consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
398dbd0583e8ab57e5655ab1ef2b3ef1e63d144f
grecia/spec/system/multitenancy_spec.rb
Javi Martín e38b860374 Use the right tenant after Devise redirections 
This is something we had read about a long time ago, but didn't find how
to reproduce the issue until now.

As mentioned in the Apartment documentation:

> it's important to consider that you may want to maintain the
> "selected" tenant through different parts of the Rack application
> stack. For example, the Devise gem adds the Warden::Manager middleware
> at the end of the stack in the examples above, our
> Apartment::Elevators::Subdomain middleware would come after it.
> Trouble is, Apartment resets the selected tenant after the request is
> finished, so some redirects (e.g.  authentication) in Devise will be
> run in the context of the "public" tenant. The same issue would also
> effect a gem such as the better_errors gem which inserts a middleware
> quite early in the Rails middleware stack.
>
> To resolve this issue, consider adding the Apartment middleware at a
> location in the Rack stack that makes sense for your needs, e.g.:
>
> Rails.application.config.middleware.insert_before Warden::Manager,
> Apartment::Elevators::Subdomain
>
> Now work done in the Warden middleware is wrapped in the
> Apartment::Tenant.switch context started in the Generic elevator.
2022-11-19 17:49:27 +01:00

173 lines
5.1 KiB
Ruby
Raw Blame History

require "rails_helper"
describe "Multitenancy", :seed_tenants do
before do
create(:tenant, schema: "mars")
create(:tenant, schema: "venus")
end
scenario "Disabled features", :no_js do
Tenant.switch("mars") { Setting["process.debates"] = true }
Tenant.switch("venus") { Setting["process.debates"] = nil }
with_subdomain("mars") do
visit debates_path
expect(page).to have_css "#debates"
end
with_subdomain("venus") do
expect { visit debates_path }.to raise_exception(FeatureFlags::FeatureDisabled)
end
end
scenario "Content is different for differents tenants" do
Tenant.switch("mars") { create(:poll, name: "Human rights for Martians?") }
with_subdomain("mars") do
visit polls_path
expect(page).to have_content "Human rights for Martians?"
expect(page).to have_css "html.tenant-mars"
expect(page).not_to have_css "html.tenant-venus"
end
with_subdomain("venus") do
visit polls_path
expect(page).to have_content "There are no open votings"
expect(page).to have_css "html.tenant-venus"
expect(page).not_to have_css "html.tenant-mars"
end
end
scenario "PostgreSQL extensions work for tenants" do
Tenant.switch("mars") { login_as(create(:user)) }
with_subdomain("mars") do
visit new_proposal_path
fill_in "Proposal title", with: "Use the unaccent extension in Mars"
fill_in "Proposal summary", with: "tsvector for María the Martian"
check "I agree to the Privacy Policy and the Terms and conditions of use"
click_button "Create proposal"
expect(page).to have_content "Proposal created successfully."
click_link "No, I want to publish the proposal"
expect(page).to have_content "You've created a proposal!"
visit proposals_path
click_button "Advanced search"
fill_in "With the text", with: "Maria the Martian"
click_button "Filter"
expect(page).to have_content "Search results"
expect(page).to have_content "María the Martian"
end
end
scenario "Creating content in one tenant doesn't affect other tenants" do
Tenant.switch("mars") { login_as(create(:user)) }
with_subdomain("mars") do
visit new_debate_path
fill_in "Debate title", with: "Found any water here?"
fill_in_ckeditor "Initial debate text", with: "Found any water here?"
check "I agree to the Privacy Policy and the Terms and conditions of use"
click_button "Start a debate"
expect(page).to have_content "Debate created successfully."
expect(page).to have_content "Found any water here?"
end
with_subdomain("venus") do
visit debates_path
expect(page).to have_content "Sign in"
expect(page).not_to have_css ".debate"
visit new_debate_path
expect(page).to have_content "You must sign in or register to continue."
end
end
scenario "Users from another tenant cannot vote" do
Tenant.switch("mars") { create(:proposal, title: "Earth invasion") }
Tenant.switch("venus") { login_as(create(:user)) }
with_subdomain("venus") do
visit proposals_path
expect(page).to have_content "Sign out"
expect(page).not_to have_content "Earth invasion"
end
with_subdomain("mars") do
visit proposals_path
within(".proposal", text: "Earth invasion") do
click_button "Support"
expect(page).to have_content "You must sign in or sign up to continue"
end
end
end
scenario "Sign up into subdomain" do
with_subdomain("mars") do
visit "/"
click_link "Register"
fill_in "Username", with: "Marty McMartian"
fill_in "Email", with: "marty@consul.dev"
fill_in "Password", with: "20151021"
fill_in "Confirm password", with: "20151021"
check "By registering you accept the terms and conditions of use"
click_button "Register"
confirm_email
expect(page).to have_content "Your account has been confirmed."
end
end
scenario "Users from another tenant can't sign in" do
Tenant.switch("mars") { create(:user, email: "marty@consul.dev", password: "20151021") }
with_subdomain("mars") do
visit new_user_session_path
fill_in "Email or username", with: "marty@consul.dev"
fill_in "Password", with: "20151021"
click_button "Enter"
expect(page).to have_content "You have been signed in successfully."
end
with_subdomain("venus") do
visit new_user_session_path
fill_in "Email or username", with: "marty@consul.dev"
fill_in "Password", with: "20151021"
click_button "Enter"
expect(page).to have_content "Invalid Email or username or password."
end
end
scenario "Uses the right tenant after failing to sign in" do
with_subdomain("mars") do
visit new_user_session_path
fill_in "Email or username", with: "wrong@consul.dev"
fill_in "Password", with: "wrong"
click_button "Enter"
expect(page).to have_content "Invalid Email or username or password"
expect(page).to have_css "html.tenant-mars"
expect(page).not_to have_css "html.tenant-public"
end
end
end
Reference in New Issue View Git Blame Copy Permalink