Created
February 19, 2010 05:55
-
-
Save ajsharp/308476 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# The faster suite | |
describe UsersController, "POST #create" do | |
context "user is successfully created" do | |
before :each do | |
user = mock_model User, :deliver_activation_instructions! => true | |
User.should_receive(:new).and_return(user) | |
user.should_receive(:signup!).and_return(true) | |
post :create, :user => { :email => "new@new.com" } | |
end | |
it { should respond_with :redirect } | |
it { should redirect_to root_url } | |
end | |
context "error creating user" do | |
before :each do | |
@user = Factory.build :user | |
User.should_receive(:new).and_return(@user) | |
@user.should_receive(:save).and_return(false) | |
post :create, :user => { :email => "new@new.com" } | |
end | |
it { should_not respond_with :redirect } | |
it { should render_template 'new' } | |
it { should render_with_layout 'no_sidebar' } | |
end | |
end | |
describe UsersController, "GET #new" do | |
before :each do | |
User.should_receive(:new).and_return(mock_model User) | |
get :new | |
end | |
it { should respond_with :success } | |
it { should render_template 'new' } | |
it { should assign_to :user } | |
it { should render_with_layout 'no_sidebar' } | |
it { should route(:get, '/users/new').to(:controller => 'users', :action => 'new') } | |
end | |
describe UsersController do | |
describe "When showing a profile" do | |
before(:each) do | |
@user = Factory.create(:active_user) | |
get :show, :id => @user.id | |
end | |
it "should render the show template" do | |
response.should render_template("show") | |
end | |
end | |
describe "when not logged in" do | |
it "should not display the edit page" do | |
@user = Factory.create(:active_user) | |
get :edit, :id => @user.id | |
response.should_not render_template(:edit) | |
end | |
end | |
describe "when logged in as a user" do | |
before(:each) do | |
activate_authlogic | |
@user = Factory.create(:active_user) | |
UserSession.create @user | |
end | |
describe "GET edit /users/1" do | |
before :each do | |
User.should_receive(:find).and_return(@user) | |
get :edit, :id => @user.id | |
end | |
it { should render_template :edit } | |
end | |
describe "when editing an existing account" do | |
it "should not display the edit page for a different account" do | |
another_user = Factory.create(:active_user, :email => "foo@example.com") | |
get :edit, :id => another_user.id | |
response.should redirect_to(dashboard_path) | |
end | |
end | |
describe "PUT update /users/1" do | |
before :each do | |
User.should_receive(:find).and_return(@user) | |
end | |
context "a successful update" do | |
before :each do | |
@user.should_receive(:update_attributes).and_return(true) | |
put :update, :id => @user.id, :user => { :login => "new_login" } | |
end | |
it { should redirect_to dashboard_url } | |
end | |
context "an unsuccessful update" do | |
before :each do | |
@user.should_receive(:update_attributes).and_return(false) | |
put :update, :id => @user.id, :user => { :login => "new_login" } | |
end | |
it { should render_template :edit } | |
end | |
end | |
end | |
end | |
describe UsersController, "GET #index" do | |
context "successful" do | |
before :each do | |
login_as Factory(:admin) | |
get :index | |
end | |
it { should respond_with :success } | |
it { should assign_to :users } | |
it { should render_template :index } | |
end | |
context "access control" do | |
it "should require the user to be an admin" do | |
login_as Factory(:admin) | |
get :index | |
response.should be_success | |
end | |
it "should deny access to non-logged in users" do | |
get :index | |
response.should redirect_to(root_url) | |
end | |
it "should deny access to logged in non-admins" do | |
login_as Factory(:active_user) | |
get :index | |
response.should redirect_to(root_url) | |
end | |
end | |
end | |
describe UsersController, "DELETE #destroy" do | |
def do_delete(opts = {}) | |
opts[:id] ||= 'STUB' | |
delete :destroy, :id => opts[:id] | |
end | |
it "should require login" do | |
do_delete | |
should redirect_to login_url | |
end | |
describe "an admin destroying a user" do | |
before :each do | |
@user = Factory :active_user, :id => 1 | |
@admin = Factory :admin, :id => 2 | |
login_as @admin | |
# dont change the ordering of these stubs! | |
User.should_receive(:find).with('1').once.and_return(@user) | |
User.should_receive(:find).with(:first, {:conditions=>{:id=>2}}).once.and_return(@admin) | |
end | |
it "should destroy the user" do | |
@user.should_receive(:destroy) | |
do_delete(:id => @user.id) | |
end | |
it "should not destroy the admin" do | |
@admin.should_not_receive(:destroy) | |
do_delete(:id => @user.id) | |
end | |
it "should redirect to the users index page" do | |
do_delete(:id => @user.id) | |
should redirect_to users_url | |
end | |
it "should not log the user out" do | |
controller.send(:current_user_session).should_not_receive(:destroy) | |
do_delete :id => @user.id | |
end | |
it "should display a flash message" do | |
do_delete :id => @user.id | |
should set_the_flash.to("User was successfully deleted.") | |
end | |
end | |
describe "a user attempting to delete himself" do | |
before :each do | |
@user = Factory :active_user, :id => 1 | |
login_as @user | |
User.should_receive(:find).twice.and_return(@user) | |
end | |
it "should destroy the user" do | |
@user.should_receive(:destroy) | |
do_delete(:id => @user.id) | |
end | |
it "should log the user out" do | |
controller.send(:current_user_session).should_receive(:destroy) | |
do_delete :id => @user.id | |
end | |
it "should redirect to the homepage" do | |
do_delete :id => @user.id | |
should redirect_to root_url | |
end | |
it "should display a flash message" do | |
do_delete :id => @user.id | |
should set_the_flash.to("Your account has been deleted.") | |
end | |
end | |
describe "a user attempting to destroy someone else" do | |
it "should not destroy the user" | |
it "should place the attempting user in a restricted state" | |
it "should display a flash message explaining account suspension" | |
it "should log the user out" | |
it "should redirect the user to the home page" | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# The slow suite | |
describe UsersController, "#index" do | |
context "a practice admin" do | |
before :each do | |
stub_request_before_filters Factory(:practice_admin), :practice => true | |
get :index | |
end | |
it { should respond_with :success } | |
it { should route(:get, 'users').to(:controller => 'users', :action => 'index') } | |
it { should authorize_access } | |
end | |
it "should redirect to practice select page when no current practice" do | |
stub_request_before_filters Factory(:active_user), :practice => false | |
get :index | |
response.should require_practice | |
end | |
end | |
describe UsersController, "#create" do | |
it "should redirect to practice select page when no current practice" do | |
stub_request_before_filters Factory(:active_user), :practice => false | |
post :create | |
response.should require_practice | |
end | |
it "should redirect user to login when not logged in" do | |
post :create | |
response.should require_login | |
end | |
it "should not allow a non-logged in user to create a new user" do | |
UserSession.find.should be_nil | |
lambda { | |
post :create | |
}.should_not change(User, :count) | |
end | |
context "when a practice admin is logged in with a current practice" do | |
before(:all) { @user = Factory(:practice_admin) } | |
after(:all) { @user.destroy } | |
before :each do | |
stub_request_before_filters @user, :practice => true | |
User.should_receive(:new).at_least(1). | |
and_return(mock_model(User, :save => true, :practice= => @user.practice)) | |
post :create | |
end | |
it { should respond_with :redirect } | |
it { should redirect_to users_url } | |
it { should route(:post, "/users").to(:controller => "users", :action => "create") } | |
end | |
context "when a clinic admin is logged in with a current practice" do | |
before(:all) { @user = Factory(:clinic_admin) } | |
after(:all) { @user.destroy } | |
before :each do | |
stub_request_before_filters @user, :practice => true | |
@new_user = mock_model(User, :save => true, :practice= => @user.practice) | |
User.should_receive(:new).at_least(1).and_return(@new_user) | |
@new_user.should_receive(:save).and_return(true) | |
post :create, :user => @params | |
end | |
it { should redirect_to users_url } | |
it { should authorize_access } | |
end | |
context "when the user enters some bad data" do | |
before(:all) { @user = Factory(:practice_admin) } | |
after(:all) { @user.destroy } | |
before :each do | |
stub_request_before_filters @user, :practice => true | |
User.should_receive(:new).at_least(1). | |
and_return(mock_model(User, :save => false, :practice= => @user.practice)) | |
post :create | |
end | |
it { should render_template "new" } | |
it { should assign_to :user } | |
end | |
end | |
describe UsersController, "#new" do | |
it "should require login" do | |
get :new | |
response.should require_login | |
end | |
it "should require a practice" do | |
stub_request_before_filters Factory(:active_user), :practice => false | |
get :new | |
response.should require_practice | |
end | |
context "user is logged in with a current_practice" do | |
before(:all) { @user = Factory(:practice_admin) } | |
after(:all) { @user.destroy } | |
before :each do | |
stub_request_before_filters @user, :practice => true | |
get :new | |
end | |
it { should respond_with :success } | |
it { should assign_to :user } | |
it { should route(:get, "/users/new").to(:controller => "users", :action => "new") } | |
end | |
end | |
describe UsersController, :edit do | |
def do_request_as(user_factory) | |
user = stub_request_before_filters Factory(user_factory), :practice => true | |
get :edit, :id => user.id | |
end | |
context "logged in with a practice" do | |
before(:all) { @user = Factory(:practice_admin) } | |
after(:all) { @user.destroy } | |
before :each do | |
stub_request_before_filters @user, :practice => true | |
User.stub!(:find).and_return(@user) | |
get :edit | |
end | |
it { should render_template '/users/edit' } | |
it { should respond_with :success } | |
it { should route(:get, '/users/1/edit'). | |
to(:controller => 'users', :action => 'edit', :id => '1') } | |
end | |
it "should authorize access to clinic admins" do | |
do_request_as :clinic_admin | |
response.should authorize_access | |
end | |
it "should authorize access to practice admins" do | |
do_request_as :practice_admin | |
response.should authorize_access | |
end | |
context "logged in as a regular user" do | |
before :each do | |
@user = stub_request_before_filters Factory(:active_user), :practice => true | |
@user2 = Factory(:active_user, :id => (@user.id + 1))#, :practice => true, :id => (@user.id + 1) | |
end | |
it "should not allow non-admins to edit other people's data" do | |
get :edit, :id => @user2.id | |
response.should_not authorize_access | |
end | |
it "should allow non-admins to edit their own data" do | |
get :edit, :id => @user.id | |
response.should_not authorize_access | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment