annotate test/integration/api_test/disabled_rest_api_test.rb @ 861:b8105f717bf7 bug_182

Close obsolete branch bug_182
author Chris Cannam
date Fri, 10 Jun 2011 16:49:58 +0100
parents 94944d00e43c
children af80e5618e9b
rev   line source
chris@37 1 require "#{File.dirname(__FILE__)}/../../test_helper"
chris@37 2
chris@37 3 class ApiTest::DisabledRestApiTest < ActionController::IntegrationTest
chris@37 4 fixtures :all
chris@37 5
chris@37 6 def setup
chris@37 7 Setting.rest_api_enabled = '0'
chris@37 8 Setting.login_required = '1'
chris@37 9 end
chris@37 10
chris@37 11 def teardown
chris@37 12 Setting.rest_api_enabled = '1'
chris@37 13 Setting.login_required = '0'
chris@37 14 end
chris@37 15
chris@37 16 # Using the NewsController because it's a simple API.
chris@37 17 context "get /news with the API disabled" do
chris@37 18
chris@37 19 context "in :xml format" do
chris@37 20 context "with a valid api token" do
chris@37 21 setup do
chris@37 22 @user = User.generate_with_protected!
chris@37 23 @token = Token.generate!(:user => @user, :action => 'api')
chris@37 24 get "/news.xml?key=#{@token.value}"
chris@37 25 end
chris@37 26
chris@37 27 should_respond_with :unauthorized
chris@37 28 should_respond_with_content_type :xml
chris@37 29 should "not login as the user" do
chris@37 30 assert_equal User.anonymous, User.current
chris@37 31 end
chris@37 32 end
chris@37 33
chris@37 34 context "with a valid HTTP authentication" do
chris@37 35 setup do
chris@37 36 @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
chris@37 37 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
chris@37 38 get "/news.xml", nil, :authorization => @authorization
chris@37 39 end
chris@37 40
chris@37 41 should_respond_with :unauthorized
chris@37 42 should_respond_with_content_type :xml
chris@37 43 should "not login as the user" do
chris@37 44 assert_equal User.anonymous, User.current
chris@37 45 end
chris@37 46 end
chris@37 47
chris@37 48 context "with a valid HTTP authentication using the API token" do
chris@37 49 setup do
chris@37 50 @user = User.generate_with_protected!
chris@37 51 @token = Token.generate!(:user => @user, :action => 'api')
chris@37 52 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X')
chris@37 53 get "/news.xml", nil, :authorization => @authorization
chris@37 54 end
chris@37 55
chris@37 56 should_respond_with :unauthorized
chris@37 57 should_respond_with_content_type :xml
chris@37 58 should "not login as the user" do
chris@37 59 assert_equal User.anonymous, User.current
chris@37 60 end
chris@37 61 end
chris@37 62 end
chris@37 63
chris@37 64 context "in :json format" do
chris@37 65 context "with a valid api token" do
chris@37 66 setup do
chris@37 67 @user = User.generate_with_protected!
chris@37 68 @token = Token.generate!(:user => @user, :action => 'api')
chris@37 69 get "/news.json?key=#{@token.value}"
chris@37 70 end
chris@37 71
chris@37 72 should_respond_with :unauthorized
chris@37 73 should_respond_with_content_type :json
chris@37 74 should "not login as the user" do
chris@37 75 assert_equal User.anonymous, User.current
chris@37 76 end
chris@37 77 end
chris@37 78
chris@37 79 context "with a valid HTTP authentication" do
chris@37 80 setup do
chris@37 81 @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
chris@37 82 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
chris@37 83 get "/news.json", nil, :authorization => @authorization
chris@37 84 end
chris@37 85
chris@37 86 should_respond_with :unauthorized
chris@37 87 should_respond_with_content_type :json
chris@37 88 should "not login as the user" do
chris@37 89 assert_equal User.anonymous, User.current
chris@37 90 end
chris@37 91 end
chris@37 92
chris@37 93 context "with a valid HTTP authentication using the API token" do
chris@37 94 setup do
chris@37 95 @user = User.generate_with_protected!
chris@37 96 @token = Token.generate!(:user => @user, :action => 'api')
chris@37 97 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter')
chris@37 98 get "/news.json", nil, :authorization => @authorization
chris@37 99 end
chris@37 100
chris@37 101 should_respond_with :unauthorized
chris@37 102 should_respond_with_content_type :json
chris@37 103 should "not login as the user" do
chris@37 104 assert_equal User.anonymous, User.current
chris@37 105 end
chris@37 106 end
chris@37 107
chris@37 108 end
chris@37 109 end
chris@37 110 end