cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into moderation

Browse source
This commit is contained in:
Andy Allan 2017-11-29 12:18:39 +00:00
commit effb1b7f41
438 changed files with 83811 additions and 57285 deletions
Download patch file Download diff file Expand all files Collapse all files

130
test/controllers/changeset_controller_test.rb
View file

@ -98,16 +98,16 @@ class ChangesetControllerTest < ActionController::TestCase
def test_create
basic_authorization create(:user, :data_public => false).email, "test"
# Create the first user's changeset
content "<osm><changeset>" +
"<tag k='created_by' v='osm test suite checking changesets'/>" +
content "<osm><changeset>" \
"<tag k='created_by' v='osm test suite checking changesets'/>" \
"</changeset></osm>"
put :create
assert_require_public_data
basic_authorization create(:user).email, "test"
# Create the first user's changeset
content "<osm><changeset>" +
"<tag k='created_by' v='osm test suite checking changesets'/>" +
content "<osm><changeset>" \
"<tag k='created_by' v='osm test suite checking changesets'/>" \
"</changeset></osm>"
put :create
@ -327,7 +327,7 @@ class ChangesetControllerTest < ActionController::TestCase
# simple diff to change a node, way and relation by removing
# their tags
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<modify>
<node id='#{node.id}' lon='0' lat='0' changeset='#{changeset_id}' version='1'/>
@ -343,7 +343,7 @@ class ChangesetControllerTest < ActionController::TestCase
</relation>
</modify>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -357,7 +357,7 @@ EOF
# simple diff to change a node, way and relation by removing
# their tags
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<modify>
<node id='#{node.id}' lon='0' lat='0' changeset='#{changeset_id}' version='1'/>
@ -373,7 +373,7 @@ EOF
</relation>
</modify>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -387,7 +387,7 @@ EOF
# simple diff to change a node, way and relation by removing
# their tags
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<modify>
<node id='#{node.id}' lon='0' lat='0' changeset='#{changeset_id}' version='1'/>
@ -403,7 +403,7 @@ EOF
</relation>
</modify>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -429,7 +429,7 @@ EOF
basic_authorization user.email, "test"
# simple diff to create a node way and relation using placeholders
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id='-1' lon='0' lat='0' changeset='#{changeset.id}'>
@ -448,7 +448,7 @@ EOF
</relation>
</create>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -561,8 +561,8 @@ EOF
basic_authorization create(:user).email, "test"
# create a temporary changeset
content "<osm><changeset>" +
"<tag k='created_by' v='osm test suite checking changesets'/>" +
content "<osm><changeset>" \
"<tag k='created_by' v='osm test suite checking changesets'/>" \
"</changeset></osm>"
assert_difference "Changeset.count", 1 do
put :create
@ -582,7 +582,7 @@ EOF
# upload some widely-spaced nodes, spiralling positive and negative to cause
# largest bbox over-expansion possible.
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id='-1' lon='-20' lat='-10' changeset='#{changeset_id}'/>
@ -605,7 +605,7 @@ EOF
<node id='-18' lon='179.9' lat='89.9' changeset='#{changeset_id}'/>
</create>
</osmChange>
EOF
CHANGESET
# upload it, which used to cause an error like "PGError: ERROR:
# integer out of range" (bug #2152). but shouldn't any more.
@ -739,7 +739,7 @@ EOF
basic_authorization changeset.user.email, "test"
# simple diff to create a node way and relation using placeholders
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id='-1' lon='0' lat='0' changeset='#{changeset.id}'>
@ -747,7 +747,7 @@ EOF
</node>
</create>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -770,7 +770,7 @@ EOF
basic_authorization changeset.user.email, "test"
# simple diff to create a node way and relation using placeholders
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id='-1' lon='0' lat='0' changeset='#{changeset.id}'>
@ -790,7 +790,7 @@ EOF
</relation>
</modify>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -832,7 +832,7 @@ EOF
basic_authorization changeset.user.email, "test"
# simple diff to create a node way and relation using placeholders
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<modify>
<node id='#{node.id}' lon='0' lat='0' changeset='#{changeset.id}' version='1'/>
@ -854,7 +854,7 @@ EOF
</node>
</create>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -878,7 +878,7 @@ EOF
# change the location of a node multiple times, each time referencing
# the last version. doesn't this depend on version numbers being
# sequential?
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<modify>
<node id='#{node.id}' lon='0' lat='0' changeset='#{changeset.id}' version='1'/>
@ -891,7 +891,7 @@ EOF
<node id='#{node.id}' lon='9' lat='9' changeset='#{changeset.id}' version='8'/>
</modify>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -914,14 +914,14 @@ EOF
basic_authorization changeset.user.email, "test"
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<modify>
<node id='#{node.id}' lon='0' lat='0' changeset='#{changeset.id}' version='1'/>
<node id='#{node.id}' lon='1' lat='1' changeset='#{changeset.id}' version='1'/>
</modify>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -937,13 +937,13 @@ EOF
basic_authorization changeset.user.email, "test"
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<modify>
<node id='1' lon='1' lat='1' changeset='#{changeset.id}'/>
</modify>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -959,13 +959,13 @@ EOF
basic_authorization changeset.user.email, "test"
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<ping>
<node id='1' lon='1' lat='1' changeset='#{changeset.id}' />
</ping>
</osmChange>
EOF
CHANGESET
content diff
post :upload, :params => { :id => changeset.id }
assert_response :bad_request, "Shouldn't be able to upload a diff with the action ping"
@ -985,7 +985,7 @@ EOF
basic_authorization changeset.user.email, "test"
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<modify><node id='#{node.id}' lon='0' lat='0' changeset='#{changeset.id}'
version='1'></node>
@ -997,7 +997,7 @@ EOF
<member type='relation' role='some' ref='#{other_relation.id}'/>
</relation>
</modify></osmChange>
EOF
CHANGESET
# upload it
content diff
@ -1021,7 +1021,7 @@ EOF
basic_authorization changeset.user.email, "test"
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id='-1' lon='0' lat='0' changeset='#{changeset.id}'>
@ -1035,7 +1035,7 @@ EOF
<node id='-1' lon='2' lat='2' changeset='#{changeset.id}' version='2'/>
</delete>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -1056,7 +1056,7 @@ EOF
basic_authorization changeset.user.email, "test"
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id='-1' lon='0' lat='0' changeset='#{changeset.id}' version='1'/>
@ -1064,7 +1064,7 @@ EOF
<node id='-1' lon='2' lat='2' changeset='#{changeset.id}' version='2'/>
</create>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -1082,7 +1082,7 @@ EOF
basic_authorization changeset.user.email, "test"
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id="-1" lon="0" lat="0" changeset="#{changeset.id}" version="1"/>
@ -1096,7 +1096,7 @@ EOF
</way>
</create>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -1106,7 +1106,7 @@ EOF
assert_equal "Placeholder node not found for reference -4 in way -1", @response.body
# the same again, but this time use an existing way
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id="-1" lon="0" lat="0" changeset="#{changeset.id}" version="1"/>
@ -1120,7 +1120,7 @@ EOF
</way>
</create>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -1139,7 +1139,7 @@ EOF
basic_authorization changeset.user.email, "test"
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id="-1" lon="0" lat="0" changeset="#{changeset.id}" version="1"/>
@ -1153,7 +1153,7 @@ EOF
</relation>
</create>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -1163,7 +1163,7 @@ EOF
assert_equal "Placeholder Node not found for reference -4 in relation -1.", @response.body
# the same again, but this time use an existing relation
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<create>
<node id="-1" lon="0" lat="0" changeset="#{changeset.id}" version="1"/>
@ -1177,7 +1177,7 @@ EOF
</relation>
</create>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -1193,8 +1193,8 @@ EOF
def test_upload_node_move
basic_authorization create(:user).email, "test"
content "<osm><changeset>" +
"<tag k='created_by' v='osm test suite checking changesets'/>" +
content "<osm><changeset>" \
"<tag k='created_by' v='osm test suite checking changesets'/>" \
"</changeset></osm>"
put :create
assert_response :success
@ -1231,8 +1231,8 @@ EOF
def test_upload_way_extend
basic_authorization create(:user).email, "test"
content "<osm><changeset>" +
"<tag k='created_by' v='osm test suite checking changesets'/>" +
content "<osm><changeset>" \
"<tag k='created_by' v='osm test suite checking changesets'/>" \
"</changeset></osm>"
put :create
assert_response :success
@ -1280,7 +1280,7 @@ EOF
# upload it
content diff
post :upload, :params => { :id => changeset.id }
assert_response(:success, "should be able to upload " +
assert_response(:success, "should be able to upload " \
"empty changeset: " + diff)
end
end
@ -1324,8 +1324,8 @@ EOF
basic_authorization create(:user, :data_public => false).email, "test"
# create a temporary changeset
content "<osm><changeset>" +
"<tag k='created_by' v='osm test suite checking changesets'/>" +
content "<osm><changeset>" \
"<tag k='created_by' v='osm test suite checking changesets'/>" \
"</changeset></osm>"
put :create
assert_response :forbidden
@ -1334,15 +1334,15 @@ EOF
basic_authorization create(:user).email, "test"
# create a temporary changeset
content "<osm><changeset>" +
"<tag k='created_by' v='osm test suite checking changesets'/>" +
content "<osm><changeset>" \
"<tag k='created_by' v='osm test suite checking changesets'/>" \
"</changeset></osm>"
put :create
assert_response :success
changeset_id = @response.body.to_i
# add a diff to it
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<modify>
<node id='#{node.id}' lon='0' lat='0' changeset='#{changeset_id}' version='1'/>
@ -1355,7 +1355,7 @@ EOF
<node id='#{node.id}' lon='9' lat='9' changeset='#{changeset_id}' version='8'/>
</modify>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -1380,8 +1380,8 @@ EOF
basic_authorization create(:user).email, "test"
# create a temporary changeset
content "<osm><changeset>" +
"<tag k='created_by' v='osm test suite checking changesets'/>" +
content "<osm><changeset>" \
"<tag k='created_by' v='osm test suite checking changesets'/>" \
"</changeset></osm>"
put :create
assert_response :success
@ -1442,15 +1442,15 @@ OSMFILE
basic_authorization create(:user).email, "test"
# create a temporary changeset
content "<osm><changeset>" +
"<tag k='created_by' v='osm test suite checking changesets'/>" +
content "<osm><changeset>" \
"<tag k='created_by' v='osm test suite checking changesets'/>" \
"</changeset></osm>"
put :create
assert_response :success
changeset_id = @response.body.to_i
# add a diff to it
diff = <<EOF.strip_heredoc
diff = <<CHANGESET.strip_heredoc
<osmChange>
<delete>
<node id='#{node.id}' lon='0' lat='0' changeset='#{changeset_id}' version='1'/>
@ -1470,7 +1470,7 @@ OSMFILE
</way>
</modify>
</osmChange>
EOF
CHANGESET
# upload it
content diff
@ -1880,7 +1880,7 @@ EOF
# check that the changeset is now closed as well
assert(!changeset.is_open?,
"changeset should have been auto-closed by exceeding " +
"changeset should have been auto-closed by exceeding " \
"element limit.")
end
@ -2060,6 +2060,8 @@ EOF
# This should display the last 20 non-empty changesets
def test_feed
changeset = create(:changeset, :num_changes => 1)
create(:changeset_tag, :changeset => changeset)
create(:changeset_tag, :changeset => changeset, :k => "website", :v => "http://example.com/")
closed_changeset = create(:changeset, :closed, :num_changes => 1)
_empty_changeset = create(:changeset, :num_changes => 0)
@ -2075,6 +2077,8 @@ EOF
# This should display the last 20 changesets closed in a specific area
def test_feed_bbox
changeset = create(:changeset, :num_changes => 1, :min_lat => 5 * GeoRecord::SCALE, :min_lon => 5 * GeoRecord::SCALE, :max_lat => 5 * GeoRecord::SCALE, :max_lon => 5 * GeoRecord::SCALE)
create(:changeset_tag, :changeset => changeset)
create(:changeset_tag, :changeset => changeset, :k => "website", :v => "http://example.com/")
closed_changeset = create(:changeset, :closed, :num_changes => 1, :min_lat => 5 * GeoRecord::SCALE, :min_lon => 5 * GeoRecord::SCALE, :max_lat => 5 * GeoRecord::SCALE, :max_lon => 5 * GeoRecord::SCALE)
_elsewhere_changeset = create(:changeset, :num_changes => 1, :min_lat => -5 * GeoRecord::SCALE, :min_lon => -5 * GeoRecord::SCALE, :max_lat => -5 * GeoRecord::SCALE, :max_lon => -5 * GeoRecord::SCALE)
_empty_changeset = create(:changeset, :num_changes => 0, :min_lat => -5 * GeoRecord::SCALE, :min_lon => -5 * GeoRecord::SCALE, :max_lat => -5 * GeoRecord::SCALE, :max_lon => -5 * GeoRecord::SCALE)
@ -2092,6 +2096,8 @@ EOF
def test_feed_user
user = create(:user)
changesets = create_list(:changeset, 3, :user => user, :num_changes => 4)
create(:changeset_tag, :changeset => changesets[1])
create(:changeset_tag, :changeset => changesets[1], :k => "website", :v => "http://example.com/")
_other_changeset = create(:changeset)
get :feed, :params => { :format => :atom, :display_name => user.display_name }

12
test/controllers/diary_entry_controller_test.rb
View file

@ -254,7 +254,7 @@ class DiaryEntryControllerTest < ActionController::TestCase
get :edit,
:params => { :display_name => entry.user.display_name, :id => entry.id }
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :referer => "/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}/edit"
assert_redirected_to :controller => :user, :action => :login, :referer => "/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit"
# Verify that you get a not found error, when you pass a bogus id
get :edit,
@ -284,7 +284,7 @@ class DiaryEntryControllerTest < ActionController::TestCase
assert_select "h1", :text => /Edit diary entry/, :count => 1
end
assert_select "div#content", :count => 1 do
assert_select "form[action='/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}/edit'][method=post]", :count => 1 do
assert_select "form[action='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit'][method=post]", :count => 1 do
assert_select "input#diary_entry_title[name='diary_entry[title]'][value='#{entry.title}']", :count => 1
assert_select "textarea#diary_entry_body[name='diary_entry[body]']", :text => entry.body, :count => 1
assert_select "select#diary_entry_language_code", :count => 1
@ -329,7 +329,7 @@ class DiaryEntryControllerTest < ActionController::TestCase
assert_select "abbr[class='geo'][title='#{number_with_precision(new_latitude, :precision => 4)}; #{number_with_precision(new_longitude, :precision => 4)}']", :count => 1
# As we're not logged in, check that you cannot edit
# print @response.body
assert_select "a[href='/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
assert_select "a[href='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
end
# and when not logged in as the user who wrote the entry
@ -350,7 +350,7 @@ class DiaryEntryControllerTest < ActionController::TestCase
assert_select "abbr[class=geo][title='#{number_with_precision(new_latitude, :precision => 4)}; #{number_with_precision(new_longitude, :precision => 4)}']", :count => 1
# As we're not logged in, check that you cannot edit
assert_select "li[class='hidden show_if_user_#{entry.user.id}']", :count => 1 do
assert_select "a[href='/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
assert_select "a[href='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
end
end
end
@ -430,7 +430,7 @@ class DiaryEntryControllerTest < ActionController::TestCase
assert_response :success
assert_select ".diary-comment", :count => 1 do
assert_select "#comment#{comment.id}", :count => 1 do
assert_select "a[href='/user/#{URI.encode(other_user.display_name)}']", :text => other_user.display_name, :count => 1
assert_select "a[href='/user/#{ERB::Util.u(other_user.display_name)}']", :text => other_user.display_name, :count => 1
end
assert_select ".richtext", :text => /New comment/, :count => 1
end
@ -890,7 +890,7 @@ class DiaryEntryControllerTest < ActionController::TestCase
assert_select "div.diary_post", entries.count
entries.each do |entry|
assert_select "a[href=?]", "/user/#{URI.encode(entry.user.display_name)}/diary/#{entry.id}"
assert_select "a[href=?]", "/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}"
end
end
end

26
test/controllers/geocoder_controller_test.rb
View file

@ -1,4 +1,3 @@
# coding: utf-8
require "test_helper"
require "geocoder_controller"
@ -15,10 +14,6 @@ class GeocoderControllerTest < ActionController::TestCase
{ :path => "/geocoder/search_latlon", :method => :get },
{ :controller => "geocoder", :action => "search_latlon" }
)
assert_routing(
{ :path => "/geocoder/search_us_postcode", :method => :get },
{ :controller => "geocoder", :action => "search_us_postcode" }
)
assert_routing(
{ :path => "/geocoder/search_uk_postcode", :method => :get },
{ :controller => "geocoder", :action => "search_uk_postcode" }
@ -253,7 +248,7 @@ class GeocoderControllerTest < ActionController::TestCase
].each do |code|
post :search, :params => { :query => code }
assert_response :success
assert_equal %w[us_postcode osm_nominatim], assigns(:sources)
assert_equal %w[osm_nominatim], assigns(:sources)
end
end
@ -304,25 +299,6 @@ class GeocoderControllerTest < ActionController::TestCase
results_check_error "Longitude 180.23 out of range"
end
##
# Test the US postcode search
def test_search_us_postcode
with_http_stubs "geocoder_us" do
get :search_us_postcode, :xhr => true,
:params => { :query => "90210", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check :prefix => "Beverly Hills, CA,", :name => "90210",
:lat => 34.088808, :lon => -118.40612
get :search_us_postcode, :xhr => true,
:params => { :query => "00000", :zoom => 10,
:minlon => -0.559, :minlat => 51.217,
:maxlon => 0.836, :maxlat => 51.766 }
results_check
end
end
##
# Test the UK postcode search
def test_search_uk_postcode

10
test/controllers/message_controller_test.rb
View file

@ -63,7 +63,7 @@ class MessageControllerTest < ActionController::TestCase
get :new, :params => { :display_name => recipient_user.display_name }
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Send message"
assert_select "title", "Send message | OpenStreetMap"
assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
assert_select "input#message_title", :count => 1
assert_select "textarea#message_body", :count => 1
@ -89,7 +89,7 @@ class MessageControllerTest < ActionController::TestCase
end
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Send message"
assert_select "title", "Send message | OpenStreetMap"
assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
assert_select "input#message_title", :count => 1 do
assert_select "[value='Test Message']"
@ -117,7 +117,7 @@ class MessageControllerTest < ActionController::TestCase
end
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Send message"
assert_select "title", "Send message | OpenStreetMap"
assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
assert_select "input#message_title", :count => 1 do
assert_select "[value='Test Message']"
@ -145,7 +145,7 @@ class MessageControllerTest < ActionController::TestCase
end
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Send message"
assert_select "title", "Send message | OpenStreetMap"
assert_select "form[action='#{new_message_path(:display_name => recipient_user.display_name)}']", :count => 1 do
assert_select "input#message_title", :count => 1 do
assert_select "[value='']"
@ -244,7 +244,7 @@ class MessageControllerTest < ActionController::TestCase
get :reply, :params => { :message_id => unread_message.id }
assert_response :success
assert_template "new"
assert_select "title", "OpenStreetMap | Re: #{unread_message.title}"
assert_select "title", "Re: #{unread_message.title} | OpenStreetMap"
assert_select "form[action='#{new_message_path(:display_name => user.display_name)}']", :count => 1 do
assert_select "input#message_title[value='Re: #{unread_message.title}']", :count => 1
assert_select "textarea#message_body", :count => 1

8
test/controllers/node_controller_test.rb
View file

@ -496,8 +496,8 @@ class NodeControllerTest < ActionController::TestCase
# try and put something into a string that the API might
# use unquoted and therefore allow code injection...
content "<osm><node lat='0' lon='0' changeset='#{private_changeset.id}'>" +
'<tag k="#{@user.inspect}" v="0"/>' +
content "<osm><node lat='0' lon='0' changeset='#{private_changeset.id}'>" \
'<tag k="#{@user.inspect}" v="0"/>' \
"</node></osm>"
put :create
assert_require_public_data "Shouldn't be able to create with non-public user"
@ -507,8 +507,8 @@ class NodeControllerTest < ActionController::TestCase
# try and put something into a string that the API might
# use unquoted and therefore allow code injection...
content "<osm><node lat='0' lon='0' changeset='#{changeset.id}'>" +
'<tag k="#{@user.inspect}" v="0"/>' +
content "<osm><node lat='0' lon='0' changeset='#{changeset.id}'>" \
'<tag k="#{@user.inspect}" v="0"/>' \
"</node></osm>"
put :create
assert_response :success

2
test/controllers/old_node_controller_test.rb
View file

@ -137,7 +137,7 @@ class OldNodeControllerTest < ActionController::TestCase
end
# check all the versions
versions.keys.each do |key|
versions.each_key do |key|
get :version, :params => { :id => nodeid, :version => key.to_i }
assert_response :success,

34
test/controllers/relation_controller_test.rb
View file

@ -216,8 +216,8 @@ class RelationControllerTest < ActionController::TestCase
###
# create an relation with a node as member
# This time try with a role attribute in the relation
content "<osm><relation changeset='#{private_changeset.id}'>" +
"<member ref='#{node.id}' type='node' role='some'/>" +
content "<osm><relation changeset='#{private_changeset.id}'>" \
"<member ref='#{node.id}' type='node' role='some'/>" \
"<tag k='test' v='yes' /></relation></osm>"
put :create
# hope for forbidden due to user
@ -227,7 +227,7 @@ class RelationControllerTest < ActionController::TestCase
###
# create an relation with a node as member, this time test that we don't
# need a role attribute to be included
content "<osm><relation changeset='#{private_changeset.id}'>" +
content "<osm><relation changeset='#{private_changeset.id}'>" \
"<member ref='#{node.id}' type='node'/>" + "<tag k='test' v='yes' /></relation></osm>"
put :create
# hope for forbidden due to user
@ -236,9 +236,9 @@ class RelationControllerTest < ActionController::TestCase
###
# create an relation with a way and a node as members
content "<osm><relation changeset='#{private_changeset.id}'>" +
"<member type='node' ref='#{node.id}' role='some'/>" +
"<member type='way' ref='#{way.id}' role='other'/>" +
content "<osm><relation changeset='#{private_changeset.id}'>" \
"<member type='node' ref='#{node.id}' role='some'/>" \
"<member type='way' ref='#{way.id}' role='other'/>" \
"<tag k='test' v='yes' /></relation></osm>"
put :create
# hope for forbidden, due to user
@ -277,8 +277,8 @@ class RelationControllerTest < ActionController::TestCase
###
# create an relation with a node as member
# This time try with a role attribute in the relation
content "<osm><relation changeset='#{changeset.id}'>" +
"<member ref='#{node.id}' type='node' role='some'/>" +
content "<osm><relation changeset='#{changeset.id}'>" \
"<member ref='#{node.id}' type='node' role='some'/>" \
"<tag k='test' v='yes' /></relation></osm>"
put :create
# hope for success
@ -308,7 +308,7 @@ class RelationControllerTest < ActionController::TestCase
###
# create an relation with a node as member, this time test that we don't
# need a role attribute to be included
content "<osm><relation changeset='#{changeset.id}'>" +
content "<osm><relation changeset='#{changeset.id}'>" \
"<member ref='#{node.id}' type='node'/>" + "<tag k='test' v='yes' /></relation></osm>"
put :create
# hope for success
@ -337,9 +337,9 @@ class RelationControllerTest < ActionController::TestCase
###
# create an relation with a way and a node as members
content "<osm><relation changeset='#{changeset.id}'>" +
"<member type='node' ref='#{node.id}' role='some'/>" +
"<member type='way' ref='#{way.id}' role='other'/>" +
content "<osm><relation changeset='#{changeset.id}'>" \
"<member type='node' ref='#{node.id}' role='some'/>" \
"<member type='way' ref='#{way.id}' role='other'/>" \
"<tag k='test' v='yes' /></relation></osm>"
put :create
# hope for success
@ -461,8 +461,8 @@ class RelationControllerTest < ActionController::TestCase
basic_authorization user.email, "test"
# create a relation with non-existing node as member
content "<osm><relation changeset='#{changeset.id}'>" +
"<member type='node' ref='0'/><tag k='test' v='yes' />" +
content "<osm><relation changeset='#{changeset.id}'>" \
"<member type='node' ref='0'/><tag k='test' v='yes' />" \
"</relation></osm>"
put :create
# expect failure
@ -482,8 +482,8 @@ class RelationControllerTest < ActionController::TestCase
basic_authorization user.email, "test"
# create some xml that should return an error
content "<osm><relation changeset='#{changeset.id}'>" +
"<member type='type' ref='#{node.id}' role=''/>" +
content "<osm><relation changeset='#{changeset.id}'>" \
"<member type='type' ref='#{node.id}' role=''/>" \
"<tag k='tester' v='yep'/></relation></osm>"
put :create
# expect failure
@ -1063,7 +1063,7 @@ OSM
assert_equal a_tags.keys, b_tags.keys, "Tag keys should be identical."
a_tags.each do |k, v|
assert_equal v, b_tags[k],
"Tags which were not altered should be the same. " +
"Tags which were not altered should be the same. " \
"#{a_tags.inspect} != #{b_tags.inspect}"
end
end

47
test/controllers/trace_controller_test.rb
View file

@ -1,4 +1,5 @@
require "test_helper"
require "digest"
require "minitest/mock"
class TraceControllerTest < ActionController::TestCase
@ -355,15 +356,15 @@ class TraceControllerTest < ActionController::TestCase
# First with no auth, which should work since the trace is public
get :data, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }
check_trace_data public_trace_file
check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
# Now with some other user, which should work since the trace is public
get :data, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => create(:user) }
check_trace_data public_trace_file
check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
# And finally we should be able to do it with the owner of the trace
get :data, :params => { :display_name => public_trace_file.user.display_name, :id => public_trace_file.id }, :session => { :user => public_trace_file.user }
check_trace_data public_trace_file
check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
end
# Test downloading a compressed trace
@ -372,15 +373,15 @@ class TraceControllerTest < ActionController::TestCase
# First get the data as is
get :data, :params => { :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id }
check_trace_data identifiable_trace_file, "application/x-gzip", "gpx.gz"
check_trace_data identifiable_trace_file, "c6422a3d8750faae49ed70e7e8a51b93", "application/x-gzip", "gpx.gz"
# Now ask explicitly for XML format
get :data, :params => { :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "xml" }
check_trace_data identifiable_trace_file, "application/xml", "xml"
check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d", "application/xml", "xml"
# Now ask explicitly for GPX format
get :data, :params => { :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "gpx" }
check_trace_data identifiable_trace_file
check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d"
end
# Check an anonymous trace can't be downloaded by another user
@ -397,7 +398,7 @@ class TraceControllerTest < ActionController::TestCase
# And finally we should be able to do it with the owner of the trace
get :data, :params => { :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id }, :session => { :user => anon_trace_file.user }
check_trace_data anon_trace_file
check_trace_data anon_trace_file, "66179ca44f1e93d8df62e2b88cbea732"
end
# Test downloading a trace that doesn't exist
@ -751,12 +752,12 @@ class TraceControllerTest < ActionController::TestCase
# Now with some other user, which should work since the trace is public
basic_authorization create(:user).display_name, "test"
get :api_data, :params => { :id => public_trace_file.id }
check_trace_data public_trace_file
check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
# And finally we should be able to do it with the owner of the trace
basic_authorization public_trace_file.user.display_name, "test"
get :api_data, :params => { :id => public_trace_file.id }
check_trace_data public_trace_file
check_trace_data public_trace_file, "848caa72f2f456d1bd6a0fdf228aa1b9"
end
# Test downloading a compressed trace through the api
@ -768,15 +769,15 @@ class TraceControllerTest < ActionController::TestCase
# First get the data as is
get :api_data, :params => { :id => identifiable_trace_file.id }
check_trace_data identifiable_trace_file, "application/x-gzip", "gpx.gz"
check_trace_data identifiable_trace_file, "c6422a3d8750faae49ed70e7e8a51b93", "application/x-gzip", "gpx.gz"
# Now ask explicitly for XML format
get :api_data, :params => { :id => identifiable_trace_file.id, :format => "xml" }
check_trace_data identifiable_trace_file, "application/xml", "xml"
check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d", "application/xml", "xml"
# Now ask explicitly for GPX format
get :api_data, :params => { :id => identifiable_trace_file.id, :format => "gpx" }
check_trace_data identifiable_trace_file
check_trace_data identifiable_trace_file, "abd6675fdf3024a84fc0a1deac147c0d"
end
# Check an anonymous trace can't be downloaded by another user through the api
@ -795,7 +796,7 @@ class TraceControllerTest < ActionController::TestCase
# And finally we should be able to do it with the owner of the trace
basic_authorization anon_trace_file.user.display_name, "test"
get :api_data, :params => { :id => anon_trace_file.id }
check_trace_data anon_trace_file
check_trace_data anon_trace_file, "66179ca44f1e93d8df62e2b88cbea732"
end
# Test downloading a trace that doesn't exist through the api
@ -931,6 +932,23 @@ class TraceControllerTest < ActionController::TestCase
assert_equal nt.visibility, t.visibility
end
# Test that updating a trace doesn't duplicate the tags
def test_api_update_tags
tracetag = create(:tracetag)
trace = tracetag.trace
basic_authorization trace.user.display_name, "test"
content trace.to_xml
put :api_update, :params => { :id => trace.id }
assert_response :success
updated = Trace.find(trace.id)
# Ensure there's only one tag in the database after updating
assert_equal Tracetag.count, 1
# The new tag object might have a different id, so check the string representation
assert_equal trace.tagstring, updated.tagstring
end
# Check deleting a trace through the api
def test_api_delete
public_trace_file = create(:trace, :visibility => "public")
@ -1017,8 +1035,9 @@ class TraceControllerTest < ActionController::TestCase
end
end
def check_trace_data(trace, content_type = "application/gpx+xml", extension = "gpx")
def check_trace_data(trace, digest, content_type = "application/gpx+xml", extension = "gpx")
assert_response :success
assert_equal digest, Digest::MD5.hexdigest(response.body)
assert_equal content_type, response.content_type
assert_equal "attachment; filename=\"#{trace.id}.#{extension}\"", @response.header["Content-Disposition"]
end

91
test/controllers/user_controller_test.rb
View file

@ -749,6 +749,12 @@ class UserControllerTest < ActionController::TestCase
assert_response :success
assert_template :reset_password
# Test that errors are reported for erroneous submissions
post :reset_password, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "different_password" } }
assert_response :success
assert_template :reset_password
assert_select "div#errorExplanation"
# Test setting a new password
post :reset_password, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "new_password" } }
assert_response :redirect
@ -772,7 +778,7 @@ class UserControllerTest < ActionController::TestCase
# you are not logged in
get :account, :params => { :display_name => user.display_name }
assert_response :redirect
assert_redirected_to :controller => :user, :action => "login", :referer => "/user/#{URI.encode(user.display_name)}/account"
assert_redirected_to :controller => :user, :action => "login", :referer => "/user/#{ERB::Util.u(user.display_name)}/account"
# Make sure that you are blocked when not logged in as the right user
get :account, :params => { :display_name => user.display_name }, :session => { :user => create(:user) }
@ -784,7 +790,8 @@ class UserControllerTest < ActionController::TestCase
assert_template :account
assert_select "form#accountForm" do |form|
assert_equal "post", form.attr("method").to_s
assert_equal "/user/#{URI.encode(user.display_name)}/account", form.attr("action").to_s
assert_select "input[name='_method']", false
assert_equal "/user/#{ERB::Util.u(user.display_name)}/account", form.attr("action").to_s
end
# Updating the description should work
@ -852,7 +859,7 @@ class UserControllerTest < ActionController::TestCase
# Adding external authentication should redirect to the auth provider
post :account, :params => { :display_name => user.display_name, :user => user.attributes.merge(:auth_provider => "openid", :auth_uid => "gmail.com") }, :session => { :user => user }
assert_response :redirect
assert_redirected_to auth_path(:provider => "openid", :openid_url => "https://www.google.com/accounts/o8/id", :origin => "/user/#{URI.encode(user.display_name)}/account")
assert_redirected_to auth_path(:provider => "openid", :openid_url => "https://www.google.com/accounts/o8/id", :origin => "/user/#{ERB::Util.u(user.display_name)}/account")
# Changing name to one that exists should fail
new_attributes = user.attributes.dup.merge(:display_name => create(:user).display_name)
@ -934,14 +941,14 @@ class UserControllerTest < ActionController::TestCase
get :view, :params => { :display_name => user.display_name }
assert_response :success
assert_select "div#userinformation" do
assert_select "a[href^='/user/#{URI.encode(user.display_name)}/history']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/traces']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/account']", 0
assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks']", 0
assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks_by']", 0
assert_select "a[href='/blocks/new/#{URI.encode(user.display_name)}']", 0
assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/traces']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 0
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0
assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 0
end
# Test a user who has been blocked
@ -950,14 +957,14 @@ class UserControllerTest < ActionController::TestCase
get :view, :params => { :display_name => blocked_user.display_name }
assert_response :success
assert_select "div#userinformation" do
assert_select "a[href^='/user/#{URI.encode(blocked_user.display_name)}/history']", 1
assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/traces']", 1
assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/diary']", 1
assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/account']", 0
assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/blocks']", 1
assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/blocks_by']", 0
assert_select "a[href='/blocks/new/#{URI.encode(blocked_user.display_name)}']", 0
assert_select "a[href^='/user/#{ERB::Util.u(blocked_user.display_name)}/history']", 1
assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/traces']", 1
assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/diary']", 1
assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/account']", 0
assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/blocks']", 1
assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/blocks_by']", 0
assert_select "a[href='/blocks/new/#{ERB::Util.u(blocked_user.display_name)}']", 0
end
# Test a moderator who has applied blocks
@ -966,14 +973,14 @@ class UserControllerTest < ActionController::TestCase
get :view, :params => { :display_name => moderator_user.display_name }
assert_response :success
assert_select "div#userinformation" do
assert_select "a[href^='/user/#{URI.encode(moderator_user.display_name)}/history']", 1
assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/traces']", 1
assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/diary']", 1
assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/account']", 0
assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/blocks']", 0
assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/blocks_by']", 1
assert_select "a[href='/blocks/new/#{URI.encode(moderator_user.display_name)}']", 0
assert_select "a[href^='/user/#{ERB::Util.u(moderator_user.display_name)}/history']", 1
assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/traces']", 1
assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/diary']", 1
assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/account']", 0
assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/blocks']", 0
assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/blocks_by']", 1
assert_select "a[href='/blocks/new/#{ERB::Util.u(moderator_user.display_name)}']", 0
end
# Login as a normal user
@ -983,14 +990,14 @@ class UserControllerTest < ActionController::TestCase
get :view, :params => { :display_name => user.display_name }
assert_response :success
assert_select "div#userinformation" do
assert_select "a[href^='/user/#{URI.encode(user.display_name)}/history']", 1
assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
assert_select "a[href='/traces/mine']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/account']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks']", 0
assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks_by']", 0
assert_select "a[href='/blocks/new/#{URI.encode(user.display_name)}']", 0
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0
assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 0
end
# Login as a moderator
@ -1000,14 +1007,14 @@ class UserControllerTest < ActionController::TestCase
get :view, :params => { :display_name => user.display_name }
assert_response :success
assert_select "div#userinformation" do
assert_select "a[href^='/user/#{URI.encode(user.display_name)}/history']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/traces']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{URI.encode(user.display_name)}/account']", 0
assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks']", 0
assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks_by']", 0
assert_select "a[href='/blocks/new/#{URI.encode(user.display_name)}']", 1
assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/traces']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 0
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0
assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 1
end
end

26
test/controllers/way_controller_test.rb
View file

@ -128,8 +128,8 @@ class WayControllerTest < ActionController::TestCase
changeset_id = private_changeset.id
# create a way with pre-existing nodes
content "<osm><way changeset='#{changeset_id}'>" +
"<nd ref='#{node1.id}'/><nd ref='#{node2.id}'/>" +
content "<osm><way changeset='#{changeset_id}'>" \
"<nd ref='#{node1.id}'/><nd ref='#{node2.id}'/>" \
"<tag k='test' v='yes' /></way></osm>"
put :create
# hope for failure
@ -143,8 +143,8 @@ class WayControllerTest < ActionController::TestCase
changeset_id = changeset.id
# create a way with pre-existing nodes
content "<osm><way changeset='#{changeset_id}'>" +
"<nd ref='#{node1.id}'/><nd ref='#{node2.id}'/>" +
content "<osm><way changeset='#{changeset_id}'>" \
"<nd ref='#{node1.id}'/><nd ref='#{node2.id}'/>" \
"<tag k='test' v='yes' /></way></osm>"
put :create
# hope for success
@ -188,7 +188,7 @@ class WayControllerTest < ActionController::TestCase
# use the first user's open changeset
# create a way with non-existing node
content "<osm><way changeset='#{private_open_changeset.id}'>" +
content "<osm><way changeset='#{private_open_changeset.id}'>" \
"<nd ref='0'/><tag k='test' v='yes' /></way></osm>"
put :create
# expect failure
@ -196,7 +196,7 @@ class WayControllerTest < ActionController::TestCase
"way upload with invalid node using a private user did not return 'forbidden'"
# create a way with no nodes
content "<osm><way changeset='#{private_open_changeset.id}'>" +
content "<osm><way changeset='#{private_open_changeset.id}'>" \
"<tag k='test' v='yes' /></way></osm>"
put :create
# expect failure
@ -204,7 +204,7 @@ class WayControllerTest < ActionController::TestCase
"way upload with no node using a private userdid not return 'forbidden'"
# create a way inside a closed changeset
content "<osm><way changeset='#{private_closed_changeset.id}'>" +
content "<osm><way changeset='#{private_closed_changeset.id}'>" \
"<nd ref='#{node.id}'/></way></osm>"
put :create
# expect failure
@ -216,7 +216,7 @@ class WayControllerTest < ActionController::TestCase
# use the first user's open changeset
# create a way with non-existing node
content "<osm><way changeset='#{open_changeset.id}'>" +
content "<osm><way changeset='#{open_changeset.id}'>" \
"<nd ref='0'/><tag k='test' v='yes' /></way></osm>"
put :create
# expect failure
@ -225,7 +225,7 @@ class WayControllerTest < ActionController::TestCase
assert_equal "Precondition failed: Way requires the nodes with id in (0), which either do not exist, or are not visible.", @response.body
# create a way with no nodes
content "<osm><way changeset='#{open_changeset.id}'>" +
content "<osm><way changeset='#{open_changeset.id}'>" \
"<tag k='test' v='yes' /></way></osm>"
put :create
# expect failure
@ -234,7 +234,7 @@ class WayControllerTest < ActionController::TestCase
assert_equal "Precondition failed: Cannot create way: data is invalid.", @response.body
# create a way inside a closed changeset
content "<osm><way changeset='#{closed_changeset.id}'>" +
content "<osm><way changeset='#{closed_changeset.id}'>" \
"<nd ref='#{node.id}'/></way></osm>"
put :create
# expect failure
@ -242,9 +242,9 @@ class WayControllerTest < ActionController::TestCase
"way upload to closed changeset did not return 'conflict'"
# create a way with a tag which is too long
content "<osm><way changeset='#{open_changeset.id}'>" +
"<nd ref='#{node.id}'/>" +
"<tag k='foo' v='#{'x' * 256}'/>" +
content "<osm><way changeset='#{open_changeset.id}'>" \
"<nd ref='#{node.id}'/>" \
"<tag k='foo' v='#{'x' * 256}'/>" \
"</way></osm>"
put :create
# expect failure