skill-assessment-app/test/controllers/admin/auth_controller_test.rb

# frozen_string_literal: true
require 'test_helper'

module Admin
  class AuthControllerTest < ActionDispatch::IntegrationTest
    include ActiveJob::TestHelper

    test "should get login" do
      get admin_login_url
      assert_response :success
      assert_template 'admin/auth/login'
    end

    test "should get logout" do
      post admin_auth_url, params: { auth:
          { email: 'alan.admin@mailinator.com', password: 'password' } }

      get admin_logout_url
      assert_redirected_to admin_login_url
      assert session[:user].nil?
    end

    test "should auth to dashboard" do
      post admin_auth_url, params: { auth:
          { email: 'alan.admin@mailinator.com', password: 'password' } }
      assert_redirected_to admin_url
    end

    test "should auth to original request" do
      elsie = candidates(:elsie)

      get admin_result_url(test_hash: elsie.test_hash)

      assert_redirected_to admin_login_url
      post admin_auth_url, params: { auth:
          { email: 'fed.reviewer@mailinator.com', password: 'password' } }

      assert_redirected_to admin_result_url(test_hash: elsie.test_hash)
    end

    test "should FAIL auth" do
      post admin_auth_url, params: { auth:
          { email: 'alan.admin@mailinator.com', password: 'b@d9a$$werD' } }
      assert_redirected_to admin_login_url
      assert_match(/incorrect.*password/i, flash[:error])
    end

    test "recruiter should auth to dashboard" do
      post admin_auth_url, params: { auth:
          { email: 'pda.recruiter@mailinator.com', password: 'password' } }
      assert_redirected_to admin_url
    end

    test "reviewer should auth to dashboard" do
      post admin_auth_url, params: { auth:
          { email: 'fed.reviewer@mailinator.com', password: 'password' } }
      assert_redirected_to admin_url
    end

    test "should get reset_request" do
      get admin_reset_request_url
      assert_response :success
    end

    test "should process a reset request" do
      user = users(:admin)
      assert_enqueued_jobs 1 do
        post admin_send_reset_url, params: { auth: { email: user.email } }
      end
      refute_equal user.reset_token, User.find(user.id).reset_token
      assert_redirected_to admin_reset_request_url
      assert_match(/request.*sent/i, flash[:success])
    end

    test "should redirect with invalid reset_token" do
      get admin_reset_url('fooBarBaz')
      assert_redirected_to admin_reset_request_url
    end

    test "should get reset form" do
      user = users(:admin)
      user.setup_reset
      get admin_reset_url(user.reset_token)
      assert :success
    end

    test "should post password reset" do
      user = users(:admin)
      user.setup_reset

      post admin_reset_password_url, params: { auth:
        { reset_token: user.reset_token, password: '12345', password_confirmation: '12345' } }

      assert_redirected_to admin_auth_path
      assert_match(/reset.*log/i, flash[:success])
    end

    test "should fail to reset with mistyped password" do
      user = users(:admin)
      user.setup_reset

      post admin_reset_password_url, params: { auth:
        { reset_token: user.reset_token, password: '12345', password_confirmation: 'abcde' } }

      assert :success
      assert flash[:error]
    end
  end
end