Untitled

require File.dirname(__FILE__) + '/../test_helper'
require 'session_controller'

# Re-raise errors caught by the controller.
class SessionController; def rescue_action(e) raise e end; end

class SessionControllerTest < Test::Unit::TestCase
  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead
  # Then, you can remove it from this and the units test.
  include AuthenticatedTestHelper

  fixtures :site_users

  def setup
    @controller = SessionController.new
    @request    = ActionController::TestRequest.new
    @response   = ActionController::TestResponse.new

  end

  def test_should_login_and_redirect
    post :create, :email => 'quentin@example.com', :password => 'asdfasdf'
    assert session[:site_user], 'A session should be created.'
    assert_response :redirect, 'The application should redirect.'
  end

  def test_should_login_via_xhr
    xhr :post, :create, :email => 'quentin@example.com', :password => 'asdfasdf'
    assert session[:site_user], 'A session should be created.'
    assert_template "create.rjs"
    assert_rjs :replace_html, 'signup'
    assert_rjs :call, 'Modalbox.hide'
  end

  def test_should_fail_login_and_not_redirect
    post :create, :email => 'quentin@example.com', :password => 'bad password'
    assert_nil session[:site_user]
  end

  def test_should_fail_login_via_xhr
    xhr :post, :create, :email => 'quentin@example.com', :password => 'bad password'
    assert_nil session[:site_user]
  end

  def test_should_logout
    login_as :quentin
    get :destroy
    assert_nil session[:site_user]
    assert_response :redirect
  end

  def test_should_remember_me
    post :create, :email => 'quentin@example.com', :password => 'asdfasdf', :remember_me => "1"
    assert_not_nil @response.cookies["auth_token"]
  end

  def test_should_not_remember_me
    post :create, :email => 'quentin@example.com', :password => 'asdfasdf', :remember_me => "0"
    assert_nil @response.cookies["auth_token"]
  end

  def test_should_delete_token_on_logout
    login_as :quentin
    get :destroy
    assert_equal @response.cookies["auth_token"], []
  end

  def test_should_login_with_cookie
    site_users(:quentin).remember_me
    @request.cookies["auth_token"] = cookie_for(:quentin)
    get :new
    assert @controller.send(:logged_in?)
  end

  def test_should_fail_expired_cookie_login
    site_users(:quentin).remember_me
    site_users(:quentin).update_attribute :remember_token_expires_at, 5.minutes.ago
    @request.cookies["auth_token"] = cookie_for(:quentin)
    get :new
    assert !@controller.send(:logged_in?)
  end

  def test_should_fail_cookie_login
    site_users(:quentin).remember_me
    @request.cookies["auth_token"] = auth_token('invalid_auth_token')
    get :new
    assert !@controller.send(:logged_in?)
  end

  def test_should_show_forgot_password_via_xhr
    xhr :get, :forgot_password
    assert_template 'forgot_password.rjs'
    assert_rjs :replace_html, 'errors'
    assert_rjs :replace_html, 'login'
  end

  def test_should_send_reset_password_email
    num_deliveries = ActionMailer::Base.deliveries.size
    post :start_forgot_password_process, :email => site_users(:quentin).email
    assert_equal num_deliveries+1, ActionMailer::Base.deliveries.size
  end

  def test_should_send_reset_password_email_via_xhr
    num_deliveries = ActionMailer::Base.deliveries.size
    xhr :post, :start_forgot_password_process, :email => site_users(:quentin).email
    assert_equal num_deliveries+1, ActionMailer::Base.deliveries.size
    assert_template 'start_forgot_password_process.rjs'
  end

  def test_should_allow_reset_password_form
    setup_site_user_reset_code
    get :reset_password, :reset_code => '9e513bee9aa1e2060692760bf0695c97921688a9'
    assert_template 'reset_password'
  end

  def test_should_not_allow_reset_password_form_with_bad_reset_code
    setup_site_user_reset_code
    get :reset_password, :reset_code => 'bad reset code'
    assert_template 'reset_password_error'
  end

  def test_should_not_allow_reset_password_form_with_no_reset_code
    get :reset_password, :reset_code => '9e513bee9aa1e2060692760bf0695c97921688a9'
    assert_template 'reset_password_error'
  end

  def test_should_reset_password_and_send_confirmation_email
    num_deliveries = ActionMailer::Base.deliveries.size
    setup_site_user_reset_code
    put :reset_password_update, :id => site_users(:quentin).id,
                      :site_user => { :password => '123456789',
                                      :password_confirmation => '123456789' }
    assert !flash[:errors], assigns(:site_user).errors.full_messages.to_sentence
    assert_equal num_deliveries+1, ActionMailer::Base.deliveries.size
  end

  def test_should_not_reset_password_and_not_send_confirmation_email
    num_deliveries = ActionMailer::Base.deliveries.size
    put :reset_password_update, :id => site_users(:quentin).id,
                      :site_user => { :password => '123456789',
                                      :password_confirmation => '123456789' }
    assert flash[:errors], assigns(:site_user).errors.full_messages.to_sentence
    assert_equal num_deliveries, ActionMailer::Base.deliveries.size
  end

  protected

    def setup_site_user_reset_code
      site_users(:quentin).reset_code = '9e513bee9aa1e2060692760bf0695c97921688a9'
      site_users(:quentin).reset_at = 1.days.ago.to_s
      site_users(:quentin).save(false)
    end

    def auth_token(token)
      CGI::Cookie.new('name' => 'auth_token', 'value' => token)
    end

    def cookie_for(site_user)
      auth_token site_users(site_user).remember_token
    end
end