cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Check that the permission is non-zero

Browse source 
Fixes #3241
This commit is contained in:
Tom Hughes 2021-07-01 16:26:17 +01:00
parent 433ec44cb1
commit e4ce1c5f2f
2 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/oauth_controller.rb
View file

@ -27,7 +27,7 @@ class OauthController < ApplicationController
any_auth = false
@token.client_application.permissions.each do |pref|
if params[pref]
if params[pref].to_i.nonzero?
@token.write_attribute(pref, true)
any_auth ||= true
else

8
test/integration/oauth_test.rb
View file

@ -68,7 +68,7 @@ class OAuthTest < ActionDispatch::IntegrationTest
post "/oauth/authorize",
:params => { :oauth_token => token.token,
:allow_read_prefs => true, :allow_write_prefs => true }
:allow_read_prefs => "1", :allow_write_prefs => "1" }
if client.callback_url
assert_response :redirect
assert_redirected_to "#{client.callback_url}?oauth_token=#{token.token}"
@ -151,7 +151,7 @@ class OAuthTest < ActionDispatch::IntegrationTest
post "/oauth/authorize",
:params => { :oauth_token => token.token, :oauth_callback => callback_url,
:allow_write_api => true, :allow_read_gpx => true }
:allow_write_api => "1", :allow_read_gpx => "1" }
assert_response :redirect
assert_redirected_to "#{callback_url}?oauth_token=#{token.token}"
token.reload
@ -198,7 +198,7 @@ class OAuthTest < ActionDispatch::IntegrationTest
post "/oauth/authorize",
:params => { :oauth_token => token.token,
:allow_read_prefs => true, :allow_write_prefs => true }
:allow_read_prefs => "1", :allow_write_prefs => "1" }
if client.callback_url
assert_response :redirect
verifier = parse_verifier(response)
@ -257,7 +257,7 @@ class OAuthTest < ActionDispatch::IntegrationTest
post "/oauth/authorize",
:params => { :oauth_token => token.token,
:allow_write_api => true, :allow_read_gpx => true }
:allow_write_api => "1", :allow_read_gpx => "1" }
assert_response :redirect
verifier = parse_verifier(response)
assert_redirected_to "#{callback_url}?oauth_token=#{token.token}&oauth_verifier=#{verifier}"