Merge branch 'master' into feature/authentication_generic_error

Conflicts: app/views/layouts/_messages.html.haml app/views/layouts/application.html.haml users/app/assets/javascripts/users.js.coffee
author: jessib <jessib@leap.se> 2013-07-09 11:53:58 -0700
committer: jessib <jessib@leap.se> 2013-07-09 11:53:58 -0700
commit: 09b7f01cac6df1ae11f4129b20b781b78a3706ac (patch)
tree: 3921eaa5edd03d80e6b402c5c2f88dda6338ab3a /users/test
parent: 9979b50848ce27730f880159512933e50d5ae0e4 (diff)
parent: 3113f8b814417a896ad5340fda88927733f8ab22 (diff)
6 files changed, 95 insertions, 74 deletions
diff --git a/users/test/factories.rb b/users/test/factories.rb
index 6b094bd..777704b 100644
--- a/users/test/factories.rb
+++ b/users/test/factories.rb
@@ -13,7 +13,9 @@ FactoryGirl.define do
     end
 
     factory :admin_user do
-      is_admin? true
+      after(:build) do |admin|
+        admin.stubs(:is_admin?).returns(true)
+      end
     end
   end
 end
diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb
index fd8869a..92a5f6c 100644
--- a/users/test/functional/users_controller_test.rb
+++ b/users/test/functional/users_controller_test.rb
@@ -79,33 +79,6 @@ class UsersControllerTest < ActionController::TestCase
     assert_redirected_to users_path
   end
 
-  test "should create new user" do
-    user_attribs = record_attributes_for :user
-    user = User.new(user_attribs)
-    User.expects(:create).with(user_attribs).returns(user)
-
-
-    post :create, :user => user_attribs, :format => :json
-
-
-    assert_nil session[:user_id]
-    assert_json_response user
-    assert_response :success
-  end
-
-  test "should redirect to signup form on failed attempt" do
-    user_attribs = record_attributes_for :user
-    user_attribs.slice!('login')
-    user = User.new(user_attribs)
-    assert !user.valid?
-    User.expects(:create).with(user_attribs).returns(user)
-
-    post :create, :user => user_attribs, :format => :json
-
-    assert_json_error user.errors.messages
-    assert_response 422
-  end
-
   test "should get edit view" do
     user = find_record :user
 
@@ -115,34 +88,6 @@ class UsersControllerTest < ActionController::TestCase
     assert_equal user, assigns[:user]
   end
 
-  test "user can change settings" do
-    user = find_record :user
-    changed_attribs = record_attributes_for :user_with_settings
-    user.expects(:attributes=).with(changed_attribs)
-    user.expects(:changed?).returns(true)
-    user.expects(:save).returns(true)
-
-    login user
-    put :update, :user => changed_attribs, :id => user.id, :format => :json
-
-    assert_equal user, assigns[:user]
-    assert_response 204
-    assert_equal " ", @response.body
-  end
-
-  # Eventually, admin will be able to update some user fields
-  test "admin cannot update user" do
-    user = find_record :user
-    changed_attribs = record_attributes_for :user_with_settings
-
-    login :is_admin? => true
-    put :update, :user => changed_attribs, :id => user.id, :format => :json
-
-    assert_response :redirect
-    assert_access_denied
-
-  end
-
   test "admin can destroy user" do
     user = find_record :user
     user.expects(:destroy)
@@ -162,7 +107,7 @@ class UsersControllerTest < ActionController::TestCase
     delete :destroy, :id => @current_user.id
 
     assert_response :redirect
-    assert_redirected_to login_path
+    assert_redirected_to root_path
   end
 
   test "non-admin can't destroy user" do
@@ -189,14 +134,6 @@ class UsersControllerTest < ActionController::TestCase
     assert_access_denied
   end
 
-  test "admin can autocomplete users" do
-    login :is_admin? => true
-    get :index, :format => :json
-
-    assert_response :success
-    assert assigns(:users)
-  end
-
   test "admin can search users" do
     login :is_admin? => true
     get :index, :query => "a"
diff --git a/users/test/functional/v1/users_controller_test.rb b/users/test/functional/v1/users_controller_test.rb
new file mode 100644
index 0000000..0d44e50
--- /dev/null
+++ b/users/test/functional/v1/users_controller_test.rb
@@ -0,0 +1,70 @@
+require 'test_helper'
+
+class V1::UsersControllerTest < ActionController::TestCase
+
+  test "user can change settings" do
+    user = find_record :user
+    changed_attribs = record_attributes_for :user_with_settings
+    user.expects(:update_attributes).with(changed_attribs)
+
+    login user
+    put :update, :user => changed_attribs, :id => user.id, :format => :json
+
+    assert_equal user, assigns[:user]
+    assert_response 204
+    assert_equal " ", @response.body
+  end
+
+  test "admin can update user" do
+    user = find_record :user
+    changed_attribs = record_attributes_for :user_with_settings
+    user.expects(:update_attributes).with(changed_attribs)
+
+    login :is_admin? => true
+    put :update, :user => changed_attribs, :id => user.id, :format => :json
+
+    assert_equal user, assigns[:user]
+    assert_response 204
+  end
+
+  test "user cannot update other user" do
+    user = find_record :user
+    login
+    put :update, :user => record_attributes_for(:user_with_settings), :id => user.id, :format => :json
+    assert_access_denied
+  end
+
+  test "should create new user" do
+    user_attribs = record_attributes_for :user
+    user = User.new(user_attribs)
+    User.expects(:create).with(user_attribs).returns(user)
+
+    post :create, :user => user_attribs, :format => :json
+
+    assert_nil session[:user_id]
+    assert_json_response user
+    assert_response :success
+  end
+
+  test "should redirect to signup form on failed attempt" do
+    user_attribs = record_attributes_for :user
+    user_attribs.slice!('login')
+    user = User.new(user_attribs)
+    assert !user.valid?
+    User.expects(:create).with(user_attribs).returns(user)
+
+    post :create, :user => user_attribs, :format => :json
+
+    assert_json_error user.errors.messages
+    assert_response 422
+  end
+
+  test "admin can autocomplete users" do
+    login :is_admin? => true
+    get :index, :query => 'a', :format => :json
+
+    assert_response :success
+    assert assigns(:users)
+  end
+
+end
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index 1698105..2e45367 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -88,10 +88,11 @@ class AccountFlowTest < RackTest
     server_auth = @srp.authenticate(self)
     test_public_key = 'asdlfkjslfdkjasd'
     original_login = @user.login
-    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => test_public_key, :login => 'failed_login_name'}, :format => :json
+    new_login = 'zaph'
+    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => test_public_key, :login => new_login}, :format => :json
     @user.reload
     assert_equal test_public_key, @user.public_key
-    assert_equal original_login, @user.login
+    assert_equal new_login, @user.login
     # eventually probably want to remove most of this into a non-integration functional test
     # should not overwrite public key:
     put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:blee => :blah}, :format => :json
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
index c0fcf3a..555b5db 100644
--- a/users/test/support/auth_test_helper.rb
+++ b/users/test/support/auth_test_helper.rb
@@ -20,10 +20,18 @@ module AuthTestHelper
 
   def assert_access_denied(denied = true, logged_in = true)
     if denied
-      assert_equal({:alert => "Not authorized"}, flash.to_hash)
-      # todo: eventually probably eliminate separate conditions
-      assert_redirected_to login_path if !logged_in
-      assert_redirected_to root_path if logged_in
+      if @response.content_type == 'application/json'
+        assert_json_response('error' => I18n.t(:not_authorized))
+        assert_response :unprocessable_entity
+      else
+        if logged_in
+          assert_equal({:alert => I18n.t(:not_authorized)}, flash.to_hash)
+          assert_redirected_to root_url
+        else
+          assert_equal({:alert => I18n.t(:not_authorized_login)}, flash.to_hash)
+          assert_redirected_to login_url
+        end
+      end
     else
       assert flash[:alert].blank?
     end
diff --git a/users/test/support/stub_record_helper.rb b/users/test/support/stub_record_helper.rb
index 168a827..8aa1973 100644
--- a/users/test/support/stub_record_helper.rb
+++ b/users/test/support/stub_record_helper.rb
@@ -1,15 +1,18 @@
 module StubRecordHelper
 
-  # Will expect find_by_param or find_by_id to be called on klass and
+  #
+  # We will stub find_by_param or find_by_id to be called on klass and
   # return the record given.
+  #
   # If no record is given but a hash or nil will create a stub based on
   # that instead and returns the stub.
+  #
   def find_record(factory, attribs_hash = {})
-    attribs_hash.reverse_merge!(:id => Random.rand(10000).to_s)
+    attribs_hash = attribs_hash.reverse_merge(:id => Random.rand(10000).to_s)
     record = stub_record factory, attribs_hash
     klass = record.class
     finder = klass.respond_to?(:find_by_param) ? :find_by_param : :find
-    klass.expects(finder).with(record.to_param.to_s).returns(record)
+    klass.stubs(finder).with(record.to_param.to_s).returns(record)
     return record
   end
author	jessib <jessib@leap.se>	2013-07-09 11:53:58 -0700
committer	jessib <jessib@leap.se>	2013-07-09 11:53:58 -0700
commit	09b7f01cac6df1ae11f4129b20b781b78a3706ac (patch)
tree	3921eaa5edd03d80e6b402c5c2f88dda6338ab3a /users/test
parent	9979b50848ce27730f880159512933e50d5ae0e4 (diff)
parent	3113f8b814417a896ad5340fda88927733f8ab22 (diff)