require 'rails_helper' describe Management::SessionsController do describe 'Sign in' do it "should deny access if wrong manager credentials" do allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(false) expect { get :create, login: "nonexistent" , clave_usuario: "wrong"}.to raise_error CanCan::AccessDenied expect(session[:manager]).to be_nil end it "should redirect to management root path if authorized manager with right credentials" do manager = {login: "JJB033", user_key: "31415926" , date: "20151031135905"} allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(manager) get :create, login: "JJB033" , clave_usuario: "31415926", fecha_conexion: "20151031135905" expect(response).to be_redirect expect(session[:manager][:login]).to eq "JJB033" end it "should redirect to management root path if user is admin" do user = create(:administrator).user sign_in user get :create expect(response).to be_redirect expect(session[:manager][:login]).to eq "admin_user_#{user.id}" end it "should redirect to management root path if user is manager" do user = create(:manager).user sign_in user get :create expect(response).to be_redirect expect(session[:manager][:login]).to eq "manager_user_#{user.id}" end it "should deny access if user is not admin or manager" do sign_in create(:user) expect { get :create}.to raise_error CanCan::AccessDenied expect(session[:manager]).to be_nil end end describe 'Sign out' do it "should destroy the session data and redirect" do session[:manager] = {user_key: "31415926", date: "20151031135905", login: "JJB033"} session[:document_type] = "1" session[:document_number] = "12345678Z" delete :destroy expect(session[:manager]).to be_nil expect(session[:document_type]).to be_nil expect(session[:document_number]).to be_nil expect(response).to be_redirect end end end