session_spec.rb 2.71 KB
Newer Older
1 2
require 'spec_helper'

Jeroen van Baarsen's avatar
Jeroen van Baarsen committed
3
describe API::API, api: true  do
4 5
  include ApiHelpers

6
  let(:user) { create(:user) }
7 8 9 10

  describe "POST /session" do
    context "when valid password" do
      it "should return private token" do
11
        post api("/session"), email: user.email, password: '12345678'
12 13 14 15
        response.status.should == 201

        json_response['email'].should == user.email
        json_response['private_token'].should == user.private_token
16 17 18
        json_response['is_admin'].should == user.is_admin?
        json_response['can_create_project'].should == user.can_create_project?
        json_response['can_create_group'].should == user.can_create_group?
19 20 21
      end
    end

22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
    context 'when email has case-typo and password is valid' do
      it 'should return private token' do
        post api('/session'), email: user.email.upcase, password: '12345678'
        expect(response.status).to eq 201

        expect(json_response['email']).to eq user.email
        expect(json_response['private_token']).to eq user.private_token
        expect(json_response['is_admin']).to eq user.is_admin?
        expect(json_response['can_create_project']).to eq user.can_create_project?
        expect(json_response['can_create_group']).to eq user.can_create_group?
      end
    end

    context 'when login has case-typo and password is valid' do
      it 'should return private token' do
        post api('/session'), login: user.username.upcase, password: '12345678'
        expect(response.status).to eq 201

        expect(json_response['email']).to eq user.email
        expect(json_response['private_token']).to eq user.private_token
        expect(json_response['is_admin']).to eq user.is_admin?
        expect(json_response['can_create_project']).to eq user.can_create_project?
        expect(json_response['can_create_group']).to eq user.can_create_group?
      end
    end

48 49 50
    context "when invalid password" do
      it "should return authentication error" do
        post api("/session"), email: user.email, password: '123'
51
        response.status.should == 401
52 53 54 55 56 57 58 59 60

        json_response['email'].should be_nil
        json_response['private_token'].should be_nil
      end
    end

    context "when empty password" do
      it "should return authentication error" do
        post api("/session"), email: user.email
61
        response.status.should == 401
62 63 64 65 66

        json_response['email'].should be_nil
        json_response['private_token'].should be_nil
      end
    end
67 68 69 70 71 72 73 74 75 76

    context "when empty name" do
      it "should return authentication error" do
        post api("/session"), password: user.password
        response.status.should == 401

        json_response['email'].should be_nil
        json_response['private_token'].should be_nil
      end
    end
77 78
  end
end