user tests -- user update has been moved entirely to api controller, so fix tests to reflect this.

author: elijah <elijah@riseup.net> 2013-07-04 02:44:11 -0700
committer: elijah <elijah@riseup.net> 2013-07-04 04:15:04 -0700
commit: 64bacc45ea1a023b154b07ec0790f762a79d20d5 (patch)
tree: 701cb9008508d869c5b40096850656662d9b190c /users
parent: 290d367ddb064c0aea4e0447441776fd69e29f6c (diff)
6 files changed, 83 insertions, 74 deletions
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index 81336be..5d45db5 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -28,11 +28,6 @@ class UsersController < UsersBaseController
     @user = User.new
   end
 
-  def create
-    @user = User.create(params[:user])
-    respond_with @user
-  end
-
   def show
   end
 
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index e117fc7..fda56f2 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -23,7 +23,6 @@ module V1
     end
 
     def update
-      @user = User.find_by_param(params[:id])
       @user.update_attributes params[:user]
       if @user.valid?
         flash[:notice] = t(:user_updated_successfully)
diff --git a/users/config/routes.rb b/users/config/routes.rb
index 693ae7a..b6d583e 100644
--- a/users/config/routes.rb
+++ b/users/config/routes.rb
@@ -13,7 +13,7 @@ Rails.application.routes.draw do
   resources :sessions, :only => [:new, :create, :update]
 
   get "signup" => "users#new", :as => "signup"
-  resources :users do
+  resources :users, :except => [:create, :update] do
     resource :overview, :only => [:show]
     resource :email_settings, :only => [:edit, :update]
     resources :email_aliases, :only => [:destroy], :id => /.*/
diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb
index 7f81c59..92a5f6c 100644
--- a/users/test/functional/users_controller_test.rb
+++ b/users/test/functional/users_controller_test.rb
@@ -79,33 +79,6 @@ class UsersControllerTest < ActionController::TestCase
     assert_redirected_to users_path
   end
 
-  test "should create new user" do
-    user_attribs = record_attributes_for :user
-    user = User.new(user_attribs)
-    User.expects(:create).with(user_attribs).returns(user)
-
-
-    post :create, :user => user_attribs, :format => :json
-
-
-    assert_nil session[:user_id]
-    assert_json_response user
-    assert_response :success
-  end
-
-  test "should redirect to signup form on failed attempt" do
-    user_attribs = record_attributes_for :user
-    user_attribs.slice!('login')
-    user = User.new(user_attribs)
-    assert !user.valid?
-    User.expects(:create).with(user_attribs).returns(user)
-
-    post :create, :user => user_attribs, :format => :json
-
-    assert_json_error user.errors.messages
-    assert_response 422
-  end
-
   test "should get edit view" do
     user = find_record :user
 
@@ -115,34 +88,6 @@ class UsersControllerTest < ActionController::TestCase
     assert_equal user, assigns[:user]
   end
 
-  test "user can change settings" do
-    user = find_record :user
-    changed_attribs = record_attributes_for :user_with_settings
-    user.expects(:attributes=).with(changed_attribs)
-    user.expects(:changed?).returns(true)
-    user.expects(:save).returns(true)
-
-    login user
-    put :update, :user => changed_attribs, :id => user.id, :format => :json
-
-    assert_equal user, assigns[:user]
-    assert_response 204
-    assert_equal " ", @response.body
-  end
-
-  # Eventually, admin will be able to update some user fields
-  test "admin cannot update user" do
-    user = find_record :user
-    changed_attribs = record_attributes_for :user_with_settings
-
-    login :is_admin? => true
-    put :update, :user => changed_attribs, :id => user.id, :format => :json
-
-    assert_response :redirect
-    assert_access_denied
-
-  end
-
   test "admin can destroy user" do
     user = find_record :user
     user.expects(:destroy)
@@ -189,14 +134,6 @@ class UsersControllerTest < ActionController::TestCase
     assert_access_denied
   end
 
-  test "admin can autocomplete users" do
-    login :is_admin? => true
-    get :index, :format => :json
-
-    assert_response :success
-    assert assigns(:users)
-  end
-
   test "admin can search users" do
     login :is_admin? => true
     get :index, :query => "a"
diff --git a/users/test/functional/v1/users_controller_test.rb b/users/test/functional/v1/users_controller_test.rb
new file mode 100644
index 0000000..0d44e50
--- /dev/null
+++ b/users/test/functional/v1/users_controller_test.rb
@@ -0,0 +1,70 @@
+require 'test_helper'
+
+class V1::UsersControllerTest < ActionController::TestCase
+
+  test "user can change settings" do
+    user = find_record :user
+    changed_attribs = record_attributes_for :user_with_settings
+    user.expects(:update_attributes).with(changed_attribs)
+
+    login user
+    put :update, :user => changed_attribs, :id => user.id, :format => :json
+
+    assert_equal user, assigns[:user]
+    assert_response 204
+    assert_equal " ", @response.body
+  end
+
+  test "admin can update user" do
+    user = find_record :user
+    changed_attribs = record_attributes_for :user_with_settings
+    user.expects(:update_attributes).with(changed_attribs)
+
+    login :is_admin? => true
+    put :update, :user => changed_attribs, :id => user.id, :format => :json
+
+    assert_equal user, assigns[:user]
+    assert_response 204
+  end
+
+  test "user cannot update other user" do
+    user = find_record :user
+    login
+    put :update, :user => record_attributes_for(:user_with_settings), :id => user.id, :format => :json
+    assert_access_denied
+  end
+
+  test "should create new user" do
+    user_attribs = record_attributes_for :user
+    user = User.new(user_attribs)
+    User.expects(:create).with(user_attribs).returns(user)
+
+    post :create, :user => user_attribs, :format => :json
+
+    assert_nil session[:user_id]
+    assert_json_response user
+    assert_response :success
+  end
+
+  test "should redirect to signup form on failed attempt" do
+    user_attribs = record_attributes_for :user
+    user_attribs.slice!('login')
+    user = User.new(user_attribs)
+    assert !user.valid?
+    User.expects(:create).with(user_attribs).returns(user)
+
+    post :create, :user => user_attribs, :format => :json
+
+    assert_json_error user.errors.messages
+    assert_response 422
+  end
+
+  test "admin can autocomplete users" do
+    login :is_admin? => true
+    get :index, :query => 'a', :format => :json
+
+    assert_response :success
+    assert assigns(:users)
+  end
+
+end
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
index c0fcf3a..555b5db 100644
--- a/users/test/support/auth_test_helper.rb
+++ b/users/test/support/auth_test_helper.rb
@@ -20,10 +20,18 @@ module AuthTestHelper
 
   def assert_access_denied(denied = true, logged_in = true)
     if denied
-      assert_equal({:alert => "Not authorized"}, flash.to_hash)
-      # todo: eventually probably eliminate separate conditions
-      assert_redirected_to login_path if !logged_in
-      assert_redirected_to root_path if logged_in
+      if @response.content_type == 'application/json'
+        assert_json_response('error' => I18n.t(:not_authorized))
+        assert_response :unprocessable_entity
+      else
+        if logged_in
+          assert_equal({:alert => I18n.t(:not_authorized)}, flash.to_hash)
+          assert_redirected_to root_url
+        else
+          assert_equal({:alert => I18n.t(:not_authorized_login)}, flash.to_hash)
+          assert_redirected_to login_url
+        end
+      end
     else
       assert flash[:alert].blank?
     end
author	elijah <elijah@riseup.net>	2013-07-04 02:44:11 -0700
committer	elijah <elijah@riseup.net>	2013-07-04 04:15:04 -0700
commit	64bacc45ea1a023b154b07ec0790f762a79d20d5 (patch)
tree	701cb9008508d869c5b40096850656662d9b190c /users
parent	290d367ddb064c0aea4e0447441776fd69e29f6c (diff)