Fix remaining CSS selector and form field issues from UI/UX overhaul

This addresses the remaining test failures @jasnow reported in issue #486. Fixes: 1. Ambiguous Login button - Changed from click_button "Login" to find("input[type='submit'][value='Login']").click to specifically target the form submit button and avoid the header Login button 2. Fixed password_complexity_spec field names: - user_email → email - user_first_name → first_name - user_last_name → last_name - user_password → password - user_password_confirmation → password_confirmation - Submit → Create Account (correct button text) 3. Applied same selector fix to login helper in capybara_shared.rb These changes complete the test suite fixes for the new UI that was introduced in the file upload UX improvements. Related: #486 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-05 08:21:46 -05:00
parent 48e04c4c28
commit 5dd05249ec
4 changed files with 16 additions and 30 deletions
@@ -39,7 +39,7 @@ def login(user)
  visit "/"
  fill_in "email", with: user.email
  fill_in "password", with: user.clear_password
-  click_button "Login"
+  find("input[type='submit'][value='Login']").click
 end

 # Configure Selenium with headless Chrome for JavaScript testing
@@ -14,26 +14,18 @@ feature "broken_auth" do
    wrong_email = normal_user.email + "not"

    visit "/"
-    within(".signup") do
-      fill_in "email", with: wrong_email
-      fill_in "password", with: normal_user.clear_password
-    end
-    within(".actions") do
-      click_on "Login"
-    end
+    fill_in "email", with: wrong_email
+    fill_in "password", with: normal_user.clear_password
+    find("input[type='submit'][value='Login']").click

    expect(find("div#flash_notice").text).not_to include(wrong_email)
  end

  scenario "two\nTutorial: https://github.com/OWASP/railsgoat/wiki/A2-Credential-Enumeration" do
    visit "/"
-    within(".signup") do
-      fill_in "email", with: normal_user.email
-      fill_in "password", with: normal_user.clear_password + "not"
-    end
-    within(".actions") do
-      click_on "Login"
-    end
+    fill_in "email", with: normal_user.email
+    fill_in "password", with: normal_user.clear_password + "not"
+    find("input[type='submit'][value='Login']").click

    expect(find("div#flash_notice").text).not_to include("Incorrect Password!")
  end
@@ -13,14 +13,12 @@ feature "password complexity" do
    new_user_email = normal_user.email + "two"

    visit "/signup"
-    within(".signup") do
-      fill_in "user_email", with: new_user_email
-      fill_in "user_first_name", with: normal_user.first_name
-      fill_in "user_last_name", with: normal_user.last_name + "not"
-      fill_in "user_password", with: "password"
-      fill_in "user_password_confirmation", with: "password"
-    end
-    click_on "Submit"
+    fill_in "email", with: new_user_email
+    fill_in "first_name", with: normal_user.first_name
+    fill_in "last_name", with: normal_user.last_name + "not"
+    fill_in "password", with: "password"
+    fill_in "password_confirmation", with: "password"
+    click_on "Create Account"

    expect(User.find_by(email: new_user_email)).to be_nil
    expect(current_path).to eq("/signup")
@@ -12,13 +12,9 @@ feature "unvalidated redirect" do

  scenario "attack\nTutorial: https://github.com/OWASP/railsgoat/wiki/A10-Unvalidated-Redirects-and-Forwards-(redirect_to)", js: true do
    visit "/?url=http://example.com/do/evil/things"
-    within(".signup") do
-      fill_in "email", with: normal_user.email
-      fill_in "password", with: normal_user.clear_password
-    end
-    within(".actions") do
-      click_on "Login"
-    end
+    fill_in "email", with: normal_user.email
+    fill_in "password", with: normal_user.clear_password
+    find("input[type='submit'][value='Login']").click

    expect(current_url).to start_with("http://127.0.0.1")
    expect(current_path).to eq("/dashboard/home")