X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/70d7d8d850148f714b70a3297c02a8203214dec6..8a020b3ec727b8c9fa4d819855469dd348e58ee7:/test/test_helper.rb diff --git a/test/test_helper.rb b/test/test_helper.rb index a6147ef29..79d5d0d33 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -32,6 +32,7 @@ ENV["RAILS_ENV"] = "test" require_relative "../config/environment" require "rails/test_help" require "webmock/minitest" +require "minitest/focus" unless ENV["CI"] WebMock.disable_net_connect!(:allow_localhost => true) @@ -133,46 +134,16 @@ module ActiveSupport end ## - # return request header for HTTP Basic Authorization - def basic_authorization_header(user, pass) - { "Authorization" => format("Basic %s", :auth => Base64.encode64("#{user}:#{pass}")) } - end - - ## - # make an OAuth signed request - def signed_request(method, uri, options = {}) - uri = URI.parse(uri) - uri.scheme ||= "http" - uri.host ||= "www.example.com" - - oauth = options.delete(:oauth) - params = options.fetch(:params, {}).transform_keys(&:to_s) - - oauth[:consumer] ||= oauth[:token].client_application - - helper = OAuth::Client::Helper.new(nil, oauth) - - request = OAuth::RequestProxy.proxy( - "method" => method.to_s.upcase, - "uri" => uri, - "parameters" => params.merge(helper.oauth_parameters) - ) - - request.sign!(oauth) - - method(method).call(request.signed_uri, **options) - end - - ## - # make an OAuth signed GET request - def signed_get(uri, options = {}) - signed_request(:get, uri, options) - end - - ## - # make an OAuth signed POST request - def signed_post(uri, options = {}) - signed_request(:post, uri, options) + # return request header for HTTP Bearer Authorization + def bearer_authorization_header(token_or_user = nil, scopes: Oauth::SCOPES) + token = case token_or_user + when nil then create(:oauth_access_token, :scopes => scopes).token + when User then create(:oauth_access_token, :resource_owner_id => token_or_user.id, :scopes => scopes).token + when Doorkeeper::AccessToken then token_or_user.token + when String then token_or_user + end + + { "Authorization" => "Bearer #{token}" } end ## @@ -189,7 +160,7 @@ module ActiveSupport ## # Used to check that the error header and the forbidden responses are given - # when the owner of the changset has their data not marked as public + # when the owner of the changeset has their data not marked as public def assert_require_public_data(msg = "Shouldn't be able to use API when the user's data is not public") assert_response :forbidden, msg assert_equal("You must make your edits public to upload new data", @response.headers["Error"], "Wrong error message") @@ -198,7 +169,7 @@ module ActiveSupport ## # Not sure this is the best response we could give def assert_inactive_user(msg = "an inactive user shouldn't be able to access the API") - assert_response :unauthorized, msg + assert_response :forbidden, msg # assert_equal @response.headers['Error'], "" end @@ -235,13 +206,6 @@ module ActiveSupport end end - def sign_in_as(user) - visit login_path - fill_in "username", :with => user.email - fill_in "password", :with => "test" - click_on "Login", :match => :first - end - def session_for(user) get login_path post login_path, :params => { :username => user.display_name, :password => "test" } @@ -249,7 +213,7 @@ module ActiveSupport end def xml_for_node(node) - doc = OSM::API.new.get_xml_doc + doc = OSM::API.new.xml_doc doc.root << xml_node_for_node(node) doc end @@ -258,20 +222,20 @@ module ActiveSupport el = XML::Node.new "node" el["id"] = node.id.to_s - OMHelper.add_metadata_to_xml_node(el, node, {}, {}) + add_metadata_to_xml_node(el, node, {}, {}) if node.visible? el["lat"] = node.lat.to_s el["lon"] = node.lon.to_s end - OMHelper.add_tags_to_xml_node(el, node.node_tags) + add_tags_to_xml_node(el, node.node_tags) el end def xml_for_way(way) - doc = OSM::API.new.get_xml_doc + doc = OSM::API.new.xml_doc doc.root << xml_node_for_way(way) doc end @@ -280,7 +244,7 @@ module ActiveSupport el = XML::Node.new "way" el["id"] = way.id.to_s - OMHelper.add_metadata_to_xml_node(el, way, {}, {}) + add_metadata_to_xml_node(el, way, {}, {}) # make sure nodes are output in sequence_id order ordered_nodes = [] @@ -296,13 +260,13 @@ module ActiveSupport el << node_el end - OMHelper.add_tags_to_xml_node(el, way.way_tags) + add_tags_to_xml_node(el, way.way_tags) el end def xml_for_relation(relation) - doc = OSM::API.new.get_xml_doc + doc = OSM::API.new.xml_doc doc.root << xml_node_for_relation(relation) doc end @@ -311,7 +275,7 @@ module ActiveSupport el = XML::Node.new "relation" el["id"] = relation.id.to_s - OMHelper.add_metadata_to_xml_node(el, relation, {}, {}) + add_metadata_to_xml_node(el, relation, {}, {}) relation.relation_members.each do |member| member_el = XML::Node.new "member" @@ -321,13 +285,103 @@ module ActiveSupport el << member_el end - OMHelper.add_tags_to_xml_node(el, relation.relation_tags) + add_tags_to_xml_node(el, relation.relation_tags) el end - class OMHelper - extend ObjectMetadata + def add_metadata_to_xml_node(el, osm, changeset_cache, user_display_name_cache) + el["changeset"] = osm.changeset_id.to_s + el["redacted"] = osm.redaction.id.to_s if osm.redacted? + el["timestamp"] = osm.timestamp.xmlschema + el["version"] = osm.version.to_s + el["visible"] = osm.visible.to_s + + if changeset_cache.key?(osm.changeset_id) + # use the cache if available + else + changeset_cache[osm.changeset_id] = osm.changeset.user_id + end + + user_id = changeset_cache[osm.changeset_id] + + if user_display_name_cache.key?(user_id) + # use the cache if available + elsif osm.changeset.user.data_public? + user_display_name_cache[user_id] = osm.changeset.user.display_name + else + user_display_name_cache[user_id] = nil + end + + unless user_display_name_cache[user_id].nil? + el["user"] = user_display_name_cache[user_id] + el["uid"] = user_id.to_s + end + end + + def add_tags_to_xml_node(el, tags) + tags.each do |tag| + tag_el = XML::Node.new("tag") + + tag_el["k"] = tag.k + tag_el["v"] = tag.v + + el << tag_el + end + end + + def with_settings(settings) + saved_settings = Settings.to_hash.slice(*settings.keys) + + Settings.merge!(settings) + + yield + ensure + Settings.merge!(saved_settings) + end + + def with_user_account_deletion_delay(value, &) + freeze_time + + with_settings(:user_account_deletion_delay => value, &) + ensure + unfreeze_time + end + + # This is a convenience method for checks of resources rendered in a map view sidebar + # First we check that when we don't have an id, it will correctly return a 404 + # then we check that we get the correct 404 when a non-existant id is passed + # then we check that it will get a successful response, when we do pass an id + def sidebar_browse_check(path, id, template) + path_method = method(path) + + assert_raise ActionController::UrlGenerationError do + get path_method.call + end + + assert_raise ActionController::UrlGenerationError do + get path_method.call(:id => -10) # we won't have an id that's negative + end + + get path_method.call(:id => 0) + assert_response :not_found + assert_template "browse/not_found" + assert_template :layout => "map" + + get path_method.call(:id => 0), :xhr => true + assert_response :not_found + assert_template "browse/not_found" + assert_template :layout => "xhr" + + get path_method.call(:id => id) + assert_response :success + assert_template template + assert_template :layout => "map" + + get path_method.call(:id => id), :xhr => true + assert_response :success + assert_template template + assert_template :layout => "xhr" end end end