Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

webrat log

  • Loading branch information...
commit 6b82ea0a21b0ef41f7d79e14f85933521a0d822d 2 parents 8ea80a3 + 0c2e0f3
@lindagcaba authored
View
2  Gemfile
@@ -7,6 +7,7 @@ gem 'rails', '3.0.8'
gem 'sqlite3'
gem 'sqlite3-ruby',:require =>'sqlite3'
+gem 'gravatar_image_tag'
# Use unicorn as the web server
# gem 'unicorn'
@@ -30,5 +31,4 @@ gem 'sqlite3-ruby',:require =>'sqlite3'
gem 'webrat'
gem 'rspec-rails'
gem 'factory_girl_rails'
- gem 'gravatar_image_tag'
end
View
13 app/controllers/users_controller.rb
@@ -1,7 +1,8 @@
class UsersController < ApplicationController
- before_filter :authenticate, :only =>[:edit, :update]
+ before_filter :authenticate, :only =>[:edit, :update, :destroy]
before_filter :correct_user, :only =>[:edit,:update]
+ before_filter :admin_user, :only =>[:destroy]
def new
@title = "Sign up"
@user = User.new
@@ -51,6 +52,10 @@ def update
end
def destroy
+ @user = User.find(params[:id])
+ @user.destroy
+ flash[:success] = "Successfully Deleted User"
+ redirect_to users_path
end
private
def authenticate
@@ -60,5 +65,11 @@ def correct_user
@user = User.find(params[:id])
redirect_to root_path unless @user == current_user
end
+ def admin_user
+ if(current_user.admin == false)
+ flash[:error] = "Not Authorized"
+ redirect_to root_path
+ end
+ end
end
View
5 app/views/users/index.html.erb
@@ -1,5 +1,8 @@
<ul>
<% @users.each do |user| %>
- <li><%= user.name %></li>
+ <li><%= user.name %></li>
+ <% if current_user.nil? || current_user.admin? %>
+ <li> <%=link_to :delete , :destroy %> </li>
+ <%end%>
<%end%>
</ul>
View
9 db/migrate/20111225200206_add_addmin_to_users.rb
@@ -0,0 +1,9 @@
+class AddAddminToUsers < ActiveRecord::Migration
+ def self.up
+ add_column :users, :admin, :boolean, :default => false
+ end
+
+ def self.down
+ remove_column :users, :admin
+ end
+end
View
3  db/schema.rb
@@ -10,7 +10,7 @@
#
# It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20111120023709) do
+ActiveRecord::Schema.define(:version => 20111225200206) do
create_table "users", :force => true do |t|
t.string "name"
@@ -19,6 +19,7 @@
t.datetime "updated_at"
t.string "encrypted_password"
t.string "salt"
+ t.boolean "admin", :default => false
end
add_index "users", ["email"], :name => "index_users_on_email", :unique => true
View
49 spec/controllers/users_controller_spec.rb
@@ -206,6 +206,53 @@
response.should have_selector('li',:content => user.name)
end
end
-
+ end
+ describe "DELETE 'destroy'" do
+ before(:each) do
+ @admin_user = Factory(:user, :admin => true)
+ @non_admin_user1 = Factory(:user, :email => Factory.next(:email))
+ @non_admin_user2 = Factory(:user, :email => Factory.next(:email))
+ end
+ describe "for non-signed in users" do
+ it "should not allow deletion " do
+ lambda do
+ delete :destroy, :id => @non_admin_user2
+ end.should_not change(User, :count).by(-1)
+ end
+ it "should redirect to signin page " do
+ delete :destroy, :id => @non_admin_user2
+ response.should redirect_to signin_path
+ end
+ end
+ describe "for non-admin users" do
+ before(:each) do
+ test_sign_in(@non_admin_user1)
+ end
+ it "should not allow deletion" do
+ lambda do
+ delete :destroy, :id => @non_admin_user2
+ end.should_not change(User,:count).by(-1)
+ end
+ it "should redirect to root with error message" do
+ delete :destroy, :id => @non_admin_user2
+ response.should redirect_to(root_path)
+ flash[:error].should =~ /Not Authorized/i
+ end
+ end
+ describe "for admin users" do
+ before(:each) do
+ test_sign_in(@admin_user)
+ end
+ it "should delete the user" do
+ lambda do
+ delete :destroy, :id => @non_admin_user2
+ end.should change(User, :count).by(-1)
+ end
+ it "should redirect to index page when done" do
+ delete :destroy, :id => @non_admin_user2
+ response.should redirect_to(users_path)
+ flash[:success].should =~ / Deleted /i
+ end
+ end
end
end
View
15 spec/models/user_spec.rb
@@ -117,5 +117,20 @@
correct_pass_user.should == @user
end
end
+ describe "admin user" do
+ before(:each) do
+ @user = User.create!(@attr)
+ end
+ it "should have 'admin' attribute" do
+ @user.should respond_to(:admin)
+ end
+ it "should not be 'admin' by default" do
+ @user.should_not be_admin
+ end
+ it "should be convertible to admin" do
+ @user.toggle!(:admin)
+ @user.should be_admin
+ end
+ end
end
View
1,313 webrat.log
0 additions, 1,313 deletions not shown
Please sign in to comment.
Something went wrong with that request. Please try again.