573f0e62cc
When using a link, people using screen readers might think they're going to a new page where the password is going to be shown. With a button, they get a better idea about what to expect. Furthermore, with a button, we can use the `aria-pressed` attribute to indicate whether the password is currently being shown.
110 lines
3.1 KiB
Ruby
110 lines
3.1 KiB
Ruby
require "rails_helper"
|
|
|
|
describe "Account" do
|
|
scenario "Should not allow unverified users to edit their account" do
|
|
user = create(:user)
|
|
login_managed_user(user)
|
|
|
|
login_as_manager
|
|
click_link "Reset password via email"
|
|
|
|
expect(page).to have_content "No verified user logged in yet"
|
|
end
|
|
|
|
scenario "Send reset password email to currently managed user session" do
|
|
user = create(:user, :level_three)
|
|
login_managed_user(user)
|
|
|
|
login_as_manager
|
|
click_link "Reset password via email"
|
|
|
|
click_link "Send reset password email"
|
|
|
|
expect(page).to have_content "Email correctly sent."
|
|
|
|
email = ActionMailer::Base.deliveries.last
|
|
|
|
expect(email).to have_text "Change your password"
|
|
end
|
|
|
|
scenario "Manager manually writes the new password" do
|
|
user = create(:user, :level_three)
|
|
login_managed_user(user)
|
|
|
|
login_as_manager
|
|
click_link "Reset password manually"
|
|
|
|
fill_in "Password", with: "new_password"
|
|
|
|
click_button "Save password"
|
|
|
|
expect(page).to have_content "Password reseted successfully"
|
|
expect(page).to have_link "Print password", href: "javascript:window.print();"
|
|
expect(page).to have_css "div.for-print-only", text: "new_password", visible: :hidden
|
|
|
|
logout
|
|
|
|
login_through_form_with(user.email, password: "new_password")
|
|
|
|
expect(page).to have_content "You have been signed in successfully."
|
|
end
|
|
|
|
scenario "Manager generates random password" do
|
|
user = create(:user, :level_three)
|
|
login_managed_user(user)
|
|
|
|
login_as_manager
|
|
click_link "Reset password manually"
|
|
click_link "Generate random password"
|
|
|
|
new_password = find_field("user_password").value
|
|
|
|
expect(page).to have_field "Password", type: :password
|
|
expect(page).to have_css "button[aria-pressed=false]", exact_text: "Show password"
|
|
|
|
click_button "Show password"
|
|
|
|
expect(page).to have_field "Password", type: :text
|
|
expect(page).to have_css "button[aria-pressed=true]", exact_text: "Show password"
|
|
|
|
click_button "Show password"
|
|
|
|
expect(page).to have_field "Password", type: :password
|
|
expect(page).to have_css "button[aria-pressed=false]", exact_text: "Show password"
|
|
|
|
click_button "Save password"
|
|
|
|
expect(page).to have_content "Password reseted successfully"
|
|
|
|
logout
|
|
|
|
login_through_form_with(user.username, password: new_password)
|
|
|
|
expect(page).to have_content "You have been signed in successfully."
|
|
end
|
|
|
|
describe "When a user has not been selected" do
|
|
before do
|
|
Setting["feature.user.skip_verification"] = "true"
|
|
end
|
|
|
|
scenario "we can't reset password via email" do
|
|
login_as_manager
|
|
|
|
click_link "Reset password via email"
|
|
|
|
expect(page).to have_content "To perform this action you must select a user"
|
|
expect(page).to have_current_path management_document_verifications_path
|
|
end
|
|
|
|
scenario "we can't reset password manually" do
|
|
login_as_manager
|
|
|
|
click_link "Reset password manually"
|
|
|
|
expect(page).to have_content "To perform this action you must select a user"
|
|
expect(page).to have_current_path management_document_verifications_path
|
|
end
|
|
end
|
|
end
|