cannery/test/cannery_web/controllers/user_settings_controller_test.exs

142 lines
5.1 KiB
Elixir
Raw Normal View History

2021-03-11 21:12:55 -05:00
defmodule CanneryWeb.UserSettingsControllerTest do
2022-02-16 21:20:04 -05:00
@moduledoc """
Tests the user settings controller
"""
2021-03-11 21:12:55 -05:00
2022-02-16 21:20:04 -05:00
use CanneryWeb.ConnCase, async: true
2021-03-11 21:12:55 -05:00
alias Cannery.Accounts
2022-02-16 21:20:04 -05:00
@moduletag :user_settings_controller_test
2021-03-11 21:12:55 -05:00
setup :register_and_log_in_user
describe "GET /users/settings" do
test "renders settings page", %{conn: conn} do
conn = get(conn, Routes.user_settings_path(conn, :edit))
response = html_response(conn, 200)
2023-03-28 21:55:49 -04:00
assert response =~ "Settings"
2021-03-11 21:12:55 -05:00
end
test "redirects if user is not logged in" do
conn = build_conn()
conn = get(conn, Routes.user_settings_path(conn, :edit))
assert redirected_to(conn) == Routes.user_session_path(conn, :new)
end
end
describe "PUT /users/settings (change password form)" do
2022-02-17 20:45:42 -05:00
test "updates the user password and resets tokens",
%{conn: conn, current_user: current_user} do
2021-03-11 21:12:55 -05:00
new_password_conn =
put(conn, Routes.user_settings_path(conn, :update), %{
2023-03-28 21:55:49 -04:00
action: "update_password",
current_password: valid_user_password(),
user: %{
password: "new valid password",
password_confirmation: "new valid password"
2021-03-11 21:12:55 -05:00
}
})
assert redirected_to(new_password_conn) == Routes.user_settings_path(conn, :edit)
assert get_session(new_password_conn, :user_token) != get_session(conn, :user_token)
2023-03-28 21:55:49 -04:00
assert get_flash(new_password_conn, :info) =~ "Password updated successfully"
2022-02-17 20:45:42 -05:00
assert Accounts.get_user_by_email_and_password(current_user.email, "new valid password")
2021-03-11 21:12:55 -05:00
end
test "does not update password on invalid data", %{conn: conn} do
old_password_conn =
put(conn, Routes.user_settings_path(conn, :update), %{
2023-03-28 21:55:49 -04:00
action: "update_password",
current_password: "invalid",
user: %{
password: "too short",
password_confirmation: "does not match"
2021-03-11 21:12:55 -05:00
}
})
response = html_response(old_password_conn, 200)
2023-03-28 21:55:49 -04:00
assert response =~ "Settings"
assert response =~ "should be at least 12 character(s)"
assert response =~ "does not match password"
assert response =~ "is not valid"
2021-03-11 21:12:55 -05:00
assert get_session(old_password_conn, :user_token) == get_session(conn, :user_token)
end
end
describe "PUT /users/settings (change email form)" do
@tag :capture_log
2022-02-17 20:45:42 -05:00
test "updates the user email", %{conn: conn, current_user: current_user} do
2021-03-11 21:12:55 -05:00
conn =
put(conn, Routes.user_settings_path(conn, :update), %{
2023-03-28 21:55:49 -04:00
action: "update_email",
current_password: valid_user_password(),
user: %{email: unique_user_email()}
2021-03-11 21:12:55 -05:00
})
assert redirected_to(conn) == Routes.user_settings_path(conn, :edit)
2022-02-16 21:20:04 -05:00
assert get_flash(conn, :info) =~
2023-03-28 21:55:49 -04:00
"A link to confirm your email change has been sent to the new address."
2022-02-16 21:20:04 -05:00
2022-02-17 20:45:42 -05:00
assert Accounts.get_user_by_email(current_user.email)
2021-03-11 21:12:55 -05:00
end
test "does not update email on invalid data", %{conn: conn} do
conn =
put(conn, Routes.user_settings_path(conn, :update), %{
2023-03-28 21:55:49 -04:00
action: "update_email",
current_password: "invalid",
user: %{email: "with spaces"}
2021-03-11 21:12:55 -05:00
})
response = html_response(conn, 200)
2023-03-28 21:55:49 -04:00
assert response =~ "Settings"
assert response =~ "must have the @ sign and no spaces"
assert response =~ "is not valid"
2021-03-11 21:12:55 -05:00
end
end
describe "GET /users/settings/confirm_email/:token" do
2022-02-17 20:45:42 -05:00
setup %{current_user: current_user} do
2021-03-11 21:12:55 -05:00
email = unique_user_email()
token =
extract_user_token(fn url ->
2022-02-17 20:45:42 -05:00
Accounts.deliver_update_email_instructions(
%{current_user | email: email},
current_user.email,
url
)
2021-03-11 21:12:55 -05:00
end)
%{token: token, email: email}
end
2022-02-17 20:45:42 -05:00
test "updates the user email once",
%{conn: conn, current_user: current_user, token: token, email: email} do
2021-03-11 21:12:55 -05:00
conn = get(conn, Routes.user_settings_path(conn, :confirm_email, token))
assert redirected_to(conn) == Routes.user_settings_path(conn, :edit)
2023-03-28 21:55:49 -04:00
assert get_flash(conn, :info) =~ "Email changed successfully"
2022-02-17 20:45:42 -05:00
refute Accounts.get_user_by_email(current_user.email)
2021-03-11 21:12:55 -05:00
assert Accounts.get_user_by_email(email)
conn = get(conn, Routes.user_settings_path(conn, :confirm_email, token))
assert redirected_to(conn) == Routes.user_settings_path(conn, :edit)
2023-03-28 21:55:49 -04:00
assert get_flash(conn, :error) =~ "Email change link is invalid or it has expired"
2021-03-11 21:12:55 -05:00
end
2022-02-17 20:45:42 -05:00
test "does not update email with invalid token", %{conn: conn, current_user: current_user} do
2021-03-11 21:12:55 -05:00
conn = get(conn, Routes.user_settings_path(conn, :confirm_email, "oops"))
assert redirected_to(conn) == Routes.user_settings_path(conn, :edit)
2023-03-28 21:55:49 -04:00
assert get_flash(conn, :error) =~ "Email change link is invalid or it has expired"
2022-02-17 20:45:42 -05:00
assert Accounts.get_user_by_email(current_user.email)
2021-03-11 21:12:55 -05:00
end
test "redirects if user is not logged in", %{token: token} do
conn = build_conn()
conn = get(conn, Routes.user_settings_path(conn, :confirm_email, token))
assert redirected_to(conn) == Routes.user_session_path(conn, :new)
end
end
end