diff options
| author | Eric Davis <edavis@littlestreamsoftware.com> | 2010-11-01 15:26:05 +0000 |
|---|---|---|
| committer | Eric Davis <edavis@littlestreamsoftware.com> | 2010-11-01 15:26:05 +0000 |
| commit | d5fde17bf5d0b8788871f60ff08b203da527de92 (patch) | |
| tree | 5178bf12b54deeadcf842740153dc5d3f71f06c5 /test/integration/api_test/token_authentication_test.rb | |
| parent | db2ecd30103b9b296b1eabb6a018c528c8a1ac8e (diff) | |
| download | redmine-d5fde17bf5d0b8788871f60ff08b203da527de92.tar.gz redmine-d5fde17bf5d0b8788871f60ff08b203da527de92.zip | |
Move all API tests into the ApiTest module to make management easier
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4357 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/integration/api_test/token_authentication_test.rb')
| -rw-r--r-- | test/integration/api_test/token_authentication_test.rb | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/test/integration/api_test/token_authentication_test.rb b/test/integration/api_test/token_authentication_test.rb new file mode 100644 index 000000000..7d6cb2e1d --- /dev/null +++ b/test/integration/api_test/token_authentication_test.rb @@ -0,0 +1,80 @@ +require "#{File.dirname(__FILE__)}/../../test_helper" + +class ApiTest::TokenAuthenticationTest < ActionController::IntegrationTest + fixtures :all + + def setup + Setting.rest_api_enabled = '1' + Setting.login_required = '1' + end + + def teardown + Setting.rest_api_enabled = '0' + Setting.login_required = '0' + end + + # Using the NewsController because it's a simple API. + context "get /news" do + + context "in :xml format" do + context "with a valid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + get "/news.xml?key=#{@token.value}" + end + + should_respond_with :success + should_respond_with_content_type :xml + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'feeds') + get "/news.xml?key=#{@token.value}" + end + + should_respond_with :unauthorized + should_respond_with_content_type :xml + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + + context "in :json format" do + context "with a valid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + get "/news.json?key=#{@token.value}" + end + + should_respond_with :success + should_respond_with_content_type :json + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'feeds') + get "/news.json?key=#{@token.value}" + end + + should_respond_with :unauthorized + should_respond_with_content_type :json + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + + end +end |