diff options
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/controllers/user_controller_spec.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb index f6f3c16ca..700618f53 100644 --- a/spec/controllers/user_controller_spec.rb +++ b/spec/controllers/user_controller_spec.rb @@ -274,9 +274,25 @@ describe UserController, "when changing password" do end it "should not change the password, if you're not logged in" do + session[:user_circumstance] = "change_password" + + old_hash = users(:bob_smith_user).hashed_password + post :signchange, { :user => { :password => 'ooo', :password_confirmation => 'ooo' }, + :submitted_signchange_password => 1 + } + users(:bob_smith_user).hashed_password.should == old_hash end it "should not change the password, if you're just logged in normally" do + session[:user_id] = users(:bob_smith_user).id + session[:user_circumstance] = nil + + old_hash = users(:bob_smith_user).hashed_password + post :signchange, { :user => { :password => 'ooo', :password_confirmation => 'ooo' }, + :submitted_signchange_password => 1 + } + + users(:bob_smith_user).hashed_password.should == old_hash end end |