X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/5285f69a8aa41eff217734f1d4051b7cc75428e5..bcf066ff9c42c7b868de15e2ae251986ab19fe61:/test/controllers/api/changesets_controller_test.rb
diff --git a/test/controllers/api/changesets_controller_test.rb b/test/controllers/api/changesets_controller_test.rb
index cfb424169..1d92263f9 100644
--- a/test/controllers/api/changesets_controller_test.rb
+++ b/test/controllers/api/changesets_controller_test.rb
@@ -6,7 +6,15 @@ module Api
# test all routes which lead to this controller
def test_routes
assert_routing(
- { :path => "/api/0.6/changeset/create", :method => :put },
+ { :path => "/api/0.6/changesets", :method => :get },
+ { :controller => "api/changesets", :action => "index" }
+ )
+ assert_routing(
+ { :path => "/api/0.6/changesets.json", :method => :get },
+ { :controller => "api/changesets", :action => "index", :format => "json" }
+ )
+ assert_routing(
+ { :path => "/api/0.6/changesets", :method => :post },
{ :controller => "api/changesets", :action => "create" }
)
assert_routing(
@@ -49,35 +57,275 @@ module Api
{ :path => "/api/0.6/changeset/1/close", :method => :put },
{ :controller => "api/changesets", :action => "close", :id => "1" }
)
- assert_routing(
- { :path => "/api/0.6/changesets", :method => :get },
- { :controller => "api/changesets", :action => "index" }
- )
- assert_routing(
- { :path => "/api/0.6/changesets.json", :method => :get },
- { :controller => "api/changesets", :action => "index", :format => "json" }
+
+ assert_recognizes(
+ { :controller => "api/changesets", :action => "create" },
+ { :path => "/api/0.6/changeset/create", :method => :put }
)
end
+ ##
+ # test the query functionality of changesets
+ def test_index
+ private_user = create(:user, :data_public => false)
+ private_user_changeset = create(:changeset, :user => private_user)
+ private_user_closed_changeset = create(:changeset, :closed, :user => private_user)
+ user = create(:user)
+ changeset = create(:changeset, :user => user)
+ closed_changeset = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 1, 1, 0, 0, 0), :closed_at => Time.utc(2008, 1, 2, 0, 0, 0))
+ changeset2 = create(:changeset, :min_lat => (5 * GeoRecord::SCALE).round, :min_lon => (5 * GeoRecord::SCALE).round, :max_lat => (15 * GeoRecord::SCALE).round, :max_lon => (15 * GeoRecord::SCALE).round)
+ changeset3 = create(:changeset, :min_lat => (4.5 * GeoRecord::SCALE).round, :min_lon => (4.5 * GeoRecord::SCALE).round, :max_lat => (5 * GeoRecord::SCALE).round, :max_lon => (5 * GeoRecord::SCALE).round)
+
+ get changesets_path(:bbox => "-10,-10, 10, 10")
+ assert_response :success, "can't get changesets in bbox"
+ assert_changesets_in_order [changeset3, changeset2]
+
+ get changesets_path(:bbox => "4.5,4.5,4.6,4.6")
+ assert_response :success, "can't get changesets in bbox"
+ assert_changesets_in_order [changeset3]
+
+ # not found when looking for changesets of non-existing users
+ get changesets_path(:user => User.maximum(:id) + 1)
+ assert_response :not_found
+ assert_equal "text/plain", @response.media_type
+ get changesets_path(:display_name => " ")
+ assert_response :not_found
+ assert_equal "text/plain", @response.media_type
+
+ # can't get changesets of user 1 without authenticating
+ get changesets_path(:user => private_user.id)
+ assert_response :not_found, "shouldn't be able to get changesets by non-public user (ID)"
+ get changesets_path(:display_name => private_user.display_name)
+ assert_response :not_found, "shouldn't be able to get changesets by non-public user (name)"
+
+ # but this should work
+ auth_header = bearer_authorization_header private_user
+ get changesets_path(:user => private_user.id), :headers => auth_header
+ assert_response :success, "can't get changesets by user ID"
+ assert_changesets_in_order [private_user_changeset, private_user_closed_changeset]
+
+ get changesets_path(:display_name => private_user.display_name), :headers => auth_header
+ assert_response :success, "can't get changesets by user name"
+ assert_changesets_in_order [private_user_changeset, private_user_closed_changeset]
+
+ # test json endpoint
+ get changesets_path(:display_name => private_user.display_name), :headers => auth_header, :params => { :format => "json" }
+ assert_response :success, "can't get changesets by user name"
+
+ js = ActiveSupport::JSON.decode(@response.body)
+ assert_not_nil js
+
+ assert_equal Settings.api_version, js["version"]
+ assert_equal Settings.generator, js["generator"]
+ assert_equal 2, js["changesets"].count
+
+ # check that the correct error is given when we provide both UID and name
+ get changesets_path(:user => private_user.id,
+ :display_name => private_user.display_name), :headers => auth_header
+ assert_response :bad_request, "should be a bad request to have both ID and name specified"
+
+ get changesets_path(:user => private_user.id, :open => true), :headers => auth_header
+ assert_response :success, "can't get changesets by user and open"
+ assert_changesets_in_order [private_user_changeset]
+
+ get changesets_path(:time => "2007-12-31"), :headers => auth_header
+ assert_response :success, "can't get changesets by time-since"
+ assert_changesets_in_order [changeset3, changeset2, changeset, private_user_changeset, private_user_closed_changeset, closed_changeset]
+
+ get changesets_path(:time => "2008-01-01T12:34Z"), :headers => auth_header
+ assert_response :success, "can't get changesets by time-since with hour"
+ assert_changesets_in_order [changeset3, changeset2, changeset, private_user_changeset, private_user_closed_changeset, closed_changeset]
+
+ get changesets_path(:time => "2007-12-31T23:59Z,2008-01-02T00:01Z"), :headers => auth_header
+ assert_response :success, "can't get changesets by time-range"
+ assert_changesets_in_order [closed_changeset]
+
+ get changesets_path(:open => "true"), :headers => auth_header
+ assert_response :success, "can't get changesets by open-ness"
+ assert_changesets_in_order [changeset3, changeset2, changeset, private_user_changeset]
+
+ get changesets_path(:closed => "true"), :headers => auth_header
+ assert_response :success, "can't get changesets by closed-ness"
+ assert_changesets_in_order [private_user_closed_changeset, closed_changeset]
+
+ get changesets_path(:closed => "true", :user => private_user.id), :headers => auth_header
+ assert_response :success, "can't get changesets by closed-ness and user"
+ assert_changesets_in_order [private_user_closed_changeset]
+
+ get changesets_path(:closed => "true", :user => user.id), :headers => auth_header
+ assert_response :success, "can't get changesets by closed-ness and user"
+ assert_changesets_in_order [closed_changeset]
+
+ get changesets_path(:changesets => "#{private_user_changeset.id},#{changeset.id},#{closed_changeset.id}"), :headers => auth_header
+ assert_response :success, "can't get changesets by id (as comma-separated string)"
+ assert_changesets_in_order [changeset, private_user_changeset, closed_changeset]
+
+ get changesets_path(:changesets => ""), :headers => auth_header
+ assert_response :bad_request, "should be a bad request since changesets is empty"
+ end
+
+ ##
+ # test the query functionality of changesets with the limit parameter
+ def test_index_limit
+ user = create(:user)
+ changeset1 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 1, 1, 0, 0, 0), :closed_at => Time.utc(2008, 1, 2, 0, 0, 0))
+ changeset2 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 2, 1, 0, 0, 0), :closed_at => Time.utc(2008, 2, 2, 0, 0, 0))
+ changeset3 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 3, 1, 0, 0, 0), :closed_at => Time.utc(2008, 3, 2, 0, 0, 0))
+ changeset4 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 4, 1, 0, 0, 0), :closed_at => Time.utc(2008, 4, 2, 0, 0, 0))
+ changeset5 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 5, 1, 0, 0, 0), :closed_at => Time.utc(2008, 5, 2, 0, 0, 0))
+
+ get changesets_path
+ assert_response :success
+ assert_changesets_in_order [changeset5, changeset4, changeset3, changeset2, changeset1]
+
+ get changesets_path(:limit => "3")
+ assert_response :success
+ assert_changesets_in_order [changeset5, changeset4, changeset3]
+
+ get changesets_path(:limit => "0")
+ assert_response :bad_request
+
+ get changesets_path(:limit => Settings.max_changeset_query_limit)
+ assert_response :success
+ assert_changesets_in_order [changeset5, changeset4, changeset3, changeset2, changeset1]
+
+ get changesets_path(:limit => Settings.max_changeset_query_limit + 1)
+ assert_response :bad_request
+ end
+
+ ##
+ # test the query functionality of sequential changesets with order and time parameters
+ def test_index_order
+ user = create(:user)
+ changeset1 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 1, 1, 0, 0, 0), :closed_at => Time.utc(2008, 1, 2, 0, 0, 0))
+ changeset2 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 2, 1, 0, 0, 0), :closed_at => Time.utc(2008, 2, 2, 0, 0, 0))
+ changeset3 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 3, 1, 0, 0, 0), :closed_at => Time.utc(2008, 3, 2, 0, 0, 0))
+ changeset4 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 4, 1, 0, 0, 0), :closed_at => Time.utc(2008, 4, 2, 0, 0, 0))
+ changeset5 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 5, 1, 0, 0, 0), :closed_at => Time.utc(2008, 5, 2, 0, 0, 0))
+ changeset6 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 6, 1, 0, 0, 0), :closed_at => Time.utc(2008, 6, 2, 0, 0, 0))
+
+ get changesets_path
+ assert_response :success
+ assert_changesets_in_order [changeset6, changeset5, changeset4, changeset3, changeset2, changeset1]
+
+ get changesets_path(:order => "oldest")
+ assert_response :success
+ assert_changesets_in_order [changeset1, changeset2, changeset3, changeset4, changeset5, changeset6]
+
+ [
+ # lower time bound at the opening time of a changeset
+ ["2008-02-01T00:00:00Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3, changeset2], [changeset5, changeset4, changeset3, changeset2]],
+ # lower time bound in the middle of a changeset
+ ["2008-02-01T12:00:00Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3, changeset2], [changeset5, changeset4, changeset3]],
+ # lower time bound at the closing time of a changeset
+ ["2008-02-02T00:00:00Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3, changeset2], [changeset5, changeset4, changeset3]],
+ # lower time bound after the closing time of a changeset
+ ["2008-02-02T00:00:01Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3], [changeset5, changeset4, changeset3]],
+ # upper time bound in the middle of a changeset
+ ["2007-09-09T12:00:00Z", "2008-04-01T12:00:00Z", [changeset4, changeset3, changeset2, changeset1], [changeset4, changeset3, changeset2, changeset1]],
+ # empty range
+ ["2009-02-02T00:00:01Z", "2018-05-15T00:00:00Z", [], []]
+ ].each do |from, to, interval_changesets, point_changesets|
+ get changesets_path(:time => "#{from},#{to}")
+ assert_response :success
+ assert_changesets_in_order interval_changesets
+
+ get changesets_path(:from => from, :to => to)
+ assert_response :success
+ assert_changesets_in_order point_changesets
+
+ get changesets_path(:from => from, :to => to, :order => "oldest")
+ assert_response :success
+ assert_changesets_in_order point_changesets.reverse
+ end
+ end
+
+ ##
+ # test the query functionality of overlapping changesets with order and time parameters
+ def test_index_order_overlapping
+ user = create(:user)
+ changeset1 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 4, 17, 0, 0), :closed_at => Time.utc(2015, 6, 4, 17, 0, 0))
+ changeset2 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 4, 16, 0, 0), :closed_at => Time.utc(2015, 6, 4, 18, 0, 0))
+ changeset3 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 4, 14, 0, 0), :closed_at => Time.utc(2015, 6, 4, 20, 0, 0))
+ changeset4 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 3, 23, 0, 0), :closed_at => Time.utc(2015, 6, 4, 23, 0, 0))
+ create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 2, 23, 0, 0), :closed_at => Time.utc(2015, 6, 3, 23, 0, 0))
+
+ get changesets_path(:time => "2015-06-04T00:00:00Z")
+ assert_response :success
+ assert_changesets_in_order [changeset1, changeset2, changeset3, changeset4]
+
+ get changesets_path(:from => "2015-06-04T00:00:00Z")
+ assert_response :success
+ assert_changesets_in_order [changeset1, changeset2, changeset3]
+
+ get changesets_path(:from => "2015-06-04T00:00:00Z", :order => "oldest")
+ assert_response :success
+ assert_changesets_in_order [changeset3, changeset2, changeset1]
+
+ get changesets_path(:time => "2015-06-04T16:00:00Z,2015-06-04T17:30:00Z")
+ assert_response :success
+ assert_changesets_in_order [changeset1, changeset2, changeset3, changeset4]
+
+ get changesets_path(:from => "2015-06-04T16:00:00Z", :to => "2015-06-04T17:30:00Z")
+ assert_response :success
+ assert_changesets_in_order [changeset1, changeset2]
+
+ get changesets_path(:from => "2015-06-04T16:00:00Z", :to => "2015-06-04T17:30:00Z", :order => "oldest")
+ assert_response :success
+ assert_changesets_in_order [changeset2, changeset1]
+ end
+
+ ##
+ # check that errors are returned if garbage is inserted
+ # into query strings
+ def test_index_invalid
+ ["abracadabra!",
+ "1,2,3,F",
+ ";drop table users;"].each do |bbox|
+ get changesets_path(:bbox => bbox)
+ assert_response :bad_request, "'#{bbox}' isn't a bbox"
+ end
+
+ ["now()",
+ "00-00-00",
+ ";drop table users;",
+ ",",
+ "-,-"].each do |time|
+ get changesets_path(:time => time)
+ assert_response :bad_request, "'#{time}' isn't a valid time range"
+ end
+
+ ["me",
+ "foobar",
+ "-1",
+ "0"].each do |uid|
+ get changesets_path(:user => uid)
+ assert_response :bad_request, "'#{uid}' isn't a valid user ID"
+ end
+
+ get changesets_path(:order => "oldest", :time => "2008-01-01T00:00Z,2018-01-01T00:00Z")
+ assert_response :bad_request, "cannot use order=oldest with time"
+ end
+
# -----------------------
# Test simple changeset creation
# -----------------------
def test_create
- auth_header = basic_authorization_header create(:user, :data_public => false).email, "test"
+ auth_header = bearer_authorization_header create(:user, :data_public => false)
# Create the first user's changeset
xml = "" \
"" \
""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_require_public_data
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
# Create the first user's changeset
xml = "" \
"" \
""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :success, "Creation of changeset did not return success status"
newid = @response.body.to_i
@@ -99,49 +347,57 @@ module Api
end
def test_create_invalid
- auth_header = basic_authorization_header create(:user, :data_public => false).email, "test"
+ auth_header = bearer_authorization_header create(:user, :data_public => false)
xml = ""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_require_public_data
## Try the public user
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
xml = ""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :bad_request, "creating a invalid changeset should fail"
end
def test_create_invalid_no_content
## First check with no auth
- put changeset_create_path
+ post api_changesets_path
assert_response :unauthorized, "shouldn't be able to create a changeset with no auth"
## Now try to with a non-public user
- auth_header = basic_authorization_header create(:user, :data_public => false).email, "test"
- put changeset_create_path, :headers => auth_header
+ auth_header = bearer_authorization_header create(:user, :data_public => false)
+ post api_changesets_path, :headers => auth_header
assert_require_public_data
## Try an inactive user
- auth_header = basic_authorization_header create(:user, :pending).email, "test"
- put changeset_create_path, :headers => auth_header
+ auth_header = bearer_authorization_header create(:user, :pending)
+ post api_changesets_path, :headers => auth_header
assert_inactive_user
## Now try to use a normal user
- auth_header = basic_authorization_header create(:user).email, "test"
- put changeset_create_path, :headers => auth_header
+ auth_header = bearer_authorization_header
+ post api_changesets_path, :headers => auth_header
assert_response :bad_request, "creating a changeset with no content should fail"
end
def test_create_wrong_method
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
- get changeset_create_path, :headers => auth_header
+ put api_changesets_path, :headers => auth_header
assert_response :not_found
assert_template "rescues/routing_error"
+ end
- post changeset_create_path, :headers => auth_header
- assert_response :not_found
- assert_template "rescues/routing_error"
+ def test_create_legacy_path
+ auth_header = bearer_authorization_header
+ xml = ""
+
+ assert_difference "Changeset.count", 1 do
+ put "/api/0.6/changeset/create", :params => xml, :headers => auth_header
+ end
+
+ assert_response :success, "Creation of changeset did not return success status"
+ assert_equal Changeset.last.id, @response.body.to_i
end
##
@@ -153,17 +409,19 @@ module Api
get changeset_show_path(changeset)
assert_response :success, "cannot get first changeset"
- assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
- assert_single_changeset changeset
- assert_select "osm>changeset>discussion", 0
+ assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
+ assert_single_changeset changeset do
+ assert_dom "> discussion", 0
+ end
get changeset_show_path(changeset), :params => { :include_discussion => true }
assert_response :success, "cannot get first changeset with comments"
- assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
- assert_single_changeset changeset
- assert_select "osm>changeset>discussion", 1
- assert_select "osm>changeset>discussion>comment", 0
+ assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
+ assert_single_changeset changeset do
+ assert_dom "> discussion", 1
+ assert_dom "> discussion > comment", 0
+ end
end
def test_show_comments
@@ -174,63 +432,93 @@ module Api
get changeset_show_path(changeset), :params => { :include_discussion => true }
assert_response :success, "cannot get closed changeset with comments"
- assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
- assert_single_changeset changeset
- assert_select "osm>changeset>discussion", 1
- assert_select "osm>changeset>discussion>comment", 3
- assert_select "osm>changeset>discussion>comment:nth-child(1)>@id", comment1.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(1)>@visible", "true"
- assert_select "osm>changeset>discussion>comment:nth-child(2)>@id", comment2.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(2)>@visible", "true"
- assert_select "osm>changeset>discussion>comment:nth-child(3)>@id", comment3.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(3)>@visible", "true"
+ assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 do
+ assert_single_changeset changeset do
+ assert_dom "> discussion", 1 do
+ assert_dom "> comment", 3 do |dom_comments|
+ assert_dom dom_comments[0], "> @id", comment1.id.to_s
+ assert_dom dom_comments[0], "> @visible", "true"
+ assert_dom dom_comments[1], "> @id", comment2.id.to_s
+ assert_dom dom_comments[1], "> @visible", "true"
+ assert_dom dom_comments[2], "> @id", comment3.id.to_s
+ assert_dom dom_comments[2], "> @visible", "true"
+ end
+ end
+ end
+ end
# one hidden comment not included because not asked for
comment2.update(:visible => false)
+ changeset.reload
get changeset_show_path(changeset), :params => { :include_discussion => true }
assert_response :success, "cannot get closed changeset with comments"
- assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
- assert_single_changeset changeset
- assert_select "osm>changeset>discussion", 1
- assert_select "osm>changeset>discussion>comment", 2
- assert_select "osm>changeset>discussion>comment:nth-child(1)>@id", comment1.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(1)>@visible", "true"
- assert_select "osm>changeset>discussion>comment:nth-child(2)>@id", comment3.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(2)>@visible", "true"
+ assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
+ assert_single_changeset changeset do
+ assert_dom "> discussion", 1 do
+ assert_dom "> comment", 2 do |dom_comments|
+ assert_dom dom_comments[0], "> @id", comment1.id.to_s
+ assert_dom dom_comments[0], "> @visible", "true"
+ assert_dom dom_comments[1], "> @id", comment3.id.to_s
+ assert_dom dom_comments[1], "> @visible", "true"
+ end
+ end
+ end
# one hidden comment not included because no permissions
get changeset_show_path(changeset), :params => { :include_discussion => true, :show_hidden_comments => true }
assert_response :success, "cannot get closed changeset with comments"
- assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
- assert_single_changeset changeset
- assert_select "osm>changeset>discussion", 1
- assert_select "osm>changeset>discussion>comment", 2
- assert_select "osm>changeset>discussion>comment:nth-child(1)>@id", comment1.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(1)>@visible", "true"
- # maybe will show an empty comment element with visible=false in the future
- assert_select "osm>changeset>discussion>comment:nth-child(2)>@id", comment3.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(2)>@visible", "true"
+ assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
+ assert_single_changeset changeset do
+ assert_dom "> discussion", 1 do
+ assert_dom "> comment", 2 do |dom_comments|
+ assert_dom dom_comments[0], "> @id", comment1.id.to_s
+ assert_dom dom_comments[0], "> @visible", "true"
+ # maybe will show an empty comment element with visible=false in the future
+ assert_dom dom_comments[1], "> @id", comment3.id.to_s
+ assert_dom dom_comments[1], "> @visible", "true"
+ end
+ end
+ end
# one hidden comment shown to moderators
moderator_user = create(:moderator_user)
- auth_header = basic_authorization_header moderator_user.email, "test"
+ auth_header = bearer_authorization_header moderator_user
get changeset_show_path(changeset), :params => { :include_discussion => true, :show_hidden_comments => true },
:headers => auth_header
assert_response :success, "cannot get closed changeset with comments"
- assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
- assert_single_changeset changeset
- assert_select "osm>changeset>discussion", 1
- assert_select "osm>changeset>discussion>comment", 3
- assert_select "osm>changeset>discussion>comment:nth-child(1)>@id", comment1.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(1)>@visible", "true"
- assert_select "osm>changeset>discussion>comment:nth-child(2)>@id", comment2.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(2)>@visible", "false"
- assert_select "osm>changeset>discussion>comment:nth-child(3)>@id", comment3.id.to_s
- assert_select "osm>changeset>discussion>comment:nth-child(3)>@visible", "true"
+ assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
+ assert_single_changeset changeset do
+ assert_dom "> discussion", 1 do
+ assert_dom "> comment", 3 do |dom_comments|
+ assert_dom dom_comments[0], "> @id", comment1.id.to_s
+ assert_dom dom_comments[0], "> @visible", "true"
+ assert_dom dom_comments[1], "> @id", comment2.id.to_s
+ assert_dom dom_comments[1], "> @visible", "false"
+ assert_dom dom_comments[2], "> @id", comment3.id.to_s
+ assert_dom dom_comments[2], "> @visible", "true"
+ end
+ end
+ end
+ end
+
+ def test_show_tags
+ changeset = create(:changeset, :closed)
+ create(:changeset_tag, :changeset => changeset, :k => "created_by", :v => "JOSM/1.5 (18364)")
+ create(:changeset_tag, :changeset => changeset, :k => "comment", :v => "changeset comment")
+
+ get changeset_show_path(changeset)
+
+ assert_response :success
+ assert_dom "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
+ assert_single_changeset changeset do
+ assert_dom "> tag", 2
+ assert_dom "> tag[k='created_by'][v='JOSM/1.5 (18364)']", 1
+ assert_dom "> tag[k='comment'][v='changeset comment']", 1
+ end
end
def test_show_json
@@ -289,6 +577,7 @@ module Api
# one hidden comment not included because not asked for
comment1.update(:visible => false)
+ changeset.reload
get changeset_show_path(changeset), :params => { :format => "json", :include_discussion => true }
assert_response :success, "cannot get closed changeset with comments"
@@ -322,7 +611,7 @@ module Api
# one hidden comment shown to moderators
moderator_user = create(:moderator_user)
- auth_header = basic_authorization_header moderator_user.email, "test"
+ auth_header = bearer_authorization_header moderator_user
get changeset_show_path(changeset), :params => { :format => "json", :include_discussion => true, :show_hidden_comments => true },
:headers => auth_header
assert_response :success, "cannot get closed changeset with comments"
@@ -341,39 +630,22 @@ module Api
assert js["changeset"]["comments"][2]["visible"]
end
- def test_show_tag_and_discussion_json
+ def test_show_tags_json
changeset = create(:changeset, :closed)
+ create(:changeset_tag, :changeset => changeset, :k => "created_by", :v => "JOSM/1.5 (18364)")
+ create(:changeset_tag, :changeset => changeset, :k => "comment", :v => "changeset comment")
- tag1 = ChangesetTag.new
- tag1.changeset_id = changeset.id
- tag1.k = "created_by"
- tag1.v = "JOSM/1.5 (18364)"
-
- tag2 = ChangesetTag.new
- tag2.changeset_id = changeset.id
- tag2.k = "comment"
- tag2.v = "changeset comment"
-
- changeset.changeset_tags = [tag1, tag2]
-
- create_list(:changeset_comment, 3, :changeset_id => changeset.id)
-
- get changeset_show_path(changeset), :params => { :format => "json", :include_discussion => true }
- assert_response :success, "cannot get closed changeset with comments"
+ get changeset_show_path(changeset, :format => "json")
+ assert_response :success
js = ActiveSupport::JSON.decode(@response.body)
-
assert_not_nil js
assert_equal Settings.api_version, js["version"]
assert_equal Settings.generator, js["generator"]
assert_single_changeset_json changeset, js
assert_equal 2, js["changeset"]["tags"].count
- assert_equal 3, js["changeset"]["comments"].count
- assert_equal 3, js["changeset"]["comments_count"]
- assert_equal 0, js["changeset"]["changes_count"]
- assert_not_nil js["changeset"]["comments"][0]["uid"]
- assert_not_nil js["changeset"]["comments"][0]["user"]
- assert_not_nil js["changeset"]["comments"][0]["text"]
+ assert_equal "JOSM/1.5 (18364)", js["changeset"]["tags"]["created_by"]
+ assert_equal "changeset comment", js["changeset"]["tags"]["comment"]
end
def test_show_bbox_json
@@ -416,12 +688,12 @@ module Api
assert_response :unauthorized
## Try using the non-public user
- auth_header = basic_authorization_header private_user.email, "test"
+ auth_header = bearer_authorization_header private_user
put changeset_close_path(private_changeset), :headers => auth_header
assert_require_public_data
## The try with the public user
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
cs_id = changeset.id
put changeset_close_path(cs_id), :headers => auth_header
@@ -439,7 +711,7 @@ module Api
user = create(:user)
changeset = create(:changeset)
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
put changeset_close_path(changeset), :headers => auth_header
assert_response :conflict
@@ -452,7 +724,7 @@ module Api
user = create(:user)
changeset = create(:changeset, :user => user)
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
get changeset_close_path(changeset), :headers => auth_header
assert_response :not_found
@@ -477,7 +749,7 @@ module Api
end
# Now try with auth
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
cs_ids.each do |id|
put changeset_close_path(id), :headers => auth_header
assert_response :not_found, "The changeset #{id} doesn't exist, so can't be closed"
@@ -534,7 +806,7 @@ module Api
"shouldn't be able to upload a simple valid diff to changeset: #{@response.body}"
## Now try with a private user
- auth_header = basic_authorization_header private_user.email, "test"
+ auth_header = bearer_authorization_header private_user
changeset_id = private_changeset.id
# simple diff to change a node, way and relation by removing
@@ -563,7 +835,7 @@ module Api
"can't upload a simple valid diff to changeset: #{@response.body}"
## Now try with the public user
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
changeset_id = changeset.id
# simple diff to change a node, way and relation by removing
@@ -606,7 +878,7 @@ module Api
way = create(:way_with_nodes, :nodes_count => 2)
relation = create(:relation)
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
# simple diff to create a node way and relation using placeholders
diff = <<~CHANGESET
@@ -632,30 +904,31 @@ module Api
# upload it
post changeset_upload_path(changeset), :params => diff, :headers => auth_header
- assert_response :success,
- "can't upload a simple valid creation to changeset: #{@response.body}"
-
- # check the returned payload
- assert_select "diffResult[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
- assert_select "diffResult>node", 1
- assert_select "diffResult>way", 1
- assert_select "diffResult>relation", 1
-
- # inspect the response to find out what the new element IDs are
- doc = XML::Parser.string(@response.body).parse
- new_node_id = doc.find("//diffResult/node").first["new_id"].to_i
- new_way_id = doc.find("//diffResult/way").first["new_id"].to_i
- new_rel_id = doc.find("//diffResult/relation").first["new_id"].to_i
-
- # check the old IDs are all present and negative one
- assert_equal(-1, doc.find("//diffResult/node").first["old_id"].to_i)
- assert_equal(-1, doc.find("//diffResult/way").first["old_id"].to_i)
- assert_equal(-1, doc.find("//diffResult/relation").first["old_id"].to_i)
+ assert_response :success,
+ "can't upload a simple valid creation to changeset: #{@response.body}"
- # check the versions are present and equal one
- assert_equal 1, doc.find("//diffResult/node").first["new_version"].to_i
- assert_equal 1, doc.find("//diffResult/way").first["new_version"].to_i
- assert_equal 1, doc.find("//diffResult/relation").first["new_version"].to_i
+ # check the returned payload
+ new_node_id, new_way_id, new_rel_id = nil
+ assert_dom "diffResult[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 do
+ # inspect the response to find out what the new element IDs are
+ # check the old IDs are all present and negative one
+ # check the versions are present and equal one
+ assert_dom "> node", 1 do |(node_el)|
+ new_node_id = node_el["new_id"].to_i
+ assert_dom "> @old_id", "-1"
+ assert_dom "> @new_version", "1"
+ end
+ assert_dom "> way", 1 do |(way_el)|
+ new_way_id = way_el["new_id"].to_i
+ assert_dom "> @old_id", "-1"
+ assert_dom "> @new_version", "1"
+ end
+ assert_dom "> relation", 1 do |(rel_el)|
+ new_rel_id = rel_el["new_id"].to_i
+ assert_dom "> @old_id", "-1"
+ assert_dom "> @new_version", "1"
+ end
+ end
# check that the changes made it into the database
assert_equal 2, Node.find(new_node_id).tags.size, "new node should have two tags"
@@ -676,7 +949,7 @@ module Api
create(:relation_member, :relation => super_relation, :member => used_way)
create(:relation_member, :relation => super_relation, :member => used_node)
- auth_header = basic_authorization_header changeset.user.display_name, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = XML::Document.new
diff.root = XML::Node.new "osmChange"
@@ -718,7 +991,7 @@ module Api
node = create(:node)
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.display_name, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = ""
# upload it
@@ -735,14 +1008,14 @@ module Api
def test_repeated_changeset_create
3.times do
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
# create a temporary changeset
xml = "" \
"" \
""
assert_difference "Changeset.count", 1 do
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
end
assert_response :success
end
@@ -750,13 +1023,13 @@ module Api
def test_upload_large_changeset
user = create(:user)
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
# create an old changeset to ensure we have the maximum rate limit
create(:changeset, :user => user, :created_at => Time.now.utc - 28.days)
# create a changeset
- put changeset_create_path, :params => "", :headers => auth_header
+ post api_changesets_path, :params => "", :headers => auth_header
assert_response :success, "Should be able to create a changeset: #{@response.body}"
changeset_id = @response.body.to_i
@@ -812,7 +1085,7 @@ module Api
create(:relation_member, :relation => relation, :member => used_way)
create(:relation_member, :relation => relation, :member => used_node)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = XML::Document.new
diff.root = XML::Node.new "osmChange"
@@ -854,7 +1127,7 @@ module Api
create(:relation_member, :relation => super_relation, :member => used_way)
create(:relation_member, :relation => super_relation, :member => used_node)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = XML::Document.new
diff.root = XML::Node.new "osmChange"
@@ -878,28 +1151,26 @@ module Api
"can't do a conditional delete of in use objects: #{@response.body}"
# check the returned payload
- assert_select "diffResult[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
- assert_select "diffResult>node", 1
- assert_select "diffResult>way", 1
- assert_select "diffResult>relation", 1
-
- # parse the response
- doc = XML::Parser.string(@response.body).parse
-
- # check the old IDs are all present and what we expect
- assert_equal used_node.id, doc.find("//diffResult/node").first["old_id"].to_i
- assert_equal used_way.id, doc.find("//diffResult/way").first["old_id"].to_i
- assert_equal used_relation.id, doc.find("//diffResult/relation").first["old_id"].to_i
-
- # check the new IDs are all present and unchanged
- assert_equal used_node.id, doc.find("//diffResult/node").first["new_id"].to_i
- assert_equal used_way.id, doc.find("//diffResult/way").first["new_id"].to_i
- assert_equal used_relation.id, doc.find("//diffResult/relation").first["new_id"].to_i
-
- # check the new versions are all present and unchanged
- assert_equal used_node.version, doc.find("//diffResult/node").first["new_version"].to_i
- assert_equal used_way.version, doc.find("//diffResult/way").first["new_version"].to_i
- assert_equal used_relation.version, doc.find("//diffResult/relation").first["new_version"].to_i
+ assert_dom "diffResult[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 do
+ # check the old IDs are all present and what we expect
+ # check the new IDs are all present and unchanged
+ # check the new versions are all present and unchanged
+ assert_dom "> node", 1 do
+ assert_dom "> @old_id", used_node.id.to_s
+ assert_dom "> @new_id", used_node.id.to_s
+ assert_dom "> @new_version", used_node.version.to_s
+ end
+ assert_dom "> way", 1 do
+ assert_dom "> @old_id", used_way.id.to_s
+ assert_dom "> @new_id", used_way.id.to_s
+ assert_dom "> @new_version", used_way.version.to_s
+ end
+ assert_dom "> relation", 1 do
+ assert_dom "> @old_id", used_relation.id.to_s
+ assert_dom "> @new_id", used_relation.id.to_s
+ assert_dom "> @new_version", used_relation.version.to_s
+ end
+ end
# check that nothing was, in fact, deleted
assert Node.find(used_node.id).visible
@@ -912,7 +1183,7 @@ module Api
def test_upload_invalid_too_long_tag
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
# simple diff to create a node way and relation using placeholders
diff = <<~CHANGESET
@@ -942,7 +1213,7 @@ module Api
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
# simple diff to create a node way and relation using placeholders
diff = <<~CHANGESET
@@ -973,14 +1244,14 @@ module Api
"can't upload a complex diff to changeset: #{@response.body}"
# check the returned payload
- assert_select "diffResult[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
- assert_select "diffResult>node", 1
- assert_select "diffResult>way", 1
- assert_select "diffResult>relation", 1
-
- # inspect the response to find out what the new element IDs are
- doc = XML::Parser.string(@response.body).parse
- new_node_id = doc.find("//diffResult/node").first["new_id"].to_i
+ new_node_id = nil
+ assert_dom "diffResult[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1 do
+ assert_dom "> node", 1 do |(node_el)|
+ new_node_id = node_el["new_id"].to_i
+ end
+ assert_dom "> way", 1
+ assert_dom "> relation", 1
+ end
# check that the changes made it into the database
assert_equal 2, Node.find(new_node_id).tags.size, "new node should have two tags"
@@ -1001,7 +1272,7 @@ module Api
relation = create(:relation)
other_relation = create(:relation)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
# simple diff to create a node way and relation using placeholders
diff = <<~CHANGESET
@@ -1044,7 +1315,7 @@ module Api
def test_upload_multiple_valid
node = create(:node)
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
# change the location of a node multiple times, each time referencing
# the last version. doesn't this depend on version numbers being
@@ -1082,7 +1353,7 @@ module Api
node = create(:node)
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1104,7 +1375,7 @@ module Api
def test_upload_missing_version
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1125,7 +1396,7 @@ module Api
def test_action_upload_invalid
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1150,7 +1421,7 @@ module Api
other_relation = create(:relation)
create(:relation_tag, :relation => relation)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1185,7 +1456,7 @@ module Api
def test_upload_reuse_placeholder_valid
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1219,7 +1490,7 @@ module Api
def test_upload_placeholder_invalid
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1257,7 +1528,7 @@ module Api
def test_upload_process_order
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1281,7 +1552,7 @@ module Api
def test_upload_duplicate_delete
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1328,7 +1599,7 @@ module Api
changeset = create(:changeset)
way = create(:way)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1383,7 +1654,7 @@ module Api
changeset = create(:changeset)
relation = create(:relation)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
diff = <<~CHANGESET
@@ -1435,12 +1706,12 @@ module Api
# test what happens if a diff is uploaded containing only a node
# move.
def test_upload_node_move
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
xml = "" \
"" \
""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :success
changeset_id = @response.body.to_i
@@ -1472,12 +1743,12 @@ module Api
##
# test what happens if a diff is uploaded adding a node to a way.
def test_upload_way_extend
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
xml = "" \
"" \
""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :success
changeset_id = @response.body.to_i
@@ -1513,7 +1784,7 @@ module Api
def test_upload_empty_invalid
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
["",
"",
@@ -1533,7 +1804,7 @@ module Api
node = create(:node)
create(:relation_member, :member => node)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
# try and delete a node that is in use
diff = XML::Document.new
@@ -1557,7 +1828,7 @@ module Api
def test_upload_not_found
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
# modify node
diff = <<~CHANGESET
@@ -1641,7 +1912,7 @@ module Api
def test_upload_relation_placeholder_not_fix
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
# modify node
diff = <<~CHANGESET
@@ -1675,7 +1946,7 @@ module Api
def test_upload_multiple_delete_block
changeset = create(:changeset)
- auth_header = basic_authorization_header changeset.user.email, "test"
+ auth_header = bearer_authorization_header changeset.user
node = create(:node)
way = create(:way)
@@ -1718,7 +1989,7 @@ module Api
:num_changes => Settings.initial_changes_per_hour - 2)
# create authentication header
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
# simple diff to create a node way and relation using placeholders
diff = <<~CHANGESET
@@ -1773,7 +2044,7 @@ module Api
end
# create authentication header
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
# simple diff to create a node way and relation using placeholders
diff = <<~CHANGESET
@@ -1814,7 +2085,7 @@ module Api
:max_lat => (0.5 * GeoRecord::SCALE).round, :max_lon => (2.5 * GeoRecord::SCALE).round)
# create authentication header
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
# simple diff to create a node
diff = <<~CHANGESET
@@ -1848,7 +2119,7 @@ module Api
:max_lat => (0.5 * GeoRecord::SCALE).round, :max_lon => (2.5 * GeoRecord::SCALE).round)
# create authentication header
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
# simple diff to create a node way and relation using placeholders
diff = <<~CHANGESET
@@ -1874,23 +2145,23 @@ module Api
node = create(:node)
## First try with a non-public user, which should get a forbidden
- auth_header = basic_authorization_header create(:user, :data_public => false).email, "test"
+ auth_header = bearer_authorization_header create(:user, :data_public => false)
# create a temporary changeset
xml = "" \
"" \
""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :forbidden
## Now try with a normal user
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
# create a temporary changeset
xml = "" \
"" \
""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :success
changeset_id = @response.body.to_i
@@ -1929,13 +2200,13 @@ module Api
#
# NOTE: the error turned out to be something else completely!
def test_josm_upload
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
# create a temporary changeset
xml = "" \
"" \
""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :success
changeset_id = @response.body.to_i
@@ -1990,13 +2261,13 @@ module Api
node = create(:node)
node2 = create(:node)
way = create(:way)
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
# create a temporary changeset
xml = "" \
"" \
""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :success
changeset_id = @response.body.to_i
@@ -2105,18 +2376,18 @@ module Api
way = create(:way)
create(:way_node, :way => way, :node => create(:node, :lat => 0.3, :lon => 0.3))
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
# create a new changeset
xml = ""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :success, "Creating of changeset failed."
changeset_id = @response.body.to_i
# add a single node to it
with_controller(NodesController.new) do
xml = ""
- put node_create_path, :params => xml, :headers => auth_header
+ post api_nodes_path, :params => xml, :headers => auth_header
assert_response :success, "Couldn't create node."
end
@@ -2131,7 +2402,7 @@ module Api
# add another node to it
with_controller(NodesController.new) do
xml = ""
- put node_create_path, :params => xml, :headers => auth_header
+ post api_nodes_path, :params => xml, :headers => auth_header
assert_response :success, "Couldn't create second node."
end
@@ -2159,249 +2430,6 @@ module Api
assert_select "osm>changeset[max_lat='0.3000000']", 1
end
- ##
- # test the query functionality of changesets
- def test_query
- private_user = create(:user, :data_public => false)
- private_user_changeset = create(:changeset, :user => private_user)
- private_user_closed_changeset = create(:changeset, :closed, :user => private_user)
- user = create(:user)
- changeset = create(:changeset, :user => user)
- closed_changeset = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 1, 1, 0, 0, 0), :closed_at => Time.utc(2008, 1, 2, 0, 0, 0))
- changeset2 = create(:changeset, :min_lat => (5 * GeoRecord::SCALE).round, :min_lon => (5 * GeoRecord::SCALE).round, :max_lat => (15 * GeoRecord::SCALE).round, :max_lon => (15 * GeoRecord::SCALE).round)
- changeset3 = create(:changeset, :min_lat => (4.5 * GeoRecord::SCALE).round, :min_lon => (4.5 * GeoRecord::SCALE).round, :max_lat => (5 * GeoRecord::SCALE).round, :max_lon => (5 * GeoRecord::SCALE).round)
-
- get changesets_path(:bbox => "-10,-10, 10, 10")
- assert_response :success, "can't get changesets in bbox"
- assert_changesets [changeset2, changeset3]
-
- get changesets_path(:bbox => "4.5,4.5,4.6,4.6")
- assert_response :success, "can't get changesets in bbox"
- assert_changesets [changeset3]
-
- # not found when looking for changesets of non-existing users
- get changesets_path(:user => User.maximum(:id) + 1)
- assert_response :not_found
- assert_equal "text/plain", @response.media_type
- get changesets_path(:display_name => " ")
- assert_response :not_found
- assert_equal "text/plain", @response.media_type
-
- # can't get changesets of user 1 without authenticating
- get changesets_path(:user => private_user.id)
- assert_response :not_found, "shouldn't be able to get changesets by non-public user (ID)"
- get changesets_path(:display_name => private_user.display_name)
- assert_response :not_found, "shouldn't be able to get changesets by non-public user (name)"
-
- # but this should work
- auth_header = basic_authorization_header private_user.email, "test"
- get changesets_path(:user => private_user.id), :headers => auth_header
- assert_response :success, "can't get changesets by user ID"
- assert_changesets [private_user_changeset, private_user_closed_changeset]
-
- get changesets_path(:display_name => private_user.display_name), :headers => auth_header
- assert_response :success, "can't get changesets by user name"
- assert_changesets [private_user_changeset, private_user_closed_changeset]
-
- # test json endpoint
- get changesets_path(:display_name => private_user.display_name), :headers => auth_header, :params => { :format => "json" }
- assert_response :success, "can't get changesets by user name"
-
- js = ActiveSupport::JSON.decode(@response.body)
- assert_not_nil js
-
- assert_equal Settings.api_version, js["version"]
- assert_equal Settings.generator, js["generator"]
- assert_equal 2, js["changesets"].count
-
- # check that the correct error is given when we provide both UID and name
- get changesets_path(:user => private_user.id,
- :display_name => private_user.display_name), :headers => auth_header
- assert_response :bad_request, "should be a bad request to have both ID and name specified"
-
- get changesets_path(:user => private_user.id, :open => true), :headers => auth_header
- assert_response :success, "can't get changesets by user and open"
- assert_changesets [private_user_changeset]
-
- get changesets_path(:time => "2007-12-31"), :headers => auth_header
- assert_response :success, "can't get changesets by time-since"
- assert_changesets [private_user_changeset, private_user_closed_changeset, changeset, closed_changeset, changeset2, changeset3]
-
- get changesets_path(:time => "2008-01-01T12:34Z"), :headers => auth_header
- assert_response :success, "can't get changesets by time-since with hour"
- assert_changesets [private_user_changeset, private_user_closed_changeset, changeset, closed_changeset, changeset2, changeset3]
-
- get changesets_path(:time => "2007-12-31T23:59Z,2008-01-02T00:01Z"), :headers => auth_header
- assert_response :success, "can't get changesets by time-range"
- assert_changesets [closed_changeset]
-
- get changesets_path(:open => "true"), :headers => auth_header
- assert_response :success, "can't get changesets by open-ness"
- assert_changesets [private_user_changeset, changeset, changeset2, changeset3]
-
- get changesets_path(:closed => "true"), :headers => auth_header
- assert_response :success, "can't get changesets by closed-ness"
- assert_changesets [private_user_closed_changeset, closed_changeset]
-
- get changesets_path(:closed => "true", :user => private_user.id), :headers => auth_header
- assert_response :success, "can't get changesets by closed-ness and user"
- assert_changesets [private_user_closed_changeset]
-
- get changesets_path(:closed => "true", :user => user.id), :headers => auth_header
- assert_response :success, "can't get changesets by closed-ness and user"
- assert_changesets [closed_changeset]
-
- get changesets_path(:changesets => "#{private_user_changeset.id},#{changeset.id},#{closed_changeset.id}"), :headers => auth_header
- assert_response :success, "can't get changesets by id (as comma-separated string)"
- assert_changesets [private_user_changeset, changeset, closed_changeset]
-
- get changesets_path(:changesets => ""), :headers => auth_header
- assert_response :bad_request, "should be a bad request since changesets is empty"
- end
-
- ##
- # test the query functionality of changesets with the limit parameter
- def test_query_limit
- user = create(:user)
- changeset1 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 1, 1, 0, 0, 0), :closed_at => Time.utc(2008, 1, 2, 0, 0, 0))
- changeset2 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 2, 1, 0, 0, 0), :closed_at => Time.utc(2008, 2, 2, 0, 0, 0))
- changeset3 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 3, 1, 0, 0, 0), :closed_at => Time.utc(2008, 3, 2, 0, 0, 0))
- changeset4 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 4, 1, 0, 0, 0), :closed_at => Time.utc(2008, 4, 2, 0, 0, 0))
- changeset5 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 5, 1, 0, 0, 0), :closed_at => Time.utc(2008, 5, 2, 0, 0, 0))
-
- get changesets_path
- assert_response :success
- assert_changesets_in_order [changeset5, changeset4, changeset3, changeset2, changeset1]
-
- get changesets_path(:limit => "3")
- assert_response :success
- assert_changesets_in_order [changeset5, changeset4, changeset3]
-
- get changesets_path(:limit => "0")
- assert_response :bad_request
-
- get changesets_path(:limit => Settings.max_changeset_query_limit)
- assert_response :success
- assert_changesets_in_order [changeset5, changeset4, changeset3, changeset2, changeset1]
-
- get changesets_path(:limit => Settings.max_changeset_query_limit + 1)
- assert_response :bad_request
- end
-
- ##
- # test the query functionality of sequential changesets with order and time parameters
- def test_query_order
- user = create(:user)
- changeset1 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 1, 1, 0, 0, 0), :closed_at => Time.utc(2008, 1, 2, 0, 0, 0))
- changeset2 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 2, 1, 0, 0, 0), :closed_at => Time.utc(2008, 2, 2, 0, 0, 0))
- changeset3 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 3, 1, 0, 0, 0), :closed_at => Time.utc(2008, 3, 2, 0, 0, 0))
- changeset4 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 4, 1, 0, 0, 0), :closed_at => Time.utc(2008, 4, 2, 0, 0, 0))
- changeset5 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 5, 1, 0, 0, 0), :closed_at => Time.utc(2008, 5, 2, 0, 0, 0))
- changeset6 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2008, 6, 1, 0, 0, 0), :closed_at => Time.utc(2008, 6, 2, 0, 0, 0))
-
- get changesets_path
- assert_response :success
- assert_changesets_in_order [changeset6, changeset5, changeset4, changeset3, changeset2, changeset1]
-
- get changesets_path(:order => "oldest")
- assert_response :success
- assert_changesets_in_order [changeset1, changeset2, changeset3, changeset4, changeset5, changeset6]
-
- [
- # lower time bound at the opening time of a changeset
- ["2008-02-01T00:00:00Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3, changeset2], [changeset5, changeset4, changeset3, changeset2]],
- # lower time bound in the middle of a changeset
- ["2008-02-01T12:00:00Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3, changeset2], [changeset5, changeset4, changeset3]],
- # lower time bound at the closing time of a changeset
- ["2008-02-02T00:00:00Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3, changeset2], [changeset5, changeset4, changeset3]],
- # lower time bound after the closing time of a changeset
- ["2008-02-02T00:00:01Z", "2008-05-15T00:00:00Z", [changeset5, changeset4, changeset3], [changeset5, changeset4, changeset3]],
- # upper time bound in the middle of a changeset
- ["2007-09-09T12:00:00Z", "2008-04-01T12:00:00Z", [changeset4, changeset3, changeset2, changeset1], [changeset4, changeset3, changeset2, changeset1]],
- # empty range
- ["2009-02-02T00:00:01Z", "2018-05-15T00:00:00Z", [], []]
- ].each do |from, to, interval_changesets, point_changesets|
- get changesets_path(:time => "#{from},#{to}")
- assert_response :success
- assert_changesets_in_order interval_changesets
-
- get changesets_path(:from => from, :to => to)
- assert_response :success
- assert_changesets_in_order point_changesets
-
- get changesets_path(:from => from, :to => to, :order => "oldest")
- assert_response :success
- assert_changesets_in_order point_changesets.reverse
- end
- end
-
- ##
- # test the query functionality of overlapping changesets with order and time parameters
- def test_query_order_overlapping
- user = create(:user)
- changeset1 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 4, 17, 0, 0), :closed_at => Time.utc(2015, 6, 4, 17, 0, 0))
- changeset2 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 4, 16, 0, 0), :closed_at => Time.utc(2015, 6, 4, 18, 0, 0))
- changeset3 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 4, 14, 0, 0), :closed_at => Time.utc(2015, 6, 4, 20, 0, 0))
- changeset4 = create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 3, 23, 0, 0), :closed_at => Time.utc(2015, 6, 4, 23, 0, 0))
- create(:changeset, :closed, :user => user, :created_at => Time.utc(2015, 6, 2, 23, 0, 0), :closed_at => Time.utc(2015, 6, 3, 23, 0, 0))
-
- get changesets_path(:time => "2015-06-04T00:00:00Z")
- assert_response :success
- assert_changesets_in_order [changeset1, changeset2, changeset3, changeset4]
-
- get changesets_path(:from => "2015-06-04T00:00:00Z")
- assert_response :success
- assert_changesets_in_order [changeset1, changeset2, changeset3]
-
- get changesets_path(:from => "2015-06-04T00:00:00Z", :order => "oldest")
- assert_response :success
- assert_changesets_in_order [changeset3, changeset2, changeset1]
-
- get changesets_path(:time => "2015-06-04T16:00:00Z,2015-06-04T17:30:00Z")
- assert_response :success
- assert_changesets_in_order [changeset1, changeset2, changeset3, changeset4]
-
- get changesets_path(:from => "2015-06-04T16:00:00Z", :to => "2015-06-04T17:30:00Z")
- assert_response :success
- assert_changesets_in_order [changeset1, changeset2]
-
- get changesets_path(:from => "2015-06-04T16:00:00Z", :to => "2015-06-04T17:30:00Z", :order => "oldest")
- assert_response :success
- assert_changesets_in_order [changeset2, changeset1]
- end
-
- ##
- # check that errors are returned if garbage is inserted
- # into query strings
- def test_query_invalid
- ["abracadabra!",
- "1,2,3,F",
- ";drop table users;"].each do |bbox|
- get changesets_path(:bbox => bbox)
- assert_response :bad_request, "'#{bbox}' isn't a bbox"
- end
-
- ["now()",
- "00-00-00",
- ";drop table users;",
- ",",
- "-,-"].each do |time|
- get changesets_path(:time => time)
- assert_response :bad_request, "'#{time}' isn't a valid time range"
- end
-
- ["me",
- "foobar",
- "-1",
- "0"].each do |uid|
- get changesets_path(:user => uid)
- assert_response :bad_request, "'#{uid}' isn't a valid user ID"
- end
-
- get changesets_path(:order => "oldest", :time => "2008-01-01T00:00Z,2018-01-01T00:00Z")
- assert_response :bad_request, "cannot use order=oldest with time"
- end
-
##
# check updating tags on a changeset
def test_changeset_update
@@ -2422,12 +2450,12 @@ module Api
assert_response :unauthorized
# try with the wrong authorization
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
put changeset_show_path(private_changeset), :params => new_changeset.to_s, :headers => auth_header
assert_response :conflict
# now this should get an unauthorized
- auth_header = basic_authorization_header private_user.email, "test"
+ auth_header = bearer_authorization_header private_user
put changeset_show_path(private_changeset), :params => new_changeset.to_s, :headers => auth_header
assert_require_public_data "user with their data non-public, shouldn't be able to edit their changeset"
@@ -2443,12 +2471,12 @@ module Api
assert_response :unauthorized
# try with the wrong authorization
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
put changeset_show_path(changeset), :params => new_changeset.to_s, :headers => auth_header
assert_response :conflict
# now this should work...
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
put changeset_show_path(changeset), :params => new_changeset.to_s, :headers => auth_header
assert_response :success
@@ -2461,7 +2489,7 @@ module Api
# check that a user different from the one who opened the changeset
# can't modify it.
def test_changeset_update_invalid
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
changeset = create(:changeset)
new_changeset = create_changeset_xml(:user => changeset.user, :id => changeset.id)
@@ -2479,14 +2507,14 @@ module Api
## FIXME should be changed to an integration test due to the with_controller
def test_changeset_limits
user = create(:user)
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
# create an old changeset to ensure we have the maximum rate limit
create(:changeset, :user => user, :created_at => Time.now.utc - 28.days)
# open a new changeset
xml = ""
- put changeset_create_path, :params => xml, :headers => auth_header
+ post api_changesets_path, :params => xml, :headers => auth_header
assert_response :success, "can't create a new changeset"
cs_id = @response.body.to_i
@@ -2501,7 +2529,7 @@ module Api
with_controller(NodesController.new) do
# create a new node
xml = ""
- put node_create_path, :params => xml, :headers => auth_header
+ post api_nodes_path, :params => xml, :headers => auth_header
assert_response :success, "can't create a new node"
node_id = @response.body.to_i
@@ -2560,7 +2588,7 @@ module Api
##
# test subscribe success
def test_subscribe_success
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
changeset = create(:changeset, :closed)
assert_difference "changeset.subscribers.count", 1 do
@@ -2588,7 +2616,7 @@ module Api
end
assert_response :unauthorized
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
# bad changeset id
assert_no_difference "changeset.subscribers.count" do
@@ -2609,7 +2637,7 @@ module Api
# test unsubscribe success
def test_unsubscribe_success
user = create(:user)
- auth_header = basic_authorization_header user.email, "test"
+ auth_header = bearer_authorization_header user
changeset = create(:changeset, :closed)
changeset.subscribers.push(user)
@@ -2638,7 +2666,7 @@ module Api
end
assert_response :unauthorized
- auth_header = basic_authorization_header create(:user).email, "test"
+ auth_header = bearer_authorization_header
# bad changeset id
assert_no_difference "changeset.subscribers.count" do
@@ -2658,16 +2686,20 @@ module Api
##
# check that the output consists of one specific changeset
- def assert_single_changeset(changeset)
- assert_select "osm>changeset", 1
- assert_select "osm>changeset>@id", changeset.id.to_s
- assert_select "osm>changeset>@created_at", changeset.created_at.xmlschema
- if changeset.open?
- assert_select "osm>changeset>@open", "true"
- assert_select "osm>changeset>@closed_at", 0
- else
- assert_select "osm>changeset>@open", "false"
- assert_select "osm>changeset>@closed_at", changeset.closed_at.xmlschema
+ def assert_single_changeset(changeset, &)
+ assert_dom "> changeset", 1 do
+ assert_dom "> @id", changeset.id.to_s
+ assert_dom "> @created_at", changeset.created_at.xmlschema
+ if changeset.open?
+ assert_dom "> @open", "true"
+ assert_dom "> @closed_at", 0
+ else
+ assert_dom "> @open", "false"
+ assert_dom "> @closed_at", changeset.closed_at.xmlschema
+ end
+ assert_dom "> @comments_count", changeset.comments.length.to_s
+ assert_dom "> @changes_count", changeset.num_changes.to_s
+ yield if block_given?
end
end
@@ -2681,15 +2713,8 @@ module Api
assert_not js["changeset"]["open"]
assert_equal changeset.closed_at.xmlschema, js["changeset"]["closed_at"]
end
- end
-
- ##
- # check that certain changesets exist in the output
- def assert_changesets(changesets)
- assert_select "osm>changeset", changesets.size
- changesets.each do |changeset|
- assert_select "osm>changeset[id='#{changeset.id}']", 1
- end
+ assert_equal changeset.comments.length, js["changeset"]["comments_count"]
+ assert_equal changeset.num_changes, js["changeset"]["changes_count"]
end
##