forgejo/tests/integration/signup_test.go
Gusted 0404662e99
[CHORE] Move captcha library
- This is a fork of https://github.com/dchest/captcha, as
https://gitea.com/go-chi/captcha is a fork of
github.com/go-macaron/captcha which is a fork (although not properly
credited) of a older version of https://github.com/dchest/captcha. Hence
why I've just forked the original.
- The fork includes some QoL improvements (uses standard library for
determistic RNG instead of rolling your own crypto), and removal of
audio support (500KiB unused data that bloated the binary otherwise).
Flips the image over the x-asis.
47270f2b55..main
- This move is needed for the next commit, because
gitea.com/go-chi/captcha included the gitea.com/go-chi/cache dependency.
2024-08-27 21:28:16 +02:00

210 lines
6.8 KiB
Go

// Copyright 2017 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package integration
import (
"fmt"
"net/http"
"strings"
"testing"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/cache"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/modules/translation"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
)
func TestSignup(t *testing.T) {
defer tests.PrepareTestEnv(t)()
setting.Service.EnableCaptcha = false
req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
"user_name": "exampleUser",
"email": "exampleUser@example.com",
"password": "examplePassword!1",
"retype": "examplePassword!1",
})
MakeRequest(t, req, http.StatusSeeOther)
// should be able to view new user's page
req = NewRequest(t, "GET", "/exampleUser")
MakeRequest(t, req, http.StatusOK)
}
func TestSignupAsRestricted(t *testing.T) {
defer tests.PrepareTestEnv(t)()
setting.Service.EnableCaptcha = false
setting.Service.DefaultUserIsRestricted = true
req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
"user_name": "restrictedUser",
"email": "restrictedUser@example.com",
"password": "examplePassword!1",
"retype": "examplePassword!1",
})
MakeRequest(t, req, http.StatusSeeOther)
// should be able to view new user's page
req = NewRequest(t, "GET", "/restrictedUser")
MakeRequest(t, req, http.StatusOK)
user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "restrictedUser"})
assert.True(t, user2.IsRestricted)
}
func TestSignupEmail(t *testing.T) {
defer tests.PrepareTestEnv(t)()
setting.Service.EnableCaptcha = false
tests := []struct {
email string
wantStatus int
wantMsg string
}{
{"exampleUser@example.com\r\n", http.StatusOK, translation.NewLocale("en-US").TrString("form.email_invalid")},
{"exampleUser@example.com\r", http.StatusOK, translation.NewLocale("en-US").TrString("form.email_invalid")},
{"exampleUser@example.com\n", http.StatusOK, translation.NewLocale("en-US").TrString("form.email_invalid")},
{"exampleUser@example.com", http.StatusSeeOther, ""},
}
for i, test := range tests {
req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
"user_name": fmt.Sprintf("exampleUser%d", i),
"email": test.email,
"password": "examplePassword!1",
"retype": "examplePassword!1",
})
resp := MakeRequest(t, req, test.wantStatus)
if test.wantMsg != "" {
htmlDoc := NewHTMLParser(t, resp.Body)
assert.Equal(t,
test.wantMsg,
strings.TrimSpace(htmlDoc.doc.Find(".ui.message").Text()),
)
}
}
}
func TestSignupEmailChangeForInactiveUser(t *testing.T) {
defer tests.PrepareTestEnv(t)()
// Disable the captcha & enable email confirmation for registrations
defer test.MockVariableValue(&setting.Service.EnableCaptcha, false)()
defer test.MockVariableValue(&setting.Service.RegisterEmailConfirm, true)()
// Create user
req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
"user_name": "exampleUserX",
"email": "wrong-email@example.com",
"password": "examplePassword!1",
"retype": "examplePassword!1",
})
MakeRequest(t, req, http.StatusOK)
session := loginUserWithPassword(t, "exampleUserX", "examplePassword!1")
// Verify that the initial e-mail is the wrong one.
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "exampleUserX"})
assert.Equal(t, "wrong-email@example.com", user.Email)
// Change the email address
req = NewRequestWithValues(t, "POST", "/user/activate", map[string]string{
"email": "fine-email@example.com",
})
session.MakeRequest(t, req, http.StatusSeeOther)
// Verify that the email was updated
user = unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "exampleUserX"})
assert.Equal(t, "fine-email@example.com", user.Email)
// Try to change the email again
req = NewRequestWithValues(t, "POST", "/user/activate", map[string]string{
"email": "wrong-again@example.com",
})
session.MakeRequest(t, req, http.StatusSeeOther)
// Verify that the email was NOT updated
user = unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "exampleUserX"})
assert.Equal(t, "fine-email@example.com", user.Email)
}
func TestSignupEmailChangeForActiveUser(t *testing.T) {
defer tests.PrepareTestEnv(t)()
// Disable the captcha & enable email confirmation for registrations
defer test.MockVariableValue(&setting.Service.EnableCaptcha, false)()
defer test.MockVariableValue(&setting.Service.RegisterEmailConfirm, false)()
// Create user
req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
"user_name": "exampleUserY",
"email": "wrong-email-2@example.com",
"password": "examplePassword!1",
"retype": "examplePassword!1",
})
MakeRequest(t, req, http.StatusSeeOther)
session := loginUserWithPassword(t, "exampleUserY", "examplePassword!1")
// Verify that the initial e-mail is the wrong one.
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "exampleUserY"})
assert.Equal(t, "wrong-email-2@example.com", user.Email)
// Changing the email for a validated address is not available
req = NewRequestWithValues(t, "POST", "/user/activate", map[string]string{
"email": "fine-email-2@example.com",
})
session.MakeRequest(t, req, http.StatusNotFound)
// Verify that the email remained unchanged
user = unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "exampleUserY"})
assert.Equal(t, "wrong-email-2@example.com", user.Email)
}
func TestSignupImageCaptcha(t *testing.T) {
defer tests.PrepareTestEnv(t)()
defer test.MockVariableValue(&setting.Service.RegisterEmailConfirm, false)()
defer test.MockVariableValue(&setting.Service.EnableCaptcha, true)()
defer test.MockVariableValue(&setting.Service.CaptchaType, "image")()
c := cache.GetCache()
req := NewRequest(t, "GET", "/user/sign_up")
resp := MakeRequest(t, req, http.StatusOK)
htmlDoc := NewHTMLParser(t, resp.Body)
idCaptcha, ok := htmlDoc.Find("input[name='img-captcha-id']").Attr("value")
assert.True(t, ok)
digits, ok := c.Get("captcha:" + idCaptcha).(string)
assert.True(t, ok)
assert.Len(t, digits, 6)
digitStr := ""
// Convert digits to ASCII digits.
for _, digit := range digits {
digitStr += string(digit + '0')
}
req = NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
"user_name": "captcha-test",
"email": "captcha-test@example.com",
"password": "examplePassword!1",
"retype": "examplePassword!1",
"img-captcha-id": idCaptcha,
"img-captcha-response": digitStr,
})
MakeRequest(t, req, http.StatusSeeOther)
loginUserWithPassword(t, "captcha-test", "examplePassword!1")
unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "captcha-test", IsActive: true})
}