diff options
| author | Eric Davis <edavis@littlestreamsoftware.com> | 2010-11-02 15:52:06 +0000 |
|---|---|---|
| committer | Eric Davis <edavis@littlestreamsoftware.com> | 2010-11-02 15:52:06 +0000 |
| commit | a04d64881cca1f741437cb57e44f3434bd8a7eb1 (patch) | |
| tree | a6cb7e768202d61023a79982963c4485841edc56 /test/test_helper.rb | |
| parent | 27049b848dd48eca4df160e6024d66215230d260 (diff) | |
| download | redmine-a04d64881cca1f741437cb57e44f3434bd8a7eb1.tar.gz redmine-a04d64881cca1f741437cb57e44f3434bd8a7eb1.zip | |
Refactor: convert username/password http basic auth api tests to shoulda macros #6447
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4360 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/test_helper.rb')
| -rw-r--r-- | test/test_helper.rb | 52 |
1 files changed, 51 insertions, 1 deletions
diff --git a/test/test_helper.rb b/test/test_helper.rb index 001638754..285ef2fd9 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -186,12 +186,62 @@ class ActiveSupport::TestCase end end + # Test that a request allows the username and password for HTTP BASIC + # + # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) + # @param [String] url the request url + # @param [optional, Hash] parameters additional request parameters + def self.should_allow_http_basic_auth_with_username_and_password(http_method, url, parameters={}) + context "should allow http basic auth using a username and password for #{http_method} #{url}" do + context "with a valid HTTP authentication" do + setup do + @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password', :admin => true) # Admin so they can access the project + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password') + send(http_method, url, parameters, {:authorization => @authorization}) + end + + should_respond_with :success + should_respond_with_content_type_based_on_url(url) + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid HTTP authentication" do + setup do + @user = User.generate_with_protected! + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password') + send(http_method, url, parameters, {:authorization => @authorization}) + end + + should_respond_with :unauthorized + should_respond_with_content_type_based_on_url(url) + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + + context "without credentials" do + setup do + send(http_method, url, parameters, {:authorization => ''}) + end + + should_respond_with :unauthorized + should_respond_with_content_type_based_on_url(url) + should "include_www_authenticate_header" do + assert @controller.response.headers.has_key?('WWW-Authenticate') + end + end + end + + end + # Test that a request allows full key authentication # # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) # @param [String] url the request url, without the key=ZXY parameter def self.should_allow_key_based_auth(http_method, url) - context "should allow key based auth using key=X for #{url}" do + context "should allow key based auth using key=X for #{http_method} #{url}" do context "with a valid api token" do setup do @user = User.generate_with_protected! |