X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/783b5e3729228908d7404ae7404af1023501a906..abbd5a30d41945a41ed5c6c2012793e176f8c28a:/test/controllers/api/permissions_controller_test.rb?ds=inline diff --git a/test/controllers/api/permissions_controller_test.rb b/test/controllers/api/permissions_controller_test.rb index eb1bfed16..3101abee2 100644 --- a/test/controllers/api/permissions_controller_test.rb +++ b/test/controllers/api/permissions_controller_test.rb @@ -1,7 +1,7 @@ require "test_helper" module Api - class PermissionsControllerTest < ActionController::TestCase + class PermissionsControllerTest < ActionDispatch::IntegrationTest ## # test all routes which lead to this controller def test_routes @@ -12,7 +12,7 @@ module Api end def test_permissions_anonymous - get :show + get permissions_path assert_response :success assert_select "osm > permissions", :count => 1 do assert_select "permission", :count => 0 @@ -20,8 +20,8 @@ module Api end def test_permissions_basic_auth - basic_authorization create(:user).email, "test" - get :show + auth_header = basic_authorization_header create(:user).email, "test" + get permissions_path, :headers => auth_header assert_response :success assert_select "osm > permissions", :count => 1 do assert_select "permission", :count => ClientApplication.all_permissions.size @@ -31,14 +31,27 @@ module Api end end - def test_permissions_oauth - @request.env["oauth.token"] = AccessToken.new do |token| - # Just to test a few - token.allow_read_prefs = true - token.allow_write_api = true - token.allow_read_gpx = false + def test_permissions_oauth1 + token = create(:access_token, + :allow_read_prefs => true, + :allow_write_api => true, + :allow_read_gpx => false) + signed_get permissions_path, :oauth => { :token => token } + assert_response :success + assert_select "osm > permissions", :count => 1 do + assert_select "permission", :count => 2 + assert_select "permission[name='allow_read_prefs']", :count => 1 + assert_select "permission[name='allow_write_api']", :count => 1 + assert_select "permission[name='allow_read_gpx']", :count => 0 end - get :show + end + + def test_permissions_oauth2 + user = create(:user) + token = create(:oauth_access_token, + :resource_owner_id => user.id, + :scopes => %w[read_prefs write_api]) + get permissions_path, :headers => bearer_authorization_header(token.token) assert_response :success assert_select "osm > permissions", :count => 1 do assert_select "permission", :count => 2