More tests, and a fix.

3 years ago · 4a987a3c10
parent c6f30ba19b
commit 4a987a3c10
5 changed files with 228 additions and 29 deletions
--- a/Web/t/01_endpoints/01_admin/03_people.t
+++ b/Web/t/01_endpoints/01_admin/03_people.t
@ -0,0 +1,53 @@
+#!/usr/bin/env perl
+use MJB::Web::Test;
+
+#==
+# This test file ensures that people panel can be seen by admins, but not 
+# normal or anonymouse users.
+#==
+
+my $t = Test::Mojo::MJB->new('MJB::Web');
+
+# Make sure an unauthed user cannot access this.
+$t->get_ok( '/admin/people' )
+    ->status_is( 302 )
+    ->header_is( location => '/login', 'Anonymouse users may not access the admin people panel.' );
+
+# Register a user account and log into it.  
+#
+# A normal user should still not be allowed to view this page.
+#
+# Promote the user to an admin
+$t->app->config->{register}{enable_open} = 1;
+$t->post_ok( '/register/open', form => { 
+        name             => 'fred',
+        email            => 'fred@blog.com',
+        password         => 'SuperSecure',
+        password_confirm => 'SuperSecure',
+    })
+    ->status_is( 302 )
+    ->code_block( sub {
+        is( scalar(@{shift->stash->{errors}}), 0, 'No errors' );
+    })
+    ->get_ok( '/admin/people' )
+    ->status_is( 302 )
+    ->header_is( location => '/dashboard', 'Normal users may not access the admin people panel.' )
+    ->get_ok( '/' )
+    ->code_block( sub {
+        my $self = shift;
+        $self->stash->{person}->is_admin( 1 );
+        ok( $self->stash->{person}->update, 'Promoted fred to an admin' );
+    });
+
+# Check to ensure that the people array exists and fred is in it.
+$t->get_ok( '/admin/people' )
+    ->status_is( 200 )
+    ->code_block( sub {
+        my $self = shift;
+
+        is ref($self->stash->{people}), 'ARRAY', 'Have an array ref for invite codes.';
+        is scalar(@{$self->stash->{people}}), 1, 'Have one person entry';
+        is $self->stash->{people}->[0]->email, 'fred@blog.com', 'Fred is the person entry.';
+    });
+
+done_testing();
--- a/Web/t/01_endpoints/01_admin/04_person.t
+++ b/Web/t/01_endpoints/01_admin/04_person.t
@ -0,0 +1,52 @@
+#!/usr/bin/env perl
+use MJB::Web::Test;
+
+#==
+# This test file ensures that person panel can be seen by admins, but not 
+# normal or anonymouse users.
+#==
+
+my $t = Test::Mojo::MJB->new('MJB::Web');
+
+# Make sure an unauthed user cannot access this.
+$t->get_ok( '/admin/person/1' )
+    ->status_is( 302 )
+    ->header_is( location => '/login' );
+
+# Register a user account and log into it.  
+#
+# A normal user should still not be allowed to view this page.
+#
+# Promote the user to an admin
+$t->app->config->{register}{enable_open} = 1;
+$t->post_ok( '/register/open', form => { 
+        name             => 'fred',
+        email            => 'fred@blog.com',
+        password         => 'SuperSecure',
+        password_confirm => 'SuperSecure',
+    })
+    ->status_is( 302 )
+    ->code_block( sub {
+        is( scalar(@{shift->stash->{errors}}), 0, 'No errors' );
+    })
+    ->get_ok( '/admin/person/1' )
+    ->status_is( 302 )
+    ->header_is( location => '/dashboard', 'Normal users may not access the admin person panel.' )
+    ->get_ok( '/' )
+    ->code_block( sub {
+        my $self = shift;
+        $self->stash->{person}->is_admin( 1 );
+        ok( $self->stash->{person}->update, 'Promoted fred to an admin' );
+    });
+
+# Check to ensure that the people array exists and fred is in it.
+$t->get_ok( '/admin/person/1' )
+    ->status_is( 200 )
+    ->code_block( sub {
+        my $self = shift;
+
+        # We should have fred loaded into the profile...
+        is $self->stash->{profile}->email, 'fred@blog.com', 'Fred is the profile entry.';
+    });
+
+done_testing();
--- a/Web/t/01_endpoints/01_admin/05_do_person_note.t
+++ b/Web/t/01_endpoints/01_admin/05_do_person_note.t
@ -0,0 +1,45 @@
+#!/usr/bin/env perl
+use MJB::Web::Test;
+
+#==
+# This test file ensures that notes can be added to a user's account.
+#==
+
+my $t = Test::Mojo::MJB->new('MJB::Web');
+
+# Register a user account and log into it.  
+#
+# A normal user should still not be allowed to view this page.
+#
+# Promote the user to an admin
+$t->app->config->{register}{enable_open} = 1;
+$t->post_ok( '/register/open', form => { 
+        name             => 'fred',
+        email            => 'fred@blog.com',
+        password         => 'SuperSecure',
+        password_confirm => 'SuperSecure',
+    })
+    ->code_block( sub {
+        is( scalar(@{shift->stash->{errors}}), 0, 'No errors' );
+    })
+    ->get_ok( '/' )
+    ->code_block( sub {
+        my $self = shift;
+        $self->stash->{person}->is_admin( 1 );
+        ok( $self->stash->{person}->update, 'Promoted fred to an admin' );
+    });
+
+$t->post_ok( '/admin/person/1/note', form => { 
+        content => "Hello World!",
+    })
+    ->status_is( 302 )
+    ->header_is( location => '/admin/person/1' )
+    ->get_ok( '/admin/person/1' )
+    ->code_block( sub {
+        my $self = shift;
+
+        # We should have fred loaded into the profile...
+        is $self->stash->{notes}->[0]->content, 'Hello World!', 'The note was saved in the profile.';
+    });
+
+done_testing();
--- a/Web/t/01_endpoints/01_admin/06_blogs.t
+++ b/Web/t/01_endpoints/01_admin/06_blogs.t
@ -0,0 +1,52 @@
+#!/usr/bin/env perl
+use MJB::Web::Test;
+
+#==
+# This file tests to make sure that the admin blog page has the correct access
+# rights and that there is an arrayref for blogs in the stash.
+#==
+
+my $t = Test::Mojo::MJB->new('MJB::Web');
+
+# Make sure an unauthed user cannot access this.
+$t->get_ok( '/admin/blogs' )
+    ->status_is( 302 )
+    ->header_is( location => '/login', 'Anonymouse users may not access the admin blogs panel.' );
+
+# Register a user account and log into it.  
+#
+# A normal user should still not be allowed to view this page.
+#
+# Promote the user to an admin
+$t->app->config->{register}{enable_open} = 1;
+$t->post_ok( '/register/open', form => { 
+        name             => 'fred',
+        email            => 'fred@blog.com',
+        password         => 'SuperSecure',
+        password_confirm => 'SuperSecure',
+    })
+    ->status_is( 302 )
+    ->code_block( sub {
+        is( scalar(@{shift->stash->{errors}}), 0, 'No errors' );
+    })
+    ->get_ok( '/admin/blogs' )
+    ->status_is( 302 )
+    ->header_is( location => '/dashboard', 'Normal users may not access the admin invites panel.' )
+    ->get_ok( '/' )
+    ->code_block( sub {
+        my $self = shift;
+        $self->stash->{person}->is_admin( 1 );
+        ok( $self->stash->{person}->update, 'Promoted fred to an admin' );
+    });
+
+# Check to ensure that the invite code array exists.
+$t->get_ok( '/admin/blogs' )
+    ->status_is( 200 )
+    ->code_block( sub {
+        my $self = shift;
+
+        is ref($self->stash->{blogs}), 'ARRAY', 'Have an array ref for blogs.';
+        is scalar(@{$self->stash->{blogs}}), 0, 'No entries for blogs.';
+    });
+
+done_testing();
--- a/Web/templates/admin/people.html.ep
+++ b/Web/templates/admin/people.html.ep
@ -4,32 +4,29 @@

 %= include '_base/status_window';

-% if ( $people ) {
-    <table style="border: 1px solid #ccc" class="table">
-        <tbody>
-            <tr>
-                <th class="text-nowrap">Name</th>
-                <th class="text-nowrap">Email Address</th>
-                <th class="text-nowrap">Created</th>
-                <th class="text-nowrap">Become User</th>
-            </tr>
-        </thead>
-        <tbody>
-            % for my $user ( @{$people} ) { 
-            <tr>
-                <td><a href="<%= $c->url_for( 'show_admin_person', { id => $user->id } ) %>"><%= $user->name %></a></td>
-                <td><%= $user->email %></td>
-                <td><%= $user->created_at->strftime( "%F" ) %></td>
-                <td>
-                    <form style="margin-top: 1.5em; display: inline;" method="POST" action="<%= $c->url_for( 'do_admin_become' ) %>">
-                        <input type="hidden" name="uid" value="<%= $user->id %>">
-                        <input type="hidden" name="url" value="<%= $c->url_for %>">
-                        <button type="submit" class="btn btn-sm btn-outline-danger">Login</button>
-                    </form>
-                </td>
-            </tr>
-            % }
-        </tbody>
-    </table>
-% }
-
+<table style="border: 1px solid #ccc" class="table">
+    <tbody>
+        <tr>
+            <th class="text-nowrap">Name</th>
+            <th class="text-nowrap">Email Address</th>
+            <th class="text-nowrap">Created</th>
+            <th class="text-nowrap">Become User</th>
+        </tr>
+    </thead>
+    <tbody>
+        % for my $user ( @{$people} ) { 
+        <tr>
+            <td><a href="<%= $c->url_for( 'show_admin_person', { id => $user->id } ) %>"><%= $user->name %></a></td>
+            <td><%= $user->email %></td>
+            <td><%= $user->created_at->strftime( "%F" ) %></td>
+            <td>
+                <form style="margin-top: 1.5em; display: inline;" method="POST" action="<%= $c->url_for( 'do_admin_become' ) %>">
+                    <input type="hidden" name="uid" value="<%= $user->id %>">
+                    <input type="hidden" name="url" value="<%= $c->url_for %>">
+                    <button type="submit" class="btn btn-sm btn-outline-danger">Login</button>
+                </form>
+            </td>
+        </tr>
+        % }
+    </tbody>
+</table>