diff options
Diffstat (limited to 'help/test')
-rw-r--r-- | help/test/functional/tickets_controller_test.rb | 160 |
1 files changed, 147 insertions, 13 deletions
diff --git a/help/test/functional/tickets_controller_test.rb b/help/test/functional/tickets_controller_test.rb index 6bdb6c7..35901ca 100644 --- a/help/test/functional/tickets_controller_test.rb +++ b/help/test/functional/tickets_controller_test.rb @@ -2,7 +2,8 @@ require 'test_helper' class TicketsControllerTest < ActionController::TestCase - test "should get index" do + test "should get index if logged in" do + login(User.last) get :index assert_response :success assert_not_nil assigns(:tickets) @@ -14,51 +15,184 @@ class TicketsControllerTest < ActionController::TestCase assert_response :success end + test "ticket show access" do + ticket = Ticket.first + ticket.created_by = nil # TODO: hacky, but this makes sure this ticket is an unauthenticated one + ticket.save + get :show, :id => ticket.id + assert_response :success + + ticket.created_by = User.last.id + ticket.save + get :show, :id => ticket.id + assert_response :redirect + assert_redirected_to login_url + + login(User.last) + get :show, :id => ticket.id + assert_response :success + + login(User.first) #assumes User.first != User.last: + assert_not_equal User.first, User.last + get :show, :id => ticket.id + assert_response :redirect + assert_redirected_to root_url + + end test "should create unauthenticated ticket" do - params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} + params = {:title => "unauth ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} assert_difference('Ticket.count') do post :create, :ticket => params end assert_response :redirect - #assert_equal assigns(:ticket).email, User.current.email - #assert_equal User.find(assigns(:ticket).created_by).login, User.current.login assert_nil assigns(:ticket).created_by assert_equal 1, assigns(:ticket).comments.count - end + assert_nil assigns(:ticket).comments.first.posted_by + assigns(:ticket).destroy # destroys without checking permission. is that okay? + end test "should create authenticated ticket" do - params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} + params = {:title => "auth ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} login User.last - assert_difference('Ticket.count') do post :create, :ticket => params end assert_response :redirect - ticket = assigns(:ticket) - assert ticket - assert_equal @current_user.id, ticket.created_by - assert_equal @current_user.email, ticket.email + assert_not_nil assigns(:ticket).created_by + assert_equal assigns(:ticket).created_by, @current_user.id + assert_equal assigns(:ticket).email, @current_user.email + assert_equal 1, assigns(:ticket).comments.count + assert_not_nil assigns(:ticket).comments.first.posted_by + assert_equal assigns(:ticket).comments.first.posted_by, @current_user.id + assigns(:ticket).destroy + end + + test "add comment to unauthenticated ticket" do + ticket = Ticket.last + ticket.created_by = nil # TODO: hacky, but this makes sure this ticket is an unauthenticated one + ticket.save + assert_difference('Ticket.last.comments.count') do + put :update, :id => ticket.id, + :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} } + end + + assert_equal ticket, assigns(:ticket) # still same ticket, with different comments + assert_not_equal ticket.comments, assigns(:ticket).comments # ticket == assigns(:ticket), but they have different comments (which we want) + end - test "add comment to ticket" do + test "add comment to own authenticated ticket" do + + login(User.last) ticket = Ticket.last + ticket.created_by = User.last.id # TODO: hacky, but confirms it is their ticket + ticket.save + #they should be able to comment if it is their ticket: assert_difference('Ticket.last.comments.count') do put :update, :id => ticket.id, :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} } end - assert_equal ticket, assigns(:ticket) + assert_not_equal ticket.comments, assigns(:ticket).comments + assert_not_nil assigns(:ticket).comments.last.posted_by + assert_equal assigns(:ticket).comments.last.posted_by, @current_user.id end + + test "cannot comment if it is not your ticket" do + + login(User.last) # assumes User.last is not admin + assert !@current_user.is_admin? + + ticket = Ticket.last + + assert_not_nil User.first.id + ticket.created_by = User.first.id #assumes User.first != User.last: + assert_not_equal User.first, User.last + ticket.save + # they should *not* be able to comment if it is not their ticket + put :update, :id => ticket.id, + :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} } + assert_response :redirect + assert_access_denied + assert_equal ticket.comments, assigns(:ticket).comments + + end + + + test "admin add comment to authenticated ticket" do + + admin_login = APP_CONFIG['admins'].first + admin_user = User.find_by_login(admin_login) #assumes that there is an admin login + login(admin_user) + + ticket = Ticket.last + assert_not_nil User.last.id + ticket.created_by = User.last.id # TODO: hacky, but confirms it somebody elses ticket. assumes last user is not admin user: + assert_not_equal User.last, admin_user + ticket.save + + #admin should be able to comment: + assert_difference('Ticket.last.comments.count') do + put :update, :id => ticket.id, + :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} } + end + assert_not_equal ticket.comments, assigns(:ticket).comments + assert_not_nil assigns(:ticket).comments.last.posted_by + assert_equal assigns(:ticket).comments.last.posted_by, @current_user.id + + end + + test "tickets by admin" do + + admin_login = APP_CONFIG['admins'].first + admin_user = User.find_by_login(admin_login) #assumes that there is an admin login + login(admin_user) + + post :create, :ticket => {:title => "test tick", :comments_attributes => {"0" => {"body" =>"body of test tick"}}} + post :create, :ticket => {:title => "another test tick", :comments_attributes => {"0" => {"body" =>"body of another test tick"}}} + + assert_not_nil assigns(:ticket).created_by + assert_equal assigns(:ticket).created_by, admin_user.id + + get :index, {:status => "open tickets I admin"} + assert assigns(:tickets).count > 1 # at least 2 tickets + + # if we close one ticket, the admin should have 1 less open ticket they admin + assert_difference('assigns[:tickets].count', -1) do + assigns(:ticket).close + assigns(:ticket).save + get :index, {:status => "open tickets I admin"} + end + assigns(:ticket).destroy + + testticket = Ticket.create :title => 'testytest' + assert !assigns(:tickets).include?(testticket) + + # admin should have one more ticket if a new tick gets an admin comment + assert_difference('assigns[:tickets].count') do + put :update, :id => testticket.id, :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}}} + get :index, {:status => "open tickets I admin"} + end + + assert assigns(:tickets).include?(assigns(:ticket)) + assert_not_nil assigns(:ticket).comments.last.posted_by + assert_equal assigns(:ticket).comments.last.posted_by, admin_user.id + + assigns(:ticket).destroy + + end + end + |