code.gitea.io/gitea@v1.22.3/tests/integration/signup_test.go (about) 1 // Copyright 2017 The Gitea Authors. All rights reserved. 2 // SPDX-License-Identifier: MIT 3 4 package integration 5 6 import ( 7 "fmt" 8 "net/http" 9 "strings" 10 "testing" 11 12 "code.gitea.io/gitea/models/unittest" 13 user_model "code.gitea.io/gitea/models/user" 14 "code.gitea.io/gitea/modules/setting" 15 "code.gitea.io/gitea/modules/test" 16 "code.gitea.io/gitea/modules/translation" 17 "code.gitea.io/gitea/tests" 18 19 "github.com/stretchr/testify/assert" 20 ) 21 22 func TestSignup(t *testing.T) { 23 defer tests.PrepareTestEnv(t)() 24 25 setting.Service.EnableCaptcha = false 26 27 req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{ 28 "user_name": "exampleUser", 29 "email": "exampleUser@example.com", 30 "password": "examplePassword!1", 31 "retype": "examplePassword!1", 32 }) 33 MakeRequest(t, req, http.StatusSeeOther) 34 35 // should be able to view new user's page 36 req = NewRequest(t, "GET", "/exampleUser") 37 MakeRequest(t, req, http.StatusOK) 38 } 39 40 func TestSignupAsRestricted(t *testing.T) { 41 defer tests.PrepareTestEnv(t)() 42 43 setting.Service.EnableCaptcha = false 44 setting.Service.DefaultUserIsRestricted = true 45 46 req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{ 47 "user_name": "restrictedUser", 48 "email": "restrictedUser@example.com", 49 "password": "examplePassword!1", 50 "retype": "examplePassword!1", 51 }) 52 MakeRequest(t, req, http.StatusSeeOther) 53 54 // should be able to view new user's page 55 req = NewRequest(t, "GET", "/restrictedUser") 56 MakeRequest(t, req, http.StatusOK) 57 58 user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "restrictedUser"}) 59 assert.True(t, user2.IsRestricted) 60 } 61 62 func TestSignupEmailValidation(t *testing.T) { 63 defer tests.PrepareTestEnv(t)() 64 65 setting.Service.EnableCaptcha = false 66 67 tests := []struct { 68 email string 69 wantStatus int 70 wantMsg string 71 }{ 72 {"exampleUser@example.com\r\n", http.StatusOK, translation.NewLocale("en-US").TrString("form.email_invalid")}, 73 {"exampleUser@example.com\r", http.StatusOK, translation.NewLocale("en-US").TrString("form.email_invalid")}, 74 {"exampleUser@example.com\n", http.StatusOK, translation.NewLocale("en-US").TrString("form.email_invalid")}, 75 {"exampleUser@example.com", http.StatusSeeOther, ""}, 76 } 77 78 for i, test := range tests { 79 req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{ 80 "user_name": fmt.Sprintf("exampleUser%d", i), 81 "email": test.email, 82 "password": "examplePassword!1", 83 "retype": "examplePassword!1", 84 }) 85 resp := MakeRequest(t, req, test.wantStatus) 86 if test.wantMsg != "" { 87 htmlDoc := NewHTMLParser(t, resp.Body) 88 assert.Equal(t, 89 test.wantMsg, 90 strings.TrimSpace(htmlDoc.doc.Find(".ui.message").Text()), 91 ) 92 } 93 } 94 } 95 96 func TestSignupEmailActive(t *testing.T) { 97 defer tests.PrepareTestEnv(t)() 98 defer test.MockVariableValue(&setting.Service.RegisterEmailConfirm, true)() 99 100 // try to sign up and send the activation email 101 req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{ 102 "user_name": "test-user-1", 103 "email": "email-1@example.com", 104 "password": "password1", 105 "retype": "password1", 106 }) 107 resp := MakeRequest(t, req, http.StatusOK) 108 assert.Contains(t, resp.Body.String(), `A new confirmation email has been sent to <b>email-1@example.com</b>.`) 109 110 // access "user/activate" means trying to re-send the activation email 111 session := loginUserWithPassword(t, "test-user-1", "password1") 112 resp = session.MakeRequest(t, NewRequest(t, "GET", "/user/activate"), http.StatusOK) 113 assert.Contains(t, resp.Body.String(), "You have already requested an activation email recently") 114 115 // access anywhere else will see a "Activate Your Account" prompt, and there is a chance to change email 116 resp = session.MakeRequest(t, NewRequest(t, "GET", "/user/issues"), http.StatusOK) 117 assert.Contains(t, resp.Body.String(), `<input id="change-email" name="change_email" `) 118 119 // post to "user/activate" with a new email 120 session.MakeRequest(t, NewRequestWithValues(t, "POST", "/user/activate", map[string]string{"change_email": "email-changed@example.com"}), http.StatusSeeOther) 121 user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "test-user-1"}) 122 assert.Equal(t, "email-changed@example.com", user.Email) 123 email := unittest.AssertExistsAndLoadBean(t, &user_model.EmailAddress{Email: "email-changed@example.com"}) 124 assert.False(t, email.IsActivated) 125 assert.True(t, email.IsPrimary) 126 127 // access "user/activate" with a valid activation code, then get the "verify password" page 128 user = unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "test-user-1"}) 129 activationCode := user.GenerateEmailActivateCode(user.Email) 130 resp = session.MakeRequest(t, NewRequest(t, "GET", "/user/activate?code="+activationCode), http.StatusOK) 131 assert.Contains(t, resp.Body.String(), `<input id="verify-password"`) 132 133 // try to use a wrong password, it should fail 134 req = NewRequestWithValues(t, "POST", "/user/activate", map[string]string{ 135 "code": activationCode, 136 "password": "password-wrong", 137 }) 138 resp = session.MakeRequest(t, req, http.StatusOK) 139 assert.Contains(t, resp.Body.String(), `Your password does not match`) 140 assert.Contains(t, resp.Body.String(), `<input id="verify-password"`) 141 user = unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "test-user-1"}) 142 assert.False(t, user.IsActive) 143 144 // then use a correct password, the user should be activated 145 req = NewRequestWithValues(t, "POST", "/user/activate", map[string]string{ 146 "code": activationCode, 147 "password": "password1", 148 }) 149 resp = session.MakeRequest(t, req, http.StatusSeeOther) 150 assert.Equal(t, "/", test.RedirectURL(resp)) 151 user = unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "test-user-1"}) 152 assert.True(t, user.IsActive) 153 }