diff options
Diffstat (limited to 'spec/controllers/admin_public_body_controller_spec.rb')
| -rw-r--r-- | spec/controllers/admin_public_body_controller_spec.rb | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/spec/controllers/admin_public_body_controller_spec.rb b/spec/controllers/admin_public_body_controller_spec.rb index cb622dabd..6b88fe39d 100644 --- a/spec/controllers/admin_public_body_controller_spec.rb +++ b/spec/controllers/admin_public_body_controller_spec.rb @@ -42,21 +42,27 @@ describe AdminPublicBodyController, "when administering public bodies" do pb.name.should == "Renamed" end - it "destroy a public body" do + it "destroys a public body" do PublicBody.count.should == 2 post :destroy, { :id => 3 } PublicBody.count.should == 1 end - it "don't allow non-authenticated users to do anything" do + it "sets a using_admin flag" do + get :show, :id => 2 + session[:using_admin].should == 1 + end + + it "disallows non-authenticated users to do anything" do @request.env["HTTP_AUTHORIZATION"] = "" PublicBody.count.should == 2 post :destroy, { :id => 3 } response.code.should == "401" PublicBody.count.should == 2 + session[:using_admin].should == nil end - it "when no username/password set, skip admin authorisation" do + it "skips admin authorisation when no username/password set" do config = MySociety::Config.load_default() config['ADMIN_USERNAME'] = '' config['ADMIN_PASSWORD'] = '' @@ -64,6 +70,17 @@ describe AdminPublicBodyController, "when administering public bodies" do PublicBody.count.should == 2 post :destroy, { :id => 3 } PublicBody.count.should == 1 + session[:using_admin].should == 1 + end + it "skips admin authorisation when no username set" do + config = MySociety::Config.load_default() + config['ADMIN_USERNAME'] = '' + config['ADMIN_PASSWORD'] = 'fuz' + @request.env["HTTP_AUTHORIZATION"] = "" + PublicBody.count.should == 2 + post :destroy, { :id => 3 } + PublicBody.count.should == 1 + session[:using_admin].should == 1 end |