2 files changed, 26 insertions, 8 deletions

diff --git a/spec/controllers/admin_user_controller_spec.rb b/spec/controllers/admin_user_controller_spec.rb
index 60ac6969d..c2d645fd2 100644
--- a/spec/controllers/admin_user_controller_spec.rb
+++ b/spec/controllers/admin_user_controller_spec.rb
@@ -24,13 +24,7 @@ describe AdminUserController, "when administering users" do
         post_redirect = PostRedirect.get_last_post_redirect
         response.should redirect_to(:controller => 'user', :action => 'confirm', :email_token => post_redirect.email_token)
     end
-
-    it "logs in as another user when already logged in as an admin" do
-        session[:user_id] = users(:admin_user).id
-        get :login_as,  :id => users(:bob_smith_user).id
-        post_redirect = PostRedirect.get_last_post_redirect
-        response.should redirect_to(:controller => 'user', :action => 'confirm', :email_token => post_redirect.email_token)
-        session[:user_id].should be_nil
-    end
+    
+    # See also "allows an admin to log in as another user" in spec/integration/admin_spec.rb
 end
 
diff --git a/spec/integration/admin_spec.rb b/spec/integration/admin_spec.rb
new file mode 100644
index 000000000..7fecd60d2
--- /dev/null
+++ b/spec/integration/admin_spec.rb
@@ -0,0 +1,24 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+
+require "base64"
+
+describe "When administering the site" do
+    it "allows an admin to log in as another user" do
+        # First log in as Joe Admin
+        admin_user = users(:admin_user)
+        admin_user.email_confirmed = true
+        admin_user.save!
+        post_via_redirect "/profile/sign_in", :user_signin => {:email => admin_user.email, :password => "jonespassword"}
+        response.should be_success
+        
+        # Now fetch the "log in as" link to log in as Bob
+        basic_auth_login @request
+        admin_username = MySociety::Config.get('ADMIN_USERNAME')
+        admin_password = MySociety::Config.get('ADMIN_PASSWORD')
+        get_via_redirect "/admin/user/login_as/#{users(:bob_smith_user).id}", nil, {
+          "Authorization" => "Basic " + Base64.b64encode("#{admin_username}:#{admin_password}").strip
+        }
+        response.should be_success
+        session[:user_id].should == users(:bob_smith_user).id
+    end
+end