Add functions tests for the oauth_clients controller

app/controllers/oauth_clients_controller.rb

@@ -33,6 +33,9 @@ class OauthClientsController < ApplicationController
 
   def edit
     @client_application = @user.client_applications.find(params[:id])
+  rescue ActiveRecord::RecordNotFound
+    @type = "client application"
+    render :action => "not_found", :status => :not_found
   end
 
   def update
@@ -43,6 +46,9 @@ class OauthClientsController < ApplicationController
     else
       render :action => "edit"
     end
+  rescue ActiveRecord::RecordNotFound
+    @type = "client application"
+    render :action => "not_found", :status => :not_found
   end
 
   def destroy
@@ -50,6 +56,9 @@ class OauthClientsController < ApplicationController
     @client_application.destroy
     flash[:notice] = t'oauth_clients.destroy.flash'
     redirect_to :action => "index"
+  rescue ActiveRecord::RecordNotFound
+    @type = "client application"
+    render :action => "not_found", :status => :not_found
   end
 private
   def application_params

test/fixtures/client_applications.yml

@@ -31,3 +31,18 @@ oauth_desktop_app:
   allow_write_api: true
   allow_read_gpx: true
   allow_write_gpx: false
+
+normal_user_app:
+  name: Some OAuth Desktop App
+  created_at: "2009-05-21 00:00:00"
+  support_url: http://some.desktop.app.org/support
+  updated_at: "2009-05-21 00:00:00"
+  user_id: 1
+  secret: jgYx43yx1FAMQbG6T0qZhvvFsKEf6Pgd5XfHr5kFgv4
+  key: N6KVhfeaT626fhBt9aCMeA
+  allow_read_prefs: true
+  allow_write_prefs: false
+  allow_write_diary: false
+  allow_write_api: true
+  allow_read_gpx: true
+  allow_write_gpx: false

test/functional/oauth_clients_controller_test.rb

@@ -1,6 +1,8 @@
 require File.dirname(__FILE__) + '/../test_helper'
 
 class OauthClientsControllerTest < ActionController::TestCase
+  fixtures :users, :client_applications
+
   ##
   # test all routes which lead to this controller
   def test_routes
@@ -33,4 +35,177 @@ class OauthClientsControllerTest < ActionController::TestCase
       { :controller => "oauth_clients", :action => "destroy", :display_name => "username", :id => "1" }
     )
   end
+
+  def test_index
+    user = users(:public_user)
+
+    get :index, { :display_name => user.display_name }
+    assert_response :redirect
+    assert_redirected_to login_path(:referer => oauth_clients_path(:display_name => user.display_name))
+
+    get :index, { :display_name => user.display_name }, { :user => user }
+    assert_response :success
+    assert_template "index"
+    assert_select "div.client_application", 2
+  end
+
+  def test_new
+    user = users(:public_user)
+
+    get :new, { :display_name => user.display_name }
+    assert_response :redirect
+    assert_redirected_to login_path(:referer => new_oauth_client_path(:display_name => user.display_name))
+
+    get :new, { :display_name => user.display_name }, { :user => user }
+    assert_response :success
+    assert_template "new"
+    assert_select "form", 1 do
+      assert_select "input#client_application_name", 1
+      assert_select "input#client_application_url", 1
+      assert_select "input#client_application_callback_url", 1
+      assert_select "input#client_application_support_url", 1
+      ClientApplication.all_permissions.each do |perm|
+        assert_select "input#client_application_#{perm}", 1
+      end
+    end
+  end
+
+  def test_create
+    user = users(:public_user)
+
+    assert_difference "ClientApplication.count", 0 do
+      post :create, { :display_name => user.display_name }
+    end
+    assert_response :forbidden
+
+    assert_difference "ClientApplication.count", 0 do
+      post :create, {
+        :display_name => user.display_name,
+        :client_application => {
+        :name => "Test Application"
+        }
+      }, {
+        :user => user
+      }
+    end
+    assert_response :success
+    assert_template "new"  
+    
+    assert_difference "ClientApplication.count", 1 do
+      post :create, {
+        :display_name => user.display_name,
+        :client_application => {
+          :name => "Test Application",
+          :url => "http://test.example.com/"
+        }
+      }, {
+        :user => user
+      }
+    end
+    assert_response :redirect
+    assert_redirected_to oauth_client_path(:id => ClientApplication.find_by_name("Test Application").id)
+  end
+
+  def test_show
+    user = users(:public_user)
+    client = client_applications(:oauth_web_app)
+
+    get :show, { :display_name => user.display_name, :id => client.id }
+    assert_response :redirect
+    assert_redirected_to login_path(:referer => oauth_client_path(:display_name => user.display_name, :id => client.id))
+
+    get :show, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user }
+    assert_response :not_found
+    assert_template "not_found"
+
+    get :show, { :display_name => user.display_name, :id => client.id }, { :user => user }
+    assert_response :success
+    assert_template "show"
+  end
+
+  def test_edit
+    user = users(:public_user)
+    client = client_applications(:oauth_web_app)
+
+    get :edit, { :display_name => user.display_name, :id => client.id }
+    assert_response :redirect
+    assert_redirected_to login_path(:referer => edit_oauth_client_path(:display_name => user.display_name, :id => client.id))
+
+    get :edit, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user }
+    assert_response :not_found
+    assert_template "not_found"
+
+    get :edit, { :display_name => user.display_name, :id => client.id }, { :user => user }
+    assert_response :success
+    assert_template "edit"
+    assert_select "form", 1 do
+      assert_select "input#client_application_name", 1
+      assert_select "input#client_application_url", 1
+      assert_select "input#client_application_callback_url", 1
+      assert_select "input#client_application_support_url", 1
+      ClientApplication.all_permissions.each do |perm|
+        assert_select "input#client_application_#{perm}", 1
+      end
+    end
+  end
+
+  def test_update
+    user = users(:public_user)
+    client = client_applications(:oauth_web_app)
+
+    put :update, { :display_name => user.display_name, :id => client.id }
+    assert_response :forbidden
+
+    put :update, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user }
+    assert_response :not_found
+    assert_template "not_found"
+
+    put :update, {
+      :display_name => user.display_name, 
+      :id => client.id,
+      :client_application => {
+        :name => "New Name",
+        :url => nil
+      }
+    }, {
+      :user => user
+    }
+    assert_response :success
+    assert_template "edit"
+
+    put :update, {
+      :display_name => user.display_name, 
+      :id => client.id,
+      :client_application => {
+        :name => "New Name",
+        :url => "http://new.example.com/url"
+      }
+    }, {
+      :user => user
+    }
+    assert_response :redirect
+    assert_redirected_to oauth_client_path(:id => client.id)
+  end
+
+  def test_destroy
+    user = users(:public_user)
+    client = client_applications(:oauth_web_app)
+
+    assert_difference "ClientApplication.count", 0 do
+      delete :destroy, { :display_name => user.display_name, :id => client.id }
+    end
+    assert_response :forbidden
+
+    assert_difference "ClientApplication.count", 0 do
+      delete :destroy, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user }
+    end
+    assert_response :not_found
+    assert_template "not_found"
+
+    assert_difference "ClientApplication.count", -1 do
+      delete :destroy, { :display_name => user.display_name, :id => client.id }, { :user => user }
+    end
+    assert_response :redirect
+    assert_redirected_to oauth_clients_path(:display_name => user.display_name)
+  end
 end