PageRenderTime 53ms CodeModel.GetById 22ms RepoModel.GetById 1ms app.codeStats 0ms

/el-dorado/test/functional/users_controller_test.rb

http://irkensrailsspace.googlecode.com/
Ruby | 407 lines | 389 code | 17 blank | 1 comment | 0 complexity | 649d0d9dcfcd16fc263f2c48856e9f32 MD5 | raw file
  1. require File.dirname(__FILE__) + '/../test_helper'
  2. require 'users_controller'
  3. # Re-raise errors caught by the controller.
  4. class UsersController; def rescue_action(e) raise e end; end
  5. class UsersControllerTest < Test::Unit::TestCase
  6. fixtures :all
  7. def setup
  8. @controller = UsersController.new
  9. @request = ActionController::TestRequest.new
  10. @response = ActionController::TestResponse.new
  11. end
  12. def test_index
  13. get :index
  14. assert_response :success
  15. end
  16. def test_show
  17. get :show, :id => 1
  18. assert_response :success
  19. assert_not_nil assigns(:user)
  20. end
  21. def test_new
  22. get :new
  23. assert_response :success
  24. assert_template 'new'
  25. end
  26. def test_should_not_be_able_to_edit_wrong_user
  27. login_as :trevor
  28. get :edit, :id => 2
  29. assert_redirected_to root_path
  30. end
  31. def test_should_not_be_able_to_edit_if_not_logged_in
  32. get :edit, :id => 2
  33. assert_redirected_to root_path
  34. end
  35. def test_should_not_be_able_to_update_if_not_logged_in
  36. put :update, :id => 4, :user => { :bio => "ok!" }
  37. assert_redirected_to root_path
  38. users(:trevor).reload
  39. assert_not_equal "ok!", users(:trevor).bio
  40. end
  41. def test_should_be_able_to_edit_self
  42. login_as :trevor
  43. get :edit, :id => 4
  44. assert_response :success
  45. assert_template 'edit'
  46. assert_not_nil assigns(:user)
  47. end
  48. def test_should_update_user_if_admin
  49. login_as :Administrator
  50. put :update, :id => 4, :user => { :bio => "ok!" }
  51. assert_redirected_to user_path(assigns(:user))
  52. users(:trevor).reload
  53. assert_equal "ok!", users(:trevor).bio
  54. end
  55. def test_should_update_user_if_self
  56. login_as :trevor
  57. put :update, :id => 4, :user => { :bio => "ok!" }
  58. assert_redirected_to user_path(assigns(:user))
  59. users(:trevor).reload
  60. assert_equal "ok!", users(:trevor).bio
  61. end
  62. def test_should_not_be_able_to_make_self_admin_if_not_admin
  63. login_as :trevor
  64. put :update, :id => 4, :user => { :bio => "ok!?", :admin => true }
  65. users(:trevor).reload
  66. assert_equal "ok!?", users(:trevor).bio
  67. assert_equal false, users(:trevor).admin
  68. end
  69. def test_should_not_be_able_to_make_self_admin_when_creating_account
  70. post :create, :user => { :login => "notadmin", :email => "test@aol.com", :password => 'test', :password_confirmation => 'test', :admin => true }
  71. user = User.find(:first, :order => 'id desc')
  72. assert_equal user.login, 'notadmin'
  73. assert_equal user.admin, false
  74. end
  75. def test_should_not_update_user_if_not_authorized
  76. login_as :trevor
  77. put :update, :id => 2, :user => { :bio => "ok!" }
  78. assert_redirected_to root_path
  79. users(:trevor).bio
  80. assert_equal "admin", users(:Administrator).bio
  81. end
  82. def test_should_be_able_to_edit_any_user_if_admin
  83. login_as :Administrator
  84. get :edit, :id => 3
  85. assert_response :success
  86. assert_template 'edit'
  87. assert_not_nil assigns(:user)
  88. end
  89. def test_should_not_update_user_if_no_email
  90. login_as :trevor
  91. put :update, :id => 4, :user => { :login => "won't work", :email => "" }
  92. assert_template 'edit'
  93. users(:trevor).reload
  94. assert_equal 'trevor', users(:trevor).login
  95. end
  96. def test_should_allow_user_to_change_password_password_change
  97. login_as :trevor
  98. put :update, :id => 4, :user => { :password => "ok", :password_confirmation => "ok" }
  99. users(:trevor).reload
  100. assert_equal User.encrypt('ok'), users(:trevor).password_hash
  101. end
  102. def test_should_enforce_password_confirmation_on_update_if_password_is_present
  103. login_as :trevor
  104. put :update, :id => 4, :user => { :password => "ok", :password_confirmation => "" }
  105. assert_template 'edit'
  106. users(:trevor).reload
  107. assert_equal User.encrypt('test'), users(:trevor).password_hash
  108. end
  109. def test_should_not_change_password_if_left_blank_in_edit_form
  110. login_as :trevor
  111. put :update, :id => 4, :user => { :bio => 'it works!', :password => "", :password_confirmation => "" }
  112. users(:trevor).reload
  113. assert_equal User.encrypt('test'), users(:trevor).password_hash
  114. assert_equal 'it works!', users(:trevor).bio
  115. end
  116. def test_create
  117. num_users = User.count
  118. post :create, :user => {:login => 'skdj', :email => 'test@test.com', :password => 'dfj', :password_confirmation => 'dfj'}
  119. assert_redirected_to root_path
  120. assert_equal num_users + 1, User.count
  121. end
  122. def test_create_redirects_to_login_if_site_private_and_not_logged_in
  123. private_site
  124. num_users = User.count
  125. post :create, :user => {:login => 'skdj', :email => 'test@test.com', :password => 'dfj', :password_confirmation => 'dfj'}
  126. assert_redirected_to login_path
  127. assert_equal num_users, User.count
  128. end
  129. def test_create_works_if_site_private_and_user_is_logged_in
  130. private_site
  131. login_as :trevor
  132. num_users = User.count
  133. post :create, :user => {:login => 'skdj', :email => 'test@test.com', :password => 'dfj', :password_confirmation => 'dfj'}
  134. assert_redirected_to users_path
  135. assert_equal num_users + 1, User.count
  136. end
  137. def test_should_not_create_user_without_login
  138. num_users = User.count
  139. post :create, :user => {:login => '', :email => 'test@test.com', :password => 'test'}
  140. assert_template "new"
  141. assert_equal num_users, User.count
  142. end
  143. def test_should_not_create_user_without_email
  144. num_users = User.count
  145. post :create, :user => {:login => 'test', :email => '', :password => 'test'}
  146. assert_template "new"
  147. assert_equal num_users, User.count
  148. end
  149. def test_should_not_create_user_without_password_confirmation
  150. num_users = User.count
  151. post :create, :user => {:login => 'skdj', :email => 'test@test.com', :password => 'dfj', :password_confirmation => ''}
  152. assert_template "new"
  153. assert_equal num_users, User.count
  154. end
  155. def test_bad_login_fails
  156. post :login, :user => {:login => 'skdj', :password => 'dfj'}
  157. assert_template "login"
  158. assert_equal "Invalid user/password combination", flash[:notice]
  159. end
  160. def test_good_login_works
  161. post :login, :user => {:login => 'trevor', :password => 'test'}
  162. assert_equal 4, session[:user_id]
  163. assert_redirected_to root_path
  164. end
  165. def test_good_login_sets_auth_token
  166. post :login, :user => {:login => 'trevor', :password => 'test'}
  167. users(:trevor).reload
  168. assert cookies['auth_token']
  169. assert_equal("#{users(:trevor).auth_token}", cookies['auth_token'].first)
  170. assert_not_nil users(:trevor).auth_token
  171. assert_not_nil users(:trevor).auth_token_exp
  172. end
  173. def test_bad_login_does_not_set_auth_token
  174. post :login, :user => {:login => 'trevor', :password => 'bad'}
  175. users(:trevor).reload
  176. assert_nil cookies['auth_token']
  177. assert_nil users(:trevor).auth_token
  178. assert_nil users(:trevor).auth_token_exp
  179. end
  180. def test_good_auth_token_login
  181. @request.cookies["auth_token"] = CGI::Cookie.new("auth_token", "244cd62e5130681b86c01f8de9e9762d9a3f3645")
  182. assert @request.cookies["auth_token"]
  183. assert_not_nil users(:Timothy).auth_token_exp
  184. get :index
  185. assert_equal 3, session[:user_id]
  186. end
  187. def test_expired_auth_token_login
  188. @request.cookies["auth_token"] = CGI::Cookie.new("auth_token", "153c53039f6e8e8ca832d1512702f412298ec3a9")
  189. assert @request.cookies["auth_token"]
  190. assert_not_nil users(:Administrator).auth_token_exp
  191. get :index
  192. assert_nil session[:user_id]
  193. end
  194. def test_login_action_doesnt_bomb_with_bogus_params
  195. post :login
  196. assert_response :success
  197. assert_nil session[:user_id]
  198. post :login, :sdfsdf => {:sdfsdf => 'sdfsdf'}
  199. assert_response :success
  200. assert_nil session[:user_id]
  201. end
  202. def test_should_not_error_if_trying_to_log_in_when_logged_in_already
  203. login_as :trevor
  204. post :login, :user => {:login => 'trevor', :password => 'test'}
  205. assert_redirected_to root_path
  206. end
  207. def test_should_not_error_if_trying_to_logout_in_when_not_logged_in
  208. get :logout
  209. assert_redirected_to root_path
  210. end
  211. def test_current_user_stays_the_same_when_new_user_created
  212. end
  213. def test_should_not_allow_banned_user_to_login
  214. login_as :banned
  215. get :index
  216. assert_redirected_to logout_path
  217. end
  218. def test_should_show_user_as_online_if_online_at_within_last_5_minutes
  219. end
  220. def test_confirm_delete_page_works
  221. login_as :Administrator
  222. get :confirm_delete, :id => 1
  223. assert_response :success
  224. assert_template 'confirm_delete'
  225. end
  226. def test_delete_user_works_if_self
  227. login_as :Timothy
  228. old_count = User.count
  229. delete :destroy, :id => 3, :confirm => 1
  230. assert_equal old_count-1, User.count
  231. assert_redirected_to users_path
  232. end
  233. def test_delete_user_works_if_admin
  234. login_as :Administrator
  235. old_count = User.count
  236. delete :destroy, :id => 4, :confirm => 1
  237. assert_equal old_count-1, User.count
  238. assert_redirected_to users_path
  239. end
  240. def test_delete_user_does_not_work_if_not_admin_or_self
  241. login_as :Timothy
  242. old_count = User.count
  243. delete :destroy, :id => 2, :confirm => 1
  244. assert_equal old_count, User.count
  245. assert_redirected_to root_path
  246. end
  247. def test_delete_user_does_not_work_if_not_logged_in
  248. old_count = User.count
  249. delete :destroy, :id => 1, :confirm => 1
  250. assert_equal old_count, User.count
  251. assert_redirected_to root_path
  252. end
  253. def test_that_deleting_user_cleans_up_in_use_avatar
  254. # log in as admin, delete guest account using the "test" avatar, check that test avatar has no current_user_id
  255. login_as :Administrator
  256. old_count = User.count
  257. delete :destroy, :id => 1, :confirm => 1
  258. assert_equal old_count-1, User.count
  259. assert_redirected_to users_path
  260. avatars(:test).reload
  261. assert_nil avatars(:test).current_user_id
  262. assert_equal avatars(:test).user_id, 4
  263. end
  264. def test_that_default_time_zone_works
  265. post :create, :user => {:login => 'timezone', :email => 'test@test.com', :password => 'dfj', :password_confirmation => 'dfj'}
  266. user = User.find_by_login('timezone')
  267. assert_equal user.time_zone, 'US/Central'
  268. end
  269. def test_that_first_user_created_becomes_admin_and_others_dont
  270. User.delete_all
  271. post :create, :user => {:login => 'user1', :email => 'test1@test.com', :password => 'abc', :password_confirmation => 'abc'}
  272. post :create, :user => {:login => 'user2', :email => 'test2@test.com', :password => 'abc', :password_confirmation => 'abc'}
  273. assert_equal User.count, 2
  274. assert_equal User.find_by_login('user1').admin, true
  275. assert_equal User.find_by_login('user2').admin, false
  276. end
  277. def test_that_user_gets_default_time_values
  278. post :create, :user => {:login => 'user1', :email => 'test1@test.com', :password => 'abc', :password_confirmation => 'abc'}
  279. assert_not_nil User.find_by_login('user1').online_at
  280. end
  281. def test_should_get_ban_if_admin
  282. login_as :Administrator
  283. get :ban, :id => users(:trevor).id
  284. assert_response :success
  285. end
  286. def test_should_not_get_ban_if_not_admin_or_not_logged_in
  287. get :ban, :id => users(:trevor).id
  288. assert_redirected_to root_path
  289. login_as :trevor
  290. get :ban, :id => users(:trevor).id
  291. assert_redirected_to root_path
  292. end
  293. def test_should_remove_ban_if_admin
  294. login_as :Administrator
  295. post :remove_ban, :id => users(:banned).id
  296. assert_redirected_to user_path(users(:banned))
  297. users(:banned).reload
  298. assert_nil users(:banned).ban_message
  299. assert_nil users(:banned).banned_until
  300. end
  301. def test_should_not_remove_ban_if_not_admin_or_not_logged_in
  302. post :remove_ban, :id => users(:banned).id
  303. assert_redirected_to root_path
  304. login_as :trevor
  305. post :remove_ban, :id => users(:banned).id
  306. assert_redirected_to root_path
  307. end
  308. def test_should_grant_admin_if_admin
  309. login_as :Administrator
  310. post :admin, :id => users(:trevor).id
  311. assert_redirected_to user_path(users(:trevor))
  312. users(:trevor).reload
  313. assert_equal users(:trevor).admin, true
  314. end
  315. def test_should_revoke_admin_if_admin
  316. login_as :Administrator
  317. post :admin, :id => users(:Administrator).id
  318. assert_redirected_to user_path(users(:Administrator))
  319. users(:Administrator).reload
  320. assert_equal users(:Administrator).admin, false
  321. end
  322. def test_should_not_toggle_admin_if_not_admin_or_not_logged_in
  323. post :admin, :id => users(:trevor).id
  324. users(:trevor).reload
  325. assert_equal users(:trevor).admin, false
  326. assert_redirected_to root_path
  327. login_as :trevor
  328. post :admin, :id => users(:trevor).id
  329. users(:trevor).reload
  330. assert_equal users(:trevor).admin, false
  331. assert_redirected_to root_path
  332. end
  333. def test_user_posts_path_should_work
  334. get :posts, :id => users(:trevor).id
  335. assert_response :success
  336. get :posts, :id => users(:noposts).id
  337. assert_response :success
  338. end
  339. def test_should_set_logged_out_to_false_when_logging_in
  340. login_as :trevor
  341. users(:trevor).reload
  342. assert_equal false, users(:trevor).logged_out
  343. end
  344. def test_should_set_logged_out_to_true_when_logging_out
  345. login_as :trevor
  346. get :logout
  347. users(:trevor).reload
  348. assert_equal true, users(:trevor).logged_out
  349. end
  350. end