summaryrefslogtreecommitdiff
path: root/spec/models/user_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/models/user_spec.rb')
-rw-r--r--spec/models/user_spec.rb124
1 files changed, 22 insertions, 102 deletions
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index caace9a7d1d..995211845ce 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -2284,127 +2284,47 @@ describe User do
end
describe '#confirm_deletion_with_password?' do
- let(:user) { create(:user) }
-
- subject { user.confirm_deletion_with_password? }
+ where(
+ password_automatically_set: [true, false],
+ ldap_user: [true, false],
+ password_authentication_disabled: [true, false]
+ )
- context 'with password authentication enabled' do
- before do
- allow(user).to receive(:allow_password_authentication?).once.and_return(true)
- end
-
- context 'with password automatically set' do
- before do
- allow(user).to receive(:password_automatically_set?).once.and_return(true)
- end
+ with_them do
+ let!(:user) { create(:user, password_automatically_set: password_automatically_set) }
+ let!(:identity) { create(:identity, user: user) if ldap_user }
- it { is_expected.to be false }
- end
-
- context 'with password automatically set' do
- before do
- allow(user).to receive(:password_automatically_set?).once.and_return(false)
- end
-
- it { is_expected.to be true }
- end
- end
+ # Only confirm deletion with password if all inputs are false
+ let(:expected) { !(password_automatically_set || ldap_user || password_authentication_disabled) }
- context 'with password authentication disabled' do
before do
- allow(user).to receive(:allow_password_authentication?).once.and_return(false)
+ stub_application_setting(password_authentication_enabled: !password_authentication_disabled)
end
- context 'with password automatically set' do
- before do
- allow(user).to receive(:password_automatically_set?).once.and_return(true)
- end
-
- it { is_expected.to be false }
- end
-
- context 'with password automatically set' do
- before do
- allow(user).to receive(:password_automatically_set?).once.and_return(false)
- end
-
- it { is_expected.to be false }
+ it 'returns false unless all inputs are true' do
+ expect(user.confirm_deletion_with_password?).to eq(expected)
end
end
end
describe '#delete_async' do
let(:user) { create(:user) }
- let(:deleted_by) { user }
- let(:params) { {} }
- let(:confirmation_params) { { password: 'top secret' } }
+ let(:deleted_by) { create(:user) }
- subject { user.delete_async(deleted_by: deleted_by, params: params, confirmation_params: confirmation_params) }
+ it 'blocks the user then schedules them for deletion if a hard delete is specified' do
+ expect(DeleteUserWorker).to receive(:perform_async).with(deleted_by.id, user.id, hard_delete: true)
- context 'when triggered by same user' do
- context 'with password confirmation' do
- before do
- expect(user).to receive(:confirm_deletion_with_password?).once.and_return(true)
- end
+ user.delete_async(deleted_by: deleted_by, params: { hard_delete: true })
- context 'with invalid password' do
- before do
- expect(user).to receive(:valid_password?).once.and_return(false)
- end
-
- it 'raises DeletionNotConfirmedError' do
- expect { subject }.to raise_error(User::DeletionNotConfirmedError)
- end
- end
-
- context 'with valid password' do
- before do
- expect(user).to receive(:valid_password?).once.with(confirmation_params[:password]).and_return(true)
- end
-
- it 'schedules user for deletion' do
- expect(DeleteUserWorker).to receive(:perform_async).with(user.id, user.id, params)
-
- subject
- end
- end
- end
-
- context 'without password confirmation' do
- before do
- expect(user).to receive(:confirm_deletion_with_password?).once.and_return(false)
- expect(user).not_to receive(:valid_password?)
- end
-
- context 'with invalid username confirmation' do
- let(:confirmation_params) { { username: "Ceci n'est pas une username" } }
-
- it 'raises DeletionNotConfirmedError' do
- expect { subject }.to raise_error(User::DeletionNotConfirmedError)
- end
- end
-
- context 'with valid username confirmation' do
- let(:confirmation_params) { { username: user.username } }
-
- it 'schedules user for deletion' do
- expect(DeleteUserWorker).to receive(:perform_async).with(user.id, user.id, params)
-
- subject
- end
- end
- end
+ expect(user).to be_blocked
end
- context 'when triggered by other user' do
- let(:deleted_by) { create(:user) }
+ it 'schedules user for deletion without blocking them' do
+ expect(DeleteUserWorker).to receive(:perform_async).with(deleted_by.id, user.id, {})
- it 'schedules user for deletion' do
- expect(user).not_to receive(:confirm_deletion_with_password?)
- expect(DeleteUserWorker).to receive(:perform_async).with(deleted_by.id, user.id, params)
+ user.delete_async(deleted_by: deleted_by)
- subject
- end
+ expect(user).not_to be_blocked
end
end
end