diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-03-03 15:09:20 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-03-03 15:09:20 +0000 |
| commit | b3866b05c14bd0f1fff4c54051f522e03e2bec36 (patch) | |
| tree | c7248ef2b6cd4d22ec7bfaae11cf6815afdc8f64 /test | |
| parent | bf8f8545461e5aeb1d2b1ddc1b4bf861ee5c2f9c (diff) | |
| download | redmine-b3866b05c14bd0f1fff4c54051f522e03e2bec36.tar.gz redmine-b3866b05c14bd0f1fff4c54051f522e03e2bec36.zip | |
Removes all #verify calls in controllers. Verification is handled at routing level now that the default route is removed.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9061 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test')
| -rw-r--r-- | test/functional/issues_controller_test.rb | 14 | ||||
| -rw-r--r-- | test/functional/projects_controller_test.rb | 12 | ||||
| -rw-r--r-- | test/functional/users_controller_test.rb | 7 | ||||
| -rw-r--r-- | test/functional/watchers_controller_test.rb | 6 | ||||
| -rw-r--r-- | test/integration/issues_test.rb | 19 | ||||
| -rw-r--r-- | test/integration/projects_test.rb | 9 | ||||
| -rw-r--r-- | test/integration/users_test.rb | 29 |
7 files changed, 56 insertions, 40 deletions
diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb index 585ee2fa9..13cd3679d 100644 --- a/test/functional/issues_controller_test.rb +++ b/test/functional/issues_controller_test.rb @@ -2138,20 +2138,6 @@ class IssuesControllerTest < ActionController::TestCase assert_equal 'This is the test_new issue', issue.subject end - def test_update_using_invalid_http_verbs - @request.session[:user_id] = 2 - subject = 'Updated by an invalid http verb' - - get :update, :id => 1, :issue => {:subject => subject} - assert_not_equal subject, Issue.find(1).subject - - post :update, :id => 1, :issue => {:subject => subject} - assert_not_equal subject, Issue.find(1).subject - - delete :update, :id => 1, :issue => {:subject => subject} - assert_not_equal subject, Issue.find(1).subject - end - def test_put_update_without_custom_fields_param @request.session[:user_id] = 2 ActionMailer::Base.deliveries.clear diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb index 6a788e6ec..9b7fca3c0 100644 --- a/test/functional/projects_controller_test.rb +++ b/test/functional/projects_controller_test.rb @@ -311,12 +311,6 @@ class ProjectsControllerTest < ActionController::TestCase end end - def test_create_should_not_accept_get - @request.session[:user_id] = 1 - get :create - assert_response :method_not_allowed - end - def test_show_by_id get :show, :id => 1 assert_response :success @@ -412,12 +406,6 @@ class ProjectsControllerTest < ActionController::TestCase assert_equal ['documents', 'issue_tracking', 'repository'], Project.find(1).enabled_module_names.sort end - def test_modules_should_not_allow_get - @request.session[:user_id] = 1 - get :modules, :id => 1 - assert_response :method_not_allowed - end - def test_destroy_without_confirmation @request.session[:user_id] = 1 # admin delete :destroy, :id => 1 diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb index 3fc224d01..6adfc2757 100644 --- a/test/functional/users_controller_test.rb +++ b/test/functional/users_controller_test.rb @@ -289,13 +289,6 @@ class UsersControllerTest < ActionController::TestCase assert_nil User.find_by_id(2) end - def test_destroy_should_not_accept_get_requests - assert_no_difference 'User.count' do - get :destroy, :id => 2 - end - assert_response 405 - end - def test_destroy_should_be_denied_for_non_admin_users @request.session[:user_id] = 3 diff --git a/test/functional/watchers_controller_test.rb b/test/functional/watchers_controller_test.rb index c8345a833..bfd93fe0d 100644 --- a/test/functional/watchers_controller_test.rb +++ b/test/functional/watchers_controller_test.rb @@ -32,12 +32,6 @@ class WatchersControllerTest < ActionController::TestCase User.current = nil end - def test_get_watch_should_be_invalid - @request.session[:user_id] = 3 - get :watch, :object_type => 'issue', :object_id => '1' - assert_response 405 - end - def test_watch @request.session[:user_id] = 3 assert_difference('Watcher.count') do diff --git a/test/integration/issues_test.rb b/test/integration/issues_test.rb index 4f72b9839..4f5503026 100644 --- a/test/integration/issues_test.rb +++ b/test/integration/issues_test.rb @@ -206,4 +206,23 @@ class IssuesTest < ActionController::IntegrationTest } } end + + def test_update_using_invalid_http_verbs + subject = 'Updated by an invalid http verb' + + get '/issues/update/1', {:issue => {:subject => subject}}, credentials('jsmith') + assert_response 404 + assert_not_equal subject, Issue.find(1).subject + + post '/issues/1', {:issue => {:subject => subject}}, credentials('jsmith') + assert_response 405 + assert_not_equal subject, Issue.find(1).subject + end + + def test_get_watch_should_be_invalid + assert_no_difference 'Watcher.count' do + get '/watchers/watch?object_type=issue&object_id=1', {}, credentials('jsmith') + assert_response 405 + end + end end diff --git a/test/integration/projects_test.rb b/test/integration/projects_test.rb index 890250c8a..1abe6ad96 100644 --- a/test/integration/projects_test.rb +++ b/test/integration/projects_test.rb @@ -18,7 +18,7 @@ require File.expand_path('../../test_helper', __FILE__) class ProjectsTest < ActionController::IntegrationTest - fixtures :projects, :users, :members + fixtures :projects, :users, :members, :enabled_modules def test_archive_project subproject = Project.find(1).children.first @@ -41,4 +41,11 @@ class ProjectsTest < ActionController::IntegrationTest get "projects/1" assert_response :success end + + def test_modules_should_not_allow_get + assert_no_difference 'EnabledModule.count' do + get '/projects/1/modules', {:enabled_module_names => ['']}, credentials('jsmith') + assert_response :method_not_allowed + end + end end diff --git a/test/integration/users_test.rb b/test/integration/users_test.rb new file mode 100644 index 000000000..a0c461b49 --- /dev/null +++ b/test/integration/users_test.rb @@ -0,0 +1,29 @@ +# Redmine - project management software +# Copyright (C) 2006-2012 Jean-Philippe Lang +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +require File.expand_path('../../test_helper', __FILE__) + +class USersTest < ActionController::IntegrationTest + fixtures :users + + def test_destroy_should_not_accept_get_requests + assert_no_difference 'User.count' do + get '/users/destroy/2', {}, credentials('admin') + assert_response 404 + end + end +end |