require 'spec_helper' describe Api::V1::UsersController do describe "#password_reset" do context "as a user" do before(:each) do @user = FactoryGirl.create(:user) sign_in @user end it "returns 403" do post :password_reset expect(@response.code.to_i).to eql 403 end it "returns an error message" do post :password_reset json = JSON.parse(@response.body) expect(json["errors"].first).to eql Api::V1::UsersController::CANNOT_MANAGE end end context "as an admin" do before(:each) do @user = FactoryGirl.create(:admin) sign_in @user end it "forbids a user to reset their own password" do post :password_reset, user_id: @user.id expect(@response.code.to_i).to eql 403 json = JSON.parse(@response.body) expect(json["errors"].first).to eql Api::V1::UsersController::NOT_ALLOWED end context "with no user in json data" do it "returns 404" do post :password_reset expect(@response.code.to_i).to eql 404 end it "returns an error message" do post :password_reset json = JSON.parse(@response.body) expect(json["errors"].first).to eql Api::V1::UsersController::NOT_FOUND end end context "another user exists" do before(:each) do @user2 = FactoryGirl.create(:user) end it "returns 200" do post :password_reset, user_id: @user2.id expect(@response.code.to_i).to eql 200 end it "returns that users new password" do post :password_reset, user_id: @user2.id json = JSON.parse(@response.body) expect(json["password"].length).to eql Api::V1::UsersController::PASS_LENGTH end end end end end