2019-10-21 05:06:22 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-02-12 07:52:29 -05:00
|
|
|
require 'spec_helper'
|
|
|
|
require 'email_spec'
|
|
|
|
|
2020-06-24 14:09:03 -04:00
|
|
|
RSpec.describe Emails::Profile do
|
2016-02-12 07:52:29 -05:00
|
|
|
include EmailSpec::Matchers
|
|
|
|
include_context 'gitlab email notification'
|
|
|
|
|
2017-03-21 16:07:52 -04:00
|
|
|
shared_examples 'a new user email' do
|
|
|
|
it 'is sent to the new user with the correct subject and body' do
|
|
|
|
aggregate_failures do
|
|
|
|
is_expected.to deliver_to new_user_address
|
|
|
|
is_expected.to have_subject(/^Account was created for you$/i)
|
|
|
|
is_expected.to have_body_text(new_user_address)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
describe 'for new users, the email' do
|
|
|
|
let(:example_site_path) { root_path }
|
|
|
|
let(:new_user) { create(:user, email: new_user_address, created_by_id: 1) }
|
|
|
|
let(:token) { 'kETLwRaayvigPq_x3SNM' }
|
2016-03-10 11:15:14 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
subject { Notify.new_user_email(new_user.id, token) }
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'a new user email'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it 'contains the password text' do
|
|
|
|
is_expected.to have_body_text /Click here to set your password/
|
|
|
|
end
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it 'includes a link for user to set password' do
|
|
|
|
params = "reset_password_token=#{token}"
|
|
|
|
is_expected.to have_body_text(
|
|
|
|
%r{http://#{Gitlab.config.gitlab.host}(:\d+)?/users/password/edit\?#{params}}
|
|
|
|
)
|
|
|
|
end
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it 'explains the reset link expiration' do
|
|
|
|
is_expected.to have_body_text(/This link is valid for \d+ (hours?|days?)/)
|
|
|
|
is_expected.to have_body_text(new_user_password_url)
|
|
|
|
is_expected.to have_body_text(/\?user_email=.*%40.*/)
|
2016-02-12 07:52:29 -05:00
|
|
|
end
|
2017-04-25 08:28:55 -04:00
|
|
|
end
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
describe 'for users that signed up, the email' do
|
|
|
|
let(:example_site_path) { root_path }
|
|
|
|
let(:new_user) { create(:user, email: new_user_address, password: "securePassword") }
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
subject { Notify.new_user_email(new_user.id) }
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'a new user email'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it 'does not contain the new user\'s password' do
|
|
|
|
is_expected.not_to have_body_text /password/
|
2016-02-12 07:52:29 -05:00
|
|
|
end
|
2017-04-25 08:28:55 -04:00
|
|
|
end
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
describe 'user added ssh key' do
|
|
|
|
let(:key) { create(:personal_key) }
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
subject { Notify.new_ssh_key_email(key.id) }
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it 'is sent to the new user' do
|
|
|
|
is_expected.to deliver_to key.user.email
|
|
|
|
end
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it 'has the correct subject' do
|
|
|
|
is_expected.to have_subject /^SSH key was added to your account$/i
|
|
|
|
end
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it 'contains the new ssh key title' do
|
|
|
|
is_expected.to have_body_text /#{key.title}/
|
|
|
|
end
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
it 'includes a link to ssh keys page' do
|
|
|
|
is_expected.to have_body_text /#{profile_keys_path}/
|
|
|
|
end
|
2016-03-10 11:15:14 -05:00
|
|
|
|
2017-04-25 08:28:55 -04:00
|
|
|
context 'with SSH key that does not exist' do
|
|
|
|
it { expect { Notify.new_ssh_key_email('foo') }.not_to raise_error }
|
2016-02-12 07:52:29 -05:00
|
|
|
end
|
2017-04-25 08:28:55 -04:00
|
|
|
end
|
2016-02-12 07:52:29 -05:00
|
|
|
|
2017-02-28 04:49:59 -05:00
|
|
|
describe 'user added gpg key' do
|
|
|
|
let(:gpg_key) { create(:gpg_key) }
|
|
|
|
|
|
|
|
subject { Notify.new_gpg_key_email(gpg_key.id) }
|
|
|
|
|
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'is sent to the new user' do
|
|
|
|
is_expected.to deliver_to gpg_key.user.email
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct subject' do
|
|
|
|
is_expected.to have_subject /^GPG key was added to your account$/i
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'contains the new gpg key title' do
|
|
|
|
is_expected.to have_body_text /#{gpg_key.fingerprint}/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes a link to gpg keys page' do
|
|
|
|
is_expected.to have_body_text /#{profile_gpg_keys_path}/
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with GPG key that does not exist' do
|
|
|
|
it { expect { Notify.new_gpg_key_email('foo') }.not_to raise_error }
|
|
|
|
end
|
|
|
|
end
|
2019-12-10 02:53:40 -05:00
|
|
|
|
|
|
|
describe 'user personal access token is about to expire' do
|
|
|
|
let_it_be(:user) { create(:user) }
|
|
|
|
|
|
|
|
subject { Notify.access_token_about_to_expire_email(user) }
|
|
|
|
|
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'is sent to the user' do
|
|
|
|
is_expected.to deliver_to user.email
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct subject' do
|
|
|
|
is_expected.to have_subject /^Your Personal Access Tokens will expire in 7 days or less$/i
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'mentions the access tokens will expire' do
|
|
|
|
is_expected.to have_body_text /One or more of your personal access tokens will expire in 7 days or less/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes a link to personal access tokens page' do
|
|
|
|
is_expected.to have_body_text /#{profile_personal_access_tokens_path}/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes the email reason' do
|
|
|
|
is_expected.to have_body_text /You're receiving this email because of your account on localhost/
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with User does not exist' do
|
|
|
|
it { expect { Notify.access_token_about_to_expire_email('foo') }.not_to raise_error }
|
|
|
|
end
|
|
|
|
end
|
2020-05-12 23:08:26 -04:00
|
|
|
|
2020-08-05 20:09:53 -04:00
|
|
|
describe 'user personal access token has expired' do
|
|
|
|
let_it_be(:user) { create(:user) }
|
|
|
|
|
|
|
|
context 'when valid' do
|
|
|
|
subject { Notify.access_token_expired_email(user) }
|
|
|
|
|
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'is sent to the user' do
|
|
|
|
is_expected.to deliver_to user.email
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct subject' do
|
|
|
|
is_expected.to have_subject /Your personal access token has expired/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'mentions the access token has expired' do
|
|
|
|
is_expected.to have_body_text /One or more of your personal access tokens has expired/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes a link to personal access tokens page' do
|
|
|
|
is_expected.to have_body_text /#{profile_personal_access_tokens_path}/
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes the email reason' do
|
|
|
|
is_expected.to have_body_text /You're receiving this email because of your account on localhost/
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when invalid' do
|
|
|
|
context 'when user does not exist' do
|
|
|
|
it do
|
|
|
|
expect { Notify.access_token_expired_email(nil) }.not_to change { ActionMailer::Base.deliveries.count }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not active' do
|
|
|
|
before do
|
|
|
|
user.block!
|
|
|
|
end
|
|
|
|
|
|
|
|
it do
|
|
|
|
expect { Notify.access_token_expired_email(user) }.not_to change { ActionMailer::Base.deliveries.count }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-05-12 23:08:26 -04:00
|
|
|
describe 'user unknown sign in email' do
|
|
|
|
let_it_be(:user) { create(:user) }
|
|
|
|
let_it_be(:ip) { '169.0.0.1' }
|
2020-06-01 14:08:07 -04:00
|
|
|
let_it_be(:current_time) { Time.current }
|
|
|
|
let_it_be(:email) { Notify.unknown_sign_in_email(user, ip, current_time) }
|
2020-05-12 23:08:26 -04:00
|
|
|
|
2020-06-01 14:08:07 -04:00
|
|
|
subject { email }
|
2020-05-12 23:08:26 -04:00
|
|
|
|
|
|
|
it_behaves_like 'an email sent from GitLab'
|
|
|
|
it_behaves_like 'it should not have Gmail Actions links'
|
|
|
|
it_behaves_like 'a user cannot unsubscribe through footer link'
|
|
|
|
|
|
|
|
it 'is sent to the user' do
|
2020-06-01 14:08:07 -04:00
|
|
|
is_expected.to deliver_to user.email
|
2020-05-12 23:08:26 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct subject' do
|
2020-06-01 14:08:07 -04:00
|
|
|
is_expected.to have_subject "#{Gitlab.config.gitlab.host} sign-in from new location"
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'mentions the new sign-in IP' do
|
|
|
|
is_expected.to have_body_text ip
|
2020-05-12 23:08:26 -04:00
|
|
|
end
|
|
|
|
|
2020-06-01 14:08:07 -04:00
|
|
|
it 'mentioned the time' do
|
|
|
|
is_expected.to have_body_text current_time.strftime('%Y-%m-%d %l:%M:%S %p %Z')
|
2020-05-12 23:08:26 -04:00
|
|
|
end
|
|
|
|
|
2020-06-01 14:08:07 -04:00
|
|
|
it 'includes a link to the change password documentation' do
|
|
|
|
is_expected.to have_body_text 'https://docs.gitlab.com/ee/user/profile/#changing-your-password'
|
2020-05-12 23:08:26 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'mentions two factor authentication when two factor is not enabled' do
|
2020-06-01 14:08:07 -04:00
|
|
|
is_expected.to have_body_text 'two-factor authentication'
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'includes a link to two-factor authentication documentation' do
|
|
|
|
is_expected.to have_body_text 'https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html'
|
2020-05-12 23:08:26 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when two factor authentication is enabled' do
|
2020-06-01 14:08:07 -04:00
|
|
|
let(:user) { create(:user, :two_factor) }
|
2020-05-12 23:08:26 -04:00
|
|
|
|
2020-06-01 14:08:07 -04:00
|
|
|
it 'does not mention two factor authentication' do
|
|
|
|
expect( Notify.unknown_sign_in_email(user, ip, current_time) )
|
2020-05-12 23:08:26 -04:00
|
|
|
.not_to have_body_text /two-factor authentication/
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-02-12 07:52:29 -05:00
|
|
|
end
|