From b6d14dc19dd350a807826e3e097738a36613e083 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 8 Apr 2014 11:49:14 +0200
Subject: moving users: app and test files

---
 test/functional/v1/messages_controller_test.rb | 57 ++++++++++++++++++++
 test/functional/v1/sessions_controller_test.rb | 62 +++++++++++++++++++++
 test/functional/v1/users_controller_test.rb    | 74 ++++++++++++++++++++++++++
 3 files changed, 193 insertions(+)
 create mode 100644 test/functional/v1/messages_controller_test.rb
 create mode 100644 test/functional/v1/sessions_controller_test.rb
 create mode 100644 test/functional/v1/users_controller_test.rb

(limited to 'test/functional/v1')

diff --git a/test/functional/v1/messages_controller_test.rb b/test/functional/v1/messages_controller_test.rb
new file mode 100644
index 0000000..24a5b1f
--- /dev/null
+++ b/test/functional/v1/messages_controller_test.rb
@@ -0,0 +1,57 @@
+require 'test_helper'
+
+class V1::MessagesControllerTest < ActionController::TestCase
+
+  setup do
+    @user = FactoryGirl.build(:user)
+    @user.save
+    @message = Message.new(:text => 'a test message')
+    @message.user_ids_to_show << @user.id
+    @message.save
+  end
+
+  teardown do
+    @message.destroy
+    @user.destroy
+  end
+
+  test "get messages for user" do
+    login @user
+    get :index
+    assert response.body.include? @message.text
+    assert response.body.include? @message.id
+  end
+
+  test "mark message read for user" do
+    login @user
+    assert @message.user_ids_to_show.include?(@user.id)
+    assert !@message.user_ids_have_shown.include?(@user.id)
+    put :update, :id => @message.id
+    @message.reload
+    assert !@message.user_ids_to_show.include?(@user.id)
+    assert @message.user_ids_have_shown.include?(@user.id)
+    assert_json_response true
+  end
+
+  test "do not get seen messages" do
+    login @user
+    put :update, :id => @message.id
+    @message.reload
+    get :index
+    assert !(response.body.include? @message.text)
+    assert !(response.body.include? @message.id)
+  end
+
+
+  test "mark read responds even with bad inputs" do
+    login @user
+    put :update, :id => 'more nonsense'
+    assert_json_response false
+ end
+
+  test "fails if not authenticated" do
+    get :index, :format => :json
+    assert_access_denied
+  end
+
+end
diff --git a/test/functional/v1/sessions_controller_test.rb b/test/functional/v1/sessions_controller_test.rb
new file mode 100644
index 0000000..df0d681
--- /dev/null
+++ b/test/functional/v1/sessions_controller_test.rb
@@ -0,0 +1,62 @@
+require 'test_helper'
+
+# This is a simple controller unit test.
+# We're stubbing out both warden and srp.
+# There's an integration test testing the full rack stack and srp
+class V1::SessionsControllerTest < ActionController::TestCase
+
+  setup do
+    @request.env['HTTP_HOST'] = 'api.lvh.me'
+    @user = stub_record :user, {}, true
+    @client_hex = 'a123'
+  end
+
+  test "renders json" do
+    get :new, :format => :json
+    assert_response :success
+    assert_json_error nil
+  end
+
+  test "renders warden errors" do
+    request.env['warden.options'] = {attempted_path: 'path/to/controller'}
+    strategy = stub :message => {:field => :translate_me}
+    request.env['warden'].stubs(:winning_strategy).returns(strategy)
+    I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub")
+    get :new, :format => :json
+    assert_response 422
+    assert_json_error :field => "translation stub"
+  end
+
+  # Warden takes care of parsing the params and
+  # rendering the response. So not much to test here.
+  test "should perform handshake" do
+    request.env['warden'].expects(:authenticate!)
+    # make sure we don't get a template missing error:
+    @controller.stubs(:render)
+    post :create, :login => @user.login, 'A' => @client_hex
+  end
+
+  test "should authenticate" do
+    request.env['warden'].expects(:authenticate!)
+    @controller.stubs(:current_user).returns(@user)
+    handshake = stub(:to_hash => {h: "ash"})
+    session[:handshake] = handshake
+
+    post :update, :id => @user.login, :client_auth => @client_hex
+
+    assert_nil session[:handshake]
+    assert_response :success
+    assert json_response.keys.include?("id")
+    assert json_response.keys.include?("token")
+    assert token = Token.find(json_response['token'])
+    assert_equal @user.id, token.user_id
+  end
+
+  test "destroy should logout" do
+    login
+    expect_logout
+    delete :destroy
+    assert_response 204
+  end
+
+end
diff --git a/test/functional/v1/users_controller_test.rb b/test/functional/v1/users_controller_test.rb
new file mode 100644
index 0000000..7cd9b0c
--- /dev/null
+++ b/test/functional/v1/users_controller_test.rb
@@ -0,0 +1,74 @@
+require 'test_helper'
+
+class V1::UsersControllerTest < ActionController::TestCase
+
+  test "user can change settings" do
+    user = find_record :user
+    changed_attribs = record_attributes_for :user_with_settings
+    account_settings = stub
+    account_settings.expects(:update).with(changed_attribs)
+    Account.expects(:new).with(user).returns(account_settings)
+
+    login user
+    put :update, :user => changed_attribs, :id => user.id, :format => :json
+
+    assert_equal user, assigns[:user]
+    assert_response 204
+    assert_equal " ", @response.body
+  end
+
+  test "admin can update user" do
+    user = find_record :user
+    changed_attribs = record_attributes_for :user_with_settings
+    account_settings = stub
+    account_settings.expects(:update).with(changed_attribs)
+    Account.expects(:new).with(user).returns(account_settings)
+
+    login :is_admin? => true
+    put :update, :user => changed_attribs, :id => user.id, :format => :json
+
+    assert_equal user, assigns[:user]
+    assert_response 204
+  end
+
+  test "user cannot update other user" do
+    user = find_record :user
+    login
+    put :update, :user => record_attributes_for(:user_with_settings), :id => user.id, :format => :json
+    assert_access_denied
+  end
+
+  test "should create new user" do
+    user_attribs = record_attributes_for :user
+    user = User.new(user_attribs)
+    Account.expects(:create).with(user_attribs).returns(user)
+
+    post :create, :user => user_attribs, :format => :json
+
+    assert_nil session[:user_id]
+    assert_json_response user
+    assert_response :success
+  end
+
+  test "should redirect to signup form on failed attempt" do
+    user_attribs = record_attributes_for :user
+    user_attribs.slice!('login')
+    user = User.new(user_attribs)
+    assert !user.valid?
+    Account.expects(:create).with(user_attribs).returns(user)
+
+    post :create, :user => user_attribs, :format => :json
+
+    assert_json_error user.errors.messages
+    assert_response 422
+  end
+
+  test "admin can autocomplete users" do
+    login :is_admin? => true
+    get :index, :query => 'a', :format => :json
+
+    assert_response :success
+    assert assigns(:users)
+  end
+
+end
-- 
cgit v1.2.3


From c1486cb9688d53c5ae266ff22ab279ead12eaa36 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Thu, 10 Apr 2014 12:45:21 +0200
Subject: move certs into toplevel

cleaned up all the engine stuff that was never really used.
Afterwards there is not that much left that makes it into the toplevel.
---
 test/functional/v1/certs_controller_test.rb | 44 +++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 test/functional/v1/certs_controller_test.rb

(limited to 'test/functional/v1')

diff --git a/test/functional/v1/certs_controller_test.rb b/test/functional/v1/certs_controller_test.rb
new file mode 100644
index 0000000..2c70e52
--- /dev/null
+++ b/test/functional/v1/certs_controller_test.rb
@@ -0,0 +1,44 @@
+require 'test_helper'
+
+class V1::CertsControllerTest < ActionController::TestCase
+
+  test "send limited cert without login" do
+    with_config allow_limited_certs: true, allow_anonymous_certs: true do
+      cert = stub :to_s => "limited cert"
+      ClientCertificate.expects(:new).with(:prefix => APP_CONFIG[:limited_cert_prefix]).returns(cert)
+      get :show
+      assert_response :success
+      assert_equal cert.to_s, @response.body
+    end
+  end
+
+  test "send unlimited cert" do
+    with_config allow_unlimited_certs: true do
+      login
+      cert = stub :to_s => "unlimited cert"
+      ClientCertificate.expects(:new).with(:prefix => APP_CONFIG[:unlimited_cert_prefix]).returns(cert)
+      get :show
+      assert_response :success
+      assert_equal cert.to_s, @response.body
+    end
+  end
+
+  test "login required if anonymous certs disabled" do
+    with_config allow_anonymous_certs: false do
+      get :show
+      assert_response :redirect
+    end
+  end
+
+  test "send limited cert" do
+    with_config allow_limited_certs: true, allow_unlimited_certs: false do
+      login
+      cert = stub :to_s => "real cert"
+      ClientCertificate.expects(:new).with(:prefix => APP_CONFIG[:limited_cert_prefix]).returns(cert)
+      get :show
+      assert_response :success
+      assert_equal cert.to_s, @response.body
+    end
+  end
+
+end
-- 
cgit v1.2.3