mirror of
https://github.com/discourse/discourse.git
synced 2024-11-30 03:23:44 +08:00
821bb1e8cb
The 'Discourse SSO' protocol is being rebranded to DiscourseConnect. This should help to reduce confusion when 'SSO' is used in the generic sense. This commit aims to: - Rename `sso_` site settings. DiscourseConnect specific ones are prefixed `discourse_connect_`. Generic settings are prefixed `auth_` - Add (server-side-only) backwards compatibility for the old setting names, with deprecation notices - Copy `site_settings` database records to the new names - Rename relevant translation keys - Update relevant translations This commit does **not** aim to: - Rename any Ruby classes or methods. This might be done in a future commit - Change any URLs. This would break existing integrations - Make any changes to the protocol. This would break existing integrations - Change any functionality. Further normalization across DiscourseConnect and other auth methods will be done separately The risks are: - There is no backwards compatibility for site settings on the client-side. Accessing auth-related site settings in Javascript is fairly rare, and an error on the client side would not be security-critical. - If a plugin is monkey-patching parts of the auth process, changes to locale keys could cause broken error messages. This should also be unlikely. The old site setting names remain functional, so security-related overrides will remain working. A follow-up commit will be made with a post-deploy migration to delete the old `site_settings` rows.
142 lines
4.3 KiB
Ruby
142 lines
4.3 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'rails_helper'
|
|
|
|
RSpec.describe CurrentUserSerializer do
|
|
context "when SSO is not enabled" do
|
|
fab!(:user) { Fabricate(:user) }
|
|
let :serializer do
|
|
CurrentUserSerializer.new(user, scope: Guardian.new, root: false)
|
|
end
|
|
|
|
it "should not include the external_id field" do
|
|
payload = serializer.as_json
|
|
expect(payload).not_to have_key(:external_id)
|
|
end
|
|
end
|
|
|
|
context "when SSO is enabled" do
|
|
let :user do
|
|
user = Fabricate(:user)
|
|
SingleSignOnRecord.create!(user_id: user.id, external_id: '12345', last_payload: '')
|
|
user
|
|
end
|
|
|
|
let :serializer do
|
|
CurrentUserSerializer.new(user, scope: Guardian.new, root: false)
|
|
end
|
|
|
|
it "should include the external_id" do
|
|
SiteSetting.discourse_connect_url = "http://example.com/discourse_sso"
|
|
SiteSetting.discourse_connect_secret = "12345678910"
|
|
SiteSetting.enable_discourse_connect = true
|
|
payload = serializer.as_json
|
|
expect(payload[:external_id]).to eq("12345")
|
|
end
|
|
end
|
|
|
|
context "#top_category_ids" do
|
|
fab!(:user) { Fabricate(:user) }
|
|
fab!(:category1) { Fabricate(:category) }
|
|
fab!(:category2) { Fabricate(:category) }
|
|
fab!(:category3) { Fabricate(:category) }
|
|
let :serializer do
|
|
CurrentUserSerializer.new(user, scope: Guardian.new, root: false)
|
|
end
|
|
|
|
it "should include empty top_category_ids array" do
|
|
payload = serializer.as_json
|
|
expect(payload[:top_category_ids]).to eq([])
|
|
end
|
|
|
|
it "should include correct id in top_category_ids array" do
|
|
_category = Category.first
|
|
CategoryUser.create!(user_id: user.id,
|
|
category_id: category1.id,
|
|
notification_level: CategoryUser.notification_levels[:tracking])
|
|
|
|
CategoryUser.create!(user_id: user.id,
|
|
category_id: category2.id,
|
|
notification_level: CategoryUser.notification_levels[:watching])
|
|
|
|
CategoryUser.create!(user_id: user.id,
|
|
category_id: category3.id,
|
|
notification_level: CategoryUser.notification_levels[:regular])
|
|
|
|
payload = serializer.as_json
|
|
expect(payload[:top_category_ids]).to eq([category2.id, category1.id])
|
|
end
|
|
end
|
|
|
|
context "#muted_tag_ids" do
|
|
fab!(:user) { Fabricate(:user) }
|
|
fab!(:tag) { Fabricate(:tag) }
|
|
let!(:tag_user) do
|
|
TagUser.create!(user_id: user.id,
|
|
notification_level: TagUser.notification_levels[:muted],
|
|
tag_id: tag.id
|
|
)
|
|
end
|
|
let :serializer do
|
|
CurrentUserSerializer.new(user, scope: Guardian.new, root: false)
|
|
end
|
|
|
|
it 'include muted tag ids' do
|
|
payload = serializer.as_json
|
|
expect(payload[:muted_tag_ids]).to eq([tag.id])
|
|
end
|
|
end
|
|
|
|
context "#second_factor_enabled" do
|
|
fab!(:user) { Fabricate(:user) }
|
|
let :serializer do
|
|
CurrentUserSerializer.new(user, scope: Guardian.new(user), root: false)
|
|
end
|
|
let(:json) { serializer.as_json }
|
|
|
|
it "is false by default" do
|
|
expect(json[:second_factor_enabled]).to eq(false)
|
|
end
|
|
|
|
context "when totp enabled" do
|
|
before do
|
|
User.any_instance.stubs(:totp_enabled?).returns(true)
|
|
end
|
|
|
|
it "is true" do
|
|
expect(json[:second_factor_enabled]).to eq(true)
|
|
end
|
|
end
|
|
|
|
context "when security_keys enabled" do
|
|
before do
|
|
User.any_instance.stubs(:security_keys_enabled?).returns(true)
|
|
end
|
|
|
|
it "is true" do
|
|
expect(json[:second_factor_enabled]).to eq(true)
|
|
end
|
|
end
|
|
end
|
|
|
|
context "#groups" do
|
|
fab!(:member) { Fabricate(:user) }
|
|
let :serializer do
|
|
CurrentUserSerializer.new(member, scope: Guardian.new, root: false)
|
|
end
|
|
|
|
it "should only show visible groups" do
|
|
Fabricate.build(:group, visibility_level: Group.visibility_levels[:public])
|
|
hidden_group = Fabricate.build(:group, visibility_level: Group.visibility_levels[:owners])
|
|
public_group = Fabricate.build(:group, visibility_level: Group.visibility_levels[:public], name: "UppercaseGroupName")
|
|
hidden_group.add(member)
|
|
hidden_group.save!
|
|
public_group.add(member)
|
|
public_group.save!
|
|
payload = serializer.as_json
|
|
|
|
expect(payload[:groups]).to eq([{ id: public_group.id, name: public_group.name }])
|
|
end
|
|
end
|
|
end
|