diff options
Diffstat (limited to 'spec')
-rw-r--r-- | spec/controllers/admin_public_body_controller_spec.rb | 35 | ||||
-rw-r--r-- | spec/controllers/request_controller_spec.rb | 4 | ||||
-rw-r--r-- | spec/spec_helper.rb | 13 |
3 files changed, 46 insertions, 6 deletions
diff --git a/spec/controllers/admin_public_body_controller_spec.rb b/spec/controllers/admin_public_body_controller_spec.rb index a32c27dd9..9eabb2f8e 100644 --- a/spec/controllers/admin_public_body_controller_spec.rb +++ b/spec/controllers/admin_public_body_controller_spec.rb @@ -3,7 +3,14 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe AdminPublicBodyController, "when administering public bodies" do integrate_views fixtures :public_bodies, :public_body_translations - + + before do + username = MySociety::Config.get('ADMIN_USERNAME', '') + password = MySociety::Config.get('ADMIN_PASSWORD', '') + basic_auth_login @request + end + + it "shows the index page" do get :index end @@ -40,14 +47,18 @@ describe AdminPublicBodyController, "when administering public bodies" do post :destroy, { :id => 3 } PublicBody.count.should == 1 end - - end describe AdminPublicBodyController, "when administering public bodies with i18n" do integrate_views fixtures :public_bodies, :public_body_translations + before do + username = MySociety::Config.get('ADMIN_USERNAME', '') + password = MySociety::Config.get('ADMIN_PASSWORD', '') + basic_auth_login @request + end + it "shows the index page" do get :index end @@ -95,5 +106,23 @@ describe AdminPublicBodyController, "when administering public bodies with i18n" PublicBody.count.should == 1 end + it "don't allow non-authenticated users to do anything" do + @request.env["HTTP_AUTHORIZATION"] = "" + PublicBody.count.should == 2 + post :destroy, { :id => 3 } + response.code.should == "401" + PublicBody.count.should == 2 + end + + it "when no username/password set, skip admin authorisation" do + config = MySociety::Config.load_default() + config['ADMIN_USERNAME'] = '' + config['ADMIN_PASSWORD'] = '' + @request.env["HTTP_AUTHORIZATION"] = "" + PublicBody.count.should == 2 + post :destroy, { :id => 3 } + PublicBody.count.should == 1 + end + end diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb index ac44cb905..200746e0d 100644 --- a/spec/controllers/request_controller_spec.rb +++ b/spec/controllers/request_controller_spec.rb @@ -903,7 +903,7 @@ describe RequestController, "sending overdue request alerts" do deliveries = ActionMailer::Base.deliveries deliveries.size.should == 1 mail = deliveries[0] - mail.body.should =~ /promptly, as normally\s+required by law/ + mail.body.should =~ /promptly, as normally/ mail.to_addrs.to_s.should == info_requests(:naughty_chicken_request).user.name_and_email mail.body =~ /(http:\/\/.*\/c\/(.*))/ @@ -931,7 +931,7 @@ describe RequestController, "sending overdue request alerts" do deliveries = ActionMailer::Base.deliveries deliveries.size.should == 1 mail = deliveries[0] - mail.body.should =~ /promptly, as normally\s+required by law during term time/ + mail.body.should =~ /promptly, as normally/ mail.to_addrs.to_s.should == info_requests(:naughty_chicken_request).user.name_and_email end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 87a89f755..56b1fd92a 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -5,6 +5,11 @@ require File.expand_path(File.join(File.dirname(__FILE__),'..','config','environ require 'spec/autorun' require 'spec/rails' +# set a default username and password so we can test +config = MySociety::Config.load_default() +config['ADMIN_USERNAME'] = 'foo' +config['ADMIN_PASSWORD'] = 'baz' + # Uncomment the next line to use webrat's matchers #require 'webrat/integrations/rspec-rails' @@ -103,6 +108,12 @@ def validate_as_body(html) "<html><head><title>Test</title></head><body>#{html}</body></html>") end +def basic_auth_login(request) + username = MySociety::Config.get('ADMIN_USERNAME') + password = MySociety::Config.get('ADMIN_PASSWORD') + request.env["HTTP_AUTHORIZATION"] = "Basic " + Base64::encode64("#{username}:#{password}") +end + # Monkeypatch! Validate HTML in tests. $html_validation_script = "/usr/bin/validate" # from Debian package wdg-html-validator if $tempfilecount.nil? @@ -126,7 +137,7 @@ if $tempfilecount.nil? return unless @response.template.controller.instance_eval { integrate_views? } # And then if HTML, not a redirect (302, 301) - if @response.content_type == "text/html" && (@response.response_code != 302) && (@response.response_code != 301) + if @response.content_type == "text/html" && ! [301,302,401].include?(@response.response_code) validate_html(@response.body) end end |