Files
fizzy/test/controllers/sessions/launchpad_controller_test.rb
T
Mike Dalessio e69023993c Make sure users can't login from launchpad if they're deactivated
Just in case the SignalId::User deletion failed.
2025-07-15 18:47:38 -04:00

39 lines
1021 B
Ruby

require "test_helper"
class Sessions::LaunchpadControllerTest < ActionDispatch::IntegrationTest
test "show renders when not signed in" do
get session_launchpad_path(params: { sig: "test-sig" })
assert_response :success
assert_select "form input#sig" do |node|
assert_equal node.length, 1
assert_equal node.first["value"], "test-sig"
end
end
test "create establishes a session when the sig is valid" do
user = users(:david)
put session_launchpad_path(params: { sig: user.signal_user.perishable_signature })
assert_redirected_to root_url
assert parsed_cookies.signed[:session_token]
end
test "create checks user.active?" do
user = users(:david)
user.update! active: false
put session_launchpad_path(params: { sig: user.signal_user.perishable_signature })
assert_response :unauthorized
end
test "returns 401 when the sig is invalid" do
put session_launchpad_path(params: { sig: "invalid" })
assert_response :unauthorized
end
end