3 class UsersControllerTest < ActionController::TestCase
5 # test all routes which lead to this controller
8 { :path => "/login", :method => :get },
9 { :controller => "users", :action => "login" }
12 { :path => "/login", :method => :post },
13 { :controller => "users", :action => "login" }
16 { :controller => "users", :action => "login", :format => "html" },
17 { :path => "/login.html", :method => :get }
21 { :path => "/logout", :method => :get },
22 { :controller => "users", :action => "logout" }
25 { :path => "/logout", :method => :post },
26 { :controller => "users", :action => "logout" }
29 { :controller => "users", :action => "logout", :format => "html" },
30 { :path => "/logout.html", :method => :get }
34 { :path => "/user/new", :method => :get },
35 { :controller => "users", :action => "new" }
39 { :path => "/user/new", :method => :post },
40 { :controller => "users", :action => "create" }
44 { :path => "/user/terms", :method => :get },
45 { :controller => "users", :action => "terms" }
49 { :path => "/user/save", :method => :post },
50 { :controller => "users", :action => "save" }
54 { :path => "/user/username/confirm", :method => :get },
55 { :controller => "users", :action => "confirm", :display_name => "username" }
58 { :path => "/user/username/confirm", :method => :post },
59 { :controller => "users", :action => "confirm", :display_name => "username" }
62 { :path => "/user/username/confirm/resend", :method => :get },
63 { :controller => "users", :action => "confirm_resend", :display_name => "username" }
67 { :path => "/user/confirm", :method => :get },
68 { :controller => "users", :action => "confirm" }
71 { :path => "/user/confirm", :method => :post },
72 { :controller => "users", :action => "confirm" }
75 { :path => "/user/confirm-email", :method => :get },
76 { :controller => "users", :action => "confirm_email" }
79 { :path => "/user/confirm-email", :method => :post },
80 { :controller => "users", :action => "confirm_email" }
84 { :path => "/user/go_public", :method => :post },
85 { :controller => "users", :action => "go_public" }
89 { :path => "/user/forgot-password", :method => :get },
90 { :controller => "users", :action => "lost_password" }
93 { :path => "/user/forgot-password", :method => :post },
94 { :controller => "users", :action => "lost_password" }
97 { :path => "/user/reset-password", :method => :get },
98 { :controller => "users", :action => "reset_password" }
101 { :path => "/user/reset-password", :method => :post },
102 { :controller => "users", :action => "reset_password" }
106 { :path => "/user/suspended", :method => :get },
107 { :controller => "users", :action => "suspended" }
111 { :path => "/user/username", :method => :get },
112 { :controller => "users", :action => "show", :display_name => "username" }
116 { :path => "/user/username/account", :method => :get },
117 { :controller => "users", :action => "account", :display_name => "username" }
120 { :path => "/user/username/account", :method => :post },
121 { :controller => "users", :action => "account", :display_name => "username" }
125 { :path => "/user/username/make_friend", :method => :get },
126 { :controller => "users", :action => "make_friend", :display_name => "username" }
129 { :path => "/user/username/make_friend", :method => :post },
130 { :controller => "users", :action => "make_friend", :display_name => "username" }
133 { :path => "/user/username/remove_friend", :method => :get },
134 { :controller => "users", :action => "remove_friend", :display_name => "username" }
137 { :path => "/user/username/remove_friend", :method => :post },
138 { :controller => "users", :action => "remove_friend", :display_name => "username" }
142 { :path => "/user/username/set_status", :method => :get },
143 { :controller => "users", :action => "set_status", :display_name => "username" }
146 { :path => "/user/username/delete", :method => :get },
147 { :controller => "users", :action => "delete", :display_name => "username" }
151 { :path => "/users", :method => :get },
152 { :controller => "users", :action => "index" }
155 { :path => "/users", :method => :post },
156 { :controller => "users", :action => "index" }
159 { :path => "/users/status", :method => :get },
160 { :controller => "users", :action => "index", :status => "status" }
163 { :path => "/users/status", :method => :post },
164 { :controller => "users", :action => "index", :status => "status" }
168 # The user creation page loads
171 assert_response :redirect
172 assert_redirected_to user_new_path(:cookie_test => "true")
174 get :new, :params => { :cookie_test => "true" }, :session => { :cookie_test => true }
175 assert_response :success
177 assert_select "html", :count => 1 do
178 assert_select "head", :count => 1 do
179 assert_select "title", :text => /Sign Up/, :count => 1
181 assert_select "body", :count => 1 do
182 assert_select "div#content", :count => 1 do
183 assert_select "form[action='/user/new'][method='post']", :count => 1 do
184 assert_select "input[id='user_email']", :count => 1
185 assert_select "input[id='user_email_confirmation']", :count => 1
186 assert_select "input[id='user_display_name']", :count => 1
187 assert_select "input[id='user_pass_crypt'][type='password']", :count => 1
188 assert_select "input[id='user_pass_crypt_confirmation'][type='password']", :count => 1
189 assert_select "input[type='submit'][value='Sign Up']", :count => 1
196 def test_new_view_logged_in
197 session[:user] = create(:user).id
200 assert_response :redirect
201 assert_redirected_to user_new_path(:cookie_test => "true")
202 get :new, :params => { :cookie_test => "true" }
203 assert_response :redirect
204 assert_redirected_to root_path
206 get :new, :params => { :referer => "/test" }
207 assert_response :redirect
208 assert_redirected_to user_new_path(:referer => "/test", :cookie_test => "true")
209 get :new, :params => { :referer => "/test", :cookie_test => "true" }
210 assert_response :redirect
211 assert_redirected_to "/test"
215 user = build(:user, :pending)
217 assert_difference "User.count", 1 do
218 assert_difference "ActionMailer::Base.deliveries.size", 1 do
219 perform_enqueued_jobs do
220 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
226 register_email = ActionMailer::Base.deliveries.first
228 assert_equal register_email.to[0], user.email
229 assert_match(/#{@url}/, register_email.body.to_s)
232 assert_redirected_to :action => "confirm", :display_name => user.display_name
234 ActionMailer::Base.deliveries.clear
237 def test_new_duplicate_email
238 user = build(:user, :pending)
239 user.email = create(:user).email
241 assert_no_difference "User.count" do
242 assert_no_difference "ActionMailer::Base.deliveries.size" do
243 perform_enqueued_jobs do
244 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
249 assert_response :success
250 assert_template "new"
251 assert_select "form > fieldset > div.standard-form-row > input.field_with_errors#user_email"
254 def test_new_duplicate_email_uppercase
255 user = build(:user, :pending)
256 user.email = create(:user).email.upcase
258 assert_no_difference "User.count" do
259 assert_no_difference "ActionMailer::Base.deliveries.size" do
260 perform_enqueued_jobs do
261 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
266 assert_response :success
267 assert_template "new"
268 assert_select "form > fieldset > div.standard-form-row > input.field_with_errors#user_email"
271 def test_new_duplicate_name
272 user = build(:user, :pending)
273 user.display_name = create(:user).display_name
275 assert_no_difference "User.count" do
276 assert_no_difference "ActionMailer::Base.deliveries.size" do
277 perform_enqueued_jobs do
278 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
283 assert_response :success
284 assert_template "new"
285 assert_select "form > fieldset > div.standard-form-row > input.field_with_errors#user_display_name"
288 def test_new_duplicate_name_uppercase
289 user = build(:user, :pending)
290 user.display_name = create(:user).display_name.upcase
292 assert_no_difference "User.count" do
293 assert_no_difference "ActionMailer::Base.deliveries.size" do
294 perform_enqueued_jobs do
295 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
300 assert_response :success
301 assert_template "new"
302 assert_select "form > fieldset > div.standard-form-row > input.field_with_errors#user_display_name"
305 def test_new_blocked_domain
306 user = build(:user, :pending, :email => "user@example.net")
307 create(:acl, :domain => "example.net", :k => "no_account_creation")
309 assert_no_difference "User.count" do
310 assert_no_difference "ActionMailer::Base.deliveries.size" do
311 perform_enqueued_jobs do
312 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
317 assert_response :success
318 assert_template "blocked"
321 def test_save_referer_params
322 user = build(:user, :pending)
324 assert_difference "User.count", 1 do
325 assert_difference "ActionMailer::Base.deliveries.size", 1 do
326 perform_enqueued_jobs do
327 post :save, :session => { :new_user => user,
328 :referer => "/edit?editor=id#map=1/2/3" },
329 :params => { :read_ct => 1, :read_tou => 1 }
334 assert_equal welcome_path(:editor => "id", :zoom => 1, :lat => 2, :lon => 3),
335 user.tokens.order("id DESC").first.referer
337 ActionMailer::Base.deliveries.clear
340 def test_logout_without_referer
342 assert_response :redirect
343 assert_redirected_to root_path
346 def test_logout_with_referer
347 post :logout, :params => { :referer => "/test" }
348 assert_response :redirect
349 assert_redirected_to "/test"
352 def test_logout_fallback_without_referer
354 assert_response :success
355 assert_template :logout
356 assert_select "input[name=referer][value=?]", ""
359 def test_logout_fallback_with_referer
360 get :logout, :params => { :referer => "/test" }
361 assert_response :success
362 assert_template :logout
363 assert_select "input[name=referer][value=?]", "/test"
366 def test_logout_with_token
367 token = create(:user).tokens.create
369 session[:token] = token.token
372 assert_response :redirect
373 assert_redirected_to root_path
374 assert_nil session[:token]
375 assert_nil UserToken.where(:id => token.id).first
379 user = create(:user, :pending)
380 confirm_string = user.tokens.create.token
382 @request.cookies["_osm_session"] = user.display_name
383 get :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
384 assert_response :success
385 assert_template :confirm
388 def test_confirm_get_already_confirmed
390 confirm_string = user.tokens.create.token
392 @request.cookies["_osm_session"] = user.display_name
393 get :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
394 assert_response :redirect
395 assert_redirected_to root_path
398 def test_confirm_success_no_token_no_referer
399 user = create(:user, :pending)
400 stub_gravatar_request(user.email)
401 confirm_string = user.tokens.create.token
403 @request.cookies["_osm_session"] = user.display_name
404 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
405 assert_redirected_to login_path
406 assert_match(/Confirmed your account/, flash[:notice])
409 def test_confirm_success_good_token_no_referer
410 user = create(:user, :pending)
411 stub_gravatar_request(user.email)
412 confirm_string = user.tokens.create.token
413 token = user.tokens.create.token
415 @request.cookies["_osm_session"] = user.display_name
416 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
417 assert_redirected_to welcome_path
420 def test_confirm_success_bad_token_no_referer
421 user = create(:user, :pending)
422 stub_gravatar_request(user.email)
423 confirm_string = user.tokens.create.token
424 token = create(:user).tokens.create.token
426 @request.cookies["_osm_session"] = user.display_name
427 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
428 assert_redirected_to login_path
429 assert_match(/Confirmed your account/, flash[:notice])
432 def test_confirm_success_no_token_with_referer
433 user = create(:user, :pending)
434 stub_gravatar_request(user.email)
435 confirm_string = user.tokens.create(:referer => new_diary_entry_path).token
437 @request.cookies["_osm_session"] = user.display_name
438 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
439 assert_redirected_to login_path(:referer => new_diary_entry_path)
440 assert_match(/Confirmed your account/, flash[:notice])
443 def test_confirm_success_good_token_with_referer
444 user = create(:user, :pending)
445 stub_gravatar_request(user.email)
446 confirm_string = user.tokens.create(:referer => new_diary_entry_path).token
447 token = user.tokens.create.token
449 @request.cookies["_osm_session"] = user.display_name
450 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
451 assert_redirected_to new_diary_entry_path
454 def test_confirm_success_bad_token_with_referer
455 user = create(:user, :pending)
456 stub_gravatar_request(user.email)
457 confirm_string = user.tokens.create(:referer => new_diary_entry_path).token
458 token = create(:user).tokens.create.token
460 @request.cookies["_osm_session"] = user.display_name
461 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
462 assert_redirected_to login_path(:referer => new_diary_entry_path)
463 assert_match(/Confirmed your account/, flash[:notice])
466 def test_confirm_expired_token
467 user = create(:user, :pending)
468 confirm_string = user.tokens.create(:expiry => 1.day.ago).token
470 @request.cookies["_osm_session"] = user.display_name
471 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
472 assert_redirected_to :action => "confirm"
473 assert_match(/confirmation code has expired/, flash[:error])
476 def test_confirm_already_confirmed
478 confirm_string = user.tokens.create(:referer => new_diary_entry_path).token
480 @request.cookies["_osm_session"] = user.display_name
481 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
482 assert_redirected_to :action => "login"
483 assert_match(/already been confirmed/, flash[:error])
486 def test_confirm_resend_success
487 user = create(:user, :pending)
488 session[:token] = user.tokens.create.token
490 assert_difference "ActionMailer::Base.deliveries.size", 1 do
491 perform_enqueued_jobs do
492 get :confirm_resend, :params => { :display_name => user.display_name }
496 assert_response :redirect
497 assert_redirected_to login_path
498 assert_match(/sent a new confirmation/, flash[:notice])
500 email = ActionMailer::Base.deliveries.last
502 assert_equal user.email, email.to.first
504 ActionMailer::Base.deliveries.clear
507 def test_confirm_resend_no_token
508 user = create(:user, :pending)
509 assert_no_difference "ActionMailer::Base.deliveries.size" do
510 perform_enqueued_jobs do
511 get :confirm_resend, :params => { :display_name => user.display_name }
515 assert_response :redirect
516 assert_redirected_to login_path
517 assert_match "User #{user.display_name} not found.", flash[:error]
520 def test_confirm_resend_unknown_user
521 assert_no_difference "ActionMailer::Base.deliveries.size" do
522 perform_enqueued_jobs do
523 get :confirm_resend, :params => { :display_name => "No Such User" }
527 assert_response :redirect
528 assert_redirected_to login_path
529 assert_match "User No Such User not found.", flash[:error]
532 def test_confirm_email_get
534 confirm_string = user.tokens.create.token
536 get :confirm_email, :params => { :confirm_string => confirm_string }
537 assert_response :success
538 assert_template :confirm_email
541 def test_confirm_email_success
542 user = create(:user, :new_email => "test-new@example.com")
543 stub_gravatar_request(user.new_email)
544 confirm_string = user.tokens.create.token
546 post :confirm_email, :params => { :confirm_string => confirm_string }
547 assert_response :redirect
548 assert_redirected_to :action => :account, :display_name => user.display_name
549 assert_match(/Confirmed your change of email address/, flash[:notice])
552 def test_confirm_email_already_confirmed
554 confirm_string = user.tokens.create.token
556 post :confirm_email, :params => { :confirm_string => confirm_string }
557 assert_response :redirect
558 assert_redirected_to :action => :account, :display_name => user.display_name
559 assert_match(/already been confirmed/, flash[:error])
562 def test_confirm_email_bad_token
563 post :confirm_email, :params => { :confirm_string => "XXXXX" }
564 assert_response :success
565 assert_template :confirm_email
566 assert_match(/confirmation code has expired or does not exist/, flash[:error])
570 # test if testing for a gravatar works
571 # this happens when the email is actually changed
572 # which is triggered by the confirmation mail
573 def test_gravatar_auto_enable
574 # switch to email that has a gravatar
575 user = create(:user, :new_email => "test-new@example.com")
576 stub_gravatar_request(user.new_email, 200)
577 confirm_string = user.tokens.create.token
578 # precondition gravatar should be turned off
579 assert_not user.image_use_gravatar
580 post :confirm_email, :params => { :confirm_string => confirm_string }
581 assert_response :redirect
582 assert_redirected_to :action => :account, :display_name => user.display_name
583 assert_match(/Confirmed your change of email address/, flash[:notice])
584 # gravatar use should now be enabled
585 assert User.find(user.id).image_use_gravatar
588 def test_gravatar_auto_disable
589 # switch to email without a gravatar
590 user = create(:user, :new_email => "test-new@example.com", :image_use_gravatar => true)
591 stub_gravatar_request(user.new_email, 404)
592 confirm_string = user.tokens.create.token
593 # precondition gravatar should be turned on
594 assert user.image_use_gravatar
595 post :confirm_email, :params => { :confirm_string => confirm_string }
596 assert_response :redirect
597 assert_redirected_to :action => :account, :display_name => user.display_name
598 assert_match(/Confirmed your change of email address/, flash[:notice])
599 # gravatar use should now be disabled
600 assert_not User.find(user.id).image_use_gravatar
603 def test_terms_new_user
604 get :terms, :session => { :new_user => User.new }
605 assert_response :success
606 assert_template :terms
609 def test_terms_agreed
610 user = create(:user, :terms_seen => true, :terms_agreed => Date.yesterday)
612 session[:user] = user.id
615 assert_response :redirect
616 assert_redirected_to :action => :account, :display_name => user.display_name
619 def test_terms_not_seen_without_referer
620 user = create(:user, :terms_seen => false, :terms_agreed => nil)
622 session[:user] = user.id
625 assert_response :success
626 assert_template :terms
628 post :save, :params => { :user => { :consider_pd => true }, :read_ct => 1, :read_tou => 1 }
629 assert_response :redirect
630 assert_redirected_to :action => :account, :display_name => user.display_name
631 assert_equal "Thanks for accepting the new contributor terms!", flash[:notice]
635 assert user.consider_pd
636 assert_not_nil user.terms_agreed
637 assert user.terms_seen
640 def test_terms_not_seen_with_referer
641 user = create(:user, :terms_seen => false, :terms_agreed => nil)
643 session[:user] = user.id
645 get :terms, :params => { :referer => "/test" }
646 assert_response :success
647 assert_template :terms
649 post :save, :params => { :user => { :consider_pd => true }, :referer => "/test", :read_ct => 1, :read_tou => 1 }
650 assert_response :redirect
651 assert_redirected_to "/test"
652 assert_equal "Thanks for accepting the new contributor terms!", flash[:notice]
656 assert user.consider_pd
657 assert_not_nil user.terms_agreed
658 assert user.terms_seen
661 # Check that if you haven't seen the terms, and make a request that requires authentication,
662 # that your request is redirected to view the terms
663 def test_terms_not_seen_redirection
664 user = create(:user, :terms_seen => false, :terms_agreed => nil)
665 session[:user] = user.id
667 get :account, :params => { :display_name => user.display_name }
668 assert_response :redirect
669 assert_redirected_to :action => :terms, :referer => "/user/#{ERB::Util.u(user.display_name)}/account"
673 user = create(:user, :data_public => false)
674 post :go_public, :session => { :user => user }
675 assert_response :redirect
676 assert_redirected_to :action => :account, :display_name => user.display_name
677 assert User.find(user.id).data_public
680 def test_lost_password
681 # Test fetching the lost password page
683 assert_response :success
684 assert_template :lost_password
685 assert_select "div#notice", false
687 # Test resetting using the address as recorded for a user that has an
688 # address which is duplicated in a different case by another user
690 uppercase_user = build(:user, :email => user.email.upcase).tap { |u| u.save(:validate => false) }
692 assert_difference "ActionMailer::Base.deliveries.size", 1 do
693 perform_enqueued_jobs do
694 post :lost_password, :params => { :user => { :email => user.email } }
697 assert_response :redirect
698 assert_redirected_to :action => :login
699 assert_match(/^Sorry you lost it/, flash[:notice])
700 email = ActionMailer::Base.deliveries.first
701 assert_equal 1, email.to.count
702 assert_equal user.email, email.to.first
703 ActionMailer::Base.deliveries.clear
705 # Test resetting using an address that matches a different user
706 # that has the same address in a different case
707 assert_difference "ActionMailer::Base.deliveries.size", 1 do
708 perform_enqueued_jobs do
709 post :lost_password, :params => { :user => { :email => user.email.upcase } }
712 assert_response :redirect
713 assert_redirected_to :action => :login
714 assert_match(/^Sorry you lost it/, flash[:notice])
715 email = ActionMailer::Base.deliveries.first
716 assert_equal 1, email.to.count
717 assert_equal uppercase_user.email, email.to.first
718 ActionMailer::Base.deliveries.clear
720 # Test resetting using an address that is a case insensitive match
721 # for more than one user but not an exact match for either
722 assert_no_difference "ActionMailer::Base.deliveries.size" do
723 perform_enqueued_jobs do
724 post :lost_password, :params => { :user => { :email => user.email.titlecase } }
727 assert_response :success
728 assert_template :lost_password
729 assert_select ".error", /^Could not find that email address/
731 # Test resetting using the address as recorded for a user that has an
732 # address which is case insensitively unique
733 third_user = create(:user)
734 assert_difference "ActionMailer::Base.deliveries.size", 1 do
735 perform_enqueued_jobs do
736 post :lost_password, :params => { :user => { :email => third_user.email } }
739 assert_response :redirect
740 assert_redirected_to :action => :login
741 assert_match(/^Sorry you lost it/, flash[:notice])
742 email = ActionMailer::Base.deliveries.first
743 assert_equal 1, email.to.count
744 assert_equal third_user.email, email.to.first
745 ActionMailer::Base.deliveries.clear
747 # Test resetting using an address that matches a user that has the
748 # same (case insensitively unique) address in a different case
749 assert_difference "ActionMailer::Base.deliveries.size", 1 do
750 perform_enqueued_jobs do
751 post :lost_password, :params => { :user => { :email => third_user.email.upcase } }
754 assert_response :redirect
755 assert_redirected_to :action => :login
756 assert_match(/^Sorry you lost it/, flash[:notice])
757 email = ActionMailer::Base.deliveries.first
758 assert_equal 1, email.to.count
759 assert_equal third_user.email, email.to.first
760 ActionMailer::Base.deliveries.clear
763 def test_reset_password
764 user = create(:user, :pending)
765 # Test a request with no token
767 assert_response :bad_request
769 # Test a request with a bogus token
770 get :reset_password, :params => { :token => "made_up_token" }
771 assert_response :redirect
772 assert_redirected_to :action => :lost_password
774 # Create a valid token for a user
775 token = user.tokens.create
777 # Test a request with a valid token
778 get :reset_password, :params => { :token => token.token }
779 assert_response :success
780 assert_template :reset_password
782 # Test that errors are reported for erroneous submissions
783 post :reset_password, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "different_password" } }
784 assert_response :success
785 assert_template :reset_password
786 assert_select "div#errorExplanation"
788 # Test setting a new password
789 post :reset_password, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "new_password" } }
790 assert_response :redirect
791 assert_redirected_to root_path
792 assert_equal user.id, session[:user]
794 assert_equal "active", user.status
795 assert user.email_valid
796 assert_equal user, User.authenticate(:username => user.email, :password => "new_password")
800 # Get a user to work with - note that this user deliberately
801 # conflicts with uppercase_user in the email and display name
802 # fields to test that we can change other fields without any
803 # validation errors being reported
804 user = create(:user, :languages => [])
805 _uppercase_user = build(:user, :email => user.email.upcase, :display_name => user.display_name.upcase).tap { |u| u.save(:validate => false) }
807 # Make sure that you are redirected to the login page when
808 # you are not logged in
809 get :account, :params => { :display_name => user.display_name }
810 assert_response :redirect
811 assert_redirected_to :action => "login", :referer => "/user/#{ERB::Util.u(user.display_name)}/account"
813 # Make sure that you are blocked when not logged in as the right user
814 get :account, :params => { :display_name => user.display_name }, :session => { :user => create(:user) }
815 assert_response :forbidden
817 # Make sure we get the page when we are logged in as the right user
818 get :account, :params => { :display_name => user.display_name }, :session => { :user => user }
819 assert_response :success
820 assert_template :account
821 assert_select "form#accountForm" do |form|
822 assert_equal "post", form.attr("method").to_s
823 assert_select "input[name='_method']", false
824 assert_equal "/user/#{ERB::Util.u(user.display_name)}/account", form.attr("action").to_s
827 # Updating the description should work
828 user.description = "new description"
829 user.preferred_editor = "default"
830 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
831 assert_response :success
832 assert_template :account
833 assert_select "div#errorExplanation", false
834 assert_select ".notice", /^User information updated successfully/
835 assert_select "form#accountForm > fieldset > div.standard-form-row > div#user_description_container > div#user_description_content > textarea#user_description", user.description
837 # Changing to a invalid editor should fail
838 user.preferred_editor = "unknown"
839 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
840 assert_response :success
841 assert_template :account
842 assert_select ".notice", false
843 assert_select "div#errorExplanation"
844 assert_select "form#accountForm > fieldset > div.standard-form-row > select#user_preferred_editor > option[selected]", false
846 # Changing to a valid editor should work
847 user.preferred_editor = "potlatch2"
848 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
849 assert_response :success
850 assert_template :account
851 assert_select "div#errorExplanation", false
852 assert_select ".notice", /^User information updated successfully/
853 assert_select "form#accountForm > fieldset > div.standard-form-row > select#user_preferred_editor > option[selected][value=?]", "potlatch2"
855 # Changing to the default editor should work
856 user.preferred_editor = "default"
857 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
858 assert_response :success
859 assert_template :account
860 assert_select "div#errorExplanation", false
861 assert_select ".notice", /^User information updated successfully/
862 assert_select "form#accountForm > fieldset > div.standard-form-row > select#user_preferred_editor > option[selected]", false
864 # Changing to an uploaded image should work
865 image = Rack::Test::UploadedFile.new("test/gpx/fixtures/a.gif", "image/gif")
866 post :account, :params => { :display_name => user.display_name, :avatar_action => "new", :user => user.attributes.merge(:avatar => image) }, :session => { :user => user }
867 assert_response :success
868 assert_template :account
869 assert_select "div#errorExplanation", false
870 assert_select ".notice", /^User information updated successfully/
871 assert_select "form#accountForm > fieldset > div.standard-form-row.accountImage input[name=avatar_action][checked][value=?]", "keep"
873 # Changing to a gravatar image should work
874 post :account, :params => { :display_name => user.display_name, :avatar_action => "gravatar", :user => user.attributes }, :session => { :user => user }
875 assert_response :success
876 assert_template :account
877 assert_select "div#errorExplanation", false
878 assert_select ".notice", /^User information updated successfully/
879 assert_select "form#accountForm > fieldset > div.standard-form-row.accountImage input[name=avatar_action][checked][value=?]", "gravatar"
881 # Removing the image should work
882 post :account, :params => { :display_name => user.display_name, :avatar_action => "delete", :user => user.attributes }, :session => { :user => user }
883 assert_response :success
884 assert_template :account
885 assert_select "div#errorExplanation", false
886 assert_select ".notice", /^User information updated successfully/
887 assert_select "form#accountForm > fieldset > div.standard-form-row.accountImage input[name=avatar_action][checked]", false
889 # Adding external authentication should redirect to the auth provider
890 post :account, :params => { :display_name => user.display_name, :user => user.attributes.merge(:auth_provider => "openid", :auth_uid => "gmail.com") }, :session => { :user => user }
891 assert_response :redirect
892 assert_redirected_to auth_path(:provider => "openid", :openid_url => "https://www.google.com/accounts/o8/id", :origin => "/user/#{ERB::Util.u(user.display_name)}/account")
894 # Changing name to one that exists should fail
895 new_attributes = user.attributes.dup.merge(:display_name => create(:user).display_name)
896 post :account, :params => { :display_name => user.display_name, :user => new_attributes }, :session => { :user => user }
897 assert_response :success
898 assert_template :account
899 assert_select ".notice", false
900 assert_select "div#errorExplanation"
901 assert_select "form#accountForm > fieldset > div.standard-form-row > input.field_with_errors#user_display_name"
903 # Changing name to one that exists should fail, regardless of case
904 new_attributes = user.attributes.dup.merge(:display_name => create(:user).display_name.upcase)
905 post :account, :params => { :display_name => user.display_name, :user => new_attributes }, :session => { :user => user }
906 assert_response :success
907 assert_template :account
908 assert_select ".notice", false
909 assert_select "div#errorExplanation"
910 assert_select "form#accountForm > fieldset > div.standard-form-row > input.field_with_errors#user_display_name"
912 # Changing name to one that doesn't exist should work
913 new_attributes = user.attributes.dup.merge(:display_name => "new tester")
914 post :account, :params => { :display_name => user.display_name, :user => new_attributes }, :session => { :user => user }
915 assert_response :success
916 assert_template :account
917 assert_select "div#errorExplanation", false
918 assert_select ".notice", /^User information updated successfully/
919 assert_select "form#accountForm > fieldset > div.standard-form-row > input#user_display_name[value=?]", "new tester"
921 # Record the change of name
922 user.display_name = "new tester"
924 # Changing email to one that exists should fail
925 user.new_email = create(:user).email
926 assert_no_difference "ActionMailer::Base.deliveries.size" do
927 perform_enqueued_jobs do
928 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
931 assert_response :success
932 assert_template :account
933 assert_select ".notice", false
934 assert_select "div#errorExplanation"
935 assert_select "form#accountForm > fieldset > div.standard-form-row > input.field_with_errors#user_new_email"
937 # Changing email to one that exists should fail, regardless of case
938 user.new_email = create(:user).email.upcase
939 assert_no_difference "ActionMailer::Base.deliveries.size" do
940 perform_enqueued_jobs do
941 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
944 assert_response :success
945 assert_template :account
946 assert_select ".notice", false
947 assert_select "div#errorExplanation"
948 assert_select "form#accountForm > fieldset > div.standard-form-row > input.field_with_errors#user_new_email"
950 # Changing email to one that doesn't exist should work
951 user.new_email = "new_tester@example.com"
952 assert_difference "ActionMailer::Base.deliveries.size", 1 do
953 perform_enqueued_jobs do
954 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
957 assert_response :success
958 assert_template :account
959 assert_select "div#errorExplanation", false
960 assert_select ".notice", /^User information updated successfully/
961 assert_select "form#accountForm > fieldset > div.standard-form-row > input#user_new_email[value=?]", user.new_email
962 email = ActionMailer::Base.deliveries.first
963 assert_equal 1, email.to.count
964 assert_equal user.new_email, email.to.first
965 ActionMailer::Base.deliveries.clear
968 # Check that the user account page will display and contains some relevant
969 # information for the user
971 # Test a non-existent user
972 get :show, :params => { :display_name => "unknown" }
973 assert_response :not_found
976 user = create(:user, :home_lon => 1.1, :home_lat => 1.1)
977 friend_user = create(:user, :home_lon => 1.2, :home_lat => 1.2)
978 create(:friendship, :befriender => user, :befriendee => friend_user)
979 create(:changeset, :user => friend_user)
981 get :show, :params => { :display_name => user.display_name }
982 assert_response :success
983 assert_select "div#userinformation" do
984 assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
985 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/traces']", 1
986 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1
987 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1
988 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 0
989 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0
990 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0
991 assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 0
994 # Friends shouldn't be visible as we're not logged in
995 assert_select "div#friends-container", :count => 0
997 # Test a user who has been blocked
998 blocked_user = create(:user)
999 create(:user_block, :user => blocked_user)
1000 get :show, :params => { :display_name => blocked_user.display_name }
1001 assert_response :success
1002 assert_select "div#userinformation" do
1003 assert_select "a[href^='/user/#{ERB::Util.u(blocked_user.display_name)}/history']", 1
1004 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/traces']", 1
1005 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/diary']", 1
1006 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/diary/comments']", 1
1007 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/account']", 0
1008 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/blocks']", 1
1009 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/blocks_by']", 0
1010 assert_select "a[href='/blocks/new/#{ERB::Util.u(blocked_user.display_name)}']", 0
1013 # Test a moderator who has applied blocks
1014 moderator_user = create(:moderator_user)
1015 create(:user_block, :creator => moderator_user)
1016 get :show, :params => { :display_name => moderator_user.display_name }
1017 assert_response :success
1018 assert_select "div#userinformation" do
1019 assert_select "a[href^='/user/#{ERB::Util.u(moderator_user.display_name)}/history']", 1
1020 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/traces']", 1
1021 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/diary']", 1
1022 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/diary/comments']", 1
1023 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/account']", 0
1024 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/blocks']", 0
1025 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/blocks_by']", 1
1026 assert_select "a[href='/blocks/new/#{ERB::Util.u(moderator_user.display_name)}']", 0
1029 # Login as a normal user
1030 session[:user] = user.id
1032 # Test the normal user
1033 get :show, :params => { :display_name => user.display_name }
1034 assert_response :success
1035 assert_select "div#userinformation" do
1036 assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
1037 assert_select "a[href='/traces/mine']", 1
1038 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1
1039 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1
1040 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 1
1041 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0
1042 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0
1043 assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 0
1046 # Friends should be visible as we're now logged in
1047 assert_select "div#friends-container" do
1048 assert_select "div.contact-activity", :count => 1
1051 # Login as a moderator
1052 session[:user] = create(:moderator_user).id
1054 # Test the normal user
1055 get :show, :params => { :display_name => user.display_name }
1056 assert_response :success
1057 assert_select "div#userinformation" do
1058 assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
1059 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/traces']", 1
1060 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1
1061 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1
1062 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 0
1063 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0
1064 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0
1065 assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 1
1069 # Test whether information about contributor terms is shown for users who haven't agreed
1070 def test_terms_not_agreed
1071 agreed_user = create(:user, :terms_agreed => 3.days.ago)
1072 seen_user = create(:user, :terms_seen => true, :terms_agreed => nil)
1073 not_seen_user = create(:user, :terms_seen => false, :terms_agreed => nil)
1075 get :show, :params => { :display_name => agreed_user.display_name }
1076 assert_response :success
1077 assert_select "div#userinformation" do
1078 assert_select "p", :count => 0, :text => /Contributor terms/
1081 get :show, :params => { :display_name => seen_user.display_name }
1082 assert_response :success
1083 # put @response.body
1084 assert_select "div#userinformation" do
1085 assert_select "p", :count => 1, :text => /Contributor terms/
1086 assert_select "p", /Declined/
1089 get :show, :params => { :display_name => not_seen_user.display_name }
1090 assert_response :success
1091 assert_select "div#userinformation" do
1092 assert_select "p", :count => 1, :text => /Contributor terms/
1093 assert_select "p", /Undecided/
1097 def test_make_friend
1098 # Get users to work with
1099 user = create(:user)
1100 friend = create(:user)
1102 # Check that the users aren't already friends
1103 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1105 # When not logged in a GET should ask us to login
1106 get :make_friend, :params => { :display_name => friend.display_name }
1107 assert_redirected_to :action => "login", :referer => make_friend_path(:display_name => friend.display_name)
1109 # When not logged in a POST should error
1110 post :make_friend, :params => { :display_name => friend.display_name }
1111 assert_response :forbidden
1112 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1114 # When logged in a GET should get a confirmation page
1115 get :make_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1116 assert_response :success
1117 assert_template :make_friend
1118 assert_select "form" do
1119 assert_select "input[type='hidden'][name='referer']", 0
1120 assert_select "input[type='submit']", 1
1122 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1124 # When logged in a POST should add the friendship
1125 assert_difference "ActionMailer::Base.deliveries.size", 1 do
1126 perform_enqueued_jobs do
1127 post :make_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1130 assert_redirected_to user_path(friend)
1131 assert_match(/is now your friend/, flash[:notice])
1132 assert Friendship.where(:befriender => user, :befriendee => friend).first
1133 email = ActionMailer::Base.deliveries.first
1134 assert_equal 1, email.to.count
1135 assert_equal friend.email, email.to.first
1136 ActionMailer::Base.deliveries.clear
1138 # A second POST should report that the friendship already exists
1139 assert_no_difference "ActionMailer::Base.deliveries.size" do
1140 perform_enqueued_jobs do
1141 post :make_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1144 assert_redirected_to user_path(friend)
1145 assert_match(/You are already friends with/, flash[:warning])
1146 assert Friendship.where(:befriender => user, :befriendee => friend).first
1149 def test_make_friend_with_referer
1150 # Get users to work with
1151 user = create(:user)
1152 friend = create(:user)
1154 # Check that the users aren't already friends
1155 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1157 # The GET should preserve any referer
1158 get :make_friend, :params => { :display_name => friend.display_name, :referer => "/test" }, :session => { :user => user }
1159 assert_response :success
1160 assert_template :make_friend
1161 assert_select "form" do
1162 assert_select "input[type='hidden'][name='referer'][value='/test']", 1
1163 assert_select "input[type='submit']", 1
1165 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1167 # When logged in a POST should add the friendship and refer us
1168 assert_difference "ActionMailer::Base.deliveries.size", 1 do
1169 perform_enqueued_jobs do
1170 post :make_friend, :params => { :display_name => friend.display_name, :referer => "/test" }, :session => { :user => user }
1173 assert_redirected_to "/test"
1174 assert_match(/is now your friend/, flash[:notice])
1175 assert Friendship.where(:befriender => user, :befriendee => friend).first
1176 email = ActionMailer::Base.deliveries.first
1177 assert_equal 1, email.to.count
1178 assert_equal friend.email, email.to.first
1179 ActionMailer::Base.deliveries.clear
1182 def test_make_friend_unkown_user
1183 # Should error when a bogus user is specified
1184 get :make_friend, :params => { :display_name => "No Such User" }, :session => { :user => create(:user) }
1185 assert_response :not_found
1186 assert_template :no_such_user
1189 def test_remove_friend
1190 # Get users to work with
1191 user = create(:user)
1192 friend = create(:user)
1193 create(:friendship, :befriender => user, :befriendee => friend)
1195 # Check that the users are friends
1196 assert Friendship.where(:befriender => user, :befriendee => friend).first
1198 # When not logged in a GET should ask us to login
1199 get :remove_friend, :params => { :display_name => friend.display_name }
1200 assert_redirected_to :action => "login", :referer => remove_friend_path(:display_name => friend.display_name)
1202 # When not logged in a POST should error
1203 post :remove_friend, :params => { :display_name => friend.display_name }
1204 assert_response :forbidden
1205 assert Friendship.where(:befriender => user, :befriendee => friend).first
1207 # When logged in a GET should get a confirmation page
1208 get :remove_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1209 assert_response :success
1210 assert_template :remove_friend
1211 assert_select "form" do
1212 assert_select "input[type='hidden'][name='referer']", 0
1213 assert_select "input[type='submit']", 1
1215 assert Friendship.where(:befriender => user, :befriendee => friend).first
1217 # When logged in a POST should remove the friendship
1218 post :remove_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1219 assert_redirected_to user_path(friend)
1220 assert_match(/was removed from your friends/, flash[:notice])
1221 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1223 # A second POST should report that the friendship does not exist
1224 post :remove_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1225 assert_redirected_to user_path(friend)
1226 assert_match(/is not one of your friends/, flash[:error])
1227 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1230 def test_remove_friend_with_referer
1231 # Get users to work with
1232 user = create(:user)
1233 friend = create(:user)
1234 create(:friendship, :befriender => user, :befriendee => friend)
1236 # Check that the users are friends
1237 assert Friendship.where(:befriender => user, :befriendee => friend).first
1239 # The GET should preserve any referer
1240 get :remove_friend, :params => { :display_name => friend.display_name, :referer => "/test" }, :session => { :user => user }
1241 assert_response :success
1242 assert_template :remove_friend
1243 assert_select "form" do
1244 assert_select "input[type='hidden'][name='referer'][value='/test']", 1
1245 assert_select "input[type='submit']", 1
1247 assert Friendship.where(:befriender => user, :befriendee => friend).first
1249 # When logged in a POST should remove the friendship and refer
1250 post :remove_friend, :params => { :display_name => friend.display_name, :referer => "/test" }, :session => { :user => user }
1251 assert_redirected_to "/test"
1252 assert_match(/was removed from your friends/, flash[:notice])
1253 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1256 def test_remove_friend_unkown_user
1257 # Should error when a bogus user is specified
1258 get :remove_friend, :params => { :display_name => "No Such User" }, :session => { :user => create(:user) }
1259 assert_response :not_found
1260 assert_template :no_such_user
1264 user = create(:user)
1266 # Try without logging in
1267 get :set_status, :params => { :display_name => user.display_name, :status => "suspended" }
1268 assert_response :redirect
1269 assert_redirected_to :action => :login, :referer => set_status_user_path(:status => "suspended")
1271 # Now try as a normal user
1272 get :set_status, :params => { :display_name => user.display_name, :status => "suspended" }, :session => { :user => user }
1273 assert_response :redirect
1274 assert_redirected_to :controller => :errors, :action => :forbidden
1276 # Finally try as an administrator
1277 get :set_status, :params => { :display_name => user.display_name, :status => "suspended" }, :session => { :user => create(:administrator_user) }
1278 assert_response :redirect
1279 assert_redirected_to :action => :show, :display_name => user.display_name
1280 assert_equal "suspended", User.find(user.id).status
1284 user = create(:user, :home_lat => 12.1, :home_lon => 12.1, :description => "test")
1286 # Try without logging in
1287 get :delete, :params => { :display_name => user.display_name, :status => "suspended" }
1288 assert_response :redirect
1289 assert_redirected_to :action => :login, :referer => delete_user_path(:status => "suspended")
1291 # Now try as a normal user
1292 get :delete, :params => { :display_name => user.display_name, :status => "suspended" }, :session => { :user => user }
1293 assert_response :redirect
1294 assert_redirected_to :controller => :errors, :action => :forbidden
1296 # Finally try as an administrator
1297 get :delete, :params => { :display_name => user.display_name, :status => "suspended" }, :session => { :user => create(:administrator_user) }
1298 assert_response :redirect
1299 assert_redirected_to :action => :show, :display_name => user.display_name
1301 # Check that the user was deleted properly
1303 assert_equal "user_#{user.id}", user.display_name
1304 assert_equal "", user.description
1305 assert_nil user.home_lat
1306 assert_nil user.home_lon
1307 assert_not user.avatar.attached?
1308 assert_not user.email_valid
1309 assert_nil user.new_email
1310 assert_nil user.auth_provider
1311 assert_nil user.auth_uid
1312 assert_equal "deleted", user.status
1316 user = create(:user)
1317 moderator_user = create(:moderator_user)
1318 administrator_user = create(:administrator_user)
1319 _suspended_user = create(:user, :suspended)
1320 _ip_user = create(:user, :creation_ip => "1.2.3.4")
1322 # There are now 7 users - the five above, plus two extra "granters" for the
1323 # moderator_user and administrator_user
1324 assert_equal 7, User.count
1326 # Shouldn't work when not logged in
1328 assert_response :redirect
1329 assert_redirected_to :action => :login, :referer => users_path
1331 session[:user] = user.id
1333 # Shouldn't work when logged in as a normal user
1335 assert_response :redirect
1336 assert_redirected_to :controller => :errors, :action => :forbidden
1338 session[:user] = moderator_user.id
1340 # Shouldn't work when logged in as a moderator
1342 assert_response :redirect
1343 assert_redirected_to :controller => :errors, :action => :forbidden
1345 session[:user] = administrator_user.id
1347 # Note there is a header row, so all row counts are users + 1
1348 # Should work when logged in as an administrator
1350 assert_response :success
1351 assert_template :index
1352 assert_select "table#user_list tr", :count => 7 + 1
1354 # Should be able to limit by status
1355 get :index, :params => { :status => "suspended" }
1356 assert_response :success
1357 assert_template :index
1358 assert_select "table#user_list tr", :count => 1 + 1
1360 # Should be able to limit by IP address
1361 get :index, :params => { :ip => "1.2.3.4" }
1362 assert_response :success
1363 assert_template :index
1364 assert_select "table#user_list tr", :count => 1 + 1
1367 def test_index_get_paginated
1368 1.upto(100).each do |n|
1369 User.create(:display_name => "extra_#{n}",
1370 :email => "extra#{n}@example.com",
1371 :pass_crypt => "extraextra")
1374 session[:user] = create(:administrator_user).id
1376 # 100 examples, an administrator, and a granter for the admin.
1377 assert_equal 102, User.count
1380 assert_response :success
1381 assert_template :index
1382 assert_select "table#user_list tr", :count => 51
1384 get :index, :params => { :page => 2 }
1385 assert_response :success
1386 assert_template :index
1387 assert_select "table#user_list tr", :count => 51
1389 get :index, :params => { :page => 3 }
1390 assert_response :success
1391 assert_template :index
1392 assert_select "table#user_list tr", :count => 3
1395 def test_index_post_confirm
1396 inactive_user = create(:user, :pending)
1397 suspended_user = create(:user, :suspended)
1399 # Shouldn't work when not logged in
1400 assert_no_difference "User.active.count" do
1401 post :index, :params => { :confirm => 1, :user => { inactive_user.id => 1, suspended_user.id => 1 } }
1403 assert_response :forbidden
1405 assert_equal "pending", inactive_user.reload.status
1406 assert_equal "suspended", suspended_user.reload.status
1408 session[:user] = create(:user).id
1410 # Shouldn't work when logged in as a normal user
1411 assert_no_difference "User.active.count" do
1412 post :index, :params => { :confirm => 1, :user => { inactive_user.id => 1, suspended_user.id => 1 } }
1414 assert_response :redirect
1415 assert_redirected_to :controller => :errors, :action => :forbidden
1416 assert_equal "pending", inactive_user.reload.status
1417 assert_equal "suspended", suspended_user.reload.status
1419 session[:user] = create(:moderator_user).id
1421 # Shouldn't work when logged in as a moderator
1422 assert_no_difference "User.active.count" do
1423 post :index, :params => { :confirm => 1, :user => { inactive_user.id => 1, suspended_user.id => 1 } }
1425 assert_response :redirect
1426 assert_redirected_to :controller => :errors, :action => :forbidden
1427 assert_equal "pending", inactive_user.reload.status
1428 assert_equal "suspended", suspended_user.reload.status
1430 session[:user] = create(:administrator_user).id
1432 # Should work when logged in as an administrator
1433 assert_difference "User.active.count", 2 do
1434 post :index, :params => { :confirm => 1, :user => { inactive_user.id => 1, suspended_user.id => 1 } }
1436 assert_response :redirect
1437 assert_redirected_to :action => :index
1438 assert_equal "confirmed", inactive_user.reload.status
1439 assert_equal "confirmed", suspended_user.reload.status
1442 def test_index_post_hide
1443 normal_user = create(:user)
1444 confirmed_user = create(:user, :confirmed)
1446 # Shouldn't work when not logged in
1447 assert_no_difference "User.active.count" do
1448 post :index, :params => { :hide => 1, :user => { normal_user.id => 1, confirmed_user.id => 1 } }
1450 assert_response :forbidden
1452 assert_equal "active", normal_user.reload.status
1453 assert_equal "confirmed", confirmed_user.reload.status
1455 session[:user] = create(:user).id
1457 # Shouldn't work when logged in as a normal user
1458 assert_no_difference "User.active.count" do
1459 post :index, :params => { :hide => 1, :user => { normal_user.id => 1, confirmed_user.id => 1 } }
1461 assert_response :redirect
1462 assert_redirected_to :controller => :errors, :action => :forbidden
1463 assert_equal "active", normal_user.reload.status
1464 assert_equal "confirmed", confirmed_user.reload.status
1466 session[:user] = create(:moderator_user).id
1468 # Shouldn't work when logged in as a moderator
1469 assert_no_difference "User.active.count" do
1470 post :index, :params => { :hide => 1, :user => { normal_user.id => 1, confirmed_user.id => 1 } }
1472 assert_response :redirect
1473 assert_redirected_to :controller => :errors, :action => :forbidden
1474 assert_equal "active", normal_user.reload.status
1475 assert_equal "confirmed", confirmed_user.reload.status
1477 session[:user] = create(:administrator_user).id
1479 # Should work when logged in as an administrator
1480 assert_difference "User.active.count", -2 do
1481 post :index, :params => { :hide => 1, :user => { normal_user.id => 1, confirmed_user.id => 1 } }
1483 assert_response :redirect
1484 assert_redirected_to :action => :index
1485 assert_equal "deleted", normal_user.reload.status
1486 assert_equal "deleted", confirmed_user.reload.status