4 class MessagesControllerTest < ActionDispatch::IntegrationTest
6 # test all routes which lead to this controller
9 { :path => "/api/0.6/user/messages/inbox", :method => :get },
10 { :controller => "api/messages", :action => "inbox" }
13 { :path => "/api/0.6/user/messages/inbox.xml", :method => :get },
14 { :controller => "api/messages", :action => "inbox", :format => "xml" }
17 { :path => "/api/0.6/user/messages/inbox.json", :method => :get },
18 { :controller => "api/messages", :action => "inbox", :format => "json" }
21 { :path => "/api/0.6/user/messages/outbox", :method => :get },
22 { :controller => "api/messages", :action => "outbox" }
25 { :path => "/api/0.6/user/messages/outbox.xml", :method => :get },
26 { :controller => "api/messages", :action => "outbox", :format => "xml" }
29 { :path => "/api/0.6/user/messages/outbox.json", :method => :get },
30 { :controller => "api/messages", :action => "outbox", :format => "json" }
33 { :path => "/api/0.6/user/messages/1", :method => :get },
34 { :controller => "api/messages", :action => "show", :id => "1" }
37 { :path => "/api/0.6/user/messages/1.xml", :method => :get },
38 { :controller => "api/messages", :action => "show", :id => "1", :format => "xml" }
41 { :path => "/api/0.6/user/messages/1.json", :method => :get },
42 { :controller => "api/messages", :action => "show", :id => "1", :format => "json" }
45 { :path => "/api/0.6/user/messages", :method => :post },
46 { :controller => "api/messages", :action => "create" }
49 { :path => "/api/0.6/user/messages/1", :method => :put },
50 { :controller => "api/messages", :action => "update", :id => "1" }
53 { :controller => "api/messages", :action => "update", :id => "1" },
54 { :path => "/api/0.6/user/messages/1", :method => :post }
57 { :path => "/api/0.6/user/messages/1", :method => :delete },
58 { :controller => "api/messages", :action => "destroy", :id => "1" }
62 def test_create_success
63 recipient = create(:user)
64 sender = create(:user)
66 sender_auth = bearer_authorization_header(sender, :scopes => %w[send_messages consume_messages])
70 assert_difference "Message.count", 1 do
71 assert_difference "ActionMailer::Base.deliveries.size", 1 do
72 perform_enqueued_jobs do
73 post api_messages_path,
74 :params => { :title => msg.title,
75 :recipient_id => recipient.id,
78 :headers => sender_auth
79 assert_response :success
84 assert_equal "application/json", response.media_type
85 js = ActiveSupport::JSON.decode(@response.body)
88 assert_not_nil jsm["id"]
89 assert_equal sender.id, jsm["from_user_id"]
90 assert_equal sender.display_name, jsm["from_display_name"]
91 assert_equal recipient.id, jsm["to_user_id"]
92 assert_equal recipient.display_name, jsm["to_display_name"]
93 assert_equal msg.title, jsm["title"]
94 assert_not_nil jsm["sent_on"]
95 assert_equal !msg.from_user_visible, jsm["deleted"]
96 assert_not jsm.key?("message_read")
97 assert_equal "markdown", jsm["body_format"]
98 assert_equal msg.body, jsm["body"]
102 recipient = create(:user)
104 sender = create(:user)
105 sender_auth = bearer_authorization_header(sender, :scopes => %w[send_messages consume_messages])
107 assert_no_difference "Message.count" do
108 assert_no_difference "ActionMailer::Base.deliveries.size" do
109 perform_enqueued_jobs do
110 post api_messages_path,
111 :params => { :title => "Title",
112 :recipient_id => recipient.id,
117 assert_response :unauthorized
119 assert_no_difference "Message.count" do
120 assert_no_difference "ActionMailer::Base.deliveries.size" do
121 perform_enqueued_jobs do
122 post api_messages_path,
123 :params => { :recipient_id => recipient.id,
125 :headers => sender_auth
129 assert_response :bad_request
131 assert_no_difference "Message.count" do
132 assert_no_difference "ActionMailer::Base.deliveries.size" do
133 perform_enqueued_jobs do
134 post api_messages_path,
135 :params => { :title => "Title",
137 :headers => sender_auth
141 assert_response :bad_request
143 assert_no_difference "Message.count" do
144 assert_no_difference "ActionMailer::Base.deliveries.size" do
145 perform_enqueued_jobs do
146 post api_messages_path,
147 :params => { :title => "Title",
148 :recipient_id => recipient.id },
149 :headers => sender_auth
153 assert_response :bad_request
157 recipient = create(:user)
158 sender = create(:user)
159 user3 = create(:user)
161 sender_auth = bearer_authorization_header(sender, :scopes => %w[consume_messages])
162 recipient_auth = bearer_authorization_header(recipient, :scopes => %w[consume_messages])
163 user3_auth = bearer_authorization_header(user3, :scopes => %w[send_messages consume_messages])
165 msg = create(:message, :unread, :sender => sender, :recipient => recipient)
167 # fail if not authorized
168 get api_message_path(msg)
169 assert_response :unauthorized
171 # only recipient and sender can read the message
172 get api_message_path(msg), :headers => user3_auth
173 assert_response :forbidden
175 # message does not exist
176 get api_message_path(99999), :headers => user3_auth
177 assert_response :not_found
180 get api_message_path(msg), :headers => recipient_auth
181 assert_equal "application/xml", response.media_type
182 assert_select "message", :count => 1 do
183 assert_select "[id='#{msg.id}']"
184 assert_select "[from_user_id='#{sender.id}']"
185 assert_select "[from_display_name='#{sender.display_name}']"
186 assert_select "[to_user_id='#{recipient.id}']"
187 assert_select "[to_display_name='#{recipient.display_name}']"
188 assert_select "[sent_on]"
189 assert_select "[deleted='#{!msg.to_user_visible}']"
190 assert_select "[message_read='#{msg.message_read}']"
191 assert_select "[body_format='markdown']"
192 assert_select "title", msg.title
193 assert_select "body", msg.body
197 get api_message_path(msg, :format => "json"), :headers => recipient_auth
198 assert_equal "application/json", response.media_type
199 js = ActiveSupport::JSON.decode(@response.body)
202 assert_equal msg.id, jsm["id"]
203 assert_equal sender.id, jsm["from_user_id"]
204 assert_equal sender.display_name, jsm["from_display_name"]
205 assert_equal recipient.id, jsm["to_user_id"]
206 assert_equal recipient.display_name, jsm["to_display_name"]
207 assert_equal msg.title, jsm["title"]
208 assert_not_nil jsm["sent_on"]
209 assert_equal msg.message_read, jsm["message_read"]
210 assert_equal !msg.to_user_visible, jsm["deleted"]
211 assert_equal "markdown", jsm["body_format"]
212 assert_equal msg.body, jsm["body"]
214 get api_message_path(msg), :headers => sender_auth
215 assert_equal "application/xml", response.media_type
216 assert_select "message", :count => 1 do
217 assert_select "[id='#{msg.id}']"
218 assert_select "[from_user_id='#{sender.id}']"
219 assert_select "[from_display_name='#{sender.display_name}']"
220 assert_select "[to_user_id='#{recipient.id}']"
221 assert_select "[to_display_name='#{recipient.display_name}']"
222 assert_select "[sent_on]"
223 assert_select "[deleted='#{!msg.from_user_visible}']"
224 assert_select "[message_read='#{msg.message_read}']", 0
225 assert_select "[body_format='markdown']"
226 assert_select "title", msg.title
227 assert_select "body", msg.body
231 get api_message_path(msg, :format => "json"), :headers => sender_auth
232 assert_equal "application/json", response.media_type
233 js = ActiveSupport::JSON.decode(@response.body)
236 assert_equal msg.id, jsm["id"]
237 assert_equal sender.id, jsm["from_user_id"]
238 assert_equal sender.display_name, jsm["from_display_name"]
239 assert_equal recipient.id, jsm["to_user_id"]
240 assert_equal recipient.display_name, jsm["to_display_name"]
241 assert_equal msg.title, jsm["title"]
242 assert_not_nil jsm["sent_on"]
243 assert_equal !msg.from_user_visible, jsm["deleted"]
244 assert_not jsm.key?("message_read")
245 assert_equal "markdown", jsm["body_format"]
246 assert_equal msg.body, jsm["body"]
249 def test_update_status
250 recipient = create(:user)
251 sender = create(:user)
252 user3 = create(:user)
254 recipient_auth = bearer_authorization_header(recipient, :scopes => %w[consume_messages])
255 user3_auth = bearer_authorization_header(user3, :scopes => %w[send_messages consume_messages])
257 msg = create(:message, :unread, :sender => sender, :recipient => recipient)
259 # attempt to mark message as read by recipient, not authenticated
260 put api_message_path(msg), :params => { :read_status => true }
261 assert_response :unauthorized
263 # attempt to mark message as read by recipient, not allowed
264 put api_message_path(msg), :params => { :read_status => true }, :headers => user3_auth
265 assert_response :forbidden
268 put api_message_path(msg), :headers => recipient_auth
269 assert_response :bad_request
271 # wrong type of parameter
272 put api_message_path(msg),
273 :params => { :read_status => "not a boolean" },
274 :headers => recipient_auth
275 assert_response :bad_request
277 # mark message as read by recipient
278 put api_message_path(msg, :format => "json"),
279 :params => { :read_status => true },
280 :headers => recipient_auth
281 assert_response :success
282 assert_equal "application/json", response.media_type
283 js = ActiveSupport::JSON.decode(@response.body)
286 assert_equal msg.id, jsm["id"]
287 assert_equal sender.id, jsm["from_user_id"]
288 assert_equal sender.display_name, jsm["from_display_name"]
289 assert_equal recipient.id, jsm["to_user_id"]
290 assert_equal recipient.display_name, jsm["to_display_name"]
291 assert_equal msg.title, jsm["title"]
292 assert_not_nil jsm["sent_on"]
293 assert jsm["message_read"]
294 assert_equal !msg.to_user_visible, jsm["deleted"]
295 assert_equal "markdown", jsm["body_format"]
296 assert_equal msg.body, jsm["body"]
298 # mark message as unread by recipient
299 put api_message_path(msg, :format => "json"),
300 :params => { :read_status => false },
301 :headers => recipient_auth
302 assert_response :success
303 assert_equal "application/json", response.media_type
304 js = ActiveSupport::JSON.decode(@response.body)
307 assert_equal msg.id, jsm["id"]
308 assert_equal sender.id, jsm["from_user_id"]
309 assert_equal sender.display_name, jsm["from_display_name"]
310 assert_equal recipient.id, jsm["to_user_id"]
311 assert_equal recipient.display_name, jsm["to_display_name"]
312 assert_equal msg.title, jsm["title"]
313 assert_not_nil jsm["sent_on"]
314 assert_not jsm["message_read"]
315 assert_equal !msg.to_user_visible, jsm["deleted"]
316 assert_equal "markdown", jsm["body_format"]
317 assert_equal msg.body, jsm["body"]
321 recipient = create(:user)
322 recipient_auth = bearer_authorization_header(recipient, :scopes => %w[consume_messages])
324 sender = create(:user)
325 sender_auth = bearer_authorization_header(sender, :scopes => %w[send_messages consume_messages])
327 user3 = create(:user)
328 user3_auth = bearer_authorization_header(user3, :scopes => %w[send_messages consume_messages])
330 msg = create(:message, :read, :sender => sender, :recipient => recipient)
332 # attempt to delete message, not authenticated
333 delete api_message_path(msg)
334 assert_response :unauthorized
336 # attempt to delete message, by user3
337 delete api_message_path(msg), :headers => user3_auth
338 assert_response :forbidden
340 # delete message by recipient
341 delete api_message_path(msg, :format => "json"), :headers => recipient_auth
342 assert_response :success
343 assert_equal "application/json", response.media_type
344 js = ActiveSupport::JSON.decode(@response.body)
347 assert_equal msg.id, jsm["id"]
348 assert_equal sender.id, jsm["from_user_id"]
349 assert_equal sender.display_name, jsm["from_display_name"]
350 assert_equal recipient.id, jsm["to_user_id"]
351 assert_equal recipient.display_name, jsm["to_display_name"]
352 assert_equal msg.title, jsm["title"]
353 assert_not_nil jsm["sent_on"]
354 assert_equal msg.message_read, jsm["message_read"]
355 assert jsm["deleted"]
356 assert_equal "markdown", jsm["body_format"]
357 assert_equal msg.body, jsm["body"]
359 # delete message by sender
360 delete api_message_path(msg, :format => "json"), :headers => sender_auth
361 assert_response :success
362 assert_equal "application/json", response.media_type
363 js = ActiveSupport::JSON.decode(@response.body)
366 assert_equal msg.id, jsm["id"]
367 assert_equal sender.id, jsm["from_user_id"]
368 assert_equal sender.display_name, jsm["from_display_name"]
369 assert_equal recipient.id, jsm["to_user_id"]
370 assert_equal recipient.display_name, jsm["to_display_name"]
371 assert_equal msg.title, jsm["title"]
372 assert_not_nil jsm["sent_on"]
373 assert jsm["deleted"]
374 assert_not jsm.key?("message_read")
375 assert_equal "markdown", jsm["body_format"]
376 assert_equal msg.body, jsm["body"]
379 def test_list_messages
380 user1 = create(:user)
381 user1_auth = bearer_authorization_header(user1, :scopes => %w[send_messages consume_messages])
383 user2 = create(:user)
384 user2_auth = bearer_authorization_header(user2, :scopes => %w[send_messages consume_messages])
386 user3 = create(:user)
387 user3_auth = bearer_authorization_header(user3, :scopes => %w[send_messages consume_messages])
389 # create some messages between users
390 # user | inbox | outbox
394 create(:message, :unread, :sender => user1, :recipient => user2)
395 create(:message, :unread, :sender => user1, :recipient => user2)
396 create(:message, :unread, :sender => user1, :recipient => user3)
397 create(:message, :unread, :sender => user2, :recipient => user3)
399 # only authorized users
400 get inbox_api_messages_path
401 assert_response :unauthorized
402 get outbox_api_messages_path
403 assert_response :unauthorized
405 # no messages in user1.inbox
406 get inbox_api_messages_path, :headers => user1_auth
407 assert_response :success
408 assert_equal "application/xml", response.media_type
409 assert_select "message", :count => 0
411 # 3 messages in user1.outbox
412 get outbox_api_messages_path, :headers => user1_auth
413 assert_response :success
414 assert_equal "application/xml", response.media_type
415 assert_select "message", :count => 3 do
416 assert_select "[from_user_id='#{user1.id}']"
417 assert_select "[from_display_name='#{user1.display_name}']"
418 assert_select "[to_user_id]"
419 assert_select "[to_display_name]"
420 assert_select "[sent_on]"
421 assert_select "[message_read]", 0
422 assert_select "[deleted='false']"
423 assert_select "[body_format]"
424 assert_select "body", false
425 assert_select "title"
428 # 2 messages in user2.inbox
429 get inbox_api_messages_path, :headers => user2_auth
430 assert_response :success
431 assert_equal "application/xml", response.media_type
432 assert_select "message", :count => 2 do
433 assert_select "[from_user_id]"
434 assert_select "[from_display_name]"
435 assert_select "[to_user_id='#{user2.id}']"
436 assert_select "[to_display_name='#{user2.display_name}']"
437 assert_select "[sent_on]"
438 assert_select "[message_read='false']"
439 assert_select "[deleted='false']"
440 assert_select "[body_format]"
441 assert_select "body", false
442 assert_select "title"
445 # 1 message in user2.outbox
446 get outbox_api_messages_path, :headers => user2_auth
447 assert_response :success
448 assert_equal "application/xml", response.media_type
449 assert_select "message", :count => 1 do
450 assert_select "[from_user_id='#{user2.id}']"
451 assert_select "[from_display_name='#{user2.display_name}']"
452 assert_select "[to_user_id]"
453 assert_select "[to_display_name]"
454 assert_select "[sent_on]"
455 assert_select "[deleted='false']"
456 assert_select "[message_read]", 0
457 assert_select "[body_format]"
458 assert_select "body", false
459 assert_select "title"
462 # 2 messages in user3.inbox
463 get inbox_api_messages_path, :headers => user3_auth
464 assert_response :success
465 assert_equal "application/xml", response.media_type
466 assert_select "message", :count => 2 do
467 assert_select "[from_user_id]"
468 assert_select "[from_display_name]"
469 assert_select "[to_user_id='#{user3.id}']"
470 assert_select "[to_display_name='#{user3.display_name}']"
471 assert_select "[sent_on]"
472 assert_select "[message_read='false']"
473 assert_select "[deleted='false']"
474 assert_select "[body_format]"
475 assert_select "body", false
476 assert_select "title"
479 # 0 messages in user3.outbox
480 get outbox_api_messages_path, :headers => user3_auth
481 assert_response :success
482 assert_equal "application/xml", response.media_type
483 assert_select "message", :count => 0
486 def test_paged_list_messages_asc
487 recipient = create(:user)
488 recipient_auth = bearer_authorization_header(recipient, :scopes => %w[consume_messages])
490 sender = create(:user)
492 create_list(:message, 100, :unread, :sender => sender, :recipient => recipient)
495 params = { :order => "oldest", :limit => 20 }
497 get inbox_api_messages_path(:format => "json"),
499 :headers => recipient_auth
500 assert_response :success
501 assert_equal "application/json", response.media_type
502 js = ActiveSupport::JSON.decode(@response.body)
504 assert_operator jsm.count, :<=, 20
506 break if jsm.nil? || jsm.count.zero?
508 assert_operator(jsm[0]["id"], :>=, params[:from_id]) unless params[:from_id].nil?
509 # ensure ascending order
510 (0..jsm.count - 1).each do |i|
511 assert_operator(jsm[i]["id"], :<, jsm[i + 1]["id"]) unless i == jsm.count - 1
512 msgs_read[jsm[i]["id"]] = jsm[i]
514 params[:from_id] = jsm[jsm.count - 1]["id"]
516 assert_equal 100, msgs_read.count
519 def test_paged_list_messages_desc
520 recipient = create(:user)
521 recipient_auth = bearer_authorization_header(recipient, :scopes => %w[consume_messages])
523 sender = create(:user)
525 create_list(:message, 100, :unread, :sender => sender, :recipient => recipient)
529 params = { :order => "newest", :limit => 20 }
531 get inbox_api_messages_path(:format => "json"),
533 :headers => recipient_auth
534 assert_response :success
535 assert_equal "application/json", response.media_type
536 js = ActiveSupport::JSON.decode(@response.body)
538 assert_operator jsm.count, :<=, 20
540 break if jsm.nil? || jsm.count.zero?
542 if params[:from_id].nil?
543 real_max_id = jsm[0]["id"]
545 assert_operator jsm[0]["id"], :<=, params[:from_id]
547 # ensure descending order
548 (0..jsm.count - 1).each do |i|
549 assert_operator(jsm[i]["id"], :>, jsm[i + 1]["id"]) unless i == jsm.count - 1
550 msgs_read[jsm[i]["id"]] = jsm[i]
552 params[:from_id] = jsm[jsm.count - 1]["id"]
554 assert_equal 100, msgs_read.count
555 assert_not_equal(-1, real_max_id)
557 # invoke without min_id/max_id parameters, verify that we get the last batch
558 get inbox_api_messages_path(:format => "json"), :params => { :limit => 20 }, :headers => recipient_auth
559 assert_response :success
560 assert_equal "application/json", response.media_type
561 js = ActiveSupport::JSON.decode(@response.body)
564 assert_equal real_max_id, jsm[0]["id"]