2015-10-11 17:41:23 +08:00
|
|
|
require 'rails_helper'
|
2013-02-06 03:16:51 +08:00
|
|
|
|
|
|
|
describe Admin::ImpersonateController do
|
|
|
|
|
|
|
|
it "is a subclass of AdminController" do
|
2015-01-10 01:04:02 +08:00
|
|
|
expect(Admin::ImpersonateController < Admin::AdminController).to eq(true)
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'while logged in as an admin' do
|
|
|
|
let!(:admin) { log_in(:admin) }
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
context 'index' do
|
|
|
|
it 'returns success' do
|
2017-08-31 12:06:56 +08:00
|
|
|
get :index, format: :json
|
2015-01-10 01:04:02 +08:00
|
|
|
expect(response).to be_success
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'create' do
|
|
|
|
|
|
|
|
it 'requires a username_or_email parameter' do
|
2017-08-31 12:06:56 +08:00
|
|
|
expect { put :create, format: :json }.to raise_error(ActionController::ParameterMissing)
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns 404 when that user does not exist' do
|
2017-08-31 12:06:56 +08:00
|
|
|
post :create, params: { username_or_email: 'hedonismbot' }, format: :json
|
2015-01-10 01:04:02 +08:00
|
|
|
expect(response.status).to eq(404)
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
it "raises an invalid access error if the user can't be impersonated" do
|
|
|
|
Guardian.any_instance.expects(:can_impersonate?).with(user).returns(false)
|
2017-08-31 12:06:56 +08:00
|
|
|
post :create, params: { username_or_email: user.email }, format: :json
|
2015-01-10 01:04:02 +08:00
|
|
|
expect(response).to be_forbidden
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'success' do
|
|
|
|
|
2014-11-06 17:58:47 +08:00
|
|
|
it "logs the impersonation" do
|
|
|
|
StaffActionLogger.any_instance.expects(:log_impersonate)
|
2017-08-31 12:06:56 +08:00
|
|
|
post :create, params: { username_or_email: user.username }, format: :json
|
2014-11-06 17:58:47 +08:00
|
|
|
end
|
|
|
|
|
2013-02-06 03:16:51 +08:00
|
|
|
it "changes the current user session id" do
|
2017-08-31 12:06:56 +08:00
|
|
|
post :create, params: { username_or_email: user.username }, format: :json
|
2015-01-10 01:04:02 +08:00
|
|
|
expect(session[:current_user_id]).to eq(user.id)
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
it "returns success" do
|
2017-08-31 12:06:56 +08:00
|
|
|
post :create, params: { username_or_email: user.email }, format: :json
|
2015-01-10 01:04:02 +08:00
|
|
|
expect(response).to be_success
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
it "also works with an email address" do
|
2017-08-31 12:06:56 +08:00
|
|
|
post :create, params: { username_or_email: user.email }, format: :json
|
2015-01-10 01:04:02 +08:00
|
|
|
expect(session[:current_user_id]).to eq(user.id)
|
2013-02-26 00:42:20 +08:00
|
|
|
end
|
2013-02-06 03:16:51 +08:00
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|