public/once-campfire
1
0
Fork 0
mirror of https://github.com/basecamp/once-campfire.git synced 2026-02-22 04:30:33 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
once-campfire/test/controllers/autocompletable/users_controller_test.rb
Kevin McConnell df76a227dc Hello world 
First open source release of Campfire 🎉
2025-08-21 09:31:59 +01:00

41 lines
1.2 KiB
Ruby
Raw Permalink Blame History

require "test_helper"
class Autocompletable::UsersControllerTest < ActionDispatch::IntegrationTest
setup do
sign_in :david
end
test "search returns matching users" do
get autocompletable_users_url(format: :json), params: { query: "da" }
assert_response :success
assert_equal "David", response.parsed_body.first["name"]
end
test "search results escape HTML in names" do
users(:david).update!(name: "David <script>alert(123)</script>")
get autocompletable_users_url(format: :json), params: { query: "da" }
assert_response :success
assert_equal "David &lt;script&gt;alert(123)&lt;/script&gt;", response.parsed_body.first["name"]
end
test "room search returns matching users" do
get autocompletable_users_url(room_id: rooms(:hq).id, format: :json), params: { query: "da" }
assert_response :success
assert_equal "David", response.parsed_body.first["name"]
end
test "room search is scoped by membership" do
sign_in :kevin
assert_not_includes users(:kevin).rooms, rooms(:watercooler)
assert_raises ActiveRecord::RecordNotFound do
get autocompletable_users_url(room_id: rooms(:watercooler).id, format: :json), params: { query: "da" }
end
end
end
Reference in New Issue View Git Blame Copy Permalink