From: Eric Davis <edavis@littlestreamsoftware.com>
Date: Fri, 5 Nov 2010 17:49:25 +0000 (+0000)
Subject: Allow key authentication when deleting issues (with tests) #6447
X-Git-Tag: 1.1.0~208
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=c55e060bab6236b37de96267476fd6c09d8be30e;p=redmine.git

Allow key authentication when deleting issues (with tests) #6447

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4367 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
index 8f0409a9d..799352218 100644
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -27,7 +27,7 @@ class IssuesController < ApplicationController
   before_filter :find_optional_project, :only => [:index]
   before_filter :check_for_default_issue_status, :only => [:new, :create]
   before_filter :build_new_issue_from_params, :only => [:new, :create]
-  accept_key_auth :index, :show, :create, :update
+  accept_key_auth :index, :show, :create, :update, :destroy
 
   rescue_from Query::StatementInvalid, :with => :query_statement_invalid
   
diff --git a/test/integration/api_test/issues_test.rb b/test/integration/api_test/issues_test.rb
index 55f78e86b..60ee66bb9 100644
--- a/test/integration/api_test/issues_test.rb
+++ b/test/integration/api_test/issues_test.rb
@@ -301,32 +301,32 @@ class ApiTest::IssuesTest < ActionController::IntegrationTest
   end
 
   context "DELETE /issues/1.xml" do
-    setup do
-      @issue_count = Issue.count
-      delete '/issues/1.xml', {}, :authorization => credentials('jsmith')
-    end
-
-    should_respond_with :ok
-    should_respond_with_content_type 'application/xml'
+    should_allow_api_authentication(:delete,
+                                    '/issues/6.xml',
+                                    {},
+                                    {:success_code => :ok})
 
     should "delete the issue" do
-      assert_equal Issue.count, @issue_count -1
-      assert_nil Issue.find_by_id(1)
+      assert_difference('Issue.count',-1) do
+        delete '/issues/6.xml', {}, :authorization => credentials('jsmith')
+      end
+      
+      assert_nil Issue.find_by_id(6)
     end
   end
 
   context "DELETE /issues/1.json" do
-    setup do
-      @issue_count = Issue.count
-      delete '/issues/1.json', {}, :authorization => credentials('jsmith')
-    end
-
-    should_respond_with :ok
-    should_respond_with_content_type 'application/json'
+    should_allow_api_authentication(:delete,
+                                    '/issues/6.json',
+                                    {},
+                                    {:success_code => :ok})
 
     should "delete the issue" do
-      assert_equal Issue.count, @issue_count -1
-      assert_nil Issue.find_by_id(1)
+      assert_difference('Issue.count',-1) do
+        delete '/issues/6.json', {}, :authorization => credentials('jsmith')
+      end
+      
+      assert_nil Issue.find_by_id(6)
     end
   end