- u = users(user)
- basic_authorization(u.email, "test")
-
- get(action, {:display_name => users(:second_public_user).display_name, :role => role}, {'user' => u.id})
- assert_response :success
+
+ # Removing a role from a non-existent user should fail
+ assert_difference "UserRole.count", 0 do
+ post :revoke, :display_name => "non_existent_user", :role => role
+ end
+ assert_response :not_found
+ assert_template "user/no_such_user"
+ assert_select "h1", "The user non_existent_user does not exist"
+
+ # Removing a role from a user that doesn't have it should fail
+ assert_no_difference "UserRole.count" do
+ post :revoke, :display_name => users(:normal_user).display_name, :role => role
+ end
+ assert_redirected_to user_path(users(:normal_user).display_name)
+ assert_equal "The user does not have role #{role}.", flash[:error]
+
+ # Removing a role' from a user that has it should work...
+ assert_difference "UserRole.count", -1 do
+ post :revoke, :display_name => users(:super_user).display_name, :role => role
+ end
+ assert_redirected_to user_path(users(:super_user).display_name)
+
+ # ...but trying a second time should fail
+ assert_no_difference "UserRole.count" do
+ post :revoke, :display_name => users(:super_user).display_name, :role => role
+ end
+ assert_redirected_to user_path(users(:super_user).display_name)
+ assert_equal "The user does not have role #{role}.", flash[:error]
+
+ end
+
+ # Revoking a non-existent role should fail
+ assert_difference "UserRole.count", 0 do
+ post :revoke, :display_name => users(:normal_user).display_name, :role => "no_such_role"