Chris@909: # Redmine - project management software Chris@909: # Copyright (C) 2006-2011 Jean-Philippe Lang Chris@909: # Chris@909: # This program is free software; you can redistribute it and/or Chris@909: # modify it under the terms of the GNU General Public License Chris@909: # as published by the Free Software Foundation; either version 2 Chris@909: # of the License, or (at your option) any later version. Chris@909: # Chris@909: # This program is distributed in the hope that it will be useful, Chris@909: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@909: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@909: # GNU General Public License for more details. Chris@909: # Chris@909: # You should have received a copy of the GNU General Public License Chris@909: # along with this program; if not, write to the Free Software Chris@909: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@909: Chris@909: require File.expand_path('../../../test_helper', __FILE__) Chris@909: require 'pp' Chris@909: class ApiTest::UsersTest < ActionController::IntegrationTest Chris@909: fixtures :users Chris@909: Chris@909: def setup Chris@909: Setting.rest_api_enabled = '1' Chris@909: end Chris@909: Chris@909: context "GET /users" do Chris@909: should_allow_api_authentication(:get, "/users.xml") Chris@909: should_allow_api_authentication(:get, "/users.json") Chris@909: end Chris@909: Chris@909: context "GET /users/2" do Chris@909: context ".xml" do Chris@909: should "return requested user" do Chris@909: get '/users/2.xml' Chris@909: Chris@909: assert_tag :tag => 'user', Chris@909: :child => {:tag => 'id', :content => '2'} Chris@909: end Chris@909: end Chris@909: Chris@909: context ".json" do Chris@909: should "return requested user" do Chris@909: get '/users/2.json' Chris@909: Chris@909: json = ActiveSupport::JSON.decode(response.body) Chris@909: assert_kind_of Hash, json Chris@909: assert_kind_of Hash, json['user'] Chris@909: assert_equal 2, json['user']['id'] Chris@909: end Chris@909: end Chris@909: end Chris@909: Chris@909: context "GET /users/current" do Chris@909: context ".xml" do Chris@909: should "require authentication" do Chris@909: get '/users/current.xml' Chris@909: Chris@909: assert_response 401 Chris@909: end Chris@909: Chris@909: should "return current user" do Chris@909: get '/users/current.xml', {}, :authorization => credentials('jsmith') Chris@909: Chris@909: assert_tag :tag => 'user', Chris@909: :child => {:tag => 'id', :content => '2'} Chris@909: end Chris@909: end Chris@909: end Chris@909: Chris@909: context "POST /users" do Chris@909: context "with valid parameters" do Chris@909: setup do Chris@909: @parameters = {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret', :mail_notification => 'only_assigned'}} Chris@909: end Chris@909: Chris@909: context ".xml" do Chris@909: should_allow_api_authentication(:post, Chris@909: '/users.xml', Chris@909: {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret'}}, Chris@909: {:success_code => :created}) Chris@909: Chris@909: should "create a user with the attributes" do Chris@909: assert_difference('User.count') do Chris@909: post '/users.xml', @parameters, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: user = User.first(:order => 'id DESC') Chris@909: assert_equal 'foo', user.login Chris@909: assert_equal 'Firstname', user.firstname Chris@909: assert_equal 'Lastname', user.lastname Chris@909: assert_equal 'foo@example.net', user.mail Chris@909: assert_equal 'only_assigned', user.mail_notification Chris@909: assert !user.admin? Chris@909: assert user.check_password?('secret') Chris@909: Chris@909: assert_response :created Chris@909: assert_equal 'application/xml', @response.content_type Chris@909: assert_tag 'user', :child => {:tag => 'id', :content => user.id.to_s} Chris@909: end Chris@909: end Chris@909: Chris@909: context ".json" do Chris@909: should_allow_api_authentication(:post, Chris@909: '/users.json', Chris@909: {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}}, Chris@909: {:success_code => :created}) Chris@909: Chris@909: should "create a user with the attributes" do Chris@909: assert_difference('User.count') do Chris@909: post '/users.json', @parameters, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: user = User.first(:order => 'id DESC') Chris@909: assert_equal 'foo', user.login Chris@909: assert_equal 'Firstname', user.firstname Chris@909: assert_equal 'Lastname', user.lastname Chris@909: assert_equal 'foo@example.net', user.mail Chris@909: assert !user.admin? Chris@909: Chris@909: assert_response :created Chris@909: assert_equal 'application/json', @response.content_type Chris@909: json = ActiveSupport::JSON.decode(response.body) Chris@909: assert_kind_of Hash, json Chris@909: assert_kind_of Hash, json['user'] Chris@909: assert_equal user.id, json['user']['id'] Chris@909: end Chris@909: end Chris@909: end Chris@909: Chris@909: context "with invalid parameters" do Chris@909: setup do Chris@909: @parameters = {:user => {:login => 'foo', :lastname => 'Lastname', :mail => 'foo'}} Chris@909: end Chris@909: Chris@909: context ".xml" do Chris@909: should "return errors" do Chris@909: assert_no_difference('User.count') do Chris@909: post '/users.xml', @parameters, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: assert_response :unprocessable_entity Chris@909: assert_equal 'application/xml', @response.content_type Chris@909: assert_tag 'errors', :child => {:tag => 'error', :content => "First name can't be blank"} Chris@909: end Chris@909: end Chris@909: Chris@909: context ".json" do Chris@909: should "return errors" do Chris@909: assert_no_difference('User.count') do Chris@909: post '/users.json', @parameters, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: assert_response :unprocessable_entity Chris@909: assert_equal 'application/json', @response.content_type Chris@909: json = ActiveSupport::JSON.decode(response.body) Chris@909: assert_kind_of Hash, json Chris@909: assert json.has_key?('errors') Chris@909: assert_kind_of Array, json['errors'] Chris@909: end Chris@909: end Chris@909: end Chris@909: end Chris@909: Chris@909: context "PUT /users/2" do Chris@909: context "with valid parameters" do Chris@909: setup do Chris@909: @parameters = {:user => {:login => 'jsmith', :firstname => 'John', :lastname => 'Renamed', :mail => 'jsmith@somenet.foo'}} Chris@909: end Chris@909: Chris@909: context ".xml" do Chris@909: should_allow_api_authentication(:put, Chris@909: '/users/2.xml', Chris@909: {:user => {:login => 'jsmith', :firstname => 'John', :lastname => 'Renamed', :mail => 'jsmith@somenet.foo'}}, Chris@909: {:success_code => :ok}) Chris@909: Chris@909: should "update user with the attributes" do Chris@909: assert_no_difference('User.count') do Chris@909: put '/users/2.xml', @parameters, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: user = User.find(2) Chris@909: assert_equal 'jsmith', user.login Chris@909: assert_equal 'John', user.firstname Chris@909: assert_equal 'Renamed', user.lastname Chris@909: assert_equal 'jsmith@somenet.foo', user.mail Chris@909: assert !user.admin? Chris@909: Chris@909: assert_response :ok Chris@909: end Chris@909: end Chris@909: Chris@909: context ".json" do Chris@909: should_allow_api_authentication(:put, Chris@909: '/users/2.json', Chris@909: {:user => {:login => 'jsmith', :firstname => 'John', :lastname => 'Renamed', :mail => 'jsmith@somenet.foo'}}, Chris@909: {:success_code => :ok}) Chris@909: Chris@909: should "update user with the attributes" do Chris@909: assert_no_difference('User.count') do Chris@909: put '/users/2.json', @parameters, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: user = User.find(2) Chris@909: assert_equal 'jsmith', user.login Chris@909: assert_equal 'John', user.firstname Chris@909: assert_equal 'Renamed', user.lastname Chris@909: assert_equal 'jsmith@somenet.foo', user.mail Chris@909: assert !user.admin? Chris@909: Chris@909: assert_response :ok Chris@909: end Chris@909: end Chris@909: end Chris@909: Chris@909: context "with invalid parameters" do Chris@909: setup do Chris@909: @parameters = {:user => {:login => 'jsmith', :firstname => '', :lastname => 'Lastname', :mail => 'foo'}} Chris@909: end Chris@909: Chris@909: context ".xml" do Chris@909: should "return errors" do Chris@909: assert_no_difference('User.count') do Chris@909: put '/users/2.xml', @parameters, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: assert_response :unprocessable_entity Chris@909: assert_equal 'application/xml', @response.content_type Chris@909: assert_tag 'errors', :child => {:tag => 'error', :content => "First name can't be blank"} Chris@909: end Chris@909: end Chris@909: Chris@909: context ".json" do Chris@909: should "return errors" do Chris@909: assert_no_difference('User.count') do Chris@909: put '/users/2.json', @parameters, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: assert_response :unprocessable_entity Chris@909: assert_equal 'application/json', @response.content_type Chris@909: json = ActiveSupport::JSON.decode(response.body) Chris@909: assert_kind_of Hash, json Chris@909: assert json.has_key?('errors') Chris@909: assert_kind_of Array, json['errors'] Chris@909: end Chris@909: end Chris@909: end Chris@909: end Chris@909: Chris@909: context "DELETE /users/2" do Chris@909: context ".xml" do Chris@909: should_allow_api_authentication(:delete, Chris@909: '/users/2.xml', Chris@909: {}, Chris@909: {:success_code => :ok}) Chris@909: Chris@909: should "delete user" do Chris@909: assert_difference('User.count', -1) do Chris@909: delete '/users/2.xml', {}, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: assert_response :ok Chris@909: end Chris@909: end Chris@909: Chris@909: context ".json" do Chris@909: should_allow_api_authentication(:delete, Chris@909: '/users/2.xml', Chris@909: {}, Chris@909: {:success_code => :ok}) Chris@909: Chris@909: should "delete user" do Chris@909: assert_difference('User.count', -1) do Chris@909: delete '/users/2.json', {}, :authorization => credentials('admin') Chris@909: end Chris@909: Chris@909: assert_response :ok Chris@909: end Chris@909: end Chris@909: end Chris@909: Chris@909: def credentials(user, password=nil) Chris@909: ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user) Chris@909: end Chris@909: end