Mercurial > hg > soundsoftware-site
comparison .svn/pristine/b6/b60c09f950ca3bc2a75c168cc7ffe809b3b36299.svn-base @ 1298:4f746d8966dd redmine_2.3_integration
Merge from redmine-2.3 branch to create new branch redmine-2.3-integration
| author | Chris Cannam |
|---|---|
| date | Fri, 14 Jun 2013 09:28:30 +0100 |
| parents | 622f24f53b42 |
| children |
comparison
equal
deleted
inserted
replaced
| 1297:0a574315af3e | 1298:4f746d8966dd |
|---|---|
| 1 # Redmine - project management software | |
| 2 # Copyright (C) 2006-2013 Jean-Philippe Lang | |
| 3 # | |
| 4 # This program is free software; you can redistribute it and/or | |
| 5 # modify it under the terms of the GNU General Public License | |
| 6 # as published by the Free Software Foundation; either version 2 | |
| 7 # of the License, or (at your option) any later version. | |
| 8 # | |
| 9 # This program is distributed in the hope that it will be useful, | |
| 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 12 # GNU General Public License for more details. | |
| 13 # | |
| 14 # You should have received a copy of the GNU General Public License | |
| 15 # along with this program; if not, write to the Free Software | |
| 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |
| 17 | |
| 18 require File.expand_path('../../../test_helper', __FILE__) | |
| 19 | |
| 20 class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base | |
| 21 fixtures :users | |
| 22 | |
| 23 def setup | |
| 24 Setting.rest_api_enabled = '1' | |
| 25 end | |
| 26 | |
| 27 def teardown | |
| 28 Setting.rest_api_enabled = '0' | |
| 29 end | |
| 30 | |
| 31 def test_api_request_should_not_use_user_session | |
| 32 log_user('jsmith', 'jsmith') | |
| 33 | |
| 34 get '/users/current' | |
| 35 assert_response :success | |
| 36 | |
| 37 get '/users/current.json' | |
| 38 assert_response 401 | |
| 39 end | |
| 40 | |
| 41 def test_api_should_accept_switch_user_header_for_admin_user | |
| 42 user = User.find(1) | |
| 43 su = User.find(4) | |
| 44 | |
| 45 get '/users/current', {}, {'X-Redmine-API-Key' => user.api_key, 'X-Redmine-Switch-User' => su.login} | |
| 46 assert_response :success | |
| 47 assert_equal su, assigns(:user) | |
| 48 assert_equal su, User.current | |
| 49 end | |
| 50 | |
| 51 def test_api_should_respond_with_412_when_trying_to_switch_to_a_invalid_user | |
| 52 get '/users/current', {}, {'X-Redmine-API-Key' => User.find(1).api_key, 'X-Redmine-Switch-User' => 'foobar'} | |
| 53 assert_response 412 | |
| 54 end | |
| 55 | |
| 56 def test_api_should_respond_with_412_when_trying_to_switch_to_a_locked_user | |
| 57 user = User.find(5) | |
| 58 assert user.locked? | |
| 59 | |
| 60 get '/users/current', {}, {'X-Redmine-API-Key' => User.find(1).api_key, 'X-Redmine-Switch-User' => user.login} | |
| 61 assert_response 412 | |
| 62 end | |
| 63 | |
| 64 def test_api_should_not_accept_switch_user_header_for_non_admin_user | |
| 65 user = User.find(2) | |
| 66 su = User.find(4) | |
| 67 | |
| 68 get '/users/current', {}, {'X-Redmine-API-Key' => user.api_key, 'X-Redmine-Switch-User' => su.login} | |
| 69 assert_response :success | |
| 70 assert_equal user, assigns(:user) | |
| 71 assert_equal user, User.current | |
| 72 end | |
| 73 end |