mirror of https://github.com/fspc/BikeShed-1.git
72 lines
1.8 KiB
72 lines
1.8 KiB
require 'spec_helper'
|
|
|
|
describe Api::V1::UsersController do
|
|
|
|
describe "#password_reset" do
|
|
|
|
context "as a user" do
|
|
before(:each) do
|
|
@user = FactoryGirl.create(:user)
|
|
sign_in @user
|
|
end
|
|
|
|
it "returns 403" do
|
|
post :password_reset
|
|
expect(@response.code.to_i).to eql 403
|
|
end
|
|
|
|
it "returns an error message" do
|
|
post :password_reset
|
|
json = JSON.parse(@response.body)
|
|
expect(json["errors"].first).to eql Api::V1::UsersController::CANNOT_MANAGE
|
|
end
|
|
|
|
end
|
|
|
|
context "as an admin" do
|
|
before(:each) do
|
|
@user = FactoryGirl.create(:admin)
|
|
sign_in @user
|
|
end
|
|
|
|
it "forbids a user to reset their own password" do
|
|
post :password_reset, user_id: @user.id
|
|
expect(@response.code.to_i).to eql 403
|
|
json = JSON.parse(@response.body)
|
|
expect(json["errors"].first).to eql Api::V1::UsersController::NOT_ALLOWED
|
|
end
|
|
|
|
context "with no user in json data" do
|
|
it "returns 404" do
|
|
post :password_reset
|
|
expect(@response.code.to_i).to eql 404
|
|
end
|
|
|
|
it "returns an error message" do
|
|
post :password_reset
|
|
json = JSON.parse(@response.body)
|
|
expect(json["errors"].first).to eql Api::V1::UsersController::NOT_FOUND
|
|
end
|
|
end
|
|
|
|
context "another user exists" do
|
|
before(:each) do
|
|
@user2 = FactoryGirl.create(:user)
|
|
end
|
|
|
|
it "returns 200" do
|
|
post :password_reset, user_id: @user2.id
|
|
expect(@response.code.to_i).to eql 200
|
|
end
|
|
|
|
it "returns that users new password" do
|
|
post :password_reset, user_id: @user2.id
|
|
json = JSON.parse(@response.body)
|
|
expect(json["password"].length).to eql Api::V1::UsersController::PASS_LENGTH
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
end
|
|
end
|
|
|