diff --git a/test/controllers/matches_controller_test.rb b/test/controllers/matches_controller_test.rb index 52a58f0..d9bd562 100644 --- a/test/controllers/matches_controller_test.rb +++ b/test/controllers/matches_controller_test.rb @@ -28,6 +28,10 @@ class MatchesControllerTest < ActionController::TestCase def sign_in_tournament_delegate sign_in users(:three) end + + def sign_in_school_delegate + sign_in users(:four) + end def success assert_response :success @@ -52,6 +56,12 @@ class MatchesControllerTest < ActionController::TestCase get_edit redirect end + + test "logged school delegate should not get edit match page if not owner" do + sign_in_school_delegate + get_edit + redirect + end test "non logged in user should not get edit match page" do get_edit @@ -68,6 +78,12 @@ class MatchesControllerTest < ActionController::TestCase post_update assert_redirected_to '/static_pages/not_allowed' end + + test "logged school delegate should not post update match if not owner" do + sign_in_school_delegate + post_update + assert_redirected_to '/static_pages/not_allowed' + end test "logged in tournament delegate should get edit match page" do sign_in_tournament_delegate diff --git a/test/controllers/mats_controller_test.rb b/test/controllers/mats_controller_test.rb index 4f2f788..7ebf6c4 100644 --- a/test/controllers/mats_controller_test.rb +++ b/test/controllers/mats_controller_test.rb @@ -44,7 +44,11 @@ class MatsControllerTest < ActionController::TestCase def sign_in_tournament_delegate sign_in users(:three) end - + + def sign_in_school_delegate + sign_in users(:four) + end + def success assert_response :success end @@ -78,6 +82,12 @@ class MatsControllerTest < ActionController::TestCase get_edit redirect end + + test "logged school delegate should not get edit mat page if not owner" do + sign_in_school_delegate + get_edit + redirect + end test "non logged in user should not get edit mat page" do get_edit @@ -94,6 +104,12 @@ class MatsControllerTest < ActionController::TestCase post_update redirect end + + test "logged school delegate should not post update mat if not owner" do + sign_in_school_delegate + post_update + redirect + end test "logged in tournament owner should post update mat" do sign_in_owner @@ -130,6 +146,14 @@ class MatsControllerTest < ActionController::TestCase create redirect end + + test "logged school delegate not tournament owner cannot create a mat" do + sign_in_school_delegate + new + redirect + create + redirect + end test "logged in tournament owner can destroy a mat" do sign_in_owner @@ -149,11 +173,23 @@ class MatsControllerTest < ActionController::TestCase redirect end + test "logged school delegate not tournament owner cannot destroy mat" do + sign_in_school_delegate + destroy + redirect + end + test "logged in user should not get show mat" do sign_in_non_owner show redirect end + + test "logged school delegate should not get show mat" do + sign_in_school_delegate + show + redirect + end test "logged in tournament owner should get show mat" do sign_in_owner diff --git a/test/controllers/tournaments_controller_test.rb b/test/controllers/tournaments_controller_test.rb index 4fc0e6d..74f497c 100644 --- a/test/controllers/tournaments_controller_test.rb +++ b/test/controllers/tournaments_controller_test.rb @@ -29,6 +29,10 @@ include Devise::TestHelpers def sign_in_delegate sign_in users(:three) end + + def sign_in_school_delegate + sign_in users(:four) + end def success assert_response :success @@ -61,6 +65,12 @@ include Devise::TestHelpers get :generate_matches, id: 1 redirect end + + test "logged in school delegate cannot generate matches" do + sign_in_school_delegate + get :generate_matches, id: 1 + redirect + end test "logged in tournament owner can create custom weights" do sign_in_owner @@ -73,6 +83,12 @@ include Devise::TestHelpers get :create_custom_weights, id: 1, customValue: 'hs' redirect end + + test "logged in school delegate cannot create custom weights" do + sign_in_school_delegate + get :create_custom_weights, id: 1, customValue: 'hs' + redirect + end test "logged in tournament owner can access weigh_ins" do @@ -86,6 +102,12 @@ include Devise::TestHelpers get :weigh_in, id: 1 redirect end + + test "logged in school delegate cannot access weigh_ins" do + sign_in_school_delegate + get :weigh_in, id: 1 + redirect + end test "logged in tournament owner can access weigh_in_weight" do sign_in_owner @@ -99,6 +121,12 @@ include Devise::TestHelpers redirect end + test "logged in school delegate cannot access weigh_in_weight" do + sign_in_school_delegate + get :weigh_in_weight, id: 1, weight: 1 + redirect + end + test "logged in tournament owner can access post weigh_in_weight" do sign_in_owner post :weigh_in, id: 1, weight: 1, wrestler: @wrestlers @@ -109,6 +137,12 @@ include Devise::TestHelpers post :weigh_in_weight, id: 1, weight: 1, wrestler: @wrestlers redirect end + + test "logged in school delegate cannot access post weigh_in_weight" do + sign_in_school_delegate + post :weigh_in_weight, id: 1, weight: 1, wrestler: @wrestlers + redirect + end test "logged in tournament owner should get edit tournament page" do @@ -122,6 +156,12 @@ include Devise::TestHelpers get_edit redirect end + + test "logged in school delegate should not get edit tournament page if not owner" do + sign_in_school_delegate + get_edit + redirect + end test "non logged in user should not get edit tournament page" do get_edit @@ -138,6 +178,12 @@ include Devise::TestHelpers post_update assert_redirected_to '/static_pages/not_allowed' end + + test "logged in school delegate should not post update tournament if not owner" do + sign_in_school_delegate + post_update + assert_redirected_to '/static_pages/not_allowed' + end test "logged in tournament owner should post update tournament" do sign_in_owner @@ -158,6 +204,12 @@ include Devise::TestHelpers redirect end + test "logged in school delegate not tournament owner cannot destroy tournament" do + sign_in_school_delegate + destroy + redirect + end + #TESTS THAT NEED MATCHES PUT ABOVE THIS test "redirect up_matches if no matches" do diff --git a/test/controllers/weights_controller_test.rb b/test/controllers/weights_controller_test.rb index dd7ea4a..ba2a152 100644 --- a/test/controllers/weights_controller_test.rb +++ b/test/controllers/weights_controller_test.rb @@ -40,6 +40,10 @@ class WeightsControllerTest < ActionController::TestCase def sign_in_tournament_delegate sign_in users(:three) end + + def sign_in_school_delegate + sign_in users(:four) + end def success assert_response :success @@ -66,6 +70,12 @@ class WeightsControllerTest < ActionController::TestCase get_edit redirect end + + test "logged school delegate should not get edit weight page if not owner" do + sign_in_school_delegate + get_edit + redirect + end test "non logged in user should not get edit weight page" do get_edit @@ -82,6 +92,12 @@ class WeightsControllerTest < ActionController::TestCase post_update redirect end + + test "logged school delegate should not post update weight if not owner" do + sign_in_school_delegate + post_update + redirect + end test "logged in tournament owner should post update weight" do sign_in_owner @@ -118,6 +134,14 @@ class WeightsControllerTest < ActionController::TestCase create redirect end + + test "logged school delegate not tournament owner cannot create a weight" do + sign_in_school_delegate + new + redirect + create + redirect + end test "logged in tournament owner can destroy a weight" do sign_in_owner @@ -136,6 +160,12 @@ class WeightsControllerTest < ActionController::TestCase destroy redirect end + + test "logged school delegate not tournament owner cannot destroy weight" do + sign_in_school_delegate + destroy + redirect + end test "view wegiht" do get :show, id: 1