5 files changed, 90 insertions, 14 deletions

diff --git a/spec/controllers/admin_user_controller_spec.rb b/spec/controllers/admin_user_controller_spec.rb
index 65ecbc37d..60ac6969d 100644
--- a/spec/controllers/admin_user_controller_spec.rb
+++ b/spec/controllers/admin_user_controller_spec.rb
@@ -2,7 +2,9 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
 
 describe AdminUserController, "when administering users" do
     integrate_views
-    before { basic_auth_login @request }
+    before do
+        basic_auth_login @request
+    end
   
     it "shows the index/list page" do
         get :index
@@ -16,6 +18,19 @@ describe AdminUserController, "when administering users" do
     it "shows a user" do
         get :show, :id => users(:bob_smith_user)
     end
+    
+    it "logs in as another user" do
+        get :login_as,  :id => users(:bob_smith_user).id
+        post_redirect = PostRedirect.get_last_post_redirect
+        response.should redirect_to(:controller => 'user', :action => 'confirm', :email_token => post_redirect.email_token)
+    end
 
+    it "logs in as another user when already logged in as an admin" do
+        session[:user_id] = users(:admin_user).id
+        get :login_as,  :id => users(:bob_smith_user).id
+        post_redirect = PostRedirect.get_last_post_redirect
+        response.should redirect_to(:controller => 'user', :action => 'confirm', :email_token => post_redirect.email_token)
+        session[:user_id].should be_nil
+    end
 end
 
diff --git a/spec/controllers/general_controller_spec.rb b/spec/controllers/general_controller_spec.rb
index 7fc019c64..81f4ed6d5 100644
--- a/spec/controllers/general_controller_spec.rb
+++ b/spec/controllers/general_controller_spec.rb
@@ -198,6 +198,22 @@ describe GeneralController, "when searching" do
         assigns[:query].should be_nil
     end
 
+    it "should not show unconfirmed users" do
+        get :search, :combined => ["unconfirmed", "users"]
+        response.should render_template('search')
+        assigns[:xapian_users].results.map{|x|x[:model]}.should == []
+    end
+
+    it "should show newly-confirmed users" do
+        u = users(:unconfirmed_user)
+        u.email_confirmed = true
+        u.save!
+        update_xapian_index
+        
+        get :search, :combined => ["unconfirmed", "users"]
+        response.should render_template('search')
+        assigns[:xapian_users].results.map{|x|x[:model]}.should == [u]
+    end
 
 end
 
diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb
index 25dce3f22..9018f76fe 100644
--- a/spec/controllers/request_controller_spec.rb
+++ b/spec/controllers/request_controller_spec.rb
@@ -300,7 +300,7 @@ describe RequestController, "when showing one request" do
             }.should raise_error(ActiveRecord::RecordNotFound)
         end
 
-        it "should generate valid HTML verson of PDF attachments " do
+        it "should generate valid HTML verson of PDF attachments" do
             ir = info_requests(:fancy_dog_request) 
             receive_incoming_mail('incoming-request-pdf-attachment.email', ir.incoming_email)
             ir.reload
@@ -309,7 +309,7 @@ describe RequestController, "when showing one request" do
             response.should have_text(/Walberswick Parish Council/)
         end
 
-        it "should not cause a reparsing of the raw email, even when the result would be a 404 " do
+        it "should not cause a reparsing of the raw email, even when the result would be a 404" do
             ir = info_requests(:fancy_dog_request) 
             receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email)
             ir.reload
@@ -1319,9 +1319,10 @@ describe RequestController, "sending overdue request alerts" do
 
         RequestMailer.alert_overdue_requests
 
-        deliveries = ActionMailer::Base.deliveries
-        deliveries.size.should == 2
-        mail = deliveries[1]
+        chicken_mails = ActionMailer::Base.deliveries.select{|x| x.body =~ /chickens/}
+        chicken_mails.size.should == 1
+        mail = chicken_mails[0]
+        
         mail.body.should =~ /promptly, as normally/
         mail.to_addrs.first.to_s.should == info_requests(:naughty_chicken_request).user.name_and_email
 
@@ -1347,9 +1348,10 @@ describe RequestController, "sending overdue request alerts" do
 
         RequestMailer.alert_overdue_requests
 
-        deliveries = ActionMailer::Base.deliveries
-        deliveries.size.should == 2
-        mail = deliveries[1]
+        chicken_mails = ActionMailer::Base.deliveries.select{|x| x.body =~ /chickens/}
+        chicken_mails.size.should == 1
+        mail = chicken_mails[0]
+        
         mail.body.should =~ /promptly, as normally/
         mail.to_addrs.first.to_s.should == info_requests(:naughty_chicken_request).user.name_and_email
     end
@@ -1372,9 +1374,10 @@ describe RequestController, "sending overdue request alerts" do
 
         RequestMailer.alert_overdue_requests
 
-        deliveries = ActionMailer::Base.deliveries
-        deliveries.size.should == 2
-        mail = deliveries[1]
+        chicken_mails = ActionMailer::Base.deliveries.select{|x| x.body =~ /chickens/}
+        chicken_mails.size.should == 1
+        mail = chicken_mails[0]
+        
         mail.body.should =~ /required by law/
         mail.to_addrs.first.to_s.should == info_requests(:naughty_chicken_request).user.name_and_email
 
diff --git a/spec/controllers/track_controller_spec.rb b/spec/controllers/track_controller_spec.rb
index 38a447640..0dc5db607 100644
--- a/spec/controllers/track_controller_spec.rb
+++ b/spec/controllers/track_controller_spec.rb
@@ -25,7 +25,7 @@ describe TrackController, "when making a new track on a request" do
         response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token)
     end
 
-    it "should save the track and redirect if you are logged in " do
+    it "should save the track and redirect if you are logged in" do
         session[:user_id] = @user.id
         @track_thing.should_receive(:save!)
         get :track_request, :url_title => @ir.url_title, :feed => 'track'
@@ -134,6 +134,11 @@ describe TrackController, "when viewing RSS feed for a track" do
         assigns[:xapian_object].results[2][:model].should == info_request_events(:useless_outgoing_message_event) # created_at 2007-10-14 10:41:12.686264
     end
 
+    it "should return NotFound for a non-existent user" do
+        lambda {
+            get :track_user, :feed => 'feed', :url_name => "there_is_no_such_user"
+        }.should raise_error(ActiveRecord::RecordNotFound)
+    end
 end
 
 describe TrackController, "when viewing JSON version of a track feed" do
diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb
index 1a701ad43..40649b6e1 100644
--- a/spec/controllers/user_controller_spec.rb
+++ b/spec/controllers/user_controller_spec.rb
@@ -190,6 +190,43 @@ describe UserController, "when signing in" do
         ActionController::Routing::Routes.filters = old_filters
     end
 
+    it "should keep you logged in if you click a confirmation link and are already logged in as an admin" do
+        old_filters = ActionController::Routing::Routes.filters
+        ActionController::Routing::Routes.filters = RoutingFilter::Chain.new
+
+        get :signin, :r => "/list"
+        post_redirect = get_last_postredirect
+
+        post :signin, { :user_signin => { :email => 'unconfirmed@localhost', :password => 'jonespassword' },
+            :token => post_redirect.token
+        }
+        response.should send_email
+
+        deliveries = ActionMailer::Base.deliveries
+        deliveries.size.should  == 1
+        mail = deliveries[0]
+        mail.body =~ /(http:\/\/.*(\/c\/(.*)))/
+        mail_url = $1
+        mail_path = $2
+        mail_token = $3
+
+        # check is right confirmation URL
+        mail_token.should == post_redirect.email_token
+        params_from(:get, mail_path).should == { :controller => 'user', :action => 'confirm', :email_token => mail_token }
+
+        # Log in as an admin
+        session[:user_id] = users(:admin_user).id
+
+        # Get the confirmation URL, and check we’re still Joe
+        get :confirm, :email_token => post_redirect.email_token
+        session[:user_id].should == users(:admin_user).id
+        
+        # And the redirect should still work, of course
+        response.should redirect_to(:controller => 'request', :action => 'list', :post_redirect => 1)
+
+        ActionController::Routing::Routes.filters = old_filters
+    end
+
 end
 
 describe UserController, "when signing up" do
@@ -233,7 +270,7 @@ describe UserController, "when signing up" do
         deliveries[0].body.should include("No revelaremos su dirección de correo")
     end
 
-    it "should send special 'already signed up' mail if you fill the form in with existing registered email " do
+    it "should send special 'already signed up' mail if you fill the form in with existing registered email" do
         post :signup, { :user_signup => { :email => 'silly@localhost', :name => 'New Person',
             :password => 'sillypassword', :password_confirmation => 'sillypassword' } 
         }