X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/e731dd71a77ad4ad1e9db22535e89444bb98e5d9..f1fc31d485eb310781600645df43b3f45a76fd57:/test/controllers/api/permissions_controller_test.rb?ds=sidebyside diff --git a/test/controllers/api/permissions_controller_test.rb b/test/controllers/api/permissions_controller_test.rb index eb1bfed16..cca85b404 100644 --- a/test/controllers/api/permissions_controller_test.rb +++ b/test/controllers/api/permissions_controller_test.rb @@ -1,7 +1,7 @@ require "test_helper" module Api - class PermissionsControllerTest < ActionController::TestCase + class PermissionsControllerTest < ActionDispatch::IntegrationTest ## # test all routes which lead to this controller def test_routes @@ -9,19 +9,32 @@ module Api { :path => "/api/0.6/permissions", :method => :get }, { :controller => "api/permissions", :action => "show" } ) + assert_routing( + { :path => "/api/0.6/permissions.json", :method => :get }, + { :controller => "api/permissions", :action => "show", :format => "json" } + ) end def test_permissions_anonymous - get :show + get permissions_path assert_response :success assert_select "osm > permissions", :count => 1 do assert_select "permission", :count => 0 end + + # Test json + get permissions_path(:format => "json") + assert_response :success + assert_equal "application/json", @response.media_type + + js = ActiveSupport::JSON.decode(@response.body) + assert_not_nil js + assert_equal 0, js["permissions"].count end def test_permissions_basic_auth - basic_authorization create(:user).email, "test" - get :show + auth_header = basic_authorization_header create(:user).email, "test" + get permissions_path, :headers => auth_header assert_response :success assert_select "osm > permissions", :count => 1 do assert_select "permission", :count => ClientApplication.all_permissions.size @@ -29,16 +42,41 @@ module Api assert_select "permission[name='#{p}']", :count => 1 end end + + # Test json + get permissions_path(:format => "json"), :headers => auth_header + assert_response :success + assert_equal "application/json", @response.media_type + + js = ActiveSupport::JSON.decode(@response.body) + assert_not_nil js + assert_equal ClientApplication.all_permissions.size, js["permissions"].count + ClientApplication.all_permissions.each do |p| + assert_includes js["permissions"], p.to_s + end end - def test_permissions_oauth - @request.env["oauth.token"] = AccessToken.new do |token| - # Just to test a few - token.allow_read_prefs = true - token.allow_write_api = true - token.allow_read_gpx = false + def test_permissions_oauth1 + token = create(:access_token, + :allow_read_prefs => true, + :allow_write_api => true, + :allow_read_gpx => false) + signed_get permissions_path, :oauth => { :token => token } + assert_response :success + assert_select "osm > permissions", :count => 1 do + assert_select "permission", :count => 2 + assert_select "permission[name='allow_read_prefs']", :count => 1 + assert_select "permission[name='allow_write_api']", :count => 1 + assert_select "permission[name='allow_read_gpx']", :count => 0 end - get :show + end + + def test_permissions_oauth2 + user = create(:user) + token = create(:oauth_access_token, + :resource_owner_id => user.id, + :scopes => %w[read_prefs write_api]) + get permissions_path, :headers => bearer_authorization_header(token.token) assert_response :success assert_select "osm > permissions", :count => 1 do assert_select "permission", :count => 2