diff options
-rw-r--r-- | help/test/functional/tickets_controller_test.rb | 38 | ||||
-rw-r--r-- | users/test/functional/application_controller_test.rb | 4 | ||||
-rw-r--r-- | users/test/support/auth_test_helper.rb | 7 |
3 files changed, 43 insertions, 6 deletions
diff --git a/help/test/functional/tickets_controller_test.rb b/help/test/functional/tickets_controller_test.rb index 7a03a86..8fae44c 100644 --- a/help/test/functional/tickets_controller_test.rb +++ b/help/test/functional/tickets_controller_test.rb @@ -2,7 +2,10 @@ require 'test_helper' class TicketsControllerTest < ActionController::TestCase - test "should get index" do + test "should get index if logged in" do + #todo: should redo this and actually authorize + user = User.last + session[:user_id] = user.id get :index assert_response :success assert_not_nil assigns(:tickets) @@ -28,6 +31,7 @@ class TicketsControllerTest < ActionController::TestCase assert_nil assigns(:ticket).created_by assert_equal assigns(:ticket).comments.count, 1 + assigns(:ticket).destroy # destroys without checking permission. is that okay? end @@ -48,16 +52,46 @@ class TicketsControllerTest < ActionController::TestCase assert_equal assigns(:ticket).email, user.email assert_equal assigns(:ticket).comments.count, 1 + + assigns(:ticket).destroy # ? end - test "add comment to ticket" do + test "add comment to unauthenticated ticket" do t = Ticket.last + t.created_by = nil # TODO: hacky, but this makes sure this ticket is an unauthenticated one + t.save comment_count = t.comments.count put :update, :id => t.id, :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} } assert_equal(comment_count + 1, assigns(:ticket).comments.count) #assert_difference block isn't working + end + + test "add comment to authenticated ticket" do + + + params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} + + #todo: should redo this and actually authorize + user = User.last + session[:user_id] = user.id + + post :create, :ticket => params + t = assigns(:ticket) + + comment_count = t.comments.count + debugger + put :update, :id => t.id, :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} } # this isn't working + assert_equal(comment_count + 1, t.comments.count) + + #comment_count = t.comments.count + # now log out: and retry + #session[:user_id] = nil + #put :update, :id => t.id, :ticket => {:comments_attributes => {"0" => {"body" =>"EVEN NEWER comment"}} } # should fail +# assert_equal(comment_count, t.comments.count) + #assert_difference block isn't working + t.destroy end end diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb index 69bcb2f..b228b1d 100644 --- a/users/test/functional/application_controller_test.rb +++ b/users/test/functional/application_controller_test.rb @@ -8,9 +8,9 @@ class ApplicationControllerTest < ActionController::TestCase end def test_authorize_redirect - stub_logged_out + stub_logged_out #broken? @controller.send(:authorize) - assert_access_denied + assert_access_denied(true, false) end def test_authorized diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb index 9412058..37aef34 100644 --- a/users/test/support/auth_test_helper.rb +++ b/users/test/support/auth_test_helper.rb @@ -9,15 +9,18 @@ module AuthTestHelper end def stub_logged_out + #todo: this seems wrong. @user_id = stub session[:user_id] = @user_id User.expects(:find).once.with(@user_id).returns(nil) end - def assert_access_denied(denied = true) + def assert_access_denied(denied = true, logged_in = true) if denied assert_equal({:alert => "Not authorized"}, flash.to_hash) - assert_redirected_to login_path + # todo: eventually probably eliminate separate conditions + assert_redirected_to login_path if !logged_in + assert_redirected_to root_path if logged_in else assert flash[:alert].blank? end |