require "test_helper"
module Api
- class PermissionsControllerTest < ActionController::TestCase
+ class PermissionsControllerTest < ActionDispatch::IntegrationTest
##
# test all routes which lead to this controller
def test_routes
{ :path => "/api/0.6/permissions", :method => :get },
{ :controller => "api/permissions", :action => "show" }
)
+ assert_routing(
+ { :path => "/api/0.6/permissions.json", :method => :get },
+ { :controller => "api/permissions", :action => "show", :format => "json" }
+ )
end
def test_permissions_anonymous
- get :show
+ get permissions_path
assert_response :success
assert_select "osm > permissions", :count => 1 do
assert_select "permission", :count => 0
end
+
+ # Test json
+ get permissions_path(:format => "json")
+ assert_response :success
+ assert_equal "application/json", @response.media_type
+
+ js = ActiveSupport::JSON.decode(@response.body)
+ assert_not_nil js
+ assert_equal 0, js["permissions"].count
end
def test_permissions_basic_auth
- basic_authorization create(:user).email, "test"
- get :show
+ auth_header = basic_authorization_header create(:user).email, "test"
+ get permissions_path, :headers => auth_header
assert_response :success
assert_select "osm > permissions", :count => 1 do
- assert_select "permission", :count => ClientApplication.all_permissions.size
- ClientApplication.all_permissions.each do |p|
- assert_select "permission[name='#{p}']", :count => 1
+ assert_select "permission", :count => Oauth.scopes.size
+ Oauth.scopes.each do |p|
+ assert_select "permission[name='allow_#{p.name}']", :count => 1
end
end
- end
- def test_permissions_oauth
- @request.env["oauth.token"] = AccessToken.new do |token|
- # Just to test a few
- token.allow_read_prefs = true
- token.allow_write_api = true
- token.allow_read_gpx = false
+ # Test json
+ get permissions_path(:format => "json"), :headers => auth_header
+ assert_response :success
+ assert_equal "application/json", @response.media_type
+
+ js = ActiveSupport::JSON.decode(@response.body)
+ assert_not_nil js
+ assert_equal Oauth.scopes.size, js["permissions"].count
+ Oauth.scopes.each do |p|
+ assert_includes js["permissions"], "allow_#{p.name}"
end
- get :show
+ end
+
+ def test_permissions_oauth2
+ user = create(:user)
+ token = create(:oauth_access_token,
+ :resource_owner_id => user.id,
+ :scopes => %w[read_prefs write_api])
+ get permissions_path, :headers => bearer_authorization_header(token.token)
assert_response :success
assert_select "osm > permissions", :count => 1 do
assert_select "permission", :count => 2