diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 80f7a59..aaa02e1 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -1,4 +1,9 @@ class ProjectsController < ApplicationController + + # TODO: Delete this controller! It is no longer in use and `rake routes` does not even map to this any longer + + + before_filter :get_plan_list_columns, only: %i( index ) after_action :verify_authorized diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 06bdd83..a4154d9 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -17,6 +17,9 @@ def create existing_user = User.find_by(email: params[:user][:email]) if !existing_user.nil? + +# TODO: Not sure why we check for shib data in params and then use session value below. We should move this to the +# new user_identifiers table if !params[:shibboleth_data].nil? #after authentication verify if session[:shibboleth] exists existing_user.update_attributes(shibboleth_id: session[:shibboleth_data][:uid]) diff --git a/app/controllers/suggested_answers_controller.rb b/app/controllers/suggested_answers_controller.rb index bb53c6a..cfe3da0 100644 --- a/app/controllers/suggested_answers_controller.rb +++ b/app/controllers/suggested_answers_controller.rb @@ -9,7 +9,14 @@ if @suggested_answer.save redirect_to admin_show_phase_path(id: @suggested_answer.question.section.phase_id, section_id: @suggested_answer.question.section_id, question_id: @suggested_answer.question.id, edit: 'true'), notice: _('Information was successfully created.') else - render action: "phases/admin_show" + @phase = @suggested_answer.question.section.phase + @section = @suggested_answer.question.section + @open = true + @sections = @phase.sections + @section_id = @section.id + @question_id = @suggested_answer.question + flash[:notice] = failed_create_error(@suggested_answer, _('suggested answer')) + render "phases/admin_show" end end @@ -17,13 +24,14 @@ #update a suggested answer of a template def admin_update @suggested_answer = SuggestedAnswer.includes(question: { section: {phase: :template}}).find(params[:id]) - authorize @suggested_answer.question.section.phase.template - @question = @suggested_answer + authorize @suggested_answer #.question.section.phase.template + @question = @suggested_answer.question @section = @question.section @phase = @section.phase if @suggested_answer.update_attributes(params[:suggested_answer]) redirect_to admin_show_phase_path(id: @phase.id, section_id: @section.id, question_id: @question.id, edit: 'true'), notice: _('Information was successfully updated.') else + flash[:notice] = failed_update_error(@suggested_answer, _('suggested answer')) render action: "phases/admin_show" end end @@ -35,8 +43,11 @@ @question = @suggested_answer.question @section = @question.section @phase = @section.phase - @suggested_answer.destroy - redirect_to admin_show_phase_path(id: @phase.id, section_id: @section.id, edit: 'true'), notice: _('Information was successfully deleted.') + if @suggested_answer.destroy + redirect_to admin_show_phase_path(id: @phase.id, section_id: @section.id, edit: 'true'), notice: _('Information was successfully deleted.') + else + redirect_to admin_show_phase_path(id: @phase.id, section_id: @section.id, edit: 'true'), notice: flash[:notice] = failed_destroy_error(@suggested_answer, _('suggested answer')) + end end end \ No newline at end of file diff --git a/app/controllers/user_identifiers_controller.rb b/app/controllers/user_identifiers_controller.rb index 70297f5..5ca04f4 100644 --- a/app/controllers/user_identifiers_controller.rb +++ b/app/controllers/user_identifiers_controller.rb @@ -1,24 +1,23 @@ class UserIdentifiersController < ApplicationController + respond_to :html + after_action :verify_authorized # DELETE /users/identifiers # --------------------------------------------------------------------- def destroy - if user_signed_in? then - user = User.find(current_user.id) - identifier = UserIdentifier.find(params[:id]) - - # If the requested identifier belongs to the current user remove it - if user.user_identifiers.include?(identifier) - identifier.destroy! - flash[:notice] = t('identifier_schemes.disconnect_success', - scheme: identifier.identifier_scheme.name) - else - flash[:notice] = t('identifier_schemes.disconnect_failure', - scheme: identifier.identifier_scheme.name) - end - - redirect_to edit_user_registration_path + authorize UserIdentifier + user = User.find(current_user.id) + identifier = UserIdentifier.find(params[:id]) + + # If the requested identifier belongs to the current user remove it + if user.user_identifiers.include?(identifier) + identifier.destroy! + flash[:notice] = _('Successfully unlinked your account from %{is}') % {is: identifier.identifier_scheme.name} + else + flash[:notice] = _('Unable to unlinked your account from %{is}') % {is: identifier.identifier_scheme.name} end + + redirect_to edit_user_registration_path end end \ No newline at end of file diff --git a/app/controllers/users/omniauth_shibboleth_request_controller.rb b/app/controllers/users/omniauth_shibboleth_request_controller.rb index 3190c2f..bc0f9f4 100644 --- a/app/controllers/users/omniauth_shibboleth_request_controller.rb +++ b/app/controllers/users/omniauth_shibboleth_request_controller.rb @@ -7,7 +7,11 @@ else idp = params[:idp] end - query_params = {target: user_omniauth_callback_path(:shibboleth)} + + # briley - April 10 2017 - Replaced the old path with the one currently defined in `rake routes` + #query_params = {target: user_omniauth_callback_path(:shibboleth)} + query_params = {target: user_shibboleth_omniauth_callback_path} + unless idp.blank? query_params[:entityID] = idp end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 13f857c..ce0d122 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -47,8 +47,12 @@ end end end - @user.save! - redirect_to({controller: 'users', action: 'admin_index'}, {notice: _('Information was successfully updated.')}) # helpers.success key does not exist, replaced with a generic string + + if @user.save! + redirect_to({controller: 'users', action: 'admin_index'}, {notice: _('Information was successfully updated.')}) # helpers.success key does not exist, replaced with a generic string + else + flash[:notice] = failed_update_error(@user, _('user')) + end end end diff --git a/app/policies/user_identifier_policy.rb b/app/policies/user_identifier_policy.rb new file mode 100644 index 0000000..e57f1c9 --- /dev/null +++ b/app/policies/user_identifier_policy.rb @@ -0,0 +1,20 @@ +class UserIdentifierPolicy < ApplicationPolicy + attr_reader :user_identifier + + def initialize(user, users) + raise Pundit::NotAuthorizedError, "must be logged in" unless user + @user = user + @users = users + end + + def destroy? + !user.nil? + end + + class Scope < Scope + def resolve + scope.where(user_id: user.id) + end + end + +end \ No newline at end of file diff --git a/app/views/plans/show_export.html.erb b/app/views/plans/show_export.html.erb index 72a3781..f6c6f67 100644 --- a/app/views/plans/show_export.html.erb +++ b/app/views/plans/show_export.html.erb @@ -11,10 +11,10 @@ <%= raw _("

From here you can download your plan in various formats. This may be useful if you need to submit your plan as part of a grant application.
Select what format you wish to use and click to 'Export'.

")%> - <% if @plan.phases.count == 1 %> - <%= render :partial => "/shared/export_links", locals: {plan: @plan, phase: @phan.phases[0]} %> + <% if @plan.template.phases.count == 1 %> + <%= render :partial => "/shared/export_links", locals: {plan: @plan, phase: @plan.template.phases.first} %> <%else%> - <% @plan.phases.each do |phase| %> + <% @plan.template.phases.each do |phase| %>
diff --git a/config/application.rb b/config/application.rb index f4e3351..bae1b99 100644 --- a/config/application.rb +++ b/config/application.rb @@ -89,7 +89,7 @@ config.shibboleth_enabled = false # Absolute path to Shibboleth SSO Login - #config.shibboleth_login = 'https://localhost/Shibboleth.sso/Login' + config.shibboleth_login = 'https://localhost/Shibboleth.sso/Login' # Active Record will no longer suppress errors raised in after_rollback or after_commit # in the next version. Devise appears to be using those callbacks. diff --git a/lib/assets/javascripts/jquery.timeago.js b/lib/assets/javascripts/jquery.timeago.js index 59a7d74..1115ff7 100644 --- a/lib/assets/javascripts/jquery.timeago.js +++ b/lib/assets/javascripts/jquery.timeago.js @@ -49,15 +49,15 @@ suffixFromNow: __("from now"), seconds: __("less than a minute"), minute: __("about a minute"), - minutes: __("%{d} minutes", '%d'), // This is a bit hacky but didn't want '%d' in the gettext so used the normal %{d} and then swap it back with '%d' so substitute() function below works properly + minutes: __("%d minutes"), hour: __("about an hour"), - hours: __("about %{d} hours", '%d'), + hours: __("about %d hours"), day: __("a day"), - days: __("%{d} days", '%d'), + days: __("%d days"), month: __("about a month"), - months: __("%{d} months", '%d'), + months: __("%d months"), year: __("about a year"), - years: __("%{d} years", '%d'), + years: __("%d years"), wordSeparator: " ", numbers: [] } diff --git a/test/functional/plans_controller_test.rb b/test/functional/plans_controller_test.rb index 2bfcf9e..ce3148a 100644 --- a/test/functional/plans_controller_test.rb +++ b/test/functional/plans_controller_test.rb @@ -264,6 +264,18 @@ # TODO: We need some better tests here to check the different formats! end + # GET /plans/:id/show_export (show_export_plan_path) + # ---------------------------------------------------------- + test "show the export the plan page" do + # Should redirect user to the root path if they are not logged in! + try_no_user_and_unauthorized(show_export_plan_path(@plan)) + + sign_in @user + get show_export_plan_path(@plan) + assert_response :success + assert assigns(:plan) + end + private def try_no_user_and_unauthorized(target) # Should redirect user to the root path if they are not logged in! diff --git a/test/functional/sessions_controller_test.rb b/test/functional/sessions_controller_test.rb new file mode 100644 index 0000000..ac1b5dd --- /dev/null +++ b/test/functional/sessions_controller_test.rb @@ -0,0 +1,59 @@ +require 'test_helper' + +class SessionsControllerTest < ActionDispatch::IntegrationTest + + include Warden::Test::Helpers + + # CURRENT RESULTS OF `rake routes` + # -------------------------------------------------- + # new_user_session GET /users/sign_in sessions#new + # user_session POST /users/sign_in sessions#create + # destroy_user_session DELETE /users/sign_out sessions#destroy + + setup do + @user = User.first + end + + # POST /users/sign_in (user_session_path) + # ---------------------------------------------------------- + test "existing user's language setting is stored in the session and FastGettext" do + @user.language = Language.find_by(abbreviation: 'de') + @user.save! + post user_session_path, {user: {email: @user.email}} + assert_equal 'de', session[:locale], "expected the existing user's locale to have been set in the session" + assert_response :redirect + assert_redirected_to root_path + end + + # POST /users/sign_in (user_session_path) + # ---------------------------------------------------------- + test "unknown user's session[:locale] set to FastGettext.default_locale" do + post user_session_path, {user: {email: 'testing.session@example.org'}} + assert_equal nil, session[:locale], "expected the new user's locale to be empty" + assert_equal FastGettext.default_locale, FastGettext.locale, "expected the FastGettext to use the default locale" + assert_response :redirect + assert_redirected_to root_path + end + + # POST /users/sign_in (user_session_path) + # ---------------------------------------------------------- + test "existing user's Shibboleth id is captured" do + Warden.on_next_request do |proxy| + proxy.raw_session[:shibboleth_data] = {uid: 'abcdefg'} + end + post user_session_path, {user: {email: @user.email}, shibboleth_data: {uid: 'abcdefg'}} + assert_response :redirect + assert_redirected_to root_path + assert_equal 'abcdefg', @user.reload.shibboleth_id, "expected the existing user's shib id to have been set" + end + + # DELETE /users/sign_in (destroy_user_session_path) + # ---------------------------------------------------------- + test "delete the user session" do + delete destroy_user_session_path + assert_equal nil, session[:locale], "expected the locale to have been deleted from the session" + assert_response :redirect + assert_redirected_to root_path + end + +end diff --git a/test/functional/suggested_answers_controller_test.rb b/test/functional/suggested_answers_controller_test.rb new file mode 100644 index 0000000..dcdd2ce --- /dev/null +++ b/test/functional/suggested_answers_controller_test.rb @@ -0,0 +1,116 @@ +require 'test_helper' + +class SuggestedAnswersControllerTest < ActionDispatch::IntegrationTest + + include Devise::Test::IntegrationHelpers + + setup do + @question = SuggestedAnswer.first.question + + # Get the first Org Admin + scaffold_org_admin(@question.section.phase.template.org) + end + +# TODO: The following methods SHOULD replace the old 'admin_' prefixed methods. The routes file already has +# these defined. They are defined multiple times though and we need to clean this up! In particular +# look at the unnamed routes after 'new_plan_phase' below. They are not named because they are duplicates. +# We should just have: +# +# SHOULD BE: +# -------------------------------------------------- +# suggested_answers GET /templates/:template_id/phases/:phase_id/sections/:section_id/questions/:id sections#index +# POST /templates/:template_id/phases/:phase_id/sections/:section_id/questions/:id sections#create +# suggested_answer GET /templates/:template_id/phases/:phase_id/sections/:section_id/questions/:question_id/suggested_answer/:id sections#show +# PATCH /templates/:template_id/phases/:phase_id/section/:section_id/questions/:question_id/suggested_answer/:id sections#update +# PUT /templates/:template_id/phases/:phase_id/section/:section_id/questions/:question_id/suggested_answer/:id sections#update +# DELETE /templates/:template_id/phases/:phase_id/section/:section_id/questions/:question_id/suggested_answer/:id sections#destroy +# +# CURRENT RESULTS OF `rake routes` +# -------------------------------------------------- +# admin_create_suggested_answer POST /org/admin/templates/suggested_answers/:id/admin_create suggested_answers#admin_create +# admin_update_suggested_answer PUT /org/admin/templates/suggested_answers/:id/admin_update suggested_answers#admin_update +# admin_destroy_suggested_answer DELETE /org/admin/templates/suggested_answers/:id/admin_destroy suggested_answers#admin_destroy + + + + # POST /org/admin/templates/suggested_answers/:id/admin_create (admin_create_suggested_answer_path) + # ---------------------------------------------------------- + test "create a new section" do + params = {org_id: @user.org.id, question_id: @question.id, text: "Here's a suggestion"} + + # Should redirect user to the root path if they are not logged in! + post admin_create_suggested_answer_path(@question.id), {suggested_answer: params} + assert_unauthorized_redirect_to_root_path + + sign_in @user + + post admin_create_suggested_answer_path(@question.id), {suggested_answer: params} + assert_response :redirect + assert_redirected_to "#{admin_show_phase_path(@question.section.phase.id)}?edit=true&question_id=#{@question.id}§ion_id=#{@question.section.id}" + assert_equal _('Information was successfully created.'), flash[:notice] + assert_equal "Here's a suggestion", SuggestedAnswer.last.text, "expected the record to have been created!" + assert assigns(:suggested_answer) + + # Invalid object + post admin_create_suggested_answer_path(@question.id), {suggested_answer: {question_id: @question.id}} + assert flash[:notice].starts_with?(_('Could not create your')) + assert_response :success + assert assigns(:suggested_answer) + end + + # PUT /org/admin/templates/suggested_answers/:id/admin_update (admin_update_suggested_answer_path) + # ---------------------------------------------------------- + test "update the section" do + params = {text: 'UPDATE'} + + # Should redirect user to the root path if they are not logged in! + put admin_update_suggested_answer_path(SuggestedAnswer.first), {suggested_answer: params} + assert_unauthorized_redirect_to_root_path + + sign_in @user + + # Valid save + put admin_update_suggested_answer_path(SuggestedAnswer.first), {suggested_answer: params} + assert_equal _('Information was successfully updated.'), flash[:notice] + assert_response :redirect + assert_redirected_to "#{admin_show_phase_path(@question.section.phase.id)}?edit=true&question_id=#{@question.id}§ion_id=#{@question.section.id}" + assert assigns(:suggested_answer) + assert assigns(:question) + assert assigns(:section) + assert assigns(:phase) + assert_equal 'UPDATE', SuggestedAnswer.first.text, "expected the record to have been updated" + +# TODO: We need to add in validation checks on the model and reactivate this test + # Invalid save +# put admin_update_suggested_answer_path(SuggestedAnswer.first), {suggested_answer: {text: nil}} +# assert flash[:notice].starts_with?(_('Could not update your')) +# assert_response :success +# assert assigns(:suggested_answer) +# assert assigns(:question) +# assert assigns(:section) +# assert assigns(:phase) + end + + # DELETE /org/admin/templates/suggested_answers/:id/admin_destroy (admin_destroy_suggested_answer_path) + # ---------------------------------------------------------- + test "delete the section" do + id = SuggestedAnswer.first.id + # Should redirect user to the root path if they are not logged in! + delete admin_destroy_suggested_answer_path(id: id) + assert_unauthorized_redirect_to_root_path + + sign_in @user + + delete admin_destroy_suggested_answer_path(id: id) + assert_equal _('Information was successfully deleted.'), flash[:notice] + assert_response :redirect + assert_redirected_to "#{admin_show_phase_path(@question.section.phase.id)}?edit=true§ion_id=#{@question.section.id}" + assert assigns(:question) + assert assigns(:section) + assert assigns(:phase) + assert_raise ActiveRecord::RecordNotFound do + SuggestedAnswer.find(id).nil? + end + end + +end \ No newline at end of file diff --git a/test/functional/token_permission_types_controller_test.rb b/test/functional/token_permission_types_controller_test.rb new file mode 100644 index 0000000..f1cc342 --- /dev/null +++ b/test/functional/token_permission_types_controller_test.rb @@ -0,0 +1,30 @@ +require 'test_helper' + +class TokenPermissionTypesControllerTest < ActionDispatch::IntegrationTest + + include Devise::Test::IntegrationHelpers + + # CURRENT RESULTS OF `rake routes` + # -------------------------------------------------- + # token_permission_types GET /token_permission_types token_permission_types#index + + setup do + @user = User.first + end + + # GET /token_permission_types (token_permission_types_path) + # ---------------------------------------------------------- + test "retrieve the list of token permission types" do + # Should redirect user to the root path if they are not logged in! + get token_permission_types_path + assert_unauthorized_redirect_to_root_path + + sign_in @user + + get token_permission_types_path + assert_response :success + assert assigns(:user) + assert assigns(:token_types) + end + +end \ No newline at end of file diff --git a/test/functional/user_identifiers_controller_test.rb b/test/functional/user_identifiers_controller_test.rb new file mode 100644 index 0000000..2488373 --- /dev/null +++ b/test/functional/user_identifiers_controller_test.rb @@ -0,0 +1,36 @@ +require 'test_helper' + +class UserIdentifiersControllerTest < ActionDispatch::IntegrationTest + + include Devise::Test::IntegrationHelpers + + setup do + @user = User.first + end + +# CURRENT RESULTS OF `rake routes` +# -------------------------------------------------- +# destroy_user_identifier DELETE /users/identifiers/:id user_identifiers#destroy + + + # DELETE /users/identifiers/:id (destroy_user_identifier_path) + # ---------------------------------------------------------- + test "delete the section" do + ui = UserIdentifier.create(user: @user, identifier_scheme: IdentifierScheme.first, identifier: 'TESTING') + + # Should redirect user to the root path if they are not logged in! + delete destroy_user_identifier_path(ui) + assert_unauthorized_redirect_to_root_path + + sign_in @user + + delete destroy_user_identifier_path(ui) + assert flash[:notice].start_with?(_('Successfully unlinked your account from')), "expected the success message" + assert_response :redirect + assert_redirected_to edit_user_registration_path + assert_raise ActiveRecord::RecordNotFound do + UserIdentifier.find(ui.id).nil? + end + end + +end \ No newline at end of file diff --git a/test/functional/users/omniauth_shibboleth_request_controller_test.rb b/test/functional/users/omniauth_shibboleth_request_controller_test.rb new file mode 100644 index 0000000..391c2f1 --- /dev/null +++ b/test/functional/users/omniauth_shibboleth_request_controller_test.rb @@ -0,0 +1,34 @@ +class OmniauthShibbolethRequestControllerTest < ActionDispatch::IntegrationTest + include Devise::Test::IntegrationHelpers + + + # user_omniauth_shibboleth GET /auth/shibboleth users/omniauth_shibboleth_request#redirect + # user_shibboleth_assoc GET /auth/shibboleth/assoc users/omniauth_shibboleth_request#associate + + setup do + @schemes = IdentifierScheme.all + @user = User.first + + @callback_uris = {} + + # Stub out shibboleth IDP responses + OmniAuth.config.mock_auth[:shibboleth] = OmniAuth::AuthHash.new({ + :provider => "shibboleth", + :idp => "blah", + :uid => 'foo:bar' + }) + end + + # ------------------------------------------------------------- + test "gets the IDP from the incoming params" do + get user_omniauth_shibboleth_path + assert_response :redirect + assert_redirected_to "#{Rails.application.config.shibboleth_login}?target=%2Fusers%2Fauth%2Fshibboleth%2Fcallback" + + # Try it passing in an idp + get "#{user_omniauth_shibboleth_path}?idp=foo" + assert_response :redirect + assert_redirected_to "#{Rails.application.config.shibboleth_login}?entityID=foo&target=%2Fusers%2Fauth%2Fshibboleth%2Fcallback" + end + +end \ No newline at end of file diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb index 42d26cf..8f4eddc 100644 --- a/test/functional/users_controller_test.rb +++ b/test/functional/users_controller_test.rb @@ -1,51 +1,74 @@ require 'test_helper' -class UsersControllerTest < ActionController::TestCase -=begin +class UsersControllerTest < ActionDispatch::IntegrationTest + + include Devise::Test::IntegrationHelpers + setup do - @user = users(:one) + scaffold_org_admin(Org.last) end + + # TODO: Reassess these routes. Devise handles the standard profile pages so defining a more RESTful setup + # wouldn't conflict with the update/create of the main user object. They should probably be something like: + # + # users GET /org/:org_id/users users#index + # user GET /user/:id users#show + # user PUT /user/:id users#update + + # CURRENT RESULTS OF `rake routes` + # -------------------------------------------------- + # admin_index_users GET /org/admin/users/admin_index users#admin_index + # admin_grant_permissions_user GET /org/admin/users/:id/admin_grant_permissions users#admin_grant_permissions + # admin_update_permissions_user PUT /org/admin/users/:id/admin_update_permissions users#admin_update_permissions - test "should get index" do - get :index + + # GET /org/admin/users/admin_index (admin_index_users_path) + # ---------------------------------------------------------- + test "get the list of users" do + # Should redirect user to the root path if they are not logged in! + get admin_index_users_path + assert_unauthorized_redirect_to_root_path + + sign_in @user + + get admin_index_users_path assert_response :success - assert_not_nil assigns(:users) + assert assigns(:users) end - - test "should get new" do - get :new + + # GET /org/admin/users/:id/admin_grant_permissions (admin_grant_permissions_user_path) + # ---------------------------------------------------------- + test "grant the user's permissions" do + # Should redirect user to the root path if they are not logged in! + get admin_grant_permissions_user_path(@user.org.users.first) + assert_unauthorized_redirect_to_root_path + + sign_in @user + + get admin_grant_permissions_user_path(@user.org.users.first) assert_response :success + assert assigns(:user) + assert assigns(:perms) end - test "should create user" do - assert_difference('User.count') do - post :create, user: { email: @user.email, firstname: @user.firstname, last_login: @user.last_login, login_count: @user.login_count, orcid_id: @user.orcid_id, password: @user.password, shibboleth_id: @user.shibboleth_id, user_status_id: @user.user_status_id, surname: @user.surname, user_type_id: @user.user_type_id } + # PUT /org/admin/users/:id/admin_update_permissions (admin_update_permissions_user_path) + # ---------------------------------------------------------- + test "update the user's permissions" do + params = {perm_ids: [Perm.last.id, Perm.first.id]} + + # Should redirect user to the root path if they are not logged in! + put admin_update_permissions_user_path(@user.org.users.last), {user: params} + assert_unauthorized_redirect_to_root_path + + sign_in @user + + # Valid save + put admin_update_permissions_user_path(@user.org.users.last), {user: params} + assert_equal _('Information was successfully updated.'), flash[:notice] + assert_response :redirect + assert_redirected_to admin_index_users_url + @user.org.users.last.perms.each do |perm| + assert params[:perm_ids].include?(perm.id), "did not expect to find the #{perm.name} attached to the user" end - - assert_redirected_to user_path(assigns(:user)) end - - test "should show user" do - get :show, id: @user - assert_response :success - end - - test "should get edit" do - get :edit, id: @user - assert_response :success - end - - test "should update user" do - put :update, id: @user, user: { email: @user.email, firstname: @user.firstname, last_login: @user.last_login, login_count: @user.login_count, orcid_id: @user.orcid_id, password: @user.password, shibboleth_id: @user.shibboleth_id, user_status_id: @user.user_status_id, surname: @user.surname, user_type_id: @user.user_type_id } - assert_redirected_to user_path(assigns(:user)) - end - - test "should destroy user" do - assert_difference('User.count', -1) do - delete :destroy, id: @user - end - - assert_redirected_to users_path - end -=end end