api.user do
api.id @user.id
api.login @user.login if User.current.admin? || (User.current == @user)
+ api.admin @user.admin? if User.current.admin? || (User.current == @user)
api.firstname @user.firstname
api.lastname @user.lastname
api.mail @user.mail if User.current.admin? || !@user.pref.hide_mail
assert_select 'user status', :text => User.find(1).status.to_s
end
+ test "GET /users/:id should return admin status for current user" do
+ get '/users/2.xml', :headers => credentials('jsmith')
+ assert_response :success
+ assert_select 'user admin', :text => 'false'
+ end
+
+ test "GET /users/:id should not return admin status for other user" do
+ get '/users/3.xml', :headers => credentials('jsmith')
+ assert_response :success
+ assert_select 'user admin', 0
+ end
+
test "POST /users.xml with valid parameters should create the user" do
assert_difference('User.count') do
post '/users.xml',