From 86c1990faa3b65bd499a20805913fa7e9fc48df5 Mon Sep 17 00:00:00 2001
From: Eric Davis <edavis@littlestreamsoftware.com>
Date: Mon, 19 Jan 2009 11:14:57 -0800
Subject: [PATCH] Require a user_id on the new action. #1914

---
 app/controllers/rates_controller.rb       | 17 +++++++---
 spec/controllers/rates_controller_spec.rb | 38 +++++++++++++++++++++--
 2 files changed, 48 insertions(+), 7 deletions(-)

diff --git a/app/controllers/rates_controller.rb b/app/controllers/rates_controller.rb
index 79edfbe..7224d21 100644
--- a/app/controllers/rates_controller.rb
+++ b/app/controllers/rates_controller.rb
@@ -37,11 +37,20 @@ class RatesController < ApplicationController
   # GET /rates/new?user_id=1
   # GET /rates/new.xml?user_id=1
   def new
-    @rate = Rate.new
+    begin
+      @user = User.find(params[:user_id])
+      @rate = Rate.new(:user_id => @user.id)
 
-    respond_to do |format|
-      format.html # new.html.erb
-      format.xml  { render :xml => @rate }
+      respond_to do |format|
+        format.html # new.html.erb
+        format.xml  { render :xml => @rate }
+      end
+    rescue ActiveRecord::RecordNotFound
+      respond_to do |format|
+        flash[:error] = l(:rate_error_user_not_found)
+        format.html { redirect_to(home_url) }
+        format.xml  { render :xml => "User not found", :status => :not_found }
+      end
     end
   end
 
diff --git a/spec/controllers/rates_controller_spec.rb b/spec/controllers/rates_controller_spec.rb
index d04da8d..12f4c9b 100644
--- a/spec/controllers/rates_controller_spec.rb
+++ b/spec/controllers/rates_controller_spec.rb
@@ -206,10 +206,42 @@ describe RatesController, "as an administrator" do
 
   describe "responding to GET new" do
   
-    it "should expose a new rate as @rate" do
-      Rate.should_receive(:new).and_return(mock_rate)
+    it "should redirect to the homepage" do
       get :new
-      assigns[:rate].should equal(mock_rate)
+      response.should redirect_to(home_url)
+    end
+    
+    it "should display an error flash message" do
+      get :new
+      flash[:error].should_not be_nil
+    end
+
+    describe "with mime type of xml" do
+  
+      it "should return a 404 error" do
+        request.env["HTTP_ACCEPT"] = "application/xml"
+        get :new
+        response.response_code.should eql(404)
+      end
+    
+    end
+  end
+
+  describe "responding to GET new with user" do
+    before(:each) do
+      @rate = mock_rate(:user_id => @user.id)
+      User.stub!(:find).with(@user.id.to_s).and_return(@user)
+      Rate.stub!(:new).and_return(@rate)
+    end
+    
+    it 'should be successful' do
+      get :new, :user_id => @user.id
+      response.should be_success
+    end
+  
+    it "should expose a new rate as @rate" do
+      get :new, :user_id => @user.id
+      assigns[:rate].should equal(@rate)
     end
 
   end