diff options
-rw-r--r-- | test/dummy/app/controllers/application_controller.rb | 3 | ||||
-rw-r--r-- | users/app/controllers/application_controller.rb | 22 | ||||
-rw-r--r-- | users/test/functional/application_controller_test.rb | 44 | ||||
-rw-r--r-- | users/test/functional/helper_methods_test.rb | 48 | ||||
-rw-r--r-- | users/test/support/auth_test_helper.rb | 7 | ||||
-rw-r--r-- | users/test/test_helper.rb | 3 |
6 files changed, 122 insertions, 5 deletions
diff --git a/test/dummy/app/controllers/application_controller.rb b/test/dummy/app/controllers/application_controller.rb deleted file mode 100644 index e8065d9..0000000 --- a/test/dummy/app/controllers/application_controller.rb +++ /dev/null @@ -1,3 +0,0 @@ -class ApplicationController < ActionController::Base - protect_from_forgery -end diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb index 64e1a55..0d6e5d1 100644 --- a/users/app/controllers/application_controller.rb +++ b/users/app/controllers/application_controller.rb @@ -1,14 +1,32 @@ class ApplicationController < ActionController::Base protect_from_forgery - private + protected def current_user @current_user ||= User.find(session[:user_id]) if session[:user_id] end helper_method :current_user + def logged_in? + !!current_user + end + helper_method :logged_in? + def authorize - redirect_to login_url, alert: "Not authorized" if current_user.nil? + access_denied unless logged_in? + end + + def admin? + current_user && current_user.is_admin? + end + helper_method :admin? + + def authorize_admin + access_denied unless admin? + end + + def access_denied + redirect_to login_url, :alert => "Not authorized" end end diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb new file mode 100644 index 0000000..d13a354 --- /dev/null +++ b/users/test/functional/application_controller_test.rb @@ -0,0 +1,44 @@ +require 'test_helper' + +class ApplicationControllerTest < ActionController::TestCase + + def setup + @user_id = stub + @user = stub + session[:user_id] = @user_id + # so we can test the effect on the response + @controller.response = @response + end + + def test_authorize_redirect + session[:user_id] = nil + @controller.send(:authorize) + assert_access_denied + end + + def test_current_user_with_caching + User.expects(:find).once.with(@user_id).returns(@user) + assert_equal @user, @controller.send(:current_user) + assert_equal @user, @controller.send(:current_user) # tests caching + end + + def test_authorized + User.expects(:find).once.with(@user_id).returns(@user) + @controller.send(:authorize) + end + + def test_admin + bool = stub + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(bool) + assert_equal bool, @controller.send(:admin?) + end + + def test_authorize_admin + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(false) + @controller.send(:authorize_admin) + assert_access_denied + end + +end diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb new file mode 100644 index 0000000..0d76f63 --- /dev/null +++ b/users/test/functional/helper_methods_test.rb @@ -0,0 +1,48 @@ +# +# Testing and documenting the helper methods available from +# ApplicationController +# + +require 'test_helper' + +class HelperMethodsTest < ActionController::TestCase + tests ApplicationController + + # we test them right in here... + include ApplicationController._helpers + + # they all reference the controller. + def controller + @controller + end + + def setup + @user_id = stub + @user = stub + session[:user_id] = @user_id + end + + def test_current_user_with_caching + User.expects(:find).once.with(@user_id).returns(@user) + assert_equal @user, current_user + assert_equal @user, current_user # tests caching + end + + def test_logged_in + User.expects(:find).once.with(@user_id).returns(@user) + assert logged_in? + end + + def test_logged_in + User.expects(:find).once.with(@user_id).returns(nil) + assert !logged_in? + end + + def test_admin + bool = stub + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(bool) + assert_equal bool, admin? + end + +end diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb new file mode 100644 index 0000000..c30421f --- /dev/null +++ b/users/test/support/auth_test_helper.rb @@ -0,0 +1,7 @@ +module AuthTestHelper + + def assert_access_denied + assert_equal({:alert => "Not authorized"}, flash.to_hash) + assert_redirected_to login_path + end +end diff --git a/users/test/test_helper.rb b/users/test/test_helper.rb index 08d4d41..ae6a35c 100644 --- a/users/test/test_helper.rb +++ b/users/test/test_helper.rb @@ -8,3 +8,6 @@ Rails.backtrace_cleaner.remove_silencers! # Load support files Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f } +class ActionController::TestCase + include AuthTestHelper +end |