diff options
| author | Eric Davis <edavis@littlestreamsoftware.com> | 2010-11-01 15:45:03 +0000 |
|---|---|---|
| committer | Eric Davis <edavis@littlestreamsoftware.com> | 2010-11-01 15:45:03 +0000 |
| commit | bed79f523bd64d900a4e615efe7eb3e0cfc0abd8 (patch) | |
| tree | 74d935f4e66cf1ad0e9d943dc8f55b4cf1c35ffd /test/test_helper.rb | |
| parent | d5fde17bf5d0b8788871f60ff08b203da527de92 (diff) | |
| download | redmine-bed79f523bd64d900a4e615efe7eb3e0cfc0abd8.tar.gz redmine-bed79f523bd64d900a4e615efe7eb3e0cfc0abd8.zip | |
Refactor: convert api key tests to shoulda macros for reuse. #6447
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4358 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/test_helper.rb')
| -rw-r--r-- | test/test_helper.rb | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/test/test_helper.rb b/test/test_helper.rb index db44bb9b8..001638754 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -185,6 +185,61 @@ class ActiveSupport::TestCase assert !user.new_record? end end + + # Test that a request allows full key authentication + # + # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) + # @param [String] url the request url, without the key=ZXY parameter + def self.should_allow_key_based_auth(http_method, url) + context "should allow key based auth using key=X for #{url}" do + context "with a valid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + send(http_method, url + "?key=#{@token.value}") + end + + should_respond_with :success + should_respond_with_content_type_based_on_url(url) + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid api token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'feeds') + send(http_method, url + "?key=#{@token.value}") + end + + should_respond_with :unauthorized + should_respond_with_content_type_based_on_url(url) + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + + end + + # Uses should_respond_with_content_type based on what's in the url: + # + # '/project/issues.xml' => should_respond_with_content_type :xml + # '/project/issues.json' => should_respond_with_content_type :json + # + # @param [String] url Request + def self.should_respond_with_content_type_based_on_url(url) + case + when url.match(/xml/i) + should_respond_with_content_type :xml + when url.match(/json/i) + should_respond_with_content_type :json + else + raise "Unknown content type for should_respond_with_content_type_based_on_url: #{url}" + end + + end end # Simple module to "namespace" all of the API tests |