jro_apps/redmine Files · test/integration/http_basic_login_test.rb

Added support for HTTP Basic access to the API. (#3920)...

Added support for HTTP Basic access to the API. (#3920) A user can authenticate using either their: * username/password * api-key/random git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3219 e93f8b46-1217-0410-a6f0-8f06a7374b81

Eric Davis - - Load All Authors

File last commit:

r3105:e07e9d8bfed4


                r3105:e07e9d8bfed4

Download file

             http_basic_login_test.rb
        
                    78 lines
            
             | 2.6 KiB
            
                | text/x-ruby
            
             |
                RubyLexer
            
             / test / integration / http_basic_login_test.rb
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        Eric Davis
    
Added support for HTTP Basic access to the API. (#3920)...

              r3105
            
      require "#{File.dirname(__FILE__)}/../test_helper"

      class HttpBasicLoginTest < ActionController::IntegrationTest

        fixtures :all

        def setup

          Setting.login_required = '1'

        end

        def teardown

          Setting.login_required = '0'

        end

        # Using the NewsController because it's a simple API.

        context "get /news" do

          context "in :xml format" do

            context "with a valid HTTP authentication" do

              setup do

                @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')

                @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')

                get "/news.xml", nil, :authorization => @authorization

              end

              should_respond_with :success

              should_respond_with_content_type :xml

              should "login as the user" do

                assert_equal @user, User.current

              end

            end

            context "with an invalid HTTP authentication" do

              setup do

                @user = User.generate_with_protected!

                @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')

                get "/news.xml", nil, :authorization => @authorization

              end

              should_respond_with :unauthorized

              should_respond_with_content_type :xml

              should "not login as the user" do

                assert_equal User.anonymous, User.current

              end

            end

          end

          context "in :json format" do

            context "with a valid HTTP authentication" do

              setup do

                @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')

                @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')

                get "/news.json", nil, :authorization => @authorization

              end

              should_respond_with :success

              should_respond_with_content_type :json

              should "login as the user" do

                assert_equal @user, User.current

              end

            end

            context "with an invalid HTTP authentication" do

              setup do

                @user = User.generate_with_protected!

                @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')

                get "/news.json", nil, :authorization => @authorization

              end

              should_respond_with :unauthorized

              should_respond_with_content_type :json

              should "not login as the user" do

                assert_equal User.anonymous, User.current

              end

            end

          end

        end

      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

Eric Davis Added support for HTTP Basic access to the API. (#3920)...	r3105	require "#{File.dirname(__FILE__)}/../test_helper"

		class HttpBasicLoginTest < ActionController::IntegrationTest
		fixtures :all

		def setup
		Setting.login_required = '1'
		end

		def teardown
		Setting.login_required = '0'
		end

		# Using the NewsController because it's a simple API.
		context "get /news" do

		context "in :xml format" do
		context "with a valid HTTP authentication" do
		setup do
		@user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
		@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
		get "/news.xml", nil, :authorization => @authorization
		end

		should_respond_with :success
		should_respond_with_content_type :xml
		should "login as the user" do
		assert_equal @user, User.current
		end
		end

		context "with an invalid HTTP authentication" do
		setup do
		@user = User.generate_with_protected!
		@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
		get "/news.xml", nil, :authorization => @authorization
		end

		should_respond_with :unauthorized
		should_respond_with_content_type :xml
		should "not login as the user" do
		assert_equal User.anonymous, User.current
		end
		end
		end

		context "in :json format" do
		context "with a valid HTTP authentication" do
		setup do
		@user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
		@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
		get "/news.json", nil, :authorization => @authorization
		end

		should_respond_with :success
		should_respond_with_content_type :json
		should "login as the user" do
		assert_equal @user, User.current
		end
		end

		context "with an invalid HTTP authentication" do
		setup do
		@user = User.generate_with_protected!
		@authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
		get "/news.json", nil, :authorization => @authorization
		end

		should_respond_with :unauthorized
		should_respond_with_content_type :json
		should "not login as the user" do
		assert_equal User.anonymous, User.current
		end
		end
		end

		end
		end