X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/3d0ca940d26bdc23aa791178b01b816185c5a086..af68e07272f2f42a581b435dc0563fe8a862a562:/test/functional/node_controller_test.rb?ds=sidebyside
diff --git a/test/functional/node_controller_test.rb b/test/functional/node_controller_test.rb
index 266682fd0..b5f93c458 100644
--- a/test/functional/node_controller_test.rb
+++ b/test/functional/node_controller_test.rb
@@ -75,6 +75,12 @@ class NodeControllerTest < ActionController::TestCase
lat = 3.434
lon = 3.23
+ # test that the upload is rejected when xml is valid, but osm doc isn't
+ content("")
+ put :create
+ assert_response :bad_request, "node upload did not return bad_request status"
+ assert_equal "Cannot parse valid node from xml string . XML doesn't contain an osm/node element.", @response.body
+
# test that the upload is rejected when no lat is supplied
# create a minimal xml file
content("")
@@ -178,6 +184,18 @@ class NodeControllerTest < ActionController::TestCase
delete :delete, :id => current_nodes(:visible_node).id
assert_response :conflict
+ # try to delete a node with a different ID
+ content(nodes(:public_visible_node).to_xml)
+ delete :delete, :id => current_nodes(:visible_node).id
+ assert_response :bad_request,
+ "should not be able to delete a node with a different ID from the XML"
+
+ # try to delete a node rubbish in the payloads
+ content("")
+ delete :delete, :id => current_nodes(:visible_node).id
+ assert_response :bad_request,
+ "should not be able to delete a node without a valid XML payload"
+
# valid delete now takes a payload
content(nodes(:public_visible_node).to_xml)
delete :delete, :id => current_nodes(:public_visible_node).id
@@ -271,9 +289,6 @@ class NodeControllerTest < ActionController::TestCase
content current_nodes(:visible_node).to_xml
put :update, :id => current_nodes(:visible_node).id
assert_require_public_data "should have failed with a forbidden when data isn't public"
-
-
-
## Finally test with the public user
@@ -344,6 +359,18 @@ class NodeControllerTest < ActionController::TestCase
assert_response :conflict,
"should not be able to put 'p1r4at3s!' in the version field"
+ ## try an update with the wrong ID
+ content current_nodes(:public_visible_node).to_xml
+ put :update, :id => current_nodes(:visible_node).id
+ assert_response :bad_request,
+ "should not be able to update a node with a different ID from the XML"
+
+ ## try an update with a minimal valid XML doc which isn't a well-formed OSM doc.
+ content ""
+ put :update, :id => current_nodes(:visible_node).id
+ assert_response :bad_request,
+ "should not be able to update a node with non-OSM XML doc."
+
## finally, produce a good request which should work
content current_nodes(:public_visible_node).to_xml
put :update, :id => current_nodes(:public_visible_node).id
@@ -370,7 +397,7 @@ class NodeControllerTest < ActionController::TestCase
put :update, :id => current_nodes(:public_visible_node).id
assert_response :bad_request,
"adding duplicate tags to a node should fail with 'bad request'"
- assert_equal "Element node/#{current_nodes(:public_visible_node).id} has duplicate tags with key #{current_node_tags(:t1).k}.", @response.body
+ assert_equal "Element node/#{current_nodes(:public_visible_node).id} has duplicate tags with key #{current_node_tags(:t1).k}", @response.body
end
# test whether string injection is possible