Follow up fix for new disabled cookies with token auth.

This commit is contained in:
Martin Edenhofer 2016-08-01 23:04:24 +02:00
parent 5ad0d7a254
commit 75433beb6c
3 changed files with 19 additions and 12 deletions

View file

@ -148,7 +148,7 @@ log user device action
=end
def self.action(user_device_id, user_agent, ip, user_id, type)
user_device = UserDevice.find(user_device_id)
user_device = UserDevice.lookup(id: user_device_id)
# update location if needed
if user_device.ip != ip
@ -174,9 +174,12 @@ log user device action
end
end
# only update updated_at every 5 min.
return user_device if type != 'session' && (user_device.updated_at + 5.minutes) > Time.zone.now
# update attributes
user_device.updated_at = Time.zone.now # force update, also if no other attribute has changed
user_device.save
user_device.save!
user_device
end

View file

@ -227,7 +227,7 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
# create user with admin role
role = Role.lookup(name: 'Admin')
params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin_by_admin@example.com', role_ids: [ role.id ] }
post '/api/v1/users', params.to_json, @headers
post '/api/v1/users', params.to_json, @headers.merge('Authorization' => credentials)
assert_response(201)
result = JSON.parse(@response.body)
assert(result)
@ -239,7 +239,7 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
# create user with agent role
role = Role.lookup(name: 'Agent')
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent_by_admin@example.com', role_ids: [ role.id ] }
post '/api/v1/users', params.to_json, @headers
post '/api/v1/users', params.to_json, @headers.merge('Authorization' => credentials)
assert_response(201)
result = JSON.parse(@response.body)
assert(result)
@ -271,7 +271,7 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
# create user with admin role
role = Role.lookup(name: 'Admin')
params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin_by_agent@example.com', role_ids: [ role.id ] }
post '/api/v1/users', params.to_json, @headers
post '/api/v1/users', params.to_json, @headers.merge('Authorization' => credentials)
assert_response(401)
result = JSON.parse(@response.body)
assert(result)
@ -279,7 +279,7 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
# create user with agent role
role = Role.lookup(name: 'Agent')
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent_by_agent@example.com', role_ids: [ role.id ] }
post '/api/v1/users', params.to_json, @headers
post '/api/v1/users', params.to_json, @headers.merge('Authorization' => credentials)
assert_response(401)
result = JSON.parse(@response.body)
assert(result)
@ -287,7 +287,7 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
# create user with customer role
role = Role.lookup(name: 'Customer')
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent_by_agent@example.com', role_ids: [ role.id ] }
post '/api/v1/users', params.to_json, @headers
post '/api/v1/users', params.to_json, @headers.merge('Authorization' => credentials)
assert_response(201)
result = JSON.parse(@response.body)
assert(result)
@ -325,13 +325,13 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
# create user with admin role
role = Role.lookup(name: 'Admin')
params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin_by_customer1@example.com', role_ids: [ role.id ] }
post '/api/v1/users', params.to_json, @headers
post '/api/v1/users', params.to_json, @headers.merge('Authorization' => credentials)
assert_response(401)
# create user with agent role
role = Role.lookup(name: 'Agent')
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent_by_customer1@example.com', role_ids: [ role.id ] }
post '/api/v1/users', params.to_json, @headers
post '/api/v1/users', params.to_json, @headers.merge('Authorization' => credentials)
assert_response(401)
end

View file

@ -278,9 +278,12 @@ class UserDeviceControllerTest < ActionDispatch::IntegrationTest
assert_equal(0, email_notification_count('user_device_new_location', @admin.email))
assert_equal(result.class, Array)
user_device_last = UserDevice.last
assert_equal(user_device_last.id, user_device_first.id)
assert_equal(user_device_last.updated_at.to_s, user_device_first.updated_at.to_s)
ENV['USER_DEVICE_UPDATED_AT'] = (Time.zone.now - 4.hours).to_s
user_device_last.updated_at = Time.zone.now - 4.hours
user_device_last.save!
params = {}
get '/api/v1/users', params, @headers.merge('Authorization' => credentials)
assert_response(200)
@ -293,8 +296,9 @@ class UserDeviceControllerTest < ActionDispatch::IntegrationTest
assert_equal(0, email_notification_count('user_device_new_location', @admin.email))
assert_equal(result.class, Array)
user_device_last = UserDevice.last
assert_not_equal(user_device_last.updated_at.to_s, user_device_first.updated_at.to_s)
ENV['USER_DEVICE_UPDATED_AT'] = nil
assert_equal(user_device_last.id, user_device_first.id)
assert(user_device_last.updated_at > user_device_first.updated_at)
end
test '07 - login index with admin with basic auth' do