// SPDX-License-Identifier: AGPL-3.0
describe('Login tests', function() {
+ let activeUser;
+ let inactiveUser;
+ let adminUser;
+ let randomUser = {};
+
before(function() {
- this.email = `account_${Math.random()}@example.com`
- this.password = Math.random()
- this.firstName = 'Test'
- this.lastName = 'User'
+ // Only set up common users once. These aren't set up as aliases because
+ // aliases are cleaned up after every test. Also it doesn't make sense
+ // to set the same users on beforeEach() over and over again, so we
+ // separate a little from Cypress' 'Best Practices' here.
+ cy.getUser('admin', 'Admin', 'User', true, true)
+ .as('adminUser').then(function() {
+ adminUser = this.adminUser;
+ }
+ );
+ cy.getUser('active', 'Active', 'User', false, true)
+ .as('activeUser').then(function() {
+ activeUser = this.activeUser;
+ }
+ );
+ cy.getUser('inactive', 'Inactive', 'User', false, false)
+ .as('inactiveUser').then(function() {
+ inactiveUser = this.inactiveUser;
+ }
+ );
+ randomUser.username = `randomuser${Math.floor(Math.random() * 999999)}`;
+ randomUser.password = {
+ crypt: 'zpAReoZzPnwmQ',
+ clear: 'topsecret',
+ };
+ cy.exec(`useradd ${randomUser.username} -p ${randomUser.password.crypt}`);
+ })
+
+ after(function() {
+ cy.exec(`userdel ${randomUser.username}`);
})
beforeEach(function() {
+ cy.clearCookies()
+ cy.clearLocalStorage()
+ })
+
+ it('shows login page on first visit', function() {
cy.visit('/')
- cy.contains('Please log in')
- cy.get('button').contains('Log in').click()
- cy.url().should('contain', "/users/sign_in")
- })
-
- it('register a new user', function() {
- cy.get('a[role=button]').contains('Sign up for a new account').click()
- cy.url().should('contain', '/users/sign_up')
- cy.get('input[name="user[first_name]"]').type(this.firstName)
- cy.get('input[name="user[last_name]"]').type(this.lastName)
- cy.get('input[name="user[email]"]').type(this.email)
- cy.get('input[name="user[password]"]').type(this.password)
- cy.get('input[name="user[password_confirmation]"]').type(this.password)
- cy.get('input[type=submit]').contains('Sign up').click()
- cy.url().should('contain', '/projects/')
- cy.get('button[title="Account Management"]').click()
- cy.get('ul[role=menu] > li[role=menuitem]').contains(`${this.firstName} ${this.lastName}`)
- })
-
- it('logs in successfully', function() {
- cy.get('input[type=email]').type(this.email)
- cy.get('input[type=password]').type(this.password)
- cy.get('input[type=submit]').contains('Sign in').click()
- cy.url().should('contain', '/projects/')
- cy.get('button[title="Account Management"]').click()
- cy.get('ul[role=menu] > li[role=menuitem]').contains(`${this.firstName} ${this.lastName}`)
- })
-
- it('fails to log in with incorrect password', function() {
- cy.get('input[type=email]').type(this.email)
- cy.get('input[type=password]').type('incorrect')
- cy.get('input[type=submit]').contains('Sign in').click()
- cy.url().should('contain', "/users/sign_in")
- cy.get('div.alert').contains('Invalid email or password')
+ cy.get('div#root').should('contain', 'Please log in')
+ cy.url().should('not.contain', '/projects/')
+ })
+
+ it('shows login page with no token', function() {
+ cy.visit('/token/?api_token=')
+ cy.get('div#root').should('contain', 'Please log in')
+ cy.url().should('not.contain', '/projects/')
+ })
+
+ it('shows inactive page to inactive user', function() {
+ cy.visit(`/token/?api_token=${inactiveUser.token}`)
+ cy.get('div#root').should('contain', 'Your account is inactive');
+ })
+
+ it('shows login page with invalid token', function() {
+ cy.visit('/token/?api_token=nope')
+ cy.get('div#root').should('contain', 'Please log in')
+ cy.url().should('not.contain', '/projects/')
+ })
+
+ it('logs in successfully with valid user token', function() {
+ cy.visit(`/token/?api_token=${activeUser.token}`);
+ cy.url().should('contain', '/projects/');
+ cy.get('div#root').should('contain', 'Arvados Workbench (zzzzz)');
+ cy.get('div#root').should('not.contain', 'Your account is inactive');
+ cy.get('button[title="Account Management"]').click();
+ cy.get('ul[role=menu] > li[role=menuitem]').contains(
+ `${activeUser.user.first_name} ${activeUser.user.last_name}`);
+ })
+
+ it('logs out when token no longer valid', function() {
+ // Log in
+ cy.visit(`/token/?api_token=${activeUser.token}`);
+ cy.url().should('contain', '/projects/');
+ cy.get('div#root').should('contain', 'Arvados Workbench (zzzzz)');
+ cy.get('div#root').should('not.contain', 'Your account is inactive');
+ // Invalidate own token.
+ const tokenUuid = activeUser.token.split('/')[1];
+ cy.doRequest('PUT', `/arvados/v1/api_client_authorizations/${tokenUuid}`, {
+ id: tokenUuid,
+ api_client_authorization: JSON.stringify({
+ api_token: `randomToken${Math.floor(Math.random() * 999999)}`
+ })
+ }, null, activeUser.token, true);
+ // Should log the user out.
+ cy.visit('/');
+ cy.get('div#root').should('contain', 'Please log in');
+ })
+
+ it('logs in successfully with valid admin token', function() {
+ cy.visit(`/token/?api_token=${adminUser.token}`);
+ cy.url().should('contain', '/projects/');
+ cy.get('div#root').should('contain', 'Arvados Workbench (zzzzz)');
+ cy.get('div#root').should('not.contain', 'Your account is inactive');
+ cy.get('button[title="Admin Panel"]').click();
+ cy.get('ul[role=menu] > li[role=menuitem]')
+ .contains('Repositories')
+ .type('{esc}');
+ cy.get('button[title="Account Management"]').click();
+ cy.get('ul[role=menu] > li[role=menuitem]').contains(
+ `${adminUser.user.first_name} ${adminUser.user.last_name}`);
+ })
+
+ it('fails to authenticate using the login form with wrong password', function() {
+ cy.visit('/');
+ cy.get('#username').type(randomUser.username);
+ cy.get('#password').type('wrong password');
+ cy.get("button span:contains('Log in')").click();
+ cy.get('p#password-helper-text').should('contain', 'PAM: Authentication failure');
+ cy.url().should('not.contain', '/projects/');
+ })
+
+ it('successfully authenticates using the login form', function() {
+ cy.visit('/');
+ cy.get('#username').type(randomUser.username);
+ cy.get('#password').type(randomUser.password.clear);
+ cy.get("button span:contains('Log in')").click();
+ cy.url().should('contain', '/projects/');
+ cy.get('div#root').should('contain', 'Arvados Workbench (zzzzz)');
+ cy.get('div#root').should('contain', 'Your account is inactive');
+ cy.get('button[title="Account Management"]').click();
+ cy.get('ul[role=menu] > li[role=menuitem]').contains(randomUser.username);
})
})
\ No newline at end of file