X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/4e7c0c3008c4cc7b3f6ab2f9ad738e2af2f84703..4dff06a6293971c3e17f8508859a1d80717a23f6:/test/controllers/api/changesets_controller_test.rb diff --git a/test/controllers/api/changesets_controller_test.rb b/test/controllers/api/changesets_controller_test.rb index c3c9c5058..8efa37d87 100644 --- a/test/controllers/api/changesets_controller_test.rb +++ b/test/controllers/api/changesets_controller_test.rb @@ -1,7 +1,7 @@ require "test_helper" module Api - class ChangesetsControllerTest < ActionController::TestCase + class ChangesetsControllerTest < ActionDispatch::IntegrationTest ## # test all routes which lead to this controller def test_routes @@ -17,22 +17,30 @@ module Api { :path => "/api/0.6/changeset/1/download", :method => :get }, { :controller => "api/changesets", :action => "download", :id => "1" } ) - assert_routing( - { :path => "/api/0.6/changeset/1/expand_bbox", :method => :post }, - { :controller => "api/changesets", :action => "expand_bbox", :id => "1" } - ) assert_routing( { :path => "/api/0.6/changeset/1", :method => :get }, { :controller => "api/changesets", :action => "show", :id => "1" } ) + assert_routing( + { :path => "/api/0.6/changeset/1.json", :method => :get }, + { :controller => "api/changesets", :action => "show", :id => "1", :format => "json" } + ) assert_routing( { :path => "/api/0.6/changeset/1/subscribe", :method => :post }, { :controller => "api/changesets", :action => "subscribe", :id => "1" } ) + assert_routing( + { :path => "/api/0.6/changeset/1/subscribe.json", :method => :post }, + { :controller => "api/changesets", :action => "subscribe", :id => "1", :format => "json" } + ) assert_routing( { :path => "/api/0.6/changeset/1/unsubscribe", :method => :post }, { :controller => "api/changesets", :action => "unsubscribe", :id => "1" } ) + assert_routing( + { :path => "/api/0.6/changeset/1/unsubscribe.json", :method => :post }, + { :controller => "api/changesets", :action => "unsubscribe", :id => "1", :format => "json" } + ) assert_routing( { :path => "/api/0.6/changeset/1", :method => :put }, { :controller => "api/changesets", :action => "update", :id => "1" } @@ -45,6 +53,10 @@ module Api { :path => "/api/0.6/changesets", :method => :get }, { :controller => "api/changesets", :action => "query" } ) + assert_routing( + { :path => "/api/0.6/changesets.json", :method => :get }, + { :controller => "api/changesets", :action => "query", :format => "json" } + ) end # ----------------------- @@ -52,22 +64,22 @@ module Api # ----------------------- def test_create - basic_authorization create(:user, :data_public => false).email, "test" + auth_header = basic_authorization_header create(:user, :data_public => false).email, "test" # Create the first user's changeset xml = "" \ "" \ "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_require_public_data - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" # Create the first user's changeset xml = "" \ "" \ "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header - assert_response :success, "Creation of changeset did not return sucess status" + assert_response :success, "Creation of changeset did not return success status" newid = @response.body.to_i # check end time, should be an hour ahead of creation time @@ -75,7 +87,7 @@ module Api duration = cs.closed_at - cs.created_at # the difference can either be a rational, or a floating point number # of seconds, depending on the code path taken :-( - if duration.class == Rational + if duration.instance_of?(Rational) assert_equal Rational(1, 24), duration, "initial idle timeout should be an hour (#{cs.created_at} -> #{cs.closed_at})" else # must be number of seconds... @@ -87,45 +99,49 @@ module Api end def test_create_invalid - basic_authorization create(:user, :data_public => false).email, "test" + auth_header = basic_authorization_header create(:user, :data_public => false).email, "test" xml = "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_require_public_data ## Try the public user - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" xml = "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_response :bad_request, "creating a invalid changeset should fail" end def test_create_invalid_no_content ## First check with no auth - put :create + put changeset_create_path assert_response :unauthorized, "shouldn't be able to create a changeset with no auth" ## Now try to with a non-public user - basic_authorization create(:user, :data_public => false).email, "test" - put :create + auth_header = basic_authorization_header create(:user, :data_public => false).email, "test" + put changeset_create_path, :headers => auth_header assert_require_public_data ## Try an inactive user - basic_authorization create(:user, :pending).email, "test" - put :create + auth_header = basic_authorization_header create(:user, :pending).email, "test" + put changeset_create_path, :headers => auth_header assert_inactive_user ## Now try to use a normal user - basic_authorization create(:user).email, "test" - put :create + auth_header = basic_authorization_header create(:user).email, "test" + put changeset_create_path, :headers => auth_header assert_response :bad_request, "creating a changeset with no content should fail" end def test_create_wrong_method - basic_authorization create(:user).email, "test" - get :create - assert_response :method_not_allowed - post :create - assert_response :method_not_allowed + auth_header = basic_authorization_header create(:user).email, "test" + + get changeset_create_path, :headers => auth_header + assert_response :not_found + assert_template "rescues/routing_error" + + post changeset_create_path, :headers => auth_header + assert_response :not_found + assert_template "rescues/routing_error" end ## @@ -134,20 +150,20 @@ module Api def test_show changeset = create(:changeset) - get :show, :params => { :id => changeset.id } + get changeset_show_path(changeset) assert_response :success, "cannot get first changeset" - assert_select "osm[version='#{Settings.api_version}'][generator='OpenStreetMap server']", 1 + assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 assert_select "osm>changeset[id='#{changeset.id}']", 1 assert_select "osm>changeset>@open", "true" assert_select "osm>changeset>@created_at", changeset.created_at.xmlschema assert_select "osm>changeset>@closed_at", 0 assert_select "osm>changeset>discussion", 0 - get :show, :params => { :id => changeset.id, :include_discussion => true } + get changeset_show_path(changeset), :params => { :include_discussion => true } assert_response :success, "cannot get first changeset with comments" - assert_select "osm[version='#{Settings.api_version}'][generator='OpenStreetMap server']", 1 + assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 assert_select "osm>changeset[id='#{changeset.id}']", 1 assert_select "osm>changeset>@open", "true" assert_select "osm>changeset>@created_at", changeset.created_at.xmlschema @@ -156,25 +172,140 @@ module Api assert_select "osm>changeset>discussion>comment", 0 changeset = create(:changeset, :closed) - create_list(:changeset_comment, 3, :changeset_id => changeset.id) + comment1, comment2, comment3 = create_list(:changeset_comment, 3, :changeset_id => changeset.id) - get :show, :params => { :id => changeset.id, :include_discussion => true } + get changeset_show_path(changeset), :params => { :include_discussion => true } assert_response :success, "cannot get closed changeset with comments" - assert_select "osm[version='#{Settings.api_version}'][generator='OpenStreetMap server']", 1 + assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 assert_select "osm>changeset[id='#{changeset.id}']", 1 assert_select "osm>changeset>@open", "false" assert_select "osm>changeset>@created_at", changeset.created_at.xmlschema assert_select "osm>changeset>@closed_at", changeset.closed_at.xmlschema assert_select "osm>changeset>discussion", 1 assert_select "osm>changeset>discussion>comment", 3 + assert_select "osm>changeset>discussion>comment:nth-child(1)>@id", comment1.id.to_s + assert_select "osm>changeset>discussion>comment:nth-child(2)>@id", comment2.id.to_s + assert_select "osm>changeset>discussion>comment:nth-child(3)>@id", comment3.id.to_s + end + + def test_show_json + changeset = create(:changeset) + + get changeset_show_path(changeset), :params => { :format => "json" } + assert_response :success, "cannot get first changeset" + + js = ActiveSupport::JSON.decode(@response.body) + assert_not_nil js + + assert_equal Settings.api_version, js["version"] + assert_equal Settings.generator, js["generator"] + assert_equal changeset.id, js["changeset"]["id"] + assert_operator js["changeset"], :[], "open" + assert_equal changeset.created_at.xmlschema, js["changeset"]["created_at"] + assert_nil js["changeset"]["closed_at"] + assert_nil js["changeset"]["tags"] + assert_nil js["changeset"]["comments"] + assert_equal changeset.user.id, js["changeset"]["uid"] + assert_equal changeset.user.display_name, js["changeset"]["user"] + + get changeset_show_path(changeset), :params => { :format => "json", :include_discussion => true } + assert_response :success, "cannot get first changeset with comments" + + js = ActiveSupport::JSON.decode(@response.body) + assert_not_nil js + assert_equal Settings.api_version, js["version"] + assert_equal Settings.generator, js["generator"] + assert_equal changeset.id, js["changeset"]["id"] + assert_operator js["changeset"], :[], "open" + assert_equal changeset.created_at.xmlschema, js["changeset"]["created_at"] + assert_nil js["changeset"]["closed_at"] + assert_nil js["changeset"]["tags"] + assert_nil js["changeset"]["min_lat"] + assert_nil js["changeset"]["min_lon"] + assert_nil js["changeset"]["max_lat"] + assert_nil js["changeset"]["max_lon"] + assert_equal 0, js["changeset"]["comments"].count + + changeset = create(:changeset, :closed) + comment0, comment1, comment2 = create_list(:changeset_comment, 3, :changeset_id => changeset.id) + + get changeset_show_path(changeset), :params => { :format => "json", :include_discussion => true } + assert_response :success, "cannot get closed changeset with comments" + + js = ActiveSupport::JSON.decode(@response.body) + assert_not_nil js + assert_equal Settings.api_version, js["version"] + assert_equal Settings.generator, js["generator"] + assert_equal changeset.id, js["changeset"]["id"] + assert_not js["changeset"]["open"] + assert_equal changeset.created_at.xmlschema, js["changeset"]["created_at"] + assert_equal changeset.closed_at.xmlschema, js["changeset"]["closed_at"] + assert_equal 3, js["changeset"]["comments"].count + assert_equal comment0.id, js["changeset"]["comments"][0]["id"] + assert_equal comment1.id, js["changeset"]["comments"][1]["id"] + assert_equal comment2.id, js["changeset"]["comments"][2]["id"] + end + + def test_show_tag_and_discussion_json + changeset = create(:changeset, :closed) + + tag1 = ChangesetTag.new + tag1.changeset_id = changeset.id + tag1.k = "created_by" + tag1.v = "JOSM/1.5 (18364)" + + tag2 = ChangesetTag.new + tag2.changeset_id = changeset.id + tag2.k = "comment" + tag2.v = "changeset comment" + + changeset.changeset_tags = [tag1, tag2] + + create_list(:changeset_comment, 3, :changeset_id => changeset.id) + + get changeset_show_path(changeset), :params => { :format => "json", :include_discussion => true } + assert_response :success, "cannot get closed changeset with comments" + + js = ActiveSupport::JSON.decode(@response.body) + + assert_not_nil js + assert_equal Settings.api_version, js["version"] + assert_equal Settings.generator, js["generator"] + assert_equal changeset.id, js["changeset"]["id"] + assert_not js["changeset"]["open"] + assert_equal changeset.created_at.xmlschema, js["changeset"]["created_at"] + assert_equal changeset.closed_at.xmlschema, js["changeset"]["closed_at"] + assert_equal 2, js["changeset"]["tags"].count + assert_equal 3, js["changeset"]["comments"].count + assert_equal 3, js["changeset"]["comments_count"] + assert_equal 0, js["changeset"]["changes_count"] + assert_not_nil js["changeset"]["comments"][0]["uid"] + assert_not_nil js["changeset"]["comments"][0]["user"] + assert_not_nil js["changeset"]["comments"][0]["text"] + end + + def test_show_bbox_json + # test bbox attribute + changeset = create(:changeset, :min_lat => (-5 * GeoRecord::SCALE).round, :min_lon => (5 * GeoRecord::SCALE).round, + :max_lat => (15 * GeoRecord::SCALE).round, :max_lon => (12 * GeoRecord::SCALE).round) + + get changeset_show_path(changeset), :params => { :format => "json" } + assert_response :success, "cannot get first changeset" + + js = ActiveSupport::JSON.decode(@response.body) + assert_not_nil js + assert_equal(-5, js["changeset"]["min_lat"]) + assert_equal 5, js["changeset"]["min_lon"] + assert_equal 15, js["changeset"]["max_lat"] + assert_equal 12, js["changeset"]["max_lon"] end ## # check that a changeset that doesn't exist returns an appropriate message def test_show_not_found [0, -32, 233455644, "afg", "213"].each do |id| - get :show, :params => { :id => id } + get changeset_show_path(:id => id) assert_response :not_found, "should get a not found" rescue ActionController::UrlGenerationError => e assert_match(/No route matches/, e.to_s) @@ -190,25 +321,25 @@ module Api changeset = create(:changeset, :user => user) ## Try without authentication - put :close, :params => { :id => changeset.id } + put changeset_close_path(changeset) assert_response :unauthorized ## Try using the non-public user - basic_authorization private_user.email, "test" - put :close, :params => { :id => private_changeset.id } + auth_header = basic_authorization_header private_user.email, "test" + put changeset_close_path(private_changeset), :headers => auth_header assert_require_public_data ## The try with the public user - basic_authorization user.email, "test" + auth_header = basic_authorization_header user.email, "test" cs_id = changeset.id - put :close, :params => { :id => cs_id } + put changeset_close_path(:id => cs_id), :headers => auth_header assert_response :success # test that it really is closed now - cs = Changeset.find(cs_id) - assert_not(cs.is_open?, - "changeset should be closed now (#{cs.closed_at} > #{Time.now.getutc}.") + cs = Changeset.find(changeset.id) + assert_not(cs.open?, + "changeset should be closed now (#{cs.closed_at} > #{Time.now.utc}.") end ## @@ -217,9 +348,9 @@ module Api user = create(:user) changeset = create(:changeset) - basic_authorization user.email, "test" + auth_header = basic_authorization_header user.email, "test" - put :close, :params => { :id => changeset.id } + put changeset_close_path(changeset), :headers => auth_header assert_response :conflict assert_equal "The user doesn't own that changeset", @response.body end @@ -230,13 +361,15 @@ module Api user = create(:user) changeset = create(:changeset, :user => user) - basic_authorization user.email, "test" + auth_header = basic_authorization_header user.email, "test" - get :close, :params => { :id => changeset.id } - assert_response :method_not_allowed + get changeset_close_path(changeset), :headers => auth_header + assert_response :not_found + assert_template "rescues/routing_error" - post :close, :params => { :id => changeset.id } - assert_response :method_not_allowed + post changeset_close_path(changeset), :headers => auth_header + assert_response :not_found + assert_template "rescues/routing_error" end ## @@ -246,16 +379,16 @@ module Api # First try to do it with no auth cs_ids.each do |id| - put :close, :params => { :id => id } + put changeset_close_path(:id => id) assert_response :unauthorized, "Shouldn't be able close the non-existant changeset #{id}, when not authorized" rescue ActionController::UrlGenerationError => e assert_match(/No route matches/, e.to_s) end # Now try with auth - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" cs_ids.each do |id| - put :close, :params => { :id => id } + put changeset_close_path(:id => id), :headers => auth_header assert_response :not_found, "The changeset #{id} doesn't exist, so can't be closed" rescue ActionController::UrlGenerationError => e assert_match(/No route matches/, e.to_s) @@ -286,7 +419,7 @@ module Api # simple diff to change a node, way and relation by removing # their tags - diff = < @@ -302,20 +435,20 @@ module Api -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset_id }, :body => diff + post changeset_upload_path(changeset), :params => diff assert_response :unauthorized, "shouldn't be able to upload a simple valid diff to changeset: #{@response.body}" ## Now try with a private user - basic_authorization private_user.email, "test" + auth_header = basic_authorization_header private_user.email, "test" changeset_id = private_changeset.id # simple diff to change a node, way and relation by removing # their tags - diff = < @@ -331,20 +464,20 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset_id }, :body => diff + post changeset_upload_path(private_changeset), :params => diff, :headers => auth_header assert_response :forbidden, "can't upload a simple valid diff to changeset: #{@response.body}" ## Now try with the public user - basic_authorization user.email, "test" + auth_header = basic_authorization_header user.email, "test" changeset_id = changeset.id # simple diff to change a node, way and relation by removing # their tags - diff = < @@ -360,10 +493,10 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset_id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :success, "can't upload a simple valid diff to changeset: #{@response.body}" @@ -382,10 +515,10 @@ CHANGESET way = create(:way_with_nodes, :nodes_count => 2) relation = create(:relation) - basic_authorization user.email, "test" + auth_header = basic_authorization_header user.email, "test" # simple diff to create a node way and relation using placeholders - diff = < @@ -404,15 +537,15 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :success, "can't upload a simple valid creation to changeset: #{@response.body}" # check the returned payload - assert_select "diffResult[version='#{Settings.api_version}'][generator='OpenStreetMap server']", 1 + assert_select "diffResult[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 assert_select "diffResult>node", 1 assert_select "diffResult>way", 1 assert_select "diffResult>relation", 1 @@ -452,15 +585,15 @@ CHANGESET create(:relation_member, :relation => super_relation, :member => used_way) create(:relation_member, :relation => super_relation, :member => used_node) - basic_authorization changeset.user.display_name, "test" + auth_header = basic_authorization_header changeset.user.display_name, "test" diff = XML::Document.new diff.root = XML::Node.new "osmChange" delete = XML::Node.new "delete" diff.root << delete - delete << super_relation.to_xml_node - delete << used_relation.to_xml_node - delete << used_way.to_xml_node + delete << xml_node_for_relation(super_relation) + delete << xml_node_for_relation(used_relation) + delete << xml_node_for_way(used_way) delete << xml_node_for_node(used_node) # update the changeset to one that this user owns @@ -471,7 +604,7 @@ CHANGESET end # upload it - post :upload, :params => { :id => changeset.id }, :body => diff.to_s + post changeset_upload_path(changeset), :params => diff.to_s, :headers => auth_header assert_response :success, "can't upload a deletion diff to changeset: #{@response.body}" @@ -481,10 +614,10 @@ CHANGESET assert_select "diffResult>relation", 2 # check that everything was deleted - assert_equal false, Node.find(used_node.id).visible - assert_equal false, Way.find(used_way.id).visible - assert_equal false, Relation.find(super_relation.id).visible - assert_equal false, Relation.find(used_relation.id).visible + assert_not Node.find(used_node.id).visible + assert_not Way.find(used_way.id).visible + assert_not Relation.find(super_relation.id).visible + assert_not Relation.find(used_relation.id).visible end ## @@ -494,11 +627,11 @@ CHANGESET node = create(:node) changeset = create(:changeset) - basic_authorization changeset.user.display_name, "test" + auth_header = basic_authorization_header changeset.user.display_name, "test" diff = "" # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :success, "can't upload a deletion diff to changeset: #{@response.body}" @@ -506,34 +639,34 @@ CHANGESET assert_select "diffResult>node", 1 # check that everything was deleted - assert_equal false, Node.find(node.id).visible + assert_not Node.find(node.id).visible end def test_repeated_changeset_create 3.times do - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" # create a temporary changeset xml = "" \ "" \ "" assert_difference "Changeset.count", 1 do - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header end assert_response :success end end def test_upload_large_changeset - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" # create a changeset - put :create, :body => "" + put changeset_create_path, :params => "", :headers => auth_header assert_response :success, "Should be able to create a changeset: #{@response.body}" changeset_id = @response.body.to_i # upload some widely-spaced nodes, spiralling positive and negative - diff = < @@ -556,20 +689,20 @@ CHANGESET -CHANGESET + CHANGESET # upload it, which used to cause an error like "PGError: ERROR: # integer out of range" (bug #2152). but shouldn't any more. - post :upload, :params => { :id => changeset_id }, :body => diff + post changeset_upload_path(:id => changeset_id), :params => diff, :headers => auth_header assert_response :success, "can't upload a spatially-large diff to changeset: #{@response.body}" # check that the changeset bbox is within bounds cs = Changeset.find(changeset_id) - assert cs.min_lon >= -180 * GeoRecord::SCALE, "Minimum longitude (#{cs.min_lon / GeoRecord::SCALE}) should be >= -180 to be valid." - assert cs.max_lon <= 180 * GeoRecord::SCALE, "Maximum longitude (#{cs.max_lon / GeoRecord::SCALE}) should be <= 180 to be valid." - assert cs.min_lat >= -90 * GeoRecord::SCALE, "Minimum latitude (#{cs.min_lat / GeoRecord::SCALE}) should be >= -90 to be valid." - assert cs.max_lat <= 90 * GeoRecord::SCALE, "Maximum latitude (#{cs.max_lat / GeoRecord::SCALE}) should be <= 90 to be valid." + assert_operator cs.min_lon, :>=, -180 * GeoRecord::SCALE, "Minimum longitude (#{cs.min_lon / GeoRecord::SCALE}) should be >= -180 to be valid." + assert_operator cs.max_lon, :<=, 180 * GeoRecord::SCALE, "Maximum longitude (#{cs.max_lon / GeoRecord::SCALE}) should be <= 180 to be valid." + assert_operator cs.min_lat, :>=, -90 * GeoRecord::SCALE, "Minimum latitude (#{cs.min_lat / GeoRecord::SCALE}) should be >= -90 to be valid." + assert_operator cs.max_lat, :<=, 90 * GeoRecord::SCALE, "Maximum latitude (#{cs.max_lat / GeoRecord::SCALE}) should be <= 90 to be valid." end ## @@ -584,14 +717,14 @@ CHANGESET create(:relation_member, :relation => relation, :member => used_way) create(:relation_member, :relation => relation, :member => used_node) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" diff = XML::Document.new diff.root = XML::Node.new "osmChange" delete = XML::Node.new "delete" diff.root << delete - delete << other_relation.to_xml_node - delete << used_way.to_xml_node + delete << xml_node_for_relation(other_relation) + delete << xml_node_for_way(used_way) delete << xml_node_for_node(used_node) # update the changeset to one that this user owns @@ -602,16 +735,16 @@ CHANGESET end # upload it - post :upload, :params => { :id => changeset.id }, :body => diff.to_s + post changeset_upload_path(changeset), :params => diff.to_s, :headers => auth_header assert_response :precondition_failed, "shouldn't be able to upload a invalid deletion diff: #{@response.body}" assert_equal "Precondition failed: Way #{used_way.id} is still used by relations #{relation.id}.", @response.body # check that nothing was, in fact, deleted - assert_equal true, Node.find(used_node.id).visible - assert_equal true, Way.find(used_way.id).visible - assert_equal true, Relation.find(relation.id).visible - assert_equal true, Relation.find(other_relation.id).visible + assert Node.find(used_node.id).visible + assert Way.find(used_way.id).visible + assert Relation.find(relation.id).visible + assert Relation.find(other_relation.id).visible end ## @@ -626,15 +759,15 @@ CHANGESET create(:relation_member, :relation => super_relation, :member => used_way) create(:relation_member, :relation => super_relation, :member => used_node) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" diff = XML::Document.new diff.root = XML::Node.new "osmChange" delete = XML::Node.new "delete" diff.root << delete delete["if-unused"] = "" - delete << used_relation.to_xml_node - delete << used_way.to_xml_node + delete << xml_node_for_relation(used_relation) + delete << xml_node_for_way(used_way) delete << xml_node_for_node(used_node) # update the changeset to one that this user owns @@ -645,12 +778,12 @@ CHANGESET end # upload it - post :upload, :params => { :id => changeset.id }, :body => diff.to_s + post changeset_upload_path(changeset), :params => diff.to_s, :headers => auth_header assert_response :success, "can't do a conditional delete of in use objects: #{@response.body}" # check the returned payload - assert_select "diffResult[version='#{Settings.api_version}'][generator='OpenStreetMap server']", 1 + assert_select "diffResult[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 assert_select "diffResult>node", 1 assert_select "diffResult>way", 1 assert_select "diffResult>relation", 1 @@ -674,9 +807,9 @@ CHANGESET assert_equal used_relation.version, doc.find("//diffResult/relation").first["new_version"].to_i # check that nothing was, in fact, deleted - assert_equal true, Node.find(used_node.id).visible - assert_equal true, Way.find(used_way.id).visible - assert_equal true, Relation.find(used_relation.id).visible + assert Node.find(used_node.id).visible + assert Way.find(used_way.id).visible + assert Relation.find(used_relation.id).visible end ## @@ -684,10 +817,10 @@ CHANGESET def test_upload_invalid_too_long_tag changeset = create(:changeset) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" # simple diff to create a node way and relation using placeholders - diff = < @@ -695,12 +828,12 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :bad_request, - "shoudln't be able to upload too long a tag to changeset: #{@response.body}" + "shouldn't be able to upload too long a tag to changeset: #{@response.body}" end ## @@ -714,10 +847,10 @@ CHANGESET changeset = create(:changeset) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" # simple diff to create a node way and relation using placeholders - diff = < @@ -737,10 +870,10 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :success, "can't upload a complex diff to changeset: #{@response.body}" @@ -773,10 +906,10 @@ CHANGESET relation = create(:relation) other_relation = create(:relation) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" # simple diff to create a node way and relation using placeholders - diff = < @@ -798,10 +931,10 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :conflict, "uploading a diff with multiple changesets should have failed" @@ -816,12 +949,12 @@ CHANGESET def test_upload_multiple_valid node = create(:node) changeset = create(:changeset) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" # change the location of a node multiple times, each time referencing # the last version. doesn't this depend on version numbers being # sequential? - diff = < @@ -834,10 +967,10 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :success, "can't upload multiple versions of an element in a diff: #{@response.body}" @@ -854,19 +987,19 @@ CHANGESET node = create(:node) changeset = create(:changeset) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" - diff = < -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :conflict, "shouldn't be able to upload the same element twice in a diff: #{@response.body}" end @@ -876,18 +1009,18 @@ CHANGESET def test_upload_missing_version changeset = create(:changeset) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" - diff = < -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :bad_request, "shouldn't be able to upload an element without version: #{@response.body}" end @@ -897,18 +1030,18 @@ CHANGESET def test_action_upload_invalid changeset = create(:changeset) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" - diff = < -CHANGESET - post :upload, :params => { :id => changeset.id }, :body => diff + CHANGESET + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :bad_request, "Shouldn't be able to upload a diff with the action ping" - assert_equal @response.body, "Unknown action ping, choices are create, modify, delete" + assert_equal("Unknown action ping, choices are create, modify, delete", @response.body) end ## @@ -922,9 +1055,9 @@ CHANGESET other_relation = create(:relation) create(:relation_tag, :relation => relation) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" - diff = < @@ -936,10 +1069,10 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :success, "can't upload a valid diff with whitespace variations to changeset: #{@response.body}" @@ -957,9 +1090,9 @@ CHANGESET def test_upload_reuse_placeholder_valid changeset = create(:changeset) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" - diff = < @@ -973,10 +1106,10 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :success, "can't upload a valid diff with re-used placeholders to changeset: #{@response.body}" @@ -991,9 +1124,9 @@ CHANGESET def test_upload_placeholder_invalid changeset = create(:changeset) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" - diff = < @@ -1001,14 +1134,98 @@ CHANGESET -CHANGESET + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :bad_request, + "shouldn't be able to re-use placeholder IDs" + + # placeholder_ids must be unique across all action blocks + diff = <<~CHANGESET + + + + + + + + + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :bad_request, "shouldn't be able to re-use placeholder IDs" end + def test_upload_process_order + changeset = create(:changeset) + + auth_header = basic_authorization_header changeset.user.email, "test" + + diff = <<~CHANGESET + + + + + + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :bad_request, + "shouldn't refer elements behind it" + end + + def test_upload_duplicate_delete + changeset = create(:changeset) + + auth_header = basic_authorization_header changeset.user.email, "test" + + diff = <<~CHANGESET + + + + + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :gone, + "transaction should be cancelled by second deletion" + + diff = <<~CHANGESET + + + + + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + + assert_select "diffResult>node", 3 + assert_select "diffResult>node[old_id='-1']", 3 + assert_select "diffResult>node[new_version='1']", 1 + assert_select "diffResult>node[new_version='2']", 1 + end + ## # test that uploading a way referencing invalid placeholders gives a # proper error, not a 500. @@ -1016,9 +1233,9 @@ CHANGESET changeset = create(:changeset) way = create(:way) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" - diff = < @@ -1032,16 +1249,16 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :bad_request, "shouldn't be able to use invalid placeholder IDs" assert_equal "Placeholder node not found for reference -4 in way -1", @response.body # the same again, but this time use an existing way - diff = < @@ -1055,10 +1272,10 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :bad_request, "shouldn't be able to use invalid placeholder IDs" assert_equal "Placeholder node not found for reference -4 in way #{way.id}", @response.body @@ -1071,9 +1288,9 @@ CHANGESET changeset = create(:changeset) relation = create(:relation) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" - diff = < @@ -1087,16 +1304,16 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :bad_request, "shouldn't be able to use invalid placeholder IDs" assert_equal "Placeholder Node not found for reference -4 in relation -1.", @response.body # the same again, but this time use an existing relation - diff = < @@ -1110,10 +1327,10 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response :bad_request, "shouldn't be able to use invalid placeholder IDs" assert_equal "Placeholder Way not found for reference -1 in relation #{relation.id}.", @response.body @@ -1123,12 +1340,12 @@ CHANGESET # test what happens if a diff is uploaded containing only a node # move. def test_upload_node_move - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" xml = "" \ "" \ "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i @@ -1145,7 +1362,7 @@ CHANGESET diff.root << modify # upload it - post :upload, :params => { :id => changeset_id }, :body => diff.to_s + post changeset_upload_path(:id => changeset_id), :params => diff.to_s, :headers => auth_header assert_response :success, "diff should have uploaded OK" @@ -1160,12 +1377,12 @@ CHANGESET ## # test what happens if a diff is uploaded adding a node to a way. def test_upload_way_extend - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" xml = "" \ "" \ "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i @@ -1175,7 +1392,7 @@ CHANGESET diff = XML::Document.new diff.root = XML::Node.new "osmChange" modify = XML::Node.new "modify" - xml_old_way = old_way.to_xml_node + xml_old_way = xml_node_for_way(old_way) nd_ref = XML::Node.new "nd" nd_ref["ref"] = create(:node, :lat => 3, :lon => 3).id.to_s xml_old_way << nd_ref @@ -1184,7 +1401,7 @@ CHANGESET diff.root << modify # upload it - post :upload, :params => { :id => changeset_id }, :body => diff.to_s + post changeset_upload_path(:id => changeset_id), :params => diff.to_s, :headers => auth_header assert_response :success, "diff should have uploaded OK" @@ -1201,16 +1418,16 @@ CHANGESET def test_upload_empty_invalid changeset = create(:changeset) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" ["", "", "", ""].each do |diff| # upload it - post :upload, :params => { :id => changeset.id }, :body => diff + post changeset_upload_path(changeset), :params => diff, :headers => auth_header assert_response(:success, "should be able to upload " \ - "empty changeset: " + diff) + "empty changeset: " + diff) end end @@ -1221,7 +1438,7 @@ CHANGESET node = create(:node) create(:relation_member, :member => node) - basic_authorization changeset.user.email, "test" + auth_header = basic_authorization_header changeset.user.email, "test" # try and delete a node that is in use diff = XML::Document.new @@ -1231,17 +1448,265 @@ CHANGESET delete << xml_node_for_node(node) # upload it - error_format "xml" - post :upload, :params => { :id => changeset.id }, :body => diff.to_s + error_header = error_format_header "xml" + post changeset_upload_path(changeset), :params => diff.to_s, :headers => auth_header.merge(error_header) assert_response :success, "failed to return error in XML format" # check the returned payload - assert_select "osmError[version='#{Settings.api_version}'][generator='OpenStreetMap server']", 1 + assert_select "osmError[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 assert_select "osmError>status", 1 assert_select "osmError>message", 1 end + def test_upload_not_found + changeset = create(:changeset) + + auth_header = basic_authorization_header changeset.user.email, "test" + + # modify node + diff = <<~CHANGESET + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :not_found, "Node should not be found" + + # modify way + diff = <<~CHANGESET + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :not_found, "Way should not be found" + + # modify relation + diff = <<~CHANGESET + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :not_found, "Relation should not be found" + + # delete node + diff = <<~CHANGESET + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :not_found, "Node should not be deleted" + + # delete way + diff = <<~CHANGESET + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :not_found, "Way should not be deleted" + + # delete relation + diff = <<~CHANGESET + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :not_found, "Relation should not be deleted" + end + + def test_upload_relation_placeholder_not_fix + changeset = create(:changeset) + + auth_header = basic_authorization_header changeset.user.email, "test" + + # modify node + diff = <<~CHANGESET + + + + + + + + + + + + + + + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff.to_s, :headers => auth_header + assert_response :bad_request, "shouldn't be able to use reference -4 in relation -2: #{@response.body}" + assert_equal "Placeholder Relation not found for reference -4 in relation -2.", @response.body + end + + def test_upload_multiple_delete_block + changeset = create(:changeset) + + auth_header = basic_authorization_header changeset.user.email, "test" + + node = create(:node) + way = create(:way) + create(:way_node, :way => way, :node => node) + alone_node = create(:node) + + # modify node + diff = <<~CHANGESET + + + + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff.to_s, :headers => auth_header + assert_response :precondition_failed, + "shouldn't be able to upload a invalid deletion diff: #{@response.body}" + assert_equal "Precondition failed: Node #{node.id} is still used by ways #{way.id}.", @response.body + end + + ## + # test initial rate limit + def test_upload_initial_rate_limit + # create a user + user = create(:user) + + # create some objects to use + node = create(:node) + way = create(:way_with_nodes, :nodes_count => 2) + relation = create(:relation) + + # create a changeset that puts us near the initial rate limit + changeset = create(:changeset, :user => user, + :created_at => Time.now.utc - 5.minutes, + :num_changes => Settings.initial_changes_per_hour - 2) + + # create authentication header + auth_header = basic_authorization_header user.email, "test" + + # simple diff to create a node way and relation using placeholders + diff = <<~CHANGESET + + + + + + + + + + + + + + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :too_many_requests, "upload did not hit rate limit" + end + + ## + # test maximum rate limit + def test_upload_maximum_rate_limit + # create a user + user = create(:user) + + # create some objects to use + node = create(:node) + way = create(:way_with_nodes, :nodes_count => 2) + relation = create(:relation) + + # create a changeset to establish our initial edit time + changeset = create(:changeset, :user => user, + :created_at => Time.now.utc - 28.days) + + # create changeset to put us near the maximum rate limit + total_changes = Settings.max_changes_per_hour - 2 + while total_changes.positive? + changes = [total_changes, Changeset::MAX_ELEMENTS].min + changeset = create(:changeset, :user => user, + :created_at => Time.now.utc - 5.minutes, + :num_changes => changes) + total_changes -= changes + end + + # create authentication header + auth_header = basic_authorization_header user.email, "test" + + # simple diff to create a node way and relation using placeholders + diff = <<~CHANGESET + + + + + + + + + + + + + + + + + + + CHANGESET + + # upload it + post changeset_upload_path(changeset), :params => diff, :headers => auth_header + assert_response :too_many_requests, "upload did not hit rate limit" + end + ## # when we make some simple changes we get the same changes back from the # diff download. @@ -1249,28 +1714,28 @@ CHANGESET node = create(:node) ## First try with a non-public user, which should get a forbidden - basic_authorization create(:user, :data_public => false).email, "test" + auth_header = basic_authorization_header create(:user, :data_public => false).email, "test" # create a temporary changeset xml = "" \ "" \ "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_response :forbidden ## Now try with a normal user - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" # create a temporary changeset xml = "" \ "" \ "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i # add a diff to it - diff = < @@ -1283,14 +1748,14 @@ CHANGESET -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset_id }, :body => diff + post changeset_upload_path(:id => changeset_id), :params => diff, :headers => auth_header assert_response :success, "can't upload multiple versions of an element in a diff: #{@response.body}" - get :download, :params => { :id => changeset_id } + get changeset_download_path(:id => changeset_id) assert_response :success assert_select "osmChange", 1 @@ -1304,17 +1769,17 @@ CHANGESET # # NOTE: the error turned out to be something else completely! def test_josm_upload - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" # create a temporary changeset xml = "" \ "" \ "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i - diff = < @@ -1326,7 +1791,7 @@ CHANGESET - + @@ -1341,14 +1806,14 @@ CHANGESET -OSMFILE + OSMFILE # upload it - post :upload, :params => { :id => changeset_id }, :body => diff + post changeset_upload_path(:id => changeset_id), :params => diff, :headers => auth_header assert_response :success, "can't upload a diff from JOSM: #{@response.body}" - get :download, :params => { :id => changeset_id } + get changeset_download_path(:id => changeset_id) assert_response :success assert_select "osmChange", 1 @@ -1365,18 +1830,18 @@ OSMFILE node = create(:node) node2 = create(:node) way = create(:way) - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" # create a temporary changeset xml = "" \ "" \ "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_response :success changeset_id = @response.body.to_i # add a diff to it - diff = < @@ -1396,14 +1861,14 @@ OSMFILE -CHANGESET + CHANGESET # upload it - post :upload, :params => { :id => changeset_id }, :body => diff + post changeset_upload_path(:id => changeset_id), :params => diff, :headers => auth_header assert_response :success, "can't upload multiple versions of an element in a diff: #{@response.body}" - get :download, :params => { :id => changeset_id } + get changeset_download_path(:id => changeset_id) assert_response :success assert_select "osmChange", 1 @@ -1425,11 +1890,10 @@ CHANGESET _relation = create(:relation, :with_history, :version => 1, :changeset => changeset) _relation2 = create(:relation, :with_history, :deleted, :version => 1, :changeset => changeset) - get :download, :params => { :id => changeset.id } + get changeset_download_path(changeset) assert_response :success - assert_template nil - # print @response.body + # FIXME: needs more assert_select tests assert_select "osmChange[version='#{Settings.api_version}'][generator='#{Settings.generator}']" do assert_select "create", :count => 5 @@ -1447,23 +1911,23 @@ CHANGESET way = create(:way) create(:way_node, :way => way, :node => create(:node, :lat => 3, :lon => 3)) - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" # create a new changeset xml = "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_response :success, "Creating of changeset failed." changeset_id = @response.body.to_i # add a single node to it with_controller(NodesController.new) do xml = "" - put :create, :body => xml + put node_create_path, :params => xml, :headers => auth_header assert_response :success, "Couldn't create node." end # get the bounding box back from the changeset - get :show, :params => { :id => changeset_id } + get changeset_show_path(:id => changeset_id) assert_response :success, "Couldn't read back changeset." assert_select "osm>changeset[min_lon='1.0000000']", 1 assert_select "osm>changeset[max_lon='1.0000000']", 1 @@ -1473,12 +1937,12 @@ CHANGESET # add another node to it with_controller(NodesController.new) do xml = "" - put :create, :body => xml + put node_create_path, :params => xml, :headers => auth_header assert_response :success, "Couldn't create second node." end # get the bounding box back from the changeset - get :show, :params => { :id => changeset_id } + get changeset_show_path(:id => changeset_id) assert_response :success, "Couldn't read back changeset for the second time." assert_select "osm>changeset[min_lon='1.0000000']", 1 assert_select "osm>changeset[max_lon='2.0000000']", 1 @@ -1487,13 +1951,13 @@ CHANGESET # add (delete) a way to it, which contains a point at (3,3) with_controller(WaysController.new) do - xml = update_changeset(way.to_xml, changeset_id) - put :delete, :params => { :id => way.id }, :body => xml.to_s + xml = update_changeset(xml_for_way(way), changeset_id) + delete api_way_path(way), :params => xml.to_s, :headers => auth_header assert_response :success, "Couldn't delete a way." end # get the bounding box back from the changeset - get :show, :params => { :id => changeset_id } + get changeset_show_path(:id => changeset_id) assert_response :success, "Couldn't read back changeset for the third time." assert_select "osm>changeset[min_lon='1.0000000']", 1 assert_select "osm>changeset[max_lon='3.0000000']", 1 @@ -1501,57 +1965,6 @@ CHANGESET assert_select "osm>changeset[max_lat='3.0000000']", 1 end - ## - # test that the changeset :include method works as it should - def test_changeset_include - basic_authorization create(:user).display_name, "test" - - # create a new changeset - put :create, :body => "" - assert_response :success, "Creating of changeset failed." - changeset_id = @response.body.to_i - - # NOTE: the include method doesn't over-expand, like inserting - # a real method does. this is because we expect the client to - # know what it is doing! - check_after_include(changeset_id, 1, 1, [1, 1, 1, 1]) - check_after_include(changeset_id, 3, 3, [1, 1, 3, 3]) - check_after_include(changeset_id, 4, 2, [1, 1, 4, 3]) - check_after_include(changeset_id, 2, 2, [1, 1, 4, 3]) - check_after_include(changeset_id, -1, -1, [-1, -1, 4, 3]) - check_after_include(changeset_id, -2, 5, [-2, -1, 4, 5]) - end - - ## - # test that a not found, wrong method with the expand bbox works as expected - def test_changeset_expand_bbox_error - basic_authorization create(:user).display_name, "test" - - # create a new changeset - xml = "" - put :create, :body => xml - assert_response :success, "Creating of changeset failed." - changeset_id = @response.body.to_i - - lon = 58.2 - lat = -0.45 - - # Try and put - xml = "" - put :expand_bbox, :params => { :id => changeset_id }, :body => xml - assert_response :method_not_allowed, "shouldn't be able to put a bbox expand" - - # Try to get the update - xml = "" - get :expand_bbox, :params => { :id => changeset_id }, :body => xml - assert_response :method_not_allowed, "shouldn't be able to get a bbox expand" - - # Try to use a hopefully missing changeset - xml = "" - post :expand_bbox, :params => { :id => changeset_id + 13245 }, :body => xml - assert_response :not_found, "shouldn't be able to do a bbox expand on a nonexistant changeset" - end - ## # test the query functionality of changesets def test_query @@ -1564,81 +1977,205 @@ CHANGESET changeset2 = create(:changeset, :min_lat => (5 * GeoRecord::SCALE).round, :min_lon => (5 * GeoRecord::SCALE).round, :max_lat => (15 * GeoRecord::SCALE).round, :max_lon => (15 * GeoRecord::SCALE).round) changeset3 = create(:changeset, :min_lat => (4.5 * GeoRecord::SCALE).round, :min_lon => (4.5 * GeoRecord::SCALE).round, :max_lat => (5 * GeoRecord::SCALE).round, :max_lon => (5 * GeoRecord::SCALE).round) - get :query, :params => { :bbox => "-10,-10, 10, 10" } + get changesets_path(:bbox => "-10,-10, 10, 10") assert_response :success, "can't get changesets in bbox" assert_changesets [changeset2, changeset3] - get :query, :params => { :bbox => "4.5,4.5,4.6,4.6" } + get changesets_path(:bbox => "4.5,4.5,4.6,4.6") assert_response :success, "can't get changesets in bbox" assert_changesets [changeset3] # not found when looking for changesets of non-existing users - get :query, :params => { :user => User.maximum(:id) + 1 } + get changesets_path(:user => User.maximum(:id) + 1) assert_response :not_found - get :query, :params => { :display_name => " " } + assert_equal "text/plain", @response.media_type + get changesets_path(:display_name => " ") assert_response :not_found + assert_equal "text/plain", @response.media_type # can't get changesets of user 1 without authenticating - get :query, :params => { :user => private_user.id } + get changesets_path(:user => private_user.id) assert_response :not_found, "shouldn't be able to get changesets by non-public user (ID)" - get :query, :params => { :display_name => private_user.display_name } + get changesets_path(:display_name => private_user.display_name) assert_response :not_found, "shouldn't be able to get changesets by non-public user (name)" # but this should work - basic_authorization private_user.email, "test" - get :query, :params => { :user => private_user.id } + auth_header = basic_authorization_header private_user.email, "test" + get changesets_path(:user => private_user.id), :headers => auth_header assert_response :success, "can't get changesets by user ID" assert_changesets [private_user_changeset, private_user_closed_changeset] - get :query, :params => { :display_name => private_user.display_name } + get changesets_path(:display_name => private_user.display_name), :headers => auth_header assert_response :success, "can't get changesets by user name" assert_changesets [private_user_changeset, private_user_closed_changeset] + # test json endpoint + get changesets_path(:display_name => private_user.display_name), :headers => auth_header, :params => { :format => "json" } + assert_response :success, "can't get changesets by user name" + + js = ActiveSupport::JSON.decode(@response.body) + assert_not_nil js + + assert_equal Settings.api_version, js["version"] + assert_equal Settings.generator, js["generator"] + assert_equal 2, js["changesets"].count + # check that the correct error is given when we provide both UID and name - get :query, :params => { :user => private_user.id, - :display_name => private_user.display_name } + get changesets_path(:user => private_user.id, + :display_name => private_user.display_name), :headers => auth_header assert_response :bad_request, "should be a bad request to have both ID and name specified" - get :query, :params => { :user => private_user.id, :open => true } + get changesets_path(:user => private_user.id, :open => true), :headers => auth_header assert_response :success, "can't get changesets by user and open" assert_changesets [private_user_changeset] - get :query, :params => { :time => "2007-12-31" } + get changesets_path(:time => "2007-12-31"), :headers => auth_header assert_response :success, "can't get changesets by time-since" assert_changesets [private_user_changeset, private_user_closed_changeset, changeset, closed_changeset, changeset2, changeset3] - get :query, :params => { :time => "2008-01-01T12:34Z" } + get changesets_path(:time => "2008-01-01T12:34Z"), :headers => auth_header assert_response :success, "can't get changesets by time-since with hour" assert_changesets [private_user_changeset, private_user_closed_changeset, changeset, closed_changeset, changeset2, changeset3] - get :query, :params => { :time => "2007-12-31T23:59Z,2008-01-02T00:01Z" } + get changesets_path(:time => "2007-12-31T23:59Z,2008-01-02T00:01Z"), :headers => auth_header assert_response :success, "can't get changesets by time-range" assert_changesets [closed_changeset] - get :query, :params => { :open => "true" } + get changesets_path(:open => "true"), :headers => auth_header assert_response :success, "can't get changesets by open-ness" assert_changesets [private_user_changeset, changeset, changeset2, changeset3] - get :query, :params => { :closed => "true" } + get changesets_path(:closed => "true"), :headers => auth_header assert_response :success, "can't get changesets by closed-ness" assert_changesets [private_user_closed_changeset, closed_changeset] - get :query, :params => { :closed => "true", :user => private_user.id } + get changesets_path(:closed => "true", :user => private_user.id), :headers => auth_header assert_response :success, "can't get changesets by closed-ness and user" assert_changesets [private_user_closed_changeset] - get :query, :params => { :closed => "true", :user => user.id } + get changesets_path(:closed => "true", :user => user.id), :headers => auth_header assert_response :success, "can't get changesets by closed-ness and user" assert_changesets [closed_changeset] - get :query, :params => { :changesets => "#{private_user_changeset.id},#{changeset.id},#{closed_changeset.id}" } + get changesets_path(:changesets => "#{private_user_changeset.id},#{changeset.id},#{closed_changeset.id}"), :headers => auth_header assert_response :success, "can't get changesets by id (as comma-separated string)" assert_changesets [private_user_changeset, changeset, closed_changeset] - get :query, :params => { :changesets => "" } + get changesets_path(:changesets => ""), :headers => auth_header assert_response :bad_request, "should be a bad request since changesets is empty" end + ## + # test the query functionality of changesets with the limit parameter + def test_query_limit + user = create(:user) + changeset1 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 1, 1, 0, 0, 0), :closed_at => Time.utc(2008, 1, 2, 0, 0, 0)) + changeset2 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 2, 1, 0, 0, 0), :closed_at => Time.utc(2008, 2, 2, 0, 0, 0)) + changeset3 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 3, 1, 0, 0, 0), :closed_at => Time.utc(2008, 3, 2, 0, 0, 0)) + changeset4 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 4, 1, 0, 0, 0), :closed_at => Time.utc(2008, 4, 2, 0, 0, 0)) + changeset5 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 5, 1, 0, 0, 0), :closed_at => Time.utc(2008, 5, 2, 0, 0, 0)) + + get changesets_path + assert_response :success + assert_changesets_in_order [changeset5, changeset4, changeset3, changeset2, changeset1] + + get changesets_path(:limit => "3") + assert_response :success + assert_changesets_in_order [changeset5, changeset4, changeset3] + + get changesets_path(:limit => "0") + assert_response :bad_request + + get changesets_path(:limit => Settings.max_changeset_query_limit) + assert_response :success + assert_changesets_in_order [changeset5, changeset4, changeset3, changeset2, changeset1] + + get changesets_path(:limit => Settings.max_changeset_query_limit + 1) + assert_response :bad_request + end + + ## + # test the query functionality of sequential changesets with order and time parameters + def test_query_order + user = create(:user) + changeset1 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 1, 1, 0, 0, 0), :closed_at => Time.utc(2008, 1, 2, 0, 0, 0)) + changeset2 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 2, 1, 0, 0, 0), :closed_at => Time.utc(2008, 2, 2, 0, 0, 0)) + changeset3 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 3, 1, 0, 0, 0), :closed_at => Time.utc(2008, 3, 2, 0, 0, 0)) + changeset4 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 4, 1, 0, 0, 0), :closed_at => Time.utc(2008, 4, 2, 0, 0, 0)) + changeset5 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 5, 1, 0, 0, 0), :closed_at => Time.utc(2008, 5, 2, 0, 0, 0)) + changeset6 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 6, 1, 0, 0, 0), :closed_at => Time.utc(2008, 6, 2, 0, 0, 0)) + + get changesets_path + assert_response :success + assert_changesets_in_order [changeset6, changeset5, changeset4, changeset3, changeset2, changeset1] + + get changesets_path(:order => "oldest") + assert_response :success + assert_changesets_in_order [changeset1, changeset2, changeset3, changeset4, changeset5, changeset6] + + [ + # lower time bound at the opening time of a changeset + ["2008-02-01T00:00:00Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3, changeset2], [changeset5, changeset4, changeset3, changeset2]], + # lower time bound in the middle of a changeset + ["2008-02-01T12:00:00Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3, changeset2], [changeset5, changeset4, changeset3]], + # lower time bound at the closing time of a changeset + ["2008-02-02T00:00:00Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3, changeset2], [changeset5, changeset4, changeset3]], + # lower time bound after the closing time of a changeset + ["2008-02-02T00:00:01Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3], [changeset5, changeset4, changeset3]], + # upper time bound in the middle of a changeset + ["2007-09-09T12:00:00Z", "2008-04-01T12:00:00Z", [changeset4, changeset3, changeset2, changeset1], [changeset4, changeset3, changeset2, changeset1]], + # empty range + ["2009-02-02T00:00:01Z", "2018-05-15T00:00:00Z", [], []] + ].each do |from, to, interval_changesets, point_changesets| + get changesets_path(:time => "#{from},#{to}") + assert_response :success + assert_changesets_in_order interval_changesets + + get changesets_path(:from => from, :to => to) + assert_response :success + assert_changesets_in_order point_changesets + + get changesets_path(:from => from, :to => to, :order => "oldest") + assert_response :success + assert_changesets_in_order point_changesets.reverse + end + end + + ## + # test the query functionality of overlapping changesets with order and time parameters + def test_query_order_overlapping + user = create(:user) + changeset1 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 4, 17, 0, 0), :closed_at => Time.utc(2015, 6, 4, 17, 0, 0)) + changeset2 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 4, 16, 0, 0), :closed_at => Time.utc(2015, 6, 4, 18, 0, 0)) + changeset3 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 4, 14, 0, 0), :closed_at => Time.utc(2015, 6, 4, 20, 0, 0)) + changeset4 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 3, 23, 0, 0), :closed_at => Time.utc(2015, 6, 4, 23, 0, 0)) + create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 2, 23, 0, 0), :closed_at => Time.utc(2015, 6, 3, 23, 0, 0)) + + get changesets_path(:time => "2015-06-04T00:00:00Z") + assert_response :success + assert_changesets_in_order [changeset1, changeset2, changeset3, changeset4] + + get changesets_path(:from => "2015-06-04T00:00:00Z") + assert_response :success + assert_changesets_in_order [changeset1, changeset2, changeset3] + + get changesets_path(:from => "2015-06-04T00:00:00Z", :order => "oldest") + assert_response :success + assert_changesets_in_order [changeset3, changeset2, changeset1] + + get changesets_path(:time => "2015-06-04T16:00:00Z,2015-06-04T17:30:00Z") + assert_response :success + assert_changesets_in_order [changeset1, changeset2, changeset3, changeset4] + + get changesets_path(:from => "2015-06-04T16:00:00Z", :to => "2015-06-04T17:30:00Z") + assert_response :success + assert_changesets_in_order [changeset1, changeset2] + + get changesets_path(:from => "2015-06-04T16:00:00Z", :to => "2015-06-04T17:30:00Z", :order => "oldest") + assert_response :success + assert_changesets_in_order [changeset2, changeset1] + end + ## # check that errors are returned if garbage is inserted # into query strings @@ -1646,7 +2183,7 @@ CHANGESET ["abracadabra!", "1,2,3,F", ";drop table users;"].each do |bbox| - get :query, :params => { :bbox => bbox } + get changesets_path(:bbox => bbox) assert_response :bad_request, "'#{bbox}' isn't a bbox" end @@ -1655,7 +2192,7 @@ CHANGESET ";drop table users;", ",", "-,-"].each do |time| - get :query, :params => { :time => time } + get changesets_path(:time => time) assert_response :bad_request, "'#{time}' isn't a valid time range" end @@ -1663,9 +2200,12 @@ CHANGESET "foobar", "-1", "0"].each do |uid| - get :query, :params => { :user => uid } + get changesets_path(:user => uid) assert_response :bad_request, "'#{uid}' isn't a valid user ID" end + + get changesets_path(:order => "oldest", :time => "2008-01-01T00:00Z,2018-01-01T00:00Z") + assert_response :bad_request, "cannot use order=oldest with time" end ## @@ -1684,17 +2224,17 @@ CHANGESET new_changeset.find("//osm/changeset").first << new_tag # try without any authorization - put :update, :params => { :id => private_changeset.id }, :body => new_changeset.to_s + put changeset_show_path(private_changeset), :params => new_changeset.to_s assert_response :unauthorized # try with the wrong authorization - basic_authorization create(:user).email, "test" - put :update, :params => { :id => private_changeset.id }, :body => new_changeset.to_s + auth_header = basic_authorization_header create(:user).email, "test" + put changeset_show_path(private_changeset), :params => new_changeset.to_s, :headers => auth_header assert_response :conflict # now this should get an unauthorized - basic_authorization private_user.email, "test" - put :update, :params => { :id => private_changeset.id }, :body => new_changeset.to_s + auth_header = basic_authorization_header private_user.email, "test" + put changeset_show_path(private_changeset), :params => new_changeset.to_s, :headers => auth_header assert_require_public_data "user with their data non-public, shouldn't be able to edit their changeset" ## Now try with the public user @@ -1705,18 +2245,17 @@ CHANGESET new_changeset.find("//osm/changeset").first << new_tag # try without any authorization - @request.env["HTTP_AUTHORIZATION"] = nil - put :update, :params => { :id => changeset.id }, :body => new_changeset.to_s + put changeset_show_path(changeset), :params => new_changeset.to_s assert_response :unauthorized # try with the wrong authorization - basic_authorization create(:user).email, "test" - put :update, :params => { :id => changeset.id }, :body => new_changeset.to_s + auth_header = basic_authorization_header create(:user).email, "test" + put changeset_show_path(changeset), :params => new_changeset.to_s, :headers => auth_header assert_response :conflict # now this should work... - basic_authorization user.email, "test" - put :update, :params => { :id => changeset.id }, :body => new_changeset.to_s + auth_header = basic_authorization_header user.email, "test" + put changeset_show_path(changeset), :params => new_changeset.to_s, :headers => auth_header assert_response :success assert_select "osm>changeset[id='#{changeset.id}']", 1 @@ -1728,7 +2267,7 @@ CHANGESET # check that a user different from the one who opened the changeset # can't modify it. def test_changeset_update_invalid - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" changeset = create(:changeset) new_changeset = create_changeset_xml(:user => changeset.user, :id => changeset.id) @@ -1737,7 +2276,7 @@ CHANGESET new_tag["v"] = "testing" new_changeset.find("//osm/changeset").first << new_tag - put :update, :params => { :id => changeset.id }, :body => new_changeset.to_s + put changeset_show_path(changeset), :params => new_changeset.to_s, :headers => auth_header assert_response :conflict end @@ -1745,11 +2284,15 @@ CHANGESET # check that a changeset can contain a certain max number of changes. ## FIXME should be changed to an integration test due to the with_controller def test_changeset_limits - basic_authorization create(:user).email, "test" + user = create(:user) + auth_header = basic_authorization_header user.email, "test" + + # create an old changeset to ensure we have the maximum rate limit + create(:changeset, :user => user, :created_at => Time.now.utc - 28.days) # open a new changeset xml = "" - put :create, :body => xml + put changeset_create_path, :params => xml, :headers => auth_header assert_response :success, "can't create a new changeset" cs_id = @response.body.to_i @@ -1764,11 +2307,11 @@ CHANGESET with_controller(NodesController.new) do # create a new node xml = "" - put :create, :body => xml + put node_create_path, :params => xml, :headers => auth_header assert_response :success, "can't create a new node" node_id = @response.body.to_i - get :show, :params => { :id => node_id } + get api_node_path(:id => node_id) assert_response :success, "can't read back new node" node_doc = XML::Parser.string(@response.body).parse node_xml = node_doc.find("//osm/node").first @@ -1779,7 +2322,7 @@ CHANGESET node_xml["lon"] = rand.to_s node_xml["version"] = (i + 1).to_s - put :update, :params => { :id => node_id }, :body => node_doc.to_s + put api_node_path(:id => node_id), :params => node_doc.to_s, :headers => auth_header assert_response :success, "attempt #{i} should have succeeded" end @@ -1788,7 +2331,7 @@ CHANGESET node_xml["lon"] = rand.to_s node_xml["version"] = offset.to_s - put :update, :params => { :id => node_id }, :body => node_doc.to_s + put api_node_path(:id => node_id), :params => node_doc.to_s, :headers => auth_header assert_response :conflict, "final attempt should have failed" end @@ -1796,7 +2339,7 @@ CHANGESET assert_equal Changeset::MAX_ELEMENTS + 1, changeset.num_changes # check that the changeset is now closed as well - assert_not(changeset.is_open?, + assert_not(changeset.open?, "changeset should have been auto-closed by exceeding " \ "element limit.") end @@ -1810,7 +2353,7 @@ CHANGESET node_v1 = node.old_nodes.find_by(:version => 1) node_v1.redact!(create(:redaction)) - get :download, :params => { :id => changeset.id } + get changeset_download_path(changeset) assert_response :success assert_select "osmChange", 1 @@ -1823,18 +2366,18 @@ CHANGESET ## # test subscribe success def test_subscribe_success - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" changeset = create(:changeset, :closed) assert_difference "changeset.subscribers.count", 1 do - post :subscribe, :params => { :id => changeset.id } + post changeset_subscribe_path(changeset), :headers => auth_header end assert_response :success # not closed changeset changeset = create(:changeset) assert_difference "changeset.subscribers.count", 1 do - post :subscribe, :params => { :id => changeset.id } + post changeset_subscribe_path(changeset), :headers => auth_header end assert_response :success end @@ -1847,15 +2390,15 @@ CHANGESET # unauthorized changeset = create(:changeset, :closed) assert_no_difference "changeset.subscribers.count" do - post :subscribe, :params => { :id => changeset.id } + post changeset_subscribe_path(changeset) end assert_response :unauthorized - basic_authorization user.email, "test" + auth_header = basic_authorization_header user.email, "test" # bad changeset id assert_no_difference "changeset.subscribers.count" do - post :subscribe, :params => { :id => 999111 } + post changeset_subscribe_path(:id => 999111), :headers => auth_header end assert_response :not_found @@ -1863,7 +2406,7 @@ CHANGESET changeset = create(:changeset, :closed) changeset.subscribers.push(user) assert_no_difference "changeset.subscribers.count" do - post :subscribe, :params => { :id => changeset.id } + post changeset_subscribe_path(changeset), :headers => auth_header end assert_response :conflict end @@ -1872,12 +2415,12 @@ CHANGESET # test unsubscribe success def test_unsubscribe_success user = create(:user) - basic_authorization user.email, "test" + auth_header = basic_authorization_header user.email, "test" changeset = create(:changeset, :closed) changeset.subscribers.push(user) assert_difference "changeset.subscribers.count", -1 do - post :unsubscribe, :params => { :id => changeset.id } + post changeset_unsubscribe_path(changeset), :headers => auth_header end assert_response :success @@ -1886,7 +2429,7 @@ CHANGESET changeset.subscribers.push(user) assert_difference "changeset.subscribers.count", -1 do - post :unsubscribe, :params => { :id => changeset.id } + post changeset_unsubscribe_path(changeset), :headers => auth_header end assert_response :success end @@ -1897,22 +2440,22 @@ CHANGESET # unauthorized changeset = create(:changeset, :closed) assert_no_difference "changeset.subscribers.count" do - post :unsubscribe, :params => { :id => changeset.id } + post changeset_unsubscribe_path(changeset) end assert_response :unauthorized - basic_authorization create(:user).email, "test" + auth_header = basic_authorization_header create(:user).email, "test" # bad changeset id assert_no_difference "changeset.subscribers.count" do - post :unsubscribe, :params => { :id => 999111 } + post changeset_unsubscribe_path(:id => 999111), :headers => auth_header end assert_response :not_found # trying to unsubscribe when not subscribed changeset = create(:changeset, :closed) assert_no_difference "changeset.subscribers.count" do - post :unsubscribe, :params => { :id => changeset.id } + post changeset_unsubscribe_path(changeset), :headers => auth_header end assert_response :not_found end @@ -1920,8 +2463,7 @@ CHANGESET private ## - # boilerplate for checking that certain changesets exist in the - # output. + # check that certain changesets exist in the output def assert_changesets(changesets) assert_select "osm>changeset", changesets.size changesets.each do |changeset| @@ -1930,23 +2472,12 @@ CHANGESET end ## - # call the include method and assert properties of the bbox - def check_after_include(changeset_id, lon, lat, bbox) - xml = "" - post :expand_bbox, :params => { :id => changeset_id }, :body => xml - assert_response :success, "Setting include of changeset failed: #{@response.body}" - - # check exactly one changeset - assert_select "osm>changeset", 1 - assert_select "osm>changeset[id='#{changeset_id}']", 1 - - # check the bbox - doc = XML::Parser.string(@response.body).parse - changeset = doc.find("//osm/changeset").first - assert_equal bbox[0], changeset["min_lon"].to_f, "min lon" - assert_equal bbox[1], changeset["min_lat"].to_f, "min lat" - assert_equal bbox[2], changeset["max_lon"].to_f, "max lon" - assert_equal bbox[3], changeset["max_lat"].to_f, "max lat" + # check that certain changesets exist in the output in the specified order + def assert_changesets_in_order(changesets) + assert_select "osm>changeset", changesets.size + changesets.each_with_index do |changeset, index| + assert_select "osm>changeset:nth-child(#{index + 1})[id='#{changeset.id}']", 1 + end end ##