spec/features/projects/show/no_password_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71

# frozen_string_literal: true

require 'spec_helper'

describe 'No Password Alert' do
  let(:project) { create(:project, :repository, namespace: user.namespace) }

  context 'with internal auth enabled' do
    before do
      sign_in(user)
      visit project_path(project)
    end

    context 'when user has a password' do
      let(:user) { create(:user) }

      it 'shows no alert' do
        expect(page).not_to have_content "You won't be able to pull or push project code via HTTP until you set a password on your account"
      end
    end

    context 'when user has password automatically set' do
      let(:user) { create(:user, password_automatically_set: true) }

      it 'shows a password alert' do
        expect(page).to have_content "You won't be able to pull or push project code via HTTP until you set a password on your account"
      end
    end
  end

  context 'with internal auth disabled' do
    let(:user) { create(:omniauth_user, extern_uid: 'my-uid', provider: 'saml') }

    before do
      stub_application_setting(password_authentication_enabled_for_git?: false)
      stub_omniauth_saml_config(enabled: true, auto_link_saml_user: true, allow_single_sign_on: ['saml'], providers: [mock_saml_config])
    end

    context 'when user has no personal access tokens' do
      it 'has a personal access token alert' do
        gitlab_sign_in_via('saml', user, 'my-uid')
        visit project_path(project)

        expect(page).to have_content "You won't be able to pull or push project code via HTTP until you create a personal access token on your account"
      end
    end

    context 'when user has a personal access token' do
      it 'shows no alert' do
        create(:personal_access_token, user: user)
        gitlab_sign_in_via('saml', user, 'my-uid')
        visit project_path(project)

        expect(page).not_to have_content "You won't be able to pull or push project code via HTTP until you create a personal access token on your account"
      end
    end
  end

  context 'when user is ldap user' do
    let(:user) { create(:omniauth_user, password_automatically_set: true) }

    before do
      sign_in(user)
      visit project_path(project)
    end

    it 'shows no alert' do
      expect(page).not_to have_content "You won't be able to pull or push project code via HTTP until you"
    end
  end
end