discourse/spec/jobs/invalidate_inactive_admins_spec.rb

# frozen_string_literal: true

RSpec.describe Jobs::InvalidateInactiveAdmins do
  subject(:job) { Jobs::InvalidateInactiveAdmins.new.execute({}) }

  fab!(:active_admin) { Fabricate(:admin, last_seen_at: 1.hour.ago) }

  before { active_admin.email_tokens.update_all(confirmed: true) }

  it "does nothing when all admins have been seen recently" do
    SiteSetting.invalidate_inactive_admin_email_after_days = 365
    job
    expect(active_admin.reload.active).to eq(true)
    expect(active_admin.email_tokens.where(confirmed: true).exists?).to eq(true)
  end

  context "with an admin who hasn't been seen recently" do
    fab!(:not_seen_admin) { Fabricate(:admin, last_seen_at: 370.days.ago) }
    before { not_seen_admin.email_tokens.update_all(confirmed: true) }

    context "when invalidate_inactive_admin_email_after_days = 365" do
      before { SiteSetting.invalidate_inactive_admin_email_after_days = 365 }

      it "marks email tokens as unconfirmed" do
        job
        expect(not_seen_admin.reload.email_tokens.where(confirmed: true).exists?).to eq(false)
      end

      it "makes the user as not active and logs the action" do
        job
        expect(not_seen_admin.reload.active).to eq(false)

        log = UserHistory.last
        expect(log.target_user_id).to eq(not_seen_admin.id)
        expect(log.action).to eq(UserHistory.actions[:deactivate_user])
      end

      it "adds a staff log" do
        job
        expect(not_seen_admin.reload.active).to eq(false)
      end

      context "with social logins" do
        before do
          UserAssociatedAccount.create!(
            provider_name: "google_oauth2",
            user_id: not_seen_admin.id,
            provider_uid: 100,
            info: {
              email: "bob@google.account.com",
            },
          )
        end

        it "removes the social logins" do
          job
          expect(UserAssociatedAccount.where(user_id: not_seen_admin.id).exists?).to eq(false)
        end
      end

      it "doesn't deactivate admins with recent posts" do
        Fabricate(:post, user: not_seen_admin)
        job
        expect(not_seen_admin.reload.active).to eq(true)
      end

      it "doesn't deactivate admins with recently used api keys" do
        Fabricate(:api_key, user: not_seen_admin, last_used_at: 1.day.ago)
        job
        expect(not_seen_admin.reload.active).to eq(true)
      end
    end

    context "when invalidate_inactive_admin_email_after_days = 0 to disable this feature" do
      before { SiteSetting.invalidate_inactive_admin_email_after_days = 0 }

      it "does nothing" do
        job
        expect(active_admin.reload.active).to eq(true)
        expect(active_admin.email_tokens.where(confirmed: true).exists?).to eq(true)
        expect(not_seen_admin.reload.active).to eq(true)
        expect(not_seen_admin.email_tokens.where(confirmed: true).exists?).to eq(true)
      end
    end
  end
end
DEV: use #frozen_string_literal: true on all spec This change both speeds up specs (less strings to allocate) and helps catch cases where methods in Discourse are mutating inputs. Overall we will be migrating everything to use #frozen_string_literal: true it will take a while, but this is the first and safest move in this direction 2019-04-30 08:27:42 +08:00			`# frozen_string_literal: true`

Add RSpec 4 compatibility (#17652) * Remove outdated option https://github.com/rspec/rspec-core/commit/04078317ba6577699d06cf4dccf014254dcde7a6 * Use the non-globally exposed RSpec syntax https://github.com/rspec/rspec-core/pull/2803 * Use the non-globally exposed RSpec syntax, cont https://github.com/rspec/rspec-core/pull/2803 * Comply to strict predicate matchers See: - https://github.com/rspec/rspec-expectations/pull/1195 - https://github.com/rspec/rspec-expectations/pull/1196 - https://github.com/rspec/rspec-expectations/pull/1277 2022-07-28 10:27:38 +08:00			`RSpec.describe Jobs::InvalidateInactiveAdmins do`
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`subject(:job) { Jobs::InvalidateInactiveAdmins.new.execute({}) }`

DEV: Prefabrication (test optimization) (#7414) * Introduced fab!, a helper that creates database state for a group It's almost identical to let_it_be, except: 1. It creates a new object for each test by default, 2. You can disable it using PREFABRICATION=0 2019-05-07 11:12:20 +08:00			`fab!(:active_admin) { Fabricate(:admin, last_seen_at: 1.hour.ago) }`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`before { active_admin.email_tokens.update_all(confirmed: true) }`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00
			`it "does nothing when all admins have been seen recently" do`
			`SiteSetting.invalidate_inactive_admin_email_after_days = 365`
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`job`
FIX: invalidating inactive admin emails should mark them as not active 2018-12-13 06:07:49 +08:00			`expect(active_admin.reload.active).to eq(true)`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`expect(active_admin.email_tokens.where(confirmed: true).exists?).to eq(true)`
			`end`

			`context "with an admin who hasn't been seen recently" do`
DEV: Prefabrication (test optimization) (#7414) * Introduced fab!, a helper that creates database state for a group It's almost identical to let_it_be, except: 1. It creates a new object for each test by default, 2. You can disable it using PREFABRICATION=0 2019-05-07 11:12:20 +08:00			`fab!(:not_seen_admin) { Fabricate(:admin, last_seen_at: 370.days.ago) }`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`before { not_seen_admin.email_tokens.update_all(confirmed: true) }`

DEV: Use proper wording for contexts in specs 2022-07-28 00:14:14 +08:00			`context "when invalidate_inactive_admin_email_after_days = 365" do`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`before { SiteSetting.invalidate_inactive_admin_email_after_days = 365 }`

FIX: invalidating inactive admin emails should mark them as not active 2018-12-13 06:07:49 +08:00			`it "marks email tokens as unconfirmed" do`
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`job`
FIX: invalidating inactive admin emails should mark them as not active 2018-12-13 06:07:49 +08:00			`expect(not_seen_admin.reload.email_tokens.where(confirmed: true).exists?).to eq(false)`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`end`

FEATURE: Add message to log when admins are automatically deactivated 2020-01-28 20:16:24 +08:00			`it "makes the user as not active and logs the action" do`
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`job`
FEATURE: Add message to log when admins are automatically deactivated 2020-01-28 20:16:24 +08:00			`expect(not_seen_admin.reload.active).to eq(false)`

			`log = UserHistory.last`
			`expect(log.target_user_id).to eq(not_seen_admin.id)`
			`expect(log.action).to eq(UserHistory.actions[:deactivate_user])`
			`end`

			`it "adds a staff log" do`
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`job`
FIX: invalidating inactive admin emails should mark them as not active 2018-12-13 06:07:49 +08:00			`expect(not_seen_admin.reload.active).to eq(false)`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`end`

			`context "with social logins" do`
			`before do`
REFACTOR: Migrate GoogleOAuth2Authenticator to use ManagedAuthenticator (#7120) https://meta.discourse.org/t/future-social-authentication-improvements/94691/3 2019-03-07 19:31:04 +08:00			`UserAssociatedAccount.create!(`
			`provider_name: "google_oauth2",`
			`user_id: not_seen_admin.id,`
			`provider_uid: 100,`
			`info: {`
			`email: "bob@google.account.com",`
			`},`
			`)`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`end`

			`it "removes the social logins" do`
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`job`
REFACTOR: Migrate GoogleOAuth2Authenticator to use ManagedAuthenticator (#7120) https://meta.discourse.org/t/future-social-authentication-improvements/94691/3 2019-03-07 19:31:04 +08:00			`expect(UserAssociatedAccount.where(user_id: not_seen_admin.id).exists?).to eq(false)`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`end`
			`end`
FIX: Do not deactivate admin accounts with recent posts or api keys (#8342) This prevents 'bot' users being deactivated 2019-11-13 00:56:01 +08:00
			`it "doesn't deactivate admins with recent posts" do`
			`Fabricate(:post, user: not_seen_admin)`
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`job`
FIX: Do not deactivate admin accounts with recent posts or api keys (#8342) This prevents 'bot' users being deactivated 2019-11-13 00:56:01 +08:00			`expect(not_seen_admin.reload.active).to eq(true)`
			`end`

			`it "doesn't deactivate admins with recently used api keys" do`
			`Fabricate(:api_key, user: not_seen_admin, last_used_at: 1.day.ago)`
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`job`
FIX: Do not deactivate admin accounts with recent posts or api keys (#8342) This prevents 'bot' users being deactivated 2019-11-13 00:56:01 +08:00			`expect(not_seen_admin.reload.active).to eq(true)`
			`end`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`end`

DEV: Use proper wording for contexts in specs 2022-07-28 00:14:14 +08:00			`context "when invalidate_inactive_admin_email_after_days = 0 to disable this feature" do`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`before { SiteSetting.invalidate_inactive_admin_email_after_days = 0 }`

			`it "does nothing" do`
DEV: Update the rubocop-discourse gem This enables cops related to RSpec `subject`. See https://github.com/discourse/rubocop-discourse/pull/32 2023-06-21 22:00:19 +08:00			`job`
FIX: invalidating inactive admin emails should mark them as not active 2018-12-13 06:07:49 +08:00			`expect(active_admin.reload.active).to eq(true)`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`expect(active_admin.email_tokens.where(confirmed: true).exists?).to eq(true)`
FIX: invalidating inactive admin emails should mark them as not active 2018-12-13 06:07:49 +08:00			`expect(not_seen_admin.reload.active).to eq(true)`
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-13 04:32:14 +08:00			`expect(not_seen_admin.email_tokens.where(confirmed: true).exists?).to eq(true)`
			`end`
			`end`
			`end`
			`end`