4 class OldWaysControllerTest < ActionDispatch::IntegrationTest
6 # test all routes which lead to this controller
9 { :path => "/api/0.6/way/1/history", :method => :get },
10 { :controller => "api/old_ways", :action => "history", :id => "1" }
13 { :path => "/api/0.6/way/1/2", :method => :get },
14 { :controller => "api/old_ways", :action => "show", :id => "1", :version => "2" }
17 { :path => "/api/0.6/way/1/history.json", :method => :get },
18 { :controller => "api/old_ways", :action => "history", :id => "1", :format => "json" }
21 { :path => "/api/0.6/way/1/2.json", :method => :get },
22 { :controller => "api/old_ways", :action => "show", :id => "1", :version => "2", :format => "json" }
25 { :path => "/api/0.6/way/1/2/redact", :method => :post },
26 { :controller => "api/old_ways", :action => "redact", :id => "1", :version => "2" }
30 # -------------------------------------
31 # Test reading old ways.
32 # -------------------------------------
34 def test_history_visible
35 # check that a visible way is returned properly
36 get api_way_history_path(create(:way, :with_history))
37 assert_response :success
40 def test_history_invisible
41 # check that an invisible way's history is returned properly
42 get api_way_history_path(create(:way, :with_history, :deleted))
43 assert_response :success
46 def test_history_invalid
47 # check chat a non-existent way is not returned
48 get api_way_history_path(:id => 0)
49 assert_response :not_found
53 # check that we can retrieve versions of a way
55 way = create(:way, :with_history)
56 used_way = create(:way, :with_history)
57 create(:relation_member, :member => used_way)
58 way_with_versions = create(:way, :with_history, :version => 4)
60 create(:way_tag, :way => way)
61 create(:way_tag, :way => used_way)
62 create(:way_tag, :way => way_with_versions)
63 propagate_tags(way, way.old_ways.last)
64 propagate_tags(used_way, used_way.old_ways.last)
65 propagate_tags(way_with_versions, way_with_versions.old_ways.last)
67 check_current_version(way.id)
68 check_current_version(used_way.id)
69 check_current_version(way_with_versions.id)
73 # check that returned history is the same as getting all
74 # versions of a way from the api.
75 def test_history_equals_versions
76 way = create(:way, :with_history)
77 used_way = create(:way, :with_history)
78 create(:relation_member, :member => used_way)
79 way_with_versions = create(:way, :with_history, :version => 4)
81 check_history_equals_versions(way.id)
82 check_history_equals_versions(used_way.id)
83 check_history_equals_versions(way_with_versions.id)
87 # test the redaction of an old version of a way, while not being
89 def test_redact_way_unauthorised
90 way = create(:way, :with_history, :version => 4)
91 way_v3 = way.old_ways.find_by(:version => 3)
93 do_redact_way(way_v3, create(:redaction))
94 assert_response :unauthorized, "should need to be authenticated to redact."
98 # test the redaction of an old version of a way, while being
99 # authorised as a normal user.
100 def test_redact_way_normal_user
101 auth_header = basic_authorization_header create(:user).email, "test"
102 way = create(:way, :with_history, :version => 4)
103 way_v3 = way.old_ways.find_by(:version => 3)
105 do_redact_way(way_v3, create(:redaction), auth_header)
106 assert_response :forbidden, "should need to be moderator to redact."
110 # test that, even as moderator, the current version of a way
112 def test_redact_way_current_version
113 auth_header = basic_authorization_header create(:moderator_user).email, "test"
114 way = create(:way, :with_history, :version => 4)
115 way_latest = way.old_ways.last
117 do_redact_way(way_latest, create(:redaction), auth_header)
118 assert_response :bad_request, "shouldn't be OK to redact current version as moderator."
121 def test_redact_way_by_regular_with_read_prefs_scope
122 auth_header = create_bearer_auth_header(create(:user), %w[read_prefs])
123 do_redact_redactable_way(auth_header)
124 assert_response :forbidden, "should need to be moderator to redact."
127 def test_redact_way_by_regular_with_write_api_scope
128 auth_header = create_bearer_auth_header(create(:user), %w[write_api])
129 do_redact_redactable_way(auth_header)
130 assert_response :forbidden, "should need to be moderator to redact."
133 def test_redact_way_by_regular_with_write_redactions_scope
134 auth_header = create_bearer_auth_header(create(:user), %w[write_redactions])
135 do_redact_redactable_way(auth_header)
136 assert_response :forbidden, "should need to be moderator to redact."
139 def test_redact_way_by_moderator_with_read_prefs_scope
140 auth_header = create_bearer_auth_header(create(:moderator_user), %w[read_prefs])
141 do_redact_redactable_way(auth_header)
142 assert_response :forbidden, "should need to have write_redactions scope to redact."
145 def test_redact_way_by_moderator_with_write_api_scope
146 auth_header = create_bearer_auth_header(create(:moderator_user), %w[write_api])
147 do_redact_redactable_way(auth_header)
148 assert_response :success, "should be OK to redact old version as moderator with write_api scope."
149 # assert_response :forbidden, "should need to have write_redactions scope to redact."
152 def test_redact_way_by_moderator_with_write_redactions_scope
153 auth_header = create_bearer_auth_header(create(:moderator_user), %w[write_redactions])
154 do_redact_redactable_way(auth_header)
155 assert_response :success, "should be OK to redact old version as moderator with write_redactions scope."
159 # test that redacted ways aren't visible, regardless of
160 # authorisation except as moderator...
161 def test_version_redacted
162 way = create(:way, :with_history, :version => 2)
163 way_v1 = way.old_ways.find_by(:version => 1)
164 way_v1.redact!(create(:redaction))
166 get api_old_way_path(way_v1.way_id, way_v1.version)
167 assert_response :forbidden, "Redacted way shouldn't be visible via the version API."
169 # not even to a logged-in user
170 auth_header = basic_authorization_header create(:user).email, "test"
171 get api_old_way_path(way_v1.way_id, way_v1.version), :headers => auth_header
172 assert_response :forbidden, "Redacted way shouldn't be visible via the version API, even when logged in."
176 # test that redacted ways aren't visible in the history
177 def test_history_redacted
178 way = create(:way, :with_history, :version => 2)
179 way_v1 = way.old_ways.find_by(:version => 1)
180 way_v1.redact!(create(:redaction))
182 get api_way_history_path(:id => way_v1.way_id)
183 assert_response :success, "Redaction shouldn't have stopped history working."
184 assert_select "osm way[id='#{way_v1.way_id}'][version='#{way_v1.version}']", 0,
185 "redacted way #{way_v1.way_id} version #{way_v1.version} shouldn't be present in the history."
187 # not even to a logged-in user
188 auth_header = basic_authorization_header create(:user).email, "test"
189 get api_way_history_path(:id => way_v1.way_id), :headers => auth_header
190 assert_response :success, "Redaction shouldn't have stopped history working."
191 assert_select "osm way[id='#{way_v1.way_id}'][version='#{way_v1.version}']", 0,
192 "redacted node #{way_v1.way_id} version #{way_v1.version} shouldn't be present in the history, even when logged in."
196 # test the redaction of an old version of a way, while being
197 # authorised as a moderator.
198 def test_redact_way_moderator
199 way = create(:way, :with_history, :version => 4)
200 way_v3 = way.old_ways.find_by(:version => 3)
201 auth_header = basic_authorization_header create(:moderator_user).email, "test"
203 do_redact_way(way_v3, create(:redaction), auth_header)
204 assert_response :success, "should be OK to redact old version as moderator."
206 # check moderator can still see the redacted data, when passing
207 # the appropriate flag
208 get api_old_way_path(way_v3.way_id, way_v3.version), :headers => auth_header
209 assert_response :forbidden, "After redaction, node should be gone for moderator, when flag not passed."
210 get api_old_way_path(way_v3.way_id, way_v3.version, :show_redactions => "true"), :headers => auth_header
211 assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
213 # and when accessed via history
214 get api_way_history_path(:id => way_v3.way_id), :headers => auth_header
215 assert_response :success, "Redaction shouldn't have stopped history working."
216 assert_select "osm way[id='#{way_v3.way_id}'][version='#{way_v3.version}']", 0,
217 "way #{way_v3.way_id} version #{way_v3.version} should not be present in the history for moderators when not passing flag."
218 get api_way_history_path(:id => way_v3.way_id), :params => { :show_redactions => "true" }, :headers => auth_header
219 assert_response :success, "Redaction shouldn't have stopped history working."
220 assert_select "osm way[id='#{way_v3.way_id}'][version='#{way_v3.version}']", 1,
221 "way #{way_v3.way_id} version #{way_v3.version} should still be present in the history for moderators when passing flag."
224 # testing that if the moderator drops auth, he can't see the
225 # redacted stuff any more.
226 def test_redact_way_is_redacted
227 way = create(:way, :with_history, :version => 4)
228 way_v3 = way.old_ways.find_by(:version => 3)
229 auth_header = basic_authorization_header create(:moderator_user).email, "test"
231 do_redact_way(way_v3, create(:redaction), auth_header)
232 assert_response :success, "should be OK to redact old version as moderator."
234 # re-auth as non-moderator
235 auth_header = basic_authorization_header create(:user).email, "test"
237 # check can't see the redacted data
238 get api_old_way_path(way_v3.way_id, way_v3.version), :headers => auth_header
239 assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
241 # and when accessed via history
242 get api_way_history_path(:id => way_v3.way_id), :headers => auth_header
243 assert_response :success, "Redaction shouldn't have stopped history working."
244 assert_select "osm way[id='#{way_v3.way_id}'][version='#{way_v3.version}']", 0,
245 "redacted way #{way_v3.way_id} version #{way_v3.version} shouldn't be present in the history."
249 # test the unredaction of an old version of a way, while not being
251 def test_unredact_way_unauthorised
252 way = create(:way, :with_history, :version => 2)
253 way_v1 = way.old_ways.find_by(:version => 1)
254 way_v1.redact!(create(:redaction))
256 post way_version_redact_path(:id => way_v1.way_id, :version => way_v1.version)
257 assert_response :unauthorized, "should need to be authenticated to unredact."
261 # test the unredaction of an old version of a way, while being
262 # authorised as a normal user.
263 def test_unredact_way_normal_user
264 way = create(:way, :with_history, :version => 2)
265 way_v1 = way.old_ways.find_by(:version => 1)
266 way_v1.redact!(create(:redaction))
268 auth_header = basic_authorization_header create(:user).email, "test"
270 post way_version_redact_path(:id => way_v1.way_id, :version => way_v1.version), :headers => auth_header
271 assert_response :forbidden, "should need to be moderator to unredact."
275 # test the unredaction of an old version of a way, while being
276 # authorised as a moderator.
277 def test_unredact_way_moderator
278 moderator_user = create(:moderator_user)
279 way = create(:way, :with_history, :version => 2)
280 way_v1 = way.old_ways.find_by(:version => 1)
281 way_v1.redact!(create(:redaction))
283 auth_header = basic_authorization_header moderator_user.email, "test"
285 post way_version_redact_path(:id => way_v1.way_id, :version => way_v1.version), :headers => auth_header
286 assert_response :success, "should be OK to unredact old version as moderator."
288 # check moderator can still see the unredacted data, without passing
289 # the appropriate flag
290 get api_old_way_path(way_v1.way_id, way_v1.version), :headers => auth_header
291 assert_response :success, "After unredaction, node should not be gone for moderator."
293 # and when accessed via history
294 get api_way_history_path(:id => way_v1.way_id), :headers => auth_header
295 assert_response :success, "Unredaction shouldn't have stopped history working."
296 assert_select "osm way[id='#{way_v1.way_id}'][version='#{way_v1.version}']", 1,
297 "way #{way_v1.way_id} version #{way_v1.version} should still be present in the history for moderators."
299 auth_header = basic_authorization_header create(:user).email, "test"
301 # check normal user can now see the unredacted data
302 get api_old_way_path(way_v1.way_id, way_v1.version), :headers => auth_header
303 assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
305 # and when accessed via history
306 get api_way_history_path(:id => way_v1.way_id), :headers => auth_header
307 assert_response :success, "Redaction shouldn't have stopped history working."
308 assert_select "osm way[id='#{way_v1.way_id}'][version='#{way_v1.version}']", 1,
309 "way #{way_v1.way_id} version #{way_v1.version} should still be present in the history for normal users."
315 # check that the current version of a way is equivalent to the
316 # version which we're getting from the versions call.
317 def check_current_version(way_id)
318 # get the current version
319 current_way = with_controller(WaysController.new) do
320 get api_way_path(way_id)
321 assert_response :success, "can't get current way #{way_id}"
322 Way.from_xml(@response.body)
324 assert_not_nil current_way, "getting way #{way_id} returned nil"
326 # get the "old" version of the way from the version method
327 get api_old_way_path(way_id, current_way.version)
328 assert_response :success, "can't get old way #{way_id}, v#{current_way.version}"
329 old_way = Way.from_xml(@response.body)
331 # check that the ways are identical
332 assert_ways_are_equal current_way, old_way
336 # look at all the versions of the way in the history and get each version from
337 # the versions call. check that they're the same.
338 def check_history_equals_versions(way_id)
339 get api_way_history_path(:id => way_id)
340 assert_response :success, "can't get way #{way_id} from API"
341 history_doc = XML::Parser.string(@response.body).parse
342 assert_not_nil history_doc, "parsing way #{way_id} history failed"
344 history_doc.find("//osm/way").each do |way_doc|
345 history_way = Way.from_xml_node(way_doc)
346 assert_not_nil history_way, "parsing way #{way_id} version failed"
348 get api_old_way_path(way_id, history_way.version)
349 assert_response :success, "couldn't get way #{way_id}, v#{history_way.version}"
350 version_way = Way.from_xml(@response.body)
351 assert_not_nil version_way, "failed to parse #{way_id}, v#{history_way.version}"
353 assert_ways_are_equal history_way, version_way
357 def create_bearer_auth_header(user, scopes)
358 token = create(:oauth_access_token,
359 :resource_owner_id => user.id,
361 bearer_authorization_header(token.token)
364 def do_redact_redactable_way(headers = {})
365 way = create(:way, :with_history, :version => 4)
366 way_v3 = way.old_ways.find_by(:version => 3)
367 do_redact_way(way_v3, create(:redaction), headers)
370 def do_redact_way(way, redaction, headers = {})
371 get api_old_way_path(way.way_id, way.version)
372 assert_response :success, "should be able to get version #{way.version} of way #{way.way_id}."
375 post way_version_redact_path(:id => way.way_id, :version => way.version), :params => { :redaction => redaction.id }, :headers => headers
378 def propagate_tags(way, old_way)
379 way.tags.each do |k, v|
380 create(:old_way_tag, :old_way => old_way, :k => k, :v => v)