##// END OF EJS Templates
jro_apps » redmine
RSS
Merged r4437 from trunk....
Merged r4437 from trunk. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/branches/1.0-stable@4438 e93f8b46-1217-0410-a6f0-8f06a7374b81
Jean-Philippe Lang - - Load All Authors

File last commit:

r3565:aa4d1fe816cf
r4324:bdb888476d06
Show More
http_basic_login_test.rb
103 lines | 3.3 KiB | text/x-ruby | RubyLexer
/ test / integration / http_basic_login_test.rb
History | Source | Raw |Copy content |Copy permalink
Eric Davis
Added support for HTTP Basic access to the API. (#3920)...
 r3105 require "#{File.dirname(__FILE__)}/../test_helper"
class HttpBasicLoginTest < ActionController::IntegrationTest
fixtures :all
def setup
Eric Davis
Added an Admin setting to enable/disable the REST web service. (#3920)...
 r3106 Setting.rest_api_enabled = '1'
Eric Davis
Added support for HTTP Basic access to the API. (#3920)...
 r3105 Setting.login_required = '1'
end
def teardown
Eric Davis
Added an Admin setting to enable/disable the REST web service. (#3920)...
 r3106 Setting.rest_api_enabled = '0'
Eric Davis
Added support for HTTP Basic access to the API. (#3920)...
 r3105 Setting.login_required = '0'
end
# Using the NewsController because it's a simple API.
context "get /news" do
context "in :xml format" do
context "with a valid HTTP authentication" do
setup do
@user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
get "/news.xml", nil, :authorization => @authorization
end
should_respond_with :success
should_respond_with_content_type :xml
should "login as the user" do
assert_equal @user, User.current
end
end
context "with an invalid HTTP authentication" do
setup do
@user = User.generate_with_protected!
@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
get "/news.xml", nil, :authorization => @authorization
end
should_respond_with :unauthorized
should_respond_with_content_type :xml
should "not login as the user" do
assert_equal User.anonymous, User.current
end
end
Jean-Philippe Lang
Fixed: API 401 response does not include WWW-Authenticate header (#5322)....
 r3565
context "without credentials" do
setup do
get "/projects/onlinestore/news.xml"
end
should_respond_with :unauthorized
should_respond_with_content_type :xml
should "include_www_authenticate_header" do
assert @controller.response.headers.has_key?('WWW-Authenticate')
end
end
Eric Davis
Added support for HTTP Basic access to the API. (#3920)...
 r3105 end
context "in :json format" do
context "with a valid HTTP authentication" do
setup do
@user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
get "/news.json", nil, :authorization => @authorization
end
should_respond_with :success
should_respond_with_content_type :json
should "login as the user" do
assert_equal @user, User.current
end
end
context "with an invalid HTTP authentication" do
setup do
@user = User.generate_with_protected!
@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
get "/news.json", nil, :authorization => @authorization
end
should_respond_with :unauthorized
should_respond_with_content_type :json
should "not login as the user" do
assert_equal User.anonymous, User.current
end
end
end
Jean-Philippe Lang
Fixed: API 401 response does not include WWW-Authenticate header (#5322)....
 r3565 context "without credentials" do
setup do
get "/projects/onlinestore/news.json"
end
should_respond_with :unauthorized
should_respond_with_content_type :json
should "include_www_authenticate_header" do
assert @controller.response.headers.has_key?('WWW-Authenticate')
end
end
Eric Davis
Added support for HTTP Basic access to the API. (#3920)...
 r3105 end
end