dawarich/spec/requests/settings/users_spec.rb

# frozen_string_literal: true

require 'rails_helper'

RSpec.describe '/settings/users', type: :request do
  let(:valid_attributes) { { email: 'user@domain.com', password: '4815162342' } }
  let!(:admin) { create(:user, :admin) }

  context 'when Dawarich is in self-hosted mode' do
    before do
      allow(DawarichSettings).to receive(:self_hosted?).and_return(true)
    end

    context 'when user is not authenticated' do
      it 'redirects to sign in page' do
        post settings_users_url, params: { user: valid_attributes }

        expect(response).to redirect_to(new_user_session_path)
      end
    end

    context 'when user is authenticated' do
      context 'when user is not an admin' do
        before { sign_in create(:user) }

        it 'redirects to root page' do
          post settings_users_url, params: { user: valid_attributes }

          expect(response).to redirect_to(root_url)
        end
      end

      context 'when user is an admin' do
        describe 'POST /create' do
          before { sign_in admin }

          context 'with valid parameters' do
            it 'creates a new User' do
              expect do
                post settings_users_url, params: { user: valid_attributes }
              end.to change(User, :count).by(1)

              expect(User.last.email).to eq(valid_attributes[:email])
              expect(User.last.valid_password?(valid_attributes[:password])).to be_truthy
            end

            it 'redirects to the created settings_user' do
              post settings_users_url, params: { user: valid_attributes }

              expect(response).to redirect_to(settings_users_url)
              expect(flash[:notice]).to eq('User was successfully created')
            end
          end

          context 'with invalid parameters' do
            let(:invalid_attributes) { { email: nil } }

            it 'does not create a new User' do
              expect do
                post settings_users_url, params: { user: invalid_attributes }
              end.to change(User, :count).by(0)
            end

            it 'renders a response with 422 status (i.e. to display the "new" template)' do
              post settings_users_url, params: { user: invalid_attributes }

              expect(response).to have_http_status(:unprocessable_content)
            end
          end
        end

        describe 'PATCH /update' do
          let(:user) { create(:user) }

          before { sign_in admin }

          context 'with valid parameters' do
            let(:new_attributes) { { email: FFaker::Internet.email, password: '4815162342' } }

            it 'updates the requested user' do
              patch settings_user_url(user), params: { user: new_attributes }

              user.reload
              expect(user.email).to eq(new_attributes[:email])
              expect(user.valid_password?(new_attributes[:password])).to be_truthy
            end
          end
        end
      end
    end
  end

  context 'when Dawarich is not in self-hosted mode' do
    before do
      allow(DawarichSettings).to receive(:self_hosted?).and_return(false)
      sign_in admin
    end

    describe 'GET /index' do
      it 'redirects to root page' do
        get settings_users_url

        expect(response).to redirect_to(root_url)
        expect(flash[:alert]).to eq('You are not authorized to perform this action.')
      end
    end

    describe 'POST /create' do
      it 'redirects to root page' do
        post settings_users_url, params: { user: valid_attributes }

        expect(response).to redirect_to(root_url)
        expect(flash[:alert]).to eq('You are not authorized to perform this action.')
      end
    end

    describe 'PATCH /update' do
      let(:user) { create(:user) }

      it 'redirects to root page' do
        patch settings_user_url(user), params: { user: valid_attributes }

        expect(response).to redirect_to(root_url)
        expect(flash[:alert]).to eq('You are not authorized to perform this action.')
      end
    end
  end
end
Disable registration and implement user creation in the settings page 2024-06-30 06:31:21 -04:00			`# frozen_string_literal: true`

			`require 'rails_helper'`

			`RSpec.describe '/settings/users', type: :request do`
Allow admins to create users with password and update user password 2024-11-12 08:56:48 -05:00			`let(:valid_attributes) { { email: 'user@domain.com', password: '4815162342' } }`
			`let!(:admin) { create(:user, :admin) }`
Disable registration and implement user creation in the settings page 2024-06-30 06:31:21 -04:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`context 'when Dawarich is in self-hosted mode' do`
			`before do`
			`allow(DawarichSettings).to receive(:self_hosted?).and_return(true)`
Update tests for admin flag 2024-07-19 14:37:57 -04:00			`end`
Disable registration and implement user creation in the settings page 2024-06-30 06:31:21 -04:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`context 'when user is not authenticated' do`
			`it 'redirects to sign in page' do`
Disable registration and implement user creation in the settings page 2024-06-30 06:31:21 -04:00			`post settings_users_url, params: { user: valid_attributes }`

Fix failing specs 2025-09-13 11:46:45 -04:00			`expect(response).to redirect_to(new_user_session_path)`
Disable registration and implement user creation in the settings page 2024-06-30 06:31:21 -04:00			`end`
			`end`

Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`context 'when user is authenticated' do`
			`context 'when user is not an admin' do`
			`before { sign_in create(:user) }`

			`it 'redirects to root page' do`
			`post settings_users_url, params: { user: valid_attributes }`

			`expect(response).to redirect_to(root_url)`
			`end`
			`end`

			`context 'when user is an admin' do`
			`describe 'POST /create' do`
			`before { sign_in admin }`
Move tests around 2024-08-14 12:14:53 -04:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`context 'with valid parameters' do`
			`it 'creates a new User' do`
			`expect do`
			`post settings_users_url, params: { user: valid_attributes }`
			`end.to change(User, :count).by(1)`

			`expect(User.last.email).to eq(valid_attributes[:email])`
			`expect(User.last.valid_password?(valid_attributes[:password])).to be_truthy`
			`end`

			`it 'redirects to the created settings_user' do`
Update tests for admin flag 2024-07-19 14:37:57 -04:00			`post settings_users_url, params: { user: valid_attributes }`
Allow admins to create users with password and update user password 2024-11-12 08:56:48 -05:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`expect(response).to redirect_to(settings_users_url)`
			`expect(flash[:notice]).to eq('User was successfully created')`
			`end`
Update tests for admin flag 2024-07-19 14:37:57 -04:00			`end`

Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`context 'with invalid parameters' do`
			`let(:invalid_attributes) { { email: nil } }`

			`it 'does not create a new User' do`
			`expect do`
			`post settings_users_url, params: { user: invalid_attributes }`
			`end.to change(User, :count).by(0)`
			`end`

			`it 'renders a response with 422 status (i.e. to display the "new" template)' do`
			`post settings_users_url, params: { user: invalid_attributes }`
Update tests for admin flag 2024-07-19 14:37:57 -04:00
Extract stats sharing logic to its own controller 2025-09-12 15:08:45 -04:00			`expect(response).to have_http_status(:unprocessable_content)`
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`end`
Update tests for admin flag 2024-07-19 14:37:57 -04:00			`end`
			`end`

Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`describe 'PATCH /update' do`
			`let(:user) { create(:user) }`
Update tests for admin flag 2024-07-19 14:37:57 -04:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`before { sign_in admin }`
Disable registration and implement user creation in the settings page 2024-06-30 06:31:21 -04:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`context 'with valid parameters' do`
			`let(:new_attributes) { { email: FFaker::Internet.email, password: '4815162342' } }`
Disable registration and implement user creation in the settings page 2024-06-30 06:31:21 -04:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`it 'updates the requested user' do`
			`patch settings_user_url(user), params: { user: new_attributes }`

			`user.reload`
			`expect(user.email).to eq(new_attributes[:email])`
			`expect(user.valid_password?(new_attributes[:password])).to be_truthy`
			`end`
Update tests for admin flag 2024-07-19 14:37:57 -04:00			`end`
			`end`
Disable registration and implement user creation in the settings page 2024-06-30 06:31:21 -04:00			`end`
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`end`
			`end`

			`context 'when Dawarich is not in self-hosted mode' do`
			`before do`
			`allow(DawarichSettings).to receive(:self_hosted?).and_return(false)`
			`sign_in admin`
			`end`

			`describe 'GET /index' do`
			`it 'redirects to root page' do`
			`get settings_users_url`

			`expect(response).to redirect_to(root_url)`
Fix tests 2025-09-13 06:28:43 -04:00			`expect(flash[:alert]).to eq('You are not authorized to perform this action.')`
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`end`
			`end`
Allow admins to create users with password and update user password 2024-11-12 08:56:48 -05:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`describe 'POST /create' do`
			`it 'redirects to root page' do`
			`post settings_users_url, params: { user: valid_attributes }`
Allow admins to create users with password and update user password 2024-11-12 08:56:48 -05:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`expect(response).to redirect_to(root_url)`
Fix tests 2025-09-13 06:28:43 -04:00			`expect(flash[:alert]).to eq('You are not authorized to perform this action.')`
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`end`
			`end`
Allow admins to create users with password and update user password 2024-11-12 08:56:48 -05:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`describe 'PATCH /update' do`
			`let(:user) { create(:user) }`
Allow admins to create users with password and update user password 2024-11-12 08:56:48 -05:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`it 'redirects to root page' do`
			`patch settings_user_url(user), params: { user: valid_attributes }`
Allow admins to create users with password and update user password 2024-11-12 08:56:48 -05:00
Restrict user settings to self-hosted mode 2025-02-15 05:45:53 -05:00			`expect(response).to redirect_to(root_url)`
Fix tests 2025-09-13 06:28:43 -04:00			`expect(flash[:alert]).to eq('You are not authorized to perform this action.')`
Allow admins to create users with password and update user password 2024-11-12 08:56:48 -05:00			`end`
Disable registration and implement user creation in the settings page 2024-06-30 06:31:21 -04:00			`end`
			`end`
			`end`