submit-social-housing-letti.../spec/requests/auth/confirmations_controller_sp...

require "rails_helper"
require_relative "../../support/devise"

RSpec.describe Auth::ConfirmationsController, type: :request do
  let(:page) { Capybara::Node::Simple.new(response.body) }
  let(:notify_client) { instance_double(Notifications::Client) }
  let(:devise_notify_mailer) { DeviseNotifyMailer.new }
  let(:user) { FactoryBot.create(:user, :data_provider, sign_in_count: 0, confirmed_at: nil) }

  before do
    allow(DeviseNotifyMailer).to receive(:new).and_return(devise_notify_mailer)
    allow(devise_notify_mailer).to receive(:notify_client).and_return(notify_client)
    allow(notify_client).to receive(:send_email).and_return(true)
  end

  context "when a confirmation link is clicked by a new user" do
    before do
      user.send_confirmation_instructions
      get "/account/confirmation?confirmation_token=#{user.confirmation_token}"
    end

    it "marks the user as confirmed" do
      expect(user.reload.confirmed_at).to be_a(Time)
    end

    it "redirects to the set password page" do
      follow_redirect!
      expect(page).to have_content(I18n.t("user.create_password"))
    end
  end

  context "when the token has expired" do
    let(:period) { Devise::TimeInflector.time_ago_in_words(User.confirm_within.ago) }

    before do
      user.send_confirmation_instructions
      allow(User).to receive(:find_first_by_auth_conditions).and_return(user)
      allow(user).to receive(:confirmation_period_expired?).and_return(true)
      get "/account/confirmation?confirmation_token=#{user.confirmation_token}"
    end

    it "shows the error page" do
      expect(page).to have_content("Your invitation link has expired")
    end
  end

  context "when the user has already been confirmed" do
    let(:user) { FactoryBot.create(:user, :data_provider, sign_in_count: 0, confirmed_at: Time.zone.now) }

    before do
      user.send_confirmation_instructions
      get "/account/confirmation?confirmation_token=#{user.confirmation_token}"
    end

    it "redirects to the login page" do
      follow_redirect!
      expect(page).to have_content("Sign in to your account to submit CORE data")
    end

    it "does not show an error message" do
      follow_redirect!
      expect(page).not_to have_selector("#error-summary-title")
    end
  end
end
Confirmable (#580) * Confirmable * Remove obsolete rake task * Skip confirmation for inactive users * Send beta onboarding template if migrated from Softwire * Default controller * Use correct link * Redirect confirmation to set password * Confirm account within 3 days * Only redirect to set password if not previously set * Rubocop * Confirm factory bot users * Set password condition * Changing email requires reconfirming * No need to explicitly trigger email, devise does that for us now * Remove flash banner * Mock notify * Mock in the right spec * Test redirect and text * User is confirmable * Rubocop * Redirect to url so we don't bypass authenticity token * Update content * Add test for resend invite flow * Update link to resend confirmation email * Rename password reset resend confirmation partial * Expired link error page * Remove resend confirmation link * Update seed * Expory contact * Time zone Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com> 2 years ago			`require "rails_helper"`
			`require_relative "../../support/devise"`

			`RSpec.describe Auth::ConfirmationsController, type: :request do`
			`let(:page) { Capybara::Node::Simple.new(response.body) }`
			`let(:notify_client) { instance_double(Notifications::Client) }`
			`let(:devise_notify_mailer) { DeviseNotifyMailer.new }`
			`let(:user) { FactoryBot.create(:user, :data_provider, sign_in_count: 0, confirmed_at: nil) }`

			`before do`
			`allow(DeviseNotifyMailer).to receive(:new).and_return(devise_notify_mailer)`
			`allow(devise_notify_mailer).to receive(:notify_client).and_return(notify_client)`
			`allow(notify_client).to receive(:send_email).and_return(true)`
			`end`

			`context "when a confirmation link is clicked by a new user" do`
			`before do`
			`user.send_confirmation_instructions`
			`get "/account/confirmation?confirmation_token=#{user.confirmation_token}"`
			`end`

			`it "marks the user as confirmed" do`
			`expect(user.reload.confirmed_at).to be_a(Time)`
			`end`

			`it "redirects to the set password page" do`
			`follow_redirect!`
			`expect(page).to have_content(I18n.t("user.create_password"))`
			`end`
			`end`

			`context "when the token has expired" do`
			`let(:period) { Devise::TimeInflector.time_ago_in_words(User.confirm_within.ago) }`

			`before do`
			`user.send_confirmation_instructions`
			`allow(User).to receive(:find_first_by_auth_conditions).and_return(user)`
			`allow(user).to receive(:confirmation_period_expired?).and_return(true)`
			`get "/account/confirmation?confirmation_token=#{user.confirmation_token}"`
			`end`

			`it "shows the error page" do`
			`expect(page).to have_content("Your invitation link has expired")`
			`end`
			`end`
Redirect confirmed users to sign in 2 years ago
			`context "when the user has already been confirmed" do`
			`let(:user) { FactoryBot.create(:user, :data_provider, sign_in_count: 0, confirmed_at: Time.zone.now) }`

			`before do`
			`user.send_confirmation_instructions`
			`get "/account/confirmation?confirmation_token=#{user.confirmation_token}"`
			`end`

			`it "redirects to the login page" do`
			`follow_redirect!`
			`expect(page).to have_content("Sign in to your account to submit CORE data")`
			`end`

			`it "does not show an error message" do`
			`follow_redirect!`
			`expect(page).not_to have_selector("#error-summary-title")`
			`end`
			`end`
Confirmable (#580) * Confirmable * Remove obsolete rake task * Skip confirmation for inactive users * Send beta onboarding template if migrated from Softwire * Default controller * Use correct link * Redirect confirmation to set password * Confirm account within 3 days * Only redirect to set password if not previously set * Rubocop * Confirm factory bot users * Set password condition * Changing email requires reconfirming * No need to explicitly trigger email, devise does that for us now * Remove flash banner * Mock notify * Mock in the right spec * Test redirect and text * User is confirmable * Rubocop * Redirect to url so we don't bypass authenticity token * Update content * Add test for resend invite flow * Update link to resend confirmation email * Rename password reset resend confirmation partial * Expired link error page * Remove resend confirmation link * Update seed * Expory contact * Time zone Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com> 2 years ago			`end`