Split api old element redacted show tests

test/controllers/api/old_nodes_controller_test.rb

@@ -114,17 +114,21 @@ module Api
     ##
     # test that redacted nodes aren't visible, regardless of
     # authorisation except as moderator...
-    def test_show_redacted
+    def test_show_redacted_unauthorised
       node = create(:node, :with_history, :version => 2)
-      node_v1 = node.old_nodes.find_by(:version => 1)
-      node_v1.redact!(create(:redaction))
+      node.old_nodes.find_by(:version => 1).redact!(create(:redaction))
+
+      get api_node_version_path(node, 1)
 
-      get api_node_version_path(node_v1.node_id, node_v1.version)
       assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
+    end
+
+    def test_show_redacted_normal_user
+      node = create(:node, :with_history, :version => 2)
+      node.old_nodes.find_by(:version => 1).redact!(create(:redaction))
+
+      get api_node_version_path(node, 1), :headers => bearer_authorization_header
 
-      # not even to a logged-in user
-      auth_header = bearer_authorization_header
-      get api_node_version_path(node_v1.node_id, node_v1.version), :headers => auth_header
       assert_response :forbidden, "Redacted node shouldn't be visible via the version API, even when logged in."
     end
 

test/controllers/api/old_relations_controller_test.rb

@@ -114,17 +114,21 @@ module Api
     ##
     # test that redacted relations aren't visible, regardless of
     # authorisation except as moderator...
-    def test_show_redacted
+    def test_show_redacted_unauthorised
       relation = create(:relation, :with_history, :version => 2)
-      relation_v1 = relation.old_relations.find_by(:version => 1)
-      relation_v1.redact!(create(:redaction))
+      relation.old_relations.find_by(:version => 1).redact!(create(:redaction))
+
+      get api_relation_version_path(relation, 1)
 
-      get api_relation_version_path(relation_v1.relation_id, relation_v1.version)
       assert_response :forbidden, "Redacted relation shouldn't be visible via the version API."
+    end
+
+    def test_show_redacted_normal_user
+      relation = create(:relation, :with_history, :version => 2)
+      relation.old_relations.find_by(:version => 1).redact!(create(:redaction))
+
+      get api_relation_version_path(relation, 1), :headers => bearer_authorization_header
 
-      # not even to a logged-in user
-      auth_header = bearer_authorization_header
-      get api_relation_version_path(relation_v1.relation_id, relation_v1.version), :headers => auth_header
       assert_response :forbidden, "Redacted relation shouldn't be visible via the version API, even when logged in."
     end
 

test/controllers/api/old_ways_controller_test.rb

@@ -111,17 +111,21 @@ module Api
     ##
     # test that redacted ways aren't visible, regardless of
     # authorisation except as moderator...
-    def test_show_redacted
+    def test_show_redacted_unauthorised
       way = create(:way, :with_history, :version => 2)
-      way_v1 = way.old_ways.find_by(:version => 1)
-      way_v1.redact!(create(:redaction))
+      way.old_ways.find_by(:version => 1).redact!(create(:redaction))
+
+      get api_way_version_path(way, 1)
 
-      get api_way_version_path(way_v1.way_id, way_v1.version)
       assert_response :forbidden, "Redacted way shouldn't be visible via the version API."
+    end
+
+    def test_show_redacted_normal_user
+      way = create(:way, :with_history, :version => 2)
+      way.old_ways.find_by(:version => 1).redact!(create(:redaction))
+
+      get api_way_version_path(way, 1), :headers => bearer_authorization_header
 
-      # not even to a logged-in user
-      auth_header = bearer_authorization_header
-      get api_way_version_path(way_v1.way_id, way_v1.version), :headers => auth_header
       assert_response :forbidden, "Redacted way shouldn't be visible via the version API, even when logged in."
     end