X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/53817fa9e8d955df0891d156f21b7269b4ed08fc..69abc1310245adab250083aafc015a716a884a93:/test/test_helper.rb diff --git a/test/test_helper.rb b/test/test_helper.rb index 60edf6e0c..79d5d0d33 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -133,53 +133,17 @@ module ActiveSupport assert_equal a.tags, b.tags, "tags on node #{a.id}" end - ## - # return request header for HTTP Basic Authorization - def basic_authorization_header(user, pass) - { "Authorization" => format("Basic %s", :auth => Base64.encode64("#{user}:#{pass}")) } - end - ## # return request header for HTTP Bearer Authorization - def bearer_authorization_header(token) - { "Authorization" => "Bearer #{token}" } - end - - ## - # make an OAuth signed request - def signed_request(method, uri, options = {}) - uri = URI.parse(uri) - uri.scheme ||= "http" - uri.host ||= "www.example.com" - - oauth = options.delete(:oauth) - params = options.fetch(:params, {}).transform_keys(&:to_s) - - oauth[:consumer] ||= oauth[:token].client_application - - helper = OAuth::Client::Helper.new(nil, oauth) - - request = OAuth::RequestProxy.proxy( - "method" => method.to_s.upcase, - "uri" => uri, - "parameters" => params.merge(helper.oauth_parameters) - ) - - request.sign!(oauth) - - method(method).call(request.signed_uri, **options) - end + def bearer_authorization_header(token_or_user = nil, scopes: Oauth::SCOPES) + token = case token_or_user + when nil then create(:oauth_access_token, :scopes => scopes).token + when User then create(:oauth_access_token, :resource_owner_id => token_or_user.id, :scopes => scopes).token + when Doorkeeper::AccessToken then token_or_user.token + when String then token_or_user + end - ## - # make an OAuth signed GET request - def signed_get(uri, options = {}) - signed_request(:get, uri, options) - end - - ## - # make an OAuth signed POST request - def signed_post(uri, options = {}) - signed_request(:post, uri, options) + { "Authorization" => "Bearer #{token}" } end ## @@ -205,7 +169,7 @@ module ActiveSupport ## # Not sure this is the best response we could give def assert_inactive_user(msg = "an inactive user shouldn't be able to access the API") - assert_response :unauthorized, msg + assert_response :forbidden, msg # assert_equal @response.headers['Error'], "" end @@ -376,12 +340,48 @@ module ActiveSupport Settings.merge!(saved_settings) end - def with_user_account_deletion_delay(value, &block) + def with_user_account_deletion_delay(value, &) freeze_time - with_settings(:user_account_deletion_delay => value, &block) + with_settings(:user_account_deletion_delay => value, &) ensure unfreeze_time end + + # This is a convenience method for checks of resources rendered in a map view sidebar + # First we check that when we don't have an id, it will correctly return a 404 + # then we check that we get the correct 404 when a non-existant id is passed + # then we check that it will get a successful response, when we do pass an id + def sidebar_browse_check(path, id, template) + path_method = method(path) + + assert_raise ActionController::UrlGenerationError do + get path_method.call + end + + assert_raise ActionController::UrlGenerationError do + get path_method.call(:id => -10) # we won't have an id that's negative + end + + get path_method.call(:id => 0) + assert_response :not_found + assert_template "browse/not_found" + assert_template :layout => "map" + + get path_method.call(:id => 0), :xhr => true + assert_response :not_found + assert_template "browse/not_found" + assert_template :layout => "xhr" + + get path_method.call(:id => id) + assert_response :success + assert_template template + assert_template :layout => "map" + + get path_method.call(:id => id), :xhr => true + assert_response :success + assert_template template + assert_template :layout => "xhr" + end end end