cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improve trace#api_data tests

Browse source 
The api_data action doesn't actually take the username as an
arguement and should be modelled on api_read rather than the
actions that handle web views.
This commit is contained in:
Tom Hughes 2017-03-09 18:28:46 +00:00
parent f381ff6fb2
commit da57077c0b
1 changed files with 18 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

31
test/controllers/trace_controller_test.rb
View file

@ -729,17 +729,17 @@ class TraceControllerTest < ActionController::TestCase
public_trace_file = create(:trace, :visibility => "public", :fixture => "a") public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
# First with no auth # First with no auth
get :api_data, :display_name => public_trace_file.user.display_name, :id => public_trace_file.id get :api_data, :id => public_trace_file.id
assert_response :unauthorized assert_response :unauthorized
# Now with some other user, which should work since the trace is public # Now with some other user, which should work since the trace is public
basic_authorization(create(:user).display_name, "test") basic_authorization(create(:user).display_name, "test")
get :api_data, :display_name => public_trace_file.user.display_name, :id => public_trace_file.id get :api_data, :id => public_trace_file.id
check_trace_data public_trace_file check_trace_data public_trace_file
# And finally we should be able to do it with the owner of the trace # And finally we should be able to do it with the owner of the trace
basic_authorization(public_trace_file.user.display_name, "test") basic_authorization(public_trace_file.user.display_name, "test")
get :api_data, :display_name => public_trace_file.user.display_name, :id => public_trace_file.id get :api_data, :id => public_trace_file.id
check_trace_data public_trace_file check_trace_data public_trace_file
end end
@ -751,15 +751,15 @@ class TraceControllerTest < ActionController::TestCase
basic_authorization(identifiable_trace_file.user.display_name, "test") basic_authorization(identifiable_trace_file.user.display_name, "test")
# First get the data as is # First get the data as is
get :api_data, :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id get :api_data, :id => identifiable_trace_file.id
check_trace_data identifiable_trace_file, "application/x-gzip", "gpx.gz" check_trace_data identifiable_trace_file, "application/x-gzip", "gpx.gz"
# Now ask explicitly for XML format # Now ask explicitly for XML format
get :api_data, :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "xml" get :api_data, :id => identifiable_trace_file.id, :format => "xml"
check_trace_data identifiable_trace_file, "application/xml", "xml" check_trace_data identifiable_trace_file, "application/xml", "xml"
# Now ask explicitly for GPX format # Now ask explicitly for GPX format
get :api_data, :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "gpx" get :api_data, :id => identifiable_trace_file.id, :format => "gpx"
check_trace_data identifiable_trace_file check_trace_data identifiable_trace_file
end end
@ -768,17 +768,17 @@ class TraceControllerTest < ActionController::TestCase
anon_trace_file = create(:trace, :visibility => "private", :fixture => "b") anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
# First with no auth # First with no auth
get :api_data, :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id get :api_data, :id => anon_trace_file.id
assert_response :unauthorized assert_response :unauthorized
# Now with some other user, which shouldn't work since the trace is anon # Now with some other user, which shouldn't work since the trace is anon
basic_authorization(create(:user).display_name, "test") basic_authorization(create(:user).display_name, "test")
get :api_data, :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id get :api_data, :id => anon_trace_file.id
assert_response :forbidden assert_response :forbidden
# And finally we should be able to do it with the owner of the trace # And finally we should be able to do it with the owner of the trace
basic_authorization(anon_trace_file.user.display_name, "test") basic_authorization(anon_trace_file.user.display_name, "test")
get :api_data, :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id get :api_data, :id => anon_trace_file.id
check_trace_data anon_trace_file check_trace_data anon_trace_file
end end
@ -786,13 +786,18 @@ class TraceControllerTest < ActionController::TestCase
def test_api_data_not_found def test_api_data_not_found
deleted_trace_file = create(:trace, :deleted) deleted_trace_file = create(:trace, :deleted)
# First with a trace that has never existed # Try first with no auth, as it should require it
get :api_data, :display_name => create(:user).display_name, :id => 0 get :api_data, :id => 0
assert_response :unauthorized assert_response :unauthorized
# Now with a trace that has been deleted # Login, and try again
basic_authorization(create(:user).display_name, "test")
get :api_data, :id => 0
assert_response :not_found
# Now try a trace which did exist but has been deleted
basic_authorization(deleted_trace_file.user.display_name, "test") basic_authorization(deleted_trace_file.user.display_name, "test")
get :api_data, :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id get :api_data, :id => deleted_trace_file.id
assert_response :not_found assert_response :not_found
end end