+ # Test downloading the picture for a trace
+ def test_picture
+ # First with no auth, which should work since the trace is public
+ get :picture, :display_name => users(:normal_user).display_name, :id => gpx_files(:public_trace_file).id
+ check_trace_picture gpx_files(:public_trace_file)
+
+ # Now with some other user, which should work since the trace is public
+ get :picture, { :display_name => users(:normal_user).display_name, :id => gpx_files(:public_trace_file).id }, { :user => users(:public_user).id }
+ check_trace_picture gpx_files(:public_trace_file)
+
+ # And finally we should be able to do it with the owner of the trace
+ get :picture, { :display_name => users(:normal_user).display_name, :id => gpx_files(:public_trace_file).id }, { :user => users(:normal_user).id }
+ check_trace_picture gpx_files(:public_trace_file)
+ end
+
+ # Check the picture for an anonymous trace can't be downloaded by another user
+ def test_picture_anon
+ # First with no auth
+ get :picture, :display_name => users(:public_user).display_name, :id => gpx_files(:anon_trace_file).id
+ assert_response :forbidden
+
+ # Now with some other user, which shouldn't work since the trace is anon
+ get :picture, { :display_name => users(:public_user).display_name, :id => gpx_files(:anon_trace_file).id }, { :user => users(:normal_user).id }
+ assert_response :forbidden
+
+ # And finally we should be able to do it with the owner of the trace
+ get :picture, { :display_name => users(:public_user).display_name, :id => gpx_files(:anon_trace_file).id }, { :user => users(:public_user).id }
+ check_trace_picture gpx_files(:anon_trace_file)
+ end
+
+ # Test downloading the picture for a trace that doesn't exist
+ def test_picture_not_found
+ # First with no auth, which should work since the trace is public
+ get :picture, :display_name => users(:public_user).display_name, :id => 0
+ assert_response :not_found
+
+ # Now with some other user, which should work since the trace is public
+ get :picture, { :display_name => users(:public_user).display_name, :id => 0 }, { :user => users(:public_user).id }
+ assert_response :not_found
+
+ # And finally we should be able to do it with the owner of the trace
+ get :picture, { :display_name => users(:public_user).display_name, :id => 5 }, { :user => users(:public_user).id }
+ assert_response :not_found
+ end
+
+ # Test downloading the icon for a trace
+ def test_icon
+ # First with no auth, which should work since the trace is public
+ get :icon, :display_name => users(:normal_user).display_name, :id => gpx_files(:public_trace_file).id
+ check_trace_icon gpx_files(:public_trace_file)
+
+ # Now with some other user, which should work since the trace is public
+ get :icon, { :display_name => users(:normal_user).display_name, :id => gpx_files(:public_trace_file).id }, { :user => users(:public_user).id }
+ check_trace_icon gpx_files(:public_trace_file)
+
+ # And finally we should be able to do it with the owner of the trace
+ get :icon, { :display_name => users(:normal_user).display_name, :id => gpx_files(:public_trace_file).id }, { :user => users(:normal_user).id }
+ check_trace_icon gpx_files(:public_trace_file)
+ end
+
+ # Check the icon for an anonymous trace can't be downloaded by another user
+ def test_icon_anon
+ # First with no auth
+ get :icon, :display_name => users(:public_user).display_name, :id => gpx_files(:anon_trace_file).id
+ assert_response :forbidden
+
+ # Now with some other user, which shouldn't work since the trace is anon
+ get :icon, { :display_name => users(:public_user).display_name, :id => gpx_files(:anon_trace_file).id }, { :user => users(:normal_user).id }
+ assert_response :forbidden
+
+ # And finally we should be able to do it with the owner of the trace
+ get :icon, { :display_name => users(:public_user).display_name, :id => gpx_files(:anon_trace_file).id }, { :user => users(:public_user).id }
+ check_trace_icon gpx_files(:anon_trace_file)
+ end
+
+ # Test downloading the icon for a trace that doesn't exist
+ def test_icon_not_found
+ # First with no auth, which should work since the trace is public
+ get :icon, :display_name => users(:public_user).display_name, :id => 0
+ assert_response :not_found
+
+ # Now with some other user, which should work since the trace is public
+ get :icon, { :display_name => users(:public_user).display_name, :id => 0 }, { :user => users(:public_user).id }
+ assert_response :not_found
+
+ # And finally we should be able to do it with the owner of the trace
+ get :icon, { :display_name => users(:public_user).display_name, :id => 5 }, { :user => users(:public_user).id }
+ assert_response :not_found
+ end
+
+ # Test fetching the create page
+ def test_create_get
+ # First with no auth
+ get :create
+ assert_response :redirect
+ assert_redirected_to :controller => :user, :action => :login, :referer => trace_create_path
+
+ # Now authenticated as a user with gps.trace.visibility set
+ get :create, {}, { :user => users(:public_user).id }
+ assert_response :success
+ assert_template :create
+ assert_select "select#trace_visibility option[value=identifiable][selected]", 1
+
+ # Now authenticated as a user with gps.trace.public set
+ get :create, {}, { :user => users(:second_public_user).id }
+ assert_response :success
+ assert_template :create
+ assert_select "select#trace_visibility option[value=public][selected]", 1
+
+ # Now authenticated as a user with no preferences
+ get :create, {}, { :user => users(:normal_user).id }
+ assert_response :success
+ assert_template :create
+ assert_select "select#trace_visibility option[value=private][selected]", 1
+ end
+
+ # Test creating a trace
+ def test_create_post
+ # Get file to use
+ file = Rack::Test::UploadedFile.new(gpx_files(:public_trace_file).trace_name, "application/gpx+xml")
+
+ # First with no auth
+ post :create, :trace => { :gpx_file => file, :description => "New Trace", :tagstring => "new,trace", :visibility => "trackable" }
+ assert_response :forbidden
+
+ # Now authenticated
+ assert_not_equal "trackable", users(:public_user).preferences.where(:k => "gps.trace.visibility").first.v
+ post :create, { :trace => { :gpx_file => file, :description => "New Trace", :tagstring => "new,trace", :visibility => "trackable" } }, { :user => users(:public_user).id }
+ assert_response :redirect
+ assert_redirected_to :action => :list, :display_name => users(:public_user).display_name
+ assert_match /file has been uploaded/, flash[:notice]
+ trace = Trace.order(:id => :desc).first
+ assert_equal "1.gpx", trace.name
+ assert_equal "New Trace", trace.description
+ assert_equal "new, trace", trace.tagstring
+ assert_equal "trackable", trace.visibility
+ assert_equal false, trace.inserted
+ assert_equal File.new(gpx_files(:public_trace_file).trace_name).read, File.new(trace.trace_name).read
+ trace.destroy
+ assert_equal "trackable", users(:public_user).preferences.where(:k => "gps.trace.visibility").first.v
+ end
+