From 0c186fe46bbd5fa0b09ea9025c0d6ed256d8d11d Mon Sep 17 00:00:00 2001 From: hukl Date: Tue, 3 Nov 2009 20:16:40 +0100 Subject: Prevent regular users from promoting themselves to admins --- test/functional/users_controller_test.rb | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'test') diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb index 307ba4c..89c6dc2 100644 --- a/test/functional/users_controller_test.rb +++ b/test/functional/users_controller_test.rb @@ -158,5 +158,23 @@ class UsersControllerTest < ActionController::TestCase assert_redirected_to users_path end + test "admin user can promote regular users to admins" do + login_as :aaron + user = users(:quentin) + put :update, :id => user.id, :user => {:admin => true} + + user.reload + assert_equal true, user.is_admin? + end + + test "regular users cannot promote themselves to admins" do + login_as :quentin + user = users(:quentin) + put :update, :id => user.id, :user => {:admin => true} + + user.reload + assert_equal false, user.is_admin? + end + end -- cgit v1.3