3 require "minitest/mock"
5 class TraceControllerTest < ActionController::TestCase
7 @gpx_trace_dir = Object.send("remove_const", "GPX_TRACE_DIR")
8 Object.const_set("GPX_TRACE_DIR", Rails.root.join("test", "gpx", "traces"))
10 @gpx_image_dir = Object.send("remove_const", "GPX_IMAGE_DIR")
11 Object.const_set("GPX_IMAGE_DIR", Rails.root.join("test", "gpx", "images"))
15 File.unlink(*Dir.glob(File.join(GPX_TRACE_DIR, "*.gpx")))
16 File.unlink(*Dir.glob(File.join(GPX_IMAGE_DIR, "*.gif")))
18 Object.send("remove_const", "GPX_TRACE_DIR")
19 Object.const_set("GPX_TRACE_DIR", @gpx_trace_dir)
21 Object.send("remove_const", "GPX_IMAGE_DIR")
22 Object.const_set("GPX_IMAGE_DIR", @gpx_image_dir)
26 # test all routes which lead to this controller
29 { :path => "/api/0.6/gpx/create", :method => :post },
30 { :controller => "trace", :action => "api_create" }
33 { :path => "/api/0.6/gpx/1", :method => :get },
34 { :controller => "trace", :action => "api_read", :id => "1" }
37 { :path => "/api/0.6/gpx/1", :method => :put },
38 { :controller => "trace", :action => "api_update", :id => "1" }
41 { :path => "/api/0.6/gpx/1", :method => :delete },
42 { :controller => "trace", :action => "api_delete", :id => "1" }
45 { :controller => "trace", :action => "api_read", :id => "1" },
46 { :path => "/api/0.6/gpx/1/details", :method => :get }
49 { :path => "/api/0.6/gpx/1/data", :method => :get },
50 { :controller => "trace", :action => "api_data", :id => "1" }
53 { :path => "/api/0.6/gpx/1/data.xml", :method => :get },
54 { :controller => "trace", :action => "api_data", :id => "1", :format => "xml" }
58 { :path => "/traces", :method => :get },
59 { :controller => "trace", :action => "list" }
62 { :path => "/traces/page/1", :method => :get },
63 { :controller => "trace", :action => "list", :page => "1" }
66 { :path => "/traces/tag/tagname", :method => :get },
67 { :controller => "trace", :action => "list", :tag => "tagname" }
70 { :path => "/traces/tag/tagname/page/1", :method => :get },
71 { :controller => "trace", :action => "list", :tag => "tagname", :page => "1" }
74 { :path => "/user/username/traces", :method => :get },
75 { :controller => "trace", :action => "list", :display_name => "username" }
78 { :path => "/user/username/traces/page/1", :method => :get },
79 { :controller => "trace", :action => "list", :display_name => "username", :page => "1" }
82 { :path => "/user/username/traces/tag/tagname", :method => :get },
83 { :controller => "trace", :action => "list", :display_name => "username", :tag => "tagname" }
86 { :path => "/user/username/traces/tag/tagname/page/1", :method => :get },
87 { :controller => "trace", :action => "list", :display_name => "username", :tag => "tagname", :page => "1" }
91 { :path => "/traces/mine", :method => :get },
92 { :controller => "trace", :action => "mine" }
95 { :path => "/traces/mine/page/1", :method => :get },
96 { :controller => "trace", :action => "mine", :page => "1" }
99 { :path => "/traces/mine/tag/tagname", :method => :get },
100 { :controller => "trace", :action => "mine", :tag => "tagname" }
103 { :path => "/traces/mine/tag/tagname/page/1", :method => :get },
104 { :controller => "trace", :action => "mine", :tag => "tagname", :page => "1" }
108 { :path => "/traces/rss", :method => :get },
109 { :controller => "trace", :action => "georss", :format => :rss }
112 { :path => "/traces/tag/tagname/rss", :method => :get },
113 { :controller => "trace", :action => "georss", :tag => "tagname", :format => :rss }
116 { :path => "/user/username/traces/rss", :method => :get },
117 { :controller => "trace", :action => "georss", :display_name => "username", :format => :rss }
120 { :path => "/user/username/traces/tag/tagname/rss", :method => :get },
121 { :controller => "trace", :action => "georss", :display_name => "username", :tag => "tagname", :format => :rss }
125 { :path => "/user/username/traces/1", :method => :get },
126 { :controller => "trace", :action => "view", :display_name => "username", :id => "1" }
129 { :path => "/user/username/traces/1/picture", :method => :get },
130 { :controller => "trace", :action => "picture", :display_name => "username", :id => "1" }
133 { :path => "/user/username/traces/1/icon", :method => :get },
134 { :controller => "trace", :action => "icon", :display_name => "username", :id => "1" }
138 { :path => "/trace/create", :method => :get },
139 { :controller => "trace", :action => "create" }
142 { :path => "/trace/create", :method => :post },
143 { :controller => "trace", :action => "create" }
146 { :path => "/trace/1/data", :method => :get },
147 { :controller => "trace", :action => "data", :id => "1" }
150 { :path => "/trace/1/data.xml", :method => :get },
151 { :controller => "trace", :action => "data", :id => "1", :format => "xml" }
154 { :path => "/trace/1/edit", :method => :get },
155 { :controller => "trace", :action => "edit", :id => "1" }
158 { :path => "/trace/1/edit", :method => :post },
159 { :controller => "trace", :action => "edit", :id => "1" }
162 { :path => "/trace/1/delete", :method => :post },
163 { :controller => "trace", :action => "delete", :id => "1" }
167 # Check that the list of traces is displayed
170 # The fourth test below is surpisingly sensitive to timestamp ordering when the timestamps are equal.
171 trace_a = create(:trace, :visibility => "public", :timestamp => 4.seconds.ago) do |trace|
172 create(:tracetag, :trace => trace, :tag => "London")
174 trace_b = create(:trace, :visibility => "public", :timestamp => 3.seconds.ago) do |trace|
175 create(:tracetag, :trace => trace, :tag => "Birmingham")
177 trace_c = create(:trace, :visibility => "private", :user => user, :timestamp => 2.seconds.ago) do |trace|
178 create(:tracetag, :trace => trace, :tag => "London")
180 trace_d = create(:trace, :visibility => "private", :user => user, :timestamp => 1.second.ago) do |trace|
181 create(:tracetag, :trace => trace, :tag => "Birmingham")
184 # First with the public list
186 check_trace_list [trace_b, trace_a]
188 # Restrict traces to those with a given tag
189 get :list, :params => { :tag => "London" }
190 check_trace_list [trace_a]
192 # Should see more when we are logged in
193 get :list, :session => { :user => user }
194 check_trace_list [trace_d, trace_c, trace_b, trace_a]
196 # Again, we should see more when we are logged in
197 get :list, :params => { :tag => "London" }, :session => { :user => user }
198 check_trace_list [trace_c, trace_a]
201 # Check that I can get mine
204 create(:trace, :visibility => "public") do |trace|
205 create(:tracetag, :trace => trace, :tag => "Birmingham")
207 trace_b = create(:trace, :visibility => "private", :user => user) do |trace|
208 create(:tracetag, :trace => trace, :tag => "London")
211 # First try to get it when not logged in
213 assert_redirected_to :controller => "user", :action => "login", :referer => "/traces/mine"
215 # Now try when logged in
216 get :mine, :session => { :user => user }
217 assert_redirected_to :controller => "trace", :action => "list", :display_name => user.display_name
219 # Fetch the actual list
220 get :list, :params => { :display_name => user.display_name }, :session => { :user => user }
221 check_trace_list [trace_b]
224 # Check the list of traces for a specific user
227 second_user = create(:user)
228 third_user = create(:user)
230 trace_b = create(:trace, :visibility => "public", :user => user)
231 trace_c = create(:trace, :visibility => "private", :user => user) do |trace|
232 create(:tracetag, :trace => trace, :tag => "London")
235 # Test a user with no traces
236 get :list, :params => { :display_name => second_user.display_name }
239 # Test the user with the traces - should see only public ones
240 get :list, :params => { :display_name => user.display_name }
241 check_trace_list [trace_b]
243 # Should still see only public ones when authenticated as another user
244 get :list, :params => { :display_name => user.display_name }, :session => { :user => third_user }
245 check_trace_list [trace_b]
247 # Should see all traces when authenticated as the target user
248 get :list, :params => { :display_name => user.display_name }, :session => { :user => user }
249 check_trace_list [trace_c, trace_b]
251 # Should only see traces with the correct tag when a tag is specified
252 get :list, :params => { :display_name => user.display_name, :tag => "London" }, :session => { :user => user }
253 check_trace_list [trace_c]
255 # Should get an error if the user does not exist
256 get :list, :params => { :display_name => "UnknownUser" }
257 assert_response :not_found
258 assert_template "user/no_such_user"
261 # Check a multi-page list
263 # Create several pages worth of traces
264 create_list(:trace, 50)
266 # Try and get the list
268 assert_response :success
269 assert_select "table#trace_list tbody", :count => 1 do
270 assert_select "tr", :count => 20
273 # Try and get the second page
274 get :list, :params => { :page => 2 }
275 assert_response :success
276 assert_select "table#trace_list tbody", :count => 1 do
277 assert_select "tr", :count => 20
281 # Check that the rss loads
285 # First with the public feed
286 get :georss, :params => { :format => :rss }
287 check_trace_feed Trace.visible_to_all
289 # Restrict traces to those with a given tag
290 get :georss, :params => { :tag => "London", :format => :rss }
291 check_trace_feed Trace.tagged("London").visible_to_all
293 # Restrict traces to those for a given user
294 get :georss, :params => { :display_name => user.display_name, :format => :rss }
295 check_trace_feed user.traces.visible_to_all
297 # Restrict traces to those for a given user with a tiven tag
298 get :georss, :params => { :display_name => user.display_name, :tag => "Birmingham", :format => :rss }
299 check_trace_feed user.traces.tagged("Birmingham").visible_to_all
302 # Test viewing a trace
304 public_trace_file = create(:trace, :visibility => "public")
306 # First with no auth, which should work since the trace is public
307 get :view, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
308 check_trace_view public_trace_file
310 # Now with some other user, which should work since the trace is public
311 get :view, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
312 check_trace_view public_trace_file
314 # And finally we should be able to do it with the owner of the trace
315 get :view, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
316 check_trace_view public_trace_file
319 # Check an anonymous trace can't be viewed by another user
321 anon_trace_file = create(:trace, :visibility => "private")
324 get :view, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }
325 assert_response :redirect
326 assert_redirected_to :action => :list
328 # Now with some other user, which should not work since the trace is anon
329 get :view, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => create(:user) }
330 assert_response :redirect
331 assert_redirected_to :action => :list
333 # And finally we should be able to do it with the owner of the trace
334 get :view, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => anon_trace_file.user }
335 check_trace_view anon_trace_file
338 # Test viewing a trace that doesn't exist
339 def test_view_not_found
340 deleted_trace_file = create(:trace, :deleted)
342 # First with a trace that has never existed
343 get :view, :params => { :display_name => create(:user).display_name, :id => 0 }
344 assert_response :redirect
345 assert_redirected_to :action => :list
347 # Now with a trace that has been deleted
348 get :view, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
349 assert_response :redirect
350 assert_redirected_to :action => :list
353 # Test downloading a trace
355 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
357 # First with no auth, which should work since the trace is public
358 get :data, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
359 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
361 # Now with some other user, which should work since the trace is public
362 get :data, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
363 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
365 # And finally we should be able to do it with the owner of the trace
366 get :data, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
367 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
370 # Test downloading a compressed trace
371 def test_data_compressed
372 identifiable_trace_file = create(:trace, :visibility => "identifiable", :fixture => "d")
374 # First get the data as is
375 get :data, :params => { :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id }
376 check_trace_data identifiable_trace_file, "c6422a3d8750faae49ed70e7e8a51b93", "application/x-gzip", "gpx.gz"
378 # Now ask explicitly for XML format
379 get :data, :params => { :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "xml" }
380 check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d", "application/xml", "xml"
382 # Now ask explicitly for GPX format
383 get :data, :params => { :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "gpx" }
384 check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d"
387 # Check an anonymous trace can't be downloaded by another user
389 anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
392 get :data, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }
393 assert_response :not_found
395 # Now with some other user, which shouldn't work since the trace is anon
396 get :data, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => create(:user) }
397 assert_response :not_found
399 # And finally we should be able to do it with the owner of the trace
400 get :data, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => anon_trace_file.user }
401 check_trace_data anon_trace_file, "66179ca44f1e93d8df62e2b88cbea732"
404 # Test downloading a trace that doesn't exist
405 def test_data_not_found
406 deleted_trace_file = create(:trace, :deleted)
408 # First with a trace that has never existed
409 get :data, :params => { :display_name => create(:user).display_name, :id => 0 }
410 assert_response :not_found
412 # Now with a trace that has been deleted
413 get :data, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
414 assert_response :not_found
417 # Test downloading the picture for a trace
419 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
421 # First with no auth, which should work since the trace is public
422 get :picture, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
423 check_trace_picture public_trace_file
425 # Now with some other user, which should work since the trace is public
426 get :picture, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
427 check_trace_picture public_trace_file
429 # And finally we should be able to do it with the owner of the trace
430 get :picture, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
431 check_trace_picture public_trace_file
434 # Check the picture for an anonymous trace can't be downloaded by another user
435 def test_picture_anon
436 anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
439 get :picture, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }
440 assert_response :forbidden
442 # Now with some other user, which shouldn't work since the trace is anon
443 get :picture, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => create(:user) }
444 assert_response :forbidden
446 # And finally we should be able to do it with the owner of the trace
447 get :picture, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => anon_trace_file.user }
448 check_trace_picture anon_trace_file
451 # Test downloading the picture for a trace that doesn't exist
452 def test_picture_not_found
453 deleted_trace_file = create(:trace, :deleted)
455 # First with a trace that has never existed
456 get :picture, :params => { :display_name => create(:user).display_name, :id => 0 }
457 assert_response :not_found
459 # Now with a trace that has been deleted
460 get :picture, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
461 assert_response :not_found
464 # Test downloading the icon for a trace
466 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
468 # First with no auth, which should work since the trace is public
469 get :icon, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
470 check_trace_icon public_trace_file
472 # Now with some other user, which should work since the trace is public
473 get :icon, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
474 check_trace_icon public_trace_file
476 # And finally we should be able to do it with the owner of the trace
477 get :icon, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
478 check_trace_icon public_trace_file
481 # Check the icon for an anonymous trace can't be downloaded by another user
483 anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
486 get :icon, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }
487 assert_response :forbidden
489 # Now with some other user, which shouldn't work since the trace is anon
490 get :icon, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => create(:user) }
491 assert_response :forbidden
493 # And finally we should be able to do it with the owner of the trace
494 get :icon, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => anon_trace_file.user }
495 check_trace_icon anon_trace_file
498 # Test downloading the icon for a trace that doesn't exist
499 def test_icon_not_found
500 deleted_trace_file = create(:trace, :deleted)
502 # First with a trace that has never existed
503 get :icon, :params => { :display_name => create(:user).display_name, :id => 0 }
504 assert_response :not_found
506 # Now with a trace that has been deleted
507 get :icon, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
508 assert_response :not_found
511 # Test fetching the create page
515 assert_response :redirect
516 assert_redirected_to :controller => :user, :action => :login, :referer => trace_create_path
518 # Now authenticated as a user with gps.trace.visibility set
520 create(:user_preference, :user => user, :k => "gps.trace.visibility", :v => "identifiable")
521 get :create, :session => { :user => user }
522 assert_response :success
523 assert_template :create
524 assert_select "select#trace_visibility option[value=identifiable][selected]", 1
526 # Now authenticated as a user with gps.trace.public set
527 second_user = create(:user)
528 create(:user_preference, :user => second_user, :k => "gps.trace.public", :v => "default")
529 get :create, :session => { :user => second_user }
530 assert_response :success
531 assert_template :create
532 assert_select "select#trace_visibility option[value=public][selected]", 1
534 # Now authenticated as a user with no preferences
535 third_user = create(:user)
536 get :create, :session => { :user => third_user }
537 assert_response :success
538 assert_template :create
539 assert_select "select#trace_visibility option[value=private][selected]", 1
542 # Test creating a trace
545 fixture = Rails.root.join("test", "gpx", "fixtures", "a.gpx")
546 file = Rack::Test::UploadedFile.new(fixture, "application/gpx+xml")
550 post :create, :params => { :trace => { :gpx_file => file, :description => "New Trace", :tagstring => "new,trace", :visibility => "trackable" } }
551 assert_response :forbidden
557 create(:user_preference, :user => user, :k => "gps.trace.visibility", :v => "identifiable")
558 assert_not_equal "trackable", user.preferences.where(:k => "gps.trace.visibility").first.v
559 post :create, :params => { :trace => { :gpx_file => file, :description => "New Trace", :tagstring => "new,trace", :visibility => "trackable" } }, :session => { :user => user }
560 assert_response :redirect
561 assert_redirected_to :action => :list, :display_name => user.display_name
562 assert_match /file has been uploaded/, flash[:notice]
563 trace = Trace.order(:id => :desc).first
564 assert_equal "a.gpx", trace.name
565 assert_equal "New Trace", trace.description
566 assert_equal %w[new trace], trace.tags.order(:tag).collect(&:tag)
567 assert_equal "trackable", trace.visibility
568 assert_equal false, trace.inserted
569 assert_equal File.new(fixture).read, File.new(trace.trace_name).read
571 assert_equal "trackable", user.preferences.where(:k => "gps.trace.visibility").first.v
574 # Test fetching the edit page for a trace using GET
576 public_trace_file = create(:trace, :visibility => "public")
577 deleted_trace_file = create(:trace, :deleted)
580 get :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
581 assert_response :redirect
582 assert_redirected_to :controller => :user, :action => :login, :referer => trace_edit_path(:display_name => public_trace_file.user.display_name, :id => public_trace_file.id)
584 # Now with some other user, which should fail
585 get :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
586 assert_response :forbidden
588 # Now with a trace which doesn't exist
589 get :edit, :params => { :display_name => create(:user).display_name, :id => 0 }, :session => { :user => create(:user) }
590 assert_response :not_found
592 # Now with a trace which has been deleted
593 get :edit, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
594 assert_response :not_found
596 # Finally with a trace that we are allowed to edit
597 get :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
598 assert_response :success
601 # Test fetching the edit page for a trace using POST
602 def test_edit_post_no_details
603 public_trace_file = create(:trace, :visibility => "public")
604 deleted_trace_file = create(:trace, :deleted)
607 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
608 assert_response :forbidden
610 # Now with some other user, which should fail
611 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
612 assert_response :forbidden
614 # Now with a trace which doesn't exist
615 post :edit, :params => { :display_name => create(:user).display_name, :id => 0 }, :session => { :user => create(:user) }
616 assert_response :not_found
618 # Now with a trace which has been deleted
619 post :edit, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
620 assert_response :not_found
622 # Finally with a trace that we are allowed to edit
623 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
624 assert_response :success
627 # Test saving edits to a trace
628 def test_edit_post_with_details
629 public_trace_file = create(:trace, :visibility => "public")
630 deleted_trace_file = create(:trace, :deleted)
633 new_details = { :description => "Changed description", :tagstring => "new_tag", :visibility => "private" }
636 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id, :trace => new_details }
637 assert_response :forbidden
639 # Now with some other user, which should fail
640 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id, :trace => new_details }, :session => { :user => create(:user) }
641 assert_response :forbidden
643 # Now with a trace which doesn't exist
644 post :edit, :params => { :display_name => create(:user).display_name, :id => 0 }, :session => { :user => create(:user), :trace => new_details }
645 assert_response :not_found
647 # Now with a trace which has been deleted
648 post :edit, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id, :trace => new_details }, :session => { :user => deleted_trace_file.user }
649 assert_response :not_found
651 # Finally with a trace that we are allowed to edit
652 post :edit, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id, :trace => new_details }, :session => { :user => public_trace_file.user }
653 assert_response :redirect
654 assert_redirected_to :action => :view, :display_name => public_trace_file.user.display_name
655 trace = Trace.find(public_trace_file.id)
656 assert_equal new_details[:description], trace.description
657 assert_equal new_details[:tagstring], trace.tagstring
658 assert_equal new_details[:visibility], trace.visibility
661 # Test deleting a trace
663 public_trace_file = create(:trace, :visibility => "public")
664 deleted_trace_file = create(:trace, :deleted)
667 post :delete, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
668 assert_response :forbidden
670 # Now with some other user, which should fail
671 post :delete, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
672 assert_response :forbidden
674 # Now with a trace which doesn't exist
675 post :delete, :params => { :display_name => create(:user).display_name, :id => 0 }, :session => { :user => create(:user) }
676 assert_response :not_found
678 # Now with a trace has already been deleted
679 post :delete, :params => { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, :session => { :user => deleted_trace_file.user }
680 assert_response :not_found
682 # Finally with a trace that we are allowed to delete
683 post :delete, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
684 assert_response :redirect
685 assert_redirected_to :action => :list, :display_name => public_trace_file.user.display_name
686 trace = Trace.find(public_trace_file.id)
687 assert_equal false, trace.visible
690 # Check getting a specific trace through the api
692 public_trace_file = create(:trace, :visibility => "public")
695 get :api_read, :params => { :id => public_trace_file.id }
696 assert_response :unauthorized
698 # Now with some other user, which should work since the trace is public
699 basic_authorization create(:user).display_name, "test"
700 get :api_read, :params => { :id => public_trace_file.id }
701 assert_response :success
703 # And finally we should be able to do it with the owner of the trace
704 basic_authorization public_trace_file.user.display_name, "test"
705 get :api_read, :params => { :id => public_trace_file.id }
706 assert_response :success
709 # Check an anoymous trace can't be specifically fetched by another user
710 def test_api_read_anon
711 anon_trace_file = create(:trace, :visibility => "private")
714 get :api_read, :params => { :id => anon_trace_file.id }
715 assert_response :unauthorized
717 # Now try with another user, which shouldn't work since the trace is anon
718 basic_authorization create(:user).display_name, "test"
719 get :api_read, :params => { :id => anon_trace_file.id }
720 assert_response :forbidden
722 # And finally we should be able to get the trace details with the trace owner
723 basic_authorization anon_trace_file.user.display_name, "test"
724 get :api_read, :params => { :id => anon_trace_file.id }
725 assert_response :success
728 # Check the api details for a trace that doesn't exist
729 def test_api_read_not_found
730 deleted_trace_file = create(:trace, :deleted)
732 # Try first with no auth, as it should require it
733 get :api_read, :params => { :id => 0 }
734 assert_response :unauthorized
736 # Login, and try again
737 basic_authorization deleted_trace_file.user.display_name, "test"
738 get :api_read, :params => { :id => 0 }
739 assert_response :not_found
741 # Now try a trace which did exist but has been deleted
742 basic_authorization deleted_trace_file.user.display_name, "test"
743 get :api_read, :params => { :id => deleted_trace_file.id }
744 assert_response :not_found
747 # Test downloading a trace through the api
749 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
752 get :api_data, :params => { :id => public_trace_file.id }
753 assert_response :unauthorized
755 # Now with some other user, which should work since the trace is public
756 basic_authorization create(:user).display_name, "test"
757 get :api_data, :params => { :id => public_trace_file.id }
758 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
760 # And finally we should be able to do it with the owner of the trace
761 basic_authorization public_trace_file.user.display_name, "test"
762 get :api_data, :params => { :id => public_trace_file.id }
763 check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
766 # Test downloading a compressed trace through the api
767 def test_api_data_compressed
768 identifiable_trace_file = create(:trace, :visibility => "identifiable", :fixture => "d")
770 # Authenticate as the owner of the trace we will be using
771 basic_authorization identifiable_trace_file.user.display_name, "test"
773 # First get the data as is
774 get :api_data, :params => { :id => identifiable_trace_file.id }
775 check_trace_data identifiable_trace_file, "c6422a3d8750faae49ed70e7e8a51b93", "application/x-gzip", "gpx.gz"
777 # Now ask explicitly for XML format
778 get :api_data, :params => { :id => identifiable_trace_file.id, :format => "xml" }
779 check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d", "application/xml", "xml"
781 # Now ask explicitly for GPX format
782 get :api_data, :params => { :id => identifiable_trace_file.id, :format => "gpx" }
783 check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d"
786 # Check an anonymous trace can't be downloaded by another user through the api
787 def test_api_data_anon
788 anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
791 get :api_data, :params => { :id => anon_trace_file.id }
792 assert_response :unauthorized
794 # Now with some other user, which shouldn't work since the trace is anon
795 basic_authorization create(:user).display_name, "test"
796 get :api_data, :params => { :id => anon_trace_file.id }
797 assert_response :forbidden
799 # And finally we should be able to do it with the owner of the trace
800 basic_authorization anon_trace_file.user.display_name, "test"
801 get :api_data, :params => { :id => anon_trace_file.id }
802 check_trace_data anon_trace_file, "66179ca44f1e93d8df62e2b88cbea732"
805 # Test downloading a trace that doesn't exist through the api
806 def test_api_data_not_found
807 deleted_trace_file = create(:trace, :deleted)
809 # Try first with no auth, as it should require it
810 get :api_data, :params => { :id => 0 }
811 assert_response :unauthorized
813 # Login, and try again
814 basic_authorization create(:user).display_name, "test"
815 get :api_data, :params => { :id => 0 }
816 assert_response :not_found
818 # Now try a trace which did exist but has been deleted
819 basic_authorization deleted_trace_file.user.display_name, "test"
820 get :api_data, :params => { :id => deleted_trace_file.id }
821 assert_response :not_found
824 # Test creating a trace through the api
827 fixture = Rails.root.join("test", "gpx", "fixtures", "a.gpx")
828 file = Rack::Test::UploadedFile.new(fixture, "application/gpx+xml")
832 post :api_create, :params => { :file => file, :description => "New Trace", :tags => "new,trace", :visibility => "trackable" }
833 assert_response :unauthorized
839 create(:user_preference, :user => user, :k => "gps.trace.visibility", :v => "identifiable")
840 assert_not_equal "trackable", user.preferences.where(:k => "gps.trace.visibility").first.v
841 basic_authorization user.display_name, "test"
842 post :api_create, :params => { :file => file, :description => "New Trace", :tags => "new,trace", :visibility => "trackable" }
843 assert_response :success
844 trace = Trace.find(response.body.to_i)
845 assert_equal "a.gpx", trace.name
846 assert_equal "New Trace", trace.description
847 assert_equal %w[new trace], trace.tags.order(:tag).collect(&:tag)
848 assert_equal "trackable", trace.visibility
849 assert_equal false, trace.inserted
850 assert_equal File.new(fixture).read, File.new(trace.trace_name).read
852 assert_equal "trackable", user.preferences.where(:k => "gps.trace.visibility").first.v
857 # Now authenticated, with the legacy public flag
858 assert_not_equal "public", user.preferences.where(:k => "gps.trace.visibility").first.v
859 basic_authorization user.display_name, "test"
860 post :api_create, :params => { :file => file, :description => "New Trace", :tags => "new,trace", :public => 1 }
861 assert_response :success
862 trace = Trace.find(response.body.to_i)
863 assert_equal "a.gpx", trace.name
864 assert_equal "New Trace", trace.description
865 assert_equal %w[new trace], trace.tags.order(:tag).collect(&:tag)
866 assert_equal "public", trace.visibility
867 assert_equal false, trace.inserted
868 assert_equal File.new(fixture).read, File.new(trace.trace_name).read
870 assert_equal "public", user.preferences.where(:k => "gps.trace.visibility").first.v
875 # Now authenticated, with the legacy private flag
876 second_user = create(:user)
877 assert_nil second_user.preferences.where(:k => "gps.trace.visibility").first
878 basic_authorization second_user.display_name, "test"
879 post :api_create, :params => { :file => file, :description => "New Trace", :tags => "new,trace", :public => 0 }
880 assert_response :success
881 trace = Trace.find(response.body.to_i)
882 assert_equal "a.gpx", trace.name
883 assert_equal "New Trace", trace.description
884 assert_equal %w[new trace], trace.tags.order(:tag).collect(&:tag)
885 assert_equal "private", trace.visibility
886 assert_equal false, trace.inserted
887 assert_equal File.new(fixture).read, File.new(trace.trace_name).read
889 assert_equal "private", second_user.preferences.where(:k => "gps.trace.visibility").first.v
892 # Check updating a trace through the api
894 public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
895 deleted_trace_file = create(:trace, :deleted)
896 anon_trace_file = create(:trace, :visibility => "private")
899 content public_trace_file.to_xml
900 put :api_update, :params => { :id => public_trace_file.id }
901 assert_response :unauthorized
903 # Now with some other user, which should fail
904 basic_authorization create(:user).display_name, "test"
905 content public_trace_file.to_xml
906 put :api_update, :params => { :id => public_trace_file.id }
907 assert_response :forbidden
909 # Now with a trace which doesn't exist
910 basic_authorization create(:user).display_name, "test"
911 content public_trace_file.to_xml
912 put :api_update, :params => { :id => 0 }
913 assert_response :not_found
915 # Now with a trace which did exist but has been deleted
916 basic_authorization deleted_trace_file.user.display_name, "test"
917 content deleted_trace_file.to_xml
918 put :api_update, :params => { :id => deleted_trace_file.id }
919 assert_response :not_found
921 # Now try an update with the wrong ID
922 basic_authorization public_trace_file.user.display_name, "test"
923 content anon_trace_file.to_xml
924 put :api_update, :params => { :id => public_trace_file.id }
925 assert_response :bad_request,
926 "should not be able to update a trace with a different ID from the XML"
928 # And finally try an update that should work
929 basic_authorization public_trace_file.user.display_name, "test"
930 t = public_trace_file
931 t.description = "Changed description"
932 t.visibility = "private"
934 put :api_update, :params => { :id => t.id }
935 assert_response :success
936 nt = Trace.find(t.id)
937 assert_equal nt.description, t.description
938 assert_equal nt.visibility, t.visibility
941 # Test that updating a trace doesn't duplicate the tags
942 def test_api_update_tags
943 tracetag = create(:tracetag)
944 trace = tracetag.trace
945 basic_authorization trace.user.display_name, "test"
948 put :api_update, :params => { :id => trace.id }
949 assert_response :success
951 updated = Trace.find(trace.id)
952 # Ensure there's only one tag in the database after updating
953 assert_equal Tracetag.count, 1
954 # The new tag object might have a different id, so check the string representation
955 assert_equal trace.tagstring, updated.tagstring
958 # Check deleting a trace through the api
960 public_trace_file = create(:trace, :visibility => "public")
963 delete :api_delete, :params => { :id => public_trace_file.id }
964 assert_response :unauthorized
966 # Now with some other user, which should fail
967 basic_authorization create(:user).display_name, "test"
968 delete :api_delete, :params => { :id => public_trace_file.id }
969 assert_response :forbidden
971 # Now with a trace which doesn't exist
972 basic_authorization create(:user).display_name, "test"
973 delete :api_delete, :params => { :id => 0 }
974 assert_response :not_found
976 # And finally we should be able to do it with the owner of the trace
977 basic_authorization public_trace_file.user.display_name, "test"
978 delete :api_delete, :params => { :id => public_trace_file.id }
979 assert_response :success
981 # Try it a second time, which should fail
982 basic_authorization public_trace_file.user.display_name, "test"
983 delete :api_delete, :params => { :id => public_trace_file.id }
984 assert_response :not_found
989 def check_trace_feed(traces)
990 assert_response :success
991 assert_template "georss"
992 assert_equal "application/rss+xml", @response.content_type
993 assert_select "rss", :count => 1 do
994 assert_select "channel", :count => 1 do
995 assert_select "title"
996 assert_select "description"
998 assert_select "image"
999 assert_select "item", :count => traces.visible.count do |items|
1000 traces.visible.order("timestamp DESC").zip(items).each do |trace, item|
1001 assert_select item, "title", trace.name
1002 assert_select item, "link", "http://test.host/user/#{trace.user.display_name}/traces/#{trace.id}"
1003 assert_select item, "guid", "http://test.host/user/#{trace.user.display_name}/traces/#{trace.id}"
1004 assert_select item, "description"
1005 # assert_select item, "dc:creator", trace.user.display_name
1006 assert_select item, "pubDate", trace.timestamp.rfc822
1013 def check_trace_list(traces)
1014 assert_response :success
1015 assert_template "list"
1018 assert_select "table#trace_list tbody", :count => 1 do
1019 assert_select "tr", :count => traces.length do |rows|
1020 traces.zip(rows).each do |trace, row|
1021 assert_select row, "a", Regexp.new(Regexp.escape(trace.name))
1022 assert_select row, "span.trace_summary", Regexp.new(Regexp.escape("(#{trace.size} points)")) if trace.inserted?
1023 assert_select row, "td", Regexp.new(Regexp.escape(trace.description))
1024 assert_select row, "td", Regexp.new(Regexp.escape("by #{trace.user.display_name}"))
1029 assert_select "h4", /Nothing here yet/
1033 def check_trace_view(trace)
1034 assert_response :success
1035 assert_template "view"
1037 assert_select "table", :count => 1 do
1038 assert_select "td", /^#{Regexp.quote(trace.name)} /
1039 assert_select "td", trace.user.display_name
1040 assert_select "td", trace.description
1044 def check_trace_data(trace, digest, content_type = "application/gpx+xml", extension = "gpx")
1045 assert_response :success
1046 assert_equal digest, Digest::MD5.hexdigest(response.body)
1047 assert_equal content_type, response.content_type
1048 assert_equal "attachment; filename=\"#{trace.id}.#{extension}\"", @response.header["Content-Disposition"]
1051 def check_trace_picture(trace)
1052 assert_response :success
1053 assert_equal "image/gif", response.content_type
1054 assert_equal trace.large_picture, response.body
1057 def check_trace_icon(trace)
1058 assert_response :success
1059 assert_equal "image/gif", response.content_type
1060 assert_equal trace.icon_picture, response.body