X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/2a649d16df01bcc49ce99c282e9bfbe44063cd9d..d479a3781a1c5437620010c5254039befec30f5c:/test/controllers/api/changesets_controller_test.rb diff --git a/test/controllers/api/changesets_controller_test.rb b/test/controllers/api/changesets_controller_test.rb index 1d7afa035..76c05fc0a 100644 --- a/test/controllers/api/changesets_controller_test.rb +++ b/test/controllers/api/changesets_controller_test.rb @@ -6,7 +6,7 @@ module Api # test all routes which lead to this controller def test_routes assert_routing( - { :path => "/api/0.6/changeset/create", :method => :put }, + { :path => "/api/0.6/changesets", :method => :post }, { :controller => "api/changesets", :action => "create" } ) assert_routing( @@ -57,6 +57,11 @@ module Api { :path => "/api/0.6/changesets.json", :method => :get }, { :controller => "api/changesets", :action => "index", :format => "json" } ) + + assert_recognizes( + { :controller => "api/changesets", :action => "create" }, + { :path => "/api/0.6/changeset/create", :method => :put } + ) end # ----------------------- @@ -64,20 +69,20 @@ module Api # ----------------------- def test_create - auth_header = basic_authorization_header create(:user, :data_public => false).email, "test" + auth_header = bearer_authorization_header create(:user, :data_public => false) # Create the first user's changeset xml = "" \ "" \ "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_require_public_data - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header # Create the first user's changeset xml = "" \ "" \ "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :success, "Creation of changeset did not return success status" newid = @response.body.to_i @@ -99,49 +104,57 @@ module Api end def test_create_invalid - auth_header = basic_authorization_header create(:user, :data_public => false).email, "test" + auth_header = bearer_authorization_header create(:user, :data_public => false) xml = "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_require_public_data ## Try the public user - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header xml = "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :bad_request, "creating a invalid changeset should fail" end def test_create_invalid_no_content ## First check with no auth - put changeset_create_path + post api_changesets_path assert_response :unauthorized, "shouldn't be able to create a changeset with no auth" ## Now try to with a non-public user - auth_header = basic_authorization_header create(:user, :data_public => false).email, "test" - put changeset_create_path, :headers => auth_header + auth_header = bearer_authorization_header create(:user, :data_public => false) + post api_changesets_path, :headers => auth_header assert_require_public_data ## Try an inactive user - auth_header = basic_authorization_header create(:user, :pending).email, "test" - put changeset_create_path, :headers => auth_header + auth_header = bearer_authorization_header create(:user, :pending) + post api_changesets_path, :headers => auth_header assert_inactive_user ## Now try to use a normal user - auth_header = basic_authorization_header create(:user).email, "test" - put changeset_create_path, :headers => auth_header + auth_header = bearer_authorization_header + post api_changesets_path, :headers => auth_header assert_response :bad_request, "creating a changeset with no content should fail" end def test_create_wrong_method - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header - get changeset_create_path, :headers => auth_header + put api_changesets_path, :headers => auth_header assert_response :not_found assert_template "rescues/routing_error" + end - post changeset_create_path, :headers => auth_header - assert_response :not_found - assert_template "rescues/routing_error" + def test_create_legacy_path + auth_header = bearer_authorization_header + xml = "" + + assert_difference "Changeset.count", 1 do + put "/api/0.6/changeset/create", :params => xml, :headers => auth_header + end + + assert_response :success, "Creation of changeset did not return success status" + assert_equal Changeset.last.id, @response.body.to_i end ## @@ -153,17 +166,19 @@ module Api get changeset_show_path(changeset) assert_response :success, "cannot get first changeset" - assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 - assert_single_changeset changeset - assert_select "osm>changeset>discussion", 0 + assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 + assert_single_changeset changeset do + assert_dom "> discussion", 0 + end get changeset_show_path(changeset), :params => { :include_discussion => true } assert_response :success, "cannot get first changeset with comments" - assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 - assert_single_changeset changeset - assert_select "osm>changeset>discussion", 1 - assert_select "osm>changeset>discussion>comment", 0 + assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 + assert_single_changeset changeset do + assert_dom "> discussion", 1 + assert_dom "> discussion > comment", 0 + end end def test_show_comments @@ -174,63 +189,93 @@ module Api get changeset_show_path(changeset), :params => { :include_discussion => true } assert_response :success, "cannot get closed changeset with comments" - assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 - assert_single_changeset changeset - assert_select "osm>changeset>discussion", 1 - assert_select "osm>changeset>discussion>comment", 3 - assert_select "osm>changeset>discussion>comment:nth-child(1)>@id", comment1.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(1)>@visible", "true" - assert_select "osm>changeset>discussion>comment:nth-child(2)>@id", comment2.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(2)>@visible", "true" - assert_select "osm>changeset>discussion>comment:nth-child(3)>@id", comment3.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(3)>@visible", "true" + assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 do + assert_single_changeset changeset do + assert_dom "> discussion", 1 do + assert_dom "> comment", 3 do |dom_comments| + assert_dom dom_comments[0], "> @id", comment1.id.to_s + assert_dom dom_comments[0], "> @visible", "true" + assert_dom dom_comments[1], "> @id", comment2.id.to_s + assert_dom dom_comments[1], "> @visible", "true" + assert_dom dom_comments[2], "> @id", comment3.id.to_s + assert_dom dom_comments[2], "> @visible", "true" + end + end + end + end # one hidden comment not included because not asked for comment2.update(:visible => false) + changeset.reload get changeset_show_path(changeset), :params => { :include_discussion => true } assert_response :success, "cannot get closed changeset with comments" - assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 - assert_single_changeset changeset - assert_select "osm>changeset>discussion", 1 - assert_select "osm>changeset>discussion>comment", 2 - assert_select "osm>changeset>discussion>comment:nth-child(1)>@id", comment1.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(1)>@visible", "true" - assert_select "osm>changeset>discussion>comment:nth-child(2)>@id", comment3.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(2)>@visible", "true" + assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 + assert_single_changeset changeset do + assert_dom "> discussion", 1 do + assert_dom "> comment", 2 do |dom_comments| + assert_dom dom_comments[0], "> @id", comment1.id.to_s + assert_dom dom_comments[0], "> @visible", "true" + assert_dom dom_comments[1], "> @id", comment3.id.to_s + assert_dom dom_comments[1], "> @visible", "true" + end + end + end # one hidden comment not included because no permissions get changeset_show_path(changeset), :params => { :include_discussion => true, :show_hidden_comments => true } assert_response :success, "cannot get closed changeset with comments" - assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 - assert_single_changeset changeset - assert_select "osm>changeset>discussion", 1 - assert_select "osm>changeset>discussion>comment", 2 - assert_select "osm>changeset>discussion>comment:nth-child(1)>@id", comment1.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(1)>@visible", "true" - # maybe will show an empty comment element with visible=false in the future - assert_select "osm>changeset>discussion>comment:nth-child(2)>@id", comment3.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(2)>@visible", "true" + assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 + assert_single_changeset changeset do + assert_dom "> discussion", 1 do + assert_dom "> comment", 2 do |dom_comments| + assert_dom dom_comments[0], "> @id", comment1.id.to_s + assert_dom dom_comments[0], "> @visible", "true" + # maybe will show an empty comment element with visible=false in the future + assert_dom dom_comments[1], "> @id", comment3.id.to_s + assert_dom dom_comments[1], "> @visible", "true" + end + end + end # one hidden comment shown to moderators moderator_user = create(:moderator_user) - auth_header = basic_authorization_header moderator_user.email, "test" + auth_header = bearer_authorization_header moderator_user get changeset_show_path(changeset), :params => { :include_discussion => true, :show_hidden_comments => true }, :headers => auth_header assert_response :success, "cannot get closed changeset with comments" - assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 - assert_single_changeset changeset - assert_select "osm>changeset>discussion", 1 - assert_select "osm>changeset>discussion>comment", 3 - assert_select "osm>changeset>discussion>comment:nth-child(1)>@id", comment1.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(1)>@visible", "true" - assert_select "osm>changeset>discussion>comment:nth-child(2)>@id", comment2.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(2)>@visible", "false" - assert_select "osm>changeset>discussion>comment:nth-child(3)>@id", comment3.id.to_s - assert_select "osm>changeset>discussion>comment:nth-child(3)>@visible", "true" + assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 + assert_single_changeset changeset do + assert_dom "> discussion", 1 do + assert_dom "> comment", 3 do |dom_comments| + assert_dom dom_comments[0], "> @id", comment1.id.to_s + assert_dom dom_comments[0], "> @visible", "true" + assert_dom dom_comments[1], "> @id", comment2.id.to_s + assert_dom dom_comments[1], "> @visible", "false" + assert_dom dom_comments[2], "> @id", comment3.id.to_s + assert_dom dom_comments[2], "> @visible", "true" + end + end + end + end + + def test_show_tags + changeset = create(:changeset, :closed) + create(:changeset_tag, :changeset => changeset, :k => "created_by", :v => "JOSM/1.5 (18364)") + create(:changeset_tag, :changeset => changeset, :k => "comment", :v => "changeset comment") + + get changeset_show_path(changeset) + + assert_response :success + assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 + assert_single_changeset changeset do + assert_dom "> tag", 2 + assert_dom "> tag[k='created_by'][v='JOSM/1.5 (18364)']", 1 + assert_dom "> tag[k='comment'][v='changeset comment']", 1 + end end def test_show_json @@ -289,6 +334,7 @@ module Api # one hidden comment not included because not asked for comment1.update(:visible => false) + changeset.reload get changeset_show_path(changeset), :params => { :format => "json", :include_discussion => true } assert_response :success, "cannot get closed changeset with comments" @@ -322,7 +368,7 @@ module Api # one hidden comment shown to moderators moderator_user = create(:moderator_user) - auth_header = basic_authorization_header moderator_user.email, "test" + auth_header = bearer_authorization_header moderator_user get changeset_show_path(changeset), :params => { :format => "json", :include_discussion => true, :show_hidden_comments => true }, :headers => auth_header assert_response :success, "cannot get closed changeset with comments" @@ -341,39 +387,22 @@ module Api assert js["changeset"]["comments"][2]["visible"] end - def test_show_tag_and_discussion_json + def test_show_tags_json changeset = create(:changeset, :closed) + create(:changeset_tag, :changeset => changeset, :k => "created_by", :v => "JOSM/1.5 (18364)") + create(:changeset_tag, :changeset => changeset, :k => "comment", :v => "changeset comment") - tag1 = ChangesetTag.new - tag1.changeset_id = changeset.id - tag1.k = "created_by" - tag1.v = "JOSM/1.5 (18364)" - - tag2 = ChangesetTag.new - tag2.changeset_id = changeset.id - tag2.k = "comment" - tag2.v = "changeset comment" - - changeset.changeset_tags = [tag1, tag2] - - create_list(:changeset_comment, 3, :changeset_id => changeset.id) - - get changeset_show_path(changeset), :params => { :format => "json", :include_discussion => true } - assert_response :success, "cannot get closed changeset with comments" + get changeset_show_path(changeset, :format => "json") + assert_response :success js = ActiveSupport::JSON.decode(@response.body) - assert_not_nil js assert_equal Settings.api_version, js["version"] assert_equal Settings.generator, js["generator"] assert_single_changeset_json changeset, js assert_equal 2, js["changeset"]["tags"].count - assert_equal 3, js["changeset"]["comments"].count - assert_equal 3, js["changeset"]["comments_count"] - assert_equal 0, js["changeset"]["changes_count"] - assert_not_nil js["changeset"]["comments"][0]["uid"] - assert_not_nil js["changeset"]["comments"][0]["user"] - assert_not_nil js["changeset"]["comments"][0]["text"] + assert_equal "JOSM/1.5 (18364)", js["changeset"]["tags"]["created_by"] + assert_equal "changeset comment", js["changeset"]["tags"]["comment"] end def test_show_bbox_json @@ -416,12 +445,12 @@ module Api assert_response :unauthorized ## Try using the non-public user - auth_header = basic_authorization_header private_user.email, "test" + auth_header = bearer_authorization_header private_user put changeset_close_path(private_changeset), :headers => auth_header assert_require_public_data ## The try with the public user - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user cs_id = changeset.id put changeset_close_path(cs_id), :headers => auth_header @@ -439,7 +468,7 @@ module Api user = create(:user) changeset = create(:changeset) - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user put changeset_close_path(changeset), :headers => auth_header assert_response :conflict @@ -452,7 +481,7 @@ module Api user = create(:user) changeset = create(:changeset, :user => user) - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user get changeset_close_path(changeset), :headers => auth_header assert_response :not_found @@ -477,7 +506,7 @@ module Api end # Now try with auth - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header cs_ids.each do |id| put changeset_close_path(id), :headers => auth_header assert_response :not_found, "The changeset #{id} doesn't exist, so can't be closed" @@ -534,7 +563,7 @@ module Api "shouldn't be able to upload a simple valid diff to changeset: #{@response.body}" ## Now try with a private user - auth_header = basic_authorization_header private_user.email, "test" + auth_header = bearer_authorization_header private_user changeset_id = private_changeset.id # simple diff to change a node, way and relation by removing @@ -563,7 +592,7 @@ module Api "can't upload a simple valid diff to changeset: #{@response.body}" ## Now try with the public user - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user changeset_id = changeset.id # simple diff to change a node, way and relation by removing @@ -606,7 +635,7 @@ module Api way = create(:way_with_nodes, :nodes_count => 2) relation = create(:relation) - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user # simple diff to create a node way and relation using placeholders diff = <<~CHANGESET @@ -677,7 +706,7 @@ module Api create(:relation_member, :relation => super_relation, :member => used_way) create(:relation_member, :relation => super_relation, :member => used_node) - auth_header = basic_authorization_header changeset.user.display_name, "test" + auth_header = bearer_authorization_header changeset.user diff = XML::Document.new diff.root = XML::Node.new "osmChange" @@ -719,7 +748,7 @@ module Api node = create(:node) changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.display_name, "test" + auth_header = bearer_authorization_header changeset.user diff = "" # upload it @@ -736,14 +765,14 @@ module Api def test_repeated_changeset_create 3.times do - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header # create a temporary changeset xml = "" \ "" \ "" assert_difference "Changeset.count", 1 do - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header end assert_response :success end @@ -751,13 +780,13 @@ module Api def test_upload_large_changeset user = create(:user) - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user # create an old changeset to ensure we have the maximum rate limit create(:changeset, :user => user, :created_at => Time.now.utc - 28.days) # create a changeset - put changeset_create_path, :params => "", :headers => auth_header + post api_changesets_path, :params => "", :headers => auth_header assert_response :success, "Should be able to create a changeset: #{@response.body}" changeset_id = @response.body.to_i @@ -813,7 +842,7 @@ module Api create(:relation_member, :relation => relation, :member => used_way) create(:relation_member, :relation => relation, :member => used_node) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = XML::Document.new diff.root = XML::Node.new "osmChange" @@ -855,7 +884,7 @@ module Api create(:relation_member, :relation => super_relation, :member => used_way) create(:relation_member, :relation => super_relation, :member => used_node) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = XML::Document.new diff.root = XML::Node.new "osmChange" @@ -911,7 +940,7 @@ module Api def test_upload_invalid_too_long_tag changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user # simple diff to create a node way and relation using placeholders diff = <<~CHANGESET @@ -941,7 +970,7 @@ module Api changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user # simple diff to create a node way and relation using placeholders diff = <<~CHANGESET @@ -1000,7 +1029,7 @@ module Api relation = create(:relation) other_relation = create(:relation) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user # simple diff to create a node way and relation using placeholders diff = <<~CHANGESET @@ -1043,7 +1072,7 @@ module Api def test_upload_multiple_valid node = create(:node) changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user # change the location of a node multiple times, each time referencing # the last version. doesn't this depend on version numbers being @@ -1081,7 +1110,7 @@ module Api node = create(:node) changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1103,7 +1132,7 @@ module Api def test_upload_missing_version changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1124,7 +1153,7 @@ module Api def test_action_upload_invalid changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1149,7 +1178,7 @@ module Api other_relation = create(:relation) create(:relation_tag, :relation => relation) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1184,7 +1213,7 @@ module Api def test_upload_reuse_placeholder_valid changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1218,7 +1247,7 @@ module Api def test_upload_placeholder_invalid changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1256,7 +1285,7 @@ module Api def test_upload_process_order changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1280,7 +1309,7 @@ module Api def test_upload_duplicate_delete changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1327,7 +1356,7 @@ module Api changeset = create(:changeset) way = create(:way) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1382,7 +1411,7 @@ module Api changeset = create(:changeset) relation = create(:relation) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user diff = <<~CHANGESET @@ -1434,12 +1463,12 @@ module Api # test what happens if a diff is uploaded containing only a node # move. def test_upload_node_move - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header xml = "" \ "" \ "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i @@ -1471,12 +1500,12 @@ module Api ## # test what happens if a diff is uploaded adding a node to a way. def test_upload_way_extend - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header xml = "" \ "" \ "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i @@ -1512,7 +1541,7 @@ module Api def test_upload_empty_invalid changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user ["", "", @@ -1532,7 +1561,7 @@ module Api node = create(:node) create(:relation_member, :member => node) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user # try and delete a node that is in use diff = XML::Document.new @@ -1556,7 +1585,7 @@ module Api def test_upload_not_found changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user # modify node diff = <<~CHANGESET @@ -1640,7 +1669,7 @@ module Api def test_upload_relation_placeholder_not_fix changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user # modify node diff = <<~CHANGESET @@ -1674,7 +1703,7 @@ module Api def test_upload_multiple_delete_block changeset = create(:changeset) - auth_header = basic_authorization_header changeset.user.email, "test" + auth_header = bearer_authorization_header changeset.user node = create(:node) way = create(:way) @@ -1717,7 +1746,7 @@ module Api :num_changes => Settings.initial_changes_per_hour - 2) # create authentication header - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user # simple diff to create a node way and relation using placeholders diff = <<~CHANGESET @@ -1772,7 +1801,7 @@ module Api end # create authentication header - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user # simple diff to create a node way and relation using placeholders diff = <<~CHANGESET @@ -1813,7 +1842,7 @@ module Api :max_lat => (0.5 * GeoRecord::SCALE).round, :max_lon => (2.5 * GeoRecord::SCALE).round) # create authentication header - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user # simple diff to create a node diff = <<~CHANGESET @@ -1847,7 +1876,7 @@ module Api :max_lat => (0.5 * GeoRecord::SCALE).round, :max_lon => (2.5 * GeoRecord::SCALE).round) # create authentication header - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user # simple diff to create a node way and relation using placeholders diff = <<~CHANGESET @@ -1873,23 +1902,23 @@ module Api node = create(:node) ## First try with a non-public user, which should get a forbidden - auth_header = basic_authorization_header create(:user, :data_public => false).email, "test" + auth_header = bearer_authorization_header create(:user, :data_public => false) # create a temporary changeset xml = "" \ "" \ "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :forbidden ## Now try with a normal user - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header # create a temporary changeset xml = "" \ "" \ "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i @@ -1928,13 +1957,13 @@ module Api # # NOTE: the error turned out to be something else completely! def test_josm_upload - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header # create a temporary changeset xml = "" \ "" \ "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i @@ -1989,13 +2018,13 @@ module Api node = create(:node) node2 = create(:node) way = create(:way) - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header # create a temporary changeset xml = "" \ "" \ "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i @@ -2104,18 +2133,18 @@ module Api way = create(:way) create(:way_node, :way => way, :node => create(:node, :lat => 0.3, :lon => 0.3)) - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header # create a new changeset xml = "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :success, "Creating of changeset failed." changeset_id = @response.body.to_i # add a single node to it with_controller(NodesController.new) do xml = "" - put node_create_path, :params => xml, :headers => auth_header + post api_nodes_path, :params => xml, :headers => auth_header assert_response :success, "Couldn't create node." end @@ -2130,7 +2159,7 @@ module Api # add another node to it with_controller(NodesController.new) do xml = "" - put node_create_path, :params => xml, :headers => auth_header + post api_nodes_path, :params => xml, :headers => auth_header assert_response :success, "Couldn't create second node." end @@ -2193,7 +2222,7 @@ module Api assert_response :not_found, "shouldn't be able to get changesets by non-public user (name)" # but this should work - auth_header = basic_authorization_header private_user.email, "test" + auth_header = bearer_authorization_header private_user get changesets_path(:user => private_user.id), :headers => auth_header assert_response :success, "can't get changesets by user ID" assert_changesets_in_order [private_user_changeset, private_user_closed_changeset] @@ -2421,12 +2450,12 @@ module Api assert_response :unauthorized # try with the wrong authorization - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header put changeset_show_path(private_changeset), :params => new_changeset.to_s, :headers => auth_header assert_response :conflict # now this should get an unauthorized - auth_header = basic_authorization_header private_user.email, "test" + auth_header = bearer_authorization_header private_user put changeset_show_path(private_changeset), :params => new_changeset.to_s, :headers => auth_header assert_require_public_data "user with their data non-public, shouldn't be able to edit their changeset" @@ -2442,12 +2471,12 @@ module Api assert_response :unauthorized # try with the wrong authorization - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header put changeset_show_path(changeset), :params => new_changeset.to_s, :headers => auth_header assert_response :conflict # now this should work... - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user put changeset_show_path(changeset), :params => new_changeset.to_s, :headers => auth_header assert_response :success @@ -2460,7 +2489,7 @@ module Api # check that a user different from the one who opened the changeset # can't modify it. def test_changeset_update_invalid - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header changeset = create(:changeset) new_changeset = create_changeset_xml(:user => changeset.user, :id => changeset.id) @@ -2478,14 +2507,14 @@ module Api ## FIXME should be changed to an integration test due to the with_controller def test_changeset_limits user = create(:user) - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user # create an old changeset to ensure we have the maximum rate limit create(:changeset, :user => user, :created_at => Time.now.utc - 28.days) # open a new changeset xml = "" - put changeset_create_path, :params => xml, :headers => auth_header + post api_changesets_path, :params => xml, :headers => auth_header assert_response :success, "can't create a new changeset" cs_id = @response.body.to_i @@ -2500,7 +2529,7 @@ module Api with_controller(NodesController.new) do # create a new node xml = "" - put node_create_path, :params => xml, :headers => auth_header + post api_nodes_path, :params => xml, :headers => auth_header assert_response :success, "can't create a new node" node_id = @response.body.to_i @@ -2559,7 +2588,7 @@ module Api ## # test subscribe success def test_subscribe_success - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header changeset = create(:changeset, :closed) assert_difference "changeset.subscribers.count", 1 do @@ -2587,7 +2616,7 @@ module Api end assert_response :unauthorized - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user # bad changeset id assert_no_difference "changeset.subscribers.count" do @@ -2608,7 +2637,7 @@ module Api # test unsubscribe success def test_unsubscribe_success user = create(:user) - auth_header = basic_authorization_header user.email, "test" + auth_header = bearer_authorization_header user changeset = create(:changeset, :closed) changeset.subscribers.push(user) @@ -2637,7 +2666,7 @@ module Api end assert_response :unauthorized - auth_header = basic_authorization_header create(:user).email, "test" + auth_header = bearer_authorization_header # bad changeset id assert_no_difference "changeset.subscribers.count" do @@ -2657,16 +2686,20 @@ module Api ## # check that the output consists of one specific changeset - def assert_single_changeset(changeset) - assert_select "osm>changeset", 1 - assert_select "osm>changeset>@id", changeset.id.to_s - assert_select "osm>changeset>@created_at", changeset.created_at.xmlschema - if changeset.open? - assert_select "osm>changeset>@open", "true" - assert_select "osm>changeset>@closed_at", 0 - else - assert_select "osm>changeset>@open", "false" - assert_select "osm>changeset>@closed_at", changeset.closed_at.xmlschema + def assert_single_changeset(changeset, &) + assert_dom "> changeset", 1 do + assert_dom "> @id", changeset.id.to_s + assert_dom "> @created_at", changeset.created_at.xmlschema + if changeset.open? + assert_dom "> @open", "true" + assert_dom "> @closed_at", 0 + else + assert_dom "> @open", "false" + assert_dom "> @closed_at", changeset.closed_at.xmlschema + end + assert_dom "> @comments_count", changeset.comments.length.to_s + assert_dom "> @changes_count", changeset.num_changes.to_s + yield if block_given? end end @@ -2680,6 +2713,8 @@ module Api assert_not js["changeset"]["open"] assert_equal changeset.closed_at.xmlschema, js["changeset"]["closed_at"] end + assert_equal changeset.comments.length, js["changeset"]["comments_count"] + assert_equal changeset.num_changes, js["changeset"]["changes_count"] end ##