basic admin controller methods and helpers + tests

5 files changed, 122 insertions, 2 deletions

diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb
index 64e1a55..0d6e5d1 100644
--- a/users/app/controllers/application_controller.rb
+++ b/users/app/controllers/application_controller.rb
@@ -1,14 +1,32 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
 
-  private
+  protected
 
   def current_user
     @current_user ||= User.find(session[:user_id]) if session[:user_id]
   end
   helper_method :current_user
 
+  def logged_in?
+    !!current_user
+  end
+  helper_method :logged_in?
+
   def authorize
-    redirect_to login_url, alert: "Not authorized" if current_user.nil?
+    access_denied unless logged_in?
+  end
+
+  def admin?
+    current_user && current_user.is_admin?
+  end
+  helper_method :admin?
+
+  def authorize_admin
+    access_denied unless admin?
+  end
+
+  def access_denied
+    redirect_to login_url, :alert => "Not authorized"
   end
 end
diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb
new file mode 100644
index 0000000..d13a354
--- /dev/null
+++ b/users/test/functional/application_controller_test.rb
@@ -0,0 +1,44 @@
+require 'test_helper'
+
+class ApplicationControllerTest < ActionController::TestCase
+
+  def setup
+    @user_id = stub
+    @user = stub
+    session[:user_id] = @user_id
+    # so we can test the effect on the response
+    @controller.response = @response
+  end
+
+  def test_authorize_redirect
+    session[:user_id] = nil
+    @controller.send(:authorize)
+    assert_access_denied
+  end
+
+  def test_current_user_with_caching
+    User.expects(:find).once.with(@user_id).returns(@user)
+    assert_equal @user, @controller.send(:current_user)
+    assert_equal @user, @controller.send(:current_user) # tests caching
+  end
+
+  def test_authorized
+    User.expects(:find).once.with(@user_id).returns(@user)
+    @controller.send(:authorize)
+  end
+
+  def test_admin
+    bool = stub
+    User.expects(:find).once.with(@user_id).returns(@user)
+    @user.expects(:is_admin?).returns(bool)
+    assert_equal bool, @controller.send(:admin?)
+  end
+
+  def test_authorize_admin
+    User.expects(:find).once.with(@user_id).returns(@user)
+    @user.expects(:is_admin?).returns(false)
+    @controller.send(:authorize_admin)
+    assert_access_denied
+  end
+
+end
diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb
new file mode 100644
index 0000000..0d76f63
--- /dev/null
+++ b/users/test/functional/helper_methods_test.rb
@@ -0,0 +1,48 @@
+#
+# Testing and documenting the helper methods available from
+# ApplicationController
+#
+
+require 'test_helper'
+
+class HelperMethodsTest < ActionController::TestCase
+  tests ApplicationController
+
+  # we test them right in here...
+  include ApplicationController._helpers
+
+  # they all reference the controller.
+  def controller
+    @controller
+  end
+
+  def setup
+    @user_id = stub
+    @user = stub
+    session[:user_id] = @user_id
+  end
+
+  def test_current_user_with_caching
+    User.expects(:find).once.with(@user_id).returns(@user)
+    assert_equal @user, current_user
+    assert_equal @user, current_user # tests caching
+  end
+
+  def test_logged_in
+    User.expects(:find).once.with(@user_id).returns(@user)
+    assert logged_in?
+  end
+
+  def test_logged_in
+    User.expects(:find).once.with(@user_id).returns(nil)
+    assert !logged_in?
+  end
+
+  def test_admin
+    bool = stub
+    User.expects(:find).once.with(@user_id).returns(@user)
+    @user.expects(:is_admin?).returns(bool)
+    assert_equal bool, admin?
+  end
+
+end
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
new file mode 100644
index 0000000..c30421f
--- /dev/null
+++ b/users/test/support/auth_test_helper.rb
@@ -0,0 +1,7 @@
+module AuthTestHelper
+
+  def assert_access_denied
+    assert_equal({:alert => "Not authorized"}, flash.to_hash)
+    assert_redirected_to login_path
+  end
+end
diff --git a/users/test/test_helper.rb b/users/test/test_helper.rb
index 08d4d41..ae6a35c 100644
--- a/users/test/test_helper.rb
+++ b/users/test/test_helper.rb
@@ -8,3 +8,6 @@ Rails.backtrace_cleaner.remove_silencers!
 # Load support files
 Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
 
+class ActionController::TestCase
+  include AuthTestHelper
+end