- post changeset_comment_path(:id => changeset), :params => { :text => "This is a comment" }, :headers => bearer_authorization_header(token.token)
- end
- assert_response :success
- end
-
- # This test does the same as above, but with basic auth, to similarly test that the
- # abilities take into account terms agreement too.
- def test_api_write_and_terms_agreed_via_basic_auth
- user = create(:user, :terms_agreed => nil)
- changeset = create(:changeset, :closed)
-
- auth_header = basic_authorization_header user.email, "test"
-
- assert_difference "ChangesetComment.count", 0 do
- post changeset_comment_path(:id => changeset, :text => "This is a comment"), :headers => auth_header
- end
- assert_response :forbidden
-
- # Try again, after agreement with the terms
- user.terms_agreed = Time.now.utc
- user.save!
-
- assert_difference "ChangesetComment.count", 1 do
- post changeset_comment_path(:id => changeset, :text => "This is a comment"), :headers => auth_header