Mercurial > hg > soundsoftware-site

diff test/integration/api_test/authentication_test.rb @ 1517:dffacf8a6908 redmine-2.5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Redmine SVN revision 13367 on 2.5-stable branch
author Chris Cannam
date Tue, 09 Sep 2014 09:29:00 +0100
parents e248c7af89ec
children
line wrap: on
line diff
--- a/test/integration/api_test/authentication_test.rb	Tue Sep 09 09:28:31 2014 +0100
+++ b/test/integration/api_test/authentication_test.rb	Tue Sep 09 09:29:00 2014 +0100
@@ -28,6 +28,29 @@
     Setting.rest_api_enabled = '0'
   end
 
+  def test_api_should_trigger_basic_http_auth_with_basic_authorization_header
+    ApplicationController.any_instance.expects(:authenticate_with_http_basic).once
+    get '/users/current.xml', {}, credentials('jsmith')
+    assert_response 401
+  end
+
+  def test_api_should_not_trigger_basic_http_auth_with_non_basic_authorization_header
+    ApplicationController.any_instance.expects(:authenticate_with_http_basic).never
+    get '/users/current.xml', {}, 'HTTP_AUTHORIZATION' => 'Digest foo bar'
+    assert_response 401
+  end
+
+  def test_invalid_utf8_credentials_should_not_trigger_an_error
+    invalid_utf8 = "\x82"
+    if invalid_utf8.respond_to?(:force_encoding)
+      invalid_utf8.force_encoding('UTF-8') 
+      assert !invalid_utf8.valid_encoding?
+    end
+    assert_nothing_raised do
+      get '/users/current.xml', {}, credentials(invalid_utf8, "foo")
+    end
+  end
+
   def test_api_request_should_not_use_user_session
     log_user('jsmith', 'jsmith')