debian-mirror-gitlab/spec/requests/sessions_spec.rb

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe 'Sessions', feature_category: :system_access do
  include SessionHelpers

  context 'authentication', :allow_forgery_protection do
    let(:user) { create(:user) }

    it 'logout does not require a csrf token' do
      login_as(user)

      post(destroy_user_session_path, headers: { 'X-CSRF-Token' => 'invalid' })

      expect(response).to redirect_to(new_user_session_path)
    end
  end

  describe 'about_gitlab_active_user' do
    before do
      allow(::Gitlab).to receive(:com?).and_return(true)
    end

    let(:user) { create(:user) }

    context 'when user signs in' do
      it 'sets marketing cookie' do
        post user_session_path(user: { login: user.username, password: user.password })
        expect(response.cookies['about_gitlab_active_user']).to be_present
      end
    end

    context 'when user uses remember_me' do
      it 'sets marketing cookie' do
        post user_session_path(user: { login: user.username, password: user.password, remember_me: true })
        expect(response.cookies['about_gitlab_active_user']).to be_present
      end
    end

    context 'when user signs out' do
      before do
        post user_session_path(user: { login: user.username, password: user.password })
      end

      it 'deletes marketing cookie' do
        post(destroy_user_session_path)
        expect(response.cookies['about_gitlab_active_user']).to be_nil
      end
    end

    context 'when user is not using GitLab SaaS' do
      before do
        allow(::Gitlab).to receive(:com?).and_return(false)
      end

      it 'does not set marketing cookie' do
        post user_session_path(user: { login: user.username, password: user.password })
        expect(response.cookies['about_gitlab_active_user']).to be_nil
      end
    end
  end
end
New upstream version 12.9.2 2020-04-08 14:13:33 +05:30			`# frozen_string_literal: true`

			`require 'spec_helper'`

New upstream version 15.10.7+ds1 2023-05-27 22:25:52 +05:30			`RSpec.describe 'Sessions', feature_category: :system_access do`
New upstream version 15.11.6+ds1 2023-06-20 00:43:36 +05:30			`include SessionHelpers`

New upstream version 12.9.2 2020-04-08 14:13:33 +05:30			`context 'authentication', :allow_forgery_protection do`
			`let(:user) { create(:user) }`

			`it 'logout does not require a csrf token' do`
			`login_as(user)`

			`post(destroy_user_session_path, headers: { 'X-CSRF-Token' => 'invalid' })`

			`expect(response).to redirect_to(new_user_session_path)`
			`end`
			`end`
New upstream version 15.11.6+ds1 2023-06-20 00:43:36 +05:30
			`describe 'about_gitlab_active_user' do`
			`before do`
			`allow(::Gitlab).to receive(:com?).and_return(true)`
			`end`

			`let(:user) { create(:user) }`

			`context 'when user signs in' do`
			`it 'sets marketing cookie' do`
			`post user_session_path(user: { login: user.username, password: user.password })`
			`expect(response.cookies['about_gitlab_active_user']).to be_present`
			`end`
			`end`

			`context 'when user uses remember_me' do`
			`it 'sets marketing cookie' do`
			`post user_session_path(user: { login: user.username, password: user.password, remember_me: true })`
			`expect(response.cookies['about_gitlab_active_user']).to be_present`
			`end`
			`end`

			`context 'when user signs out' do`
			`before do`
			`post user_session_path(user: { login: user.username, password: user.password })`
			`end`

			`it 'deletes marketing cookie' do`
			`post(destroy_user_session_path)`
			`expect(response.cookies['about_gitlab_active_user']).to be_nil`
			`end`
			`end`

			`context 'when user is not using GitLab SaaS' do`
			`before do`
			`allow(::Gitlab).to receive(:com?).and_return(false)`
			`end`

			`it 'does not set marketing cookie' do`
			`post user_session_path(user: { login: user.username, password: user.password })`
			`expect(response.cookies['about_gitlab_active_user']).to be_nil`
			`end`
			`end`
			`end`
New upstream version 12.9.2 2020-04-08 14:13:33 +05:30			`end`