##// END OF EJS Templates
jro_apps » redmine
RSS
explicitly set encoding UTF-8 (#16107)...
Toshi MARUYAMA -
r12643:c6f71f727bc7
parent child
Show More
Side by Side Unified
Context file:
r12643:c6f71f727bc7 Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,91 +1,96
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2014 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../../test_helper', __FILE__)
19 19
20 20 class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
21 21 fixtures :users
22 22
23 23 def setup
24 24 Setting.rest_api_enabled = '1'
25 25 end
26 26
27 27 def teardown
28 28 Setting.rest_api_enabled = '0'
29 29 end
30 30
31 31 def test_api_should_trigger_basic_http_auth_with_basic_authorization_header
32 32 ApplicationController.any_instance.expects(:authenticate_with_http_basic).once
33 33 get '/users/current.xml', {}, credentials('jsmith')
34 34 assert_response 401
35 35 end
36 36
37 37 def test_api_should_not_trigger_basic_http_auth_with_non_basic_authorization_header
38 38 ApplicationController.any_instance.expects(:authenticate_with_http_basic).never
39 39 get '/users/current.xml', {}, 'HTTP_AUTHORIZATION' => 'Digest foo bar'
40 40 assert_response 401
41 41 end
42 42
43 43 def test_invalid_utf8_credentials_should_not_trigger_an_error
44 invalid_utf8 = "\x82"
45 if invalid_utf8.respond_to?(:force_encoding)
46 invalid_utf8.force_encoding('UTF-8')
47 assert !invalid_utf8.valid_encoding?
48 end
44 49 assert_nothing_raised do
45 get '/users/current.xml', {}, credentials("\x82", "foo")
50 get '/users/current.xml', {}, credentials(invalid_utf8, "foo")
46 51 end
47 52 end
48 53
49 54 def test_api_request_should_not_use_user_session
50 55 log_user('jsmith', 'jsmith')
51 56
52 57 get '/users/current'
53 58 assert_response :success
54 59
55 60 get '/users/current.json'
56 61 assert_response 401
57 62 end
58 63
59 64 def test_api_should_accept_switch_user_header_for_admin_user
60 65 user = User.find(1)
61 66 su = User.find(4)
62 67
63 68 get '/users/current', {}, {'X-Redmine-API-Key' => user.api_key, 'X-Redmine-Switch-User' => su.login}
64 69 assert_response :success
65 70 assert_equal su, assigns(:user)
66 71 assert_equal su, User.current
67 72 end
68 73
69 74 def test_api_should_respond_with_412_when_trying_to_switch_to_a_invalid_user
70 75 get '/users/current', {}, {'X-Redmine-API-Key' => User.find(1).api_key, 'X-Redmine-Switch-User' => 'foobar'}
71 76 assert_response 412
72 77 end
73 78
74 79 def test_api_should_respond_with_412_when_trying_to_switch_to_a_locked_user
75 80 user = User.find(5)
76 81 assert user.locked?
77 82
78 83 get '/users/current', {}, {'X-Redmine-API-Key' => User.find(1).api_key, 'X-Redmine-Switch-User' => user.login}
79 84 assert_response 412
80 85 end
81 86
82 87 def test_api_should_not_accept_switch_user_header_for_non_admin_user
83 88 user = User.find(2)
84 89 su = User.find(4)
85 90
86 91 get '/users/current', {}, {'X-Redmine-API-Key' => user.api_key, 'X-Redmine-Switch-User' => su.login}
87 92 assert_response :success
88 93 assert_equal user, assigns(:user)
89 94 assert_equal user, User.current
90 95 end
91 96 end
General Comments 0
You need to be logged in to leave comments. Login now