4 class PermissionsControllerTest < ActionDispatch::IntegrationTest
6 # test all routes which lead to this controller
9 { :path => "/api/0.6/permissions", :method => :get },
10 { :controller => "api/permissions", :action => "show" }
13 { :path => "/api/0.6/permissions.json", :method => :get },
14 { :controller => "api/permissions", :action => "show", :format => "json" }
18 def test_permissions_anonymous
20 assert_response :success
21 assert_select "osm > permissions", :count => 1 do
22 assert_select "permission", :count => 0
26 get permissions_path(:format => "json")
27 assert_response :success
28 assert_equal "application/json", @response.media_type
30 js = ActiveSupport::JSON.decode(@response.body)
32 assert_equal 0, js["permissions"].count
35 def test_permissions_basic_auth
36 auth_header = basic_authorization_header create(:user).email, "test"
37 get permissions_path, :headers => auth_header
38 assert_response :success
39 assert_select "osm > permissions", :count => 1 do
40 assert_select "permission", :count => ClientApplication.all_permissions.size
41 ClientApplication.all_permissions.each do |p|
42 assert_select "permission[name='#{p}']", :count => 1
47 get permissions_path(:format => "json"), :headers => auth_header
48 assert_response :success
49 assert_equal "application/json", @response.media_type
51 js = ActiveSupport::JSON.decode(@response.body)
53 assert_equal ClientApplication.all_permissions.size, js["permissions"].count
54 ClientApplication.all_permissions.each do |p|
55 assert_includes js["permissions"], p.to_s
59 def test_permissions_oauth1
60 token = create(:access_token,
61 :allow_read_prefs => true,
62 :allow_write_api => true,
63 :allow_read_gpx => false)
64 signed_get permissions_path, :oauth => { :token => token }
65 assert_response :success
66 assert_select "osm > permissions", :count => 1 do
67 assert_select "permission", :count => 2
68 assert_select "permission[name='allow_read_prefs']", :count => 1
69 assert_select "permission[name='allow_write_api']", :count => 1
70 assert_select "permission[name='allow_read_gpx']", :count => 0
74 def test_permissions_oauth2
76 token = create(:oauth_access_token,
77 :resource_owner_id => user.id,
78 :scopes => %w[read_prefs write_api])
79 get permissions_path, :headers => bearer_authorization_header(token.token)
80 assert_response :success
81 assert_select "osm > permissions", :count => 1 do
82 assert_select "permission", :count => 2
83 assert_select "permission[name='allow_read_prefs']", :count => 1
84 assert_select "permission[name='allow_write_api']", :count => 1
85 assert_select "permission[name='allow_read_gpx']", :count => 0