Mercurial > hg > soundsoftware-site

diff test/integration/api_token_login_test.rb @ 0:513646585e45

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
* Import Redmine trunk SVN rev 3859
author Chris Cannam
date Fri, 23 Jul 2010 15:52:44 +0100
parents
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/integration/api_token_login_test.rb	Fri Jul 23 15:52:44 2010 +0100
@@ -0,0 +1,80 @@
+require "#{File.dirname(__FILE__)}/../test_helper"
+
+class ApiTokenLoginTest < ActionController::IntegrationTest
+  fixtures :all
+
+  def setup
+    Setting.rest_api_enabled = '1'
+    Setting.login_required = '1'
+  end
+
+  def teardown
+    Setting.rest_api_enabled = '0'
+    Setting.login_required = '0'
+  end
+  
+  # Using the NewsController because it's a simple API.
+  context "get /news" do
+
+    context "in :xml format" do
+      context "with a valid api token" do
+        setup do
+          @user = User.generate_with_protected!
+          @token = Token.generate!(:user => @user, :action => 'api')
+          get "/news.xml?key=#{@token.value}"
+        end
+        
+        should_respond_with :success
+        should_respond_with_content_type :xml
+        should "login as the user" do
+          assert_equal @user, User.current
+        end
+      end
+
+      context "with an invalid api token" do
+        setup do
+          @user = User.generate_with_protected!
+          @token = Token.generate!(:user => @user, :action => 'feeds')
+          get "/news.xml?key=#{@token.value}"
+        end
+        
+        should_respond_with :unauthorized
+        should_respond_with_content_type :xml
+        should "not login as the user" do
+          assert_equal User.anonymous, User.current
+        end
+      end
+    end
+
+    context "in :json format" do
+      context "with a valid api token" do
+        setup do
+          @user = User.generate_with_protected!
+          @token = Token.generate!(:user => @user, :action => 'api')
+          get "/news.json?key=#{@token.value}"
+        end
+        
+        should_respond_with :success
+        should_respond_with_content_type :json
+        should "login as the user" do
+          assert_equal @user, User.current
+        end
+      end
+
+      context "with an invalid api token" do
+        setup do
+          @user = User.generate_with_protected!
+          @token = Token.generate!(:user => @user, :action => 'feeds')
+          get "/news.json?key=#{@token.value}"
+        end
+        
+        should_respond_with :unauthorized
+        should_respond_with_content_type :json
+        should "not login as the user" do
+          assert_equal User.anonymous, User.current
+        end
+      end
+    end
+    
+  end
+end