X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/9f0ea60679c5e13ec321572f02afa5d265ce0c46..3128aabbfd1cbd2f66ebf1f9681022f0c3a6b126:/test/integration/user_roles_test.rb?ds=inline diff --git a/test/integration/user_roles_test.rb b/test/integration/user_roles_test.rb index 8bf06374f..000ea0316 100644 --- a/test/integration/user_roles_test.rb +++ b/test/integration/user_roles_test.rb @@ -1,55 +1,57 @@ -require File.dirname(__FILE__) + '/../test_helper' +require "test_helper" -class UserRolesControllerTest < ActionController::IntegrationTest - fixtures :users, :user_roles +class UserRolesTest < ActionDispatch::IntegrationTest + def setup + stub_hostip_requests + end test "grant" do - check_fail(:grant, :public_user, :moderator) + check_fail(:grant, :user, :moderator) check_fail(:grant, :moderator_user, :moderator) check_success(:grant, :administrator_user, :moderator) end test "revoke" do - check_fail(:revoke, :public_user, :moderator) + check_fail(:revoke, :user, :moderator) check_fail(:revoke, :moderator_user, :moderator) # this other user doesn't have moderator role, so this fails check_fail(:revoke, :administrator_user, :moderator) end + private + def check_fail(action, user, role) - get '/login' + get "/login" assert_response :redirect assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true" follow_redirect! assert_response :success - post '/login', {'username' => users(user).email, 'password' => "test", :referer => "/"} + post "/login", :params => { "username" => create(user).email, "password" => "test", :referer => "/" } assert_response :redirect follow_redirect! assert_response :success - get "/user/#{users(:second_public_user).display_name}/role/#{role}/#{action}" - assert_response :redirect - assert_redirected_to :controller => 'user', :action => 'view', :display_name => users(:second_public_user).display_name + target_user = create(:user) + post "/user/#{ERB::Util.u(target_user.display_name)}/role/#{role}/#{action}" + assert_redirected_to :controller => "user", :action => "view", :display_name => target_user.display_name reset! end def check_success(action, user, role) - get '/login' + get "/login" assert_response :redirect assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true" follow_redirect! assert_response :success - post '/login', {'username' => users(user).email, 'password' => "test", :referer => "/"} + post "/login", :params => { "username" => create(user).email, "password" => "test", :referer => "/" } assert_response :redirect follow_redirect! assert_response :success - get "/user/#{users(:second_public_user).display_name}/role/#{role}/#{action}" - assert_response :success - post "/user/#{users(:second_public_user).display_name}/role/#{role}/#{action}", {:confirm => "yes", :nonce => session[:nonce]} - assert_response :redirect - assert_redirected_to :controller => 'user', :action => 'view', :display_name => users(:second_public_user).display_name + target_user = create(:user) + post "/user/#{ERB::Util.u(target_user.display_name)}/role/#{role}/#{action}" + assert_redirected_to :controller => "user", :action => "view", :display_name => target_user.display_name reset! end