Sha256: cd8f18a2e7530385eeddfcbc9a2741886a17c2d4eeae4486839f85a9976d1eb0

Contents?: true

Size: 1.91 KB

Versions: 14

Compression:

Stored size: 1.91 KB

Contents

require File.expand_path('../test_helper', __FILE__)

# Mock controller used for testing session handling.
class CookieController < ApplicationController
  authenticates_using_session
    
  def show
    if current_user
      render :text => "User: #{current_user.id}"
    else
      render :text => "No user"
    end
  end
  
  def bouncer
    bounce_user
  end
end

class CookieControllerTest < ActionController::TestCase
  setup do
    @user = users(:john)
  end

  test "no user_id in session" do
    get :show
    assert_response :success
    assert_nil assigns(:current_user)
    assert_equal 'No user', response.body
  end
  
  test "valid user_id in session" do
    set_session_current_user @user
    get :show
    assert_response :success
    assert_equal @user, assigns(:current_user)
    assert_equal "User: #{ActiveRecord::Fixtures.identify(:john)}",
                 response.body
  end
  
  test "invalid user_pid in session" do
    get :show, {}, :current_user_pid => 'random@user.com'
    assert_response :success
    assert_nil assigns(:current_user)
  end
  
  test "valid user_id bounced" do
    set_session_current_user @user
    get :bouncer
    assert_response :forbidden
    assert_template 'session/forbidden'
  end

  test "valid user_id bounced in json" do
    set_session_current_user @user
    get :bouncer, :format => 'json'
    assert_response :ok
    data = ActiveSupport::JSON.decode response.body
    assert_match(/not allowed/i, data['error'])
  end
  
  test "no user_id bounced" do
    get :bouncer
    assert_response :forbidden
    assert_template 'session/forbidden'
    assert_equal bouncer_cookie_url, flash[:auth_redirect_url]
    
    assert_select 'script', %r/.*window.location.*#{new_session_path}.*/
  end

  test "no user_id bounced in json" do
    get :bouncer, :format => 'json'
    assert_response :ok
    data = ActiveSupport::JSON.decode response.body
    assert_match(/sign in/i, data['error'])
  end
end

Version data entries

14 entries across 14 versions & 1 rubygems

Version Path
authpwn_rails-0.10.6 test/cookie_controller_test.rb
authpwn_rails-0.10.5 test/cookie_controller_test.rb
authpwn_rails-0.10.4 test/cookie_controller_test.rb
authpwn_rails-0.10.3 test/cookie_controller_test.rb
authpwn_rails-0.10.2 test/cookie_controller_test.rb
authpwn_rails-0.10.1 test/cookie_controller_test.rb
authpwn_rails-0.10.0 test/cookie_controller_test.rb
authpwn_rails-0.9.6 test/cookie_controller_test.rb
authpwn_rails-0.9.5 test/cookie_controller_test.rb
authpwn_rails-0.9.4 test/cookie_controller_test.rb
authpwn_rails-0.9.3 test/cookie_controller_test.rb
authpwn_rails-0.9.2 test/cookie_controller_test.rb
authpwn_rails-0.9.1 test/cookie_controller_test.rb
authpwn_rails-0.9.0 test/cookie_controller_test.rb