debian-mirror-gitlab/spec/services/users/update_service_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

269 lines
9.4 KiB
Ruby
Raw Normal View History

2019-07-31 22:56:46 +05:30
# frozen_string_literal: true
2017-09-10 17:25:29 +05:30
require 'spec_helper'
2023-05-27 22:25:52 +05:30
RSpec.describe Users::UpdateService, feature_category: :user_profile do
2022-08-27 11:52:29 +05:30
let(:password) { User.random_password }
2021-11-18 22:05:49 +05:30
let(:user) { create(:user, password: password, password_confirmation: password) }
2017-09-10 17:25:29 +05:30
describe '#execute' do
2019-07-31 22:56:46 +05:30
it 'updates time preferences' do
2023-07-09 08:55:56 +05:30
result = update_user(user, timezone: 'Europe/Warsaw', time_display_relative: true)
2019-07-31 22:56:46 +05:30
expect(result).to eq(status: :success)
expect(user.reload.timezone).to eq('Europe/Warsaw')
expect(user.time_display_relative).to eq(true)
end
2017-09-10 17:25:29 +05:30
it 'returns an error result when record cannot be updated' do
result = {}
expect do
2021-11-18 22:05:49 +05:30
result = update_user(user, { email: 'invalid', validation_password: password })
2017-09-10 17:25:29 +05:30
end.not_to change { user.reload.email }
expect(result[:status]).to eq(:error)
expect(result[:message]).to eq('Email is invalid')
end
it 'includes namespace error messages' do
2018-03-17 18:26:18 +05:30
create(:group, path: 'taken')
2017-09-10 17:25:29 +05:30
result = {}
expect do
result = update_user(user, { username: 'taken' })
end.not_to change { user.reload.username }
expect(result[:status]).to eq(:error)
2021-03-08 18:12:59 +05:30
expect(result[:message]).to eq('A user, alias, or group already exists with that username.')
2017-09-10 17:25:29 +05:30
end
2018-11-18 11:00:15 +05:30
it 'updates the status if status params were given' do
update_user(user, status: { message: "On a call" })
expect(user.status.message).to eq("On a call")
end
it 'does not delete the status if no status param was passed' do
create(:user_status, user: user, message: 'Busy!')
update_user(user, name: 'New name')
expect(user.status.message).to eq('Busy!')
end
it 'includes status error messages' do
result = update_user(user, status: { emoji: "Moo!" })
expect(result[:status]).to eq(:error)
2021-12-11 22:18:48 +05:30
expect(result[:message]).to eq("Emoji is not a valid emoji name")
2018-11-18 11:00:15 +05:30
end
2020-04-08 14:13:33 +05:30
it 'updates user detail with provided attributes' do
result = update_user(user, job_title: 'Backend Engineer')
expect(result).to eq(status: :success)
expect(user.job_title).to eq('Backend Engineer')
end
2020-04-22 19:07:51 +05:30
context 'updating canonical email' do
context 'if email was changed' do
subject do
2021-11-18 22:05:49 +05:30
update_user(user, email: 'user+extrastuff@example.com', validation_password: password)
2020-04-22 19:07:51 +05:30
end
it 'calls canonicalize_email' do
expect_next_instance_of(Users::UpdateCanonicalEmailService) do |service|
expect(service).to receive(:execute)
end
subject
end
2021-11-18 22:05:49 +05:30
2023-01-10 11:22:00 +05:30
context 'when race condition' do
# See https://gitlab.com/gitlab-org/gitlab/-/issues/382957
it 'updates email for stale user', :aggregate_failures do
unconfirmed_email = 'unconfirmed-email-user-has-access-to@example.com'
forgery_email = 'forgery@example.com'
user.update!(email: unconfirmed_email)
stale_user = User.find(user.id)
service1 = described_class.new(stale_user, { email: unconfirmed_email }.merge(user: stale_user))
service2 = described_class.new(user, { email: forgery_email }.merge(user: user))
service2.execute
reloaded_user = User.find(user.id)
expect(reloaded_user.unconfirmed_email).to eq(forgery_email)
expect(stale_user.confirmation_token).not_to eq(user.confirmation_token)
expect(reloaded_user.confirmation_token).to eq(user.confirmation_token)
service1.execute
reloaded_user = User.find(user.id)
expect(reloaded_user.unconfirmed_email).to eq(unconfirmed_email)
expect(stale_user.confirmation_token).not_to eq(user.confirmation_token)
expect(reloaded_user.confirmation_token).to eq(stale_user.confirmation_token)
end
end
2021-11-18 22:05:49 +05:30
context 'when check_password is true' do
def update_user(user, opts)
described_class.new(user, opts.merge(user: user)).execute(check_password: true)
end
it 'returns error if no password confirmation was passed', :aggregate_failures do
result = {}
expect do
result = update_user(user, { email: 'example@example.com' })
end.not_to change { user.reload.unconfirmed_email }
expect(result[:status]).to eq(:error)
expect(result[:message]).to eq('Invalid password')
end
it 'returns error if wrong password confirmation was passed', :aggregate_failures do
result = {}
expect do
result = update_user(user, { email: 'example@example.com', validation_password: 'wrongpassword' })
end.not_to change { user.reload.unconfirmed_email }
expect(result[:status]).to eq(:error)
expect(result[:message]).to eq('Invalid password')
end
it 'does not require password if it was automatically set', :aggregate_failures do
user.update!(password_automatically_set: true)
result = {}
expect do
result = update_user(user, { email: 'example@example.com' })
end.to change { user.reload.unconfirmed_email }
expect(result[:status]).to eq(:success)
end
it 'does not require a password if the attribute changed does not require it' do
result = {}
expect do
result = update_user(user, { job_title: 'supreme leader of the universe' })
end.to change { user.reload.job_title }
expect(result[:status]).to eq(:success)
end
end
2020-04-22 19:07:51 +05:30
end
2021-11-18 22:05:49 +05:30
context 'when check_password is left to false' do
it 'does not require a password check', :aggregate_failures do
result = {}
expect do
result = update_user(user, { email: 'example@example.com' })
end.to change { user.reload.unconfirmed_email }
expect(result[:status]).to eq(:success)
2020-04-22 19:07:51 +05:30
end
2021-11-18 22:05:49 +05:30
end
2020-04-22 19:07:51 +05:30
2021-11-18 22:05:49 +05:30
context 'if email was NOT changed' do
2020-04-22 19:07:51 +05:30
it 'skips update canonicalize email service call' do
2021-11-18 22:05:49 +05:30
expect do
update_user(user, job_title: 'supreme leader of the universe')
end.not_to change { user.user_canonical_email }
2020-04-22 19:07:51 +05:30
end
2023-01-10 11:22:00 +05:30
it 'does not reset unconfirmed email' do
unconfirmed_email = 'unconfirmed-email@example.com'
user.update!(email: unconfirmed_email)
expect do
update_user(user, job_title: 'supreme leader of the universe')
end.not_to change { user.unconfirmed_email }
end
2020-04-22 19:07:51 +05:30
end
end
2023-01-10 11:22:00 +05:30
it 'does not try to reset unconfirmed email for a new user' do
expect do
update_user(build(:user), job_title: 'supreme leader of the universe')
end.not_to raise_error
end
2023-07-09 08:55:56 +05:30
describe 'updates the enabled_following' do
let(:user) { create(:user) }
before do
3.times do
user.follow(create(:user))
create(:user).follow(user)
end
user.reload
end
it 'removes followers and followees' do
expect do
update_user(user, enabled_following: false)
end.to change { user.followed_users.count }.from(3).to(0)
.and change { user.following_users.count }.from(3).to(0)
expect(user.enabled_following).to eq(false)
end
it 'does not remove followers/followees if feature flag is off' do
stub_feature_flags(disable_follow_users: false)
expect do
update_user(user, enabled_following: false)
end.to not_change { user.followed_users.count }
.and not_change { user.following_users.count }
end
context 'when there is more followers/followees then batch limit' do
before do
stub_env('BATCH_SIZE', 1)
end
it 'removes followers and followees' do
expect do
update_user(user, enabled_following: false)
end.to change { user.followed_users.count }.from(3).to(0)
.and change { user.following_users.count }.from(3).to(0)
expect(user.enabled_following).to eq(false)
end
end
end
2017-09-10 17:25:29 +05:30
def update_user(user, opts)
2018-03-17 18:26:18 +05:30
described_class.new(user, opts.merge(user: user)).execute
2017-09-10 17:25:29 +05:30
end
end
describe '#execute!' do
it 'updates the name' do
2018-03-17 18:26:18 +05:30
service = described_class.new(user, user: user, name: 'New Name')
2017-09-10 17:25:29 +05:30
expect(service).not_to receive(:notify_new_user)
result = service.execute!
expect(result).to be true
expect(user.name).to eq('New Name')
end
it 'raises an error when record cannot be updated' do
expect do
2021-11-18 22:05:49 +05:30
update_user(user, email: 'invalid', validation_password: password)
2017-09-10 17:25:29 +05:30
end.to raise_error(ActiveRecord::RecordInvalid)
end
it 'fires system hooks when a new user is saved' do
system_hook_service = spy(:system_hook_service)
user = build(:user)
2018-03-17 18:26:18 +05:30
service = described_class.new(user, user: user, name: 'John Doe')
2017-09-10 17:25:29 +05:30
expect(service).to receive(:notify_new_user).and_call_original
expect(service).to receive(:system_hook_service).and_return(system_hook_service)
service.execute
expect(system_hook_service).to have_received(:execute_hooks_for).with(user, :create)
end
def update_user(user, opts)
2018-03-17 18:26:18 +05:30
described_class.new(user, opts.merge(user: user)).execute!
2017-09-10 17:25:29 +05:30
end
end
end