Merge branch 'release/0.5'

1 files changed, 66 insertions, 21 deletions

diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb
index 399b275a7..1a701ad43 100644
--- a/spec/controllers/user_controller_spec.rb
+++ b/spec/controllers/user_controller_spec.rb
@@ -8,9 +8,9 @@ require 'json'
 
 describe UserController, "when showing a user" do
     integrate_views
-    fixtures :users, :public_bodies, :public_body_translations, :public_body_versions, :info_requests, :raw_emails, :incoming_messages, :outgoing_messages, :comments, :info_request_events, :track_things
     before(:each) do
-        load_raw_emails_data(raw_emails)
+        load_raw_emails_data
+        rebuild_xapian_index
     end
    
     it "should be successful" do
@@ -28,6 +28,16 @@ describe UserController, "when showing a user" do
         response.should render_template('show')
     end
 
+    it "should distinguish between 'my profile' and 'my requests' for logged in users" do
+        session[:user_id] = users(:bob_smith_user).id
+        get :show, :url_name => "bob_smith", :view => 'requests'
+        response.body.should_not include("Change your password")
+        response.body.should match(/Your [0-9]+ Freedom of Information requests/)
+        get :show, :url_name => "bob_smith", :view => 'profile'
+        response.body.should include("Change your password")
+        response.body.should_not match(/Your [0-9]+ Freedom of Information requests/)
+    end
+
     it "should assign the user" do
         get :show, :url_name => "bob_smith"
         assigns[:display_user].should == users(:bob_smith_user)
@@ -35,22 +45,28 @@ describe UserController, "when showing a user" do
 
     it "should search the user's contributions" do
         get :show, :url_name => "bob_smith"
-        assigns[:xapian_requests].results.count.should == 2
+        assigns[:xapian_requests].results.map{|x|x[:model].info_request}.should =~ InfoRequest.all(
+            :conditions => "user_id = #{users(:bob_smith_user).id}")
+        
         get :show, :url_name => "bob_smith", :user_query => "money"
-        assigns[:xapian_requests].results.count.should == 1
+        assigns[:xapian_requests].results.map{|x|x[:model].info_request}.should =~ [
+            info_requests(:naughty_chicken_request),
+            info_requests(:another_boring_request),
+        ]
     end
 
-# Error handling not quite good enough for this yet
-#    it "should not show unconfirmed users" do
-#        get :show, :url_name => "silly_emnameem"
-#        assigns[:display_users].should == [ users(:silly_name_user) ]
-#    end
+    it "should not show unconfirmed users" do
+        begin
+            get :show, :url_name => "unconfirmed_user"
+        rescue => e
+        end
+        e.should be_an_instance_of(ActiveRecord::RecordNotFound)
+    end
 
 end
 
 describe UserController, "when signing in" do
     integrate_views
-    fixtures :users
 
     def get_last_postredirect
         post_redirects = PostRedirect.find_by_sql("select * from post_redirects order by id desc limit 1")
@@ -86,7 +102,9 @@ describe UserController, "when signing in" do
     end
 
     it "should log in when you give right email/password, and redirect to where you were" do
-        ActionController::Routing::Routes.filters.clear
+        old_filters = ActionController::Routing::Routes.filters
+        ActionController::Routing::Routes.filters = RoutingFilter::Chain.new
+
         get :signin, :r => "/list"
         response.should render_template('sign')
         post_redirect = get_last_postredirect
@@ -97,6 +115,26 @@ describe UserController, "when signing in" do
         # response doesn't contain /en/ but redirect_to does...
         response.should redirect_to(:controller => 'request', :action => 'list', :post_redirect => 1)
         response.should_not send_email
+
+        ActionController::Routing::Routes.filters = old_filters
+    end
+
+    it "should not log you in if you use an invalid PostRedirect token, and shouldn't give 500 error either" do
+        old_filters = ActionController::Routing::Routes.filters
+        ActionController::Routing::Routes.filters = RoutingFilter::Chain.new
+
+        post_redirect = "something invalid"
+        lambda {
+            post :signin, { :user_signin => { :email => 'bob@localhost', :password => 'jonespassword' },
+                :token => post_redirect
+            }
+        }.should_not raise_error(NoMethodError)
+        post :signin, { :user_signin => { :email => 'bob@localhost', :password => 'jonespassword' },
+            :token => post_redirect }
+        response.should render_template('sign')
+        assigns[:post_redirect].should == nil
+
+        ActionController::Routing::Routes.filters = old_filters
     end
 
 # No idea how to test this in the test framework :(
@@ -120,7 +158,9 @@ describe UserController, "when signing in" do
     end
 
     it "should confirm your email, log you in and redirect you to where you were after you click an email link" do
-        ActionController::Routing::Routes.filters.clear
+        old_filters = ActionController::Routing::Routes.filters
+        ActionController::Routing::Routes.filters = RoutingFilter::Chain.new
+
         get :signin, :r => "/list"
         post_redirect = get_last_postredirect
 
@@ -146,13 +186,14 @@ describe UserController, "when signing in" do
         get :confirm, :email_token => post_redirect.email_token
         session[:user_id].should == users(:unconfirmed_user).id
         response.should redirect_to(:controller => 'request', :action => 'list', :post_redirect => 1)
+
+        ActionController::Routing::Routes.filters = old_filters
     end
 
 end
 
 describe UserController, "when signing up" do
     integrate_views
-    fixtures :users
 
     it "should be an error if you type the password differently each time" do
         post :signup, { :user_signup => { :email => 'new@localhost', :name => 'New Person',
@@ -210,7 +251,6 @@ end
 
 describe UserController, "when signing out" do
     integrate_views
-    fixtures :users
 
     it "should log you out and redirect to the home page" do
         session[:user_id] = users(:bob_smith_user).id
@@ -220,18 +260,21 @@ describe UserController, "when signing out" do
     end
 
     it "should log you out and redirect you to where you were" do
-        ActionController::Routing::Routes.filters.clear
+        old_filters = ActionController::Routing::Routes.filters
+        ActionController::Routing::Routes.filters = RoutingFilter::Chain.new
+
         session[:user_id] = users(:bob_smith_user).id
         get :signout, :r => '/list'
         session[:user_id].should be_nil
         response.should redirect_to(:controller => 'request', :action => 'list')
+
+        ActionController::Routing::Routes.filters = old_filters
     end
 
 end
 
 describe UserController, "when sending another user a message" do
     integrate_views
-    fixtures :users
 
     it "should redirect to signin page if you go to the contact form and aren't signed in" do
         get :contact, :id => users(:silly_name_user)
@@ -269,7 +312,6 @@ end
 
 describe UserController, "when changing password" do
     integrate_views
-    fixtures :users
 
     it "should show the email form when not logged in" do
         get :signchangepassword
@@ -340,7 +382,6 @@ end
 
 describe UserController, "when changing email address" do
     integrate_views
-    fixtures :users
 
     it "should require login" do
         get :signchangeemail
@@ -486,7 +527,6 @@ end
 
 describe UserController, "when using profile photos" do
     integrate_views
-    fixtures :users
 
     before do
         @user = users(:bob_smith_user)
@@ -502,6 +542,13 @@ describe UserController, "when using profile photos" do
         post :set_profile_photo, { :id => @user.id, :file => @uploadedfile, :submitted_draft_profile_photo => 1, :automatically_crop => 1 } 
     end
 
+    it "should return a 404 not a 500 when a profile photo has not been set" do
+        @user.profile_photo.should be_nil
+        lambda {
+            get :get_profile_photo, {:url_name => @user.url_name }
+        }.should raise_error(ActiveRecord::RecordNotFound)
+    end
+
     it "should let you change profile photo if you're logged in as the user" do
         @user.profile_photo.should be_nil
         session[:user_id] = @user.id
@@ -535,8 +582,6 @@ describe UserController, "when using profile photos" do
 end
 
 describe UserController, "when showing JSON version for API" do
-    
-    fixtures :users
   
     it "should be successful" do
         get :show, :url_name => "bob_smith", :format => "json"