7 files changed, 85 insertions, 42 deletions

diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb
index 8f2d95c..9df4455 100644
--- a/users/test/functional/sessions_controller_test.rb
+++ b/users/test/functional/sessions_controller_test.rb
@@ -22,15 +22,16 @@ class SessionsControllerTest < ActionController::TestCase
     request.env['warden'].expects(:winning_strategy)
     get :new, :format => :json
     assert_response :success
-    assert_json_response :errors => nil
+    assert_json_error nil
   end
 
   test "renders warden errors" do
-    strategy = stub :message => "Warden auth did not work"
-    request.env['warden'].expects(:winning_strategy).returns(strategy)
+    strategy = stub :message => {:field => :translate_me}
+    request.env['warden'].stubs(:winning_strategy).returns(strategy)
+    I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub")
     get :new, :format => :json
-    assert_response :success
-    assert_json_response :errors => strategy.message
+    assert_response 422
+    assert_json_error :field => "translation stub"
   end
 
   # Warden takes care of parsing the params and
diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb
index 1cb28a6..ced8ee9 100644
--- a/users/test/functional/users_controller_test.rb
+++ b/users/test/functional/users_controller_test.rb
@@ -1,6 +1,8 @@
 require 'test_helper'
 
 class UsersControllerTest < ActionController::TestCase
+  include StubRecordHelper
+
   test "should get new" do
     get :new
     assert_equal User, assigns(:user).class
@@ -8,26 +10,41 @@ class UsersControllerTest < ActionController::TestCase
   end
 
   test "should create new user" do
-    params = User.valid_attributes_hash
-    user = stub params.merge(:id => 123)
-    params.stringify_keys!
-    User.expects(:create!).with(params).returns(user)
-    post :create, :user => params
+    user = stub_record User
+    User.expects(:create).with(user.params).returns(user)
+    post :create, :user => user.params, :format => :json
     assert_nil session[:user_id]
-    assert_response :redirect
-    assert_redirected_to root_url
+    assert_json_response user
+    assert_response :success
   end
 
   test "should redirect to signup form on failed attempt" do
     params = User.valid_attributes_hash.slice(:login)
     user = User.new(params)
     params.stringify_keys!
-    User.expects(:create!).with(params).raises(VALIDATION_FAILED.new(user))
-    post :create, :user => params
-    assert_nil session[:user_id]
+    assert !user.valid?
+    User.expects(:create).with(params).returns(user)
+    post :create, :user => params, :format => :json
+    assert_json_error user.errors.messages
+    assert_response 422
+  end
+
+  test "should get edit view" do
+    user = stub_record User
+    User.expects(:find_by_param).with(user.id.to_s).returns(user)
+    login user
+    get :edit, :id => user.id
     assert_equal user, assigns[:user]
-    assert_response :redirect
-    assert_redirected_to new_user_path
   end
 
+  test "should process updated params" do
+    user = stub_record User
+    user.expects(:update_attributes).with(user.params).returns(true)
+    User.expects(:find_by_param).with(user.id.to_s).returns(user)
+    login user
+    put :update, :user => user.params, :id => user.id, :format => :json
+    assert_equal user, assigns[:user]
+    assert_equal " ", @response.body
+    assert_response 204
+  end
 end
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index c9a7109..add12fe 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -16,24 +16,6 @@ class AccountFlowTest < ActiveSupport::TestCase
     Warden.test_reset!
   end
 
-  # this test wraps the api and implements the interface the ruby-srp client.
-  def handshake(login, aa)
-    post "/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json
-    assert last_response.successful?
-    response = JSON.parse(last_response.body)
-    if response['errors']
-      raise RECORD_NOT_FOUND.new(response['errors'])
-    else
-      return response['B'].hex
-    end
-  end
-
-  def validate(m)
-    put "/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json
-    assert last_response.successful?
-    return JSON.parse(last_response.body)
-  end
-
   def setup
     @login = "integration_test_user"
     User.find_by_login(@login).tap{|u| u.destroy if u}
@@ -52,6 +34,22 @@ class AccountFlowTest < ActiveSupport::TestCase
     @user.destroy if @user # make sure we can run this test again
   end
 
+  # this test wraps the api and implements the interface the ruby-srp client.
+  def handshake(login, aa)
+    post "/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json
+    response = JSON.parse(last_response.body)
+    if response['errors']
+      raise RECORD_NOT_FOUND.new(response['errors'])
+    else
+      return response['B'].hex
+    end
+  end
+
+  def validate(m)
+    put "/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json
+    return JSON.parse(last_response.body)
+  end
+
   test "signup response" do
     assert_json_response :login => @login, :ok => true
     assert last_response.successful?
@@ -59,6 +57,7 @@ class AccountFlowTest < ActiveSupport::TestCase
 
   test "signup and login with srp via api" do
     server_auth = @srp.authenticate(self)
+    assert last_response.successful?
     assert_nil server_auth["errors"]
     assert server_auth["M2"]
   end
@@ -66,7 +65,8 @@ class AccountFlowTest < ActiveSupport::TestCase
   test "signup and wrong password login attempt" do
     srp = SRP::Client.new(@login, "wrong password")
     server_auth = srp.authenticate(self)
-    assert_equal "Could not log in", server_auth["errors"]['password']
+    assert_json_error :password => "wrong password"
+    assert !last_response.successful?
     assert_nil server_auth["M2"]
   end
 
@@ -76,6 +76,8 @@ class AccountFlowTest < ActiveSupport::TestCase
     assert_raises RECORD_NOT_FOUND do
       server_auth = srp.authenticate(self)
     end
+    assert_json_error :login => "could not be found"
+    assert !last_response.successful?
     assert_nil server_auth
   end
 
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
index 795a977..ca166bf 100644
--- a/users/test/support/auth_test_helper.rb
+++ b/users/test/support/auth_test_helper.rb
@@ -11,6 +11,9 @@ module AuthTestHelper
 
   def login(user = nil)
     @current_user = user || stub
+    unless @current_user.respond_to? :is_admin?
+      @current_user.stubs(:is_admin?).returns(false)
+    end
     request.env['warden'] = stub :user => @current_user
     return @current_user
   end
diff --git a/users/test/support/stub_record_helper.rb b/users/test/support/stub_record_helper.rb
new file mode 100644
index 0000000..e744ad7
--- /dev/null
+++ b/users/test/support/stub_record_helper.rb
@@ -0,0 +1,19 @@
+module StubRecordHelper
+
+  # Create a stub that has the usual functions of a database record.
+  # It won't fail on rendering a form for example.
+  def stub_record(klass, params = {}, persisted = true)
+    if klass.respond_to?(:valid_attributes_hash)
+      params.reverse_merge!(klass.valid_attributes_hash)
+    end
+    params[:params] = params.stringify_keys
+    params.reverse_merge! :id => 123,
+      :class => klass,
+      :to_key => ['123'],
+      :to_json => %Q({"stub":"#{klass.name}"}),
+      :new_record? => !persisted,
+      :persisted? => persisted
+    stub params
+  end
+
+end
diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb
index 9977fca..2269d4e 100644
--- a/users/test/unit/user_test.rb
+++ b/users/test/unit/user_test.rb
@@ -5,6 +5,7 @@ class UserTest < ActiveSupport::TestCase
   include SRP::Util
   setup do
     @attribs = User.valid_attributes_hash
+    User.find_by_login(@attribs[:login]).try(:destroy)
     @user = User.new(@attribs)
   end
 
@@ -23,14 +24,14 @@ class UserTest < ActiveSupport::TestCase
     assert !@user.valid?
   end
 
-  test "find_by_param gets User by login" do
+  test "find_by_param gets User by id" do
     @user.save
-    assert_equal @user, User.find_by_param(@user.login)
+    assert_equal @user, User.find_by_param(@user.id)
     @user.destroy
   end
 
-  test "to_param gives user login" do
-    assert_equal @user.login, @user.to_param
+  test "to_param gives user id" do
+    assert_equal @user.id, @user.to_param
   end
 
   test "verifier returns number for the hex in password_verifier" do
diff --git a/users/test/unit/warden_strategy_secure_remote_password_test.rb b/users/test/unit/warden_strategy_secure_remote_password_test.rb
index 79480f0..319809a 100644
--- a/users/test/unit/warden_strategy_secure_remote_password_test.rb
+++ b/users/test/unit/warden_strategy_secure_remote_password_test.rb
@@ -32,7 +32,7 @@ class WardenStrategySecureRemotePasswordTest < ActiveSupport::TestCase
     User.expects(:find_by_param).with(unknown).raises(RECORD_NOT_FOUND)
     post :create, :login => unknown
     assert_response :success
-    assert_json_response :errors => {"login" => ["unknown user"]}
+    assert_json_error "login" => ["unknown user"]
   end
 
   test "should authorize" do
@@ -56,7 +56,7 @@ class WardenStrategySecureRemotePasswordTest < ActiveSupport::TestCase
     post :update, :id => @user.login, :client_auth => @client_hex
     assert_nil session[:handshake]
     assert_nil session[:user_id]
-    assert_json_response :errors => {"password" => ["wrong password"]}
+    assert_json_error "password" => ["wrong password"]
   end
 
 =end