From 0c79df9874c59fbaa5c845e07d8fa1b4bbc23b9c Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 11 Oct 2012 17:11:32 +0200 Subject: use ruby-srp 0.1.3 which returns the user on authenticate call Also removed a few hooks to User.current. Will replace with current_user --- users/test/functional/sessions_controller_test.rb | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb index b6e56a7..47d7052 100644 --- a/users/test/functional/sessions_controller_test.rb +++ b/users/test/functional/sessions_controller_test.rb @@ -3,6 +3,7 @@ require 'test_helper' class SessionsControllerTest < ActionController::TestCase def setup + @user = stub :login => "me", :id => 123 @client_hex = 'a123' @client_rnd = @client_hex.hex @server_hex = 'b123' @@ -19,14 +20,13 @@ class SessionsControllerTest < ActionController::TestCase end test "should perform handshake" do - user = stub :login => "me", :id => 123 - user.expects(:initialize_auth). + @user.expects(:initialize_auth). with(@client_rnd). returns(@server_handshake) @server_handshake.expects(:to_json). returns({'B' => @server_hex, 'salt' => @salt}.to_json) - User.expects(:find_by_param).with(user.login).returns(user) - post :create, :login => user.login, 'A' => @client_hex + User.expects(:find_by_param).with(@user.login).returns(@user) + post :create, :login => @user.login, 'A' => @client_hex assert_equal @server_handshake, session[:handshake] assert_response :success assert_json_response :B => @server_hex, :salt => @salt @@ -42,27 +42,23 @@ class SessionsControllerTest < ActionController::TestCase test "should authorize" do session[:handshake] = @server_handshake - user = stub :login => "me", :id => 123 @server_handshake.expects(:authenticate!). with(@client_rnd). - returns(@server_auth) + returns(@user) @server_handshake.expects(:to_json). returns({:M2 => @server_auth}.to_json) - User.expects(:find_by_param).with(user.login).returns(user) - post :update, :id => user.login, :client_auth => @client_hex + post :update, :id => @user.login, :client_auth => @client_hex assert_nil session[:handshake] assert_json_response :M2 => @server_auth - assert_equal user.id, session[:user_id] + assert_equal @user.id, session[:user_id] end test "should report wrong password" do session[:handshake] = @server_handshake - user = stub :login => "me", :id => 123 @server_handshake.expects(:authenticate!). with(@client_rnd). raises(WRONG_PASSWORD) - User.expects(:find_by_param).with(user.login).returns(user) - post :update, :id => user.login, :client_auth => @client_hex + post :update, :id => @user.login, :client_auth => @client_hex assert_nil session[:handshake] assert_nil session[:user_id] assert_json_response :errors => {"password" => ["wrong password"]} -- cgit v1.2.3 From 3e0a1a47c0eafb7f9b79e5f2765ea33ce1ad159b Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 24 Oct 2012 20:35:52 +0200 Subject: basic admin controller methods and helpers + tests --- .../test/functional/application_controller_test.rb | 44 ++++++++++++++++++++ users/test/functional/helper_methods_test.rb | 48 ++++++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100644 users/test/functional/application_controller_test.rb create mode 100644 users/test/functional/helper_methods_test.rb (limited to 'users/test/functional') diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb new file mode 100644 index 0000000..d13a354 --- /dev/null +++ b/users/test/functional/application_controller_test.rb @@ -0,0 +1,44 @@ +require 'test_helper' + +class ApplicationControllerTest < ActionController::TestCase + + def setup + @user_id = stub + @user = stub + session[:user_id] = @user_id + # so we can test the effect on the response + @controller.response = @response + end + + def test_authorize_redirect + session[:user_id] = nil + @controller.send(:authorize) + assert_access_denied + end + + def test_current_user_with_caching + User.expects(:find).once.with(@user_id).returns(@user) + assert_equal @user, @controller.send(:current_user) + assert_equal @user, @controller.send(:current_user) # tests caching + end + + def test_authorized + User.expects(:find).once.with(@user_id).returns(@user) + @controller.send(:authorize) + end + + def test_admin + bool = stub + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(bool) + assert_equal bool, @controller.send(:admin?) + end + + def test_authorize_admin + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(false) + @controller.send(:authorize_admin) + assert_access_denied + end + +end diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb new file mode 100644 index 0000000..0d76f63 --- /dev/null +++ b/users/test/functional/helper_methods_test.rb @@ -0,0 +1,48 @@ +# +# Testing and documenting the helper methods available from +# ApplicationController +# + +require 'test_helper' + +class HelperMethodsTest < ActionController::TestCase + tests ApplicationController + + # we test them right in here... + include ApplicationController._helpers + + # they all reference the controller. + def controller + @controller + end + + def setup + @user_id = stub + @user = stub + session[:user_id] = @user_id + end + + def test_current_user_with_caching + User.expects(:find).once.with(@user_id).returns(@user) + assert_equal @user, current_user + assert_equal @user, current_user # tests caching + end + + def test_logged_in + User.expects(:find).once.with(@user_id).returns(@user) + assert logged_in? + end + + def test_logged_in + User.expects(:find).once.with(@user_id).returns(nil) + assert !logged_in? + end + + def test_admin + bool = stub + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(bool) + assert_equal bool, admin? + end + +end -- cgit v1.2.3 From b724d53b36878c96d30676c22ee4e4369dcc37f8 Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 24 Oct 2012 20:41:30 +0200 Subject: Extraction of test support methods --- users/test/functional/application_controller_test.rb | 14 ++++++-------- users/test/functional/helper_methods_test.rb | 16 +++++----------- 2 files changed, 11 insertions(+), 19 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb index d13a354..4397e1d 100644 --- a/users/test/functional/application_controller_test.rb +++ b/users/test/functional/application_controller_test.rb @@ -3,39 +3,37 @@ require 'test_helper' class ApplicationControllerTest < ActionController::TestCase def setup - @user_id = stub - @user = stub - session[:user_id] = @user_id # so we can test the effect on the response @controller.response = @response end def test_authorize_redirect - session[:user_id] = nil + stub_logged_out @controller.send(:authorize) assert_access_denied end def test_current_user_with_caching - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in assert_equal @user, @controller.send(:current_user) assert_equal @user, @controller.send(:current_user) # tests caching end def test_authorized - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @controller.send(:authorize) + assert_access_denied(false) end def test_admin bool = stub - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @user.expects(:is_admin?).returns(bool) assert_equal bool, @controller.send(:admin?) end def test_authorize_admin - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @user.expects(:is_admin?).returns(false) @controller.send(:authorize_admin) assert_access_denied diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb index 0d76f63..c0eaf61 100644 --- a/users/test/functional/helper_methods_test.rb +++ b/users/test/functional/helper_methods_test.rb @@ -16,31 +16,25 @@ class HelperMethodsTest < ActionController::TestCase @controller end - def setup - @user_id = stub - @user = stub - session[:user_id] = @user_id - end - def test_current_user_with_caching - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in assert_equal @user, current_user assert_equal @user, current_user # tests caching end def test_logged_in - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in assert logged_in? end - def test_logged_in - User.expects(:find).once.with(@user_id).returns(nil) + def test_logged_out + stub_logged_out assert !logged_in? end def test_admin bool = stub - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @user.expects(:is_admin?).returns(bool) assert_equal bool, admin? end -- cgit v1.2.3 From 2c2a80812818362d0e0c416deefd4aee2787dd9e Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 24 Oct 2012 20:50:40 +0200 Subject: removing duplicate testing of helper_methods * once tested as helper * once tested as @controller.send... --- users/test/functional/application_controller_test.rb | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb index 4397e1d..69bcb2f 100644 --- a/users/test/functional/application_controller_test.rb +++ b/users/test/functional/application_controller_test.rb @@ -13,25 +13,12 @@ class ApplicationControllerTest < ActionController::TestCase assert_access_denied end - def test_current_user_with_caching - @user = stub_logged_in - assert_equal @user, @controller.send(:current_user) - assert_equal @user, @controller.send(:current_user) # tests caching - end - def test_authorized @user = stub_logged_in @controller.send(:authorize) assert_access_denied(false) end - def test_admin - bool = stub - @user = stub_logged_in - @user.expects(:is_admin?).returns(bool) - assert_equal bool, @controller.send(:admin?) - end - def test_authorize_admin @user = stub_logged_in @user.expects(:is_admin?).returns(false) -- cgit v1.2.3 From e1fc3f4850ee73e0591bd67a92b104db4f63e4cb Mon Sep 17 00:00:00 2001 From: Azul Date: Sun, 4 Nov 2012 21:01:27 +0100 Subject: stubbing current_user the warden way --- users/test/functional/application_controller_test.rb | 7 +++---- users/test/functional/helper_methods_test.rb | 15 ++++++--------- 2 files changed, 9 insertions(+), 13 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb index 69bcb2f..857bae5 100644 --- a/users/test/functional/application_controller_test.rb +++ b/users/test/functional/application_controller_test.rb @@ -8,20 +8,19 @@ class ApplicationControllerTest < ActionController::TestCase end def test_authorize_redirect - stub_logged_out @controller.send(:authorize) assert_access_denied end def test_authorized - @user = stub_logged_in + login @controller.send(:authorize) assert_access_denied(false) end def test_authorize_admin - @user = stub_logged_in - @user.expects(:is_admin?).returns(false) + login + @current_user.expects(:is_admin?).returns(false) @controller.send(:authorize_admin) assert_access_denied end diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb index c0eaf61..2b2375c 100644 --- a/users/test/functional/helper_methods_test.rb +++ b/users/test/functional/helper_methods_test.rb @@ -16,26 +16,23 @@ class HelperMethodsTest < ActionController::TestCase @controller end - def test_current_user_with_caching - @user = stub_logged_in - assert_equal @user, current_user - assert_equal @user, current_user # tests caching + def test_current_user + login + assert_equal @current_user, current_user end def test_logged_in - @user = stub_logged_in + login assert logged_in? end def test_logged_out - stub_logged_out assert !logged_in? end def test_admin - bool = stub - @user = stub_logged_in - @user.expects(:is_admin?).returns(bool) + login + @current_user.expects(:is_admin?).returns(bool = stub) assert_equal bool, admin? end -- cgit v1.2.3 From ef90c45998b33ba8606c3786875e21496ace4686 Mon Sep 17 00:00:00 2001 From: Azul Date: Sun, 4 Nov 2012 22:14:13 +0100 Subject: fixed functional tests --- users/test/functional/sessions_controller_test.rb | 85 +++++++++++------------ 1 file changed, 39 insertions(+), 46 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb index 47d7052..4bad12f 100644 --- a/users/test/functional/sessions_controller_test.rb +++ b/users/test/functional/sessions_controller_test.rb @@ -2,74 +2,67 @@ require 'test_helper' class SessionsControllerTest < ActionController::TestCase - def setup + setup do @user = stub :login => "me", :id => 123 @client_hex = 'a123' - @client_rnd = @client_hex.hex - @server_hex = 'b123' - @server_rnd = @server_hex.hex - @server_rnd_exp = 'e123'.hex - @salt = 'stub user salt' - @server_handshake = stub :aa => @client_rnd, :bb => @server_rnd, :b => @server_rnd_exp - @server_auth = 'adfe' end test "should get login screen" do + request.env['warden'].expects(:winning_strategy) get :new assert_response :success + assert_equal "text/html", response.content_type + assert_template "sessions/new" end - test "should perform handshake" do - @user.expects(:initialize_auth). - with(@client_rnd). - returns(@server_handshake) - @server_handshake.expects(:to_json). - returns({'B' => @server_hex, 'salt' => @salt}.to_json) - User.expects(:find_by_param).with(@user.login).returns(@user) - post :create, :login => @user.login, 'A' => @client_hex - assert_equal @server_handshake, session[:handshake] + test "renders json" do + request.env['warden'].expects(:winning_strategy) + get :new, :format => :json assert_response :success - assert_json_response :B => @server_hex, :salt => @salt + assert_json_response :errors => nil end - test "should report user not found" do - unknown = "login_that_does_not_exist" - User.expects(:find_by_param).with(unknown).raises(RECORD_NOT_FOUND) - post :create, :login => unknown + test "renders warden errors" do + strategy = stub :message => "Warden auth did not work" + request.env['warden'].expects(:winning_strategy).returns(strategy) + get :new, :format => :json assert_response :success - assert_json_response :errors => {"login" => ["unknown user"]} + assert_json_response :errors => strategy.message end - test "should authorize" do - session[:handshake] = @server_handshake - @server_handshake.expects(:authenticate!). - with(@client_rnd). - returns(@user) - @server_handshake.expects(:to_json). - returns({:M2 => @server_auth}.to_json) - post :update, :id => @user.login, :client_auth => @client_hex - assert_nil session[:handshake] - assert_json_response :M2 => @server_auth - assert_equal @user.id, session[:user_id] + test "should perform handshake" do + assert_raises ActionView::MissingTemplate do + request.env['warden'].expects(:authenticate!) + post :create, :login => @user.login, 'A' => @client_hex + assert params['A'] + assert params['login'] + end end - test "should report wrong password" do - session[:handshake] = @server_handshake - @server_handshake.expects(:authenticate!). - with(@client_rnd). - raises(WRONG_PASSWORD) - post :update, :id => @user.login, :client_auth => @client_hex - assert_nil session[:handshake] - assert_nil session[:user_id] - assert_json_response :errors => {"password" => ["wrong password"]} + test "should authorize" do + assert_raises ActionView::MissingTemplate do + request.env['warden'].expects(:authenticate!) + session[:handshake] = stub + post :update, :id => @user.login, :client_auth => @client_hex + assert params['client_auth'] + assert session[:handshake] + end end - test "logout should reset sessions user_id" do - session[:user_id] = "set" + test "logout should reset warden user" do + expect_warden_logout delete :destroy - assert_nil session[:user_id] assert_response :redirect assert_redirected_to root_url end + def expect_warden_logout + raw = mock('raw session') do + expects(:inspect) + end + request.env['warden'].expects(:raw_session).returns(raw) + request.env['warden'].expects(:logout) + end + + end -- cgit v1.2.3 From 5b300b554682c232c0955bdb0dd3d8263dde901e Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 9 Nov 2012 16:45:54 +0100 Subject: seperated the warden classes from the initializer also commented the sessions controller test a bit and fixed it --- users/test/functional/sessions_controller_test.rb | 29 +++++++++++++---------- 1 file changed, 16 insertions(+), 13 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb index 4bad12f..8f2d95c 100644 --- a/users/test/functional/sessions_controller_test.rb +++ b/users/test/functional/sessions_controller_test.rb @@ -1,5 +1,8 @@ require 'test_helper' +# This is a simple controller unit test. +# We're stubbing out both warden and srp. +# There's an integration test testing the full rack stack and srp class SessionsControllerTest < ActionController::TestCase setup do @@ -30,23 +33,23 @@ class SessionsControllerTest < ActionController::TestCase assert_json_response :errors => strategy.message end + # Warden takes care of parsing the params and + # rendering the response. So not much to test here. test "should perform handshake" do - assert_raises ActionView::MissingTemplate do - request.env['warden'].expects(:authenticate!) - post :create, :login => @user.login, 'A' => @client_hex - assert params['A'] - assert params['login'] - end + request.env['warden'].expects(:authenticate!) + # make sure we don't get a template missing error: + @controller.stubs(:render) + post :create, :login => @user.login, 'A' => @client_hex end test "should authorize" do - assert_raises ActionView::MissingTemplate do - request.env['warden'].expects(:authenticate!) - session[:handshake] = stub - post :update, :id => @user.login, :client_auth => @client_hex - assert params['client_auth'] - assert session[:handshake] - end + request.env['warden'].expects(:authenticate!) + handshake = stub(:to_json => "JSON") + session[:handshake] = handshake + post :update, :id => @user.login, :client_auth => @client_hex + assert_nil session[:handshake] + assert_response :success + assert_equal handshake.to_json, @response.body end test "logout should reset warden user" do -- cgit v1.2.3 From ec87ccfa185a4c063386d385de7af15f993b77d8 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 16:22:18 +0100 Subject: fixed tests --- users/test/functional/sessions_controller_test.rb | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb index 8f2d95c..93cc032 100644 --- a/users/test/functional/sessions_controller_test.rb +++ b/users/test/functional/sessions_controller_test.rb @@ -26,11 +26,12 @@ class SessionsControllerTest < ActionController::TestCase end test "renders warden errors" do - strategy = stub :message => "Warden auth did not work" - request.env['warden'].expects(:winning_strategy).returns(strategy) + strategy = stub :message => {:field => :translate_me} + request.env['warden'].stubs(:winning_strategy).returns(strategy) + I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub") get :new, :format => :json - assert_response :success - assert_json_response :errors => strategy.message + assert_response 422 + assert_json_response :errors => {"field" => "translation stub"} end # Warden takes care of parsing the params and -- cgit v1.2.3 From 3ce5a25afef3b938c2bbbe8ce481f2af9e0c24dc Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 23 Nov 2012 10:24:46 +0100 Subject: test editing user settings --- users/test/functional/users_controller_test.rb | 31 ++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'users/test/functional') diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index 1cb28a6..feae2dd 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -30,4 +30,35 @@ class UsersControllerTest < ActionController::TestCase assert_redirected_to new_user_path end + test "should get edit view" do + params = User.valid_attributes_hash + user = stub params.merge(:id => 123, :class => User, :to_key => ['123'], :new_record? => false, :persisted? => :true) + login user + get :edit, :id => user.id + assert_equal user, assigns[:user] + end + + test "should process updated params" do + params = User.valid_attributes_hash + user = stub params.merge(:id => 123) + params.stringify_keys! + user.expects(:update).with(params).returns(user) + login user + post :update, :user => params, :id => user.id + assert_equal user, assigns[:user] + assert_response :redirect + assert_redirected_to edit_user_path(user) + end + + test "should validate updated params" do + params = User.valid_attributes_hash + user = stub params.merge(:id => 123) + params.stringify_keys! + user.expects(:update).with(params).returns(user) + login user + post :update, :user => params, :id => user.id + assert_equal user, assigns[:user] + end + + end -- cgit v1.2.3 From 46c0140a8eab632c783d309a7afd87cb7aad4280 Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 23 Nov 2012 10:55:49 +0100 Subject: refactored creation of record stubs --- users/test/functional/users_controller_test.rb | 33 +++++++------------------- 1 file changed, 9 insertions(+), 24 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index feae2dd..4318928 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -1,6 +1,8 @@ require 'test_helper' class UsersControllerTest < ActionController::TestCase + include StubRecordHelper + test "should get new" do get :new assert_equal User, assigns(:user).class @@ -8,11 +10,9 @@ class UsersControllerTest < ActionController::TestCase end test "should create new user" do - params = User.valid_attributes_hash - user = stub params.merge(:id => 123) - params.stringify_keys! - User.expects(:create!).with(params).returns(user) - post :create, :user => params + user = stub_record User + User.expects(:create!).with(user.params).returns(user) + post :create, :user => user.params assert_nil session[:user_id] assert_response :redirect assert_redirected_to root_url @@ -31,34 +31,19 @@ class UsersControllerTest < ActionController::TestCase end test "should get edit view" do - params = User.valid_attributes_hash - user = stub params.merge(:id => 123, :class => User, :to_key => ['123'], :new_record? => false, :persisted? => :true) + user = stub_record User login user get :edit, :id => user.id assert_equal user, assigns[:user] end test "should process updated params" do - params = User.valid_attributes_hash - user = stub params.merge(:id => 123) - params.stringify_keys! - user.expects(:update).with(params).returns(user) + user = stub_record User + user.expects(:update).with(user.params).returns(user) login user - post :update, :user => params, :id => user.id + post :update, :user => user.params, :id => user.id assert_equal user, assigns[:user] assert_response :redirect assert_redirected_to edit_user_path(user) end - - test "should validate updated params" do - params = User.valid_attributes_hash - user = stub params.merge(:id => 123) - params.stringify_keys! - user.expects(:update).with(params).returns(user) - login user - post :update, :user => params, :id => user.id - assert_equal user, assigns[:user] - end - - end -- cgit v1.2.3 From ee3c9146e4bbe93ec1f00ee45386a82ec4363c4d Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 23 Nov 2012 12:11:11 +0100 Subject: identify user by id so rerendering the form does not use new invalid login --- users/test/functional/users_controller_test.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'users/test/functional') diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index 4318928..e39869f 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -32,6 +32,7 @@ class UsersControllerTest < ActionController::TestCase test "should get edit view" do user = stub_record User + User.expects(:find_by_param).with(user.id.to_s).returns(user) login user get :edit, :id => user.id assert_equal user, assigns[:user] @@ -39,7 +40,8 @@ class UsersControllerTest < ActionController::TestCase test "should process updated params" do user = stub_record User - user.expects(:update).with(user.params).returns(user) + user.expects(:update_attributes).with(user.params).returns(true) + User.expects(:find_by_param).with(user.id.to_s).returns(user) login user post :update, :user => user.params, :id => user.id assert_equal user, assigns[:user] -- cgit v1.2.3 From 595518684b9c4364f96c97a84cc481b5ae0da981 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 Nov 2012 11:54:11 +0100 Subject: simplified controller and adjusted tests Also added #assert_json_error to tests. --- users/test/functional/sessions_controller_test.rb | 4 ++-- users/test/functional/users_controller_test.rb | 25 +++++++++++------------ 2 files changed, 14 insertions(+), 15 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb index 93cc032..9df4455 100644 --- a/users/test/functional/sessions_controller_test.rb +++ b/users/test/functional/sessions_controller_test.rb @@ -22,7 +22,7 @@ class SessionsControllerTest < ActionController::TestCase request.env['warden'].expects(:winning_strategy) get :new, :format => :json assert_response :success - assert_json_response :errors => nil + assert_json_error nil end test "renders warden errors" do @@ -31,7 +31,7 @@ class SessionsControllerTest < ActionController::TestCase I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub") get :new, :format => :json assert_response 422 - assert_json_response :errors => {"field" => "translation stub"} + assert_json_error :field => "translation stub" end # Warden takes care of parsing the params and diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index e39869f..ced8ee9 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -11,23 +11,22 @@ class UsersControllerTest < ActionController::TestCase test "should create new user" do user = stub_record User - User.expects(:create!).with(user.params).returns(user) - post :create, :user => user.params + User.expects(:create).with(user.params).returns(user) + post :create, :user => user.params, :format => :json assert_nil session[:user_id] - assert_response :redirect - assert_redirected_to root_url + assert_json_response user + assert_response :success end test "should redirect to signup form on failed attempt" do params = User.valid_attributes_hash.slice(:login) user = User.new(params) params.stringify_keys! - User.expects(:create!).with(params).raises(VALIDATION_FAILED.new(user)) - post :create, :user => params - assert_nil session[:user_id] - assert_equal user, assigns[:user] - assert_response :redirect - assert_redirected_to new_user_path + assert !user.valid? + User.expects(:create).with(params).returns(user) + post :create, :user => params, :format => :json + assert_json_error user.errors.messages + assert_response 422 end test "should get edit view" do @@ -43,9 +42,9 @@ class UsersControllerTest < ActionController::TestCase user.expects(:update_attributes).with(user.params).returns(true) User.expects(:find_by_param).with(user.id.to_s).returns(user) login user - post :update, :user => user.params, :id => user.id + put :update, :user => user.params, :id => user.id, :format => :json assert_equal user, assigns[:user] - assert_response :redirect - assert_redirected_to edit_user_path(user) + assert_equal " ", @response.body + assert_response 204 end end -- cgit v1.2.3 From 277b9f98bfbe2ef0217dfd17c8d9d6597369b903 Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 28 Nov 2012 15:13:47 +0100 Subject: admins can destroy users I changed the permissions a little to be more consistent. Now: * admins can edit users * users can destroy themselves. There's no ui for either of them but theoretically they could. Not sure this is what we want though. --- users/test/functional/users_controller_test.rb | 45 ++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) (limited to 'users/test/functional') diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index ced8ee9..ab29845 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -47,4 +47,49 @@ class UsersControllerTest < ActionController::TestCase assert_equal " ", @response.body assert_response 204 end + + test "admin can destroy user" do + login :is_admin? => true + user = stub_record User + user.expects(:destroy) + User.expects(:find_by_param).with(user.id.to_s).returns(user) + delete :destroy, :id => user.id + assert_response :redirect + # assert_redirected_to users_path + end + + test "non-admin can't destroy user" do + login + user = stub_record User + delete :destroy, :id => user.id + assert_access_denied + end + + test "admin can list users" do + login :is_admin? => true + get :index + assert_response :success + assert assigns(:users) + end + + test "non-admin can't list users" do + login + get :index + assert_access_denied + end + + test "admin can autocomplete users" do + login :is_admin? => true + get :index, :format => :json + assert_response :success + assert assigns(:users) + end + + test "admin can search users" do + login :is_admin? => true + get :index, :query => "a" + assert_response :success + assert assigns(:users) + end + end -- cgit v1.2.3 From 1de597b338f0622a7732676907365de673c34dfb Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 3 Dec 2012 10:24:49 +0100 Subject: enable admin to edit users --- users/test/functional/users_controller_test.rb | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'users/test/functional') diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index ab29845..f008cda 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -44,8 +44,19 @@ class UsersControllerTest < ActionController::TestCase login user put :update, :user => user.params, :id => user.id, :format => :json assert_equal user, assigns[:user] + assert_response 204 assert_equal " ", @response.body + end + + test "admin can edit user" do + user = stub_record User + user.expects(:update_attributes).with(user.params).returns(true) + User.expects(:find_by_param).with(user.id.to_s).returns(user) + login :is_admin? => true + put :update, :user => user.params, :id => user.id, :format => :json + assert_equal user, assigns[:user] assert_response 204 + assert_equal " ", @response.body end test "admin can destroy user" do -- cgit v1.2.3 From 2a928455f9dcefa465b80b79768ba1d1a423e6e9 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 3 Dec 2012 10:52:01 +0100 Subject: enable users to cancel their account --- users/test/functional/users_controller_test.rb | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index f008cda..44b6768 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -63,10 +63,19 @@ class UsersControllerTest < ActionController::TestCase login :is_admin? => true user = stub_record User user.expects(:destroy) - User.expects(:find_by_param).with(user.id.to_s).returns(user) + User.expects(:find_by_param).with(user.id).returns(user) delete :destroy, :id => user.id assert_response :redirect - # assert_redirected_to users_path + assert_redirected_to users_path + end + + test "user can cancel account" do + login + @current_user.expects(:destroy) + User.expects(:find_by_param).with(@current_user.id).returns(@current_user) + delete :destroy, :id => @current_user.id + assert_response :redirect + assert_redirected_to login_path end test "non-admin can't destroy user" do -- cgit v1.2.3 From 1b411de39f38eb0925cf255e941545933f227759 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 3 Dec 2012 14:02:16 +0100 Subject: refactored tests with new find_record helper find_record User will return a stubbed user record and make sure User.find_by_id(user.id) returns the same so it can be used in controllers. --- users/test/functional/users_controller_test.rb | 45 ++++++++++++++++++-------- 1 file changed, 31 insertions(+), 14 deletions(-) (limited to 'users/test/functional') diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index 44b6768..939d105 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -5,6 +5,7 @@ class UsersControllerTest < ActionController::TestCase test "should get new" do get :new + assert_equal User, assigns(:user).class assert_response :success end @@ -12,7 +13,9 @@ class UsersControllerTest < ActionController::TestCase test "should create new user" do user = stub_record User User.expects(:create).with(user.params).returns(user) + post :create, :user => user.params, :format => :json + assert_nil session[:user_id] assert_json_response user assert_response :success @@ -24,70 +27,81 @@ class UsersControllerTest < ActionController::TestCase params.stringify_keys! assert !user.valid? User.expects(:create).with(params).returns(user) + post :create, :user => params, :format => :json + assert_json_error user.errors.messages assert_response 422 end test "should get edit view" do - user = stub_record User - User.expects(:find_by_param).with(user.id.to_s).returns(user) + user = find_record User + login user get :edit, :id => user.id + assert_equal user, assigns[:user] end test "should process updated params" do - user = stub_record User + user = find_record User user.expects(:update_attributes).with(user.params).returns(true) - User.expects(:find_by_param).with(user.id.to_s).returns(user) + login user put :update, :user => user.params, :id => user.id, :format => :json + assert_equal user, assigns[:user] assert_response 204 assert_equal " ", @response.body end - test "admin can edit user" do - user = stub_record User + test "admin can update user" do + user = find_record User user.expects(:update_attributes).with(user.params).returns(true) - User.expects(:find_by_param).with(user.id.to_s).returns(user) + login :is_admin? => true put :update, :user => user.params, :id => user.id, :format => :json + assert_equal user, assigns[:user] assert_response 204 assert_equal " ", @response.body end test "admin can destroy user" do - login :is_admin? => true - user = stub_record User + user = find_record User user.expects(:destroy) - User.expects(:find_by_param).with(user.id).returns(user) + + login :is_admin? => true delete :destroy, :id => user.id + assert_response :redirect assert_redirected_to users_path end test "user can cancel account" do - login - @current_user.expects(:destroy) - User.expects(:find_by_param).with(@current_user.id).returns(@current_user) + user = find_record User + user.expects(:destroy) + + login user delete :destroy, :id => @current_user.id + assert_response :redirect assert_redirected_to login_path end test "non-admin can't destroy user" do - login user = stub_record User + + login delete :destroy, :id => user.id + assert_access_denied end test "admin can list users" do login :is_admin? => true get :index + assert_response :success assert assigns(:users) end @@ -95,12 +109,14 @@ class UsersControllerTest < ActionController::TestCase test "non-admin can't list users" do login get :index + assert_access_denied end test "admin can autocomplete users" do login :is_admin? => true get :index, :format => :json + assert_response :success assert assigns(:users) end @@ -108,6 +124,7 @@ class UsersControllerTest < ActionController::TestCase test "admin can search users" do login :is_admin? => true get :index, :query => "a" + assert_response :success assert assigns(:users) end -- cgit v1.2.3