]> git.openstreetmap.org Git - rails.git/blobdiff - test/controllers/api/permissions_controller_test.rb
Merge pull request #4502 from tomhughes/oauth2-authorization-time
[rails.git] / test / controllers / api / permissions_controller_test.rb
index b927ca703af30e9c10907dd9b3ca27b0254caf15..cca85b404f8519e61c25a1567745548905c5cca5 100644 (file)
@@ -9,6 +9,10 @@ module Api
         { :path => "/api/0.6/permissions", :method => :get },
         { :controller => "api/permissions", :action => "show" }
       )
+      assert_routing(
+        { :path => "/api/0.6/permissions.json", :method => :get },
+        { :controller => "api/permissions", :action => "show", :format => "json" }
+      )
     end
 
     def test_permissions_anonymous
@@ -17,6 +21,15 @@ module Api
       assert_select "osm > permissions", :count => 1 do
         assert_select "permission", :count => 0
       end
+
+      # Test json
+      get permissions_path(:format => "json")
+      assert_response :success
+      assert_equal "application/json", @response.media_type
+
+      js = ActiveSupport::JSON.decode(@response.body)
+      assert_not_nil js
+      assert_equal 0, js["permissions"].count
     end
 
     def test_permissions_basic_auth
@@ -29,9 +42,21 @@ module Api
           assert_select "permission[name='#{p}']", :count => 1
         end
       end
+
+      # Test json
+      get permissions_path(:format => "json"), :headers => auth_header
+      assert_response :success
+      assert_equal "application/json", @response.media_type
+
+      js = ActiveSupport::JSON.decode(@response.body)
+      assert_not_nil js
+      assert_equal ClientApplication.all_permissions.size, js["permissions"].count
+      ClientApplication.all_permissions.each do |p|
+        assert_includes js["permissions"], p.to_s
+      end
     end
 
-    def test_permissions_oauth
+    def test_permissions_oauth1
       token = create(:access_token,
                      :allow_read_prefs => true,
                      :allow_write_api => true,
@@ -45,5 +70,20 @@ module Api
         assert_select "permission[name='allow_read_gpx']", :count => 0
       end
     end
+
+    def test_permissions_oauth2
+      user = create(:user)
+      token = create(:oauth_access_token,
+                     :resource_owner_id => user.id,
+                     :scopes => %w[read_prefs write_api])
+      get permissions_path, :headers => bearer_authorization_header(token.token)
+      assert_response :success
+      assert_select "osm > permissions", :count => 1 do
+        assert_select "permission", :count => 2
+        assert_select "permission[name='allow_read_prefs']", :count => 1
+        assert_select "permission[name='allow_write_api']", :count => 1
+        assert_select "permission[name='allow_read_gpx']", :count => 0
+      end
+    end
   end
 end