56 lines
1.3 KiB
Ruby
56 lines
1.3 KiB
Ruby
require 'spec_helper'
|
|
|
|
describe 'Authorization' do
|
|
context 'when not logged in' do
|
|
it 'should not allow access to manage' do
|
|
visit '/manage'
|
|
expect(page.status_code).to be(401)
|
|
end
|
|
|
|
it 'should not allow access to the create form' do
|
|
visit '/new'
|
|
expect(page.status_code).to be(401)
|
|
end
|
|
|
|
it 'should not allow access to send' do
|
|
visit '/send'
|
|
expect(page.status_code).to be(401)
|
|
end
|
|
|
|
it 'should not allow access to delete' do
|
|
visit '/destroy'
|
|
expect(page.status_code).to be(401)
|
|
end
|
|
end
|
|
|
|
it 'should allow accessing the home page' do
|
|
visit '/'
|
|
expect(page.status_code).to be(200)
|
|
end
|
|
|
|
it 'should allow accessing the events page' do
|
|
visit '/events'
|
|
expect(page.status_code).to be(200)
|
|
end
|
|
|
|
context 'when logging in' do
|
|
context 'with incorrect credentials' do
|
|
before(:each) { basic_auth 'baduser', 'badpassword' }
|
|
|
|
it 'should allow not allow access' do
|
|
visit '/manage'
|
|
expect(page.status_code).to be(401)
|
|
end
|
|
end
|
|
|
|
context 'with correct credentials' do
|
|
before(:each) { basic_auth 'admin', 'password' }
|
|
|
|
it 'should allow access' do
|
|
visit '/manage'
|
|
|
|
expect(page.status_code).to be(200)
|
|
end
|
|
end
|
|
end
|
|
end
|