X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/dbbbd62ef1982e905ceb23f1278e9b4bfdb49d5b..72b4ac50cc62fda6a64cdf425794235cce2a48e3:/test/abilities/api_capability_test.rb?ds=sidebyside diff --git a/test/abilities/api_capability_test.rb b/test/abilities/api_capability_test.rb index 8d0e682f6..10419c0f8 100644 --- a/test/abilities/api_capability_test.rb +++ b/test/abilities/api_capability_test.rb @@ -2,17 +2,7 @@ require "test_helper" -class ApiCapabilityTest < ActiveSupport::TestCase - def tokens(*toks) - AccessToken.new do |token| - toks.each do |t| - token.public_send("#{t}=", true) - end - end - end -end - -class ChangesetCommentApiCapabilityTest < ApiCapabilityTest +class ChangesetCommentApiCapabilityTest < ActiveSupport::TestCase test "as a normal user with permissionless token" do token = create(:access_token) capability = ApiCapability.new token @@ -54,7 +44,7 @@ class ChangesetCommentApiCapabilityTest < ApiCapabilityTest end end -class NoteApiCapabilityTest < ApiCapabilityTest +class NoteApiCapabilityTest < ActiveSupport::TestCase test "as a normal user with permissionless token" do token = create(:access_token) capability = ApiCapability.new token @@ -96,37 +86,41 @@ class NoteApiCapabilityTest < ApiCapabilityTest end end -class UserApiCapabilityTest < ApiCapabilityTest +class UserApiCapabilityTest < ActiveSupport::TestCase test "user preferences" do # a user with no tokens capability = ApiCapability.new nil - [:read, :read_one, :update, :update_one, :delete_one].each do |act| + [:index, :show, :update_all, :update, :destroy].each do |act| assert capability.cannot? act, UserPreference end # A user with empty tokens - capability = ApiCapability.new tokens + token = create(:access_token) + capability = ApiCapability.new token - [:read, :read_one, :update, :update_one, :delete_one].each do |act| + [:index, :show, :update_all, :update, :destroy].each do |act| assert capability.cannot? act, UserPreference end - capability = ApiCapability.new tokens(:allow_read_prefs) + token = create(:access_token, :allow_read_prefs => true) + capability = ApiCapability.new token - [:update, :update_one, :delete_one].each do |act| + [:update_all, :update, :destroy].each do |act| assert capability.cannot? act, UserPreference end - [:read, :read_one].each do |act| + [:index, :show].each do |act| assert capability.can? act, UserPreference end - capability = ApiCapability.new tokens(:allow_write_prefs) - [:read, :read_one].each do |act| + token = create(:access_token, :allow_write_prefs => true) + capability = ApiCapability.new token + + [:index, :show].each do |act| assert capability.cannot? act, UserPreference end - [:update, :update_one, :delete_one].each do |act| + [:update_all, :update, :destroy].each do |act| assert capability.can? act, UserPreference end end