Split api changeset comment create scope and terms tests
This commit is contained in:
Anton Khorev
parent
4073e0fc47
commit
c9057188aa
1 changed files with 22 additions and 25 deletions
|
|
@ -133,6 +133,28 @@ module Api
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def test_create_when_not_agreed_to_terms
|
||||||
|
user = create(:user, :terms_agreed => nil)
|
||||||
|
auth_header = bearer_authorization_header user
|
||||||
|
changeset = create(:changeset, :closed)
|
||||||
|
|
||||||
|
assert_difference "ChangesetComment.count", 0 do
|
||||||
|
post changeset_comment_path(changeset), :params => { :text => "This is a comment" }, :headers => auth_header
|
||||||
|
assert_response :forbidden
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_create_with_write_api_scope
|
||||||
|
user = create(:user)
|
||||||
|
auth_header = bearer_authorization_header user, :scopes => %w[write_api]
|
||||||
|
changeset = create(:changeset, :closed)
|
||||||
|
|
||||||
|
assert_difference "ChangesetComment.count", 1 do
|
||||||
|
post changeset_comment_path(changeset), :params => { :text => "This is a comment" }, :headers => auth_header
|
||||||
|
assert_response :success
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
##
|
##
|
||||||
# create comment rate limit for new users
|
# create comment rate limit for new users
|
||||||
def test_create_by_new_user_with_rate_limit
|
def test_create_by_new_user_with_rate_limit
|
||||||
|
|
@ -296,30 +318,5 @@ module Api
|
||||||
assert_response :success
|
assert_response :success
|
||||||
assert comment.reload.visible
|
assert comment.reload.visible
|
||||||
end
|
end
|
||||||
|
|
||||||
# This test ensures that token capabilities behave correctly for a method that
|
|
||||||
# requires the terms to have been agreed.
|
|
||||||
# (This would be better as an integration or system testcase, since the changeset_comment
|
|
||||||
# create method is simply a stand-in for any method that requires terms agreement.
|
|
||||||
# But writing oauth tests is hard, and so it's easier to put in a controller test.)
|
|
||||||
def test_api_write_and_terms_agreed_via_token
|
|
||||||
user = create(:user, :terms_agreed => nil)
|
|
||||||
auth_header = bearer_authorization_header(user, :scopes => %w[write_api])
|
|
||||||
changeset = create(:changeset, :closed)
|
|
||||||
|
|
||||||
assert_difference "ChangesetComment.count", 0 do
|
|
||||||
post changeset_comment_path(changeset), :params => { :text => "This is a comment" }, :headers => auth_header
|
|
||||||
end
|
|
||||||
assert_response :forbidden
|
|
||||||
|
|
||||||
# Try again, after agreement with the terms
|
|
||||||
user.terms_agreed = Time.now.utc
|
|
||||||
user.save!
|
|
||||||
|
|
||||||
assert_difference "ChangesetComment.count", 1 do
|
|
||||||
post changeset_comment_path(changeset), :params => { :text => "This is a comment" }, :headers => auth_header
|
|
||||||
end
|
|
||||||
assert_response :success
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue