rosa-build/spec/controllers/users_controller_spec.rb

# -*- encoding : utf-8 -*-
require 'spec_helper'

describe UsersController do
  before(:each) do
    stub_rsync_methods

    @simple_user = FactoryGirl.create(:user)
    @other_user = FactoryGirl.create(:user)
    @admin = FactoryGirl.create(:admin)
    %w[user1 user2 user3].each do |uname|
      FactoryGirl.create(:user, :uname => uname, :email => "#{ uname }@nonexistanceserver.com")
    end
    @update_params = {:email => 'new_email@test.com'}
  end

  context 'for guest' do
    it 'should not be able to view profile' do
      get :profile
      response.should redirect_to(new_user_session_path)
    end

    it 'should not be able to update other profile' do
      get :update, {:id => @other_user.id}.merge(@update_params)
      response.should redirect_to(new_user_session_path)
      @other_user.reload.email.should_not == @update_params[:email]
    end
  end

  context 'for simple user' do
    before(:each) do
      set_session_for(@simple_user)
    end

    it 'should be able to view profile' do
      get :profile
      response.code.should eq('200')
    end

    context 'with mass assignment' do
      it 'should not be able to update role' do
        @simple_user.should_not allow_mass_assignment_of :role
      end

      it 'should not be able to update other user' do
        @simple_user.should_not allow_mass_assignment_of :id
      end
    end
  end
end
Add magic encodings. Refs #95 2012-01-30 20:39:34 +00:00			`# -- encoding : utf-8 --`
Platforms list + UI enchancements 2011-03-10 11:35:46 +00:00			`require 'spec_helper'`

			`describe UsersController do`
[refs #32] Add users controller specs 2011-12-15 17:08:29 +00:00			`before(:each) do`
			`stub_rsync_methods`

Upgrade gems. Upgrade FactoryGirl syntax. Move code out from vendor/plugins, redo plugins structure. Fix all deprecations. Great refactor for lib and initializers folders. Add magic encodings. Code cleanup. Fix some specs. Refs #263 2012-03-29 21:34:22 +01:00			`@simple_user = FactoryGirl.create(:user)`
			`@other_user = FactoryGirl.create(:user)`
			`@admin = FactoryGirl.create(:admin)`
[refs #32] Add users controller specs 2011-12-15 17:08:29 +00:00			`%w[user1 user2 user3].each do \|uname\|`
Upgrade gems. Upgrade FactoryGirl syntax. Move code out from vendor/plugins, redo plugins structure. Fix all deprecations. Great refactor for lib and initializers folders. Add magic encodings. Code cleanup. Fix some specs. Refs #263 2012-03-29 21:34:22 +01:00			`FactoryGirl.create(:user, :uname => uname, :email => "#{ uname }@nonexistanceserver.com")`
[refs #32] Add users controller specs 2011-12-15 17:08:29 +00:00			`end`
[refs #270] some users tests 2012-03-21 20:05:27 +00:00			`@update_params = {:email => 'new_email@test.com'}`
[refs #32] Add users controller specs 2011-12-15 17:08:29 +00:00			`end`

			`context 'for guest' do`
[refs #270] some users tests 2012-03-21 20:05:27 +00:00			`it 'should not be able to view profile' do`
			`get :profile`
			`response.should redirect_to(new_user_session_path)`
			`end`

			`it 'should not be able to update other profile' do`
			`get :update, {:id => @other_user.id}.merge(@update_params)`
[refs #32] Add users controller specs 2011-12-15 17:08:29 +00:00			`response.should redirect_to(new_user_session_path)`
[refs #270] some users tests 2012-03-21 20:05:27 +00:00			`@other_user.reload.email.should_not == @update_params[:email]`
[refs #32] Add users controller specs 2011-12-15 17:08:29 +00:00			`end`
			`end`

			`context 'for simple user' do`
			`before(:each) do`
			`set_session_for(@simple_user)`
			`end`
Platforms list + UI enchancements 2011-03-10 11:35:46 +00:00
[refs #270] some users tests 2012-03-21 20:05:27 +00:00			`it 'should be able to view profile' do`
			`get :profile`
			`response.code.should eq('200')`
			`end`

			`context 'with mass assignment' do`
			`it 'should not be able to update role' do`
			`@simple_user.should_not allow_mass_assignment_of :role`
			`end`

			`it 'should not be able to update other user' do`
			`@simple_user.should_not allow_mass_assignment_of :id`
			`end`
[refs #57] Forbid access to users_path for simple users 2011-12-16 07:32:34 +00:00			`end`
[refs #32] Add users controller specs 2011-12-15 17:08:29 +00:00			`end`
Platforms list + UI enchancements 2011-03-10 11:35:46 +00:00			`end`