From: Eric Davis Date: Mon, 1 Nov 2010 15:26:05 +0000 (+0000) Subject: Move all API tests into the ApiTest module to make management easier X-Git-Tag: 1.1.0~218 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=d5fde17bf5d0b8788871f60ff08b203da527de92;p=redmine.git Move all API tests into the ApiTest module to make management easier git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4357 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/test/integration/api_test/disabled_rest_api_test.rb b/test/integration/api_test/disabled_rest_api_test.rb new file mode 100644 index 000000000..d94d14b6e --- /dev/null +++ b/test/integration/api_test/disabled_rest_api_test.rb @@ -0,0 +1,110 @@ +require "#{File.dirname(__FILE__)}/../../test_helper" + +class ApiTest::DisabledRestApiTest < ActionController::IntegrationTest + fixtures :all + + def setup + Setting.rest_api_enabled = '0' + Setting.login_required = '1' + end + + def teardown + Setting.rest_api_enabled = '1' + Setting.login_required = '0' + end + + # Using the NewsController because it's a simple API. + context "get /news with the API disabled" do + + context "in :xml format" do + context "with a valid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + get "/news.xml?key=#{@token.value}" + end + + should_respond_with :unauthorized + should_respond_with_content_type :xml + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + + context "with a valid HTTP authentication" do + setup do + @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password') + get "/news.xml", nil, :authorization => @authorization + end + + should_respond_with :unauthorized + should_respond_with_content_type :xml + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + + context "with a valid HTTP authentication using the API token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') + get "/news.xml", nil, :authorization => @authorization + end + + should_respond_with :unauthorized + should_respond_with_content_type :xml + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + + context "in :json format" do + context "with a valid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + get "/news.json?key=#{@token.value}" + end + + should_respond_with :unauthorized + should_respond_with_content_type :json + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + + context "with a valid HTTP authentication" do + setup do + @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password') + get "/news.json", nil, :authorization => @authorization + end + + should_respond_with :unauthorized + should_respond_with_content_type :json + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + + context "with a valid HTTP authentication using the API token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter') + get "/news.json", nil, :authorization => @authorization + end + + should_respond_with :unauthorized + should_respond_with_content_type :json + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + + end + end +end diff --git a/test/integration/api_test/http_basic_login_test.rb b/test/integration/api_test/http_basic_login_test.rb new file mode 100644 index 000000000..aa879f64a --- /dev/null +++ b/test/integration/api_test/http_basic_login_test.rb @@ -0,0 +1,103 @@ +require "#{File.dirname(__FILE__)}/../../test_helper" + +class ApiTest::HttpBasicLoginTest < ActionController::IntegrationTest + fixtures :all + + def setup + Setting.rest_api_enabled = '1' + Setting.login_required = '1' + end + + def teardown + Setting.rest_api_enabled = '0' + Setting.login_required = '0' + end + + # Using the NewsController because it's a simple API. + context "get /news" do + + context "in :xml format" do + context "with a valid HTTP authentication" do + setup do + @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password') + get "/news.xml", nil, :authorization => @authorization + end + + should_respond_with :success + should_respond_with_content_type :xml + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid HTTP authentication" do + setup do + @user = User.generate_with_protected! + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password') + get "/news.xml", nil, :authorization => @authorization + end + + should_respond_with :unauthorized + should_respond_with_content_type :xml + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + + context "without credentials" do + setup do + get "/projects/onlinestore/news.xml" + end + + should_respond_with :unauthorized + should_respond_with_content_type :xml + should "include_www_authenticate_header" do + assert @controller.response.headers.has_key?('WWW-Authenticate') + end + end + end + + context "in :json format" do + context "with a valid HTTP authentication" do + setup do + @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password') + get "/news.json", nil, :authorization => @authorization + end + + should_respond_with :success + should_respond_with_content_type :json + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid HTTP authentication" do + setup do + @user = User.generate_with_protected! + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password') + get "/news.json", nil, :authorization => @authorization + end + + should_respond_with :unauthorized + should_respond_with_content_type :json + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + + context "without credentials" do + setup do + get "/projects/onlinestore/news.json" + end + + should_respond_with :unauthorized + should_respond_with_content_type :json + should "include_www_authenticate_header" do + assert @controller.response.headers.has_key?('WWW-Authenticate') + end + end + end +end diff --git a/test/integration/api_test/http_basic_login_with_api_token_test.rb b/test/integration/api_test/http_basic_login_with_api_token_test.rb new file mode 100644 index 000000000..0d0d5bd0c --- /dev/null +++ b/test/integration/api_test/http_basic_login_with_api_token_test.rb @@ -0,0 +1,84 @@ +require "#{File.dirname(__FILE__)}/../../test_helper" + +class ApiTest::HttpBasicLoginWithApiTokenTest < ActionController::IntegrationTest + fixtures :all + + def setup + Setting.rest_api_enabled = '1' + Setting.login_required = '1' + end + + def teardown + Setting.rest_api_enabled = '0' + Setting.login_required = '0' + end + + # Using the NewsController because it's a simple API. + context "get /news" do + + context "in :xml format" do + context "with a valid HTTP authentication using the API token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') + get "/news.xml", nil, :authorization => @authorization + end + + should_respond_with :success + should_respond_with_content_type :xml + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid HTTP authentication" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'feeds') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') + get "/news.xml", nil, :authorization => @authorization + end + + should_respond_with :unauthorized + should_respond_with_content_type :xml + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + + context "in :json format" do + context "with a valid HTTP authentication" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter') + get "/news.json", nil, :authorization => @authorization + end + + should_respond_with :success + should_respond_with_content_type :json + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid HTTP authentication" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'feeds') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter') + get "/news.json", nil, :authorization => @authorization + end + + should_respond_with :unauthorized + should_respond_with_content_type :json + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + + end +end diff --git a/test/integration/api_test/issues_test.rb b/test/integration/api_test/issues_test.rb new file mode 100644 index 000000000..c51438bba --- /dev/null +++ b/test/integration/api_test/issues_test.rb @@ -0,0 +1,349 @@ +# Redmine - project management software +# Copyright (C) 2006-2010 Jean-Philippe Lang +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +require "#{File.dirname(__FILE__)}/../../test_helper" + +class ApiTest::IssuesTest < ActionController::IntegrationTest + fixtures :projects, + :users, + :roles, + :members, + :member_roles, + :issues, + :issue_statuses, + :versions, + :trackers, + :projects_trackers, + :issue_categories, + :enabled_modules, + :enumerations, + :attachments, + :workflows, + :custom_fields, + :custom_values, + :custom_fields_projects, + :custom_fields_trackers, + :time_entries, + :journals, + :journal_details, + :queries + + def setup + Setting.rest_api_enabled = '1' + end + + context "/index.xml" do + setup do + get '/issues.xml' + end + + should_respond_with :success + should_respond_with_content_type 'application/xml' + end + + context "/index.json" do + setup do + get '/issues.json' + end + + should_respond_with :success + should_respond_with_content_type 'application/json' + + should 'return a valid JSON string' do + assert ActiveSupport::JSON.decode(response.body) + end + end + + context "/index.xml with filter" do + setup do + get '/issues.xml?status_id=5' + end + + should_respond_with :success + should_respond_with_content_type 'application/xml' + should "show only issues with the status_id" do + assert_tag :tag => 'issues', + :children => { :count => Issue.visible.count(:conditions => {:status_id => 5}), + :only => { :tag => 'issue' } } + end + end + + context "/index.json with filter" do + setup do + get '/issues.json?status_id=5' + end + + should_respond_with :success + should_respond_with_content_type 'application/json' + + should 'return a valid JSON string' do + assert ActiveSupport::JSON.decode(response.body) + end + + should "show only issues with the status_id" do + json = ActiveSupport::JSON.decode(response.body) + status_ids_used = json.collect {|j| j['status_id'] } + assert_equal 3, status_ids_used.length + assert status_ids_used.all? {|id| id == 5 } + end + + end + + context "/issues/1.xml" do + setup do + get '/issues/1.xml' + end + + should_respond_with :success + should_respond_with_content_type 'application/xml' + end + + context "/issues/1.json" do + setup do + get '/issues/1.json' + end + + should_respond_with :success + should_respond_with_content_type 'application/json' + + should 'return a valid JSON string' do + assert ActiveSupport::JSON.decode(response.body) + end + end + + context "POST /issues.xml" do + setup do + @issue_count = Issue.count + @attributes = {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3} + post '/issues.xml', {:issue => @attributes}, :authorization => credentials('jsmith') + end + + should_respond_with :created + should_respond_with_content_type 'application/xml' + + should "create an issue with the attributes" do + assert_equal Issue.count, @issue_count + 1 + + issue = Issue.first(:order => 'id DESC') + @attributes.each do |attribute, value| + assert_equal value, issue.send(attribute) + end + end + end + + context "POST /issues.xml with failure" do + setup do + @attributes = {:project_id => 1} + post '/issues.xml', {:issue => @attributes}, :authorization => credentials('jsmith') + end + + should_respond_with :unprocessable_entity + should_respond_with_content_type 'application/xml' + + should "have an errors tag" do + assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} + end + end + + context "POST /issues.json" do + setup do + @issue_count = Issue.count + @attributes = {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3} + post '/issues.json', {:issue => @attributes}, :authorization => credentials('jsmith') + end + + should_respond_with :created + should_respond_with_content_type 'application/json' + + should "create an issue with the attributes" do + assert_equal Issue.count, @issue_count + 1 + + issue = Issue.first(:order => 'id DESC') + @attributes.each do |attribute, value| + assert_equal value, issue.send(attribute) + end + end + end + + context "POST /issues.json with failure" do + setup do + @attributes = {:project_id => 1} + post '/issues.json', {:issue => @attributes}, :authorization => credentials('jsmith') + end + + should_respond_with :unprocessable_entity + should_respond_with_content_type 'application/json' + + should "have an errors element" do + json = ActiveSupport::JSON.decode(response.body) + assert_equal "can't be blank", json.first['subject'] + end + end + + context "PUT /issues/1.xml" do + setup do + @issue_count = Issue.count + @journal_count = Journal.count + @attributes = {:subject => 'API update', :notes => 'A new note'} + + put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith') + end + + should_respond_with :ok + should_respond_with_content_type 'application/xml' + + should "not create a new issue" do + assert_equal Issue.count, @issue_count + end + + should "create a new journal" do + assert_equal Journal.count, @journal_count + 1 + end + + should "add the note to the journal" do + journal = Journal.last + assert_equal "A new note", journal.notes + end + + should "update the issue" do + issue = Issue.find(1) + @attributes.each do |attribute, value| + assert_equal value, issue.send(attribute) unless attribute == :notes + end + end + + end + + context "PUT /issues/1.xml with failed update" do + setup do + @attributes = {:subject => ''} + @issue_count = Issue.count + @journal_count = Journal.count + + put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith') + end + + should_respond_with :unprocessable_entity + should_respond_with_content_type 'application/xml' + + should "not create a new issue" do + assert_equal Issue.count, @issue_count + end + + should "not create a new journal" do + assert_equal Journal.count, @journal_count + end + + should "have an errors tag" do + assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} + end + end + + context "PUT /issues/1.json" do + setup do + @issue_count = Issue.count + @journal_count = Journal.count + @attributes = {:subject => 'API update', :notes => 'A new note'} + + put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith') + end + + should_respond_with :ok + should_respond_with_content_type 'application/json' + + should "not create a new issue" do + assert_equal Issue.count, @issue_count + end + + should "create a new journal" do + assert_equal Journal.count, @journal_count + 1 + end + + should "add the note to the journal" do + journal = Journal.last + assert_equal "A new note", journal.notes + end + + should "update the issue" do + issue = Issue.find(1) + @attributes.each do |attribute, value| + assert_equal value, issue.send(attribute) unless attribute == :notes + end + end + + end + + context "PUT /issues/1.json with failed update" do + setup do + @attributes = {:subject => ''} + @issue_count = Issue.count + @journal_count = Journal.count + + put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith') + end + + should_respond_with :unprocessable_entity + should_respond_with_content_type 'application/json' + + should "not create a new issue" do + assert_equal Issue.count, @issue_count + end + + should "not create a new journal" do + assert_equal Journal.count, @journal_count + end + + should "have an errors attribute" do + json = ActiveSupport::JSON.decode(response.body) + assert_equal "can't be blank", json.first['subject'] + end + end + + context "DELETE /issues/1.xml" do + setup do + @issue_count = Issue.count + delete '/issues/1.xml', {}, :authorization => credentials('jsmith') + end + + should_respond_with :ok + should_respond_with_content_type 'application/xml' + + should "delete the issue" do + assert_equal Issue.count, @issue_count -1 + assert_nil Issue.find_by_id(1) + end + end + + context "DELETE /issues/1.json" do + setup do + @issue_count = Issue.count + delete '/issues/1.json', {}, :authorization => credentials('jsmith') + end + + should_respond_with :ok + should_respond_with_content_type 'application/json' + + should "delete the issue" do + assert_equal Issue.count, @issue_count -1 + assert_nil Issue.find_by_id(1) + end + end + + def credentials(user, password=nil) + ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user) + end +end diff --git a/test/integration/api_test/projects_test.rb b/test/integration/api_test/projects_test.rb new file mode 100644 index 000000000..7c090a925 --- /dev/null +++ b/test/integration/api_test/projects_test.rb @@ -0,0 +1,99 @@ +# Redmine - project management software +# Copyright (C) 2006-2010 Jean-Philippe Lang +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +require "#{File.dirname(__FILE__)}/../../test_helper" + +class ApiTest::ProjectsTest < ActionController::IntegrationTest + fixtures :projects, :versions, :users, :roles, :members, :member_roles, :issues, :journals, :journal_details, + :trackers, :projects_trackers, :issue_statuses, :enabled_modules, :enumerations, :boards, :messages, + :attachments, :custom_fields, :custom_values, :time_entries + + def setup + Setting.rest_api_enabled = '1' + end + + def test_index + get '/projects.xml' + assert_response :success + assert_equal 'application/xml', @response.content_type + end + + def test_show + get '/projects/1.xml' + assert_response :success + assert_equal 'application/xml', @response.content_type + end + + def test_create + attributes = {:name => 'API test', :identifier => 'api-test'} + assert_difference 'Project.count' do + post '/projects.xml', {:project => attributes}, :authorization => credentials('admin') + end + assert_response :created + assert_equal 'application/xml', @response.content_type + project = Project.first(:order => 'id DESC') + attributes.each do |attribute, value| + assert_equal value, project.send(attribute) + end + end + + def test_create_failure + attributes = {:name => 'API test'} + assert_no_difference 'Project.count' do + post '/projects.xml', {:project => attributes}, :authorization => credentials('admin') + end + assert_response :unprocessable_entity + assert_equal 'application/xml', @response.content_type + assert_tag :errors, :child => {:tag => 'error', :content => "Identifier can't be blank"} + end + + def test_update + attributes = {:name => 'API update'} + assert_no_difference 'Project.count' do + put '/projects/1.xml', {:project => attributes}, :authorization => credentials('jsmith') + end + assert_response :ok + assert_equal 'application/xml', @response.content_type + project = Project.find(1) + attributes.each do |attribute, value| + assert_equal value, project.send(attribute) + end + end + + def test_update_failure + attributes = {:name => ''} + assert_no_difference 'Project.count' do + put '/projects/1.xml', {:project => attributes}, :authorization => credentials('jsmith') + end + assert_response :unprocessable_entity + assert_equal 'application/xml', @response.content_type + assert_tag :errors, :child => {:tag => 'error', :content => "Name can't be blank"} + end + + def test_destroy + assert_difference 'Project.count', -1 do + delete '/projects/2.xml', {}, :authorization => credentials('admin') + end + assert_response :ok + assert_equal 'application/xml', @response.content_type + assert_nil Project.find_by_id(2) + end + + def credentials(user, password=nil) + ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user) + end +end diff --git a/test/integration/api_test/token_authentication_test.rb b/test/integration/api_test/token_authentication_test.rb new file mode 100644 index 000000000..7d6cb2e1d --- /dev/null +++ b/test/integration/api_test/token_authentication_test.rb @@ -0,0 +1,80 @@ +require "#{File.dirname(__FILE__)}/../../test_helper" + +class ApiTest::TokenAuthenticationTest < ActionController::IntegrationTest + fixtures :all + + def setup + Setting.rest_api_enabled = '1' + Setting.login_required = '1' + end + + def teardown + Setting.rest_api_enabled = '0' + Setting.login_required = '0' + end + + # Using the NewsController because it's a simple API. + context "get /news" do + + context "in :xml format" do + context "with a valid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + get "/news.xml?key=#{@token.value}" + end + + should_respond_with :success + should_respond_with_content_type :xml + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'feeds') + get "/news.xml?key=#{@token.value}" + end + + should_respond_with :unauthorized + should_respond_with_content_type :xml + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + + context "in :json format" do + context "with a valid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + get "/news.json?key=#{@token.value}" + end + + should_respond_with :success + should_respond_with_content_type :json + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'feeds') + get "/news.json?key=#{@token.value}" + end + + should_respond_with :unauthorized + should_respond_with_content_type :json + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + + end +end diff --git a/test/integration/api_token_login_test.rb b/test/integration/api_token_login_test.rb deleted file mode 100644 index 43f6eb01f..000000000 --- a/test/integration/api_token_login_test.rb +++ /dev/null @@ -1,80 +0,0 @@ -require "#{File.dirname(__FILE__)}/../test_helper" - -class ApiTokenLoginTest < ActionController::IntegrationTest - fixtures :all - - def setup - Setting.rest_api_enabled = '1' - Setting.login_required = '1' - end - - def teardown - Setting.rest_api_enabled = '0' - Setting.login_required = '0' - end - - # Using the NewsController because it's a simple API. - context "get /news" do - - context "in :xml format" do - context "with a valid api token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - get "/news.xml?key=#{@token.value}" - end - - should_respond_with :success - should_respond_with_content_type :xml - should "login as the user" do - assert_equal @user, User.current - end - end - - context "with an invalid api token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'feeds') - get "/news.xml?key=#{@token.value}" - end - - should_respond_with :unauthorized - should_respond_with_content_type :xml - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - end - - context "in :json format" do - context "with a valid api token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - get "/news.json?key=#{@token.value}" - end - - should_respond_with :success - should_respond_with_content_type :json - should "login as the user" do - assert_equal @user, User.current - end - end - - context "with an invalid api token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'feeds') - get "/news.json?key=#{@token.value}" - end - - should_respond_with :unauthorized - should_respond_with_content_type :json - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - end - - end -end diff --git a/test/integration/disabled_rest_api_test.rb b/test/integration/disabled_rest_api_test.rb deleted file mode 100644 index 5ebf91c3f..000000000 --- a/test/integration/disabled_rest_api_test.rb +++ /dev/null @@ -1,110 +0,0 @@ -require "#{File.dirname(__FILE__)}/../test_helper" - -class DisabledRestApi < ActionController::IntegrationTest - fixtures :all - - def setup - Setting.rest_api_enabled = '0' - Setting.login_required = '1' - end - - def teardown - Setting.rest_api_enabled = '1' - Setting.login_required = '0' - end - - # Using the NewsController because it's a simple API. - context "get /news with the API disabled" do - - context "in :xml format" do - context "with a valid api token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - get "/news.xml?key=#{@token.value}" - end - - should_respond_with :unauthorized - should_respond_with_content_type :xml - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - - context "with a valid HTTP authentication" do - setup do - @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password') - get "/news.xml", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :xml - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - - context "with a valid HTTP authentication using the API token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') - get "/news.xml", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :xml - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - end - - context "in :json format" do - context "with a valid api token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - get "/news.json?key=#{@token.value}" - end - - should_respond_with :unauthorized - should_respond_with_content_type :json - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - - context "with a valid HTTP authentication" do - setup do - @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password') - get "/news.json", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :json - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - - context "with a valid HTTP authentication using the API token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter') - get "/news.json", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :json - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - - end - end -end diff --git a/test/integration/http_basic_login_test.rb b/test/integration/http_basic_login_test.rb deleted file mode 100644 index 9ec69a8c9..000000000 --- a/test/integration/http_basic_login_test.rb +++ /dev/null @@ -1,103 +0,0 @@ -require "#{File.dirname(__FILE__)}/../test_helper" - -class HttpBasicLoginTest < ActionController::IntegrationTest - fixtures :all - - def setup - Setting.rest_api_enabled = '1' - Setting.login_required = '1' - end - - def teardown - Setting.rest_api_enabled = '0' - Setting.login_required = '0' - end - - # Using the NewsController because it's a simple API. - context "get /news" do - - context "in :xml format" do - context "with a valid HTTP authentication" do - setup do - @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password') - get "/news.xml", nil, :authorization => @authorization - end - - should_respond_with :success - should_respond_with_content_type :xml - should "login as the user" do - assert_equal @user, User.current - end - end - - context "with an invalid HTTP authentication" do - setup do - @user = User.generate_with_protected! - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password') - get "/news.xml", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :xml - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - - context "without credentials" do - setup do - get "/projects/onlinestore/news.xml" - end - - should_respond_with :unauthorized - should_respond_with_content_type :xml - should "include_www_authenticate_header" do - assert @controller.response.headers.has_key?('WWW-Authenticate') - end - end - end - - context "in :json format" do - context "with a valid HTTP authentication" do - setup do - @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password') - get "/news.json", nil, :authorization => @authorization - end - - should_respond_with :success - should_respond_with_content_type :json - should "login as the user" do - assert_equal @user, User.current - end - end - - context "with an invalid HTTP authentication" do - setup do - @user = User.generate_with_protected! - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password') - get "/news.json", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :json - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - end - - context "without credentials" do - setup do - get "/projects/onlinestore/news.json" - end - - should_respond_with :unauthorized - should_respond_with_content_type :json - should "include_www_authenticate_header" do - assert @controller.response.headers.has_key?('WWW-Authenticate') - end - end - end -end diff --git a/test/integration/http_basic_login_with_api_token_test.rb b/test/integration/http_basic_login_with_api_token_test.rb deleted file mode 100644 index fe3df3130..000000000 --- a/test/integration/http_basic_login_with_api_token_test.rb +++ /dev/null @@ -1,84 +0,0 @@ -require "#{File.dirname(__FILE__)}/../test_helper" - -class HttpBasicLoginWithApiTokenTest < ActionController::IntegrationTest - fixtures :all - - def setup - Setting.rest_api_enabled = '1' - Setting.login_required = '1' - end - - def teardown - Setting.rest_api_enabled = '0' - Setting.login_required = '0' - end - - # Using the NewsController because it's a simple API. - context "get /news" do - - context "in :xml format" do - context "with a valid HTTP authentication using the API token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') - get "/news.xml", nil, :authorization => @authorization - end - - should_respond_with :success - should_respond_with_content_type :xml - should "login as the user" do - assert_equal @user, User.current - end - end - - context "with an invalid HTTP authentication" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'feeds') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') - get "/news.xml", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :xml - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - end - - context "in :json format" do - context "with a valid HTTP authentication" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter') - get "/news.json", nil, :authorization => @authorization - end - - should_respond_with :success - should_respond_with_content_type :json - should "login as the user" do - assert_equal @user, User.current - end - end - - context "with an invalid HTTP authentication" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'feeds') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter') - get "/news.json", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :json - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end - end - - end -end diff --git a/test/integration/issues_api_test.rb b/test/integration/issues_api_test.rb deleted file mode 100644 index e26cf643b..000000000 --- a/test/integration/issues_api_test.rb +++ /dev/null @@ -1,349 +0,0 @@ -# Redmine - project management software -# Copyright (C) 2006-2010 Jean-Philippe Lang -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; either version 2 -# of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -require "#{File.dirname(__FILE__)}/../test_helper" - -class IssuesApiTest < ActionController::IntegrationTest - fixtures :projects, - :users, - :roles, - :members, - :member_roles, - :issues, - :issue_statuses, - :versions, - :trackers, - :projects_trackers, - :issue_categories, - :enabled_modules, - :enumerations, - :attachments, - :workflows, - :custom_fields, - :custom_values, - :custom_fields_projects, - :custom_fields_trackers, - :time_entries, - :journals, - :journal_details, - :queries - - def setup - Setting.rest_api_enabled = '1' - end - - context "/index.xml" do - setup do - get '/issues.xml' - end - - should_respond_with :success - should_respond_with_content_type 'application/xml' - end - - context "/index.json" do - setup do - get '/issues.json' - end - - should_respond_with :success - should_respond_with_content_type 'application/json' - - should 'return a valid JSON string' do - assert ActiveSupport::JSON.decode(response.body) - end - end - - context "/index.xml with filter" do - setup do - get '/issues.xml?status_id=5' - end - - should_respond_with :success - should_respond_with_content_type 'application/xml' - should "show only issues with the status_id" do - assert_tag :tag => 'issues', - :children => { :count => Issue.visible.count(:conditions => {:status_id => 5}), - :only => { :tag => 'issue' } } - end - end - - context "/index.json with filter" do - setup do - get '/issues.json?status_id=5' - end - - should_respond_with :success - should_respond_with_content_type 'application/json' - - should 'return a valid JSON string' do - assert ActiveSupport::JSON.decode(response.body) - end - - should "show only issues with the status_id" do - json = ActiveSupport::JSON.decode(response.body) - status_ids_used = json.collect {|j| j['status_id'] } - assert_equal 3, status_ids_used.length - assert status_ids_used.all? {|id| id == 5 } - end - - end - - context "/issues/1.xml" do - setup do - get '/issues/1.xml' - end - - should_respond_with :success - should_respond_with_content_type 'application/xml' - end - - context "/issues/1.json" do - setup do - get '/issues/1.json' - end - - should_respond_with :success - should_respond_with_content_type 'application/json' - - should 'return a valid JSON string' do - assert ActiveSupport::JSON.decode(response.body) - end - end - - context "POST /issues.xml" do - setup do - @issue_count = Issue.count - @attributes = {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3} - post '/issues.xml', {:issue => @attributes}, :authorization => credentials('jsmith') - end - - should_respond_with :created - should_respond_with_content_type 'application/xml' - - should "create an issue with the attributes" do - assert_equal Issue.count, @issue_count + 1 - - issue = Issue.first(:order => 'id DESC') - @attributes.each do |attribute, value| - assert_equal value, issue.send(attribute) - end - end - end - - context "POST /issues.xml with failure" do - setup do - @attributes = {:project_id => 1} - post '/issues.xml', {:issue => @attributes}, :authorization => credentials('jsmith') - end - - should_respond_with :unprocessable_entity - should_respond_with_content_type 'application/xml' - - should "have an errors tag" do - assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} - end - end - - context "POST /issues.json" do - setup do - @issue_count = Issue.count - @attributes = {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3} - post '/issues.json', {:issue => @attributes}, :authorization => credentials('jsmith') - end - - should_respond_with :created - should_respond_with_content_type 'application/json' - - should "create an issue with the attributes" do - assert_equal Issue.count, @issue_count + 1 - - issue = Issue.first(:order => 'id DESC') - @attributes.each do |attribute, value| - assert_equal value, issue.send(attribute) - end - end - end - - context "POST /issues.json with failure" do - setup do - @attributes = {:project_id => 1} - post '/issues.json', {:issue => @attributes}, :authorization => credentials('jsmith') - end - - should_respond_with :unprocessable_entity - should_respond_with_content_type 'application/json' - - should "have an errors element" do - json = ActiveSupport::JSON.decode(response.body) - assert_equal "can't be blank", json.first['subject'] - end - end - - context "PUT /issues/1.xml" do - setup do - @issue_count = Issue.count - @journal_count = Journal.count - @attributes = {:subject => 'API update', :notes => 'A new note'} - - put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith') - end - - should_respond_with :ok - should_respond_with_content_type 'application/xml' - - should "not create a new issue" do - assert_equal Issue.count, @issue_count - end - - should "create a new journal" do - assert_equal Journal.count, @journal_count + 1 - end - - should "add the note to the journal" do - journal = Journal.last - assert_equal "A new note", journal.notes - end - - should "update the issue" do - issue = Issue.find(1) - @attributes.each do |attribute, value| - assert_equal value, issue.send(attribute) unless attribute == :notes - end - end - - end - - context "PUT /issues/1.xml with failed update" do - setup do - @attributes = {:subject => ''} - @issue_count = Issue.count - @journal_count = Journal.count - - put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith') - end - - should_respond_with :unprocessable_entity - should_respond_with_content_type 'application/xml' - - should "not create a new issue" do - assert_equal Issue.count, @issue_count - end - - should "not create a new journal" do - assert_equal Journal.count, @journal_count - end - - should "have an errors tag" do - assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} - end - end - - context "PUT /issues/1.json" do - setup do - @issue_count = Issue.count - @journal_count = Journal.count - @attributes = {:subject => 'API update', :notes => 'A new note'} - - put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith') - end - - should_respond_with :ok - should_respond_with_content_type 'application/json' - - should "not create a new issue" do - assert_equal Issue.count, @issue_count - end - - should "create a new journal" do - assert_equal Journal.count, @journal_count + 1 - end - - should "add the note to the journal" do - journal = Journal.last - assert_equal "A new note", journal.notes - end - - should "update the issue" do - issue = Issue.find(1) - @attributes.each do |attribute, value| - assert_equal value, issue.send(attribute) unless attribute == :notes - end - end - - end - - context "PUT /issues/1.json with failed update" do - setup do - @attributes = {:subject => ''} - @issue_count = Issue.count - @journal_count = Journal.count - - put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith') - end - - should_respond_with :unprocessable_entity - should_respond_with_content_type 'application/json' - - should "not create a new issue" do - assert_equal Issue.count, @issue_count - end - - should "not create a new journal" do - assert_equal Journal.count, @journal_count - end - - should "have an errors attribute" do - json = ActiveSupport::JSON.decode(response.body) - assert_equal "can't be blank", json.first['subject'] - end - end - - context "DELETE /issues/1.xml" do - setup do - @issue_count = Issue.count - delete '/issues/1.xml', {}, :authorization => credentials('jsmith') - end - - should_respond_with :ok - should_respond_with_content_type 'application/xml' - - should "delete the issue" do - assert_equal Issue.count, @issue_count -1 - assert_nil Issue.find_by_id(1) - end - end - - context "DELETE /issues/1.json" do - setup do - @issue_count = Issue.count - delete '/issues/1.json', {}, :authorization => credentials('jsmith') - end - - should_respond_with :ok - should_respond_with_content_type 'application/json' - - should "delete the issue" do - assert_equal Issue.count, @issue_count -1 - assert_nil Issue.find_by_id(1) - end - end - - def credentials(user, password=nil) - ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user) - end -end diff --git a/test/integration/projects_api_test.rb b/test/integration/projects_api_test.rb deleted file mode 100644 index e254c5137..000000000 --- a/test/integration/projects_api_test.rb +++ /dev/null @@ -1,99 +0,0 @@ -# Redmine - project management software -# Copyright (C) 2006-2010 Jean-Philippe Lang -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; either version 2 -# of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -require "#{File.dirname(__FILE__)}/../test_helper" - -class ProjectsApiTest < ActionController::IntegrationTest - fixtures :projects, :versions, :users, :roles, :members, :member_roles, :issues, :journals, :journal_details, - :trackers, :projects_trackers, :issue_statuses, :enabled_modules, :enumerations, :boards, :messages, - :attachments, :custom_fields, :custom_values, :time_entries - - def setup - Setting.rest_api_enabled = '1' - end - - def test_index - get '/projects.xml' - assert_response :success - assert_equal 'application/xml', @response.content_type - end - - def test_show - get '/projects/1.xml' - assert_response :success - assert_equal 'application/xml', @response.content_type - end - - def test_create - attributes = {:name => 'API test', :identifier => 'api-test'} - assert_difference 'Project.count' do - post '/projects.xml', {:project => attributes}, :authorization => credentials('admin') - end - assert_response :created - assert_equal 'application/xml', @response.content_type - project = Project.first(:order => 'id DESC') - attributes.each do |attribute, value| - assert_equal value, project.send(attribute) - end - end - - def test_create_failure - attributes = {:name => 'API test'} - assert_no_difference 'Project.count' do - post '/projects.xml', {:project => attributes}, :authorization => credentials('admin') - end - assert_response :unprocessable_entity - assert_equal 'application/xml', @response.content_type - assert_tag :errors, :child => {:tag => 'error', :content => "Identifier can't be blank"} - end - - def test_update - attributes = {:name => 'API update'} - assert_no_difference 'Project.count' do - put '/projects/1.xml', {:project => attributes}, :authorization => credentials('jsmith') - end - assert_response :ok - assert_equal 'application/xml', @response.content_type - project = Project.find(1) - attributes.each do |attribute, value| - assert_equal value, project.send(attribute) - end - end - - def test_update_failure - attributes = {:name => ''} - assert_no_difference 'Project.count' do - put '/projects/1.xml', {:project => attributes}, :authorization => credentials('jsmith') - end - assert_response :unprocessable_entity - assert_equal 'application/xml', @response.content_type - assert_tag :errors, :child => {:tag => 'error', :content => "Name can't be blank"} - end - - def test_destroy - assert_difference 'Project.count', -1 do - delete '/projects/2.xml', {}, :authorization => credentials('admin') - end - assert_response :ok - assert_equal 'application/xml', @response.content_type - assert_nil Project.find_by_id(2) - end - - def credentials(user, password=nil) - ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user) - end -end diff --git a/test/test_helper.rb b/test/test_helper.rb index eea1a03b5..db44bb9b8 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -186,3 +186,7 @@ class ActiveSupport::TestCase end end end + +# Simple module to "namespace" all of the API tests +module ApiTest +end