Merge remote-tracking branch 'openstreetmap/pull/1477'

test/controllers/message_controller_test.rb

@@ -1,8 +1,6 @@
 require "test_helper"
 
 class MessageControllerTest < ActionController::TestCase
-  fixtures :users
-
   ##
   # test all routes which lead to this controller
   def test_routes
@@ -48,22 +46,25 @@ class MessageControllerTest < ActionController::TestCase
   # test fetching new message page when not logged in
   def test_new_no_login
     # Check that the new message page requires us to login
-    get :new, :display_name => users(:public_user).display_name
+    user = create(:user)
-    assert_redirected_to login_path(:referer => new_message_path(:display_name => users(:public_user).display_name))
+    get :new, :display_name => user.display_name
+    assert_redirected_to login_path(:referer => new_message_path(:display_name => user.display_name))
   end
 
   ##
   # test fetching new message page when logged in
   def test_new_form
     # Login as a normal user
-    session[:user] = users(:normal_user).id
+    user = create(:user)
+    recipient_user = create(:user)
+    session[:user] = user.id
 
     # Check that the new message page loads
-    get :new, :display_name => users(:public_user).display_name
+    get :new, :display_name => recipient_user.display_name
     assert_response :success
     assert_template "new"
     assert_select "title", "OpenStreetMap | Send message"
-    assert_select "form[action='#{new_message_path(:display_name => users(:public_user).display_name)}']", :count => 1 do
+    assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
       assert_select "input#message_title", :count => 1
       assert_select "textarea#message_body", :count => 1
       assert_select "input[type='submit'][value='Send']", :count => 1
@@ -74,20 +75,22 @@ class MessageControllerTest < ActionController::TestCase
   # test fetching new message page with body and title
   def test_new_get_with_params
     # Login as a normal user
-    session[:user] = users(:normal_user).id
+    user = create(:user)
+    recipient_user = create(:user)
+    session[:user] = user.id
 
     # Check that we can't send a message from a GET request
     assert_difference "ActionMailer::Base.deliveries.size", 0 do
       assert_difference "Message.count", 0 do
         get :new,
-            :display_name => users(:public_user).display_name,
+            :display_name => recipient_user.display_name,
             :message => { :title => "Test Message", :body => "Test message body" }
       end
     end
     assert_response :success
     assert_template "new"
     assert_select "title", "OpenStreetMap | Send message"
-    assert_select "form[action='#{new_message_path(:display_name => users(:public_user).display_name)}']", :count => 1 do
+    assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
       assert_select "input#message_title", :count => 1 do
         assert_select "[value='Test Message']"
       end
@@ -100,20 +103,22 @@ class MessageControllerTest < ActionController::TestCase
   # test posting new message page with no body
   def test_new_post_no_body
     # Login as a normal user
-    session[:user] = users(:normal_user).id
+    user = create(:user)
+    recipient_user = create(:user)
+    session[:user] = user.id
 
     # Check that the subject is preserved over errors
     assert_difference "ActionMailer::Base.deliveries.size", 0 do
       assert_difference "Message.count", 0 do
         post :new,
-             :display_name => users(:public_user).display_name,
+             :display_name => recipient_user.display_name,
              :message => { :title => "Test Message", :body => "" }
       end
     end
     assert_response :success
     assert_template "new"
     assert_select "title", "OpenStreetMap | Send message"
-    assert_select "form[action='#{new_message_path(:display_name => users(:public_user).display_name)}']", :count => 1 do
+    assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
       assert_select "input#message_title", :count => 1 do
         assert_select "[value='Test Message']"
       end
@@ -126,20 +131,22 @@ class MessageControllerTest < ActionController::TestCase
   # test posting new message page with no title
   def test_new_post_no_title
     # Login as a normal user
-    session[:user] = users(:normal_user).id
+    user = create(:user)
+    recipient_user = create(:user)
+    session[:user] = user.id
 
     # Check that the body text is preserved over errors
     assert_difference "ActionMailer::Base.deliveries.size", 0 do
       assert_difference "Message.count", 0 do
         post :new,
-             :display_name => users(:public_user).display_name,
+             :display_name => recipient_user.display_name,
              :message => { :title => "", :body => "Test message body" }
       end
     end
     assert_response :success
     assert_template "new"
     assert_select "title", "OpenStreetMap | Send message"
-    assert_select "form[action='#{new_message_path(:display_name => users(:public_user).display_name)}']", :count => 1 do
+    assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
       assert_select "input#message_title", :count => 1 do
         assert_select "[value='']"
       end
@@ -152,27 +159,29 @@ class MessageControllerTest < ActionController::TestCase
   # test posting new message page sends message
   def test_new_post_send
     # Login as a normal user
-    session[:user] = users(:normal_user).id
+    user = create(:user)
+    recipient_user = create(:user)
+    session[:user] = user.id
 
     # Check that sending a message works
     assert_difference "ActionMailer::Base.deliveries.size", 1 do
       assert_difference "Message.count", 1 do
         post :new,
-             :display_name => users(:public_user).display_name,
+             :display_name => recipient_user.display_name,
              :message => { :title => "Test Message", :body => "Test message body" }
       end
     end
-    assert_redirected_to inbox_path(:display_name => users(:normal_user).display_name)
+    assert_redirected_to inbox_path(:display_name => user.display_name)
     assert_equal "Message sent", flash[:notice]
     e = ActionMailer::Base.deliveries.first
-    assert_equal [users(:public_user).email], e.to
+    assert_equal [recipient_user.email], e.to
     assert_equal "[OpenStreetMap] Test Message", e.subject
     assert_match /Test message body/, e.text_part.decoded
     assert_match /Test message body/, e.html_part.decoded
     ActionMailer::Base.deliveries.clear
     m = Message.last
-    assert_equal users(:normal_user).id, m.from_user_id
+    assert_equal user.id, m.from_user_id
-    assert_equal users(:public_user).id, m.to_user_id
+    assert_equal recipient_user.id, m.to_user_id
     assert_in_delta Time.now, m.sent_on, 2
     assert_equal "Test Message", m.title
     assert_equal "Test message body", m.body
@@ -189,14 +198,16 @@ class MessageControllerTest < ActionController::TestCase
   # test the new action message limit
   def test_new_limit
     # Login as a normal user
-    session[:user] = users(:normal_user).id
+    user = create(:user)
+    recipient_user = create(:user)
+    session[:user] = user.id
 
     # Check that sending a message fails when the message limit is hit
     assert_no_difference "ActionMailer::Base.deliveries.size" do
       assert_no_difference "Message.count" do
         with_message_limit(0) do
           post :new,
-               :display_name => users(:public_user).display_name,
+               :display_name => recipient_user.display_name,
                :message => { :title => "Test Message", :body => "Test message body" }
           assert_response :success
           assert_template "new"
@@ -209,29 +220,32 @@ class MessageControllerTest < ActionController::TestCase
   ##
   # test the reply action
   def test_reply
-    unread_message = create(:message, :unread, :sender => users(:normal_user), :recipient => users(:public_user))
+    user = create(:user)
+    recipient_user = create(:user)
+    other_user = create(:user)
+    unread_message = create(:message, :unread, :sender => user, :recipient => recipient_user)
 
     # Check that the message reply page requires us to login
     get :reply, :message_id => unread_message.id
     assert_redirected_to login_path(:referer => reply_message_path(:message_id => unread_message.id))
 
     # Login as the wrong user
-    session[:user] = users(:second_public_user).id
+    session[:user] = other_user.id
 
     # Check that we can't reply to somebody else's message
     get :reply, :message_id => unread_message.id
     assert_redirected_to login_path(:referer => reply_message_path(:message_id => unread_message.id))
-    assert_equal "You are logged in as `pulibc_test2' but the message you have asked to reply to was not sent to that user. Please login as the correct user in order to reply.", flash[:notice]
+    assert_equal "You are logged in as `#{other_user.display_name}' but the message you have asked to reply to was not sent to that user. Please login as the correct user in order to reply.", flash[:notice]
 
     # Login as the right user
-    session[:user] = users(:public_user).id
+    session[:user] = recipient_user.id
 
     # Check that the message reply page loads
     get :reply, :message_id => unread_message.id
     assert_response :success
     assert_template "new"
     assert_select "title", "OpenStreetMap | Re: #{unread_message.title}"
-    assert_select "form[action='#{new_message_path(:display_name => users(:normal_user).display_name)}']", :count => 1 do
+    assert_select "form[action='#{new_message_path(:display_name => user.display_name)}']", :count => 1 do
       assert_select "input#message_title[value='Re: #{unread_message.title}']", :count => 1
       assert_select "textarea#message_body", :count => 1
       assert_select "input[type='submit'][value='Send']", :count => 1
@@ -252,22 +266,25 @@ class MessageControllerTest < ActionController::TestCase
   ##
   # test the read action
   def test_read
-    unread_message = create(:message, :unread, :sender => users(:normal_user), :recipient => users(:public_user))
+    user = create(:user)
+    recipient_user = create(:user)
+    other_user = create(:user)
+    unread_message = create(:message, :unread, :sender => user, :recipient => recipient_user)
 
     # Check that the read message page requires us to login
     get :read, :message_id => unread_message.id
     assert_redirected_to login_path(:referer => read_message_path(:message_id => unread_message.id))
 
     # Login as the wrong user
-    session[:user] = users(:second_public_user).id
+    session[:user] = other_user.id
 
     # Check that we can't read the message
     get :read, :message_id => unread_message.id
     assert_redirected_to login_path(:referer => read_message_path(:message_id => unread_message.id))
-    assert_equal "You are logged in as `pulibc_test2' but the message you have asked to read was not sent by or to that user. Please login as the correct user in order to read it.", flash[:notice]
+    assert_equal "You are logged in as `#{other_user.display_name}' but the message you have asked to read was not sent by or to that user. Please login as the correct user in order to read it.", flash[:notice]
 
     # Login as the message sender
-    session[:user] = users(:normal_user).id
+    session[:user] = user.id
 
     # Check that the message sender can read the message
     get :read, :message_id => unread_message.id
@@ -275,10 +292,10 @@ class MessageControllerTest < ActionController::TestCase
     assert_template "read"
     assert_equal false, Message.find(unread_message.id).message_read
 
-    # Login as the message recipient
+    # Login as the message recipient_user
-    session[:user] = users(:public_user).id
+    session[:user] = recipient_user.id
 
-    # Check that the message recipient can read the message
+    # Check that the message recipient_user can read the message
     get :read, :message_id => unread_message.id
     assert_response :success
     assert_template "read"
@@ -298,16 +315,18 @@ class MessageControllerTest < ActionController::TestCase
   ##
   # test the inbox action
   def test_inbox
-    read_message = create(:message, :read, :recipient => users(:normal_user))
+    user = create(:user)
+    other_user = create(:user)
+    read_message = create(:message, :read, :recipient => user)
     # Check that the inbox page requires us to login
-    get :inbox, :display_name => users(:normal_user).display_name
+    get :inbox, :display_name => user.display_name
-    assert_redirected_to login_path(:referer => inbox_path(:display_name => users(:normal_user).display_name))
+    assert_redirected_to login_path(:referer => inbox_path(:display_name => user.display_name))
 
     # Login
-    session[:user] = users(:normal_user).id
+    session[:user] = user.id
 
     # Check that we can view our inbox when logged in
-    get :inbox, :display_name => users(:normal_user).display_name
+    get :inbox, :display_name => user.display_name
     assert_response :success
     assert_template "inbox"
     assert_select "table.messages", :count => 1 do
@@ -316,24 +335,26 @@ class MessageControllerTest < ActionController::TestCase
     end
 
     # Check that we can't view somebody else's inbox when logged in
-    get :inbox, :display_name => users(:public_user).display_name
+    get :inbox, :display_name => other_user.display_name
-    assert_redirected_to inbox_path(:display_name => users(:normal_user).display_name)
+    assert_redirected_to inbox_path(:display_name => user.display_name)
   end
 
   ##
   # test the outbox action
   def test_outbox
-    create(:message, :sender => users(:normal_user))
+    user = create(:user)
+    other_user = create(:user)
+    create(:message, :sender => user)
 
     # Check that the outbox page requires us to login
-    get :outbox, :display_name => users(:normal_user).display_name
+    get :outbox, :display_name => user.display_name
-    assert_redirected_to login_path(:referer => outbox_path(:display_name => users(:normal_user).display_name))
+    assert_redirected_to login_path(:referer => outbox_path(:display_name => user.display_name))
 
     # Login
-    session[:user] = users(:normal_user).id
+    session[:user] = user.id
 
     # Check that we can view our outbox when logged in
-    get :outbox, :display_name => users(:normal_user).display_name
+    get :outbox, :display_name => user.display_name
     assert_response :success
     assert_template "outbox"
     assert_select "table.messages", :count => 1 do
@@ -342,38 +363,41 @@ class MessageControllerTest < ActionController::TestCase
     end
 
     # Check that we can't view somebody else's outbox when logged in
-    get :outbox, :display_name => users(:public_user).display_name
+    get :outbox, :display_name => other_user.display_name
-    assert_redirected_to outbox_path(:display_name => users(:normal_user).display_name)
+    assert_redirected_to outbox_path(:display_name => user.display_name)
   end
 
   ##
   # test the mark action
   def test_mark
-    unread_message = create(:message, :unread, :sender => users(:normal_user), :recipient => users(:public_user))
+    user = create(:user)
+    recipient_user = create(:user)
+    other_user = create(:user)
+    unread_message = create(:message, :unread, :sender => user, :recipient => recipient_user)
 
     # Check that the marking a message requires us to login
     post :mark, :message_id => unread_message.id
     assert_response :forbidden
 
     # Login as a user with no messages
-    session[:user] = users(:second_public_user).id
+    session[:user] = other_user.id
 
     # Check that marking a message we didn't send or receive fails
     post :mark, :message_id => unread_message.id
     assert_response :not_found
     assert_template "no_such_message"
 
-    # Login as the message recipient
+    # Login as the message recipient_user
-    session[:user] = users(:public_user).id
+    session[:user] = recipient_user.id
 
     # Check that the marking a message read works
     post :mark, :message_id => unread_message.id, :mark => "read"
-    assert_redirected_to inbox_path(:display_name => users(:public_user).display_name)
+    assert_redirected_to inbox_path(:display_name => recipient_user.display_name)
     assert_equal true, Message.find(unread_message.id).message_read
 
     # Check that the marking a message unread works
     post :mark, :message_id => unread_message.id, :mark => "unread"
-    assert_redirected_to inbox_path(:display_name => users(:public_user).display_name)
+    assert_redirected_to inbox_path(:display_name => recipient_user.display_name)
     assert_equal false, Message.find(unread_message.id).message_read
 
     # Check that the marking a message read via XHR works
@@ -402,35 +426,38 @@ class MessageControllerTest < ActionController::TestCase
   ##
   # test the delete action
   def test_delete
-    read_message = create(:message, :read, :recipient => users(:normal_user), :sender => users(:public_user))
+    user = create(:user)
-    sent_message = create(:message, :unread, :recipient => users(:public_user), :sender => users(:normal_user))
+    second_user = create(:user)
+    other_user = create(:user)
+    read_message = create(:message, :read, :recipient => user, :sender => second_user)
+    sent_message = create(:message, :unread, :recipient => second_user, :sender => user)
 
     # Check that the deleting a message requires us to login
     post :delete, :message_id => read_message.id
     assert_response :forbidden
 
     # Login as a user with no messages
-    session[:user] = users(:second_public_user).id
+    session[:user] = other_user.id
 
     # Check that deleting a message we didn't send or receive fails
     post :delete, :message_id => read_message.id
     assert_response :not_found
     assert_template "no_such_message"
 
-    # Login as the message recipient
+    # Login as the message recipient_user
-    session[:user] = users(:normal_user).id
+    session[:user] = user.id
 
     # Check that the deleting a received message works
     post :delete, :message_id => read_message.id
-    assert_redirected_to inbox_path(:display_name => users(:normal_user).display_name)
+    assert_redirected_to inbox_path(:display_name => user.display_name)
     assert_equal "Message deleted", flash[:notice]
     m = Message.find(read_message.id)
     assert_equal true, m.from_user_visible
     assert_equal false, m.to_user_visible
 
     # Check that the deleting a sent message works
-    post :delete, :message_id => sent_message.id, :referer => outbox_path(:display_name => users(:normal_user).display_name)
+    post :delete, :message_id => sent_message.id, :referer => outbox_path(:display_name => user.display_name)
-    assert_redirected_to outbox_path(:display_name => users(:normal_user).display_name)
+    assert_redirected_to outbox_path(:display_name => user.display_name)
     assert_equal "Message deleted", flash[:notice]
     m = Message.find(sent_message.id)
     assert_equal false, m.from_user_visible

test/controllers/swf_controller_test.rb

@@ -15,7 +15,9 @@ class SwfControllerTest < ActionController::TestCase
   ##
   # basic test that trackpoints at least returns some sort of flash movie
   def test_trackpoints
-    create(:trace, :visibility => "trackable", :latitude => 51.51, :longitude => -0.14, :user => users(:public_user)) do |trace|
+    user = create(:user)
+    other_user = create(:user)
+    create(:trace, :visibility => "trackable", :latitude => 51.51, :longitude => -0.14, :user => user) do |trace|
       create(:tracepoint, :trace => trace, :trackid => 1, :latitude => (51.510 * GeoRecord::SCALE).to_i, :longitude => (-0.140 * GeoRecord::SCALE).to_i)
       create(:tracepoint, :trace => trace, :trackid => 2, :latitude => (51.511 * GeoRecord::SCALE).to_i, :longitude => (-0.141 * GeoRecord::SCALE).to_i)
     end
@@ -29,13 +31,13 @@ class SwfControllerTest < ActionController::TestCase
     assert_match /^FWS/, response.body
     assert_equal 80, response.body.length
 
-    get :trackpoints, :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1, :token => users(:normal_user).tokens.create.token
+    get :trackpoints, :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1, :token => other_user.tokens.create.token
     assert_response :success
     assert_equal "application/x-shockwave-flash", response.content_type
     assert_match /^FWS/, response.body
     assert_equal 67, response.body.length
 
-    get :trackpoints, :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1, :token => users(:public_user).tokens.create.token
+    get :trackpoints, :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1, :token => user.tokens.create.token
     assert_response :success
     assert_equal "application/x-shockwave-flash", response.content_type
     assert_match /^FWS/, response.body

test/controllers/user_roles_controller_test.rb

@@ -1,8 +1,6 @@
 require "test_helper"
 
 class UserRolesControllerTest < ActionController::TestCase
-  fixtures :users, :user_roles
-
   ##
   # test all routes which lead to this controller
   def test_routes
@@ -19,20 +17,29 @@ class UserRolesControllerTest < ActionController::TestCase
   ##
   # test the grant action
   def test_grant
+    target_user = create(:user)
+    normal_user = create(:user)
+    administrator_user = create(:administrator_user)
+    # Create a super user which has all known roles
+    super_user = create(:user)
+    UserRole::ALL_ROLES.each do |role|
+      create(:user_role, :user => super_user, :granter => administrator_user, :role => role)
+    end
+
     # Granting should fail when not logged in
-    post :grant, :display_name => users(:normal_user).display_name, :role => "moderator"
+    post :grant, :display_name => target_user.display_name, :role => "moderator"
     assert_response :forbidden
 
     # Login as an unprivileged user
-    session[:user] = users(:public_user).id
+    session[:user] = normal_user.id
 
     # Granting should still fail
-    post :grant, :display_name => users(:normal_user).display_name, :role => "moderator"
+    post :grant, :display_name => target_user.display_name, :role => "moderator"
-    assert_redirected_to user_path(users(:normal_user).display_name)
+    assert_redirected_to user_path(target_user.display_name)
     assert_equal "Only administrators can perform user role management, and you are not an administrator.", flash[:error]
 
     # Login as an administrator
-    session[:user] = users(:administrator_user).id
+    session[:user] = administrator_user.id
 
     UserRole::ALL_ROLES.each do |role|
       # Granting a role to a non-existent user should fail
@@ -43,52 +50,61 @@ class UserRolesControllerTest < ActionController::TestCase
       assert_template "user/no_such_user"
       assert_select "h1", "The user non_existent_user does not exist"
 
-      # Granting a role from a user that already has it should fail
+      # Granting a role to a user that already has it should fail
       assert_no_difference "UserRole.count" do
-        post :grant, :display_name => users(:super_user).display_name, :role => role
+        post :grant, :display_name => super_user.display_name, :role => role
       end
-      assert_redirected_to user_path(users(:super_user).display_name)
+      assert_redirected_to user_path(super_user.display_name)
       assert_equal "The user already has role #{role}.", flash[:error]
 
       # Granting a role to a user that doesn't have it should work...
       assert_difference "UserRole.count", 1 do
-        post :grant, :display_name => users(:normal_user).display_name, :role => role
+        post :grant, :display_name => target_user.display_name, :role => role
       end
-      assert_redirected_to user_path(users(:normal_user).display_name)
+      assert_redirected_to user_path(target_user.display_name)
 
       # ...but trying a second time should fail
       assert_no_difference "UserRole.count" do
-        post :grant, :display_name => users(:normal_user).display_name, :role => role
+        post :grant, :display_name => target_user.display_name, :role => role
       end
-      assert_redirected_to user_path(users(:normal_user).display_name)
+      assert_redirected_to user_path(target_user.display_name)
       assert_equal "The user already has role #{role}.", flash[:error]
     end
 
     # Granting a non-existent role should fail
     assert_difference "UserRole.count", 0 do
-      post :grant, :display_name => users(:normal_user).display_name, :role => "no_such_role"
+      post :grant, :display_name => target_user.display_name, :role => "no_such_role"
     end
-    assert_redirected_to user_path(users(:normal_user).display_name)
+    assert_redirected_to user_path(target_user.display_name)
     assert_equal "The string `no_such_role' is not a valid role.", flash[:error]
   end
 
   ##
   # test the revoke action
   def test_revoke
+    target_user = create(:user)
+    normal_user = create(:user)
+    administrator_user = create(:administrator_user)
+    # Create a super user which has all known roles
+    super_user = create(:user)
+    UserRole::ALL_ROLES.each do |role|
+      create(:user_role, :user => super_user, :granter => administrator_user, :role => role)
+    end
+
     # Revoking should fail when not logged in
-    post :revoke, :display_name => users(:normal_user).display_name, :role => "moderator"
+    post :revoke, :display_name => target_user.display_name, :role => "moderator"
     assert_response :forbidden
 
     # Login as an unprivileged user
-    session[:user] = users(:public_user).id
+    session[:user] = normal_user.id
 
     # Revoking should still fail
-    post :revoke, :display_name => users(:normal_user).display_name, :role => "moderator"
+    post :revoke, :display_name => target_user.display_name, :role => "moderator"
-    assert_redirected_to user_path(users(:normal_user).display_name)
+    assert_redirected_to user_path(target_user.display_name)
     assert_equal "Only administrators can perform user role management, and you are not an administrator.", flash[:error]
 
     # Login as an administrator
-    session[:user] = users(:administrator_user).id
+    session[:user] = administrator_user.id
 
     UserRole::ALL_ROLES.each do |role|
       # Removing a role from a non-existent user should fail
@@ -101,30 +117,30 @@ class UserRolesControllerTest < ActionController::TestCase
 
       # Removing a role from a user that doesn't have it should fail
       assert_no_difference "UserRole.count" do
-        post :revoke, :display_name => users(:normal_user).display_name, :role => role
+        post :revoke, :display_name => target_user.display_name, :role => role
       end
-      assert_redirected_to user_path(users(:normal_user).display_name)
+      assert_redirected_to user_path(target_user.display_name)
       assert_equal "The user does not have role #{role}.", flash[:error]
 
-      # Removing a role' from a user that has it should work...
+      # Removing a role from a user that has it should work...
       assert_difference "UserRole.count", -1 do
-        post :revoke, :display_name => users(:super_user).display_name, :role => role
+        post :revoke, :display_name => super_user.display_name, :role => role
       end
-      assert_redirected_to user_path(users(:super_user).display_name)
+      assert_redirected_to user_path(super_user.display_name)
 
       # ...but trying a second time should fail
       assert_no_difference "UserRole.count" do
-        post :revoke, :display_name => users(:super_user).display_name, :role => role
+        post :revoke, :display_name => super_user.display_name, :role => role
       end
-      assert_redirected_to user_path(users(:super_user).display_name)
+      assert_redirected_to user_path(super_user.display_name)
       assert_equal "The user does not have role #{role}.", flash[:error]
     end
 
     # Revoking a non-existent role should fail
     assert_difference "UserRole.count", 0 do
-      post :revoke, :display_name => users(:normal_user).display_name, :role => "no_such_role"
+      post :revoke, :display_name => target_user.display_name, :role => "no_such_role"
     end
-    assert_redirected_to user_path(users(:normal_user).display_name)
+    assert_redirected_to user_path(target_user.display_name)
     assert_equal "The string `no_such_role' is not a valid role.", flash[:error]
   end
 end