X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/b6c354b31b8e7963bbd384045cb72cd3a88c613e..5449cf4adcc1fad4b9f43426e6d3e4a8f65e6fbb:/test/functional/changeset_controller_test.rb diff --git a/test/functional/changeset_controller_test.rb b/test/functional/changeset_controller_test.rb index d81bf46b8..932d685bb 100644 --- a/test/functional/changeset_controller_test.rb +++ b/test/functional/changeset_controller_test.rb @@ -4,14 +4,6 @@ require 'changeset_controller' class ChangesetControllerTest < ActionController::TestCase api_fixtures - def basic_authorization(user, pass) - @request.env["HTTP_AUTHORIZATION"] = "Basic %s" % Base64.encode64("#{user}:#{pass}") - end - - def content(c) - @request.env["RAW_POST_DATA"] = c.to_s - end - # ----------------------- # Test simple changeset creation # ----------------------- @@ -26,7 +18,19 @@ class ChangesetControllerTest < ActionController::TestCase put :create assert_response :success, "Creation of changeset did not return sucess status" - newid = @response.body + newid = @response.body.to_i + + # check end time, should be an hour ahead of creation time + cs = Changeset.find(newid) + duration = cs.closed_at - cs.created_at + # the difference can either be a rational, or a floating point number + # of seconds, depending on the code path taken :-( + if duration.class == Rational + assert_equal Rational(1,24), duration , "initial idle timeout should be an hour (#{cs.created_at} -> #{cs.closed_at})" + else + # must be number of seconds... + assert_equal 3600, duration.round, "initial idle timeout should be an hour (#{cs.created_at} -> #{cs.closed_at})" + end end def test_create_invalid @@ -36,6 +40,18 @@ class ChangesetControllerTest < ActionController::TestCase assert_response :bad_request, "creating a invalid changeset should fail" end + def test_create_invalid_no_content + basic_authorization "test@openstreetmap.org", "test" + put :create + assert_response :bad_request, "creating a changeset with no content should fail" + end + + def test_create_wrong_method + basic_authorization "test@openstreetmap.org", "test" + get :create + assert_response :method_not_allowed + end + ## # check that the changeset can be read and returns the correct # document structure. @@ -48,8 +64,29 @@ class ChangesetControllerTest < ActionController::TestCase assert_select "osm>changeset[id=#{changeset_id}]", 1 end + ## + # test that the user who opened a change can close it def test_close - # FIXME FIXME FIXME! + basic_authorization "test@openstreetmap.org", "test" + + cs_id = changesets(:normal_user_first_change).id + put :close, :id => cs_id + assert_response :success + + # test that it really is closed now + cs = Changeset.find(cs_id) + assert(!cs.is_open?, + "changeset should be closed now (#{cs.closed_at} > #{Time.now}.") + end + + ## + # test that a different user can't close another user's changeset + def test_close_invalid + basic_authorization "test@example.com", "test" + + put :close, :id => changesets(:normal_user_first_change).id + assert_response :conflict + assert_equal "The user doesn't own that changeset", @response.body end ## @@ -172,6 +209,11 @@ EOF assert_response :success, "can't upload a deletion diff to changeset: #{@response.body}" + # check the response is well-formed + assert_select "diffResult>node", 1 + assert_select "diffResult>way", 1 + assert_select "diffResult>relation", 2 + # check that everything was deleted assert_equal false, Node.find(current_nodes(:node_used_by_relationship).id).visible assert_equal false, Way.find(current_ways(:used_way).id).visible @@ -179,6 +221,45 @@ EOF assert_equal false, Relation.find(current_relations(:used_relation).id).visible end + ## + # test uploading a delete with no lat/lon, as they are optional in + # the osmChange spec. + def test_upload_nolatlon_delete + basic_authorization "test@openstreetmap.org", "test" + + node = current_nodes(:visible_node) + cs = changesets(:normal_user_first_change) + diff = "" + + # upload it + content diff + post :upload, :id => cs.id + assert_response :success, + "can't upload a deletion diff to changeset: #{@response.body}" + + # check the response is well-formed + assert_select "diffResult>node", 1 + + # check that everything was deleted + assert_equal false, Node.find(node.id).visible + end + + def test_repeated_changeset_create + 30.times do + basic_authorization "test@openstreetmap.org", "test" + + # create a temporary changeset + content "" + + "" + + "" + assert_difference('Changeset.count', 1) do + put :create + end + assert_response :success + changeset_id = @response.body.to_i + end + end + ## # test that deleting stuff in a transaction doesn't bypass the checks # to ensure that used elements are not deleted. @@ -283,7 +364,7 @@ EOF - + @@ -334,6 +415,11 @@ EOF post :upload, :id => 1 assert_response :success, "can't upload multiple versions of an element in a diff: #{@response.body}" + + # check the response is well-formed. its counter-intuitive, but the + # API will return multiple elements with the same ID and different + # version numbers for each change we made. + assert_select "diffResult>node", 8 end ## @@ -396,6 +482,193 @@ EOF assert_equal @response.body, "Unknown action ping, choices are create, modify, delete." end + ## + # upload a valid changeset which has a mixture of whitespace + # to check a bug reported by ivansanchez (#1565). + def test_upload_whitespace_valid + basic_authorization "test@openstreetmap.org", "test" + + diff = < + + + + + + + +EOF + + # upload it + content diff + post :upload, :id => 1 + assert_response :success, + "can't upload a valid diff with whitespace variations to changeset: #{@response.body}" + + # check the response is well-formed + assert_select "diffResult>node", 2 + assert_select "diffResult>relation", 1 + + # check that the changes made it into the database + assert_equal 1, Node.find(1).tags.size, "node 1 should now have one tag" + assert_equal 0, Relation.find(1).tags.size, "relation 1 should now have no tags" + end + + ## + # upload a valid changeset which has a mixture of whitespace + # to check a bug reported by ivansanchez. + def test_upload_reuse_placeholder_valid + basic_authorization "test@openstreetmap.org", "test" + + diff = < + + + + + + + + + + + + +EOF + + # upload it + content diff + post :upload, :id => 1 + assert_response :success, + "can't upload a valid diff with re-used placeholders to changeset: #{@response.body}" + + # check the response is well-formed + assert_select "diffResult>node", 3 + assert_select "diffResult>node[old_id=-1]", 3 + end + + ## + # test what happens if a diff upload re-uses placeholder IDs in an + # illegal way. + def test_upload_placeholder_invalid + basic_authorization "test@openstreetmap.org", "test" + + diff = < + + + + + + +EOF + + # upload it + content diff + post :upload, :id => 1 + assert_response :bad_request, + "shouldn't be able to re-use placeholder IDs" + end + + ## + # test what happens if a diff is uploaded containing only a node + # move. + def test_upload_node_move + basic_authorization "test@openstreetmap.org", "test" + + content "" + + "" + + "" + put :create + assert_response :success + changeset_id = @response.body.to_i + + old_node = current_nodes(:visible_node) + + diff = XML::Document.new + diff.root = XML::Node.new "osmChange" + modify = XML::Node.new "modify" + xml_old_node = old_node.to_xml_node + xml_old_node["lat"] = (2.0).to_s + xml_old_node["lon"] = (2.0).to_s + xml_old_node["changeset"] = changeset_id.to_s + modify << xml_old_node + diff.root << modify + + # upload it + content diff + post :upload, :id => changeset_id + assert_response :success, + "diff should have uploaded OK" + + # check the bbox + changeset = Changeset.find(changeset_id) + assert_equal 1*SCALE, changeset.min_lon, "min_lon should be 1 degree" + assert_equal 2*SCALE, changeset.max_lon, "max_lon should be 2 degrees" + assert_equal 1*SCALE, changeset.min_lat, "min_lat should be 1 degree" + assert_equal 2*SCALE, changeset.max_lat, "max_lat should be 2 degrees" + end + + ## + # test what happens if a diff is uploaded adding a node to a way. + def test_upload_way_extend + basic_authorization "test@openstreetmap.org", "test" + + content "" + + "" + + "" + put :create + assert_response :success + changeset_id = @response.body.to_i + + old_way = current_ways(:visible_way) + + diff = XML::Document.new + diff.root = XML::Node.new "osmChange" + modify = XML::Node.new "modify" + xml_old_way = old_way.to_xml_node + nd_ref = XML::Node.new "nd" + nd_ref["ref"] = current_nodes(:visible_node).id.to_s + xml_old_way << nd_ref + xml_old_way["changeset"] = changeset_id.to_s + modify << xml_old_way + diff.root << modify + + # upload it + content diff + post :upload, :id => changeset_id + assert_response :success, + "diff should have uploaded OK" + + # check the bbox + changeset = Changeset.find(changeset_id) + assert_equal 1*SCALE, changeset.min_lon, "min_lon should be 1 degree" + assert_equal 3*SCALE, changeset.max_lon, "max_lon should be 3 degrees" + assert_equal 1*SCALE, changeset.min_lat, "min_lat should be 1 degree" + assert_equal 3*SCALE, changeset.max_lat, "max_lat should be 3 degrees" + end + + ## + # test for more issues in #1568 + def test_upload_empty_invalid + basic_authorization "test@openstreetmap.org", "test" + + [ "", + "", + "", + "" + ].each do |diff| + # upload it + content diff + post :upload, :id => 1 + assert_response(:success, "should be able to upload " + + "empty changeset: " + diff) + end + end + ## # when we make some simple changes we get the same changes back from the # diff download. @@ -440,6 +713,67 @@ EOF assert_select "osmChange>modify>node", 8 end + ## + # culled this from josm to ensure that nothing in the way that josm + # is formatting the request is causing it to fail. + # + # NOTE: the error turned out to be something else completely! + def test_josm_upload + basic_authorization(users(:normal_user).email, "test") + + # create a temporary changeset + content "" + + "" + + "" + put :create + assert_response :success + changeset_id = @response.body.to_i + + diff = < + + + + + + + + + + + + + + + + + + + + + + + + + +OSM + + # upload it + content diff + post :upload, :id => changeset_id + assert_response :success, + "can't upload a diff from JOSM: #{@response.body}" + + get :download, :id => changeset_id + assert_response :success + + assert_select "osmChange", 1 + assert_select "osmChange>create>node", 9 + assert_select "osmChange>create>way", 1 + assert_select "osmChange>create>way>nd", 9 + assert_select "osmChange>create>way>tag", 2 + end + ## # when we make some complex changes we get the same changes back from the # diff download. @@ -537,7 +871,7 @@ EOF assert_select "osm>changeset[min_lat=1.0]", 1 assert_select "osm>changeset[max_lat=2.0]", 1 - # add (delete) a way to it + # add (delete) a way to it, which contains a point at (3,3) with_controller(WayController.new) do content update_changeset(current_ways(:visible_way).to_xml, changeset_id) @@ -548,6 +882,7 @@ EOF # get the bounding box back from the changeset get :read, :id => changeset_id assert_response :success, "Couldn't read back changeset for the third time." + # note that the 3.1 here is because of the bbox overexpansion assert_select "osm>changeset[min_lon=1.0]", 1 assert_select "osm>changeset[max_lon=3.1]", 1 assert_select "osm>changeset[min_lat=1.0]", 1 @@ -577,22 +912,222 @@ EOF end ## - # check searching for changesets by bbox - def test_changeset_by_bbox + # test the query functionality of changesets + def test_query get :query, :bbox => "-10,-10, 10, 10" assert_response :success, "can't get changesets in bbox" - # FIXME: write the actual test bit after fixing the fixtures! + assert_changesets [1,4,6] + + get :query, :bbox => "4.5,4.5,4.6,4.6" + assert_response :success, "can't get changesets in bbox" + assert_changesets [1] + + # can't get changesets of user 1 without authenticating + get :query, :user => users(:normal_user).id + assert_response :not_found, "shouldn't be able to get changesets by non-public user" + + # but this should work + basic_authorization "test@openstreetmap.org", "test" + get :query, :user => users(:normal_user).id + assert_response :success, "can't get changesets by user" + assert_changesets [1,3,4,6] + + get :query, :user => users(:normal_user).id, :open => true + assert_response :success, "can't get changesets by user and open" + assert_changesets [1,4] + + get :query, :time => '2007-12-31' + assert_response :success, "can't get changesets by time-since" + assert_changesets [1,2,4,5,6] + + get :query, :time => '2008-01-01T12:34Z' + assert_response :success, "can't get changesets by time-since with hour" + assert_changesets [1,2,4,5,6] + + get :query, :time => '2007-12-31T23:59Z,2008-01-01T00:01Z' + assert_response :success, "can't get changesets by time-range" + assert_changesets [1,4,5,6] + + get :query, :open => 'true' + assert_response :success, "can't get changesets by open-ness" + assert_changesets [1,2,4] + end + + ## + # check that errors are returned if garbage is inserted + # into query strings + def test_query_invalid + [ "abracadabra!", + "1,2,3,F", + ";drop table users;" + ].each do |bbox| + get :query, :bbox => bbox + assert_response :bad_request, "'#{bbox}' isn't a bbox" + end + + [ "now()", + "00-00-00", + ";drop table users;", + ",", + "-,-" + ].each do |time| + get :query, :time => time + assert_response :bad_request, "'#{time}' isn't a valid time range" + end + + [ "me", + "foobar", + "-1", + "0" + ].each do |uid| + get :query, :user => uid + assert_response :bad_request, "'#{uid}' isn't a valid user ID" + end end + ## + # check updating tags on a changeset + def test_changeset_update + changeset = changesets(:normal_user_first_change) + new_changeset = changeset.to_xml + new_tag = XML::Node.new "tag" + new_tag['k'] = "tagtesting" + new_tag['v'] = "valuetesting" + new_changeset.find("//osm/changeset").first << new_tag + content new_changeset + + # try without any authorization + put :update, :id => changeset.id + assert_response :unauthorized + + # try with the wrong authorization + basic_authorization "test@example.com", "test" + put :update, :id => changeset.id + assert_response :conflict + + # now this should work... + basic_authorization "test@openstreetmap.org", "test" + put :update, :id => changeset.id + assert_response :success + + assert_select "osm>changeset[id=#{changeset.id}]", 1 + assert_select "osm>changeset>tag", 2 + assert_select "osm>changeset>tag[k=tagtesting][v=valuetesting]", 1 + end + + ## + # check that a user different from the one who opened the changeset + # can't modify it. + def test_changeset_update_invalid + basic_authorization "test@example.com", "test" + + changeset = changesets(:normal_user_first_change) + new_changeset = changeset.to_xml + new_tag = XML::Node.new "tag" + new_tag['k'] = "testing" + new_tag['v'] = "testing" + new_changeset.find("//osm/changeset").first << new_tag + + content new_changeset + put :update, :id => changeset.id + assert_response :conflict + end + + ## + # check that a changeset can contain a certain max number of changes. + def test_changeset_limits + basic_authorization "test@openstreetmap.org", "test" + + # open a new changeset + content "" + put :create + assert_response :success, "can't create a new changeset" + cs_id = @response.body.to_i + + # start the counter just short of where the changeset should finish. + offset = 10 + # alter the database to set the counter on the changeset directly, + # otherwise it takes about 6 minutes to fill all of them. + changeset = Changeset.find(cs_id) + changeset.num_changes = Changeset::MAX_ELEMENTS - offset + changeset.save! + + with_controller(NodeController.new) do + # create a new node + content "" + put :create + assert_response :success, "can't create a new node" + node_id = @response.body.to_i + + get :read, :id => node_id + assert_response :success, "can't read back new node" + node_doc = XML::Parser.string(@response.body).parse + node_xml = node_doc.find("//osm/node").first + + # loop until we fill the changeset with nodes + offset.times do |i| + node_xml['lat'] = rand.to_s + node_xml['lon'] = rand.to_s + node_xml['version'] = (i+1).to_s + + content node_doc + put :update, :id => node_id + assert_response :success, "attempt #{i} should have succeeded" + end + + # trying again should fail + node_xml['lat'] = rand.to_s + node_xml['lon'] = rand.to_s + node_xml['version'] = offset.to_s + + content node_doc + put :update, :id => node_id + assert_response :conflict, "final attempt should have failed" + end + + changeset = Changeset.find(cs_id) + assert_equal Changeset::MAX_ELEMENTS + 1, changeset.num_changes + + # check that the changeset is now closed as well + assert(!changeset.is_open?, + "changeset should have been auto-closed by exceeding " + + "element limit.") + end + + # This should display the last 20 changesets closed. + def test_list + @changesets = Changeset.find(:all, :order => "created_at DESC", :conditions => ['min_lat IS NOT NULL'], :limit=> 20) + assert @changesets.size <= 20 + get :list + assert_response :success + assert_template "list" + # Now check that all 20 (or however many were returned) changesets are in the html + assert_select "h1", :text => "Recent Changes", :count => 1 + assert_select "table[id='keyvalue'] tr", :count => @changesets.size + 1 + @changesets.each do |changeset| + # FIXME this test needs rewriting - test for table contents + end + end + #------------------------------------------------------------ # utility functions #------------------------------------------------------------ + ## + # boilerplate for checking that certain changesets exist in the + # output. + def assert_changesets(ids) + assert_select "osm>changeset", ids.size + ids.each do |id| + assert_select "osm>changeset[id=#{id}]", 1 + end + end + ## # call the include method and assert properties of the bbox def check_after_include(changeset_id, lon, lat, bbox) content "" - post :include, :id => changeset_id + post :expand_bbox, :id => changeset_id assert_response :success, "Setting include of changeset failed: #{@response.body}" # check exactly one changeset