get "/api/#{Settings.api_version}/user/details"
assert_response :unauthorized
- get "/api/#{Settings.api_version}/user/details", :headers => basic_authorization_header(blocked_user.display_name, "test")
+ get "/api/#{Settings.api_version}/user/details", :headers => bearer_authorization_header(blocked_user)
assert_response :success
# now block the user
:ends_at => Time.now.utc + 5.minutes,
:deactivates_at => Time.now.utc + 5.minutes
)
- get "/api/#{Settings.api_version}/user/details", :headers => basic_authorization_header(blocked_user.display_name, "test")
+ get "/api/#{Settings.api_version}/user/details", :headers => bearer_authorization_header(blocked_user)
assert_response :forbidden
end
:ends_at => Time.now.utc + 5.minutes,
:deactivates_at => Time.now.utc + 5.minutes
)
- get "/api/#{Settings.api_version}/user/details", :headers => basic_authorization_header(blocked_user.display_name, "test")
+ get "/api/#{Settings.api_version}/user/details", :headers => bearer_authorization_header(blocked_user)
assert_response :forbidden
# revoke the ban
get "/login"
+ assert_response :redirect
+ follow_redirect!
assert_response :success
post "/login", :params => { "username" => moderator.email, "password" => "test", :referer => "/user_blocks/#{block.id}/edit" }
assert_response :redirect
reset!
# access the API again. this time it should work
- get "/api/#{Settings.api_version}/user/details", :headers => basic_authorization_header(blocked_user.display_name, "test")
+ get "/api/#{Settings.api_version}/user/details", :headers => bearer_authorization_header(blocked_user)
assert_response :success
end
end
projects / rails.git / blobdiff