Refactor: convert username/password http basic auth api tests to shoulda macros #6447

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4360 e93f8b46-1217-0410-a6f0-8f06a7374b81

2 files changed, 57 insertions, 79 deletions

diff --git a/test/integration/api_test/http_basic_login_test.rb b/test/integration/api_test/http_basic_login_test.rb
index aa879f64a..21b584c79 100644
--- a/test/integration/api_test/http_basic_login_test.rb
+++ b/test/integration/api_test/http_basic_login_test.rb
@@ -15,89 +15,17 @@ class ApiTest::HttpBasicLoginTest < ActionController::IntegrationTest
   
   # Using the NewsController because it's a simple API.
   context "get /news" do
+    setup do
+      project = Project.find('onlinestore')
+      EnabledModule.create(:project => project, :name => 'news')
+    end
 
     context "in :xml format" do
-      context "with a valid HTTP authentication" do
-        setup do
-          @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
-          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
-          get "/news.xml", nil, :authorization => @authorization
-        end
-        
-        should_respond_with :success
-        should_respond_with_content_type :xml
-        should "login as the user" do
-          assert_equal @user, User.current
-        end
-      end
-
-      context "with an invalid HTTP authentication" do
-        setup do
-          @user = User.generate_with_protected!
-          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
-          get "/news.xml", nil, :authorization => @authorization
-        end
-        
-        should_respond_with :unauthorized
-        should_respond_with_content_type :xml
-        should "not login as the user" do
-          assert_equal User.anonymous, User.current
-        end
-      end
-      
-      context "without credentials" do
-        setup do
-          get "/projects/onlinestore/news.xml"
-        end
-
-        should_respond_with :unauthorized
-        should_respond_with_content_type :xml
-        should "include_www_authenticate_header" do
-          assert @controller.response.headers.has_key?('WWW-Authenticate')
-        end
-      end
+      should_allow_http_basic_auth_with_username_and_password(:get, "/projects/onlinestore/news.xml")
     end
 
     context "in :json format" do
-      context "with a valid HTTP authentication" do
-        setup do
-          @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
-          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
-          get "/news.json", nil, :authorization => @authorization
-        end
-        
-        should_respond_with :success
-        should_respond_with_content_type :json
-        should "login as the user" do
-          assert_equal @user, User.current
-        end
-      end
-
-      context "with an invalid HTTP authentication" do
-        setup do
-          @user = User.generate_with_protected!
-          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
-          get "/news.json", nil, :authorization => @authorization
-        end
-        
-        should_respond_with :unauthorized
-        should_respond_with_content_type :json
-        should "not login as the user" do
-          assert_equal User.anonymous, User.current
-        end
-      end
-    end
-    
-    context "without credentials" do
-      setup do
-        get "/projects/onlinestore/news.json"
-      end
-
-      should_respond_with :unauthorized
-      should_respond_with_content_type :json
-      should "include_www_authenticate_header" do
-        assert @controller.response.headers.has_key?('WWW-Authenticate')
-      end
+      should_allow_http_basic_auth_with_username_and_password(:get, "/projects/onlinestore/news.json")
     end
   end
 end
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 001638754..285ef2fd9 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -186,12 +186,62 @@ class ActiveSupport::TestCase
     end
   end
 
+  # Test that a request allows the username and password for HTTP BASIC
+  #
+  # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete)
+  # @param [String] url the request url
+  # @param [optional, Hash] parameters additional request parameters
+  def self.should_allow_http_basic_auth_with_username_and_password(http_method, url, parameters={})
+    context "should allow http basic auth using a username and password for #{http_method} #{url}" do
+      context "with a valid HTTP authentication" do
+        setup do
+          @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password', :admin => true) # Admin so they can access the project
+          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
+          send(http_method, url, parameters, {:authorization => @authorization})
+        end
+        
+        should_respond_with :success
+        should_respond_with_content_type_based_on_url(url)
+        should "login as the user" do
+          assert_equal @user, User.current
+        end
+      end
+
+      context "with an invalid HTTP authentication" do
+        setup do
+          @user = User.generate_with_protected!
+          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
+          send(http_method, url, parameters, {:authorization => @authorization})
+        end
+        
+        should_respond_with :unauthorized
+        should_respond_with_content_type_based_on_url(url)
+        should "not login as the user" do
+          assert_equal User.anonymous, User.current
+        end
+      end
+      
+      context "without credentials" do
+        setup do
+          send(http_method, url, parameters, {:authorization => ''})
+        end
+
+        should_respond_with :unauthorized
+        should_respond_with_content_type_based_on_url(url)
+        should "include_www_authenticate_header" do
+          assert @controller.response.headers.has_key?('WWW-Authenticate')
+        end
+      end
+    end
+
+  end
+
   # Test that a request allows full key authentication
   #
   # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete)
   # @param [String] url the request url, without the key=ZXY parameter
   def self.should_allow_key_based_auth(http_method, url)
-    context "should allow key based auth using key=X for #{url}" do
+    context "should allow key based auth using key=X for #{http_method} #{url}" do
       context "with a valid api token" do
         setup do
           @user = User.generate_with_protected!