Chris@909: # Redmine - project management software Chris@909: # Copyright (C) 2006-2011 Jean-Philippe Lang Chris@909: # Chris@909: # This program is free software; you can redistribute it and/or Chris@909: # modify it under the terms of the GNU General Public License Chris@909: # as published by the Free Software Foundation; either version 2 Chris@909: # of the License, or (at your option) any later version. Chris@909: # Chris@909: # This program is distributed in the hope that it will be useful, Chris@909: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@909: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@909: # GNU General Public License for more details. Chris@909: # Chris@909: # You should have received a copy of the GNU General Public License Chris@909: # along with this program; if not, write to the Free Software Chris@909: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@909: Chris@909: require File.expand_path('../../../test_helper', __FILE__) Chris@909: Chris@909: class ApiTest::AttachmentsTest < ActionController::IntegrationTest Chris@909: fixtures :projects, :trackers, :issue_statuses, :issues, Chris@909: :enumerations, :users, :issue_categories, Chris@909: :projects_trackers, Chris@909: :roles, Chris@909: :member_roles, Chris@909: :members, Chris@909: :enabled_modules, Chris@909: :workflows, Chris@909: :attachments Chris@909: Chris@909: def setup Chris@909: Setting.rest_api_enabled = '1' Chris@909: Attachment.storage_path = "#{Rails.root}/test/fixtures/files" Chris@909: end Chris@909: Chris@909: context "/attachments/:id" do Chris@909: context "GET" do Chris@909: should "return the attachment" do Chris@909: get '/attachments/7.xml', {}, :authorization => credentials('jsmith') Chris@909: assert_response :success Chris@909: assert_equal 'application/xml', @response.content_type Chris@909: assert_tag :tag => 'attachment', Chris@909: :child => { Chris@909: :tag => 'id', Chris@909: :content => '7', Chris@909: :sibling => { Chris@909: :tag => 'filename', Chris@909: :content => 'archive.zip', Chris@909: :sibling => { Chris@909: :tag => 'content_url', Chris@909: :content => 'http://www.example.com/attachments/download/7/archive.zip' Chris@909: } Chris@909: } Chris@909: } Chris@909: end Chris@909: Chris@909: should "deny access without credentials" do Chris@909: get '/attachments/7.xml' Chris@909: assert_response 401 Chris@909: set_tmp_attachments_directory Chris@909: end Chris@909: end Chris@909: end Chris@909: Chris@909: context "/attachments/download/:id/:filename" do Chris@909: context "GET" do Chris@909: should "return the attachment content" do Chris@909: get '/attachments/download/7/archive.zip', Chris@909: {}, :authorization => credentials('jsmith') Chris@909: assert_response :success Chris@909: assert_equal 'application/octet-stream', @response.content_type Chris@909: set_tmp_attachments_directory Chris@909: end Chris@909: Chris@909: should "deny access without credentials" do Chris@909: get '/attachments/download/7/archive.zip' Chris@909: assert_response 302 Chris@909: set_tmp_attachments_directory Chris@909: end Chris@909: end Chris@909: end Chris@909: Chris@909: def credentials(user, password=nil) Chris@909: ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user) Chris@909: end Chris@909: end