def self.authenticate(options)
if options[:username] and options[:password]
- environment = Rails.configuration.environment
- adapter = Rails.configuration.database_configuration[environment]["adapter"]
- if adapter == "postgresql"
- user = find(:first, :conditions => ["email ILIKE ? OR display_name ILIKE ?", options[:username], options[:username]])
- else
- user = find(:first, :conditions => ["email = ? OR display_name = ?", options[:username], options[:username]])
- end
+ user = find(:first, :conditions => ["email = ? OR display_name = ?", options[:username], options[:username]])
user = nil if user and user.pass_crypt != OSM::encrypt_password(options[:password], user.pass_salt)
elsif options[:token]
token = UserToken.find(:first, :include => :user, :conditions => ["user_tokens.token = ?", options[:token]])
# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
-# The normal user's email is intentionally capitalised that way to
-# check that the login is case insensitive
normal_user:
id: 1
- email: test@OpenStreetMap.org
+ email: test@openstreetmap.org
active: true
pass_crypt: <%= Digest::MD5.hexdigest('test') %>
creation_time: "2007-01-01 00:00:00"
def test_user_create
get :new
assert_response :success
- assert_template 'new'
assert_select "html:root", :count => 1 do
assert_select "head", :count => 1 do
get :api_details
assert_response :unauthorized
- # Private users can login and get the api details
- usr = users(:normal_user)
- basic_authorization(usr.email, "test")
+ basic_authorization(users(:normal_user).email, "test")
get :api_details
assert_response :success
- # Now check the content of the XML returned
- print @response.body
- assert_select "osm:root[version=#{API_VERSION}][generator='#{GENERATOR}']", :count => 1 do
- assert_select "user[display_name='#{usr.display_name}'][account_created='#{usr.creation_time.xmlschema}']", :count => 1 do
- assert_select "home[lat='#{usr.home_lat}'][lon='#{usr.home_lon}'][zoom='#{usr.home_zoom}']", :count => 1
- end
- end
-
- end
-
- # Check that we can login through the web using the mixed case fixture,
- # lower case and upper case
- def test_user_login_web_case
- login_web_case_ok users(:normal_user).email, "test"
- login_web_case_ok users(:normal_user).email.upcase, "test"
- login_web_case_ok users(:normal_user).email.downcase, "test"
- end
-
- def login_web_case_ok(userstring, password)
- post :login, :user => {:email => userstring, :password => password}
- assert_redirected_to :controller => 'site', :action => 'index'
- end
-
- # Check that we can login to the api, and get the user details
- # using the mixed case fixture, lower case and upper case
- def test_user_login_api_case
- login_api_case_ok users(:normal_user).email, "test"
- login_api_case_ok users(:normal_user).email.upcase, "test"
- login_api_case_ok users(:normal_user).email.downcase, "test"
- end
-
- def login_api_case_ok(userstring, password)
- basic_authorization(userstring, password)
- get :api_details
- assert :success
end
end