4 class UserPreferencesControllerTest < ActionDispatch::IntegrationTest
6 # test all routes which lead to this controller
9 { :path => "/api/0.6/user/preferences", :method => :get },
10 { :controller => "api/user_preferences", :action => "index" }
13 { :path => "/api/0.6/user/preferences.json", :method => :get },
14 { :controller => "api/user_preferences", :action => "index", :format => "json" }
17 { :path => "/api/0.6/user/preferences", :method => :put },
18 { :controller => "api/user_preferences", :action => "update_all" }
21 { :path => "/api/0.6/user/preferences/key", :method => :get },
22 { :controller => "api/user_preferences", :action => "show", :preference_key => "key" }
25 { :path => "/api/0.6/user/preferences/key", :method => :put },
26 { :controller => "api/user_preferences", :action => "update", :preference_key => "key" }
29 { :path => "/api/0.6/user/preferences/key", :method => :delete },
30 { :controller => "api/user_preferences", :action => "destroy", :preference_key => "key" }
35 # test showing all preferences
37 # first try without auth
38 get user_preferences_path
39 assert_response :unauthorized, "should be authenticated"
41 # authenticate as a user with no preferences
42 auth_header = basic_authorization_header create(:user).email, "test"
45 get user_preferences_path, :headers => auth_header
46 assert_select "osm" do
47 assert_select "preferences", :count => 1 do
48 assert_select "preference", :count => 0
52 # authenticate as a user with preferences
54 user_preference = create(:user_preference, :user => user)
55 user_preference2 = create(:user_preference, :user => user)
56 auth_header = basic_authorization_header user.email, "test"
59 get user_preferences_path, :headers => auth_header
60 assert_response :success
61 assert_equal "application/xml", @response.media_type
62 assert_select "osm" do
63 assert_select "preferences", :count => 1 do
64 assert_select "preference", :count => 2
65 assert_select "preference[k=\"#{user_preference.k}\"][v=\"#{user_preference.v}\"]", :count => 1
66 assert_select "preference[k=\"#{user_preference2.k}\"][v=\"#{user_preference2.v}\"]", :count => 1
71 get user_preferences_path(:format => "json"), :headers => auth_header
72 assert_response :success
73 assert_equal "application/json", @response.media_type
75 js = ActiveSupport::JSON.decode(@response.body)
77 assert_equal 2, js["preferences"].count
78 assert_equal user_preference.v, js["preferences"][user_preference.k]
82 # test showing one preference
85 create(:user_preference, :user => user, :k => "key", :v => "value")
87 # try a read without auth
88 get user_preference_path(:preference_key => "key")
89 assert_response :unauthorized, "should be authenticated"
91 # authenticate as a user with preferences
92 auth_header = basic_authorization_header user.email, "test"
95 get user_preference_path(:preference_key => "key"), :headers => auth_header
96 assert_response :success
97 assert_equal "text/plain", @response.media_type
98 assert_equal "value", @response.body
100 # try the read again for a non-existent key
101 get user_preference_path(:preference_key => "unknown_key"), :headers => auth_header
102 assert_response :not_found
106 # test bulk update action
109 create(:user_preference, :user => user, :k => "key", :v => "value")
110 create(:user_preference, :user => user, :k => "some_key", :v => "some_value")
112 # try a put without auth
113 assert_no_difference "UserPreference.count" do
114 put user_preferences_path, :params => "<osm><preferences><preference k='key' v='new_value'/><preference k='new_key' v='value'/></preferences></osm>"
116 assert_response :unauthorized, "should be authenticated"
117 assert_equal "value", UserPreference.find([user.id, "key"]).v
118 assert_equal "some_value", UserPreference.find([user.id, "some_key"]).v
119 assert_raises ActiveRecord::RecordNotFound do
120 UserPreference.find([user.id, "new_key"])
123 # authenticate as a user with preferences
124 auth_header = basic_authorization_header user.email, "test"
127 assert_no_difference "UserPreference.count" do
128 put user_preferences_path, :params => "<osm><preferences><preference k='key' v='new_value'/><preference k='new_key' v='value'/></preferences></osm>", :headers => auth_header
130 assert_response :success
131 assert_equal "text/plain", @response.media_type
132 assert_equal "", @response.body
133 assert_equal "new_value", UserPreference.find([user.id, "key"]).v
134 assert_equal "value", UserPreference.find([user.id, "new_key"]).v
135 assert_raises ActiveRecord::RecordNotFound do
136 UserPreference.find([user.id, "some_key"])
139 # try a put with duplicate keys
140 assert_no_difference "UserPreference.count" do
141 put user_preferences_path, :params => "<osm><preferences><preference k='key' v='value'/><preference k='key' v='newer_value'/></preferences></osm>", :headers => auth_header
143 assert_response :bad_request
144 assert_equal "text/plain", @response.media_type
145 assert_equal "Duplicate preferences with key key", @response.body
146 assert_equal "new_value", UserPreference.find([user.id, "key"]).v
148 # try a put with invalid content
149 assert_no_difference "UserPreference.count" do
150 put user_preferences_path, :params => "nonsense", :headers => auth_header
152 assert_response :bad_request
154 # try a put with unicode characters
155 assert_no_difference "UserPreference.count" do
156 put user_preferences_path, :params => "<osm><preferences><preference k='kêy' v='néw_vâlué'/><preference k='nêw_kêy' v='vâlué'/></preferences></osm>", :headers => auth_header
158 assert_response :success
159 assert_equal "text/plain", @response.media_type
160 assert_equal "", @response.body
161 assert_equal "néw_vâlué", UserPreference.find([user.id, "kêy"]).v
162 assert_equal "vâlué", UserPreference.find([user.id, "nêw_kêy"]).v
163 assert_raises ActiveRecord::RecordNotFound do
164 UserPreference.find([user.id, "some_key"])
172 create(:user_preference, :user => user)
174 # try a put without auth
175 assert_no_difference "UserPreference.count" do
176 put user_preference_path(:preference_key => "new_key"), :params => "new_value"
178 assert_response :unauthorized, "should be authenticated"
179 assert_raises ActiveRecord::RecordNotFound do
180 UserPreference.find([user.id, "new_key"])
183 # authenticate as a user with preferences
184 auth_header = basic_authorization_header user.email, "test"
186 # try adding a new preference
187 assert_difference "UserPreference.count", 1 do
188 put user_preference_path(:preference_key => "new_key"), :params => "new_value", :headers => auth_header
190 assert_response :success
191 assert_equal "text/plain", @response.media_type
192 assert_equal "", @response.body
193 assert_equal "new_value", UserPreference.find([user.id, "new_key"]).v
195 # try changing the value of a preference
196 assert_no_difference "UserPreference.count" do
197 put user_preference_path(:preference_key => "new_key"), :params => "newer_value", :headers => auth_header
199 assert_response :success
200 assert_equal "text/plain", @response.media_type
201 assert_equal "", @response.body
202 assert_equal "newer_value", UserPreference.find([user.id, "new_key"]).v
204 # try changing the value of a preference to include unicode characters
205 assert_difference "UserPreference.count", 1 do
206 put user_preference_path(:preference_key => "nêw_kêy"), :params => "néwèr_vâlué", :headers => auth_header
208 assert_response :success
209 assert_equal "text/plain", @response.media_type
210 assert_equal "", @response.body
211 assert_equal "néwèr_vâlué", UserPreference.find([user.id, "nêw_kêy"]).v
215 # test destroy action
218 create(:user_preference, :user => user, :k => "key", :v => "value")
220 # try a delete without auth
221 assert_no_difference "UserPreference.count" do
222 delete user_preference_path(:preference_key => "key")
224 assert_response :unauthorized, "should be authenticated"
225 assert_equal "value", UserPreference.find([user.id, "key"]).v
227 # authenticate as a user with preferences
228 auth_header = basic_authorization_header user.email, "test"
230 # try the delete again
231 assert_difference "UserPreference.count", -1 do
232 delete user_preference_path(:preference_key => "key"), :headers => auth_header
234 assert_response :success
235 assert_equal "text/plain", @response.media_type
236 assert_equal "", @response.body
237 assert_raises ActiveRecord::RecordNotFound do
238 UserPreference.find([user.id, "key"])
241 # try the delete again for the same key
242 assert_no_difference "UserPreference.count" do
243 delete user_preference_path(:preference_key => "key"), :headers => auth_header
245 assert_response :not_found
246 assert_raises ActiveRecord::RecordNotFound do
247 UserPreference.find([user.id, "key"])
251 # Ensure that a valid access token with correct capabilities can be used to
253 def test_show_using_token
255 token = create(:oauth_access_token, :resource_owner_id => user.id, :scopes => %w[read_prefs])
256 create(:user_preference, :user => user, :k => "key", :v => "value")
258 get user_preference_path(:preference_key => "key"), :headers => bearer_authorization_header(token.token)
259 assert_response :success
262 # Ensure that a valid access token with incorrect capabilities can't be used
263 # to read preferences even, though the owner of that token could read them
265 def test_show_using_token_fail
267 token = create(:oauth_access_token, :resource_owner_id => user.id)
268 create(:user_preference, :user => user, :k => "key", :v => "value")
270 get user_preference_path(:preference_key => "key"), :headers => bearer_authorization_header(token.token)
271 assert_response :forbidden