Mercurial > hg > soundsoftware-site

annotate test/integration/api_test/authentication_test.rb @ 1296:038ba2d95de8 redmine-2.2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix redmine-2.2 branch update (add missing svn files)
author Chris Cannam
date Fri, 14 Jun 2013 09:05:06 +0100
parents 433d4f72a19b
children 622f24f53b42
rev   line source
Chris@1115 1 # Redmine - project management software
Chris@1115 2 # Copyright (C) 2006-2012 Jean-Philippe Lang
Chris@1115 3 #
Chris@1115 4 # This program is free software; you can redistribute it and/or
Chris@1115 5 # modify it under the terms of the GNU General Public License
Chris@1115 6 # as published by the Free Software Foundation; either version 2
Chris@1115 7 # of the License, or (at your option) any later version.
Chris@1115 8 #
Chris@1115 9 # This program is distributed in the hope that it will be useful,
Chris@1115 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@1115 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@1115 12 # GNU General Public License for more details.
Chris@1115 13 #
Chris@1115 14 # You should have received a copy of the GNU General Public License
Chris@1115 15 # along with this program; if not, write to the Free Software
Chris@1115 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@1115 17
Chris@1115 18 require File.expand_path('../../../test_helper', __FILE__)
Chris@1115 19
Chris@1115 20 class ApiTest::AuthenticationTest < ActionController::IntegrationTest
Chris@1115 21 fixtures :users
Chris@1115 22
Chris@1115 23 def setup
Chris@1115 24 Setting.rest_api_enabled = '1'
Chris@1115 25 end
Chris@1115 26
Chris@1115 27 def teardown
Chris@1115 28 Setting.rest_api_enabled = '0'
Chris@1115 29 end
Chris@1115 30
Chris@1115 31 def test_api_request_should_not_use_user_session
Chris@1115 32 log_user('jsmith', 'jsmith')
Chris@1115 33
Chris@1115 34 get '/users/current'
Chris@1115 35 assert_response :success
Chris@1115 36
Chris@1115 37 get '/users/current.json'
Chris@1115 38 assert_response 401
Chris@1115 39 end
Chris@1115 40
Chris@1115 41 def test_api_should_accept_switch_user_header_for_admin_user
Chris@1115 42 user = User.find(1)
Chris@1115 43 su = User.find(4)
Chris@1115 44
Chris@1115 45 get '/users/current', {}, {'X-Redmine-API-Key' => user.api_key, 'X-Redmine-Switch-User' => su.login}
Chris@1115 46 assert_response :success
Chris@1115 47 assert_equal su, assigns(:user)
Chris@1115 48 assert_equal su, User.current
Chris@1115 49 end
Chris@1115 50
Chris@1115 51 def test_api_should_respond_with_412_when_trying_to_switch_to_a_invalid_user
Chris@1115 52 get '/users/current', {}, {'X-Redmine-API-Key' => User.find(1).api_key, 'X-Redmine-Switch-User' => 'foobar'}
Chris@1115 53 assert_response 412
Chris@1115 54 end
Chris@1115 55
Chris@1115 56 def test_api_should_respond_with_412_when_trying_to_switch_to_a_locked_user
Chris@1115 57 user = User.find(5)
Chris@1115 58 assert user.locked?
Chris@1115 59
Chris@1115 60 get '/users/current', {}, {'X-Redmine-API-Key' => User.find(1).api_key, 'X-Redmine-Switch-User' => user.login}
Chris@1115 61 assert_response 412
Chris@1115 62 end
Chris@1115 63
Chris@1115 64 def test_api_should_not_accept_switch_user_header_for_non_admin_user
Chris@1115 65 user = User.find(2)
Chris@1115 66 su = User.find(4)
Chris@1115 67
Chris@1115 68 get '/users/current', {}, {'X-Redmine-API-Key' => user.api_key, 'X-Redmine-Switch-User' => su.login}
Chris@1115 69 assert_response :success
Chris@1115 70 assert_equal user, assigns(:user)
Chris@1115 71 assert_equal user, User.current
Chris@1115 72 end
Chris@1115 73 end