spec/features/users/password_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe 'User password', feature_category: :system_access do
  include EmailHelpers

  describe 'send password reset' do
    context 'when recaptcha is enabled' do
      before do
        stub_application_setting(recaptcha_enabled: true)
        allow(Gitlab::Recaptcha).to receive(:load_configurations!)
        visit new_user_password_path
      end

      it 'renders recaptcha' do
        expect(page).to have_css('.g-recaptcha')
      end
    end

    context 'when recaptcha is not enabled' do
      before do
        stub_application_setting(recaptcha_enabled: false)
        visit new_user_password_path
      end

      it 'does not render recaptcha' do
        expect(page).not_to have_css('.g-recaptcha')
      end
    end

    context 'when user has multiple emails' do
      let_it_be(:user) { create(:user, email: 'primary@example.com') }
      let_it_be(:verified_email) { create(:email, :confirmed, user: user, email: 'second@example.com') }
      let_it_be(:unverified_email) { create(:email, user: user, email: 'unverified@example.com') }

      let(:ff_enabled) { true }

      before do
        stub_feature_flags(password_reset_any_verified_email: ff_enabled)

        perform_enqueued_jobs do
          visit new_user_password_path
          fill_in 'user_email', with: email
          click_button 'Reset password'
        end
      end

      context 'when user enters the primary email' do
        let(:email) { user.email }

        it 'send the email to the correct email address' do
          expect(ActionMailer::Base.deliveries.first.to).to include(email)
        end
      end

      context 'when user enters a secondary verified email' do
        let(:email) { verified_email.email }

        context 'when password_reset_any_verified_email FF is enabled' do
          it 'send the email to the correct email address' do
            expect(ActionMailer::Base.deliveries.first.to).to include(email)
          end
        end

        context 'when password_reset_any_verified_email FF is not enabled' do
          let(:ff_enabled) { false }

          it 'does not send an email' do
            expect(ActionMailer::Base.deliveries.count).to eq(0)
          end
        end
      end

      context 'when user enters an unverified email' do
        let(:email) { unverified_email.email }

        it 'does not send an email' do
          expect(ActionMailer::Base.deliveries.count).to eq(0)
        end
      end
    end
  end
end