require 'rails_helper' describe CheckoutsController do fixtures :all describe "GET index", solr: true do before do Checkout.reindex end before(:each) do FactoryGirl.create(:profile) end describe "When logged in as Administrator" do login_fixture_admin it "assigns all checkouts as @checkouts" do get :index assigns(:checkouts).should eq Checkout.order('checkouts.created_at DESC').page(1) assigns(:checkouts).total_entries.should eq Checkout.count end it "should get other user's index" do get :index, user_id: users(:admin).username response.should be_success assigns(:checkouts).should eq users(:admin).checkouts.not_returned.order('checkouts.id DESC').page(1) end end describe "When logged in as Librarian" do login_fixture_librarian it "should get index" do get :index response.should be_success end it "should get index txt" do get :index, format: 'txt' assigns(:checkouts).count.should eq assigns(:checkouts).total_entries response.should be_success end it "should get index rss" do get :index, format: 'rss' assigns(:checkouts).count.should eq assigns(:checkouts).total_entries response.should be_success end it "should get overdue index" do get :index, days_overdue: 1 assigns(:checkouts).should eq Checkout.overdue(1.day.ago.beginning_of_day).order('checkouts.id DESC').page(1) response.should be_success end it "should get overdue index with number of days_overdue" do get :index, days_overdue: 2 response.should be_success assigns(:checkouts).size.should > 0 end it "should get overdue index with invalid number of days_overdue" do get :index, days_overdue: 'invalid days' response.should be_success assigns(:checkouts).size.should > 0 end it "should get other user's index" do get :index, user_id: users(:admin).username response.should be_success assigns(:checkouts).should eq users(:admin).checkouts.not_returned.order('checkouts.id DESC').page(1) end it "should get index with item_id" do get :index, item_id: 1 response.should be_success assigns(:checkouts).should eq items(:item_00001).checkouts.order('checkouts.id DESC').page(1) end end describe "When logged in as User" do login_fixture_user it "assigns all checkouts as @checkouts" do get :index assigns(:checkouts).should eq(users(:user1).checkouts.order('checkouts.created_at DESC').page(1)) assigns(:checkouts).total_entries.should eq users(:user1).checkouts.count response.should be_success end it "should be forbidden if other's username is specified" do user = users(:user3) get :index, user_id: user.username assigns(:checkouts).should be_nil response.should be_forbidden end it "should get my index feed" do get :index, format: 'rss' response.should be_success assigns(:checkouts).should eq(users(:user1).checkouts.order('checkouts.created_at DESC').page(1)) end it "should get my index with user_id" do get :index, user_id: users(:user1).username assigns(:checkouts).should be_nil response.should redirect_to checkouts_url end it "should get my index in txt format" do get :index, user_id: users(:user1).username, format: 'txt' response.should redirect_to checkouts_url(format: :txt) assigns(:checkouts).should be_nil end it "should get my index in rss format" do get :index, user_id: users(:user1).username, format: 'rss' response.should redirect_to checkouts_url(format: :rss) assigns(:checkouts).should be_nil end it "should not get other user's index" do get :index, user_id: users(:admin).username response.should be_forbidden end end describe "When not logged in" do it "assigns nil as @checkouts" do get :index assigns(:checkouts).should be_nil response.should redirect_to(new_user_session_url) end it "assigns his own checkouts as @checkouts" do token = "577830b08ecf9c4c4333d599a57a6f44a7fe76c0" user = Profile.where(checkout_icalendar_token: token).first.user get :index, icalendar_token: token assigns(:checkouts).should eq user.checkouts.not_returned.order('checkouts.id DESC') response.should be_success end it "should get ics template" do token = "577830b08ecf9c4c4333d599a57a6f44a7fe76c0" user = Profile.where(checkout_icalendar_token: token).first.user get :index, icalendar_token: token, format: :ics assigns(:checkouts).should eq user.checkouts.not_returned.order('checkouts.id DESC') response.should be_success end end end describe "GET show" do describe "When logged in as Administrator" do login_fixture_admin it "should show other user's content" do get :show, id: 3 response.should be_success end end describe "When logged in as Librarian" do login_fixture_librarian it "should show other user's content" do get :show, id: 3 response.should be_success end end describe "When logged in as User" do login_fixture_user it "should show my account" do get :show, id: 3 response.should be_success assigns(:checkout).should eq checkouts(:checkout_00003) end it "should not show other user's checkout" do get :show, id: 1 response.should be_forbidden assigns(:checkout).should eq checkouts(:checkout_00001) end end describe "When not logged in" do it "should not assign the requested checkout as @checkout" do get :show, id: 1 response.should redirect_to new_user_session_url end end end describe "GET edit" do describe "When logged in as Administrator" do login_fixture_admin it "should edit other user's checkout" do get :edit, id: 3 response.should be_success end end describe "When logged in as Librarian" do login_fixture_librarian it "should edit other user's checkout" do get :edit, id: 3 response.should be_success end end describe "When logged in as User" do login_fixture_user it "should edit my checkout" do sign_in users(:user1) get :edit, id: 3 response.should be_success end it "should not edit other user's checkout" do get :edit, id: 1 response.should be_forbidden end end describe "When not logged in" do it "should not edit checkout" do get :edit, id: 1 response.should redirect_to new_user_session_url end end end describe "PUT update" do before(:each) do @checkout = checkouts(:checkout_00003) @attrs = {due_date: 1.day.from_now} @invalid_attrs = {item_identifier: 'invalid'} end describe "When logged in as Administrator" do login_fixture_admin describe "with valid params" do it "updates the requested checkout" do put :update, id: @checkout.id, checkout: @attrs end it "assigns the requested checkout as @checkout" do old_due_date = @checkout.due_date put :update, id: @checkout.id, checkout: @attrs assigns(:checkout).should eq(@checkout) response.should redirect_to(assigns(:checkout)) assigns(:checkout).due_date.should eq 1.day.from_now.end_of_day end end describe "with invalid params" do it "assigns the requested checkout as @checkout" do put :update, id: @checkout.id, checkout: @invalid_attrs end it "should ignore item_id" do put :update, id: @checkout.id, checkout: @invalid_attrs response.should redirect_to(assigns(:checkout)) assigns(:checkout).changed?.should be_falsy end end it "should remove its own checkout history" do put :remove_all, user_id: users(:user1).username users(:user1).checkouts.returned.count.should eq 0 response.should redirect_to checkouts_url end it "should not remove other checkout history" do put :remove_all, user_id: users(:user2).username users(:user1).checkouts.returned.count.should_not eq 0 response.should redirect_to checkouts_url end end describe "When logged in as Librarian" do login_fixture_librarian describe "with valid params" do it "updates the requested checkout" do put :update, id: @checkout.id, checkout: @attrs, user_id: @checkout.user.username end it "assigns the requested checkout as @checkout" do put :update, id: @checkout.id, checkout: @attrs, user_id: @checkout.user.username assigns(:checkout).should eq(@checkout) response.should redirect_to(assigns(:checkout)) end end describe "with invalid params" do it "assigns the checkout as @checkout" do put :update, id: @checkout.id, checkout: @invalid_attrs, user_id: @checkout.user.username assigns(:checkout).should be_valid end it "should ignore item_id" do put :update, id: @checkout.id, checkout: @invalid_attrs, user_id: @checkout.user.username response.should redirect_to(assigns(:checkout)) end end it "should update checkout item that is reserved" do put :update, id: 8, checkout: { } assigns(:checkout).errors[:base].include?(I18n.t('checkout.this_item_is_reserved')).should be_truthy response.should be_success end it "should update other user's checkout" do put :update, id: 1, checkout: { } response.should redirect_to checkout_url(assigns(:checkout)) end it "should remove its own checkout history" do put :remove_all, user_id: users(:user1).username users(:user1).checkouts.returned.count.should eq 0 response.should redirect_to checkouts_url end it "should not remove other checkout history" do put :remove_all, user_id: users(:user2).username users(:user1).checkouts.returned.count.should_not eq 0 response.should redirect_to checkouts_url end end describe "When logged in as User" do login_fixture_user describe "with valid params" do it "updates the requested checkout" do put :update, id: checkouts(:checkout_00001).id, checkout: @attrs end it "assigns the requested checkout as @checkout" do put :update, id: checkouts(:checkout_00001).id, checkout: @attrs assigns(:checkout).should eq(checkouts(:checkout_00001)) response.should be_forbidden end end describe "with invalid params" do it "assigns the requested checkout as @checkout" do put :update, id: checkouts(:checkout_00001).id, checkout: @attrs response.should be_forbidden end end it "should not update other user's checkout" do put :update, id: 1, checkout: { } response.should be_forbidden end it "should not update checkout already renewed" do put :update, id: 9, checkout: { } assigns(:checkout).errors[:base].include?(I18n.t('checkout.excessed_renewal_limit')).should be_truthy response.should be_success end it "should update my checkout" do put :update, id: 3, checkout: { } assigns(:checkout).should be_valid response.should redirect_to checkout_url(assigns(:checkout)) end it "should not update checkout without item_id" do put :update, id: 3, checkout: {item_id: nil} assigns(:checkout).should be_valid response.should redirect_to(assigns(:checkout)) assigns(:checkout).changed?.should be_falsy end it "should remove its own checkout history" do put :remove_all, user_id: users(:user1).username assigns(:user).checkouts.returned.count.should eq 0 response.should redirect_to checkouts_url end it "should not remove other checkout history" do put :remove_all, user_id: users(:admin).username assigns(:user).checkouts.returned.count.should eq 0 response.should be_forbidden end end describe "When not logged in" do describe "with valid params" do it "updates the requested checkout" do put :update, id: @checkout.id, checkout: @attrs, user_id: @checkout.user.username end it "should be forbidden" do put :update, id: @checkout.id, checkout: @attrs, user_id: @checkout.user.username response.should redirect_to(new_user_session_url) end end describe "with invalid params" do it "assigns the requested checkout as @checkout" do put :update, id: @checkout.id, checkout: @invalid_attrs, user_id: @checkout.user.username response.should redirect_to(new_user_session_url) end end end end describe "DELETE destroy" do before(:each) do @checkout = checkouts(:checkout_00003) @returned_checkout = checkouts(:checkout_00012) end describe "When logged in as Administrator" do login_fixture_admin it "destroys the requested checkout" do delete :destroy, id: @checkout.id end it "should not destroy the checkout that is not checked in" do delete :destroy, id: @checkout.id response.should be_forbidden end it "redirects to the checkouts list" do delete :destroy, id: @returned_checkout.id response.should redirect_to(checkouts_url(user_id: @returned_checkout.user.username)) end end describe "When logged in as Librarian" do login_fixture_librarian it "destroys the requested checkout" do delete :destroy, id: @checkout.id end it "should not destroy the checkout that is not checked in" do delete :destroy, id: @checkout.id response.should be_forbidden end it "redirects to the checkouts list" do delete :destroy, id: @returned_checkout.id response.should redirect_to(checkouts_url(user_id: @returned_checkout.user.username)) end end describe "When logged in as User" do login_fixture_user it "destroys the requested checkout" do delete :destroy, id: checkouts(:checkout_00001).id end it "should be forbidden" do delete :destroy, id: checkouts(:checkout_00001).id response.should be_forbidden end it "should destroy my checkout" do delete :destroy, id: 13 response.should redirect_to checkouts_url(user_id: users(:user1).username) end end describe "When not logged in" do it "destroys the requested checkout" do delete :destroy, id: @checkout.id, user_id: @checkout.user.username end it "should be forbidden" do delete :destroy, id: @checkout.id, user_id: @checkout.user.username response.should redirect_to(new_user_session_url) end end end end