kanbanworkflowstimelinescrumrubyroadmapproject-planningproject-managementopenprojectangularissue-trackerifcgantt-chartganttbug-trackerboardsbcf
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
182 lines
5.7 KiB
182 lines
5.7 KiB
#-- copyright
|
|
# OpenProject is a project management system.
|
|
#
|
|
# Copyright (C) 2012-2013 the OpenProject Team
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License version 3.
|
|
#
|
|
# See doc/COPYRIGHT.rdoc for more details.
|
|
#++
|
|
|
|
require 'spec_helper'
|
|
|
|
describe UsersController do
|
|
before do
|
|
User.delete_all
|
|
end
|
|
|
|
let(:user) { FactoryGirl.create(:user) }
|
|
let(:admin) { FactoryGirl.create(:admin) }
|
|
|
|
describe "GET deletion_info" do
|
|
|
|
describe "WHEN the current user is the requested user
|
|
WHEN the setting users_deletable_by_self is set to true" do
|
|
let(:params) { { "id" => user.id.to_s } }
|
|
|
|
before do
|
|
@controller.stub!(:find_current_user).and_return(user)
|
|
Setting.stub!(:users_deletable_by_self?).and_return(true)
|
|
|
|
get :deletion_info, params
|
|
end
|
|
|
|
it { response.should be_success }
|
|
it { assigns(:user).should == user }
|
|
it { response.should render_template("deletion_info") }
|
|
end
|
|
|
|
describe "WHEN the current user is the requested user
|
|
WHEN the setting users_deletable_by_self is set to false" do
|
|
let(:params) { { "id" => user.id.to_s } }
|
|
|
|
before do
|
|
@controller.stub!(:find_current_user).and_return(user)
|
|
Setting.stub!(:users_deletable_by_self?).and_return(false)
|
|
|
|
get :deletion_info, params
|
|
end
|
|
|
|
it { response.response_code.should == 404 }
|
|
end
|
|
|
|
describe "WHEN the current user is the anonymous user" do
|
|
let(:params) { { "id" => User.anonymous.id.to_s } }
|
|
|
|
before do
|
|
@controller.stub!(:find_current_user).and_return(User.anonymous)
|
|
|
|
get :deletion_info, params
|
|
end
|
|
|
|
it { response.should redirect_to({ :controller => 'account',
|
|
:action => 'login',
|
|
:back_url => @controller.url_for({ :controller => 'users',
|
|
:action => 'deletion_info' }) }) }
|
|
end
|
|
|
|
describe "WHEN the current user is admin
|
|
WHEN the setting users_deletable_by_admins is set to true" do
|
|
let(:admin) { FactoryGirl.create(:admin) }
|
|
let(:params) { { "id" => user.id.to_s } }
|
|
|
|
before do
|
|
@controller.stub!(:find_current_user).and_return(admin)
|
|
Setting.stub!(:users_deletable_by_admins?).and_return(true)
|
|
|
|
get :deletion_info, params
|
|
end
|
|
|
|
it { response.should be_success }
|
|
it { assigns(:user).should == user }
|
|
it { response.should render_template("deletion_info") }
|
|
end
|
|
|
|
describe "WHEN the current user is admin
|
|
WHEN the setting users_deletable_by_admins is set to false" do
|
|
let(:admin) { FactoryGirl.create(:admin) }
|
|
let(:params) { { "id" => user.id.to_s } }
|
|
|
|
before do
|
|
@controller.stub!(:find_current_user).and_return(admin)
|
|
Setting.stub!(:users_deletable_by_admins?).and_return(false)
|
|
|
|
get :deletion_info, params
|
|
end
|
|
|
|
it { response.response_code.should == 404 }
|
|
end
|
|
end
|
|
|
|
describe "POST destroy" do
|
|
describe "WHEN the current user is the requested one
|
|
WHEN the setting users_deletable_by_self is set to true" do
|
|
let(:params) { { "id" => user.id.to_s } }
|
|
|
|
before do
|
|
@controller.instance_eval{ flash.stub!(:sweep) }
|
|
@controller.stub!(:find_current_user).and_return(user)
|
|
Setting.stub!(:users_deletable_by_self?).and_return(true)
|
|
|
|
post :destroy, params
|
|
end
|
|
|
|
it { response.should redirect_to({ :controller => 'account', :action => 'login' }) }
|
|
it { flash[:notice].should == I18n.t('account.deleted') }
|
|
end
|
|
|
|
describe "WHEN the current user is the requested one
|
|
WHEN the setting users_deletable_by_self is set to false" do
|
|
let(:params) { { "id" => user.id.to_s } }
|
|
|
|
before do
|
|
@controller.instance_eval{ flash.stub!(:sweep) }
|
|
@controller.stub!(:find_current_user).and_return(user)
|
|
Setting.stub!(:users_deletable_by_self?).and_return(false)
|
|
|
|
post :destroy, params
|
|
end
|
|
|
|
it { response.response_code.should == 404 }
|
|
end
|
|
|
|
describe "WHEN the current user is the anonymous user
|
|
EVEN when the setting login_required is set to false" do
|
|
let(:params) { { "id" => User.anonymous.id.to_s } }
|
|
|
|
before do
|
|
@controller.stub!(:find_current_user).and_return(User.anonymous)
|
|
Setting.stub!(:login_required?).and_return(false)
|
|
|
|
post :destroy, params
|
|
end
|
|
|
|
# redirecting post is not possible for now
|
|
it { response.response_code.should == 403 }
|
|
end
|
|
|
|
describe "WHEN the current user is the admin
|
|
WHEN the setting users_deletable_by_admins is set to true" do
|
|
let(:admin) { FactoryGirl.create(:admin) }
|
|
let(:params) { { "id" => user.id.to_s } }
|
|
|
|
before do
|
|
@controller.instance_eval{ flash.stub!(:sweep) }
|
|
@controller.stub!(:find_current_user).and_return(admin)
|
|
Setting.stub!(:users_deletable_by_admins?).and_return(true)
|
|
|
|
post :destroy, params
|
|
end
|
|
|
|
it { response.should redirect_to({ :controller => 'users', :action => 'index' }) }
|
|
it { flash[:notice].should == I18n.t('account.deleted') }
|
|
end
|
|
|
|
describe "WHEN the current user is the admin
|
|
WHEN the setting users_deletable_by_admins is set to false" do
|
|
let(:admin) { FactoryGirl.create(:admin) }
|
|
let(:params) { { "id" => user.id.to_s } }
|
|
|
|
before do
|
|
@controller.instance_eval{ flash.stub!(:sweep) }
|
|
@controller.stub!(:find_current_user).and_return(admin)
|
|
Setting.stub!(:users_deletable_by_admins).and_return(false)
|
|
|
|
post :destroy, params
|
|
end
|
|
|
|
it { response.response_code.should == 404 }
|
|
end
|
|
end
|
|
end
|
|
|