jro_apps/redmine Files · test/integration/api_test/http_basic_login_test.rb

Use File#expand_path for require's in script/* for Ruby 1.9.2 compatibility. #4050...

Use File#expand_path for require's in script/* for Ruby 1.9.2 compatibility. #4050 Since Ruby 1.9.2, LOAD_PATH does not include "." directory anymore, so we should use absolute paths instead to ensure both 1.8.x and 1.9.x compatibility. It has been included in railties 2.3.x branch since july 2009, see http://github.com/rails/rails/commit/7a427a83ca4da92c70760007aaf313638a5d8374 git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4359 e93f8b46-1217-0410-a6f0-8f06a7374b81

Eric Davis - - Load All Authors

File last commit:

r4243:d5fde17bf5d0


                r4245:27049b848dd4

Download file

             http_basic_login_test.rb
        
                    103 lines
            
             | 3.3 KiB
            
                | text/x-ruby
            
             |
                RubyLexer
            
             / test / integration / api_test / http_basic_login_test.rb
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        Eric Davis
    
Move all API tests into the ApiTest module to make management easier...

              r4243
            
      require "#{File.dirname(__FILE__)}/../../test_helper"

        Eric Davis
    
Added support for HTTP Basic access to the API. (#3920)...

              r3105
            
        Eric Davis
    
Move all API tests into the ApiTest module to make management easier...

              r4243
            
      class ApiTest::HttpBasicLoginTest < ActionController::IntegrationTest

        Eric Davis
    
Added support for HTTP Basic access to the API. (#3920)...

              r3105
            
        fixtures :all

        def setup

        Eric Davis
    
Added an Admin setting to enable/disable the REST web service. (#3920)...

              r3106
            
          Setting.rest_api_enabled = '1'

        Eric Davis
    
Added support for HTTP Basic access to the API. (#3920)...

              r3105
            
          Setting.login_required = '1'

        end

        def teardown

        Eric Davis
    
Added an Admin setting to enable/disable the REST web service. (#3920)...

              r3106
            
          Setting.rest_api_enabled = '0'

        Eric Davis
    
Added support for HTTP Basic access to the API. (#3920)...

              r3105
            
          Setting.login_required = '0'

        end

        # Using the NewsController because it's a simple API.

        context "get /news" do

          context "in :xml format" do

            context "with a valid HTTP authentication" do

              setup do

                @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')

                @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')

                get "/news.xml", nil, :authorization => @authorization

              end

              should_respond_with :success

              should_respond_with_content_type :xml

              should "login as the user" do

                assert_equal @user, User.current

              end

            end

            context "with an invalid HTTP authentication" do

              setup do

                @user = User.generate_with_protected!

                @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')

                get "/news.xml", nil, :authorization => @authorization

              end

              should_respond_with :unauthorized

              should_respond_with_content_type :xml

              should "not login as the user" do

                assert_equal User.anonymous, User.current

              end

            end

        Jean-Philippe Lang
    
Fixed: API 401 response does not include WWW-Authenticate header (#5322)....

              r3565
            
            context "without credentials" do

              setup do

                get "/projects/onlinestore/news.xml"

              end

              should_respond_with :unauthorized

              should_respond_with_content_type :xml

              should "include_www_authenticate_header" do

                assert @controller.response.headers.has_key?('WWW-Authenticate')

              end

            end

        Eric Davis
    
Added support for HTTP Basic access to the API. (#3920)...

              r3105
            
          end

          context "in :json format" do

            context "with a valid HTTP authentication" do

              setup do

                @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')

                @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')

                get "/news.json", nil, :authorization => @authorization

              end

              should_respond_with :success

              should_respond_with_content_type :json

              should "login as the user" do

                assert_equal @user, User.current

              end

            end

            context "with an invalid HTTP authentication" do

              setup do

                @user = User.generate_with_protected!

                @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')

                get "/news.json", nil, :authorization => @authorization

              end

              should_respond_with :unauthorized

              should_respond_with_content_type :json

              should "not login as the user" do

                assert_equal User.anonymous, User.current

              end

            end

          end

        Jean-Philippe Lang
    
Fixed: API 401 response does not include WWW-Authenticate header (#5322)....

              r3565
            
          context "without credentials" do

            setup do

              get "/projects/onlinestore/news.json"

            end

            should_respond_with :unauthorized

            should_respond_with_content_type :json

            should "include_www_authenticate_header" do

              assert @controller.response.headers.has_key?('WWW-Authenticate')

            end

          end

        Eric Davis
    
Added support for HTTP Basic access to the API. (#3920)...

              r3105
            
        end

      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

Eric Davis Move all API tests into the ApiTest module to make management easier...	r4243	require "#{File.dirname(__FILE__)}/../../test_helper"
Eric Davis Added support for HTTP Basic access to the API. (#3920)...	r3105
Eric Davis Move all API tests into the ApiTest module to make management easier...	r4243	class ApiTest::HttpBasicLoginTest < ActionController::IntegrationTest
Eric Davis Added support for HTTP Basic access to the API. (#3920)...	r3105	fixtures :all

		def setup
Eric Davis Added an Admin setting to enable/disable the REST web service. (#3920)...	r3106	Setting.rest_api_enabled = '1'
Eric Davis Added support for HTTP Basic access to the API. (#3920)...	r3105	Setting.login_required = '1'
		end

		def teardown
Eric Davis Added an Admin setting to enable/disable the REST web service. (#3920)...	r3106	Setting.rest_api_enabled = '0'
Eric Davis Added support for HTTP Basic access to the API. (#3920)...	r3105	Setting.login_required = '0'
		end

		# Using the NewsController because it's a simple API.
		context "get /news" do

		context "in :xml format" do
		context "with a valid HTTP authentication" do
		setup do
		@user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
		@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
		get "/news.xml", nil, :authorization => @authorization
		end

		should_respond_with :success
		should_respond_with_content_type :xml
		should "login as the user" do
		assert_equal @user, User.current
		end
		end

		context "with an invalid HTTP authentication" do
		setup do
		@user = User.generate_with_protected!
		@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
		get "/news.xml", nil, :authorization => @authorization
		end

		should_respond_with :unauthorized
		should_respond_with_content_type :xml
		should "not login as the user" do
		assert_equal User.anonymous, User.current
		end
		end
Jean-Philippe Lang Fixed: API 401 response does not include WWW-Authenticate header (#5322)....	r3565
		context "without credentials" do
		setup do
		get "/projects/onlinestore/news.xml"
		end

		should_respond_with :unauthorized
		should_respond_with_content_type :xml
		should "include_www_authenticate_header" do
		assert @controller.response.headers.has_key?('WWW-Authenticate')
		end
		end
Eric Davis Added support for HTTP Basic access to the API. (#3920)...	r3105	end

		context "in :json format" do
		context "with a valid HTTP authentication" do
		setup do
		@user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
		@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
		get "/news.json", nil, :authorization => @authorization
		end

		should_respond_with :success
		should_respond_with_content_type :json
		should "login as the user" do
		assert_equal @user, User.current
		end
		end

		context "with an invalid HTTP authentication" do
		setup do
		@user = User.generate_with_protected!
		@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
		get "/news.json", nil, :authorization => @authorization
		end

		should_respond_with :unauthorized
		should_respond_with_content_type :json
		should "not login as the user" do
		assert_equal User.anonymous, User.current
		end
		end
		end

Jean-Philippe Lang Fixed: API 401 response does not include WWW-Authenticate header (#5322)....	r3565	context "without credentials" do
		setup do
		get "/projects/onlinestore/news.json"
		end

		should_respond_with :unauthorized
		should_respond_with_content_type :json
		should "include_www_authenticate_header" do
		assert @controller.response.headers.has_key?('WWW-Authenticate')
		end
		end
Eric Davis Added support for HTTP Basic access to the API. (#3920)...	r3105	end
		end