- used_node = create(:node, :with_history)
- create(:way_node, :node => used_node)
- node_used_by_relationship = create(:node, :with_history)
- create(:relation_member, :member => node_used_by_relationship)
- node_with_versions = create(:node, :with_history, :version => 4)
-
- create(:node_tag, :node => node)
- create(:node_tag, :node => used_node)
- create(:node_tag, :node => node_used_by_relationship)
- create(:node_tag, :node => node_with_versions)
- propagate_tags(node, node.old_nodes.last)
- propagate_tags(used_node, used_node.old_nodes.last)
- propagate_tags(node_used_by_relationship, node_used_by_relationship.old_nodes.last)
- propagate_tags(node_with_versions, node_with_versions.old_nodes.last)
-
- check_current_version(node)
- check_current_version(used_node)
- check_current_version(node_used_by_relationship)
- check_current_version(node_with_versions)
- end
-
- ##
- # test the redaction of an old version of a node, while not being
- # authorised.
- def test_redact_node_unauthorised
- node = create(:node, :with_history, :version => 4)
- node_v3 = node.old_nodes.find_by(:version => 3)
-
- do_redact_node(node_v3,
- create(:redaction))
- assert_response :unauthorized, "should need to be authenticated to redact."
- end
-
- ##
- # test the redaction of an old version of a node, while being
- # authorised as a normal user.
- def test_redact_node_normal_user
- basic_authorization create(:user).email, "test"
-
- node = create(:node, :with_history, :version => 4)
- node_v3 = node.old_nodes.find_by(:version => 3)
-
- do_redact_node(node_v3,
- create(:redaction))
- assert_response :forbidden, "should need to be moderator to redact."
- end
-
- ##
- # test that, even as moderator, the current version of a node
- # can't be redacted.
- def test_redact_node_current_version
- basic_authorization create(:moderator_user).email, "test"
-
- node = create(:node, :with_history, :version => 4)
- node_v4 = node.old_nodes.find_by(:version => 4)
-
- do_redact_node(node_v4,
- create(:redaction))
- assert_response :bad_request, "shouldn't be OK to redact current version as moderator."
- end
-
- ##
- # test that redacted nodes aren't visible, regardless of
- # authorisation except as moderator...
- def test_version_redacted
- node = create(:node, :with_history, :version => 2)
- node_v1 = node.old_nodes.find_by(:version => 1)
- node_v1.redact!(create(:redaction))
-
- get :version, :params => { :id => node_v1.node_id, :version => node_v1.version }
- assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
-
- # not even to a logged-in user
- basic_authorization create(:user).email, "test"
- get :version, :params => { :id => node_v1.node_id, :version => node_v1.version }
- assert_response :forbidden, "Redacted node shouldn't be visible via the version API, even when logged in."
- end
-
- ##
- # test that redacted nodes aren't visible in the history
- def test_history_redacted
- node = create(:node, :with_history, :version => 2)
- node_v1 = node.old_nodes.find_by(:version => 1)
- node_v1.redact!(create(:redaction))
-
- get :history, :params => { :id => node_v1.node_id }
- assert_response :success, "Redaction shouldn't have stopped history working."
- assert_select "osm node[id='#{node_v1.node_id}'][version='#{node_v1.version}']", 0, "redacted node #{node_v1.node_id} version #{node_v1.version} shouldn't be present in the history."
-
- # not even to a logged-in user
- basic_authorization create(:user).email, "test"
- get :history, :params => { :id => node_v1.node_id }
- assert_response :success, "Redaction shouldn't have stopped history working."
- assert_select "osm node[id='#{node_v1.node_id}'][version='#{node_v1.version}']", 0, "redacted node #{node_v1.node_id} version #{node_v1.version} shouldn't be present in the history, even when logged in."
- end
-
- ##
- # test the redaction of an old version of a node, while being
- # authorised as a moderator.
- def test_redact_node_moderator
- node = create(:node, :with_history, :version => 4)
- node_v3 = node.old_nodes.find_by(:version => 3)
- basic_authorization create(:moderator_user).email, "test"
-
- do_redact_node(node_v3, create(:redaction))
- assert_response :success, "should be OK to redact old version as moderator."
-
- # check moderator can still see the redacted data, when passing
- # the appropriate flag
- get :version, :params => { :id => node_v3.node_id, :version => node_v3.version }
- assert_response :forbidden, "After redaction, node should be gone for moderator, when flag not passed."
- get :version, :params => { :id => node_v3.node_id, :version => node_v3.version, :show_redactions => "true" }
- assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
-
- # and when accessed via history
- get :history, :params => { :id => node_v3.node_id }
- assert_response :success, "Redaction shouldn't have stopped history working."
- assert_select "osm node[id='#{node_v3.node_id}'][version='#{node_v3.version}']", 0, "node #{node_v3.node_id} version #{node_v3.version} should not be present in the history for moderators when not passing flag."
- get :history, :params => { :id => node_v3.node_id, :show_redactions => "true" }
- assert_response :success, "Redaction shouldn't have stopped history working."
- assert_select "osm node[id='#{node_v3.node_id}'][version='#{node_v3.version}']", 1, "node #{node_v3.node_id} version #{node_v3.version} should still be present in the history for moderators when passing flag."
- end
-
- # testing that if the moderator drops auth, he can't see the
- # redacted stuff any more.
- def test_redact_node_is_redacted
- node = create(:node, :with_history, :version => 4)
- node_v3 = node.old_nodes.find_by(:version => 3)
- basic_authorization create(:moderator_user).email, "test"
-
- do_redact_node(node_v3, create(:redaction))
- assert_response :success, "should be OK to redact old version as moderator."
-
- # re-auth as non-moderator
- basic_authorization create(:user).email, "test"
-
- # check can't see the redacted data
- get :version, :params => { :id => node_v3.node_id, :version => node_v3.version }
- assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
-
- # and when accessed via history
- get :history, :params => { :id => node_v3.node_id }
- assert_response :success, "Redaction shouldn't have stopped history working."
- assert_select "osm node[id='#{node_v3.node_id}'][version='#{node_v3.version}']", 0, "redacted node #{node_v3.node_id} version #{node_v3.version} shouldn't be present in the history."
- end
-
- ##
- # test the unredaction of an old version of a node, while not being
- # authorised.
- def test_unredact_node_unauthorised
- node = create(:node, :with_history, :version => 2)
- node_v1 = node.old_nodes.find_by(:version => 1)
- node_v1.redact!(create(:redaction))
-
- post :redact, :params => { :id => node_v1.node_id, :version => node_v1.version }
- assert_response :unauthorized, "should need to be authenticated to unredact."
- end
-
- ##
- # test the unredaction of an old version of a node, while being
- # authorised as a normal user.
- def test_unredact_node_normal_user
- user = create(:user)
- node = create(:node, :with_history, :version => 2)
- node_v1 = node.old_nodes.find_by(:version => 1)
- node_v1.redact!(create(:redaction))
-
- basic_authorization user.email, "test"
-
- post :redact, :params => { :id => node_v1.node_id, :version => node_v1.version }
- assert_response :forbidden, "should need to be moderator to unredact."
- end
-
- ##
- # test the unredaction of an old version of a node, while being
- # authorised as a moderator.
- def test_unredact_node_moderator
- moderator_user = create(:moderator_user)
- node = create(:node, :with_history, :version => 2)
- node_v1 = node.old_nodes.find_by(:version => 1)
- node_v1.redact!(create(:redaction))
-
- basic_authorization moderator_user.email, "test"
-
- post :redact, :params => { :id => node_v1.node_id, :version => node_v1.version }
- assert_response :success, "should be OK to unredact old version as moderator."
-
- # check moderator can now see the redacted data, when not
- # passing the aspecial flag
- get :version, :params => { :id => node_v1.node_id, :version => node_v1.version }
- assert_response :success, "After unredaction, node should not be gone for moderator."
-
- # and when accessed via history
- get :history, :params => { :id => node_v1.node_id }
- assert_response :success, "Unredaction shouldn't have stopped history working."
- assert_select "osm node[id='#{node_v1.node_id}'][version='#{node_v1.version}']", 1, "node #{node_v1.node_id} version #{node_v1.version} should now be present in the history for moderators without passing flag."
-
- basic_authorization create(:user).email, "test"
-
- # check normal user can now see the redacted data
- get :version, :params => { :id => node_v1.node_id, :version => node_v1.version }
- assert_response :success, "After unredaction, node should be visible to normal users."
-
- # and when accessed via history
- get :history, :params => { :id => node_v1.node_id }
- assert_response :success, "Unredaction shouldn't have stopped history working."
- assert_select "osm node[id='#{node_v1.node_id}'][version='#{node_v1.version}']", 1, "node #{node_v1.node_id} version #{node_v1.version} should now be present in the history for normal users without passing flag."
- end
-
- private
-
- def do_redact_node(node, redaction)
- get :version, :params => { :id => node.node_id, :version => node.version }
- assert_response :success, "should be able to get version #{node.version} of node #{node.node_id}."
-
- # now redact it
- post :redact, :params => { :id => node.node_id, :version => node.version, :redaction => redaction.id }
- end
-
- def check_current_version(node_id)
- # get the current version of the node
- current_node = with_controller(NodesController.new) do
- get :read, :params => { :id => node_id }
- assert_response :success, "cant get current node #{node_id}"
- Node.from_xml(@response.body)