Removed superfluous 'tracks' directory at the root of the repository.

Testing commits to github.

test/functional/backend_controller_test.rb

@@ -0,0 +1,81 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'backend_controller'
+
+# Re-raise errors caught by the controller.
+class BackendController; def rescue_action(e) raise e end; end
+
+class BackendControllerTest < Test::Rails::TestCase
+  fixtures :users, :projects, :contexts, :todos, :notes
+  
+  def setup
+    @controller = BackendController.new
+    request, response = ActionController::TestRequest.new, ActionController::TestResponse.new
+    assert_equal "change-me", Tracks::Config.salt
+  end
+
+  def test_new_todo_fails_with_incorrect_token
+    assert_raises_invalid_token { @controller.new_todo('admin', 'notthecorrecttoken', contexts('agenda').id, 'test', 'test') }
+  end
+  
+  def test_new_todo_fails_with_context_that_does_not_belong_to_user
+     assert_raise(CannotAccessContext, "Cannot access a context that does not belong to this user.") { @controller.new_todo(users('other_user').login, users('other_user').token, contexts('agenda').id, 'test', 'test') }
+  end
+  
+  def test_new_rich_todo_fails_with_incorrect_token
+    assert_raises_invalid_token { @controller.new_rich_todo('admin', 'notthecorrecttoken', contexts('agenda').id, 'test', 'test') }
+  end
+  
+  #"Call mfox @call > Build a working time machine" should create the "Call mfox" todo in the 'call' context and the 'Build a working time machine' project. 
+  def test_new_rich_todo_creates_todo_with_exact_match
+    assert_new_rich_todo_creates_mfox_todo("Call mfox @call > Build a working time machine")
+  end
+
+  #"Call mfox @cal > Build" should create the "Call mfox" todo in the 'call' context and the 'Build a working time machine' project. 
+  def test_new_rich_todo_creates_todo_with_starts_with_match
+    assert_new_rich_todo_creates_mfox_todo("Call mfox @cal > Build")
+  end
+
+  #"Call mfox @call > new:Run for president" should create the 'Run for president' project, create the "Call mfox" todo in the 'call' context and the new project. 
+  def test_new_rich_todo_creates_todo_with_new_project
+    max_todo_id = Todo.maximum('id')
+    max_project_id = Project.maximum('id')
+    @controller.new_rich_todo(users(:admin_user).login, users(:admin_user).token, contexts(:agenda).id, 'Call mfox @call > new:Run for president', 'test')
+    todo = Todo.find(:first, :conditions => ["id > ?", max_todo_id])
+    new_project = Project.find(:first, :conditions => ["id > ?", max_project_id])
+    assert_equal(users(:admin_user).id, todo.user_id)
+    assert_equal(contexts(:call).id, todo.context_id)
+    assert_equal(new_project.id, todo.project_id)
+    assert_equal("Call mfox", todo.description)
+    assert_equal("test", todo.notes)
+  end
+  
+  def assert_new_rich_todo_creates_mfox_todo(description_input)
+    max_id = Todo.maximum('id')
+    @controller.new_rich_todo(users(:admin_user).login, users(:admin_user).token, contexts(:agenda).id, 'Call mfox @cal > Build', 'test')
+    todo = Todo.find(:first, :conditions => ["id > ?", max_id])
+    assert_equal(users(:admin_user).id, todo.user_id)
+    assert_equal(contexts(:call).id, todo.context_id)
+    assert_equal(projects(:timemachine).id, todo.project_id)
+    assert_equal('test', todo.notes)
+    assert_equal("Call mfox", todo.description)
+  end
+  
+  def test_new_rich_todo_fails_with_context_that_does_not_belong_to_user
+     assert_raise(CannotAccessContext, "Cannot access a context that does not belong to this user.") { @controller.new_rich_todo(users('other_user').login, users('other_user').token, contexts('agenda').id, 'test', 'test') }
+  end
+
+  def test_list_projects_fails_with_incorrect_token
+    assert_raises_invalid_token { @controller.list_projects('admin', 'notthecorrecttoken') }
+  end
+
+  def test_list_contexts_fails_with_incorrect_token
+    assert_raises_invalid_token { @controller.list_contexts('admin', 'notthecorrecttoken') }
+  end
+  
+  private
+  
+  def assert_raises_invalid_token
+    assert_raise(InvalidToken, "Sorry, you don't have permission to perform this action.") { yield } 
+  end
+
+end

test/functional/contexts_controller_test.rb

@@ -0,0 +1,189 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require File.dirname(__FILE__) + '/todo_container_controller_test_base'
+require 'contexts_controller'
+
+# Re-raise errors caught by the controller.
+class ContextsController; def rescue_action(e) raise e end; end
+
+class ContextsControllerTest < TodoContainerControllerTestBase
+  fixtures :users, :preferences, :contexts
+
+  def setup
+    perform_setup(Context, ContextsController)
+  end
+
+  def test_contexts_list
+    login_as :admin_user
+    get :index
+  end
+
+  def test_create_context_via_ajax_increments_number_of_context
+    assert_ajax_create_increments_count '@newcontext'
+  end
+
+  def test_create_context_with_ajax_success_rjs
+    ajax_create '@newcontext'
+    assert_rjs :insert_html, :bottom, "list-contexts"
+    assert_rjs :sortable, 'list-contexts', { :tag => 'div', :handle => 'handle', :complete => visual_effect(:highlight, 'list-contexts'), :url => order_contexts_path }
+    # not yet sure how to write the following properly...
+    assert_rjs :call, "Form.reset", "context-form"
+    assert_rjs :call, "Form.focusFirstElement", "context-form"
+  end
+
+  def test_create_via_ajax_with_comma_in_name_does_not_increment_number_of_contexts
+    assert_ajax_create_does_not_increment_count 'foo,bar'
+  end
+  
+  def test_create_with_comma_in_name_fails_with_rjs
+    ajax_create 'foo,bar'
+    assert_rjs :show, 'status'
+# Not working with Rails 2.0 upgrade
+#    assert_rjs :update, 'status', "<div class=\"ErrorExplanation\" id=\"ErrorExplanation\"><h2>1 error prohibited this record from being saved</h2><p>There were problems with the following fields:</p><ul>Name cannot contain the comma (',') character</ul></div>"
+  end
+
+  def test_rss_feed_content
+    login_as :admin_user
+    get :index, { :format => "rss" }
+    assert_equal 'application/rss+xml', @response.content_type
+    #puts @response.body
+
+    assert_xml_select 'rss[version="2.0"]' do
+      assert_select 'channel' do
+        assert_select '>title', 'Tracks Contexts'
+        assert_select '>description', "Lists all the contexts for #{users(:admin_user).display_name}"
+        assert_select 'language', 'en-us'
+        assert_select 'ttl', '40'
+      end
+      assert_select 'item', 10 do
+        assert_select 'title', /.+/
+        assert_select 'description' do
+          assert_select_encoded do
+            assert_select 'p', /\d+&nbsp;actions. Context is (Active|Hidden)./
+          end
+        end
+        %w(guid link).each do |node|
+          assert_select node, /http:\/\/test.host\/contexts\/.+/
+        end
+        assert_select 'pubDate', contexts(:agenda).created_at.to_s(:rfc822)
+      end
+    end
+  end
+  
+  def test_rss_feed_not_accessible_to_anonymous_user_without_token
+    login_as nil
+    get :index, { :format => "rss" }
+    assert_response 401
+  end
+  
+  def test_rss_feed_not_accessible_to_anonymous_user_with_invalid_token
+    login_as nil
+    get :index, { :format => "rss", :token => 'foo'  }
+    assert_response 401
+  end
+  
+  def test_rss_feed_accessible_to_anonymous_user_with_valid_token
+    login_as nil
+    get :index, { :format => "rss", :token => users(:admin_user).token }
+    assert_response :ok
+  end
+  
+  def test_atom_feed_content
+    login_as :admin_user
+    get :index, { :format => "atom" }
+    assert_equal 'application/atom+xml', @response.content_type
+    #puts @response.body
+    
+    assert_xml_select 'feed[xmlns="http://www.w3.org/2005/Atom"]' do
+      assert_select '>title', 'Tracks Contexts'
+      assert_select '>subtitle', "Lists all the contexts for #{users(:admin_user).display_name}"
+      assert_select 'entry', 10 do
+        assert_select 'title', /.+/
+        assert_select 'content[type="html"]' do
+          assert_select_encoded do
+            assert_select 'p', /\d+&nbsp;actions. Context is (Active|Hidden)./
+          end
+        end
+        assert_select 'published', /(#{contexts(:agenda).created_at.xmlschema}|#{contexts(:library).created_at.xmlschema})/
+      end
+    end
+  end
+ 
+  def test_atom_feed_not_accessible_to_anonymous_user_without_token
+    login_as nil
+    get :index, { :format => "atom" }
+    assert_response 401
+  end
+  
+  def test_atom_feed_not_accessible_to_anonymous_user_with_invalid_token
+    login_as nil
+    get :index, { :format => "atom", :token => 'foo'  }
+    assert_response 401
+  end
+  
+  def test_atom_feed_accessible_to_anonymous_user_with_valid_token
+    login_as nil
+    get :index, { :format => "atom", :token => users(:admin_user).token }
+    assert_response :ok
+  end
+ 
+  def test_text_feed_content
+    login_as :admin_user
+    get :index, { :format => "txt" }
+    assert_equal 'text/plain', @response.content_type
+    assert !(/&nbsp;/.match(@response.body)) 
+  end
+  
+  def test_text_feed_not_accessible_to_anonymous_user_without_token
+    login_as nil
+    get :index, { :format => "txt" }
+    assert_response 401
+  end
+  
+  def test_text_feed_not_accessible_to_anonymous_user_with_invalid_token
+    login_as nil
+    get :index, { :format => "txt", :token => 'foo'  }
+    assert_response 401
+  end
+  
+  def test_text_feed_accessible_to_anonymous_user_with_valid_token
+    login_as nil
+    get :index, { :format => "txt", :token => users(:admin_user).token }
+    assert_response :ok
+  end
+  
+  def test_show_sets_title
+    login_as :admin_user
+    get :show, { :id => "1" }
+    assert_equal 'TRACKS::Context: agenda', assigns['page_title']
+  end
+  
+  def test_show_renders_show_template
+    login_as :admin_user
+    get :show, { :id => "1" }
+    assert_template "contexts/show"
+  end
+  
+  def test_show_xml_renders_context_to_xml
+    login_as :admin_user
+    get :show, { :id => "1", :format => 'xml' }
+    assert_equal contexts(:agenda).to_xml( :except => :user_id ), @response.body
+  end
+  
+  def test_show_with_nil_context_returns_404
+    login_as :admin_user
+    get :show, { :id => "0" }
+    assert_equal 'Context not found', @response.body 
+    assert_response 404
+  end
+  
+  def test_show_xml_with_nil_context_returns_404
+    login_as :admin_user
+    get :show, { :id => "0", :format => 'xml' }
+    assert_response 404
+    assert_xml_select 'error', 'Context not found'
+  end
+  
+  def protect_against_forgery?
+    false
+  end
+end

test/functional/data_controller_test.rb

@@ -0,0 +1,21 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'data_controller'
+
+# Re-raise errors caught by the controller.
+class DataController; def rescue_action(e) raise e end; end
+
+class DataControllerTest < Test::Rails::TestCase
+  fixtures :users, :preferences, :projects, :notes
+
+  def setup
+    @controller = DataController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  # Replace this with your real tests.
+  def test_csv_export_completes_without_error
+    login_as :admin_user
+    get :csv_notes
+  end
+end

test/functional/feedlist_controller_test.rb

@@ -0,0 +1,30 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'feedlist_controller'
+
+# Re-raise errors caught by the controller.
+class FeedlistController; def rescue_action(e) raise e end; end
+
+class FeedlistControllerTest < Test::Rails::TestCase
+  fixtures :users, :preferences, :projects, :contexts, :todos, :notes
+  
+  def setup
+    assert_equal "test", ENV['RAILS_ENV']
+    assert_equal "change-me", Tracks::Config.salt
+    @controller = FeedlistController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+  
+  def test_get_index_when_not_logged_in
+    get :index
+    assert_redirected_to :controller => 'login', :action => 'login'
+  end
+  
+  def test_get_index_by_logged_in_user
+    login_as :other_user
+    get :index
+    assert_response :success
+    assert_equal "TRACKS::Feeds", assigns['page_title']  
+  end
+    
+end

test/functional/integrations_controller_test.rb

@@ -0,0 +1,27 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'integrations_controller'
+
+# Re-raise errors caught by the controller.
+class IntegrationsController; def rescue_action(e) raise e end; end
+
+class IntegrationsControllerTest < Test::Unit::TestCase
+  fixtures :users, :preferences, :projects, :contexts, :todos, :tags, :taggings
+
+  def setup
+    @controller = IntegrationsController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  # Replace this with your real tests.
+  def test_truth
+    assert true
+  end
+  
+  def test_page_load
+    login_as(:admin_user)
+    get :rest_api
+    assert_response :success
+  end
+  
+end

test/functional/login_controller_test.rb

@@ -0,0 +1,146 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'login_controller'
+require_dependency "login_system"
+
+# Re-raise errors caught by the controller.
+class LoginController; def rescue_action(e) raise e end; end
+
+class LoginControllerTest < Test::Rails::TestCase
+  fixtures :preferences, :users
+  
+  def setup
+    assert_equal "test", ENV['RAILS_ENV']
+    assert_equal "change-me", Tracks::Config.salt
+    @controller = LoginController.new
+    @request = ActionController::TestRequest.new
+    @response = ActionController::TestResponse.new
+  end
+
+  #============================================
+  #Login and logout
+  #============================================
+    
+  def test_invalid_login
+    post :login, {:user_login => 'cracker', :user_password => 'secret', :user_noexpiry => 'on'}
+    assert_response :success
+    assert(!@response.has_session_object?(:user_id))
+    assert_template "login"
+  end
+  
+  def test_login_with_valid_admin_user
+    @request.session['return-to'] = "/bogus/location"
+    post :login, {:user_login => 'admin', :user_password => 'abracadabra', :user_noexpiry => 'on'}
+    user = User.find(session['user_id'])
+    assert_equal user.id, @response.session['user_id']
+    assert_equal user.login, "admin"
+    assert user.is_admin
+    assert_equal "Login successful: session will not expire.", flash[:notice]
+    assert_equal("http://#{@request.host}/bogus/location", @response.redirect_url)
+  end
+  
+  def test_login_with_valid_standard_user
+    post :login, {:user_login => 'jane', :user_password => 'sesame', :user_noexpiry => 'off'}
+    user = User.find(session['user_id'])
+    assert_equal user.id, @response.session['user_id']
+    assert_equal user.login, "jane"
+    assert user.is_admin == false || user.is_admin == 0
+    assert_equal "Login successful: session will expire after 1 hour of inactivity.", flash[:notice]
+    assert_redirected_to home_url
+  end
+  
+  def test_login_with_no_users_redirects_to_signup
+    User.delete_all
+    get :login
+    assert_redirected_to :controller => 'users', :action => 'new'
+  end
+  
+  def test_logout
+    login_as :admin_user
+    get :logout
+    assert_nil(session['user_id'])
+    assert_redirected_to :controller => 'login', :action => 'login'
+  end
+  
+  # Test login with a bad password for existing user
+  # 
+  def test_login_bad_password
+    post :login, {:user_login => 'jane', :user_password => 'wrong', :user_noexpiry => 'on'}
+    assert(!@response.has_session_object?(:user))
+    assert_equal "Login unsuccessful", flash[:warning]
+    assert_response :success
+  end
+  
+  def test_login_bad_login
+    post :login, {:user_login => 'blah', :user_password => 'sesame', :user_noexpiry => 'on'}
+    assert(!@response.has_session_object?(:user))
+    assert_equal "Login unsuccessful", flash[:warning]
+    assert_response :success
+  end
+  
+  def test_should_remember_me
+    post :login, :user_login => 'jane', :user_password => 'sesame', :user_noexpiry => "on"
+    assert_not_nil @response.cookies["auth_token"]
+  end
+
+  def test_should_not_remember_me
+    post :login, :user_login => 'jane', :user_password => 'sesame', :user_noexpiry => "off"
+    assert_nil @response.cookies["auth_token"]
+  end
+  
+  def test_should_delete_token_on_logout
+    login_as :other_user
+    get :logout
+    assert_equal @response.cookies["auth_token"], []
+  end
+
+  def test_should_login_with_cookie
+    users(:other_user).remember_me
+    @request.cookies["auth_token"] = auth_token_cookie_for(:other_user)
+    get :login
+    assert @controller.send(:logged_in?)
+  end
+
+  def test_should_fail_expired_cookie_login
+    users(:other_user).remember_me
+    users(:other_user).update_attribute :remember_token_expires_at, 5.minutes.ago.utc
+    @request.cookies["auth_token"] = auth_token_cookie_for(:other_user)
+    get :login
+    assert !@controller.send(:logged_in?)
+  end
+
+  def test_should_fail_cookie_login
+    users(:other_user).remember_me
+    @request.cookies["auth_token"] = CGI::Cookie.new('name' => 'auth_token', 'value' => 'invalid_auth_token')
+    get :login
+    assert !@controller.send(:logged_in?)
+  end
+  
+  def test_current_user_nil
+    get :login
+    assert_nil @controller.current_user
+  end
+  
+  def test_current_user_correct
+    post :login, {:user_login => 'jane', :user_password => 'sesame', :user_noexpiry => 'off'}
+    assert_equal users(:other_user), @controller.current_user
+  end
+  
+  def test_prefs_nil
+    login_as nil
+    get :login
+    assert_nil @controller.prefs
+  end
+  
+  def test_prefs_correct
+    post :login, {:user_login => 'jane', :user_password => 'sesame', :user_noexpiry => 'off'}
+    assert_equal users(:other_user).prefs, @controller.prefs
+  end
+  
+  private
+        
+  def auth_token_cookie_for(user)
+    CGI::Cookie.new('name' => 'auth_token', 'value' => users(user).remember_token)
+  end
+  
+    
+end

test/functional/notes_controller_test.rb

@@ -0,0 +1,18 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'notes_controller'
+
+# Re-raise errors caught by the controller.
+class NotesController; def rescue_action(e) raise e end; end
+
+class NotesControllerTest < Test::Rails::TestCase
+  def setup
+    @controller = NotesController.new
+    request    = ActionController::TestRequest.new
+    response   = ActionController::TestResponse.new
+  end
+
+  # Replace this with your real tests.
+  def test_truth
+    assert true
+  end
+end

test/functional/preferences_controller_test.rb

@@ -0,0 +1,50 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'preferences_controller'
+require 'preference'
+
+# Re-raise errors caught by the controller.
+class PreferencesController; def rescue_action(e) raise e end; end
+
+class PreferencesControllerTest < Test::Rails::TestCase
+  fixtures :users, :preferences
+  
+  def setup
+    assert_equal "test", ENV['RAILS_ENV']
+    assert_equal "change-me", Tracks::Config.salt
+    @controller = PreferencesController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  def test_preferences
+    get :index # should fail because no login
+    assert_redirected_to :controller => 'login', :action => 'login'
+    login_as :admin_user
+    get :index
+    assert_response :success
+    assert_equal assigns['page_title'], "TRACKS::Preferences"
+    assert_not_nil assigns['prefs']
+  end
+  
+  def test_edit_preferences
+    get :edit # should fail because no login
+    assert_redirected_to :controller => 'login', :action => 'login'
+    login_as :admin_user
+    get :edit
+    assert_response :success
+    assert_equal assigns['page_title'], "TRACKS::Edit Preferences"
+    assert_not_nil assigns['prefs']
+    assert_template 'preferences/edit'
+  end
+  
+  def test_update_preferences
+    login_as :admin_user
+    post :update, {:user => { :first_name => 'Jane', :last_name => 'Doe'}, :prefs => { :date_format => "%m-%d-%Y", :week_starts => "0", :show_number_completed => "10", :show_completed_projects_in_sidebar => "false", :show_hidden_contexts_in_sidebar => "false", :staleness_starts => "14", :due_style => "1", :admin_email => "my.email@domain.com" }}
+    updated_admin_user = users(:admin_user).reload
+    assert_not_nil updated_admin_user.preference
+    assert_equal 'Jane', updated_admin_user.first_name
+    assert_equal 'Doe', updated_admin_user.last_name
+    assert_redirected_to :action => 'index'
+  end
+  
+end

test/functional/projects_controller_test.rb

@@ -0,0 +1,250 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require File.dirname(__FILE__) + '/todo_container_controller_test_base'
+require 'projects_controller'
+
+# Re-raise errors caught by the controller.
+class ProjectsController; def rescue_action(e) raise e end; end
+
+class ProjectsControllerTest < TodoContainerControllerTestBase
+  fixtures :users, :todos, :preferences, :projects, :contexts
+  
+  def setup
+    perform_setup(Project, ProjectsController)
+  end
+  
+  def test_projects_list
+    login_as :admin_user
+    get :index
+  end
+  
+  def test_show_exposes_deferred_todos
+    p = projects(:timemachine)
+    login_as :admin_user
+    get :show, :id => p.to_param
+    assert_not_nil assigns['deferred']
+    assert_equal 1, assigns['deferred'].size
+
+    t = p.not_done_todos[0]
+    t.show_from = 1.days.from_now.utc.to_date
+    t.save!
+    
+    get :show, :id => p.to_param
+    assert_equal 2, assigns['deferred'].size
+  end
+
+  def test_show_exposes_next_project_in_same_state
+    login_as :admin_user
+    get :show, :id => projects(:timemachine).to_param
+    assert_equal(projects(:moremoney), assigns['next_project'])
+  end
+
+  def test_show_exposes_previous_project_in_same_state
+    login_as :admin_user
+    get :show, :id => projects(:moremoney).to_param
+    assert_equal(projects(:timemachine), assigns['previous_project'])
+  end
+
+  def test_create_project_via_ajax_increments_number_of_projects
+    assert_ajax_create_increments_count 'My New Project'
+  end
+
+  def test_create_project_with_ajax_success_rjs
+    ajax_create 'My New Project'
+    assert_rjs :insert_html, :bottom, "list-active-projects"
+    assert_rjs :sortable, 'list-active-projects', { :tag => 'div', :handle => 'handle', :complete => visual_effect(:highlight, 'list-active-projects'), :url => order_projects_path }
+    # not yet sure how to write the following properly...
+    assert_rjs :call, "Form.reset", "project-form"
+    assert_rjs :call, "Form.focusFirstElement", "project-form"
+  end
+  
+  def test_create_project_and_go_to_project_page
+    num_projects = Project.count
+    xhr :post, :create, { :project => {:name => 'Immediate Project Planning Required'}, :go_to_project => 1}
+    assert_js_redirected_to %r{/?projects/\d+}
+    assert_equal num_projects + 1, Project.count
+  end
+
+  def test_create_with_comma_in_name_does_not_increment_number_of_projects
+    assert_ajax_create_does_not_increment_count 'foo,bar'
+  end
+  
+  def test_create_with_comma_in_name_fails_with_rjs
+    ajax_create 'foo,bar'
+    assert_rjs :show, 'status'
+    # Not working with Rails 2.0 upgrade
+    #    assert_rjs :update, 'status', "<div class=\"ErrorExplanation\" id=\"ErrorExplanation\"><h2>1 error prohibited this record from being saved</h2><p>There were problems with the following fields:</p><ul>Name cannot contain the comma (',') character</ul></div>"
+  end
+  
+  def test_todo_state_is_project_hidden_after_hiding_project
+    p = projects(:timemachine)
+    todos = p.todos.find_in_state(:all, :active)
+    login_as(:admin_user)
+    xhr :post, :update, :id => 1, "project"=>{"name"=>p.name, "description"=>p.description, "state"=>"hidden"}
+    todos.each do |t|
+      assert_equal :project_hidden, t.reload().current_state
+    end
+    assert p.reload().hidden?
+  end
+  
+  def test_not_done_counts_after_hiding_and_unhiding_project
+    p = projects(:timemachine)
+    todos = p.todos.find_in_state(:all, :active)
+    login_as(:admin_user)
+    xhr :post, :update, :id => 1, "project"=>{"name"=>p.name, "description"=>p.description, "state"=>"hidden"}
+    xhr :post, :update, :id => 1, "project"=>{"name"=>p.name, "description"=>p.description, "state"=>"active"}
+    todos.each do |t|
+      assert_equal :active, t.reload().current_state
+    end
+    assert p.reload().active?
+  end
+  
+  def test_rss_feed_content
+    login_as(:admin_user)
+    get :index, { :format => "rss" }
+    assert_equal 'application/rss+xml', @response.content_type
+    #puts @response.body
+
+    assert_xml_select 'rss[version="2.0"]' do
+      assert_select 'channel' do
+        assert_select '>title', 'Tracks Projects'
+        assert_select '>description', "Lists all the projects for #{users(:admin_user).display_name}"
+        assert_select 'language', 'en-us'
+        assert_select 'ttl', '40'
+      end
+      assert_select 'item', 3 do
+        assert_select 'title', /.+/
+        assert_select 'description' do
+          assert_select_encoded do
+            assert_select 'p', /^\d+&nbsp;actions\. Project is (active|hidden|completed)\.$/
+          end
+        end
+        %w(guid link).each do |node|
+          assert_select node, /http:\/\/test.host\/projects\/.+/
+        end
+        assert_select 'pubDate', projects(:timemachine).updated_at.to_s(:rfc822)
+      end
+    end
+  end
+    
+  def test_rss_feed_not_accessible_to_anonymous_user_without_token
+    login_as nil
+    get :index, { :format => "rss" }
+    assert_response 401
+  end
+  
+  def test_rss_feed_not_accessible_to_anonymous_user_with_invalid_token
+    login_as nil
+    get :index, { :format => "rss", :token => 'foo'  }
+    assert_response 401
+  end
+  
+  def test_rss_feed_accessible_to_anonymous_user_with_valid_token
+    login_as nil
+    get :index, { :format => "rss", :token => users(:admin_user).token }
+    assert_response :ok
+  end
+  
+  def test_atom_feed_content
+    login_as :admin_user
+    get :index, { :format => "atom" }
+    assert_equal 'application/atom+xml', @response.content_type
+    #puts @response.body
+    
+    assert_xml_select 'feed[xmlns="http://www.w3.org/2005/Atom"]' do
+      assert_select '>title', 'Tracks Projects'
+      assert_select '>subtitle', "Lists all the projects for #{users(:admin_user).display_name}"
+      assert_select 'entry', 3 do
+        assert_select 'title', /.+/
+        assert_select 'content[type="html"]' do
+          assert_select_encoded do
+            assert_select 'p', /\d+&nbsp;actions. Project is (active|hidden|completed)./
+          end
+        end
+        assert_select 'published', /(#{projects(:timemachine).updated_at.xmlschema}|#{projects(:moremoney).updated_at.xmlschema})/
+      end
+    end
+  end
+  
+  def test_atom_feed_not_accessible_to_anonymous_user_without_token
+    login_as nil
+    get :index, { :format => "atom" }
+    assert_response 401
+  end
+  
+  def test_atom_feed_not_accessible_to_anonymous_user_with_invalid_token
+    login_as nil
+    get :index, { :format => "atom", :token => 'foo'  }
+    assert_response 401
+  end
+  
+  def test_atom_feed_accessible_to_anonymous_user_with_valid_token
+    login_as nil
+    get :index, { :format => "atom", :token => users(:admin_user).token }
+    assert_response :ok
+  end
+
+  def test_text_feed_content
+    login_as :admin_user
+    get :index, { :format => "txt" }
+    assert_equal 'text/plain', @response.content_type
+    assert !(/&nbsp;/.match(@response.body)) 
+    #puts @response.body
+  end
+  
+  def test_text_feed_content_for_projects_with_no_actions
+    login_as :admin_user
+    p = projects(:timemachine)
+    p.todos.each { |t| t.destroy }
+    
+    get :index, { :format => "txt", :only_active_with_no_next_actions => true }
+    assert (/^\s*BUILD A WORKING TIME MACHINE\s+0 actions. Project is active.\s*$/.match(@response.body)) 
+    assert !(/[1-9] actions/.match(@response.body)) 
+  end
+  
+  def test_text_feed_not_accessible_to_anonymous_user_without_token
+    login_as nil
+    get :index, { :format => "txt" }
+    assert_response 401
+  end
+  
+  def test_text_feed_not_accessible_to_anonymous_user_with_invalid_token
+    login_as nil
+    get :index, { :format => "txt", :token => 'foo'  }
+    assert_response 401
+  end
+  
+  def test_text_feed_accessible_to_anonymous_user_with_valid_token
+    login_as nil
+    get :index, { :format => "txt", :token => users(:admin_user).token }
+    assert_response :ok
+  end
+  
+  def test_alphabetize_sorts_active_projects_alphabetically
+    login_as :admin_user
+    u = users(:admin_user)
+    post :alphabetize, :state => "active", :format => 'js'
+    assert_equal 1, projects(:timemachine).position 
+    assert_equal 2, projects(:gardenclean).position
+    assert_equal 3, projects(:moremoney).position 
+  end
+
+  def test_alphabetize_assigns_state
+    login_as :admin_user
+    post :alphabetize, :state => "active", :format => 'js'
+    assert_equal "active", assigns['state']
+  end
+
+  def test_alphabetize_assigns_projects
+    login_as :admin_user
+    post :alphabetize, :state => "active", :format => 'js'
+    exposed_projects = assigns['projects']
+    assert_equal 3, exposed_projects.length
+    assert_equal projects(:timemachine), exposed_projects[0]
+    assert_equal projects(:gardenclean), exposed_projects[1]
+    assert_equal projects(:moremoney), exposed_projects[2]
+  end
+  
+  def protect_against_forgery?
+    false
+  end
+end

test/functional/stats_controller_test.rb

@@ -0,0 +1,94 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'stats_controller'
+
+# Re-raise errors caught by the controller.
+class StatsController; def rescue_action(e) raise e end; end
+
+class StatsControllerTest < Test::Unit::TestCase
+  fixtures :users, :preferences, :projects, :contexts, :todos, :tags, :taggings
+  
+  def setup
+    @controller = StatsController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  # Replace this with your real tests.
+  def test_truth
+    assert true
+  end
+  
+  def test_get_index_when_not_logged_in
+    get :index
+    assert_redirected_to :controller => 'login', :action => 'login'
+  end
+  
+  def test_get_index
+    login_as(:admin_user)
+    get :index
+    assert_response :success
+  end
+
+  def test_get_charts
+    login_as(:admin_user)
+    %w{    actions_done_last30days_data
+	   actions_done_last12months_data
+	   actions_completion_time_data
+           actions_visible_running_time_data
+	   actions_running_time_data
+	   actions_day_of_week_all_data
+	   actions_day_of_week_30days_data
+	   actions_time_of_day_all_data
+	   actions_time_of_day_30days_data
+           context_total_actions_data
+           context_running_actions_data
+    }.each do |action|
+      get action
+      assert_response :success
+      assert_template "stats/"+action
+    end
+  end
+
+  def test_totals
+    login_as(:admin_user)
+    get :index
+    assert_response :success
+    assert_equal 3, assigns['projects'].count
+    assert_equal 3, assigns['projects'].count(:conditions => "state = 'active'")
+    assert_equal 10, assigns['contexts'].count
+    assert_equal 15, assigns['actions'].count
+    assert_equal 4, assigns['tags'].count
+    assert_equal 2, assigns['unique_tags'].size
+    assert_equal 2.week.ago.utc.beginning_of_day, assigns['first_action'].created_at
+  end
+  
+  def test_downdrill
+    login_as(:admin_user)
+    
+    # drill down without parameters
+    get :show_selected_actions_from_chart
+    assert_response :not_found
+    assert_template nil
+    
+    # get week 0-1 for actions visible running
+    get :show_selected_actions_from_chart, :id => 'avrt', :index => 0
+    assert_response :success
+    assert_template "stats/show_selection_from_chart"
+
+    # get week 0 and further for actions visible running 
+    get :show_selected_actions_from_chart, :id => 'avrt_end', :index => 0
+    assert_response :success
+    assert_template "stats/show_selection_from_chart"
+
+    # get week 0-1 for actions running
+    get :show_selected_actions_from_chart, :id => 'art', :index => 0
+    assert_response :success
+    assert_template "stats/show_selection_from_chart"
+
+    # get week 0 and further for actions running
+    get :show_selected_actions_from_chart, :id => 'art_end', :index => 0
+    assert_response :success
+    assert_template "stats/show_selection_from_chart"
+  end
+  
+end

test/functional/todo_container_controller_test_base.rb

@@ -0,0 +1,32 @@
+class TodoContainerControllerTestBase < Test::Rails::TestCase
+
+  def perform_setup(container_class, controller_class)
+    @controller = controller_class.new
+    @request, @response = ActionController::TestRequest.new, ActionController::TestResponse.new
+    login_as :other_user
+    @initial_count = container_class.count
+    @container_class = container_class
+  end
+  
+  def test_truth
+    assert true
+  end
+  
+  def assert_ajax_create_increments_count(name)
+    assert_count_after_ajax_create(name, @initial_count + 1)
+  end
+  
+  def assert_ajax_create_does_not_increment_count(name)
+    assert_count_after_ajax_create(name, @initial_count)
+  end
+  
+  def assert_count_after_ajax_create(name, expected_count)
+    ajax_create(name)
+    assert_equal(expected_count, @container_class.count)
+  end
+  
+  def ajax_create(name)
+    xhr :post, :create, @container_class.name.downcase.to_sym => {:name => name}
+  end  
+  
+end

test/functional/todos_controller_test.rb

@@ -0,0 +1,360 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'todos_controller'
+
+# Re-raise errors caught by the controller.
+class TodosController; def rescue_action(e) raise e end; end
+
+class TodosControllerTest < Test::Rails::TestCase
+  fixtures :users, :preferences, :projects, :contexts, :todos, :tags, :taggings
+  
+  def setup
+    @controller = TodosController.new
+    @request, @response = ActionController::TestRequest.new, ActionController::TestResponse.new
+  end
+
+  def test_get_index_when_not_logged_in
+    get :index
+    assert_redirected_to :controller => 'login', :action => 'login'
+  end
+  
+  def test_not_done_counts
+    login_as(:admin_user)
+    get :index
+    assert_equal 2, assigns['project_not_done_counts'][projects(:timemachine).id]
+    assert_equal 3, assigns['context_not_done_counts'][contexts(:call).id]
+    assert_equal 1, assigns['context_not_done_counts'][contexts(:lab).id]
+  end
+  
+  def test_tag_is_retrieved_properly
+    login_as(:admin_user)
+    get :index
+    t = assigns['not_done_todos'].find{|t| t.id == 2}
+    assert_equal 1, t.tags.count
+    assert_equal 'foo', t.tags[0].name
+    assert !t.starred?
+  end
+  
+  def test_not_done_counts_after_hiding_project
+    p = Project.find(1)
+    p.hide!
+    p.save!
+    login_as(:admin_user)
+    get :index
+    assert_equal nil, assigns['project_not_done_counts'][projects(:timemachine).id]
+    assert_equal 2, assigns['context_not_done_counts'][contexts(:call).id]
+    assert_equal nil, assigns['context_not_done_counts'][contexts(:lab).id]
+  end
+  
+  def test_not_done_counts_after_hiding_and_unhiding_project
+    p = Project.find(1)
+    p.hide!
+    p.save!
+    p.activate!
+    p.save!
+    login_as(:admin_user)
+    get :index
+    assert_equal 2, assigns['project_not_done_counts'][projects(:timemachine).id]
+    assert_equal 3, assigns['context_not_done_counts'][contexts(:call).id]
+    assert_equal 1, assigns['context_not_done_counts'][contexts(:lab).id]
+  end
+  
+  def test_deferred_count_for_project_source_view
+    login_as(:admin_user)
+    xhr :post, :toggle_check, :id => 5, :_source_view => 'project' 
+    assert_equal 1, assigns['deferred_count']
+    xhr :post, :toggle_check, :id => 15, :_source_view => 'project' 
+    assert_equal 0, assigns['deferred_count']
+  end
+  
+  def test_destroy_todo
+    login_as(:admin_user)
+    xhr :post, :destroy, :id => 1, :_source_view => 'todo'
+    assert_rjs :page, "todo_1", :remove
+    #assert_rjs :replace_html, "badge-count", '9' 
+  end
+  
+  def test_create_todo
+    assert_difference Todo, :count do
+      login_as(:admin_user)
+      put :create, :_source_view => 'todo', "context_name"=>"library", "project_name"=>"Build a working time machine", "todo"=>{"notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006"}, "tag_list"=>"foo bar"
+    end
+  end
+  
+  def test_create_todo_via_xml
+    login_as(:admin_user)
+    assert_difference Todo, :count do
+      put :create, :format => "xml", "request" => { "context_name"=>"library", "project_name"=>"Build a working time machine", "todo"=>{"notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006"}, "tag_list"=>"foo bar" }
+      assert_response 201
+    end
+  end
+
+  def test_fail_to_create_todo_via_xml
+    login_as(:admin_user)
+    #try to create with no context, which is not valid
+    put :create, :format => "xml", "request" => { "project_name"=>"Build a working time machine", "todo"=>{"notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006"}, "tag_list"=>"foo bar" }
+    assert_response 422
+    assert_xml_select "errors" do
+       assert_xml_select "error", "Context can't be blank"
+    end
+  end
+  
+  def test_create_deferred_todo
+    original_todo_count = Todo.count
+    login_as(:admin_user)
+    put :create, :_source_view => 'todo', "context_name"=>"library", "project_name"=>"Build a working time machine", "todo"=>{"notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2026", 'show_from' => '30/10/2026'}, "tag_list"=>"foo bar"
+    assert_equal original_todo_count + 1, Todo.count
+  end
+  
+  def test_update_todo_project
+    t = Todo.find(1)
+    login_as(:admin_user)
+    xhr :post, :update, :id => 1, :_source_view => 'todo', "context_name"=>"library", "project_name"=>"Build a working time machine", "todo"=>{"id"=>"1", "notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006"}, "tag_list"=>"foo bar"
+    t = Todo.find(1)
+    assert_equal 1, t.project_id
+  end
+  
+  def test_update_todo_project_to_none
+    t = Todo.find(1)
+    login_as(:admin_user)
+    xhr :post, :update, :id => 1, :_source_view => 'todo', "context_name"=>"library", "project_name"=>"None", "todo"=>{"id"=>"1", "notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006"}, "tag_list"=>"foo bar"
+    t = Todo.find(1)
+    assert_nil t.project_id
+  end
+  
+  def test_update_todo_to_deferred_is_reflected_in_badge_count
+    login_as(:admin_user)
+    get :index
+    assert_equal 10, assigns['count']
+    xhr :post, :update, :id => 1, :_source_view => 'todo', "context_name"=>"library", "project_name"=>"Make more money than Billy Gates", "todo"=>{"id"=>"1", "notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006", "show_from"=>"30/11/2030"}, "tag_list"=>"foo bar"
+    assert_equal 9, assigns['down_count']
+  end
+  
+  def test_update_todo
+    t = Todo.find(1)
+    login_as(:admin_user)
+    xhr :post, :update, :id => 1, :_source_view => 'todo', "todo"=>{"context_id"=>"1", "project_id"=>"2", "id"=>"1", "notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006"}, "tag_list"=>"foo, bar"
+    t = Todo.find(1)
+    assert_equal "Call Warren Buffet to find out how much he makes per day", t.description
+    assert_equal "foo, bar", t.tag_list
+    expected = Date.new(2006,11,30)
+    actual = t.due
+    assert_equal expected, actual, "Expected #{expected.to_s(:db)}, was #{actual.to_s(:db)}"
+  end
+
+  def test_update_todos_with_blank_project_name
+    t = Todo.find(1)
+    login_as(:admin_user)
+    xhr :post, :update, :id => 1, :_source_view => 'todo', :project_name => '', "todo"=>{"id"=>"1", "notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006"}, "tag_list"=>"foo, bar"
+    t.reload
+    assert t.project.nil?
+  end
+  
+  def test_update_todo_tags_to_none
+    t = Todo.find(1)
+    login_as(:admin_user)
+    xhr :post, :update, :id => 1, :_source_view => 'todo', "todo"=>{"context_id"=>"1", "project_id"=>"2", "id"=>"1", "notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006"}, "tag_list"=>""
+    t = Todo.find(1)
+    assert_equal true, t.tag_list.empty?
+  end
+
+  def test_update_todo_tags_with_whitespace_and_dots
+    t = Todo.find(1)
+    login_as(:admin_user)
+    taglist = "  one  ,  two,three    ,four, 8.1.2, version1.5"
+    xhr :post, :update, :id => 1, :_source_view => 'todo', "todo"=>{"context_id"=>"1", "project_id"=>"2", "id"=>"1", "notes"=>"", "description"=>"Call Warren Buffet to find out how much he makes per day", "due"=>"30/11/2006"}, "tag_list"=>taglist
+    t = Todo.find(1)
+    assert_equal "one, two, three, four, 8.1.2, version1.5", t.tag_list
+  end
+
+  def test_find_tagged_with
+    login_as(:admin_user)
+    @user = User.find(@request.session['user_id'])
+    tag = Tag.find_by_name('foo').todos
+    @tagged = tag.find(:all, :conditions => ['taggings.user_id = ?', @user.id]).size
+    get :tag, :name => 'foo'
+    assert_response :success
+    assert_equal 3, @tagged
+  end
+  
+  def test_rss_feed
+    login_as(:admin_user)
+    get :index, { :format => "rss" }
+    assert_equal 'application/rss+xml', @response.content_type
+    #puts @response.body
+
+    assert_xml_select 'rss[version="2.0"]' do
+      assert_select 'channel' do
+        assert_select '>title', 'Tracks Actions'
+        assert_select '>description', "Actions for #{users(:admin_user).display_name}"
+        assert_select 'language', 'en-us'
+        assert_select 'ttl', '40'
+        assert_select 'item', 10 do
+          assert_select 'title', /.+/
+          assert_select 'description', /.*/
+          assert_select 'link', %r{http://test.host/contexts/.+}
+          assert_select 'guid', %r{http://test.host/todos/.+}
+          assert_select 'pubDate', projects(:timemachine).updated_at.to_s(:rfc822)
+        end
+      end
+    end
+  end
+
+  def test_rss_feed_with_limit
+    login_as(:admin_user)
+    get :index, { :format => "rss", :limit => '5' }
+
+    assert_xml_select 'rss[version="2.0"]' do
+      assert_select 'channel' do
+        assert_select '>title', 'Tracks Actions'
+        assert_select '>description', "Actions for #{users(:admin_user).display_name}"
+        assert_select 'item', 5 do
+          assert_select 'title', /.+/
+          assert_select 'description', /.*/
+        end
+      end
+    end
+  end
+  
+  def test_rss_feed_not_accessible_to_anonymous_user_without_token
+    login_as nil
+    get :index, { :format => "rss" }
+    assert_response 401
+  end
+
+  def test_rss_feed_not_accessible_to_anonymous_user_with_invalid_token
+    login_as nil
+    get :index, { :format => "rss", :token => 'foo'  }
+    assert_response 401
+  end
+
+  def test_rss_feed_accessible_to_anonymous_user_with_valid_token
+    login_as nil
+    get :index, { :format => "rss", :token => users(:admin_user).token }
+    assert_response :ok
+  end
+
+  def test_atom_feed_content
+    login_as :admin_user
+    get :index, { :format => "atom" }
+    assert_equal 'application/atom+xml', @response.content_type
+    #puts @response.body
+
+    assert_xml_select 'feed[xmlns="http://www.w3.org/2005/Atom"]' do
+      assert_xml_select '>title', 'Tracks Actions'
+      assert_xml_select '>subtitle', "Actions for #{users(:admin_user).display_name}"
+      assert_xml_select 'entry', 10 do
+        assert_xml_select 'title', /.+/
+        assert_xml_select 'content[type="html"]', /.*/
+        assert_xml_select 'published', /(#{projects(:timemachine).updated_at.xmlschema}|#{projects(:moremoney).updated_at.xmlschema})/
+      end
+    end
+  end
+
+  def test_atom_feed_not_accessible_to_anonymous_user_without_token
+    login_as nil
+    get :index, { :format => "atom" }
+    assert_response 401
+  end
+
+  def test_atom_feed_not_accessible_to_anonymous_user_with_invalid_token
+    login_as nil
+    get :index, { :format => "atom", :token => 'foo'  }
+    assert_response 401
+  end
+
+  def test_atom_feed_accessible_to_anonymous_user_with_valid_token
+    login_as nil
+    get :index, { :format => "atom", :token => users(:admin_user).token }
+    assert_response :ok
+  end
+
+  def test_text_feed_content
+    login_as(:admin_user)
+    get :index, { :format => "txt" }
+    assert_equal 'text/plain', @response.content_type
+    assert !(/&nbsp;/.match(@response.body))
+    #puts @response.body
+  end
+
+  def test_text_feed_not_accessible_to_anonymous_user_without_token
+    login_as nil
+    get :index, { :format => "txt" }
+    assert_response 401
+  end
+
+  def test_text_feed_not_accessible_to_anonymous_user_with_invalid_token
+    login_as nil
+    get :index, { :format => "txt", :token => 'foo'  }
+    assert_response 401
+  end
+
+  def test_text_feed_accessible_to_anonymous_user_with_valid_token
+    login_as nil
+    get :index, { :format => "txt", :token => users(:admin_user).token }
+    assert_response :ok
+  end
+
+  def test_ical_feed_content
+    login_as :admin_user
+    get :index, { :format => "ics" }
+    assert_equal 'text/calendar', @response.content_type
+    assert !(/&nbsp;/.match(@response.body))
+    #puts @response.body
+  end
+  
+  def test_mobile_index_uses_text_html_content_type
+    login_as(:admin_user)
+    get :index, { :format => "m" }
+    assert_equal 'text/html', @response.content_type
+  end
+  
+  def test_mobile_index_assigns_down_count
+    login_as(:admin_user)
+    get :index, { :format => "m" }
+    assert_equal 10, assigns['down_count']
+  end
+  
+  def test_mobile_create_action_creates_a_new_todo
+    login_as(:admin_user)
+    post :create, {"format"=>"m", "todo"=>{"context_id"=>"2",
+                   "due(1i)"=>"2007", "due(2i)"=>"1", "due(3i)"=>"2",
+                   "show_from(1i)"=>"", "show_from(2i)"=>"", "show_from(3i)"=>"",
+                   "project_id"=>"1", 
+                   "notes"=>"test notes", "description"=>"test_mobile_create_action", "state"=>"0"}}
+    t = Todo.find_by_description("test_mobile_create_action")
+    assert_not_nil t
+    assert_equal 2, t.context_id
+    assert_equal 1, t.project_id
+    assert t.active?
+    assert_equal 'test notes', t.notes
+    assert_nil t.show_from
+    assert_equal Date.new(2007,1,2).to_s, t.due.to_s
+  end
+  
+  def test_mobile_create_action_redirects_to_mobile_home_page_when_successful
+    login_as(:admin_user)
+    post :create, {"format"=>"m", "todo"=>{"context_id"=>"2",
+                   "due(1i)"=>"2007", "due(2i)"=>"1", "due(3i)"=>"2",
+                   "show_from(1i)"=>"", "show_from(2i)"=>"", "show_from(3i)"=>"",
+                   "project_id"=>"1", 
+                   "notes"=>"test notes", "description"=>"test_mobile_create_action", "state"=>"0"}}
+    assert_redirected_to '/m'
+  end
+
+  def test_mobile_create_action_renders_new_template_when_save_fails
+    login_as(:admin_user)
+    post :create, {"format"=>"m", "todo"=>{"context_id"=>"2",
+                   "due(1i)"=>"2007", "due(2i)"=>"1", "due(3i)"=>"2",
+                   "show_from(1i)"=>"", "show_from(2i)"=>"", "show_from(3i)"=>"",
+                   "project_id"=>"1", 
+                   "notes"=>"test notes", "state"=>"0"}}
+    assert_template 'todos/new'
+  end
+
+  def test_index_html_assigns_default_project_name_map
+    login_as(:admin_user)
+    get :index, {"format"=>"html"}
+    assert_equal '"{\\"Build a working time machine\\": \\"lab\\"}"', assigns(:default_project_context_name_map)
+  end
+
+end

test/functional/users_controller_test.rb

@@ -0,0 +1,170 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'users_controller'
+
+# Re-raise errors caught by the controller.
+class UsersController; def rescue_action(e) raise e end; end
+
+class UsersControllerTest < Test::Rails::TestCase
+  fixtures :preferences, :users
+  
+  def setup
+    assert_equal "test", ENV['RAILS_ENV']
+    assert_equal "change-me", Tracks::Config.salt
+    @controller = UsersController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+  
+  def test_get_index_when_not_logged_in
+    get :index
+    assert_redirected_to :controller => 'login', :action => 'login'
+  end
+  
+  def test_get_index_by_nonadmin
+    login_as :other_user
+    get :index
+    assert_response 401
+  end
+  
+  def test_get_index_by_admin
+    login_as :admin_user
+    get :index
+    assert_response :success
+    assert_equal "TRACKS::Manage Users", assigns['page_title']  
+    assert_equal 3, assigns['total_users']
+    assert_equal "/users", session['return-to']
+  end
+  
+  def test_destroy_user
+    login_as :admin_user
+    @no_users_before = User.find(:all).size
+    xhr :post, :destroy, :id => 3
+    assert_rjs :page, "user-3", :remove
+    assert_equal @no_users_before-1, User.find(:all).size
+  end
+  
+  def test_update_password_successful
+    get :change_password # should fail because no login
+    assert_redirected_to :controller => 'login', :action => 'login'
+    login_as :admin_user
+    @user = @request.session['user_id']
+    get :change_password # should now pass because we're logged in
+    assert_response :success
+    assert_equal assigns['page_title'], "TRACKS::Change password"    
+    post :update_password, :updateuser => {:password => 'newpassword', :password_confirmation => 'newpassword'}
+    assert_redirected_to preferences_path
+    @updated_user = User.find(users(:admin_user).id)
+    assert_equal @updated_user.crypted_password, Digest::SHA1.hexdigest("#{Tracks::Config.salt}--newpassword--")
+    assert_equal "Password updated.", flash[:notice]
+  end
+  
+  def test_update_password_no_confirmation
+    post :update_password # should fail because no login
+    assert_redirected_to :controller => 'login', :action => 'login'
+    login_as :admin_user
+    post :update_password, :updateuser => {:password => 'newpassword', :password_confirmation => 'wrong'}
+    assert_redirected_to :controller => 'users', :action => 'change_password'
+    assert users(:admin_user).save, false
+    assert_equal 'Validation failed: Password doesn\'t match confirmation', flash[:error]
+  end
+  
+  def test_update_password_validation_errors
+    post :update_password # should fail because no login
+    assert_redirected_to :controller => 'login', :action => 'login'
+    login_as :admin_user
+    post :update_password, :updateuser => {:password => 'ba', :password_confirmation => 'ba'}
+    assert_redirected_to :controller => 'users', :action => 'change_password'
+    assert users(:admin_user).save, false
+    # For some reason, no errors are being raised now.
+    #assert_equal 1, users(:admin_user).errors.count
+    #assert_equal users(:admin_user).errors.on(:password), "is too short (min is 5 characters)"
+    assert_equal 'Validation failed: Password is too short (minimum is 5 characters)', flash[:error]
+  end
+  
+  # ============================================
+  # Signup and creation of new users
+  # ============================================
+  
+  def test_create_adds_a_new_nonadmin_user
+    login_as :admin_user
+    post :create, :user => {:login => 'newbie', :password => 'newbiepass', :password_confirmation => 'newbiepass'}
+    newbie = User.find_by_login('newbie')
+    assert_equal newbie.login, "newbie"
+    assert newbie.is_admin == false || newbie.is_admin == 0
+    assert_not_nil newbie.preference # have user preferences been created?
+    assert_not_nil User.authenticate('newbie', 'newbiepass')
+  end
+  
+  def test_create_redirects_to_home_page
+    login_as :admin_user
+    post :create, :user => {:login => 'newbie', :password => 'newbiepass', :password_confirmation => 'newbiepass'}
+    assert_redirected_to home_url
+  end
+  
+  def test_create_sets_flash_message
+    login_as :admin_user
+    post :create, :user => {:login => 'newbie', :password => 'newbiepass', :password_confirmation => 'newbiepass'}
+    assert_equal "Signup successful for user newbie.", flash[:notice], "expected flash notice not found"
+  end
+  
+  def test_create_adds_a_user
+    login_as :admin_user
+    assert_difference(User, :count) do
+      post :create, :user => {:login => 'newbie', :password => 'newbiepass', :password_confirmation => 'newbiepass'}
+    end
+  end
+  
+  # Test whether signup of new users is denied to a non-admin user
+  # 
+  def test_create_by_non_admin
+    login_as :other_user
+    assert_no_difference(User, :count) do
+      post :create, :user => {:login => 'newbie2', :password => 'newbiepass2', :password_confirmation => 'newbiepass2'}
+    end
+    assert_response :success
+    assert_template 'users/nosignup'
+  end
+  
+  # ============================================
+  # Test validations
+  # ============================================
+  
+  def test_create_with_invalid_password_does_not_add_a_new_user
+    login_as :admin_user
+    assert_no_difference(User, :count) do
+      post :create, :user => {:login => 'newbie', :password => '', :password_confirmation => ''}
+    end
+  end
+  
+  def test_create_with_invalid_password_redirects_to_new_user_page
+    login_as :admin_user
+    post :create, :user => {:login => 'newbie', :password => '', :password_confirmation => ''}
+    assert_redirected_to :controller => 'users', :action => 'new'    
+  end
+  
+  def test_create_with_invalid_login_does_not_add_a_new_user
+    login_as :admin_user
+    post :create, :user => {:login => 'n', :password => 'newbiepass', :password_confirmation => 'newbiepass'}
+    assert_redirected_to :controller => 'users', :action => 'new'    
+  end
+  
+  def test_create_with_invalid_login_redirects_to_new_user_page
+    login_as :admin_user
+    post :create, :user => {:login => 'n', :password => 'newbiepass', :password_confirmation => 'newbiepass'}
+    assert_redirected_to :controller => 'users', :action => 'new'    
+  end
+  
+  def test_create_with_duplicate_login_does_not_add_a_new_user
+    login_as :admin_user
+    assert_no_difference(User, :count) do
+      post :create, :user => {:login => 'jane', :password => 'newbiepass', :password_confirmation => 'newbiepass'}
+    end
+  end
+  
+  def test_create_with_duplicate_login_redirects_to_new_user_page
+    login_as :admin_user
+    post :create, :user => {:login => 'jane', :password => 'newbiepass', :password_confirmation => 'newbiepass'}
+    assert_redirected_to :controller => 'users', :action => 'new'    
+  end
+  
+end