Add coverage for `UnreservedUsernameValidator` (#25590)
parent
1084703417
commit
19900f647e
|
@ -11,16 +11,31 @@ class UnreservedUsernameValidator < ActiveModel::Validator
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def pam_controlled?
|
def reserved_username?
|
||||||
return false unless Devise.pam_authentication && Devise.pam_controlled_service
|
pam_username_reserved? || settings_username_reserved?
|
||||||
|
|
||||||
Rpam2.account(Devise.pam_controlled_service, @username).present?
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def reserved_username?
|
def pam_username_reserved?
|
||||||
return true if pam_controlled?
|
pam_controlled? && pam_reserves_username?
|
||||||
return false unless Setting.reserved_usernames
|
end
|
||||||
|
|
||||||
|
def pam_controlled?
|
||||||
|
Devise.pam_authentication && Devise.pam_controlled_service
|
||||||
|
end
|
||||||
|
|
||||||
|
def pam_reserves_username?
|
||||||
|
Rpam2.account(Devise.pam_controlled_service, @username)
|
||||||
|
end
|
||||||
|
|
||||||
|
def settings_username_reserved?
|
||||||
|
settings_has_reserved_usernames? && settings_reserves_username?
|
||||||
|
end
|
||||||
|
|
||||||
|
def settings_has_reserved_usernames?
|
||||||
|
Setting.reserved_usernames.present?
|
||||||
|
end
|
||||||
|
|
||||||
|
def settings_reserves_username?
|
||||||
Setting.reserved_usernames.include?(@username.downcase)
|
Setting.reserved_usernames.include?(@username.downcase)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -2,41 +2,118 @@
|
||||||
|
|
||||||
require 'rails_helper'
|
require 'rails_helper'
|
||||||
|
|
||||||
RSpec.describe UnreservedUsernameValidator, type: :validator do
|
describe UnreservedUsernameValidator do
|
||||||
|
let(:record_class) do
|
||||||
|
Class.new do
|
||||||
|
include ActiveModel::Validations
|
||||||
|
attr_accessor :username
|
||||||
|
|
||||||
|
validates_with UnreservedUsernameValidator
|
||||||
|
end
|
||||||
|
end
|
||||||
|
let(:record) { record_class.new }
|
||||||
|
|
||||||
describe '#validate' do
|
describe '#validate' do
|
||||||
|
context 'when username is nil' do
|
||||||
|
it 'does not add errors' do
|
||||||
|
record.username = nil
|
||||||
|
|
||||||
|
expect(record).to be_valid
|
||||||
|
expect(record.errors).to be_empty
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when PAM is enabled' do
|
||||||
before do
|
before do
|
||||||
allow(validator).to receive(:reserved_username?) { reserved_username }
|
allow(Devise).to receive(:pam_authentication).and_return(true)
|
||||||
validator.validate(account)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
let(:validator) { described_class.new }
|
context 'with a pam service available' do
|
||||||
let(:account) { instance_double(Account, username: username, errors: errors) }
|
let(:service) { double }
|
||||||
let(:errors) { instance_double(ActiveModel::Errors, add: nil) }
|
let(:pam_class) do
|
||||||
|
Class.new do
|
||||||
context 'when @username is blank?' do
|
def self.account(service, username); end
|
||||||
let(:username) { nil }
|
|
||||||
|
|
||||||
it 'not calls errors.add' do
|
|
||||||
expect(errors).to_not have_received(:add).with(:username, any_args)
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'when @username is not blank?' do
|
before do
|
||||||
let(:username) { 'f' }
|
stub_const('Rpam2', pam_class)
|
||||||
|
allow(Devise).to receive(:pam_controlled_service).and_return(service)
|
||||||
|
end
|
||||||
|
|
||||||
context 'with reserved_username?' do
|
context 'when the account exists' do
|
||||||
let(:reserved_username) { true }
|
before do
|
||||||
|
allow(Rpam2).to receive(:account).with(service, 'username').and_return(true)
|
||||||
|
end
|
||||||
|
|
||||||
it 'calls errors.add' do
|
it 'adds errors to the record' do
|
||||||
expect(errors).to have_received(:add).with(:username, :reserved)
|
record.username = 'username'
|
||||||
|
|
||||||
|
expect(record).to_not be_valid
|
||||||
|
expect(record.errors.first.attribute).to eq(:username)
|
||||||
|
expect(record.errors.first.type).to eq(:reserved)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'when username is not reserved' do
|
context 'when the account does not exist' do
|
||||||
let(:reserved_username) { false }
|
before do
|
||||||
|
allow(Rpam2).to receive(:account).with(service, 'username').and_return(false)
|
||||||
|
end
|
||||||
|
|
||||||
it 'not calls errors.add' do
|
it 'does not add errors to the record' do
|
||||||
expect(errors).to_not have_received(:add).with(:username, any_args)
|
record.username = 'username'
|
||||||
|
|
||||||
|
expect(record).to be_valid
|
||||||
|
expect(record.errors).to be_empty
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'without a pam service' do
|
||||||
|
before do
|
||||||
|
allow(Devise).to receive(:pam_controlled_service).and_return(false)
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when there are not any reserved usernames' do
|
||||||
|
before do
|
||||||
|
stub_reserved_usernames(nil)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'does not add errors to the record' do
|
||||||
|
record.username = 'username'
|
||||||
|
|
||||||
|
expect(record).to be_valid
|
||||||
|
expect(record.errors).to be_empty
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when there are reserved usernames' do
|
||||||
|
before do
|
||||||
|
stub_reserved_usernames(%w(alice bob))
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the username is reserved' do
|
||||||
|
it 'adds errors to the record' do
|
||||||
|
record.username = 'alice'
|
||||||
|
|
||||||
|
expect(record).to_not be_valid
|
||||||
|
expect(record.errors.first.attribute).to eq(:username)
|
||||||
|
expect(record.errors.first.type).to eq(:reserved)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the username is not reserved' do
|
||||||
|
it 'does not add errors to the record' do
|
||||||
|
record.username = 'chris'
|
||||||
|
|
||||||
|
expect(record).to be_valid
|
||||||
|
expect(record.errors).to be_empty
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def stub_reserved_usernames(value)
|
||||||
|
allow(Setting).to receive(:[]).with('reserved_usernames').and_return(value)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue