Velocipede's User, Sales, and Bike Inventory Web App
 
 
 
 
 
 

72 lines
1.8 KiB

require 'spec_helper'
describe Api::V1::UsersController do
describe "#password_reset" do
context "as a user" do
before(:each) do
@user = FactoryGirl.create(:user)
sign_in @user
end
it "returns 403" do
post :password_reset
expect(@response.code.to_i).to eql 403
end
it "returns an error message" do
post :password_reset
json = JSON.parse(@response.body)
expect(json["errors"].first).to eql Api::V1::UsersController::CANNOT_MANAGE
end
end
context "as an admin" do
before(:each) do
@user = FactoryGirl.create(:admin)
sign_in @user
end
it "forbids a user to reset their own password" do
post :password_reset, user_id: @user.id
expect(@response.code.to_i).to eql 403
json = JSON.parse(@response.body)
expect(json["errors"].first).to eql Api::V1::UsersController::NOT_ALLOWED
end
context "with no user in json data" do
it "returns 404" do
post :password_reset
expect(@response.code.to_i).to eql 404
end
it "returns an error message" do
post :password_reset
json = JSON.parse(@response.body)
expect(json["errors"].first).to eql Api::V1::UsersController::NOT_FOUND
end
end
context "another user exists" do
before(:each) do
@user2 = FactoryGirl.create(:user)
end
it "returns 200" do
post :password_reset, user_id: @user2.id
expect(@response.code.to_i).to eql 200
end
it "returns that users new password" do
post :password_reset, user_id: @user2.id
json = JSON.parse(@response.body)
expect(json["password"].length).to eql Api::V1::UsersController::PASS_LENGTH
end
end
end
end
end