Mercurial > hg > soundsoftware-site

comparison .svn/pristine/43/431e564a1e03f4cc7d0102d7d18816df7d2cc0e3.svn-base @ 909:cbb26bc654de redmine-1.3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Redmine 1.3-stable branch (Redmine SVN rev 8964)
author Chris Cannam
date Fri, 24 Feb 2012 19:09:32 +0000
parents
children
comparison
equal deleted inserted replaced
908:c6c2cbd0afee 909:cbb26bc654de
1 require File.expand_path('../../../test_helper', __FILE__)
2
3 class ApiTest::DisabledRestApiTest < ActionController::IntegrationTest
4 fixtures :projects, :trackers, :issue_statuses, :issues,
5 :enumerations, :users, :issue_categories,
6 :projects_trackers,
7 :roles,
8 :member_roles,
9 :members,
10 :enabled_modules,
11 :workflows
12
13 def setup
14 Setting.rest_api_enabled = '0'
15 Setting.login_required = '1'
16 end
17
18 def teardown
19 Setting.rest_api_enabled = '1'
20 Setting.login_required = '0'
21 end
22
23 # Using the NewsController because it's a simple API.
24 context "get /news with the API disabled" do
25
26 context "in :xml format" do
27 context "with a valid api token" do
28 setup do
29 @user = User.generate_with_protected!
30 @token = Token.generate!(:user => @user, :action => 'api')
31 get "/news.xml?key=#{@token.value}"
32 end
33
34 should_respond_with :unauthorized
35 should_respond_with_content_type :xml
36 should "not login as the user" do
37 assert_equal User.anonymous, User.current
38 end
39 end
40
41 context "with a valid HTTP authentication" do
42 setup do
43 @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
44 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
45 get "/news.xml", nil, :authorization => @authorization
46 end
47
48 should_respond_with :unauthorized
49 should_respond_with_content_type :xml
50 should "not login as the user" do
51 assert_equal User.anonymous, User.current
52 end
53 end
54
55 context "with a valid HTTP authentication using the API token" do
56 setup do
57 @user = User.generate_with_protected!
58 @token = Token.generate!(:user => @user, :action => 'api')
59 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X')
60 get "/news.xml", nil, :authorization => @authorization
61 end
62
63 should_respond_with :unauthorized
64 should_respond_with_content_type :xml
65 should "not login as the user" do
66 assert_equal User.anonymous, User.current
67 end
68 end
69 end
70
71 context "in :json format" do
72 context "with a valid api token" do
73 setup do
74 @user = User.generate_with_protected!
75 @token = Token.generate!(:user => @user, :action => 'api')
76 get "/news.json?key=#{@token.value}"
77 end
78
79 should_respond_with :unauthorized
80 should_respond_with_content_type :json
81 should "not login as the user" do
82 assert_equal User.anonymous, User.current
83 end
84 end
85
86 context "with a valid HTTP authentication" do
87 setup do
88 @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
89 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
90 get "/news.json", nil, :authorization => @authorization
91 end
92
93 should_respond_with :unauthorized
94 should_respond_with_content_type :json
95 should "not login as the user" do
96 assert_equal User.anonymous, User.current
97 end
98 end
99
100 context "with a valid HTTP authentication using the API token" do
101 setup do
102 @user = User.generate_with_protected!
103 @token = Token.generate!(:user => @user, :action => 'api')
104 @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter')
105 get "/news.json", nil, :authorization => @authorization
106 end
107
108 should_respond_with :unauthorized
109 should_respond_with_content_type :json
110 should "not login as the user" do
111 assert_equal User.anonymous, User.current
112 end
113 end
114
115 end
116 end
117 end