cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into moderation

Browse source
This commit is contained in:
Andy Allan 2017-07-12 10:16:11 +01:00
commit dbd88d893f
785 changed files with 365807 additions and 212676 deletions
Download patch file Download diff file Expand all files Collapse all files

442
test/controllers/amf_controller_test.rb
View file

@ -3,8 +3,6 @@ require "stringio"
include Potlatch
class AmfControllerTest < ActionController::TestCase
api_fixtures
##
# test all routes which lead to this controller
def test_routes
@ -19,9 +17,9 @@ class AmfControllerTest < ActionController::TestCase
end
def test_getpresets
[:public_user, :german_user].each do |id|
user = users(id)
user_en_de = create(:user, :languages => %w[en de])
user_de = create(:user, :languages => %w[de])
[user_en_de, user_de].each do |user|
amf_content "getpresets", "/1", ["#{user.email}:test", ""]
post :amf_read
assert_response :success
@ -47,87 +45,105 @@ class AmfControllerTest < ActionController::TestCase
def test_getway
# check a visible way
id = current_ways(:visible_way).id
amf_content "getway", "/1", [id]
way = create(:way_with_nodes, :nodes_count => 1)
node = way.nodes.first
user = way.changeset.user
amf_content "getway", "/1", [way.id]
post :amf_read
assert_response :success
amf_parse_response
way = amf_result("/1")
assert_equal 0, way[0]
assert_equal "", way[1]
assert_equal id, way[2]
assert_equal 1, way[3].length
assert_equal 3, way[3][0][2]
assert_equal 1, way[5]
assert_equal 2, way[6]
result = amf_result("/1")
assert_equal 0, result[0]
assert_equal "", result[1]
assert_equal way.id, result[2]
assert_equal 1, result[3].length
assert_equal node.id, result[3][0][2]
assert_equal way.version, result[5]
assert_equal user.id, result[6]
end
def test_getway_invisible
# check an invisible way
id = current_ways(:invisible_way).id
id = create(:way, :deleted).id
amf_content "getway", "/1", [id]
post :amf_read
assert_response :success
amf_parse_response
way = amf_result("/1")
assert_equal -4, way[0], -4
assert_equal "way", way[1]
assert_equal id, way[2]
assert(way[3].nil?) && way[4].nil? && way[5].nil? && way[6].nil?
result = amf_result("/1")
assert_equal -4, result[0]
assert_equal "way", result[1]
assert_equal id, result[2]
assert(result[3].nil? && result[4].nil? && result[5].nil? && result[6].nil?)
end
def test_getway_with_versions
# check a way with multiple versions
id = current_ways(:way_with_versions).id
amf_content "getway", "/1", [id]
way = create(:way, :with_history, :version => 4)
create(:way_node, :way => way)
node = way.nodes.first
user = way.changeset.user
amf_content "getway", "/1", [way.id]
post :amf_read
assert_response :success
amf_parse_response
way = amf_result("/1")
assert_equal 0, way[0]
assert_equal "", way[1]
assert_equal id, way[2]
assert_equal 1, way[3].length
assert_equal 15, way[3][0][2]
assert_equal 4, way[5]
assert_equal 2, way[6]
result = amf_result("/1")
assert_equal 0, result[0]
assert_equal "", result[1]
assert_equal way.id, result[2]
assert_equal 1, result[3].length
assert_equal node.id, result[3][0][2]
assert_equal way.version, result[5]
assert_equal user.id, result[6]
end
def test_getway_with_duplicate_nodes
# check a way with duplicate nodes
id = current_ways(:way_with_duplicate_nodes).id
amf_content "getway", "/1", [id]
way = create(:way)
node = create(:node)
create(:way_node, :way => way, :node => node, :sequence_id => 1)
create(:way_node, :way => way, :node => node, :sequence_id => 2)
user = way.changeset.user
amf_content "getway", "/1", [way.id]
post :amf_read
assert_response :success
amf_parse_response
way = amf_result("/1")
assert_equal 0, way[0]
assert_equal "", way[1]
assert_equal id, way[2]
assert_equal 2, way[3].length
assert_equal 4, way[3][0][2]
assert_equal 4, way[3][1][2]
assert_equal 1, way[5]
assert_equal 2, way[6]
result = amf_result("/1")
assert_equal 0, result[0]
assert_equal "", result[1]
assert_equal way.id, result[2]
assert_equal 2, result[3].length
assert_equal node.id, result[3][0][2]
assert_equal node.id, result[3][1][2]
assert_equal way.version, result[5]
assert_equal user.id, result[6]
end
def test_getway_with_multiple_nodes
# check a way with multiple nodes
id = current_ways(:way_with_multiple_nodes).id
amf_content "getway", "/1", [id]
way = create(:way_with_nodes, :nodes_count => 3)
a = way.nodes[0].id
b = way.nodes[1].id
c = way.nodes[2].id
user = way.changeset.user
amf_content "getway", "/1", [way.id]
post :amf_read
assert_response :success
amf_parse_response
way = amf_result("/1")
assert_equal 0, way[0]
assert_equal "", way[1]
assert_equal id, way[2]
assert_equal 3, way[3].length
assert_equal 4, way[3][0][2]
assert_equal 15, way[3][1][2]
assert_equal 11, way[3][2][2]
assert_equal 2, way[5]
assert_equal 2, way[6]
result = amf_result("/1")
assert_equal 0, result[0]
assert_equal "", result[1]
assert_equal way.id, result[2]
assert_equal 3, result[3].length
assert_equal a, result[3][0][2]
assert_equal b, result[3][1][2]
assert_equal c, result[3][2][2]
assert_equal way.version, result[5]
assert_equal user.id, result[6]
end
def test_getway_nonexistent
@ -144,7 +160,13 @@ class AmfControllerTest < ActionController::TestCase
end
def test_whichways
node = current_nodes(:used_node_1)
node = create(:node, :lat => 3.0, :lon => 3.0)
way = create(:way)
deleted_way = create(:way, :deleted)
create(:way_node, :way => way, :node => node)
create(:way_node, :way => deleted_way, :node => node)
create(:way_tag, :way => way)
minlon = node.lon - 0.1
minlat = node.lat - 0.1
maxlon = node.lon + 0.1
@ -190,9 +212,9 @@ class AmfControllerTest < ActionController::TestCase
# TODO: looks like amf_controller changed since this test was written
# so someone who knows what they're doing should check this!
ways = map[2].collect { |x| x[0] }
assert ways.include?(current_ways(:used_way).id),
assert ways.include?(way.id),
"map should include used way"
assert !ways.include?(current_ways(:invisible_way).id),
assert !ways.include?(deleted_way.id),
"map should not include deleted way"
end
@ -229,7 +251,16 @@ class AmfControllerTest < ActionController::TestCase
end
def test_whichways_deleted
node = current_nodes(:used_node_1)
node = create(:node, :with_history, :lat => 24.0, :lon => 24.0)
way = create(:way, :with_history)
way_v1 = way.old_ways.find_by(:version => 1)
deleted_way = create(:way, :with_history, :deleted)
deleted_way_v1 = deleted_way.old_ways.find_by(:version => 1)
create(:way_node, :way => way, :node => node)
create(:way_node, :way => deleted_way, :node => node)
create(:old_way_node, :old_way => way_v1, :node => node)
create(:old_way_node, :old_way => deleted_way_v1, :node => node)
minlon = node.lon - 0.1
minlat = node.lat - 0.1
maxlon = node.lon + 0.1
@ -246,9 +277,9 @@ class AmfControllerTest < ActionController::TestCase
assert_equal Array, map[2].class, "third map element should be an array"
# TODO: looks like amf_controller changed since this test was written
# so someone who knows what they're doing should check this!
assert !map[2].include?(current_ways(:used_way).id),
"map should not include used way"
assert map[2].include?(current_ways(:invisible_way).id),
assert !map[2].include?(way.id),
"map should not include visible way"
assert map[2].include?(deleted_way.id),
"map should include deleted way"
end
@ -264,7 +295,7 @@ class AmfControllerTest < ActionController::TestCase
end
def test_getrelation
id = current_relations(:visible_relation).id
id = create(:relation).id
amf_content "getrelation", "/1", [id]
post :amf_read
assert_response :success
@ -275,7 +306,7 @@ class AmfControllerTest < ActionController::TestCase
end
def test_getrelation_invisible
id = current_relations(:invisible_relation).id
id = create(:relation, :deleted).id
amf_content "getrelation", "/1", [id]
post :amf_read
assert_response :success
@ -301,14 +332,16 @@ class AmfControllerTest < ActionController::TestCase
end
def test_getway_old
latest = create(:way, :version => 2)
v1 = create(:old_way, :current_way => latest, :version => 1, :timestamp => Time.now.utc - 2.minutes)
_v2 = create(:old_way, :current_way => latest, :version => 2, :timestamp => Time.now.utc - 1.minute)
# try to get the last visible version (specified by <0) (should be current version)
latest = current_ways(:way_with_versions)
# NOTE: looks from the API changes that this now expects a timestamp
# instead of a version number...
# try to get version 1
v1 = ways(:way_with_versions_v2)
{ latest.id => "",
v1.way_id => v1.timestamp.strftime("%d %b %Y, %H:%M:%S") }.each do |id, t|
v1.way_id => (v1.timestamp + 1).strftime("%d %b %Y, %H:%M:%S") }.each do |id, t|
amf_content "getway_old", "/1", [id, t]
post :amf_read
assert_response :success
@ -325,7 +358,7 @@ class AmfControllerTest < ActionController::TestCase
# test that the server doesn't fall over when rubbish is passed
# into the method args.
def test_getway_old_invalid
way_id = current_ways(:way_with_versions).id
way_id = create(:way, :with_history, :version => 2).id
{ "foo" => "bar",
way_id => "not a date",
way_id => "2009-03-25 00:00:00", # <- wrong format
@ -345,7 +378,8 @@ class AmfControllerTest < ActionController::TestCase
def test_getway_old_nonexistent
# try to get the last version-10 (shoudn't exist)
v1 = ways(:way_with_versions_v1)
way = create(:way, :with_history, :version => 2)
v1 = way.old_ways.find_by(:version => 1)
# try to get last visible version of non-existent way
# try to get specific version of non-existent way
[[0, ""],
@ -364,7 +398,8 @@ class AmfControllerTest < ActionController::TestCase
end
def test_getway_old_invisible
v1 = ways(:invisible_way)
way = create(:way, :deleted, :with_history, :version => 1)
v1 = way.old_ways.find_by(:version => 1)
# try to get deleted version
[[v1.way_id, (v1.timestamp + 10).strftime("%d %b %Y, %H:%M:%S")]].each do |id, t|
amf_content "getway_old", "/1", [id, t]
@ -380,8 +415,9 @@ class AmfControllerTest < ActionController::TestCase
end
def test_getway_history
latest = current_ways(:way_with_versions)
oldest = ways(:way_with_versions_v1)
latest = create(:way, :version => 2)
oldest = create(:old_way, :current_way => latest, :version => 1, :timestamp => latest.timestamp - 2.minutes)
create(:old_way, :current_way => latest, :version => 2, :timestamp => latest.timestamp)
amf_content "getway_history", "/1", [latest.id]
post :amf_read
@ -414,8 +450,12 @@ class AmfControllerTest < ActionController::TestCase
end
def test_getnode_history
latest = current_nodes(:node_with_versions)
amf_content "getnode_history", "/1", [latest.id]
node = create(:node, :version => 2)
node_v1 = create(:old_node, :current_node => node, :version => 1, :timestamp => 3.days.ago)
_node_v2 = create(:old_node, :current_node => node, :version => 2, :timestamp => 2.days.ago)
node_v3 = create(:old_node, :current_node => node, :version => 3, :timestamp => 1.day.ago)
amf_content "getnode_history", "/1", [node.id]
post :amf_read
assert_response :success
amf_parse_response
@ -426,13 +466,13 @@ class AmfControllerTest < ActionController::TestCase
# to the next second
assert_equal history[0], "node",
'first element should be "node"'
assert_equal history[1], latest.id,
assert_equal history[1], node.id,
"second element should be the input node ID"
assert_equal history[2].first[0],
(latest.timestamp + 1).strftime("%d %b %Y, %H:%M:%S"),
(node_v3.timestamp + 1).strftime("%d %b %Y, %H:%M:%S"),
"first element in third element (array) should be the latest version"
assert_equal history[2].last[0],
(nodes(:node_with_versions_v1).timestamp + 1).strftime("%d %b %Y, %H:%M:%S"),
(node_v1.timestamp + 1).strftime("%d %b %Y, %H:%M:%S"),
"last element in third element (array) should be the initial version"
end
@ -460,7 +500,9 @@ class AmfControllerTest < ActionController::TestCase
assert_equal -1, result[0]
assert_match /must be logged in/, result[1]
amf_content "findgpx", "/1", [1, "blocked@openstreetmap.org:test"]
blocked_user = create(:user)
create(:user_block, :user => blocked_user)
amf_content "findgpx", "/1", [1, "#{blocked_user.email}:test"]
post :amf_read
assert_response :success
amf_parse_response
@ -472,9 +514,10 @@ class AmfControllerTest < ActionController::TestCase
end
def test_findgpx_by_id
trace = gpx_files(:anon_trace_file)
user = create(:user)
trace = create(:trace, :visibility => "private", :user => user)
amf_content "findgpx", "/1", [trace.id, "test@example.com:test"]
amf_content "findgpx", "/1", [trace.id, "#{user.email}:test"]
post :amf_read
assert_response :success
amf_parse_response
@ -492,7 +535,9 @@ class AmfControllerTest < ActionController::TestCase
end
def test_findgpx_by_name
amf_content "findgpx", "/1", ["Trace", "test@example.com:test"]
user = create(:user)
amf_content "findgpx", "/1", ["Trace", "#{user.email}:test"]
post :amf_read
assert_response :success
amf_parse_response
@ -504,7 +549,7 @@ class AmfControllerTest < ActionController::TestCase
end
def test_findrelations_by_id
relation = current_relations(:relation_with_versions)
relation = create(:relation, :version => 4)
amf_content "findrelations", "/1", [relation.id]
post :amf_read
@ -529,8 +574,13 @@ class AmfControllerTest < ActionController::TestCase
end
def test_findrelations_by_tags
visible_relation = current_relations(:visible_relation)
used_relation = current_relations(:used_relation)
visible_relation = create(:relation)
create(:relation_tag, :relation => visible_relation, :k => "test", :v => "yes")
used_relation = create(:relation)
super_relation = create(:relation)
create(:relation_member, :relation => super_relation, :member => used_relation)
create(:relation_tag, :relation => used_relation, :k => "test", :v => "yes")
create(:relation_tag, :relation => used_relation, :k => "name", :v => "Test Relation")
amf_content "findrelations", "/1", ["yes"]
post :amf_read
@ -560,7 +610,8 @@ class AmfControllerTest < ActionController::TestCase
end
def test_getpoi_without_timestamp
node = current_nodes(:node_with_versions)
node = create(:node, :with_history, :version => 4)
create(:node_tag, :node => node)
amf_content "getpoi", "/1", [node.id, ""]
post :amf_read
@ -590,10 +641,14 @@ class AmfControllerTest < ActionController::TestCase
end
def test_getpoi_with_timestamp
node = nodes(:node_with_versions_v2)
current_node = current_nodes(:node_with_versions)
current_node = create(:node, :with_history, :version => 4)
node = current_node.old_nodes.find_by(:version => 2)
amf_content "getpoi", "/1", [node.node_id, node.timestamp.xmlschema]
# Timestamps are stored with microseconds, but xmlschema truncates them to
# previous whole second, causing <= comparison to fail
timestamp = (node.timestamp + 1.second).xmlschema
amf_content "getpoi", "/1", [node.node_id, timestamp]
post :amf_read
assert_response :success
amf_parse_response
@ -636,9 +691,10 @@ class AmfControllerTest < ActionController::TestCase
# check that we can update a poi
def test_putpoi_update_valid
nd = current_nodes(:visible_node)
cs_id = changesets(:public_user_first_change).id
amf_content "putpoi", "/1", ["test@example.com:test", cs_id, nd.version, nd.id, nd.lon, nd.lat, nd.tags, nd.visible]
nd = create(:node)
cs_id = nd.changeset.id
user = nd.changeset.user
amf_content "putpoi", "/1", ["#{user.email}:test", cs_id, nd.version, nd.id, nd.lon, nd.lat, nd.tags, nd.visible]
post :amf_write
assert_response :success
amf_parse_response
@ -654,7 +710,7 @@ class AmfControllerTest < ActionController::TestCase
# Now try to update again, with a different lat/lon, using the updated version number
lat = nd.lat + 0.1
lon = nd.lon - 0.1
amf_content "putpoi", "/2", ["test@example.com:test", cs_id, nd.version + 1, nd.id, lon, lat, nd.tags, nd.visible]
amf_content "putpoi", "/2", ["#{user.email}:test", cs_id, nd.version + 1, nd.id, lon, lat, nd.tags, nd.visible]
post :amf_write
assert_response :success
amf_parse_response
@ -676,10 +732,11 @@ class AmfControllerTest < ActionController::TestCase
# create a node with random lat/lon
lat = rand(100) - 50 + rand
lon = rand(100) - 50 + rand
# normal user has a changeset open
changeset = changesets(:public_user_first_change)
amf_content "putpoi", "/1", ["test@example.com:test", changeset.id, nil, nil, lon, lat, {}, nil]
changeset = create(:changeset)
user = changeset.user
amf_content "putpoi", "/1", ["#{user.email}:test", changeset.id, nil, nil, lon, lat, {}, nil]
post :amf_write
assert_response :success
amf_parse_response
@ -701,7 +758,7 @@ class AmfControllerTest < ActionController::TestCase
assert_equal 0, current_node.tags.size, "There seems to be a tag that has been added to the node"
assert_equal result[4], current_node.version, "The version returned, is different to the one returned by the amf"
# Now check the history table
historic_nodes = Node.where(:id => result[3])
historic_nodes = OldNode.where(:node_id => result[3])
assert_equal 1, historic_nodes.size, "There should only be one historic node created"
first_historic_node = historic_nodes.first
assert_in_delta lat, first_historic_node.lat, 0.00001, "The latitude was not retreived correctly"
@ -715,10 +772,8 @@ class AmfControllerTest < ActionController::TestCase
# create a node with random lat/lon
lat = rand(100) - 50 + rand
lon = rand(100) - 50 + rand
# normal user has a changeset open
changeset = changesets(:public_user_first_change)
amf_content "putpoi", "/2", ["test@example.com:test", changeset.id, nil, nil, lon, lat, { "key" => "value", "ping" => "pong" }, nil]
amf_content "putpoi", "/2", ["#{user.email}:test", changeset.id, nil, nil, lon, lat, { "key" => "value", "ping" => "pong" }, nil]
post :amf_write
assert_response :success
amf_parse_response
@ -741,7 +796,7 @@ class AmfControllerTest < ActionController::TestCase
assert_equal({ "key" => "value", "ping" => "pong" }, current_node.tags, "tags are different")
assert_equal result[4], current_node.version, "The version returned, is different to the one returned by the amf"
# Now check the history table
historic_nodes = Node.where(:id => result[3])
historic_nodes = OldNode.where(:node_id => result[3])
assert_equal 1, historic_nodes.size, "There should only be one historic node created"
first_historic_node = historic_nodes.first
assert_in_delta lat, first_historic_node.lat, 0.00001, "The latitude was not retreived correctly"
@ -758,13 +813,14 @@ class AmfControllerTest < ActionController::TestCase
# create a node with random lat/lon
lat = rand(100) - 50 + rand
lon = rand(100) - 50 + rand
# normal user has a changeset open
changeset = changesets(:public_user_first_change)
changeset = create(:changeset)
user = changeset.user
mostly_invalid = (0..31).to_a.map(&:chr).join
tags = { "something" => "foo#{mostly_invalid}bar" }
amf_content "putpoi", "/1", ["test@example.com:test", changeset.id, nil, nil, lon, lat, tags, nil]
amf_content "putpoi", "/1", ["#{user.email}:test", changeset.id, nil, nil, lon, lat, tags, nil]
post :amf_write
assert_response :success
amf_parse_response
@ -793,13 +849,14 @@ class AmfControllerTest < ActionController::TestCase
# create a node with random lat/lon
lat = rand(100) - 50 + rand
lon = rand(100) - 50 + rand
# normal user has a changeset open
changeset = changesets(:public_user_first_change)
changeset = create(:changeset)
user = changeset.user
invalid = "\xc0\xc0"
tags = { "something" => "foo#{invalid}bar" }
amf_content "putpoi", "/1", ["test@example.com:test", changeset.id, nil, nil, lon, lat, tags, nil]
amf_content "putpoi", "/1", ["#{user.email}:test", changeset.id, nil, nil, lon, lat, tags, nil]
post :amf_write
assert_response :success
amf_parse_response
@ -812,9 +869,11 @@ class AmfControllerTest < ActionController::TestCase
# try deleting a node
def test_putpoi_delete_valid
nd = current_nodes(:visible_node)
cs_id = changesets(:public_user_first_change).id
amf_content "putpoi", "/1", ["test@example.com:test", cs_id, nd.version, nd.id, nd.lon, nd.lat, nd.tags, false]
nd = create(:node)
cs_id = nd.changeset.id
user = nd.changeset.user
amf_content "putpoi", "/1", ["#{user.email}:test", cs_id, nd.version, nd.id, nd.lon, nd.lat, nd.tags, false]
post :amf_write
assert_response :success
amf_parse_response
@ -833,9 +892,11 @@ class AmfControllerTest < ActionController::TestCase
# try deleting a node that is already deleted
def test_putpoi_delete_already_deleted
nd = current_nodes(:invisible_node)
cs_id = changesets(:public_user_first_change).id
amf_content "putpoi", "/1", ["test@example.com:test", cs_id, nd.version, nd.id, nd.lon, nd.lat, nd.tags, false]
nd = create(:node, :deleted)
cs_id = nd.changeset.id
user = nd.changeset.user
amf_content "putpoi", "/1", ["#{user.email}:test", cs_id, nd.version, nd.id, nd.lon, nd.lat, nd.tags, false]
post :amf_write
assert_response :success
amf_parse_response
@ -849,8 +910,11 @@ class AmfControllerTest < ActionController::TestCase
# try deleting a node that has never existed
def test_putpoi_delete_not_found
cs_id = changesets(:public_user_first_change).id
amf_content "putpoi", "/1", ["test@example.com:test", cs_id, 1, 999999, 0, 0, {}, false]
changeset = create(:changeset)
cs_id = changeset.id
user = changeset.user
amf_content "putpoi", "/1", ["#{user.email}:test", cs_id, 1, 999999, 0, 0, {}, false]
post :amf_write
assert_response :success
amf_parse_response
@ -864,9 +928,11 @@ class AmfControllerTest < ActionController::TestCase
# try setting an invalid location on a node
def test_putpoi_invalid_latlon
nd = current_nodes(:visible_node)
cs_id = changesets(:public_user_first_change).id
amf_content "putpoi", "/1", ["test@example.com:test", cs_id, nd.version, nd.id, 200, 100, nd.tags, true]
nd = create(:node)
cs_id = nd.changeset.id
user = nd.changeset.user
amf_content "putpoi", "/1", ["#{user.email}:test", cs_id, nd.version, nd.id, 200, 100, nd.tags, true]
post :amf_write
assert_response :success
amf_parse_response
@ -879,9 +945,17 @@ class AmfControllerTest < ActionController::TestCase
# check that we can create a way
def test_putway_create_valid
cs_id = changesets(:public_user_first_change).id
changeset = create(:changeset)
cs_id = changeset.id
user = changeset.user
amf_content "putway", "/1", ["test@example.com:test", cs_id, 0, -1, [1, 4, 7], { "test" => "new" }, [], {}]
a = create(:node).id
b = create(:node).id
c = create(:node).id
d = create(:node).id
e = create(:node).id
amf_content "putway", "/1", ["#{user.email}:test", cs_id, 0, -1, [a, b, c], { "test" => "new" }, [], {}]
post :amf_write
assert_response :success
amf_parse_response
@ -900,10 +974,10 @@ class AmfControllerTest < ActionController::TestCase
new_way = Way.find(new_way_id)
assert_equal 1, new_way.version
assert_equal [1, 4, 7], new_way.nds
assert_equal [a, b, c], new_way.nds
assert_equal({ "test" => "new" }, new_way.tags)
amf_content "putway", "/1", ["test@example.com:test", cs_id, 0, -1, [4, 6, 15, 1], { "test" => "newer" }, [], {}]
amf_content "putway", "/1", ["#{user.email}:test", cs_id, 0, -1, [b, d, e, a], { "test" => "newer" }, [], {}]
post :amf_write
assert_response :success
amf_parse_response
@ -922,10 +996,10 @@ class AmfControllerTest < ActionController::TestCase
new_way = Way.find(new_way_id)
assert_equal 1, new_way.version
assert_equal [4, 6, 15, 1], new_way.nds
assert_equal [b, d, e, a], new_way.nds
assert_equal({ "test" => "newer" }, new_way.tags)
amf_content "putway", "/1", ["test@example.com:test", cs_id, 0, -1, [4, -1, 6, 15], { "test" => "newest" }, [[4.56, 12.34, -1, 0, { "test" => "new" }], [12.34, 4.56, 6, 1, { "test" => "ok" }]], { 1 => 1 }]
amf_content "putway", "/1", ["#{user.email}:test", cs_id, 0, -1, [b, -1, d, e], { "test" => "newest" }, [[4.56, 12.34, -1, 0, { "test" => "new" }], [12.34, 4.56, d, 1, { "test" => "ok" }]], { a => 1 }]
post :amf_write
assert_response :success
amf_parse_response
@ -940,12 +1014,12 @@ class AmfControllerTest < ActionController::TestCase
assert_not_equal -1, result[3]
assert_equal({ "-1" => new_node_id }, result[4])
assert_equal 1, result[5]
assert_equal({ new_node_id.to_s => 1, "6" => 2 }, result[6])
assert_equal({ "1" => 1 }, result[7])
assert_equal({ new_node_id.to_s => 1, d.to_s => 2 }, result[6])
assert_equal({ a.to_s => 1 }, result[7])
new_way = Way.find(new_way_id)
assert_equal 1, new_way.version
assert_equal [4, new_node_id, 6, 15], new_way.nds
assert_equal [b, new_node_id, d, e], new_way.nds
assert_equal({ "test" => "newest" }, new_way.tags)
new_node = Node.find(new_node_id)
@ -955,7 +1029,7 @@ class AmfControllerTest < ActionController::TestCase
assert_equal 12.34, new_node.lat
assert_equal({ "test" => "new" }, new_node.tags)
changed_node = Node.find(6)
changed_node = Node.find(d)
assert_equal 2, changed_node.version
assert_equal true, changed_node.visible
assert_equal 12.34, changed_node.lon
@ -963,18 +1037,19 @@ class AmfControllerTest < ActionController::TestCase
assert_equal({ "test" => "ok" }, changed_node.tags)
# node is not deleted because our other ways are using it
deleted_node = Node.find(1)
deleted_node = Node.find(a)
assert_equal 1, deleted_node.version
assert_equal true, deleted_node.visible
end
# check that we can update a way
def test_putway_update_valid
way = current_ways(:way_with_multiple_nodes)
cs_id = changesets(:public_user_first_change).id
way = create(:way_with_nodes, :nodes_count => 3)
cs_id = way.changeset.id
user = way.changeset.user
assert_not_equal({ "test" => "ok" }, way.tags)
amf_content "putway", "/1", ["test@example.com:test", cs_id, way.version, way.id, way.nds, { "test" => "ok" }, [], {}]
amf_content "putway", "/1", ["#{user.email}:test", cs_id, way.version, way.id, way.nds, { "test" => "ok" }, [], {}]
post :amf_write
assert_response :success
amf_parse_response
@ -995,8 +1070,14 @@ class AmfControllerTest < ActionController::TestCase
assert_equal way.nds, new_way.nds
assert_equal({ "test" => "ok" }, new_way.tags)
assert_not_equal [4, 6, 15, 1], way.tags
amf_content "putway", "/1", ["test@example.com:test", cs_id, way.version + 1, way.id, [4, 6, 15, 1], way.tags, [], {}]
# Test changing the nodes in the way
a = create(:node).id
b = create(:node).id
c = create(:node).id
d = create(:node).id
assert_not_equal [a, b, c, d], way.nds
amf_content "putway", "/1", ["#{user.email}:test", cs_id, way.version + 1, way.id, [a, b, c, d], way.tags, [], {}]
post :amf_write
assert_response :success
amf_parse_response
@ -1014,10 +1095,10 @@ class AmfControllerTest < ActionController::TestCase
new_way = Way.find(way.id)
assert_equal way.version + 2, new_way.version
assert_equal [4, 6, 15, 1], new_way.nds
assert_equal [a, b, c, d], new_way.nds
assert_equal way.tags, new_way.tags
amf_content "putway", "/1", ["test@example.com:test", cs_id, way.version + 2, way.id, [4, -1, 6, 15], way.tags, [[4.56, 12.34, -1, 0, { "test" => "new" }], [12.34, 4.56, 6, 1, { "test" => "ok" }]], { 1 => 1 }]
amf_content "putway", "/1", ["#{user.email}:test", cs_id, way.version + 2, way.id, [a, -1, b, c], way.tags, [[4.56, 12.34, -1, 0, { "test" => "new" }], [12.34, 4.56, b, 1, { "test" => "ok" }]], { d => 1 }]
post :amf_write
assert_response :success
amf_parse_response
@ -1031,12 +1112,12 @@ class AmfControllerTest < ActionController::TestCase
assert_equal way.id, result[3]
assert_equal({ "-1" => new_node_id }, result[4])
assert_equal way.version + 3, result[5]
assert_equal({ new_node_id.to_s => 1, "6" => 2 }, result[6])
assert_equal({ "1" => 1 }, result[7])
assert_equal({ new_node_id.to_s => 1, b.to_s => 2 }, result[6])
assert_equal({ d.to_s => 1 }, result[7])
new_way = Way.find(way.id)
assert_equal way.version + 3, new_way.version
assert_equal [4, new_node_id, 6, 15], new_way.nds
assert_equal [a, new_node_id, b, c], new_way.nds
assert_equal way.tags, new_way.tags
new_node = Node.find(new_node_id)
@ -1046,25 +1127,35 @@ class AmfControllerTest < ActionController::TestCase
assert_equal 12.34, new_node.lat
assert_equal({ "test" => "new" }, new_node.tags)
changed_node = Node.find(6)
changed_node = Node.find(b)
assert_equal 2, changed_node.version
assert_equal true, changed_node.visible
assert_equal 12.34, changed_node.lon
assert_equal 4.56, changed_node.lat
assert_equal({ "test" => "ok" }, changed_node.tags)
deleted_node = Node.find(1)
deleted_node = Node.find(d)
assert_equal 2, deleted_node.version
assert_equal false, deleted_node.visible
end
# check that we can delete a way
def test_deleteway_valid
way = current_ways(:way_with_multiple_nodes)
way = create(:way_with_nodes, :nodes_count => 3)
nodes = way.nodes.each_with_object({}) { |n, ns| ns[n.id] = n.version }
cs_id = changesets(:public_user_first_change).id
cs_id = way.changeset.id
user = way.changeset.user
amf_content "deleteway", "/1", ["test@example.com:test", cs_id, way.id, way.version, nodes]
# Of the three nodes, two should be kept since they are used in
# a different way, and the third deleted since it's unused
a = way.nodes[0]
create(:way_node, :node => a)
b = way.nodes[1]
create(:way_node, :node => b)
c = way.nodes[2]
amf_content "deleteway", "/1", ["#{user.email}:test", cs_id, way.id, way.version, nodes]
post :amf_write
assert_response :success
amf_parse_response
@ -1075,7 +1166,7 @@ class AmfControllerTest < ActionController::TestCase
assert_equal "", result[1]
assert_equal way.id, result[2]
assert_equal way.version + 1, result[3]
assert_equal({ "11" => 2 }, result[4])
assert_equal({ c.id.to_s => 2 }, result[4])
new_way = Way.find(way.id)
assert_equal way.version + 1, new_way.version
@ -1088,11 +1179,13 @@ class AmfControllerTest < ActionController::TestCase
# check that we can't delete a way that is in use
def test_deleteway_inuse
way = current_ways(:used_way)
way = create(:way_with_nodes, :nodes_count => 4)
create(:relation_member, :member => way)
nodes = way.nodes.each_with_object({}) { |n, ns| ns[n.id] = n.version }
cs_id = changesets(:public_user_first_change).id
cs_id = way.changeset.id
user = way.changeset.user
amf_content "deleteway", "/1", ["test@example.com:test", cs_id, way.id, way.version, nodes]
amf_content "deleteway", "/1", ["#{user.email}:test", cs_id, way.id, way.version, nodes]
post :amf_write
assert_response :success
amf_parse_response
@ -1113,9 +1206,15 @@ class AmfControllerTest < ActionController::TestCase
# check that we can create a relation
def test_putrelation_create_valid
cs_id = changesets(:public_user_first_change).id
changeset = create(:changeset)
user = changeset.user
cs_id = changeset.id
amf_content "putrelation", "/1", ["test@example.com:test", cs_id, 0, -1, { "test" => "new" }, [["Node", 3, "node"], ["Way", 7, "way"], ["Relation", 1, "relation"]], true]
node = create(:node)
way = create(:way_with_nodes, :nodes_count => 2)
relation = create(:relation)
amf_content "putrelation", "/1", ["#{user.email}:test", cs_id, 0, -1, { "test" => "new" }, [["Node", node.id, "node"], ["Way", way.id, "way"], ["Relation", relation.id, "relation"]], true]
post :amf_write
assert_response :success
amf_parse_response
@ -1131,18 +1230,20 @@ class AmfControllerTest < ActionController::TestCase
new_relation = Relation.find(new_relation_id)
assert_equal 1, new_relation.version
assert_equal [["Node", 3, "node"], ["Way", 7, "way"], ["Relation", 1, "relation"]], new_relation.members
assert_equal [["Node", node.id, "node"], ["Way", way.id, "way"], ["Relation", relation.id, "relation"]], new_relation.members
assert_equal({ "test" => "new" }, new_relation.tags)
assert_equal true, new_relation.visible
end
# check that we can update a relation
def test_putrelation_update_valid
relation = current_relations(:visible_relation)
cs_id = changesets(:public_user_first_change).id
relation = create(:relation)
create(:relation_member, :relation => relation)
user = relation.changeset.user
cs_id = relation.changeset.id
assert_not_equal({ "test" => "ok" }, relation.tags)
amf_content "putrelation", "/1", ["test@example.com:test", cs_id, relation.version, relation.id, { "test" => "ok" }, relation.members, true]
amf_content "putrelation", "/1", ["#{user.email}:test", cs_id, relation.version, relation.id, { "test" => "ok" }, relation.members, true]
post :amf_write
assert_response :success
amf_parse_response
@ -1164,10 +1265,13 @@ class AmfControllerTest < ActionController::TestCase
# check that we can delete a relation
def test_putrelation_delete_valid
relation = current_relations(:visible_relation)
cs_id = changesets(:public_user_first_change).id
relation = create(:relation)
create(:relation_member, :relation => relation)
create(:relation_tag, :relation => relation)
cs_id = relation.changeset.id
user = relation.changeset.user
amf_content "putrelation", "/1", ["test@example.com:test", cs_id, relation.version, relation.id, relation.tags, relation.members, false]
amf_content "putrelation", "/1", ["#{user.email}:test", cs_id, relation.version, relation.id, relation.tags, relation.members, false]
post :amf_write
assert_response :success
amf_parse_response
@ -1189,10 +1293,13 @@ class AmfControllerTest < ActionController::TestCase
# check that we can't delete a relation that is in use
def test_putrelation_delete_inuse
relation = current_relations(:public_used_relation)
cs_id = changesets(:public_user_first_change).id
relation = create(:relation)
super_relation = create(:relation)
create(:relation_member, :relation => super_relation, :member => relation)
cs_id = relation.changeset.id
user = relation.changeset.user
amf_content "putrelation", "/1", ["test@example.com:test", cs_id, relation.version, relation.id, relation.tags, relation.members, false]
amf_content "putrelation", "/1", ["#{user.email}:test", cs_id, relation.version, relation.id, relation.tags, relation.members, false]
post :amf_write
assert_response :success
amf_parse_response
@ -1211,7 +1318,9 @@ class AmfControllerTest < ActionController::TestCase
# check that we can open a changeset
def test_startchangeset_valid
amf_content "startchangeset", "/1", ["test@example.com:test", { "source" => "new" }, nil, "new", 1]
user = create(:user)
amf_content "startchangeset", "/1", ["#{user.email}:test", { "source" => "new" }, nil, "new", 1]
post :amf_write
assert_response :success
amf_parse_response
@ -1228,7 +1337,7 @@ class AmfControllerTest < ActionController::TestCase
old_cs_id = new_cs_id
amf_content "startchangeset", "/1", ["test@example.com:test", { "source" => "newer" }, old_cs_id, "newer", 1]
amf_content "startchangeset", "/1", ["#{user.email}:test", { "source" => "newer" }, old_cs_id, "newer", 1]
post :amf_write
assert_response :success
amf_parse_response
@ -1251,7 +1360,7 @@ class AmfControllerTest < ActionController::TestCase
old_cs_id = new_cs_id
amf_content "startchangeset", "/1", ["test@example.com:test", {}, old_cs_id, "", 0]
amf_content "startchangeset", "/1", ["#{user.email}:test", {}, old_cs_id, "", 0]
post :amf_write
assert_response :success
amf_parse_response
@ -1269,7 +1378,10 @@ class AmfControllerTest < ActionController::TestCase
# check that we can't close somebody elses changeset
def test_startchangeset_invalid_wrong_user
amf_content "startchangeset", "/1", ["test@example.com:test", { "source" => "new" }, nil, "new", 1]
user = create(:user)
user2 = create(:user)
amf_content "startchangeset", "/1", ["#{user.email}:test", { "source" => "new" }, nil, "new", 1]
post :amf_write
assert_response :success
amf_parse_response
@ -1284,7 +1396,7 @@ class AmfControllerTest < ActionController::TestCase
assert_equal true, cs.is_open?
assert_equal({ "comment" => "new", "source" => "new" }, cs.tags)
amf_content "startchangeset", "/1", ["test@openstreetmap.org:test", {}, cs_id, "delete", 0]
amf_content "startchangeset", "/1", ["#{user2.email}:test", {}, cs_id, "delete", 0]
post :amf_write
assert_response :success
amf_parse_response
@ -1301,10 +1413,12 @@ class AmfControllerTest < ActionController::TestCase
# check that invalid characters are stripped from changeset tags
def test_startchangeset_invalid_xmlchar_comment
user = create(:user)
invalid = "\035\022"
comment = "foo#{invalid}bar"
amf_content "startchangeset", "/1", ["test@example.com:test", {}, nil, comment, 1]
amf_content "startchangeset", "/1", ["#{user.email}:test", {}, nil, comment, 1]
post :amf_write
assert_response :success
amf_parse_response

203
test/controllers/api_controller_test.rb
View file

@ -2,18 +2,16 @@ require "test_helper"
require "api_controller"
class ApiControllerTest < ActionController::TestCase
api_fixtures
def setup
super
@badbigbbox = %w(-0.1,-0.1,1.1,1.1 10,10,11,11)
@badmalformedbbox = %w(-0.1 hello
10N2W10.1N2.1W)
@badlatmixedbbox = %w(0,0.1,0.1,0 -0.1,80,0.1,70 0.24,54.34,0.25,54.33)
@badlonmixedbbox = %w(80,-0.1,70,0.1 54.34,0.24,54.33,0.25)
@badbigbbox = %w[-0.1,-0.1,1.1,1.1 10,10,11,11]
@badmalformedbbox = %w[-0.1 hello
10N2W10.1N2.1W]
@badlatmixedbbox = %w[0,0.1,0.1,0 -0.1,80,0.1,70 0.24,54.34,0.25,54.33]
@badlonmixedbbox = %w[80,-0.1,70,0.1 54.34,0.24,54.33,0.25]
# @badlatlonoutboundsbbox = %w{ 191,-0.1,193,0.1 -190.1,89.9,-190,90 }
@goodbbox = %w(-0.1,-0.1,0.1,0.1 51.1,-0.1,51.2,0
-0.1,%20-0.1,%200.1,%200.1 -0.1edcd,-0.1d,0.1,0.1 -0.1E,-0.1E,0.1S,0.1N S0.1,W0.1,N0.1,E0.1)
@goodbbox = %w[-0.1,-0.1,0.1,0.1 51.1,-0.1,51.2,0
-0.1,%20-0.1,%200.1,%200.1 -0.1edcd,-0.1d,0.1,0.1 -0.1E,-0.1E,0.1S,0.1N S0.1,W0.1,N0.1,E0.1]
# That last item in the goodbbox really shouldn't be there, as the API should
# reall reject it, however this is to test to see if the api changes.
end
@ -52,7 +50,12 @@ class ApiControllerTest < ActionController::TestCase
# -------------------------------------
def test_map
node = current_nodes(:used_node_1)
node = create(:node, :lat => 7, :lon => 7)
tag = create(:node_tag, :node => node)
way1 = create(:way_node, :node => node).way
way2 = create(:way_node, :node => node).way
relation = create(:relation_member, :member => node).relation
# Need to split the min/max lat/lon out into their own variables here
# so that we can test they are returned later.
minlon = node.lon - 0.1
@ -60,71 +63,85 @@ class ApiControllerTest < ActionController::TestCase
maxlon = node.lon + 0.1
maxlat = node.lat + 0.1
bbox = "#{minlon},#{minlat},#{maxlon},#{maxlat}"
get :map, :bbox => bbox
get :map, :params => { :bbox => bbox }
if $VERBOSE
print @request.to_yaml
print @response.body
end
assert_response :success, "Expected scucess with the map call"
assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
assert_select "bounds[minlon='#{minlon}'][minlat='#{minlat}'][maxlon='#{maxlon}'][maxlat='#{maxlat}']", :count => 1
assert_select "node[id='#{node.id}'][lat='#{node.lat}'][lon='#{node.lon}'][version='#{node.version}'][changeset='#{node.changeset_id}'][visible='#{node.visible}'][timestamp='#{node.timestamp.xmlschema}']", :count => 1 do
assert_select "bounds[minlon='#{format('%.7f', minlon)}'][minlat='#{format('%.7f', minlat)}'][maxlon='#{format('%.7f', maxlon)}'][maxlat='#{format('%.7f', maxlat)}']", :count => 1
assert_select "node[id='#{node.id}'][lat='#{format('%.7f', node.lat)}'][lon='#{format('%.7f', node.lon)}'][version='#{node.version}'][changeset='#{node.changeset_id}'][visible='#{node.visible}'][timestamp='#{node.timestamp.xmlschema}']", :count => 1 do
# This should really be more generic
assert_select "tag[k='test'][v='yes']"
assert_select "tag[k='#{tag.k}'][v='#{tag.v}']"
end
assert_select "way", :count => 2
assert_select "way[id='1']", :count => 1
assert_select "way[id='3']", :count => 1
assert_select "way[id='#{way1.id}']", :count => 1
assert_select "way[id='#{way2.id}']", :count => 1
assert_select "relation", :count => 1
assert_select "relation[id='1']", :count => 1
assert_select "relation[id='#{relation.id}']", :count => 1
end
end
# This differs from the above test in that we are making the bbox exactly
# the same as the node we are looking at
def test_map_inclusive
node = current_nodes(:used_node_1)
node = create(:node, :lat => 7, :lon => 7)
tag = create(:node_tag, :node => node)
way1 = create(:way_node, :node => node).way
way2 = create(:way_node, :node => node).way
relation = create(:relation_member, :member => node).relation
bbox = "#{node.lon},#{node.lat},#{node.lon},#{node.lat}"
get :map, :bbox => bbox
get :map, :params => { :bbox => bbox }
assert_response :success, "The map call should have succeeded"
assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
assert_select "bounds[minlon='#{node.lon}'][minlat='#{node.lat}'][maxlon='#{node.lon}'][maxlat='#{node.lat}']", :count => 1
assert_select "node[id='#{node.id}'][lat='#{node.lat}'][lon='#{node.lon}'][version='#{node.version}'][changeset='#{node.changeset_id}'][visible='#{node.visible}'][timestamp='#{node.timestamp.xmlschema}']", :count => 1 do
assert_select "node[id='#{node.id}'][lat='#{format('%.7f', node.lat)}'][lon='#{format('%.7f', node.lon)}'][version='#{node.version}'][changeset='#{node.changeset_id}'][visible='#{node.visible}'][timestamp='#{node.timestamp.xmlschema}']", :count => 1 do
# This should really be more generic
assert_select "tag[k='test'][v='yes']"
assert_select "tag[k='#{tag.k}'][v='#{tag.v}']"
end
assert_select "way", :count => 2
assert_select "way[id='1']", :count => 1
assert_select "way[id='3']", :count => 1
assert_select "way[id='#{way1.id}']", :count => 1
assert_select "way[id='#{way2.id}']", :count => 1
assert_select "relation", :count => 1
assert_select "relation[id='1']", :count => 1
assert_select "relation[id='#{relation.id}']", :count => 1
end
end
def test_map_complete_way
node = current_nodes(:used_node_2)
node = create(:node, :lat => 7, :lon => 7)
# create a couple of nodes well outside of the bbox
node2 = create(:node, :lat => 45, :lon => 45)
node3 = create(:node, :lat => 10, :lon => 10)
way1 = create(:way_node, :node => node).way
create(:way_node, :way => way1, :node => node2, :sequence_id => 2)
way2 = create(:way_node, :node => node).way
create(:way_node, :way => way2, :node => node3, :sequence_id => 2)
relation = create(:relation_member, :member => way1).relation
bbox = "#{node.lon},#{node.lat},#{node.lon},#{node.lat}"
get :map, :bbox => bbox
get :map, :params => { :bbox => bbox }
assert_response :success, "The map call should have succeeded"
assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
assert_select "bounds[minlon='#{node.lon}'][minlat='#{node.lat}'][maxlon='#{node.lon}'][maxlat='#{node.lat}']", :count => 1
assert_select "node", :count => 3
assert_select "node[id='4']", :count => 1
assert_select "node[id='11']", :count => 1
assert_select "node[id='15']", :count => 1
assert_select "node[id='#{node.id}']", :count => 1
assert_select "node[id='#{node2.id}']", :count => 1
assert_select "node[id='#{node3.id}']", :count => 1
assert_select "way", :count => 2
assert_select "way[id='5']", :count => 1
assert_select "way[id='7']", :count => 1
assert_select "way[id='#{way1.id}']", :count => 1
assert_select "way[id='#{way2.id}']", :count => 1
assert_select "relation", :count => 1
assert_select "relation[id='8']", :count => 1
assert_select "relation[id='#{relation.id}']", :count => 1
end
end
def test_map_empty
get :map, :bbox => "179.998,89.998,179.999.1,89.999"
get :map, :params => { :bbox => "179.998,89.998,179.999.1,89.999" }
assert_response :success, "The map call should have succeeded"
assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
assert_select "bounds[minlon='179.998'][minlat='89.998'][maxlon='179.999'][maxlat='89.999']", :count => 1
assert_select "bounds[minlon='179.9980000'][minlat='89.9980000'][maxlon='179.9990000'][maxlat='89.9990000']", :count => 1
assert_select "node", :count => 0
assert_select "way", :count => 0
assert_select "relation", :count => 0
@ -132,13 +149,15 @@ class ApiControllerTest < ActionController::TestCase
end
def test_tracepoints
point = gpx_files(:public_trace_file)
point = create(:trace, :visibility => "public", :latitude => 1, :longitude => 1) do |trace|
create(:tracepoint, :trace => trace, :latitude => 1 * GeoRecord::SCALE, :longitude => 1 * GeoRecord::SCALE)
end
minlon = point.longitude - 0.001
minlat = point.latitude - 0.001
maxlon = point.longitude + 0.001
maxlat = point.latitude + 0.001
bbox = "#{minlon},#{minlat},#{maxlon},#{maxlat}"
get :trackpoints, :bbox => bbox
get :trackpoints, :params => { :bbox => bbox }
assert_response :success
assert_select "gpx[version='1.0'][creator='OpenStreetMap.org']", :count => 1 do
assert_select "trk" do
@ -148,13 +167,16 @@ class ApiControllerTest < ActionController::TestCase
end
def test_tracepoints_trackable
point = gpx_files(:trackable_trace_file)
point = create(:trace, :visibility => "trackable", :latitude => 51.51, :longitude => -0.14) do |trace|
create(:tracepoint, :trace => trace, :trackid => 1, :latitude => (51.510 * GeoRecord::SCALE).to_i, :longitude => (-0.140 * GeoRecord::SCALE).to_i)
create(:tracepoint, :trace => trace, :trackid => 2, :latitude => (51.511 * GeoRecord::SCALE).to_i, :longitude => (-0.141 * GeoRecord::SCALE).to_i)
end
minlon = point.longitude - 0.002
minlat = point.latitude - 0.002
maxlon = point.longitude + 0.002
maxlat = point.latitude + 0.002
bbox = "#{minlon},#{minlat},#{maxlon},#{maxlat}"
get :trackpoints, :bbox => bbox
get :trackpoints, :params => { :bbox => bbox }
assert_response :success
assert_select "gpx[version='1.0'][creator='OpenStreetMap.org']", :count => 1 do
assert_select "trk", :count => 1 do
@ -170,13 +192,15 @@ class ApiControllerTest < ActionController::TestCase
end
def test_tracepoints_identifiable
point = gpx_files(:identifiable_trace_file)
point = create(:trace, :visibility => "identifiable", :latitude => 51.512, :longitude => 0.142) do |trace|
create(:tracepoint, :trace => trace, :latitude => (51.512 * GeoRecord::SCALE).to_i, :longitude => (0.142 * GeoRecord::SCALE).to_i)
end
minlon = point.longitude - 0.002
minlat = point.latitude - 0.002
maxlon = point.longitude + 0.002
maxlat = point.latitude + 0.002
bbox = "#{minlon},#{minlat},#{maxlon},#{maxlat}"
get :trackpoints, :bbox => bbox
get :trackpoints, :params => { :bbox => bbox }
assert_response :success
assert_select "gpx[version='1.0'][creator='OpenStreetMap.org']", :count => 1 do
assert_select "trk", :count => 1 do
@ -193,7 +217,7 @@ class ApiControllerTest < ActionController::TestCase
end
def test_map_without_bbox
%w(trackpoints map).each do |tq|
%w[trackpoints map].each do |tq|
get tq
assert_response :bad_request
assert_equal "The parameter bbox is required, and must be of the form min_lon,min_lat,max_lon,max_lat", @response.body, "A bbox param was expected"
@ -202,20 +226,20 @@ class ApiControllerTest < ActionController::TestCase
def test_traces_page_less_than_0
-10.upto(-1) do |i|
get :trackpoints, :page => i, :bbox => "-0.1,-0.1,0.1,0.1"
get :trackpoints, :params => { :page => i, :bbox => "-0.1,-0.1,0.1,0.1" }
assert_response :bad_request
assert_equal "Page number must be greater than or equal to 0", @response.body, "The page number was #{i}"
end
0.upto(10) do |i|
get :trackpoints, :page => i, :bbox => "-0.1,-0.1,0.1,0.1"
get :trackpoints, :params => { :page => i, :bbox => "-0.1,-0.1,0.1,0.1" }
assert_response :success, "The page number was #{i} and should have been accepted"
end
end
def test_bbox_too_big
@badbigbbox.each do |bbox|
%w(trackpoints map).each do |tq|
get tq, :bbox => bbox
%w[trackpoints map].each do |tq|
get tq, :params => { :bbox => bbox }
assert_response :bad_request, "The bbox:#{bbox} was expected to be too big"
assert_equal "The maximum bbox size is #{MAX_REQUEST_AREA}, and your request was too large. Either request a smaller area, or use planet.osm", @response.body, "bbox: #{bbox}"
end
@ -224,8 +248,8 @@ class ApiControllerTest < ActionController::TestCase
def test_bbox_malformed
@badmalformedbbox.each do |bbox|
%w(trackpoints map).each do |tq|
get tq, :bbox => bbox
%w[trackpoints map].each do |tq|
get tq, :params => { :bbox => bbox }
assert_response :bad_request, "The bbox:#{bbox} was expected to be malformed"
assert_equal "The parameter bbox is required, and must be of the form min_lon,min_lat,max_lon,max_lat", @response.body, "bbox: #{bbox}"
end
@ -234,8 +258,8 @@ class ApiControllerTest < ActionController::TestCase
def test_bbox_lon_mixedup
@badlonmixedbbox.each do |bbox|
%w(trackpoints map).each do |tq|
get tq, :bbox => bbox
%w[trackpoints map].each do |tq|
get tq, :params => { :bbox => bbox }
assert_response :bad_request, "The bbox:#{bbox} was expected to have the longitude mixed up"
assert_equal "The minimum longitude must be less than the maximum longitude, but it wasn't", @response.body, "bbox: #{bbox}"
end
@ -244,8 +268,8 @@ class ApiControllerTest < ActionController::TestCase
def test_bbox_lat_mixedup
@badlatmixedbbox.each do |bbox|
%w(trackpoints map).each do |tq|
get tq, :bbox => bbox
%w[trackpoints map].each do |tq|
get tq, :params => { :bbox => bbox }
assert_response :bad_request, "The bbox:#{bbox} was expected to have the latitude mixed up"
assert_equal "The minimum latitude must be less than the maximum latitude, but it wasn't", @response.body, "bbox: #{bbox}"
end
@ -269,41 +293,49 @@ class ApiControllerTest < ActionController::TestCase
# http://wiki.openstreetmap.org/wiki/Rails#Installing_the_quadtile_functions
# or by looking at the readme in db/README
def test_changes_simple
Timecop.freeze(Time.utc(2010, 4, 3, 10, 55, 0))
get :changes
assert_response :success
# print @response.body
# As we have loaded the fixtures, we can assume that there are no
# changes at the time we have frozen at
now = Time.now.getutc
hourago = now - 1.hour
assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
assert_select "changes[starttime='#{hourago.xmlschema}'][endtime='#{now.xmlschema}']", :count => 1 do
assert_select "tile", :count => 0
end
# create a selection of nodes
(1..5).each do |n|
create(:node, :timestamp => Time.utc(2007, 1, 1, 0, 0, 0), :lat => n, :lon => n)
end
Timecop.return
# deleted nodes should also be counted
create(:node, :deleted, :timestamp => Time.utc(2007, 1, 1, 0, 0, 0), :lat => 6, :lon => 6)
# nodes in the same tile won't change the total
create(:node, :timestamp => Time.utc(2007, 1, 1, 0, 0, 0), :lat => 6, :lon => 6)
# nodes with a different timestamp should be ignored
create(:node, :timestamp => Time.utc(2008, 1, 1, 0, 0, 0), :lat => 7, :lon => 7)
Timecop.freeze(Time.utc(2007, 1, 1, 0, 30, 0))
get :changes
assert_response :success
# print @response.body
# As we have loaded the fixtures, we can assume that there are some
# changes at the time we have frozen at
now = Time.now.getutc
hourago = now - 1.hour
assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
assert_select "changes[starttime='#{hourago.xmlschema}'][endtime='#{now.xmlschema}']", :count => 1 do
assert_select "tile", :count => 10
travel_to Time.utc(2010, 4, 3, 10, 55, 0) do
get :changes
assert_response :success
now = Time.now.getutc
hourago = now - 1.hour
assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
assert_select "changes[starttime='#{hourago.xmlschema}'][endtime='#{now.xmlschema}']", :count => 1 do
assert_select "tile", :count => 0
end
end
end
travel_to Time.utc(2007, 1, 1, 0, 30, 0) do
get :changes
assert_response :success
# print @response.body
# As we have loaded the fixtures, we can assume that there are some
# changes at the time we have frozen at
now = Time.now.getutc
hourago = now - 1.hour
assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
assert_select "changes[starttime='#{hourago.xmlschema}'][endtime='#{now.xmlschema}']", :count => 1 do
assert_select "tile", :count => 6
end
end
end
Timecop.return
end
def test_changes_zoom_invalid
zoom_to_test = %w(p -1 0 17 one two)
zoom_to_test = %w[p -1 0 17 one two]
zoom_to_test.each do |zoom|
get :changes, :zoom => zoom
get :changes, :params => { :zoom => zoom }
assert_response :bad_request
assert_equal @response.body, "Requested zoom is invalid, or the supplied start is after the end time, or the start duration is more than 24 hours"
end
@ -311,7 +343,7 @@ class ApiControllerTest < ActionController::TestCase
def test_changes_zoom_valid
1.upto(16) do |zoom|
get :changes, :zoom => zoom
get :changes, :params => { :zoom => zoom }
assert_response :success
# NOTE: there was a test here for the timing, but it was too sensitive to be a good test
# and it was annoying.
@ -322,9 +354,9 @@ class ApiControllerTest < ActionController::TestCase
end
def test_changes_hours_invalid
invalid = %w(-21 335 -1 0 25 26 100 one two three ping pong :)
invalid = %w[-21 335 -1 0 25 26 100 one two three ping pong :]
invalid.each do |hour|
get :changes, :hours => hour
get :changes, :params => { :hours => hour }
assert_response :bad_request, "Problem with the hour: #{hour}"
assert_equal @response.body, "Requested zoom is invalid, or the supplied start is after the end time, or the start duration is more than 24 hours", "Problem with the hour: #{hour}."
end
@ -332,19 +364,19 @@ class ApiControllerTest < ActionController::TestCase
def test_changes_hours_valid
1.upto(24) do |hour|
get :changes, :hours => hour
get :changes, :params => { :hours => hour }
assert_response :success
end
end
def test_changes_start_end_invalid
get :changes, :start => "2010-04-03 10:55:00", :end => "2010-04-03 09:55:00"
get :changes, :params => { :start => "2010-04-03 10:55:00", :end => "2010-04-03 09:55:00" }
assert_response :bad_request
assert_equal @response.body, "Requested zoom is invalid, or the supplied start is after the end time, or the start duration is more than 24 hours"
end
def test_changes_start_end_valid
get :changes, :start => "2010-04-03 09:55:00", :end => "2010-04-03 10:55:00"
get :changes, :params => { :start => "2010-04-03 09:55:00", :end => "2010-04-03 10:55:00" }
assert_response :success
end
@ -355,6 +387,7 @@ class ApiControllerTest < ActionController::TestCase
assert_select "api", :count => 1 do
assert_select "version[minimum='#{API_VERSION}'][maximum='#{API_VERSION}']", :count => 1
assert_select "area[maximum='#{MAX_REQUEST_AREA}']", :count => 1
assert_select "note_area[maximum='#{MAX_NOTE_REQUEST_AREA}']", :count => 1
assert_select "tracepoints[per_page='#{TRACEPOINTS_PER_PAGE}']", :count => 1
assert_select "changesets[maximum_elements='#{Changeset::MAX_ELEMENTS}']", :count => 1
assert_select "status[database='online']", :count => 1
@ -373,7 +406,7 @@ class ApiControllerTest < ActionController::TestCase
end
def test_permissions_basic_auth
basic_authorization(users(:normal_user).email, "test")
basic_authorization(create(:user).email, "test")
get :permissions
assert_response :success
assert_select "osm > permissions", :count => 1 do

92
test/controllers/browse_controller_test.rb
View file

@ -2,8 +2,6 @@ require "test_helper"
require "browse_controller"
class BrowseControllerTest < ActionController::TestCase
api_fixtures
##
# test all routes which lead to this controller
def test_routes
@ -46,71 +44,85 @@ class BrowseControllerTest < ActionController::TestCase
end
def test_read_relation
browse_check "relation", relations(:visible_relation).relation_id, "browse/feature"
browse_check "relation", create(:relation).id, "browse/feature"
end
def test_read_relation_history
browse_check "relation_history", relations(:visible_relation).relation_id, "browse/history"
browse_check "relation_history", create(:relation, :with_history).id, "browse/history"
end
def test_read_way
browse_check "way", ways(:visible_way).way_id, "browse/feature"
browse_check "way", create(:way).id, "browse/feature"
end
def test_read_way_history
browse_check "way_history", ways(:visible_way).way_id, "browse/history"
browse_check "way_history", create(:way, :with_history).id, "browse/history"
end
def test_read_node
browse_check "node", nodes(:visible_node).node_id, "browse/feature"
browse_check "node", create(:node).id, "browse/feature"
end
def test_read_node_history
browse_check "node_history", nodes(:visible_node).node_id, "browse/history"
browse_check "node_history", create(:node, :with_history).id, "browse/history"
end
def test_read_changeset
browse_check "changeset", changesets(:normal_user_first_change).id, "browse/changeset"
browse_check "changeset", changesets(:public_user_first_change).id, "browse/changeset"
private_changeset = create(:changeset, :user => create(:user, :data_public => false))
changeset = create(:changeset)
browse_check "changeset", private_changeset.id, "browse/changeset"
browse_check "changeset", changeset.id, "browse/changeset"
end
def test_read_changeset_hidden_comments
browse_check "changeset", changesets(:normal_user_closed_change).id, "browse/changeset"
changeset = create(:changeset)
create_list(:changeset_comment, 3, :changeset => changeset)
create(:changeset_comment, :visible => false, :changeset => changeset)
browse_check "changeset", changeset.id, "browse/changeset"
assert_select "div.changeset-comments ul li", :count => 3
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
browse_check "changeset", changesets(:normal_user_closed_change).id, "browse/changeset"
browse_check "changeset", changeset.id, "browse/changeset"
assert_select "div.changeset-comments ul li", :count => 4
end
def test_read_note
browse_check "note", notes(:open_note).id, "browse/note"
open_note = create(:note_with_comments)
browse_check "note", open_note.id, "browse/note"
end
def test_read_hidden_note
get :note, :id => notes(:hidden_note_with_comment).id
hidden_note_with_comment = create(:note_with_comments, :status => "hidden")
get :note, :params => { :id => hidden_note_with_comment.id }
assert_response :not_found
assert_template "browse/not_found"
assert_template :layout => "map"
xhr :get, :note, :id => notes(:hidden_note_with_comment).id
get :note, :params => { :id => hidden_note_with_comment.id }, :xhr => true
assert_response :not_found
assert_template "browse/not_found"
assert_template :layout => "xhr"
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
browse_check "note", notes(:hidden_note_with_comment).id, "browse/note"
browse_check "note", hidden_note_with_comment.id, "browse/note"
end
def test_read_note_hidden_comments
browse_check "note", notes(:note_with_hidden_comment).id, "browse/note"
note_with_hidden_comment = create(:note_with_comments, :comments_count => 2) do |note|
create(:note_comment, :note => note, :visible => false)
end
browse_check "note", note_with_hidden_comment.id, "browse/note"
assert_select "div.note-comments ul li", :count => 1
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
browse_check "note", notes(:note_with_hidden_comment).id, "browse/note"
browse_check "note", note_with_hidden_comment.id, "browse/note"
assert_select "div.note-comments ul li", :count => 2
end
@ -123,7 +135,11 @@ class BrowseControllerTest < ActionController::TestCase
# then please make it more easily (and robustly) testable!
##
def test_redacted_node
get :node, :id => current_nodes(:redacted_node).id
node = create(:node, :with_history, :deleted, :version => 2)
node_v1 = node.old_nodes.find_by(:version => 1)
node_v1.redact!(create(:redaction))
get :node, :params => { :id => node.id }
assert_response :success
assert_template "feature"
@ -135,7 +151,11 @@ class BrowseControllerTest < ActionController::TestCase
end
def test_redacted_node_history
get :node_history, :id => nodes(:redacted_node_redacted_version).node_id
node = create(:node, :with_history, :deleted, :version => 2)
node_v1 = node.old_nodes.find_by(:version => 1)
node_v1.redact!(create(:redaction))
get :node_history, :params => { :id => node.id }
assert_response :success
assert_template "browse/history"
@ -149,7 +169,13 @@ class BrowseControllerTest < ActionController::TestCase
end
def test_redacted_way_history
get :way_history, :id => ways(:way_with_redacted_versions_v1).way_id
way = create(:way, :with_history, :version => 4)
way_v1 = way.old_ways.find_by(:version => 1)
way_v1.redact!(create(:redaction))
way_v3 = way.old_ways.find_by(:version => 3)
way_v3.redact!(create(:redaction))
get :way_history, :params => { :id => way.id }
assert_response :success
assert_template "browse/history"
@ -161,7 +187,13 @@ class BrowseControllerTest < ActionController::TestCase
end
def test_redacted_relation_history
get :relation_history, :id => relations(:relation_with_redacted_versions_v1).relation_id
relation = create(:relation, :with_history, :version => 4)
relation_v1 = relation.old_relations.find_by(:version => 1)
relation_v1.redact!(create(:redaction))
relation_v3 = relation.old_relations.find_by(:version => 3)
relation_v3.redact!(create(:redaction))
get :relation_history, :params => { :id => relation.id }
assert_response :success
assert_template "browse/history"
@ -184,25 +216,25 @@ class BrowseControllerTest < ActionController::TestCase
end
assert_raise ActionController::UrlGenerationError do
get type, :id => -10 # we won't have an id that's negative
get type, :params => { :id => -10 } # we won't have an id that's negative
end
get type, :id => 0
get type, :params => { :id => 0 }
assert_response :not_found
assert_template "browse/not_found"
assert_template :layout => "map"
xhr :get, type, :id => 0
get type, :params => { :id => 0 }, :xhr => true
assert_response :not_found
assert_template "browse/not_found"
assert_template :layout => "xhr"
get type, :id => id
get type, :params => { :id => id }
assert_response :success
assert_template template
assert_template :layout => "map"
xhr :get, type, :id => id
get type, :params => { :id => id }, :xhr => true
assert_response :success
assert_template template
assert_template :layout => "xhr"

1574
test/controllers/changeset_controller_test.rb
View file

File diff suppressed because it is too large Load diff

562
test/controllers/diary_entry_controller_test.rb
View file

@ -1,10 +1,16 @@
require "test_helper"
class DiaryEntryControllerTest < ActionController::TestCase
fixtures :users, :user_roles, :diary_entries, :diary_comments, :languages, :friends
include ActionView::Helpers::NumberHelper
def setup
# Create the default language for diary entries
create(:language, :code => "en")
# Stub nominatim response for diary entry locations
stub_request(:get, %r{^http://nominatim\.openstreetmap\.org/reverse\?})
.to_return(:status => 404)
end
##
# test all routes which lead to this controller
def test_routes
@ -83,17 +89,27 @@ class DiaryEntryControllerTest < ActionController::TestCase
{ :path => "/user/username/diary/1/hidecomment/2", :method => :post },
{ :controller => "diary_entry", :action => "hidecomment", :display_name => "username", :id => "1", :comment => "2" }
)
assert_routing(
{ :path => "/user/username/diary/1/subscribe", :method => :post },
{ :controller => "diary_entry", :action => "subscribe", :display_name => "username", :id => "1" }
)
assert_routing(
{ :path => "/user/username/diary/1/unsubscribe", :method => :post },
{ :controller => "diary_entry", :action => "unsubscribe", :display_name => "username", :id => "1" }
)
end
def test_new
def test_new_no_login
# Make sure that you are redirected to the login page when you
# are not logged in
get :new
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :referer => "/diary/new"
end
def test_new_form
# Now try again when logged in
get :new, {}, { :user => users(:normal_user).id }
get :new, :session => { :user => create(:user) }
assert_response :success
assert_select "title", :text => /New Diary Entry/, :count => 1
assert_select "div.content-heading", :count => 1 do
@ -112,103 +128,138 @@ class DiaryEntryControllerTest < ActionController::TestCase
assert_select "input", :count => 7
end
end
end
new_title = "New Title"
new_body = "This is a new body for the diary entry"
new_latitude = "1.1"
new_longitude = "2.2"
new_language_code = "en"
def test_new_get_with_params
# Now try creating a diary entry using get
assert_difference "DiaryEntry.count", 0 do
get :new,
:params => { :commit => "save",
:diary_entry => { :title => "New Title", :body => "This is a new body for the diary entry", :latitude => "1.1",
:longitude => "2.2", :language_code => "en" } },
:session => { :user => create(:user).id }
end
assert_response :success
assert_template :edit
end
def test_new_no_body
# Now try creating a invalid diary entry with an empty body
user = create(:user)
assert_no_difference "DiaryEntry.count" do
post :new, { :commit => "save",
:diary_entry => { :title => new_title, :body => "", :latitude => new_latitude,
:longitude => new_longitude, :language_code => new_language_code } },
{ :user => users(:normal_user).id }
post :new,
:params => { :commit => "save",
:diary_entry => { :title => "New Title", :body => "", :latitude => "1.1",
:longitude => "2.2", :language_code => "en" } },
:session => { :user => user.id }
end
assert_response :success
assert_template :edit
assert_nil UserPreference.where(:user_id => users(:normal_user).id, :k => "diary.default_language").first
assert_nil UserPreference.where(:user_id => user.id, :k => "diary.default_language").first
end
def test_new_post
# Now try creating a diary entry
user = create(:user)
assert_difference "DiaryEntry.count", 1 do
post :new, { :commit => "save",
:diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude,
:longitude => new_longitude, :language_code => new_language_code } },
{ :user => users(:normal_user).id }
post :new,
:params => { :commit => "save",
:diary_entry => { :title => "New Title", :body => "This is a new body for the diary entry", :latitude => "1.1",
:longitude => "2.2", :language_code => "en" } },
:session => { :user => user.id }
end
assert_response :redirect
assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name
assert_redirected_to :action => :list, :display_name => user.display_name
entry = DiaryEntry.order(:id).last
assert_equal users(:normal_user).id, entry.user_id
assert_equal new_title, entry.title
assert_equal new_body, entry.body
assert_equal new_latitude.to_f, entry.latitude
assert_equal new_longitude.to_f, entry.longitude
assert_equal new_language_code, entry.language_code
assert_equal user.id, entry.user_id
assert_equal "New Title", entry.title
assert_equal "This is a new body for the diary entry", entry.body
assert_equal "1.1".to_f, entry.latitude
assert_equal "2.2".to_f, entry.longitude
assert_equal "en", entry.language_code
assert_equal new_language_code, UserPreference.where(:user_id => users(:normal_user).id, :k => "diary.default_language").first.v
# checks if user was subscribed
assert_equal 1, entry.subscribers.length
new_language_code = "de"
assert_equal "en", UserPreference.where(:user_id => user.id, :k => "diary.default_language").first.v
end
def test_new_german
create(:language, :code => "de")
user = create(:user)
# Now try creating a diary entry in a different language
assert_difference "DiaryEntry.count", 1 do
post :new, { :commit => "save",
:diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude,
:longitude => new_longitude, :language_code => new_language_code } },
{ :user => users(:normal_user).id }
post :new,
:params => { :commit => "save",
:diary_entry => { :title => "New Title", :body => "This is a new body for the diary entry", :latitude => "1.1",
:longitude => "2.2", :language_code => "de" } },
:session => { :user => user.id }
end
assert_response :redirect
assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name
assert_redirected_to :action => :list, :display_name => user.display_name
entry = DiaryEntry.order(:id).last
assert_equal users(:normal_user).id, entry.user_id
assert_equal new_title, entry.title
assert_equal new_body, entry.body
assert_equal new_latitude.to_f, entry.latitude
assert_equal new_longitude.to_f, entry.longitude
assert_equal new_language_code, entry.language_code
assert_equal user.id, entry.user_id
assert_equal "New Title", entry.title
assert_equal "This is a new body for the diary entry", entry.body
assert_equal "1.1".to_f, entry.latitude
assert_equal "2.2".to_f, entry.longitude
assert_equal "de", entry.language_code
assert_equal new_language_code, UserPreference.where(:user_id => users(:normal_user).id, :k => "diary.default_language").first.v
# checks if user was subscribed
assert_equal 1, entry.subscribers.length
assert_equal "de", UserPreference.where(:user_id => user.id, :k => "diary.default_language").first.v
end
def test_new_spammy
user = create(:user)
# Generate some spammy content
spammy_title = "Spam Spam Spam Spam Spam"
spammy_body = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ")
# Try creating a spammy diary entry
assert_difference "DiaryEntry.count", 1 do
post :new, { :commit => "save",
:diary_entry => { :title => spammy_title, :body => spammy_body, :language_code => "en" } },
{ :user => users(:normal_user).id }
post :new,
:params => { :commit => "save",
:diary_entry => { :title => spammy_title, :body => spammy_body, :language_code => "en" } },
:session => { :user => user.id }
end
assert_response :redirect
assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name
assert_redirected_to :action => :list, :display_name => user.display_name
entry = DiaryEntry.order(:id).last
assert_equal users(:normal_user).id, entry.user_id
assert_equal user.id, entry.user_id
assert_equal spammy_title, entry.title
assert_equal spammy_body, entry.body
assert_equal "en", entry.language_code
assert_equal "suspended", User.find(users(:normal_user).id).status
assert_equal "suspended", User.find(user.id).status
# Follow the redirect
get :list, { :display_name => users(:normal_user).display_name }, { :user => users(:normal_user).id }
get :list,
:params => { :display_name => user.display_name },
:session => { :user => user }
assert_response :redirect
assert_redirected_to :controller => :user, :action => :suspended
end
def test_edit
entry = diary_entries(:normal_user_entry_1)
user = create(:user)
other_user = create(:user)
entry = create(:diary_entry, :user => user)
# Make sure that you are redirected to the login page when you are
# not logged in, without and with the id of the entry you want to edit
get :edit, :display_name => entry.user.display_name, :id => entry.id
get :edit,
:params => { :display_name => entry.user.display_name, :id => entry.id }
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :referer => "/user/#{entry.user.display_name}/diary/#{entry.id}/edit"
assert_redirected_to :controller => :user, :action => :login, :referer => "/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}/edit"
# Verify that you get a not found error, when you pass a bogus id
get :edit, { :display_name => entry.user.display_name, :id => 9999 }, { :user => entry.user.id }
get :edit,
:params => { :display_name => entry.user.display_name, :id => 9999 },
:session => { :user => entry.user }
assert_response :not_found
assert_select "div.content-heading", :count => 1 do
assert_select "h2", :text => "No entry with the id: 9999", :count => 1
@ -216,20 +267,24 @@ class DiaryEntryControllerTest < ActionController::TestCase
# Verify that you get redirected to view if you are not the user
# that created the entry
get :edit, { :display_name => entry.user.display_name, :id => entry.id }, { :user => users(:public_user).id }
get :edit,
:params => { :display_name => entry.user.display_name, :id => entry.id },
:session => { :user => other_user }
assert_response :redirect
assert_redirected_to :action => :view, :display_name => entry.user.display_name, :id => entry.id
# Now pass the id, and check that you can edit it, when using the same
# user as the person who created the entry
get :edit, { :display_name => entry.user.display_name, :id => entry.id }, { :user => entry.user.id }
get :edit,
:params => { :display_name => entry.user.display_name, :id => entry.id },
:session => { :user => entry.user }
assert_response :success
assert_select "title", :text => /Edit diary entry/, :count => 1
assert_select "div.content-heading", :count => 1 do
assert_select "h1", :text => /Edit diary entry/, :count => 1
end
assert_select "div#content", :count => 1 do
assert_select "form[action='/user/#{entry.user.display_name}/diary/#{entry.id}/edit'][method=post]", :count => 1 do
assert_select "form[action='/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}/edit'][method=post]", :count => 1 do
assert_select "input#diary_entry_title[name='diary_entry[title]'][value='#{entry.title}']", :count => 1
assert_select "textarea#diary_entry_body[name='diary_entry[body]']", :text => entry.body, :count => 1
assert_select "select#diary_entry_language_code", :count => 1
@ -248,15 +303,18 @@ class DiaryEntryControllerTest < ActionController::TestCase
new_latitude = "1.1"
new_longitude = "2.2"
new_language_code = "en"
post :edit, { :display_name => entry.user.display_name, :id => entry.id, :commit => "save",
:diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude,
:longitude => new_longitude, :language_code => new_language_code } },
{ :user => entry.user.id }
post :edit,
:params => { :display_name => entry.user.display_name, :id => entry.id, :commit => "save",
:diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude,
:longitude => new_longitude, :language_code => new_language_code } },
:session => { :user => entry.user.id }
assert_response :redirect
assert_redirected_to :action => :view, :display_name => entry.user.display_name, :id => entry.id
# Now check that the new data is rendered, when logged in
get :view, { :display_name => entry.user.display_name, :id => entry.id }, { :user => entry.user.id }
get :view,
:params => { :display_name => entry.user.display_name, :id => entry.id },
:session => { :user => entry.user }
assert_response :success
assert_template "diary_entry/view"
assert_select "title", :text => /Users' diaries | /, :count => 1
@ -271,16 +329,18 @@ class DiaryEntryControllerTest < ActionController::TestCase
assert_select "abbr[class='geo'][title='#{number_with_precision(new_latitude, :precision => 4)}; #{number_with_precision(new_longitude, :precision => 4)}']", :count => 1
# As we're not logged in, check that you cannot edit
# print @response.body
assert_select "a[href='/user/#{entry.user.display_name}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
assert_select "a[href='/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
end
# and when not logged in as the user who wrote the entry
get :view, { :display_name => entry.user.display_name, :id => entry.id }, { :user => entry.user.id }
get :view,
:params => { :display_name => entry.user.display_name, :id => entry.id },
:session => { :user => entry.user }
assert_response :success
assert_template "diary_entry/view"
assert_select "title", :text => /Users' diaries | /, :count => 1
assert_select "div.content-heading", :count => 1 do
assert_select "h2", :text => /#{users(:normal_user).display_name}'s diary/, :count => 1
assert_select "h2", :text => /#{entry.user.display_name}'s diary/, :count => 1
end
assert_select "div#content", :count => 1 do
assert_select "div.post_heading", :text => /#{new_title}/, :count => 1
@ -290,73 +350,101 @@ class DiaryEntryControllerTest < ActionController::TestCase
assert_select "abbr[class=geo][title='#{number_with_precision(new_latitude, :precision => 4)}; #{number_with_precision(new_longitude, :precision => 4)}']", :count => 1
# As we're not logged in, check that you cannot edit
assert_select "li[class='hidden show_if_user_#{entry.user.id}']", :count => 1 do
assert_select "a[href='/user/#{entry.user.display_name}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
assert_select "a[href='/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
end
end
end
def test_edit_i18n
get :edit, { :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id }, { :user => users(:normal_user).id }
user = create(:user)
diary_entry = create(:diary_entry, :language_code => "en", :user => user)
get :edit,
:params => { :display_name => user.display_name, :id => diary_entry.id },
:session => { :user => user }
assert_response :success
assert_select "span[class=translation_missing]", false, "Missing translation in edit diary entry"
end
def test_comment
entry = diary_entries(:normal_user_entry_1)
user = create(:user)
other_user = create(:user)
entry = create(:diary_entry, :user => user)
# Make sure that you are denied when you are not logged in
post :comment, :display_name => entry.user.display_name, :id => entry.id
post :comment,
:params => { :display_name => entry.user.display_name, :id => entry.id }
assert_response :forbidden
# Verify that you get a not found error, when you pass a bogus id
post :comment, { :display_name => entry.user.display_name, :id => 9999 }, { :user => users(:public_user).id }
post :comment,
:params => { :display_name => entry.user.display_name, :id => 9999 },
:session => { :user => other_user }
assert_response :not_found
assert_select "div.content-heading", :count => 1 do
assert_select "h2", :text => "No entry with the id: 9999", :count => 1
end
post :subscribe,
:params => { :id => entry.id, :display_name => entry.user.display_name },
:session => { :user => user }
# Now try an invalid comment with an empty body
assert_no_difference "ActionMailer::Base.deliveries.size" do
assert_no_difference "DiaryComment.count" do
post :comment, { :display_name => entry.user.display_name, :id => entry.id, :diary_comment => { :body => "" } }, { :user => users(:public_user).id }
assert_no_difference "entry.subscribers.count" do
post :comment,
:params => { :display_name => entry.user.display_name, :id => entry.id, :diary_comment => { :body => "" } },
:session => { :user => other_user }
end
end
end
assert_response :success
assert_template :view
# Now try again with the right id
assert_difference "ActionMailer::Base.deliveries.size", 1 do
assert_difference "ActionMailer::Base.deliveries.size", entry.subscribers.count do
assert_difference "DiaryComment.count", 1 do
post :comment, { :display_name => entry.user.display_name, :id => entry.id, :diary_comment => { :body => "New comment" } }, { :user => users(:public_user).id }
assert_difference "entry.subscribers.count", 1 do
post :comment,
:params => { :display_name => entry.user.display_name, :id => entry.id, :diary_comment => { :body => "New comment" } },
:session => { :user => other_user }
end
end
end
assert_response :redirect
assert_redirected_to :action => :view, :display_name => entry.user.display_name, :id => entry.id
email = ActionMailer::Base.deliveries.first
assert_equal [users(:normal_user).email], email.to
assert_equal "[OpenStreetMap] #{users(:public_user).display_name} commented on your diary entry", email.subject
assert_equal [user.email], email.to
assert_equal "[OpenStreetMap] #{other_user.display_name} commented on a diary entry", email.subject
assert_match /New comment/, email.text_part.decoded
assert_match /New comment/, email.html_part.decoded
ActionMailer::Base.deliveries.clear
comment = DiaryComment.order(:id).last
assert_equal entry.id, comment.diary_entry_id
assert_equal users(:public_user).id, comment.user_id
assert_equal other_user.id, comment.user_id
assert_equal "New comment", comment.body
# Now view the diary entry, and check the new comment is present
get :view, :display_name => entry.user.display_name, :id => entry.id
get :view,
:params => { :display_name => entry.user.display_name, :id => entry.id }
assert_response :success
assert_select ".diary-comment", :count => 1 do
assert_select "#comment#{comment.id}", :count => 1 do
assert_select "a[href='/user/#{users(:public_user).display_name}']", :text => users(:public_user).display_name, :count => 1
assert_select "a[href='/user/#{URI.encode(other_user.display_name)}']", :text => other_user.display_name, :count => 1
end
assert_select ".richtext", :text => /New comment/, :count => 1
end
end
def test_comment_spammy
user = create(:user)
other_user = create(:user)
# Find the entry to comment on
entry = diary_entries(:normal_user_entry_1)
entry = create(:diary_entry, :user => user)
post :subscribe,
:params => { :id => entry.id, :display_name => entry.user.display_name },
:session => { :user => user }
# Generate some spammy content
spammy_text = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ")
@ -364,93 +452,146 @@ class DiaryEntryControllerTest < ActionController::TestCase
# Try creating a spammy comment
assert_difference "ActionMailer::Base.deliveries.size", 1 do
assert_difference "DiaryComment.count", 1 do
post :comment, { :display_name => entry.user.display_name, :id => entry.id, :diary_comment => { :body => spammy_text } }, { :user => users(:public_user).id }
post :comment,
:params => { :display_name => entry.user.display_name, :id => entry.id, :diary_comment => { :body => spammy_text } },
:session => { :user => other_user }
end
end
assert_response :redirect
assert_redirected_to :action => :view, :display_name => entry.user.display_name, :id => entry.id
email = ActionMailer::Base.deliveries.first
assert_equal [users(:normal_user).email], email.to
assert_equal "[OpenStreetMap] #{users(:public_user).display_name} commented on your diary entry", email.subject
assert_equal [user.email], email.to
assert_equal "[OpenStreetMap] #{other_user.display_name} commented on a diary entry", email.subject
assert_match %r{http://example.com/spam}, email.text_part.decoded
assert_match %r{http://example.com/spam}, email.html_part.decoded
ActionMailer::Base.deliveries.clear
comment = DiaryComment.order(:id).last
assert_equal entry.id, comment.diary_entry_id
assert_equal users(:public_user).id, comment.user_id
assert_equal other_user.id, comment.user_id
assert_equal spammy_text, comment.body
assert_equal "suspended", User.find(users(:public_user).id).status
assert_equal "suspended", User.find(other_user.id).status
# Follow the redirect
get :list, { :display_name => users(:normal_user).display_name }, { :user => users(:public_user).id }
get :list,
:params => { :display_name => user.display_name },
:session => { :user => other_user }
assert_response :redirect
assert_redirected_to :controller => :user, :action => :suspended
# Now view the diary entry, and check the new comment is not present
get :view, :display_name => entry.user.display_name, :id => entry.id
get :view,
:params => { :display_name => entry.user.display_name, :id => entry.id }
assert_response :success
assert_select ".diary-comment", :count => 0
end
def test_list_all
diary_entry = create(:diary_entry)
geo_entry = create(:diary_entry, :latitude => 51.50763, :longitude => -0.10781)
public_entry = create(:diary_entry, :user => create(:user))
# Try a list of all diary entries
get :list
check_diary_list :normal_user_entry_1, :normal_user_geo_entry, :public_user_entry_1
check_diary_list diary_entry, geo_entry, public_entry
end
def test_list_user
user = create(:user)
other_user = create(:user)
diary_entry = create(:diary_entry, :user => user)
geo_entry = create(:diary_entry, :user => user, :latitude => 51.50763, :longitude => -0.10781)
_other_entry = create(:diary_entry, :user => other_user)
# Try a list of diary entries for a valid user
get :list, :display_name => users(:normal_user).display_name
check_diary_list :normal_user_entry_1, :normal_user_geo_entry
get :list, :params => { :display_name => user.display_name }
check_diary_list diary_entry, geo_entry
# Try a list of diary entries for an invalid user
get :list, :display_name => "No Such User"
get :list, :params => { :display_name => "No Such User" }
assert_response :not_found
assert_template "user/no_such_user"
end
def test_list_friends
user = create(:user)
other_user = create(:user)
friend = create(:friend, :befriender => user)
diary_entry = create(:diary_entry, :user => friend.befriendee)
_other_entry = create(:diary_entry, :user => other_user)
# Try a list of diary entries for your friends when not logged in
get :list, :friends => true
get :list, :params => { :friends => true }
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :referer => "/diary/friends"
# Try a list of diary entries for your friends when logged in
get :list, { :friends => true }, { :user => users(:normal_user).id }
check_diary_list :public_user_entry_1
get :list, { :friends => true }, { :user => users(:public_user).id }
get :list, :params => { :friends => true }, :session => { :user => user }
check_diary_list diary_entry
get :list, :params => { :friends => true }, :session => { :user => other_user }
check_diary_list
end
def test_list_nearby
user = create(:user, :home_lat => 12, :home_lon => 12)
nearby_user = create(:user, :home_lat => 11.9, :home_lon => 12.1)
diary_entry = create(:diary_entry, :user => user)
# Try a list of diary entries for nearby users when not logged in
get :list, :nearby => true
get :list, :params => { :nearby => true }
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :referer => "/diary/nearby"
# Try a list of diary entries for nearby users when logged in
get :list, { :nearby => true }, { :user => users(:german_user).id }
check_diary_list :public_user_entry_1
get :list, { :nearby => true }, { :user => users(:public_user).id }
get :list, :params => { :nearby => true }, :session => { :user => nearby_user }
check_diary_list diary_entry
get :list, :params => { :nearby => true }, :session => { :user => user }
check_diary_list
end
def test_list_language
create(:language, :code => "de")
create(:language, :code => "sl")
diary_entry_en = create(:diary_entry, :language_code => "en")
diary_entry_en2 = create(:diary_entry, :language_code => "en")
diary_entry_de = create(:diary_entry, :language_code => "de")
# Try a list of diary entries in english
get :list, :language => "en"
check_diary_list :normal_user_entry_1, :public_user_entry_1
get :list, :params => { :language => "en" }
check_diary_list diary_entry_en, diary_entry_en2
# Try a list of diary entries in german
get :list, :language => "de"
check_diary_list :normal_user_geo_entry
get :list, :params => { :language => "de" }
check_diary_list diary_entry_de
# Try a list of diary entries in slovenian
get :list, :language => "sl"
get :list, :params => { :language => "sl" }
check_diary_list
end
def test_list_paged
# Create several pages worth of diary entries
create_list(:diary_entry, 50)
# Try and get the list
get :list
assert_response :success
assert_select "div.diary_post", :count => 20
# Try and get the second page
get :list, :params => { :page => 2 }
assert_response :success
assert_select "div.diary_post", :count => 20
end
def test_rss
get :rss, :format => :rss
create(:language, :code => "de")
create(:diary_entry, :language_code => "en")
create(:diary_entry, :language_code => "en")
create(:diary_entry, :language_code => "de")
get :rss, :params => { :format => :rss }
assert_response :success, "Should be able to get a diary RSS"
assert_select "rss", :count => 1 do
assert_select "channel", :count => 1 do
@ -462,115 +603,172 @@ class DiaryEntryControllerTest < ActionController::TestCase
end
def test_rss_language
get :rss, :language => diary_entries(:normal_user_entry_1).language_code, :format => :rss
create(:language, :code => "de")
create(:diary_entry, :language_code => "en")
create(:diary_entry, :language_code => "en")
create(:diary_entry, :language_code => "de")
get :rss, :params => { :language => "en", :format => :rss }
assert_response :success, "Should be able to get a specific language diary RSS"
assert_select "rss>channel>item", :count => 2 # , "Diary entries should be filtered by language"
end
# def test_rss_nonexisting_language
# get :rss, {:language => 'xx', :format => :rss}
# get :rss, :params => { :language => 'xx', :format => :rss }
# assert_response :not_found, "Should not be able to get a nonexisting language diary RSS"
# end
def test_rss_language_with_no_entries
get :rss, :language => "sl", :format => :rss
create(:language, :code => "sl")
create(:diary_entry, :language_code => "en")
get :rss, :params => { :language => "sl", :format => :rss }
assert_response :success, "Should be able to get a specific language diary RSS"
assert_select "rss>channel>item", :count => 0 # , "Diary entries should be filtered by language"
end
def test_rss_user
get :rss, :display_name => users(:normal_user).display_name, :format => :rss
user = create(:user)
other_user = create(:user)
create(:diary_entry, :user => user)
create(:diary_entry, :user => user)
create(:diary_entry, :user => other_user)
get :rss, :params => { :display_name => user.display_name, :format => :rss }
assert_response :success, "Should be able to get a specific users diary RSS"
assert_select "rss>channel>item", :count => 2 # , "Diary entries should be filtered by user"
end
def test_rss_nonexisting_user
# Try a user that has never existed
get :rss, :display_name => "fakeUsername76543", :format => :rss
get :rss, :params => { :display_name => "fakeUsername76543", :format => :rss }
assert_response :not_found, "Should not be able to get a nonexisting users diary RSS"
# Try a suspended user
get :rss, :display_name => users(:suspended_user).display_name, :format => :rss
get :rss, :params => { :display_name => create(:user, :suspended).display_name, :format => :rss }
assert_response :not_found, "Should not be able to get a suspended users diary RSS"
# Try a deleted user
get :rss, :display_name => users(:deleted_user).display_name, :format => :rss
get :rss, :params => { :display_name => create(:user, :deleted).display_name, :format => :rss }
assert_response :not_found, "Should not be able to get a deleted users diary RSS"
end
def test_rss_character_escaping
create(:diary_entry, :title => "<script>")
get :rss, :params => { :format => :rss }
assert_match "<title>&lt;script&gt;</title>", response.body
end
def test_view
user = create(:user)
suspended_user = create(:user, :suspended)
deleted_user = create(:user, :deleted)
# Try a normal entry that should work
get :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id
diary_entry = create(:diary_entry, :user => user)
get :view, :params => { :display_name => user.display_name, :id => diary_entry.id }
assert_response :success
assert_template :view
# Try a deleted entry
get :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:deleted_entry).id
diary_entry_deleted = create(:diary_entry, :user => user, :visible => false)
get :view, :params => { :display_name => user.display_name, :id => diary_entry_deleted.id }
assert_response :not_found
# Try an entry by a suspended user
get :view, :display_name => users(:suspended_user).display_name, :id => diary_entries(:entry_by_suspended_user).id
diary_entry_suspended = create(:diary_entry, :user => suspended_user)
get :view, :params => { :display_name => suspended_user.display_name, :id => diary_entry_suspended.id }
assert_response :not_found
# Try an entry by a deleted user
get :view, :display_name => users(:deleted_user).display_name, :id => diary_entries(:entry_by_deleted_user).id
diary_entry_deleted = create(:diary_entry, :user => deleted_user)
get :view, :params => { :display_name => deleted_user.display_name, :id => diary_entry_deleted.id }
assert_response :not_found
end
def test_view_hidden_comments
# Get a diary entry that has hidden comments
get :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_geo_entry).id
user = create(:user)
diary_entry = create(:diary_entry, :user => user)
visible_comment = create(:diary_comment, :diary_entry => diary_entry)
suspended_user_comment = create(:diary_comment, :diary_entry => diary_entry, :user => create(:user, :suspended))
deleted_user_comment = create(:diary_comment, :diary_entry => diary_entry, :user => create(:user, :deleted))
hidden_comment = create(:diary_comment, :diary_entry => diary_entry, :visible => false)
get :view, :params => { :display_name => user.display_name, :id => diary_entry.id }
assert_response :success
assert_template :view
assert_select "div.comments" do
assert_select "p#comment1", :count => 1 # visible comment
assert_select "p#comment2", :count => 0 # comment by suspended user
assert_select "p#comment3", :count => 0 # comment by deleted user
assert_select "p#comment4", :count => 0 # hidden comment
assert_select "p#comment#{visible_comment.id}", :count => 1
assert_select "p#comment#{suspended_user_comment.id}", :count => 0
assert_select "p#comment#{deleted_user_comment.id}", :count => 0
assert_select "p#comment#{hidden_comment.id}", :count => 0
end
end
def test_hide
user = create(:user)
# Try without logging in
post :hide, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id
diary_entry = create(:diary_entry, :user => user)
post :hide,
:params => { :display_name => user.display_name, :id => diary_entry.id }
assert_response :forbidden
assert_equal true, DiaryEntry.find(diary_entries(:normal_user_entry_1).id).visible
assert_equal true, DiaryEntry.find(diary_entry.id).visible
# Now try as a normal user
post :hide, { :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id }, { :user => users(:normal_user).id }
post :hide,
:params => { :display_name => user.display_name, :id => diary_entry.id },
:session => { :user => user }
assert_response :redirect
assert_redirected_to :action => :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id
assert_equal true, DiaryEntry.find(diary_entries(:normal_user_entry_1).id).visible
assert_redirected_to :action => :view, :display_name => user.display_name, :id => diary_entry.id
assert_equal true, DiaryEntry.find(diary_entry.id).visible
# Finally try as an administrator
post :hide, { :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id }, { :user => users(:administrator_user).id }
post :hide,
:params => { :display_name => user.display_name, :id => diary_entry.id },
:session => { :user => create(:administrator_user) }
assert_response :redirect
assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name
assert_equal false, DiaryEntry.find(diary_entries(:normal_user_entry_1).id).visible
assert_redirected_to :action => :list, :display_name => user.display_name
assert_equal false, DiaryEntry.find(diary_entry.id).visible
end
def test_hidecomment
user = create(:user)
administrator_user = create(:administrator_user)
diary_entry = create(:diary_entry, :user => user)
diary_comment = create(:diary_comment, :diary_entry => diary_entry)
# Try without logging in
post :hidecomment, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_geo_entry).id, :comment => diary_comments(:comment_for_geo_post).id
post :hidecomment,
:params => { :display_name => user.display_name, :id => diary_entry.id, :comment => diary_comment.id }
assert_response :forbidden
assert_equal true, DiaryComment.find(diary_comments(:comment_for_geo_post).id).visible
assert_equal true, DiaryComment.find(diary_comment.id).visible
# Now try as a normal user
post :hidecomment, { :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_geo_entry).id, :comment => diary_comments(:comment_for_geo_post).id }, { :user => users(:normal_user).id }
post :hidecomment,
:params => { :display_name => user.display_name, :id => diary_entry.id, :comment => diary_comment.id },
:session => { :user => user }
assert_response :redirect
assert_redirected_to :action => :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_geo_entry).id
assert_equal true, DiaryComment.find(diary_comments(:comment_for_geo_post).id).visible
assert_redirected_to :action => :view, :display_name => user.display_name, :id => diary_entry.id
assert_equal true, DiaryComment.find(diary_comment.id).visible
# Finally try as an administrator
post :hidecomment, { :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_geo_entry).id, :comment => diary_comments(:comment_for_geo_post).id }, { :user => users(:administrator_user).id }
post :hidecomment,
:params => { :display_name => user.display_name, :id => diary_entry.id, :comment => diary_comment.id },
:session => { :user => administrator_user }
assert_response :redirect
assert_redirected_to :action => :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_geo_entry).id
assert_equal false, DiaryComment.find(diary_comments(:comment_for_geo_post).id).visible
assert_redirected_to :action => :view, :display_name => user.display_name, :id => diary_entry.id
assert_equal false, DiaryComment.find(diary_comment.id).visible
end
def test_comments
user = create(:user)
other_user = create(:user)
suspended_user = create(:user, :suspended)
deleted_user = create(:user, :deleted)
# Test a user with no comments
get :comments, :display_name => users(:normal_user).display_name
get :comments, :params => { :display_name => user.display_name }
assert_response :success
assert_template :comments
assert_select "table.messages" do
@ -578,7 +776,9 @@ class DiaryEntryControllerTest < ActionController::TestCase
end
# Test a user with a comment
get :comments, :display_name => users(:public_user).display_name
create(:diary_comment, :user => other_user)
get :comments, :params => { :display_name => other_user.display_name }
assert_response :success
assert_template :comments
assert_select "table.messages" do
@ -586,14 +786,101 @@ class DiaryEntryControllerTest < ActionController::TestCase
end
# Test a suspended user
get :comments, :display_name => users(:suspended_user).display_name
get :comments, :params => { :display_name => suspended_user.display_name }
assert_response :not_found
# Test a deleted user
get :comments, :display_name => users(:deleted_user).display_name
get :comments, :params => { :display_name => deleted_user.display_name }
assert_response :not_found
end
def test_subscribe_success
user = create(:user)
other_user = create(:user)
diary_entry = create(:diary_entry, :user => user)
assert_difference "diary_entry.subscribers.count", 1 do
post :subscribe,
:params => { :id => diary_entry.id, :display_name => diary_entry.user.display_name },
:session => { :user => other_user }
end
assert_response :redirect
end
def test_subscribe_fail
user = create(:user)
other_user = create(:user)
diary_entry = create(:diary_entry, :user => user)
# not signed in
assert_no_difference "diary_entry.subscribers.count" do
post :subscribe,
:params => { :id => diary_entry.id, :display_name => diary_entry.user.display_name }
end
assert_response :forbidden
# bad diary id
post :subscribe,
:params => { :id => 999111, :display_name => "username" },
:session => { :user => other_user }
assert_response :not_found
# trying to subscribe when already subscribed
post :subscribe,
:params => { :id => diary_entry.id, :display_name => diary_entry.user.display_name },
:session => { :user => other_user }
assert_no_difference "diary_entry.subscribers.count" do
post :subscribe,
:params => { :id => diary_entry.id, :display_name => diary_entry.user.display_name },
:session => { :user => other_user }
end
end
def test_unsubscribe_success
user = create(:user)
other_user = create(:user)
diary_entry = create(:diary_entry, :user => user)
post :subscribe,
:params => { :id => diary_entry.id, :display_name => diary_entry.user.display_name },
:session => { :user => other_user }
assert_difference "diary_entry.subscribers.count", -1 do
post :unsubscribe,
:params => { :id => diary_entry.id, :display_name => diary_entry.user.display_name },
:session => { :user => other_user }
end
assert_response :redirect
end
def test_unsubscribe_fail
user = create(:user)
other_user = create(:user)
diary_entry = create(:diary_entry, :user => user)
# not signed in
assert_no_difference "diary_entry.subscribers.count" do
post :unsubscribe,
:params => { :id => diary_entry.id, :display_name => diary_entry.user.display_name }
end
assert_response :forbidden
# bad diary id
post :unsubscribe,
:params => { :id => 999111, :display_name => "username" },
:session => { :user => other_user }
assert_response :not_found
# trying to unsubscribe when not subscribed
assert_no_difference "diary_entry.subscribers.count" do
post :unsubscribe,
:params => { :id => diary_entry.id, :display_name => diary_entry.user.display_name },
:session => { :user => other_user }
end
end
private
def check_diary_list(*entries)
@ -603,8 +890,7 @@ class DiaryEntryControllerTest < ActionController::TestCase
assert_select "div.diary_post", entries.count
entries.each do |entry|
entry = diary_entries(entry)
assert_select "a[href=?]", "/user/#{entry.user.display_name}/diary/#{entry.id}"
assert_select "a[href=?]", "/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}"
end
end
end

6
test/controllers/export_controller_test.rb
View file

@ -17,15 +17,15 @@ class ExportControllerTest < ActionController::TestCase
###
# test the finish action for raw OSM data
def test_finish_osm
get :finish, :minlon => 0, :minlat => 50, :maxlon => 1, :maxlat => 51, :format => "osm"
get :finish, :params => { :minlon => 0, :minlat => 50, :maxlon => 1, :maxlat => 51, :format => "osm" }
assert_response :redirect
assert_redirected_to "http://api.openstreetmap.org/api/#{API_VERSION}/map?bbox=0.0,50.0,1.0,51.0"
assert_redirected_to "controller" => "api", "action" => "map", "bbox" => "0.0,50.0,1.0,51.0"
end
###
# test the finish action for mapnik images
def test_finish_mapnik
get :finish, :minlon => 0, :minlat => 50, :maxlon => 1, :maxlat => 51, :format => "mapnik", :mapnik_format => "test", :mapnik_scale => "12"
get :finish, :params => { :minlon => 0, :minlat => 50, :maxlon => 1, :maxlat => 51, :format => "mapnik", :mapnik_format => "test", :mapnik_scale => "12" }
assert_response :redirect
assert_redirected_to "http://render.openstreetmap.org/cgi-bin/export?bbox=0.0,50.0,1.0,51.0&scale=12&format=test"
end

133
test/controllers/geocoder_controller_test.rb
View file

@ -51,7 +51,7 @@ class GeocoderControllerTest < ActionController::TestCase
get :search
assert_response :bad_request
xhr :get, :search
get :search, :xhr => true
assert_response :bad_request
end
@ -251,9 +251,9 @@ class GeocoderControllerTest < ActionController::TestCase
"12345",
"12345-6789"
].each do |code|
post :search, :query => code
post :search, :params => { :query => code }
assert_response :success
assert_equal %w(us_postcode osm_nominatim), assigns(:sources)
assert_equal %w[us_postcode osm_nominatim], assigns(:sources)
end
end
@ -269,38 +269,38 @@ class GeocoderControllerTest < ActionController::TestCase
"CR2 6XH",
"DN55 1PT"
].each do |code|
search_check code, %w(uk_postcode osm_nominatim)
search_check code, %w[uk_postcode osm_nominatim]
end
end
##
# Test identification of Canadian postcodes
def test_identify_ca_postcode
search_check "A1B 2C3", %w(ca_postcode osm_nominatim)
search_check "A1B 2C3", %w[ca_postcode osm_nominatim]
end
##
# Test identification fall through to the default case
def test_identify_default
search_check "foo bar baz", %w(osm_nominatim geonames)
search_check "foo bar baz", %w[osm_nominatim geonames]
end
##
# Test the builtin latitude+longitude search
def test_search_latlon
xhr :get, :search_latlon, :lat => 1.23, :lon => 4.56, :zoom => 16
get :search_latlon, :params => { :lat => 1.23, :lon => 4.56, :zoom => 16 }, :xhr => true
results_check :name => "1.23, 4.56", :lat => 1.23, :lon => 4.56, :zoom => 16
xhr :get, :search_latlon, :lat => -91.23, :lon => 4.56, :zoom => 16
get :search_latlon, :params => { :lat => -91.23, :lon => 4.56, :zoom => 16 }, :xhr => true
results_check_error "Latitude -91.23 out of range"
xhr :get, :search_latlon, :lat => 91.23, :lon => 4.56, :zoom => 16
get :search_latlon, :params => { :lat => 91.23, :lon => 4.56, :zoom => 16 }, :xhr => true
results_check_error "Latitude 91.23 out of range"
xhr :get, :search_latlon, :lat => 1.23, :lon => -180.23, :zoom => 16
get :search_latlon, :params => { :lat => 1.23, :lon => -180.23, :zoom => 16 }, :xhr => true
results_check_error "Longitude -180.23 out of range"
xhr :get, :search_latlon, :lat => 1.23, :lon => 180.23, :zoom => 16
get :search_latlon, :params => { :lat => 1.23, :lon => 180.23, :zoom => 16 }, :xhr => true
results_check_error "Longitude 180.23 out of range"
end
@ -308,17 +308,17 @@ class GeocoderControllerTest < ActionController::TestCase
# Test the US postcode search
def test_search_us_postcode
with_http_stubs "geocoder_us" do
xhr :get, :search_us_postcode,
:query => "90210", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_us_postcode, :xhr => true,
:params => { :query => "90210", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check :prefix => "Beverly Hills, CA,", :name => "90210",
:lat => 34.088808, :lon => -118.40612
xhr :get, :search_us_postcode,
:query => "00000", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_us_postcode, :xhr => true,
:params => { :query => "00000", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check
end
end
@ -327,16 +327,16 @@ class GeocoderControllerTest < ActionController::TestCase
# Test the UK postcode search
def test_search_uk_postcode
with_http_stubs "npemap" do
xhr :get, :search_uk_postcode,
:query => "CV4 7AL", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_uk_postcode, :xhr => true,
:params => { :query => "CV4 7AL", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check :name => "CV4 7AL", :lat => 52.381748701968, :lon => -1.56176420939232
xhr :get, :search_uk_postcode,
:query => "XX9 9XX", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_uk_postcode, :xhr => true,
:params => { :query => "XX9 9XX", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check
end
end
@ -345,22 +345,22 @@ class GeocoderControllerTest < ActionController::TestCase
# Test the Canadian postcode search
def test_search_ca_postcode
with_http_stubs "geocoder_ca" do
xhr :get, :search_ca_postcode,
:query => "A1B 2C3", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_ca_postcode, :xhr => true,
:params => { :query => "A1B 2C3", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check :name => "A1B 2C3", :lat => "47.172520", :lon => "-55.440515"
xhr :get, :search_ca_postcode,
:query => "k1a 0b1", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_ca_postcode, :xhr => true,
:params => { :query => "k1a 0b1", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check :name => "K1A 0B1", :lat => "45.375437", :lon => "-75.691041"
xhr :get, :search_ca_postcode,
:query => "Q0Q 0Q0", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_ca_postcode, :xhr => true,
:params => { :query => "Q0Q 0Q0", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check
end
end
@ -369,25 +369,25 @@ class GeocoderControllerTest < ActionController::TestCase
# Test the nominatim forward search
def test_search_osm_nominatim
with_http_stubs "nominatim" do
xhr :get, :search_osm_nominatim,
:query => "Hoddesdon", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_osm_nominatim, :xhr => true,
:params => { :query => "Hoddesdon", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check "name" => "Hoddesdon, Hertfordshire, East of England, England, United Kingdom",
"min-lat" => 51.7216709, "max-lat" => 51.8016709,
"min-lon" => -0.0512898, "max-lon" => 0.0287102,
"type" => "node", "id" => 18007599
xhr :get, :search_osm_nominatim,
:query => "Broxbourne", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_osm_nominatim, :xhr => true,
:params => { :query => "Broxbourne", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check({ "prefix" => "Suburb",
"name" => "Broxbourne, Hertfordshire, East of England, England, United Kingdom",
"min-lat" => 51.7265723, "max-lat" => 51.7665723,
"min-lon" => -0.0390782, "max-lon" => 0.0009218,
"type" => "node", "id" => 28825933 },
{ "prefix" => "City Boundary",
{ "prefix" => "Village",
"name" => "Broxbourne, Hertfordshire, East of England, England, United Kingdom",
"min-lat" => 51.6808751, "max-lat" => 51.7806237,
"min-lon" => -0.114204, "max-lon" => 0.0145267,
@ -404,16 +404,16 @@ class GeocoderControllerTest < ActionController::TestCase
# Test the geonames forward search
def test_search_geonames
with_http_stubs "geonames" do
xhr :get, :search_geonames,
:query => "Hoddesdon", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_geonames, :xhr => true,
:params => { :query => "Hoddesdon", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check :name => "Hoddesdon", :lat => 51.76148, :lon => -0.01144
xhr :get, :search_geonames,
:query => "Broxbourne", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766
get :search_geonames, :xhr => true,
:params => { :query => "Broxbourne", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check({ :name => "Broxbourne", :lat => 51.74712, :lon => -0.01923 },
{ :name => "Broxbourne District", :lat => 51.73026, :lon => -0.04821 },
{ :name => "Cheshunt", :lat => 51.70791, :lon => -0.03739 },
@ -438,12 +438,14 @@ class GeocoderControllerTest < ActionController::TestCase
# Test the nominatim reverse search
def test_search_osm_nominatim_reverse
with_http_stubs "nominatim" do
xhr :get, :search_osm_nominatim_reverse, :lat => 51.7632, :lon => -0.0076, :zoom => 15
get :search_osm_nominatim_reverse, :xhr => true,
:params => { :lat => 51.7632, :lon => -0.0076, :zoom => 15 }
results_check :name => "Broxbourne, Hertfordshire, East of England, England, United Kingdom",
:lat => 51.7465723, :lon => -0.0190782,
:type => "node", :id => 28825933, :zoom => 15
xhr :get, :search_osm_nominatim_reverse, :lat => 51.7632, :lon => -0.0076, :zoom => 17
get :search_osm_nominatim_reverse, :xhr => true,
:params => { :lat => 51.7632, :lon => -0.0076, :zoom => 17 }
results_check :name => "Dinant Link Road, Broxbourne, Hertfordshire, East of England, England, EN11 8HX, United Kingdom",
:lat => 51.7634883, :lon => -0.0088373,
:type => "way", :id => 3489841, :zoom => 17
@ -454,7 +456,8 @@ class GeocoderControllerTest < ActionController::TestCase
# Test the geonames reverse search
def test_search_geonames_reverse
with_http_stubs "geonames" do
xhr :get, :search_geonames_reverse, :lat => 51.7632, :lon => -0.0076, :zoom => 15
get :search_geonames_reverse, :xhr => true,
:params => { :lat => 51.7632, :lon => -0.0076, :zoom => 15 }
results_check :name => "England", :suffix => ", United Kingdom",
:lat => 51.7632, :lon => -0.0076
end
@ -463,33 +466,33 @@ class GeocoderControllerTest < ActionController::TestCase
private
def latlon_check(query, lat, lon)
get :search, :query => query
get :search, :params => { :query => query }
assert_response :success
assert_template :search
assert_template :layout => "map"
assert_equal %w(latlon osm_nominatim_reverse geonames_reverse), assigns(:sources)
assert_equal %w[latlon osm_nominatim_reverse geonames_reverse], assigns(:sources)
assert_nil @controller.params[:query]
assert_in_delta lat, @controller.params[:lat]
assert_in_delta lon, @controller.params[:lon]
xhr :get, :search, :query => query
get :search, :params => { :query => query }, :xhr => true
assert_response :success
assert_template :search
assert_template :layout => "xhr"
assert_equal %w(latlon osm_nominatim_reverse geonames_reverse), assigns(:sources)
assert_equal %w[latlon osm_nominatim_reverse geonames_reverse], assigns(:sources)
assert_nil @controller.params[:query]
assert_in_delta lat, @controller.params[:lat]
assert_in_delta lon, @controller.params[:lon]
end
def search_check(query, sources)
get :search, :query => query
get :search, :params => { :query => query }
assert_response :success
assert_template :search
assert_template :layout => "map"
assert_equal sources, assigns(:sources)
xhr :get, :search, :query => query
get :search, :params => { :query => query }, :xhr => true
assert_response :success
assert_template :search
assert_template :layout => "xhr"

280
test/controllers/message_controller_test.rb
View file

@ -1,8 +1,6 @@
require "test_helper"
class MessageControllerTest < ActionController::TestCase
fixtures :users, :messages
##
# test all routes which lead to this controller
def test_routes
@ -45,90 +43,152 @@ class MessageControllerTest < ActionController::TestCase
end
##
# test the new action
def test_new
# test fetching new message page when not logged in
def test_new_no_login
# Check that the new message page requires us to login
get :new, :display_name => users(:public_user).display_name
assert_redirected_to login_path(:referer => new_message_path(:display_name => users(:public_user).display_name))
user = create(:user)
get :new, :params => { :display_name => user.display_name }
assert_redirected_to login_path(:referer => new_message_path(:display_name => user.display_name))
end
##
# test fetching new message page when logged in
def test_new_form
# Login as a normal user
session[:user] = users(:normal_user).id
user = create(:user)
recipient_user = create(:user)
session[:user] = user.id
# Check that the new message page loads
get :new, :display_name => users(:public_user).display_name
get :new, :params => { :display_name => recipient_user.display_name }
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Send message"
assert_select "form[action='#{new_message_path(:display_name => users(:public_user).display_name)}']", :count => 1 do
assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
assert_select "input#message_title", :count => 1
assert_select "textarea#message_body", :count => 1
assert_select "input[type='submit'][value='Send']", :count => 1
end
end
# Check that the subject is preserved over errors
##
# test fetching new message page with body and title
def test_new_get_with_params
# Login as a normal user
user = create(:user)
recipient_user = create(:user)
session[:user] = user.id
# Check that we can't send a message from a GET request
assert_difference "ActionMailer::Base.deliveries.size", 0 do
assert_difference "Message.count", 0 do
post :new,
:display_name => users(:public_user).display_name,
:message => { :title => "Test Message", :body => "" }
get :new,
:params => { :display_name => recipient_user.display_name,
:message => { :title => "Test Message", :body => "Test message body" } }
end
end
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Send message"
assert_select "form[action='#{new_message_path(:display_name => users(:public_user).display_name)}']", :count => 1 do
assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
assert_select "input#message_title", :count => 1 do
assert_select "[value='Test Message']"
end
assert_select "textarea#message_body", :text => "Test message body", :count => 1
assert_select "input[type='submit'][value='Send']", :count => 1
end
end
##
# test posting new message page with no body
def test_new_post_no_body
# Login as a normal user
user = create(:user)
recipient_user = create(:user)
session[:user] = user.id
# Check that the subject is preserved over errors
assert_difference "ActionMailer::Base.deliveries.size", 0 do
assert_difference "Message.count", 0 do
post :new,
:params => { :display_name => recipient_user.display_name,
:message => { :title => "Test Message", :body => "" } }
end
end
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Send message"
assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
assert_select "input#message_title", :count => 1 do
assert_select "[value='Test Message']"
end
assert_select "textarea#message_body", :text => "", :count => 1
assert_select "input[type='submit'][value='Send']", :count => 1
end
end
##
# test posting new message page with no title
def test_new_post_no_title
# Login as a normal user
user = create(:user)
recipient_user = create(:user)
session[:user] = user.id
# Check that the body text is preserved over errors
assert_difference "ActionMailer::Base.deliveries.size", 0 do
assert_difference "Message.count", 0 do
post :new,
:display_name => users(:public_user).display_name,
:message => { :title => "", :body => "Test message body" }
:params => { :display_name => recipient_user.display_name,
:message => { :title => "", :body => "Test message body" } }
end
end
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Send message"
assert_select "form[action='#{new_message_path(:display_name => users(:public_user).display_name)}']", :count => 1 do
assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
assert_select "input#message_title", :count => 1 do
assert_select "[value='']"
end
assert_select "textarea#message_body", :text => "Test message body", :count => 1
assert_select "input[type='submit'][value='Send']", :count => 1
end
end
##
# test posting new message page sends message
def test_new_post_send
# Login as a normal user
user = create(:user)
recipient_user = create(:user)
session[:user] = user.id
# Check that sending a message works
assert_difference "ActionMailer::Base.deliveries.size", 1 do
assert_difference "Message.count", 1 do
post :new,
:display_name => users(:public_user).display_name,
:message => { :title => "Test Message", :body => "Test message body" }
:params => { :display_name => recipient_user.display_name,
:message => { :title => "Test Message", :body => "Test message body" } }
end
end
assert_redirected_to inbox_path(:display_name => users(:normal_user).display_name)
assert_redirected_to inbox_path(:display_name => user.display_name)
assert_equal "Message sent", flash[:notice]
e = ActionMailer::Base.deliveries.first
assert_equal [users(:public_user).email], e.to
assert_equal [recipient_user.email], e.to
assert_equal "[OpenStreetMap] Test Message", e.subject
assert_match /Test message body/, e.text_part.decoded
assert_match /Test message body/, e.html_part.decoded
ActionMailer::Base.deliveries.clear
m = Message.find(3)
assert_equal users(:normal_user).id, m.from_user_id
assert_equal users(:public_user).id, m.to_user_id
m = Message.last
assert_equal user.id, m.from_user_id
assert_equal recipient_user.id, m.to_user_id
assert_in_delta Time.now, m.sent_on, 2
assert_equal "Test Message", m.title
assert_equal "Test message body", m.body
assert_equal "markdown", m.body_format
# Asking to send a message with a bogus user name should fail
get :new, :display_name => "non_existent_user"
get :new, :params => { :display_name => "non_existent_user" }
assert_response :not_found
assert_template "user/no_such_user"
assert_select "h1", "The user non_existent_user does not exist"
@ -138,15 +198,17 @@ class MessageControllerTest < ActionController::TestCase
# test the new action message limit
def test_new_limit
# Login as a normal user
session[:user] = users(:normal_user).id
user = create(:user)
recipient_user = create(:user)
session[:user] = user.id
# Check that sending a message fails when the message limit is hit
assert_no_difference "ActionMailer::Base.deliveries.size" do
assert_no_difference "Message.count" do
with_message_limit(0) do
post :new,
:display_name => users(:public_user).display_name,
:message => { :title => "Test Message", :body => "Test message body" }
:params => { :display_name => recipient_user.display_name,
:message => { :title => "Test Message", :body => "Test message body" } }
assert_response :success
assert_template "new"
assert_select ".error", /wait a while/
@ -158,32 +220,37 @@ class MessageControllerTest < ActionController::TestCase
##
# test the reply action
def test_reply
user = create(:user)
recipient_user = create(:user)
other_user = create(:user)
unread_message = create(:message, :unread, :sender => user, :recipient => recipient_user)
# Check that the message reply page requires us to login
get :reply, :message_id => messages(:unread_message).id
assert_redirected_to login_path(:referer => reply_message_path(:message_id => messages(:unread_message).id))
get :reply, :params => { :message_id => unread_message.id }
assert_redirected_to login_path(:referer => reply_message_path(:message_id => unread_message.id))
# Login as the wrong user
session[:user] = users(:second_public_user).id
session[:user] = other_user.id
# Check that we can't reply to somebody else's message
get :reply, :message_id => messages(:unread_message).id
assert_redirected_to login_path(:referer => reply_message_path(:message_id => messages(:unread_message).id))
assert_equal "You are logged in as `pulibc_test2' but the message you have asked to reply to was not sent to that user. Please login as the correct user in order to reply.", flash[:notice]
get :reply, :params => { :message_id => unread_message.id }
assert_redirected_to login_path(:referer => reply_message_path(:message_id => unread_message.id))
assert_equal "You are logged in as `#{other_user.display_name}' but the message you have asked to reply to was not sent to that user. Please login as the correct user in order to reply.", flash[:notice]
# Login as the right user
session[:user] = users(:public_user).id
session[:user] = recipient_user.id
# Check that the message reply page loads
get :reply, :message_id => messages(:unread_message).id
get :reply, :params => { :message_id => unread_message.id }
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Re: test message 1"
assert_select "form[action='#{new_message_path(:display_name => users(:normal_user).display_name)}']", :count => 1 do
assert_select "input#message_title[value='Re: test message 1']", :count => 1
assert_select "title", "OpenStreetMap | Re: #{unread_message.title}"
assert_select "form[action='#{new_message_path(:display_name => user.display_name)}']", :count => 1 do
assert_select "input#message_title[value='Re: #{unread_message.title}']", :count => 1
assert_select "textarea#message_body", :count => 1
assert_select "input[type='submit'][value='Send']", :count => 1
end
assert_equal true, Message.find(messages(:unread_message).id).message_read
assert_equal true, Message.find(unread_message.id).message_read
# Asking to reply to a message with no ID should fail
assert_raise ActionController::UrlGenerationError do
@ -191,7 +258,7 @@ class MessageControllerTest < ActionController::TestCase
end
# Asking to reply to a message with a bogus ID should fail
get :reply, :message_id => 99999
get :reply, :params => { :message_id => 99999 }
assert_response :not_found
assert_template "no_such_message"
end
@ -199,35 +266,40 @@ class MessageControllerTest < ActionController::TestCase
##
# test the read action
def test_read
user = create(:user)
recipient_user = create(:user)
other_user = create(:user)
unread_message = create(:message, :unread, :sender => user, :recipient => recipient_user)
# Check that the read message page requires us to login
get :read, :message_id => messages(:unread_message).id
assert_redirected_to login_path(:referer => read_message_path(:message_id => messages(:unread_message).id))
get :read, :params => { :message_id => unread_message.id }
assert_redirected_to login_path(:referer => read_message_path(:message_id => unread_message.id))
# Login as the wrong user
session[:user] = users(:second_public_user).id
session[:user] = other_user.id
# Check that we can't read the message
get :read, :message_id => messages(:unread_message).id
assert_redirected_to login_path(:referer => read_message_path(:message_id => messages(:unread_message).id))
assert_equal "You are logged in as `pulibc_test2' but the message you have asked to read was not sent by or to that user. Please login as the correct user in order to read it.", flash[:notice]
get :read, :params => { :message_id => unread_message.id }
assert_redirected_to login_path(:referer => read_message_path(:message_id => unread_message.id))
assert_equal "You are logged in as `#{other_user.display_name}' but the message you have asked to read was not sent by or to that user. Please login as the correct user in order to read it.", flash[:notice]
# Login as the message sender
session[:user] = users(:normal_user).id
session[:user] = user.id
# Check that the message sender can read the message
get :read, :message_id => messages(:unread_message).id
get :read, :params => { :message_id => unread_message.id }
assert_response :success
assert_template "read"
assert_equal false, Message.find(messages(:unread_message).id).message_read
assert_equal false, Message.find(unread_message.id).message_read
# Login as the message recipient
session[:user] = users(:public_user).id
session[:user] = recipient_user.id
# Check that the message recipient can read the message
get :read, :message_id => messages(:unread_message).id
get :read, :params => { :message_id => unread_message.id }
assert_response :success
assert_template "read"
assert_equal true, Message.find(messages(:unread_message).id).message_read
assert_equal true, Message.find(unread_message.id).message_read
# Asking to read a message with no ID should fail
assert_raise ActionController::UrlGenerationError do
@ -235,7 +307,7 @@ class MessageControllerTest < ActionController::TestCase
end
# Asking to read a message with a bogus ID should fail
get :read, :message_id => 99999
get :read, :params => { :message_id => 99999 }
assert_response :not_found
assert_template "no_such_message"
end
@ -243,39 +315,46 @@ class MessageControllerTest < ActionController::TestCase
##
# test the inbox action
def test_inbox
user = create(:user)
other_user = create(:user)
read_message = create(:message, :read, :recipient => user)
# Check that the inbox page requires us to login
get :inbox, :display_name => users(:normal_user).display_name
assert_redirected_to login_path(:referer => inbox_path(:display_name => users(:normal_user).display_name))
get :inbox, :params => { :display_name => user.display_name }
assert_redirected_to login_path(:referer => inbox_path(:display_name => user.display_name))
# Login
session[:user] = users(:normal_user).id
session[:user] = user.id
# Check that we can view our inbox when logged in
get :inbox, :display_name => users(:normal_user).display_name
get :inbox, :params => { :display_name => user.display_name }
assert_response :success
assert_template "inbox"
assert_select "table.messages", :count => 1 do
assert_select "tr", :count => 2
assert_select "tr#inbox-#{messages(:read_message).id}.inbox-row", :count => 1
assert_select "tr#inbox-#{read_message.id}.inbox-row", :count => 1
end
# Check that we can't view somebody else's inbox when logged in
get :inbox, :display_name => users(:public_user).display_name
assert_redirected_to inbox_path(:display_name => users(:normal_user).display_name)
get :inbox, :params => { :display_name => other_user.display_name }
assert_redirected_to inbox_path(:display_name => user.display_name)
end
##
# test the outbox action
def test_outbox
user = create(:user)
other_user = create(:user)
create(:message, :sender => user)
# Check that the outbox page requires us to login
get :outbox, :display_name => users(:normal_user).display_name
assert_redirected_to login_path(:referer => outbox_path(:display_name => users(:normal_user).display_name))
get :outbox, :params => { :display_name => user.display_name }
assert_redirected_to login_path(:referer => outbox_path(:display_name => user.display_name))
# Login
session[:user] = users(:normal_user).id
session[:user] = user.id
# Check that we can view our outbox when logged in
get :outbox, :display_name => users(:normal_user).display_name
get :outbox, :params => { :display_name => user.display_name }
assert_response :success
assert_template "outbox"
assert_select "table.messages", :count => 1 do
@ -284,49 +363,54 @@ class MessageControllerTest < ActionController::TestCase
end
# Check that we can't view somebody else's outbox when logged in
get :outbox, :display_name => users(:public_user).display_name
assert_redirected_to outbox_path(:display_name => users(:normal_user).display_name)
get :outbox, :params => { :display_name => other_user.display_name }
assert_redirected_to outbox_path(:display_name => user.display_name)
end
##
# test the mark action
def test_mark
user = create(:user)
recipient_user = create(:user)
other_user = create(:user)
unread_message = create(:message, :unread, :sender => user, :recipient => recipient_user)
# Check that the marking a message requires us to login
post :mark, :message_id => messages(:unread_message).id
post :mark, :params => { :message_id => unread_message.id }
assert_response :forbidden
# Login as a user with no messages
session[:user] = users(:second_public_user).id
session[:user] = other_user.id
# Check that marking a message we didn't send or receive fails
post :mark, :message_id => messages(:read_message).id
post :mark, :params => { :message_id => unread_message.id }
assert_response :not_found
assert_template "no_such_message"
# Login as the message recipient
session[:user] = users(:public_user).id
# Login as the message recipient_user
session[:user] = recipient_user.id
# Check that the marking a message read works
post :mark, :message_id => messages(:unread_message).id, :mark => "read"
assert_redirected_to inbox_path(:display_name => users(:public_user).display_name)
assert_equal true, Message.find(messages(:unread_message).id).message_read
post :mark, :params => { :message_id => unread_message.id, :mark => "read" }
assert_redirected_to inbox_path(:display_name => recipient_user.display_name)
assert_equal true, Message.find(unread_message.id).message_read
# Check that the marking a message unread works
post :mark, :message_id => messages(:unread_message).id, :mark => "unread"
assert_redirected_to inbox_path(:display_name => users(:public_user).display_name)
assert_equal false, Message.find(messages(:unread_message).id).message_read
post :mark, :params => { :message_id => unread_message.id, :mark => "unread" }
assert_redirected_to inbox_path(:display_name => recipient_user.display_name)
assert_equal false, Message.find(unread_message.id).message_read
# Check that the marking a message read via XHR works
xhr :post, :mark, :message_id => messages(:unread_message).id, :mark => "read"
post :mark, :xhr => true, :params => { :message_id => unread_message.id, :mark => "read" }
assert_response :success
assert_template "mark"
assert_equal true, Message.find(messages(:unread_message).id).message_read
assert_equal true, Message.find(unread_message.id).message_read
# Check that the marking a message unread via XHR works
xhr :post, :mark, :message_id => messages(:unread_message).id, :mark => "unread"
post :mark, :xhr => true, :params => { :message_id => unread_message.id, :mark => "unread" }
assert_response :success
assert_template "mark"
assert_equal false, Message.find(messages(:unread_message).id).message_read
assert_equal false, Message.find(unread_message.id).message_read
# Asking to mark a message with no ID should fail
assert_raise ActionController::UrlGenerationError do
@ -334,7 +418,7 @@ class MessageControllerTest < ActionController::TestCase
end
# Asking to mark a message with a bogus ID should fail
post :mark, :message_id => 99999
post :mark, :params => { :message_id => 99999 }
assert_response :not_found
assert_template "no_such_message"
end
@ -342,34 +426,40 @@ class MessageControllerTest < ActionController::TestCase
##
# test the delete action
def test_delete
user = create(:user)
second_user = create(:user)
other_user = create(:user)
read_message = create(:message, :read, :recipient => user, :sender => second_user)
sent_message = create(:message, :unread, :recipient => second_user, :sender => user)
# Check that the deleting a message requires us to login
post :delete, :message_id => messages(:read_message).id
post :delete, :params => { :message_id => read_message.id }
assert_response :forbidden
# Login as a user with no messages
session[:user] = users(:second_public_user).id
session[:user] = other_user.id
# Check that deleting a message we didn't send or receive fails
post :delete, :message_id => messages(:read_message).id
post :delete, :params => { :message_id => read_message.id }
assert_response :not_found
assert_template "no_such_message"
# Login as the message recipient
session[:user] = users(:normal_user).id
# Login as the message recipient_user
session[:user] = user.id
# Check that the deleting a received message works
post :delete, :message_id => messages(:read_message).id
assert_redirected_to inbox_path(:display_name => users(:normal_user).display_name)
post :delete, :params => { :message_id => read_message.id }
assert_redirected_to inbox_path(:display_name => user.display_name)
assert_equal "Message deleted", flash[:notice]
m = Message.find(messages(:read_message).id)
m = Message.find(read_message.id)
assert_equal true, m.from_user_visible
assert_equal false, m.to_user_visible
# Check that the deleting a sent message works
post :delete, :message_id => messages(:unread_message).id, :referer => outbox_path(:display_name => users(:normal_user).display_name)
assert_redirected_to outbox_path(:display_name => users(:normal_user).display_name)
post :delete, :params => { :message_id => sent_message.id, :referer => outbox_path(:display_name => user.display_name) }
assert_redirected_to outbox_path(:display_name => user.display_name)
assert_equal "Message deleted", flash[:notice]
m = Message.find(messages(:unread_message).id)
m = Message.find(sent_message.id)
assert_equal false, m.from_user_visible
assert_equal true, m.to_user_visible
@ -379,7 +469,7 @@ class MessageControllerTest < ActionController::TestCase
end
# Asking to delete a message with a bogus ID should fail
post :delete, :message_id => 99999
post :delete, :params => { :message_id => 99999 }
assert_response :not_found
assert_template "no_such_message"
end

316
test/controllers/node_controller_test.rb
View file

@ -1,8 +1,6 @@
require "test_helper"
class NodeControllerTest < ActionController::TestCase
api_fixtures
##
# test all routes which lead to this controller
def test_routes
@ -29,14 +27,16 @@ class NodeControllerTest < ActionController::TestCase
end
def test_create
# cannot read password from fixture as it is stored as MD5 digest
## First try with no auth
private_user = create(:user, :data_public => false)
private_changeset = create(:changeset, :user => private_user)
user = create(:user)
changeset = create(:changeset, :user => user)
# create a node with random lat/lon
lat = rand(100) - 50 + rand
lon = rand(100) - 50 + rand
# normal user has a changeset open, so we'll use that.
changeset = changesets(:normal_user_first_change)
## First try with no auth
# create a minimal xml file
content("<osm><node lat='#{lat}' lon='#{lon}' changeset='#{changeset.id}'/></osm>")
assert_difference("OldNode.count", 0) do
@ -46,15 +46,10 @@ class NodeControllerTest < ActionController::TestCase
assert_response :unauthorized, "node upload did not return unauthorized status"
## Now try with the user which doesn't have their data public
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
# create a node with random lat/lon
lat = rand(100) - 50 + rand
lon = rand(100) - 50 + rand
# normal user has a changeset open, so we'll use that.
changeset = changesets(:normal_user_first_change)
# create a minimal xml file
content("<osm><node lat='#{lat}' lon='#{lon}' changeset='#{changeset.id}'/></osm>")
content("<osm><node lat='#{lat}' lon='#{lon}' changeset='#{private_changeset.id}'/></osm>")
assert_difference("Node.count", 0) do
put :create
end
@ -62,13 +57,8 @@ class NodeControllerTest < ActionController::TestCase
assert_require_public_data "node create did not return forbidden status"
## Now try with the user that has the public data
basic_authorization(users(:public_user).email, "test")
basic_authorization(user.email, "test")
# create a node with random lat/lon
lat = rand(100) - 50 + rand
lon = rand(100) - 50 + rand
# normal user has a changeset open, so we'll use that.
changeset = changesets(:public_user_first_change)
# create a minimal xml file
content("<osm><node lat='#{lat}' lon='#{lon}' changeset='#{changeset.id}'/></osm>")
put :create
@ -82,17 +72,18 @@ class NodeControllerTest < ActionController::TestCase
# compare values
assert_in_delta lat * 10000000, checknode.latitude, 1, "saved node does not match requested latitude"
assert_in_delta lon * 10000000, checknode.longitude, 1, "saved node does not match requested longitude"
assert_equal changesets(:public_user_first_change).id, checknode.changeset_id, "saved node does not belong to changeset that it was created in"
assert_equal changeset.id, checknode.changeset_id, "saved node does not belong to changeset that it was created in"
assert_equal true, checknode.visible, "saved node is not visible"
end
def test_create_invalid_xml
## Only test public user here, as test_create should cover what's the forbiddens
## that would occur here
# Initial setup
basic_authorization(users(:public_user).email, "test")
# normal user has a changeset open, so we'll use that.
changeset = changesets(:public_user_first_change)
user = create(:user)
changeset = create(:changeset, :user => user)
basic_authorization(user.email, "test")
lat = 3.434
lon = 3.23
@ -143,123 +134,146 @@ class NodeControllerTest < ActionController::TestCase
def test_read
# check that a visible node is returned properly
get :read, :id => current_nodes(:visible_node).id
get :read, :params => { :id => create(:node).id }
assert_response :success
# check that an invisible node is not returned
get :read, :id => current_nodes(:invisible_node).id
# check that an deleted node is not returned
get :read, :params => { :id => create(:node, :deleted).id }
assert_response :gone
# check chat a non-existent node is not returned
get :read, :id => 0
get :read, :params => { :id => 0 }
assert_response :not_found
end
# this tests deletion restrictions - basic deletion is tested in the unit
# tests for node!
def test_delete
private_user = create(:user, :data_public => false)
private_user_changeset = create(:changeset, :user => private_user)
private_user_closed_changeset = create(:changeset, :closed, :user => private_user)
private_node = create(:node, :changeset => private_user_changeset)
private_deleted_node = create(:node, :deleted, :changeset => private_user_changeset)
## first try to delete node without auth
delete :delete, :id => current_nodes(:visible_node).id
delete :delete, :params => { :id => private_node.id }
assert_response :unauthorized
## now set auth for the non-data public user
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
# try to delete with an invalid (closed) changeset
content update_changeset(current_nodes(:visible_node).to_xml,
changesets(:normal_user_closed_change).id)
delete :delete, :id => current_nodes(:visible_node).id
content update_changeset(private_node.to_xml, private_user_closed_changeset.id)
delete :delete, :params => { :id => private_node.id }
assert_require_public_data("non-public user shouldn't be able to delete node")
# try to delete with an invalid (non-existent) changeset
content update_changeset(current_nodes(:visible_node).to_xml, 0)
delete :delete, :id => current_nodes(:visible_node).id
content update_changeset(private_node.to_xml, 0)
delete :delete, :params => { :id => private_node.id }
assert_require_public_data("shouldn't be able to delete node, when user's data is private")
# valid delete now takes a payload
content(nodes(:visible_node).to_xml)
delete :delete, :id => current_nodes(:visible_node).id
content(private_node.to_xml)
delete :delete, :params => { :id => private_node.id }
assert_require_public_data("shouldn't be able to delete node when user's data isn't public'")
# this won't work since the node is already deleted
content(nodes(:invisible_node).to_xml)
delete :delete, :id => current_nodes(:invisible_node).id
content(private_deleted_node.to_xml)
delete :delete, :params => { :id => private_deleted_node.id }
assert_require_public_data
# this won't work since the node never existed
delete :delete, :id => 0
delete :delete, :params => { :id => 0 }
assert_require_public_data
## these test whether nodes which are in-use can be deleted:
# in a way...
content(nodes(:used_node_1).to_xml)
delete :delete, :id => current_nodes(:used_node_1).id
private_used_node = create(:node, :changeset => private_user_changeset)
create(:way_node, :node => private_used_node)
content(private_used_node.to_xml)
delete :delete, :params => { :id => private_used_node.id }
assert_require_public_data "shouldn't be able to delete a node used in a way (#{@response.body})"
# in a relation...
content(nodes(:node_used_by_relationship).to_xml)
delete :delete, :id => current_nodes(:node_used_by_relationship).id
private_used_node2 = create(:node, :changeset => private_user_changeset)
create(:relation_member, :member => private_used_node2)
content(private_used_node2.to_xml)
delete :delete, :params => { :id => private_used_node2.id }
assert_require_public_data "shouldn't be able to delete a node used in a relation (#{@response.body})"
## now set auth for the public data user
basic_authorization(users(:public_user).email, "test")
## now setup for the public data user
user = create(:user, :data_public => true)
changeset = create(:changeset, :user => user)
closed_changeset = create(:changeset, :closed, :user => user)
node = create(:node, :changeset => changeset)
basic_authorization(user.email, "test")
# try to delete with an invalid (closed) changeset
content update_changeset(current_nodes(:visible_node).to_xml,
changesets(:normal_user_closed_change).id)
delete :delete, :id => current_nodes(:visible_node).id
content update_changeset(node.to_xml, closed_changeset.id)
delete :delete, :params => { :id => node.id }
assert_response :conflict
# try to delete with an invalid (non-existent) changeset
content update_changeset(current_nodes(:visible_node).to_xml, 0)
delete :delete, :id => current_nodes(:visible_node).id
content update_changeset(node.to_xml, 0)
delete :delete, :params => { :id => node.id }
assert_response :conflict
# try to delete a node with a different ID
content(nodes(:public_visible_node).to_xml)
delete :delete, :id => current_nodes(:visible_node).id
other_node = create(:node)
content(other_node.to_xml)
delete :delete, :params => { :id => node.id }
assert_response :bad_request,
"should not be able to delete a node with a different ID from the XML"
# try to delete a node rubbish in the payloads
content("<delete/>")
delete :delete, :id => current_nodes(:visible_node).id
delete :delete, :params => { :id => node.id }
assert_response :bad_request,
"should not be able to delete a node without a valid XML payload"
# valid delete now takes a payload
content(nodes(:public_visible_node).to_xml)
delete :delete, :id => current_nodes(:public_visible_node).id
content(node.to_xml)
delete :delete, :params => { :id => node.id }
assert_response :success
# valid delete should return the new version number, which should
# be greater than the old version number
assert @response.body.to_i > current_nodes(:public_visible_node).version,
assert @response.body.to_i > node.version,
"delete request should return a new version number for node"
# deleting the same node twice doesn't work
content(nodes(:public_visible_node).to_xml)
delete :delete, :id => current_nodes(:public_visible_node).id
content(node.to_xml)
delete :delete, :params => { :id => node.id }
assert_response :gone
# this won't work since the node never existed
delete :delete, :id => 0
delete :delete, :params => { :id => 0 }
assert_response :not_found
## these test whether nodes which are in-use can be deleted:
# in a way...
content(nodes(:used_node_1).to_xml)
delete :delete, :id => current_nodes(:used_node_1).id
used_node = create(:node, :changeset => create(:changeset, :user => user))
way_node = create(:way_node, :node => used_node)
way_node2 = create(:way_node, :node => used_node)
content(used_node.to_xml)
delete :delete, :params => { :id => used_node.id }
assert_response :precondition_failed,
"shouldn't be able to delete a node used in a way (#{@response.body})"
assert_equal "Precondition failed: Node 3 is still used by ways 1,3.", @response.body
assert_equal "Precondition failed: Node #{used_node.id} is still used by ways #{way_node.way.id},#{way_node2.way.id}.", @response.body
# in a relation...
content(nodes(:node_used_by_relationship).to_xml)
delete :delete, :id => current_nodes(:node_used_by_relationship).id
used_node2 = create(:node, :changeset => create(:changeset, :user => user))
relation_member = create(:relation_member, :member => used_node2)
relation_member2 = create(:relation_member, :member => used_node2)
content(used_node2.to_xml)
delete :delete, :params => { :id => used_node2.id }
assert_response :precondition_failed,
"shouldn't be able to delete a node used in a relation (#{@response.body})"
assert_equal "Precondition failed: Node 5 is still used by relations 1,3.", @response.body
assert_equal "Precondition failed: Node #{used_node2.id} is still used by relations #{relation_member.relation.id},#{relation_member2.relation.id}.", @response.body
end
##
@ -269,215 +283,231 @@ class NodeControllerTest < ActionController::TestCase
## First test with no user credentials
# try and update a node without authorisation
# first try to delete node without auth
content current_nodes(:visible_node).to_xml
put :update, :id => current_nodes(:visible_node).id
private_user = create(:user, :data_public => false)
private_node = create(:node, :changeset => create(:changeset, :user => private_user))
user = create(:user)
node = create(:node, :changeset => create(:changeset, :user => user))
content node.to_xml
put :update, :params => { :id => node.id }
assert_response :unauthorized
## Second test with the private user
# setup auth
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
## trying to break changesets
# try and update in someone else's changeset
content update_changeset(current_nodes(:visible_node).to_xml,
changesets(:public_user_first_change).id)
put :update, :id => current_nodes(:visible_node).id
assert_require_public_data "update with other user's changeset should be forbidden when date isn't public"
content update_changeset(private_node.to_xml,
create(:changeset).id)
put :update, :params => { :id => private_node.id }
assert_require_public_data "update with other user's changeset should be forbidden when data isn't public"
# try and update in a closed changeset
content update_changeset(current_nodes(:visible_node).to_xml,
changesets(:normal_user_closed_change).id)
put :update, :id => current_nodes(:visible_node).id
content update_changeset(private_node.to_xml,
create(:changeset, :closed, :user => private_user).id)
put :update, :params => { :id => private_node.id }
assert_require_public_data "update with closed changeset should be forbidden, when data isn't public"
# try and update in a non-existant changeset
content update_changeset(current_nodes(:visible_node).to_xml, 0)
put :update, :id => current_nodes(:visible_node).id
assert_require_public_data("update with changeset=0 should be forbidden, when data isn't public")
content update_changeset(private_node.to_xml, 0)
put :update, :params => { :id => private_node.id }
assert_require_public_data "update with changeset=0 should be forbidden, when data isn't public"
## try and submit invalid updates
content xml_attr_rewrite(current_nodes(:visible_node).to_xml, "lat", 91.0)
put :update, :id => current_nodes(:visible_node).id
content xml_attr_rewrite(private_node.to_xml, "lat", 91.0)
put :update, :params => { :id => private_node.id }
assert_require_public_data "node at lat=91 should be forbidden, when data isn't public"
content xml_attr_rewrite(current_nodes(:visible_node).to_xml, "lat", -91.0)
put :update, :id => current_nodes(:visible_node).id
content xml_attr_rewrite(private_node.to_xml, "lat", -91.0)
put :update, :params => { :id => private_node.id }
assert_require_public_data "node at lat=-91 should be forbidden, when data isn't public"
content xml_attr_rewrite(current_nodes(:visible_node).to_xml, "lon", 181.0)
put :update, :id => current_nodes(:visible_node).id
content xml_attr_rewrite(private_node.to_xml, "lon", 181.0)
put :update, :params => { :id => private_node.id }
assert_require_public_data "node at lon=181 should be forbidden, when data isn't public"
content xml_attr_rewrite(current_nodes(:visible_node).to_xml, "lon", -181.0)
put :update, :id => current_nodes(:visible_node).id
content xml_attr_rewrite(private_node.to_xml, "lon", -181.0)
put :update, :params => { :id => private_node.id }
assert_require_public_data "node at lon=-181 should be forbidden, when data isn't public"
## finally, produce a good request which should work
content current_nodes(:visible_node).to_xml
put :update, :id => current_nodes(:visible_node).id
## finally, produce a good request which still won't work
content private_node.to_xml
put :update, :params => { :id => private_node.id }
assert_require_public_data "should have failed with a forbidden when data isn't public"
## Finally test with the public user
# try and update a node without authorisation
# first try to delete node without auth
content current_nodes(:visible_node).to_xml
put :update, :id => current_nodes(:visible_node).id
# first try to update node without auth
content node.to_xml
put :update, :params => { :id => node.id }
assert_response :forbidden
# setup auth
basic_authorization(users(:public_user).email, "test")
basic_authorization(user.email, "test")
## trying to break changesets
# try and update in someone else's changeset
content update_changeset(current_nodes(:visible_node).to_xml,
changesets(:normal_user_first_change).id)
put :update, :id => current_nodes(:visible_node).id
content update_changeset(node.to_xml,
create(:changeset).id)
put :update, :params => { :id => node.id }
assert_response :conflict, "update with other user's changeset should be rejected"
# try and update in a closed changeset
content update_changeset(current_nodes(:visible_node).to_xml,
changesets(:normal_user_closed_change).id)
put :update, :id => current_nodes(:visible_node).id
content update_changeset(node.to_xml,
create(:changeset, :closed, :user => user).id)
put :update, :params => { :id => node.id }
assert_response :conflict, "update with closed changeset should be rejected"
# try and update in a non-existant changeset
content update_changeset(current_nodes(:visible_node).to_xml, 0)
put :update, :id => current_nodes(:visible_node).id
content update_changeset(node.to_xml, 0)
put :update, :params => { :id => node.id }
assert_response :conflict, "update with changeset=0 should be rejected"
## try and submit invalid updates
content xml_attr_rewrite(current_nodes(:visible_node).to_xml, "lat", 91.0)
put :update, :id => current_nodes(:visible_node).id
content xml_attr_rewrite(node.to_xml, "lat", 91.0)
put :update, :params => { :id => node.id }
assert_response :bad_request, "node at lat=91 should be rejected"
content xml_attr_rewrite(current_nodes(:visible_node).to_xml, "lat", -91.0)
put :update, :id => current_nodes(:visible_node).id
content xml_attr_rewrite(node.to_xml, "lat", -91.0)
put :update, :params => { :id => node.id }
assert_response :bad_request, "node at lat=-91 should be rejected"
content xml_attr_rewrite(current_nodes(:visible_node).to_xml, "lon", 181.0)
put :update, :id => current_nodes(:visible_node).id
content xml_attr_rewrite(node.to_xml, "lon", 181.0)
put :update, :params => { :id => node.id }
assert_response :bad_request, "node at lon=181 should be rejected"
content xml_attr_rewrite(current_nodes(:visible_node).to_xml, "lon", -181.0)
put :update, :id => current_nodes(:visible_node).id
content xml_attr_rewrite(node.to_xml, "lon", -181.0)
put :update, :params => { :id => node.id }
assert_response :bad_request, "node at lon=-181 should be rejected"
## next, attack the versioning
current_node_version = current_nodes(:visible_node).version
current_node_version = node.version
# try and submit a version behind
content xml_attr_rewrite(current_nodes(:visible_node).to_xml,
content xml_attr_rewrite(node.to_xml,
"version", current_node_version - 1)
put :update, :id => current_nodes(:visible_node).id
put :update, :params => { :id => node.id }
assert_response :conflict, "should have failed on old version number"
# try and submit a version ahead
content xml_attr_rewrite(current_nodes(:visible_node).to_xml,
content xml_attr_rewrite(node.to_xml,
"version", current_node_version + 1)
put :update, :id => current_nodes(:visible_node).id
put :update, :params => { :id => node.id }
assert_response :conflict, "should have failed on skipped version number"
# try and submit total crap in the version field
content xml_attr_rewrite(current_nodes(:visible_node).to_xml,
content xml_attr_rewrite(node.to_xml,
"version", "p1r4t3s!")
put :update, :id => current_nodes(:visible_node).id
put :update, :params => { :id => node.id }
assert_response :conflict,
"should not be able to put 'p1r4at3s!' in the version field"
## try an update with the wrong ID
content current_nodes(:public_visible_node).to_xml
put :update, :id => current_nodes(:visible_node).id
content create(:node).to_xml
put :update, :params => { :id => node.id }
assert_response :bad_request,
"should not be able to update a node with a different ID from the XML"
## try an update with a minimal valid XML doc which isn't a well-formed OSM doc.
content "<update/>"
put :update, :id => current_nodes(:visible_node).id
put :update, :params => { :id => node.id }
assert_response :bad_request,
"should not be able to update a node with non-OSM XML doc."
## finally, produce a good request which should work
content current_nodes(:public_visible_node).to_xml
put :update, :id => current_nodes(:public_visible_node).id
content node.to_xml
put :update, :params => { :id => node.id }
assert_response :success, "a valid update request failed"
end
##
# test fetching multiple nodes
def test_nodes
node1 = create(:node)
node2 = create(:node, :deleted)
node3 = create(:node)
node4 = create(:node, :with_history, :version => 2)
node5 = create(:node, :deleted, :with_history, :version => 2)
# check error when no parameter provided
get :nodes
assert_response :bad_request
# check error when no parameter value provided
get :nodes, :nodes => ""
get :nodes, :params => { :nodes => "" }
assert_response :bad_request
# test a working call
get :nodes, :nodes => "1,2,4,15,17"
get :nodes, :params => { :nodes => "#{node1.id},#{node2.id},#{node3.id},#{node4.id},#{node5.id}" }
assert_response :success
assert_select "osm" do
assert_select "node", :count => 5
assert_select "node[id='1'][visible='true']", :count => 1
assert_select "node[id='2'][visible='false']", :count => 1
assert_select "node[id='4'][visible='true']", :count => 1
assert_select "node[id='15'][visible='true']", :count => 1
assert_select "node[id='17'][visible='false']", :count => 1
assert_select "node[id='#{node1.id}'][visible='true']", :count => 1
assert_select "node[id='#{node2.id}'][visible='false']", :count => 1
assert_select "node[id='#{node3.id}'][visible='true']", :count => 1
assert_select "node[id='#{node4.id}'][visible='true']", :count => 1
assert_select "node[id='#{node5.id}'][visible='false']", :count => 1
end
# check error when a non-existent node is included
get :nodes, :nodes => "1,2,4,15,17,400"
get :nodes, :params => { :nodes => "#{node1.id},#{node2.id},#{node3.id},#{node4.id},#{node5.id},400" }
assert_response :not_found
end
##
# test adding tags to a node
def test_duplicate_tags
existing_tag = create(:node_tag)
assert_equal true, existing_tag.node.changeset.user.data_public
# setup auth
basic_authorization(users(:public_user).email, "test")
basic_authorization(existing_tag.node.changeset.user.email, "test")
# add an identical tag to the node
tag_xml = XML::Node.new("tag")
tag_xml["k"] = current_node_tags(:public_v_t1).k
tag_xml["v"] = current_node_tags(:public_v_t1).v
tag_xml["k"] = existing_tag.k
tag_xml["v"] = existing_tag.v
# add the tag into the existing xml
node_xml = current_nodes(:public_visible_node).to_xml
node_xml = existing_tag.node.to_xml
node_xml.find("//osm/node").first << tag_xml
# try and upload it
content node_xml
put :update, :id => current_nodes(:public_visible_node).id
put :update, :params => { :id => existing_tag.node.id }
assert_response :bad_request,
"adding duplicate tags to a node should fail with 'bad request'"
assert_equal "Element node/#{current_nodes(:public_visible_node).id} has duplicate tags with key #{current_node_tags(:t1).k}", @response.body
assert_equal "Element node/#{existing_tag.node.id} has duplicate tags with key #{existing_tag.k}", @response.body
end
# test whether string injection is possible
def test_string_injection
private_user = create(:user, :data_public => false)
private_changeset = create(:changeset, :user => private_user)
user = create(:user)
changeset = create(:changeset, :user => user)
## First try with the non-data public user
basic_authorization(users(:normal_user).email, "test")
changeset_id = changesets(:normal_user_first_change).id
basic_authorization(private_user.email, "test")
# try and put something into a string that the API might
# use unquoted and therefore allow code injection...
content "<osm><node lat='0' lon='0' changeset='#{changeset_id}'>" +
content "<osm><node lat='0' lon='0' changeset='#{private_changeset.id}'>" +
'<tag k="#{@user.inspect}" v="0"/>' +
"</node></osm>"
put :create
assert_require_public_data "Shouldn't be able to create with non-public user"
## Then try with the public data user
basic_authorization(users(:public_user).email, "test")
changeset_id = changesets(:public_user_first_change).id
basic_authorization(user.email, "test")
# try and put something into a string that the API might
# use unquoted and therefore allow code injection...
content "<osm><node lat='0' lon='0' changeset='#{changeset_id}'>" +
content "<osm><node lat='0' lon='0' changeset='#{changeset.id}'>" +
'<tag k="#{@user.inspect}" v="0"/>' +
"</node></osm>"
put :create
@ -489,7 +519,7 @@ class NodeControllerTest < ActionController::TestCase
assert_not_nil checknode, "node not found in data base after upload"
# and grab it using the api
get :read, :id => nodeid
get :read, :params => { :id => nodeid }
assert_response :success
apinode = Node.from_xml(@response.body)
assert_not_nil apinode, "downloaded node is nil, but shouldn't be"

571
test/controllers/notes_controller_test.rb
View file

File diff suppressed because it is too large Load diff

135
test/controllers/oauth_clients_controller_test.rb
View file

@ -1,8 +1,6 @@
require "test_helper"
class OauthClientsControllerTest < ActionController::TestCase
fixtures :users, :client_applications
##
# test all routes which lead to this controller
def test_routes
@ -37,26 +35,33 @@ class OauthClientsControllerTest < ActionController::TestCase
end
def test_index
user = users(:public_user)
user = create(:user)
create_list(:client_application, 2, :user => user)
get :index, :display_name => user.display_name
get :index,
:params => { :display_name => user.display_name }
assert_response :redirect
assert_redirected_to login_path(:referer => oauth_clients_path(:display_name => user.display_name))
get :index, { :display_name => user.display_name }, { :user => user }
get :index,
:params => { :display_name => user.display_name },
:session => { :user => user }
assert_response :success
assert_template "index"
assert_select "div.client_application", 2
end
def test_new
user = users(:public_user)
user = create(:user)
get :new, :display_name => user.display_name
get :new,
:params => { :display_name => user.display_name }
assert_response :redirect
assert_redirected_to login_path(:referer => new_oauth_client_path(:display_name => user.display_name))
get :new, { :display_name => user.display_name }, { :user => user }
get :new,
:params => { :display_name => user.display_name },
:session => { :user => user }
assert_response :success
assert_template "new"
assert_select "form", 1 do
@ -71,67 +76,75 @@ class OauthClientsControllerTest < ActionController::TestCase
end
def test_create
user = users(:public_user)
user = create(:user)
assert_difference "ClientApplication.count", 0 do
post :create, :display_name => user.display_name
post :create, :params => { :display_name => user.display_name }
end
assert_response :forbidden
assert_difference "ClientApplication.count", 0 do
post :create, {
:display_name => user.display_name,
:client_application => {
:name => "Test Application"
}
}, { :user => user }
post :create,
:params => { :display_name => user.display_name,
:client_application => { :name => "Test Application" } },
:session => { :user => user }
end
assert_response :success
assert_template "new"
assert_difference "ClientApplication.count", 1 do
post :create, {
:display_name => user.display_name,
:client_application => {
:name => "Test Application",
:url => "http://test.example.com/"
}
}, { :user => user }
post :create,
:params => { :display_name => user.display_name,
:client_application => { :name => "Test Application",
:url => "http://test.example.com/" } },
:session => { :user => user }
end
assert_response :redirect
assert_redirected_to oauth_client_path(:id => ClientApplication.find_by_name("Test Application").id)
assert_redirected_to oauth_client_path(:id => ClientApplication.find_by(:name => "Test Application").id)
end
def test_show
user = users(:public_user)
client = client_applications(:oauth_web_app)
user = create(:user)
client = create(:client_application, :user => user)
other_client = create(:client_application)
get :show, :display_name => user.display_name, :id => client.id
get :show,
:params => { :display_name => user.display_name, :id => client.id }
assert_response :redirect
assert_redirected_to login_path(:referer => oauth_client_path(:display_name => user.display_name, :id => client.id))
get :show, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user }
get :show,
:params => { :display_name => user.display_name, :id => other_client.id },
:session => { :user => user }
assert_response :not_found
assert_template "not_found"
get :show, { :display_name => user.display_name, :id => client.id }, { :user => user }
get :show,
:params => { :display_name => user.display_name, :id => client.id },
:session => { :user => user }
assert_response :success
assert_template "show"
end
def test_edit
user = users(:public_user)
client = client_applications(:oauth_web_app)
user = create(:user)
client = create(:client_application, :user => user)
other_client = create(:client_application)
get :edit, :display_name => user.display_name, :id => client.id
get :edit,
:params => { :display_name => user.display_name, :id => client.id }
assert_response :redirect
assert_redirected_to login_path(:referer => edit_oauth_client_path(:display_name => user.display_name, :id => client.id))
get :edit, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user }
get :edit,
:params => { :display_name => user.display_name, :id => other_client.id },
:session => { :user => user }
assert_response :not_found
assert_template "not_found"
get :edit, { :display_name => user.display_name, :id => client.id }, { :user => user }
get :edit,
:params => { :display_name => user.display_name, :id => client.id },
:session => { :user => user }
assert_response :success
assert_template "edit"
assert_select "form", 1 do
@ -146,56 +159,60 @@ class OauthClientsControllerTest < ActionController::TestCase
end
def test_update
user = users(:public_user)
client = client_applications(:oauth_web_app)
user = create(:user)
client = create(:client_application, :user => user)
other_client = create(:client_application)
put :update, :display_name => user.display_name, :id => client.id
put :update,
:params => { :display_name => user.display_name, :id => client.id }
assert_response :forbidden
put :update, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user }
put :update,
:params => { :display_name => user.display_name, :id => other_client.id },
:session => { :user => user }
assert_response :not_found
assert_template "not_found"
put :update, {
:display_name => user.display_name,
:id => client.id,
:client_application => {
:name => "New Name",
:url => nil
}
}, { :user => user }
put :update,
:params => { :display_name => user.display_name,
:id => client.id,
:client_application => { :name => "New Name", :url => nil } },
:session => { :user => user }
assert_response :success
assert_template "edit"
put :update, {
:display_name => user.display_name,
:id => client.id,
:client_application => {
:name => "New Name",
:url => "http://new.example.com/url"
}
}, { :user => user }
put :update,
:params => { :display_name => user.display_name,
:id => client.id,
:client_application => { :name => "New Name", :url => "http://new.example.com/url" } },
:session => { :user => user }
assert_response :redirect
assert_redirected_to oauth_client_path(:id => client.id)
end
def test_destroy
user = users(:public_user)
client = client_applications(:oauth_web_app)
user = create(:user)
client = create(:client_application, :user => user)
other_client = create(:client_application)
assert_difference "ClientApplication.count", 0 do
delete :destroy, :display_name => user.display_name, :id => client.id
delete :destroy,
:params => { :display_name => user.display_name, :id => client.id }
end
assert_response :forbidden
assert_difference "ClientApplication.count", 0 do
delete :destroy, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user }
delete :destroy,
:params => { :display_name => user.display_name, :id => other_client.id },
:session => { :user => user }
end
assert_response :not_found
assert_template "not_found"
assert_difference "ClientApplication.count", -1 do
delete :destroy, { :display_name => user.display_name, :id => client.id }, { :user => user }
delete :destroy,
:params => { :display_name => user.display_name, :id => client.id },
:session => { :user => user }
end
assert_response :redirect
assert_redirected_to oauth_clients_path(:display_name => user.display_name)

205
test/controllers/old_node_controller_test.rb
View file

@ -2,8 +2,6 @@ require "test_helper"
require "old_node_controller"
class OldNodeControllerTest < ActionController::TestCase
api_fixtures
#
# TODO: test history
#
@ -33,13 +31,21 @@ class OldNodeControllerTest < ActionController::TestCase
##
# FIXME: Move this test to being an integration test since it spans multiple controllers
def test_version
private_user = create(:user, :data_public => false)
private_node = create(:node, :with_history, :version => 4, :changeset => create(:changeset, :user => private_user))
user = create(:user)
node = create(:node, :with_history, :version => 4, :changeset => create(:changeset, :user => user))
create_list(:node_tag, 2, :node => node)
# Ensure that the current tags are propagated to the history too
propagate_tags(node, node.old_nodes.last)
## First try this with a non-public user
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
# setup a simple XML node
xml_doc = current_nodes(:visible_node).to_xml
xml_doc = private_node.to_xml
xml_node = xml_doc.find("//osm/node").first
nodeid = current_nodes(:visible_node).id
nodeid = private_node.id
# keep a hash of the versions => string, as we'll need something
# to test against later
@ -55,7 +61,7 @@ class OldNodeControllerTest < ActionController::TestCase
xml_node["lon"] = precision(rand * 360 - 180).to_s
with_controller(NodeController.new) do
content xml_doc
put :update, :id => nodeid
put :update, :params => { :id => nodeid }
assert_response :forbidden, "Should have rejected node update"
xml_node["version"] = @response.body.to_s
end
@ -71,7 +77,7 @@ class OldNodeControllerTest < ActionController::TestCase
xml_node << xml_tag
with_controller(NodeController.new) do
content xml_doc
put :update, :id => nodeid
put :update, :params => { :id => nodeid }
assert_response :forbidden,
"should have rejected node #{nodeid} (#{@response.body}) with forbidden"
xml_node["version"] = @response.body.to_s
@ -83,12 +89,13 @@ class OldNodeControllerTest < ActionController::TestCase
# probably should check that they didn't get written to the database
## Now do it with the public user
basic_authorization(users(:public_user).email, "test")
basic_authorization(user.email, "test")
# setup a simple XML node
xml_doc = current_nodes(:node_with_versions).to_xml
xml_doc = node.to_xml
xml_node = xml_doc.find("//osm/node").first
nodeid = current_nodes(:node_with_versions).id
nodeid = node.id
# keep a hash of the versions => string, as we'll need something
# to test against later
@ -104,7 +111,7 @@ class OldNodeControllerTest < ActionController::TestCase
xml_node["lon"] = precision(rand * 360 - 180).to_s
with_controller(NodeController.new) do
content xml_doc
put :update, :id => nodeid
put :update, :params => { :id => nodeid }
assert_response :success
xml_node["version"] = @response.body.to_s
end
@ -120,7 +127,7 @@ class OldNodeControllerTest < ActionController::TestCase
xml_node << xml_tag
with_controller(NodeController.new) do
content xml_doc
put :update, :id => nodeid
put :update, :params => { :id => nodeid }
assert_response :success,
"couldn't update node #{nodeid} (#{@response.body})"
xml_node["version"] = @response.body.to_s
@ -131,7 +138,7 @@ class OldNodeControllerTest < ActionController::TestCase
# check all the versions
versions.keys.each do |key|
get :version, :id => nodeid, :version => key.to_i
get :version, :params => { :id => nodeid, :version => key.to_i }
assert_response :success,
"couldn't get version #{key.to_i} of node #{nodeid}"
@ -146,12 +153,12 @@ class OldNodeControllerTest < ActionController::TestCase
def test_not_found_version
check_not_found_id_version(70000, 312344)
check_not_found_id_version(-1, -13)
check_not_found_id_version(nodes(:visible_node).id, 24354)
check_not_found_id_version(24356, nodes(:visible_node).version)
check_not_found_id_version(create(:node).id, 24354)
check_not_found_id_version(24356, create(:node).version)
end
def check_not_found_id_version(id, version)
get :version, :id => id, :version => version
get :version, :params => { :id => id, :version => version }
assert_response :not_found
rescue ActionController::UrlGenerationError => ex
assert_match /No route matches/, ex.to_s
@ -161,19 +168,37 @@ class OldNodeControllerTest < ActionController::TestCase
# Test that getting the current version is identical to picking
# that version with the version URI call.
def test_current_version
check_current_version(current_nodes(:visible_node))
check_current_version(current_nodes(:used_node_1))
check_current_version(current_nodes(:used_node_2))
check_current_version(current_nodes(:node_used_by_relationship))
check_current_version(current_nodes(:node_with_versions))
node = create(:node, :with_history)
used_node = create(:node, :with_history)
create(:way_node, :node => used_node)
node_used_by_relationship = create(:node, :with_history)
create(:relation_member, :member => node_used_by_relationship)
node_with_versions = create(:node, :with_history, :version => 4)
create(:node_tag, :node => node)
create(:node_tag, :node => used_node)
create(:node_tag, :node => node_used_by_relationship)
create(:node_tag, :node => node_with_versions)
propagate_tags(node, node.old_nodes.last)
propagate_tags(used_node, used_node.old_nodes.last)
propagate_tags(node_used_by_relationship, node_used_by_relationship.old_nodes.last)
propagate_tags(node_with_versions, node_with_versions.old_nodes.last)
check_current_version(node)
check_current_version(used_node)
check_current_version(node_used_by_relationship)
check_current_version(node_with_versions)
end
##
# test the redaction of an old version of a node, while not being
# authorised.
def test_redact_node_unauthorised
do_redact_node(nodes(:node_with_versions_v3),
redactions(:example))
node = create(:node, :with_history, :version => 4)
node_v3 = node.old_nodes.find_by(:version => 3)
do_redact_node(node_v3,
create(:redaction))
assert_response :unauthorized, "should need to be authenticated to redact."
end
@ -181,10 +206,13 @@ class OldNodeControllerTest < ActionController::TestCase
# test the redaction of an old version of a node, while being
# authorised as a normal user.
def test_redact_node_normal_user
basic_authorization(users(:public_user).email, "test")
basic_authorization(create(:user).email, "test")
do_redact_node(nodes(:node_with_versions_v3),
redactions(:example))
node = create(:node, :with_history, :version => 4)
node_v3 = node.old_nodes.find_by(:version => 3)
do_redact_node(node_v3,
create(:redaction))
assert_response :forbidden, "should need to be moderator to redact."
end
@ -192,10 +220,13 @@ class OldNodeControllerTest < ActionController::TestCase
# test that, even as moderator, the current version of a node
# can't be redacted.
def test_redact_node_current_version
basic_authorization(users(:moderator_user).email, "test")
basic_authorization(create(:moderator_user).email, "test")
do_redact_node(nodes(:node_with_versions_v4),
redactions(:example))
node = create(:node, :with_history, :version => 4)
node_v4 = node.old_nodes.find_by(:version => 4)
do_redact_node(node_v4,
create(:redaction))
assert_response :bad_request, "shouldn't be OK to redact current version as moderator."
end
@ -203,88 +234,96 @@ class OldNodeControllerTest < ActionController::TestCase
# test that redacted nodes aren't visible, regardless of
# authorisation except as moderator...
def test_version_redacted
node = nodes(:redacted_node_redacted_version)
node = create(:node, :with_history, :version => 2)
node_v1 = node.old_nodes.find_by(:version => 1)
node_v1.redact!(create(:redaction))
get :version, :id => node.node_id, :version => node.version
get :version, :params => { :id => node_v1.node_id, :version => node_v1.version }
assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
# not even to a logged-in user
basic_authorization(users(:public_user).email, "test")
get :version, :id => node.node_id, :version => node.version
basic_authorization(create(:user).email, "test")
get :version, :params => { :id => node_v1.node_id, :version => node_v1.version }
assert_response :forbidden, "Redacted node shouldn't be visible via the version API, even when logged in."
end
##
# test that redacted nodes aren't visible in the history
def test_history_redacted
node = nodes(:redacted_node_redacted_version)
node = create(:node, :with_history, :version => 2)
node_v1 = node.old_nodes.find_by(:version => 1)
node_v1.redact!(create(:redaction))
get :history, :id => node.node_id
get :history, :params => { :id => node_v1.node_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm node[id='#{node.node_id}'][version='#{node.version}']", 0, "redacted node #{node.node_id} version #{node.version} shouldn't be present in the history."
assert_select "osm node[id='#{node_v1.node_id}'][version='#{node_v1.version}']", 0, "redacted node #{node_v1.node_id} version #{node_v1.version} shouldn't be present in the history."
# not even to a logged-in user
basic_authorization(users(:public_user).email, "test")
get :history, :id => node.node_id
basic_authorization(create(:user).email, "test")
get :history, :params => { :id => node_v1.node_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm node[id='#{node.node_id}'][version='#{node.version}']", 0, "redacted node #{node.node_id} version #{node.version} shouldn't be present in the history, even when logged in."
assert_select "osm node[id='#{node_v1.node_id}'][version='#{node_v1.version}']", 0, "redacted node #{node_v1.node_id} version #{node_v1.version} shouldn't be present in the history, even when logged in."
end
##
# test the redaction of an old version of a node, while being
# authorised as a moderator.
def test_redact_node_moderator
node = nodes(:node_with_versions_v3)
basic_authorization(users(:moderator_user).email, "test")
node = create(:node, :with_history, :version => 4)
node_v3 = node.old_nodes.find_by(:version => 3)
basic_authorization(create(:moderator_user).email, "test")
do_redact_node(node, redactions(:example))
do_redact_node(node_v3, create(:redaction))
assert_response :success, "should be OK to redact old version as moderator."
# check moderator can still see the redacted data, when passing
# the appropriate flag
get :version, :id => node.node_id, :version => node.version
get :version, :params => { :id => node_v3.node_id, :version => node_v3.version }
assert_response :forbidden, "After redaction, node should be gone for moderator, when flag not passed."
get :version, :id => node.node_id, :version => node.version, :show_redactions => "true"
get :version, :params => { :id => node_v3.node_id, :version => node_v3.version, :show_redactions => "true" }
assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
# and when accessed via history
get :history, :id => node.node_id
get :history, :params => { :id => node_v3.node_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm node[id='#{node.node_id}'][version='#{node.version}']", 0, "node #{node.node_id} version #{node.version} should not be present in the history for moderators when not passing flag."
get :history, :id => node.node_id, :show_redactions => "true"
assert_select "osm node[id='#{node_v3.node_id}'][version='#{node_v3.version}']", 0, "node #{node_v3.node_id} version #{node_v3.version} should not be present in the history for moderators when not passing flag."
get :history, :params => { :id => node_v3.node_id, :show_redactions => "true" }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm node[id='#{node.node_id}'][version='#{node.version}']", 1, "node #{node.node_id} version #{node.version} should still be present in the history for moderators when passing flag."
assert_select "osm node[id='#{node_v3.node_id}'][version='#{node_v3.version}']", 1, "node #{node_v3.node_id} version #{node_v3.version} should still be present in the history for moderators when passing flag."
end
# testing that if the moderator drops auth, he can't see the
# redacted stuff any more.
def test_redact_node_is_redacted
node = nodes(:node_with_versions_v3)
basic_authorization(users(:moderator_user).email, "test")
node = create(:node, :with_history, :version => 4)
node_v3 = node.old_nodes.find_by(:version => 3)
basic_authorization(create(:moderator_user).email, "test")
do_redact_node(node, redactions(:example))
do_redact_node(node_v3, create(:redaction))
assert_response :success, "should be OK to redact old version as moderator."
# re-auth as non-moderator
basic_authorization(users(:public_user).email, "test")
basic_authorization(create(:user).email, "test")
# check can't see the redacted data
get :version, :id => node.node_id, :version => node.version
get :version, :params => { :id => node_v3.node_id, :version => node_v3.version }
assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
# and when accessed via history
get :history, :id => node.node_id
get :history, :params => { :id => node_v3.node_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm node[id='#{node.node_id}'][version='#{node.version}']", 0, "redacted node #{node.node_id} version #{node.version} shouldn't be present in the history."
assert_select "osm node[id='#{node_v3.node_id}'][version='#{node_v3.version}']", 0, "redacted node #{node_v3.node_id} version #{node_v3.version} shouldn't be present in the history."
end
##
# test the unredaction of an old version of a node, while not being
# authorised.
def test_unredact_node_unauthorised
node = nodes(:redacted_node_redacted_version)
node = create(:node, :with_history, :version => 2)
node_v1 = node.old_nodes.find_by(:version => 1)
node_v1.redact!(create(:redaction))
post :redact, :id => node.node_id, :version => node.version
post :redact, :params => { :id => node_v1.node_id, :version => node_v1.version }
assert_response :unauthorized, "should need to be authenticated to unredact."
end
@ -292,10 +331,14 @@ class OldNodeControllerTest < ActionController::TestCase
# test the unredaction of an old version of a node, while being
# authorised as a normal user.
def test_unredact_node_normal_user
node = nodes(:redacted_node_redacted_version)
basic_authorization(users(:public_user).email, "test")
user = create(:user)
node = create(:node, :with_history, :version => 2)
node_v1 = node.old_nodes.find_by(:version => 1)
node_v1.redact!(create(:redaction))
post :redact, :id => node.node_id, :version => node.version
basic_authorization(user.email, "test")
post :redact, :params => { :id => node_v1.node_id, :version => node_v1.version }
assert_response :forbidden, "should need to be moderator to unredact."
end
@ -303,55 +346,59 @@ class OldNodeControllerTest < ActionController::TestCase
# test the unredaction of an old version of a node, while being
# authorised as a moderator.
def test_unredact_node_moderator
node = nodes(:redacted_node_redacted_version)
basic_authorization(users(:moderator_user).email, "test")
moderator_user = create(:moderator_user)
node = create(:node, :with_history, :version => 2)
node_v1 = node.old_nodes.find_by(:version => 1)
node_v1.redact!(create(:redaction))
post :redact, :id => node.node_id, :version => node.version
assert_response :success, "should be OK to redact old version as moderator."
basic_authorization(moderator_user.email, "test")
post :redact, :params => { :id => node_v1.node_id, :version => node_v1.version }
assert_response :success, "should be OK to unredact old version as moderator."
# check moderator can now see the redacted data, when not
# passing the aspecial flag
get :version, :id => node.node_id, :version => node.version
get :version, :params => { :id => node_v1.node_id, :version => node_v1.version }
assert_response :success, "After unredaction, node should not be gone for moderator."
# and when accessed via history
get :history, :id => node.node_id
get :history, :params => { :id => node_v1.node_id }
assert_response :success, "Unredaction shouldn't have stopped history working."
assert_select "osm node[id='#{node.node_id}'][version='#{node.version}']", 1, "node #{node.node_id} version #{node.version} should now be present in the history for moderators without passing flag."
assert_select "osm node[id='#{node_v1.node_id}'][version='#{node_v1.version}']", 1, "node #{node_v1.node_id} version #{node_v1.version} should now be present in the history for moderators without passing flag."
basic_authorization(users(:normal_user).email, "test")
basic_authorization(create(:user).email, "test")
# check normal user can now see the redacted data
get :version, :id => node.node_id, :version => node.version
assert_response :success, "After unredaction, node should not be gone for moderator."
get :version, :params => { :id => node_v1.node_id, :version => node_v1.version }
assert_response :success, "After unredaction, node should be visible to normal users."
# and when accessed via history
get :history, :id => node.node_id
get :history, :params => { :id => node_v1.node_id }
assert_response :success, "Unredaction shouldn't have stopped history working."
assert_select "osm node[id='#{node.node_id}'][version='#{node.version}']", 1, "node #{node.node_id} version #{node.version} should now be present in the history for moderators without passing flag."
assert_select "osm node[id='#{node_v1.node_id}'][version='#{node_v1.version}']", 1, "node #{node_v1.node_id} version #{node_v1.version} should now be present in the history for normal users without passing flag."
end
private
def do_redact_node(node, redaction)
get :version, :id => node.node_id, :version => node.version
get :version, :params => { :id => node.node_id, :version => node.version }
assert_response :success, "should be able to get version #{node.version} of node #{node.node_id}."
# now redact it
post :redact, :id => node.node_id, :version => node.version, :redaction => redaction.id
post :redact, :params => { :id => node.node_id, :version => node.version, :redaction => redaction.id }
end
def check_current_version(node_id)
# get the current version of the node
current_node = with_controller(NodeController.new) do
get :read, :id => node_id
get :read, :params => { :id => node_id }
assert_response :success, "cant get current node #{node_id}"
Node.from_xml(@response.body)
end
assert_not_nil current_node, "getting node #{node_id} returned nil"
# get the "old" version of the node from the old_node interface
get :version, :id => node_id, :version => current_node.version
get :version, :params => { :id => node_id, :version => current_node.version }
assert_response :success, "cant get old node #{node_id}, v#{current_node.version}"
old_node = Node.from_xml(@response.body)
@ -377,4 +424,10 @@ class OldNodeControllerTest < ActionController::TestCase
def precision(f)
(f * GeoRecord::SCALE).round.to_f / GeoRecord::SCALE
end
def propagate_tags(node, old_node)
node.tags.each do |k, v|
create(:old_node_tag, :old_node => old_node, :k => k, :v => v)
end
end
end

158
test/controllers/old_relation_controller_test.rb
View file

@ -2,8 +2,6 @@ require "test_helper"
require "old_relation_controller"
class OldRelationControllerTest < ActionController::TestCase
api_fixtures
##
# test all routes which lead to this controller
def test_routes
@ -26,11 +24,11 @@ class OldRelationControllerTest < ActionController::TestCase
# -------------------------------------
def test_history
# check that a visible relations is returned properly
get :history, :id => relations(:visible_relation).relation_id
get :history, :params => { :id => create(:relation, :with_history).id }
assert_response :success
# check chat a non-existent relations is not returned
get :history, :id => 0
get :history, :params => { :id => 0 }
assert_response :not_found
end
@ -38,8 +36,10 @@ class OldRelationControllerTest < ActionController::TestCase
# test the redaction of an old version of a relation, while not being
# authorised.
def test_redact_relation_unauthorised
do_redact_relation(relations(:relation_with_versions_v3),
redactions(:example))
relation = create(:relation, :with_history, :version => 4)
relation_v3 = relation.old_relations.find_by(:version => 3)
do_redact_relation(relation_v3, create(:redaction))
assert_response :unauthorized, "should need to be authenticated to redact."
end
@ -47,10 +47,12 @@ class OldRelationControllerTest < ActionController::TestCase
# test the redaction of an old version of a relation, while being
# authorised as a normal user.
def test_redact_relation_normal_user
basic_authorization(users(:public_user).email, "test")
relation = create(:relation, :with_history, :version => 4)
relation_v3 = relation.old_relations.find_by(:version => 3)
do_redact_relation(relations(:relation_with_versions_v3),
redactions(:example))
basic_authorization(create(:user).email, "test")
do_redact_relation(relation_v3, create(:redaction))
assert_response :forbidden, "should need to be moderator to redact."
end
@ -58,10 +60,12 @@ class OldRelationControllerTest < ActionController::TestCase
# test that, even as moderator, the current version of a relation
# can't be redacted.
def test_redact_relation_current_version
basic_authorization(users(:moderator_user).email, "test")
relation = create(:relation, :with_history, :version => 4)
relation_latest = relation.old_relations.last
do_redact_relation(relations(:relation_with_versions_v4),
redactions(:example))
basic_authorization(create(:moderator_user).email, "test")
do_redact_relation(relation_latest, create(:redaction))
assert_response :bad_request, "shouldn't be OK to redact current version as moderator."
end
@ -69,89 +73,99 @@ class OldRelationControllerTest < ActionController::TestCase
# test that redacted relations aren't visible, regardless of
# authorisation except as moderator...
def test_version_redacted
relation = relations(:relation_with_redacted_versions_v2)
relation = create(:relation, :with_history, :version => 2)
relation_v1 = relation.old_relations.find_by(:version => 1)
relation_v1.redact!(create(:redaction))
get :version, :id => relation.relation_id, :version => relation.version
assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
get :version, :params => { :id => relation_v1.relation_id, :version => relation_v1.version }
assert_response :forbidden, "Redacted relation shouldn't be visible via the version API."
# not even to a logged-in user
basic_authorization(users(:public_user).email, "test")
get :version, :id => relation.relation_id, :version => relation.version
assert_response :forbidden, "Redacted node shouldn't be visible via the version API, even when logged in."
basic_authorization(create(:user).email, "test")
get :version, :params => { :id => relation_v1.relation_id, :version => relation_v1.version }
assert_response :forbidden, "Redacted relation shouldn't be visible via the version API, even when logged in."
end
##
# test that redacted nodes aren't visible in the history
# test that redacted relations aren't visible in the history
def test_history_redacted
relation = relations(:relation_with_redacted_versions_v2)
relation = create(:relation, :with_history, :version => 2)
relation_v1 = relation.old_relations.find_by(:version => 1)
relation_v1.redact!(create(:redaction))
get :history, :id => relation.relation_id
get :history, :params => { :id => relation_v1.relation_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm relation[id='#{relation.relation_id}'][version='#{relation.version}']", 0, "redacted relation #{relation.relation_id} version #{relation.version} shouldn't be present in the history."
assert_select "osm relation[id='#{relation_v1.relation_id}'][version='#{relation_v1.version}']", 0, "redacted relation #{relation_v1.relation_id} version #{relation_v1.version} shouldn't be present in the history."
# not even to a logged-in user
basic_authorization(users(:public_user).email, "test")
get :version, :id => relation.relation_id, :version => relation.version
get :history, :id => relation.relation_id
basic_authorization(create(:user).email, "test")
get :version, :params => { :id => relation_v1.relation_id, :version => relation_v1.version }
get :history, :params => { :id => relation_v1.relation_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm relation[id='#{relation.relation_id}'][version='#{relation.version}']", 0, "redacted node #{relation.relation_id} version #{relation.version} shouldn't be present in the history, even when logged in."
assert_select "osm relation[id='#{relation_v1.relation_id}'][version='#{relation_v1.version}']", 0, "redacted relation #{relation_v1.relation_id} version #{relation_v1.version} shouldn't be present in the history, even when logged in."
end
##
# test the redaction of an old version of a relation, while being
# authorised as a moderator.
def test_redact_relation_moderator
relation = relations(:relation_with_versions_v3)
basic_authorization(users(:moderator_user).email, "test")
relation = create(:relation, :with_history, :version => 4)
relation_v3 = relation.old_relations.find_by(:version => 3)
do_redact_relation(relation, redactions(:example))
basic_authorization(create(:moderator_user).email, "test")
do_redact_relation(relation_v3, create(:redaction))
assert_response :success, "should be OK to redact old version as moderator."
# check moderator can still see the redacted data, when passing
# the appropriate flag
get :version, :id => relation.relation_id, :version => relation.version
assert_response :forbidden, "After redaction, node should be gone for moderator, when flag not passed."
get :version, :id => relation.relation_id, :version => relation.version, :show_redactions => "true"
assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
get :version, :params => { :id => relation_v3.relation_id, :version => relation_v3.version }
assert_response :forbidden, "After redaction, relation should be gone for moderator, when flag not passed."
get :version, :params => { :id => relation_v3.relation_id, :version => relation_v3.version, :show_redactions => "true" }
assert_response :success, "After redaction, relation should not be gone for moderator, when flag passed."
# and when accessed via history
get :history, :id => relation.relation_id
get :history, :params => { :id => relation_v3.relation_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm relation[id='#{relation.relation_id}'][version='#{relation.version}']", 0, "relation #{relation.relation_id} version #{relation.version} should not be present in the history for moderators when not passing flag."
get :history, :id => relation.relation_id, :show_redactions => "true"
assert_select "osm relation[id='#{relation_v3.relation_id}'][version='#{relation_v3.version}']", 0, "relation #{relation_v3.relation_id} version #{relation_v3.version} should not be present in the history for moderators when not passing flag."
get :history, :params => { :id => relation_v3.relation_id, :show_redactions => "true" }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm relation[id='#{relation.relation_id}'][version='#{relation.version}']", 1, "relation #{relation.relation_id} version #{relation.version} should still be present in the history for moderators when passing flag."
assert_select "osm relation[id='#{relation_v3.relation_id}'][version='#{relation_v3.version}']", 1, "relation #{relation_v3.relation_id} version #{relation_v3.version} should still be present in the history for moderators when passing flag."
end
# testing that if the moderator drops auth, he can't see the
# redacted stuff any more.
def test_redact_relation_is_redacted
relation = relations(:relation_with_versions_v3)
basic_authorization(users(:moderator_user).email, "test")
relation = create(:relation, :with_history, :version => 4)
relation_v3 = relation.old_relations.find_by(:version => 3)
do_redact_relation(relation, redactions(:example))
basic_authorization(create(:moderator_user).email, "test")
do_redact_relation(relation_v3, create(:redaction))
assert_response :success, "should be OK to redact old version as moderator."
# re-auth as non-moderator
basic_authorization(users(:public_user).email, "test")
basic_authorization(create(:user).email, "test")
# check can't see the redacted data
get :version, :id => relation.relation_id, :version => relation.version
assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
get :version, :params => { :id => relation_v3.relation_id, :version => relation_v3.version }
assert_response :forbidden, "Redacted relation shouldn't be visible via the version API."
# and when accessed via history
get :history, :id => relation.relation_id
get :history, :params => { :id => relation_v3.relation_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm relation[id='#{relation.relation_id}'][version='#{relation.version}']", 0, "redacted relation #{relation.relation_id} version #{relation.version} shouldn't be present in the history."
assert_select "osm relation[id='#{relation_v3.relation_id}'][version='#{relation_v3.version}']", 0, "redacted relation #{relation_v3.relation_id} version #{relation_v3.version} shouldn't be present in the history."
end
##
# test the unredaction of an old version of a relation, while not being
# authorised.
def test_unredact_relation_unauthorised
relation = relations(:relation_with_redacted_versions_v3)
relation = create(:relation, :with_history, :version => 2)
relation_v1 = relation.old_relations.find_by(:version => 1)
relation_v1.redact!(create(:redaction))
post :redact, :id => relation.relation_id, :version => relation.version
post :redact, :params => { :id => relation_v1.relation_id, :version => relation_v1.version }
assert_response :unauthorized, "should need to be authenticated to unredact."
end
@ -159,10 +173,13 @@ class OldRelationControllerTest < ActionController::TestCase
# test the unredaction of an old version of a relation, while being
# authorised as a normal user.
def test_unredact_relation_normal_user
relation = relations(:relation_with_redacted_versions_v3)
basic_authorization(users(:public_user).email, "test")
relation = create(:relation, :with_history, :version => 2)
relation_v1 = relation.old_relations.find_by(:version => 1)
relation_v1.redact!(create(:redaction))
post :redact, :id => relation.relation_id, :version => relation.version
basic_authorization(create(:user).email, "test")
post :redact, :params => { :id => relation_v1.relation_id, :version => relation_v1.version }
assert_response :forbidden, "should need to be moderator to unredact."
end
@ -170,32 +187,35 @@ class OldRelationControllerTest < ActionController::TestCase
# test the unredaction of an old version of a relation, while being
# authorised as a moderator.
def test_unredact_relation_moderator
relation = relations(:relation_with_redacted_versions_v3)
basic_authorization(users(:moderator_user).email, "test")
relation = create(:relation, :with_history, :version => 2)
relation_v1 = relation.old_relations.find_by(:version => 1)
relation_v1.redact!(create(:redaction))
post :redact, :id => relation.relation_id, :version => relation.version
basic_authorization(create(:moderator_user).email, "test")
post :redact, :params => { :id => relation_v1.relation_id, :version => relation_v1.version }
assert_response :success, "should be OK to unredact old version as moderator."
# check moderator can still see the redacted data, without passing
# the appropriate flag
get :version, :id => relation.relation_id, :version => relation.version
assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
get :version, :params => { :id => relation_v1.relation_id, :version => relation_v1.version }
assert_response :success, "After unredaction, relation should not be gone for moderator."
# and when accessed via history
get :history, :id => relation.relation_id
get :history, :params => { :id => relation_v1.relation_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm relation[id='#{relation.relation_id}'][version='#{relation.version}']", 1, "relation #{relation.relation_id} version #{relation.version} should still be present in the history for moderators when passing flag."
assert_select "osm relation[id='#{relation_v1.relation_id}'][version='#{relation_v1.version}']", 1, "relation #{relation_v1.relation_id} version #{relation_v1.version} should still be present in the history for moderators."
basic_authorization(users(:normal_user).email, "test")
basic_authorization(create(:user).email, "test")
# check normal user can now see the redacted data
get :version, :id => relation.relation_id, :version => relation.version
assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
get :version, :params => { :id => relation_v1.relation_id, :version => relation_v1.version }
assert_response :success, "After redaction, node should not be gone for normal user."
# and when accessed via history
get :history, :id => relation.relation_id
get :history, :params => { :id => relation_v1.relation_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm relation[id='#{relation.relation_id}'][version='#{relation.version}']", 1, "relation #{relation.relation_id} version #{relation.version} should still be present in the history for moderators when passing flag."
assert_select "osm relation[id='#{relation_v1.relation_id}'][version='#{relation_v1.version}']", 1, "relation #{relation_v1.relation_id} version #{relation_v1.version} should still be present in the history for normal users."
end
private
@ -206,14 +226,14 @@ class OldRelationControllerTest < ActionController::TestCase
def check_current_version(relation_id)
# get the current version
current_relation = with_controller(RelationController.new) do
get :read, :id => relation_id
get :read, :params => { :id => relation_id }
assert_response :success, "can't get current relation #{relation_id}"
Relation.from_xml(@response.body)
end
assert_not_nil current_relation, "getting relation #{relation_id} returned nil"
# get the "old" version of the relation from the version method
get :version, :id => relation_id, :version => current_relation.version
get :version, :params => { :id => relation_id, :version => current_relation.version }
assert_response :success, "can't get old relation #{relation_id}, v#{current_relation.version}"
old_relation = Relation.from_xml(@response.body)
@ -225,7 +245,7 @@ class OldRelationControllerTest < ActionController::TestCase
# look at all the versions of the relation in the history and get each version from
# the versions call. check that they're the same.
def check_history_equals_versions(relation_id)
get :history, :id => relation_id
get :history, :params => { :id => relation_id }
assert_response :success, "can't get relation #{relation_id} from API"
history_doc = XML::Parser.string(@response.body).parse
assert_not_nil history_doc, "parsing relation #{relation_id} history failed"
@ -234,7 +254,7 @@ class OldRelationControllerTest < ActionController::TestCase
history_relation = Relation.from_xml_node(relation_doc)
assert_not_nil history_relation, "parsing relation #{relation_id} version failed"
get :version, :id => relation_id, :version => history_relation.version
get :version, :params => { :id => relation_id, :version => history_relation.version }
assert_response :success, "couldn't get relation #{relation_id}, v#{history_relation.version}"
version_relation = Relation.from_xml(@response.body)
assert_not_nil version_relation, "failed to parse #{relation_id}, v#{history_relation.version}"
@ -244,10 +264,10 @@ class OldRelationControllerTest < ActionController::TestCase
end
def do_redact_relation(relation, redaction)
get :version, :id => relation.relation_id, :version => relation.version
assert_response :success, "should be able to get version #{relation.version} of node #{relation.relation_id}."
get :version, :params => { :id => relation.relation_id, :version => relation.version }
assert_response :success, "should be able to get version #{relation.version} of relation #{relation.relation_id}."
# now redact it
post :redact, :id => relation.relation_id, :version => relation.version, :redaction => redaction.id
post :redact, :params => { :id => relation.relation_id, :version => relation.version, :redaction => redaction.id }
end
end

198
test/controllers/old_way_controller_test.rb
View file

@ -2,8 +2,6 @@ require "test_helper"
require "old_way_controller"
class OldWayControllerTest < ActionController::TestCase
api_fixtures
##
# test all routes which lead to this controller
def test_routes
@ -27,45 +25,64 @@ class OldWayControllerTest < ActionController::TestCase
def test_history_visible
# check that a visible way is returned properly
get :history, :id => ways(:visible_way).way_id
get :history, :params => { :id => create(:way, :with_history).id }
assert_response :success
end
def test_history_invisible
# check that an invisible way's history is returned properly
get :history, :id => ways(:invisible_way).way_id
get :history, :params => { :id => create(:way, :with_history, :deleted).id }
assert_response :success
end
def test_history_invalid
# check chat a non-existent way is not returned
get :history, :id => 0
get :history, :params => { :id => 0 }
assert_response :not_found
end
##
# check that we can retrieve versions of a way
def test_version
check_current_version(current_ways(:visible_way).id)
check_current_version(current_ways(:used_way).id)
check_current_version(current_ways(:way_with_versions).id)
way = create(:way, :with_history)
used_way = create(:way, :with_history)
create(:relation_member, :member => used_way)
way_with_versions = create(:way, :with_history, :version => 4)
create(:way_tag, :way => way)
create(:way_tag, :way => used_way)
create(:way_tag, :way => way_with_versions)
propagate_tags(way, way.old_ways.last)
propagate_tags(used_way, used_way.old_ways.last)
propagate_tags(way_with_versions, way_with_versions.old_ways.last)
check_current_version(way.id)
check_current_version(used_way.id)
check_current_version(way_with_versions.id)
end
##
# check that returned history is the same as getting all
# versions of a way from the api.
def test_history_equals_versions
check_history_equals_versions(current_ways(:visible_way).id)
check_history_equals_versions(current_ways(:used_way).id)
check_history_equals_versions(current_ways(:way_with_versions).id)
way = create(:way, :with_history)
used_way = create(:way, :with_history)
create(:relation_member, :member => used_way)
way_with_versions = create(:way, :with_history, :version => 4)
check_history_equals_versions(way.id)
check_history_equals_versions(used_way.id)
check_history_equals_versions(way_with_versions.id)
end
##
# test the redaction of an old version of a way, while not being
# authorised.
def test_redact_way_unauthorised
do_redact_way(ways(:way_with_versions_v3),
redactions(:example))
way = create(:way, :with_history, :version => 4)
way_v3 = way.old_ways.find_by(:version => 3)
do_redact_way(way_v3, create(:redaction))
assert_response :unauthorized, "should need to be authenticated to redact."
end
@ -73,10 +90,11 @@ class OldWayControllerTest < ActionController::TestCase
# test the redaction of an old version of a way, while being
# authorised as a normal user.
def test_redact_way_normal_user
basic_authorization(users(:public_user).email, "test")
basic_authorization(create(:user).email, "test")
way = create(:way, :with_history, :version => 4)
way_v3 = way.old_ways.find_by(:version => 3)
do_redact_way(ways(:way_with_versions_v3),
redactions(:example))
do_redact_way(way_v3, create(:redaction))
assert_response :forbidden, "should need to be moderator to redact."
end
@ -84,10 +102,11 @@ class OldWayControllerTest < ActionController::TestCase
# test that, even as moderator, the current version of a way
# can't be redacted.
def test_redact_way_current_version
basic_authorization(users(:moderator_user).email, "test")
basic_authorization(create(:moderator_user).email, "test")
way = create(:way, :with_history, :version => 4)
way_latest = way.old_ways.last
do_redact_way(ways(:way_with_versions_v4),
redactions(:example))
do_redact_way(way_latest, create(:redaction))
assert_response :bad_request, "shouldn't be OK to redact current version as moderator."
end
@ -95,89 +114,97 @@ class OldWayControllerTest < ActionController::TestCase
# test that redacted ways aren't visible, regardless of
# authorisation except as moderator...
def test_version_redacted
way = ways(:way_with_redacted_versions_v2)
way = create(:way, :with_history, :version => 2)
way_v1 = way.old_ways.find_by(:version => 1)
way_v1.redact!(create(:redaction))
get :version, :id => way.way_id, :version => way.version
assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
get :version, :params => { :id => way_v1.way_id, :version => way_v1.version }
assert_response :forbidden, "Redacted way shouldn't be visible via the version API."
# not even to a logged-in user
basic_authorization(users(:public_user).email, "test")
get :version, :id => way.way_id, :version => way.version
assert_response :forbidden, "Redacted node shouldn't be visible via the version API, even when logged in."
basic_authorization(create(:user).email, "test")
get :version, :params => { :id => way_v1.way_id, :version => way_v1.version }
assert_response :forbidden, "Redacted way shouldn't be visible via the version API, even when logged in."
end
##
# test that redacted nodes aren't visible in the history
# test that redacted ways aren't visible in the history
def test_history_redacted
way = ways(:way_with_redacted_versions_v2)
way = create(:way, :with_history, :version => 2)
way_v1 = way.old_ways.find_by(:version => 1)
way_v1.redact!(create(:redaction))
get :history, :id => way.way_id
get :history, :params => { :id => way_v1.way_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm way[id='#{way.way_id}'][version='#{way.version}']", 0, "redacted way #{way.way_id} version #{way.version} shouldn't be present in the history."
assert_select "osm way[id='#{way_v1.way_id}'][version='#{way_v1.version}']", 0, "redacted way #{way_v1.way_id} version #{way_v1.version} shouldn't be present in the history."
# not even to a logged-in user
basic_authorization(users(:public_user).email, "test")
get :version, :id => way.way_id, :version => way.version
get :history, :id => way.way_id
basic_authorization(create(:user).email, "test")
get :version, :params => { :id => way_v1.way_id, :version => way_v1.version }
get :history, :params => { :id => way_v1.way_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm way[id='#{way.way_id}'][version='#{way.version}']", 0, "redacted node #{way.way_id} version #{way.version} shouldn't be present in the history, even when logged in."
assert_select "osm way[id='#{way_v1.way_id}'][version='#{way_v1.version}']", 0, "redacted node #{way_v1.way_id} version #{way_v1.version} shouldn't be present in the history, even when logged in."
end
##
# test the redaction of an old version of a way, while being
# authorised as a moderator.
def test_redact_way_moderator
way = ways(:way_with_versions_v3)
basic_authorization(users(:moderator_user).email, "test")
way = create(:way, :with_history, :version => 4)
way_v3 = way.old_ways.find_by(:version => 3)
basic_authorization(create(:moderator_user).email, "test")
do_redact_way(way, redactions(:example))
do_redact_way(way_v3, create(:redaction))
assert_response :success, "should be OK to redact old version as moderator."
# check moderator can still see the redacted data, when passing
# the appropriate flag
get :version, :id => way.way_id, :version => way.version
get :version, :params => { :id => way_v3.way_id, :version => way_v3.version }
assert_response :forbidden, "After redaction, node should be gone for moderator, when flag not passed."
get :version, :id => way.way_id, :version => way.version, :show_redactions => "true"
get :version, :params => { :id => way_v3.way_id, :version => way_v3.version, :show_redactions => "true" }
assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
# and when accessed via history
get :history, :id => way.way_id
get :history, :params => { :id => way_v3.way_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm way[id='#{way.way_id}'][version='#{way.version}']", 0, "way #{way.way_id} version #{way.version} should not be present in the history for moderators when not passing flag."
get :history, :id => way.way_id, :show_redactions => "true"
assert_select "osm way[id='#{way_v3.way_id}'][version='#{way_v3.version}']", 0, "way #{way_v3.way_id} version #{way_v3.version} should not be present in the history for moderators when not passing flag."
get :history, :params => { :id => way_v3.way_id, :show_redactions => "true" }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm way[id='#{way.way_id}'][version='#{way.version}']", 1, "way #{way.way_id} version #{way.version} should still be present in the history for moderators when passing flag."
assert_select "osm way[id='#{way_v3.way_id}'][version='#{way_v3.version}']", 1, "way #{way_v3.way_id} version #{way_v3.version} should still be present in the history for moderators when passing flag."
end
# testing that if the moderator drops auth, he can't see the
# redacted stuff any more.
def test_redact_way_is_redacted
way = ways(:way_with_versions_v3)
basic_authorization(users(:moderator_user).email, "test")
way = create(:way, :with_history, :version => 4)
way_v3 = way.old_ways.find_by(:version => 3)
basic_authorization(create(:moderator_user).email, "test")
do_redact_way(way, redactions(:example))
do_redact_way(way_v3, create(:redaction))
assert_response :success, "should be OK to redact old version as moderator."
# re-auth as non-moderator
basic_authorization(users(:public_user).email, "test")
basic_authorization(create(:user).email, "test")
# check can't see the redacted data
get :version, :id => way.way_id, :version => way.version
get :version, :params => { :id => way_v3.way_id, :version => way_v3.version }
assert_response :forbidden, "Redacted node shouldn't be visible via the version API."
# and when accessed via history
get :history, :id => way.way_id
get :history, :params => { :id => way_v3.way_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm way[id='#{way.way_id}'][version='#{way.version}']", 0, "redacted way #{way.way_id} version #{way.version} shouldn't be present in the history."
assert_select "osm way[id='#{way_v3.way_id}'][version='#{way_v3.version}']", 0, "redacted way #{way_v3.way_id} version #{way_v3.version} shouldn't be present in the history."
end
##
# test the unredaction of an old version of a way, while not being
# authorised.
def test_unredact_way_unauthorised
way = ways(:way_with_redacted_versions_v3)
way = create(:way, :with_history, :version => 2)
way_v1 = way.old_ways.find_by(:version => 1)
way_v1.redact!(create(:redaction))
post :redact, :id => way.way_id, :version => way.version
post :redact, :params => { :id => way_v1.way_id, :version => way_v1.version }
assert_response :unauthorized, "should need to be authenticated to unredact."
end
@ -185,10 +212,13 @@ class OldWayControllerTest < ActionController::TestCase
# test the unredaction of an old version of a way, while being
# authorised as a normal user.
def test_unredact_way_normal_user
way = ways(:way_with_redacted_versions_v3)
basic_authorization(users(:public_user).email, "test")
way = create(:way, :with_history, :version => 2)
way_v1 = way.old_ways.find_by(:version => 1)
way_v1.redact!(create(:redaction))
post :redact, :id => way.way_id, :version => way.version
basic_authorization(create(:user).email, "test")
post :redact, :params => { :id => way_v1.way_id, :version => way_v1.version }
assert_response :forbidden, "should need to be moderator to unredact."
end
@ -196,32 +226,36 @@ class OldWayControllerTest < ActionController::TestCase
# test the unredaction of an old version of a way, while being
# authorised as a moderator.
def test_unredact_way_moderator
way = ways(:way_with_redacted_versions_v3)
basic_authorization(users(:moderator_user).email, "test")
moderator_user = create(:moderator_user)
way = create(:way, :with_history, :version => 2)
way_v1 = way.old_ways.find_by(:version => 1)
way_v1.redact!(create(:redaction))
post :redact, :id => way.way_id, :version => way.version
basic_authorization(moderator_user.email, "test")
post :redact, :params => { :id => way_v1.way_id, :version => way_v1.version }
assert_response :success, "should be OK to unredact old version as moderator."
# check moderator can still see the redacted data, without passing
# check moderator can still see the unredacted data, without passing
# the appropriate flag
get :version, :id => way.way_id, :version => way.version
get :version, :params => { :id => way_v1.way_id, :version => way_v1.version }
assert_response :success, "After unredaction, node should not be gone for moderator."
# and when accessed via history
get :history, :params => { :id => way_v1.way_id }
assert_response :success, "Unredaction shouldn't have stopped history working."
assert_select "osm way[id='#{way_v1.way_id}'][version='#{way_v1.version}']", 1, "way #{way_v1.way_id} version #{way_v1.version} should still be present in the history for moderators."
basic_authorization(create(:user).email, "test")
# check normal user can now see the unredacted data
get :version, :params => { :id => way_v1.way_id, :version => way_v1.version }
assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
# and when accessed via history
get :history, :id => way.way_id
get :history, :params => { :id => way_v1.way_id }
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm way[id='#{way.way_id}'][version='#{way.version}']", 1, "way #{way.way_id} version #{way.version} should still be present in the history for moderators when passing flag."
basic_authorization(users(:normal_user).email, "test")
# check normal user can now see the redacted data
get :version, :id => way.way_id, :version => way.version
assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."
# and when accessed via history
get :history, :id => way.way_id
assert_response :success, "Redaction shouldn't have stopped history working."
assert_select "osm way[id='#{way.way_id}'][version='#{way.version}']", 1, "way #{way.way_id} version #{way.version} should still be present in the history for moderators when passing flag."
assert_select "osm way[id='#{way_v1.way_id}'][version='#{way_v1.version}']", 1, "way #{way_v1.way_id} version #{way_v1.version} should still be present in the history for normal users."
end
private
@ -232,14 +266,14 @@ class OldWayControllerTest < ActionController::TestCase
def check_current_version(way_id)
# get the current version
current_way = with_controller(WayController.new) do
get :read, :id => way_id
get :read, :params => { :id => way_id }
assert_response :success, "can't get current way #{way_id}"
Way.from_xml(@response.body)
end
assert_not_nil current_way, "getting way #{way_id} returned nil"
# get the "old" version of the way from the version method
get :version, :id => way_id, :version => current_way.version
get :version, :params => { :id => way_id, :version => current_way.version }
assert_response :success, "can't get old way #{way_id}, v#{current_way.version}"
old_way = Way.from_xml(@response.body)
@ -251,7 +285,7 @@ class OldWayControllerTest < ActionController::TestCase
# look at all the versions of the way in the history and get each version from
# the versions call. check that they're the same.
def check_history_equals_versions(way_id)
get :history, :id => way_id
get :history, :params => { :id => way_id }
assert_response :success, "can't get way #{way_id} from API"
history_doc = XML::Parser.string(@response.body).parse
assert_not_nil history_doc, "parsing way #{way_id} history failed"
@ -260,7 +294,7 @@ class OldWayControllerTest < ActionController::TestCase
history_way = Way.from_xml_node(way_doc)
assert_not_nil history_way, "parsing way #{way_id} version failed"
get :version, :id => way_id, :version => history_way.version
get :version, :params => { :id => way_id, :version => history_way.version }
assert_response :success, "couldn't get way #{way_id}, v#{history_way.version}"
version_way = Way.from_xml(@response.body)
assert_not_nil version_way, "failed to parse #{way_id}, v#{history_way.version}"
@ -270,10 +304,16 @@ class OldWayControllerTest < ActionController::TestCase
end
def do_redact_way(way, redaction)
get :version, :id => way.way_id, :version => way.version
assert_response :success, "should be able to get version #{way.version} of node #{way.way_id}."
get :version, :params => { :id => way.way_id, :version => way.version }
assert_response :success, "should be able to get version #{way.version} of way #{way.way_id}."
# now redact it
post :redact, :id => way.way_id, :version => way.version, :redaction => redaction.id
post :redact, :params => { :id => way.way_id, :version => way.version, :redaction => redaction.id }
end
def propagate_tags(way, old_way)
way.tags.each do |k, v|
create(:old_way_tag, :old_way => old_way, :k => k, :v => v)
end
end
end

78
test/controllers/redactions_controller_test.rb
View file

@ -2,8 +2,6 @@ require "test_helper"
require "redactions_controller"
class RedactionsControllerTest < ActionController::TestCase
api_fixtures
##
# test all routes which lead to this controller
def test_routes
@ -38,6 +36,8 @@ class RedactionsControllerTest < ActionController::TestCase
end
def test_index
create(:redaction)
get :index
assert_response :success
assert_template :index
@ -53,7 +53,7 @@ class RedactionsControllerTest < ActionController::TestCase
end
def test_new_moderator
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
get :new
assert_response :success
@ -61,7 +61,7 @@ class RedactionsControllerTest < ActionController::TestCase
end
def test_new_non_moderator
session[:user] = users(:public_user).id
session[:user] = create(:user).id
get :new
assert_response :redirect
@ -69,108 +69,108 @@ class RedactionsControllerTest < ActionController::TestCase
end
def test_create_moderator
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
post :create, :redaction => { :title => "Foo", :description => "Description here." }
post :create, :params => { :redaction => { :title => "Foo", :description => "Description here." } }
assert_response :redirect
assert_redirected_to(redaction_path(Redaction.find_by_title("Foo")))
assert_redirected_to(redaction_path(Redaction.find_by(:title => "Foo")))
end
def test_create_moderator_invalid
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
post :create, :redaction => { :title => "Foo", :description => "" }
post :create, :params => { :redaction => { :title => "Foo", :description => "" } }
assert_response :success
assert_template :new
end
def test_create_non_moderator
session[:user] = users(:public_user).id
session[:user] = create(:user).id
post :create, :redaction => { :title => "Foo", :description => "Description here." }
post :create, :params => { :redaction => { :title => "Foo", :description => "Description here." } }
assert_response :forbidden
end
def test_destroy_moderator_empty
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
# remove all elements from the redaction
redaction = redactions(:example)
redaction.old_nodes.each { |n| n.update!(:redaction => nil) }
redaction.old_ways.each { |w| w.update!(:redaction => nil) }
redaction.old_relations.each { |r| r.update!(:redaction => nil) }
# create an empty redaction
redaction = create(:redaction)
delete :destroy, :id => redaction.id
delete :destroy, :params => { :id => redaction.id }
assert_response :redirect
assert_redirected_to(redactions_path)
end
def test_destroy_moderator_non_empty
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
# leave elements in the redaction
redaction = redactions(:example)
# create elements in the redaction
redaction = create(:redaction)
create(:old_node, :redaction => redaction)
delete :destroy, :id => redaction.id
delete :destroy, :params => { :id => redaction.id }
assert_response :redirect
assert_redirected_to(redaction_path(redaction))
assert_match /^Redaction is not empty/, flash[:error]
end
def test_delete_non_moderator
session[:user] = users(:public_user).id
session[:user] = create(:user).id
delete :destroy, :id => redactions(:example).id
delete :destroy, :params => { :id => create(:redaction).id }
assert_response :forbidden
end
def test_edit
get :edit, :id => redactions(:example).id
redaction = create(:redaction)
get :edit, :params => { :id => redaction.id }
assert_response :redirect
assert_redirected_to login_path(:referer => edit_redaction_path(redactions(:example)))
assert_redirected_to login_path(:referer => edit_redaction_path(redaction))
end
def test_edit_moderator
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
get :edit, :id => redactions(:example).id
get :edit, :params => { :id => create(:redaction).id }
assert_response :success
end
def test_edit_non_moderator
session[:user] = users(:public_user).id
session[:user] = create(:user).id
get :edit, :id => redactions(:example).id
get :edit, :params => { :id => create(:redaction).id }
assert_response :redirect
assert_redirected_to(redactions_path)
end
def test_update_moderator
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
redaction = redactions(:example)
redaction = create(:redaction)
put :update, :id => redaction.id, :redaction => { :title => "Foo", :description => "Description here." }
put :update, :params => { :id => redaction.id, :redaction => { :title => "Foo", :description => "Description here." } }
assert_response :redirect
assert_redirected_to(redaction_path(redaction))
end
def test_update_moderator_invalid
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
redaction = redactions(:example)
redaction = create(:redaction)
put :update, :id => redaction.id, :redaction => { :title => "Foo", :description => "" }
put :update, :params => { :id => redaction.id, :redaction => { :title => "Foo", :description => "" } }
assert_response :success
assert_template :edit
end
def test_updated_non_moderator
session[:user] = users(:public_user).id
session[:user] = create(:user).id
redaction = redactions(:example)
redaction = create(:redaction)
put :update, :id => redaction.id, :redaction => { :title => "Foo", :description => "Description here." }
put :update, :params => { :id => redaction.id, :redaction => { :title => "Foo", :description => "Description here." } }
assert_response :forbidden
end
end

538
test/controllers/relation_controller_test.rb
View file

File diff suppressed because it is too large Load diff

44
test/controllers/search_controller_test.rb
View file

@ -1,8 +1,6 @@
require "test_helper"
class SearchControllerTest < ActionController::TestCase
api_fixtures
##
# test all routes which lead to this controller
def test_routes
@ -27,15 +25,15 @@ class SearchControllerTest < ActionController::TestCase
##
# test searching nodes
def test_search_nodes
get :search_nodes, :type => "test"
get :search_nodes, :params => { :type => "test" }
assert_response :service_unavailable
assert_equal "Searching of nodes is currently unavailable", response.headers["Error"]
get :search_nodes, :type => "test", :value => "yes"
get :search_nodes, :params => { :type => "test", :value => "yes" }
assert_response :service_unavailable
assert_equal "Searching of nodes is currently unavailable", response.headers["Error"]
get :search_nodes, :name => "Test Node"
get :search_nodes, :params => { :name => "Test Node" }
assert_response :service_unavailable
assert_equal "Searching of nodes is currently unavailable", response.headers["Error"]
end
@ -43,15 +41,24 @@ class SearchControllerTest < ActionController::TestCase
##
# test searching ways
def test_search_ways
get :search_ways, :type => "test"
first_way = create(:way_with_nodes, :nodes_count => 2)
deleted_way = create(:way_with_nodes, :deleted, :nodes_count => 2)
third_way = create(:way_with_nodes, :nodes_count => 2)
[first_way, deleted_way, third_way].each do |way|
create(:way_tag, :way => way, :k => "test", :v => "yes")
end
create(:way_tag, :way => third_way, :k => "name", :v => "Test Way")
get :search_ways, :params => { :type => "test" }
assert_response :service_unavailable
assert_equal "Searching for a key without value is currently unavailable", response.headers["Error"]
get :search_ways, :type => "test", :value => "yes"
get :search_ways, :params => { :type => "test", :value => "yes" }
assert_response :success
assert_select "way", 3
get :search_ways, :name => "Test Way"
get :search_ways, :params => { :name => "Test Way" }
assert_response :success
assert_select "way", 1
end
@ -59,15 +66,24 @@ class SearchControllerTest < ActionController::TestCase
##
# test searching relations
def test_search_relations
get :search_relations, :type => "test"
first_relation = create(:relation)
deleted_relation = create(:relation)
third_relation = create(:relation)
[first_relation, deleted_relation, third_relation].each do |relation|
create(:relation_tag, :relation => relation, :k => "test", :v => "yes")
end
create(:relation_tag, :relation => third_relation, :k => "name", :v => "Test Relation")
get :search_relations, :params => { :type => "test" }
assert_response :service_unavailable
assert_equal "Searching for a key without value is currently unavailable", response.headers["Error"]
get :search_relations, :type => "test", :value => "yes"
get :search_relations, :params => { :type => "test", :value => "yes" }
assert_response :success
assert_select "relation", 3
get :search_relations, :name => "Test Relation"
get :search_relations, :params => { :name => "Test Relation" }
assert_response :success
assert_select "relation", 1
end
@ -75,15 +91,15 @@ class SearchControllerTest < ActionController::TestCase
##
# test searching nodes, ways and relations
def test_search_all
get :search_all, :type => "test"
get :search_all, :params => { :type => "test" }
assert_response :service_unavailable
assert_equal "Searching of nodes is currently unavailable", response.headers["Error"]
get :search_all, :type => "test", :value => "yes"
get :search_all, :params => { :type => "test", :value => "yes" }
assert_response :service_unavailable
assert_equal "Searching of nodes is currently unavailable", response.headers["Error"]
get :search_all, :name => "Test"
get :search_all, :params => { :name => "Test" }
assert_response :service_unavailable
assert_equal "Searching of nodes is currently unavailable", response.headers["Error"]
end

120
test/controllers/site_controller_test.rb
View file

@ -1,13 +1,13 @@
require "test_helper"
class SiteControllerTest < ActionController::TestCase
api_fixtures
##
# setup oauth keys
def setup
Object.const_set("ID_KEY", client_applications(:oauth_web_app).key)
Object.const_set("POTLATCH2_KEY", client_applications(:oauth_web_app).key)
Object.const_set("ID_KEY", create(:client_application).key)
Object.const_set("POTLATCH2_KEY", create(:client_application).key)
stub_hostip_requests
end
##
@ -73,8 +73,8 @@ class SiteControllerTest < ActionController::TestCase
{ :controller => "site", :action => "permalink", :code => "shortcode" }
)
assert_routing(
{ :path => "/preview/formatname", :method => :post },
{ :controller => "site", :action => "preview", :format => "formatname" }
{ :path => "/preview/typename", :method => :post },
{ :controller => "site", :action => "preview", :type => "typename" }
)
assert_routing(
{ :path => "/id", :method => :get },
@ -91,71 +91,71 @@ class SiteControllerTest < ActionController::TestCase
# Test the index page redirects
def test_index_redirect
get :index, :node => 123
get :index, :params => { :node => 123 }
assert_redirected_to :controller => :browse, :action => :node, :id => 123
get :index, :way => 123
get :index, :params => { :way => 123 }
assert_redirected_to :controller => :browse, :action => :way, :id => 123
get :index, :relation => 123
get :index, :params => { :relation => 123 }
assert_redirected_to :controller => :browse, :action => :relation, :id => 123
get :index, :note => 123
get :index, :params => { :note => 123 }
assert_redirected_to :controller => :browse, :action => :note, :id => 123
get :index, :query => "test"
get :index, :params => { :query => "test" }
assert_redirected_to :controller => :geocoder, :action => :search, :query => "test"
get :index, :lat => 4, :lon => 5
get :index, :params => { :lat => 4, :lon => 5 }
assert_redirected_to :controller => :site, :action => :index, :anchor => "map=5/4/5"
get :index, :lat => 4, :lon => 5, :zoom => 3
get :index, :params => { :lat => 4, :lon => 5, :zoom => 3 }
assert_redirected_to :controller => :site, :action => :index, :anchor => "map=3/4/5"
get :index, :layers => "T"
get :index, :params => { :layers => "T" }
assert_redirected_to :controller => :site, :action => :index, :anchor => "layers=T"
get :index, :notes => "yes"
get :index, :params => { :notes => "yes" }
assert_redirected_to :controller => :site, :action => :index, :anchor => "layers=N"
get :index, :lat => 4, :lon => 5, :zoom => 3, :layers => "T"
get :index, :params => { :lat => 4, :lon => 5, :zoom => 3, :layers => "T" }
assert_redirected_to :controller => :site, :action => :index, :anchor => "map=3/4/5&layers=T"
end
# Test the permalink redirect
def test_permalink
get :permalink, :code => "wBz3--"
get :permalink, :params => { :code => "wBz3--" }
assert_response :redirect
assert_redirected_to :controller => :site, :action => :index, :anchor => "map=3/4.8779296875/3.955078125"
get :permalink, :code => "wBz3--", :m => ""
get :permalink, :params => { :code => "wBz3--", :m => "" }
assert_response :redirect
assert_redirected_to :controller => :site, :action => :index, :mlat => "4.8779296875", :mlon => "3.955078125", :anchor => "map=3/4.8779296875/3.955078125"
get :permalink, :code => "wBz3--", :layers => "T"
get :permalink, :params => { :code => "wBz3--", :layers => "T" }
assert_response :redirect
assert_redirected_to :controller => :site, :action => :index, :anchor => "map=3/4.8779296875/3.955078125&layers=T"
get :permalink, :code => "wBz3--", :node => 1
get :permalink, :params => { :code => "wBz3--", :node => 1 }
assert_response :redirect
assert_redirected_to :controller => :browse, :action => :node, :id => 1, :anchor => "map=3/4.8779296875/3.955078125"
get :permalink, :code => "wBz3--", :way => 2
get :permalink, :params => { :code => "wBz3--", :way => 2 }
assert_response :redirect
assert_redirected_to :controller => :browse, :action => :way, :id => 2, :anchor => "map=3/4.8779296875/3.955078125"
get :permalink, :code => "wBz3--", :relation => 3
get :permalink, :params => { :code => "wBz3--", :relation => 3 }
assert_response :redirect
assert_redirected_to :controller => :browse, :action => :relation, :id => 3, :anchor => "map=3/4.8779296875/3.955078125"
get :permalink, :code => "wBz3--", :changeset => 4
get :permalink, :params => { :code => "wBz3--", :changeset => 4 }
assert_response :redirect
assert_redirected_to :controller => :browse, :action => :changeset, :id => 4, :anchor => "map=3/4.8779296875/3.955078125"
end
# Test the key page
def test_key
xhr :get, :key
get :key, :xhr => true
assert_response :success
assert_template "key"
assert_template :layout => false
@ -170,7 +170,7 @@ class SiteControllerTest < ActionController::TestCase
# Test the right editor gets used when the user hasn't set a preference
def test_edit_without_preference
get :edit, nil, :user => users(:public_user).id
get :edit, :session => { :user => create(:user) }
assert_response :success
assert_template "edit"
assert_template :partial => "_#{DEFAULT_EDITOR}", :count => 1
@ -178,70 +178,70 @@ class SiteControllerTest < ActionController::TestCase
# Test the right editor gets used when the user has set a preference
def test_edit_with_preference
user = users(:public_user)
user = create(:user)
user.preferred_editor = "id"
user.save!
get :edit, nil, :user => user.id
get :edit, :session => { :user => user }
assert_response :success
assert_template "edit"
assert_template :partial => "_id", :count => 1
user = users(:public_user)
user = create(:user)
user.preferred_editor = "potlatch2"
user.save!
get :edit, nil, :user => user.id
get :edit, :session => { :user => user }
assert_response :success
assert_template "edit"
assert_template :partial => "_potlatch2", :count => 1
user = users(:public_user)
user = create(:user)
user.preferred_editor = "potlatch"
user.save!
get :edit, nil, :user => user.id
get :edit, :session => { :user => user }
assert_response :success
assert_template "edit"
assert_template :partial => "_potlatch", :count => 1
user = users(:public_user)
user = create(:user)
user.preferred_editor = "remote"
user.save!
get :edit, nil, :user => user.id
get :edit, :session => { :user => user }
assert_response :success
assert_template "index"
end
# Test the right editor gets used when the URL has an override
def test_edit_with_override
get :edit, { :editor => "id" }, { :user => users(:public_user).id }
get :edit, :params => { :editor => "id" }, :session => { :user => create(:user) }
assert_response :success
assert_template "edit"
assert_template :partial => "_id", :count => 1
get :edit, { :editor => "potlatch2" }, { :user => users(:public_user).id }
get :edit, :params => { :editor => "potlatch2" }, :session => { :user => create(:user) }
assert_response :success
assert_template "edit"
assert_template :partial => "_potlatch2", :count => 1
get :edit, { :editor => "potlatch" }, { :user => users(:public_user).id }
get :edit, :params => { :editor => "potlatch" }, :session => { :user => create(:user) }
assert_response :success
assert_template "edit"
assert_template :partial => "_potlatch", :count => 1
get :edit, { :editor => "remote" }, { :user => users(:public_user).id }
get :edit, :params => { :editor => "remote" }, :session => { :user => create(:user) }
assert_response :success
assert_template "index"
end
# Test editing a specific node
def test_edit_with_node
user = users(:public_user)
node = current_nodes(:visible_node)
user = create(:user)
node = create(:node, :lat => 1.0, :lon => 1.0)
get :edit, { :node => node.id }, { :user => user.id }
get :edit, :params => { :node => node.id }, :session => { :user => user }
assert_response :success
assert_template "edit"
assert_equal 1.0, assigns(:lat)
@ -251,10 +251,12 @@ class SiteControllerTest < ActionController::TestCase
# Test editing a specific way
def test_edit_with_way
user = users(:public_user)
way = current_ways(:visible_way)
user = create(:user)
node = create(:node, :lat => 3, :lon => 3)
way = create(:way)
create(:way_node, :node => node, :way => way)
get :edit, { :way => way.id }, { :user => user.id }
get :edit, :params => { :way => way.id }, :session => { :user => user }
assert_response :success
assert_template "edit"
assert_equal 3.0, assigns(:lat)
@ -264,10 +266,12 @@ class SiteControllerTest < ActionController::TestCase
# Test editing a specific note
def test_edit_with_note
user = users(:public_user)
note = notes(:open_note)
user = create(:user)
note = create(:note) do |n|
n.comments.create(:author_id => user.id)
end
get :edit, { :note => note.id }, { :user => user.id }
get :edit, :params => { :note => note.id }, :session => { :user => user }
assert_response :success
assert_template "edit"
assert_equal 1.0, assigns(:lat)
@ -277,10 +281,10 @@ class SiteControllerTest < ActionController::TestCase
# Test editing a specific GPX trace
def test_edit_with_gpx
user = users(:public_user)
gpx = gpx_files(:public_trace_file)
user = create(:user)
gpx = create(:trace, :latitude => 1, :longitude => 1)
get :edit, { :gpx => gpx.id }, { :user => user.id }
get :edit, :params => { :gpx => gpx.id }, :session => { :user => user }
assert_response :success
assert_template "edit"
assert_equal 1.0, assigns(:lat)
@ -290,13 +294,13 @@ class SiteControllerTest < ActionController::TestCase
# Test the edit page redirects
def test_edit_redirect
get :edit, :lat => 4, :lon => 5
get :edit, :params => { :lat => 4, :lon => 5 }
assert_redirected_to :controller => :site, :action => :edit, :anchor => "map=5/4/5"
get :edit, :lat => 4, :lon => 5, :zoom => 3
get :edit, :params => { :lat => 4, :lon => 5, :zoom => 3 }
assert_redirected_to :controller => :site, :action => :edit, :anchor => "map=3/4/5"
get :edit, :lat => 4, :lon => 5, :zoom => 3, :editor => "id"
get :edit, :params => { :lat => 4, :lon => 5, :zoom => 3, :editor => "id" }
assert_redirected_to :controller => :site, :action => :edit, :editor => "id", :anchor => "map=3/4/5"
end
@ -313,7 +317,7 @@ class SiteControllerTest < ActionController::TestCase
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :referer => "/welcome"
get :welcome, nil, :user => users(:public_user).id
get :welcome, :session => { :user => create(:user) }
assert_response :success
assert_template "welcome"
end
@ -346,7 +350,7 @@ class SiteControllerTest < ActionController::TestCase
assert_template "export"
assert_template :layout => "map"
xhr :get, :export
get :export, :xhr => true
assert_response :success
assert_template "export"
assert_template :layout => "xhr"
@ -361,19 +365,19 @@ class SiteControllerTest < ActionController::TestCase
# Test the rich text preview
def test_preview
xhr :post, :preview, :format => "html"
post :preview, :xhr => true, :params => { :type => "html" }
assert_response :success
xhr :post, :preview, :format => "markdown"
post :preview, :xhr => true, :params => { :type => "markdown" }
assert_response :success
xhr :post, :preview, :format => "text"
post :preview, :xhr => true, :params => { :type => "text" }
assert_response :success
end
# Test the id frame
def test_id
get :id, nil, :user => users(:public_user).id
get :id, :session => { :user => create(:user) }
assert_response :success
assert_template "id"
assert_template :layout => false

18
test/controllers/swf_controller_test.rb
View file

@ -1,8 +1,6 @@
require "test_helper"
class SwfControllerTest < ActionController::TestCase
api_fixtures
##
# test all routes which lead to this controller
def test_routes
@ -15,19 +13,29 @@ class SwfControllerTest < ActionController::TestCase
##
# basic test that trackpoints at least returns some sort of flash movie
def test_trackpoints
get :trackpoints, :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1
user = create(:user)
other_user = create(:user)
create(:trace, :visibility => "trackable", :latitude => 51.51, :longitude => -0.14, :user => user) do |trace|
create(:tracepoint, :trace => trace, :trackid => 1, :latitude => (51.510 * GeoRecord::SCALE).to_i, :longitude => (-0.140 * GeoRecord::SCALE).to_i)
create(:tracepoint, :trace => trace, :trackid => 2, :latitude => (51.511 * GeoRecord::SCALE).to_i, :longitude => (-0.141 * GeoRecord::SCALE).to_i)
end
create(:trace, :visibility => "identifiable", :latitude => 51.512, :longitude => 0.142) do |trace|
create(:tracepoint, :trace => trace, :latitude => (51.512 * GeoRecord::SCALE).to_i, :longitude => (0.142 * GeoRecord::SCALE).to_i)
end
get :trackpoints, :params => { :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1 }
assert_response :success
assert_equal "application/x-shockwave-flash", response.content_type
assert_match /^FWS/, response.body
assert_equal 80, response.body.length
get :trackpoints, :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1, :token => users(:normal_user).tokens.create.token
get :trackpoints, :params => { :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1, :token => other_user.tokens.create.token }
assert_response :success
assert_equal "application/x-shockwave-flash", response.content_type
assert_match /^FWS/, response.body
assert_equal 67, response.body.length
get :trackpoints, :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1, :token => users(:public_user).tokens.create.token
get :trackpoints, :params => { :xmin => -1, :xmax => 1, :ymin => 51, :ymax => 52, :baselong => 0, :basey => 0, :masterscale => 1, :token => user.tokens.create.token }
assert_response :success
assert_equal "application/x-shockwave-flash", response.content_type
assert_match /^FWS/, response.body

627
test/controllers/trace_controller_test.rb
View file

File diff suppressed because it is too large Load diff

256
test/controllers/user_blocks_controller_test.rb
View file

@ -1,8 +1,6 @@
require "test_helper"
class UserBlocksControllerTest < ActionController::TestCase
fixtures :users, :user_roles, :user_blocks
##
# test all routes which lead to this controller
def test_routes
@ -61,73 +59,100 @@ class UserBlocksControllerTest < ActionController::TestCase
##
# test the index action
def test_index
# The list of blocks should load
active_block = create(:user_block)
expired_block = create(:user_block, :expired)
revoked_block = create(:user_block, :revoked)
get :index
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", 4
assert_select "a[href='#{user_block_path(user_blocks(:active_block))}']", 1
assert_select "a[href='#{user_block_path(user_blocks(:expired_block))}']", 1
assert_select "a[href='#{user_block_path(user_blocks(:revoked_block))}']", 1
assert_select "a[href='#{user_block_path(active_block)}']", 1
assert_select "a[href='#{user_block_path(expired_block)}']", 1
assert_select "a[href='#{user_block_path(revoked_block)}']", 1
end
end
##
# test the index action with multiple pages
def test_index_paged
create_list(:user_block, 50)
get :index
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", :count => 21
end
get :index, :params => { :page => 2 }
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", :count => 21
end
end
##
# test the show action
def test_show
active_block = create(:user_block, :needs_view)
expired_block = create(:user_block, :expired)
revoked_block = create(:user_block, :revoked)
# Viewing a block should fail when no ID is given
assert_raise ActionController::UrlGenerationError do
get :show
end
# Viewing a block should fail when a bogus ID is given
get :show, :id => 99999
get :show, :params => { :id => 99999 }
assert_response :not_found
assert_template "not_found"
assert_select "p", "Sorry, the user block with ID 99999 could not be found."
# Viewing an expired block should work
get :show, :id => user_blocks(:expired_block)
get :show, :params => { :id => expired_block.id }
assert_response :success
# Viewing a revoked block should work
get :show, :id => user_blocks(:revoked_block)
get :show, :params => { :id => revoked_block.id }
assert_response :success
# Viewing an active block should work, but shouldn't mark it as seen
get :show, :id => user_blocks(:active_block)
get :show, :params => { :id => active_block.id }
assert_response :success
assert_equal true, UserBlock.find(user_blocks(:active_block).id).needs_view
assert_equal true, UserBlock.find(active_block.id).needs_view
# Login as the blocked user
session[:user] = users(:blocked_user).id
session[:user] = active_block.user.id
# Now viewing it should mark it as seen
get :show, :id => user_blocks(:active_block)
get :show, :params => { :id => active_block.id }
assert_response :success
assert_equal false, UserBlock.find(user_blocks(:active_block).id).needs_view
assert_equal false, UserBlock.find(active_block.id).needs_view
end
##
# test the new action
def test_new
target_user = create(:user)
# Check that the block creation page requires us to login
get :new, :display_name => users(:normal_user).display_name
assert_redirected_to login_path(:referer => new_user_block_path(:display_name => users(:normal_user).display_name))
get :new, :params => { :display_name => target_user.display_name }
assert_redirected_to login_path(:referer => new_user_block_path(:display_name => target_user.display_name))
# Login as a normal user
session[:user] = users(:public_user).id
session[:user] = create(:user).id
# Check that normal users can't load the block creation page
get :new, :display_name => users(:normal_user).display_name
get :new, :params => { :display_name => target_user.display_name }
assert_redirected_to user_blocks_path
assert_equal "You need to be a moderator to perform that action.", flash[:error]
# Login as a moderator
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
# Check that the block creation page loads for moderators
get :new, :display_name => users(:normal_user).display_name
get :new, :params => { :display_name => target_user.display_name }
assert_response :success
assert_select "form#new_user_block", :count => 1 do
assert_select "textarea#user_block_reason", :count => 1
@ -144,7 +169,7 @@ class UserBlocksControllerTest < ActionController::TestCase
assert_select "h1", "The user does not exist"
# We should get an error if the user doesn't exist
get :new, :display_name => "non_existent_user"
get :new, :params => { :display_name => "non_existent_user" }
assert_response :not_found
assert_template "user/no_such_user"
assert_select "h1", "The user non_existent_user does not exist"
@ -153,25 +178,27 @@ class UserBlocksControllerTest < ActionController::TestCase
##
# test the edit action
def test_edit
active_block = create(:user_block)
# Check that the block edit page requires us to login
get :edit, :id => user_blocks(:active_block).id
assert_redirected_to login_path(:referer => edit_user_block_path(:id => user_blocks(:active_block).id))
get :edit, :params => { :id => active_block.id }
assert_redirected_to login_path(:referer => edit_user_block_path(:id => active_block.id))
# Login as a normal user
session[:user] = users(:public_user).id
session[:user] = create(:user).id
# Check that normal users can't load the block edit page
get :edit, :id => user_blocks(:active_block).id
get :edit, :params => { :id => active_block.id }
assert_redirected_to user_blocks_path
assert_equal "You need to be a moderator to perform that action.", flash[:error]
# Login as a moderator
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
# Check that the block edit page loads for moderators
get :edit, :id => user_blocks(:active_block).id
get :edit, :params => { :id => active_block.id }
assert_response :success
assert_select "form#edit_user_block_#{user_blocks(:active_block).id}", :count => 1 do
assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do
assert_select "textarea#user_block_reason", :count => 1
assert_select "select#user_block_period", :count => 1
assert_select "input#user_block_needs_view[type='checkbox']", :count => 1
@ -184,7 +211,7 @@ class UserBlocksControllerTest < ActionController::TestCase
end
# We should get an error if the user doesn't exist
get :edit, :id => 99999
get :edit, :params => { :id => 99999 }
assert_response :not_found
assert_template "not_found"
assert_select "p", "Sorry, the user block with ID 99999 could not be found."
@ -193,39 +220,42 @@ class UserBlocksControllerTest < ActionController::TestCase
##
# test the create action
def test_create
target_user = create(:user)
moderator_user = create(:moderator_user)
# Not logged in yet, so creating a block should fail
post :create
assert_response :forbidden
# Login as a normal user
session[:user] = users(:public_user).id
session[:user] = create(:user).id
# Check that normal users can't create blocks
post :create
assert_response :forbidden
# Login as a moderator
session[:user] = users(:moderator_user).id
session[:user] = moderator_user.id
# A bogus block period should result in an error
assert_no_difference "UserBlock.count" do
post :create,
:display_name => users(:unblocked_user).display_name,
:user_block_period => "99"
:params => { :display_name => target_user.display_name,
:user_block_period => "99" }
end
assert_redirected_to new_user_block_path(:display_name => users(:unblocked_user).display_name)
assert_redirected_to new_user_block_path(:display_name => target_user.display_name)
assert_equal "The blocking period must be one of the values selectable in the drop-down list.", flash[:error]
# Check that creating a block works
assert_difference "UserBlock.count", 1 do
post :create,
:display_name => users(:unblocked_user).display_name,
:user_block_period => "12",
:user_block => { :needs_view => false, :reason => "Vandalism" }
:params => { :display_name => target_user.display_name,
:user_block_period => "12",
:user_block => { :needs_view => false, :reason => "Vandalism" } }
end
id = UserBlock.order(:id).ids.last
assert_redirected_to user_block_path(:id => id)
assert_equal "Created a block on user #{users(:unblocked_user).display_name}.", flash[:notice]
assert_equal "Created a block on user #{target_user.display_name}.", flash[:notice]
b = UserBlock.find(id)
assert_in_delta Time.now, b.created_at, 1
assert_in_delta Time.now, b.updated_at, 1
@ -233,7 +263,7 @@ class UserBlocksControllerTest < ActionController::TestCase
assert_equal false, b.needs_view
assert_equal "Vandalism", b.reason
assert_equal "markdown", b.reason_format
assert_equal users(:moderator_user).id, b.creator_id
assert_equal moderator_user.id, b.creator_id
# We should get an error if no user is specified
post :create
@ -242,7 +272,7 @@ class UserBlocksControllerTest < ActionController::TestCase
assert_select "h1", "The user does not exist"
# We should get an error if the user doesn't exist
post :create, :display_name => "non_existent_user"
post :create, :params => { :display_name => "non_existent_user" }
assert_response :not_found
assert_template "user/no_such_user"
assert_select "h1", "The user non_existent_user does not exist"
@ -251,52 +281,56 @@ class UserBlocksControllerTest < ActionController::TestCase
##
# test the update action
def test_update
moderator_user = create(:moderator_user)
second_moderator_user = create(:moderator_user)
active_block = create(:user_block, :creator => moderator_user)
# Not logged in yet, so updating a block should fail
put :update, :id => user_blocks(:active_block).id
put :update, :params => { :id => active_block.id }
assert_response :forbidden
# Login as a normal user
session[:user] = users(:public_user).id
session[:user] = create(:user).id
# Check that normal users can't update blocks
put :update, :id => user_blocks(:active_block).id
put :update, :params => { :id => active_block.id }
assert_response :forbidden
# Login as the wrong moderator
session[:user] = users(:second_moderator_user).id
session[:user] = second_moderator_user.id
# Check that only the person who created a block can update it
assert_no_difference "UserBlock.count" do
put :update,
:id => user_blocks(:active_block).id,
:user_block_period => "12",
:user_block => { :needs_view => true, :reason => "Vandalism" }
:params => { :id => active_block.id,
:user_block_period => "12",
:user_block => { :needs_view => true, :reason => "Vandalism" } }
end
assert_redirected_to edit_user_block_path(:id => user_blocks(:active_block).id)
assert_redirected_to edit_user_block_path(:id => active_block.id)
assert_equal "Only the moderator who created this block can edit it.", flash[:error]
# Login as the correct moderator
session[:user] = users(:moderator_user).id
session[:user] = moderator_user.id
# A bogus block period should result in an error
assert_no_difference "UserBlock.count" do
put :update,
:id => user_blocks(:active_block).id,
:user_block_period => "99"
:params => { :id => active_block.id,
:user_block_period => "99" }
end
assert_redirected_to edit_user_block_path(:id => user_blocks(:active_block).id)
assert_redirected_to edit_user_block_path(:id => active_block.id)
assert_equal "The blocking period must be one of the values selectable in the drop-down list.", flash[:error]
# Check that updating a block works
assert_no_difference "UserBlock.count" do
put :update,
:id => user_blocks(:active_block).id,
:user_block_period => "12",
:user_block => { :needs_view => true, :reason => "Vandalism" }
:params => { :id => active_block.id,
:user_block_period => "12",
:user_block => { :needs_view => true, :reason => "Vandalism" } }
end
assert_redirected_to user_block_path(:id => user_blocks(:active_block).id)
assert_redirected_to user_block_path(:id => active_block.id)
assert_equal "Block updated.", flash[:notice]
b = UserBlock.find(user_blocks(:active_block).id)
b = UserBlock.find(active_block.id)
assert_in_delta Time.now, b.updated_at, 1
assert_equal true, b.needs_view
assert_equal "Vandalism", b.reason
@ -307,7 +341,7 @@ class UserBlocksControllerTest < ActionController::TestCase
end
# We should get an error if the block doesn't exist
put :update, :id => 99999
put :update, :params => { :id => 99999 }
assert_response :not_found
assert_template "not_found"
assert_select "p", "Sorry, the user block with ID 99999 could not be found."
@ -316,23 +350,25 @@ class UserBlocksControllerTest < ActionController::TestCase
##
# test the revoke action
def test_revoke
active_block = create(:user_block)
# Check that the block revoke page requires us to login
get :revoke, :id => user_blocks(:active_block).id
assert_redirected_to login_path(:referer => revoke_user_block_path(:id => user_blocks(:active_block).id))
get :revoke, :params => { :id => active_block.id }
assert_redirected_to login_path(:referer => revoke_user_block_path(:id => active_block.id))
# Login as a normal user
session[:user] = users(:public_user).id
session[:user] = create(:user).id
# Check that normal users can't load the block revoke page
get :revoke, :id => user_blocks(:active_block).id
get :revoke, :params => { :id => active_block.id }
assert_redirected_to user_blocks_path
assert_equal "You need to be a moderator to perform that action.", flash[:error]
# Login as a moderator
session[:user] = users(:moderator_user).id
session[:user] = create(:moderator_user).id
# Check that the block revoke page loads for moderators
get :revoke, :id => user_blocks(:active_block).id
get :revoke, :params => { :id => active_block.id }
assert_response :success
assert_template "revoke"
assert_select "form", :count => 1 do
@ -341,9 +377,9 @@ class UserBlocksControllerTest < ActionController::TestCase
end
# Check that revoking a block works
post :revoke, :id => user_blocks(:active_block).id, :confirm => true
assert_redirected_to user_block_path(:id => user_blocks(:active_block).id)
b = UserBlock.find(user_blocks(:active_block).id)
post :revoke, :params => { :id => active_block.id, :confirm => true }
assert_redirected_to user_block_path(:id => active_block.id)
b = UserBlock.find(active_block.id)
assert_in_delta Time.now, b.ends_at, 1
# We should get an error if no block ID is specified
@ -352,7 +388,7 @@ class UserBlocksControllerTest < ActionController::TestCase
end
# We should get an error if the block doesn't exist
get :revoke, :id => 99999
get :revoke, :params => { :id => 99999 }
assert_response :not_found
assert_template "not_found"
assert_select "p", "Sorry, the user block with ID 99999 could not be found."
@ -361,76 +397,128 @@ class UserBlocksControllerTest < ActionController::TestCase
##
# test the blocks_on action
def test_blocks_on
blocked_user = create(:user)
unblocked_user = create(:user)
normal_user = create(:user)
active_block = create(:user_block, :user => blocked_user)
revoked_block = create(:user_block, :revoked, :user => blocked_user)
expired_block = create(:user_block, :expired, :user => unblocked_user)
# Asking for a list of blocks with no user name should fail
assert_raise ActionController::UrlGenerationError do
get :blocks_on
end
# Asking for a list of blocks with a bogus user name should fail
get :blocks_on, :display_name => "non_existent_user"
get :blocks_on, :params => { :display_name => "non_existent_user" }
assert_response :not_found
assert_template "user/no_such_user"
assert_select "h1", "The user non_existent_user does not exist"
# Check the list of blocks for a user that has never been blocked
get :blocks_on, :display_name => users(:normal_user).display_name
get :blocks_on, :params => { :display_name => normal_user.display_name }
assert_response :success
assert_select "table#block_list", false
assert_select "p", "#{users(:normal_user).display_name} has not been blocked yet."
assert_select "p", "#{normal_user.display_name} has not been blocked yet."
# Check the list of blocks for a user that is currently blocked
get :blocks_on, :display_name => users(:blocked_user).display_name
get :blocks_on, :params => { :display_name => blocked_user.display_name }
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", 3
assert_select "a[href='#{user_block_path(user_blocks(:active_block))}']", 1
assert_select "a[href='#{user_block_path(user_blocks(:revoked_block))}']", 1
assert_select "a[href='#{user_block_path(active_block)}']", 1
assert_select "a[href='#{user_block_path(revoked_block)}']", 1
end
# Check the list of blocks for a user that has previously been blocked
get :blocks_on, :display_name => users(:unblocked_user).display_name
get :blocks_on, :params => { :display_name => unblocked_user.display_name }
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", 2
assert_select "a[href='#{user_block_path(user_blocks(:expired_block))}']", 1
assert_select "a[href='#{user_block_path(expired_block)}']", 1
end
end
##
# test the blocks_on action with multiple pages
def test_blocks_on_paged
user = create(:user)
create_list(:user_block, 50, :user => user)
get :blocks_on, :params => { :display_name => user.display_name }
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", :count => 21
end
get :blocks_on, :params => { :display_name => user.display_name, :page => 2 }
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", :count => 21
end
end
##
# test the blocks_by action
def test_blocks_by
moderator_user = create(:moderator_user)
second_moderator_user = create(:moderator_user)
normal_user = create(:user)
active_block = create(:user_block, :creator => moderator_user)
expired_block = create(:user_block, :expired, :creator => second_moderator_user)
revoked_block = create(:user_block, :revoked, :creator => second_moderator_user)
# Asking for a list of blocks with no user name should fail
assert_raise ActionController::UrlGenerationError do
get :blocks_by
end
# Asking for a list of blocks with a bogus user name should fail
get :blocks_by, :display_name => "non_existent_user"
get :blocks_by, :params => { :display_name => "non_existent_user" }
assert_response :not_found
assert_template "user/no_such_user"
assert_select "h1", "The user non_existent_user does not exist"
# Check the list of blocks given by one moderator
get :blocks_by, :display_name => users(:moderator_user).display_name
get :blocks_by, :params => { :display_name => moderator_user.display_name }
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", 2
assert_select "a[href='#{user_block_path(user_blocks(:active_block))}']", 1
assert_select "a[href='#{user_block_path(active_block)}']", 1
end
# Check the list of blocks given by a different moderator
get :blocks_by, :display_name => users(:second_moderator_user).display_name
get :blocks_by, :params => { :display_name => second_moderator_user.display_name }
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", 3
assert_select "a[href='#{user_block_path(user_blocks(:expired_block))}']", 1
assert_select "a[href='#{user_block_path(user_blocks(:revoked_block))}']", 1
assert_select "a[href='#{user_block_path(expired_block)}']", 1
assert_select "a[href='#{user_block_path(revoked_block)}']", 1
end
# Check the list of blocks (not) given by a normal user
get :blocks_by, :display_name => users(:normal_user).display_name
get :blocks_by, :params => { :display_name => normal_user.display_name }
assert_response :success
assert_select "table#block_list", false
assert_select "p", "#{users(:normal_user).display_name} has not made any blocks yet."
assert_select "p", "#{normal_user.display_name} has not made any blocks yet."
end
##
# test the blocks_by action with multiple pages
def test_blocks_by_paged
user = create(:moderator_user)
create_list(:user_block, 50, :creator => user)
get :blocks_by, :params => { :display_name => user.display_name }
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", :count => 21
end
get :blocks_by, :params => { :display_name => user.display_name, :page => 2 }
assert_response :success
assert_select "table#block_list", :count => 1 do
assert_select "tr", :count => 21
end
end
end

636
test/controllers/user_controller_test.rb
View file

File diff suppressed because it is too large Load diff

80
test/controllers/user_preference_controller_test.rb
View file

@ -1,8 +1,6 @@
require "test_helper"
class UserPreferenceControllerTest < ActionController::TestCase
fixtures :users, :user_preferences
##
# test all routes which lead to this controller
def test_routes
@ -36,7 +34,7 @@ class UserPreferenceControllerTest < ActionController::TestCase
assert_response :unauthorized, "should be authenticated"
# authenticate as a user with no preferences
basic_authorization("moderator@example.com", "test")
basic_authorization(create(:user).email, "test")
# try the read again
get :read
@ -47,17 +45,20 @@ class UserPreferenceControllerTest < ActionController::TestCase
end
# authenticate as a user with preferences
basic_authorization("test@openstreetmap.org", "test")
user = create(:user)
user_preference = create(:user_preference, :user => user)
user_preference2 = create(:user_preference, :user => user)
basic_authorization(user.email, "test")
# try the read again
get :read
assert_response :success
assert_equal "text/xml", @response.content_type
assert_equal "application/xml", @response.content_type
assert_select "osm" do
assert_select "preferences", :count => 1 do
assert_select "preference", :count => 2
assert_select "preference[k=\"#{user_preferences(:a).k}\"][v=\"#{user_preferences(:a).v}\"]", :count => 1
assert_select "preference[k=\"#{user_preferences(:two).k}\"][v=\"#{user_preferences(:two).v}\"]", :count => 1
assert_select "preference[k=\"#{user_preference.k}\"][v=\"#{user_preference.v}\"]", :count => 1
assert_select "preference[k=\"#{user_preference2.k}\"][v=\"#{user_preference2.v}\"]", :count => 1
end
end
end
@ -65,41 +66,48 @@ class UserPreferenceControllerTest < ActionController::TestCase
##
# test read_one action
def test_read_one
user = create(:user)
create(:user_preference, :user => user, :k => "key", :v => "value")
# try a read without auth
get :read_one, :preference_key => "key"
get :read_one, :params => { :preference_key => "key" }
assert_response :unauthorized, "should be authenticated"
# authenticate as a user with preferences
basic_authorization("test@openstreetmap.org", "test")
basic_authorization(user.email, "test")
# try the read again
get :read_one, :preference_key => "key"
get :read_one, :params => { :preference_key => "key" }
assert_response :success
assert_equal "text/plain", @response.content_type
assert_equal "value", @response.body
# try the read again for a non-existent key
get :read_one, :preference_key => "unknown_key"
get :read_one, :params => { :preference_key => "unknown_key" }
assert_response :not_found
end
##
# test update action
def test_update
user = create(:user)
create(:user_preference, :user => user, :k => "key", :v => "value")
create(:user_preference, :user => user, :k => "some_key", :v => "some_value")
# try a put without auth
assert_no_difference "UserPreference.count" do
content "<osm><preferences><preference k='key' v='new_value'/><preference k='new_key' v='value'/></preferences></osm>"
put :update
end
assert_response :unauthorized, "should be authenticated"
assert_equal "value", UserPreference.find([1, "key"]).v
assert_equal "some_value", UserPreference.find([1, "some_key"]).v
assert_equal "value", UserPreference.find([user.id, "key"]).v
assert_equal "some_value", UserPreference.find([user.id, "some_key"]).v
assert_raises ActiveRecord::RecordNotFound do
UserPreference.find([1, "new_key"])
UserPreference.find([user.id, "new_key"])
end
# authenticate as a user with preferences
basic_authorization("test@openstreetmap.org", "test")
basic_authorization(user.email, "test")
# try the put again
assert_no_difference "UserPreference.count" do
@ -109,10 +117,10 @@ class UserPreferenceControllerTest < ActionController::TestCase
assert_response :success
assert_equal "text/plain", @response.content_type
assert_equal "", @response.body
assert_equal "new_value", UserPreference.find([1, "key"]).v
assert_equal "value", UserPreference.find([1, "new_key"]).v
assert_equal "new_value", UserPreference.find([user.id, "key"]).v
assert_equal "value", UserPreference.find([user.id, "new_key"]).v
assert_raises ActiveRecord::RecordNotFound do
UserPreference.find([1, "some_key"])
UserPreference.find([user.id, "some_key"])
end
# try a put with duplicate keys
@ -123,7 +131,7 @@ class UserPreferenceControllerTest < ActionController::TestCase
assert_response :bad_request
assert_equal "text/plain", @response.content_type
assert_equal "Duplicate preferences with key key", @response.body
assert_equal "new_value", UserPreference.find([1, "key"]).v
assert_equal "new_value", UserPreference.find([user.id, "key"]).v
# try a put with invalid content
assert_no_difference "UserPreference.count" do
@ -136,71 +144,77 @@ class UserPreferenceControllerTest < ActionController::TestCase
##
# test update_one action
def test_update_one
user = create(:user)
create(:user_preference, :user => user)
# try a put without auth
assert_no_difference "UserPreference.count" do
content "new_value"
put :update_one, :preference_key => "new_key"
put :update_one, :params => { :preference_key => "new_key" }
end
assert_response :unauthorized, "should be authenticated"
assert_raises ActiveRecord::RecordNotFound do
UserPreference.find([1, "new_key"])
UserPreference.find([user.id, "new_key"])
end
# authenticate as a user with preferences
basic_authorization("test@openstreetmap.org", "test")
basic_authorization(user.email, "test")
# try adding a new preference
assert_difference "UserPreference.count", 1 do
content "new_value"
put :update_one, :preference_key => "new_key"
put :update_one, :params => { :preference_key => "new_key" }
end
assert_response :success
assert_equal "text/plain", @response.content_type
assert_equal "", @response.body
assert_equal "new_value", UserPreference.find([1, "new_key"]).v
assert_equal "new_value", UserPreference.find([user.id, "new_key"]).v
# try changing the value of a preference
assert_no_difference "UserPreference.count" do
content "newer_value"
put :update_one, :preference_key => "new_key"
put :update_one, :params => { :preference_key => "new_key" }
end
assert_response :success
assert_equal "text/plain", @response.content_type
assert_equal "", @response.body
assert_equal "newer_value", UserPreference.find([1, "new_key"]).v
assert_equal "newer_value", UserPreference.find([user.id, "new_key"]).v
end
##
# test delete_one action
def test_delete_one
user = create(:user)
create(:user_preference, :user => user, :k => "key", :v => "value")
# try a delete without auth
assert_no_difference "UserPreference.count" do
delete :delete_one, :preference_key => "key"
delete :delete_one, :params => { :preference_key => "key" }
end
assert_response :unauthorized, "should be authenticated"
assert_equal "value", UserPreference.find([1, "key"]).v
assert_equal "value", UserPreference.find([user.id, "key"]).v
# authenticate as a user with preferences
basic_authorization("test@openstreetmap.org", "test")
basic_authorization(user.email, "test")
# try the delete again
assert_difference "UserPreference.count", -1 do
get :delete_one, :preference_key => "key"
get :delete_one, :params => { :preference_key => "key" }
end
assert_response :success
assert_equal "text/plain", @response.content_type
assert_equal "", @response.body
assert_raises ActiveRecord::RecordNotFound do
UserPreference.find([1, "key"])
UserPreference.find([user.id, "key"])
end
# try the delete again for the same key
assert_no_difference "UserPreference.count" do
get :delete_one, :preference_key => "key"
get :delete_one, :params => { :preference_key => "key" }
end
assert_response :not_found
assert_raises ActiveRecord::RecordNotFound do
UserPreference.find([1, "key"])
UserPreference.find([user.id, "key"])
end
end
end

72
test/controllers/user_roles_controller_test.rb
View file

@ -1,8 +1,6 @@
require "test_helper"
class UserRolesControllerTest < ActionController::TestCase
fixtures :users, :user_roles
##
# test all routes which lead to this controller
def test_routes
@ -19,81 +17,91 @@ class UserRolesControllerTest < ActionController::TestCase
##
# test the grant action
def test_grant
target_user = create(:user)
normal_user = create(:user)
administrator_user = create(:administrator_user)
super_user = create(:super_user)
# Granting should fail when not logged in
post :grant, :display_name => users(:normal_user).display_name, :role => "moderator"
post :grant, :params => { :display_name => target_user.display_name, :role => "moderator" }
assert_response :forbidden
# Login as an unprivileged user
session[:user] = users(:public_user).id
session[:user] = normal_user.id
# Granting should still fail
post :grant, :display_name => users(:normal_user).display_name, :role => "moderator"
assert_redirected_to user_path(users(:normal_user).display_name)
post :grant, :params => { :display_name => target_user.display_name, :role => "moderator" }
assert_redirected_to user_path(target_user.display_name)
assert_equal "Only administrators can perform user role management, and you are not an administrator.", flash[:error]
# Login as an administrator
session[:user] = users(:administrator_user).id
session[:user] = administrator_user.id
UserRole::ALL_ROLES.each do |role|
# Granting a role to a non-existent user should fail
assert_difference "UserRole.count", 0 do
post :grant, :display_name => "non_existent_user", :role => role
post :grant, :params => { :display_name => "non_existent_user", :role => role }
end
assert_response :not_found
assert_template "user/no_such_user"
assert_select "h1", "The user non_existent_user does not exist"
# Granting a role from a user that already has it should fail
# Granting a role to a user that already has it should fail
assert_no_difference "UserRole.count" do
post :grant, :display_name => users(:super_user).display_name, :role => role
post :grant, :params => { :display_name => super_user.display_name, :role => role }
end
assert_redirected_to user_path(users(:super_user).display_name)
assert_redirected_to user_path(super_user.display_name)
assert_equal "The user already has role #{role}.", flash[:error]
# Granting a role to a user that doesn't have it should work...
assert_difference "UserRole.count", 1 do
post :grant, :display_name => users(:normal_user).display_name, :role => role
post :grant, :params => { :display_name => target_user.display_name, :role => role }
end
assert_redirected_to user_path(users(:normal_user).display_name)
assert_redirected_to user_path(target_user.display_name)
# ...but trying a second time should fail
assert_no_difference "UserRole.count" do
post :grant, :display_name => users(:normal_user).display_name, :role => role
post :grant, :params => { :display_name => target_user.display_name, :role => role }
end
assert_redirected_to user_path(users(:normal_user).display_name)
assert_redirected_to user_path(target_user.display_name)
assert_equal "The user already has role #{role}.", flash[:error]
end
# Granting a non-existent role should fail
assert_difference "UserRole.count", 0 do
post :grant, :display_name => users(:normal_user).display_name, :role => "no_such_role"
post :grant, :params => { :display_name => target_user.display_name, :role => "no_such_role" }
end
assert_redirected_to user_path(users(:normal_user).display_name)
assert_redirected_to user_path(target_user.display_name)
assert_equal "The string `no_such_role' is not a valid role.", flash[:error]
end
##
# test the revoke action
def test_revoke
target_user = create(:user)
normal_user = create(:user)
administrator_user = create(:administrator_user)
super_user = create(:super_user)
# Revoking should fail when not logged in
post :revoke, :display_name => users(:normal_user).display_name, :role => "moderator"
post :revoke, :params => { :display_name => target_user.display_name, :role => "moderator" }
assert_response :forbidden
# Login as an unprivileged user
session[:user] = users(:public_user).id
session[:user] = normal_user.id
# Revoking should still fail
post :revoke, :display_name => users(:normal_user).display_name, :role => "moderator"
assert_redirected_to user_path(users(:normal_user).display_name)
post :revoke, :params => { :display_name => target_user.display_name, :role => "moderator" }
assert_redirected_to user_path(target_user.display_name)
assert_equal "Only administrators can perform user role management, and you are not an administrator.", flash[:error]
# Login as an administrator
session[:user] = users(:administrator_user).id
session[:user] = administrator_user.id
UserRole::ALL_ROLES.each do |role|
# Removing a role from a non-existent user should fail
assert_difference "UserRole.count", 0 do
post :revoke, :display_name => "non_existent_user", :role => role
post :revoke, :params => { :display_name => "non_existent_user", :role => role }
end
assert_response :not_found
assert_template "user/no_such_user"
@ -101,30 +109,30 @@ class UserRolesControllerTest < ActionController::TestCase
# Removing a role from a user that doesn't have it should fail
assert_no_difference "UserRole.count" do
post :revoke, :display_name => users(:normal_user).display_name, :role => role
post :revoke, :params => { :display_name => target_user.display_name, :role => role }
end
assert_redirected_to user_path(users(:normal_user).display_name)
assert_redirected_to user_path(target_user.display_name)
assert_equal "The user does not have role #{role}.", flash[:error]
# Removing a role' from a user that has it should work...
# Removing a role from a user that has it should work...
assert_difference "UserRole.count", -1 do
post :revoke, :display_name => users(:super_user).display_name, :role => role
post :revoke, :params => { :display_name => super_user.display_name, :role => role }
end
assert_redirected_to user_path(users(:super_user).display_name)
assert_redirected_to user_path(super_user.display_name)
# ...but trying a second time should fail
assert_no_difference "UserRole.count" do
post :revoke, :display_name => users(:super_user).display_name, :role => role
post :revoke, :params => { :display_name => super_user.display_name, :role => role }
end
assert_redirected_to user_path(users(:super_user).display_name)
assert_redirected_to user_path(super_user.display_name)
assert_equal "The user does not have role #{role}.", flash[:error]
end
# Revoking a non-existent role should fail
assert_difference "UserRole.count", 0 do
post :revoke, :display_name => users(:normal_user).display_name, :role => "no_such_role"
post :revoke, :params => { :display_name => target_user.display_name, :role => "no_such_role" }
end
assert_redirected_to user_path(users(:normal_user).display_name)
assert_redirected_to user_path(target_user.display_name)
assert_equal "The string `no_such_role' is not a valid role.", flash[:error]
end
end

387
test/controllers/way_controller_test.rb
View file

@ -2,8 +2,6 @@ require "test_helper"
require "way_controller"
class WayControllerTest < ActionController::TestCase
api_fixtures
##
# test all routes which lead to this controller
def test_routes
@ -39,15 +37,15 @@ class WayControllerTest < ActionController::TestCase
def test_read
# check that a visible way is returned properly
get :read, :id => current_ways(:visible_way).id
get :read, :params => { :id => create(:way).id }
assert_response :success
# check that an invisible way is not returned
get :read, :id => current_ways(:invisible_way).id
get :read, :params => { :id => create(:way, :deleted).id }
assert_response :gone
# check chat a non-existent way is not returned
get :read, :id => 0
get :read, :params => { :id => 0 }
assert_response :not_found
end
@ -55,7 +53,7 @@ class WayControllerTest < ActionController::TestCase
# check the "full" mode
def test_full
Way.all.each do |way|
get :full, :id => way.id
get :full, :params => { :id => way.id }
# full call should say "gone" for non-visible ways...
unless way.visible
@ -74,7 +72,7 @@ class WayControllerTest < ActionController::TestCase
way.nodes.each do |n|
count = (way.nodes - (way.nodes - [n])).length
assert_select "osm way nd[ref='#{n.id}']", count
assert_select "osm node[id='#{n.id}'][version='#{n.version}'][lat='#{n.lat}'][lon='#{n.lon}']", 1
assert_select "osm node[id='#{n.id}'][version='#{n.version}'][lat='#{format('%.7f', n.lat)}'][lon='#{format('%.7f', n.lon)}']", 1
end
end
end
@ -82,27 +80,32 @@ class WayControllerTest < ActionController::TestCase
##
# test fetching multiple ways
def test_ways
way1 = create(:way)
way2 = create(:way, :deleted)
way3 = create(:way)
way4 = create(:way)
# check error when no parameter provided
get :ways
assert_response :bad_request
# check error when no parameter value provided
get :ways, :ways => ""
get :ways, :params => { :ways => "" }
assert_response :bad_request
# test a working call
get :ways, :ways => "1,2,4,6"
get :ways, :params => { :ways => "#{way1.id},#{way2.id},#{way3.id},#{way4.id}" }
assert_response :success
assert_select "osm" do
assert_select "way", :count => 4
assert_select "way[id='1'][visible='true']", :count => 1
assert_select "way[id='2'][visible='false']", :count => 1
assert_select "way[id='4'][visible='true']", :count => 1
assert_select "way[id='6'][visible='true']", :count => 1
assert_select "way[id='#{way1.id}'][visible='true']", :count => 1
assert_select "way[id='#{way2.id}'][visible='false']", :count => 1
assert_select "way[id='#{way3.id}'][visible='true']", :count => 1
assert_select "way[id='#{way4.id}'][visible='true']", :count => 1
end
# check error when a non-existent way is included
get :ways, :ways => "1,2,4,6,400"
get :ways, :params => { :ways => "#{way1.id},#{way2.id},#{way3.id},#{way4.id},400" }
assert_response :not_found
end
@ -111,17 +114,22 @@ class WayControllerTest < ActionController::TestCase
# -------------------------------------
def test_create
node1 = create(:node)
node2 = create(:node)
private_user = create(:user, :data_public => false)
private_changeset = create(:changeset, :user => private_user)
user = create(:user)
changeset = create(:changeset, :user => user)
## First check that it fails when creating a way using a non-public user
nid1 = current_nodes(:used_node_1).id
nid2 = current_nodes(:used_node_2).id
basic_authorization users(:normal_user).email, "test"
basic_authorization private_user.email, "test"
# use the first user's open changeset
changeset_id = changesets(:normal_user_first_change).id
changeset_id = private_changeset.id
# create a way with pre-existing nodes
content "<osm><way changeset='#{changeset_id}'>" +
"<nd ref='#{nid1}'/><nd ref='#{nid2}'/>" +
"<nd ref='#{node1.id}'/><nd ref='#{node2.id}'/>" +
"<tag k='test' v='yes' /></way></osm>"
put :create
# hope for failure
@ -129,16 +137,14 @@ class WayControllerTest < ActionController::TestCase
"way upload did not return forbidden status"
## Now use a public user
nid1 = current_nodes(:used_node_1).id
nid2 = current_nodes(:used_node_2).id
basic_authorization users(:public_user).email, "test"
basic_authorization user.email, "test"
# use the first user's open changeset
changeset_id = changesets(:public_user_first_change).id
changeset_id = changeset.id
# create a way with pre-existing nodes
content "<osm><way changeset='#{changeset_id}'>" +
"<nd ref='#{nid1}'/><nd ref='#{nid2}'/>" +
"<nd ref='#{node1.id}'/><nd ref='#{node2.id}'/>" +
"<tag k='test' v='yes' /></way></osm>"
put :create
# hope for success
@ -152,13 +158,13 @@ class WayControllerTest < ActionController::TestCase
# compare values
assert_equal checkway.nds.length, 2,
"saved way does not contain exactly one node"
assert_equal checkway.nds[0], nid1,
assert_equal checkway.nds[0], node1.id,
"saved way does not contain the right node on pos 0"
assert_equal checkway.nds[1], nid2,
assert_equal checkway.nds[1], node2.id,
"saved way does not contain the right node on pos 1"
assert_equal checkway.changeset_id, changeset_id,
"saved way does not belong to the correct changeset"
assert_equal users(:public_user).id, checkway.changeset.user_id,
assert_equal user.id, checkway.changeset.user_id,
"saved way does not belong to user that created it"
assert_equal true, checkway.visible,
"saved way is not visible"
@ -169,16 +175,20 @@ class WayControllerTest < ActionController::TestCase
# -------------------------------------
def test_create_invalid
node = create(:node)
private_user = create(:user, :data_public => false)
private_open_changeset = create(:changeset, :user => private_user)
private_closed_changeset = create(:changeset, :closed, :user => private_user)
user = create(:user)
open_changeset = create(:changeset, :user => user)
closed_changeset = create(:changeset, :closed, :user => user)
## First test with a private user to make sure that they are not authorized
basic_authorization users(:normal_user).email, "test"
basic_authorization private_user.email, "test"
# use the first user's open changeset
open_changeset_id = changesets(:normal_user_first_change).id
closed_changeset_id = changesets(:normal_user_closed_change).id
nid1 = current_nodes(:used_node_1).id
# create a way with non-existing node
content "<osm><way changeset='#{open_changeset_id}'>" +
content "<osm><way changeset='#{private_open_changeset.id}'>" +
"<nd ref='0'/><tag k='test' v='yes' /></way></osm>"
put :create
# expect failure
@ -186,7 +196,7 @@ class WayControllerTest < ActionController::TestCase
"way upload with invalid node using a private user did not return 'forbidden'"
# create a way with no nodes
content "<osm><way changeset='#{open_changeset_id}'>" +
content "<osm><way changeset='#{private_open_changeset.id}'>" +
"<tag k='test' v='yes' /></way></osm>"
put :create
# expect failure
@ -194,23 +204,19 @@ class WayControllerTest < ActionController::TestCase
"way upload with no node using a private userdid not return 'forbidden'"
# create a way inside a closed changeset
content "<osm><way changeset='#{closed_changeset_id}'>" +
"<nd ref='#{nid1}'/></way></osm>"
content "<osm><way changeset='#{private_closed_changeset.id}'>" +
"<nd ref='#{node.id}'/></way></osm>"
put :create
# expect failure
assert_response :forbidden,
"way upload to closed changeset with a private user did not return 'forbidden'"
## Now test with a public user
basic_authorization users(:public_user).email, "test"
basic_authorization user.email, "test"
# use the first user's open changeset
open_changeset_id = changesets(:public_user_first_change).id
closed_changeset_id = changesets(:public_user_closed_change).id
nid1 = current_nodes(:used_node_1).id
# create a way with non-existing node
content "<osm><way changeset='#{open_changeset_id}'>" +
content "<osm><way changeset='#{open_changeset.id}'>" +
"<nd ref='0'/><tag k='test' v='yes' /></way></osm>"
put :create
# expect failure
@ -219,7 +225,7 @@ class WayControllerTest < ActionController::TestCase
assert_equal "Precondition failed: Way requires the nodes with id in (0), which either do not exist, or are not visible.", @response.body
# create a way with no nodes
content "<osm><way changeset='#{open_changeset_id}'>" +
content "<osm><way changeset='#{open_changeset.id}'>" +
"<tag k='test' v='yes' /></way></osm>"
put :create
# expect failure
@ -228,16 +234,16 @@ class WayControllerTest < ActionController::TestCase
assert_equal "Precondition failed: Cannot create way: data is invalid.", @response.body
# create a way inside a closed changeset
content "<osm><way changeset='#{closed_changeset_id}'>" +
"<nd ref='#{nid1}'/></way></osm>"
content "<osm><way changeset='#{closed_changeset.id}'>" +
"<nd ref='#{node.id}'/></way></osm>"
put :create
# expect failure
assert_response :conflict,
"way upload to closed changeset did not return 'conflict'"
# create a way with a tag which is too long
content "<osm><way changeset='#{open_changeset_id}'>" +
"<nd ref='#{nid1}'/>" +
content "<osm><way changeset='#{open_changeset.id}'>" +
"<nd ref='#{node.id}'/>" +
"<tag k='foo' v='#{'x' * 256}'/>" +
"</way></osm>"
put :create
@ -251,36 +257,51 @@ class WayControllerTest < ActionController::TestCase
# -------------------------------------
def test_delete
private_user = create(:user, :data_public => false)
private_open_changeset = create(:changeset, :user => private_user)
private_closed_changeset = create(:changeset, :closed, :user => private_user)
private_way = create(:way, :changeset => private_open_changeset)
private_deleted_way = create(:way, :deleted, :changeset => private_open_changeset)
private_used_way = create(:way, :changeset => private_open_changeset)
create(:relation_member, :member => private_used_way)
user = create(:user)
open_changeset = create(:changeset, :user => user)
closed_changeset = create(:changeset, :closed, :user => user)
way = create(:way, :changeset => open_changeset)
deleted_way = create(:way, :deleted, :changeset => open_changeset)
used_way = create(:way, :changeset => open_changeset)
relation_member = create(:relation_member, :member => used_way)
relation = relation_member.relation
# first try to delete way without auth
delete :delete, :id => current_ways(:visible_way).id
delete :delete, :params => { :id => way.id }
assert_response :unauthorized
# now set auth using the private user
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
# this shouldn't work as with the 0.6 api we need pay load to delete
delete :delete, :id => current_ways(:visible_way).id
delete :delete, :params => { :id => private_way.id }
assert_response :forbidden
# Now try without having a changeset
content "<osm><way id='#{current_ways(:visible_way).id}'/></osm>"
delete :delete, :id => current_ways(:visible_way).id
content "<osm><way id='#{private_way.id}'/></osm>"
delete :delete, :params => { :id => private_way.id }
assert_response :forbidden
# try to delete with an invalid (closed) changeset
content update_changeset(current_ways(:visible_way).to_xml,
changesets(:normal_user_closed_change).id)
delete :delete, :id => current_ways(:visible_way).id
content update_changeset(private_way.to_xml, private_closed_changeset.id)
delete :delete, :params => { :id => private_way.id }
assert_response :forbidden
# try to delete with an invalid (non-existent) changeset
content update_changeset(current_ways(:visible_way).to_xml, 0)
delete :delete, :id => current_ways(:visible_way).id
content update_changeset(private_way.to_xml, 0)
delete :delete, :params => { :id => private_way.id }
assert_response :forbidden
# Now try with a valid changeset
content current_ways(:visible_way).to_xml
delete :delete, :id => current_ways(:visible_way).id
content private_way.to_xml
delete :delete, :params => { :id => private_way.id }
assert_response :forbidden
# check the returned value - should be the new version number
@ -290,69 +311,68 @@ class WayControllerTest < ActionController::TestCase
# "delete request should return a new version number for way"
# this won't work since the way is already deleted
content current_ways(:invisible_way).to_xml
delete :delete, :id => current_ways(:invisible_way).id
content private_deleted_way.to_xml
delete :delete, :params => { :id => private_deleted_way.id }
assert_response :forbidden
# this shouldn't work as the way is used in a relation
content current_ways(:used_way).to_xml
delete :delete, :id => current_ways(:used_way).id
content private_used_way.to_xml
delete :delete, :params => { :id => private_used_way.id }
assert_response :forbidden,
"shouldn't be able to delete a way used in a relation (#{@response.body}), when done by a private user"
# this won't work since the way never existed
delete :delete, :id => 0
delete :delete, :params => { :id => 0 }
assert_response :forbidden
### Now check with a public user
# now set auth
basic_authorization(users(:public_user).email, "test")
basic_authorization(user.email, "test")
# this shouldn't work as with the 0.6 api we need pay load to delete
delete :delete, :id => current_ways(:visible_way).id
delete :delete, :params => { :id => way.id }
assert_response :bad_request
# Now try without having a changeset
content "<osm><way id='#{current_ways(:visible_way).id}'/></osm>"
delete :delete, :id => current_ways(:visible_way).id
content "<osm><way id='#{way.id}'/></osm>"
delete :delete, :params => { :id => way.id }
assert_response :bad_request
# try to delete with an invalid (closed) changeset
content update_changeset(current_ways(:visible_way).to_xml,
changesets(:public_user_closed_change).id)
delete :delete, :id => current_ways(:visible_way).id
content update_changeset(way.to_xml, closed_changeset.id)
delete :delete, :params => { :id => way.id }
assert_response :conflict
# try to delete with an invalid (non-existent) changeset
content update_changeset(current_ways(:visible_way).to_xml, 0)
delete :delete, :id => current_ways(:visible_way).id
content update_changeset(way.to_xml, 0)
delete :delete, :params => { :id => way.id }
assert_response :conflict
# Now try with a valid changeset
content current_ways(:visible_way).to_xml
delete :delete, :id => current_ways(:visible_way).id
content way.to_xml
delete :delete, :params => { :id => way.id }
assert_response :success
# check the returned value - should be the new version number
# valid delete should return the new version number, which should
# be greater than the old version number
assert @response.body.to_i > current_ways(:visible_way).version,
assert @response.body.to_i > way.version,
"delete request should return a new version number for way"
# this won't work since the way is already deleted
content current_ways(:invisible_way).to_xml
delete :delete, :id => current_ways(:invisible_way).id
content deleted_way.to_xml
delete :delete, :params => { :id => deleted_way.id }
assert_response :gone
# this shouldn't work as the way is used in a relation
content current_ways(:used_way).to_xml
delete :delete, :id => current_ways(:used_way).id
content used_way.to_xml
delete :delete, :params => { :id => used_way.id }
assert_response :precondition_failed,
"shouldn't be able to delete a way used in a relation (#{@response.body})"
assert_equal "Precondition failed: Way 3 is still used by relations 1.", @response.body
assert_equal "Precondition failed: Way #{used_way.id} is still used by relations #{relation.id}.", @response.body
# this won't work since the way never existed
delete :delete, :id => 0
delete :delete, :params => { :id => 0 }
assert_response :not_found
end
@ -360,127 +380,128 @@ class WayControllerTest < ActionController::TestCase
# tests whether the API works and prevents incorrect use while trying
# to update ways.
def test_update
private_user = create(:user, :data_public => false)
private_way = create(:way, :changeset => create(:changeset, :user => private_user))
user = create(:user)
way = create(:way, :changeset => create(:changeset, :user => user))
node = create(:node)
create(:way_node, :way => private_way, :node => node)
create(:way_node, :way => way, :node => node)
## First test with no user credentials
# try and update a way without authorisation
# first try to delete way without auth
content current_ways(:visible_way).to_xml
put :update, :id => current_ways(:visible_way).id
content way.to_xml
put :update, :params => { :id => way.id }
assert_response :unauthorized
## Second test with the private user
# setup auth
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
## trying to break changesets
# try and update in someone else's changeset
content update_changeset(current_ways(:visible_way).to_xml,
changesets(:public_user_first_change).id)
put :update, :id => current_ways(:visible_way).id
content update_changeset(private_way.to_xml,
create(:changeset).id)
put :update, :params => { :id => private_way.id }
assert_require_public_data "update with other user's changeset should be forbidden when date isn't public"
# try and update in a closed changeset
content update_changeset(current_ways(:visible_way).to_xml,
changesets(:normal_user_closed_change).id)
put :update, :id => current_ways(:visible_way).id
content update_changeset(private_way.to_xml,
create(:changeset, :closed, :user => private_user).id)
put :update, :params => { :id => private_way.id }
assert_require_public_data "update with closed changeset should be forbidden, when data isn't public"
# try and update in a non-existant changeset
content update_changeset(current_ways(:visible_way).to_xml, 0)
put :update, :id => current_ways(:visible_way).id
content update_changeset(private_way.to_xml, 0)
put :update, :params => { :id => private_way.id }
assert_require_public_data("update with changeset=0 should be forbidden, when data isn't public")
## try and submit invalid updates
content xml_replace_node(current_ways(:visible_way).to_xml, 3, 9999)
put :update, :id => current_ways(:visible_way).id
content xml_replace_node(private_way.to_xml, node.id, 9999)
put :update, :params => { :id => private_way.id }
assert_require_public_data "way with non-existent node should be forbidden, when data isn't public"
content xml_replace_node(current_ways(:visible_way).to_xml, 3, current_nodes(:invisible_node).id)
put :update, :id => current_ways(:visible_way).id
content xml_replace_node(private_way.to_xml, node.id, create(:node, :deleted).id)
put :update, :params => { :id => private_way.id }
assert_require_public_data "way with deleted node should be forbidden, when data isn't public"
## finally, produce a good request which should work
content current_ways(:visible_way).to_xml
put :update, :id => current_ways(:visible_way).id
## finally, produce a good request which will still not work
content private_way.to_xml
put :update, :params => { :id => private_way.id }
assert_require_public_data "should have failed with a forbidden when data isn't public"
## Finally test with the public user
# try and update a way without authorisation
# first try to delete way without auth
content current_ways(:visible_way).to_xml
put :update, :id => current_ways(:visible_way).id
assert_response :forbidden
# setup auth
basic_authorization(users(:public_user).email, "test")
basic_authorization(user.email, "test")
## trying to break changesets
# try and update in someone else's changeset
content update_changeset(current_ways(:visible_way).to_xml,
changesets(:normal_user_first_change).id)
put :update, :id => current_ways(:visible_way).id
content update_changeset(way.to_xml,
create(:changeset).id)
put :update, :params => { :id => way.id }
assert_response :conflict, "update with other user's changeset should be rejected"
# try and update in a closed changeset
content update_changeset(current_ways(:visible_way).to_xml,
changesets(:normal_user_closed_change).id)
put :update, :id => current_ways(:visible_way).id
content update_changeset(way.to_xml,
create(:changeset, :closed, :user => user).id)
put :update, :params => { :id => way.id }
assert_response :conflict, "update with closed changeset should be rejected"
# try and update in a non-existant changeset
content update_changeset(current_ways(:visible_way).to_xml, 0)
put :update, :id => current_ways(:visible_way).id
content update_changeset(way.to_xml, 0)
put :update, :params => { :id => way.id }
assert_response :conflict, "update with changeset=0 should be rejected"
## try and submit invalid updates
content xml_replace_node(current_ways(:visible_way).to_xml, 3, 9999)
put :update, :id => current_ways(:visible_way).id
content xml_replace_node(way.to_xml, node.id, 9999)
put :update, :params => { :id => way.id }
assert_response :precondition_failed, "way with non-existent node should be rejected"
content xml_replace_node(current_ways(:visible_way).to_xml, 3, current_nodes(:invisible_node).id)
put :update, :id => current_ways(:visible_way).id
content xml_replace_node(way.to_xml, node.id, create(:node, :deleted).id)
put :update, :params => { :id => way.id }
assert_response :precondition_failed, "way with deleted node should be rejected"
## next, attack the versioning
current_way_version = current_ways(:visible_way).version
current_way_version = way.version
# try and submit a version behind
content xml_attr_rewrite(current_ways(:visible_way).to_xml,
content xml_attr_rewrite(way.to_xml,
"version", current_way_version - 1)
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => way.id }
assert_response :conflict, "should have failed on old version number"
# try and submit a version ahead
content xml_attr_rewrite(current_ways(:visible_way).to_xml,
content xml_attr_rewrite(way.to_xml,
"version", current_way_version + 1)
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => way.id }
assert_response :conflict, "should have failed on skipped version number"
# try and submit total crap in the version field
content xml_attr_rewrite(current_ways(:visible_way).to_xml,
content xml_attr_rewrite(way.to_xml,
"version", "p1r4t3s!")
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => way.id }
assert_response :conflict,
"should not be able to put 'p1r4at3s!' in the version field"
## try an update with the wrong ID
content current_ways(:used_way).to_xml
put :update, :id => current_ways(:visible_way).id
content create(:way).to_xml
put :update, :params => { :id => way.id }
assert_response :bad_request,
"should not be able to update a way with a different ID from the XML"
## try an update with a minimal valid XML doc which isn't a well-formed OSM doc.
content "<update/>"
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => way.id }
assert_response :bad_request,
"should not be able to update a way with non-OSM XML doc."
## finally, produce a good request which should work
content current_ways(:visible_way).to_xml
put :update, :id => current_ways(:visible_way).id
content way.to_xml
put :update, :params => { :id => way.id }
assert_response :success, "a valid update request failed"
end
@ -491,9 +512,14 @@ class WayControllerTest < ActionController::TestCase
##
# Try adding a new tag to a way
def test_add_tags
private_user = create(:user, :data_public => false)
private_way = create(:way_with_nodes, :nodes_count => 2, :changeset => create(:changeset, :user => private_user))
user = create(:user)
way = create(:way_with_nodes, :nodes_count => 2, :changeset => create(:changeset, :user => user))
## Try with the non-public user
# setup auth
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
# add an identical tag to the way
tag_xml = XML::Node.new("tag")
@ -501,18 +527,18 @@ class WayControllerTest < ActionController::TestCase
tag_xml["v"] = "yes"
# add the tag into the existing xml
way_xml = current_ways(:visible_way).to_xml
way_xml = private_way.to_xml
way_xml.find("//osm/way").first << tag_xml
# try and upload it
content way_xml
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => private_way.id }
assert_response :forbidden,
"adding a duplicate tag to a way for a non-public should fail with 'forbidden'"
## Now try with the public user
# setup auth
basic_authorization(users(:public_user).email, "test")
basic_authorization(user.email, "test")
# add an identical tag to the way
tag_xml = XML::Node.new("tag")
@ -520,66 +546,78 @@ class WayControllerTest < ActionController::TestCase
tag_xml["v"] = "yes"
# add the tag into the existing xml
way_xml = current_ways(:visible_way).to_xml
way_xml = way.to_xml
way_xml.find("//osm/way").first << tag_xml
# try and upload it
content way_xml
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => way.id }
assert_response :success,
"adding a new tag to a way should succeed"
assert_equal current_ways(:visible_way).version + 1, @response.body.to_i
assert_equal way.version + 1, @response.body.to_i
end
##
# Try adding a duplicate of an existing tag to a way
def test_add_duplicate_tags
private_user = create(:user, :data_public => false)
private_way = create(:way, :changeset => create(:changeset, :user => private_user))
private_existing_tag = create(:way_tag, :way => private_way)
user = create(:user)
way = create(:way, :changeset => create(:changeset, :user => user))
existing_tag = create(:way_tag, :way => way)
## Try with the non-public user
# setup auth
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
# add an identical tag to the way
tag_xml = XML::Node.new("tag")
tag_xml["k"] = current_way_tags(:t1).k
tag_xml["v"] = current_way_tags(:t1).v
tag_xml["k"] = private_existing_tag.k
tag_xml["v"] = private_existing_tag.v
# add the tag into the existing xml
way_xml = current_ways(:visible_way).to_xml
way_xml = private_way.to_xml
way_xml.find("//osm/way").first << tag_xml
# try and upload it
content way_xml
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => private_way.id }
assert_response :forbidden,
"adding a duplicate tag to a way for a non-public should fail with 'forbidden'"
## Now try with the public user
# setup auth
basic_authorization(users(:public_user).email, "test")
basic_authorization(user.email, "test")
# add an identical tag to the way
tag_xml = XML::Node.new("tag")
tag_xml["k"] = current_way_tags(:t1).k
tag_xml["v"] = current_way_tags(:t1).v
tag_xml["k"] = existing_tag.k
tag_xml["v"] = existing_tag.v
# add the tag into the existing xml
way_xml = current_ways(:visible_way).to_xml
way_xml = way.to_xml
way_xml.find("//osm/way").first << tag_xml
# try and upload it
content way_xml
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => way.id }
assert_response :bad_request,
"adding a duplicate tag to a way should fail with 'bad request'"
assert_equal "Element way/#{current_ways(:visible_way).id} has duplicate tags with key #{current_way_tags(:t1).k}", @response.body
assert_equal "Element way/#{way.id} has duplicate tags with key #{existing_tag.k}", @response.body
end
##
# Try adding a new duplicate tags to a way
def test_new_duplicate_tags
private_user = create(:user, :data_public => false)
private_way = create(:way, :changeset => create(:changeset, :user => private_user))
user = create(:user)
way = create(:way, :changeset => create(:changeset, :user => user))
## First test with the non-public user so should be rejected
# setup auth
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
# create duplicate tag
tag_xml = XML::Node.new("tag")
@ -587,20 +625,20 @@ class WayControllerTest < ActionController::TestCase
tag_xml["v"] = "foobar"
# add the tag into the existing xml
way_xml = current_ways(:visible_way).to_xml
way_xml = private_way.to_xml
# add two copies of the tag
way_xml.find("//osm/way").first << tag_xml.copy(true) << tag_xml
# try and upload it
content way_xml
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => private_way.id }
assert_response :forbidden,
"adding new duplicate tags to a way using a non-public user should fail with 'forbidden'"
## Now test with the public user
# setup auth
basic_authorization(users(:public_user).email, "test")
basic_authorization(user.email, "test")
# create duplicate tag
tag_xml = XML::Node.new("tag")
@ -608,17 +646,17 @@ class WayControllerTest < ActionController::TestCase
tag_xml["v"] = "foobar"
# add the tag into the existing xml
way_xml = current_ways(:visible_way).to_xml
way_xml = way.to_xml
# add two copies of the tag
way_xml.find("//osm/way").first << tag_xml.copy(true) << tag_xml
# try and upload it
content way_xml
put :update, :id => current_ways(:visible_way).id
put :update, :params => { :id => way.id }
assert_response :bad_request,
"adding new duplicate tags to a way should fail with 'bad request'"
assert_equal "Element way/#{current_ways(:visible_way).id} has duplicate tags with key i_am_a_duplicate", @response.body
assert_equal "Element way/#{way.id} has duplicate tags with key i_am_a_duplicate", @response.body
end
##
@ -626,12 +664,17 @@ class WayControllerTest < ActionController::TestCase
# But be a bit subtle - use unicode decoding ambiguities to use different
# binary strings which have the same decoding.
def test_invalid_duplicate_tags
private_user = create(:user, :data_public => false)
private_changeset = create(:changeset, :user => private_user)
user = create(:user)
changeset = create(:changeset, :user => user)
## First make sure that you can't with a non-public user
# setup auth
basic_authorization(users(:normal_user).email, "test")
basic_authorization(private_user.email, "test")
# add the tag into the existing xml
way_str = "<osm><way changeset='1'>"
way_str = "<osm><way changeset='#{private_changeset.id}'>"
way_str << "<tag k='addr:housenumber' v='1'/>"
way_str << "<tag k='addr:housenumber' v='2'/>"
way_str << "</way></osm>"
@ -644,10 +687,10 @@ class WayControllerTest < ActionController::TestCase
## Now do it with a public user
# setup auth
basic_authorization(users(:public_user).email, "test")
basic_authorization(user.email, "test")
# add the tag into the existing xml
way_str = "<osm><way changeset='1'>"
way_str = "<osm><way changeset='#{changeset.id}'>"
way_str << "<tag k='addr:housenumber' v='1'/>"
way_str << "<tag k='addr:housenumber' v='2'/>"
way_str << "</way></osm>"
@ -664,19 +707,29 @@ class WayControllerTest < ActionController::TestCase
# test that a call to ways_for_node returns all ways that contain the node
# and none that don't.
def test_ways_for_node
# in current fixtures ways 1 and 3 all use node 3. ways 2 and 4
# *used* to use it but doesn't.
get :ways_for_node, :id => current_nodes(:used_node_1).id
node = create(:node)
way1 = create(:way)
way2 = create(:way)
create(:way_node, :way => way1, :node => node)
create(:way_node, :way => way2, :node => node)
# create an unrelated way
create(:way_with_nodes, :nodes_count => 2)
# create a way which used to use the node
way3_v1 = create(:old_way, :version => 1)
_way3_v2 = create(:old_way, :current_way => way3_v1.current_way, :version => 2)
create(:old_way_node, :old_way => way3_v1, :node => node)
get :ways_for_node, :params => { :id => node.id }
assert_response :success
ways_xml = XML::Parser.string(@response.body).parse
assert_not_nil ways_xml, "failed to parse ways_for_node response"
# check that the set of IDs match expectations
expected_way_ids = [current_ways(:visible_way).id,
current_ways(:used_way).id]
expected_way_ids = [way1.id,
way2.id]
found_way_ids = ways_xml.find("//osm/way").collect { |w| w["id"].to_i }
assert_equal expected_way_ids.sort, found_way_ids.sort,
"expected ways for node #{current_nodes(:used_node_1).id} did not match found"
"expected ways for node #{node.id} did not match found"
# check the full ways to ensure we're not missing anything
expected_way_ids.each do |id|