summaryrefslogtreecommitdiff
path: root/spec/features/oauth_registration_spec.rb
blob: 0a35b5a7e42b1daee239e1aab2c25606f66c73c5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
# frozen_string_literal: true

require 'spec_helper'

RSpec.describe 'OAuth Registration', :js, :allow_forgery_protection do
  include LoginHelpers
  include TermsHelper
  using RSpec::Parameterized::TableSyntax

  let(:uid) { 'my-uid' }
  let(:email) { 'user@example.com' }

  around do |example|
    with_omniauth_full_host { example.run }
  end

  where(:provider, :additional_info) do
    :github         | {}
    :twitter        | {}
    :bitbucket      | {}
    :gitlab         | {}
    :google_oauth2  | {}
    :facebook       | {}
    :cas3           | {}
    :auth0          | {}
    :authentiq      | {}
    :salesforce     | { extra: { email_verified: true } }
    :dingtalk       | {}
    :alicloud       | {}
  end

  with_them do
    before do
      stub_omniauth_provider(provider)
      stub_feature_flags(update_oauth_registration_flow: true)
    end

    context 'when block_auto_created_users is true' do
      before do
        stub_omniauth_setting(block_auto_created_users: true)
      end

      it 'redirects back to the sign-in page' do
        register_via(provider, uid, email, additional_info: additional_info)

        expect(page).to have_current_path new_user_session_path
        expect(page).to have_content('Your account is pending approval')
      end
    end

    context 'when block_auto_created_users is false' do
      before do
        stub_omniauth_setting(block_auto_created_users: false)
      end

      it 'redirects to the initial welcome path' do
        register_via(provider, uid, email, additional_info: additional_info)

        expect(page).to have_current_path users_sign_up_welcome_path
        expect(page).to have_content('Welcome to GitLab, mockuser!')
      end

      context 'when terms are enforced' do
        before do
          enforce_terms
        end

        it 'auto accepts terms and redirects to the initial welcome path' do
          register_via(provider, uid, email, additional_info: additional_info)

          expect(page).to have_current_path users_sign_up_welcome_path
          expect(page).to have_content('Welcome to GitLab, mockuser!')
        end
      end

      context 'when provider does not send a verified email address' do
        let(:email) { 'temp-email-for-oauth@email.com' }

        it 'redirects to the profile path' do
          register_via(provider, uid, email, additional_info: additional_info)

          expect(page).to have_current_path profile_path
          expect(page).to have_content('Please complete your profile with email address')
        end
      end

      context 'when registering via an invitation email' do
        let_it_be(:owner) { create(:user) }
        let_it_be(:group) { create(:group, name: 'Owned') }
        let_it_be(:project) { create(:project, :repository, namespace: group) }

        let(:invite_email) { generate(:email) }
        let(:extra_params) { { invite_type: Emails::Members::INITIAL_INVITE } }
        let(:group_invite) do
          create(
            :group_member, :invited,
            group: group,
            invite_email: invite_email,
            created_by: owner
          )
        end

        before do
          project.add_maintainer(owner)
          group.add_owner(owner)
          group_invite.generate_invite_token!

          mock_auth_hash(provider, uid, invite_email, additional_info: additional_info)
        end

        it 'redirects to the activity page with all the projects/groups invitations accepted' do
          visit invite_path(group_invite.raw_invite_token, extra_params)
          click_link_or_button "oauth-login-#{provider}"
          fill_in_welcome_form

          expect(page).to have_content('You have been granted Owner access to group Owned.')
          expect(page).to have_current_path(activity_group_path(group), ignore_query: true)
        end
      end
    end
  end

  context 'when update_oauth_registration_flow is disabled' do
    before do
      stub_omniauth_provider(:github)
      stub_omniauth_setting(block_auto_created_users: false)
      stub_feature_flags(update_oauth_registration_flow: false)

      enforce_terms
    end

    it 'presents the terms page' do
      register_via(:github, uid, email)

      expect(page).to have_content('These are the terms')
    end
  end

  def fill_in_welcome_form
    select 'Software Developer', from: 'user_role'
    click_button 'Get started!'
  end
end