spec: rails 5.1: rewrite integration spec format
Change-Id: Ib6f1923b8ff0ec148bfcf5416e3c4d239f5707d5 Reviewed-on: https://gerrit.instructure.com/120243 Tested-by: Jenkins Reviewed-by: Cody Cutrer <cody@instructure.com> Product-Review: James Williams <jamesw@instructure.com> QA-Review: James Williams <jamesw@instructure.com>
This commit is contained in:
James Williams
parent
24f31afb22
commit
99edb63c4e
|
|
@ -208,8 +208,8 @@ describe "site-wide" do
|
|||
course_with_teacher_logged_in
|
||||
user_with_pseudonym :username => 'blah'
|
||||
post "/courses/#{@course.id}/user_lists.json",
|
||||
{ :user_list => ['blah'], :search_type => 'unique_id', :v2 => true },
|
||||
{ 'Accept' => 'application/json+canvas-string-ids' }
|
||||
params: { :user_list => ['blah'], :search_type => 'unique_id', :v2 => true },
|
||||
headers: { 'Accept' => 'application/json+canvas-string-ids' }
|
||||
json = JSON.parse response.body
|
||||
expect(json['users'][0]['user_id']).to be_a String
|
||||
end
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ describe CollaborationsController, type: :request do
|
|||
get "/courses/#{@course.id}/collaborations/"
|
||||
expect(response).to be_success
|
||||
|
||||
post "/courses/#{@course.id}/collaborations/", { :collaboration => { :collaboration_type => "EtherPad", :title => "My Collab" } }
|
||||
post "/courses/#{@course.id}/collaborations/", params: { :collaboration => { :collaboration_type => "EtherPad", :title => "My Collab" } }
|
||||
expect(response).to be_redirect
|
||||
|
||||
get "/courses/#{@course.id}/collaborations/"
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ describe ConferencesController, type: :request do
|
|||
@student2.register!
|
||||
[@teacher, @student1, @student2].each {|u| u.email_channel.confirm!}
|
||||
|
||||
post "/courses/#{@course.id}/conferences", { :web_conference => {"duration"=>"60", "conference_type"=>"Wimba", "title"=>"let's chat", "description"=>""}, :user => { "all" => "1" } }
|
||||
post "/courses/#{@course.id}/conferences", params: { :web_conference => {"duration"=>"60", "conference_type"=>"Wimba", "title"=>"let's chat", "description"=>""}, :user => { "all" => "1" } }
|
||||
expect(response).to be_redirect
|
||||
@conference = WebConference.first
|
||||
expect(Set.new(Message.all.map(&:user))).to eq Set.new([@teacher, @student1, @student2])
|
||||
|
|
@ -42,7 +42,7 @@ describe ConferencesController, type: :request do
|
|||
@student3 = student_in_course(:active_all => true, :user => user_with_pseudonym(:username => "student3@example.com")).user
|
||||
@student3.register!
|
||||
@student3.email_channel.confirm!
|
||||
put "/courses/#{@course.id}/conferences/#{@conference.id}", { :web_conference => { "title" => "moar" }, :user => { @student3.id => '1' } }
|
||||
put "/courses/#{@course.id}/conferences/#{@conference.id}", params: { :web_conference => { "title" => "moar" }, :user => { @student3.id => '1' } }
|
||||
expect(response).to be_redirect
|
||||
expect(Set.new(Message.all.map(&:user))).to eq Set.new([@teacher, @student1, @student2, @student3])
|
||||
end
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@ describe ContextModule do
|
|||
@discussion = @course.discussion_topics.create!(:title => "talk")
|
||||
@tag = @module.add_item(:type => 'discussion_topic', :id => @discussion.id)
|
||||
before_after do
|
||||
post "/courses/#{@course.id}/discussion_entries", :discussion_entry => { :message => 'ohai', :discussion_topic_id => @discussion.id }
|
||||
post "/courses/#{@course.id}/discussion_entries", params: {:discussion_entry => { :message => 'ohai', :discussion_topic_id => @discussion.id }}
|
||||
expect(response).to be_redirect
|
||||
end
|
||||
end
|
||||
|
|
@ -93,7 +93,7 @@ describe ContextModule do
|
|||
@page = @course.wiki.wiki_pages.create!(:title => "talk page", :body => 'ohai', :editing_roles => 'teachers,students')
|
||||
@tag = @module.add_item(:type => 'wiki_page', :id => @page.id)
|
||||
before_after do
|
||||
put "/api/v1/courses/#{@course.id}/pages/#{@page.url}", :wiki_page => { :body => 'i agree', :title => 'talk page' }
|
||||
put "/api/v1/courses/#{@course.id}/pages/#{@page.url}", params: {:wiki_page => { :body => 'i agree', :title => 'talk page' }}
|
||||
end
|
||||
end
|
||||
|
||||
|
|
@ -101,7 +101,7 @@ describe ContextModule do
|
|||
@assignment = @course.assignments.create!(:title => 'talk assn', :submission_types => 'discussion_topic')
|
||||
@tag = @module.add_item(:type => 'assignment', :id => @assignment.id)
|
||||
before_after do
|
||||
post "/courses/#{@course.id}/discussion_entries", :discussion_entry => { :message => 'ohai', :discussion_topic_id => @assignment.discussion_topic.id }
|
||||
post "/courses/#{@course.id}/discussion_entries", params: {:discussion_entry => { :message => 'ohai', :discussion_topic_id => @assignment.discussion_topic.id }}
|
||||
expect(response).to be_redirect
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ describe "discussion_topics" do
|
|||
get "/groups/#{@group.id}/discussion_topics/#{@topic.id}"
|
||||
expect(response).to be_success
|
||||
|
||||
post "/groups/#{@group.id}/discussion_entries", :discussion_entry => { :discussion_topic_id => @topic.id, :message => "frist!!1" }
|
||||
post "/groups/#{@group.id}/discussion_entries", params: {:discussion_entry => { :discussion_topic_id => @topic.id, :message => "frist!!1" }}
|
||||
expect(response).to be_redirect
|
||||
|
||||
get "/groups/#{@group.id}/discussion_topics/#{@topic.id}"
|
||||
|
|
|
|||
|
|
@ -43,8 +43,8 @@ describe ExternalToolsController do
|
|||
user_session(@teacher)
|
||||
post(
|
||||
"/api/v1/courses/#{@course.id}/external_tools",
|
||||
post_body,
|
||||
{ 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
params: post_body,
|
||||
headers: { 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
)
|
||||
expect(response).to be_success
|
||||
expect(assigns[:tool]).not_to be_nil
|
||||
|
|
@ -54,8 +54,8 @@ describe ExternalToolsController do
|
|||
user_session(@teacher)
|
||||
post(
|
||||
"/api/v1/courses/#{@course.id}/external_tools",
|
||||
post_body,
|
||||
{ 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
params: post_body,
|
||||
headers: { 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
)
|
||||
tool = assigns[:tool]
|
||||
expect(tool.settings[:custom_fields]["Complex!@#$^*(){}[]KEY"]).to eq 'Complex!@#$^*;(){}[]½Value'
|
||||
|
|
@ -81,8 +81,8 @@ describe ExternalToolsController do
|
|||
tool = new_valid_tool(@course)
|
||||
put(
|
||||
"/api/v1/courses/#{@course.id}/external_tools/#{tool.id}",
|
||||
post_body,
|
||||
{ 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
params: post_body,
|
||||
headers: { 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
)
|
||||
assert_status(401)
|
||||
end
|
||||
|
|
@ -92,8 +92,8 @@ describe ExternalToolsController do
|
|||
tool = new_valid_tool(@course)
|
||||
put(
|
||||
"/api/v1/courses/#{@course.id}/external_tools/#{tool.id}",
|
||||
post_body,
|
||||
{ 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
params: post_body,
|
||||
headers: { 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
)
|
||||
assert_status(200)
|
||||
end
|
||||
|
|
@ -103,8 +103,8 @@ describe ExternalToolsController do
|
|||
tool = new_valid_tool(@course)
|
||||
put(
|
||||
"/api/v1/courses/#{@course.id}/external_tools/#{tool.id}",
|
||||
post_body,
|
||||
{ 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
params: post_body,
|
||||
headers: { 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
)
|
||||
expect(response).to be_success
|
||||
expect(assigns[:tool]).not_to be_nil
|
||||
|
|
@ -115,8 +115,8 @@ describe ExternalToolsController do
|
|||
tool = new_valid_tool(@course)
|
||||
put(
|
||||
"/api/v1/courses/#{@course.id}/external_tools/#{tool.id}",
|
||||
post_body,
|
||||
{ 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
params: post_body,
|
||||
headers: { 'CONTENT_TYPE' => 'application/x-www-form-urlencoded '}
|
||||
)
|
||||
|
||||
expect(assigns[:tool].settings[:custom_fields]["Complex!@#$^*(){}[]KEY"]).to eq 'Complex!@#$^*;(){}[]½Value'
|
||||
|
|
@ -186,8 +186,8 @@ describe ExternalToolsController do
|
|||
user_session(@teacher)
|
||||
post(
|
||||
"/api/v1/courses/#{@course.id}/create_tool_with_verification",
|
||||
post_body.to_json,
|
||||
{'CONTENT_TYPE' => 'application/json'}
|
||||
params: post_body.to_json,
|
||||
headers: {'CONTENT_TYPE' => 'application/json'}
|
||||
)
|
||||
|
||||
expect(response).to be_success
|
||||
|
|
@ -200,8 +200,8 @@ describe ExternalToolsController do
|
|||
|
||||
post(
|
||||
"/api/v1/courses/#{@course.id}/create_tool_with_verification",
|
||||
post_body.to_json,
|
||||
{'CONTENT_TYPE' => 'application/json'}
|
||||
params: post_body.to_json,
|
||||
headers: {'CONTENT_TYPE' => 'application/json'}
|
||||
)
|
||||
|
||||
expect(response).not_to be_success
|
||||
|
|
@ -213,8 +213,8 @@ describe ExternalToolsController do
|
|||
|
||||
post(
|
||||
"/api/v1/courses/#{@course.id}/create_tool_with_verification",
|
||||
post_body.to_json,
|
||||
{'CONTENT_TYPE' => 'application/json'}
|
||||
params: post_body.to_json,
|
||||
headers: {'CONTENT_TYPE' => 'application/json'}
|
||||
)
|
||||
|
||||
expect(response).to be_success
|
||||
|
|
@ -227,8 +227,8 @@ describe ExternalToolsController do
|
|||
|
||||
post(
|
||||
"/api/v1/courses/#{@course.id}/create_tool_with_verification",
|
||||
post_body.to_json,
|
||||
{'CONTENT_TYPE' => 'application/json'}
|
||||
params: post_body.to_json,
|
||||
headers: {'CONTENT_TYPE' => 'application/json'}
|
||||
)
|
||||
|
||||
expect(response).to be_success
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ describe FilesController do
|
|||
|
||||
it "with safefiles" do
|
||||
HostUrl.stubs(:file_host_with_shard).returns(['files-test.host', Shard.default])
|
||||
get "http://test.host/files/#{@submission.attachment.id}/download", :inline => '1', :verifier => @submission.attachment.uuid
|
||||
get "http://test.host/files/#{@submission.attachment.id}/download", params: {:inline => '1', :verifier => @submission.attachment.uuid}
|
||||
expect(response).to be_redirect
|
||||
uri = URI.parse response['Location']
|
||||
qs = Rack::Utils.parse_nested_query(uri.query)
|
||||
|
|
@ -56,7 +56,7 @@ describe FilesController do
|
|||
|
||||
it "without safefiles" do
|
||||
HostUrl.stubs(:file_host_with_shard).returns(['test.host', Shard.default])
|
||||
get "http://test.host/files/#{@submission.attachment.id}/download", :inline => '1', :verifier => @submission.attachment.uuid
|
||||
get "http://test.host/files/#{@submission.attachment.id}/download", params: {:inline => '1', :verifier => @submission.attachment.uuid}
|
||||
# could be success or redirect, depending on S3 config
|
||||
expect([200, 302]).to be_include(response.status)
|
||||
expect(response['Pragma']).to be_nil
|
||||
|
|
@ -108,7 +108,7 @@ describe FilesController do
|
|||
|
||||
it "with safefiles" do
|
||||
HostUrl.stubs(:file_host_with_shard).returns(['files-test.host', Shard.default])
|
||||
get "http://test.host/users/#{@me.id}/files/#{@att.id}/download", :wrap => '1'
|
||||
get "http://test.host/users/#{@me.id}/files/#{@att.id}/download", params: {:wrap => '1'}
|
||||
expect(response).to be_redirect
|
||||
uri = URI.parse response['Location']
|
||||
qs = Rack::Utils.parse_nested_query(uri.query)
|
||||
|
|
@ -126,7 +126,7 @@ describe FilesController do
|
|||
|
||||
it "without safefiles" do
|
||||
HostUrl.stubs(:file_host_with_shard).returns(['test.host', Shard.default])
|
||||
get "http://test.host/users/#{@me.id}/files/#{@att.id}/download", :wrap => '1'
|
||||
get "http://test.host/users/#{@me.id}/files/#{@att.id}/download", params: {:wrap => '1'}
|
||||
expect(response).to be_redirect
|
||||
location = response['Location']
|
||||
expect(URI.parse(location).path).to eq "/users/#{@me.id}/files/#{@att.id}"
|
||||
|
|
@ -152,7 +152,7 @@ describe FilesController do
|
|||
host!("test.host")
|
||||
a1 = attachment_model(:uploaded_data => stub_png_data, :content_type => 'image/png', :context => @course)
|
||||
HostUrl.stubs(:file_host_with_shard).returns(['files-test.host', Shard.default])
|
||||
get "http://test.host/courses/#{@course.id}/files/#{a1.id}/download", :inline => '1'
|
||||
get "http://test.host/courses/#{@course.id}/files/#{a1.id}/download", params: {:inline => '1'}
|
||||
expect(response).to be_redirect
|
||||
uri = URI.parse response['Location']
|
||||
qs = Rack::Utils.parse_nested_query(uri.query)
|
||||
|
|
@ -175,7 +175,7 @@ describe FilesController do
|
|||
host!("test.host")
|
||||
a1 = attachment_model(:uploaded_data => stub_png_data, :content_type => 'image/png', :context => @course)
|
||||
|
||||
get "http://test.host/courses/#{@course.id}/files/#{a1.id}/download", :inline => '1'
|
||||
get "http://test.host/courses/#{@course.id}/files/#{a1.id}/download", params: {:inline => '1'}
|
||||
expect(response).to be_redirect
|
||||
location = response['Location']
|
||||
remove_user_session
|
||||
|
|
@ -327,7 +327,7 @@ describe FilesController do
|
|||
@submission.attachment = attachment_model(:uploaded_data => stub_png_data, :content_type => 'image/png')
|
||||
@submission.save!
|
||||
HostUrl.stubs(:file_host_with_shard).returns(['files-test.host', Shard.default])
|
||||
get "http://test.host/users/#{@submission.user.id}/files/#{@submission.attachment.id}/download", :verifier => @submission.attachment.uuid
|
||||
get "http://test.host/users/#{@submission.user.id}/files/#{@submission.attachment.id}/download", params: {:verifier => @submission.attachment.uuid}
|
||||
|
||||
expect(response).to be_redirect
|
||||
uri = URI.parse response['Location']
|
||||
|
|
@ -365,7 +365,7 @@ describe FilesController do
|
|||
att1 = attachment_model(:uploaded_data => stub_png_data, :context => @course)
|
||||
att2 = attachment_model(:uploaded_data => stub_png_data("file2.png"), :context => @course)
|
||||
|
||||
post "/courses/#{@course.id}/files/reorder", {:order => "#{att2.id}, #{att1.id}", :folder_id => @folder.id}
|
||||
post "/courses/#{@course.id}/files/reorder", params: {:order => "#{att2.id}, #{att1.id}", :folder_id => @folder.id}
|
||||
expect(response).to be_success
|
||||
|
||||
expect(@folder.file_attachments.by_position_then_display_name).to eq [att2, att1]
|
||||
|
|
@ -381,7 +381,7 @@ describe FilesController do
|
|||
user_session(@user)
|
||||
|
||||
ts, sf_verifier = @user.access_verifier
|
||||
get "/files/#{att.id}", :user_id => @user.id, :ts => ts, :sf_verifier => sf_verifier # set the file access session tokens
|
||||
get "/files/#{att.id}", params: {:user_id => @user.id, :ts => ts, :sf_verifier => sf_verifier} # set the file access session tokens
|
||||
expect(session['file_access_user_id']).to be_present
|
||||
|
||||
get "/courses/#{@course.id}/files/#{att.id}/file_preview"
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ describe LiveEvents do
|
|||
it 'should trigger a live event on login' do
|
||||
Canvas::LiveEvents.expects(:logged_in).once
|
||||
user_with_pseudonym(:username => 'jtfrd@instructure.com', :active_user => true, :password => 'qwertyuiop')
|
||||
post '/login', :pseudonym_session => { :unique_id => 'jtfrd@instructure.com', :password => 'qwertyuiop'}
|
||||
post '/login', params: {:pseudonym_session => { :unique_id => 'jtfrd@instructure.com', :password => 'qwertyuiop'}}
|
||||
expect(response).to be_redirect
|
||||
end
|
||||
|
||||
|
|
@ -51,11 +51,11 @@ describe LiveEvents do
|
|||
page = create_page :title => 'a-page', :body => 'body'
|
||||
|
||||
# Updating the page body should trigger a live event
|
||||
put "/api/v1/courses/#{@course.id}/pages/#{page.url}", :wiki_page => {body: 'UPDATED'}
|
||||
put "/api/v1/courses/#{@course.id}/pages/#{page.url}", params: {:wiki_page => {body: 'UPDATED'}}
|
||||
expect(response.code).to eq '200'
|
||||
|
||||
# Updating the page title should trigger a live event
|
||||
put "/api/v1/courses/#{@course.id}/pages/#{page.url}", :wiki_page => {title: 'UPDATED'}
|
||||
put "/api/v1/courses/#{@course.id}/pages/#{page.url}", params: {:wiki_page => {title: 'UPDATED'}}
|
||||
expect(response.code).to eq '200'
|
||||
end
|
||||
|
||||
|
|
@ -84,7 +84,7 @@ describe LiveEvents do
|
|||
it 'should trigger a live event on file updates' do
|
||||
Canvas::LiveEvents.expects(:attachment_updated).once
|
||||
file = course_file
|
||||
put "/api/v1/files/#{file.id}", :name => 'UPDATED'
|
||||
put "/api/v1/files/#{file.id}", params: {:name => 'UPDATED'}
|
||||
expect(response.code).to eq '200'
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@ describe 'login' do
|
|||
get login_url
|
||||
redirect_until(cas_redirect_url)
|
||||
|
||||
get '/login/cas', ticket: 'ST-abcd'
|
||||
get '/login/cas', params: {ticket: 'ST-abcd'}
|
||||
expect(response).to redirect_to(dashboard_url(:login_success => 1))
|
||||
expect(session[:cas_session]).to eq 'ST-abcd'
|
||||
|
||||
|
|
@ -77,7 +77,7 @@ describe 'login' do
|
|||
get login_url
|
||||
redirect_until(cas_redirect_url)
|
||||
|
||||
get '/login/cas', ticket: 'ST-abcd'
|
||||
get '/login/cas', params: {ticket: 'ST-abcd'}
|
||||
expect(response).to redirect_to(login_url)
|
||||
expect(flash[:delegated_message]).to match(/There was a problem logging in/)
|
||||
end
|
||||
|
|
@ -91,7 +91,7 @@ describe 'login' do
|
|||
get login_url
|
||||
redirect_until(cas_redirect_url)
|
||||
|
||||
get '/login/cas', ticket: 'ST-abcd'
|
||||
get '/login/cas', params: {ticket: 'ST-abcd'}
|
||||
expect(response).to redirect_to(login_url)
|
||||
expect(flash[:delegated_message]).to match(/There was a problem logging in/)
|
||||
end
|
||||
|
|
@ -102,7 +102,7 @@ describe 'login' do
|
|||
get login_url
|
||||
redirect_until(cas_redirect_url)
|
||||
|
||||
get '/login/cas', ticket: 'ST-abcd'
|
||||
get '/login/cas', params: {ticket: 'ST-abcd'}
|
||||
expect(response).to redirect_to(login_url)
|
||||
get login_url
|
||||
expect(flash[:delegated_message]).to match(/Canvas doesn't have an account for user/)
|
||||
|
|
@ -118,7 +118,7 @@ describe 'login' do
|
|||
get login_url
|
||||
redirect_until(cas_redirect_url)
|
||||
|
||||
get '/login/cas', ticket: 'ST-abcd'
|
||||
get '/login/cas', params: {ticket: 'ST-abcd'}
|
||||
expect(response).to redirect_to(redirect_url)
|
||||
end
|
||||
|
||||
|
|
@ -130,7 +130,7 @@ describe 'login' do
|
|||
get login_url
|
||||
redirect_until(cas_redirect_url)
|
||||
|
||||
get '/login/cas', ticket: 'ST-abcd'
|
||||
get '/login/cas', params: {ticket: 'ST-abcd'}
|
||||
expect(response).to redirect_to(dashboard_url(:login_success => 1))
|
||||
expect(session[:cas_session]).to eq 'ST-abcd'
|
||||
end
|
||||
|
|
@ -145,7 +145,7 @@ describe 'login' do
|
|||
get login_url
|
||||
redirect_until(cas_redirect_url)
|
||||
|
||||
get '/login/cas', ticket: 'ST-abcd'
|
||||
get '/login/cas', params: {ticket: 'ST-abcd'}
|
||||
expect(response).to redirect_to(dashboard_url(:login_success => 1))
|
||||
expect(session[:cas_session]).to eq cas_ticket
|
||||
|
||||
|
|
@ -168,13 +168,13 @@ describe 'login' do
|
|||
get login_url
|
||||
redirect_until(cas_redirect_url)
|
||||
|
||||
get '/login/cas', ticket: 'ST-abcd'
|
||||
get '/login/cas', params: {ticket: 'ST-abcd'}
|
||||
expect(response).to redirect_to(dashboard_url(:login_success => 1))
|
||||
expect(session[:cas_session]).to eq 'ST-abcd'
|
||||
expect(Canvas.redis.get("cas_session:ST-abcd")).to eq @pseudonym.global_id.to_s
|
||||
|
||||
# single-sign-out from CAS server cannot find key but should store the session is expired
|
||||
post cas_logout_url, :logoutRequest => <<-SAML
|
||||
post cas_logout_url, params: {:logoutRequest => <<-SAML}
|
||||
<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="1371236167rDkbdl8FGzbqwBhICvi" Version="2.0" IssueInstant="Fri, 14 Jun 2013 12:56:07 -0600">
|
||||
<saml:NameID></saml:NameID>
|
||||
<samlp:SessionIndex>ST-abcd</samlp:SessionIndex>
|
||||
|
|
@ -195,7 +195,7 @@ describe 'login' do
|
|||
get login_url
|
||||
redirect_until(cas_redirect_url)
|
||||
|
||||
get '/login/cas', ticket: 'ST-abcd'
|
||||
get '/login/cas', params: {ticket: 'ST-abcd'}
|
||||
expect(response).to redirect_to(dashboard_url(:login_success => 1))
|
||||
expect(session[:cas_session]).to eq 'ST-abcd'
|
||||
expect(Canvas.redis.get("cas_session:ST-abcd")).to eq @pseudonym.global_id.to_s
|
||||
|
|
@ -222,7 +222,7 @@ describe 'login' do
|
|||
back_channel.reset!
|
||||
|
||||
# single-sign-out from CAS server cannot find key but should store the session is expired
|
||||
back_channel.post cas_logout_url, :logoutRequest => <<-XML
|
||||
back_channel.post cas_logout_url, params: {:logoutRequest => <<-XML}
|
||||
<samlp:LogoutRequest
|
||||
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
|
||||
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
|
||||
|
|
@ -265,7 +265,7 @@ describe 'login' do
|
|||
get jobs_url
|
||||
expect(response).to redirect_to login_url
|
||||
|
||||
post canvas_login_url, pseudonym_session: { unique_id: @pseudonym.unique_id, password: 'qwertyuiop' }
|
||||
post canvas_login_url, params: {pseudonym_session: { unique_id: @pseudonym.unique_id, password: 'qwertyuiop' }}
|
||||
expect(response).to redirect_to jobs_url
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ describe "one time passwords" do
|
|||
|
||||
context "mid-login" do
|
||||
before do
|
||||
post '/login/canvas', :pseudonym_session => { :unique_id => @pseudonym.unique_id, :password => 'qwertyuiop' }
|
||||
post '/login/canvas', params: {:pseudonym_session => { :unique_id => @pseudonym.unique_id, :password => 'qwertyuiop' }}
|
||||
end
|
||||
|
||||
it "should redirect" do
|
||||
|
|
@ -47,7 +47,7 @@ describe "one time passwords" do
|
|||
end
|
||||
|
||||
it "should not destroy your session when someone does an XHR accidentally" do
|
||||
xhr :get, '/api/v1/conversations/unread_count'
|
||||
get '/api/v1/conversations/unread_count', :xhr => true
|
||||
expect(response.status).to eq 403
|
||||
get otp_login_url
|
||||
expect(response).to be_success
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ describe "page views" do
|
|||
course_with_teacher_logged_in(active_all: 1, user: @user)
|
||||
@topic = @course.discussion_topics.create!
|
||||
|
||||
post "/api/v1/courses/#{@course.id}/discussion_topics/#{@topic.id}/entries", :message => 'hello'
|
||||
post "/api/v1/courses/#{@course.id}/discussion_topics/#{@topic.id}/entries", params: {:message => 'hello'}
|
||||
expect(response).to be_success
|
||||
|
||||
pv = PageView.last
|
||||
|
|
@ -40,7 +40,7 @@ describe "page views" do
|
|||
it "should record get request for api request" do
|
||||
course_with_teacher(active_all: 1, user: user_with_pseudonym)
|
||||
@topic = @course.discussion_topics.create!
|
||||
get "/api/v1/courses/#{@course.id}/discussion_topics/#{@topic.id}/entries", access_token: @user.access_tokens.create!.full_token
|
||||
get "/api/v1/courses/#{@course.id}/discussion_topics/#{@topic.id}/entries", params: {access_token: @user.access_tokens.create!.full_token}
|
||||
pv = PageView.last
|
||||
expect(pv.http_method).to eq 'get'
|
||||
end
|
||||
|
|
@ -50,7 +50,7 @@ describe "page views" do
|
|||
course_with_teacher(active_all: 1, user: user_with_pseudonym)
|
||||
@topic = @course.discussion_topics.create!
|
||||
PageView.any_instance.expects(:store).never
|
||||
get "/api/v1/courses/#{@course.id}/discussion_topics/#{@topic.id}/entries", access_token: @user.access_tokens.create!.full_token
|
||||
get "/api/v1/courses/#{@course.id}/discussion_topics/#{@topic.id}/entries", params: {access_token: @user.access_tokens.create!.full_token}
|
||||
end
|
||||
|
||||
it "records the developer key when an access token was used" do
|
||||
|
|
@ -58,7 +58,7 @@ describe "page views" do
|
|||
course_with_teacher(active_all: 1, user: @user)
|
||||
@topic = @course.discussion_topics.create!
|
||||
|
||||
post "/api/v1/courses/#{@course.id}/discussion_topics/#{@topic.id}/entries", :message => 'hello', access_token: @user.access_tokens.create!.full_token
|
||||
post "/api/v1/courses/#{@course.id}/discussion_topics/#{@topic.id}/entries", params: {:message => 'hello', access_token: @user.access_tokens.create!.full_token}
|
||||
expect(response).to be_success
|
||||
|
||||
pv = PageView.last
|
||||
|
|
@ -76,7 +76,7 @@ describe "page views" do
|
|||
page_view.user = @user
|
||||
page_view.save
|
||||
|
||||
xhr :put, "/page_views/#{page_view.id}", :page_view_token => page_view.token, :interaction_seconds => 42
|
||||
put "/page_views/#{page_view.id}", params: {:page_view_token => page_view.token, :interaction_seconds => 42}, xhr: true
|
||||
expect(response).to be_success
|
||||
expect(response['X-Canvas-Meta']).to match(/r=#{page_view.request_id}\|#{page_view.created_at.iso8601(2)}\|42;/)
|
||||
end
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ describe ProfileController do
|
|||
get '/profile/settings'
|
||||
expect(Nokogiri::HTML(response.body).css('input#user_short_name')).not_to be_empty
|
||||
|
||||
put '/profile', :user => { :short_name => 'Cody' }
|
||||
put '/profile', params: {:user => { :short_name => 'Cody' }}
|
||||
expect(response).to be_redirect
|
||||
expect(u.reload.short_name).to eq 'Cody'
|
||||
|
||||
|
|
@ -50,7 +50,7 @@ describe ProfileController do
|
|||
get '/profile/settings'
|
||||
expect(Nokogiri::HTML(response.body).css('input#user_short_name')).to be_empty
|
||||
|
||||
put '/profile', :user => { :short_name => 'JT' }
|
||||
put '/profile', params: {:user => { :short_name => 'JT' }}
|
||||
expect(response).to be_redirect
|
||||
expect(u.reload.short_name).to eq 'Cody'
|
||||
end
|
||||
|
|
|
|||
|
|
@ -57,19 +57,19 @@ describe Quizzes::QuizSubmissionsController do
|
|||
|
||||
def record_answer_1
|
||||
post "/courses/#{@course.id}/quizzes/#{@quiz.id}/submissions/#{@qs.id}/record_answer",
|
||||
:question_1 => 'blah', :last_question_id => 1, :validation_token => @qs.validation_token
|
||||
params: {:question_1 => 'blah', :last_question_id => 1, :validation_token => @qs.validation_token}
|
||||
expect(response).to be_redirect
|
||||
end
|
||||
|
||||
def backup_answer_1
|
||||
put "/courses/#{@course.id}/quizzes/#{@quiz.id}/submissions/backup",
|
||||
:question_1 => 'blah_overridden', :validation_token => @qs.validation_token
|
||||
params: {:question_1 => 'blah_overridden', :validation_token => @qs.validation_token}
|
||||
expect(response).to be_success
|
||||
end
|
||||
|
||||
def record_answer_2
|
||||
post "/courses/#{@course.id}/quizzes/#{@quiz.id}/submissions/#{@qs.id}/record_answer",
|
||||
:question_2 => 'M&Ms', :last_question_id => 2, :validation_token => @qs.validation_token
|
||||
params: {:question_2 => 'M&Ms', :last_question_id => 2, :validation_token => @qs.validation_token}
|
||||
expect(response).to be_redirect
|
||||
end
|
||||
|
||||
|
|
@ -89,7 +89,7 @@ describe Quizzes::QuizSubmissionsController do
|
|||
|
||||
it "should redirect back to take quiz if the user loses connection" do
|
||||
get "/courses/#{@course.id}/quizzes/#{@quiz.id}/submissions/#{@qs.id}/record_answer",
|
||||
:question_1 => 'blah', :last_question_id => 1, :validation_token => @qs.validation_token
|
||||
params: {:question_1 => 'blah', :last_question_id => 1, :validation_token => @qs.validation_token}
|
||||
expect(response).to be_redirect
|
||||
end
|
||||
end
|
||||
|
|
@ -98,7 +98,7 @@ describe Quizzes::QuizSubmissionsController do
|
|||
Canvas::LiveEvents.expects(:quiz_submitted).with(@qs)
|
||||
|
||||
post "/courses/#{@course.id}/quizzes/#{@quiz.id}/submissions/",
|
||||
:question_1 => 'password', :attempt => 1, :validation_token => @qs.validation_token
|
||||
params: {:question_1 => 'password', :attempt => 1, :validation_token => @qs.validation_token}
|
||||
expect(response).to be_redirect
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -38,10 +38,10 @@ describe "security" do
|
|||
expect(cookie).to be_present
|
||||
expect(path).to eq "/login/canvas"
|
||||
|
||||
post "/login/canvas", "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
post "/login/canvas", params: {"pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf",
|
||||
"pseudonym_session[remember_me]" => "1",
|
||||
"redirect_to_ssl" => "1"
|
||||
"redirect_to_ssl" => "1"}
|
||||
follow_redirect! while response.redirect?
|
||||
assert_response :success
|
||||
expect(request.fullpath).to eql("/?login_success=1")
|
||||
|
|
@ -86,16 +86,16 @@ describe "security" do
|
|||
u.save!
|
||||
https!
|
||||
|
||||
post "/login", "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf"
|
||||
post "/login", params: {"pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf"}
|
||||
assert_response 302
|
||||
c = response['Set-Cookie'].lines.grep(/\A_normandy_session=/).first
|
||||
expect(c).not_to match(/expires=/)
|
||||
reset!
|
||||
https!
|
||||
post "/login", "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
post "/login", params: {"pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf",
|
||||
"pseudonym_session[remember_me]" => "1"
|
||||
"pseudonym_session[remember_me]" => "1"}
|
||||
assert_response 302
|
||||
c = response['Set-Cookie'].lines.grep(/\A_normandy_session=/).first
|
||||
expect(c).not_to match(/expires=/)
|
||||
|
|
@ -107,8 +107,8 @@ describe "security" do
|
|||
:password => "asdfasdf"
|
||||
u.save!
|
||||
https!
|
||||
post "/login", "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf"
|
||||
post "/login", params: {"pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf"}
|
||||
assert_response 302
|
||||
c1 = response['Set-Cookie'].lines.grep(/\Apseudonym_credentials=/).first
|
||||
c2 = response['Set-Cookie'].lines.grep(/\A_normandy_session=/).first
|
||||
|
|
@ -122,9 +122,10 @@ describe "security" do
|
|||
:username => "nobody@example.com",
|
||||
:password => "asdfasdf"
|
||||
u.save!
|
||||
post "/login", { "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
post "/login", params: { "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf",
|
||||
"pseudonym_session[remember_me]" => "1" }, { 'HTTP_ACCEPT' => 'application/json' }
|
||||
"pseudonym_session[remember_me]" => "1" },
|
||||
headers: { 'HTTP_ACCEPT' => 'application/json' }
|
||||
expect(response).to be_success
|
||||
expect(response['Content-Type']).to match(%r"^application/json")
|
||||
expect(response.body).not_to match(%r{^while\(1\);})
|
||||
|
|
@ -142,7 +143,7 @@ describe "security" do
|
|||
|
||||
it "should not prepend GET JSON responses to Accept application/json requests with protection" do
|
||||
course_with_teacher_logged_in
|
||||
get "/courses.json", nil, { 'HTTP_ACCEPT' => 'application/json' }
|
||||
get "/courses.json", headers: { 'HTTP_ACCEPT' => 'application/json' }
|
||||
expect(response).to be_success
|
||||
expect(response['Content-Type']).to match(%r"^application/json")
|
||||
expect(response.body).not_to match(%r{^while\(1\);})
|
||||
|
|
@ -168,20 +169,20 @@ describe "security" do
|
|||
|
||||
it "should not remember me when the wrong token is given" do
|
||||
# plain persistence_token no longer works
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{@p.persistence_token}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{@p.persistence_token}"}
|
||||
expect(response).to redirect_to("https://www.example.com/login")
|
||||
token = SessionPersistenceToken.generate(@p)
|
||||
# correct token id, but nonsense uuid and persistence_token
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{token.id}::blah::blah"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{token.id}::blah::blah"}
|
||||
expect(response).to redirect_to("https://www.example.com/login")
|
||||
# correct token id and persistence_token, but nonsense uuid
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{token.id}::#{@p.persistence_token}::blah"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{token.id}::#{@p.persistence_token}::blah"}
|
||||
expect(response).to redirect_to("https://www.example.com/login")
|
||||
end
|
||||
|
||||
it "should login via persistence token when no session exists" do
|
||||
token = SessionPersistenceToken.generate(@p)
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"}
|
||||
expect(response).to be_success
|
||||
expect(cookies['_normandy_session']).to be_present
|
||||
expect(session[:used_remember_me_token]).to be_truthy
|
||||
|
|
@ -191,7 +192,7 @@ describe "security" do
|
|||
expect(response).to redirect_to login_url
|
||||
expect(flash[:warning]).not_to be_empty
|
||||
|
||||
post "/login", :pseudonym_session => { :unique_id => @p.unique_id, :password => 'asdfasdf' }
|
||||
post "/login", params: {:pseudonym_session => { :unique_id => @p.unique_id, :password => 'asdfasdf' }}
|
||||
expect(response).to redirect_to settings_profile_url
|
||||
expect(session[:used_remember_me_token]).not_to be_truthy
|
||||
|
||||
|
|
@ -201,18 +202,18 @@ describe "security" do
|
|||
|
||||
it "should not allow login via the same valid token twice" do
|
||||
token = SessionPersistenceToken.generate(@p)
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"}
|
||||
expect(response).to be_success
|
||||
expect(SessionPersistenceToken.find_by_id(token.id)).to be_nil
|
||||
reset!
|
||||
https!
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"}
|
||||
expect(response).to redirect_to("https://www.example.com/login")
|
||||
end
|
||||
|
||||
it "should generate a new valid token when a token is used" do
|
||||
token = SessionPersistenceToken.generate(@p)
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"}
|
||||
expect(response).to be_success
|
||||
s1 = cookies['_normandy_session']
|
||||
expect(s1).to be_present
|
||||
|
|
@ -225,7 +226,7 @@ describe "security" do
|
|||
reset!
|
||||
https!
|
||||
# check that the new token is valid too
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{cookie}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{cookie}"}
|
||||
expect(response).to be_success
|
||||
s2 = cookies['_normandy_session']
|
||||
expect(s2).to be_present
|
||||
|
|
@ -233,9 +234,9 @@ describe "security" do
|
|||
end
|
||||
|
||||
it "should generate and return a token when remember_me is checked" do
|
||||
post "/login", "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
post "/login", params: {"pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf",
|
||||
"pseudonym_session[remember_me]" => "1"
|
||||
"pseudonym_session[remember_me]" => "1"}
|
||||
assert_response 302
|
||||
cookie = cookies['pseudonym_credentials']
|
||||
expect(cookie).to be_present
|
||||
|
|
@ -251,9 +252,9 @@ describe "security" do
|
|||
|
||||
it "should destroy the token both user agent and server side on logout" do
|
||||
expect {
|
||||
post "/login", "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
post "/login", params: {"pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf",
|
||||
"pseudonym_session[remember_me]" => "1"
|
||||
"pseudonym_session[remember_me]" => "1"}
|
||||
}.to change(SessionPersistenceToken, :count).by(1)
|
||||
c = cookies['pseudonym_credentials']
|
||||
expect(c).to be_present
|
||||
|
|
@ -270,32 +271,32 @@ describe "security" do
|
|||
s1.https!
|
||||
s2 = open_session
|
||||
s2.https!
|
||||
s1.post "/login", "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
s1.post "/login", params: {"pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf",
|
||||
"pseudonym_session[remember_me]" => "1"
|
||||
"pseudonym_session[remember_me]" => "1"}
|
||||
c1 = s1.cookies['pseudonym_credentials']
|
||||
s2.post "/login", "pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
s2.post "/login", params: {"pseudonym_session[unique_id]" => "nobody@example.com",
|
||||
"pseudonym_session[password]" => "asdfasdf",
|
||||
"pseudonym_session[remember_me]" => "1"
|
||||
"pseudonym_session[remember_me]" => "1"}
|
||||
c2 = s2.cookies['pseudonym_credentials']
|
||||
expect(c1).not_to eq c2
|
||||
|
||||
s3 = open_session
|
||||
s3.https!
|
||||
s3.get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{c1}"
|
||||
s3.get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{c1}"}
|
||||
expect(s3.response).to be_success
|
||||
s3.delete "/logout"
|
||||
# make sure c2 can still work
|
||||
s4 = open_session
|
||||
s4.https!
|
||||
s4.get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{c2}"
|
||||
s4.get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{c2}"}
|
||||
expect(s4.response).to be_success
|
||||
end
|
||||
|
||||
it "should not login if the pseudonym is deleted" do
|
||||
token = SessionPersistenceToken.generate(@p)
|
||||
@p.destroy
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"}
|
||||
expect(response).to redirect_to("https://www.example.com/login")
|
||||
end
|
||||
|
||||
|
|
@ -307,7 +308,7 @@ describe "security" do
|
|||
@p.save!
|
||||
pers2 = @p.persistence_token
|
||||
expect(pers1).not_to eq pers2
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{creds}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{creds}"}
|
||||
expect(response).to redirect_to("https://www.example.com/login")
|
||||
end
|
||||
|
||||
|
|
@ -320,7 +321,7 @@ describe "security" do
|
|||
user_with_pseudonym(:account => account)
|
||||
end
|
||||
token = SessionPersistenceToken.generate(@pseudonym)
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"}
|
||||
expect(response).to be_success
|
||||
expect(cookies['_normandy_session']).to be_present
|
||||
expect(session[:used_remember_me_token]).to be_truthy
|
||||
|
|
@ -341,8 +342,8 @@ describe "security" do
|
|||
|
||||
def bad_login(ip)
|
||||
post "/login",
|
||||
{ "pseudonym_session[unique_id]" => "nobody@example.com", "pseudonym_session[password]" => "failboat" },
|
||||
{ "REMOTE_ADDR" => ip }
|
||||
params: { "pseudonym_session[unique_id]" => "nobody@example.com", "pseudonym_session[password]" => "failboat" },
|
||||
headers: { "REMOTE_ADDR" => ip }
|
||||
follow_redirect! while response.redirect?
|
||||
end
|
||||
|
||||
|
|
@ -353,8 +354,8 @@ describe "security" do
|
|||
expect(response.body).to match(/Too many failed login attempts/)
|
||||
# should still fail
|
||||
post "/login",
|
||||
{ "pseudonym_session[unique_id]" => "nobody@example.com", "pseudonym_session[password]" => "asdfasdf" },
|
||||
{ "REMOTE_ADDR" => "5.5.5.5" }
|
||||
params: { "pseudonym_session[unique_id]" => "nobody@example.com", "pseudonym_session[password]" => "asdfasdf" },
|
||||
headers: { "REMOTE_ADDR" => "5.5.5.5" }
|
||||
follow_redirect! while response.redirect?
|
||||
expect(response.body).to match(/Too many failed login attempts/)
|
||||
end
|
||||
|
|
@ -368,8 +369,8 @@ describe "security" do
|
|||
expect(response.body).to match(/Too many failed login attempts/)
|
||||
# should still fail
|
||||
post "/login",
|
||||
{ "pseudonym_session[unique_id]" => "nobody@example.com", "pseudonym_session[password]" => "asdfasdf" },
|
||||
{ "REMOTE_ADDR" => "5.5.5.7" }
|
||||
params: { "pseudonym_session[unique_id]" => "nobody@example.com", "pseudonym_session[password]" => "asdfasdf" },
|
||||
headers: { "REMOTE_ADDR" => "5.5.5.7" }
|
||||
follow_redirect! while response.redirect?
|
||||
expect(response.body).to match(/Too many failed login attempts/)
|
||||
end
|
||||
|
|
@ -382,8 +383,8 @@ describe "security" do
|
|||
# ever block the IP address as a whole
|
||||
user_with_pseudonym(:active_user => true, :username => "second@example.com", :password => "12341234").save!
|
||||
post "/login",
|
||||
{ "pseudonym_session[unique_id]" => "second@example.com", "pseudonym_session[password]" => "12341234" },
|
||||
{ "REMOTE_ADDR" => "5.5.5.5" }
|
||||
params: { "pseudonym_session[unique_id]" => "second@example.com", "pseudonym_session[password]" => "12341234" },
|
||||
headers: { "REMOTE_ADDR" => "5.5.5.5" }
|
||||
follow_redirect! while response.redirect?
|
||||
expect(request.fullpath).to eql("/?login_success=1")
|
||||
end
|
||||
|
|
@ -401,8 +402,8 @@ describe "security" do
|
|||
expect(response.body).to match(/Too many failed login attempts/)
|
||||
# should still fail
|
||||
post "/login",
|
||||
{ "pseudonym_session[unique_id]" => "nobody@example.com", "pseudonym_session[password]" => "asdfasdf" },
|
||||
{ "REMOTE_ADDR" => "5.5.5.5" }
|
||||
params: { "pseudonym_session[unique_id]" => "nobody@example.com", "pseudonym_session[password]" => "asdfasdf" },
|
||||
headers: { "REMOTE_ADDR" => "5.5.5.5" }
|
||||
follow_redirect! while response.redirect?
|
||||
expect(response.body).to match(/Too many failed login attempts/)
|
||||
end
|
||||
|
|
@ -427,11 +428,11 @@ describe "security" do
|
|||
@course.reload
|
||||
|
||||
user_session(@student)
|
||||
post "/courses/#{@course.id}/user_lists.json", :user_list => "A1234567, A345678"
|
||||
post "/courses/#{@course.id}/user_lists.json", params: {:user_list => "A1234567, A345678"}
|
||||
expect(response).not_to be_success
|
||||
|
||||
user_session(@teacher)
|
||||
post "/courses/#{@course.id}/user_lists.json", :user_list => "A1234567, A345678"
|
||||
post "/courses/#{@course.id}/user_lists.json", params: {:user_list => "A1234567, A345678"}
|
||||
assert_response :success
|
||||
expect(json_parse).to eq({
|
||||
"duplicates" => [],
|
||||
|
|
@ -548,7 +549,7 @@ describe "security" do
|
|||
|
||||
it "should remember the destination with an intervening auth" do
|
||||
token = SessionPersistenceToken.generate(@admin.pseudonyms.first)
|
||||
get "/", {}, "HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"
|
||||
get "/", headers: {"HTTP_COOKIE" => "pseudonym_credentials=#{token.pseudonym_credentials}"}
|
||||
expect(response).to be_success
|
||||
expect(cookies['_normandy_session']).to be_present
|
||||
expect(session[:used_remember_me_token]).to be_truthy
|
||||
|
|
@ -561,7 +562,7 @@ describe "security" do
|
|||
expect(response).to redirect_to login_url
|
||||
expect(flash[:warning]).not_to be_empty
|
||||
|
||||
post "/login", :pseudonym_session => { :unique_id => @admin.pseudonyms.first.unique_id, :password => 'password' }
|
||||
post "/login", params: {:pseudonym_session => { :unique_id => @admin.pseudonyms.first.unique_id, :password => 'password' }}
|
||||
expect(response).to redirect_to user_masquerade_url(@student)
|
||||
expect(session[:used_remember_me_token]).not_to be_truthy
|
||||
|
||||
|
|
@ -996,7 +997,7 @@ describe "security" do
|
|||
delete "/courses/#{@course.id}"
|
||||
assert_status(401)
|
||||
|
||||
delete "/courses/#{@course.id}", :event => 'delete'
|
||||
delete "/courses/#{@course.id}", params: {:event => 'delete'}
|
||||
assert_status(401)
|
||||
|
||||
add_permission :manage_courses
|
||||
|
|
@ -1021,7 +1022,7 @@ describe "security" do
|
|||
get "/courses/#{@course.id}/copy"
|
||||
expect(response).to be_success
|
||||
|
||||
delete "/courses/#{@course.id}", :event => 'delete'
|
||||
delete "/courses/#{@course.id}", params: {:event => 'delete'}
|
||||
expect(response).to be_redirect
|
||||
|
||||
expect(@course.reload).to be_deleted
|
||||
|
|
@ -1092,7 +1093,7 @@ describe "security" do
|
|||
expect(response).to be_success
|
||||
expect(response.body).not_to match 'End this Course'
|
||||
|
||||
delete "/courses/#{@course.id}", :event => 'conclude'
|
||||
delete "/courses/#{@course.id}", params: {:event => 'conclude'}
|
||||
assert_status(401)
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ describe 'session token', type: :request do
|
|||
|
||||
it "should work" do
|
||||
get 'https://www.example.com/login/session_token?return_to=https://www.example.com/courses',
|
||||
access_token: access_token
|
||||
params: {access_token: access_token}
|
||||
expect(response).to be_success
|
||||
json = JSON.parse(response.body)
|
||||
expect(json['session_url']).to match %r{^https://www.example.com/courses\?session_token=[0-9a-zA-Z_\-]+$}
|
||||
|
|
|
|||
|
|
@ -28,11 +28,11 @@ describe "User Content" do
|
|||
obj_data = "<div>test</div>"
|
||||
snippet = Base64.encode64 obj_data
|
||||
sig = Canvas::Security.hmac_sha1(snippet)
|
||||
post "http://files.example.com/object_snippet", :object_data => snippet, :s => sig
|
||||
post "http://files.example.com/object_snippet", params: {:object_data => snippet, :s => sig}
|
||||
expect(response).to be_success
|
||||
expect(response.body).to be_include(obj_data)
|
||||
|
||||
post "http://canvas.example.com/object_snippet", :object_data => snippet, :s => sig
|
||||
post "http://canvas.example.com/object_snippet", params: {:object_data => snippet, :s => sig}
|
||||
assert_status(400)
|
||||
expect(response.body).to be_blank
|
||||
end
|
||||
|
|
@ -44,7 +44,7 @@ describe "User Content" do
|
|||
obj_data = "<div>test</div>"
|
||||
snippet = Base64.encode64 obj_data
|
||||
sig = Canvas::Security.hmac_sha1(snippet)
|
||||
post "http://files.example.com/object_snippet", :object_data => snippet, :s => sig
|
||||
post "http://files.example.com/object_snippet", params: {:object_data => snippet, :s => sig}
|
||||
expect(response).to be_success
|
||||
expect(response.body).to be_include(obj_data)
|
||||
end
|
||||
|
|
|
|||
|
|
@ -483,8 +483,8 @@ RSpec.configure do |config|
|
|||
|
||||
def login_as(username = "nobody@example.com", password = "asdfasdf")
|
||||
post "/login",
|
||||
"pseudonym_session[unique_id]" => username,
|
||||
"pseudonym_session[password]" => password
|
||||
params: {"pseudonym_session[unique_id]" => username,
|
||||
"pseudonym_session[password]" => password}
|
||||
follow_redirect! while response.redirect?
|
||||
assert_response :success
|
||||
expect(request.fullpath).to eq "/?login_success=1"
|
||||
|
|
|
|||
Loading…
Reference in New Issue