Test protecting controller paths

2026-03-25 01:14:43 +00:00 · 2015-10-30 07:51:35 -04:00
parent d1437a56af
commit 685c71ade9
9 changed files with 457 additions and 52 deletions
--- a/test/controllers/mats_controller_test.rb
+++ b/test/controllers/mats_controller_test.rb
@@ -1,11 +1,109 @@
 require 'test_helper'

 class MatsControllerTest < ActionController::TestCase
-  # setup do
-  #   @mat = mats(:one)
-  # end
+  include Devise::TestHelpers

-  test "the truth" do
-     assert true
-   end
+  setup do
+     @tournament = Tournament.find(1)
+     @tournament.generateMatchups
+     @mat = mats(:one)
+  end
+ 
+  def create
+    post :create, mat: {name: 'Mat100', tournament_id: 1}
+  end
+
+  def new
+    get :new, tournament: @tournament.id
+  end
+
+  def post_update
+    patch :update, id: @mat.id, mat: {name: @mat.name, tournament_id: @mat.tournament_id}
+  end
+
+  def destroy
+    delete :destroy, id: @mat.id
+  end
+
+  def get_edit
+    get :edit, id: @mat.id
+  end
+  
+  def sign_in_owner
+    sign_in users(:one)
+  end
+
+  def sign_in_non_owner
+    sign_in users(:two)
+  end
+
+  def success
+    assert_response :success
+  end
+
+  def redirect
+    assert_redirected_to '/static_pages/not_allowed'
+  end
+
+  test "logged in tournament owner should get edit mat page" do
+    sign_in_owner
+    get_edit
+    success
+  end
+
+  test "logged in user should not get edit mat page if not owner" do
+    sign_in_non_owner
+    get_edit
+    redirect
+  end
+
+  test "non logged in user should not get edit mat page" do
+    get_edit
+    redirect
+  end
+
+  test "non logged in user should get post update mat" do
+    post_update
+    redirect
+  end 
+
+  test "logged in user should not post update mat if not owner" do
+    sign_in_non_owner
+    post_update
+    redirect
+  end 
+
+  test "logged in tournament owner should post update mat" do
+    sign_in_owner
+    post_update
+    assert_redirected_to tournament_path(@mat.tournament_id) 
+  end
+
+  test "logged in tournament owner can create a new mat" do
+    sign_in_owner
+    new
+    success 
+    create
+    assert_redirected_to tournament_path(@mat.tournament_id) 
+  end
+
+  test "logged in user not tournament owner cannot create a mat" do
+    sign_in_non_owner
+    new
+    redirect
+    create
+    redirect
+  end
+
+  test "logged in tournament owner can destroy a mat" do
+    sign_in_owner
+    destroy
+    assert_redirected_to tournament_path(@tournament.id)
+  end
+
+  test "logged in user not tournament owner cannot destroy mat" do
+    sign_in_non_owner
+    destroy
+    redirect
+  end
 end
--- a/test/controllers/schools_controller_test.rb
+++ b/test/controllers/schools_controller_test.rb
@@ -1,11 +1,110 @@
 require 'test_helper'

 class SchoolsControllerTest < ActionController::TestCase
-  # setup do
-  #   @school = schools(:one)
-  # end
+  include Devise::TestHelpers
+
+  setup do
+     @tournament = Tournament.find(1)
+     @tournament.generateMatchups
+     @school = @tournament.schools.first
+  end
+ 
+  def create
+    post :create, school: {name: 'Testaasdf', tournament_id: 1}
+  end
+
+  def new
+    get :new, tournament: @tournament.id
+  end
+
+  def post_update
+    patch :update, id: @school.id, school: {name: @school.name, tournament_id: @school.tournament_id}
+  end
+
+  def destroy
+    delete :destroy, id: @school.id
+  end
+
+  def get_edit
+    get :edit, id: @school.id
+  end
+  
+  def sign_in_owner
+    sign_in users(:one)
+  end
+
+  def sign_in_non_owner
+    sign_in users(:two)
+  end
+
+  def success
+    assert_response :success
+  end
+
+  def redirect
+    assert_redirected_to '/static_pages/not_allowed'
+  end
+
+  test "logged in tournament owner should get edit school page" do
+    sign_in_owner
+    get_edit
+    success
+  end
+
+  test "logged in user should not get edit school page if not owner" do
+    sign_in_non_owner
+    get_edit
+    redirect
+  end
+
+  test "non logged in user should not get edit school page" do
+    get_edit
+    redirect
+  end
+
+  test "non logged in user should get post update school" do
+    post_update
+    redirect
+  end 
+
+  test "logged in user should not post update school if not owner" do
+    sign_in_non_owner
+    post_update
+    redirect
+  end 
+
+  test "logged in tournament owner should post update school" do
+    sign_in_owner
+    post_update
+    assert_redirected_to tournament_path(@school.tournament_id) 
+  end
+
+  test "logged in tournament owner can create a new school" do
+    sign_in_owner
+    new
+    success 
+    create
+    assert_redirected_to tournament_path(@school.tournament_id) 
+  end
+
+  test "logged in user not tournament owner cannot create a school" do
+    sign_in_non_owner
+    new
+    redirect
+    create
+    redirect
+  end
+
+  test "logged in tournament owner can destroy a school" do
+    sign_in_owner
+    destroy
+    assert_redirected_to tournament_path(@tournament.id)
+  end
+
+  test "logged in user not tournament owner cannot destroy school" do
+    sign_in_non_owner
+    destroy
+    redirect
+  end

-  test "the truth" do
-     assert true
-   end
 end
--- a/test/controllers/weights_controller_test.rb
+++ b/test/controllers/weights_controller_test.rb
@@ -1,11 +1,111 @@
 require 'test_helper'

 class WeightsControllerTest < ActionController::TestCase
-  # setup do
-  #   @weight = weights(:one)
-  # end
+  include Devise::TestHelpers
+
+  setup do
+     @tournament = Tournament.find(1)
+     @tournament.generateMatchups
+     @weight = @tournament.weights.first
+  end
+ 
+  def create
+    post :create, weight: {max: 60000, tournament_id: 1}
+  end
+
+  def new
+    get :new, tournament: @tournament.id
+  end
+
+  def post_update
+    patch :update, id: @weight.id, weight: {name: @weight.max, tournament_id: @weight.tournament_id}
+  end
+
+  def destroy
+    delete :destroy, id: @weight.id
+  end
+
+  def get_edit
+    get :edit, id: @weight.id
+  end
+  
+  def sign_in_owner
+    sign_in users(:one)
+  end
+
+  def sign_in_non_owner
+    sign_in users(:two)
+  end
+
+  def success
+    assert_response :success
+  end
+
+  def redirect
+    assert_redirected_to '/static_pages/not_allowed'
+  end
+
+  test "logged in tournament owner should get edit weight page" do
+    sign_in_owner
+    get_edit
+    success
+  end
+
+  test "logged in user should not get edit weight page if not owner" do
+    sign_in_non_owner
+    get_edit
+    redirect
+  end
+
+  test "non logged in user should not get edit weight page" do
+    get_edit
+    redirect
+  end
+
+  test "non logged in user should get post update weight" do
+    post_update
+    redirect
+  end 
+
+  test "logged in user should not post update weight if not owner" do
+    sign_in_non_owner
+    post_update
+    redirect
+  end 
+
+  test "logged in tournament owner should post update weight" do
+    sign_in_owner
+    post_update
+    assert_redirected_to tournament_path(@weight.tournament_id) 
+  end
+
+  test "logged in tournament owner can create a new weight" do
+    sign_in_owner
+    new
+    success 
+    create
+    assert_redirected_to tournament_path(@weight.tournament_id) 
+  end
+
+  test "logged in user not tournament owner cannot create a weight" do
+    sign_in_non_owner
+    new
+    redirect
+    create
+    redirect
+  end
+
+  test "logged in tournament owner can destroy a weight" do
+    sign_in_owner
+    destroy
+    assert_redirected_to tournament_path(@tournament.id)
+  end
+
+  test "logged in user not tournament owner cannot destroy weight" do
+    sign_in_non_owner
+    destroy
+    redirect
+  end
+

-  test "the truth" do
-     assert true
-   end
 end
--- a/test/controllers/wrestlers_controller_test.rb
+++ b/test/controllers/wrestlers_controller_test.rb
@@ -1,11 +1,113 @@
 require 'test_helper'

 class WrestlersControllerTest < ActionController::TestCase
-  # setup do
-  #   @wrestler = wrestlers(:one)
-  # end
+  include Devise::TestHelpers
+
+  setup do
+     @tournament = Tournament.find(1)
+     @tournament.generateMatchups
+     @school = @tournament.schools.first
+     @wrestler = @school.wrestlers.first
+  end
+ 
+  def create
+    post :create, wrestler: {name: 'Testaasdf', weight_id: 1, school_id: 1}
+  end
+
+  def new
+    get :new, school: @wrestler.school.id
+  end
+
+  def post_update
+    patch :update, id: @wrestler.id, wrestler: {name: @wrestler.name, weight_id: 1, school_id: 1}
+  end
+
+  def destroy
+    delete :destroy, id: @wrestler.id
+  end
+
+  def get_edit
+    get :edit, id: @wrestler.id
+  end
+  
+  def sign_in_owner
+    sign_in users(:one)
+  end
+
+  def sign_in_non_owner
+    sign_in users(:two)
+  end
+
+  def success
+    assert_response :success
+  end
+
+  def redirect
+    assert_redirected_to '/static_pages/not_allowed'
+  end
+
+  test "logged in tournament owner should get edit wrestler page" do
+    sign_in_owner
+    get_edit
+    success
+  end
+
+  test "logged in user should not get edit wrestler page if not owner" do
+    sign_in_non_owner
+    get_edit
+    redirect
+  end
+
+  test "non logged in user should not get edit wrestler page" do
+    get_edit
+    redirect
+  end
+
+  test "non logged in user should get post update wrestler" do
+    post_update
+    redirect
+  end 
+
+  test "logged in user should not post update wrestler if not owner" do
+    sign_in_non_owner
+    post_update
+    redirect
+  end 
+
+  test "logged in tournament owner should post update wrestler" do
+    sign_in_owner
+    post_update
+    assert_redirected_to school_path(@school.id) 
+  end
+
+  test "logged in tournament owner can create a new wrestler" do
+    sign_in_owner
+    new
+    success 
+    create
+    assert_redirected_to school_path(@school.id) 
+  end
+
+  test "logged in user not tournament owner cannot create a wrestler" do
+    sign_in_non_owner
+    new
+    redirect
+    create
+    redirect
+  end
+
+  test "logged in tournament owner can destroy a wrestler" do
+    sign_in_owner
+    destroy
+    assert_redirected_to school_path(@school.id)
+  end
+
+  test "logged in user not tournament owner cannot destroy wrestler" do
+    sign_in_non_owner
+    destroy
+    redirect
+  end
+
+

-  test "the truth" do
-     assert true
-   end
 end