def test_api_blocked
user = create(:user, :terms_seen => false, :terms_agreed => nil)
- get "/api/#{Settings.api_version}/user/preferences", :headers => auth_header(user.display_name, "test")
+ get "/api/#{Settings.api_version}/user/preferences", :headers => bearer_authorization_header(user)
assert_response :forbidden
# touch it so that the user has seen the terms
user.terms_seen = true
user.save
- get "/api/#{Settings.api_version}/user/preferences", :headers => auth_header(user.display_name, "test")
+ get "/api/#{Settings.api_version}/user/preferences", :headers => bearer_authorization_header(user)
assert_response :success
end
get "/login"
follow_redirect!
assert_response :success
- assert_template "users/login"
+ assert_template "sessions/new"
post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
- assert_response :redirect
# but now we need to look at the terms
assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
follow_redirect!
get "/login"
follow_redirect!
assert_response :success
- assert_template "users/login"
+ assert_template "sessions/new"
post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
- assert_response :redirect
# but now we need to look at the terms
assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
get "/traces/mine", :params => { :referer => "/diary/new" }
assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
end
-
- private
-
- def auth_header(user, pass)
- { "HTTP_AUTHORIZATION" => format("Basic %<auth>s", :auth => Base64.encode64("#{user}:#{pass}")) }
- end
end