basic testing for token based auth in tests

6 files changed, 54 insertions, 7 deletions

diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb
index 71dbc50..06e9e04 100644
--- a/users/app/controllers/controller_extension/token_authentication.rb
+++ b/users/app/controllers/controller_extension/token_authentication.rb
@@ -2,11 +2,10 @@ module ControllerExtension::TokenAuthentication
   extend ActiveSupport::Concern
 
   def token_authenticate
-    token = nil
-    authenticate_or_request_with_http_token do |token, options|
-      token = Token.find(token)
+    authenticate_or_request_with_http_token do |token_id, options|
+      @token = Token.find(token_id)
     end
-    User.find(token.user_id) if token
+    User.find_by_param(@token.user_id) if @token
   end
 end
 
diff --git a/users/test/factories.rb b/users/test/factories.rb
index 777704b..c87e290 100644
--- a/users/test/factories.rb
+++ b/users/test/factories.rb
@@ -18,4 +18,7 @@ FactoryGirl.define do
       end
     end
   end
+
+  factory :token
+
 end
diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb
index 2b2375c..44226ae 100644
--- a/users/test/functional/helper_methods_test.rb
+++ b/users/test/functional/helper_methods_test.rb
@@ -11,7 +11,7 @@ class HelperMethodsTest < ActionController::TestCase
   # we test them right in here...
   include ApplicationController._helpers
 
-  # they all reference the controller.
+  # the helpers all reference the controller.
   def controller
     @controller
   end
diff --git a/users/test/functional/test_helpers_test.rb b/users/test/functional/test_helpers_test.rb
new file mode 100644
index 0000000..d1bdb64
--- /dev/null
+++ b/users/test/functional/test_helpers_test.rb
@@ -0,0 +1,38 @@
+#
+# There are a few test helpers for dealing with login etc.
+# We test them here and also document their behaviour.
+#
+
+require 'test_helper'
+
+class TestHelpersTest < ActionController::TestCase
+  tests ApplicationController # testing no controller in particular
+
+  def test_login_stubs_warden
+    login
+    assert_equal @current_user, request.env['warden'].user
+  end
+
+  def test_login_token_authenticates
+    login
+    assert_equal @current_user, @controller.send(:token_authenticate)
+  end
+
+  def test_login_stubs_token
+    login
+    assert @token
+    assert_equal @current_user.id, @token.user_id
+  end
+
+  def test_login_adds_token_header
+    login
+    token_present = @controller.authenticate_with_http_token do |token, options|
+      assert_equal @token.id, token
+    end
+    # authenticate_with_http_token just returns nil and does not
+    # execute the block if there is no token. So we have to also
+    # ensure it was run:
+    assert token_present
+  end
+end
+
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
index 555b5db..ab6b1ac 100644
--- a/users/test/support/auth_test_helper.rb
+++ b/users/test/support/auth_test_helper.rb
@@ -13,8 +13,9 @@ module AuthTestHelper
     if user_or_method_hash.respond_to?(:reverse_merge)
       user_or_method_hash.reverse_merge! :is_admin? => false
     end
-    @current_user = stub_record(:user, user_or_method_hash, true)
+    @current_user = find_record(:user, user_or_method_hash)
     request.env['warden'] = stub :user => @current_user
+    request.env['HTTP_AUTHORIZATION'] = header_for_token_auth
     return @current_user
   end
 
@@ -37,6 +38,12 @@ module AuthTestHelper
     end
   end
 
+  protected
+
+  def header_for_token_auth
+    @token = find_record(:token, :user_id => @current_user.id)
+    ActionController::HttpAuthentication::Token.encode_credentials @token.id
+  end
 end
 
 class ActionController::TestCase
diff --git a/users/test/support/stub_record_helper.rb b/users/test/support/stub_record_helper.rb
index 8aa1973..b3460d2 100644
--- a/users/test/support/stub_record_helper.rb
+++ b/users/test/support/stub_record_helper.rb
@@ -1,7 +1,7 @@
 module StubRecordHelper
 
   #
-  # We will stub find_by_param or find_by_id to be called on klass and
+  # We will stub find_by_param or find to be called on klass and
   # return the record given.
   #
   # If no record is given but a hash or nil will create a stub based on