From e53e0a0ccbb4695dbbb01a56598b7c832a9c5a0c Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Thu, 1 Aug 2013 14:53:10 +0100 Subject: Refactor some common setup steps in integration tests into a DSL. Add a failing test for what should happen on request hiding. --- spec/integration/admin_spec.rb | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) (limited to 'spec/integration/admin_spec.rb') diff --git a/spec/integration/admin_spec.rb b/spec/integration/admin_spec.rb index 8a5e59ba2..25872fb4a 100644 --- a/spec/integration/admin_spec.rb +++ b/spec/integration/admin_spec.rb @@ -1,21 +1,27 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') - -require "base64" +require File.expand_path(File.dirname(__FILE__) + '/alaveteli_dsl') describe "When administering the site" do + + before do + AlaveteliConfiguration.stub!(:skip_admin_auth).and_return(false) + end + it "allows an admin to log in as another user" do # First log in as Joe Admin - admin_user = users(:admin_user) - admin_user.email_confirmed = true - admin_user.save! - post_via_redirect "/profile/sign_in", :user_signin => {:email => admin_user.email, :password => "jonespassword"} - response.should be_success - + confirm(:admin_user) + admin = login(:admin_user) + # Now fetch the "log in as" link to log in as Bob - get_via_redirect "/admin/user/login_as/#{users(:bob_smith_user).id}", nil, { - "Authorization" => "Basic " + Base64.encode64("#{AlaveteliConfiguration::admin_username}:#{AlaveteliConfiguration::admin_password}").strip - } - response.should be_success - session[:user_id].should == users(:bob_smith_user).id + admin.get_via_redirect "/admin/user/login_as/#{users(:bob_smith_user).id}" + admin.response.should be_success + admin.session[:user_id].should == users(:bob_smith_user).id + end + + it 'does not allow a non-admin user to login as another user' do + robin = login(:robin_user) + robin.get_via_redirect "/admin/user/login_as/#{users(:bob_smith_user).id}" + robin.response.should be_success + robin.session[:user_id].should_not == users(:bob_smith_user).id end end -- cgit v1.2.3