Sufficient permissions are granted by the basic authorisation, so this
isn't testing anything.
# authenticate as a user with no preferences
basic_authorization create(:user).email, "test"
# authenticate as a user with no preferences
basic_authorization create(:user).email, "test"
- grant_oauth_token :allow_read_prefs
# try the read again
get :read
# try the read again
get :read
# authenticate as a user with preferences
basic_authorization user.email, "test"
# authenticate as a user with preferences
basic_authorization user.email, "test"
- grant_oauth_token :allow_read_prefs
# try the read again
get :read_one, :params => { :preference_key => "key" }
# try the read again
get :read_one, :params => { :preference_key => "key" }
# authenticate as a user with preferences
basic_authorization user.email, "test"
# authenticate as a user with preferences
basic_authorization user.email, "test"
- grant_oauth_token :allow_write_prefs
# try the put again
assert_no_difference "UserPreference.count" do
# try the put again
assert_no_difference "UserPreference.count" do
# authenticate as a user with preferences
basic_authorization user.email, "test"
# authenticate as a user with preferences
basic_authorization user.email, "test"
- grant_oauth_token :allow_write_prefs
# try adding a new preference
assert_difference "UserPreference.count", 1 do
# try adding a new preference
assert_difference "UserPreference.count", 1 do
# authenticate as a user with preferences
basic_authorization user.email, "test"
# authenticate as a user with preferences
basic_authorization user.email, "test"
- grant_oauth_token :allow_write_prefs
# try the delete again
assert_difference "UserPreference.count", -1 do
# try the delete again
assert_difference "UserPreference.count", -1 do
@request.env["HTTP_AUTHORIZATION"] = format("Basic %{auth}", :auth => Base64.encode64("#{user}:#{pass}"))
end
@request.env["HTTP_AUTHORIZATION"] = format("Basic %{auth}", :auth => Base64.encode64("#{user}:#{pass}"))
end
- ##
- # set oauth token permissions
- def grant_oauth_token(*tokens)
- request.env["oauth.token"] = AccessToken.new do |token|
- tokens.each do |t|
- token.public_send("#{t}=", true)
- end
- end
- end
-
##
# set request readers to ask for a particular error format
def error_format(format)
##
# set request readers to ask for a particular error format
def error_format(format)