X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/17f05fdb13cab3fc2f430c54ec7ad6557c53eeeb..15b104f4ff4614aa78c01180b6a9b89dd5a1400f:/test/integration/user_roles_test.rb diff --git a/test/integration/user_roles_test.rb b/test/integration/user_roles_test.rb index df8b1561f..000ea0316 100644 --- a/test/integration/user_roles_test.rb +++ b/test/integration/user_roles_test.rb @@ -1,45 +1,57 @@ -require File.dirname(__FILE__) + '/../test_helper' +require "test_helper" -class UserRolesControllerTest < ActionController::IntegrationTest - fixtures :users, :user_roles +class UserRolesTest < ActionDispatch::IntegrationTest + def setup + stub_hostip_requests + end test "grant" do - check_fail(:grant, :public_user, :moderator) + check_fail(:grant, :user, :moderator) check_fail(:grant, :moderator_user, :moderator) check_success(:grant, :administrator_user, :moderator) end test "revoke" do - check_fail(:revoke, :public_user, :moderator) + check_fail(:revoke, :user, :moderator) check_fail(:revoke, :moderator_user, :moderator) # this other user doesn't have moderator role, so this fails check_fail(:revoke, :administrator_user, :moderator) end + private + def check_fail(action, user, role) - post '/login', {'user[email]' => users(user).email, 'user[password]' => "test", :referer => "/"} + get "/login" assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true" follow_redirect! assert_response :success - - get "/user/#{users(:second_public_user).display_name}/role/#{role}/#{action}" + post "/login", :params => { "username" => create(user).email, "password" => "test", :referer => "/" } assert_response :redirect - assert_redirected_to :controller => 'user', :action => 'view', :display_name => users(:second_public_user).display_name + follow_redirect! + assert_response :success + + target_user = create(:user) + post "/user/#{ERB::Util.u(target_user.display_name)}/role/#{role}/#{action}" + assert_redirected_to :controller => "user", :action => "view", :display_name => target_user.display_name reset! end def check_success(action, user, role) - post '/login', {'user[email]' => users(user).email, 'user[password]' => "test", :referer => "/"} + get "/login" assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true" follow_redirect! assert_response :success - - get "/user/#{users(:second_public_user).display_name}/role/#{role}/#{action}" - assert_response :success - post "/user/#{users(:second_public_user).display_name}/role/#{role}/#{action}", {:confirm => "yes", :nonce => session[:nonce]} + post "/login", :params => { "username" => create(user).email, "password" => "test", :referer => "/" } assert_response :redirect - assert_redirected_to :controller => 'user', :action => 'view', :display_name => users(:second_public_user).display_name + follow_redirect! + assert_response :success + + target_user = create(:user) + post "/user/#{ERB::Util.u(target_user.display_name)}/role/#{role}/#{action}" + assert_redirected_to :controller => "user", :action => "view", :display_name => target_user.display_name reset! end