t: add update email/password related test

diff --git a/src/newslash_web/t/api/user.t b/src/newslash_web/t/api/user.t
index 26d5801..3b4c548 100644 (file)
--- a/src/newslash_web/t/api/user.t
+++ b/src/newslash_web/t/api/user.t
@@ -142,7 +142,7 @@ subtest 'update email' => sub {
     my $validate_mail = pop @$que;
     ok($validate_mail, "retrieve validate mail");
     is($validate_mail->{to}, $new_address, "validate mail address is correct");
-    my $url_regex = qr|/my/change_email\?nickname=$user->{nickname}&token=(\S+)|;
+    my $url_regex = qr|/my/change_email\?token=(\S+)|;
     ok($validate_mail->{body} =~ $url_regex, "validate mail has correct url");
     my $token = $1;
     ok($token, "extract token from mail");
@@ -152,7 +152,7 @@ subtest 'update email' => sub {
     my $notify_mail = pop @$que;
     ok($notify_mail, "retrieve notify mail");
     is($notify_mail->{to}, $user->{realemail}, "notify mail address is correct");
-    my $notify_url = "/my/change_email?nickname=$user->{nickname}&cancel=1";
+    my $notify_url = "/my/change_email?cancel=1";
     my $index = index($notify_mail->{body}, $notify_url);
     ok($index != -1, "notify mail has correct url");
     diag Dumper $notify_mail if $index == 1;
@@ -171,6 +171,57 @@ subtest 'update email' => sub {
         ok($delta < 3600, "new_email_ts is updated");
     }
 
+    # verify token
+    # check with invalid user
+    $test_man->logout;
+    $t->get_ok("/my/change_email?token=$token")
+      ->status_is(307); # redirect
+
+    # check with invalid token
+    $test_man->login($user);
+    $t->get_ok("/my/change_email?token=hogehoge")
+      ->status_is(400);
+
+    # check with valid token
+    $t->get_ok("/my/change_email?token=$token")
+      ->status_is(200);
+    diag $t->tx->res->body if !$t->success;
+
+    # check if update done correctly
+    my $u = $users->select(uid => $user->{uid});
+    is($u->{realemail}, $new_address, "realemail updated correctly");
+    $params = $users->param->select(uid => $u->{uid});
+    ok(!$params->{new_email}, "new_email cleared");
+    ok(!$params->{new_email_token}, "new_email_token cleared");
+    ok(!$params->{new_email_token_ts}, "new_email_token_ts cleared");
+
+    # request and cancel
+    $new_address = 'test2test@example.com';
+    ok($users->param->set(uid => $user->{uid},
+                          name => "new_email",
+                          value => $new_address),
+       "set new address");
+    $token = $t->app->users->generate_email_change_token($u->{uid});
+    $t->get_ok("/my/change_email?cancel=1")
+      ->status_is(200);
+
+    # check if update done correctly
+    $u = $users->select(uid => $user->{uid});
+    isnt($u->{realemail}, $new_address, "realemail didn't update");
+    $params = $users->param->select(uid => $u->{uid});
+    ok(!$params->{new_email}, "new_email cleared");
+    ok(!$params->{new_email_token}, "new_email_token cleared");
+    ok(!$params->{new_email_token_ts}, "new_email_token_ts cleared");
+
+    # restore email for next test
+    ok($users->param->set(uid => $user->{uid},
+                          name => "new_email",
+                          value => $user->{realemail}),
+       "set old address");
+    $token = $t->app->users->generate_email_change_token($u->{uid});
+    $t->get_ok("/my/change_email?token=$token")
+      ->status_is(200);
+
     # done
     $test_man->logout;
 };
@@ -205,7 +256,7 @@ subtest 'update password' => sub {
 
     # check if event processed correctly
     my $handlers = Newslash::Eventd::Handlers->new($t->app, { test => 1 });
-    my $rs = $handlers->execute($ev->[0]);
+    $rs = $handlers->execute($ev->[0]);
     ok($rs, "event processed correctly");
 
     # check email que