To check out this repository please hg clone the following URL, or open the URL using EasyMercurial or your preferred Mercurial client.
root / .svn / pristine / 1e / 1e54d19d4970142ec949fe4202f5ffe30b1f8dbf.svn-base @ 1298:4f746d8966dd
History | View | Annotate | Download (2.52 KB)
| 1 | 1295:622f24f53b42 | Chris | # Redmine - project management software |
|---|---|---|---|
| 2 | # Copyright (C) 2006-2013 Jean-Philippe Lang |
||
| 3 | # |
||
| 4 | # This program is free software; you can redistribute it and/or |
||
| 5 | # modify it under the terms of the GNU General Public License |
||
| 6 | # as published by the Free Software Foundation; either version 2 |
||
| 7 | # of the License, or (at your option) any later version. |
||
| 8 | # |
||
| 9 | # This program is distributed in the hope that it will be useful, |
||
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
| 12 | # GNU General Public License for more details. |
||
| 13 | # |
||
| 14 | # You should have received a copy of the GNU General Public License |
||
| 15 | # along with this program; if not, write to the Free Software |
||
| 16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||
| 17 | |||
| 18 | require File.expand_path('../../../test_helper', __FILE__)
|
||
| 19 | |||
| 20 | class Redmine::ApiTest::DisabledRestApiTest < Redmine::ApiTest::Base |
||
| 21 | fixtures :projects, :trackers, :issue_statuses, :issues, |
||
| 22 | :enumerations, :users, :issue_categories, |
||
| 23 | :projects_trackers, |
||
| 24 | :roles, |
||
| 25 | :member_roles, |
||
| 26 | :members, |
||
| 27 | :enabled_modules |
||
| 28 | |||
| 29 | def setup |
||
| 30 | Setting.rest_api_enabled = '0' |
||
| 31 | Setting.login_required = '1' |
||
| 32 | end |
||
| 33 | |||
| 34 | def teardown |
||
| 35 | Setting.rest_api_enabled = '1' |
||
| 36 | Setting.login_required = '0' |
||
| 37 | end |
||
| 38 | |||
| 39 | def test_with_a_valid_api_token |
||
| 40 | @user = User.generate! |
||
| 41 | @token = Token.create!(:user => @user, :action => 'api') |
||
| 42 | |||
| 43 | get "/news.xml?key=#{@token.value}"
|
||
| 44 | assert_response :unauthorized |
||
| 45 | assert_equal User.anonymous, User.current |
||
| 46 | |||
| 47 | get "/news.json?key=#{@token.value}"
|
||
| 48 | assert_response :unauthorized |
||
| 49 | assert_equal User.anonymous, User.current |
||
| 50 | end |
||
| 51 | |||
| 52 | def test_with_valid_username_password_http_authentication |
||
| 53 | @user = User.generate! do |user| |
||
| 54 | user.password = 'my_password' |
||
| 55 | end |
||
| 56 | |||
| 57 | get "/news.xml", nil, credentials(@user.login, 'my_password') |
||
| 58 | assert_response :unauthorized |
||
| 59 | assert_equal User.anonymous, User.current |
||
| 60 | |||
| 61 | get "/news.json", nil, credentials(@user.login, 'my_password') |
||
| 62 | assert_response :unauthorized |
||
| 63 | assert_equal User.anonymous, User.current |
||
| 64 | end |
||
| 65 | |||
| 66 | def test_with_valid_token_http_authentication |
||
| 67 | @user = User.generate! |
||
| 68 | @token = Token.create!(:user => @user, :action => 'api') |
||
| 69 | |||
| 70 | get "/news.xml", nil, credentials(@token.value, 'X') |
||
| 71 | assert_response :unauthorized |
||
| 72 | assert_equal User.anonymous, User.current |
||
| 73 | |||
| 74 | get "/news.json", nil, credentials(@token.value, 'X') |
||
| 75 | assert_response :unauthorized |
||
| 76 | assert_equal User.anonymous, User.current |
||
| 77 | end |
||
| 78 | end |