2020-04-08 14:13:33 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
2023-05-27 22:25:52 +05:30
|
|
|
RSpec.describe 'Sessions', feature_category: :system_access do
|
2023-06-20 00:43:36 +05:30
|
|
|
include SessionHelpers
|
|
|
|
|
2020-04-08 14:13:33 +05:30
|
|
|
context 'authentication', :allow_forgery_protection do
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
|
|
|
|
it 'logout does not require a csrf token' do
|
|
|
|
login_as(user)
|
|
|
|
|
|
|
|
post(destroy_user_session_path, headers: { 'X-CSRF-Token' => 'invalid' })
|
|
|
|
|
|
|
|
expect(response).to redirect_to(new_user_session_path)
|
|
|
|
end
|
|
|
|
end
|
2023-06-20 00:43:36 +05:30
|
|
|
|
|
|
|
describe 'about_gitlab_active_user' do
|
|
|
|
before do
|
|
|
|
allow(::Gitlab).to receive(:com?).and_return(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
|
|
|
|
context 'when user signs in' do
|
|
|
|
it 'sets marketing cookie' do
|
|
|
|
post user_session_path(user: { login: user.username, password: user.password })
|
|
|
|
expect(response.cookies['about_gitlab_active_user']).to be_present
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user uses remember_me' do
|
|
|
|
it 'sets marketing cookie' do
|
|
|
|
post user_session_path(user: { login: user.username, password: user.password, remember_me: true })
|
|
|
|
expect(response.cookies['about_gitlab_active_user']).to be_present
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user signs out' do
|
|
|
|
before do
|
|
|
|
post user_session_path(user: { login: user.username, password: user.password })
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'deletes marketing cookie' do
|
|
|
|
post(destroy_user_session_path)
|
|
|
|
expect(response.cookies['about_gitlab_active_user']).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not using GitLab SaaS' do
|
|
|
|
before do
|
|
|
|
allow(::Gitlab).to receive(:com?).and_return(false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not set marketing cookie' do
|
|
|
|
post user_session_path(user: { login: user.username, password: user.password })
|
|
|
|
expect(response.cookies['about_gitlab_active_user']).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2020-04-08 14:13:33 +05:30
|
|
|
end
|