Chris@119: # Redmine - project management software Chris@119: # Copyright (C) 2006-2010 Jean-Philippe Lang Chris@119: # Chris@119: # This program is free software; you can redistribute it and/or Chris@119: # modify it under the terms of the GNU General Public License Chris@119: # as published by the Free Software Foundation; either version 2 Chris@119: # of the License, or (at your option) any later version. Chris@119: # Chris@119: # This program is distributed in the hope that it will be useful, Chris@119: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@119: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@119: # GNU General Public License for more details. Chris@119: # Chris@119: # You should have received a copy of the GNU General Public License Chris@119: # along with this program; if not, write to the Free Software Chris@119: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@119: Chris@119: require File.expand_path('../../../test_helper', __FILE__) Chris@119: require 'pp' Chris@119: class ApiTest::UsersTest < ActionController::IntegrationTest Chris@119: fixtures :users Chris@119: Chris@119: def setup Chris@119: Setting.rest_api_enabled = '1' Chris@119: end Chris@119: Chris@119: context "GET /users" do Chris@119: should_allow_api_authentication(:get, "/users.xml") Chris@119: should_allow_api_authentication(:get, "/users.json") Chris@119: end Chris@119: Chris@119: context "GET /users/2" do Chris@119: context ".xml" do Chris@119: should "return requested user" do Chris@119: get '/users/2.xml' Chris@119: Chris@119: assert_tag :tag => 'user', Chris@119: :child => {:tag => 'id', :content => '2'} Chris@119: end Chris@119: end Chris@119: Chris@119: context ".json" do Chris@119: should "return requested user" do Chris@119: get '/users/2.json' Chris@119: Chris@119: json = ActiveSupport::JSON.decode(response.body) Chris@119: assert_kind_of Hash, json Chris@119: assert_kind_of Hash, json['user'] Chris@119: assert_equal 2, json['user']['id'] Chris@119: end Chris@119: end Chris@119: end Chris@119: Chris@119: context "GET /users/current" do Chris@119: context ".xml" do Chris@119: should "require authentication" do Chris@119: get '/users/current.xml' Chris@119: Chris@119: assert_response 401 Chris@119: end Chris@119: Chris@119: should "return current user" do Chris@119: get '/users/current.xml', {}, :authorization => credentials('jsmith') Chris@119: Chris@119: assert_tag :tag => 'user', Chris@119: :child => {:tag => 'id', :content => '2'} Chris@119: end Chris@119: end Chris@119: end Chris@119: Chris@119: context "POST /users" do Chris@119: context "with valid parameters" do Chris@119: setup do Chris@119: @parameters = {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret', :mail_notification => 'only_assigned'}} Chris@119: end Chris@119: Chris@119: context ".xml" do Chris@119: should_allow_api_authentication(:post, Chris@119: '/users.xml', Chris@119: {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret'}}, Chris@119: {:success_code => :created}) Chris@119: Chris@119: should "create a user with the attributes" do Chris@119: assert_difference('User.count') do Chris@119: post '/users.xml', @parameters, :authorization => credentials('admin') Chris@119: end Chris@119: Chris@119: user = User.first(:order => 'id DESC') Chris@119: assert_equal 'foo', user.login Chris@119: assert_equal 'Firstname', user.firstname Chris@119: assert_equal 'Lastname', user.lastname Chris@119: assert_equal 'foo@example.net', user.mail Chris@119: assert_equal 'only_assigned', user.mail_notification Chris@119: assert !user.admin? Chris@119: assert user.check_password?('secret') Chris@119: Chris@119: assert_response :created Chris@119: assert_equal 'application/xml', @response.content_type Chris@119: assert_tag 'user', :child => {:tag => 'id', :content => user.id.to_s} Chris@119: end Chris@119: end Chris@119: Chris@119: context ".json" do Chris@119: should_allow_api_authentication(:post, Chris@119: '/users.json', Chris@119: {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}}, Chris@119: {:success_code => :created}) Chris@119: Chris@119: should "create a user with the attributes" do Chris@119: assert_difference('User.count') do Chris@119: post '/users.json', @parameters, :authorization => credentials('admin') Chris@119: end Chris@119: Chris@119: user = User.first(:order => 'id DESC') Chris@119: assert_equal 'foo', user.login Chris@119: assert_equal 'Firstname', user.firstname Chris@119: assert_equal 'Lastname', user.lastname Chris@119: assert_equal 'foo@example.net', user.mail Chris@119: assert !user.admin? Chris@119: Chris@119: assert_response :created Chris@119: assert_equal 'application/json', @response.content_type Chris@119: json = ActiveSupport::JSON.decode(response.body) Chris@119: assert_kind_of Hash, json Chris@119: assert_kind_of Hash, json['user'] Chris@119: assert_equal user.id, json['user']['id'] Chris@119: end Chris@119: end Chris@119: end Chris@119: Chris@119: context "with invalid parameters" do Chris@119: setup do Chris@119: @parameters = {:user => {:login => 'foo', :lastname => 'Lastname', :mail => 'foo'}} Chris@119: end Chris@119: Chris@119: context ".xml" do Chris@119: should "return errors" do Chris@119: assert_no_difference('User.count') do Chris@119: post '/users.xml', @parameters, :authorization => credentials('admin') Chris@119: end Chris@119: Chris@119: assert_response :unprocessable_entity Chris@119: assert_equal 'application/xml', @response.content_type Chris@441: assert_tag 'errors', :child => {:tag => 'error', :content => "First name can't be blank"} Chris@119: end Chris@119: end Chris@119: Chris@119: context ".json" do Chris@119: should "return errors" do Chris@119: assert_no_difference('User.count') do Chris@119: post '/users.json', @parameters, :authorization => credentials('admin') Chris@119: end Chris@119: Chris@119: assert_response :unprocessable_entity Chris@119: assert_equal 'application/json', @response.content_type Chris@119: json = ActiveSupport::JSON.decode(response.body) Chris@119: assert_kind_of Hash, json Chris@119: assert json.has_key?('errors') Chris@119: assert_kind_of Array, json['errors'] Chris@119: end Chris@119: end Chris@119: end Chris@119: end Chris@119: Chris@119: context "PUT /users/2" do Chris@119: context "with valid parameters" do Chris@119: setup do Chris@119: @parameters = {:user => {:login => 'jsmith', :firstname => 'John', :lastname => 'Renamed', :mail => 'jsmith@somenet.foo'}} Chris@119: end Chris@119: Chris@119: context ".xml" do Chris@119: should_allow_api_authentication(:put, Chris@119: '/users/2.xml', Chris@119: {:user => {:login => 'jsmith', :firstname => 'John', :lastname => 'Renamed', :mail => 'jsmith@somenet.foo'}}, Chris@119: {:success_code => :ok}) Chris@119: Chris@119: should "update user with the attributes" do Chris@119: assert_no_difference('User.count') do Chris@119: put '/users/2.xml', @parameters, :authorization => credentials('admin') Chris@119: end Chris@119: Chris@119: user = User.find(2) Chris@119: assert_equal 'jsmith', user.login Chris@119: assert_equal 'John', user.firstname Chris@119: assert_equal 'Renamed', user.lastname Chris@119: assert_equal 'jsmith@somenet.foo', user.mail Chris@119: assert !user.admin? Chris@119: Chris@119: assert_response :ok Chris@119: end Chris@119: end Chris@119: Chris@119: context ".json" do Chris@119: should_allow_api_authentication(:put, Chris@119: '/users/2.json', Chris@119: {:user => {:login => 'jsmith', :firstname => 'John', :lastname => 'Renamed', :mail => 'jsmith@somenet.foo'}}, Chris@119: {:success_code => :ok}) Chris@119: Chris@119: should "update user with the attributes" do Chris@119: assert_no_difference('User.count') do Chris@119: put '/users/2.json', @parameters, :authorization => credentials('admin') Chris@119: end Chris@119: Chris@119: user = User.find(2) Chris@119: assert_equal 'jsmith', user.login Chris@119: assert_equal 'John', user.firstname Chris@119: assert_equal 'Renamed', user.lastname Chris@119: assert_equal 'jsmith@somenet.foo', user.mail Chris@119: assert !user.admin? Chris@119: Chris@119: assert_response :ok Chris@119: end Chris@119: end Chris@119: end Chris@119: Chris@119: context "with invalid parameters" do Chris@119: setup do Chris@119: @parameters = {:user => {:login => 'jsmith', :firstname => '', :lastname => 'Lastname', :mail => 'foo'}} Chris@119: end Chris@119: Chris@119: context ".xml" do Chris@119: should "return errors" do Chris@119: assert_no_difference('User.count') do Chris@119: put '/users/2.xml', @parameters, :authorization => credentials('admin') Chris@119: end Chris@119: Chris@119: assert_response :unprocessable_entity Chris@119: assert_equal 'application/xml', @response.content_type Chris@441: assert_tag 'errors', :child => {:tag => 'error', :content => "First name can't be blank"} Chris@119: end Chris@119: end Chris@119: Chris@119: context ".json" do Chris@119: should "return errors" do Chris@119: assert_no_difference('User.count') do Chris@119: put '/users/2.json', @parameters, :authorization => credentials('admin') Chris@119: end Chris@119: Chris@119: assert_response :unprocessable_entity Chris@119: assert_equal 'application/json', @response.content_type Chris@119: json = ActiveSupport::JSON.decode(response.body) Chris@119: assert_kind_of Hash, json Chris@119: assert json.has_key?('errors') Chris@119: assert_kind_of Array, json['errors'] Chris@119: end Chris@119: end Chris@119: end Chris@128: end Chris@119: Chris@128: context "DELETE /users/2" do Chris@128: context ".xml" do Chris@128: should_allow_api_authentication(:delete, Chris@128: '/users/2.xml', Chris@128: {}, Chris@128: {:success_code => :ok}) Chris@128: Chris@128: should "delete user" do Chris@128: assert_difference('User.count', -1) do Chris@128: delete '/users/2.xml', {}, :authorization => credentials('admin') Chris@128: end Chris@128: Chris@128: assert_response :ok Chris@128: end Chris@128: end Chris@128: Chris@128: context ".json" do Chris@128: should_allow_api_authentication(:delete, Chris@128: '/users/2.xml', Chris@128: {}, Chris@128: {:success_code => :ok}) Chris@119: Chris@128: should "delete user" do Chris@128: assert_difference('User.count', -1) do Chris@128: delete '/users/2.json', {}, :authorization => credentials('admin') Chris@119: end Chris@128: Chris@128: assert_response :ok Chris@119: end Chris@119: end Chris@119: end Chris@119: Chris@119: def credentials(user, password=nil) Chris@119: ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user) Chris@119: end Chris@119: end