aboutsummaryrefslogtreecommitdiffstats
path: root/spec/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'spec/controllers')
-rw-r--r--spec/controllers/admin_public_body_controller_spec.rb35
1 files changed, 32 insertions, 3 deletions
diff --git a/spec/controllers/admin_public_body_controller_spec.rb b/spec/controllers/admin_public_body_controller_spec.rb
index a32c27dd9..9eabb2f8e 100644
--- a/spec/controllers/admin_public_body_controller_spec.rb
+++ b/spec/controllers/admin_public_body_controller_spec.rb
@@ -3,7 +3,14 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
describe AdminPublicBodyController, "when administering public bodies" do
integrate_views
fixtures :public_bodies, :public_body_translations
-
+
+ before do
+ username = MySociety::Config.get('ADMIN_USERNAME', '')
+ password = MySociety::Config.get('ADMIN_PASSWORD', '')
+ basic_auth_login @request
+ end
+
+
it "shows the index page" do
get :index
end
@@ -40,14 +47,18 @@ describe AdminPublicBodyController, "when administering public bodies" do
post :destroy, { :id => 3 }
PublicBody.count.should == 1
end
-
-
end
describe AdminPublicBodyController, "when administering public bodies with i18n" do
integrate_views
fixtures :public_bodies, :public_body_translations
+ before do
+ username = MySociety::Config.get('ADMIN_USERNAME', '')
+ password = MySociety::Config.get('ADMIN_PASSWORD', '')
+ basic_auth_login @request
+ end
+
it "shows the index page" do
get :index
end
@@ -95,5 +106,23 @@ describe AdminPublicBodyController, "when administering public bodies with i18n"
PublicBody.count.should == 1
end
+ it "don't allow non-authenticated users to do anything" do
+ @request.env["HTTP_AUTHORIZATION"] = ""
+ PublicBody.count.should == 2
+ post :destroy, { :id => 3 }
+ response.code.should == "401"
+ PublicBody.count.should == 2
+ end
+
+ it "when no username/password set, skip admin authorisation" do
+ config = MySociety::Config.load_default()
+ config['ADMIN_USERNAME'] = ''
+ config['ADMIN_PASSWORD'] = ''
+ @request.env["HTTP_AUTHORIZATION"] = ""
+ PublicBody.count.should == 2
+ post :destroy, { :id => 3 }
+ PublicBody.count.should == 1
+ end
+
end
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-28 02:01:45 +0000