require 'test_helper'
class UsersControllerTest < ActionController::TestCase
- test "valid token for deleted user ignored instead of crashing" do
- skip
+ test "ignore previously valid token (for deleted user), don't crash" do
get :welcome, {}, session_for(:valid_token_deleted_user)
assert_response :success
assert_nil assigns(:my_jobs)
session[:api_client_authorization_id] = api_client_auth.id
user = api_client_auth.user
api_client = api_client_auth.api_client
+ else
+ # Token seems valid, but points to a non-existent (deleted?) user.
+ api_client_auth = nil
end
elsif session[:user_id]
user = User.find(session[:user_id]) rescue nil
assert_equal true, me['is_active']
end
+ test "respond 401 if given token exists but user record is missing" do
+ authorize_with :valid_token_deleted_user
+ get :current, {format: :json}
+ assert_response 401
+ end
+
test "create new user with user as input" do
authorize_with :admin
post :create, user: {
projects / arvados.git / commitdiff