summaryrefslogtreecommitdiff
path: root/users/test/functional
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2013-08-27 11:22:52 -0700
committerjessib <jessib@riseup.net>2013-08-27 11:22:52 -0700
commite481b8cbc05a858674a59ef36d695973622f6b3a (patch)
tree8a20143ce831d71076a8c3913664b3a67742ed6b /users/test/functional
parent441db4736e0cd003caf9c8f7b3fbdb1ffa72b969 (diff)
parentfdf9c5f9ea605020ea371de8e221efe8e5d5ba32 (diff)
Merge pull request #72 from azul/feature/token-based-auth
Feature: Token based auth
Diffstat (limited to 'users/test/functional')
-rw-r--r--users/test/functional/helper_methods_test.rb2
-rw-r--r--users/test/functional/test_helpers_test.rb38
-rw-r--r--users/test/functional/users_controller_test.rb12
-rw-r--r--users/test/functional/v1/sessions_controller_test.rb18
4 files changed, 60 insertions, 10 deletions
diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb
index 2b2375c..44226ae 100644
--- a/users/test/functional/helper_methods_test.rb
+++ b/users/test/functional/helper_methods_test.rb
@@ -11,7 +11,7 @@ class HelperMethodsTest < ActionController::TestCase
# we test them right in here...
include ApplicationController._helpers
- # they all reference the controller.
+ # the helpers all reference the controller.
def controller
@controller
end
diff --git a/users/test/functional/test_helpers_test.rb b/users/test/functional/test_helpers_test.rb
new file mode 100644
index 0000000..9bd01ad
--- /dev/null
+++ b/users/test/functional/test_helpers_test.rb
@@ -0,0 +1,38 @@
+#
+# There are a few test helpers for dealing with login etc.
+# We test them here and also document their behaviour.
+#
+
+require 'test_helper'
+
+class TestHelpersTest < ActionController::TestCase
+ tests ApplicationController # testing no controller in particular
+
+ def test_login_stubs_warden
+ login
+ assert_equal @current_user, request.env['warden'].user
+ end
+
+ def test_login_token_authenticates
+ login
+ assert_equal @current_user, @controller.send(:token_authenticate)
+ end
+
+ def test_login_stubs_token
+ login
+ assert @token
+ assert_equal @current_user, @token.user
+ end
+
+ def test_login_adds_token_header
+ login
+ token_present = @controller.authenticate_with_http_token do |token, options|
+ assert_equal @token.id, token
+ end
+ # authenticate_with_http_token just returns nil and does not
+ # execute the block if there is no token. So we have to also
+ # ensure it was run:
+ assert token_present
+ end
+end
+
diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb
index 0ce5cc2..96ae48c 100644
--- a/users/test/functional/users_controller_test.rb
+++ b/users/test/functional/users_controller_test.rb
@@ -59,19 +59,23 @@ class UsersControllerTest < ActionController::TestCase
assert_access_denied
end
- test "show for non-existing user" do
+ test "may not show non-existing user without auth" do
nonid = 'thisisnotanexistinguserid'
- # when unauthenticated:
get :show, :id => nonid
assert_access_denied(true, false)
+ end
- # when authenticated but not admin:
+ test "may not show non-existing user without admin" do
+ nonid = 'thisisnotanexistinguserid'
login
+
get :show, :id => nonid
assert_access_denied
+ end
- # when authenticated as admin:
+ test "redirect admin to user list for non-existing user" do
+ nonid = 'thisisnotanexistinguserid'
login :is_admin? => true
get :show, :id => nonid
assert_response :redirect
diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb
index 0c4e325..ff9fca1 100644
--- a/users/test/functional/v1/sessions_controller_test.rb
+++ b/users/test/functional/v1/sessions_controller_test.rb
@@ -7,7 +7,7 @@ class V1::SessionsControllerTest < ActionController::TestCase
setup do
@request.env['HTTP_HOST'] = 'api.lvh.me'
- @user = stub_record :user
+ @user = stub_record :user, {}, true
@client_hex = 'a123'
end
@@ -48,13 +48,22 @@ class V1::SessionsControllerTest < ActionController::TestCase
assert_response :success
assert json_response.keys.include?("id")
assert json_response.keys.include?("token")
+ assert token = Token.find(json_response['token'])
+ assert_equal @user.id, token.user_id
end
- test "logout should reset warden user" do
+ test "logout should reset session" do
expect_warden_logout
delete :destroy
- assert_response :redirect
- assert_redirected_to root_url
+ assert_response 204
+ end
+
+ test "logout should destroy token" do
+ login
+ expect_warden_logout
+ @token.expects(:destroy)
+ delete :destroy
+ assert_response 204
end
def expect_warden_logout
@@ -65,5 +74,4 @@ class V1::SessionsControllerTest < ActionController::TestCase
request.env['warden'].expects(:logout)
end
-
end