Split api changeset comment create scope and terms tests

diff --git a/test/controllers/api/changeset_comments_controller_test.rb b/test/controllers/api/changeset_comments_controller_test.rb
index b3b3d9c757d9ce0904b57930a5f314c72fae3592..c5e53ad6d23c59b8ac3d2992e1e62a34fb3deb24 100644 (file)
--- a/test/controllers/api/changeset_comments_controller_test.rb
+++ b/test/controllers/api/changeset_comments_controller_test.rb
@@ -133,6 +133,28 @@ module Api
       end
     end
 
       end
     end
 

+    def test_create_when_not_agreed_to_terms
+      user = create(:user, :terms_agreed => nil)
+      auth_header = bearer_authorization_header user
+      changeset = create(:changeset, :closed)
+
+      assert_difference "ChangesetComment.count", 0 do
+        post changeset_comment_path(changeset), :params => { :text => "This is a comment" }, :headers => auth_header
+        assert_response :forbidden
+      end
+    end
+
+    def test_create_with_write_api_scope
+      user = create(:user)
+      auth_header = bearer_authorization_header user, :scopes => %w[write_api]
+      changeset = create(:changeset, :closed)
+
+      assert_difference "ChangesetComment.count", 1 do
+        post changeset_comment_path(changeset), :params => { :text => "This is a comment" }, :headers => auth_header
+        assert_response :success
+      end
+    end
+

     ##
     # create comment rate limit for new users
     def test_create_by_new_user_with_rate_limit
     ##
     # create comment rate limit for new users
     def test_create_by_new_user_with_rate_limit


@@ -296,30 +318,5 @@ module Api
       assert_response :success
       assert comment.reload.visible
     end
       assert_response :success
       assert comment.reload.visible
     end

-
-    # This test ensures that token capabilities behave correctly for a method that
-    # requires the terms to have been agreed.
-    # (This would be better as an integration or system testcase, since the changeset_comment
-    # create method is simply a stand-in for any method that requires terms agreement.
-    # But writing oauth tests is hard, and so it's easier to put in a controller test.)
-    def test_api_write_and_terms_agreed_via_token
-      user = create(:user, :terms_agreed => nil)
-      auth_header = bearer_authorization_header(user, :scopes => %w[write_api])
-      changeset = create(:changeset, :closed)
-
-      assert_difference "ChangesetComment.count", 0 do
-        post changeset_comment_path(changeset), :params => { :text => "This is a comment" }, :headers => auth_header
-      end
-      assert_response :forbidden
-
-      # Try again, after agreement with the terms
-      user.terms_agreed = Time.now.utc
-      user.save!
-
-      assert_difference "ChangesetComment.count", 1 do
-        post changeset_comment_path(changeset), :params => { :text => "This is a comment" }, :headers => auth_header
-      end
-      assert_response :success
-    end

   end
 end
   end
 end