Improvements to test code for requests, users and admin.

9 files changed, 136 insertions, 17 deletions

diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index af3f8de1b..891a505d9 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -6,7 +6,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: application.rb,v 1.30 2008-02-27 12:18:28 francis Exp $
+# $Id: application.rb,v 1.31 2008-03-20 11:58:21 francis Exp $
 
 
 class ApplicationController < ActionController::Base
@@ -28,6 +28,21 @@ class ApplicationController < ActionController::Base
         false
     end
 
+    # Called from test code, is a mimic of User.confirm, for use in following email
+    # links when in controller tests (since we don't have full integration tests that
+    # can work over multiple controllers)0
+    def test_code_redirect_by_email_token(token, controller_example_group)
+        post_redirect = PostRedirect.find_by_email_token(token)
+        if post_redirect.nil?
+            raise "bad token in test code email"
+        end
+        session[:user_id] = post_redirect.user.id
+        session[:user_authtype] = :email
+        params = controller_example_group.params_from(:get, post_redirect.local_part_uri)
+        params.merge(post_redirect.post_params)
+        controller_example_group.get params[:action], params
+    end
+
     private
 
     # Check the user is logged in
@@ -112,6 +127,7 @@ class ApplicationController < ActionController::Base
     # URL generating functions are needed by all controllers (for redirects)
     # and views (for links), so include them into all of both.
     include LinkToHelper
+
 end
 
 
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 14cc9ac06..40547aafe 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -4,7 +4,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: user_controller.rb,v 1.39 2008-03-13 12:33:40 francis Exp $
+# $Id: user_controller.rb,v 1.40 2008-03-20 11:58:21 francis Exp $
 
 class UserController < ApplicationController
     # Show page about a set of users with same url name
@@ -74,7 +74,8 @@ class UserController < ApplicationController
         end
     end
 
-    # Followed link in user account confirmation email
+    # Followed link in user account confirmation email.
+    # If you change this, change ApplicationController.test_code_redirect_by_email_token also
     def confirm
         post_redirect = PostRedirect.find_by_email_token(params[:email_token])
 
diff --git a/app/models/post_redirect.rb b/app/models/post_redirect.rb
index c2b2383d9..a55e32ce1 100644
--- a/app/models/post_redirect.rb
+++ b/app/models/post_redirect.rb
@@ -25,7 +25,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: post_redirect.rb,v 1.23 2008-03-18 19:18:51 francis Exp $
+# $Id: post_redirect.rb,v 1.24 2008-03-20 11:58:21 francis Exp $
 
 require 'openssl' # for random bytes function
 
@@ -52,6 +52,12 @@ class PostRedirect < ActiveRecord::Base
         YAML.load(self.reason_params_yaml)
     end
 
+    # Extract just local path part, without domain or #
+    def local_part_uri
+        self.uri.match(/^http:\/\/.+?(\/[^#]+)/)
+        return $1
+    end
+
     # Makes a random token, suitable for using in URLs e.g confirmation messages.
     def self.generate_random_token
         bits = 12 * 8
diff --git a/app/views/user/contact.rhtml b/app/views/user/contact.rhtml
index d7cac2a4d..7069b671a 100644
--- a/app/views/user/contact.rhtml
+++ b/app/views/user/contact.rhtml
@@ -23,7 +23,7 @@
     </p>
 
     <p>
-        <label class="form_label" for="outgoing_message_body">Message:</label> 
+        <label class="form_label" for="contact_message">Message:</label> 
         <%= f.text_area :message, :rows => 10, :cols => 50 %>
     </p>
 
diff --git a/spec/controllers/admin_controller_spec.rb b/spec/controllers/admin_controller_spec.rb
index 2d55daa87..f2c6c8038 100644
--- a/spec/controllers/admin_controller_spec.rb
+++ b/spec/controllers/admin_controller_spec.rb
@@ -7,4 +7,14 @@ describe AdminController, "when viewing front page of admin interface" do
         get :index
         response.should render_template('index')
     end
+
+    it "should render the front page with time line for last month" do
+        get :index, :month => 1
+        response.should render_template('index')
+    end
+
+    it "should render the front page with time line for all time" do
+        get :index, :all => 1
+        response.should render_template('index')
+    end
 end
diff --git a/spec/controllers/admin_public_body_controller_spec.rb b/spec/controllers/admin_public_body_controller_spec.rb
index 5d5a4a4a1..3d41fd9f7 100644
--- a/spec/controllers/admin_public_body_controller_spec.rb
+++ b/spec/controllers/admin_public_body_controller_spec.rb
@@ -8,13 +8,38 @@ describe AdminPublicBodyController, "when administering public bodies" do
         get :index
     end
 
+    it "searches for 'humpa'" do
+        get :index, :query => "humpa"
+        assigns[:public_bodies].should == [ public_bodies(:humpadink_public_body) ]
+    end
+
     it "shows a public body" do
         get :show, :id => 2
     end
 
+    it "creates a new public body" do
+        PublicBody.count.should == 2
+        post :create, { :public_body => { :name => "New Quango", :short_name => "", :tag_string => "blah", :request_email => 'newquango@localhost', :last_edit_comment => 'From test code' } }
+        PublicBody.count.should == 3
+    end
+
     it "edits a public body" do
         get :edit, :id => 2
     end
 
+    it "saves edits to a public body" do
+        public_bodies(:humpadink_public_body).name.should == "Department for Humpadinking"
+        post :update, { :id => 3, :public_body => { :name => "Renamed", :short_name => "", :tag_string => "some tags", :request_email => 'edited@localhost', :last_edit_comment => 'From test code' } }
+        response.flash[:notice].should include('successful')
+        pb = PublicBody.find(public_bodies(:humpadink_public_body).id)
+        pb.name.should == "Renamed"
+    end
+
+    it "destroy a public body" do
+        PublicBody.count.should == 2
+        post :destroy, { :id => 3 }
+        PublicBody.count.should == 1
+    end
+
 
 end
diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb
index 5b7da626e..dd74829d4 100644
--- a/spec/controllers/request_controller_spec.rb
+++ b/spec/controllers/request_controller_spec.rb
@@ -287,11 +287,12 @@ describe RequestController, "sending overdue request alerts" do
         mail_url = $1
         mail_token = $2
 
-        #session[:user_id].should be_nil
-        # XXX this is so dumb - I just want to call the user controller here, bloody let me
-        #get :controller => :user, :action => :confirm, :email_token => mail_token
-        #session[:user_id].should == info_requests(:naughty_chicken_request).user.id
-        #response.should redirect_to(:action => 'show_response', :id => info_requests(:naughty_chicken_request).id)
+        session[:user_id].should be_nil
+        controller.test_code_redirect_by_email_token(mail_token, self) # XXX hack to avoid having to call User controller for email link
+        session[:user_id].should == info_requests(:naughty_chicken_request).user.id
+
+        response.should render_template('show_response')
+        assigns[:info_request].should == info_requests(:naughty_chicken_request)
     end
 
 end
diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb
index 183c1c2eb..6405cbe37 100644
--- a/spec/controllers/user_controller_spec.rb
+++ b/spec/controllers/user_controller_spec.rb
@@ -33,8 +33,6 @@ describe UserController, "when showing a user" do
 #        assigns[:display_users].should == [ users(:silly_name_user) ]
 #    end
 
-
-    # XXX test for 404s when don't give valid name
 end
 
 describe UserController, "when signing in" do
@@ -109,12 +107,16 @@ describe UserController, "when signing in" do
         deliveries = ActionMailer::Base.deliveries
         deliveries.size.should  == 1
         mail = deliveries[0]
-        mail.body =~ /(http:\/\/.*\/c\/(.*))/
+        mail.body =~ /(http:\/\/.*(\/c\/(.*)))/
         mail_url = $1
-        mail_token = $2
+        mail_path = $2
+        mail_token = $3
 
+        # check is right confirmation URL
         mail_token.should == post_redirect.email_token
+        params_from(:get, mail_path).should == { :controller => 'user', :action => 'confirm', :email_token => mail_token }
 
+        # check confirmation URL works
         session[:user_id].should be_nil
         get :confirm, :email_token => post_redirect.email_token
         session[:user_id].should == users(:silly_name_user).id
@@ -134,19 +136,33 @@ describe UserController, "when signing up" do
         assigns[:user_signup].errors[:password].should_not be_nil
     end
 
-    it "should be an error to sign up with an email that has already been used" do
+    it "should be an error to sign up with a misformatted email" do
         post :signup, { :user_signup => { :email => 'malformed-email', :name => 'Mr Malformed',
             :password => 'sillypassword', :password_confirmation => 'sillypassword' } 
         }
         assigns[:user_signup].errors[:email].should_not be_nil
     end
 
-    it "should ask you to confirm your email if you fill in the form right" do
+    it "should send confirmation mail if you fill in the form right" do
         post :signup, { :user_signup => { :email => 'new@localhost', :name => 'New Person',
             :password => 'sillypassword', :password_confirmation => 'sillypassword' } 
         }
         response.should render_template('confirm')
-        # XXX if you go straight into signup form without token it doesn't make one
+
+        deliveries = ActionMailer::Base.deliveries
+        deliveries.size.should  == 1
+        deliveries[0].body.should include("never give away or sell")
+    end
+
+    it "should send special 'already signed up' mail if you fill the form in with existing registered email " do
+        post :signup, { :user_signup => { :email => 'silly@localhost', :name => 'New Person',
+            :password => 'sillypassword', :password_confirmation => 'sillypassword' } 
+        }
+        response.should render_template('confirm')
+
+        deliveries = ActionMailer::Base.deliveries
+        deliveries.size.should  == 1
+        deliveries[0].body.should include("you\nalready have an account")
     end
 
     # XXX need to do bob@localhost signup and check that sends different email
@@ -172,3 +188,41 @@ describe UserController, "when signing out" do
 
 end
 
+describe UserController, "when sending another user a message" do
+    integrate_views
+    fixtures :users
+
+    it "should redirect to signin page if you go to the contact form and aren't signed in" do
+        get :contact, :id => users(:silly_name_user)
+        post_redirect = PostRedirect.get_last_post_redirect
+        response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token)
+    end
+
+    it "should show contact form if you are signed in" do
+        session[:user_id] = users(:bob_smith_user).id
+        get :contact, :id => users(:silly_name_user)
+        response.should render_template('contact')
+    end
+
+    it "should give error if you don't fill in the subject" do
+        session[:user_id] = users(:bob_smith_user).id
+        post :contact, { :id => users(:silly_name_user), :contact => { :subject => "", :message => "Gah" }, :submitted_contact_form => 1 }
+        response.should render_template('contact')
+    end
+
+    it "should send the message" do
+        session[:user_id] = users(:bob_smith_user).id
+        post :contact, { :id => users(:silly_name_user), :contact => { :subject => "Dearest you", :message => "Just a test!" }, :submitted_contact_form => 1 }
+        response.should redirect_to(:controller => 'user', :action => 'show', :url_name => users(:silly_name_user).url_name)
+
+        deliveries = ActionMailer::Base.deliveries
+        deliveries.size.should  == 1
+        mail = deliveries[0]
+        mail.body.should include("Bob Smith has used WhatDoTheyKnow to send you the message below")
+        mail.body.should include("Just a test!")
+        #mail.to_addrs.to_s.should == users(:silly_name_user).name_and_email # XXX fix some nastiness with quoting name_and_email
+        mail.from_addrs.to_s.should == users(:bob_smith_user).name_and_email
+    end
+
+end
+
diff --git a/todo.txt b/todo.txt
index 359b979c7..c676c984e 100644
--- a/todo.txt
+++ b/todo.txt
@@ -32,6 +32,10 @@ Send email to tell admins something isn't classified
 Send email to remind people to clarify
 
 Add all new stuff to test code till it has reasonable coverage
+- rake spec:check
+
+Fix password change to use a special field in post redirect rather than other nonsense
+- then can it be used for email change instead?
 
 Search and replace text "FOI" and "Freedom of Information" out the way more
  - but put it in the title tag
@@ -52,6 +56,8 @@ Now of course when ids go into requests/users for new ones it just adds an _ on
 Later
 =====
 
+Just stop using the seaprate bounce address, it's a waste of time
+
 This search gives a runtime error:
     "19 hours