Use login form in tests checking expired passwords
The controller provided by the `devise-security` gem which tests password is expired does not execute the `before_action` we have in our application controller. That means it doesn't set the current locale. We were having issues in the tests checking this behavior if the previous test had set the current locale to a different one. This meant the process running the browser had one locale while the process running the test had a different one, which resulted in a page in English (as expected), only the flash message notifying users their password expired was in a different language. To reproduce this behavior, run: ``` rspec './spec/system/welcome_spec.rb[1:1:2:2:1]' spec/system/users_auth_spec.rb:623 --order defined ``` I'm not sure whether this is a bug or it's a problem with the tests. In theory it might be possible to reproduce a similar behavior in production due to what we mention about the controller not executing the `set_current_locale` method. But I haven't been able to reproduce the situation, particularly since the password expiration seems to be checked exclusively at login time (that is, if you stay logged in for 10 years, your password doesn't seem to expire). So for now I'm just making the tests pass by using the login form instead of using `login_as`.
This commit is contained in:
Javi Martín
@@ -580,11 +580,13 @@ describe "Users" do
|
|||||||
end
|
end
|
||||||
|
|
||||||
scenario "Sign in, admin with password expired" do
|
scenario "Sign in, admin with password expired" do
|
||||||
user = create(:user, password_changed_at: Time.current - 1.year)
|
user = create(:administrator).user
|
||||||
admin = create(:administrator, user: user)
|
user.update!(password_changed_at: Time.current - 1.year)
|
||||||
|
|
||||||
login_as(admin.user)
|
visit new_user_session_path
|
||||||
visit root_path
|
fill_in "Email or username", with: user.email
|
||||||
|
fill_in "Password", with: user.password
|
||||||
|
click_button "Enter"
|
||||||
|
|
||||||
expect(page).to have_content "Your password is expired"
|
expect(page).to have_content "Your password is expired"
|
||||||
|
|
||||||
@@ -617,11 +619,13 @@ describe "Users" do
|
|||||||
end
|
end
|
||||||
|
|
||||||
scenario "Admin with password expired trying to use same password" do
|
scenario "Admin with password expired trying to use same password" do
|
||||||
user = create(:user, password_changed_at: Time.current - 1.year, password: "123456789")
|
user = create(:administrator).user
|
||||||
admin = create(:administrator, user: user)
|
user.update!(password_changed_at: Time.current - 1.year, password: "123456789")
|
||||||
|
|
||||||
login_as(admin.user)
|
visit new_user_session_path
|
||||||
visit root_path
|
fill_in "Email or username", with: user.email
|
||||||
|
fill_in "Password", with: user.password
|
||||||
|
click_button "Enter"
|
||||||
|
|
||||||
expect(page).to have_content "Your password is expired"
|
expect(page).to have_content "Your password is expired"
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user