Mercurial > hg > soundsoftware-site

comparison test/integration/api_test/disabled_rest_api_test.rb @ 37:94944d00e43c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
* Update to SVN trunk rev 4411
author Chris Cannam <chris.cannam@soundsoftware.ac.uk>
date Fri, 19 Nov 2010 13:24:41 +0000
parents
children af80e5618e9b
comparison
equal deleted inserted replaced
22:40f7cfd4df19 37:94944d00e43c
1 require "#{File.dirname(__FILE__)}/../../test_helper"
2
3 class ApiTest::DisabledRestApiTest < ActionController::IntegrationTest
4 fixtures :all
5
6 def setup
7 Setting.rest_api_enabled = '0'
8 Setting.login_required = '1'
9 end
10
11 def teardown
12 Setting.rest_api_enabled = '1'
13 Setting.login_required = '0'
14 end
15
16 # Using the NewsController because it's a simple API.
17 context "get /news with the API disabled" do
18
19 context "in :xml format" do
20 context "with a valid api token" do
21 setup do
22 @user = User.generate_with_protected!
23 @token = Token.generate!(:user => @user, :action => 'api')
24 get "/news.xml?key=#{@token.value}"
25 end
26
27 should_respond_with :unauthorized
28 should_respond_with_content_type :xml
29 should "not login as the user" do
30 assert_equal User.anonymous, User.current
31 end
32 end
33
34 context "with a valid HTTP authentication" do
35 setup do
36 @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
37 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
38 get "/news.xml", nil, :authorization => @authorization
39 end
40
41 should_respond_with :unauthorized
42 should_respond_with_content_type :xml
43 should "not login as the user" do
44 assert_equal User.anonymous, User.current
45 end
46 end
47
48 context "with a valid HTTP authentication using the API token" do
49 setup do
50 @user = User.generate_with_protected!
51 @token = Token.generate!(:user => @user, :action => 'api')
52 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X')
53 get "/news.xml", nil, :authorization => @authorization
54 end
55
56 should_respond_with :unauthorized
57 should_respond_with_content_type :xml
58 should "not login as the user" do
59 assert_equal User.anonymous, User.current
60 end
61 end
62 end
63
64 context "in :json format" do
65 context "with a valid api token" do
66 setup do
67 @user = User.generate_with_protected!
68 @token = Token.generate!(:user => @user, :action => 'api')
69 get "/news.json?key=#{@token.value}"
70 end
71
72 should_respond_with :unauthorized
73 should_respond_with_content_type :json
74 should "not login as the user" do
75 assert_equal User.anonymous, User.current
76 end
77 end
78
79 context "with a valid HTTP authentication" do
80 setup do
81 @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
82 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
83 get "/news.json", nil, :authorization => @authorization
84 end
85
86 should_respond_with :unauthorized
87 should_respond_with_content_type :json
88 should "not login as the user" do
89 assert_equal User.anonymous, User.current
90 end
91 end
92
93 context "with a valid HTTP authentication using the API token" do
94 setup do
95 @user = User.generate_with_protected!
96 @token = Token.generate!(:user => @user, :action => 'api')
97 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter')
98 get "/news.json", nil, :authorization => @authorization
99 end
100
101 should_respond_with :unauthorized
102 should_respond_with_content_type :json
103 should "not login as the user" do
104 assert_equal User.anonymous, User.current
105 end
106 end
107
108 end
109 end
110 end