From 758b9a3c30a73fd985943fb7a887f0373be3a833 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Sat, 8 Feb 2014 12:29:08 +0100
Subject: split up and expand account integration test

---
 users/test/integration/api/update_account_test.rb | 44 +++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 users/test/integration/api/update_account_test.rb

(limited to 'users/test/integration/api/update_account_test.rb')

diff --git a/users/test/integration/api/update_account_test.rb b/users/test/integration/api/update_account_test.rb
new file mode 100644
index 0000000..16c2357
--- /dev/null
+++ b/users/test/integration/api/update_account_test.rb
@@ -0,0 +1,44 @@
+require 'test_helper'
+require_relative 'srp_test'
+
+class UpdateAccountTest < SrpTest
+
+  setup do
+    register_user
+  end
+
+  test "require authentication" do
+    update_user password: "No! Verify me instead."
+    assert_access_denied
+  end
+
+  test "update password via api" do
+    authenticate
+    update_user password: "No! Verify me instead."
+    authenticate
+    assert last_response.successful?
+    assert_nil server_auth["errors"]
+    assert server_auth["M2"]
+  end
+
+  test "change login with password_verifier" do
+    authenticate
+    new_login = 'zaph'
+    cleanup_user new_login
+    update_user login: new_login, password: @password
+    authenticate
+    assert last_response.successful?
+    assert_equal new_login, @user.reload.login
+  end
+
+  test "prevent changing login without changing password_verifier" do
+    authenticate
+    original_login = @user.login
+    new_login = 'zaph'
+    cleanup_user new_login
+    update_user login: new_login
+    assert last_response.successful?
+    # does not change login if no password_verifier is present
+    assert_equal original_login, @user.reload.login
+  end
+end
-- 
cgit v1.2.3