Refactor users_controller_test and user_preferences_controller_test

config/routes.rb

@@ -61,16 +61,16 @@ OpenStreetMap::Application.routes.draw do
 
     get "changes" => "api/changes#index"
 
-    get "user/:id" => "api/users#show", :id => /\d+/
+    get "user/:id" => "api/users#show", :id => /\d+/, :as => :api_user
     get "user/details" => "api/users#details"
     get "user/gpx_files" => "api/users#gpx_files"
     get "users" => "api/users#index", :as => :api_users
 
-    get "user/preferences" => "api/user_preferences#index"
+    resources :user_preferences, :except => [:new, :create, :edit], :param => :preference_key, :path => "user/preferences", :controller => "api/user_preferences" do
-    get "user/preferences/:preference_key" => "api/user_preferences#show"
+      collection do
-    put "user/preferences" => "api/user_preferences#update_all"
+        put "" => "api/user_preferences#update_all", :as => ""
-    put "user/preferences/:preference_key" => "api/user_preferences#update"
+      end
-    delete "user/preferences/:preference_key" => "api/user_preferences#destroy"
+    end
 
     post "gpx/create" => "api/traces#create"
     get "gpx/:id" => "api/traces#show", :id => /\d+/

test/controllers/api/user_preferences_controller_test.rb

@@ -1,7 +1,7 @@
 require "test_helper"
 
 module Api
-  class UserPreferencesControllerTest < ActionController::TestCase
+  class UserPreferencesControllerTest < ActionDispatch::IntegrationTest
     ##
     # test all routes which lead to this controller
     def test_routes
@@ -31,14 +31,14 @@ module Api
     # test showing all preferences
     def test_index
       # first try without auth
-      get :index
+      get user_preferences_path
       assert_response :unauthorized, "should be authenticated"
 
       # authenticate as a user with no preferences
-      basic_authorization create(:user).email, "test"
+      auth_header = basic_authorization_header create(:user).email, "test"
 
       # try the read again
-      get :index
+      get user_preferences_path, :headers => auth_header
       assert_select "osm" do
         assert_select "preferences", :count => 1 do
           assert_select "preference", :count => 0
@@ -49,10 +49,10 @@ module Api
       user = create(:user)
       user_preference = create(:user_preference, :user => user)
       user_preference2 = create(:user_preference, :user => user)
-      basic_authorization user.email, "test"
+      auth_header = basic_authorization_header user.email, "test"
 
       # try the read again
-      get :index
+      get user_preferences_path, :headers => auth_header
       assert_response :success
       assert_equal "application/xml", @response.media_type
       assert_select "osm" do
@@ -71,20 +71,20 @@ module Api
       create(:user_preference, :user => user, :k => "key", :v => "value")
 
       # try a read without auth
-      get :show, :params => { :preference_key => "key" }
+      get user_preference_path(:preference_key => "key")
       assert_response :unauthorized, "should be authenticated"
 
       # authenticate as a user with preferences
-      basic_authorization user.email, "test"
+      auth_header = basic_authorization_header user.email, "test"
 
       # try the read again
-      get :show, :params => { :preference_key => "key" }
+      get user_preference_path(:preference_key => "key"), :headers => auth_header
       assert_response :success
       assert_equal "text/plain", @response.media_type
       assert_equal "value", @response.body
 
       # try the read again for a non-existent key
-      get :show, :params => { :preference_key => "unknown_key" }
+      get user_preference_path(:preference_key => "unknown_key"), :headers => auth_header
       assert_response :not_found
     end
 
@@ -97,7 +97,7 @@ module Api
 
       # try a put without auth
       assert_no_difference "UserPreference.count" do
-        put :update_all, :body => "<osm><preferences><preference k='key' v='new_value'/><preference k='new_key' v='value'/></preferences></osm>"
+        put user_preferences_path, :params => "<osm><preferences><preference k='key' v='new_value'/><preference k='new_key' v='value'/></preferences></osm>"
       end
       assert_response :unauthorized, "should be authenticated"
       assert_equal "value", UserPreference.find([user.id, "key"]).v
@@ -107,11 +107,11 @@ module Api
       end
 
       # authenticate as a user with preferences
-      basic_authorization user.email, "test"
+      auth_header = basic_authorization_header user.email, "test"
 
       # try the put again
       assert_no_difference "UserPreference.count" do
-        put :update_all, :body => "<osm><preferences><preference k='key' v='new_value'/><preference k='new_key' v='value'/></preferences></osm>"
+        put user_preferences_path, :params => "<osm><preferences><preference k='key' v='new_value'/><preference k='new_key' v='value'/></preferences></osm>", :headers => auth_header
       end
       assert_response :success
       assert_equal "text/plain", @response.media_type
@@ -124,7 +124,7 @@ module Api
 
       # try a put with duplicate keys
       assert_no_difference "UserPreference.count" do
-        put :update_all, :body => "<osm><preferences><preference k='key' v='value'/><preference k='key' v='newer_value'/></preferences></osm>"
+        put user_preferences_path, :params => "<osm><preferences><preference k='key' v='value'/><preference k='key' v='newer_value'/></preferences></osm>", :headers => auth_header
       end
       assert_response :bad_request
       assert_equal "text/plain", @response.media_type
@@ -133,7 +133,7 @@ module Api
 
       # try a put with invalid content
       assert_no_difference "UserPreference.count" do
-        put :update_all, :body => "nonsense"
+        put user_preferences_path, :params => "nonsense", :headers => auth_header
       end
       assert_response :bad_request
     end
@@ -146,7 +146,7 @@ module Api
 
       # try a put without auth
       assert_no_difference "UserPreference.count" do
-        put :update, :params => { :preference_key => "new_key" }, :body => "new_value"
+        put user_preference_path(:preference_key => "new_key"), :params => "new_value"
       end
       assert_response :unauthorized, "should be authenticated"
       assert_raises ActiveRecord::RecordNotFound do
@@ -154,11 +154,11 @@ module Api
       end
 
       # authenticate as a user with preferences
-      basic_authorization user.email, "test"
+      auth_header = basic_authorization_header user.email, "test"
 
       # try adding a new preference
       assert_difference "UserPreference.count", 1 do
-        put :update, :params => { :preference_key => "new_key" }, :body => "new_value"
+        put user_preference_path(:preference_key => "new_key"), :params => "new_value", :headers => auth_header
       end
       assert_response :success
       assert_equal "text/plain", @response.media_type
@@ -167,7 +167,7 @@ module Api
 
       # try changing the value of a preference
       assert_no_difference "UserPreference.count" do
-        put :update, :params => { :preference_key => "new_key" }, :body => "newer_value"
+        put user_preference_path(:preference_key => "new_key"), :params => "newer_value", :headers => auth_header
       end
       assert_response :success
       assert_equal "text/plain", @response.media_type
@@ -183,17 +183,17 @@ module Api
 
       # try a delete without auth
       assert_no_difference "UserPreference.count" do
-        delete :destroy, :params => { :preference_key => "key" }
+        delete user_preference_path(:preference_key => "key")
       end
       assert_response :unauthorized, "should be authenticated"
       assert_equal "value", UserPreference.find([user.id, "key"]).v
 
       # authenticate as a user with preferences
-      basic_authorization user.email, "test"
+      auth_header = basic_authorization_header user.email, "test"
 
       # try the delete again
       assert_difference "UserPreference.count", -1 do
-        get :destroy, :params => { :preference_key => "key" }
+        delete user_preference_path(:preference_key => "key"), :headers => auth_header
       end
       assert_response :success
       assert_equal "text/plain", @response.media_type
@@ -204,7 +204,7 @@ module Api
 
       # try the delete again for the same key
       assert_no_difference "UserPreference.count" do
-        get :destroy, :params => { :preference_key => "key" }
+        delete user_preference_path(:preference_key => "key"), :headers => auth_header
       end
       assert_response :not_found
       assert_raises ActiveRecord::RecordNotFound do
@@ -219,12 +219,7 @@ module Api
       token = create(:access_token, :user => user, :allow_read_prefs => true)
       create(:user_preference, :user => user, :k => "key", :v => "value")
 
-      # Hack together an oauth request - an alternative would be to sign the request properly
+      signed_get user_preference_path(:preference_key => "key"), :oauth => { :token => token }
-      @request.env["oauth.version"] = 1
-      @request.env["oauth.strategies"] = [:token]
-      @request.env["oauth.token"] = token
-
-      get :show, :params => { :preference_key => "key" }
       assert_response :success
     end
 
@@ -235,11 +230,8 @@ module Api
       user = create(:user)
       token = create(:access_token, :user => user, :allow_read_prefs => false)
       create(:user_preference, :user => user, :k => "key", :v => "value")
-      @request.env["oauth.version"] = 1
-      @request.env["oauth.strategies"] = [:token]
-      @request.env["oauth.token"] = token
 
-      get :show, :params => { :preference_key => "key" }
+      signed_get user_preference_path(:preference_key => "key"), :oauth => { :token => token }
       assert_response :forbidden
     end
   end

test/controllers/api/users_controller_test.rb

@@ -1,7 +1,7 @@
 require "test_helper"
 
 module Api
-  class UsersControllerTest < ActionController::TestCase
+  class UsersControllerTest < ActionDispatch::IntegrationTest
     ##
     # test all routes which lead to this controller
     def test_routes
@@ -26,7 +26,7 @@ module Api
     def test_show
       user = create(:user, :description => "test", :terms_agreed => Date.yesterday)
       # check that a visible user is returned properly
-      get :show, :params => { :id => user.id }
+      get api_user_path(:id => user.id)
       assert_response :success
       assert_equal "text/xml", response.media_type
 
@@ -59,15 +59,15 @@ module Api
       assert_select "messages", false
 
       # check that a suspended user is not returned
-      get :show, :params => { :id => create(:user, :suspended).id }
+      get api_user_path(:id => create(:user, :suspended).id)
       assert_response :gone
 
       # check that a deleted user is not returned
-      get :show, :params => { :id => create(:user, :deleted).id }
+      get api_user_path(:id => create(:user, :deleted).id)
       assert_response :gone
 
       # check that a non-existent user is not returned
-      get :show, :params => { :id => 0 }
+      get api_user_path(:id => 0)
       assert_response :not_found
     end
 
@@ -77,12 +77,12 @@ module Api
       create(:message, :sender => user)
 
       # check that nothing is returned when not logged in
-      get :details
+      get user_details_path
       assert_response :unauthorized
 
       # check that we get a response when logged in
-      basic_authorization user.email, "test"
+      auth_header = basic_authorization_header user.email, "test"
-      get :details
+      get user_details_path, :headers => auth_header
       assert_response :success
       assert_equal "text/xml", response.media_type
 
@@ -128,7 +128,7 @@ module Api
       user2 = create(:user, :description => "test2", :terms_agreed => Date.yesterday)
       user3 = create(:user, :description => "test3", :terms_agreed => Date.yesterday)
 
-      get :index, :params => { :users => user1.id }
+      get api_users_path(:users => user1.id)
       assert_response :success
       assert_equal "text/xml", response.media_type
       assert_select "user", :count => 1 do
@@ -137,7 +137,7 @@ module Api
         assert_select "user[id='#{user3.id}']", :count => 0
       end
 
-      get :index, :params => { :users => user2.id }
+      get api_users_path(:users => user2.id)
       assert_response :success
       assert_equal "text/xml", response.media_type
       assert_select "user", :count => 1 do
@@ -146,7 +146,7 @@ module Api
         assert_select "user[id='#{user3.id}']", :count => 0
       end
 
-      get :index, :params => { :users => "#{user1.id},#{user3.id}" }
+      get api_users_path(:users => "#{user1.id},#{user3.id}")
       assert_response :success
       assert_equal "text/xml", response.media_type
       assert_select "user", :count => 2 do
@@ -155,13 +155,13 @@ module Api
         assert_select "user[id='#{user3.id}']", :count => 1
       end
 
-      get :index, :params => { :users => create(:user, :suspended).id }
+      get api_users_path(:users => create(:user, :suspended).id)
       assert_response :not_found
 
-      get :index, :params => { :users => create(:user, :deleted).id }
+      get api_users_path(:users => create(:user, :deleted).id)
       assert_response :not_found
 
-      get :index, :params => { :users => 0 }
+      get api_users_path(:users => 0)
       assert_response :not_found
     end
 
@@ -174,12 +174,12 @@ module Api
         create(:tracetag, :trace => trace, :tag => "Birmingham")
       end
       # check that nothing is returned when not logged in
-      get :gpx_files
+      get user_gpx_files_path
       assert_response :unauthorized
 
       # check that we get a response when logged in
-      basic_authorization user.email, "test"
+      auth_header = basic_authorization_header user.email, "test"
-      get :gpx_files
+      get user_gpx_files_path, :headers => auth_header
       assert_response :success
       assert_equal "application/xml", response.media_type