3 class UsersControllerTest < ActionController::TestCase
9 # test all routes which lead to this controller
12 { :path => "/login", :method => :get },
13 { :controller => "users", :action => "login" }
16 { :path => "/login", :method => :post },
17 { :controller => "users", :action => "login" }
20 { :controller => "users", :action => "login", :format => "html" },
21 { :path => "/login.html", :method => :get }
25 { :path => "/logout", :method => :get },
26 { :controller => "users", :action => "logout" }
29 { :path => "/logout", :method => :post },
30 { :controller => "users", :action => "logout" }
33 { :controller => "users", :action => "logout", :format => "html" },
34 { :path => "/logout.html", :method => :get }
38 { :path => "/user/new", :method => :get },
39 { :controller => "users", :action => "new" }
43 { :path => "/user/new", :method => :post },
44 { :controller => "users", :action => "create" }
48 { :path => "/user/terms", :method => :get },
49 { :controller => "users", :action => "terms" }
53 { :path => "/user/save", :method => :post },
54 { :controller => "users", :action => "save" }
58 { :path => "/user/username/confirm", :method => :get },
59 { :controller => "users", :action => "confirm", :display_name => "username" }
62 { :path => "/user/username/confirm", :method => :post },
63 { :controller => "users", :action => "confirm", :display_name => "username" }
66 { :path => "/user/username/confirm/resend", :method => :get },
67 { :controller => "users", :action => "confirm_resend", :display_name => "username" }
71 { :path => "/user/confirm", :method => :get },
72 { :controller => "users", :action => "confirm" }
75 { :path => "/user/confirm", :method => :post },
76 { :controller => "users", :action => "confirm" }
79 { :path => "/user/confirm-email", :method => :get },
80 { :controller => "users", :action => "confirm_email" }
83 { :path => "/user/confirm-email", :method => :post },
84 { :controller => "users", :action => "confirm_email" }
88 { :path => "/user/go_public", :method => :post },
89 { :controller => "users", :action => "go_public" }
93 { :path => "/user/forgot-password", :method => :get },
94 { :controller => "users", :action => "lost_password" }
97 { :path => "/user/forgot-password", :method => :post },
98 { :controller => "users", :action => "lost_password" }
101 { :path => "/user/reset-password", :method => :get },
102 { :controller => "users", :action => "reset_password" }
105 { :path => "/user/reset-password", :method => :post },
106 { :controller => "users", :action => "reset_password" }
110 { :path => "/user/suspended", :method => :get },
111 { :controller => "users", :action => "suspended" }
115 { :path => "/user/username", :method => :get },
116 { :controller => "users", :action => "show", :display_name => "username" }
120 { :path => "/user/username/account", :method => :get },
121 { :controller => "users", :action => "account", :display_name => "username" }
124 { :path => "/user/username/account", :method => :post },
125 { :controller => "users", :action => "account", :display_name => "username" }
129 { :path => "/user/username/make_friend", :method => :get },
130 { :controller => "users", :action => "make_friend", :display_name => "username" }
133 { :path => "/user/username/make_friend", :method => :post },
134 { :controller => "users", :action => "make_friend", :display_name => "username" }
137 { :path => "/user/username/remove_friend", :method => :get },
138 { :controller => "users", :action => "remove_friend", :display_name => "username" }
141 { :path => "/user/username/remove_friend", :method => :post },
142 { :controller => "users", :action => "remove_friend", :display_name => "username" }
146 { :path => "/user/username/set_status", :method => :get },
147 { :controller => "users", :action => "set_status", :display_name => "username" }
150 { :path => "/user/username/delete", :method => :get },
151 { :controller => "users", :action => "delete", :display_name => "username" }
155 { :path => "/users", :method => :get },
156 { :controller => "users", :action => "index" }
159 { :path => "/users", :method => :post },
160 { :controller => "users", :action => "index" }
163 { :path => "/users/status", :method => :get },
164 { :controller => "users", :action => "index", :status => "status" }
167 { :path => "/users/status", :method => :post },
168 { :controller => "users", :action => "index", :status => "status" }
172 # The user creation page loads
175 assert_response :redirect
176 assert_redirected_to user_new_path(:cookie_test => "true")
178 get :new, :params => { :cookie_test => "true" }, :session => { :cookie_test => true }
179 assert_response :success
181 assert_select "html", :count => 1 do
182 assert_select "head", :count => 1 do
183 assert_select "title", :text => /Sign Up/, :count => 1
185 assert_select "body", :count => 1 do
186 assert_select "div#content", :count => 1 do
187 assert_select "form[action='/user/new'][method='post']", :count => 1 do
188 assert_select "input[id='user_email']", :count => 1
189 assert_select "input[id='user_email_confirmation']", :count => 1
190 assert_select "input[id='user_display_name']", :count => 1
191 assert_select "input[id='user_pass_crypt'][type='password']", :count => 1
192 assert_select "input[id='user_pass_crypt_confirmation'][type='password']", :count => 1
193 assert_select "input[type='submit'][value='Sign Up']", :count => 1
200 def test_new_view_logged_in
201 session[:user] = create(:user).id
204 assert_response :redirect
205 assert_redirected_to user_new_path(:cookie_test => "true")
206 get :new, :params => { :cookie_test => "true" }
207 assert_response :redirect
208 assert_redirected_to root_path
210 get :new, :params => { :referer => "/test" }
211 assert_response :redirect
212 assert_redirected_to user_new_path(:referer => "/test", :cookie_test => "true")
213 get :new, :params => { :referer => "/test", :cookie_test => "true" }
214 assert_response :redirect
215 assert_redirected_to "/test"
219 user = build(:user, :pending)
221 assert_difference "User.count", 1 do
222 assert_difference "ActionMailer::Base.deliveries.size", 1 do
223 perform_enqueued_jobs do
224 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
230 register_email = ActionMailer::Base.deliveries.first
232 assert_equal register_email.to[0], user.email
233 assert_match(/#{@url}/, register_email.body.to_s)
236 assert_redirected_to :action => "confirm", :display_name => user.display_name
238 ActionMailer::Base.deliveries.clear
241 def test_new_duplicate_email
242 user = build(:user, :pending)
243 user.email = create(:user).email
245 assert_no_difference "User.count" do
246 assert_no_difference "ActionMailer::Base.deliveries.size" do
247 perform_enqueued_jobs do
248 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
253 assert_response :success
254 assert_template "new"
255 assert_select "form > fieldset > div.form-row > input.field_with_errors#user_email"
258 def test_new_duplicate_email_uppercase
259 user = build(:user, :pending)
260 user.email = create(:user).email.upcase
262 assert_no_difference "User.count" do
263 assert_no_difference "ActionMailer::Base.deliveries.size" do
264 perform_enqueued_jobs do
265 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
270 assert_response :success
271 assert_template "new"
272 assert_select "form > fieldset > div.form-row > input.field_with_errors#user_email"
275 def test_new_duplicate_name
276 user = build(:user, :pending)
277 user.display_name = create(:user).display_name
279 assert_no_difference "User.count" do
280 assert_no_difference "ActionMailer::Base.deliveries.size" do
281 perform_enqueued_jobs do
282 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
287 assert_response :success
288 assert_template "new"
289 assert_select "form > fieldset > div.form-row > input.field_with_errors#user_display_name"
292 def test_new_duplicate_name_uppercase
293 user = build(:user, :pending)
294 user.display_name = create(:user).display_name.upcase
296 assert_no_difference "User.count" do
297 assert_no_difference "ActionMailer::Base.deliveries.size" do
298 perform_enqueued_jobs do
299 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
304 assert_response :success
305 assert_template "new"
306 assert_select "form > fieldset > div.form-row > input.field_with_errors#user_display_name"
309 def test_new_blocked_domain
310 user = build(:user, :pending, :email => "user@example.net")
311 create(:acl, :domain => "example.net", :k => "no_account_creation")
313 assert_no_difference "User.count" do
314 assert_no_difference "ActionMailer::Base.deliveries.size" do
315 perform_enqueued_jobs do
316 post :save, :session => { :new_user => user }, :params => { :read_ct => 1, :read_tou => 1 }
321 assert_response :success
322 assert_template "blocked"
325 def test_save_referer_params
326 user = build(:user, :pending)
328 assert_difference "User.count", 1 do
329 assert_difference "ActionMailer::Base.deliveries.size", 1 do
330 perform_enqueued_jobs do
331 post :save, :session => { :new_user => user,
332 :referer => "/edit?editor=id#map=1/2/3" },
333 :params => { :read_ct => 1, :read_tou => 1 }
338 assert_equal welcome_path(:editor => "id", :zoom => 1, :lat => 2, :lon => 3),
339 user.tokens.order("id DESC").first.referer
341 ActionMailer::Base.deliveries.clear
344 def test_logout_without_referer
346 assert_response :success
347 assert_template :logout
348 assert_select "input[name=referer][value=?]", ""
350 session_id = assert_select("input[name=session]").first["value"]
352 get :logout, :params => { :session => session_id }
353 assert_response :redirect
354 assert_redirected_to root_path
357 def test_logout_with_referer
358 get :logout, :params => { :referer => "/test" }
359 assert_response :success
360 assert_template :logout
361 assert_select "input[name=referer][value=?]", "/test"
363 session_id = assert_select("input[name=session]").first["value"]
365 get :logout, :params => { :session => session_id, :referer => "/test" }
366 assert_response :redirect
367 assert_redirected_to "/test"
370 def test_logout_with_token
371 token = create(:user).tokens.create
373 session[:token] = token.token
376 assert_response :success
377 assert_template :logout
378 assert_select "input[name=referer][value=?]", ""
379 assert_equal token.token, session[:token]
380 assert_not_nil UserToken.where(:id => token.id).first
382 session_id = assert_select("input[name=session]").first["value"]
384 get :logout, :params => { :session => session_id }
385 assert_response :redirect
386 assert_redirected_to root_path
387 assert_nil session[:token]
388 assert_nil UserToken.where(:id => token.id).first
392 user = create(:user, :pending)
393 confirm_string = user.tokens.create.token
395 @request.cookies["_osm_session"] = user.display_name
396 get :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
397 assert_response :success
398 assert_template :confirm
401 def test_confirm_get_already_confirmed
403 confirm_string = user.tokens.create.token
405 @request.cookies["_osm_session"] = user.display_name
406 get :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
407 assert_response :redirect
408 assert_redirected_to root_path
411 def test_confirm_success_no_token_no_referer
412 user = create(:user, :pending)
413 stub_gravatar_request(user.email)
414 confirm_string = user.tokens.create.token
416 @request.cookies["_osm_session"] = user.display_name
417 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
418 assert_redirected_to login_path
419 assert_match(/Confirmed your account/, flash[:notice])
422 def test_confirm_success_good_token_no_referer
423 user = create(:user, :pending)
424 stub_gravatar_request(user.email)
425 confirm_string = user.tokens.create.token
426 token = user.tokens.create.token
428 @request.cookies["_osm_session"] = user.display_name
429 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
430 assert_redirected_to welcome_path
433 def test_confirm_success_bad_token_no_referer
434 user = create(:user, :pending)
435 stub_gravatar_request(user.email)
436 confirm_string = user.tokens.create.token
437 token = create(:user).tokens.create.token
439 @request.cookies["_osm_session"] = user.display_name
440 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
441 assert_redirected_to login_path
442 assert_match(/Confirmed your account/, flash[:notice])
445 def test_confirm_success_no_token_with_referer
446 user = create(:user, :pending)
447 stub_gravatar_request(user.email)
448 confirm_string = user.tokens.create(:referer => new_diary_entry_path).token
450 @request.cookies["_osm_session"] = user.display_name
451 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
452 assert_redirected_to login_path(:referer => new_diary_entry_path)
453 assert_match(/Confirmed your account/, flash[:notice])
456 def test_confirm_success_good_token_with_referer
457 user = create(:user, :pending)
458 stub_gravatar_request(user.email)
459 confirm_string = user.tokens.create(:referer => new_diary_entry_path).token
460 token = user.tokens.create.token
462 @request.cookies["_osm_session"] = user.display_name
463 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
464 assert_redirected_to new_diary_entry_path
467 def test_confirm_success_bad_token_with_referer
468 user = create(:user, :pending)
469 stub_gravatar_request(user.email)
470 confirm_string = user.tokens.create(:referer => new_diary_entry_path).token
471 token = create(:user).tokens.create.token
473 @request.cookies["_osm_session"] = user.display_name
474 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }, :session => { :token => token }
475 assert_redirected_to login_path(:referer => new_diary_entry_path)
476 assert_match(/Confirmed your account/, flash[:notice])
479 def test_confirm_expired_token
480 user = create(:user, :pending)
481 confirm_string = user.tokens.create(:expiry => 1.day.ago).token
483 @request.cookies["_osm_session"] = user.display_name
484 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
485 assert_redirected_to :action => "confirm"
486 assert_match(/confirmation code has expired/, flash[:error])
489 def test_confirm_already_confirmed
491 confirm_string = user.tokens.create(:referer => new_diary_entry_path).token
493 @request.cookies["_osm_session"] = user.display_name
494 post :confirm, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
495 assert_redirected_to :action => "login"
496 assert_match(/already been confirmed/, flash[:error])
499 def test_confirm_resend_success
500 user = create(:user, :pending)
501 session[:token] = user.tokens.create.token
503 assert_difference "ActionMailer::Base.deliveries.size", 1 do
504 perform_enqueued_jobs do
505 get :confirm_resend, :params => { :display_name => user.display_name }
509 assert_response :redirect
510 assert_redirected_to login_path
511 assert_match(/sent a new confirmation/, flash[:notice])
513 email = ActionMailer::Base.deliveries.last
515 assert_equal user.email, email.to.first
517 ActionMailer::Base.deliveries.clear
520 def test_confirm_resend_no_token
521 user = create(:user, :pending)
522 assert_no_difference "ActionMailer::Base.deliveries.size" do
523 perform_enqueued_jobs do
524 get :confirm_resend, :params => { :display_name => user.display_name }
528 assert_response :redirect
529 assert_redirected_to login_path
530 assert_match "User #{user.display_name} not found.", flash[:error]
533 def test_confirm_resend_unknown_user
534 assert_no_difference "ActionMailer::Base.deliveries.size" do
535 perform_enqueued_jobs do
536 get :confirm_resend, :params => { :display_name => "No Such User" }
540 assert_response :redirect
541 assert_redirected_to login_path
542 assert_match "User No Such User not found.", flash[:error]
545 def test_confirm_email_get
547 confirm_string = user.tokens.create.token
549 get :confirm_email, :params => { :confirm_string => confirm_string }
550 assert_response :success
551 assert_template :confirm_email
554 def test_confirm_email_success
555 user = create(:user, :new_email => "test-new@example.com")
556 stub_gravatar_request(user.new_email)
557 confirm_string = user.tokens.create.token
559 post :confirm_email, :params => { :confirm_string => confirm_string }
560 assert_response :redirect
561 assert_redirected_to :action => :account, :display_name => user.display_name
562 assert_match(/Confirmed your change of email address/, flash[:notice])
565 def test_confirm_email_already_confirmed
567 confirm_string = user.tokens.create.token
569 post :confirm_email, :params => { :confirm_string => confirm_string }
570 assert_response :redirect
571 assert_redirected_to :action => :account, :display_name => user.display_name
572 assert_match(/already been confirmed/, flash[:error])
575 def test_confirm_email_bad_token
576 post :confirm_email, :params => { :confirm_string => "XXXXX" }
577 assert_response :success
578 assert_template :confirm_email
579 assert_match(/confirmation code has expired or does not exist/, flash[:error])
583 # test if testing for a gravatar works
584 # this happens when the email is actually changed
585 # which is triggered by the confirmation mail
586 def test_gravatar_auto_enable
587 # switch to email that has a gravatar
588 user = create(:user, :new_email => "test-new@example.com")
589 stub_gravatar_request(user.new_email, 200)
590 confirm_string = user.tokens.create.token
591 # precondition gravatar should be turned off
592 assert_not user.image_use_gravatar
593 post :confirm_email, :params => { :confirm_string => confirm_string }
594 assert_response :redirect
595 assert_redirected_to :action => :account, :display_name => user.display_name
596 assert_match(/Confirmed your change of email address/, flash[:notice])
597 # gravatar use should now be enabled
598 assert User.find(user.id).image_use_gravatar
601 def test_gravatar_auto_disable
602 # switch to email without a gravatar
603 user = create(:user, :new_email => "test-new@example.com", :image_use_gravatar => true)
604 stub_gravatar_request(user.new_email, 404)
605 confirm_string = user.tokens.create.token
606 # precondition gravatar should be turned on
607 assert user.image_use_gravatar
608 post :confirm_email, :params => { :confirm_string => confirm_string }
609 assert_response :redirect
610 assert_redirected_to :action => :account, :display_name => user.display_name
611 assert_match(/Confirmed your change of email address/, flash[:notice])
612 # gravatar use should now be disabled
613 assert_not User.find(user.id).image_use_gravatar
616 def test_terms_new_user
617 get :terms, :session => { :new_user => User.new }
618 assert_response :success
619 assert_template :terms
622 def test_terms_agreed
623 user = create(:user, :terms_seen => true, :terms_agreed => Date.yesterday)
625 session[:user] = user.id
628 assert_response :redirect
629 assert_redirected_to :action => :account, :display_name => user.display_name
632 def test_terms_not_seen_without_referer
633 user = create(:user, :terms_seen => false, :terms_agreed => nil)
635 session[:user] = user.id
638 assert_response :success
639 assert_template :terms
641 post :save, :params => { :user => { :consider_pd => true }, :read_ct => 1, :read_tou => 1 }
642 assert_response :redirect
643 assert_redirected_to :action => :account, :display_name => user.display_name
644 assert_equal "Thanks for accepting the new contributor terms!", flash[:notice]
648 assert_equal true, user.consider_pd
649 assert_not_nil user.terms_agreed
650 assert_equal true, user.terms_seen
653 def test_terms_not_seen_with_referer
654 user = create(:user, :terms_seen => false, :terms_agreed => nil)
656 session[:user] = user.id
658 get :terms, :params => { :referer => "/test" }
659 assert_response :success
660 assert_template :terms
662 post :save, :params => { :user => { :consider_pd => true }, :referer => "/test", :read_ct => 1, :read_tou => 1 }
663 assert_response :redirect
664 assert_redirected_to "/test"
665 assert_equal "Thanks for accepting the new contributor terms!", flash[:notice]
669 assert_equal true, user.consider_pd
670 assert_not_nil user.terms_agreed
671 assert_equal true, user.terms_seen
674 # Check that if you haven't seen the terms, and make a request that requires authentication,
675 # that your request is redirected to view the terms
676 def test_terms_not_seen_redirection
677 user = create(:user, :terms_seen => false, :terms_agreed => nil)
678 session[:user] = user.id
680 get :account, :params => { :display_name => user.display_name }
681 assert_response :redirect
682 assert_redirected_to :action => :terms, :referer => "/user/#{ERB::Util.u(user.display_name)}/account"
686 user = create(:user, :data_public => false)
687 post :go_public, :session => { :user => user }
688 assert_response :redirect
689 assert_redirected_to :action => :account, :display_name => user.display_name
690 assert_equal true, User.find(user.id).data_public
693 def test_lost_password
694 # Test fetching the lost password page
696 assert_response :success
697 assert_template :lost_password
698 assert_select "div#notice", false
700 # Test resetting using the address as recorded for a user that has an
701 # address which is duplicated in a different case by another user
703 uppercase_user = build(:user, :email => user.email.upcase).tap { |u| u.save(:validate => false) }
705 assert_difference "ActionMailer::Base.deliveries.size", 1 do
706 perform_enqueued_jobs do
707 post :lost_password, :params => { :user => { :email => user.email } }
710 assert_response :redirect
711 assert_redirected_to :action => :login
712 assert_match(/^Sorry you lost it/, flash[:notice])
713 email = ActionMailer::Base.deliveries.first
714 assert_equal 1, email.to.count
715 assert_equal user.email, email.to.first
716 ActionMailer::Base.deliveries.clear
718 # Test resetting using an address that matches a different user
719 # that has the same address in a different case
720 assert_difference "ActionMailer::Base.deliveries.size", 1 do
721 perform_enqueued_jobs do
722 post :lost_password, :params => { :user => { :email => user.email.upcase } }
725 assert_response :redirect
726 assert_redirected_to :action => :login
727 assert_match(/^Sorry you lost it/, flash[:notice])
728 email = ActionMailer::Base.deliveries.first
729 assert_equal 1, email.to.count
730 assert_equal uppercase_user.email, email.to.first
731 ActionMailer::Base.deliveries.clear
733 # Test resetting using an address that is a case insensitive match
734 # for more than one user but not an exact match for either
735 assert_no_difference "ActionMailer::Base.deliveries.size" do
736 perform_enqueued_jobs do
737 post :lost_password, :params => { :user => { :email => user.email.titlecase } }
740 assert_response :success
741 assert_template :lost_password
742 assert_select ".error", /^Could not find that email address/
744 # Test resetting using the address as recorded for a user that has an
745 # address which is case insensitively unique
746 third_user = create(:user)
747 assert_difference "ActionMailer::Base.deliveries.size", 1 do
748 perform_enqueued_jobs do
749 post :lost_password, :params => { :user => { :email => third_user.email } }
752 assert_response :redirect
753 assert_redirected_to :action => :login
754 assert_match(/^Sorry you lost it/, flash[:notice])
755 email = ActionMailer::Base.deliveries.first
756 assert_equal 1, email.to.count
757 assert_equal third_user.email, email.to.first
758 ActionMailer::Base.deliveries.clear
760 # Test resetting using an address that matches a user that has the
761 # same (case insensitively unique) address in a different case
762 assert_difference "ActionMailer::Base.deliveries.size", 1 do
763 perform_enqueued_jobs do
764 post :lost_password, :params => { :user => { :email => third_user.email.upcase } }
767 assert_response :redirect
768 assert_redirected_to :action => :login
769 assert_match(/^Sorry you lost it/, flash[:notice])
770 email = ActionMailer::Base.deliveries.first
771 assert_equal 1, email.to.count
772 assert_equal third_user.email, email.to.first
773 ActionMailer::Base.deliveries.clear
776 def test_reset_password
777 user = create(:user, :pending)
778 # Test a request with no token
780 assert_response :bad_request
782 # Test a request with a bogus token
783 get :reset_password, :params => { :token => "made_up_token" }
784 assert_response :redirect
785 assert_redirected_to :action => :lost_password
787 # Create a valid token for a user
788 token = user.tokens.create
790 # Test a request with a valid token
791 get :reset_password, :params => { :token => token.token }
792 assert_response :success
793 assert_template :reset_password
795 # Test that errors are reported for erroneous submissions
796 post :reset_password, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "different_password" } }
797 assert_response :success
798 assert_template :reset_password
799 assert_select "div#errorExplanation"
801 # Test setting a new password
802 post :reset_password, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "new_password" } }
803 assert_response :redirect
804 assert_redirected_to root_path
805 assert_equal user.id, session[:user]
807 assert_equal "active", user.status
808 assert_equal true, user.email_valid
809 assert_equal user, User.authenticate(:username => user.email, :password => "new_password")
813 # Get a user to work with - note that this user deliberately
814 # conflicts with uppercase_user in the email and display name
815 # fields to test that we can change other fields without any
816 # validation errors being reported
817 user = create(:user, :languages => [])
818 _uppercase_user = build(:user, :email => user.email.upcase, :display_name => user.display_name.upcase).tap { |u| u.save(:validate => false) }
820 # Make sure that you are redirected to the login page when
821 # you are not logged in
822 get :account, :params => { :display_name => user.display_name }
823 assert_response :redirect
824 assert_redirected_to :action => "login", :referer => "/user/#{ERB::Util.u(user.display_name)}/account"
826 # Make sure that you are blocked when not logged in as the right user
827 get :account, :params => { :display_name => user.display_name }, :session => { :user => create(:user) }
828 assert_response :forbidden
830 # Make sure we get the page when we are logged in as the right user
831 get :account, :params => { :display_name => user.display_name }, :session => { :user => user }
832 assert_response :success
833 assert_template :account
834 assert_select "form#accountForm" do |form|
835 assert_equal "post", form.attr("method").to_s
836 assert_select "input[name='_method']", false
837 assert_equal "/user/#{ERB::Util.u(user.display_name)}/account", form.attr("action").to_s
840 # Updating the description should work
841 user.description = "new description"
842 user.preferred_editor = "default"
843 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
844 assert_response :success
845 assert_template :account
846 assert_select "div#errorExplanation", false
847 assert_select ".notice", /^User information updated successfully/
848 assert_select "form#accountForm > fieldset > div.form-row > div#user_description_container > div#user_description_content > textarea#user_description", user.description
850 # Changing to a invalid editor should fail
851 user.preferred_editor = "unknown"
852 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
853 assert_response :success
854 assert_template :account
855 assert_select ".notice", false
856 assert_select "div#errorExplanation"
857 assert_select "form#accountForm > fieldset > div.form-row > select#user_preferred_editor > option[selected]", false
859 # Changing to a valid editor should work
860 user.preferred_editor = "potlatch2"
861 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
862 assert_response :success
863 assert_template :account
864 assert_select "div#errorExplanation", false
865 assert_select ".notice", /^User information updated successfully/
866 assert_select "form#accountForm > fieldset > div.form-row > select#user_preferred_editor > option[selected][value=?]", "potlatch2"
868 # Changing to the default editor should work
869 user.preferred_editor = "default"
870 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
871 assert_response :success
872 assert_template :account
873 assert_select "div#errorExplanation", false
874 assert_select ".notice", /^User information updated successfully/
875 assert_select "form#accountForm > fieldset > div.form-row > select#user_preferred_editor > option[selected]", false
877 # Changing to an uploaded image should work
878 image = Rack::Test::UploadedFile.new("test/gpx/fixtures/a.gif", "image/gif")
879 post :account, :params => { :display_name => user.display_name, :avatar_action => "new", :user => user.attributes.merge(:avatar => image) }, :session => { :user => user }
880 assert_response :success
881 assert_template :account
882 assert_select "div#errorExplanation", false
883 assert_select ".notice", /^User information updated successfully/
884 assert_select "form#accountForm > fieldset > div.form-row.accountImage input[name=avatar_action][checked][value=?]", "keep"
886 # Changing to a gravatar image should work
887 post :account, :params => { :display_name => user.display_name, :avatar_action => "gravatar", :user => user.attributes }, :session => { :user => user }
888 assert_response :success
889 assert_template :account
890 assert_select "div#errorExplanation", false
891 assert_select ".notice", /^User information updated successfully/
892 assert_select "form#accountForm > fieldset > div.form-row.accountImage input[name=avatar_action][checked][value=?]", "gravatar"
894 # Removing the image should work
895 post :account, :params => { :display_name => user.display_name, :avatar_action => "delete", :user => user.attributes }, :session => { :user => user }
896 assert_response :success
897 assert_template :account
898 assert_select "div#errorExplanation", false
899 assert_select ".notice", /^User information updated successfully/
900 assert_select "form#accountForm > fieldset > div.form-row.accountImage input[name=avatar_action][checked]", false
902 # Adding external authentication should redirect to the auth provider
903 post :account, :params => { :display_name => user.display_name, :user => user.attributes.merge(:auth_provider => "openid", :auth_uid => "gmail.com") }, :session => { :user => user }
904 assert_response :redirect
905 assert_redirected_to auth_path(:provider => "openid", :openid_url => "https://www.google.com/accounts/o8/id", :origin => "/user/#{ERB::Util.u(user.display_name)}/account")
907 # Changing name to one that exists should fail
908 new_attributes = user.attributes.dup.merge(:display_name => create(:user).display_name)
909 post :account, :params => { :display_name => user.display_name, :user => new_attributes }, :session => { :user => user }
910 assert_response :success
911 assert_template :account
912 assert_select ".notice", false
913 assert_select "div#errorExplanation"
914 assert_select "form#accountForm > fieldset > div.form-row > input.field_with_errors#user_display_name"
916 # Changing name to one that exists should fail, regardless of case
917 new_attributes = user.attributes.dup.merge(:display_name => create(:user).display_name.upcase)
918 post :account, :params => { :display_name => user.display_name, :user => new_attributes }, :session => { :user => user }
919 assert_response :success
920 assert_template :account
921 assert_select ".notice", false
922 assert_select "div#errorExplanation"
923 assert_select "form#accountForm > fieldset > div.form-row > input.field_with_errors#user_display_name"
925 # Changing name to one that doesn't exist should work
926 new_attributes = user.attributes.dup.merge(:display_name => "new tester")
927 post :account, :params => { :display_name => user.display_name, :user => new_attributes }, :session => { :user => user }
928 assert_response :success
929 assert_template :account
930 assert_select "div#errorExplanation", false
931 assert_select ".notice", /^User information updated successfully/
932 assert_select "form#accountForm > fieldset > div.form-row > input#user_display_name[value=?]", "new tester"
934 # Record the change of name
935 user.display_name = "new tester"
937 # Changing email to one that exists should fail
938 user.new_email = create(:user).email
939 assert_no_difference "ActionMailer::Base.deliveries.size" do
940 perform_enqueued_jobs do
941 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
944 assert_response :success
945 assert_template :account
946 assert_select ".notice", false
947 assert_select "div#errorExplanation"
948 assert_select "form#accountForm > fieldset > div.form-row > input.field_with_errors#user_new_email"
950 # Changing email to one that exists should fail, regardless of case
951 user.new_email = create(:user).email.upcase
952 assert_no_difference "ActionMailer::Base.deliveries.size" do
953 perform_enqueued_jobs do
954 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
957 assert_response :success
958 assert_template :account
959 assert_select ".notice", false
960 assert_select "div#errorExplanation"
961 assert_select "form#accountForm > fieldset > div.form-row > input.field_with_errors#user_new_email"
963 # Changing email to one that doesn't exist should work
964 user.new_email = "new_tester@example.com"
965 assert_difference "ActionMailer::Base.deliveries.size", 1 do
966 perform_enqueued_jobs do
967 post :account, :params => { :display_name => user.display_name, :user => user.attributes }, :session => { :user => user }
970 assert_response :success
971 assert_template :account
972 assert_select "div#errorExplanation", false
973 assert_select ".notice", /^User information updated successfully/
974 assert_select "form#accountForm > fieldset > div.form-row > input#user_new_email[value=?]", user.new_email
975 email = ActionMailer::Base.deliveries.first
976 assert_equal 1, email.to.count
977 assert_equal user.new_email, email.to.first
978 ActionMailer::Base.deliveries.clear
981 # Check that the user account page will display and contains some relevant
982 # information for the user
984 # Test a non-existent user
985 get :show, :params => { :display_name => "unknown" }
986 assert_response :not_found
989 user = create(:user, :home_lon => 1.1, :home_lat => 1.1)
990 friend_user = create(:user, :home_lon => 1.2, :home_lat => 1.2)
991 create(:friendship, :befriender => user, :befriendee => friend_user)
992 create(:changeset, :user => friend_user)
994 get :show, :params => { :display_name => user.display_name }
995 assert_response :success
996 assert_select "div#userinformation" do
997 assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
998 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/traces']", 1
999 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1
1000 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1
1001 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 0
1002 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0
1003 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0
1004 assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 0
1007 # Friends shouldn't be visible as we're not logged in
1008 assert_select "div#friends-container", :count => 0
1010 # Test a user who has been blocked
1011 blocked_user = create(:user)
1012 create(:user_block, :user => blocked_user)
1013 get :show, :params => { :display_name => blocked_user.display_name }
1014 assert_response :success
1015 assert_select "div#userinformation" do
1016 assert_select "a[href^='/user/#{ERB::Util.u(blocked_user.display_name)}/history']", 1
1017 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/traces']", 1
1018 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/diary']", 1
1019 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/diary/comments']", 1
1020 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/account']", 0
1021 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/blocks']", 1
1022 assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/blocks_by']", 0
1023 assert_select "a[href='/blocks/new/#{ERB::Util.u(blocked_user.display_name)}']", 0
1026 # Test a moderator who has applied blocks
1027 moderator_user = create(:moderator_user)
1028 create(:user_block, :creator => moderator_user)
1029 get :show, :params => { :display_name => moderator_user.display_name }
1030 assert_response :success
1031 assert_select "div#userinformation" do
1032 assert_select "a[href^='/user/#{ERB::Util.u(moderator_user.display_name)}/history']", 1
1033 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/traces']", 1
1034 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/diary']", 1
1035 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/diary/comments']", 1
1036 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/account']", 0
1037 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/blocks']", 0
1038 assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/blocks_by']", 1
1039 assert_select "a[href='/blocks/new/#{ERB::Util.u(moderator_user.display_name)}']", 0
1042 # Login as a normal user
1043 session[:user] = user.id
1045 # Test the normal user
1046 get :show, :params => { :display_name => user.display_name }
1047 assert_response :success
1048 assert_select "div#userinformation" do
1049 assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
1050 assert_select "a[href='/traces/mine']", 1
1051 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1
1052 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1
1053 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 1
1054 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0
1055 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0
1056 assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 0
1059 # Friends should be visible as we're now logged in
1060 assert_select "div#friends-container" do
1061 assert_select "div.contact-activity", :count => 1
1064 # Login as a moderator
1065 session[:user] = create(:moderator_user).id
1067 # Test the normal user
1068 get :show, :params => { :display_name => user.display_name }
1069 assert_response :success
1070 assert_select "div#userinformation" do
1071 assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
1072 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/traces']", 1
1073 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1
1074 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1
1075 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 0
1076 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0
1077 assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0
1078 assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 1
1082 # Test whether information about contributor terms is shown for users who haven't agreed
1083 def test_terms_not_agreed
1084 agreed_user = create(:user, :terms_agreed => 3.days.ago)
1085 seen_user = create(:user, :terms_seen => true, :terms_agreed => nil)
1086 not_seen_user = create(:user, :terms_seen => false, :terms_agreed => nil)
1088 get :show, :params => { :display_name => agreed_user.display_name }
1089 assert_response :success
1090 assert_select "div#userinformation" do
1091 assert_select "p", :count => 0, :text => /Contributor terms/
1094 get :show, :params => { :display_name => seen_user.display_name }
1095 assert_response :success
1096 # put @response.body
1097 assert_select "div#userinformation" do
1098 assert_select "p", :count => 1, :text => /Contributor terms/
1099 assert_select "p", /Declined/
1102 get :show, :params => { :display_name => not_seen_user.display_name }
1103 assert_response :success
1104 assert_select "div#userinformation" do
1105 assert_select "p", :count => 1, :text => /Contributor terms/
1106 assert_select "p", /Undecided/
1110 def test_make_friend
1111 # Get users to work with
1112 user = create(:user)
1113 friend = create(:user)
1115 # Check that the users aren't already friends
1116 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1118 # When not logged in a GET should ask us to login
1119 get :make_friend, :params => { :display_name => friend.display_name }
1120 assert_redirected_to :action => "login", :referer => make_friend_path(:display_name => friend.display_name)
1122 # When not logged in a POST should error
1123 post :make_friend, :params => { :display_name => friend.display_name }
1124 assert_response :forbidden
1125 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1127 # When logged in a GET should get a confirmation page
1128 get :make_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1129 assert_response :success
1130 assert_template :make_friend
1131 assert_select "form" do
1132 assert_select "input[type='hidden'][name='referer']", 0
1133 assert_select "input[type='submit']", 1
1135 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1137 # When logged in a POST should add the friendship
1138 assert_difference "ActionMailer::Base.deliveries.size", 1 do
1139 perform_enqueued_jobs do
1140 post :make_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1143 assert_redirected_to user_path(friend)
1144 assert_match(/is now your friend/, flash[:notice])
1145 assert Friendship.where(:befriender => user, :befriendee => friend).first
1146 email = ActionMailer::Base.deliveries.first
1147 assert_equal 1, email.to.count
1148 assert_equal friend.email, email.to.first
1149 ActionMailer::Base.deliveries.clear
1151 # A second POST should report that the friendship already exists
1152 assert_no_difference "ActionMailer::Base.deliveries.size" do
1153 perform_enqueued_jobs do
1154 post :make_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1157 assert_redirected_to user_path(friend)
1158 assert_match(/You are already friends with/, flash[:warning])
1159 assert Friendship.where(:befriender => user, :befriendee => friend).first
1162 def test_make_friend_with_referer
1163 # Get users to work with
1164 user = create(:user)
1165 friend = create(:user)
1167 # Check that the users aren't already friends
1168 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1170 # The GET should preserve any referer
1171 get :make_friend, :params => { :display_name => friend.display_name, :referer => "/test" }, :session => { :user => user }
1172 assert_response :success
1173 assert_template :make_friend
1174 assert_select "form" do
1175 assert_select "input[type='hidden'][name='referer'][value='/test']", 1
1176 assert_select "input[type='submit']", 1
1178 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1180 # When logged in a POST should add the friendship and refer us
1181 assert_difference "ActionMailer::Base.deliveries.size", 1 do
1182 perform_enqueued_jobs do
1183 post :make_friend, :params => { :display_name => friend.display_name, :referer => "/test" }, :session => { :user => user }
1186 assert_redirected_to "/test"
1187 assert_match(/is now your friend/, flash[:notice])
1188 assert Friendship.where(:befriender => user, :befriendee => friend).first
1189 email = ActionMailer::Base.deliveries.first
1190 assert_equal 1, email.to.count
1191 assert_equal friend.email, email.to.first
1192 ActionMailer::Base.deliveries.clear
1195 def test_make_friend_unkown_user
1196 # Should error when a bogus user is specified
1197 get :make_friend, :params => { :display_name => "No Such User" }, :session => { :user => create(:user) }
1198 assert_response :not_found
1199 assert_template :no_such_user
1202 def test_remove_friend
1203 # Get users to work with
1204 user = create(:user)
1205 friend = create(:user)
1206 create(:friendship, :befriender => user, :befriendee => friend)
1208 # Check that the users are friends
1209 assert Friendship.where(:befriender => user, :befriendee => friend).first
1211 # When not logged in a GET should ask us to login
1212 get :remove_friend, :params => { :display_name => friend.display_name }
1213 assert_redirected_to :action => "login", :referer => remove_friend_path(:display_name => friend.display_name)
1215 # When not logged in a POST should error
1216 post :remove_friend, :params => { :display_name => friend.display_name }
1217 assert_response :forbidden
1218 assert Friendship.where(:befriender => user, :befriendee => friend).first
1220 # When logged in a GET should get a confirmation page
1221 get :remove_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1222 assert_response :success
1223 assert_template :remove_friend
1224 assert_select "form" do
1225 assert_select "input[type='hidden'][name='referer']", 0
1226 assert_select "input[type='submit']", 1
1228 assert Friendship.where(:befriender => user, :befriendee => friend).first
1230 # When logged in a POST should remove the friendship
1231 post :remove_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1232 assert_redirected_to user_path(friend)
1233 assert_match(/was removed from your friends/, flash[:notice])
1234 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1236 # A second POST should report that the friendship does not exist
1237 post :remove_friend, :params => { :display_name => friend.display_name }, :session => { :user => user }
1238 assert_redirected_to user_path(friend)
1239 assert_match(/is not one of your friends/, flash[:error])
1240 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1243 def test_remove_friend_with_referer
1244 # Get users to work with
1245 user = create(:user)
1246 friend = create(:user)
1247 create(:friendship, :befriender => user, :befriendee => friend)
1249 # Check that the users are friends
1250 assert Friendship.where(:befriender => user, :befriendee => friend).first
1252 # The GET should preserve any referer
1253 get :remove_friend, :params => { :display_name => friend.display_name, :referer => "/test" }, :session => { :user => user }
1254 assert_response :success
1255 assert_template :remove_friend
1256 assert_select "form" do
1257 assert_select "input[type='hidden'][name='referer'][value='/test']", 1
1258 assert_select "input[type='submit']", 1
1260 assert Friendship.where(:befriender => user, :befriendee => friend).first
1262 # When logged in a POST should remove the friendship and refer
1263 post :remove_friend, :params => { :display_name => friend.display_name, :referer => "/test" }, :session => { :user => user }
1264 assert_redirected_to "/test"
1265 assert_match(/was removed from your friends/, flash[:notice])
1266 assert_nil Friendship.where(:befriender => user, :befriendee => friend).first
1269 def test_remove_friend_unkown_user
1270 # Should error when a bogus user is specified
1271 get :remove_friend, :params => { :display_name => "No Such User" }, :session => { :user => create(:user) }
1272 assert_response :not_found
1273 assert_template :no_such_user
1277 user = create(:user)
1279 # Try without logging in
1280 get :set_status, :params => { :display_name => user.display_name, :status => "suspended" }
1281 assert_response :redirect
1282 assert_redirected_to :action => :login, :referer => set_status_user_path(:status => "suspended")
1284 # Now try as a normal user
1285 get :set_status, :params => { :display_name => user.display_name, :status => "suspended" }, :session => { :user => user }
1286 assert_response :redirect
1287 assert_redirected_to :controller => :errors, :action => :forbidden
1289 # Finally try as an administrator
1290 get :set_status, :params => { :display_name => user.display_name, :status => "suspended" }, :session => { :user => create(:administrator_user) }
1291 assert_response :redirect
1292 assert_redirected_to :action => :show, :display_name => user.display_name
1293 assert_equal "suspended", User.find(user.id).status
1297 user = create(:user, :home_lat => 12.1, :home_lon => 12.1, :description => "test")
1299 # Try without logging in
1300 get :delete, :params => { :display_name => user.display_name, :status => "suspended" }
1301 assert_response :redirect
1302 assert_redirected_to :action => :login, :referer => delete_user_path(:status => "suspended")
1304 # Now try as a normal user
1305 get :delete, :params => { :display_name => user.display_name, :status => "suspended" }, :session => { :user => user }
1306 assert_response :redirect
1307 assert_redirected_to :controller => :errors, :action => :forbidden
1309 # Finally try as an administrator
1310 get :delete, :params => { :display_name => user.display_name, :status => "suspended" }, :session => { :user => create(:administrator_user) }
1311 assert_response :redirect
1312 assert_redirected_to :action => :show, :display_name => user.display_name
1314 # Check that the user was deleted properly
1316 assert_equal "user_#{user.id}", user.display_name
1317 assert_equal "", user.description
1318 assert_nil user.home_lat
1319 assert_nil user.home_lon
1320 assert_equal false, user.image.file?
1321 assert_equal false, user.email_valid
1322 assert_nil user.new_email
1323 assert_nil user.auth_provider
1324 assert_nil user.auth_uid
1325 assert_equal "deleted", user.status
1329 user = create(:user)
1330 moderator_user = create(:moderator_user)
1331 administrator_user = create(:administrator_user)
1332 _suspended_user = create(:user, :suspended)
1333 _ip_user = create(:user, :creation_ip => "1.2.3.4")
1335 # There are now 7 users - the five above, plus two extra "granters" for the
1336 # moderator_user and administrator_user
1337 assert_equal 7, User.count
1339 # Shouldn't work when not logged in
1341 assert_response :redirect
1342 assert_redirected_to :action => :login, :referer => users_path
1344 session[:user] = user.id
1346 # Shouldn't work when logged in as a normal user
1348 assert_response :redirect
1349 assert_redirected_to :controller => :errors, :action => :forbidden
1351 session[:user] = moderator_user.id
1353 # Shouldn't work when logged in as a moderator
1355 assert_response :redirect
1356 assert_redirected_to :controller => :errors, :action => :forbidden
1358 session[:user] = administrator_user.id
1360 # Note there is a header row, so all row counts are users + 1
1361 # Should work when logged in as an administrator
1363 assert_response :success
1364 assert_template :index
1365 assert_select "table#user_list tr", :count => 7 + 1
1367 # Should be able to limit by status
1368 get :index, :params => { :status => "suspended" }
1369 assert_response :success
1370 assert_template :index
1371 assert_select "table#user_list tr", :count => 1 + 1
1373 # Should be able to limit by IP address
1374 get :index, :params => { :ip => "1.2.3.4" }
1375 assert_response :success
1376 assert_template :index
1377 assert_select "table#user_list tr", :count => 1 + 1
1380 def test_index_get_paginated
1381 1.upto(100).each do |n|
1382 User.create(:display_name => "extra_#{n}",
1383 :email => "extra#{n}@example.com",
1384 :pass_crypt => "extraextra")
1387 session[:user] = create(:administrator_user).id
1389 # 100 examples, an administrator, and a granter for the admin.
1390 assert_equal 102, User.count
1393 assert_response :success
1394 assert_template :index
1395 assert_select "table#user_list tr", :count => 51
1397 get :index, :params => { :page => 2 }
1398 assert_response :success
1399 assert_template :index
1400 assert_select "table#user_list tr", :count => 51
1402 get :index, :params => { :page => 3 }
1403 assert_response :success
1404 assert_template :index
1405 assert_select "table#user_list tr", :count => 3
1408 def test_index_post_confirm
1409 inactive_user = create(:user, :pending)
1410 suspended_user = create(:user, :suspended)
1412 # Shouldn't work when not logged in
1413 assert_no_difference "User.active.count" do
1414 post :index, :params => { :confirm => 1, :user => { inactive_user.id => 1, suspended_user.id => 1 } }
1416 assert_response :forbidden
1418 assert_equal "pending", inactive_user.reload.status
1419 assert_equal "suspended", suspended_user.reload.status
1421 session[:user] = create(:user).id
1423 # Shouldn't work when logged in as a normal user
1424 assert_no_difference "User.active.count" do
1425 post :index, :params => { :confirm => 1, :user => { inactive_user.id => 1, suspended_user.id => 1 } }
1427 assert_response :redirect
1428 assert_redirected_to :controller => :errors, :action => :forbidden
1429 assert_equal "pending", inactive_user.reload.status
1430 assert_equal "suspended", suspended_user.reload.status
1432 session[:user] = create(:moderator_user).id
1434 # Shouldn't work when logged in as a moderator
1435 assert_no_difference "User.active.count" do
1436 post :index, :params => { :confirm => 1, :user => { inactive_user.id => 1, suspended_user.id => 1 } }
1438 assert_response :redirect
1439 assert_redirected_to :controller => :errors, :action => :forbidden
1440 assert_equal "pending", inactive_user.reload.status
1441 assert_equal "suspended", suspended_user.reload.status
1443 session[:user] = create(:administrator_user).id
1445 # Should work when logged in as an administrator
1446 assert_difference "User.active.count", 2 do
1447 post :index, :params => { :confirm => 1, :user => { inactive_user.id => 1, suspended_user.id => 1 } }
1449 assert_response :redirect
1450 assert_redirected_to :action => :index
1451 assert_equal "confirmed", inactive_user.reload.status
1452 assert_equal "confirmed", suspended_user.reload.status
1455 def test_index_post_hide
1456 normal_user = create(:user)
1457 confirmed_user = create(:user, :confirmed)
1459 # Shouldn't work when not logged in
1460 assert_no_difference "User.active.count" do
1461 post :index, :params => { :hide => 1, :user => { normal_user.id => 1, confirmed_user.id => 1 } }
1463 assert_response :forbidden
1465 assert_equal "active", normal_user.reload.status
1466 assert_equal "confirmed", confirmed_user.reload.status
1468 session[:user] = create(:user).id
1470 # Shouldn't work when logged in as a normal user
1471 assert_no_difference "User.active.count" do
1472 post :index, :params => { :hide => 1, :user => { normal_user.id => 1, confirmed_user.id => 1 } }
1474 assert_response :redirect
1475 assert_redirected_to :controller => :errors, :action => :forbidden
1476 assert_equal "active", normal_user.reload.status
1477 assert_equal "confirmed", confirmed_user.reload.status
1479 session[:user] = create(:moderator_user).id
1481 # Shouldn't work when logged in as a moderator
1482 assert_no_difference "User.active.count" do
1483 post :index, :params => { :hide => 1, :user => { normal_user.id => 1, confirmed_user.id => 1 } }
1485 assert_response :redirect
1486 assert_redirected_to :controller => :errors, :action => :forbidden
1487 assert_equal "active", normal_user.reload.status
1488 assert_equal "confirmed", confirmed_user.reload.status
1490 session[:user] = create(:administrator_user).id
1492 # Should work when logged in as an administrator
1493 assert_difference "User.active.count", -2 do
1494 post :index, :params => { :hide => 1, :user => { normal_user.id => 1, confirmed_user.id => 1 } }
1496 assert_response :redirect
1497 assert_redirected_to :action => :index
1498 assert_equal "deleted", normal_user.reload.status
1499 assert_equal "deleted", confirmed_user.reload.status