From: Eric Davis Date: Fri, 5 Nov 2010 17:49:20 +0000 (+0000) Subject: Allow key authentication when updating issues (with tests) #6447 X-Git-Tag: 1.1.0~209 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=7d934c984ae85b50e53a6444cd8916d560e2a528;p=redmine.git Allow key authentication when updating issues (with tests) #6447 git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4366 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb index e8511bc60..8f0409a9d 100644 --- a/app/controllers/issues_controller.rb +++ b/app/controllers/issues_controller.rb @@ -27,7 +27,7 @@ class IssuesController < ApplicationController before_filter :find_optional_project, :only => [:index] before_filter :check_for_default_issue_status, :only => [:new, :create] before_filter :build_new_issue_from_params, :only => [:new, :create] - accept_key_auth :index, :show, :create + accept_key_auth :index, :show, :create, :update rescue_from Query::StatementInvalid, :with => :query_statement_invalid diff --git a/test/integration/api_test/issues_test.rb b/test/integration/api_test/issues_test.rb index 2cee8c9be..55f78e86b 100644 --- a/test/integration/api_test/issues_test.rb +++ b/test/integration/api_test/issues_test.rb @@ -160,120 +160,141 @@ class ApiTest::IssuesTest < ActionController::IntegrationTest end end - context "PUT /issues/1.xml" do + # Issue 6 is on a private project + context "PUT /issues/6.xml" do setup do - @issue_count = Issue.count - @journal_count = Journal.count - @attributes = {:subject => 'API update', :notes => 'A new note'} - - put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith') + @parameters = {:issue => {:subject => 'API update', :notes => 'A new note'}} + @headers = { :authorization => credentials('jsmith') } end - should_respond_with :ok - should_respond_with_content_type 'application/xml' + should_allow_api_authentication(:put, + '/issues/6.xml', + {:issue => {:subject => 'API update', :notes => 'A new note'}}, + {:success_code => :ok}) should "not create a new issue" do - assert_equal Issue.count, @issue_count + assert_no_difference('Issue.count') do + put '/issues/6.xml', @parameters, @headers + end end should "create a new journal" do - assert_equal Journal.count, @journal_count + 1 + assert_difference('Journal.count') do + put '/issues/6.xml', @parameters, @headers + end end should "add the note to the journal" do + put '/issues/6.xml', @parameters, @headers + journal = Journal.last assert_equal "A new note", journal.notes end should "update the issue" do - issue = Issue.find(1) - @attributes.each do |attribute, value| - assert_equal value, issue.send(attribute) unless attribute == :notes - end + put '/issues/6.xml', @parameters, @headers + + issue = Issue.find(6) + assert_equal "API update", issue.subject end end - context "PUT /issues/1.xml with failed update" do + context "PUT /issues/6.xml with failed update" do setup do - @attributes = {:subject => ''} - @issue_count = Issue.count - @journal_count = Journal.count - - put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith') + @parameters = {:issue => {:subject => ''}} + @headers = { :authorization => credentials('jsmith') } end - - should_respond_with :unprocessable_entity - should_respond_with_content_type 'application/xml' - + + should_allow_api_authentication(:put, + '/issues/6.xml', + {:issue => {:subject => ''}}, # Missing subject should fail + {:success_code => :unprocessable_entity}) + should "not create a new issue" do - assert_equal Issue.count, @issue_count + assert_no_difference('Issue.count') do + put '/issues/6.xml', @parameters, @headers + end end should "not create a new journal" do - assert_equal Journal.count, @journal_count + assert_no_difference('Journal.count') do + put '/issues/6.xml', @parameters, @headers + end end should "have an errors tag" do + put '/issues/6.xml', @parameters, @headers + assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} end end - context "PUT /issues/1.json" do + context "PUT /issues/6.json" do setup do - @issue_count = Issue.count - @journal_count = Journal.count - @attributes = {:subject => 'API update', :notes => 'A new note'} - - put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith') + @parameters = {:issue => {:subject => 'API update', :notes => 'A new note'}} + @headers = { :authorization => credentials('jsmith') } end - should_respond_with :ok - should_respond_with_content_type 'application/json' + should_allow_api_authentication(:put, + '/issues/6.json', + {:issue => {:subject => 'API update', :notes => 'A new note'}}, + {:success_code => :ok}) should "not create a new issue" do - assert_equal Issue.count, @issue_count + assert_no_difference('Issue.count') do + put '/issues/6.json', @parameters, @headers + end end should "create a new journal" do - assert_equal Journal.count, @journal_count + 1 + assert_difference('Journal.count') do + put '/issues/6.json', @parameters, @headers + end end should "add the note to the journal" do + put '/issues/6.json', @parameters, @headers + journal = Journal.last assert_equal "A new note", journal.notes end should "update the issue" do - issue = Issue.find(1) - @attributes.each do |attribute, value| - assert_equal value, issue.send(attribute) unless attribute == :notes - end + put '/issues/6.json', @parameters, @headers + + issue = Issue.find(6) + assert_equal "API update", issue.subject end - + end - context "PUT /issues/1.json with failed update" do + context "PUT /issues/6.json with failed update" do setup do - @attributes = {:subject => ''} - @issue_count = Issue.count - @journal_count = Journal.count - - put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith') + @parameters = {:issue => {:subject => ''}} + @headers = { :authorization => credentials('jsmith') } end - - should_respond_with :unprocessable_entity - should_respond_with_content_type 'application/json' - + + should_allow_api_authentication(:put, + '/issues/6.json', + {:issue => {:subject => ''}}, # Missing subject should fail + {:success_code => :unprocessable_entity}) + should "not create a new issue" do - assert_equal Issue.count, @issue_count + assert_no_difference('Issue.count') do + put '/issues/6.json', @parameters, @headers + end end should "not create a new journal" do - assert_equal Journal.count, @journal_count + assert_no_difference('Journal.count') do + put '/issues/6.json', @parameters, @headers + end end should "have an errors attribute" do + put '/issues/6.json', @parameters, @headers + json = ActiveSupport::JSON.decode(response.body) assert_equal "can't be blank", json.first['subject'] end diff --git a/test/test_helper.rb b/test/test_helper.rb index 09e600f27..ade46aa7c 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -401,8 +401,8 @@ class ActiveSupport::TestCase # Checks that the response is a valid JSON string def self.should_be_a_valid_json_string - should "be a valid JSON string" do - assert ActiveSupport::JSON.decode(response.body) + should "be a valid JSON string (or empty)" do + assert (response.body.blank? || ActiveSupport::JSON.decode(response.body)) end end