Moritz
8ec4a07103
- User resource: update_user accepts role_id, manage_relationship :member - user_live/form: touch role_id, params_with_member_if_unchanged to avoid unlink - Handle Forbidden in form, extract error message for display - user_policies_test and form_test coverage
459 lines
14 KiB
Elixir
459 lines
14 KiB
Elixir
defmodule MvWeb.UserLive.FormTest do
|
|
# async: false to prevent PostgreSQL deadlocks when creating members and users
|
|
use MvWeb.ConnCase, async: false
|
|
import Phoenix.LiveViewTest
|
|
|
|
# Helper to setup authenticated connection and live view
|
|
defp setup_live_view(conn, path) do
|
|
conn = conn_with_oidc_user(conn, %{email: "admin@example.com"})
|
|
live(conn, path)
|
|
end
|
|
|
|
describe "new user form - display" do
|
|
@tag :ui
|
|
test "shows correct form elements and password field toggling", %{conn: conn} do
|
|
{:ok, view, html} = setup_live_view(conn, "/users/new")
|
|
|
|
# Basic form elements
|
|
assert html =~ "New User"
|
|
assert html =~ "Email"
|
|
assert html =~ "Set Password"
|
|
assert has_element?(view, "form#user-form[phx-submit='save']")
|
|
assert has_element?(view, "input[name='user[email]']")
|
|
assert has_element?(view, "input[type='checkbox'][name='set_password']")
|
|
|
|
# Password fields should be hidden initially
|
|
refute has_element?(view, "input[name='user[password]']")
|
|
refute has_element?(view, "input[name='user[password_confirmation]']")
|
|
|
|
# Toggle password fields
|
|
view |> element("input[name='set_password']") |> render_click()
|
|
|
|
# Password fields should now be visible
|
|
assert has_element?(view, "input[name='user[password]']")
|
|
assert has_element?(view, "input[name='user[password_confirmation]']")
|
|
assert render(view) =~ "Password requirements"
|
|
end
|
|
end
|
|
|
|
describe "new user form - creation" do
|
|
test "creates user without password", %{conn: conn} do
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/new")
|
|
|
|
view
|
|
|> form("#user-form", user: %{email: "newuser@example.com"})
|
|
|> render_submit()
|
|
|
|
assert_redirected(view, "/users")
|
|
end
|
|
|
|
test "creates user with password when enabled", %{conn: conn} do
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/new")
|
|
|
|
view |> element("input[name='set_password']") |> render_click()
|
|
|
|
view
|
|
|> form("#user-form",
|
|
user: %{
|
|
email: "passworduser@example.com",
|
|
password: "securepassword123",
|
|
password_confirmation: "securepassword123"
|
|
}
|
|
)
|
|
|> render_submit()
|
|
|
|
assert_redirected(view, "/users")
|
|
end
|
|
|
|
test "stores user data correctly", %{conn: conn} do
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/new")
|
|
|
|
view
|
|
|> form("#user-form", user: %{email: "storetest@example.com"})
|
|
|> render_submit()
|
|
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
|
|
user =
|
|
Ash.get!(
|
|
Mv.Accounts.User,
|
|
[email: Ash.CiString.new("storetest@example.com")],
|
|
domain: Mv.Accounts,
|
|
actor: system_actor
|
|
)
|
|
|
|
assert to_string(user.email) == "storetest@example.com"
|
|
assert is_nil(user.hashed_password)
|
|
end
|
|
|
|
test "stores password when provided", %{conn: conn} do
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/new")
|
|
|
|
view |> element("input[name='set_password']") |> render_click()
|
|
|
|
view
|
|
|> form("#user-form",
|
|
user: %{
|
|
email: "passwordstoretest@example.com",
|
|
password: "securepassword123",
|
|
password_confirmation: "securepassword123"
|
|
}
|
|
)
|
|
|> render_submit()
|
|
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
|
|
user =
|
|
Ash.get!(
|
|
Mv.Accounts.User,
|
|
[email: Ash.CiString.new("passwordstoretest@example.com")],
|
|
domain: Mv.Accounts,
|
|
actor: system_actor
|
|
)
|
|
|
|
assert user.hashed_password != nil
|
|
refute is_nil(user.hashed_password)
|
|
end
|
|
end
|
|
|
|
describe "new user form - validation" do
|
|
test "shows error for duplicate email", %{conn: conn} do
|
|
_existing_user = create_test_user(%{email: "existing@example.com"})
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/new")
|
|
|
|
html =
|
|
view
|
|
|> form("#user-form", user: %{email: "existing@example.com"})
|
|
|> render_submit()
|
|
|
|
assert html =~ "has already been taken"
|
|
end
|
|
|
|
test "shows error for short password", %{conn: conn} do
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/new")
|
|
|
|
view |> element("input[name='set_password']") |> render_click()
|
|
|
|
html =
|
|
view
|
|
|> form("#user-form",
|
|
user: %{
|
|
email: "test@example.com",
|
|
password: "123",
|
|
password_confirmation: "123"
|
|
}
|
|
)
|
|
|> render_submit()
|
|
|
|
assert html =~ "length must be greater than or equal to 8"
|
|
end
|
|
end
|
|
|
|
describe "edit user form - display" do
|
|
@tag :ui
|
|
test "shows correct form elements and admin password fields", %{conn: conn} do
|
|
user = create_test_user(%{email: "editme@example.com"})
|
|
{:ok, view, html} = setup_live_view(conn, "/users/#{user.id}/edit")
|
|
|
|
# Basic form elements
|
|
assert html =~ "Edit User"
|
|
assert html =~ "Change Password"
|
|
assert has_element?(view, "input[name='user[email]'][value='editme@example.com']")
|
|
assert html =~ "Check 'Change Password' above to set a new password for this user"
|
|
|
|
# Toggle admin password fields
|
|
view |> element("input[name='set_password']") |> render_click()
|
|
|
|
# Admin password fields should be visible (no confirmation field for admin)
|
|
assert has_element?(view, "input[name='user[password]']")
|
|
refute has_element?(view, "input[name='user[password_confirmation]']")
|
|
assert render(view) =~ "Admin Note"
|
|
end
|
|
end
|
|
|
|
describe "edit user form - updates" do
|
|
test "updates email without changing password", %{conn: conn} do
|
|
user = create_test_user(%{email: "old@example.com"})
|
|
original_password = user.hashed_password
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
|
|
|
|
view
|
|
|> form("#user-form", user: %{email: "new@example.com"})
|
|
|> render_submit()
|
|
|
|
assert_redirected(view, "/users")
|
|
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
updated_user = Ash.reload!(user, domain: Mv.Accounts, actor: system_actor)
|
|
assert to_string(updated_user.email) == "new@example.com"
|
|
assert updated_user.hashed_password == original_password
|
|
end
|
|
|
|
test "admin sets new password for user", %{conn: conn} do
|
|
user = create_test_user(%{email: "user@example.com"})
|
|
original_password = user.hashed_password
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
|
|
|
|
view |> element("input[name='set_password']") |> render_click()
|
|
|
|
view
|
|
|> form("#user-form",
|
|
user: %{
|
|
email: "user@example.com",
|
|
password: "newadminpassword123"
|
|
}
|
|
)
|
|
|> render_submit()
|
|
|
|
assert_redirected(view, "/users")
|
|
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
updated_user = Ash.reload!(user, domain: Mv.Accounts, actor: system_actor)
|
|
assert updated_user.hashed_password != original_password
|
|
assert not is_nil(updated_user.hashed_password)
|
|
assert updated_user.hashed_password != ""
|
|
end
|
|
|
|
test "admin can change user role and change persists", %{conn: conn} do
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
|
|
role_a = Mv.Fixtures.role_fixture("normal_user")
|
|
role_b = Mv.Fixtures.role_fixture("read_only")
|
|
|
|
user = create_test_user(%{email: "rolechange@example.com"})
|
|
{:ok, user} = Mv.Accounts.update_user(user, %{role_id: role_a.id}, actor: system_actor)
|
|
assert user.role_id == role_a.id
|
|
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
|
|
|
|
view
|
|
|> form("#user-form",
|
|
user: %{
|
|
email: "rolechange@example.com",
|
|
role_id: role_b.id
|
|
}
|
|
)
|
|
|> render_submit()
|
|
|
|
assert_redirected(view, "/users")
|
|
|
|
updated_user = Ash.reload!(user, domain: Mv.Accounts, actor: system_actor)
|
|
|
|
assert updated_user.role_id == role_b.id,
|
|
"Expected role_id to persist as #{role_b.id}, got #{inspect(updated_user.role_id)}"
|
|
end
|
|
end
|
|
|
|
describe "edit user form - validation" do
|
|
test "shows error for duplicate email", %{conn: conn} do
|
|
_existing_user = create_test_user(%{email: "taken@example.com"})
|
|
user_to_edit = create_test_user(%{email: "original@example.com"})
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/#{user_to_edit.id}/edit")
|
|
|
|
html =
|
|
view
|
|
|> form("#user-form", user: %{email: "taken@example.com"})
|
|
|> render_submit()
|
|
|
|
assert html =~ "has already been taken"
|
|
end
|
|
|
|
test "shows error for invalid password", %{conn: conn} do
|
|
user = create_test_user(%{email: "user@example.com"})
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
|
|
|
|
view |> element("input[name='set_password']") |> render_click()
|
|
|
|
result =
|
|
view
|
|
|> form("#user-form",
|
|
user: %{
|
|
email: "user@example.com",
|
|
password: "123"
|
|
}
|
|
)
|
|
|> render_submit()
|
|
|
|
case result do
|
|
{:error, {:live_redirect, %{to: "/users"}}} ->
|
|
flunk("Expected validation error but form was submitted successfully")
|
|
|
|
html when is_binary(html) ->
|
|
assert html =~ "must have length of at least 8"
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "member linking - display" do
|
|
test "shows linked member with unlink button when user has member", %{conn: conn} do
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
|
|
# Create member
|
|
{:ok, member} =
|
|
Mv.Membership.create_member(
|
|
%{
|
|
first_name: "John",
|
|
last_name: "Doe",
|
|
email: "john@example.com"
|
|
},
|
|
actor: system_actor
|
|
)
|
|
|
|
# Create user linked to member
|
|
user = create_test_user(%{email: "user@example.com"})
|
|
|
|
{:ok, _updated_user} =
|
|
Mv.Accounts.update_user(user, %{member: %{id: member.id}}, actor: system_actor)
|
|
|
|
# Load form
|
|
{:ok, view, html} = setup_live_view(conn, "/users/#{user.id}/edit")
|
|
|
|
# Should show linked member section
|
|
assert html =~ "Linked Member"
|
|
assert html =~ "John Doe"
|
|
assert html =~ "user@example.com"
|
|
assert has_element?(view, "button[phx-click='unlink_member']")
|
|
assert html =~ "Unlink Member"
|
|
end
|
|
|
|
test "shows member search field when user has no member", %{conn: conn} do
|
|
user = create_test_user(%{email: "user@example.com"})
|
|
{:ok, view, html} = setup_live_view(conn, "/users/#{user.id}/edit")
|
|
|
|
# Should show member search section
|
|
assert html =~ "Linked Member"
|
|
assert has_element?(view, "input[phx-change='search_members']")
|
|
# Should not show unlink button
|
|
refute has_element?(view, "button[phx-click='unlink_member']")
|
|
end
|
|
end
|
|
|
|
describe "member linking - workflow" do
|
|
test "selecting member and saving links member to user", %{conn: conn} do
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
|
|
# Create unlinked member
|
|
{:ok, member} =
|
|
Mv.Membership.create_member(
|
|
%{
|
|
first_name: "Jane",
|
|
last_name: "Smith",
|
|
email: "jane@example.com"
|
|
},
|
|
actor: system_actor
|
|
)
|
|
|
|
# Create user without member
|
|
user = create_test_user(%{email: "user@example.com"})
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
|
|
|
|
# Select member
|
|
view |> element("div[data-member-id='#{member.id}']") |> render_click()
|
|
|
|
# Submit form
|
|
view
|
|
|> form("#user-form", user: %{email: "user@example.com"})
|
|
|> render_submit()
|
|
|
|
assert_redirected(view, "/users")
|
|
|
|
# Verify member is linked
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
|
|
updated_user =
|
|
Ash.get!(Mv.Accounts.User, user.id,
|
|
domain: Mv.Accounts,
|
|
actor: system_actor,
|
|
load: [:member]
|
|
)
|
|
|
|
assert updated_user.member.id == member.id
|
|
end
|
|
|
|
test "unlinking member and saving removes member from user", %{conn: conn} do
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
|
|
# Create member
|
|
{:ok, member} =
|
|
Mv.Membership.create_member(
|
|
%{
|
|
first_name: "Bob",
|
|
last_name: "Wilson",
|
|
email: "bob@example.com"
|
|
},
|
|
actor: system_actor
|
|
)
|
|
|
|
# Create user linked to member
|
|
user = create_test_user(%{email: "user@example.com"})
|
|
{:ok, _} = Mv.Accounts.update_user(user, %{member: %{id: member.id}}, actor: system_actor)
|
|
|
|
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
|
|
|
|
# Click unlink button
|
|
view |> element("button[phx-click='unlink_member']") |> render_click()
|
|
|
|
# Submit form
|
|
view
|
|
|> form("#user-form", user: %{email: "user@example.com"})
|
|
|> render_submit()
|
|
|
|
assert_redirected(view, "/users")
|
|
|
|
# Verify member is unlinked
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
|
|
updated_user =
|
|
Ash.get!(Mv.Accounts.User, user.id,
|
|
domain: Mv.Accounts,
|
|
actor: system_actor,
|
|
load: [:member]
|
|
)
|
|
|
|
assert is_nil(updated_user.member)
|
|
end
|
|
end
|
|
|
|
describe "internationalization" do
|
|
@tag :ui
|
|
test "shows translated labels in different locales", %{conn: conn} do
|
|
# Test German labels
|
|
conn = conn_with_oidc_user(conn, %{email: "admin_de@example.com"})
|
|
conn = Plug.Test.init_test_session(conn, locale: "de")
|
|
{:ok, _view, html_de} = live(conn, "/users/new")
|
|
|
|
assert html_de =~ "Neue*r Benutzer*in"
|
|
assert html_de =~ "E-Mail"
|
|
assert html_de =~ "Passwort setzen"
|
|
|
|
# Test English labels
|
|
conn = conn_with_oidc_user(conn, %{email: "admin_en@example.com"})
|
|
conn = Plug.Test.init_test_session(conn, locale: "en")
|
|
{:ok, _view, html_en} = live(conn, "/users/new")
|
|
|
|
assert html_en =~ "New User"
|
|
assert html_en =~ "Email"
|
|
assert html_en =~ "Set Password"
|
|
|
|
# Test different labels for edit vs new
|
|
user = create_test_user(%{email: "test@example.com"})
|
|
conn = conn_with_oidc_user(conn, %{email: "admin@example.com"})
|
|
|
|
{:ok, _view, new_html} = live(conn, "/users/new")
|
|
{:ok, _view, edit_html} = live(conn, "/users/#{user.id}/edit")
|
|
|
|
assert new_html =~ "Set Password"
|
|
assert edit_html =~ "Change Password"
|
|
end
|
|
end
|
|
|
|
describe "system actor user" do
|
|
test "redirects to user list when editing system actor user", %{conn: conn} do
|
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
|
conn = conn_with_oidc_user(conn, %{email: "admin@example.com"})
|
|
|
|
assert {:error, {:live_redirect, %{to: "/users"}}} =
|
|
live(conn, "/users/#{system_actor.id}/edit")
|
|
end
|
|
end
|
|
end
|