Update tests for admin flag

2026-01-10 01:01:39 -05:00 · 2024-07-19 20:37:57 +02:00 · 2024-07-19 20:37:57 +02:00 · 2d2eeda9e7
commit 2d2eeda9e7
parent 66ff0c3bed
5 changed files with 95 additions and 60 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -11,7 +11,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).

 ### Added

- Admin flag to the database.
+- Admin flag to the database. Now not only the first user in the system can create new users, but also users with the admin flag set to true. This will make easier introduction of more admin functions in the future.

 ### Fixed

--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -16,7 +16,7 @@ class ApplicationController < ActionController::Base
  def authenticate_admin!
    return if current_user.admin?

-    redirect_to root_path, notice: 'You are not authorized to perform this action.', status: :unauthorized
+    redirect_to root_path, notice: 'You are not authorized to perform this action.', status: :see_other
  end

  def authenticate_api_key
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
  factory :user do
    sequence :email do |n|
@ -5,5 +7,9 @@ FactoryBot.define do
    end

    password { SecureRandom.hex(8) }
+
+    trait :admin do
+      admin { true }
+    end
  end
 end
--- a/spec/requests/settings/background_jobs_spec.rb
+++ b/spec/requests/settings/background_jobs_spec.rb
@ -17,53 +17,62 @@ RSpec.describe '/settings/background_jobs', type: :request do
  end

  context 'when user is authenticated' do
-    let(:user) { create(:user) }
+    before { sign_in create(:user) }

-    before do
-      sign_in user
-    end
-
-    describe 'GET /index' do
-      it 'renders a successful response' do
+    context 'when user is not an admin' do
+      it 'redirects to root page' do
        get settings_background_jobs_url

-        expect(response).to be_successful
+        expect(response).to redirect_to(root_url)
+        expect(flash[:notice]).to eq('You are not authorized to perform this action.')
      end
    end

-    describe 'POST /create' do
-      let(:params) { { job_name: 'start_reverse_geocoding' } }
+    context 'when user is an admin' do
+      before { sign_in create(:user, :admin) }

-      context 'with valid parameters' do
-        it 'enqueues a new job' do
-          expect do
-            post settings_background_jobs_url, params:
-          end.to have_enqueued_job(EnqueueReverseGeocodingJob)
+      describe 'GET /index' do
+        it 'renders a successful response' do
+          get settings_background_jobs_url
+
+          expect(response).to be_successful
+        end
+      end
+
+      describe 'POST /create' do
+        let(:params) { { job_name: 'start_reverse_geocoding' } }
+
+        context 'with valid parameters' do
+          it 'enqueues a new job' do
+            expect do
+              post settings_background_jobs_url, params:
+            end.to have_enqueued_job(EnqueueReverseGeocodingJob)
+          end
+
+          it 'redirects to the created settings_background_job' do
+            post(settings_background_jobs_url, params:)
+
+            expect(response).to redirect_to(settings_background_jobs_url)
+          end
+        end
+      end
+
+      describe 'DELETE /destroy' do
+        it 'clears the Sidekiq queue' do
+          queue = instance_double(Sidekiq::Queue)
+          allow(Sidekiq::Queue).to receive(:new).and_return(queue)
+
+          expect(queue).to receive(:clear)
+
+          delete settings_background_job_url('queue_name')
        end

-        it 'redirects to the created settings_background_job' do
-          post(settings_background_jobs_url, params:)
+        it 'redirects to the settings_background_jobs list' do
+          delete settings_background_job_url('queue_name')

          expect(response).to redirect_to(settings_background_jobs_url)
        end
      end
    end
-
-    describe 'DELETE /destroy' do
-      it 'clears the Sidekiq queue' do
-        queue = instance_double(Sidekiq::Queue)
-        allow(Sidekiq::Queue).to receive(:new).and_return(queue)
-
-        expect(queue).to receive(:clear)
-
-        delete settings_background_job_url('queue_name')
-      end
-
-      it 'redirects to the settings_background_jobs list' do
-        delete settings_background_job_url('queue_name')
-
-        expect(response).to redirect_to(settings_background_jobs_url)
-      end
-    end
  end
 end
--- a/spec/requests/settings/users_spec.rb
+++ b/spec/requests/settings/users_spec.rb
@ -3,41 +3,61 @@
 require 'rails_helper'

 RSpec.describe '/settings/users', type: :request do
-  before do
-    sign_in create(:user)
+  let(:valid_attributes) { { email: 'user@domain.com' } }
+
+  context 'when user is not authenticated' do
+    it 'redirects to sign in page' do
+      post settings_users_url, params: { user: valid_attributes }
+
+      expect(response).to redirect_to(new_user_session_url)
+    end
  end

-  describe 'POST /create' do
-    context 'with valid parameters' do
-      let(:valid_attributes) { { email: 'user@domain.com' } }
+  context 'when user is authenticated' do
+    context 'when user is not an admin' do
+      before { sign_in create(:user) }

-      it 'creates a new User' do
-        expect do
-          post settings_users_url, params: { user: valid_attributes }
-        end.to change(User, :count).by(1)
-      end
-
-      it 'redirects to the created settings_user' do
+      it 'redirects to root page' do
        post settings_users_url, params: { user: valid_attributes }

-        expect(response).to redirect_to(settings_url)
-        expect(flash[:notice]).to eq("User was successfully created, email is #{valid_attributes[:email]}, password is \"password\".")
+        expect(response).to redirect_to(root_url)
      end
    end

-    context 'with invalid parameters' do
-      let(:invalid_attributes) { { email: nil } }
+    context 'when user is an admin' do
+      before { sign_in create(:user, :admin) }

-      it 'does not create a new User' do
-        expect do
-          post settings_users_url, params: { user: invalid_attributes }
-        end.to change(User, :count).by(0)
-      end
+      describe 'POST /create' do
+        context 'with valid parameters' do
+          it 'creates a new User' do
+            expect do
+              post settings_users_url, params: { user: valid_attributes }
+            end.to change(User, :count).by(1)
+          end

-      it 'renders a response with 422 status (i.e. to display the "new" template)' do
-        post settings_users_url, params: { user: invalid_attributes }
+          it 'redirects to the created settings_user' do
+            post settings_users_url, params: { user: valid_attributes }

-        expect(response).to have_http_status(:unprocessable_entity)
+            expect(response).to redirect_to(settings_url)
+            expect(flash[:notice]).to eq("User was successfully created, email is #{valid_attributes[:email]}, password is \"password\".")
+          end
+        end
+
+        context 'with invalid parameters' do
+          let(:invalid_attributes) { { email: nil } }
+
+          it 'does not create a new User' do
+            expect do
+              post settings_users_url, params: { user: invalid_attributes }
+            end.to change(User, :count).by(0)
+          end
+
+          it 'renders a response with 422 status (i.e. to display the "new" template)' do
+            post settings_users_url, params: { user: invalid_attributes }
+
+            expect(response).to have_http_status(:unprocessable_entity)
+          end
+        end
      end
    end
  end