From ef90c45998b33ba8606c3786875e21496ace4686 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Sun, 4 Nov 2012 22:14:13 +0100
Subject: fixed functional tests

---
 .../controller_extension/authentication.rb         |  4 +-
 users/app/controllers/sessions_controller.rb       |  6 +-
 users/test/functional/sessions_controller_test.rb  | 85 ++++++++++------------
 users/test/integration/api/account_flow_test.rb    |  7 +-
 4 files changed, 49 insertions(+), 53 deletions(-)

diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 0408b77..87f7921 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -7,8 +7,8 @@ module ControllerExtension::Authentication
     helper_method :current_user, :logged_in?, :admin?
   end
 
-  def current_user
-    @current_user ||= request.env['warden'].user
+  def authentication_error
+    warden.winning_strategy.try(:message)
   end
 
   def logged_in?
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index 06d55eb..722265a 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -3,9 +3,7 @@ class SessionsController < ApplicationController
   skip_before_filter :verify_authenticity_token
 
   def new
-    if warden.winning_strategy
-      @errors = warden.winning_strategy.message
-    end
+    @errors = authentication_error
   end
 
   def create
@@ -17,7 +15,7 @@ class SessionsController < ApplicationController
   end
 
   def destroy
-    session[:user_id] = nil
+    logout
     redirect_to root_path
   end
 end
diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb
index 47d7052..4bad12f 100644
--- a/users/test/functional/sessions_controller_test.rb
+++ b/users/test/functional/sessions_controller_test.rb
@@ -2,74 +2,67 @@ require 'test_helper'
 
 class SessionsControllerTest < ActionController::TestCase
 
-  def setup
+  setup do
     @user = stub :login => "me", :id => 123
     @client_hex = 'a123'
-    @client_rnd = @client_hex.hex
-    @server_hex = 'b123'
-    @server_rnd = @server_hex.hex
-    @server_rnd_exp = 'e123'.hex
-    @salt = 'stub user salt'
-    @server_handshake = stub :aa => @client_rnd, :bb => @server_rnd, :b => @server_rnd_exp
-    @server_auth = 'adfe'
   end
 
   test "should get login screen" do
+    request.env['warden'].expects(:winning_strategy)
     get :new
     assert_response :success
+    assert_equal "text/html", response.content_type
+    assert_template "sessions/new"
   end
 
-  test "should perform handshake" do
-    @user.expects(:initialize_auth).
-      with(@client_rnd).
-      returns(@server_handshake)
-    @server_handshake.expects(:to_json).
-     returns({'B' => @server_hex, 'salt' => @salt}.to_json)
-    User.expects(:find_by_param).with(@user.login).returns(@user)
-    post :create, :login => @user.login, 'A' => @client_hex
-    assert_equal @server_handshake, session[:handshake]
+  test "renders json" do
+    request.env['warden'].expects(:winning_strategy)
+    get :new, :format => :json
     assert_response :success
-    assert_json_response :B => @server_hex, :salt => @salt
+    assert_json_response :errors => nil
   end
 
-  test "should report user not found" do
-    unknown = "login_that_does_not_exist"
-    User.expects(:find_by_param).with(unknown).raises(RECORD_NOT_FOUND)
-    post :create, :login => unknown
+  test "renders warden errors" do
+    strategy = stub :message => "Warden auth did not work"
+    request.env['warden'].expects(:winning_strategy).returns(strategy)
+    get :new, :format => :json
     assert_response :success
-    assert_json_response :errors => {"login" => ["unknown user"]}
+    assert_json_response :errors => strategy.message
   end
 
-  test "should authorize" do
-    session[:handshake] = @server_handshake
-    @server_handshake.expects(:authenticate!).
-      with(@client_rnd).
-      returns(@user)
-    @server_handshake.expects(:to_json).
-      returns({:M2 => @server_auth}.to_json)
-    post :update, :id => @user.login, :client_auth => @client_hex
-    assert_nil session[:handshake]
-    assert_json_response :M2 => @server_auth
-    assert_equal @user.id, session[:user_id]
+  test "should perform handshake" do
+    assert_raises ActionView::MissingTemplate do
+      request.env['warden'].expects(:authenticate!)
+      post :create, :login => @user.login, 'A' => @client_hex
+      assert params['A']
+      assert params['login']
+    end
   end
 
-  test "should report wrong password" do
-    session[:handshake] = @server_handshake
-    @server_handshake.expects(:authenticate!).
-      with(@client_rnd).
-      raises(WRONG_PASSWORD)
-    post :update, :id => @user.login, :client_auth => @client_hex
-    assert_nil session[:handshake]
-    assert_nil session[:user_id]
-    assert_json_response :errors => {"password" => ["wrong password"]}
+  test "should authorize" do
+    assert_raises ActionView::MissingTemplate do
+      request.env['warden'].expects(:authenticate!)
+      session[:handshake] = stub
+      post :update, :id => @user.login, :client_auth => @client_hex
+      assert params['client_auth']
+      assert session[:handshake]
+    end
   end
 
-  test "logout should reset sessions user_id" do
-    session[:user_id] = "set"
+  test "logout should reset warden user" do
+    expect_warden_logout
     delete :destroy
-    assert_nil session[:user_id]
     assert_response :redirect
     assert_redirected_to root_url
   end
 
+  def expect_warden_logout
+    raw = mock('raw session') do
+      expects(:inspect)
+    end
+    request.env['warden'].expects(:raw_session).returns(raw)
+    request.env['warden'].expects(:logout)
+  end
+
+
 end
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index 69e0599..dc475b5 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -1,6 +1,11 @@
 require 'test_helper'
 
 class AccountFlowTest < ActionDispatch::IntegrationTest
+  include Warden::Test::Helpers
+
+  def teardown
+    Warden.test_reset!
+  end
 
   # this test wraps the api and implements the interface the ruby-srp client.
   def handshake(login, aa)
@@ -52,7 +57,7 @@ class AccountFlowTest < ActionDispatch::IntegrationTest
   test "signup and wrong password login attempt" do
     srp = SRP::Client.new(@login, "wrong password")
     server_auth = srp.authenticate(self)
-    assert_equal ["wrong password"], server_auth["errors"]['password']
+    assert_equal "Could not log in", server_auth["errors"]['password']
     assert_nil server_auth["M2"]
   end
 
-- 
cgit v1.2.3