@@ -27,7 +27,7 class IssuesController < ApplicationController | |||||
27 | before_filter :find_optional_project, :only => [:index] |
|
27 | before_filter :find_optional_project, :only => [:index] | |
28 | before_filter :check_for_default_issue_status, :only => [:new, :create] |
|
28 | before_filter :check_for_default_issue_status, :only => [:new, :create] | |
29 | before_filter :build_new_issue_from_params, :only => [:new, :create] |
|
29 | before_filter :build_new_issue_from_params, :only => [:new, :create] | |
30 | accept_key_auth :index, :show |
|
30 | accept_key_auth :index, :show, :create | |
31 |
|
31 | |||
32 | rescue_from Query::StatementInvalid, :with => :query_statement_invalid |
|
32 | rescue_from Query::StatementInvalid, :with => :query_statement_invalid | |
33 |
|
33 |
@@ -91,69 +91,70 class ApiTest::IssuesTest < ActionController::IntegrationTest | |||||
91 | end |
|
91 | end | |
92 |
|
92 | |||
93 | context "POST /issues.xml" do |
|
93 | context "POST /issues.xml" do | |
94 | setup do |
|
94 | should_allow_api_authentication(:post, | |
95 | @issue_count = Issue.count |
|
95 | '/issues.xml', | |
96 |
|
|
96 | {:issue => {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3}}, | |
97 | post '/issues.xml', {:issue => @attributes}, :authorization => credentials('jsmith') |
|
97 | {:success_code => :created}) | |
98 | end |
|
|||
99 |
|
||||
100 | should_respond_with :created |
|
|||
101 | should_respond_with_content_type 'application/xml' |
|
|||
102 |
|
98 | |||
103 | should "create an issue with the attributes" do |
|
99 | should "create an issue with the attributes" do | |
104 |
assert_ |
|
100 | assert_difference('Issue.count') do | |
105 |
|
101 | post '/issues.xml', {:issue => {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3}}, :authorization => credentials('jsmith') | ||
106 | issue = Issue.first(:order => 'id DESC') |
|
|||
107 | @attributes.each do |attribute, value| |
|
|||
108 | assert_equal value, issue.send(attribute) |
|
|||
109 | end |
|
102 | end | |
|
103 | ||||
|
104 | issue = Issue.first(:order => 'id DESC') | |||
|
105 | assert_equal 1, issue.project_id | |||
|
106 | assert_equal 2, issue.tracker_id | |||
|
107 | assert_equal 3, issue.status_id | |||
|
108 | assert_equal 'API test', issue.subject | |||
110 | end |
|
109 | end | |
111 | end |
|
110 | end | |
112 |
|
111 | |||
113 | context "POST /issues.xml with failure" do |
|
112 | context "POST /issues.xml with failure" do | |
114 | setup do |
|
113 | should_allow_api_authentication(:post, | |
115 | @attributes = {:project_id => 1} |
|
114 | '/issues.xml', | |
116 | post '/issues.xml', {:issue => @attributes}, :authorization => credentials('jsmith') |
|
115 | {:issue => {:project_id => 1}}, | |
117 | end |
|
116 | {:success_code => :unprocessable_entity}) | |
118 |
|
||||
119 | should_respond_with :unprocessable_entity |
|
|||
120 | should_respond_with_content_type 'application/xml' |
|
|||
121 |
|
117 | |||
122 | should "have an errors tag" do |
|
118 | should "have an errors tag" do | |
|
119 | assert_no_difference('Issue.count') do | |||
|
120 | post '/issues.xml', {:issue => {:project_id => 1}}, :authorization => credentials('jsmith') | |||
|
121 | end | |||
|
122 | ||||
123 | assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} |
|
123 | assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} | |
124 | end |
|
124 | end | |
125 | end |
|
125 | end | |
126 |
|
126 | |||
127 | context "POST /issues.json" do |
|
127 | context "POST /issues.json" do | |
128 | setup do |
|
128 | should_allow_api_authentication(:post, | |
129 | @issue_count = Issue.count |
|
129 | '/issues.json', | |
130 |
|
|
130 | {:issue => {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3}}, | |
131 | post '/issues.json', {:issue => @attributes}, :authorization => credentials('jsmith') |
|
131 | {:success_code => :created}) | |
132 | end |
|
|||
133 |
|
||||
134 | should_respond_with :created |
|
|||
135 | should_respond_with_content_type 'application/json' |
|
|||
136 |
|
132 | |||
137 | should "create an issue with the attributes" do |
|
133 | should "create an issue with the attributes" do | |
138 |
assert_ |
|
134 | assert_difference('Issue.count') do | |
139 |
|
135 | post '/issues.json', {:issue => {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3}}, :authorization => credentials('jsmith') | ||
140 | issue = Issue.first(:order => 'id DESC') |
|
|||
141 | @attributes.each do |attribute, value| |
|
|||
142 | assert_equal value, issue.send(attribute) |
|
|||
143 | end |
|
136 | end | |
|
137 | ||||
|
138 | issue = Issue.first(:order => 'id DESC') | |||
|
139 | assert_equal 1, issue.project_id | |||
|
140 | assert_equal 2, issue.tracker_id | |||
|
141 | assert_equal 3, issue.status_id | |||
|
142 | assert_equal 'API test', issue.subject | |||
144 | end |
|
143 | end | |
|
144 | ||||
145 | end |
|
145 | end | |
146 |
|
146 | |||
147 | context "POST /issues.json with failure" do |
|
147 | context "POST /issues.json with failure" do | |
148 | setup do |
|
148 | should_allow_api_authentication(:post, | |
149 | @attributes = {:project_id => 1} |
|
149 | '/issues.json', | |
150 | post '/issues.json', {:issue => @attributes}, :authorization => credentials('jsmith') |
|
150 | {:issue => {:project_id => 1}}, | |
151 | end |
|
151 | {:success_code => :unprocessable_entity}) | |
152 |
|
||||
153 | should_respond_with :unprocessable_entity |
|
|||
154 | should_respond_with_content_type 'application/json' |
|
|||
155 |
|
152 | |||
156 | should "have an errors element" do |
|
153 | should "have an errors element" do | |
|
154 | assert_no_difference('Issue.count') do | |||
|
155 | post '/issues.json', {:issue => {:project_id => 1}}, :authorization => credentials('jsmith') | |||
|
156 | end | |||
|
157 | ||||
157 | json = ActiveSupport::JSON.decode(response.body) |
|
158 | json = ActiveSupport::JSON.decode(response.body) | |
158 | assert_equal "can't be blank", json.first['subject'] |
|
159 | assert_equal "can't be blank", json.first['subject'] | |
159 | end |
|
160 | end |
@@ -195,10 +195,13 class ActiveSupport::TestCase | |||||
195 | # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) |
|
195 | # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) | |
196 | # @param [String] url the request url |
|
196 | # @param [String] url the request url | |
197 | # @param [optional, Hash] parameters additional request parameters |
|
197 | # @param [optional, Hash] parameters additional request parameters | |
198 | def self.should_allow_api_authentication(http_method, url, parameters={}) |
|
198 | # @param [optional, Hash] options additional options | |
199 | should_allow_http_basic_auth_with_username_and_password(http_method, url, parameters) |
|
199 | # @option options [Symbol] :success_code Successful response code (:success) | |
200 | should_allow_http_basic_auth_with_key(http_method, url, parameters) |
|
200 | # @option options [Symbol] :failure_code Failure response code (:unauthorized) | |
201 |
|
|
201 | def self.should_allow_api_authentication(http_method, url, parameters={}, options={}) | |
|
202 | should_allow_http_basic_auth_with_username_and_password(http_method, url, parameters, options) | |||
|
203 | should_allow_http_basic_auth_with_key(http_method, url, parameters, options) | |||
|
204 | should_allow_key_based_auth(http_method, url, parameters, options) | |||
202 | end |
|
205 | end | |
203 |
|
206 | |||
204 | # Test that a request allows the username and password for HTTP BASIC |
|
207 | # Test that a request allows the username and password for HTTP BASIC | |
@@ -206,7 +209,13 class ActiveSupport::TestCase | |||||
206 | # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) |
|
209 | # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) | |
207 | # @param [String] url the request url |
|
210 | # @param [String] url the request url | |
208 | # @param [optional, Hash] parameters additional request parameters |
|
211 | # @param [optional, Hash] parameters additional request parameters | |
209 | def self.should_allow_http_basic_auth_with_username_and_password(http_method, url, parameters={}) |
|
212 | # @param [optional, Hash] options additional options | |
|
213 | # @option options [Symbol] :success_code Successful response code (:success) | |||
|
214 | # @option options [Symbol] :failure_code Failure response code (:unauthorized) | |||
|
215 | def self.should_allow_http_basic_auth_with_username_and_password(http_method, url, parameters={}, options={}) | |||
|
216 | success_code = options[:success_code] || :success | |||
|
217 | failure_code = options[:failure_code] || :unauthorized | |||
|
218 | ||||
210 | context "should allow http basic auth using a username and password for #{http_method} #{url}" do |
|
219 | context "should allow http basic auth using a username and password for #{http_method} #{url}" do | |
211 | context "with a valid HTTP authentication" do |
|
220 | context "with a valid HTTP authentication" do | |
212 | setup do |
|
221 | setup do | |
@@ -215,7 +224,7 class ActiveSupport::TestCase | |||||
215 | send(http_method, url, parameters, {:authorization => @authorization}) |
|
224 | send(http_method, url, parameters, {:authorization => @authorization}) | |
216 | end |
|
225 | end | |
217 |
|
226 | |||
218 |
should_respond_with |
|
227 | should_respond_with success_code | |
219 | should_respond_with_content_type_based_on_url(url) |
|
228 | should_respond_with_content_type_based_on_url(url) | |
220 | should "login as the user" do |
|
229 | should "login as the user" do | |
221 | assert_equal @user, User.current |
|
230 | assert_equal @user, User.current | |
@@ -229,7 +238,7 class ActiveSupport::TestCase | |||||
229 | send(http_method, url, parameters, {:authorization => @authorization}) |
|
238 | send(http_method, url, parameters, {:authorization => @authorization}) | |
230 | end |
|
239 | end | |
231 |
|
240 | |||
232 |
should_respond_with |
|
241 | should_respond_with failure_code | |
233 | should_respond_with_content_type_based_on_url(url) |
|
242 | should_respond_with_content_type_based_on_url(url) | |
234 | should "not login as the user" do |
|
243 | should "not login as the user" do | |
235 | assert_equal User.anonymous, User.current |
|
244 | assert_equal User.anonymous, User.current | |
@@ -241,7 +250,7 class ActiveSupport::TestCase | |||||
241 | send(http_method, url, parameters, {:authorization => ''}) |
|
250 | send(http_method, url, parameters, {:authorization => ''}) | |
242 | end |
|
251 | end | |
243 |
|
252 | |||
244 |
should_respond_with |
|
253 | should_respond_with failure_code | |
245 | should_respond_with_content_type_based_on_url(url) |
|
254 | should_respond_with_content_type_based_on_url(url) | |
246 | should "include_www_authenticate_header" do |
|
255 | should "include_www_authenticate_header" do | |
247 | assert @controller.response.headers.has_key?('WWW-Authenticate') |
|
256 | assert @controller.response.headers.has_key?('WWW-Authenticate') | |
@@ -256,7 +265,13 class ActiveSupport::TestCase | |||||
256 | # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) |
|
265 | # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) | |
257 | # @param [String] url the request url |
|
266 | # @param [String] url the request url | |
258 | # @param [optional, Hash] parameters additional request parameters |
|
267 | # @param [optional, Hash] parameters additional request parameters | |
259 | def self.should_allow_http_basic_auth_with_key(http_method, url, parameters={}) |
|
268 | # @param [optional, Hash] options additional options | |
|
269 | # @option options [Symbol] :success_code Successful response code (:success) | |||
|
270 | # @option options [Symbol] :failure_code Failure response code (:unauthorized) | |||
|
271 | def self.should_allow_http_basic_auth_with_key(http_method, url, parameters={}, options={}) | |||
|
272 | success_code = options[:success_code] || :success | |||
|
273 | failure_code = options[:failure_code] || :unauthorized | |||
|
274 | ||||
260 | context "should allow http basic auth with a key for #{http_method} #{url}" do |
|
275 | context "should allow http basic auth with a key for #{http_method} #{url}" do | |
261 | context "with a valid HTTP authentication using the API token" do |
|
276 | context "with a valid HTTP authentication using the API token" do | |
262 | setup do |
|
277 | setup do | |
@@ -266,7 +281,7 class ActiveSupport::TestCase | |||||
266 | send(http_method, url, parameters, {:authorization => @authorization}) |
|
281 | send(http_method, url, parameters, {:authorization => @authorization}) | |
267 | end |
|
282 | end | |
268 |
|
283 | |||
269 |
should_respond_with |
|
284 | should_respond_with success_code | |
270 | should_respond_with_content_type_based_on_url(url) |
|
285 | should_respond_with_content_type_based_on_url(url) | |
271 | should_be_a_valid_response_string_based_on_url(url) |
|
286 | should_be_a_valid_response_string_based_on_url(url) | |
272 | should "login as the user" do |
|
287 | should "login as the user" do | |
@@ -282,7 +297,7 class ActiveSupport::TestCase | |||||
282 | send(http_method, url, parameters, {:authorization => @authorization}) |
|
297 | send(http_method, url, parameters, {:authorization => @authorization}) | |
283 | end |
|
298 | end | |
284 |
|
299 | |||
285 |
should_respond_with |
|
300 | should_respond_with failure_code | |
286 | should_respond_with_content_type_based_on_url(url) |
|
301 | should_respond_with_content_type_based_on_url(url) | |
287 | should "not login as the user" do |
|
302 | should "not login as the user" do | |
288 | assert_equal User.anonymous, User.current |
|
303 | assert_equal User.anonymous, User.current | |
@@ -296,7 +311,13 class ActiveSupport::TestCase | |||||
296 | # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) |
|
311 | # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) | |
297 | # @param [String] url the request url, without the key=ZXY parameter |
|
312 | # @param [String] url the request url, without the key=ZXY parameter | |
298 | # @param [optional, Hash] parameters additional request parameters |
|
313 | # @param [optional, Hash] parameters additional request parameters | |
299 | def self.should_allow_key_based_auth(http_method, url, parameters={}) |
|
314 | # @param [optional, Hash] options additional options | |
|
315 | # @option options [Symbol] :success_code Successful response code (:success) | |||
|
316 | # @option options [Symbol] :failure_code Failure response code (:unauthorized) | |||
|
317 | def self.should_allow_key_based_auth(http_method, url, parameters={}, options={}) | |||
|
318 | success_code = options[:success_code] || :success | |||
|
319 | failure_code = options[:failure_code] || :unauthorized | |||
|
320 | ||||
300 | context "should allow key based auth using key=X for #{http_method} #{url}" do |
|
321 | context "should allow key based auth using key=X for #{http_method} #{url}" do | |
301 | context "with a valid api token" do |
|
322 | context "with a valid api token" do | |
302 | setup do |
|
323 | setup do | |
@@ -311,7 +332,7 class ActiveSupport::TestCase | |||||
311 | send(http_method, request_url, parameters) |
|
332 | send(http_method, request_url, parameters) | |
312 | end |
|
333 | end | |
313 |
|
334 | |||
314 |
should_respond_with |
|
335 | should_respond_with success_code | |
315 | should_respond_with_content_type_based_on_url(url) |
|
336 | should_respond_with_content_type_based_on_url(url) | |
316 | should_be_a_valid_response_string_based_on_url(url) |
|
337 | should_be_a_valid_response_string_based_on_url(url) | |
317 | should "login as the user" do |
|
338 | should "login as the user" do | |
@@ -323,10 +344,16 class ActiveSupport::TestCase | |||||
323 | setup do |
|
344 | setup do | |
324 | @user = User.generate_with_protected! |
|
345 | @user = User.generate_with_protected! | |
325 | @token = Token.generate!(:user => @user, :action => 'feeds') |
|
346 | @token = Token.generate!(:user => @user, :action => 'feeds') | |
326 | send(http_method, url + "?key=#{@token.value}") |
|
347 | # Simple url parse to add on ?key= or &key= | |
|
348 | request_url = if url.match(/\?/) | |||
|
349 | url + "&key=#{@token.value}" | |||
|
350 | else | |||
|
351 | url + "?key=#{@token.value}" | |||
|
352 | end | |||
|
353 | send(http_method, request_url, parameters) | |||
327 | end |
|
354 | end | |
328 |
|
355 | |||
329 |
should_respond_with |
|
356 | should_respond_with failure_code | |
330 | should_respond_with_content_type_based_on_url(url) |
|
357 | should_respond_with_content_type_based_on_url(url) | |
331 | should "not login as the user" do |
|
358 | should "not login as the user" do | |
332 | assert_equal User.anonymous, User.current |
|
359 | assert_equal User.anonymous, User.current |
General Comments 0
You need to be logged in to leave comments.
Login now