summaryrefslogtreecommitdiff
path: root/help/test/functional
diff options
context:
space:
mode:
Diffstat (limited to 'help/test/functional')
-rw-r--r--help/test/functional/tickets_controller_test.rb170
1 files changed, 157 insertions, 13 deletions
diff --git a/help/test/functional/tickets_controller_test.rb b/help/test/functional/tickets_controller_test.rb
index 6bdb6c7..cf123a9 100644
--- a/help/test/functional/tickets_controller_test.rb
+++ b/help/test/functional/tickets_controller_test.rb
@@ -2,7 +2,18 @@ require 'test_helper'
class TicketsControllerTest < ActionController::TestCase
- test "should get index" do
+ setup do
+ User.create(User.valid_attributes_hash.merge({:login => 'first_test'}))
+ User.create(User.valid_attributes_hash.merge({:login => 'different'}))
+ end
+
+ teardown do
+ User.find_by_login('first_test').destroy
+ User.find_by_login('different').destroy
+ end
+
+ test "should get index if logged in" do
+ login(User.last)
get :index
assert_response :success
assert_not_nil assigns(:tickets)
@@ -14,51 +25,184 @@ class TicketsControllerTest < ActionController::TestCase
assert_response :success
end
+ test "ticket show access" do
+ ticket = Ticket.first
+ ticket.created_by = nil # TODO: hacky, but this makes sure this ticket is an unauthenticated one
+ ticket.save
+ get :show, :id => ticket.id
+ assert_response :success
+
+ ticket.created_by = User.last.id
+ ticket.save
+ get :show, :id => ticket.id
+ assert_response :redirect
+ assert_redirected_to login_url
+
+ login(User.last)
+ get :show, :id => ticket.id
+ assert_response :success
+
+ login(User.first) #assumes User.first != User.last:
+ assert_not_equal User.first, User.last
+ get :show, :id => ticket.id
+ assert_response :redirect
+ assert_redirected_to root_url
+
+ end
test "should create unauthenticated ticket" do
- params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}}
+ params = {:title => "unauth ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}}
assert_difference('Ticket.count') do
post :create, :ticket => params
end
assert_response :redirect
- #assert_equal assigns(:ticket).email, User.current.email
- #assert_equal User.find(assigns(:ticket).created_by).login, User.current.login
assert_nil assigns(:ticket).created_by
assert_equal 1, assigns(:ticket).comments.count
- end
+ assert_nil assigns(:ticket).comments.first.posted_by
+ assigns(:ticket).destroy # destroys without checking permission. is that okay?
+ end
test "should create authenticated ticket" do
- params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}}
+ params = {:title => "auth ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}}
login User.last
-
assert_difference('Ticket.count') do
post :create, :ticket => params
end
assert_response :redirect
- ticket = assigns(:ticket)
- assert ticket
- assert_equal @current_user.id, ticket.created_by
- assert_equal @current_user.email, ticket.email
+
+ assert_not_nil assigns(:ticket).created_by
+ assert_equal assigns(:ticket).created_by, @current_user.id
+ assert_equal assigns(:ticket).email, @current_user.email
assert_equal 1, assigns(:ticket).comments.count
+ assert_not_nil assigns(:ticket).comments.first.posted_by
+ assert_equal assigns(:ticket).comments.first.posted_by, @current_user.id
+ assigns(:ticket).destroy
+ end
+
+ test "add comment to unauthenticated ticket" do
+ ticket = Ticket.last
+ ticket.created_by = nil # TODO: hacky, but this makes sure this ticket is an unauthenticated one
+ ticket.save
+ assert_difference('Ticket.last.comments.count') do
+ put :update, :id => ticket.id,
+ :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} }
+ end
+
+ assert_equal ticket, assigns(:ticket) # still same ticket, with different comments
+ assert_not_equal ticket.comments, assigns(:ticket).comments # ticket == assigns(:ticket), but they have different comments (which we want)
+
+ end
+
+
+ test "add comment to own authenticated ticket" do
+
+ login(User.last)
+ ticket = Ticket.last
+ ticket.created_by = User.last.id # TODO: hacky, but confirms it is their ticket
+ ticket.save
+ #they should be able to comment if it is their ticket:
+ assert_difference('Ticket.last.comments.count') do
+ put :update, :id => ticket.id,
+ :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} }
+ end
+ assert_not_equal ticket.comments, assigns(:ticket).comments
+ assert_not_nil assigns(:ticket).comments.last.posted_by
+ assert_equal assigns(:ticket).comments.last.posted_by, @current_user.id
+
+ end
+
+
+ test "cannot comment if it is not your ticket" do
+
+ login(User.last) # assumes User.last is not admin
+ assert !@current_user.is_admin?
+
+ ticket = Ticket.last
+
+ assert_not_nil User.first.id
+ ticket.created_by = User.first.id #assumes User.first != User.last:
+ assert_not_equal User.first, User.last
+ ticket.save
+ # they should *not* be able to comment if it is not their ticket
+ put :update, :id => ticket.id,
+ :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} }
+ assert_response :redirect
+ assert_access_denied
+ assert_equal ticket.comments, assigns(:ticket).comments
+
end
- test "add comment to ticket" do
+
+ test "admin add comment to authenticated ticket" do
+
+ admin_login = APP_CONFIG['admins'].first
+ admin_user = User.find_by_login(admin_login) #assumes that there is an admin login
+ login(admin_user)
ticket = Ticket.last
+ assert_not_nil User.last.id
+ ticket.created_by = User.last.id # TODO: hacky, but confirms it somebody elses ticket. assumes last user is not admin user:
+ assert_not_equal User.last, admin_user
+ ticket.save
+
+ #admin should be able to comment:
assert_difference('Ticket.last.comments.count') do
put :update, :id => ticket.id,
:ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} }
end
- assert_equal ticket, assigns(:ticket)
+ assert_not_equal ticket.comments, assigns(:ticket).comments
+ assert_not_nil assigns(:ticket).comments.last.posted_by
+ assert_equal assigns(:ticket).comments.last.posted_by, @current_user.id
+
+ end
+
+ test "tickets by admin" do
+
+ admin_login = APP_CONFIG['admins'].first
+ admin_user = User.find_by_login(admin_login) #assumes that there is an admin login
+ login(admin_user)
+
+ post :create, :ticket => {:title => "test tick", :comments_attributes => {"0" => {"body" =>"body of test tick"}}}
+ post :create, :ticket => {:title => "another test tick", :comments_attributes => {"0" => {"body" =>"body of another test tick"}}}
+
+ assert_not_nil assigns(:ticket).created_by
+ assert_equal assigns(:ticket).created_by, admin_user.id
+
+ get :index, {:admin_status => "mine", :open_status => "open"}
+ assert assigns(:tickets).count > 1 # at least 2 tickets
+
+ # if we close one ticket, the admin should have 1 less open ticket they admin
+ assert_difference('assigns[:tickets].count', -1) do
+ assigns(:ticket).close
+ assigns(:ticket).save
+ get :index, {:admin_status => "mine", :open_status => "open"}
+ end
+ assigns(:ticket).destroy
+
+ testticket = Ticket.create :title => 'testytest'
+ assert !assigns(:tickets).include?(testticket)
+
+ # admin should have one more ticket if a new tick gets an admin comment
+ assert_difference('assigns[:tickets].count') do
+ put :update, :id => testticket.id, :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}}}
+ get :index, {:admin_status => "mine", :open_status => "open"}
+ end
+
+ assert assigns(:tickets).include?(assigns(:ticket))
+ assert_not_nil assigns(:ticket).comments.last.posted_by
+ assert_equal assigns(:ticket).comments.last.posted_by, admin_user.id
+
+ assigns(:ticket).destroy
end
end
+