spec/controllers/management/sessions_controller_spec.rb
require "rails_helper"
describe Management::SessionsController do
describe "Sign in" do
it "denies access if wrong manager credentials" do
allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(false)
get :create, params: { login: "nonexistent", clave_usuario: "wrong" }
expect(response).to redirect_to "/"
expect(flash[:alert]).to eq "You do not have permission to access this page."
expect(session[:manager]).to be nil
end
it "redirects to management root path if authorized manager with right credentials" do
manager = { login: "JJB033", user_key: "31415926", date: "20151031135905" }
allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(manager)
get :create, params: {
login: "JJB033",
clave_usuario: "31415926",
fecha_conexion: "20151031135905"
}
expect(response).to be_redirect
expect(session[:manager][:login]).to eq "JJB033"
end
it "redirects to management root path if user is admin" do
user = create(:administrator).user
sign_in user
get :create
expect(response).to be_redirect
expect(session[:manager][:login]).to eq "admin_user_#{user.id}"
end
it "redirects to management root path if user is manager" do
user = create(:manager).user
sign_in user
get :create
expect(response).to be_redirect
expect(session[:manager][:login]).to eq "manager_user_#{user.id}"
end
it "denies access if user is not admin or manager" do
sign_in create(:user)
get :create
expect(response).to redirect_to "/"
expect(flash[:alert]).to eq "You do not have permission to access this page."
expect(session[:manager]).to be nil
end
end
describe "Sign out" do
it "destroys the session data and redirect" do
session[:manager] = { user_key: "31415926", date: "20151031135905", login: "JJB033" }
session[:document_type] = "1"
session[:document_number] = "12345678Z"
delete :destroy
expect(session[:manager]).to be nil
expect(session[:document_type]).to be nil
expect(session[:document_number]).to be nil
expect(response).to be_redirect
end
end
end