2020-01-26 20:34:25 +01:00
|
|
|
defmodule Mobilizon.GraphQL.Resolvers.UserTest do
|
2020-01-26 21:36:50 +01:00
|
|
|
use Mobilizon.Web.ConnCase
|
2020-01-26 20:34:25 +01:00
|
|
|
use Bamboo.Test
|
2020-02-13 15:48:12 +01:00
|
|
|
use Oban.Testing, repo: Mobilizon.Storage.Repo
|
2019-09-17 02:45:32 +02:00
|
|
|
|
|
|
|
import Mobilizon.Factory
|
|
|
|
|
2020-07-09 17:24:28 +02:00
|
|
|
alias Mobilizon.{Actors, Config, Discussions, Events, Users}
|
2019-03-05 17:23:05 +01:00
|
|
|
alias Mobilizon.Actors.Actor
|
2020-07-09 17:24:28 +02:00
|
|
|
alias Mobilizon.Discussions.Comment
|
2020-02-18 08:57:00 +01:00
|
|
|
alias Mobilizon.Events.{Event, Participant}
|
2020-06-27 19:12:45 +02:00
|
|
|
alias Mobilizon.Service.Auth.Authenticator
|
2019-09-22 16:26:23 +02:00
|
|
|
alias Mobilizon.Users.User
|
2019-09-17 02:45:32 +02:00
|
|
|
|
2020-01-26 20:34:25 +01:00
|
|
|
alias Mobilizon.GraphQL.AbsintheHelpers
|
|
|
|
|
2020-01-26 21:36:50 +01:00
|
|
|
alias Mobilizon.Web.Email
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
@get_user_query """
|
|
|
|
query GetUser($id: ID!) {
|
|
|
|
user(id: $id) {
|
|
|
|
id
|
|
|
|
email
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
@logged_user_query """
|
|
|
|
query LoggedUser {
|
|
|
|
loggedUser {
|
|
|
|
id
|
|
|
|
email
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
@list_users_query """
|
|
|
|
query ListUsers($page: Int, $limit: Int, $sort: SortableUserField, $direction: SortDirection) {
|
|
|
|
users(page: $page, limit: $limit, sort: $sort, direction: $direction) {
|
|
|
|
total,
|
|
|
|
elements {
|
|
|
|
email
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
@create_user_mutation """
|
|
|
|
mutation CreateUser($email: String!, $password: String!, $locale: String) {
|
|
|
|
createUser(
|
|
|
|
email: $email
|
|
|
|
password: $password
|
|
|
|
locale: $locale
|
|
|
|
) {
|
|
|
|
id,
|
|
|
|
email,
|
|
|
|
locale
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
@register_person_mutation """
|
|
|
|
mutation RegisterPerson($preferredUsername: String!, $name: String, $summary: String, $email: String!) {
|
|
|
|
registerPerson(
|
|
|
|
preferredUsername: $preferredUsername,
|
|
|
|
name: $name,
|
|
|
|
summary: $summary,
|
|
|
|
email: $email,
|
|
|
|
) {
|
|
|
|
preferredUsername,
|
|
|
|
name,
|
|
|
|
summary,
|
|
|
|
avatar {
|
|
|
|
url
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2020-02-13 15:48:12 +01:00
|
|
|
@change_email_mutation """
|
|
|
|
mutation ChangeEmail($email: String!, $password: String!) {
|
|
|
|
changeEmail(email: $email, password: $password) {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
@login_mutation """
|
|
|
|
mutation Login($email: String!, $password: String!) {
|
|
|
|
login(email: $email, password: $password) {
|
|
|
|
accessToken,
|
|
|
|
refreshToken,
|
|
|
|
user {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
@validate_email_mutation """
|
|
|
|
mutation ValidateEmail($token: String!) {
|
|
|
|
validateEmail(
|
|
|
|
token: $token
|
|
|
|
) {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
@send_reset_password_mutation """
|
|
|
|
mutation SendResetPassword($email: String!) {
|
|
|
|
sendResetPassword(email: $email)
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2020-02-13 15:48:12 +01:00
|
|
|
@delete_user_account_mutation """
|
2020-06-27 19:12:45 +02:00
|
|
|
mutation DeleteAccount($password: String) {
|
2020-02-13 15:48:12 +01:00
|
|
|
deleteAccount (password: $password) {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2021-03-25 10:38:31 +01:00
|
|
|
@change_default_actor """
|
|
|
|
mutation ChangeDefaultActor($preferredUsername: String!) {
|
|
|
|
changeDefaultActor(preferredUsername: $preferredUsername) {
|
|
|
|
defaultActor {
|
|
|
|
preferredUsername
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2018-11-06 10:30:27 +01:00
|
|
|
@valid_actor_params %{email: "test@test.tld", password: "testest", username: "test"}
|
2018-11-29 17:43:22 +01:00
|
|
|
@valid_single_actor_params %{preferred_username: "test2", keys: "yolo"}
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
describe "Resolver: Get an user" do
|
2020-06-11 19:13:21 +02:00
|
|
|
test "find_user/3 returns an user by its id", %{conn: conn} do
|
2018-11-06 10:30:27 +01:00
|
|
|
user = insert(:user)
|
2020-06-11 19:13:21 +02:00
|
|
|
modo = insert(:user, role: :moderator)
|
2018-11-06 10:30:27 +01:00
|
|
|
|
|
|
|
res =
|
2020-06-11 19:13:21 +02:00
|
|
|
conn
|
|
|
|
|> auth_conn(modo)
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @get_user_query,
|
|
|
|
variables: %{id: user.id}
|
|
|
|
)
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["user"]["email"] == user.email
|
2018-11-06 10:30:27 +01:00
|
|
|
|
|
|
|
res =
|
2020-06-11 19:13:21 +02:00
|
|
|
conn
|
|
|
|
|> auth_conn(modo)
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @get_user_query,
|
|
|
|
variables: %{id: 0}
|
|
|
|
)
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["user"] == nil
|
|
|
|
assert hd(res["errors"])["message"] == "User with ID #{0} not found"
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
test "get_current_user/3 returns the current logged-in user", %{conn: conn} do
|
2018-11-06 10:30:27 +01:00
|
|
|
user = insert(:user)
|
|
|
|
|
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @logged_user_query,
|
|
|
|
variables: %{}
|
|
|
|
)
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["loggedUser"] == nil
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert hd(res["errors"])["message"] ==
|
2020-11-30 16:14:13 +01:00
|
|
|
"You need to be logged in"
|
2018-11-06 10:30:27 +01:00
|
|
|
|
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
2018-11-06 10:30:27 +01:00
|
|
|
|> auth_conn(user)
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @logged_user_query,
|
|
|
|
variables: %{}
|
|
|
|
)
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["loggedUser"]["id"] == to_string(user.id)
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-03-01 11:41:28 +01:00
|
|
|
describe "Resolver: List users" do
|
2020-11-17 19:14:55 +01:00
|
|
|
test "list_users/3 doesn't return anything with a non moderator user", %{conn: conn} do
|
2019-03-06 18:45:26 +01:00
|
|
|
insert(:user, email: "riri@example.com", role: :moderator)
|
|
|
|
user = insert(:user, email: "fifi@example.com")
|
|
|
|
insert(:user, email: "loulou@example.com", role: :administrator)
|
|
|
|
|
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
2019-03-06 18:45:26 +01:00
|
|
|
|> auth_conn(user)
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @list_users_query,
|
|
|
|
variables: %{}
|
|
|
|
)
|
2019-03-06 18:45:26 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert hd(res["errors"])["message"] ==
|
2020-11-30 16:14:13 +01:00
|
|
|
"You don't have permission to do this"
|
2019-03-06 18:45:26 +01:00
|
|
|
end
|
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
test "list_users/3 returns a list of users", %{conn: conn} do
|
2019-03-06 18:45:26 +01:00
|
|
|
user = insert(:user, email: "riri@example.com", role: :moderator)
|
2019-03-01 11:41:28 +01:00
|
|
|
insert(:user, email: "fifi@example.com")
|
|
|
|
insert(:user, email: "loulou@example.com")
|
|
|
|
|
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
2019-03-06 18:45:26 +01:00
|
|
|
|> auth_conn(user)
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @list_users_query,
|
|
|
|
variables: %{}
|
|
|
|
)
|
2019-03-01 11:41:28 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["errors"] == nil
|
|
|
|
assert res["data"]["users"]["total"] == 3
|
|
|
|
assert res["data"]["users"]["elements"] |> length == 3
|
2019-03-01 11:41:28 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["users"]["elements"]
|
2019-03-01 11:41:28 +01:00
|
|
|
|> Enum.map(& &1["email"]) == [
|
2019-03-05 12:14:31 +01:00
|
|
|
"loulou@example.com",
|
2019-03-01 11:41:28 +01:00
|
|
|
"fifi@example.com",
|
2019-03-05 12:14:31 +01:00
|
|
|
"riri@example.com"
|
2019-03-01 11:41:28 +01:00
|
|
|
]
|
|
|
|
|
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
2019-03-06 18:45:26 +01:00
|
|
|
|> auth_conn(user)
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @list_users_query,
|
|
|
|
variables: %{page: 2, limit: 1}
|
|
|
|
)
|
2019-03-01 11:41:28 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["errors"] == nil
|
|
|
|
assert res["data"]["users"]["total"] == 3
|
|
|
|
assert res["data"]["users"]["elements"] |> length == 1
|
2019-03-01 11:41:28 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["users"]["elements"] |> Enum.map(& &1["email"]) == [
|
2019-03-01 11:41:28 +01:00
|
|
|
"fifi@example.com"
|
|
|
|
]
|
|
|
|
|
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
2019-03-06 18:45:26 +01:00
|
|
|
|> auth_conn(user)
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @list_users_query,
|
|
|
|
variables: %{page: 3, limit: 1, sort: "ID", direction: "DESC"}
|
|
|
|
)
|
2019-03-01 11:41:28 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["errors"] == nil
|
|
|
|
assert res["data"]["users"]["total"] == 3
|
|
|
|
assert res["data"]["users"]["elements"] |> length == 1
|
2019-03-01 11:41:28 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["users"]["elements"] |> Enum.map(& &1["email"]) == [
|
2019-03-01 11:41:28 +01:00
|
|
|
"riri@example.com"
|
|
|
|
]
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
describe "Resolver: Create an user & actor" do
|
2019-01-29 11:02:32 +01:00
|
|
|
@user_creation %{
|
2018-11-28 14:48:55 +01:00
|
|
|
email: "test@demo.tld",
|
2019-01-29 11:02:32 +01:00
|
|
|
password: "long password",
|
2019-10-01 13:08:09 +02:00
|
|
|
locale: "fr_FR",
|
2020-11-17 19:14:55 +01:00
|
|
|
preferredUsername: "toto",
|
2019-01-29 11:02:32 +01:00
|
|
|
name: "Sir Toto",
|
|
|
|
summary: "Sir Toto, prince of the functional tests"
|
2018-11-28 14:48:55 +01:00
|
|
|
}
|
2019-01-29 11:02:32 +01:00
|
|
|
@user_creation_bad_email %{
|
2018-11-28 14:48:55 +01:00
|
|
|
email: "y@l@",
|
2019-01-25 13:59:58 +01:00
|
|
|
password: "long password"
|
2018-11-28 14:48:55 +01:00
|
|
|
}
|
|
|
|
|
2019-01-29 11:02:32 +01:00
|
|
|
test "test create_user/3 creates an user and register_person/3 registers a profile",
|
2020-11-17 19:14:55 +01:00
|
|
|
%{conn: conn} do
|
2019-01-29 11:02:32 +01:00
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
2019-01-29 11:02:32 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["createUser"]["email"] == @user_creation.email
|
|
|
|
assert res["data"]["createUser"]["locale"] == @user_creation.locale
|
2019-10-01 13:08:09 +02:00
|
|
|
|
|
|
|
{:ok, user} = Users.get_user_by_email(@user_creation.email)
|
|
|
|
|
|
|
|
assert_delivered_email(Email.User.confirmation_email(user, @user_creation.locale))
|
2019-01-29 11:02:32 +01:00
|
|
|
|
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @register_person_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
2019-01-29 11:02:32 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["registerPerson"]["preferredUsername"] ==
|
|
|
|
@user_creation.preferredUsername
|
2019-01-29 11:02:32 +01:00
|
|
|
end
|
|
|
|
|
2019-10-01 09:26:07 +02:00
|
|
|
test "create_user/3 doesn't allow two users with the same email", %{conn: conn} do
|
|
|
|
res =
|
|
|
|
conn
|
2021-07-27 19:47:54 +02:00
|
|
|
|> put_req_header("accept-language", "fr")
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
2019-10-01 09:26:07 +02:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["createUser"]["email"] == @user_creation.email
|
2019-10-01 09:26:07 +02:00
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
2021-07-21 15:46:04 +02:00
|
|
|
|> put_req_header("accept-language", "fr")
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
2019-10-01 09:26:07 +02:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert hd(res["errors"])["message"] == ["Cette adresse e-mail est déjà utilisée."]
|
2019-10-01 09:26:07 +02:00
|
|
|
end
|
|
|
|
|
2019-12-17 12:09:24 +01:00
|
|
|
test "create_user/3 doesn't allow registration when registration is closed", %{conn: conn} do
|
2020-01-23 21:59:50 +01:00
|
|
|
Config.put([:instance, :registrations_open], false)
|
2020-09-29 09:53:48 +02:00
|
|
|
Config.put([:instance, :registration_email_allowlist], [])
|
2019-12-17 12:09:24 +01:00
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
2020-11-17 19:14:55 +01:00
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
2019-12-17 12:09:24 +01:00
|
|
|
)
|
|
|
|
|
2020-09-29 09:53:48 +02:00
|
|
|
assert hd(res["errors"])["message"] == "Registrations are not open"
|
2020-01-23 21:59:50 +01:00
|
|
|
Config.put([:instance, :registrations_open], true)
|
2019-12-17 12:09:24 +01:00
|
|
|
end
|
|
|
|
|
2020-09-29 09:53:48 +02:00
|
|
|
test "create_user/3 doesn't allow registration when user email is not on the allowlist", %{
|
2019-12-17 12:09:24 +01:00
|
|
|
conn: conn
|
|
|
|
} do
|
2020-01-23 21:59:50 +01:00
|
|
|
Config.put([:instance, :registrations_open], false)
|
2020-09-29 09:53:48 +02:00
|
|
|
Config.put([:instance, :registration_email_allowlist], ["random.org"])
|
2019-12-17 12:09:24 +01:00
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
2020-11-17 19:14:55 +01:00
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
2019-12-17 12:09:24 +01:00
|
|
|
)
|
|
|
|
|
2020-09-29 09:53:48 +02:00
|
|
|
assert hd(res["errors"])["message"] == "Your email is not on the allowlist"
|
2020-01-23 21:59:50 +01:00
|
|
|
Config.put([:instance, :registrations_open], true)
|
2020-09-29 09:53:48 +02:00
|
|
|
Config.put([:instance, :registration_email_allowlist], [])
|
2019-12-17 12:09:24 +01:00
|
|
|
end
|
|
|
|
|
2020-09-29 09:53:48 +02:00
|
|
|
test "create_user/3 allows registration when user email domain is on the allowlist", %{
|
2019-12-17 12:09:24 +01:00
|
|
|
conn: conn
|
|
|
|
} do
|
2020-01-23 21:59:50 +01:00
|
|
|
Config.put([:instance, :registrations_open], false)
|
2020-09-29 09:53:48 +02:00
|
|
|
Config.put([:instance, :registration_email_allowlist], ["demo.tld"])
|
2019-12-17 12:09:24 +01:00
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
2020-11-17 19:14:55 +01:00
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
2019-12-17 12:09:24 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
refute res["errors"]
|
|
|
|
assert res["data"]["createUser"]["email"] == @user_creation.email
|
2020-01-23 21:59:50 +01:00
|
|
|
Config.put([:instance, :registrations_open], true)
|
2020-09-29 09:53:48 +02:00
|
|
|
Config.put([:instance, :registration_email_allowlist], [])
|
2019-12-17 12:09:24 +01:00
|
|
|
end
|
|
|
|
|
2020-09-29 09:53:48 +02:00
|
|
|
test "create_user/3 allows registration when user email is on the allowlist", %{conn: conn} do
|
2020-01-23 21:59:50 +01:00
|
|
|
Config.put([:instance, :registrations_open], false)
|
2020-09-29 09:53:48 +02:00
|
|
|
Config.put([:instance, :registration_email_allowlist], [@user_creation.email])
|
2019-12-17 12:09:24 +01:00
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
2020-11-17 19:14:55 +01:00
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
2019-12-17 12:09:24 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
refute res["errors"]
|
|
|
|
assert res["data"]["createUser"]["email"] == @user_creation.email
|
2020-01-23 21:59:50 +01:00
|
|
|
Config.put([:instance, :registrations_open], true)
|
2020-09-29 09:53:48 +02:00
|
|
|
Config.put([:instance, :registration_email_allowlist], [])
|
2019-12-17 12:09:24 +01:00
|
|
|
end
|
|
|
|
|
2021-08-08 19:46:39 +02:00
|
|
|
test "create_user/3 doesn't allow registration when user email domain is on the denylist", %{
|
|
|
|
conn: conn
|
|
|
|
} do
|
|
|
|
Config.put([:instance, :registration_email_denylist], ["demo.tld"])
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"Your e-mail has been denied registration or uses a disallowed e-mail provider"
|
|
|
|
|
|
|
|
Config.put([:instance, :registrations_open], true)
|
|
|
|
Config.put([:instance, :registration_email_denylist], [])
|
|
|
|
end
|
|
|
|
|
|
|
|
test "create_user/3 doesn't allow registration when user email is on the denylist", %{
|
|
|
|
conn: conn
|
|
|
|
} do
|
|
|
|
Config.put([:instance, :registration_email_denylist], [@user_creation.email])
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"Your e-mail has been denied registration or uses a disallowed e-mail provider"
|
|
|
|
|
|
|
|
Config.put([:instance, :registrations_open], true)
|
|
|
|
Config.put([:instance, :registration_email_denylist], [])
|
|
|
|
end
|
|
|
|
|
|
|
|
test "create_user/3 doesn't allow registration when user email is on the denylist, even when plus addressing is used",
|
|
|
|
%{
|
|
|
|
conn: conn
|
|
|
|
} do
|
|
|
|
Config.put([:instance, :registration_email_denylist], [@user_creation.email])
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: Map.put(@user_creation, :email, "test+alias@demo.tld")
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"Your e-mail has been denied registration or uses a disallowed e-mail provider"
|
|
|
|
|
|
|
|
Config.put([:instance, :registrations_open], true)
|
|
|
|
Config.put([:instance, :registration_email_denylist], [])
|
|
|
|
end
|
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
test "register_person/3 doesn't register a profile from an unknown email", %{conn: conn} do
|
|
|
|
conn
|
2021-07-27 19:47:54 +02:00
|
|
|
|> put_req_header("accept-language", "fr")
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
2019-01-29 11:02:32 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
2021-07-21 15:46:04 +02:00
|
|
|
|> put_req_header("accept-language", "fr")
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @register_person_mutation,
|
|
|
|
variables: Map.put(@user_creation, :email, "random")
|
|
|
|
)
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"Aucun·e utilisateur·ice avec cette adresse e-mail n'a été trouvé·e"
|
2019-01-29 11:02:32 +01:00
|
|
|
end
|
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
test "register_person/3 can't be called with an existing profile", %{conn: conn} do
|
|
|
|
conn
|
2021-07-27 19:47:54 +02:00
|
|
|
|> put_req_header("accept-language", "fr")
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
2019-01-29 11:02:32 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
res =
|
|
|
|
conn
|
2021-07-27 19:47:54 +02:00
|
|
|
|> put_req_header("accept-language", "fr")
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @register_person_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
2019-01-29 11:02:32 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert res["data"]["registerPerson"]["preferredUsername"] ==
|
|
|
|
@user_creation.preferredUsername
|
2019-01-29 11:02:32 +01:00
|
|
|
|
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
2021-07-21 15:46:04 +02:00
|
|
|
|> put_req_header("accept-language", "fr")
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @register_person_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
2019-01-29 11:02:32 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"Vous avez déjà un profil pour cet utilisateur"
|
|
|
|
end
|
2019-01-29 11:02:32 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
test "register_person/3 is case insensitive", %{conn: conn} do
|
|
|
|
insert(:actor, preferred_username: "myactor")
|
|
|
|
|
|
|
|
conn
|
2021-07-27 19:47:54 +02:00
|
|
|
|> put_req_header("accept-language", "fr")
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation
|
|
|
|
)
|
2019-01-29 11:02:32 +01:00
|
|
|
|
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
2021-07-21 15:46:04 +02:00
|
|
|
|> put_req_header("accept-language", "fr")
|
2020-11-17 19:14:55 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @register_person_mutation,
|
|
|
|
variables: Map.put(@user_creation, :preferredUsername, "Myactor")
|
|
|
|
)
|
2019-01-29 11:02:32 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
refute is_nil(res["errors"])
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
["Cet identifiant est déjà pris."]
|
|
|
|
end
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
test "test create_user/3 doesn't create an user with bad email", %{conn: conn} do
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
2020-11-17 19:14:55 +01:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @create_user_mutation,
|
|
|
|
variables: @user_creation_bad_email
|
|
|
|
)
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert hd(res["errors"])["message"] ==
|
2020-10-01 15:07:15 +02:00
|
|
|
["Email doesn't fit required format"]
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
describe "Resolver: Validate an user" do
|
|
|
|
test "test validate_user/3 validates an user", context do
|
2019-03-08 18:52:27 +01:00
|
|
|
{:ok, %User{} = user} = Users.register(@valid_actor_params)
|
2018-11-28 14:48:55 +01:00
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
validateUser(
|
2018-11-29 17:43:22 +01:00
|
|
|
token: "#{user.confirmation_token}"
|
2018-11-28 14:48:55 +01:00
|
|
|
) {
|
2019-08-12 16:04:16 +02:00
|
|
|
accessToken,
|
2018-11-28 14:48:55 +01:00
|
|
|
user {
|
2018-11-29 17:43:22 +01:00
|
|
|
id,
|
2018-11-28 14:48:55 +01:00
|
|
|
},
|
2018-11-06 10:30:27 +01:00
|
|
|
}
|
|
|
|
}
|
2018-11-28 14:48:55 +01:00
|
|
|
"""
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-29 17:43:22 +01:00
|
|
|
assert json_response(res, 200)["data"]["validateUser"]["user"]["id"] == to_string(user.id)
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
test "test validate_user/3 with invalid token doesn't validate an user", context do
|
2019-01-25 13:59:58 +01:00
|
|
|
insert(:user, confirmation_token: "t0t0")
|
2018-11-28 14:48:55 +01:00
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
validateUser(
|
|
|
|
token: "no pass"
|
|
|
|
) {
|
2019-08-12 16:04:16 +02:00
|
|
|
accessToken,
|
2018-11-28 14:48:55 +01:00
|
|
|
user {
|
2019-01-25 13:59:58 +01:00
|
|
|
id
|
2018-11-28 14:48:55 +01:00
|
|
|
},
|
2018-11-06 10:30:27 +01:00
|
|
|
}
|
|
|
|
}
|
2018-11-28 14:48:55 +01:00
|
|
|
"""
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2019-01-25 13:59:58 +01:00
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] == "Unable to validate user"
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
describe "Resolver: Resend confirmation emails" do
|
|
|
|
test "test resend_confirmation_email/3 with valid email resends an validation email",
|
|
|
|
context do
|
2019-03-08 18:52:27 +01:00
|
|
|
{:ok, %User{} = user} = Users.register(%{email: "toto@tata.tld", password: "p4ssw0rd"})
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
resendConfirmationEmail(
|
2018-11-29 17:43:22 +01:00
|
|
|
email: "#{user.email}"
|
2018-11-28 14:48:55 +01:00
|
|
|
)
|
|
|
|
}
|
|
|
|
"""
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
|
|
"You requested again a confirmation email too soon"
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
# Hammer time !
|
2020-01-23 21:59:50 +01:00
|
|
|
Users.update_user(user, %{
|
2018-11-29 17:43:22 +01:00
|
|
|
confirmation_sent_at: Timex.shift(user.confirmation_sent_at, hours: -3)
|
2018-11-28 14:48:55 +01:00
|
|
|
})
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-29 17:43:22 +01:00
|
|
|
assert json_response(res, 200)["data"]["resendConfirmationEmail"] == user.email
|
2019-09-17 02:45:32 +02:00
|
|
|
assert_delivered_email(Email.User.confirmation_email(user))
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
test "test resend_confirmation_email/3 with invalid email resends an validation email",
|
|
|
|
context do
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
resendConfirmationEmail(
|
|
|
|
email: "oh no"
|
|
|
|
)
|
|
|
|
}
|
|
|
|
"""
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
|
|
"No user to validate with this email was found"
|
|
|
|
end
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
describe "Resolver: Send reset password" do
|
2020-06-27 19:12:45 +02:00
|
|
|
test "test send_reset_password/3 with valid email", %{conn: conn} do
|
|
|
|
%User{email: email} = insert(:user)
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @send_reset_password_mutation,
|
|
|
|
variables: %{email: email}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert res["data"]["sendResetPassword"] == email
|
|
|
|
end
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
test "test send_reset_password/3 with invalid email", %{conn: conn} do
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
2020-06-27 19:12:45 +02:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @send_reset_password_mutation,
|
|
|
|
variables: %{email: "not an email"}
|
|
|
|
)
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"No user with this email was found"
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
test "test send_reset_password/3 for an LDAP user", %{conn: conn} do
|
|
|
|
{:ok, %User{email: email}} = Users.create_external("some@users.com", "ldap")
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
2020-06-27 19:12:45 +02:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @send_reset_password_mutation,
|
|
|
|
variables: %{email: email}
|
|
|
|
)
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"This user can't reset their password"
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
2020-10-13 15:21:00 +02:00
|
|
|
|
|
|
|
test "test send_reset_password/3 for a deactivated user doesn't send email", %{conn: conn} do
|
|
|
|
{:ok, %User{email: email} = user} =
|
|
|
|
Users.register(%{email: "toto@tata.tld", password: "p4ssw0rd"})
|
|
|
|
|
|
|
|
Users.update_user(user, %{confirmed_at: DateTime.utc_now(), disabled: true})
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @send_reset_password_mutation,
|
|
|
|
variables: %{email: email}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"No user with this email was found"
|
|
|
|
end
|
2018-11-27 17:54:54 +01:00
|
|
|
end
|
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
describe "Resolver: Reset user's password" do
|
|
|
|
test "test reset_password/3 with valid email", context do
|
2019-03-08 18:52:27 +01:00
|
|
|
{:ok, %User{} = user} = Users.register(%{email: "toto@tata.tld", password: "p4ssw0rd"})
|
2020-06-27 19:12:45 +02:00
|
|
|
Users.update_user(user, %{confirmed_at: DateTime.utc_now()})
|
2018-11-28 14:48:55 +01:00
|
|
|
%Actor{} = insert(:actor, user: user)
|
2020-01-23 21:59:50 +01:00
|
|
|
{:ok, _email_sent} = Email.User.send_password_reset_email(user)
|
|
|
|
%User{reset_password_token: reset_password_token} = Users.get_user!(user.id)
|
2018-11-28 14:48:55 +01:00
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
resetPassword(
|
|
|
|
token: "#{reset_password_token}",
|
|
|
|
password: "new password"
|
|
|
|
) {
|
|
|
|
user {
|
|
|
|
id
|
|
|
|
}
|
2018-11-27 17:54:54 +01:00
|
|
|
}
|
|
|
|
}
|
2018-11-28 14:48:55 +01:00
|
|
|
"""
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
assert is_nil(json_response(res, 200)["errors"])
|
2018-11-28 14:48:55 +01:00
|
|
|
assert json_response(res, 200)["data"]["resetPassword"]["user"]["id"] == to_string(user.id)
|
|
|
|
end
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
test "test reset_password/3 with a password too short", context do
|
|
|
|
%User{} = user = insert(:user)
|
2020-01-23 21:59:50 +01:00
|
|
|
{:ok, _email_sent} = Email.User.send_password_reset_email(user)
|
|
|
|
%User{reset_password_token: reset_password_token} = Users.get_user!(user.id)
|
2018-11-28 14:48:55 +01:00
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
resetPassword(
|
|
|
|
token: "#{reset_password_token}",
|
|
|
|
password: "new"
|
|
|
|
) {
|
|
|
|
user {
|
|
|
|
id
|
|
|
|
}
|
2018-11-27 17:54:54 +01:00
|
|
|
}
|
|
|
|
}
|
2018-11-28 14:48:55 +01:00
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
2019-01-24 15:23:27 +01:00
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
|
|
"The password you have choosen is too short. Please make sure your password contains at least 6 charaters."
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2018-11-28 14:48:55 +01:00
|
|
|
test "test reset_password/3 with an invalid token", context do
|
|
|
|
%User{} = user = insert(:user)
|
2020-01-23 21:59:50 +01:00
|
|
|
{:ok, _email_sent} = Email.User.send_password_reset_email(user)
|
|
|
|
%User{} = Users.get_user!(user.id)
|
2018-11-28 14:48:55 +01:00
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
resetPassword(
|
|
|
|
token: "not good",
|
|
|
|
password: "new"
|
|
|
|
) {
|
|
|
|
user {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2019-01-24 15:23:27 +01:00
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
|
|
"The token you provided is invalid. Make sure that the URL is exactly the one provided inside the email you got."
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
2018-11-27 17:54:54 +01:00
|
|
|
end
|
|
|
|
|
2019-08-12 16:04:16 +02:00
|
|
|
describe "Resolver: Login a user" do
|
2020-06-27 19:12:45 +02:00
|
|
|
test "test login_user/3 with valid credentials", %{conn: conn} do
|
2019-03-08 18:52:27 +01:00
|
|
|
{:ok, %User{} = user} = Users.register(%{email: "toto@tata.tld", password: "p4ssw0rd"})
|
2018-11-28 14:48:55 +01:00
|
|
|
|
|
|
|
{:ok, %User{} = _user} =
|
2019-03-05 17:23:05 +01:00
|
|
|
Users.update_user(user, %{
|
2019-02-14 14:19:55 +01:00
|
|
|
"confirmed_at" => DateTime.utc_now() |> DateTime.truncate(:second),
|
2018-11-28 14:48:55 +01:00
|
|
|
"confirmation_sent_at" => nil,
|
|
|
|
"confirmation_token" => nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
2020-06-27 19:12:45 +02:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @login_mutation,
|
|
|
|
variables: %{email: user.email, password: user.password}
|
|
|
|
)
|
2018-11-28 14:48:55 +01:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
assert login = res["data"]["login"]
|
2019-08-12 16:04:16 +02:00
|
|
|
assert Map.has_key?(login, "accessToken") && not is_nil(login["accessToken"])
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
test "test login_user/3 with invalid password", %{conn: conn} do
|
2019-03-08 18:52:27 +01:00
|
|
|
{:ok, %User{} = user} = Users.register(%{email: "toto@tata.tld", password: "p4ssw0rd"})
|
2018-11-28 14:48:55 +01:00
|
|
|
|
|
|
|
{:ok, %User{} = _user} =
|
2019-03-05 17:23:05 +01:00
|
|
|
Users.update_user(user, %{
|
2019-02-14 14:19:55 +01:00
|
|
|
"confirmed_at" => DateTime.utc_now() |> DateTime.truncate(:second),
|
2018-11-28 14:48:55 +01:00
|
|
|
"confirmation_sent_at" => nil,
|
|
|
|
"confirmation_token" => nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
2020-06-27 19:12:45 +02:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @login_mutation,
|
|
|
|
variables: %{email: user.email, password: "bad password"}
|
|
|
|
)
|
2018-11-28 14:48:55 +01:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
assert hd(res["errors"])["message"] ==
|
2019-01-24 15:23:27 +01:00
|
|
|
"Impossible to authenticate, either your email or password are invalid."
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
test "test login_user/3 with invalid email", %{conn: conn} do
|
2018-11-28 14:48:55 +01:00
|
|
|
res =
|
2020-06-27 19:12:45 +02:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @login_mutation,
|
|
|
|
variables: %{email: "bad email", password: "bad password"}
|
|
|
|
)
|
2018-11-27 17:54:54 +01:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
assert hd(res["errors"])["message"] ==
|
2020-11-30 16:14:13 +01:00
|
|
|
"User not found"
|
2019-10-15 18:13:05 +02:00
|
|
|
end
|
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
test "test login_user/3 with unconfirmed user", %{conn: conn} do
|
2019-10-15 18:13:05 +02:00
|
|
|
{:ok, %User{} = user} = Users.register(%{email: "toto@tata.tld", password: "p4ssw0rd"})
|
|
|
|
|
|
|
|
res =
|
2020-06-27 19:12:45 +02:00
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @login_mutation,
|
|
|
|
variables: %{email: user.email, password: user.password}
|
|
|
|
)
|
2019-10-15 18:13:05 +02:00
|
|
|
|
2020-11-30 16:14:13 +01:00
|
|
|
assert hd(res["errors"])["message"] == "User not found"
|
2018-11-28 14:48:55 +01:00
|
|
|
end
|
2018-11-27 17:54:54 +01:00
|
|
|
end
|
2018-11-29 17:43:22 +01:00
|
|
|
|
2019-08-12 16:04:16 +02:00
|
|
|
describe "Resolver: Refresh a token" do
|
|
|
|
test "test refresh_token/3 with a bad token", context do
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
refreshToken(
|
|
|
|
refreshToken: "bad_token"
|
|
|
|
) {
|
|
|
|
accessToken
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
|
|
"Cannot refresh the token"
|
|
|
|
end
|
|
|
|
|
|
|
|
test "test refresh_token/3 with an appropriate token", context do
|
|
|
|
user = insert(:user)
|
2021-09-10 11:35:32 +02:00
|
|
|
insert(:actor, user: user)
|
2020-06-27 19:12:45 +02:00
|
|
|
{:ok, refresh_token} = Authenticator.generate_refresh_token(user)
|
2019-08-12 16:04:16 +02:00
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
refreshToken(
|
|
|
|
refreshToken: "#{refresh_token}"
|
|
|
|
) {
|
|
|
|
accessToken
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
|
|
|
assert json_response(res, 200)["errors"] == nil
|
|
|
|
|
|
|
|
access_token = json_response(res, 200)["data"]["refreshToken"]["accessToken"]
|
|
|
|
assert String.length(access_token) > 10
|
|
|
|
|
|
|
|
query = """
|
|
|
|
{
|
|
|
|
loggedPerson {
|
|
|
|
preferredUsername,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
context.conn
|
|
|
|
|> Plug.Conn.put_req_header("authorization", "Bearer #{access_token}")
|
|
|
|
|> post("/api", AbsintheHelpers.query_skeleton(query, "logged_person"))
|
|
|
|
|
|
|
|
assert json_response(res, 200)["errors"] == nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-11-29 17:43:22 +01:00
|
|
|
describe "Resolver: change default actor for user" do
|
2021-03-25 10:38:31 +01:00
|
|
|
test "test change_default_actor/3 without being logged-in", %{conn: conn} do
|
2018-11-29 17:43:22 +01:00
|
|
|
# Prepare user with two actors
|
2019-01-25 13:59:58 +01:00
|
|
|
user = insert(:user)
|
|
|
|
insert(:actor, user: user)
|
2018-11-29 17:43:22 +01:00
|
|
|
|
2020-11-17 19:14:55 +01:00
|
|
|
assert {:ok, %User{actors: _actors}} = Users.get_user_with_actors(user.id)
|
2018-11-29 17:43:22 +01:00
|
|
|
|
2019-01-25 13:59:58 +01:00
|
|
|
actor_params = @valid_single_actor_params |> Map.put(:user_id, user.id)
|
2018-11-29 17:43:22 +01:00
|
|
|
assert {:ok, %Actor{} = actor2} = Actors.create_actor(actor_params)
|
|
|
|
|
2019-03-05 17:23:05 +01:00
|
|
|
assert {:ok, %User{actors: actors}} = Users.get_user_with_actors(user.id)
|
2018-11-29 17:43:22 +01:00
|
|
|
assert length(actors) == 2
|
|
|
|
|
2021-03-25 10:38:31 +01:00
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @change_default_actor,
|
|
|
|
variables: %{preferredUsername: actor2.preferred_username}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] == "You need to be logged in"
|
|
|
|
end
|
|
|
|
|
|
|
|
test "test change_default_actor/3 with valid actor", %{conn: conn} do
|
|
|
|
# Prepare user with two actors
|
|
|
|
user = insert(:user)
|
|
|
|
insert(:actor, user: user)
|
|
|
|
|
|
|
|
assert {:ok, %User{actors: _actors}} = Users.get_user_with_actors(user.id)
|
|
|
|
|
|
|
|
actor_params = @valid_single_actor_params |> Map.put(:user_id, user.id)
|
|
|
|
assert {:ok, %Actor{} = actor2} = Actors.create_actor(actor_params)
|
|
|
|
|
|
|
|
assert {:ok, %User{actors: actors}} = Users.get_user_with_actors(user.id)
|
|
|
|
assert length(actors) == 2
|
2018-11-29 17:43:22 +01:00
|
|
|
|
|
|
|
res =
|
2021-03-25 10:38:31 +01:00
|
|
|
conn
|
2018-11-29 17:43:22 +01:00
|
|
|
|> auth_conn(user)
|
2021-03-25 10:38:31 +01:00
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @change_default_actor,
|
|
|
|
variables: %{preferredUsername: actor2.preferred_username}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert res["errors"] == nil
|
2018-11-29 17:43:22 +01:00
|
|
|
|
2021-03-25 10:38:31 +01:00
|
|
|
assert res["data"]["changeDefaultActor"]["defaultActor"]["preferredUsername"] ==
|
|
|
|
actor2.preferred_username
|
2018-11-29 17:43:22 +01:00
|
|
|
end
|
|
|
|
end
|
2019-09-24 18:08:33 +02:00
|
|
|
|
|
|
|
describe "Resolver: Change password for an user" do
|
|
|
|
@email "toto@tata.tld"
|
|
|
|
@old_password "p4ssw0rd"
|
|
|
|
@new_password "upd4t3d"
|
|
|
|
|
|
|
|
test "change_password/3 with valid password", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @email, password: @old_password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
"confirmed_at" => Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
"confirmation_sent_at" => nil,
|
|
|
|
"confirmation_token" => nil
|
|
|
|
})
|
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
login(
|
|
|
|
email: "#{@email}",
|
|
|
|
password: "#{@old_password}",
|
|
|
|
) {
|
|
|
|
accessToken,
|
|
|
|
refreshToken,
|
|
|
|
user {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
|
|
|
assert login = json_response(res, 200)["data"]["login"]
|
|
|
|
assert Map.has_key?(login, "accessToken") && not is_nil(login["accessToken"])
|
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
changePassword(old_password: "#{@old_password}", new_password: "#{@new_password}") {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
|
|
|
assert json_response(res, 200)["errors"] == nil
|
|
|
|
assert json_response(res, 200)["data"]["changePassword"]["id"] == to_string(user.id)
|
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
login(
|
|
|
|
email: "#{@email}",
|
|
|
|
password: "#{@new_password}",
|
|
|
|
) {
|
|
|
|
accessToken,
|
|
|
|
refreshToken,
|
|
|
|
user {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
|
|
|
assert login = json_response(res, 200)["data"]["login"]
|
|
|
|
assert Map.has_key?(login, "accessToken") && not is_nil(login["accessToken"])
|
|
|
|
end
|
|
|
|
|
|
|
|
test "change_password/3 with invalid password", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @email, password: @old_password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
"confirmed_at" => Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
"confirmation_sent_at" => nil,
|
|
|
|
"confirmation_token" => nil
|
|
|
|
})
|
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
changePassword(old_password: "invalid password", new_password: "#{@new_password}") {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] == "The current password is invalid"
|
|
|
|
end
|
|
|
|
|
|
|
|
test "change_password/3 with same password", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @email, password: @old_password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
"confirmed_at" => Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
"confirmation_sent_at" => nil,
|
|
|
|
"confirmation_token" => nil
|
|
|
|
})
|
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
changePassword(old_password: "#{@old_password}", new_password: "#{@old_password}") {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
|
|
"The new password must be different"
|
|
|
|
end
|
|
|
|
|
|
|
|
test "change_password/3 with new password too short", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @email, password: @old_password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
"confirmed_at" => Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
"confirmation_sent_at" => nil,
|
|
|
|
"confirmation_token" => nil
|
|
|
|
})
|
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
changePassword(old_password: "#{@old_password}", new_password: "new") {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
|
|
"The password you have chosen is too short. Please make sure your password contains at least 6 characters."
|
|
|
|
end
|
|
|
|
|
|
|
|
test "change_password/3 without being authenticated", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @email, password: @old_password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
"confirmed_at" => Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
"confirmation_sent_at" => nil,
|
|
|
|
"confirmation_token" => nil
|
|
|
|
})
|
|
|
|
|
|
|
|
mutation = """
|
|
|
|
mutation {
|
|
|
|
changePassword(old_password: "#{@old_password}", new_password: "#{@new_password}") {
|
|
|
|
id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
|
|
"You need to be logged-in to change your password"
|
|
|
|
end
|
|
|
|
end
|
2020-02-13 15:48:12 +01:00
|
|
|
|
|
|
|
describe "Resolver: Change email for an user" do
|
|
|
|
@old_email "old@domain.tld"
|
|
|
|
@new_email "new@domain.tld"
|
|
|
|
@password "p4ssw0rd"
|
|
|
|
|
|
|
|
test "change_email/3 with valid email", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @old_email, password: @password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
confirmation_sent_at: nil,
|
|
|
|
confirmation_token: nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @login_mutation,
|
|
|
|
variables: %{email: @old_email, password: @password}
|
|
|
|
)
|
|
|
|
|
|
|
|
login = res["data"]["login"]
|
|
|
|
assert Map.has_key?(login, "accessToken") && not is_nil(login["accessToken"])
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @change_email_mutation,
|
|
|
|
variables: %{email: @new_email, password: @password}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert res["errors"] == nil
|
|
|
|
assert res["data"]["changeEmail"]["id"] == to_string(user.id)
|
|
|
|
|
|
|
|
user = Users.get_user!(user.id)
|
|
|
|
assert user.email == @old_email
|
|
|
|
assert user.unconfirmed_email == @new_email
|
|
|
|
|
|
|
|
assert_delivered_email(Email.User.send_email_reset_old_email(user))
|
|
|
|
assert_delivered_email(Email.User.send_email_reset_new_email(user))
|
|
|
|
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @validate_email_mutation,
|
|
|
|
variables: %{token: user.confirmation_token}
|
|
|
|
)
|
|
|
|
|
|
|
|
user = Users.get_user!(user.id)
|
|
|
|
assert user.email == @new_email
|
|
|
|
assert user.unconfirmed_email == nil
|
|
|
|
end
|
|
|
|
|
2021-03-23 16:38:37 +01:00
|
|
|
test "change_email/3 with valid email but invalid token", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @old_email, password: @password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
confirmation_sent_at: nil,
|
|
|
|
confirmation_token: nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @login_mutation,
|
|
|
|
variables: %{email: @old_email, password: @password}
|
|
|
|
)
|
|
|
|
|
|
|
|
login = res["data"]["login"]
|
|
|
|
assert Map.has_key?(login, "accessToken") && not is_nil(login["accessToken"])
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @change_email_mutation,
|
|
|
|
variables: %{email: @new_email, password: @password}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert res["errors"] == nil
|
|
|
|
assert res["data"]["changeEmail"]["id"] == to_string(user.id)
|
|
|
|
|
|
|
|
user = Users.get_user!(user.id)
|
|
|
|
assert user.email == @old_email
|
|
|
|
assert user.unconfirmed_email == @new_email
|
|
|
|
|
|
|
|
assert_delivered_email(Email.User.send_email_reset_old_email(user))
|
|
|
|
assert_delivered_email(Email.User.send_email_reset_new_email(user))
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @validate_email_mutation,
|
|
|
|
variables: %{token: "some token"}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] == "Invalid activation token"
|
|
|
|
|
|
|
|
user = Users.get_user!(user.id)
|
|
|
|
assert user.email == @old_email
|
|
|
|
assert user.unconfirmed_email == @new_email
|
|
|
|
end
|
|
|
|
|
2020-02-13 15:48:12 +01:00
|
|
|
test "change_email/3 with invalid password", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @old_email, password: @password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
confirmation_sent_at: nil,
|
|
|
|
confirmation_token: nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @change_email_mutation,
|
|
|
|
variables: %{email: @new_email, password: "invalid_password"}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] == "The password provided is invalid"
|
|
|
|
end
|
|
|
|
|
|
|
|
test "change_email/3 with same email", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @old_email, password: @password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
confirmation_sent_at: nil,
|
|
|
|
confirmation_token: nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @change_email_mutation,
|
|
|
|
variables: %{email: @old_email, password: @password}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] == "The new email must be different"
|
|
|
|
end
|
|
|
|
|
|
|
|
test "change_email/3 with invalid email", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @old_email, password: @password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
confirmation_sent_at: nil,
|
|
|
|
confirmation_token: nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @change_email_mutation,
|
|
|
|
variables: %{email: "invalid email", password: @password}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] == "The new email doesn't seem to be valid"
|
|
|
|
end
|
|
|
|
|
|
|
|
test "change_password/3 without being authenticated", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @old_email, password: @password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
confirmation_sent_at: nil,
|
|
|
|
confirmation_token: nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @change_email_mutation,
|
|
|
|
variables: %{email: @new_email, password: @password}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"You need to be logged-in to change your email"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "Resolver: User deletes it's account" do
|
|
|
|
@email "mail@domain.tld"
|
|
|
|
@password "p4ssw0rd"
|
|
|
|
|
|
|
|
test "delete_account/3 with valid password", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @email, password: @password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
confirmation_sent_at: nil,
|
|
|
|
confirmation_token: nil
|
|
|
|
})
|
|
|
|
|
|
|
|
%Actor{} = actor1 = insert(:actor, user: user)
|
|
|
|
%Actor{} = actor2 = insert(:actor, user: user)
|
|
|
|
%Event{id: event_id} = event = insert(:event, organizer_actor: actor1)
|
|
|
|
|
|
|
|
%Participant{id: participant_id} =
|
|
|
|
insert(:participant, event: event, actor: actor2, role: :participant)
|
|
|
|
|
|
|
|
%Comment{id: comment_id} = insert(:comment, actor: actor2, event: event)
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @delete_user_account_mutation,
|
|
|
|
variables: %{password: @password}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert res["data"]["deleteAccount"]["id"] == to_string(user.id)
|
|
|
|
|
|
|
|
assert [
|
|
|
|
%Oban.Job{args: %{"actor_id" => actor2_id, "op" => "delete_actor"}},
|
|
|
|
%Oban.Job{args: %{"actor_id" => actor1_id, "op" => "delete_actor"}}
|
|
|
|
] = all_enqueued(queue: :background)
|
|
|
|
|
|
|
|
assert MapSet.new([actor1.id, actor2.id]) == MapSet.new([actor1_id, actor2_id])
|
|
|
|
|
2020-10-13 15:07:51 +02:00
|
|
|
assert is_nil(Users.get_user(user.id))
|
2020-02-13 15:48:12 +01:00
|
|
|
|
2020-08-12 14:34:19 +02:00
|
|
|
assert %{success: 2, failure: 0} == Oban.drain_queue(queue: :background)
|
2020-02-13 15:48:12 +01:00
|
|
|
|
|
|
|
assert_raise Ecto.NoResultsError, fn ->
|
|
|
|
Events.get_event!(event_id)
|
|
|
|
end
|
|
|
|
|
|
|
|
assert_raise Ecto.NoResultsError, fn ->
|
2020-07-09 17:24:28 +02:00
|
|
|
Discussions.get_comment!(comment_id)
|
2020-02-13 15:48:12 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
# Actors are not deleted but emptied (to keep the username reserved)
|
|
|
|
actor1 = Actors.get_actor!(actor1_id)
|
|
|
|
assert actor1.suspended
|
|
|
|
assert is_nil(actor1.name)
|
|
|
|
|
|
|
|
actor2 = Actors.get_actor!(actor2_id)
|
|
|
|
assert actor2.suspended
|
|
|
|
assert is_nil(actor2.name)
|
|
|
|
|
|
|
|
assert is_nil(Events.get_participant(participant_id))
|
|
|
|
end
|
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
test "delete_account/3 with 3rd-party auth login", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.create_external(@email, "keycloak")
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> AbsintheHelpers.graphql_query(query: @delete_user_account_mutation)
|
|
|
|
|
|
|
|
assert is_nil(res["errors"])
|
|
|
|
assert res["data"]["deleteAccount"]["id"] == to_string(user.id)
|
|
|
|
end
|
|
|
|
|
2020-02-13 15:48:12 +01:00
|
|
|
test "delete_account/3 with invalid password", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @email, password: @password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
confirmation_sent_at: nil,
|
|
|
|
confirmation_token: nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> auth_conn(user)
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @delete_user_account_mutation,
|
|
|
|
variables: %{password: "invalid password"}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] == "The password provided is invalid"
|
|
|
|
end
|
|
|
|
|
|
|
|
test "delete_account/3 without being authenticated", %{conn: conn} do
|
|
|
|
{:ok, %User{} = user} = Users.register(%{email: @email, password: @password})
|
|
|
|
|
|
|
|
# Hammer time !
|
|
|
|
{:ok, %User{} = _user} =
|
|
|
|
Users.update_user(user, %{
|
|
|
|
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
|
|
|
|
confirmation_sent_at: nil,
|
|
|
|
confirmation_token: nil
|
|
|
|
})
|
|
|
|
|
|
|
|
res =
|
|
|
|
conn
|
|
|
|
|> AbsintheHelpers.graphql_query(
|
|
|
|
query: @delete_user_account_mutation,
|
|
|
|
variables: %{password: "invalid password"}
|
|
|
|
)
|
|
|
|
|
|
|
|
assert hd(res["errors"])["message"] ==
|
|
|
|
"You need to be logged-in to delete your account"
|
|
|
|
end
|
|
|
|
end
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|