Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
describe SessionsController do
it "should use SessionsController" do
controller.should be_an_instance_of(SessionsController)
end
describe 'request security' do
request_should_succeed(:get, :login, :logout)
request_should_succeed(:post, :login)
end
describe 'GET login' do
before :each do
get :login
end
should_set_the_body_id 'login'
end
describe 'POST login' do
context 'for normal user' do
context '- successful' do
before :each do
@user = stub_user(user_hash)
@message = Messages::LOGIN_SUCCESSFUL
User.should_receive(:authenticate).and_return([@user.id, @message])
User.should_receive(:find_by_id).and_return(@user)
@user.should_receive(:is_administrator?).and_return(false)
do_post(:login, {:email => @user.email, :password => @user.password})
end
should_set_session :user_id, :to => proc { @user.id }
should_set_the_flash :info, :to => proc { @message }
should_redirect_to { user_home_path }
end # context '- successful'
context '- unsuccessful' do
context '- incorrect password' do
before :each do
@message = Messages::WRONG_PASSWORD
User.should_receive(:authenticate).and_return([nil, @message])
do_post(:login, {:email => 'some@email.com', :password => 'blah blah'})
end
should_not_set_session :user_id
should_set_the_flash :error, :to => proc { @message }
end # context '- incorrect password'
context '- unknown email' do
before :each do
@message = Messages::UNKNOWN_EMAIL
User.should_receive(:authenticate).and_return([nil, @message])
do_post(:login, {:email => 'some@email.com', :password => 'blah blah'})
end
should_not_set_session :user_id
should_set_the_flash :error, :to => proc { @message }
end # context '- unknown email'
context '- invalid email' do
before :each do
@message = Messages::INVALID_EMAIL
User.should_receive(:authenticate).and_return([nil, @message])
do_post(:login, {:email => 'some_email.com', :password => 'blah blah'})
end
should_not_set_session :user_id
should_set_the_flash :error, :to => proc { @message }
end # context '- invalid email'
end # context '- unsuccessful'
end # context 'for normal user'
context 'for administrator' do
# the only thing different about the admin login is where the redirect goes.
before :each do
@user = stub_user(user_hash)
@message = Messages::LOGIN_SUCCESSFUL
User.should_receive(:authenticate).and_return([@user.id, @message])
User.should_receive(:find_by_id).and_return(@user)
@user.should_receive(:is_administrator?).and_return(true)
do_post(:login, {:email => @user.email, :password => @user.password})
end
should_redirect_to { admin_home_path }
end # context 'for administrator'
end # describe 'POST login'
describe 'logout' do
before :each do
get :logout
end
should_not_set_session :user_id
should_set_the_flash :info, :to => proc { Messages::LOGOUT_SUCCESSFUL }
should_redirect_to { home_path }
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment