summaryrefslogtreecommitdiffstats
path: root/test/functional
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2013-01-30 17:34:48 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2013-01-30 17:34:48 +0000
commitf2fd78f7b868c184e4ab2058e41a27043640843a (patch)
tree5fa1f049587fa5dd2f0cced7caed3f8a7bdbf8e1 /test/functional
parent41faf7f5f54441a2f0ace22d5e40a0bd527a7885 (diff)
downloadredmine-f2fd78f7b868c184e4ab2058e41a27043640843a.tar.gz
redmine-f2fd78f7b868c184e4ab2058e41a27043640843a.zip
Use POST instead of GET for logging out (#13022).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11289 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/functional')
-rw-r--r--test/functional/account_controller_test.rb13
-rw-r--r--test/functional/welcome_controller_test.rb7
2 files changed, 18 insertions, 2 deletions
diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb
index 5a11dbaa2..0f9ae8eed 100644
--- a/test/functional/account_controller_test.rb
+++ b/test/functional/account_controller_test.rb
@@ -80,9 +80,18 @@ class AccountControllerTest < ActionController::TestCase
assert_response 302
end
- def test_logout
+ def test_get_logout_should_not_logout
@request.session[:user_id] = 2
get :logout
+ assert_response :success
+ assert_template 'logout'
+
+ assert_equal 2, @request.session[:user_id]
+ end
+
+ def test_logout
+ @request.session[:user_id] = 2
+ post :logout
assert_redirected_to '/'
assert_nil @request.session[:user_id]
end
@@ -91,7 +100,7 @@ class AccountControllerTest < ActionController::TestCase
@controller.expects(:reset_session).once
@request.session[:user_id] = 2
- get :logout
+ post :logout
assert_response 302
end
diff --git a/test/functional/welcome_controller_test.rb b/test/functional/welcome_controller_test.rb
index d760046d0..94a99c223 100644
--- a/test/functional/welcome_controller_test.rb
+++ b/test/functional/welcome_controller_test.rb
@@ -85,6 +85,13 @@ class WelcomeControllerTest < ActionController::TestCase
:content => %r{warnLeavingUnsaved}
end
+ def test_logout_link_should_post
+ @request.session[:user_id] = 2
+
+ get :index
+ assert_select 'a[href=/logout][data-method=post]', :text => 'Sign out'
+ end
+
def test_call_hook_mixed_in
assert @controller.respond_to?(:call_hook)
end