public
Created

SO Question

  • Download Gist
user_controller.rb
Ruby
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71
class UsersController < ApplicationController
before_filter :authenticate, :only => [:index, :edit, :update]
before_filter :correct_user, :only => [:edit, :update]
before_filter :admin_user, :only => :destroy
 
def index
@title = "All users"
@users = User.paginate(:page => params[:page])
end
 
def show
@user = User.find(params[:id])
@title = @user.name
end
 
def new
redirect_to(root_path) unless current_user?(nil)
@user = User.new
@title = "Sign up"
end
 
def create
@user = User.new(params[:user])
if @user.save
sign_in @user
flash[:success] = "Welcome to the Sample App!"
redirect_to @user
else
@title = "Sign up"
@user.password = nil
@user.password_confirmation = nil
render 'new'
end
end
 
def edit
@title = "Edit user"
end
 
def update
@user = User.find(params[:id])
if @user.update_attributes(params[:user])
flash[:success] = "Profile updated."
redirect_to @user
else
@title = "Edit user"
render 'edit'
end
end
 
def destroy
User.find(params[:id]).destroy
flash[:success] = "User destroyed."
redirect_to users_path
end
 
private
 
def authenticate
deny_access unless signed_in?
end
 
def correct_user
@user = User.find(params[:id])
redirect_to(root_path) unless current_user?(@user)
end
 
def admin_user
redirect_to(root_path) unless (current_user && current_user.admin?)
end
end
user_controller_spec.rb
Ruby
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330
require 'spec_helper'
 
describe UsersController do
render_views
 
describe "GET 'index'" do
 
describe "for non-signed-in users" do
it "should deny access" do
get :index
response.should redirect_to(signin_path)
flash[:notice].should =~ /sign in/i
end
end
 
describe "for signed-in users" do
 
before(:each) do
@user = test_sign_in(Factory(:user))
second = Factory(:user, :name => "Bob", :email => "another@example.com")
third = Factory(:user, :name => "Ben", :email => "another@example.net")
 
@users = [@user, second, third]
30.times do
@users << Factory(:user, :name => Factory.next(:name),
:email => Factory.next(:email))
end
end
 
it "should be successful" do
get :index
response.should be_success
end
 
it "should have the right title" do
get :index
response.should have_selector("title", :content => "All users")
end
 
it "should have an element for each user" do
get :index
@users[0..2].each do |user|
response.should have_selector("li", :content => user.name)
end
end
 
it "should paginate users" do
get :index
response.should have_selector("div.pagination")
response.should have_selector("span.disabled", :content => "Previous")
response.should have_selector("a", :href => "/users?page=2",
:content => "2")
response.should have_selector("a", :href => "/users?page=2",
:content => "Next")
end
end
end
 
describe "GET 'show'" do
 
before(:each) do
@user = Factory(:user)
end
 
it "should be successful" do
get :show, :id => @user
response.should be_success
end
 
it "should find the right user" do
get :show, :id => @user
assigns(:user).should == @user
end
 
it "should have the right title" do
get :show, :id => @user
response.should have_selector("title", :content => @user.name)
end
 
it "should include the user's name" do
get :show, :id => @user
response.should have_selector("h1", :content => @user.name)
end
 
it "should have a profile image" do
get :show, :id => @user
response.should have_selector("h1>img", :class => "gravatar")
end
end
 
describe "GET 'new'" do
it "should be successful" do
get 'new'
response.should be_success
end
 
it "should have the right title" do
get 'new'
response.should have_selector("title", :content => "Sign up")
end
 
it "should have a name field" do
get :new
response.should have_selector("input[name='user[name]'][type='text']")
end
 
it "should have an email field" do
get :new
response.should have_selector("input[name='user[email]'][type='text']")
end
 
it "should have a password field" do
get :new
response.should have_selector("input[name='user[password]'][type='password']")
end
 
it "should have a password confirmation field" do
get :new
response.should have_selector("input[name='user[password_confirmation]'][type='password']")
end
end
 
describe "POST 'create'" do
 
describe "failure" do
 
before(:each) do
@attr = {:name => "", :email => "", :password => "",
:password_confirmation => ""}
end
 
it "should not create a user" do
lambda do
post :create, :user => @attr
end.should_not change(User, :count)
end
 
it "should have the right title" do
post :create, :user => @attr
response.should have_selector("title", :content => "Sign up")
end
 
it "should render the 'new' page" do
post :create, :user => @attr
response.should render_template('new')
end
end
 
 
describe "success" do
 
before(:each) do
@attr = {:name => "New User", :email => "user@example.com",
:password => "foobar", :password_confirmation => "foobar"}
end
 
it "should create a user" do
lambda do
post :create, :user => @attr
end.should change(User, :count).by(1)
end
 
it "should sign the user in" do
post :create, :user => @attr
controller.should be_signed_in
end
 
it "should redirect to the user show page" do
post :create, :user => @attr
response.should redirect_to(user_path(assigns(:user)))
end
 
it "should have a welcome message" do
post :create, :user => @attr
flash[:success].should =~ /welcome to the sample app/i
end
end
end
 
describe "GET 'edit'" do
 
before(:each) do
@user = Factory(:user)
test_sign_in(@user)
end
 
it "should be successful" do
get :edit, :id => @user
response.should be_success
end
 
it "should have the right title" do
get :edit, :id => @user
response.should have_selector("title", :content => "Edit user")
end
 
it "should have a link to change the Gravatar" do
get :edit, :id => @user
gravatar_url = "http://gravatar.com/emails"
response.should have_selector("a", :href => gravatar_url,
:content => "change")
end
end
 
describe "PUT 'update'" do
before(:each) do
@user = Factory(:user)
test_sign_in(@user)
end
 
describe "failure" do
before(:each) do
@attr = {:email => "", :name => "", :password => "",
:password_confirmation => ""}
end
 
it "should render the 'edit' page" do
put :update, :id => @user, :user => @attr
response.should render_template('edit')
end
 
it "should have the right title" do
put :update, :id => @user, :user => @attr
response.should have_selector("title", :content => "Edit user")
end
end
 
describe "success" do
before(:each) do
@attr = {:name => "New Name", :email => "user@example.org",
:password => "barbaz", :password_confirmation => "barbaz"}
end
 
it "should change the user's attributes" do
put :update, :id => @user, :user => @attr
@user.reload
@user.name.should == @attr[:name]
@user.email.should == @attr[:email]
end
 
it "should redirect to the user show page" do
put :update, :id => @user, :user => @attr
response.should redirect_to(user_path(@user))
end
 
it "should have a flash message" do
put :update, :id => @user, :user => @attr
flash[:success].should =~ /updated/
end
end
end
 
describe "authentication of edit/update pages" do
before(:each) do
@user = Factory(:user)
end
 
describe "for non-signed-in users" do
 
it "should deny access to 'edit'" do
get :edit, :id => @user
response.should redirect_to(signin_path)
end
 
it "should deny access to 'update'" do
put :update, :id => @user, :user => {}
response.should redirect_to(signin_path)
end
end
 
describe "for signed-in users" do
 
before(:each) do
wrong_user = Factory(:user, :email => "user@example.net")
test_sign_in(wrong_user)
end
 
it "should require matching users for 'edit'" do
get :edit, :id => @user
response.should redirect_to(root_path)
end
 
it "should require matching users for 'update'" do
put :update, :id => @user, :user => {}
response.should redirect_to(root_path)
end
end
end
 
describe "DELETE 'destroy'" do
 
before(:each) do
@user = Factory(:user)
end
 
describe "as a non-signed-in user" do
it "should deny access" do
delete :destroy, :id => @user
response.should redirect_to(root_path)
end
end
 
describe "as a non-admin user" do
it "should protect the page" do
test_sign_in(@user)
delete :destroy, :id => @user
response.should redirect_to(root_path)
end
end
 
describe "as an admin user" do
 
before(:each) do
admin = Factory(:user, :email => "admin@example.com", :admin => true)
test_sign_in(admin)
end
 
it "should destroy the user" do
lambda do
delete :destroy, :id => @user
end.should change(User, :count).by(-1)
end
 
it "should redirect to the users page" do
delete :destroy, :id => @user
response.should redirect_to(users_path)
end
end
end
end
user_spec.rb
Ruby
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162
# == Schema Information
#
# Table name: users
#
# id :integer not null, primary key
# name :string(255)
# email :string(255)
# created_at :datetime
# updated_at :datetime
#
 
require 'spec_helper'
 
describe User do
 
before(:each) do
@attr = {
:name => "Example User",
:email => "user@example.com",
:password => "foobar",
:password_confirmation => "foobar"
}
end
 
it "should create a new instance given valid attributes" do
User.create!(@attr)
end
 
# Don't understand the code bellow. The merge is throwing me off
it "should require a name" do
no_name_user = User.new(@attr.merge(:name => ""))
no_name_user.should_not be_valid
end
 
it "should require an email address" do
no_email_user = User.new(@attr.merge(:email => ""))
no_email_user.should_not be_valid
end
 
it "should reject names that are too long" do
long_name = "a" * 51
long_name_user = User.new(@attr.merge(:name => long_name))
long_name_user.should_not be_valid
end
 
it "should accept valid email addresses" do
addresses = %w[user@foo.com THE_USER@foo.bar.org first.last@foo.jp]
addresses.each do |address|
valid_email_user = User.new(@attr.merge(:email => address))
valid_email_user.should be_valid
end
end
 
it "should reject invalid email addresses" do
addresses = %w[user@foo,com user_at_foo.org example.user@foo.]
addresses.each do |address|
invalid_email_user = User.new(@attr.merge(:email => address))
invalid_email_user.should_not be_valid
end
end
 
it "should reject duplicate email addresses" do
# Put a user with given email address into the database.
User.create!(@attr)
user_with_duplicate_email = User.new(@attr)
user_with_duplicate_email.should_not be_valid
end
 
it "should reject email addresses identical up to case" do
upcased_email = @attr[:email].upcase
User.create!(@attr.merge(:email => upcased_email))
user_with_duplicate_email = User.new(@attr)
user_with_duplicate_email.should_not be_valid
end
 
describe "password validations" do
 
it "should require a password" do
User.new(@attr.merge(:password => "", :password_confirmation => "")).
should_not be_valid
end
 
it "should require a matching password confirmation" do
User.new(@attr.merge(:password_confirmation => "invalid")).
should_not be_valid
end
 
it "should reject short passwords" do
short = "a" * 5
hash = @attr.merge(:password => short, :password_confirmation => short)
User.new(hash).should_not be_valid
end
 
it "should reject long passwords" do
long = "a" * 41
hash = @attr.merge(:password => long, :password_confirmation => long)
User.new(hash).should_not be_valid
end
end
 
describe "password encryption" do
 
before(:each) do
@user = User.create!(@attr)
end
 
it "should set the encrypted password" do
@user.encrypted_password.should_not be_blank
end
 
describe "has_password? method" do
 
it "should be true if the passwords match" do
@user.has_password?(@attr[:password]).should be_true
end
 
it "should be false if the passwords don't match" do
@user.has_password?("invalid").should be_false
end
end
 
describe "authenticate method" do
 
it "should return nil on email/password mismatch" do
wrong_password_user = User.authenticate(@attr[:email], "wrongpass")
wrong_password_user.should be_nil
end
 
it "should return nil for an email address with no user" do
nonexistent_user = User.authenticate("bar@foo.com", @attr[:password])
nonexistent_user.should be_nil
end
 
it "should return the user on email/password match" do
matching_user = User.authenticate(@attr[:email], @attr[:password])
matching_user.should == @user
end
end
 
end
 
describe "admin attribute" do
 
before(:each) do
@user = User.create!(@attr)
end
 
it "should respond to admin" do
@user.should respond_to(:admin)
end
 
it "should not be an admin by default" do
@user.should_not be_admin
end
 
it "should be convertible to an admin" do
@user.toggle!(:admin)
@user.should be_admin
end
end
 
end

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.