This repository has been archived on 2019-05-14. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/spec/controllers/auth/registrations_controller_spec.rb
Eugen Rochko 2ca1f0737a Fix Devise destroy method being available to delete user record (#3266)
(You may think that we need account deletions, but this way would've just orphaned the db records)
2017-05-23 21:32:42 +02:00

57 lines
1.5 KiB
Ruby

require 'rails_helper'
RSpec.describe Auth::RegistrationsController, type: :controller do
render_views
describe 'GET #new' do
before do
Setting.open_registrations = true
request.env["devise.mapping"] = Devise.mappings[:user]
end
it 'returns http success' do
get :new
expect(response).to have_http_status(:success)
end
end
describe 'POST #create' do
let(:accept_language) { Rails.application.config.i18n.available_locales.sample.to_s }
before do
Setting.open_registrations = true
request.env["devise.mapping"] = Devise.mappings[:user]
request.headers["Accept-Language"] = accept_language
post :create, params: { user: { account_attributes: { username: 'test' }, email: 'test@example.com', password: '12345678', password_confirmation: '12345678' } }
end
it 'redirects to login page' do
expect(response).to redirect_to new_user_session_path
end
it 'creates user' do
user = User.find_by(email: 'test@example.com')
expect(user).to_not be_nil
expect(user.locale).to eq(accept_language)
end
end
describe 'DELETE #destroy' do
let(:user) { Fabricate(:user) }
before do
request.env['devise.mapping'] = Devise.mappings[:user]
sign_in(user, scope: :user)
delete :destroy
end
it 'returns http not found' do
expect(response).to have_http_status(:not_found)
end
it 'does not delete user' do
expect(User.find(user.id)).to_not be_nil
end
end
end