X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/783b5e3729228908d7404ae7404af1023501a906..6094a97ce6297d390e5bbf733f5c2b4cc6b2076c:/test/controllers/api/user_preferences_controller_test.rb?ds=sidebyside
diff --git a/test/controllers/api/user_preferences_controller_test.rb b/test/controllers/api/user_preferences_controller_test.rb
index 99dad9597..816be9b6e 100644
--- a/test/controllers/api/user_preferences_controller_test.rb
+++ b/test/controllers/api/user_preferences_controller_test.rb
@@ -1,44 +1,48 @@
require "test_helper"
module Api
- class UserPreferencesControllerTest < ActionController::TestCase
+ class UserPreferencesControllerTest < ActionDispatch::IntegrationTest
##
# test all routes which lead to this controller
def test_routes
assert_routing(
{ :path => "/api/0.6/user/preferences", :method => :get },
- { :controller => "api/user_preferences", :action => "read" }
+ { :controller => "api/user_preferences", :action => "index" }
+ )
+ assert_routing(
+ { :path => "/api/0.6/user/preferences.json", :method => :get },
+ { :controller => "api/user_preferences", :action => "index", :format => "json" }
)
assert_routing(
{ :path => "/api/0.6/user/preferences", :method => :put },
- { :controller => "api/user_preferences", :action => "update" }
+ { :controller => "api/user_preferences", :action => "update_all" }
)
assert_routing(
{ :path => "/api/0.6/user/preferences/key", :method => :get },
- { :controller => "api/user_preferences", :action => "read_one", :preference_key => "key" }
+ { :controller => "api/user_preferences", :action => "show", :preference_key => "key" }
)
assert_routing(
{ :path => "/api/0.6/user/preferences/key", :method => :put },
- { :controller => "api/user_preferences", :action => "update_one", :preference_key => "key" }
+ { :controller => "api/user_preferences", :action => "update", :preference_key => "key" }
)
assert_routing(
{ :path => "/api/0.6/user/preferences/key", :method => :delete },
- { :controller => "api/user_preferences", :action => "delete_one", :preference_key => "key" }
+ { :controller => "api/user_preferences", :action => "destroy", :preference_key => "key" }
)
end
##
- # test read action
- def test_read
+ # test showing all preferences
+ def test_index
# first try without auth
- get :read
+ get user_preferences_path
assert_response :unauthorized, "should be authenticated"
# authenticate as a user with no preferences
- basic_authorization create(:user).email, "test"
+ auth_header = bearer_authorization_header
# try the read again
- get :read
+ get user_preferences_path, :headers => auth_header
assert_select "osm" do
assert_select "preferences", :count => 1 do
assert_select "preference", :count => 0
@@ -49,12 +53,12 @@ module Api
user = create(:user)
user_preference = create(:user_preference, :user => user)
user_preference2 = create(:user_preference, :user => user)
- basic_authorization user.email, "test"
+ auth_header = bearer_authorization_header(user)
# try the read again
- get :read
+ get user_preferences_path, :headers => auth_header
assert_response :success
- assert_equal "application/xml", @response.content_type
+ assert_equal "application/xml", @response.media_type
assert_select "osm" do
assert_select "preferences", :count => 1 do
assert_select "preference", :count => 2
@@ -62,42 +66,52 @@ module Api
assert_select "preference[k=\"#{user_preference2.k}\"][v=\"#{user_preference2.v}\"]", :count => 1
end
end
+
+ # Test json
+ get user_preferences_path(:format => "json"), :headers => auth_header
+ assert_response :success
+ assert_equal "application/json", @response.media_type
+
+ js = ActiveSupport::JSON.decode(@response.body)
+ assert_not_nil js
+ assert_equal 2, js["preferences"].count
+ assert_equal user_preference.v, js["preferences"][user_preference.k]
end
##
- # test read_one action
- def test_read_one
+ # test showing one preference
+ def test_show
user = create(:user)
create(:user_preference, :user => user, :k => "key", :v => "value")
# try a read without auth
- get :read_one, :params => { :preference_key => "key" }
+ get user_preference_path(:preference_key => "key")
assert_response :unauthorized, "should be authenticated"
# authenticate as a user with preferences
- basic_authorization user.email, "test"
+ auth_header = bearer_authorization_header(user)
# try the read again
- get :read_one, :params => { :preference_key => "key" }
+ get user_preference_path(:preference_key => "key"), :headers => auth_header
assert_response :success
- assert_equal "text/plain", @response.content_type
+ assert_equal "text/plain", @response.media_type
assert_equal "value", @response.body
# try the read again for a non-existent key
- get :read_one, :params => { :preference_key => "unknown_key" }
+ get user_preference_path(:preference_key => "unknown_key"), :headers => auth_header
assert_response :not_found
end
##
- # test update action
- def test_update
+ # test bulk update action
+ def test_update_all
user = create(:user)
create(:user_preference, :user => user, :k => "key", :v => "value")
create(:user_preference, :user => user, :k => "some_key", :v => "some_value")
# try a put without auth
assert_no_difference "UserPreference.count" do
- put :update, :body => ""
+ put user_preferences_path, :params => ""
end
assert_response :unauthorized, "should be authenticated"
assert_equal "value", UserPreference.find([user.id, "key"]).v
@@ -107,14 +121,14 @@ module Api
end
# authenticate as a user with preferences
- basic_authorization user.email, "test"
+ auth_header = bearer_authorization_header(user)
# try the put again
assert_no_difference "UserPreference.count" do
- put :update, :body => ""
+ put user_preferences_path, :params => "", :headers => auth_header
end
assert_response :success
- assert_equal "text/plain", @response.content_type
+ assert_equal "text/plain", @response.media_type
assert_equal "", @response.body
assert_equal "new_value", UserPreference.find([user.id, "key"]).v
assert_equal "value", UserPreference.find([user.id, "new_key"]).v
@@ -124,29 +138,42 @@ module Api
# try a put with duplicate keys
assert_no_difference "UserPreference.count" do
- put :update, :body => ""
+ put user_preferences_path, :params => "", :headers => auth_header
end
assert_response :bad_request
- assert_equal "text/plain", @response.content_type
+ assert_equal "text/plain", @response.media_type
assert_equal "Duplicate preferences with key key", @response.body
assert_equal "new_value", UserPreference.find([user.id, "key"]).v
# try a put with invalid content
assert_no_difference "UserPreference.count" do
- put :update, :body => "nonsense"
+ put user_preferences_path, :params => "nonsense", :headers => auth_header
end
assert_response :bad_request
+
+ # try a put with unicode characters
+ assert_no_difference "UserPreference.count" do
+ put user_preferences_path, :params => "", :headers => auth_header
+ end
+ assert_response :success
+ assert_equal "text/plain", @response.media_type
+ assert_equal "", @response.body
+ assert_equal "néw_vâlué", UserPreference.find([user.id, "kêy"]).v
+ assert_equal "vâlué", UserPreference.find([user.id, "nêw_kêy"]).v
+ assert_raises ActiveRecord::RecordNotFound do
+ UserPreference.find([user.id, "some_key"])
+ end
end
##
- # test update_one action
- def test_update_one
+ # test update action
+ def test_update
user = create(:user)
create(:user_preference, :user => user)
# try a put without auth
assert_no_difference "UserPreference.count" do
- put :update_one, :params => { :preference_key => "new_key" }, :body => "new_value"
+ put user_preference_path(:preference_key => "new_key"), :params => "new_value"
end
assert_response :unauthorized, "should be authenticated"
assert_raises ActiveRecord::RecordNotFound do
@@ -154,49 +181,58 @@ module Api
end
# authenticate as a user with preferences
- basic_authorization user.email, "test"
+ auth_header = bearer_authorization_header(user)
# try adding a new preference
assert_difference "UserPreference.count", 1 do
- put :update_one, :params => { :preference_key => "new_key" }, :body => "new_value"
+ put user_preference_path(:preference_key => "new_key"), :params => "new_value", :headers => auth_header
end
assert_response :success
- assert_equal "text/plain", @response.content_type
+ assert_equal "text/plain", @response.media_type
assert_equal "", @response.body
assert_equal "new_value", UserPreference.find([user.id, "new_key"]).v
# try changing the value of a preference
assert_no_difference "UserPreference.count" do
- put :update_one, :params => { :preference_key => "new_key" }, :body => "newer_value"
+ put user_preference_path(:preference_key => "new_key"), :params => "newer_value", :headers => auth_header
end
assert_response :success
- assert_equal "text/plain", @response.content_type
+ assert_equal "text/plain", @response.media_type
assert_equal "", @response.body
assert_equal "newer_value", UserPreference.find([user.id, "new_key"]).v
+
+ # try changing the value of a preference to include unicode characters
+ assert_difference "UserPreference.count", 1 do
+ put user_preference_path(:preference_key => "nêw_kêy"), :params => "néwèr_vâlué", :headers => auth_header
+ end
+ assert_response :success
+ assert_equal "text/plain", @response.media_type
+ assert_equal "", @response.body
+ assert_equal "néwèr_vâlué", UserPreference.find([user.id, "nêw_kêy"]).v
end
##
- # test delete_one action
- def test_delete_one
+ # test destroy action
+ def test_destroy
user = create(:user)
create(:user_preference, :user => user, :k => "key", :v => "value")
# try a delete without auth
assert_no_difference "UserPreference.count" do
- delete :delete_one, :params => { :preference_key => "key" }
+ delete user_preference_path(:preference_key => "key")
end
assert_response :unauthorized, "should be authenticated"
assert_equal "value", UserPreference.find([user.id, "key"]).v
# authenticate as a user with preferences
- basic_authorization user.email, "test"
+ auth_header = bearer_authorization_header(user)
# try the delete again
assert_difference "UserPreference.count", -1 do
- get :delete_one, :params => { :preference_key => "key" }
+ delete user_preference_path(:preference_key => "key"), :headers => auth_header
end
assert_response :success
- assert_equal "text/plain", @response.content_type
+ assert_equal "text/plain", @response.media_type
assert_equal "", @response.body
assert_raises ActiveRecord::RecordNotFound do
UserPreference.find([user.id, "key"])
@@ -204,7 +240,7 @@ module Api
# try the delete again for the same key
assert_no_difference "UserPreference.count" do
- get :delete_one, :params => { :preference_key => "key" }
+ delete user_preference_path(:preference_key => "key"), :headers => auth_header
end
assert_response :not_found
assert_raises ActiveRecord::RecordNotFound do
@@ -214,32 +250,24 @@ module Api
# Ensure that a valid access token with correct capabilities can be used to
# read preferences
- def test_read_one_using_token
+ def test_show_using_token
user = create(:user)
- token = create(:access_token, :user => user, :allow_read_prefs => true)
+ auth_header = bearer_authorization_header(user, :scopes => %w[read_prefs])
create(:user_preference, :user => user, :k => "key", :v => "value")
- # Hack together an oauth request - an alternative would be to sign the request properly
- @request.env["oauth.version"] = 1
- @request.env["oauth.strategies"] = [:token]
- @request.env["oauth.token"] = token
-
- get :read_one, :params => { :preference_key => "key" }
+ get user_preference_path(:preference_key => "key"), :headers => auth_header
assert_response :success
end
# Ensure that a valid access token with incorrect capabilities can't be used
# to read preferences even, though the owner of that token could read them
# by other methods.
- def test_read_one_using_token_fail
+ def test_show_using_token_fail
user = create(:user)
- token = create(:access_token, :user => user, :allow_read_prefs => false)
+ auth_header = bearer_authorization_header(user, :scopes => %w[])
create(:user_preference, :user => user, :k => "key", :v => "value")
- @request.env["oauth.version"] = 1
- @request.env["oauth.strategies"] = [:token]
- @request.env["oauth.token"] = token
- get :read_one, :params => { :preference_key => "key" }
+ get user_preference_path(:preference_key => "key"), :headers => auth_header
assert_response :forbidden
end
end