diff options
| -rw-r--r-- | app/controllers/user_controller.rb | 9 | ||||
| -rw-r--r-- | spec/controllers/request_controller_spec.rb | 7 | ||||
| -rw-r--r-- | spec/controllers/user_controller_spec.rb | 120 | ||||
| -rw-r--r-- | spec/fixtures/users.yml | 2 | ||||
| -rw-r--r-- | spec/spec_helper.rb | 1 | ||||
| -rw-r--r-- | todo.txt | 1 |
6 files changed, 128 insertions, 12 deletions
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 4888bbbce..f9a25c2e1 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: user_controller.rb,v 1.16 2007-11-08 12:57:01 francis Exp $ +# $Id: user_controller.rb,v 1.17 2007-11-08 16:18:25 francis Exp $ class UserController < ApplicationController # XXX See controllers/application.rb simplify_url_part for reverse of expression in SQL below @@ -65,11 +65,8 @@ class UserController < ApplicationController # Make the user and try to save it @user = User.new(params[:user]) if not @user.valid? - # First time get to form (e.g. from signin) , don't show errors - @first_time = params[:first_time] - @user.errors.clear if @first_time # Show the form - render :action => (@first_time ? 'sign' : 'signup') + render :action => 'signup' else # New unconfirmed user @user.email_confirmed = false @@ -108,7 +105,7 @@ class UserController < ApplicationController if params[:r] redirect_to params[:r] else - redirect_to :action => "index" + redirect_to :controller => "request", :action => "frontpage" end end diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb index 22965871c..9c0997569 100644 --- a/spec/controllers/request_controller_spec.rb +++ b/spec/controllers/request_controller_spec.rb @@ -94,9 +94,11 @@ describe RequestController, "when creating a new request" do end it "should redirect to sign in page when input is good and nobody is logged in" do - post :create, :info_request => { :public_body_id => public_bodies(:geraldine_public_body).id, + params = { :info_request => { :public_body_id => public_bodies(:geraldine_public_body).id, :title => "Why is your quango called Geraldine?"}, - :outgoing_message => { :body => "This is a silly letter. It is too short to be interesting." } + :outgoing_message => { :body => "This is a silly letter. It is too short to be interesting." } + } + post :create, params # XXX yeuch - no other easy way of getting the token so we can check # the redirect URL, as it is by definition opaque to the controller # apart from in the place that it redirects to. @@ -104,6 +106,7 @@ describe RequestController, "when creating a new request" do post_redirects.size.should == 1 post_redirect = post_redirects[0] response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token) + # post_redirect.post_params.should == params # XXX get this working. there's a : vs '' problem amongst others end it "should create the request and outgoing message and redirect to request page when input is good and somebody is logged in" do diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb index 432c56bb7..fa8cea3b5 100644 --- a/spec/controllers/user_controller_spec.rb +++ b/spec/controllers/user_controller_spec.rb @@ -1,20 +1,21 @@ require File.dirname(__FILE__) + '/../spec_helper' describe UserController, "when showing a user" do + integrate_views fixtures :users it "should be successful" do - get :show, :simple_name => "bob_smith" + get :show, :simple_name => "bob-smith" response.should be_success end it "should redirect to lower case name if given one with capital letters" do - get :show, :simple_name => "Bob_Smith" - response.should redirect_to(:controller => 'user', :action => 'show', :simple_name => "bob_smith") + get :show, :simple_name => "Bob-Smith" + response.should redirect_to(:controller => 'user', :action => 'show', :simple_name => "bob-smith") end it "should render with 'show' template" do - get :show, :simple_name => "bob_smith" + get :show, :simple_name => "bob-smith" response.should render_template('show') end @@ -28,6 +29,117 @@ describe UserController, "when showing a user" do assigns[:display_users].should == [ users(:silly_name_user) ] end + # XXX test for 404s when don't give valid name end +describe UserController, "when signing in" do + integrate_views + fixtures :users + + def get_last_postredirect + post_redirects = PostRedirect.find_by_sql("select * from post_redirects order by id desc limit 1") + post_redirects.size.should == 1 + post_redirects[0] + end + + it "should show sign in / sign up page" do + get :signin + response.should have_tag("input#signin_token") + end + + it "should create post redirect to / when you just go to /signin" do + get :signin + post_redirect = get_last_postredirect + post_redirect.uri.should == "/" + end + + it "should create post redirect to /list when you click signin on /list" do + get :signin, :r => "/list" + post_redirect = get_last_postredirect + post_redirect.uri.should == "/list" + end + + it "should show you the sign in page again if you get the password wrong" do + get :signin, :r => "/list" + response.should render_template('sign') + post_redirect = get_last_postredirect + post :signin, { :user => { :email => 'bob@localhost', :password => 'NOTRIGHTPASSWORD' }, + :token => post_redirect.token + } + response.should render_template('signin') + end + + it "should log in when you give right email/password, and redirect to where you were" do + get :signin, :r => "/list" + response.should render_template('sign') + post_redirect = get_last_postredirect + post :signin, { :user => { :email => 'bob@localhost', :password => 'jonespassword' }, + :token => post_redirect.token + } + session[:user].should == users(:bob_smith_user).id + response.should redirect_to(:controller => 'request', :action => 'list', :post_redirect => 1) + end + + it "should ask you to confirm your email if it isn't confirmed, after log in" do + get :signin, :r => "/list" + response.should render_template('sign') + post_redirect = get_last_postredirect + post :signin, { :user => { :email => 'silly@localhost', :password => 'jonespassword' }, + :token => post_redirect.token + } + response.should render_template('confirm') + # XXX check email sent + end + + it "should confirm your email, log you in and redirect you to where you were after you click an email link" + +end + +describe UserController, "when signing up" do + integrate_views + fixtures :users + + it "should be an error if you type the password differently each time" do + post :signup, { :user => { :email => 'new@localhost', :name => 'New Person', + :password => 'sillypassword', :password_confirmation => 'sillypasswordtwo' } + } + assigns[:user].errors[:password].should_not be_nil + end + + it "should be an error to sign up with an email that has already been used" do + post :signup, { :user => { :email => 'bob@localhost', :name => 'Second Bob', + :password => 'sillypassword', :password_confirmation => 'sillypassword' } + } + assigns[:user].errors[:email].should_not be_nil + end + +# it "should ask you to confirm your email if you fill in the form right" do +# post :signup, { :user => { :email => 'new@localhost', :name => 'New Person', +# :password => 'sillypassword', :password_confirmation => 'sillypassword' } +# } +# response.should render_template('confirm') + # XXX if you go straight into signup form without token it doesn't make one +# end +end + +describe UserController, "when signing out" do + integrate_views + fixtures :users + + it "should log you out and redirect to the home page" do + session[:user] = users(:bob_smith_user).id + get :signout + session[:user].should be_nil + response.should redirect_to(:controller => 'request', :action => 'frontpage') + end + + it "should log you out and redirect you to where you were" do + session[:user] = users(:bob_smith_user).id + get :signout, :r => '/list' + session[:user].should be_nil + response.should redirect_to(:controller => 'request', :action => 'list') + end + +end + diff --git a/spec/fixtures/users.yml b/spec/fixtures/users.yml index 842c71b68..092d76e45 100644 --- a/spec/fixtures/users.yml +++ b/spec/fixtures/users.yml @@ -6,6 +6,7 @@ bob_smith_user: hashed_password: 6b7cd45a5f35fd83febc0452a799530398bfb6e8 # jonespassword updated_at: 2007-10-31 10:39:15.491593 created_at: 2007-10-31 10:39:15.491593 + email_confirmed: true silly_name_user: id: "2" name: "Silly <em>Name</em>" @@ -14,4 +15,5 @@ silly_name_user: hashed_password: 6b7cd45a5f35fd83febc0452a799530398bfb6e8 # jonespassword updated_at: 2007-11-01 10:39:15.491593 created_at: 2007-11-01 10:39:15.491593 + email_confirmed: false diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index e5d4f2259..2d01d442e 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -21,3 +21,4 @@ Spec::Runner.configure do |config| # If you declare global fixtures, be aware that they will be declared # for all of your examples, even those that don't use them. end + @@ -16,6 +16,7 @@ Make it say "dear" as default letter Work out how to get it to tell you code coverage of .rhtml files Make it validate the HTML maybe with http://www.anodyne.ca/wp-content/uploads/2007/09/be_valid_xhtml.rb +Check we call integrate_views for all controllers Tidying ======= |