forgejo/tests/integration/setting_test.go
n0toose 5e1bd8af5f
Show visibility status of email in own profile (#23900)
I've heard many reports of users getting scared when they see their own
email address for their own profile, as they believe that the email
field is also visible to other users. Currently, using Incognito mode
or going over the Settings is the only "reasonable" way to verify this
from the perspective of the user.

A locked padlock should be enough to indicate that the email is not
visible to anyone apart from the user and the admins. An unlocked
padlock is used if the email address is only shown to authenticated
users.

Some additional string-related changes in the Settings were introduced
as well to ensure consistency, and the comments in the relevant tests
were improved so as to allow for easier modifications in the future.

---

#### Screenshot (EDIT: Scroll down for more up-to-date screenshots)

***Please remove this section before merging.***


![image](https://user-images.githubusercontent.com/30193966/229572425-909894aa-a7d5-4bf3-92d3-23b1921dcc90.png)

This lock should only appear if the email address is explicitly hidden
using the `Hide Email Address` setting. The change was originally tested
on top of and designed for the Forgejo fork, but I don't expect any
problems to arise from this and I don't think that a
documentation-related change is strictly necessary.

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-04-08 06:05:21 -04:00

119 lines
3.6 KiB
Go

// Copyright 2017 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package integration
import (
"net/http"
"testing"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
)
func TestSettingShowUserEmailExplore(t *testing.T) {
defer tests.PrepareTestEnv(t)()
showUserEmail := setting.UI.ShowUserEmail
setting.UI.ShowUserEmail = true
session := loginUser(t, "user2")
req := NewRequest(t, "GET", "/explore/users")
resp := session.MakeRequest(t, req, http.StatusOK)
htmlDoc := NewHTMLParser(t, resp.Body)
assert.Contains(t,
htmlDoc.doc.Find(".ui.user.list").Text(),
"user34@example.com",
)
setting.UI.ShowUserEmail = false
req = NewRequest(t, "GET", "/explore/users")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.NotContains(t,
htmlDoc.doc.Find(".ui.user.list").Text(),
"user34@example.com",
)
setting.UI.ShowUserEmail = showUserEmail
}
func TestSettingShowUserEmailProfile(t *testing.T) {
defer tests.PrepareTestEnv(t)()
showUserEmail := setting.UI.ShowUserEmail
// user1: keep_email_private = false, user2: keep_email_private = true
setting.UI.ShowUserEmail = true
// user1 can see own visible email
session := loginUser(t, "user1")
req := NewRequest(t, "GET", "/user1")
resp := session.MakeRequest(t, req, http.StatusOK)
htmlDoc := NewHTMLParser(t, resp.Body)
assert.Contains(t, htmlDoc.doc.Find(".user.profile").Text(), "user1@example.com")
// user1 can not see user2's hidden email
req = NewRequest(t, "GET", "/user2")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
// Should only contain if the user visits their own profile page
assert.NotContains(t, htmlDoc.doc.Find(".user.profile").Text(), "user2@example.com")
// user2 can see user1's visible email
session = loginUser(t, "user2")
req = NewRequest(t, "GET", "/user1")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.Contains(t, htmlDoc.doc.Find(".user.profile").Text(), "user1@example.com")
// user2 can see own hidden email
session = loginUser(t, "user2")
req = NewRequest(t, "GET", "/user2")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.Contains(t, htmlDoc.doc.Find(".user.profile").Text(), "user2@example.com")
setting.UI.ShowUserEmail = false
// user1 can see own (now hidden) email
session = loginUser(t, "user1")
req = NewRequest(t, "GET", "/user1")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.Contains(t, htmlDoc.doc.Find(".user.profile").Text(), "user1@example.com")
setting.UI.ShowUserEmail = showUserEmail
}
func TestSettingLandingPage(t *testing.T) {
defer tests.PrepareTestEnv(t)()
landingPage := setting.LandingPageURL
setting.LandingPageURL = setting.LandingPageHome
req := NewRequest(t, "GET", "/")
MakeRequest(t, req, http.StatusOK)
setting.LandingPageURL = setting.LandingPageExplore
req = NewRequest(t, "GET", "/")
resp := MakeRequest(t, req, http.StatusSeeOther)
assert.Equal(t, "/explore", resp.Header().Get("Location"))
setting.LandingPageURL = setting.LandingPageOrganizations
req = NewRequest(t, "GET", "/")
resp = MakeRequest(t, req, http.StatusSeeOther)
assert.Equal(t, "/explore/organizations", resp.Header().Get("Location"))
setting.LandingPageURL = setting.LandingPageLogin
req = NewRequest(t, "GET", "/")
resp = MakeRequest(t, req, http.StatusSeeOther)
assert.Equal(t, "/user/login", resp.Header().Get("Location"))
setting.LandingPageURL = landingPage
}