From 9dadc61cae2c4c01a97880e89ca86a0e760fc8d1 Mon Sep 17 00:00:00 2001 From: hukl Date: Wed, 7 Oct 2009 21:03:28 +0200 Subject: implemented complete restful user management interface including functional tests. this enables basic user operation. note that only admins are allowed to create, edit, destroy other users --- test/fixtures/users.yml | 1 + test/functional/nodes_controller_test.rb | 2 - test/functional/users_controller_test.rb | 146 ++++++++++++++++++++++++++++++- test/test_helper.rb | 3 + 4 files changed, 147 insertions(+), 5 deletions(-) (limited to 'test') diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index 5b32afc..a62b350 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -13,4 +13,5 @@ aaron: salt: 5be6f9cdd04fd7ab3c91cd32a5334ba2339b8005 crypted_password: 740a48caf7dd5ff11318d812d57c0a0928cfbc12 # 'monkey' created_at: <%= 1.days.ago.to_s :db %> + admin: true diff --git a/test/functional/nodes_controller_test.rb b/test/functional/nodes_controller_test.rb index 3293f42..3dae9db 100644 --- a/test/functional/nodes_controller_test.rb +++ b/test/functional/nodes_controller_test.rb @@ -2,8 +2,6 @@ require 'test_helper' class NodesControllerTest < ActionController::TestCase - include AuthenticatedTestHelper - def test_get_index Node.root.descendants.delete_all test_node = Node.create :slug => "foo" diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb index c3db123..a8333fe 100644 --- a/test/functional/users_controller_test.rb +++ b/test/functional/users_controller_test.rb @@ -1,8 +1,148 @@ require 'test_helper' class UsersControllerTest < ActionController::TestCase - # Replace this with your real tests. - test "the truth" do - assert true + + test "get index as regular user renders stripped partial" do + login_as :quentin + get :index + assert_response :success + assert_select "a", { :count => 0, :text => "Destroy" } end + + test "get index as admin user renders admin partial" do + login_as :aaron + get :index + assert_response :success + assert_select "a", "Destroy" + assert_select "a", "Show", "Edit Link is missing" + end + + test "get new when logged in as admin" do + login_as :aaron + get :new + assert_response :success + end + + test "get new without being logged in as admin redirects back to index" do + login_as :quentin + get :new + assert_response :redirect + assert_redirected_to users_path + assert_equal( + "Sorry, you need to be an admin for this action", + @response.flash[:notice] + ) + end + + test "creating new users being logged in as admin" do + login_as :aaron + assert_difference "User.count", +1 do + post :create, :user => { + :login => "peter", + :email => "foo@bar.com", + :password => "xxxzzz", + :password_confirmation => "xxxzzz" + } + end + + assert_redirected_to user_path(User.last) + assert !User.last.admin + end + + test "creating new admin users being logged in as admin" do + login_as :aaron + assert_difference "User.count", +1 do + post :create, :user => { + :login => "peter", + :email => "foo@bar.com", + :password => "xxxzzz", + :password_confirmation => "xxxzzz", + :admin => true + } + end + + assert_redirected_to user_path(User.last) + assert User.last.admin + end + + test "creating new users not being logged as regular user wont work" do + login_as :quentin + assert_no_difference "User.count" do + post :create, :user => { + :login => "peter", + :email => "foo@bar.com", + :password => "xxxzzz", + :password_confirmation => "xxxzzz" + } + end + + assert_redirected_to users_path + assert_equal( + "Sorry, you need to be an admin for this action", + @response.flash[:notice] + ) + end + + test "get edit of another user being logged in as regular user wont work" do + login_as :quentin + get :edit, :id => User.find_by_login("aaron").id + assert_redirected_to users_path + assert_equal( + "Sorry, you need to be an admin for this action", + @response.flash[:notice] + ) + end + + test "get edit of another user being logged in as admin user" do + login_as :aaron + get :edit, :id => User.find_by_login("quentin").id + assert_response :success + end + + test "updating an user when being logged in as regular user wont work" do + user = User.find_by_login("aaron") + login_as :quentin + put :update, :id => user.id, :user => {:login => "random"} + assert_redirected_to users_path + assert_equal( + "Sorry, you need to be an admin for this action", + @response.flash[:notice] + ) + end + + test "updating an user when being login in as admin user" do + user = User.find_by_login("quentin") + login_as :aaron + put :update, :id => user.id, :user => {:login => "random"} + assert_redirected_to user_path(user) + assert_equal "random", user.reload.login + end + + test "showing a user" do + login_as :quentin + get :show, :id => User.find_by_login("aaron").id + assert_response :success + end + + test "destroying an user being logged in as regular user wont work" do + login_as :quentin + assert_no_difference "User.count" do + delete :destroy, :id => User.find_by_login("aaron").id + end + assert_redirected_to users_path + assert_equal( + "Sorry, you need to be an admin for this action", + @response.flash[:notice] + ) + end + + test "destroying an user being logged in as admin user" do + login_as :aaron + assert_difference "User.count", -1 do + delete :destroy, :id => User.find_by_login("quentin").id + end + assert_redirected_to users_path + end + + end diff --git a/test/test_helper.rb b/test/test_helper.rb index b9fe251..21d4604 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -3,6 +3,9 @@ require File.expand_path(File.dirname(__FILE__) + "/../config/environment") require 'test_help' class ActiveSupport::TestCase + + include AuthenticatedTestHelper + # Transactional fixtures accelerate your tests by wrapping each test method # in a transaction that's rolled back on completion. This ensures that the # test database remains unchanged so your fixtures don't have to be reloaded -- cgit v1.3