summaryrefslogtreecommitdiff
path: root/spec/features/profiles/password_spec.rb
blob: 2c757f99a2741218e47590dbe1e30fc0feb77ebb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
require 'spec_helper'

describe 'Profile > Password' do
  context 'Password authentication enabled' do
    let(:user) { create(:user, password_automatically_set: true) }

    before do
      sign_in(user)
      visit edit_profile_password_path
    end

    def fill_passwords(password, confirmation)
      fill_in 'New password',          with: password
      fill_in 'Password confirmation', with: confirmation

      click_button 'Save password'
    end

    context 'User with password automatically set' do
      describe 'User puts different passwords in the field and in the confirmation' do
        it 'shows an error message' do
          fill_passwords('mypassword', 'mypassword2')

          page.within('.alert-danger') do
            expect(page).to have_content("Password confirmation doesn't match Password")
          end
        end

        it 'does not contain the current password field after an error' do
          fill_passwords('mypassword', 'mypassword2')

          expect(page).to have_no_field('user[current_password]')
        end
      end

      describe 'User puts the same passwords in the field and in the confirmation' do
        it 'shows a success message' do
          fill_passwords('mypassword', 'mypassword')

          page.within('.flash-notice') do
            expect(page).to have_content('Password was successfully updated. Please login with it')
          end
        end
      end
    end
  end

  context 'Password authentication unavailable' do
    before do
      gitlab_sign_in(user)
    end

    context 'Regular user' do
      let(:user) { create(:user) }

      it 'renders 404 when sign-in is disabled' do
        stub_application_setting(password_authentication_enabled: false)

        visit edit_profile_password_path

        expect(page).to have_http_status(404)
      end
    end

    context 'LDAP user' do
      let(:user) { create(:omniauth_user, provider: 'ldapmain') }

      it 'renders 404' do
        visit edit_profile_password_path

        expect(page).to have_http_status(404)
      end
    end
  end
end