chris@37: # Redmine - project management software chris@37: # Copyright (C) 2006-2010 Jean-Philippe Lang chris@37: # chris@37: # This program is free software; you can redistribute it and/or chris@37: # modify it under the terms of the GNU General Public License chris@37: # as published by the Free Software Foundation; either version 2 chris@37: # of the License, or (at your option) any later version. chris@37: # chris@37: # This program is distributed in the hope that it will be useful, chris@37: # but WITHOUT ANY WARRANTY; without even the implied warranty of chris@37: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the chris@37: # GNU General Public License for more details. chris@37: # chris@37: # You should have received a copy of the GNU General Public License chris@37: # along with this program; if not, write to the Free Software chris@37: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. chris@37: chris@37: require "#{File.dirname(__FILE__)}/../../test_helper" chris@37: chris@37: class ApiTest::IssuesTest < ActionController::IntegrationTest chris@37: fixtures :projects, chris@37: :users, chris@37: :roles, chris@37: :members, chris@37: :member_roles, chris@37: :issues, chris@37: :issue_statuses, chris@37: :versions, chris@37: :trackers, chris@37: :projects_trackers, chris@37: :issue_categories, chris@37: :enabled_modules, chris@37: :enumerations, chris@37: :attachments, chris@37: :workflows, chris@37: :custom_fields, chris@37: :custom_values, chris@37: :custom_fields_projects, chris@37: :custom_fields_trackers, chris@37: :time_entries, chris@37: :journals, chris@37: :journal_details, chris@37: :queries chris@37: chris@37: def setup chris@37: Setting.rest_api_enabled = '1' chris@37: end chris@37: chris@37: # Use a private project to make sure auth is really working and not just chris@37: # only showing public issues. chris@37: context "/index.xml" do chris@37: should_allow_api_authentication(:get, "/projects/private-child/issues.xml") chris@37: end chris@37: chris@37: context "/index.json" do chris@37: should_allow_api_authentication(:get, "/projects/private-child/issues.json") chris@37: end chris@37: chris@37: context "/index.xml with filter" do chris@37: should_allow_api_authentication(:get, "/projects/private-child/issues.xml?status_id=5") chris@37: chris@37: should "show only issues with the status_id" do chris@37: get '/issues.xml?status_id=5' chris@37: assert_tag :tag => 'issues', chris@37: :children => { :count => Issue.visible.count(:conditions => {:status_id => 5}), chris@37: :only => { :tag => 'issue' } } chris@37: end chris@37: end chris@37: chris@37: context "/index.json with filter" do chris@37: should_allow_api_authentication(:get, "/projects/private-child/issues.json?status_id=5") chris@37: chris@37: should "show only issues with the status_id" do chris@37: get '/issues.json?status_id=5' chris@37: chris@37: json = ActiveSupport::JSON.decode(response.body) chris@37: status_ids_used = json.collect {|j| j['status_id'] } chris@37: assert_equal 3, status_ids_used.length chris@37: assert status_ids_used.all? {|id| id == 5 } chris@37: end chris@37: chris@37: end chris@37: chris@37: # Issue 6 is on a private project chris@37: context "/issues/6.xml" do chris@37: should_allow_api_authentication(:get, "/issues/6.xml") chris@37: end chris@37: chris@37: context "/issues/6.json" do chris@37: should_allow_api_authentication(:get, "/issues/6.json") chris@37: end chris@37: chris@37: context "POST /issues.xml" do chris@37: should_allow_api_authentication(:post, chris@37: '/issues.xml', chris@37: {:issue => {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3}}, chris@37: {:success_code => :created}) chris@37: chris@37: should "create an issue with the attributes" do chris@37: assert_difference('Issue.count') do chris@37: post '/issues.xml', {:issue => {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3}}, :authorization => credentials('jsmith') chris@37: end chris@37: chris@37: issue = Issue.first(:order => 'id DESC') chris@37: assert_equal 1, issue.project_id chris@37: assert_equal 2, issue.tracker_id chris@37: assert_equal 3, issue.status_id chris@37: assert_equal 'API test', issue.subject chris@37: chris@37: assert_response :created chris@37: assert_equal 'application/xml', @response.content_type chris@37: assert_tag 'issue', :child => {:tag => 'id', :content => issue.id.to_s} chris@37: end chris@37: end chris@37: chris@37: context "POST /issues.xml with failure" do chris@37: should_allow_api_authentication(:post, chris@37: '/issues.xml', chris@37: {:issue => {:project_id => 1}}, chris@37: {:success_code => :unprocessable_entity}) chris@37: chris@37: should "have an errors tag" do chris@37: assert_no_difference('Issue.count') do chris@37: post '/issues.xml', {:issue => {:project_id => 1}}, :authorization => credentials('jsmith') chris@37: end chris@37: chris@37: assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} chris@37: end chris@37: end chris@37: chris@37: context "POST /issues.json" do chris@37: should_allow_api_authentication(:post, chris@37: '/issues.json', chris@37: {:issue => {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3}}, chris@37: {:success_code => :created}) chris@37: chris@37: should "create an issue with the attributes" do chris@37: assert_difference('Issue.count') do chris@37: post '/issues.json', {:issue => {:project_id => 1, :subject => 'API test', :tracker_id => 2, :status_id => 3}}, :authorization => credentials('jsmith') chris@37: end chris@37: chris@37: issue = Issue.first(:order => 'id DESC') chris@37: assert_equal 1, issue.project_id chris@37: assert_equal 2, issue.tracker_id chris@37: assert_equal 3, issue.status_id chris@37: assert_equal 'API test', issue.subject chris@37: end chris@37: chris@37: end chris@37: chris@37: context "POST /issues.json with failure" do chris@37: should_allow_api_authentication(:post, chris@37: '/issues.json', chris@37: {:issue => {:project_id => 1}}, chris@37: {:success_code => :unprocessable_entity}) chris@37: chris@37: should "have an errors element" do chris@37: assert_no_difference('Issue.count') do chris@37: post '/issues.json', {:issue => {:project_id => 1}}, :authorization => credentials('jsmith') chris@37: end chris@37: chris@37: json = ActiveSupport::JSON.decode(response.body) chris@37: assert_equal "can't be blank", json.first['subject'] chris@37: end chris@37: end chris@37: chris@37: # Issue 6 is on a private project chris@37: context "PUT /issues/6.xml" do chris@37: setup do chris@37: @parameters = {:issue => {:subject => 'API update', :notes => 'A new note'}} chris@37: @headers = { :authorization => credentials('jsmith') } chris@37: end chris@37: chris@37: should_allow_api_authentication(:put, chris@37: '/issues/6.xml', chris@37: {:issue => {:subject => 'API update', :notes => 'A new note'}}, chris@37: {:success_code => :ok}) chris@37: chris@37: should "not create a new issue" do chris@37: assert_no_difference('Issue.count') do chris@37: put '/issues/6.xml', @parameters, @headers chris@37: end chris@37: end chris@37: chris@37: should "create a new journal" do chris@37: assert_difference('Journal.count') do chris@37: put '/issues/6.xml', @parameters, @headers chris@37: end chris@37: end chris@37: chris@37: should "add the note to the journal" do chris@37: put '/issues/6.xml', @parameters, @headers chris@37: chris@37: journal = Journal.last chris@37: assert_equal "A new note", journal.notes chris@37: end chris@37: chris@37: should "update the issue" do chris@37: put '/issues/6.xml', @parameters, @headers chris@37: chris@37: issue = Issue.find(6) chris@37: assert_equal "API update", issue.subject chris@37: end chris@37: chris@37: end chris@37: chris@37: context "PUT /issues/6.xml with failed update" do chris@37: setup do chris@37: @parameters = {:issue => {:subject => ''}} chris@37: @headers = { :authorization => credentials('jsmith') } chris@37: end chris@37: chris@37: should_allow_api_authentication(:put, chris@37: '/issues/6.xml', chris@37: {:issue => {:subject => ''}}, # Missing subject should fail chris@37: {:success_code => :unprocessable_entity}) chris@37: chris@37: should "not create a new issue" do chris@37: assert_no_difference('Issue.count') do chris@37: put '/issues/6.xml', @parameters, @headers chris@37: end chris@37: end chris@37: chris@37: should "not create a new journal" do chris@37: assert_no_difference('Journal.count') do chris@37: put '/issues/6.xml', @parameters, @headers chris@37: end chris@37: end chris@37: chris@37: should "have an errors tag" do chris@37: put '/issues/6.xml', @parameters, @headers chris@37: chris@37: assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} chris@37: end chris@37: end chris@37: chris@37: context "PUT /issues/6.json" do chris@37: setup do chris@37: @parameters = {:issue => {:subject => 'API update', :notes => 'A new note'}} chris@37: @headers = { :authorization => credentials('jsmith') } chris@37: end chris@37: chris@37: should_allow_api_authentication(:put, chris@37: '/issues/6.json', chris@37: {:issue => {:subject => 'API update', :notes => 'A new note'}}, chris@37: {:success_code => :ok}) chris@37: chris@37: should "not create a new issue" do chris@37: assert_no_difference('Issue.count') do chris@37: put '/issues/6.json', @parameters, @headers chris@37: end chris@37: end chris@37: chris@37: should "create a new journal" do chris@37: assert_difference('Journal.count') do chris@37: put '/issues/6.json', @parameters, @headers chris@37: end chris@37: end chris@37: chris@37: should "add the note to the journal" do chris@37: put '/issues/6.json', @parameters, @headers chris@37: chris@37: journal = Journal.last chris@37: assert_equal "A new note", journal.notes chris@37: end chris@37: chris@37: should "update the issue" do chris@37: put '/issues/6.json', @parameters, @headers chris@37: chris@37: issue = Issue.find(6) chris@37: assert_equal "API update", issue.subject chris@37: end chris@37: chris@37: end chris@37: chris@37: context "PUT /issues/6.json with failed update" do chris@37: setup do chris@37: @parameters = {:issue => {:subject => ''}} chris@37: @headers = { :authorization => credentials('jsmith') } chris@37: end chris@37: chris@37: should_allow_api_authentication(:put, chris@37: '/issues/6.json', chris@37: {:issue => {:subject => ''}}, # Missing subject should fail chris@37: {:success_code => :unprocessable_entity}) chris@37: chris@37: should "not create a new issue" do chris@37: assert_no_difference('Issue.count') do chris@37: put '/issues/6.json', @parameters, @headers chris@37: end chris@37: end chris@37: chris@37: should "not create a new journal" do chris@37: assert_no_difference('Journal.count') do chris@37: put '/issues/6.json', @parameters, @headers chris@37: end chris@37: end chris@37: chris@37: should "have an errors attribute" do chris@37: put '/issues/6.json', @parameters, @headers chris@37: chris@37: json = ActiveSupport::JSON.decode(response.body) chris@37: assert_equal "can't be blank", json.first['subject'] chris@37: end chris@37: end chris@37: chris@37: context "DELETE /issues/1.xml" do chris@37: should_allow_api_authentication(:delete, chris@37: '/issues/6.xml', chris@37: {}, chris@37: {:success_code => :ok}) chris@37: chris@37: should "delete the issue" do chris@37: assert_difference('Issue.count',-1) do chris@37: delete '/issues/6.xml', {}, :authorization => credentials('jsmith') chris@37: end chris@37: chris@37: assert_nil Issue.find_by_id(6) chris@37: end chris@37: end chris@37: chris@37: context "DELETE /issues/1.json" do chris@37: should_allow_api_authentication(:delete, chris@37: '/issues/6.json', chris@37: {}, chris@37: {:success_code => :ok}) chris@37: chris@37: should "delete the issue" do chris@37: assert_difference('Issue.count',-1) do chris@37: delete '/issues/6.json', {}, :authorization => credentials('jsmith') chris@37: end chris@37: chris@37: assert_nil Issue.find_by_id(6) chris@37: end chris@37: end chris@37: chris@37: def credentials(user, password=nil) chris@37: ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user) chris@37: end chris@37: end