Mercurial > hg > soundsoftware-site

diff test/integration/api_test/disabled_rest_api_test.rb @ 1115:433d4f72a19b redmine-2.2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Redmine SVN revision 11137 on 2.2-stable branch
author Chris Cannam
date Mon, 07 Jan 2013 12:01:42 +0000
parents cbb26bc654de
children 622f24f53b42
line wrap: on
line diff
--- a/test/integration/api_test/disabled_rest_api_test.rb	Wed Jun 27 14:54:18 2012 +0100
+++ b/test/integration/api_test/disabled_rest_api_test.rb	Mon Jan 07 12:01:42 2013 +0000
@@ -20,98 +20,43 @@
     Setting.login_required = '0'
   end
 
-  # Using the NewsController because it's a simple API.
-  context "get /news with the API disabled" do
+  def test_with_a_valid_api_token
+    @user = User.generate!
+    @token = Token.create!(:user => @user, :action => 'api')
 
-    context "in :xml format" do
-      context "with a valid api token" do
-        setup do
-          @user = User.generate_with_protected!
-          @token = Token.generate!(:user => @user, :action => 'api')
-          get "/news.xml?key=#{@token.value}"
-        end
+    get "/news.xml?key=#{@token.value}"
+    assert_response :unauthorized
+    assert_equal User.anonymous, User.current
 
-        should_respond_with :unauthorized
-        should_respond_with_content_type :xml
-        should "not login as the user" do
-          assert_equal User.anonymous, User.current
-        end
-      end
+    get "/news.json?key=#{@token.value}"
+    assert_response :unauthorized
+    assert_equal User.anonymous, User.current
+  end
 
-      context "with a valid HTTP authentication" do
-        setup do
-          @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
-          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
-          get "/news.xml", nil, :authorization => @authorization
-        end
-
-        should_respond_with :unauthorized
-        should_respond_with_content_type :xml
-        should "not login as the user" do
-          assert_equal User.anonymous, User.current
-        end
-      end
-
-      context "with a valid HTTP authentication using the API token" do
-        setup do
-          @user = User.generate_with_protected!
-          @token = Token.generate!(:user => @user, :action => 'api')
-          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X')
-          get "/news.xml", nil, :authorization => @authorization
-        end
-
-        should_respond_with :unauthorized
-        should_respond_with_content_type :xml
-        should "not login as the user" do
-          assert_equal User.anonymous, User.current
-        end
-      end
+  def test_with_valid_username_password_http_authentication
+    @user = User.generate! do |user|
+      user.password = 'my_password'
     end
 
-    context "in :json format" do
-      context "with a valid api token" do
-        setup do
-          @user = User.generate_with_protected!
-          @token = Token.generate!(:user => @user, :action => 'api')
-          get "/news.json?key=#{@token.value}"
-        end
+    get "/news.xml", nil, credentials(@user.login, 'my_password')
+    assert_response :unauthorized
+    assert_equal User.anonymous, User.current
 
-        should_respond_with :unauthorized
-        should_respond_with_content_type :json
-        should "not login as the user" do
-          assert_equal User.anonymous, User.current
-        end
-      end
+    get "/news.json", nil, credentials(@user.login, 'my_password')
+    assert_response :unauthorized
+    assert_equal User.anonymous, User.current
+  end
 
-      context "with a valid HTTP authentication" do
-        setup do
-          @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
-          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
-          get "/news.json", nil, :authorization => @authorization
-        end
+  def test_with_valid_token_http_authentication
+    @user = User.generate!
+    @token = Token.create!(:user => @user, :action => 'api')
 
-        should_respond_with :unauthorized
-        should_respond_with_content_type :json
-        should "not login as the user" do
-          assert_equal User.anonymous, User.current
-        end
-      end
+    get "/news.xml", nil, credentials(@token.value, 'X')
+    assert_response :unauthorized
+    assert_equal User.anonymous, User.current
 
-      context "with a valid HTTP authentication using the API token" do
-        setup do
-          @user = User.generate_with_protected!
-          @token = Token.generate!(:user => @user, :action => 'api')
-          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter')
-          get "/news.json", nil, :authorization => @authorization
-        end
-
-        should_respond_with :unauthorized
-        should_respond_with_content_type :json
-        should "not login as the user" do
-          assert_equal User.anonymous, User.current
-        end
-      end
-
-    end
+    get "/news.json", nil, credentials(@token.value, 'X')
+    assert_response :unauthorized
+    assert_equal User.anonymous, User.current
   end
 end