3 require "minitest/mock"
5 class TraceControllerTest < ActionController::TestCase
7 @gpx_trace_dir = Object.send("remove_const", "GPX_TRACE_DIR")
8 Object.const_set("GPX_TRACE_DIR", Rails.root.join("test", "gpx", "traces"))
10 @gpx_image_dir = Object.send("remove_const", "GPX_IMAGE_DIR")
11 Object.const_set("GPX_IMAGE_DIR", Rails.root.join("test", "gpx", "images"))
15 File.unlink(*Dir.glob(File.join(GPX_TRACE_DIR, "*.gpx")))
16 File.unlink(*Dir.glob(File.join(GPX_IMAGE_DIR, "*.gif")))
18 Object.send("remove_const", "GPX_TRACE_DIR")
19 Object.const_set("GPX_TRACE_DIR", @gpx_trace_dir)
21 Object.send("remove_const", "GPX_IMAGE_DIR")
22 Object.const_set("GPX_IMAGE_DIR", @gpx_image_dir)
26 # test all routes which lead to this controller
29 { :path => "/api/0.6/gpx/create", :method => :post },
30 { :controller => "trace", :action => "api_create" }
33 { :path => "/api/0.6/gpx/1", :method => :get },
34 { :controller => "trace", :action => "api_read", :id => "1" }
37 { :path => "/api/0.6/gpx/1", :method => :put },
38 { :controller => "trace", :action => "api_update", :id => "1" }
41 { :path => "/api/0.6/gpx/1", :method => :delete },
42 { :controller => "trace", :action => "api_delete", :id => "1" }
45 { :controller => "trace", :action => "api_read", :id => "1" },
46 { :path => "/api/0.6/gpx/1/details", :method => :get }
49 { :path => "/api/0.6/gpx/1/data", :method => :get },
50 { :controller => "trace", :action => "api_data", :id => "1" }
53 { :path => "/api/0.6/gpx/1/data.xml", :method => :get },
54 { :controller => "trace", :action => "api_data", :id => "1", :format => "xml" }
58 { :path => "/traces", :method => :get },
59 { :controller => "trace", :action => "list" }
62 { :path => "/traces/page/1", :method => :get },
63 { :controller => "trace", :action => "list", :page => "1" }
66 { :path => "/traces/tag/tagname", :method => :get },
67 { :controller => "trace", :action => "list", :tag => "tagname" }
70 { :path => "/traces/tag/tagname/page/1", :method => :get },
71 { :controller => "trace", :action => "list", :tag => "tagname", :page => "1" }
74 { :path => "/user/username/traces", :method => :get },
75 { :controller => "trace", :action => "list", :display_name => "username" }
78 { :path => "/user/username/traces/page/1", :method => :get },
79 { :controller => "trace", :action => "list", :display_name => "username", :page => "1" }
82 { :path => "/user/username/traces/tag/tagname", :method => :get },
83 { :controller => "trace", :action => "list", :display_name => "username", :tag => "tagname" }
86 { :path => "/user/username/traces/tag/tagname/page/1", :method => :get },
87 { :controller => "trace", :action => "list", :display_name => "username", :tag => "tagname", :page => "1" }
91 { :path => "/traces/mine", :method => :get },
92 { :controller => "trace", :action => "mine" }
95 { :path => "/traces/mine/page/1", :method => :get },
96 { :controller => "trace", :action => "mine", :page => "1" }
99 { :path => "/traces/mine/tag/tagname", :method => :get },
100 { :controller => "trace", :action => "mine", :tag => "tagname" }
103 { :path => "/traces/mine/tag/tagname/page/1", :method => :get },
104 { :controller => "trace", :action => "mine", :tag => "tagname", :page => "1" }
108 { :path => "/traces/rss", :method => :get },
109 { :controller => "trace", :action => "georss", :format => :rss }
112 { :path => "/traces/tag/tagname/rss", :method => :get },
113 { :controller => "trace", :action => "georss", :tag => "tagname", :format => :rss }
116 { :path => "/user/username/traces/rss", :method => :get },
117 { :controller => "trace", :action => "georss", :display_name => "username", :format => :rss }
120 { :path => "/user/username/traces/tag/tagname/rss", :method => :get },
121 { :controller => "trace", :action => "georss", :display_name => "username", :tag => "tagname", :format => :rss }
125 { :path => "/user/username/traces/1", :method => :get },
126 { :controller => "trace", :action => "view", :display_name => "username", :id => "1" }
129 { :path => "/user/username/traces/1/picture", :method => :get },
130 { :controller => "trace", :action => "picture", :display_name => "username", :id => "1" }
133 { :path => "/user/username/traces/1/icon", :method => :get },
134 { :controller => "trace", :action => "icon", :display_name => "username", :id => "1" }
138 { :path => "/trace/create", :method => :get },
139 { :controller => "trace", :action => "create" }
142 { :path => "/trace/create", :method => :post },
143 { :controller => "trace", :action => "create" }
146 { :path => "/trace/1/data", :method => :get },
147 { :controller => "trace", :action => "data", :id => "1" }
150 { :path => "/trace/1/data.xml", :method => :get },
151 { :controller => "trace", :action => "data", :id => "1", :format => "xml" }
154 { :path => "/trace/1/edit", :method => :get },
155 { :controller => "trace", :action => "edit", :id => "1" }
158 { :path => "/trace/1/edit", :method => :post },
159 { :controller => "trace", :action => "edit", :id => "1" }
162 { :path => "/trace/1/delete", :method => :post },
163 { :controller => "trace", :action => "delete", :id => "1" }
167 # Check that the list of traces is displayed
170 # The fourth test below is surpisingly sensitive to timestamp ordering when the timestamps are equal.
171 trace_a = create(:trace, :visibility => "public", :timestamp => 4.seconds.ago) do |trace|
172 create(:tracetag, :trace => trace, :tag => "London")
174 trace_b = create(:trace, :visibility => "public", :timestamp => 3.seconds.ago) do |trace|
175 create(:tracetag, :trace => trace, :tag => "Birmingham")
177 trace_c = create(:trace, :visibility => "private", :user => user, :timestamp => 2.seconds.ago) do |trace|
178 create(:tracetag, :trace => trace, :tag => "London")
180 trace_d = create(:trace, :visibility => "private", :user => user, :timestamp => 1.second.ago) do |trace|
181 create(:tracetag, :trace => trace, :tag => "Birmingham")
184 # First with the public list
186 check_trace_list [trace_b, trace_a]
188 # Restrict traces to those with a given tag
189 get :list, :params => { :tag => "London" }
190 check_trace_list [trace_a]
192 # Should see more when we are logged in
193 get :list, :session => { :user => user }
194 check_trace_list [trace_d, trace_c, trace_b, trace_a]
196 # Again, we should see more when we are logged in
197 get :list, :params => { :tag => "London" }, :session => { :user => user }
198 check_trace_list [trace_c, trace_a]
201 # Check that I can get mine
204 create(:trace, :visibility => "public") do |trace|
205 create(:tracetag, :trace => trace, :tag => "Birmingham")
207 trace_b = create(:trace, :visibility => "private", :user => user) do |trace|
208 create(:tracetag, :trace => trace, :tag => "London")
211 # First try to get it when not logged in
213 assert_redirected_to :controller => "user", :action => "login", :referer => "/traces/mine"
215 # Now try when logged in
216 get :mine, :session => { :user => user }
217 assert_redirected_to :controller => "trace", :action => "list", :display_name => user.display_name
219 # Fetch the actual list
220 get :list, :params => { :display_name => user.display_name }, :session => { :user => user }
221 check_trace_list [trace_b]
224 # Check the list of traces for a specific user
227 second_user = create(:user)
228 third_user = create(:user)
230 trace_b = create(:trace, :visibility => "public", :user => user)
231 trace_c = create(:trace, :visibility => "private", :user => user) do |trace|
232 create(:tracetag, :trace => trace, :tag => "London")
235 # Test a user with no traces
236 get :list, :params => { :display_name => second_user.display_name }
239 # Test the user with the traces - should see only public ones
240 get :list, :params => { :display_name => user.display_name }
241 check_trace_list [trace_b]
243 # Should still see only public ones when authenticated as another user
244 get :list, :params => { :display_name => user.display_name }, :session => { :user => third_user }
245 check_trace_list [trace_b]
247 # Should see all traces when authenticated as the target user
248 get :list, :params => { :display_name => user.display_name }, :session => { :user => user }
249 check_trace_list [trace_c, trace_b]
251 # Should only see traces with the correct tag when a tag is specified
252 get :list, :params => { :display_name => user.display_name, :tag => "London" }, :session => { :user => user }
253 check_trace_list [trace_c]
255 # Should get an error if the user does not exist
256 get :list, :params => { :display_name => "UnknownUser" }
257 assert_response :not_found
258 assert_template "user/no_such_user"
261 # Check a multi-page list
263 # Create several pages worth of traces
264 create_list(:trace, 50)
266 # Try and get the list
268 assert_response :success
269 assert_select "table#trace_list tbody", :count => 1 do
270 assert_select "tr", :count => 20
273 # Try and get the second page
274 get :list, :params => { :page => 2 }
275 assert_response :success
276 assert_select "table#trace_list tbody", :count => 1 do
277 assert_select "tr", :count => 20
281 # Check that the rss loads
285 # First with the public feed
286 get :georss, :params => { :format => :rss }
287 check_trace_feed Trace.visible_to_all
289 # Restrict traces to those with a given tag
290 get :georss, :params => { :tag => "London", :format => :rss }
291 check_trace_feed Trace.tagged("London").visible_to_all
293 # Restrict traces to those for a given user
294 get :georss, :params => { :display_name => user.display_name, :format => :rss }
295 check_trace_feed user.traces.visible_to_all
297 # Restrict traces to those for a given user with a tiven tag
298 get :georss, :params => { :display_name => user.display_name, :tag => "Birmingham", :format => :rss }
299 check_trace_feed user.traces.tagged("Birmingham").visible_to_all
302 # Test viewing a trace
304 public_trace_file = create(:trace, :visibility => "public")
306 # First with no auth, which should work since the trace is public
307 get :view, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
308 check_trace_view public_trace_file
310 # Now with some other user, which should work since the trace is public
311 get :view, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
312 check_trace_view public_trace_file
314 # And finally we should be able to do it with the owner of the trace
315 get :view, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
316 check_trace_view public_trace_file
319 # Check an anonymous trace can't be viewed by another user
321 anon_trace_file = create(:trace, :visibility => "private")
324 get :view, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }
325 assert_response :redirect
326 assert_redirected_to :action => :list
328 # Now with some other user, which should not work since the trace is anon
329 get :view, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => create(:user) }
330 assert_response :redirect
331 assert_redirected_to :action => :list
333 # And finally we should be able to do it with the owner of the trace
334 get :view, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => anon_trace_file.user }
335 check_trace_view anon_trace_file
338 # Test viewing a trace that doesn't exist
339 def test_view_not_found
340 deleted_trace_file = create(:trace, :deleted)
342 # First with a trace that has never existed
343 get :view, :params => { :display_name => create(:user).display_name, :id => 0 }
344 assert_response :redirect
345 assert_redirected_to :action => :list
347 # Now with a trace that has been deleted
348 get :view, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
349 assert_response :redirect
350 assert_redirected_to :action => :list
353 # Test downloading a trace
355 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
357 # First with no auth, which should work since the trace is public
358 get :data, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
359 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
361 # Now with some other user, which should work since the trace is public
362 get :data, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
363 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
365 # And finally we should be able to do it with the owner of the trace
366 get :data, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
367 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
370 # Test downloading a compressed trace
371 def test_data_compressed
372 identifiable_trace_file = create(:trace, :visibility => "identifiable", :fixture => "d")
374 # First get the data as is
375 get :data, :params => { :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id }
376 check_trace_data identifiable_trace_file, "c6422a3d8750faae49ed70e7e8a51b93", "application/x-gzip", "gpx.gz"
378 # Now ask explicitly for XML format
379 get :data, :params => { :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "xml" }
380 check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d", "application/xml", "xml"
382 # Now ask explicitly for GPX format
383 get :data, :params => { :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "gpx" }
384 check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d"
387 # Check an anonymous trace can't be downloaded by another user
389 anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
392 get :data, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }
393 assert_response :not_found
395 # Now with some other user, which shouldn't work since the trace is anon
396 get :data, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => create(:user) }
397 assert_response :not_found
399 # And finally we should be able to do it with the owner of the trace
400 get :data, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => anon_trace_file.user }
401 check_trace_data anon_trace_file, "66179ca44f1e93d8df62e2b88cbea732"
404 # Test downloading a trace that doesn't exist
405 def test_data_not_found
406 deleted_trace_file = create(:trace, :deleted)
408 # First with a trace that has never existed
409 get :data, :params => { :display_name => create(:user).display_name, :id => 0 }
410 assert_response :not_found
412 # Now with a trace that has been deleted
413 get :data, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
414 assert_response :not_found
417 # Test downloading the picture for a trace
419 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
421 # First with no auth, which should work since the trace is public
422 get :picture, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
423 check_trace_picture public_trace_file
425 # Now with some other user, which should work since the trace is public
426 get :picture, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
427 check_trace_picture public_trace_file
429 # And finally we should be able to do it with the owner of the trace
430 get :picture, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
431 check_trace_picture public_trace_file
434 # Check the picture for an anonymous trace can't be downloaded by another user
435 def test_picture_anon
436 anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
439 get :picture, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }
440 assert_response :forbidden
442 # Now with some other user, which shouldn't work since the trace is anon
443 get :picture, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => create(:user) }
444 assert_response :forbidden
446 # And finally we should be able to do it with the owner of the trace
447 get :picture, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => anon_trace_file.user }
448 check_trace_picture anon_trace_file
451 # Test downloading the picture for a trace that doesn't exist
452 def test_picture_not_found
453 deleted_trace_file = create(:trace, :deleted)
455 # First with a trace that has never existed
456 get :picture, :params => { :display_name => create(:user).display_name, :id => 0 }
457 assert_response :not_found
459 # Now with a trace that has been deleted
460 get :picture, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
461 assert_response :not_found
464 # Test downloading the icon for a trace
466 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
468 # First with no auth, which should work since the trace is public
469 get :icon, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
470 check_trace_icon public_trace_file
472 # Now with some other user, which should work since the trace is public
473 get :icon, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
474 check_trace_icon public_trace_file
476 # And finally we should be able to do it with the owner of the trace
477 get :icon, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
478 check_trace_icon public_trace_file
481 # Check the icon for an anonymous trace can't be downloaded by another user
483 anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
486 get :icon, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }
487 assert_response :forbidden
489 # Now with some other user, which shouldn't work since the trace is anon
490 get :icon, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => create(:user) }
491 assert_response :forbidden
493 # And finally we should be able to do it with the owner of the trace
494 get :icon, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => anon_trace_file.user }
495 check_trace_icon anon_trace_file
498 # Test downloading the icon for a trace that doesn't exist
499 def test_icon_not_found
500 deleted_trace_file = create(:trace, :deleted)
502 # First with a trace that has never existed
503 get :icon, :params => { :display_name => create(:user).display_name, :id => 0 }
504 assert_response :not_found
506 # Now with a trace that has been deleted
507 get :icon, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
508 assert_response :not_found
511 # Test fetching the create page
515 assert_response :redirect
516 assert_redirected_to :controller => :user, :action => :login, :referer => trace_create_path
518 # Now authenticated as a user with gps.trace.visibility set
520 create(:user_preference, :user => user, :k => "gps.trace.visibility", :v => "identifiable")
521 get :create, :session => { :user => user }
522 assert_response :success
523 assert_template :create
524 assert_select "select#trace_visibility option[value=identifiable][selected]", 1
526 # Now authenticated as a user with gps.trace.public set
527 second_user = create(:user)
528 create(:user_preference, :user => second_user, :k => "gps.trace.public", :v => "default")
529 get :create, :session => { :user => second_user }
530 assert_response :success
531 assert_template :create
532 assert_select "select#trace_visibility option[value=public][selected]", 1
534 # Now authenticated as a user with no preferences
535 third_user = create(:user)
536 get :create, :session => { :user => third_user }
537 assert_response :success
538 assert_template :create
539 assert_select "select#trace_visibility option[value=private][selected]", 1
542 # Test creating a trace
545 fixture = Rails.root.join("test", "gpx", "fixtures", "a.gpx")
546 file = Rack::Test::UploadedFile.new(fixture, "application/gpx+xml")
550 post :create, :params => { :trace => { :gpx_file => file, :description => "New Trace", :tagstring => "new,trace", :visibility => "trackable" } }
551 assert_response :forbidden
557 create(:user_preference, :user => user, :k => "gps.trace.visibility", :v => "identifiable")
558 assert_not_equal "trackable", user.preferences.where(:k => "gps.trace.visibility").first.v
559 post :create, :params => { :trace => { :gpx_file => file, :description => "New Trace", :tagstring => "new,trace", :visibility => "trackable" } }, :session => { :user => user }
560 assert_response :redirect
561 assert_redirected_to :action => :list, :display_name => user.display_name
562 assert_match /file has been uploaded/, flash[:notice]
563 trace = Trace.order(:id => :desc).first
564 assert_equal "a.gpx", trace.name
565 assert_equal "New Trace", trace.description
566 assert_equal %w[new trace], trace.tags.order(:tag).collect(&:tag)
567 assert_equal "trackable", trace.visibility
568 assert_equal false, trace.inserted
569 assert_equal File.new(fixture).read, File.new(trace.trace_name).read
571 assert_equal "trackable", user.preferences.where(:k => "gps.trace.visibility").first.v
574 # Test fetching the edit page for a trace using GET
576 public_trace_file = create(:trace, :visibility => "public")
577 deleted_trace_file = create(:trace, :deleted)
580 get :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
581 assert_response :redirect
582 assert_redirected_to :controller => :user, :action => :login, :referer => trace_edit_path(:display_name => public_trace_file.user.display_name, :id => public_trace_file.id)
584 # Now with some other user, which should fail
585 get :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
586 assert_response :forbidden
588 # Now with a trace which doesn't exist
589 get :edit, :params => { :display_name => create(:user).display_name, :id => 0 }, :session => { :user => create(:user) }
590 assert_response :not_found
592 # Now with a trace which has been deleted
593 get :edit, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
594 assert_response :not_found
596 # Finally with a trace that we are allowed to edit
597 get :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
598 assert_response :success
601 # Test fetching the edit page for a trace using POST
602 def test_edit_post_no_details
603 public_trace_file = create(:trace, :visibility => "public")
604 deleted_trace_file = create(:trace, :deleted)
607 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
608 assert_response :forbidden
610 # Now with some other user, which should fail
611 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
612 assert_response :forbidden
614 # Now with a trace which doesn't exist
615 post :edit, :params => { :display_name => create(:user).display_name, :id => 0 }, :session => { :user => create(:user) }
616 assert_response :not_found
618 # Now with a trace which has been deleted
619 post :edit, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
620 assert_response :not_found
622 # Finally with a trace that we are allowed to edit
623 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
624 assert_response :success
627 # Test saving edits to a trace
628 def test_edit_post_with_details
629 public_trace_file = create(:trace, :visibility => "public")
630 deleted_trace_file = create(:trace, :deleted)
633 new_details = { :description => "Changed description", :tagstring => "new_tag", :visibility => "private" }
636 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id, :trace => new_details }
637 assert_response :forbidden
639 # Now with some other user, which should fail
640 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id, :trace => new_details }, :session => { :user => create(:user) }
641 assert_response :forbidden
643 # Now with a trace which doesn't exist
644 post :edit, :params => { :display_name => create(:user).display_name, :id => 0 }, :session => { :user => create(:user), :trace => new_details }
645 assert_response :not_found
647 # Now with a trace which has been deleted
648 post :edit, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id, :trace => new_details }, :session => { :user => deleted_trace_file.user }
649 assert_response :not_found
651 # Finally with a trace that we are allowed to edit
652 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id, :trace => new_details }, :session => { :user => public_trace_file.user }
653 assert_response :redirect
654 assert_redirected_to :action => :view, :display_name => public_trace_file.user.display_name
655 trace = Trace.find(public_trace_file.id)
656 assert_equal new_details[:description], trace.description
657 assert_equal new_details[:tagstring], trace.tagstring
658 assert_equal new_details[:visibility], trace.visibility
661 # Test deleting a trace
663 public_trace_file = create(:trace, :visibility => "public")
664 deleted_trace_file = create(:trace, :deleted)
667 post :delete, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
668 assert_response :forbidden
670 # Now with some other user, which should fail
671 post :delete, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
672 assert_response :forbidden
674 # Now with a trace which doesn't exist
675 post :delete, :params => { :display_name => create(:user).display_name, :id => 0 }, :session => { :user => create(:user) }
676 assert_response :not_found
678 # Now with a trace has already been deleted
679 post :delete, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
680 assert_response :not_found
682 # Now with a trace that we are allowed to delete
683 post :delete, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
684 assert_response :redirect
685 assert_redirected_to :action => :list, :display_name => public_trace_file.user.display_name
686 trace = Trace.find(public_trace_file.id)
687 assert_equal false, trace.visible
689 # Finally with a trace that is deleted by an admin
690 public_trace_file = create(:trace, :visibility => "public")
691 admin = create(:administrator_user)
693 post :delete, :params => { :display_name => admin.display_name, :id => public_trace_file.id }, :session => { :user => admin }
694 assert_response :redirect
695 assert_redirected_to :action => :list, :display_name => admin.display_name
696 trace = Trace.find(public_trace_file.id)
697 assert_equal false, trace.visible
700 # Check getting a specific trace through the api
702 public_trace_file = create(:trace, :visibility => "public")
705 get :api_read, :params => { :id => public_trace_file.id }
706 assert_response :unauthorized
708 # Now with some other user, which should work since the trace is public
709 basic_authorization create(:user).display_name, "test"
710 get :api_read, :params => { :id => public_trace_file.id }
711 assert_response :success
713 # And finally we should be able to do it with the owner of the trace
714 basic_authorization public_trace_file.user.display_name, "test"
715 get :api_read, :params => { :id => public_trace_file.id }
716 assert_response :success
719 # Check an anoymous trace can't be specifically fetched by another user
720 def test_api_read_anon
721 anon_trace_file = create(:trace, :visibility => "private")
724 get :api_read, :params => { :id => anon_trace_file.id }
725 assert_response :unauthorized
727 # Now try with another user, which shouldn't work since the trace is anon
728 basic_authorization create(:user).display_name, "test"
729 get :api_read, :params => { :id => anon_trace_file.id }
730 assert_response :forbidden
732 # And finally we should be able to get the trace details with the trace owner
733 basic_authorization anon_trace_file.user.display_name, "test"
734 get :api_read, :params => { :id => anon_trace_file.id }
735 assert_response :success
738 # Check the api details for a trace that doesn't exist
739 def test_api_read_not_found
740 deleted_trace_file = create(:trace, :deleted)
742 # Try first with no auth, as it should require it
743 get :api_read, :params => { :id => 0 }
744 assert_response :unauthorized
746 # Login, and try again
747 basic_authorization deleted_trace_file.user.display_name, "test"
748 get :api_read, :params => { :id => 0 }
749 assert_response :not_found
751 # Now try a trace which did exist but has been deleted
752 basic_authorization deleted_trace_file.user.display_name, "test"
753 get :api_read, :params => { :id => deleted_trace_file.id }
754 assert_response :not_found
757 # Test downloading a trace through the api
759 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
762 get :api_data, :params => { :id => public_trace_file.id }
763 assert_response :unauthorized
765 # Now with some other user, which should work since the trace is public
766 basic_authorization create(:user).display_name, "test"
767 get :api_data, :params => { :id => public_trace_file.id }
768 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
770 # And finally we should be able to do it with the owner of the trace
771 basic_authorization public_trace_file.user.display_name, "test"
772 get :api_data, :params => { :id => public_trace_file.id }
773 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
776 # Test downloading a compressed trace through the api
777 def test_api_data_compressed
778 identifiable_trace_file = create(:trace, :visibility => "identifiable", :fixture => "d")
780 # Authenticate as the owner of the trace we will be using
781 basic_authorization identifiable_trace_file.user.display_name, "test"
783 # First get the data as is
784 get :api_data, :params => { :id => identifiable_trace_file.id }
785 check_trace_data identifiable_trace_file, "c6422a3d8750faae49ed70e7e8a51b93", "application/x-gzip", "gpx.gz"
787 # Now ask explicitly for XML format
788 get :api_data, :params => { :id => identifiable_trace_file.id, :format => "xml" }
789 check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d", "application/xml", "xml"
791 # Now ask explicitly for GPX format
792 get :api_data, :params => { :id => identifiable_trace_file.id, :format => "gpx" }
793 check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d"
796 # Check an anonymous trace can't be downloaded by another user through the api
797 def test_api_data_anon
798 anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
801 get :api_data, :params => { :id => anon_trace_file.id }
802 assert_response :unauthorized
804 # Now with some other user, which shouldn't work since the trace is anon
805 basic_authorization create(:user).display_name, "test"
806 get :api_data, :params => { :id => anon_trace_file.id }
807 assert_response :forbidden
809 # And finally we should be able to do it with the owner of the trace
810 basic_authorization anon_trace_file.user.display_name, "test"
811 get :api_data, :params => { :id => anon_trace_file.id }
812 check_trace_data anon_trace_file, "66179ca44f1e93d8df62e2b88cbea732"
815 # Test downloading a trace that doesn't exist through the api
816 def test_api_data_not_found
817 deleted_trace_file = create(:trace, :deleted)
819 # Try first with no auth, as it should require it
820 get :api_data, :params => { :id => 0 }
821 assert_response :unauthorized
823 # Login, and try again
824 basic_authorization create(:user).display_name, "test"
825 get :api_data, :params => { :id => 0 }
826 assert_response :not_found
828 # Now try a trace which did exist but has been deleted
829 basic_authorization deleted_trace_file.user.display_name, "test"
830 get :api_data, :params => { :id => deleted_trace_file.id }
831 assert_response :not_found
834 # Test creating a trace through the api
837 fixture = Rails.root.join("test", "gpx", "fixtures", "a.gpx")
838 file = Rack::Test::UploadedFile.new(fixture, "application/gpx+xml")
842 post :api_create, :params => { :file => file, :description => "New Trace", :tags => "new,trace", :visibility => "trackable" }
843 assert_response :unauthorized
849 create(:user_preference, :user => user, :k => "gps.trace.visibility", :v => "identifiable")
850 assert_not_equal "trackable", user.preferences.where(:k => "gps.trace.visibility").first.v
851 basic_authorization user.display_name, "test"
852 post :api_create, :params => { :file => file, :description => "New Trace", :tags => "new,trace", :visibility => "trackable" }
853 assert_response :success
854 trace = Trace.find(response.body.to_i)
855 assert_equal "a.gpx", trace.name
856 assert_equal "New Trace", trace.description
857 assert_equal %w[new trace], trace.tags.order(:tag).collect(&:tag)
858 assert_equal "trackable", trace.visibility
859 assert_equal false, trace.inserted
860 assert_equal File.new(fixture).read, File.new(trace.trace_name).read
862 assert_equal "trackable", user.preferences.where(:k => "gps.trace.visibility").first.v
867 # Now authenticated, with the legacy public flag
868 assert_not_equal "public", user.preferences.where(:k => "gps.trace.visibility").first.v
869 basic_authorization user.display_name, "test"
870 post :api_create, :params => { :file => file, :description => "New Trace", :tags => "new,trace", :public => 1 }
871 assert_response :success
872 trace = Trace.find(response.body.to_i)
873 assert_equal "a.gpx", trace.name
874 assert_equal "New Trace", trace.description
875 assert_equal %w[new trace], trace.tags.order(:tag).collect(&:tag)
876 assert_equal "public", trace.visibility
877 assert_equal false, trace.inserted
878 assert_equal File.new(fixture).read, File.new(trace.trace_name).read
880 assert_equal "public", user.preferences.where(:k => "gps.trace.visibility").first.v
885 # Now authenticated, with the legacy private flag
886 second_user = create(:user)
887 assert_nil second_user.preferences.where(:k => "gps.trace.visibility").first
888 basic_authorization second_user.display_name, "test"
889 post :api_create, :params => { :file => file, :description => "New Trace", :tags => "new,trace", :public => 0 }
890 assert_response :success
891 trace = Trace.find(response.body.to_i)
892 assert_equal "a.gpx", trace.name
893 assert_equal "New Trace", trace.description
894 assert_equal %w[new trace], trace.tags.order(:tag).collect(&:tag)
895 assert_equal "private", trace.visibility
896 assert_equal false, trace.inserted
897 assert_equal File.new(fixture).read, File.new(trace.trace_name).read
899 assert_equal "private", second_user.preferences.where(:k => "gps.trace.visibility").first.v
902 # Check updating a trace through the api
904 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
905 deleted_trace_file = create(:trace, :deleted)
906 anon_trace_file = create(:trace, :visibility => "private")
909 content public_trace_file.to_xml
910 put :api_update, :params => { :id => public_trace_file.id }
911 assert_response :unauthorized
913 # Now with some other user, which should fail
914 basic_authorization create(:user).display_name, "test"
915 content public_trace_file.to_xml
916 put :api_update, :params => { :id => public_trace_file.id }
917 assert_response :forbidden
919 # Now with a trace which doesn't exist
920 basic_authorization create(:user).display_name, "test"
921 content public_trace_file.to_xml
922 put :api_update, :params => { :id => 0 }
923 assert_response :not_found
925 # Now with a trace which did exist but has been deleted
926 basic_authorization deleted_trace_file.user.display_name, "test"
927 content deleted_trace_file.to_xml
928 put :api_update, :params => { :id => deleted_trace_file.id }
929 assert_response :not_found
931 # Now try an update with the wrong ID
932 basic_authorization public_trace_file.user.display_name, "test"
933 content anon_trace_file.to_xml
934 put :api_update, :params => { :id => public_trace_file.id }
935 assert_response :bad_request,
936 "should not be able to update a trace with a different ID from the XML"
938 # And finally try an update that should work
939 basic_authorization public_trace_file.user.display_name, "test"
940 t = public_trace_file
941 t.description = "Changed description"
942 t.visibility = "private"
944 put :api_update, :params => { :id => t.id }
945 assert_response :success
946 nt = Trace.find(t.id)
947 assert_equal nt.description, t.description
948 assert_equal nt.visibility, t.visibility
951 # Test that updating a trace doesn't duplicate the tags
952 def test_api_update_tags
953 tracetag = create(:tracetag)
954 trace = tracetag.trace
955 basic_authorization trace.user.display_name, "test"
958 put :api_update, :params => { :id => trace.id }
959 assert_response :success
961 updated = Trace.find(trace.id)
962 # Ensure there's only one tag in the database after updating
963 assert_equal Tracetag.count, 1
964 # The new tag object might have a different id, so check the string representation
965 assert_equal trace.tagstring, updated.tagstring
968 # Check deleting a trace through the api
970 public_trace_file = create(:trace, :visibility => "public")
973 delete :api_delete, :params => { :id => public_trace_file.id }
974 assert_response :unauthorized
976 # Now with some other user, which should fail
977 basic_authorization create(:user).display_name, "test"
978 delete :api_delete, :params => { :id => public_trace_file.id }
979 assert_response :forbidden
981 # Now with a trace which doesn't exist
982 basic_authorization create(:user).display_name, "test"
983 delete :api_delete, :params => { :id => 0 }
984 assert_response :not_found
986 # And finally we should be able to do it with the owner of the trace
987 basic_authorization public_trace_file.user.display_name, "test"
988 delete :api_delete, :params => { :id => public_trace_file.id }
989 assert_response :success
991 # Try it a second time, which should fail
992 basic_authorization public_trace_file.user.display_name, "test"
993 delete :api_delete, :params => { :id => public_trace_file.id }
994 assert_response :not_found
999 def check_trace_feed(traces)
1000 assert_response :success
1001 assert_template "georss"
1002 assert_equal "application/rss+xml", @response.content_type
1003 assert_select "rss", :count => 1 do
1004 assert_select "channel", :count => 1 do
1005 assert_select "title"
1006 assert_select "description"
1007 assert_select "link"
1008 assert_select "image"
1009 assert_select "item", :count => traces.visible.count do |items|
1010 traces.visible.order("timestamp DESC").zip(items).each do |trace, item|
1011 assert_select item, "title", trace.name
1012 assert_select item, "link", "http://test.host/user/#{trace.user.display_name}/traces/#{trace.id}"
1013 assert_select item, "guid", "http://test.host/user/#{trace.user.display_name}/traces/#{trace.id}"
1014 assert_select item, "description"
1015 # assert_select item, "dc:creator", trace.user.display_name
1016 assert_select item, "pubDate", trace.timestamp.rfc822
1023 def check_trace_list(traces)
1024 assert_response :success
1025 assert_template "list"
1028 assert_select "table#trace_list tbody", :count => 1 do
1029 assert_select "tr", :count => traces.length do |rows|
1030 traces.zip(rows).each do |trace, row|
1031 assert_select row, "a", Regexp.new(Regexp.escape(trace.name))
1032 assert_select row, "span.trace_summary", Regexp.new(Regexp.escape("(#{trace.size} points)")) if trace.inserted?
1033 assert_select row, "td", Regexp.new(Regexp.escape(trace.description))
1034 assert_select row, "td", Regexp.new(Regexp.escape("by #{trace.user.display_name}"))
1039 assert_select "h4", /Nothing here yet/
1043 def check_trace_view(trace)
1044 assert_response :success
1045 assert_template "view"
1047 assert_select "table", :count => 1 do
1048 assert_select "td", /^#{Regexp.quote(trace.name)} /
1049 assert_select "td", trace.user.display_name
1050 assert_select "td", trace.description
1054 def check_trace_data(trace, digest, content_type = "application/gpx+xml", extension = "gpx")
1055 assert_response :success
1056 assert_equal digest, Digest::MD5.hexdigest(response.body)
1057 assert_equal content_type, response.content_type
1058 assert_equal "attachment; filename=\"#{trace.id}.#{extension}\"", @response.header["Content-Disposition"]
1061 def check_trace_picture(trace)
1062 assert_response :success
1063 assert_equal "image/gif", response.content_type
1064 assert_equal trace.large_picture, response.body
1067 def check_trace_icon(trace)
1068 assert_response :success
1069 assert_equal "image/gif", response.content_type
1070 assert_equal trace.icon_picture, response.body