcome_form
2020-07-28 23:09:34 +05:30
2022-08-27 11:52:29 +05:30
expect(page).to have_current_path(activity_group_path(group), ignore_query: true)
end
2020-07-28 23:09:34 +05:30
end
context 'the user sign-up using a different email address' do
let(:invite_email) { build_stubbed(:user).email }
2023-05-27 22:25:52 +05:30
context 'when email confirmation is not set to `soft`' do
2020-07-28 23:09:34 +05:30
before do
allow(User).to receive(:allow_unconfirmed_access_for).and_return 0
2022-10-11 01:57:18 +05:30
stub_feature_flags(identity_verification: false)
2020-07-28 23:09:34 +05:30
end
2021-06-08 01:23:25 +05:30
it 'signs up and redirects to the group activity page' do
2020-07-28 23:09:34 +05:30
fill_in_sign_up_form(new_user)
confirm_email(new_user)
fill_in_sign_in_form(new_user)
2020-11-24 15:15:51 +05:30
fill_in_welcome_form
2020-07-28 23:09:34 +05:30
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(activity_group_path(group), ignore_query: true)
2020-07-28 23:09:34 +05:30
end
end
2023-05-27 22:25:52 +05:30
context 'when email confirmation setting is set to `soft`' do
2020-07-28 23:09:34 +05:30
before do
2023-05-27 22:25:52 +05:30
stub_application_setting_enum('email_confirmation_setting', 'soft')
2020-07-28 23:09:34 +05:30
allow(User).to receive(:allow_unconfirmed_access_for).and_return 2.days
end
2021-06-08 01:23:25 +05:30
it 'signs up and redirects to the group activity page' do
2020-07-28 23:09:34 +05:30
fill_in_sign_up_form(new_user)
2020-11-24 15:15:51 +05:30
fill_in_welcome_form
2020-07-28 23:09:34 +05:30
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(activity_group_path(group), ignore_query: true)
2020-07-28 23:09:34 +05:30
end
2019-10-12 21:52:04 +05:30
end
2018-11-08 19:23:39 +05:30
end
end
end
2020-07-28 23:09:34 +05:30
2021-09-30 23:02:18 +05:30
context 'when accepting an invite without an account' do
it 'lands on sign up page and then registers' do
visit invite_path(group_invite.raw_invite_token)
2020-07-28 23:09:34 +05:30
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(new_user_registration_path, ignore_query: true)
2020-07-28 23:09:34 +05:30
2021-09-30 23:02:18 +05:30
fill_in_sign_up_form(new_user, 'Register')
2021-06-08 01:23:25 +05:30
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(users_sign_up_welcome_path, ignore_query: true)
2021-06-08 01:23:25 +05:30
end
end
2020-10-24 23:57:45 +05:30
2021-06-08 01:23:25 +05:30
context 'when declining the invitation from invitation reminder email' do
it 'declines application and shows a decline page' do
visit decline_invite_path(group_invite.raw_invite_token)
2020-10-24 23:57:45 +05:30
2022-05-07 20:08:51 +05:30
expect(page).to have_current_path(decline_invite_path(group_invite.raw_invite_token), ignore_query: true)
2021-06-08 01:23:25 +05:30
expect(page).to have_content('You successfully declined the invitation')
expect { group_invite.reload }.to raise_error ActiveRecord::RecordNotFound
2020-07-28 23:09:34 +05:30
end
end
2018-11-08 19:23:39 +05:30
end
2018-03-17 18:26:18 +05:30
end