X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/c8ee1351049ef1bb4d7b50d071b2a96154266d1d..9545ca4ff35ef55764d6fa5c448d2d13309f3216:/test/functional/relation_controller_test.rb diff --git a/test/functional/relation_controller_test.rb b/test/functional/relation_controller_test.rb index f52981233..8a59adb02 100644 --- a/test/functional/relation_controller_test.rb +++ b/test/functional/relation_controller_test.rb @@ -4,14 +4,6 @@ require 'relation_controller' class RelationControllerTest < ActionController::TestCase api_fixtures - def basic_authorization(user, pass) - @request.env["HTTP_AUTHORIZATION"] = "Basic %s" % Base64.encode64("#{user}:#{pass}") - end - - def content(c) - @request.env["RAW_POST_DATA"] = c.to_s - end - # ------------------------------------- # Test reading relations. # ------------------------------------- @@ -85,11 +77,63 @@ class RelationControllerTest < ActionController::TestCase # ------------------------------------- def test_create - basic_authorization "test@openstreetmap.org", "test" + basic_authorization users(:normal_user).email, "test" # put the relation in a dummy fixture changset changeset_id = changesets(:normal_user_first_change).id + # create an relation without members + content "" + put :create + # hope for forbidden, due to user + assert_response :forbidden, + "relation upload should have failed with forbidden" + + ### + # create an relation with a node as member + # This time try with a role attribute in the relation + nid = current_nodes(:used_node_1).id + content "" + + "" + + "" + put :create + # hope for forbidden due to user + assert_response :forbidden, + "relation upload did not return forbidden status" + + ### + # create an relation with a node as member, this time test that we don't + # need a role attribute to be included + nid = current_nodes(:used_node_1).id + content "" + + ""+ + "" + put :create + # hope for forbidden due to user + assert_response :forbidden, + "relation upload did not return forbidden status" + + ### + # create an relation with a way and a node as members + nid = current_nodes(:used_node_1).id + wid = current_ways(:used_way).id + content "" + + "" + + "" + + "" + put :create + # hope for forbidden, due to user + assert_response :forbidden, + "relation upload did not return success status" + + + + ## Now try with the public user + basic_authorization users(:public_user).email, "test" + + # put the relation in a dummy fixture changset + changeset_id = changesets(:public_user_first_change).id + # create an relation without members content "" put :create @@ -108,7 +152,7 @@ class RelationControllerTest < ActionController::TestCase "saved relation does not contain exactly one tag" assert_equal changeset_id, checkrelation.changeset.id, "saved relation does not belong in the changeset it was assigned to" - assert_equal users(:normal_user).id, checkrelation.changeset.user_id, + assert_equal users(:public_user).id, checkrelation.changeset.user_id, "saved relation does not belong to user that created it" assert_equal true, checkrelation.visible, "saved relation is not visible" @@ -140,7 +184,7 @@ class RelationControllerTest < ActionController::TestCase "saved relation does not contain exactly one tag" assert_equal changeset_id, checkrelation.changeset.id, "saved relation does not belong in the changeset it was assigned to" - assert_equal users(:normal_user).id, checkrelation.changeset.user_id, + assert_equal users(:public_user).id, checkrelation.changeset.user_id, "saved relation does not belong to user that created it" assert_equal true, checkrelation.visible, "saved relation is not visible" @@ -173,7 +217,7 @@ class RelationControllerTest < ActionController::TestCase "saved relation does not contain exactly one tag" assert_equal changeset_id, checkrelation.changeset.id, "saved relation does not belong in the changeset it was assigned to" - assert_equal users(:normal_user).id, checkrelation.changeset.user_id, + assert_equal users(:public_user).id, checkrelation.changeset.user_id, "saved relation does not belong to user that created it" assert_equal true, checkrelation.visible, "saved relation is not visible" @@ -206,7 +250,7 @@ class RelationControllerTest < ActionController::TestCase "saved relation does not contain exactly one tag" assert_equal changeset_id, checkrelation.changeset.id, "saved relation does not belong in the changeset it was assigned to" - assert_equal users(:normal_user).id, checkrelation.changeset.user_id, + assert_equal users(:public_user).id, checkrelation.changeset.user_id, "saved relation does not belong to user that created it" assert_equal true, checkrelation.visible, "saved relation is not visible" @@ -216,15 +260,78 @@ class RelationControllerTest < ActionController::TestCase end + # ------------------------------------ + # Test updating relations + # ------------------------------------ + + ## + # test that, when tags are updated on a relation, the correct things + # happen to the correct tables and the API gives sensible results. + # this is to test a case that gregory marler noticed and posted to + # josm-dev. + ## FIXME Move this to an integration test + def test_update_relation_tags + basic_authorization "test@example.com", "test" + rel_id = current_relations(:multi_tag_relation).id + cs_id = changesets(:public_user_first_change).id + + with_relation(rel_id) do |rel| + # alter one of the tags + tag = rel.find("//osm/relation/tag").first + tag['v'] = 'some changed value' + update_changeset(rel, cs_id) + + # check that the downloaded tags are the same as the uploaded tags... + new_version = with_update(rel) do |new_rel| + assert_tags_equal rel, new_rel + end + + # check the original one in the current_* table again + with_relation(rel_id) { |r| assert_tags_equal rel, r } + + # now check the version in the history + with_relation(rel_id, new_version) { |r| assert_tags_equal rel, r } + end + end + + ## + # test that, when tags are updated on a relation when using the diff + # upload function, the correct things happen to the correct tables + # and the API gives sensible results. this is to test a case that + # gregory marler noticed and posted to josm-dev. + def test_update_relation_tags_via_upload + basic_authorization users(:public_user).email, "test" + rel_id = current_relations(:multi_tag_relation).id + cs_id = changesets(:public_user_first_change).id + + with_relation(rel_id) do |rel| + # alter one of the tags + tag = rel.find("//osm/relation/tag").first + tag['v'] = 'some changed value' + update_changeset(rel, cs_id) + + # check that the downloaded tags are the same as the uploaded tags... + new_version = with_update_diff(rel) do |new_rel| + assert_tags_equal rel, new_rel + end + + # check the original one in the current_* table again + with_relation(rel_id) { |r| assert_tags_equal rel, r } + + # now check the version in the history + with_relation(rel_id, new_version) { |r| assert_tags_equal rel, r } + end + end + # ------------------------------------- # Test creating some invalid relations. # ------------------------------------- def test_create_invalid - basic_authorization "test@openstreetmap.org", "test" + basic_authorization users(:public_user).email, "test" # put the relation in a dummy fixture changset - changeset_id = changesets(:normal_user_first_change).id + changeset_id = changesets(:public_user_first_change).id # create a relation with non-existing node as member content "" + @@ -234,16 +341,17 @@ class RelationControllerTest < ActionController::TestCase # expect failure assert_response :precondition_failed, "relation upload with invalid node did not return 'precondition failed'" + assert_equal "Precondition failed: Relation with id cannot be saved due to Node with id 0", @response.body end # ------------------------------------- # Test creating a relation, with some invalid XML # ------------------------------------- def test_create_invalid_xml - basic_authorization "test@openstreetmap.org", "test" + basic_authorization users(:public_user).email, "test" # put the relation in a dummy fixture changeset that works - changeset_id = changesets(:normal_user_first_change).id + changeset_id = changesets(:public_user_first_change).id # create some xml that should return an error content "" + @@ -262,22 +370,73 @@ class RelationControllerTest < ActionController::TestCase # ------------------------------------- def test_delete - # first try to delete relation without auth + ## First try to delete relation without auth delete :delete, :id => current_relations(:visible_relation).id assert_response :unauthorized + + + ## Then try with the private user, to make sure that you get a forbidden + basic_authorization(users(:normal_user).email, "test") + + # this shouldn't work, as we should need the payload... + delete :delete, :id => current_relations(:visible_relation).id + assert_response :forbidden + + # try to delete without specifying a changeset + content "" + delete :delete, :id => current_relations(:visible_relation).id + assert_response :forbidden + + # try to delete with an invalid (closed) changeset + content update_changeset(current_relations(:visible_relation).to_xml, + changesets(:normal_user_closed_change).id) + delete :delete, :id => current_relations(:visible_relation).id + assert_response :forbidden + + # try to delete with an invalid (non-existent) changeset + content update_changeset(current_relations(:visible_relation).to_xml,0) + delete :delete, :id => current_relations(:visible_relation).id + assert_response :forbidden + + # this won't work because the relation is in-use by another relation + content(relations(:used_relation).to_xml) + delete :delete, :id => current_relations(:used_relation).id + assert_response :forbidden + + # this should work when we provide the appropriate payload... + content(relations(:visible_relation).to_xml) + delete :delete, :id => current_relations(:visible_relation).id + assert_response :forbidden + + # this won't work since the relation is already deleted + content(relations(:invisible_relation).to_xml) + delete :delete, :id => current_relations(:invisible_relation).id + assert_response :forbidden + + # this works now because the relation which was using this one + # has been deleted. + content(relations(:used_relation).to_xml) + delete :delete, :id => current_relations(:used_relation).id + assert_response :forbidden + + # this won't work since the relation never existed + delete :delete, :id => 0 + assert_response :forbidden - # now set auth - basic_authorization("test@openstreetmap.org", "test"); + + + ## now set auth for the public user + basic_authorization(users(:public_user).email, "test"); # this shouldn't work, as we should need the payload... delete :delete, :id => current_relations(:visible_relation).id assert_response :bad_request # try to delete without specifying a changeset - content "" + content "" delete :delete, :id => current_relations(:visible_relation).id assert_response :bad_request - assert_match(/You are missing the required changeset in the relation/, @response.body) + assert_match(/Changeset id is missing/, @response.body) # try to delete with an invalid (closed) changeset content update_changeset(current_relations(:visible_relation).to_xml, @@ -290,15 +449,28 @@ class RelationControllerTest < ActionController::TestCase delete :delete, :id => current_relations(:visible_relation).id assert_response :conflict - # this won't work because the relation is in-use by another relation + # this won't work because the relation is in a changeset owned by someone else content(relations(:used_relation).to_xml) delete :delete, :id => current_relations(:used_relation).id + assert_response :conflict, + "shouldn't be able to delete a relation in a changeset owned by someone else (#{@response.body})" + + # this won't work because the relation in the payload is different to that passed + content(relations(:public_used_relation).to_xml) + delete :delete, :id => current_relations(:used_relation).id + assert_not_equal relations(:public_used_relation).id, current_relations(:used_relation).id + assert_response :bad_request, "shouldn't be able to delete a relation when payload is different to the url" + + # this won't work because the relation is in-use by another relation + content(relations(:public_used_relation).to_xml) + delete :delete, :id => current_relations(:public_used_relation).id assert_response :precondition_failed, "shouldn't be able to delete a relation used in a relation (#{@response.body})" + assert_equal "Precondition failed: The relation 5 is used in relation 6.", @response.body # this should work when we provide the appropriate payload... - content(relations(:visible_relation).to_xml) - delete :delete, :id => current_relations(:visible_relation).id + content(relations(:multi_tag_relation).to_xml) + delete :delete, :id => current_relations(:multi_tag_relation).id assert_response :success # valid delete should return the new version number, which should @@ -310,11 +482,16 @@ class RelationControllerTest < ActionController::TestCase content(relations(:invisible_relation).to_xml) delete :delete, :id => current_relations(:invisible_relation).id assert_response :gone + + # Public visible relation needs to be deleted + content(relations(:public_visible_relation).to_xml) + delete :delete, :id => current_relations(:public_visible_relation).id + assert_response :success # this works now because the relation which was using this one # has been deleted. - content(relations(:used_relation).to_xml) - delete :delete, :id => current_relations(:used_relation).id + content(relations(:public_used_relation).to_xml) + delete :delete, :id => current_relations(:public_used_relation).id assert_response :success, "should be able to delete a relation used in an old relation (#{@response.body})" @@ -329,7 +506,7 @@ class RelationControllerTest < ActionController::TestCase def test_tag_modify_bounding_box # in current fixtures, relation 5 contains nodes 3 and 5 (node 3 # indirectly via way 3), so the bbox should be [3,3,5,5]. - check_changeset_modify([3,3,5,5]) do |changeset_id| + check_changeset_modify(BoundingBox.new(3,3,5,5)) do |changeset_id| # add a tag to an existing relation relation_xml = current_relations(:visible_relation).to_xml relation_element = relation_xml.find("//osm/relation").first @@ -352,23 +529,36 @@ class RelationControllerTest < ActionController::TestCase # add a member to a relation and check the bounding box is only that # element. def test_add_member_bounding_box - check_changeset_modify([4,4,4,4]) do |changeset_id| - # add node 4 (4,4) to an existing relation - relation_xml = current_relations(:visible_relation).to_xml - relation_element = relation_xml.find("//osm/relation").first - new_member = XML::Node.new("member") - new_member['ref'] = current_nodes(:used_node_2).id.to_s - new_member['type'] = "node" - new_member['role'] = "some_role" - relation_element << new_member + relation_id = current_relations(:visible_relation).id + + [current_nodes(:used_node_1), + current_nodes(:used_node_2), + current_ways(:used_way), + current_ways(:way_with_versions) + ].each_with_index do |element, version| + bbox = element.bbox.to_unscaled + check_changeset_modify(bbox) do |changeset_id| + relation_xml = Relation.find(relation_id).to_xml + relation_element = relation_xml.find("//osm/relation").first + new_member = XML::Node.new("member") + new_member['ref'] = element.id.to_s + new_member['type'] = element.class.to_s.downcase + new_member['role'] = "some_role" + relation_element << new_member - # update changeset ID to point to new changeset - update_changeset(relation_xml, changeset_id) + # update changeset ID to point to new changeset + update_changeset(relation_xml, changeset_id) - # upload the change - content relation_xml - put :update, :id => current_relations(:visible_relation).id - assert_response :success, "can't update relation for add node/bbox test" + # upload the change + content relation_xml + put :update, :id => current_relations(:visible_relation).id + assert_response :success, "can't update relation for add #{element.class}/bbox test: #{@response.body}" + + # get it back and check the ordering + get :read, :id => relation_id + assert_response :success, "can't read back the relation: #{@response.body}" + check_ordering(relation_xml, @response.body) + end end end @@ -376,7 +566,7 @@ class RelationControllerTest < ActionController::TestCase # remove a member from a relation and check the bounding box is # only that element. def test_remove_member_bounding_box - check_changeset_modify([5,5,5,5]) do |changeset_id| + check_changeset_modify(BoundingBox.new(5,5,5,5)) do |changeset_id| # remove node 5 (5,5) from an existing relation relation_xml = current_relations(:visible_relation).to_xml relation_xml. @@ -396,11 +586,11 @@ class RelationControllerTest < ActionController::TestCase ## # check that relations are ordered def test_relation_member_ordering - basic_authorization("test@openstreetmap.org", "test"); - + basic_authorization(users(:public_user).email, "test") + doc_str = < - + @@ -440,16 +630,21 @@ OSM get :read, :id => relation_id assert_response :success, "can't read back the relation: #{@response.body}" check_ordering(doc, @response.body) + + # check the ordering in the history tables: + with_controller(OldRelationController.new) do + get :version, :id => relation_id, :version => 2 + assert_response :success, "can't read back version 2 of the relation #{relation_id}" + check_ordering(doc, @response.body) + end end ## # check that relations can contain duplicate members def test_relation_member_duplicates - basic_authorization("test@openstreetmap.org", "test"); - doc_str = < - + @@ -459,6 +654,16 @@ OSM OSM doc = XML::Parser.string(doc_str).parse + ## First try with the private user + basic_authorization(users(:normal_user).email, "test"); + + content doc + put :create + assert_response :forbidden + + ## Now try with the public user + basic_authorization(users(:public_user).email, "test"); + content doc put :create assert_response :success, "can't create a relation: #{@response.body}" @@ -466,8 +671,42 @@ OSM # get it back and check the ordering get :read, :id => relation_id + assert_response :success, "can't read back the relation: #{relation_id}" + check_ordering(doc, @response.body) + end + + ## + # test that the ordering of elements in the history is the same as in current. + def test_history_ordering + doc_str = < + + + + + + + +OSM + doc = XML::Parser.string(doc_str).parse + basic_authorization(users(:public_user).email, "test"); + + content doc + put :create + assert_response :success, "can't create a relation: #{@response.body}" + relation_id = @response.body.to_i + + # check the ordering in the current tables: + get :read, :id => relation_id assert_response :success, "can't read back the relation: #{@response.body}" check_ordering(doc, @response.body) + + # check the ordering in the history tables: + with_controller(OldRelationController.new) do + get :version, :id => relation_id, :version => 1 + assert_response :success, "can't read back version 1 of the relation: #{@response.body}" + check_ordering(doc, @response.body) + end end # ============================================================ @@ -497,8 +736,21 @@ OSM # create a changeset and yield to the caller to set it up, then assert # that the changeset bounding box is +bbox+. def check_changeset_modify(bbox) - basic_authorization("test@openstreetmap.org", "test"); + ## First test with the private user to check that you get a forbidden + basic_authorization(users(:normal_user).email, "test"); + # create a new changeset for this operation, so we are assured + # that the bounding box will be newly-generated. + changeset_id = with_controller(ChangesetController.new) do + content "" + put :create + assert_response :forbidden, "shouldn't be able to create changeset for modify test, as should get forbidden" + end + + + ## Now do the whole thing with the public user + basic_authorization(users(:public_user).email, "test") + # create a new changeset for this operation, so we are assured # that the bounding box will be newly-generated. changeset_id = with_controller(ChangesetController.new) do @@ -515,12 +767,107 @@ OSM with_controller(ChangesetController.new) do get :read, :id => changeset_id assert_response :success, "can't re-read changeset for modify test" - assert_select "osm>changeset", 1 - assert_select "osm>changeset[id=#{changeset_id}]", 1 - assert_select "osm>changeset[min_lon=#{bbox[0].to_f}]", 1 - assert_select "osm>changeset[min_lat=#{bbox[1].to_f}]", 1 - assert_select "osm>changeset[max_lon=#{bbox[2].to_f}]", 1 - assert_select "osm>changeset[max_lat=#{bbox[3].to_f}]", 1 + assert_select "osm>changeset", 1, "Changeset element doesn't exist in #{@response.body}" + assert_select "osm>changeset[id=#{changeset_id}]", 1, "Changeset id=#{changeset_id} doesn't exist in #{@response.body}" + assert_select "osm>changeset[min_lon=#{bbox.min_lon}]", 1, "Changeset min_lon wrong in #{@response.body}" + assert_select "osm>changeset[min_lat=#{bbox.min_lat}]", 1, "Changeset min_lat wrong in #{@response.body}" + assert_select "osm>changeset[max_lon=#{bbox.max_lon}]", 1, "Changeset max_lon wrong in #{@response.body}" + assert_select "osm>changeset[max_lat=#{bbox.max_lat}]", 1, "Changeset max_lat wrong in #{@response.body}" + end + end + + ## + # yields the relation with the given +id+ (and optional +version+ + # to read from the history tables) into the block. the parsed XML + # doc is returned. + def with_relation(id, ver = nil) + if ver.nil? + get :read, :id => id + else + with_controller(OldRelationController.new) do + get :version, :id => id, :version => ver + end + end + assert_response :success + yield xml_parse(@response.body) + end + + ## + # updates the relation (XML) +rel+ and + # yields the new version of that relation into the block. + # the parsed XML doc is retured. + def with_update(rel) + rel_id = rel.find("//osm/relation").first["id"].to_i + content rel + put :update, :id => rel_id + assert_response :success, "can't update relation: #{@response.body}" + version = @response.body.to_i + + # now get the new version + get :read, :id => rel_id + assert_response :success + new_rel = xml_parse(@response.body) + + yield new_rel + + return version + end + + ## + # updates the relation (XML) +rel+ via the diff-upload API and + # yields the new version of that relation into the block. + # the parsed XML doc is retured. + def with_update_diff(rel) + rel_id = rel.find("//osm/relation").first["id"].to_i + cs_id = rel.find("//osm/relation").first['changeset'].to_i + version = nil + + with_controller(ChangesetController.new) do + doc = OSM::API.new.get_xml_doc + change = XML::Node.new 'osmChange' + doc.root = change + modify = XML::Node.new 'modify' + change << modify + modify << doc.import(rel.find("//osm/relation").first) + + content doc.to_s + post :upload, :id => cs_id + assert_response :success, "can't upload diff relation: #{@response.body}" + version = xml_parse(@response.body).find("//diffResult/relation").first["new_version"].to_i + end + + # now get the new version + get :read, :id => rel_id + assert_response :success + new_rel = xml_parse(@response.body) + + yield new_rel + + return version + end + + ## + # returns a k->v hash of tags from an xml doc + def get_tags_as_hash(a) + a.find("//osm/relation/tag").inject({}) do |h,v| + h[v['k']] = v['v'] + h + end + end + + ## + # assert that all tags on relation documents +a+ and +b+ + # are equal + def assert_tags_equal(a, b) + # turn the XML doc into tags hashes + a_tags = get_tags_as_hash(a) + b_tags = get_tags_as_hash(b) + + assert_equal a_tags.keys, b_tags.keys, "Tag keys should be identical." + a_tags.each do |k, v| + assert_equal v, b_tags[k], + "Tags which were not altered should be the same. " + + "#{a_tags.inspect} != #{b_tags.inspect}" end end