2019-12-26 22:10:19 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-04-02 18:10:28 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
require 'email_spec'
|
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
RSpec.describe Emails::Profile do
|
2016-04-02 18:10:28 +05:30
|
|
|
include EmailSpec::Matchers
|
|
|
|
include_context 'gitlab email notification'
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
shared_examples 'a new user email' do
|
|
|
|
it 'is sent to the new user with the correct subject and body' do
|
|
|
|
aggregate_failures do
|
|
|
|
is_expected.to deliver_to new_user_address
|
|
|
|
is_expected.to have_subject(/^Account was created for you$/i)
|
|
|
|
is_expected.to have_body_text(new_user_address)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
describe 'for new users, the email' do
|
|
|
|
let(:example_site_path) { root_path }
|
|
|
|
let(:new_user) { create(:user, email: new_user_address, created_by_id: 1) }
|
|
|
|
let(:token) { 'kETLwRaayvigPq_x3SNM' }
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
subject { Notify.new_user_email(new_user.id, token) }
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'a new user email'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it 'contains the password text' do
|
|
|
|
is_expected.to have_body_text /Click here to set your password/
|
|
|
|
end
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it 'includes a link for user to set password' do
|
|
|
|
params = "reset_password_token=#{token}"
|
|
|
|
is_expected.to have_body_text(
|
|
|
|
%r{http://#{Gitlab.config.gitlab.host}(:\d+)?/users/password/edit\?#{params}}
|
|
|
|
)
|
2016-04-02 18:10:28 +05:30
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it 'explains the reset link expiration' do
|
|
|
|
is_expected.to have_body_text(/This link is valid for \d+ (hours?|days?)/)
|
|
|
|
is_expected.to have_body_text(new_user_password_url)
|
|
|
|
is_expected.to have_body_text(/\?user_email=.*%40.*/)
|
|
|
|
end
|
|
|
|
end
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
describe 'for users that signed up, the email' do
|
|
|
|
let(:example_site_path) { root_path }
|
|
|
|
let(:new_user) { create(:user, email: new_user_address, password: "securePassword") }
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
subject { Notify.new_user_email(new_user.id) }
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'a new user email'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'does not contain the new user\'s password' do
|
|
|
|
is_expected.not_to have_body_text /password/
|
2016-04-02 18:10:28 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
describe 'user added ssh key' do
|
|
|
|
let(:key) { create(:personal_key) }
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
subject { Notify.new_ssh_key_email(key.id) }
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it 'is sent to the new user' do
|
|
|
|
is_expected.to deliver_to key.user.email
|
|
|
|
end
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it 'has the correct subject' do
|
|
|
|
is_expected.to have_subject /^SSH key was added to your account$/i
|
|
|
|
end
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it 'contains the new ssh key title' do
|
|
|
|
is_expected.to have_body_text /#{key.title}/
|
|
|
|
end
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it 'includes a link to ssh keys page' do
|
|
|
|
is_expected.to have_body_text /#{profile_keys_path}/
|
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'with SSH key that does not exist' do
|
|
|
|
it { expect { Notify.new_ssh_key_email('foo') }.not_to raise_error }
|
2016-04-02 18:10:28 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2016-04-02 18:10:28 +05:30
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
describe 'user added gpg key' do
|
|
|
|
let(:gpg_key) { create(:gpg_key) }
|
|
|
|
|
|
|
|
subject { Notify.new_gpg_key_email(gpg_key.id) }
|
|
|
|
|
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'is sent to the new user' do
|
|
|
|
is_expected.to deliver_to gpg_key.user.email
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct subject' do
|
|
|
|
is_expected.to have_subject /^GPG key was added to your account$/i
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'contains the new gpg key title' do
|
|
|
|
is_expected.to have_body_text /#{gpg_key.fingerprint}/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes a link to gpg keys page' do
|
|
|
|
is_expected.to have_body_text /#{profile_gpg_keys_path}/
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with GPG key that does not exist' do
|
|
|
|
it { expect { Notify.new_gpg_key_email('foo') }.not_to raise_error }
|
|
|
|
end
|
|
|
|
end
|
2020-01-01 13:55:28 +05:30
|
|
|
|
|
|
|
describe 'user personal access token is about to expire' do
|
|
|
|
let_it_be(:user) { create(:user) }
|
2021-04-17 20:07:23 +05:30
|
|
|
let_it_be(:expiring_token) { create(:personal_access_token, user: user, expires_at: 5.days.from_now) }
|
2020-01-01 13:55:28 +05:30
|
|
|
|
2021-04-17 20:07:23 +05:30
|
|
|
subject { Notify.access_token_about_to_expire_email(user, [expiring_token.name]) }
|
2020-01-01 13:55:28 +05:30
|
|
|
|
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'is sent to the user' do
|
|
|
|
is_expected.to deliver_to user.email
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct subject' do
|
2021-04-17 20:07:23 +05:30
|
|
|
is_expected.to have_subject /^Your personal access tokens will expire in 7 days or less$/i
|
2020-01-01 13:55:28 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'mentions the access tokens will expire' do
|
|
|
|
is_expected.to have_body_text /One or more of your personal access tokens will expire in 7 days or less/
|
|
|
|
end
|
|
|
|
|
2021-04-17 20:07:23 +05:30
|
|
|
it 'provides the names of expiring tokens' do
|
|
|
|
is_expected.to have_body_text /#{expiring_token.name}/
|
|
|
|
end
|
|
|
|
|
2020-01-01 13:55:28 +05:30
|
|
|
it 'includes a link to personal access tokens page' do
|
|
|
|
is_expected.to have_body_text /#{profile_personal_access_tokens_path}/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes the email reason' do
|
|
|
|
is_expected.to have_body_text /You're receiving this email because of your account on localhost/
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with User does not exist' do
|
|
|
|
it { expect { Notify.access_token_about_to_expire_email('foo') }.not_to raise_error }
|
|
|
|
end
|
|
|
|
end
|
2020-05-24 23:13:21 +05:30
|
|
|
|
2020-10-24 23:57:45 +05:30
|
|
|
describe 'user personal access token has expired' do
|
|
|
|
let_it_be(:user) { create(:user) }
|
|
|
|
|
|
|
|
context 'when valid' do
|
|
|
|
subject { Notify.access_token_expired_email(user) }
|
|
|
|
|
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'is sent to the user' do
|
|
|
|
is_expected.to deliver_to user.email
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct subject' do
|
|
|
|
is_expected.to have_subject /Your personal access token has expired/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'mentions the access token has expired' do
|
|
|
|
is_expected.to have_body_text /One or more of your personal access tokens has expired/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes a link to personal access tokens page' do
|
|
|
|
is_expected.to have_body_text /#{profile_personal_access_tokens_path}/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes the email reason' do
|
|
|
|
is_expected.to have_body_text /You're receiving this email because of your account on localhost/
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when invalid' do
|
|
|
|
context 'when user does not exist' do
|
|
|
|
it do
|
|
|
|
expect { Notify.access_token_expired_email(nil) }.not_to change { ActionMailer::Base.deliveries.count }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not active' do
|
|
|
|
before do
|
|
|
|
user.block!
|
|
|
|
end
|
|
|
|
|
|
|
|
it do
|
|
|
|
expect { Notify.access_token_expired_email(user) }.not_to change { ActionMailer::Base.deliveries.count }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
describe 'user unknown sign in email' do
|
|
|
|
let_it_be(:user) { create(:user) }
|
|
|
|
let_it_be(:ip) { '169.0.0.1' }
|
2020-06-23 00:09:42 +05:30
|
|
|
let_it_be(:current_time) { Time.current }
|
|
|
|
let_it_be(:email) { Notify.unknown_sign_in_email(user, ip, current_time) }
|
2020-05-24 23:13:21 +05:30
|
|
|
|
2020-06-23 00:09:42 +05:30
|
|
|
subject { email }
|
2020-05-24 23:13:21 +05:30
|
|
|
|
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'is sent to the user' do
|
2020-06-23 00:09:42 +05:30
|
|
|
is_expected.to deliver_to user.email
|
2020-05-24 23:13:21 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct subject' do
|
2020-06-23 00:09:42 +05:30
|
|
|
is_expected.to have_subject "#{Gitlab.config.gitlab.host} sign-in from new location"
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'mentions the new sign-in IP' do
|
|
|
|
is_expected.to have_body_text ip
|
2020-05-24 23:13:21 +05:30
|
|
|
end
|
|
|
|
|
2020-06-23 00:09:42 +05:30
|
|
|
it 'mentioned the time' do
|
|
|
|
is_expected.to have_body_text current_time.strftime('%Y-%m-%d %l:%M:%S %p %Z')
|
2020-05-24 23:13:21 +05:30
|
|
|
end
|
|
|
|
|
2020-06-23 00:09:42 +05:30
|
|
|
it 'includes a link to the change password documentation' do
|
|
|
|
is_expected.to have_body_text 'https://docs.gitlab.com/ee/user/profile/#changing-your-password'
|
2020-05-24 23:13:21 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'mentions two factor authentication when two factor is not enabled' do
|
2020-06-23 00:09:42 +05:30
|
|
|
is_expected.to have_body_text 'two-factor authentication'
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes a link to two-factor authentication documentation' do
|
|
|
|
is_expected.to have_body_text 'https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html'
|
2020-05-24 23:13:21 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when two factor authentication is enabled' do
|
2020-06-23 00:09:42 +05:30
|
|
|
let(:user) { create(:user, :two_factor) }
|
2020-05-24 23:13:21 +05:30
|
|
|
|
2020-06-23 00:09:42 +05:30
|
|
|
it 'does not mention two factor authentication' do
|
|
|
|
expect( Notify.unknown_sign_in_email(user, ip, current_time) )
|
2020-05-24 23:13:21 +05:30
|
|
|
.not_to have_body_text /two-factor authentication/
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2020-11-24 15:15:51 +05:30
|
|
|
|
|
|
|
describe 'disabled two-factor authentication email' do
|
|
|
|
let_it_be(:user) { create(:user) }
|
|
|
|
|
|
|
|
subject { Notify.disabled_two_factor_email(user) }
|
|
|
|
|
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'is sent to the user' do
|
|
|
|
is_expected.to deliver_to user.email
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct subject' do
|
|
|
|
is_expected.to have_subject /^Two-factor authentication disabled$/i
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes a link to two-factor authentication settings page' do
|
|
|
|
is_expected.to have_body_text /#{profile_two_factor_auth_path}/
|
|
|
|
end
|
|
|
|
end
|
2016-04-02 18:10:28 +05:30
|
|
|
end
|