Merge branch 'develop' into feature/service_level

2 files changed, 26 insertions, 12 deletions

diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index e41befa..edd0859 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -96,27 +96,41 @@ class AccountFlowTest < RackTest
     assert server_auth["M2"]
   end
 
-  test "update user" do
+  test "prevent changing login without changing password_verifier" do
     server_auth = @srp.authenticate(self)
-    test_public_key = 'asdlfkjslfdkjasd'
     original_login = @user.login
     new_login = 'zaph'
     User.find_by_login(new_login).try(:destroy)
     Identity.by_address.key(new_login + '@' + APP_CONFIG[:domain]).each do |identity|
       identity.destroy
     end
-    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => test_public_key, :login => new_login}, :format => :json
+    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:login => new_login}, :format => :json
     assert last_response.successful?
-    assert_equal test_public_key, Identity.for(@user).keys[:pgp]
     # does not change login if no password_verifier is present
     assert_equal original_login, @user.login
-    # eventually probably want to remove most of this into a non-integration functional test
-    # should not overwrite public key:
-    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:blee => :blah}, :format => :json
-    assert_equal test_public_key, Identity.for(@user).keys[:pgp]
-    # should overwrite public key:
-    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => nil}, :format => :json
+  end
+
+  test "upload pgp key" do
+    server_auth = @srp.authenticate(self)
+    key = FactoryGirl.build :pgp_key
+    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => key}, :format => :json
+    assert_equal key, Identity.for(@user).keys[:pgp]
+  end
+
+  # eventually probably want to remove most of this into a non-integration
+  # functional test
+  test "prevent uploading invalid key" do
+    server_auth = @srp.authenticate(self)
+    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => :blah}, :format => :json
     assert_nil Identity.for(@user).keys[:pgp]
   end
 
+  test "prevent emptying public key" do
+    server_auth = @srp.authenticate(self)
+    key = FactoryGirl.build :pgp_key
+    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => key}, :format => :json
+    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => ""}, :format => :json
+    assert_equal key, Identity.for(@user).keys[:pgp]
+  end
+
 end
diff --git a/users/test/integration/browser/account_test.rb b/users/test/integration/browser/account_test.rb
index b349489..3d281ae 100644
--- a/users/test/integration/browser/account_test.rb
+++ b/users/test/integration/browser/account_test.rb
@@ -66,7 +66,7 @@ class AccountTest < BrowserIntegrationTest
   end
 
   test "change pgp key" do
-    pgp_key = "My PGP Key Stub"
+    pgp_key = FactoryGirl.build :pgp_key
     username, password = submit_signup
     click_on "Account Settings"
     within('#update_pgp_key') do
@@ -76,7 +76,7 @@ class AccountTest < BrowserIntegrationTest
     page.assert_selector 'input[value="Saving..."]'
     # at some point we're done:
     page.assert_no_selector 'input[value="Saving..."]'
-    assert page.has_field? 'Public key', with: pgp_key
+    assert page.has_field? 'Public key', with: pgp_key.to_s
     user = User.find_by_login(username)
     assert_equal pgp_key, user.public_key
     user.account.destroy