require 'spec_helper'# this file is located in scec/requests/authentication_pa

1. require 'spec_helper'
2. # this file is located in scec/requests/authentication_pages_spec.rb
3. describe "Authentication" do
4.  
5.   subject { page }
6.  
7.   describe "signin page" do
8.     before { visit signin_path }
9.  
10.     it { should have_selector('h1',    text: 'Sign in') }
11.     it { should have_selector('title', text: 'Sign in') }
12.  
13.     describe "before signing in" do
14.       it { should_not have_selector('a', text: 'Profile') }
15.       it { should_not have_selector('a', text: 'Settings') }
16.     end
17.   end
18.  
19.   describe "signin" do
20.     before { visit signin_path }
21.  
22.     describe "with invalid information" do
23.       before { click_button "Sign in" }
24.  
25.       it { should have_selector('title', text: 'Sign in') }
26.       it { should have_selector('div.alert.alert-error', text: "Invalid") }
27.  
28.       describe "after visiting another page" do
29.         before { click_link "Home" }
30.  
31.         it { should_not have_selector('div.alert.alert-error') }
32.       end
33.     end
34.  
35.     describe "with valid information" do
36.       let(:user) { FactoryGirl.create(:user) }
37.       before { sign_in user }
38.  
39.       it { should have_selector('title', text: user.name) }
40.  
41.       it { should have_link('Users', href: users_path) }
42.       it { should have_link('Profile', href: user_path(user)) }
43.       it { should have_link('Settings', href: edit_user_path(user)) }
44.       it { should have_link('Sign out', href: signout_path) }
45.  
46.       it { should_not have_link('Sign in', href: signin_path) }
47.  
48.       describe "followed by signout" do
49.         before { click_link "Sign out" }
50.         it { should have_link('Sign in') }
51.       end
52.     end
53.   end
54.  
55.   describe "authorization" do
56.    
57.     describe "in the Users controller" do
58.       let(:user) { FactoryGirl.create(:user) }
59.  
60.       describe "visiting the edit page" do
61.         before { visit edit_user_path(user) }
62.         it { should have_selector('title', text: 'Sign in') }
63.       end
64.  
65.       describe "submitting to the update action" do
66.         before { put user_path(user) }
67.         specify { response.should redirect_to(signin_path) }
68.       end
69.  
70.       describe "visiting the user index" do
71.         before { visit users_path }
72.         it { should have_selector('title', text: 'Sign in') }
73.       end
74.  
75.       describe "after sign in" do
76.         before { sign_in user }
77.         let(:message) { "Good news! You're are already signed in." }
78.  
79.         describe "submitting to the the new/signup action" do
80.           before { put signup_path }
81.           it { response.should redirect_to(root_path) }
82.           after { flash[:notice].should == message }
83.         end
84.  
85.         describe "submitting to the the create action" do
86.           before { post users_path(user) }
87.           specify { response.should redirect_to(root_path) }
88.           after { flash[:notice].should == message }
89.         end
90.       end
91.     end
92.  
93.     describe "as wrong user" do
94.       let(:user) { FactoryGirl.create(:user) }
95.       let(:wrong_user) { FactoryGirl.create(:user, email: "wrong@example.com") }
96.  
97.       before { sign_in user }
98.  
99.       describe "visiting Users#edit page" do
100.         before { visit edit_user_path(wrong_user) }
101.         it { should_not have_selector('title', text: full_title('Edit user')) }
102.       end
103.  
104.       describe "submitting a PUT request to the Users#update action" do
105.         before { put user_path(wrong_user) }
106.         specify { response.should redirect_to(root_path) }
107.       end
108.     end
109.  
110.     describe "for non-signed-in users" do
111.       let(:user) {FactoryGirl.create(:user) }
112.  
113.       describe "when attempting to visit a protected page" do
114.         before do
115.           visit edit_user_path(user)
116.           fill_in "Email", with: user.email
117.           fill_in "Password", with: user.password
118.           click_button "Sign in"
119.         end
120.  
121.         describe "after signing in" do
122.           it "should render the desired protected page" do
123.             page.should have_selector('title', text: 'Edit user')
124.           end
125.  
126.           describe "when signing in again" do
127.             before do
128.               delete signout_path
129.               visit signin_path
130.               fill_in "Email",    with: user.email
131.               fill_in "Password", with: user.password
132.               click_button "Sign in"
133.             end
134.  
135.             it "should render the default (profile) page" do
136.               page.should have_selector('title', text: user.name)
137.             end
138.           end
139.         end
140.       end
141.     end
142.  
143.     describe "as non-admin user" do
144.       let(:user) { FactoryGirl.create(:user) }
145.       let(:non_admin) { FactoryGirl.create(:user) }
146.  
147.       before { sign_in non_admin }
148.  
149.       describe "submitting a DELETE request to the Users#destroy action" do
150.         before { delete user_path(user) }
151.         specify { response.should redirect_to(root_path) }
152.       end
153.     end
154.   end
155. end