diff --git a/services/web/test/acceptance/coffee/SessionTests.coffee b/services/web/test/acceptance/coffee/SessionTests.coffee index 56783b5b85..9343b0e544 100644 --- a/services/web/test/acceptance/coffee/SessionTests.coffee +++ b/services/web/test/acceptance/coffee/SessionTests.coffee @@ -34,9 +34,9 @@ describe "Sessions", -> expect(sessions[0].slice(0, 5)).to.equal 'sess:' next() - # should be able to access settings page + # should be able to access project list page , (next) => - @user1.getUserSettingsPage (err, statusCode) => + @user1.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 200 next() @@ -94,15 +94,15 @@ describe "Sessions", -> expect(sessions[1].slice(0, 5)).to.equal 'sess:' next() - # both should be able to access settings page + # both should be able to access project list page , (next) => - @user1.getUserSettingsPage (err, statusCode) => + @user1.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 200 next() , (next) => - @user2.getUserSettingsPage (err, statusCode) => + @user2.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 200 next() @@ -117,16 +117,16 @@ describe "Sessions", -> expect(sessions.length).to.equal 1 next() - # first session should not have access to settings page + # first session should not have access to project list page , (next) => - @user1.getUserSettingsPage (err, statusCode) => + @user1.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 302 next() # second session should still have access to settings , (next) => - @user2.getUserSettingsPage (err, statusCode) => + @user2.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 200 next() @@ -141,9 +141,9 @@ describe "Sessions", -> expect(sessions.length).to.equal 0 next() - # second session should not have access to settings page + # second session should not have access to project list page , (next) => - @user2.getUserSettingsPage (err, statusCode) => + @user2.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 302 next() @@ -216,22 +216,22 @@ describe "Sessions", -> expect(sessions.length).to.equal 1 next() - # users one and three should not be able to access settings page + # users one and three should not be able to access project list page , (next) => - @user1.getUserSettingsPage (err, statusCode) => + @user1.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 302 next() , (next) => - @user3.getUserSettingsPage (err, statusCode) => + @user3.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 302 next() - # user two should still be logged in, and able to access settings page + # user two should still be logged in, and able to access project list page , (next) => - @user2.getUserSettingsPage (err, statusCode) => + @user2.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 200 next() @@ -305,6 +305,19 @@ describe "Sessions", -> expect(sessions[1].slice(0, 5)).to.equal 'sess:' next() + # enter sudo-mode + , (next) => + @user2.getCsrfToken (err) => + expect(err).to.be.oneOf [null, undefined] + @user2.request.post { + uri: '/confirm-password/submit', + json: + password: @user2.password + }, (err, response, body) => + expect(err).to.be.oneOf [null, undefined] + expect(response.statusCode).to.equal 200 + next() + # check the sessions page , (next) => @user2.request.get { @@ -328,22 +341,22 @@ describe "Sessions", -> expect(sessions.length).to.equal 1 next() - # users one and three should not be able to access settings page + # users one and three should not be able to access project list page , (next) => - @user1.getUserSettingsPage (err, statusCode) => + @user1.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 302 next() , (next) => - @user3.getUserSettingsPage (err, statusCode) => + @user3.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 302 next() - # user two should still be logged in, and able to access settings page + # user two should still be logged in, and able to access project list page , (next) => - @user2.getUserSettingsPage (err, statusCode) => + @user2.getProjectListPage (err, statusCode) => expect(err).to.equal null expect(statusCode).to.equal 200 next() diff --git a/services/web/test/acceptance/coffee/helpers/User.coffee b/services/web/test/acceptance/coffee/helpers/User.coffee index eecde65322..da03cb9917 100644 --- a/services/web/test/acceptance/coffee/helpers/User.coffee +++ b/services/web/test/acceptance/coffee/helpers/User.coffee @@ -134,6 +134,15 @@ class User return callback(error) if error? callback(null, response.statusCode) + getProjectListPage: (callback=(error, statusCode)->) -> + @getCsrfToken (error) => + return callback(error) if error? + @request.get { + url: "/project" + }, (error, response, body) => + return callback(error) if error? + callback(null, response.statusCode) + module.exports = User