添加user和session controller，部分接口完成

2016-12-15 18:07:51 +08:00 · 2016-12-15 18:07:51 +08:00 · 50f0fd776c
parent 86bebaf71c
commit 50f0fd776c
15 changed files with 265 additions and 0 deletions
--- a/app/assets/javascripts/sessions.coffee
+++ b/app/assets/javascripts/sessions.coffee
@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/
--- a/app/assets/javascripts/users.coffee
+++ b/app/assets/javascripts/users.coffee
@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/
--- a/app/assets/stylesheets/sessions.scss
+++ b/app/assets/stylesheets/sessions.scss
@ -0,0 +1,3 @@
+// Place all the styles related to the Sessions controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/
--- a/app/assets/stylesheets/users.scss
+++ b/app/assets/stylesheets/users.scss
@ -0,0 +1,3 @@
+// Place all the styles related to the Users controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -2,4 +2,10 @@ class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
+
+  def current_user
+    @current_user ||= User.find(session[:user_id]) if session[:user_id]
+  end
+
+  helper_method :current_user
 end
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -0,0 +1,18 @@
+class SessionsController < ApplicationController
+
+  def create
+    user = User.find_by(email: params[:email])
+    if user && user.authenticate(params[:password])
+      session[:user_id] = user.id
+      render status: :ok, text: 'login success'
+    else
+      render status: :ok, text: 'account or password is not correct'
+    end
+  end
+
+  def destroy
+    session[:user_id] = nil
+    @current_user &&= nil
+    render status: :ok, nothing: true
+  end
+end
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -0,0 +1,41 @@
+class UsersController < ApplicationController
+
+  def emailExist
+    if checkExist?(:email, params[:email])
+      render :text => 'exist'
+    else
+      render :text => 'not exist'
+    end
+  end
+
+  def usernameExist
+    if checkExist?(:name, params[:username])
+      render :text => 'exist'
+    else
+      render :text => 'not exist'
+    end
+  end
+
+  def create
+    @user = User.new(user_params)
+    if @user.save
+      render status: :created, nothing: true
+    else
+      render json: @user.errors, status: :unprocessable_entity
+    end
+  end
+
+  def update
+    @test = 1
+    render 'show.json.jbuilder'
+  end
+
+  private
+    def checkExist?(field_name, value)
+      User.exists?(field_name => value)
+    end
+
+    def user_params
+      params.require(:user).permit(:name, :password, :password_confirmation, :email)
+    end
+end
--- a/app/helpers/sessions_helper.rb
+++ b/app/helpers/sessions_helper.rb
@ -0,0 +1,2 @@
+module SessionsHelper
+end
--- a/app/helpers/users_helper.rb
+++ b/app/helpers/users_helper.rb
@ -0,0 +1,2 @@
+module UsersHelper
+end
--- a/app/views/users/show.json.jbuilder
+++ b/app/views/users/show.json.jbuilder
@ -0,0 +1 @@
+json.test @test
--- a/config/routes.rb
+++ b/config/routes.rb
@ -53,4 +53,12 @@ Rails.application.routes.draw do
  #     # (app/controllers/admin/products_controller.rb)
  #     resources :products
  #   end
+
+  get 'users/emailExist' => 'users#emailExist'
+  get 'users/usernameExist' => 'users#usernameExist'
+  post 'user/create' => 'users#create'
+  get 'user/update' => 'users#update'
+
+  post 'sessions/create' => 'sessions#create'
+  delete 'session' => 'sessions#destroy'
 end
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@ -0,0 +1,71 @@
+require 'rails_helper'
+
+RSpec.describe SessionsController, type: :controller do
+
+  before :each do
+    @user1 = create(:user)
+  end
+
+  describe 'POST #create' do
+
+    # 合法流程校验
+    context 'with legal account' do
+
+      before :each do
+        post :create, email: @user1.email, password: @user1.password
+      end
+
+      it 'should get correct email and password' do
+        actual_email = @user1.email
+        actual_password = @user1.password
+        expect(controller.params[:email]).to eq(actual_email)
+        expect(controller.params[:password]).to eq(actual_password)
+      end
+
+      it 'should authenticate success' do
+        expect(controller.session[:user_id]).to eq @user1.id
+      end
+
+      it 'should get ok and text: login success' do
+        expect(response).to have_http_status :ok
+        expect(response.body).to eq 'login success'
+      end
+    end
+
+    # 非法参数测试
+    context 'with illegal account' do
+
+      before :each do
+        post :create, email: @user1.email, password: 'wrong_password'
+      end
+
+      it 'does not authenticate success' do
+        expect(controller.session[:user_id].nil?).to be true
+      end
+
+      it 'return with 200 and text: account or password is not correct' do
+        expect(response).to have_http_status :ok
+        expect(response.body).to eq 'account or password is not correct'
+      end
+
+      it 'should not raise error without param email or password' do
+        expect {
+          post :create, email: @user1.email
+        }.not_to raise_error
+        expect {
+          post :create, password: 'wrong_password'
+        }.not_to raise_error
+      end
+
+    end
+  end
+
+  describe 'DELETE #destroy' do
+    it 'should destroy user id in session' do
+      post :create, email:@user1.email, password: @user1.password
+      expect(controller.session[:user_id].nil?).to be false
+      delete :destroy
+      expect(controller.session[:user_id].nil?).to be true
+    end
+  end
+end
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@ -0,0 +1,102 @@
+require 'rails_helper'
+
+RSpec.describe UsersController, type: :controller do
+  let(:user) { build(:user_with_sequence_number) }
+  let(:valid_attributes){ attributes_for(:user) }
+  let(:invalid_attributes){ attributes_for(:user, email: nil, name: 'username2000') }
+
+  describe 'GET #emailExist' do
+    it 'valid email' do
+      get :emailExist, email: user.email
+      expect(response.body).to eq 'not exist'
+    end
+
+    it 'duplicated email' do
+      user = create(:user_with_sequence_number)
+      get :emailExist, email: user.email
+      expect(response.body).to eq 'exist'
+    end
+
+    it 'should not throw exception with no email param' do
+      get :emailExist  # 不会失败，则证明没有异常
+      get :emailExist, other_param: 'test'
+    end
+  end
+
+  describe 'GET #usernameExist' do
+    it 'valid username' do
+      get :usernameExist, username: user.name
+      expect(response.body).to eq 'not exist'
+    end
+
+    it 'duplicated username' do
+      user = create(:user_with_sequence_number)
+      get :usernameExist, username: user.name
+      expect(response.body).to eq 'exist'
+    end
+
+    it 'should not throw exception with no username param' do
+      get :usernameExist
+      get :usernameExist, other_param: 'test'
+    end
+  end
+
+  describe 'POST #create' do
+    context 'success with valid attributes' do
+      before :each do
+        post :create, user: valid_attributes
+      end
+
+      it 'should create user' do
+        expect(User.exists?(assigns[:user].id)).to be true
+      end
+
+      it 'should response with 201' do
+        expect(response).to have_http_status :created
+      end
+
+    end
+
+    context 'fail with invalid attributes' do
+      # 已经在model测试中充分验证校对条件，所以这里只对使用电子邮箱为空的非法条件
+      before :each do
+        post :create, user: invalid_attributes
+      end
+
+      it 'does not save the new user' do
+        expect(User.exists? name: 'username2000').to be false
+      end
+
+      it 'should return errors' do
+        error_message = JSON.parse response.body
+        expect(error_message['email'].nil?).to be false
+        expect(error_message['email']).not_to be_empty
+      end
+    end
+
+    context 'deal with params more or less than required' do
+
+      let(:data_to_send) { { :name => 'username', :email => '1261138729@qq.com',
+                             :password => 'secret', :password_confirmation => 'secret',
+                             :more_field => 'test'} }
+
+      it 'should throw exception without param[:user]' do
+        expect {
+          post :create
+        }.to raise_error ActionController::ParameterMissing
+      end
+
+      it 'should not throw exception' do
+        expect {
+           post :create, user: data_to_send, other_param: 'test'
+        }.to_not raise_error
+      end
+
+      it 'should not accept other params' do
+        post :create, user: data_to_send
+        user = assigns(:user)
+        expect(user.has_attribute? :more_field).to eq false
+      end
+    end
+  end
+end
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@ -1,3 +1,4 @@
+require 'faker'
 FactoryGirl.define do
  factory :project do
    name { Faker::Name.title }
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@ -1,3 +1,4 @@
+require 'faker'
 FactoryGirl.define do
  factory :user do
    name { Faker::Name.name }