69 lines
1.7 KiB
Ruby
69 lines
1.7 KiB
Ruby
|
# frozen_string_literal: true
|
||
|
|
||
|
require 'test_helper'
|
||
|
|
||
|
class UsersControllerTest < ActionDispatch::IntegrationTest
|
||
|
test "admin can list users" do
|
||
|
get v1_users_url, headers: auth_headers(users(:admin))
|
||
|
|
||
|
assert_response :success
|
||
|
end
|
||
|
|
||
|
test "admin can create user" do
|
||
|
assert_difference('User.count') do
|
||
|
post v1_users_url, params: { user: {
|
||
|
display_name: 'some user',
|
||
|
email: 'new.user@mailinator.com',
|
||
|
password: 'password',
|
||
|
password_confirmation: 'password'
|
||
|
} }, headers: auth_headers(users(:admin))
|
||
|
end
|
||
|
|
||
|
assert_response :created
|
||
|
end
|
||
|
|
||
|
test "admin can view users" do
|
||
|
get v1_user_url(users(:admin)), headers: auth_headers(users(:admin))
|
||
|
|
||
|
assert_response :success
|
||
|
end
|
||
|
|
||
|
test "admin can update user" do
|
||
|
patch v1_user_url(users(:admin)), params: { user: {
|
||
|
display_name: 'I am admin'
|
||
|
} }, headers: auth_headers(users(:admin))
|
||
|
|
||
|
assert_response :ok
|
||
|
end
|
||
|
|
||
|
test "admin can destroy user" do
|
||
|
assert_difference('User.count', -1) do
|
||
|
delete v1_user_url(users(:admin)), headers: auth_headers(users(:admin))
|
||
|
end
|
||
|
|
||
|
assert_response :no_content
|
||
|
end
|
||
|
|
||
|
test "author can view herself" do
|
||
|
get v1_user_url(users(:author)), headers: auth_headers(users(:author))
|
||
|
|
||
|
assert_response :success
|
||
|
end
|
||
|
|
||
|
test "author can update herself" do
|
||
|
patch v1_user_url(users(:author)), params: { user: {
|
||
|
display_name: 'I am author!'
|
||
|
} }, headers: auth_headers(users(:author))
|
||
|
|
||
|
assert_response :ok
|
||
|
end
|
||
|
|
||
|
test "sally CANNOT update phil" do
|
||
|
patch v1_user_url(users(:author)), params: { user: {
|
||
|
display_name: 'I am author!'
|
||
|
} }, headers: auth_headers(users(:sally))
|
||
|
|
||
|
assert_response :unauthorized
|
||
|
end
|
||
|
end
|