X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/477f700cfada25a472b13bdba3882cdb5c047e47..ddf6689e9e37b65cdc5739ebd3caf8c5a1fc30f5:/test/integration/oauth_test.rb diff --git a/test/integration/oauth_test.rb b/test/integration/oauth_test.rb index 4f56067a4..70f161fc9 100644 --- a/test/integration/oauth_test.rb +++ b/test/integration/oauth_test.rb @@ -91,6 +91,18 @@ class OAuthTest < ActionDispatch::IntegrationTest signed_get "/api/0.6/gpx/2", :oauth => { :token => token } assert_response :forbidden + token.user.suspend! + signed_get "/api/0.6/user/preferences", :oauth => { :token => token } + assert_response :forbidden + + token.user.hide! + signed_get "/api/0.6/user/preferences", :oauth => { :token => token } + assert_response :forbidden + + token.user.unhide! + signed_get "/api/0.6/user/preferences", :oauth => { :token => token } + assert_response :success + session_for(token.user) post "/oauth/revoke", :params => { :token => token.token } @@ -174,6 +186,18 @@ class OAuthTest < ActionDispatch::IntegrationTest signed_get "/api/0.6/user/details", :oauth => { :token => token } assert_response :forbidden + token.user.suspend! + signed_get "/api/0.6/gpx/#{trace.id}", :oauth => { :token => token } + assert_response :forbidden + + token.user.hide! + signed_get "/api/0.6/gpx/#{trace.id}", :oauth => { :token => token } + assert_response :forbidden + + token.user.unhide! + signed_get "/api/0.6/gpx/#{trace.id}", :oauth => { :token => token } + assert_response :success + session_for(token.user) post "/oauth/revoke", :params => { :token => token.token } @@ -237,6 +261,18 @@ class OAuthTest < ActionDispatch::IntegrationTest signed_get "/api/0.6/gpx/#{trace.id}", :oauth => { :token => token } assert_response :forbidden + token.user.suspend! + signed_get "/api/0.6/user/preferences", :oauth => { :token => token } + assert_response :forbidden + + token.user.hide! + signed_get "/api/0.6/user/preferences", :oauth => { :token => token } + assert_response :forbidden + + token.user.unhide! + signed_get "/api/0.6/user/preferences", :oauth => { :token => token } + assert_response :success + session_for(token.user) post "/oauth/revoke", :params => { :token => token.token } @@ -292,6 +328,18 @@ class OAuthTest < ActionDispatch::IntegrationTest signed_get "/api/0.6/user/details", :oauth => { :token => token } assert_response :forbidden + token.user.suspend! + signed_get "/api/0.6/gpx/#{trace.id}", :oauth => { :token => token } + assert_response :forbidden + + token.user.hide! + signed_get "/api/0.6/gpx/#{trace.id}", :oauth => { :token => token } + assert_response :forbidden + + token.user.unhide! + signed_get "/api/0.6/gpx/#{trace.id}", :oauth => { :token => token } + assert_response :success + session_for(token.user) post "/oauth/revoke", :params => { :token => token.token }