Merge branch 'master' into feature/show_user. Added new tests.

Conflicts:
	users/test/functional/users_controller_test.rb

9 files changed, 119 insertions, 82 deletions

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 4b6b06c..42900ea 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -18,8 +18,8 @@ class User < CouchRest::Model::Base
     :if => :serverside?
 
   validates :login,
-    :format => { :with => /\A[A-Za-z\d_]+\z/,
-      :message => "Only letters, digits and _ allowed" }
+    :format => { :with => /\A[A-Za-z\d_\.]+\z/,
+      :message => "Only letters, digits, . and _ allowed" }
 
   validates :password_salt, :password_verifier,
     :format => { :with => /\A[\dA-Fa-f]+\z/, :message => "Only hex numbers allowed" }
@@ -54,17 +54,11 @@ class User < CouchRest::Model::Base
 
   class << self
     alias_method :find_by_param, :find
-
-    # valid set of attributes for testing
-    def valid_attributes_hash
-      { :login => "me",
-        :password_verifier => "1234ABCD",
-        :password_salt => "4321AB" }
-    end
-
   end
 
-  alias_method :to_param, :id
+  def to_param
+    self.id
+  end
 
   def to_json(options={})
     {
diff --git a/users/test/factories.rb b/users/test/factories.rb
new file mode 100644
index 0000000..4bf7e62
--- /dev/null
+++ b/users/test/factories.rb
@@ -0,0 +1,20 @@
+FactoryGirl.define do
+
+  factory :user do
+    login { Faker::Internet.user_name }
+    password_verifier "1234ABCD"
+    password_salt "4321AB"
+
+    factory :user_with_settings do
+      email_forward { Faker::Internet.email }
+      email { Faker::Internet.user_name + '@' + APP_CONFIG[:domain] }
+      email_aliases_attributes do
+        {:a => Faker::Internet.user_name + '@' + APP_CONFIG[:domain]}
+      end
+    end
+
+    factory :admin_user do
+      is_admin? true
+    end
+  end
+end
diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb
index 1f6c868..46db4d1 100644
--- a/users/test/functional/users_controller_test.rb
+++ b/users/test/functional/users_controller_test.rb
@@ -10,14 +10,14 @@ class UsersControllerTest < ActionController::TestCase
   end
 
   test "failed show without login" do
-    user = find_record User
+    user = find_record :user
     get :show, :id => user.id
     assert_response :redirect
     assert_redirected_to login_path
   end
 
   test "user can see user" do
-    user = find_record User,
+    user = find_record :user,
       :email => nil,
       :email_forward => nil,
       :email_aliases => [],
@@ -29,34 +29,64 @@ class UsersControllerTest < ActionController::TestCase
     assert_response :success
   end
 
+  test "admin can see other user" do
+    user = find_record :user,
+      :email => nil,
+      :email_forward => nil,
+      :email_aliases => [],
+      :created_at => Time.now,
+      :updated_at => Time.now,
+      :most_recent_tickets => []
+    login :is_admin? => true
+    get :show, :id => user.id
+    assert_response :success
+
+  end
+  
+  test "user cannot see other user" do
+    user = find_record :user,
+      :email => nil,
+      :email_forward => nil,
+      :email_aliases => [],
+      :created_at => Time.now,
+      :updated_at => Time.now,
+      :most_recent_tickets => []
+    login
+    get :show, :id => user.id
+    assert_response :redirect
+    assert_access_denied
+  end
+
+
   test "should create new user" do
-    user = stub_record User
-    User.expects(:create).with(user.params).returns(user)
+    user_attribs = record_attributes_for :user
+    user = User.new(user_attribs)
+    User.expects(:create).with(user_attribs).returns(user)
+
+
+    post :create, :user => user_attribs, :format => :json
+
 
-    post :create, :user => user.params, :format => :json
     assert_nil session[:user_id]
     assert_json_response user
     assert_response :success
   end
 
   test "should redirect to signup form on failed attempt" do
-    params = User.valid_attributes_hash.slice(:login)
-    user = User.new(params)
-    params.stringify_keys!
+    user_attribs = record_attributes_for :user
+    user_attribs.slice!('login')
+    user = User.new(user_attribs)
     assert !user.valid?
-    User.expects(:create).with(params).returns(user)
+    User.expects(:create).with(user_attribs).returns(user)
 
-    post :create, :user => params, :format => :json
+    post :create, :user => user_attribs, :format => :json
 
     assert_json_error user.errors.messages
     assert_response 422
   end
 
   test "should get edit view" do
-    user = find_record User,
-      :email => nil,
-      :email_forward => nil,
-      :email_aliases => []
+    user = find_record :user
 
     login user
     get :edit, :id => user.id
@@ -65,14 +95,14 @@ class UsersControllerTest < ActionController::TestCase
   end
 
   test "user can change settings" do
-    user = find_record User
-    user.expects(:attributes=).with(user.params)
+    user = find_record :user
+    changed_attribs = record_attributes_for :user_with_settings
+    user.expects(:attributes=).with(changed_attribs)
     user.expects(:changed?).returns(true)
     user.expects(:save).returns(true)
-    user.stubs(:email_aliases).returns([])
 
     login user
-    put :update, :user => user.params, :id => user.id, :format => :json
+    put :update, :user => changed_attribs, :id => user.id, :format => :json
 
     assert_equal user, assigns[:user]
     assert_response 204
@@ -80,14 +110,15 @@ class UsersControllerTest < ActionController::TestCase
   end
 
   test "admin can update user" do
-    user = find_record User
-    user.expects(:attributes=).with(user.params)
+    user = find_record :user
+    changed_attribs = record_attributes_for :user_with_settings
+    user.expects(:attributes=).with(changed_attribs.stringify_keys)
     user.expects(:changed?).returns(true)
     user.expects(:save).returns(true)
     user.stubs(:email_aliases).returns([])
 
     login :is_admin? => true
-    put :update, :user => user.params, :id => user.id, :format => :json
+    put :update, :user => changed_attribs, :id => user.id, :format => :json
 
     assert_equal user, assigns[:user]
     assert_response 204
@@ -95,7 +126,7 @@ class UsersControllerTest < ActionController::TestCase
   end
 
   test "admin can destroy user" do
-    user = find_record User
+    user = find_record :user
     user.expects(:destroy)
 
     login :is_admin? => true
@@ -106,7 +137,7 @@ class UsersControllerTest < ActionController::TestCase
   end
 
   test "user can cancel account" do
-    user = find_record User
+    user = find_record :user
     user.expects(:destroy)
 
     login user
@@ -117,7 +148,7 @@ class UsersControllerTest < ActionController::TestCase
   end
 
   test "non-admin can't destroy user" do
-    user = stub_record User
+    user = find_record :user
 
     login
     delete :destroy, :id => user.id
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index 7636f2b..b9e2a4e 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -12,10 +12,6 @@ class AccountFlowTest < ActiveSupport::TestCase
     OUTER_APP
   end
 
-  def teardown
-    Warden.test_reset!
-  end
-
   def setup
     @login = "integration_test_user"
     User.find_by_login(@login).tap{|u| u.destroy if u}
@@ -31,7 +27,8 @@ class AccountFlowTest < ActiveSupport::TestCase
   end
 
   def teardown
-    @user.destroy if @user # make sure we can run this test again
+    @user.destroy if @user
+    Warden.test_reset!
   end
 
   # this test wraps the api and implements the interface the ruby-srp client.
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
index c9f5612..c0fcf3a 100644
--- a/users/test/support/auth_test_helper.rb
+++ b/users/test/support/auth_test_helper.rb
@@ -10,10 +10,10 @@ module AuthTestHelper
   end
 
   def login(user_or_method_hash = {})
-    @current_user = stub_record(User, user_or_method_hash)
-    unless @current_user.respond_to? :is_admin?
-      @current_user.stubs(:is_admin?).returns(false)
+    if user_or_method_hash.respond_to?(:reverse_merge)
+      user_or_method_hash.reverse_merge! :is_admin? => false
     end
+    @current_user = stub_record(:user, user_or_method_hash, true)
     request.env['warden'] = stub :user => @current_user
     return @current_user
   end
diff --git a/users/test/support/stub_record_helper.rb b/users/test/support/stub_record_helper.rb
index 1be419a..168a827 100644
--- a/users/test/support/stub_record_helper.rb
+++ b/users/test/support/stub_record_helper.rb
@@ -4,10 +4,12 @@ module StubRecordHelper
   # return the record given.
   # If no record is given but a hash or nil will create a stub based on
   # that instead and returns the stub.
-  def find_record(klass, record_or_method_hash = {})
-    record = stub_record(klass, record_or_method_hash)
-    finder = klass.respond_to?(:find_by_param) ? :find_by_param : :find_by_id
-    klass.expects(finder).with(record.to_param).returns(record)
+  def find_record(factory, attribs_hash = {})
+    attribs_hash.reverse_merge!(:id => Random.rand(10000).to_s)
+    record = stub_record factory, attribs_hash
+    klass = record.class
+    finder = klass.respond_to?(:find_by_param) ? :find_by_param : :find
+    klass.expects(finder).with(record.to_param.to_s).returns(record)
     return record
   end
 
@@ -17,25 +19,28 @@ module StubRecordHelper
   # If the second parameter is a record we return the record itself.
   # This way you can build functions that either take a record or a
   # method hash to stub from. See find_record for an example.
-  def stub_record(klass, record_or_method_hash = {}, persisted = true)
+  def stub_record(factory, record_or_method_hash = {}, persisted=false)
     if record_or_method_hash && !record_or_method_hash.is_a?(Hash)
       return record_or_method_hash
     end
-    stub record_params_for(klass, record_or_method_hash, persisted)
+    FactoryGirl.build_stubbed(factory).tap do |record|
+      if persisted or record.persisted?
+        record_or_method_hash.reverse_merge! :created_at => Time.now,
+          :updated_at => Time.now, :id => Random.rand(100000).to_s
+      end
+      record.stubs(record_or_method_hash) if record_or_method_hash.present?
+    end
   end
 
-  def record_params_for(klass, params = {}, persisted = true)
-    if klass.respond_to?(:valid_attributes_hash)
-      params.reverse_merge!(klass.valid_attributes_hash)
+  # returns deep stringified attributes so they can be compared to
+  # what the controller receives as params
+  def record_attributes_for(factory, attribs_hash = nil)
+    FactoryGirl.attributes_for(factory, attribs_hash).tap do |attribs|
+      attribs.keys.each do |key|
+        val = attribs.delete(key)
+        attribs[key.to_s] = val.is_a?(Hash) ? val.stringify_keys! : val
+      end
     end
-    params[:params] = params.stringify_keys
-    params.reverse_merge! :id => "A123",
-      :to_param => "A123",
-      :class => klass,
-      :to_key => ['123'],
-      :to_json => %Q({"stub":"#{klass.name}"}),
-      :new_record? => !persisted,
-      :persisted? => persisted
   end
 
 end
diff --git a/users/test/unit/email_aliases_test.rb b/users/test/unit/email_aliases_test.rb
index 88f97f4..e3f060d 100644
--- a/users/test/unit/email_aliases_test.rb
+++ b/users/test/unit/email_aliases_test.rb
@@ -3,12 +3,8 @@ require 'test_helper'
 class EmailAliasTest < ActiveSupport::TestCase
 
   setup do
-    @attribs = User.valid_attributes_hash
-    User.find_by_login(@attribs[:login]).try(:destroy)
-    @user = User.new(@attribs)
-    @attribs.merge!(:login => "other_user")
-    User.find_by_login(@attribs[:login]).try(:destroy)
-    @other_user = User.create(@attribs)
+    @user = FactoryGirl.build :user
+    @other_user = FactoryGirl.build :user
     @alias = "valid_alias@#{APP_CONFIG[:domain]}"
     User.find_by_email_or_alias(@alias).try(:destroy)
   end
diff --git a/users/test/unit/email_test.rb b/users/test/unit/email_test.rb
index 060ced5..d7ef1f8 100644
--- a/users/test/unit/email_test.rb
+++ b/users/test/unit/email_test.rb
@@ -3,13 +3,8 @@ require 'test_helper'
 class EmailTest < ActiveSupport::TestCase
 
   setup do
-    # TODO build helper for this ... make_record(User)
-    @attribs = User.valid_attributes_hash
-    User.find_by_login(@attribs[:login]).try(:destroy)
-    @user = User.new(@attribs)
-    @attribs.merge!(:login => "other_user")
-    User.find_by_login(@attribs[:login]).try(:destroy)
-    @other_user = User.create(@attribs)
+    @user = FactoryGirl.build :user
+    @other_user = FactoryGirl.build :user
     @email_string = "valid_alias@#{APP_CONFIG[:domain]}"
     User.find_by_email_or_alias(@email_string).try(:destroy)
   end
diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb
index 0c79f1f..917728b 100644
--- a/users/test/unit/user_test.rb
+++ b/users/test/unit/user_test.rb
@@ -4,9 +4,7 @@ class UserTest < ActiveSupport::TestCase
 
   include SRP::Util
   setup do
-    @attribs = User.valid_attributes_hash
-    User.find_by_login(@attribs[:login]).try(:destroy)
-    @user = User.new(@attribs)
+    @user = FactoryGirl.build(:user)
   end
 
   test "test set of attributes should be valid" do
@@ -49,13 +47,14 @@ class UserTest < ActiveSupport::TestCase
     assert_equal client_rnd, srp_session.aa
   end
 
-  test 'is user an admin' do
-    admin_login = APP_CONFIG['admins'].first
-    attribs = User.valid_attributes_hash
-    attribs[:login] = admin_login
-    admin_user = User.new(attribs)
-    assert admin_user.is_admin?
+  test 'normal user is no admin' do
     assert !@user.is_admin?
   end
 
+  test 'user with login in APP_CONFIG is an admin' do
+    admin_login = APP_CONFIG['admins'].first
+    @user.login = admin_login
+    assert @user.is_admin?
+  end
+
 end