From d70c5796a2989b7b43f7e287899fb1394ae28280 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Fri, 19 Jul 2013 16:02:02 +0200
Subject: separate signup and settings service objects for user

---
 users/test/functional/v1/users_controller_test.rb | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'users/test/functional')

diff --git a/users/test/functional/v1/users_controller_test.rb b/users/test/functional/v1/users_controller_test.rb
index 0d44e50..a330bf3 100644
--- a/users/test/functional/v1/users_controller_test.rb
+++ b/users/test/functional/v1/users_controller_test.rb
@@ -5,7 +5,9 @@ class V1::UsersControllerTest < ActionController::TestCase
   test "user can change settings" do
     user = find_record :user
     changed_attribs = record_attributes_for :user_with_settings
-    user.expects(:update_attributes).with(changed_attribs)
+    account_settings = stub
+    account_settings.expects(:update).with(changed_attribs)
+    AccountSettings.expects(:new).with(user).returns(account_settings)
 
     login user
     put :update, :user => changed_attribs, :id => user.id, :format => :json
@@ -18,7 +20,9 @@ class V1::UsersControllerTest < ActionController::TestCase
   test "admin can update user" do
     user = find_record :user
     changed_attribs = record_attributes_for :user_with_settings
-    user.expects(:update_attributes).with(changed_attribs)
+    account_settings = stub
+    account_settings.expects(:update).with(changed_attribs)
+    AccountSettings.expects(:new).with(user).returns(account_settings)
 
     login :is_admin? => true
     put :update, :user => changed_attribs, :id => user.id, :format => :json
-- 
cgit v1.2.3


From 7ad6d054d72d3c76098f689e4e7890265a3604c8 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 26 Aug 2013 10:59:18 +0200
Subject: first steps towards enabling token based auth

---
 users/test/functional/v1/sessions_controller_test.rb | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to 'users/test/functional')

diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb
index 0c4e325..8a16997 100644
--- a/users/test/functional/v1/sessions_controller_test.rb
+++ b/users/test/functional/v1/sessions_controller_test.rb
@@ -7,7 +7,7 @@ class V1::SessionsControllerTest < ActionController::TestCase
 
   setup do
     @request.env['HTTP_HOST'] = 'api.lvh.me'
-    @user = stub_record :user
+    @user = stub_record :user, {}, true
     @client_hex = 'a123'
   end
 
@@ -48,13 +48,24 @@ class V1::SessionsControllerTest < ActionController::TestCase
     assert_response :success
     assert json_response.keys.include?("id")
     assert json_response.keys.include?("token")
+    assert token = Token.find(json_response['token'])
+    assert_equal @user.id, token.user_id
   end
 
   test "logout should reset warden user" do
     expect_warden_logout
     delete :destroy
-    assert_response :redirect
-    assert_redirected_to root_url
+    assert_response 204
+  end
+
+  test "logout should remove token" do
+    login
+    expect_warden_logout
+    skip "TODO: implement token removal"
+    assert_difference "Token.count", -1 do
+      delete :destroy
+      assert_response 204
+    end
   end
 
   def expect_warden_logout
-- 
cgit v1.2.3


From e60ee749cab0f80cf23ca57e28c7de6d1b3a395b Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 27 Aug 2013 11:14:30 +0200
Subject: basic testing for token based auth in tests

---
 users/test/functional/helper_methods_test.rb |  2 +-
 users/test/functional/test_helpers_test.rb   | 38 ++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 users/test/functional/test_helpers_test.rb

(limited to 'users/test/functional')

diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb
index 2b2375c..44226ae 100644
--- a/users/test/functional/helper_methods_test.rb
+++ b/users/test/functional/helper_methods_test.rb
@@ -11,7 +11,7 @@ class HelperMethodsTest < ActionController::TestCase
   # we test them right in here...
   include ApplicationController._helpers
 
-  # they all reference the controller.
+  # the helpers all reference the controller.
   def controller
     @controller
   end
diff --git a/users/test/functional/test_helpers_test.rb b/users/test/functional/test_helpers_test.rb
new file mode 100644
index 0000000..d1bdb64
--- /dev/null
+++ b/users/test/functional/test_helpers_test.rb
@@ -0,0 +1,38 @@
+#
+# There are a few test helpers for dealing with login etc.
+# We test them here and also document their behaviour.
+#
+
+require 'test_helper'
+
+class TestHelpersTest < ActionController::TestCase
+  tests ApplicationController # testing no controller in particular
+
+  def test_login_stubs_warden
+    login
+    assert_equal @current_user, request.env['warden'].user
+  end
+
+  def test_login_token_authenticates
+    login
+    assert_equal @current_user, @controller.send(:token_authenticate)
+  end
+
+  def test_login_stubs_token
+    login
+    assert @token
+    assert_equal @current_user.id, @token.user_id
+  end
+
+  def test_login_adds_token_header
+    login
+    token_present = @controller.authenticate_with_http_token do |token, options|
+      assert_equal @token.id, token
+    end
+    # authenticate_with_http_token just returns nil and does not
+    # execute the block if there is no token. So we have to also
+    # ensure it was run:
+    assert token_present
+  end
+end
+
-- 
cgit v1.2.3


From 420bfb326f974eec14b04d6a170ed2d28c14180f Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 27 Aug 2013 14:36:27 +0200
Subject: clear token on logout with test

---
 users/test/functional/v1/sessions_controller_test.rb | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

(limited to 'users/test/functional')

diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb
index 8a16997..ff9fca1 100644
--- a/users/test/functional/v1/sessions_controller_test.rb
+++ b/users/test/functional/v1/sessions_controller_test.rb
@@ -52,20 +52,18 @@ class V1::SessionsControllerTest < ActionController::TestCase
     assert_equal @user.id, token.user_id
   end
 
-  test "logout should reset warden user" do
+  test "logout should reset session" do
     expect_warden_logout
     delete :destroy
     assert_response 204
   end
 
-  test "logout should remove token" do
+  test "logout should destroy token" do
     login
     expect_warden_logout
-    skip "TODO: implement token removal"
-    assert_difference "Token.count", -1 do
-      delete :destroy
-      assert_response 204
-    end
+    @token.expects(:destroy)
+    delete :destroy
+    assert_response 204
   end
 
   def expect_warden_logout
@@ -76,5 +74,4 @@ class V1::SessionsControllerTest < ActionController::TestCase
     request.env['warden'].expects(:logout)
   end
 
-
 end
-- 
cgit v1.2.3


From 5e6a2a2995598489372676bf8e045dc2dfda6c81 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 27 Aug 2013 14:55:43 +0200
Subject: token.user will get you the right user

This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.
---
 users/test/functional/test_helpers_test.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'users/test/functional')

diff --git a/users/test/functional/test_helpers_test.rb b/users/test/functional/test_helpers_test.rb
index d1bdb64..9bd01ad 100644
--- a/users/test/functional/test_helpers_test.rb
+++ b/users/test/functional/test_helpers_test.rb
@@ -21,7 +21,7 @@ class TestHelpersTest < ActionController::TestCase
   def test_login_stubs_token
     login
     assert @token
-    assert_equal @current_user.id, @token.user_id
+    assert_equal @current_user, @token.user
   end
 
   def test_login_adds_token_header
-- 
cgit v1.2.3


From 1e6e6d82ed53b1db558b7c1f4e14740962cc406a Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 27 Aug 2013 14:56:41 +0200
Subject: separate different tests for showing non existant user

This way the failed stubbing errors were more telling
---
 users/test/functional/users_controller_test.rb | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'users/test/functional')

diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb
index 0ce5cc2..96ae48c 100644
--- a/users/test/functional/users_controller_test.rb
+++ b/users/test/functional/users_controller_test.rb
@@ -59,19 +59,23 @@ class UsersControllerTest < ActionController::TestCase
     assert_access_denied
   end
 
-  test "show for non-existing user" do
+  test "may not show non-existing user without auth" do
     nonid = 'thisisnotanexistinguserid'
 
-    # when unauthenticated:
     get :show, :id => nonid
     assert_access_denied(true, false)
+  end
 
-    # when authenticated but not admin:
+  test "may not show non-existing user without admin" do
+    nonid = 'thisisnotanexistinguserid'
     login
+
     get :show, :id => nonid
     assert_access_denied
+  end
 
-    # when authenticated as admin:
+  test "redirect admin to user list for non-existing user" do
+    nonid = 'thisisnotanexistinguserid'
     login :is_admin? => true
     get :show, :id => nonid
     assert_response :redirect
-- 
cgit v1.2.3