diff options
| -rw-r--r-- | app/controllers/application.rb | 18 | ||||
| -rw-r--r-- | app/controllers/user_controller.rb | 5 | ||||
| -rw-r--r-- | app/models/post_redirect.rb | 8 | ||||
| -rw-r--r-- | app/views/user/contact.rhtml | 2 | ||||
| -rw-r--r-- | spec/controllers/admin_controller_spec.rb | 10 | ||||
| -rw-r--r-- | spec/controllers/admin_public_body_controller_spec.rb | 25 | ||||
| -rw-r--r-- | spec/controllers/request_controller_spec.rb | 11 | ||||
| -rw-r--r-- | spec/controllers/user_controller_spec.rb | 68 | ||||
| -rw-r--r-- | todo.txt | 6 |
9 files changed, 136 insertions, 17 deletions
diff --git a/app/controllers/application.rb b/app/controllers/application.rb index af3f8de1b..891a505d9 100644 --- a/app/controllers/application.rb +++ b/app/controllers/application.rb @@ -6,7 +6,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: application.rb,v 1.30 2008-02-27 12:18:28 francis Exp $ +# $Id: application.rb,v 1.31 2008-03-20 11:58:21 francis Exp $ class ApplicationController < ActionController::Base @@ -28,6 +28,21 @@ class ApplicationController < ActionController::Base false end + # Called from test code, is a mimic of User.confirm, for use in following email + # links when in controller tests (since we don't have full integration tests that + # can work over multiple controllers)0 + def test_code_redirect_by_email_token(token, controller_example_group) + post_redirect = PostRedirect.find_by_email_token(token) + if post_redirect.nil? + raise "bad token in test code email" + end + session[:user_id] = post_redirect.user.id + session[:user_authtype] = :email + params = controller_example_group.params_from(:get, post_redirect.local_part_uri) + params.merge(post_redirect.post_params) + controller_example_group.get params[:action], params + end + private # Check the user is logged in @@ -112,6 +127,7 @@ class ApplicationController < ActionController::Base # URL generating functions are needed by all controllers (for redirects) # and views (for links), so include them into all of both. include LinkToHelper + end diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 14cc9ac06..40547aafe 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: user_controller.rb,v 1.39 2008-03-13 12:33:40 francis Exp $ +# $Id: user_controller.rb,v 1.40 2008-03-20 11:58:21 francis Exp $ class UserController < ApplicationController # Show page about a set of users with same url name @@ -74,7 +74,8 @@ class UserController < ApplicationController end end - # Followed link in user account confirmation email + # Followed link in user account confirmation email. + # If you change this, change ApplicationController.test_code_redirect_by_email_token also def confirm post_redirect = PostRedirect.find_by_email_token(params[:email_token]) diff --git a/app/models/post_redirect.rb b/app/models/post_redirect.rb index c2b2383d9..a55e32ce1 100644 --- a/app/models/post_redirect.rb +++ b/app/models/post_redirect.rb @@ -25,7 +25,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: post_redirect.rb,v 1.23 2008-03-18 19:18:51 francis Exp $ +# $Id: post_redirect.rb,v 1.24 2008-03-20 11:58:21 francis Exp $ require 'openssl' # for random bytes function @@ -52,6 +52,12 @@ class PostRedirect < ActiveRecord::Base YAML.load(self.reason_params_yaml) end + # Extract just local path part, without domain or # + def local_part_uri + self.uri.match(/^http:\/\/.+?(\/[^#]+)/) + return $1 + end + # Makes a random token, suitable for using in URLs e.g confirmation messages. def self.generate_random_token bits = 12 * 8 diff --git a/app/views/user/contact.rhtml b/app/views/user/contact.rhtml index d7cac2a4d..7069b671a 100644 --- a/app/views/user/contact.rhtml +++ b/app/views/user/contact.rhtml @@ -23,7 +23,7 @@ </p> <p> - <label class="form_label" for="outgoing_message_body">Message:</label> + <label class="form_label" for="contact_message">Message:</label> <%= f.text_area :message, :rows => 10, :cols => 50 %> </p> diff --git a/spec/controllers/admin_controller_spec.rb b/spec/controllers/admin_controller_spec.rb index 2d55daa87..f2c6c8038 100644 --- a/spec/controllers/admin_controller_spec.rb +++ b/spec/controllers/admin_controller_spec.rb @@ -7,4 +7,14 @@ describe AdminController, "when viewing front page of admin interface" do get :index response.should render_template('index') end + + it "should render the front page with time line for last month" do + get :index, :month => 1 + response.should render_template('index') + end + + it "should render the front page with time line for all time" do + get :index, :all => 1 + response.should render_template('index') + end end diff --git a/spec/controllers/admin_public_body_controller_spec.rb b/spec/controllers/admin_public_body_controller_spec.rb index 5d5a4a4a1..3d41fd9f7 100644 --- a/spec/controllers/admin_public_body_controller_spec.rb +++ b/spec/controllers/admin_public_body_controller_spec.rb @@ -8,13 +8,38 @@ describe AdminPublicBodyController, "when administering public bodies" do get :index end + it "searches for 'humpa'" do + get :index, :query => "humpa" + assigns[:public_bodies].should == [ public_bodies(:humpadink_public_body) ] + end + it "shows a public body" do get :show, :id => 2 end + it "creates a new public body" do + PublicBody.count.should == 2 + post :create, { :public_body => { :name => "New Quango", :short_name => "", :tag_string => "blah", :request_email => 'newquango@localhost', :last_edit_comment => 'From test code' } } + PublicBody.count.should == 3 + end + it "edits a public body" do get :edit, :id => 2 end + it "saves edits to a public body" do + public_bodies(:humpadink_public_body).name.should == "Department for Humpadinking" + post :update, { :id => 3, :public_body => { :name => "Renamed", :short_name => "", :tag_string => "some tags", :request_email => 'edited@localhost', :last_edit_comment => 'From test code' } } + response.flash[:notice].should include('successful') + pb = PublicBody.find(public_bodies(:humpadink_public_body).id) + pb.name.should == "Renamed" + end + + it "destroy a public body" do + PublicBody.count.should == 2 + post :destroy, { :id => 3 } + PublicBody.count.should == 1 + end + end diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb index 5b7da626e..dd74829d4 100644 --- a/spec/controllers/request_controller_spec.rb +++ b/spec/controllers/request_controller_spec.rb @@ -287,11 +287,12 @@ describe RequestController, "sending overdue request alerts" do mail_url = $1 mail_token = $2 - #session[:user_id].should be_nil - # XXX this is so dumb - I just want to call the user controller here, bloody let me - #get :controller => :user, :action => :confirm, :email_token => mail_token - #session[:user_id].should == info_requests(:naughty_chicken_request).user.id - #response.should redirect_to(:action => 'show_response', :id => info_requests(:naughty_chicken_request).id) + session[:user_id].should be_nil + controller.test_code_redirect_by_email_token(mail_token, self) # XXX hack to avoid having to call User controller for email link + session[:user_id].should == info_requests(:naughty_chicken_request).user.id + + response.should render_template('show_response') + assigns[:info_request].should == info_requests(:naughty_chicken_request) end end diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb index 183c1c2eb..6405cbe37 100644 --- a/spec/controllers/user_controller_spec.rb +++ b/spec/controllers/user_controller_spec.rb @@ -33,8 +33,6 @@ describe UserController, "when showing a user" do # assigns[:display_users].should == [ users(:silly_name_user) ] # end - - # XXX test for 404s when don't give valid name end describe UserController, "when signing in" do @@ -109,12 +107,16 @@ describe UserController, "when signing in" do deliveries = ActionMailer::Base.deliveries deliveries.size.should == 1 mail = deliveries[0] - mail.body =~ /(http:\/\/.*\/c\/(.*))/ + mail.body =~ /(http:\/\/.*(\/c\/(.*)))/ mail_url = $1 - mail_token = $2 + mail_path = $2 + mail_token = $3 + # check is right confirmation URL mail_token.should == post_redirect.email_token + params_from(:get, mail_path).should == { :controller => 'user', :action => 'confirm', :email_token => mail_token } + # check confirmation URL works session[:user_id].should be_nil get :confirm, :email_token => post_redirect.email_token session[:user_id].should == users(:silly_name_user).id @@ -134,19 +136,33 @@ describe UserController, "when signing up" do assigns[:user_signup].errors[:password].should_not be_nil end - it "should be an error to sign up with an email that has already been used" do + it "should be an error to sign up with a misformatted email" do post :signup, { :user_signup => { :email => 'malformed-email', :name => 'Mr Malformed', :password => 'sillypassword', :password_confirmation => 'sillypassword' } } assigns[:user_signup].errors[:email].should_not be_nil end - it "should ask you to confirm your email if you fill in the form right" do + it "should send confirmation mail if you fill in the form right" do post :signup, { :user_signup => { :email => 'new@localhost', :name => 'New Person', :password => 'sillypassword', :password_confirmation => 'sillypassword' } } response.should render_template('confirm') - # XXX if you go straight into signup form without token it doesn't make one + + deliveries = ActionMailer::Base.deliveries + deliveries.size.should == 1 + deliveries[0].body.should include("never give away or sell") + end + + it "should send special 'already signed up' mail if you fill the form in with existing registered email " do + post :signup, { :user_signup => { :email => 'silly@localhost', :name => 'New Person', + :password => 'sillypassword', :password_confirmation => 'sillypassword' } + } + response.should render_template('confirm') + + deliveries = ActionMailer::Base.deliveries + deliveries.size.should == 1 + deliveries[0].body.should include("you\nalready have an account") end # XXX need to do bob@localhost signup and check that sends different email @@ -172,3 +188,41 @@ describe UserController, "when signing out" do end +describe UserController, "when sending another user a message" do + integrate_views + fixtures :users + + it "should redirect to signin page if you go to the contact form and aren't signed in" do + get :contact, :id => users(:silly_name_user) + post_redirect = PostRedirect.get_last_post_redirect + response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token) + end + + it "should show contact form if you are signed in" do + session[:user_id] = users(:bob_smith_user).id + get :contact, :id => users(:silly_name_user) + response.should render_template('contact') + end + + it "should give error if you don't fill in the subject" do + session[:user_id] = users(:bob_smith_user).id + post :contact, { :id => users(:silly_name_user), :contact => { :subject => "", :message => "Gah" }, :submitted_contact_form => 1 } + response.should render_template('contact') + end + + it "should send the message" do + session[:user_id] = users(:bob_smith_user).id + post :contact, { :id => users(:silly_name_user), :contact => { :subject => "Dearest you", :message => "Just a test!" }, :submitted_contact_form => 1 } + response.should redirect_to(:controller => 'user', :action => 'show', :url_name => users(:silly_name_user).url_name) + + deliveries = ActionMailer::Base.deliveries + deliveries.size.should == 1 + mail = deliveries[0] + mail.body.should include("Bob Smith has used WhatDoTheyKnow to send you the message below") + mail.body.should include("Just a test!") + #mail.to_addrs.to_s.should == users(:silly_name_user).name_and_email # XXX fix some nastiness with quoting name_and_email + mail.from_addrs.to_s.should == users(:bob_smith_user).name_and_email + end + +end + @@ -32,6 +32,10 @@ Send email to tell admins something isn't classified Send email to remind people to clarify Add all new stuff to test code till it has reasonable coverage +- rake spec:check + +Fix password change to use a special field in post redirect rather than other nonsense +- then can it be used for email change instead? Search and replace text "FOI" and "Freedom of Information" out the way more - but put it in the title tag @@ -52,6 +56,8 @@ Now of course when ids go into requests/users for new ones it just adds an _ on Later ===== +Just stop using the seaprate bounce address, it's a waste of time + This search gives a runtime error: "19 hours |