Sample RSpec tests, used in Rails Handbook

secrets_controller_spec.rb

require 'rails_helper'

describe SecretsController do

  context "logged in user submitting valid data" do
    describe "#create" do
      it "creates a new secret" do
        user = create(:user)
        session[:user_id] = user.id
        secret = build(:secret)

        expect {
          process :create, params: { secret: secret.attributes, user_id: user.id }
        }.to change(Secret, :count).by(1)
      end

      it "redirects to the new secrets page" do
        user = create(:user)
        session[:user_id] = user.id
        secret = build(:secret)

        process :create, params: { secret: secret.attributes, user_id: user.id }

        expect(response).to redirect_to secret_url(Secret.last)
      end

      it "sets a flash message" do
        user = create(:user)
        session[:user_id] = user.id

        process :create, params: { secret: attributes_for(:secret), user_id: user.id }

        expect(flash).to_not be_empty
      end
    end
  end

end

users_controller_spec.rb

require 'rails_helper'

describe UsersController do

  context "valid data" do
    describe "#create" do
      it "creates a new user record" do
        expect {
          process :create, params: { user: attributes_for(:user) }
        }.to change(User, :count).by(1)
      end

      it "redirects to the user page" do
        process :create, params: { user: attributes_for(:user) }
        expect(response).to redirect_to user_url(User.last)
      end
    end
  end

  context "invalid data" do
    describe "#create" do
      it "does not create a new user record" do
        user_attrs = build(:user, email: "").attributes
        expect {
          process :create, params: { user: user_attrs }
        }.to change(User, :count).by(0)
      end
    end
  end

  context "no user" do
    describe "#edit" do
      it 'does not allow user to access edit page' do
        user = create(:user, email: "[email protected]")
        process :edit, params: { id: user.id }
        expect(response).to redirect_to new_session_url
      end
    end
    describe "#update" do
      it 'does not allow modifying a user' do
        user = create(:user, email: "[email protected]")
        email = "[email protected]"
        user.email = email
        process :update, params: { id: user.id, user: user.attributes }
        user.reload
        expect(user.email).to eq("[email protected]")
      end
      it 'redirects to the login page' do
        user = create(:user, email: "[email protected]")
        process :update, params: { id: user.id, user: user.attributes }
        expect(response).to redirect_to new_session_url
      end
    end
    describe "#destroy" do
      it "refuses to delete a user" do
        user = create(:user)
        expect { process :destroy, params: { id: user } }.to change(User, :count).by(0)
      end
      it 'redirects to the login page' do
        user = create(:user, email: "[email protected]")
        process :destroy, params: { id: user.id }
        expect(response).to redirect_to new_session_url
      end
    end
    describe "#show" do
      it 'redirects to the login page' do
        user = create(:user, email: "[email protected]")
        process :show, params: { id: user.id }
        expect(response).to redirect_to new_session_url
      end
    end
  end

  context "authorized user" do
    describe "#edit" do
      it 'allows user to access edit page' do
        user = create(:user, email: "[email protected]")
        session[:user_id] = user.id
        process :edit, params: { id: user.id }
        expect(response).to have_http_status(200)
      end
    end

    describe "#update" do
      it 'updates a user\'s information' do
        user = create(:user, email: "[email protected]")
        session[:user_id] = user.id

        email = "[email protected]"
        user.email = email
        process :update, params: { id: user.id, user: user.attributes }
        user.reload

        expect(user.email).to eq(email)
      end
    end

    describe "#destroy" do
      it "deletes a user" do
        user = create(:user)
        session[:user_id] = user.id

        expect { process :destroy, params: { id: user } }.to change(User, :count).by(-1)
      end
    end

  end

  context "different user" do
    describe "#edit" do
      it 'does not allow user to access edit page' do
        user1 = create(:user)
        user2 = create(:user)
        session[:user_id] = user2.id
        process :edit, params: { id: user1.id }
        expect(response).to redirect_to root_url
      end
    end
    describe "#update" do
      it 'does not allow modifying another user' do
        user1 = create(:user, email: "[email protected]")
        user2 = create(:user)
        session[:user_id] = user2.id
        email = "[email protected]"
        user1.email = email
        process :update, params: { id: user1.id, user: user1.attributes }
        user1.reload
        expect(user1.email).to eq("[email protected]")
      end
      it 'redirects to the login page' do
        user1 = create(:user)
        user2 = create(:user)
        session[:user_id] = user2.id
        process :update, params: { id: user1.id, user: user1.attributes }
        expect(response).to redirect_to root_url
      end
    end
    describe "#destroy" do
      it "refuses to delete a user" do
        user1 = create(:user)
        user2 = create(:user)
        session[:user_id] = user2.id
        expect { process :destroy, params: { id: user1.id } }.to change(User, :count).by(0)
      end
    end
  end

end