diff options
| author | azul <azul@riseup.net> | 2014-04-17 10:12:05 +0200 |
|---|---|---|
| committer | azul <azul@riseup.net> | 2014-04-17 10:12:05 +0200 |
| commit | 3513ad74f950b113af1ba1e3d06bc6a55c48fde5 (patch) | |
| tree | db49ebd4428053d5c8d720275b77594a531a1ad1 /test/integration/api/update_account_test.rb | |
| parent | cb6442c344d6bdaf52c3878b2de2fcf4d85f2648 (diff) | |
| parent | 3d3688647fab7049e5b531c45b85c1e46a1d528f (diff) | |
Merge pull request #146 from azul/refactor/engines
Refactor/engines
Diffstat (limited to 'test/integration/api/update_account_test.rb')
| -rw-r--r-- | test/integration/api/update_account_test.rb | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/test/integration/api/update_account_test.rb b/test/integration/api/update_account_test.rb new file mode 100644 index 0000000..63429e7 --- /dev/null +++ b/test/integration/api/update_account_test.rb @@ -0,0 +1,51 @@ +require 'test_helper' +require_relative 'srp_test' + +class UpdateAccountTest < SrpTest + + setup do + register_user + end + + test "require authentication" do + update_user password: "No! Verify me instead." + assert_access_denied + end + + test "require token" do + authenticate + put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', + user_params(password: "No! Verify me instead.") + assert_access_denied + end + + test "update password via api" do + authenticate + update_user password: "No! Verify me instead." + authenticate + assert last_response.successful? + assert_nil server_auth["errors"] + assert server_auth["M2"] + end + + test "change login with password_verifier" do + authenticate + new_login = 'zaph' + cleanup_user new_login + update_user login: new_login, password: @password + authenticate + assert last_response.successful? + assert_equal new_login, @user.reload.login + end + + test "prevent changing login without changing password_verifier" do + authenticate + original_login = @user.login + new_login = 'zaph' + cleanup_user new_login + update_user login: new_login + assert last_response.successful? + # does not change login if no password_verifier is present + assert_equal original_login, @user.reload.login + end +end |