Mercurial > hg > soundsoftware-site
comparison test/integration/api_test/authentication_test.rb @ 1526:404aa68d4227
Merge from live branch
| author | Chris Cannam |
|---|---|
| date | Thu, 11 Sep 2014 12:46:20 +0100 |
| parents | dffacf8a6908 |
| children |
comparison
equal
deleted
inserted
replaced
| 1493:a5f2bdf3b486 | 1526:404aa68d4227 |
|---|---|
| 1 # Redmine - project management software | 1 # Redmine - project management software |
| 2 # Copyright (C) 2006-2012 Jean-Philippe Lang | 2 # Copyright (C) 2006-2014 Jean-Philippe Lang |
| 3 # | 3 # |
| 4 # This program is free software; you can redistribute it and/or | 4 # This program is free software; you can redistribute it and/or |
| 5 # modify it under the terms of the GNU General Public License | 5 # modify it under the terms of the GNU General Public License |
| 6 # as published by the Free Software Foundation; either version 2 | 6 # as published by the Free Software Foundation; either version 2 |
| 7 # of the License, or (at your option) any later version. | 7 # of the License, or (at your option) any later version. |
| 15 # along with this program; if not, write to the Free Software | 15 # along with this program; if not, write to the Free Software |
| 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 17 | 17 |
| 18 require File.expand_path('../../../test_helper', __FILE__) | 18 require File.expand_path('../../../test_helper', __FILE__) |
| 19 | 19 |
| 20 class ApiTest::AuthenticationTest < ActionController::IntegrationTest | 20 class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base |
| 21 fixtures :users | 21 fixtures :users |
| 22 | 22 |
| 23 def setup | 23 def setup |
| 24 Setting.rest_api_enabled = '1' | 24 Setting.rest_api_enabled = '1' |
| 25 end | 25 end |
| 26 | 26 |
| 27 def teardown | 27 def teardown |
| 28 Setting.rest_api_enabled = '0' | 28 Setting.rest_api_enabled = '0' |
| 29 end | |
| 30 | |
| 31 def test_api_should_trigger_basic_http_auth_with_basic_authorization_header | |
| 32 ApplicationController.any_instance.expects(:authenticate_with_http_basic).once | |
| 33 get '/users/current.xml', {}, credentials('jsmith') | |
| 34 assert_response 401 | |
| 35 end | |
| 36 | |
| 37 def test_api_should_not_trigger_basic_http_auth_with_non_basic_authorization_header | |
| 38 ApplicationController.any_instance.expects(:authenticate_with_http_basic).never | |
| 39 get '/users/current.xml', {}, 'HTTP_AUTHORIZATION' => 'Digest foo bar' | |
| 40 assert_response 401 | |
| 41 end | |
| 42 | |
| 43 def test_invalid_utf8_credentials_should_not_trigger_an_error | |
| 44 invalid_utf8 = "\x82" | |
| 45 if invalid_utf8.respond_to?(:force_encoding) | |
| 46 invalid_utf8.force_encoding('UTF-8') | |
| 47 assert !invalid_utf8.valid_encoding? | |
| 48 end | |
| 49 assert_nothing_raised do | |
| 50 get '/users/current.xml', {}, credentials(invalid_utf8, "foo") | |
| 51 end | |
| 29 end | 52 end |
| 30 | 53 |
| 31 def test_api_request_should_not_use_user_session | 54 def test_api_request_should_not_use_user_session |
| 32 log_user('jsmith', 'jsmith') | 55 log_user('jsmith', 'jsmith') |
| 33 | 56 |