# Renders a head API response
def render_api_head(status)
- # #head would return a response body with one space
- render :text => '', :status => status, :layout => nil
+ head :status => status
end
# Renders API response on validation failure
def check_credential
User.current = nil
unless Setting.mail_handler_api_enabled? && params[:key].to_s == Setting.mail_handler_api_key
- render :text => 'Access denied. Incoming emails WS is disabled or key is invalid.', :status => 403
+ render :plain => 'Access denied. Incoming emails WS is disabled or key is invalid.', :status => 403
end
end
end
def check_enabled
User.current = nil
unless Setting.sys_api_enabled? && params[:key].to_s == Setting.sys_api_key
- render :text => 'Access denied. Repository management WS is disabled or key is invalid.', :status => 403
+ render :plain => 'Access denied. Repository management WS is disabled or key is invalid.', :status => 403
return false
end
end
end
end
respond_to do |format|
- format.html { redirect_to_referer_or {render :text => 'Watcher added.', :layout => true}}
+ format.html { redirect_to_referer_or {render :html => 'Watcher added.', :status => 200, :layout => true}}
format.js { @users = users_for_new_watcher }
format.api { render_api_ok }
end
watchable.set_watcher(user, false)
end
respond_to do |format|
- format.html { redirect_to :back }
+ format.html { redirect_to_referer_or {render :html => 'Watcher removed.', :status => 200, :layout => true} }
format.js
format.api { render_api_ok }
end
watchable.set_watcher(user, watching)
end
respond_to do |format|
- format.html { redirect_to_referer_or {render :text => (watching ? 'Watcher added.' : 'Watcher removed.'), :layout => true}}
+ format.html {
+ text = watching ? 'Watcher added.' : 'Watcher removed.'
+ redirect_to_referer_or {render :html => text, :status => 200, :layout => true}
+ }
format.js { render :partial => 'set_watcher', :locals => {:user => user, :watched => watchables} }
end
end
post :index, :key => 'secret', :email => IO.read(File.join(FIXTURES_PATH, 'ticket_on_given_project.eml'))
end
assert_response 403
+ assert_include 'Access denied', response.body
end
def test_should_not_allow_with_wrong_key
post :index, :key => 'wrong', :email => IO.read(File.join(FIXTURES_PATH, 'ticket_on_given_project.eml'))
end
assert_response 403
+ assert_include 'Access denied', response.body
end
def test_new
with_settings :sys_api_enabled => '0' do
get :projects
assert_response 403
+ assert_include 'Access denied', response.body
end
end
with_settings :sys_api_enabled => 'my_secret_key' do
get :projects, :params => {:key => 'wrong_key'}
assert_response 403
+ assert_include 'Access denied', response.body
end
end
end
User.current = nil
end
+ def test_watch_a_single_object_as_html
+ @request.session[:user_id] = 3
+ assert_difference('Watcher.count') do
+ post :watch, :params => {:object_type => 'issue', :object_id => '1'}
+ assert_response :success
+ assert_include 'Watcher added', response.body
+ end
+ assert Issue.find(1).watched_by?(User.find(3))
+ end
+
def test_watch_a_single_object
@request.session[:user_id] = 3
assert_difference('Watcher.count') do
end
end
+ def test_unwatch_as_html
+ @request.session[:user_id] = 3
+ assert_difference('Watcher.count', -1) do
+ delete :unwatch, :params => {:object_type => 'issue', :object_id => '2'}
+ assert_response :success
+ assert_include 'Watcher removed', response.body
+ end
+ assert !Issue.find(1).watched_by?(User.find(3))
+ end
+
def test_unwatch
@request.session[:user_id] = 3
assert_difference('Watcher.count', -1) do
assert_match /ajax-modal/, response.body
end
+ def test_create_as_html
+ @request.session[:user_id] = 2
+ assert_difference('Watcher.count') do
+ post :create, :params => {
+ :object_type => 'issue', :object_id => '2',
+ :watcher => {:user_id => '4'}
+ }
+ assert_response :success
+ assert_include 'Watcher added', response.body
+ end
+ assert Issue.find(2).watched_by?(User.find(4))
+ end
+
def test_create
@request.session[:user_id] = 2
assert_difference('Watcher.count') do
assert response.body.blank?
end
+ def test_destroy_as_html
+ @request.session[:user_id] = 2
+ assert_difference('Watcher.count', -1) do
+ delete :destroy, :params => {
+ :object_type => 'issue', :object_id => '2', :user_id => '3'
+ }
+ assert_response :success
+ assert_include 'Watcher removed', response.body
+ end
+ assert !Issue.find(2).watched_by?(User.find(3))
+ end
+
def test_destroy
@request.session[:user_id] = 2
assert_difference('Watcher.count', -1) do
get '/users/1.xml', {}, credentials('admin')
assert_include '<created_on>2006-07-19T17:12:21Z</created_on>', response.body
end
+
+ def test_head_response_should_have_empty_body
+ assert_difference('Issue.count', -1) do
+ delete '/issues/6.xml', {}, credentials('jsmith')
+
+ assert_response :ok
+ assert_equal '', response.body
+ end
+ end
end