From dfcd2834f9589bda573eb133057588f351f570b5 Mon Sep 17 00:00:00 2001
From: nullkal <nullkal@users.noreply.github.com>
Date: Fri, 4 Aug 2017 00:45:45 +0900
Subject: Redirect to PasswordController#new when reset_password_token is
 invalid (#4506)

---
 spec/controllers/auth/passwords_controller_spec.rb | 25 ++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'spec/controllers/auth/passwords_controller_spec.rb')

diff --git a/spec/controllers/auth/passwords_controller_spec.rb b/spec/controllers/auth/passwords_controller_spec.rb
index 60b225efa..992d2e29d 100644
--- a/spec/controllers/auth/passwords_controller_spec.rb
+++ b/spec/controllers/auth/passwords_controller_spec.rb
@@ -3,6 +3,8 @@
 require 'rails_helper'
 
 describe Auth::PasswordsController, type: :controller do
+  include Devise::Test::ControllerHelpers
+
   describe 'GET #new' do
     it 'returns http success' do
       @request.env['devise.mapping'] = Devise.mappings[:user]
@@ -10,4 +12,27 @@ describe Auth::PasswordsController, type: :controller do
       expect(response).to have_http_status(:success)
     end
   end
+
+  describe 'GET #edit' do
+    let(:user) { Fabricate(:user) }
+
+    before do
+      request.env['devise.mapping'] = Devise.mappings[:user]
+      @token = user.send_reset_password_instructions
+    end
+
+    context 'with valid reset_password_token' do
+      it 'returns http success' do
+        get :edit, params: { reset_password_token: @token }
+        expect(response).to have_http_status(:success)
+      end
+    end
+
+    context 'with invalid reset_password_token' do
+      it 'redirects to #new' do
+        get :edit, params: { reset_password_token: 'some_invalid_value' }
+        expect(response).to redirect_to subject.new_password_path(subject.send(:resource_name))
+      end
+    end
+  end
 end
-- 
cgit