trabajo-afectivo/spec/db/migrate/forget_insecure_sessions_spec.rb
2022-01-01 14:38:12 +01:00

30 lines
810 B
Ruby

# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
require 'rails_helper'
RSpec.describe ForgetInsecureSessions, type: :db_migration do
before do
5.times do
ActiveRecord::SessionStore::Session.create(
session_id: SecureRandom.hex(16),
data: SecureRandom.base64(10)
)
end
end
context 'for HTTP deployment' do
before { Setting.set('http_type', 'http') }
it 'does not delete existing sessions' do
expect { migrate }.not_to change(ActiveRecord::SessionStore::Session, :count)
end
end
context 'for HTTPS deployment' do
before { Setting.set('http_type', 'https') }
it 'deletes all existing sessions' do
expect { migrate }.to change(ActiveRecord::SessionStore::Session, :count).to(0)
end
end
end