git-svn-id: http://svn.redmine.org/redmine/trunk@15731 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/3.4.0
@@ -654,8 +654,7 @@ class ApplicationController < ActionController::Base | |||
# Renders a head API response | |||
def render_api_head(status) | |||
# #head would return a response body with one space | |||
render :text => '', :status => status, :layout => nil | |||
head :status => status | |||
end | |||
# Renders API response on validation failure |
@@ -38,7 +38,7 @@ class MailHandlerController < ActionController::Base | |||
def check_credential | |||
User.current = nil | |||
unless Setting.mail_handler_api_enabled? && params[:key].to_s == Setting.mail_handler_api_key | |||
render :text => 'Access denied. Incoming emails WS is disabled or key is invalid.', :status => 403 | |||
render :plain => 'Access denied. Incoming emails WS is disabled or key is invalid.', :status => 403 | |||
end | |||
end | |||
end |
@@ -74,7 +74,7 @@ class SysController < ActionController::Base | |||
def check_enabled | |||
User.current = nil | |||
unless Setting.sys_api_enabled? && params[:key].to_s == Setting.sys_api_key | |||
render :text => 'Access denied. Repository management WS is disabled or key is invalid.', :status => 403 | |||
render :plain => 'Access denied. Repository management WS is disabled or key is invalid.', :status => 403 | |||
return false | |||
end | |||
end |
@@ -47,7 +47,7 @@ class WatchersController < ApplicationController | |||
end | |||
end | |||
respond_to do |format| | |||
format.html { redirect_to_referer_or {render :text => 'Watcher added.', :layout => true}} | |||
format.html { redirect_to_referer_or {render :html => 'Watcher added.', :status => 200, :layout => true}} | |||
format.js { @users = users_for_new_watcher } | |||
format.api { render_api_ok } | |||
end | |||
@@ -69,7 +69,7 @@ class WatchersController < ApplicationController | |||
watchable.set_watcher(user, false) | |||
end | |||
respond_to do |format| | |||
format.html { redirect_to :back } | |||
format.html { redirect_to_referer_or {render :html => 'Watcher removed.', :status => 200, :layout => true} } | |||
format.js | |||
format.api { render_api_ok } | |||
end | |||
@@ -108,7 +108,10 @@ class WatchersController < ApplicationController | |||
watchable.set_watcher(user, watching) | |||
end | |||
respond_to do |format| | |||
format.html { redirect_to_referer_or {render :text => (watching ? 'Watcher added.' : 'Watcher removed.'), :layout => true}} | |||
format.html { | |||
text = watching ? 'Watcher added.' : 'Watcher removed.' | |||
redirect_to_referer_or {render :html => text, :status => 200, :layout => true} | |||
} | |||
format.js { render :partial => 'set_watcher', :locals => {:user => user, :watched => watchables} } | |||
end | |||
end |
@@ -74,6 +74,7 @@ class MailHandlerControllerTest < Redmine::ControllerTest | |||
post :index, :key => 'secret', :email => IO.read(File.join(FIXTURES_PATH, 'ticket_on_given_project.eml')) | |||
end | |||
assert_response 403 | |||
assert_include 'Access denied', response.body | |||
end | |||
def test_should_not_allow_with_wrong_key | |||
@@ -84,6 +85,7 @@ class MailHandlerControllerTest < Redmine::ControllerTest | |||
post :index, :key => 'wrong', :email => IO.read(File.join(FIXTURES_PATH, 'ticket_on_given_project.eml')) | |||
end | |||
assert_response 403 | |||
assert_include 'Access denied', response.body | |||
end | |||
def test_new |
@@ -113,6 +113,7 @@ class SysControllerTest < Redmine::ControllerTest | |||
with_settings :sys_api_enabled => '0' do | |||
get :projects | |||
assert_response 403 | |||
assert_include 'Access denied', response.body | |||
end | |||
end | |||
@@ -127,6 +128,7 @@ class SysControllerTest < Redmine::ControllerTest | |||
with_settings :sys_api_enabled => 'my_secret_key' do | |||
get :projects, :params => {:key => 'wrong_key'} | |||
assert_response 403 | |||
assert_include 'Access denied', response.body | |||
end | |||
end | |||
end |
@@ -25,6 +25,16 @@ class WatchersControllerTest < Redmine::ControllerTest | |||
User.current = nil | |||
end | |||
def test_watch_a_single_object_as_html | |||
@request.session[:user_id] = 3 | |||
assert_difference('Watcher.count') do | |||
post :watch, :params => {:object_type => 'issue', :object_id => '1'} | |||
assert_response :success | |||
assert_include 'Watcher added', response.body | |||
end | |||
assert Issue.find(1).watched_by?(User.find(3)) | |||
end | |||
def test_watch_a_single_object | |||
@request.session[:user_id] = 3 | |||
assert_difference('Watcher.count') do | |||
@@ -102,6 +112,16 @@ class WatchersControllerTest < Redmine::ControllerTest | |||
end | |||
end | |||
def test_unwatch_as_html | |||
@request.session[:user_id] = 3 | |||
assert_difference('Watcher.count', -1) do | |||
delete :unwatch, :params => {:object_type => 'issue', :object_id => '2'} | |||
assert_response :success | |||
assert_include 'Watcher removed', response.body | |||
end | |||
assert !Issue.find(1).watched_by?(User.find(3)) | |||
end | |||
def test_unwatch | |||
@request.session[:user_id] = 3 | |||
assert_difference('Watcher.count', -1) do | |||
@@ -154,6 +174,19 @@ class WatchersControllerTest < Redmine::ControllerTest | |||
assert_match /ajax-modal/, response.body | |||
end | |||
def test_create_as_html | |||
@request.session[:user_id] = 2 | |||
assert_difference('Watcher.count') do | |||
post :create, :params => { | |||
:object_type => 'issue', :object_id => '2', | |||
:watcher => {:user_id => '4'} | |||
} | |||
assert_response :success | |||
assert_include 'Watcher added', response.body | |||
end | |||
assert Issue.find(2).watched_by?(User.find(4)) | |||
end | |||
def test_create | |||
@request.session[:user_id] = 2 | |||
assert_difference('Watcher.count') do | |||
@@ -295,6 +328,18 @@ class WatchersControllerTest < Redmine::ControllerTest | |||
assert response.body.blank? | |||
end | |||
def test_destroy_as_html | |||
@request.session[:user_id] = 2 | |||
assert_difference('Watcher.count', -1) do | |||
delete :destroy, :params => { | |||
:object_type => 'issue', :object_id => '2', :user_id => '3' | |||
} | |||
assert_response :success | |||
assert_include 'Watcher removed', response.body | |||
end | |||
assert !Issue.find(2).watched_by?(User.find(3)) | |||
end | |||
def test_destroy | |||
@request.session[:user_id] = 2 | |||
assert_difference('Watcher.count', -1) do |
@@ -44,4 +44,13 @@ class Redmine::ApiTest::ApiTest < Redmine::ApiTest::Base | |||
get '/users/1.xml', {}, credentials('admin') | |||
assert_include '<created_on>2006-07-19T17:12:21Z</created_on>', response.body | |||
end | |||
def test_head_response_should_have_empty_body | |||
assert_difference('Issue.count', -1) do | |||
delete '/issues/6.xml', {}, credentials('jsmith') | |||
assert_response :ok | |||
assert_equal '', response.body | |||
end | |||
end | |||
end |