diff options
Diffstat (limited to 'users/test/functional')
| -rw-r--r-- | users/test/functional/helper_methods_test.rb | 2 | ||||
| -rw-r--r-- | users/test/functional/test_helpers_test.rb | 38 | ||||
| -rw-r--r-- | users/test/functional/users_controller_test.rb | 12 | ||||
| -rw-r--r-- | users/test/functional/v1/sessions_controller_test.rb | 18 | ||||
| -rw-r--r-- | users/test/functional/v1/users_controller_test.rb | 8 |
5 files changed, 66 insertions, 12 deletions
diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb index 2b2375c..44226ae 100644 --- a/users/test/functional/helper_methods_test.rb +++ b/users/test/functional/helper_methods_test.rb @@ -11,7 +11,7 @@ class HelperMethodsTest < ActionController::TestCase # we test them right in here... include ApplicationController._helpers - # they all reference the controller. + # the helpers all reference the controller. def controller @controller end diff --git a/users/test/functional/test_helpers_test.rb b/users/test/functional/test_helpers_test.rb new file mode 100644 index 0000000..9bd01ad --- /dev/null +++ b/users/test/functional/test_helpers_test.rb @@ -0,0 +1,38 @@ +# +# There are a few test helpers for dealing with login etc. +# We test them here and also document their behaviour. +# + +require 'test_helper' + +class TestHelpersTest < ActionController::TestCase + tests ApplicationController # testing no controller in particular + + def test_login_stubs_warden + login + assert_equal @current_user, request.env['warden'].user + end + + def test_login_token_authenticates + login + assert_equal @current_user, @controller.send(:token_authenticate) + end + + def test_login_stubs_token + login + assert @token + assert_equal @current_user, @token.user + end + + def test_login_adds_token_header + login + token_present = @controller.authenticate_with_http_token do |token, options| + assert_equal @token.id, token + end + # authenticate_with_http_token just returns nil and does not + # execute the block if there is no token. So we have to also + # ensure it was run: + assert token_present + end +end + diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index 0ce5cc2..96ae48c 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -59,19 +59,23 @@ class UsersControllerTest < ActionController::TestCase assert_access_denied end - test "show for non-existing user" do + test "may not show non-existing user without auth" do nonid = 'thisisnotanexistinguserid' - # when unauthenticated: get :show, :id => nonid assert_access_denied(true, false) + end - # when authenticated but not admin: + test "may not show non-existing user without admin" do + nonid = 'thisisnotanexistinguserid' login + get :show, :id => nonid assert_access_denied + end - # when authenticated as admin: + test "redirect admin to user list for non-existing user" do + nonid = 'thisisnotanexistinguserid' login :is_admin? => true get :show, :id => nonid assert_response :redirect diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb index 0c4e325..ff9fca1 100644 --- a/users/test/functional/v1/sessions_controller_test.rb +++ b/users/test/functional/v1/sessions_controller_test.rb @@ -7,7 +7,7 @@ class V1::SessionsControllerTest < ActionController::TestCase setup do @request.env['HTTP_HOST'] = 'api.lvh.me' - @user = stub_record :user + @user = stub_record :user, {}, true @client_hex = 'a123' end @@ -48,13 +48,22 @@ class V1::SessionsControllerTest < ActionController::TestCase assert_response :success assert json_response.keys.include?("id") assert json_response.keys.include?("token") + assert token = Token.find(json_response['token']) + assert_equal @user.id, token.user_id end - test "logout should reset warden user" do + test "logout should reset session" do expect_warden_logout delete :destroy - assert_response :redirect - assert_redirected_to root_url + assert_response 204 + end + + test "logout should destroy token" do + login + expect_warden_logout + @token.expects(:destroy) + delete :destroy + assert_response 204 end def expect_warden_logout @@ -65,5 +74,4 @@ class V1::SessionsControllerTest < ActionController::TestCase request.env['warden'].expects(:logout) end - end diff --git a/users/test/functional/v1/users_controller_test.rb b/users/test/functional/v1/users_controller_test.rb index 0d44e50..a330bf3 100644 --- a/users/test/functional/v1/users_controller_test.rb +++ b/users/test/functional/v1/users_controller_test.rb @@ -5,7 +5,9 @@ class V1::UsersControllerTest < ActionController::TestCase test "user can change settings" do user = find_record :user changed_attribs = record_attributes_for :user_with_settings - user.expects(:update_attributes).with(changed_attribs) + account_settings = stub + account_settings.expects(:update).with(changed_attribs) + AccountSettings.expects(:new).with(user).returns(account_settings) login user put :update, :user => changed_attribs, :id => user.id, :format => :json @@ -18,7 +20,9 @@ class V1::UsersControllerTest < ActionController::TestCase test "admin can update user" do user = find_record :user changed_attribs = record_attributes_for :user_with_settings - user.expects(:update_attributes).with(changed_attribs) + account_settings = stub + account_settings.expects(:update).with(changed_attribs) + AccountSettings.expects(:new).with(user).returns(account_settings) login :is_admin? => true put :update, :user => changed_attribs, :id => user.id, :format => :json |