Move all API tests into the ApiTest module to make management easier

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4357 e93f8b46-1217-0410-a6f0-8f06a7374b81
2025-11-08 06:15:59 +01:00 · 2010-11-01 15:26:05 +00:00
parent db2ecd3010
commit d5fde17bf5
7 changed files with 16 additions and 12 deletions
--- a/test/integration/api_test/http_basic_login_test.rb
+++ b/test/integration/api_test/http_basic_login_test.rb
@@ -0,0 +1,103 @@
+require "#{File.dirname(__FILE__)}/../../test_helper"
+
+class ApiTest::HttpBasicLoginTest < ActionController::IntegrationTest
+  fixtures :all
+
+  def setup
+    Setting.rest_api_enabled = '1'
+    Setting.login_required = '1'
+  end
+
+  def teardown
+    Setting.rest_api_enabled = '0'
+    Setting.login_required = '0'
+  end
+  
+  # Using the NewsController because it's a simple API.
+  context "get /news" do
+
+    context "in :xml format" do
+      context "with a valid HTTP authentication" do
+        setup do
+          @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
+          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
+          get "/news.xml", nil, :authorization => @authorization
+        end
+        
+        should_respond_with :success
+        should_respond_with_content_type :xml
+        should "login as the user" do
+          assert_equal @user, User.current
+        end
+      end
+
+      context "with an invalid HTTP authentication" do
+        setup do
+          @user = User.generate_with_protected!
+          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
+          get "/news.xml", nil, :authorization => @authorization
+        end
+        
+        should_respond_with :unauthorized
+        should_respond_with_content_type :xml
+        should "not login as the user" do
+          assert_equal User.anonymous, User.current
+        end
+      end
+      
+      context "without credentials" do
+        setup do
+          get "/projects/onlinestore/news.xml"
+        end
+
+        should_respond_with :unauthorized
+        should_respond_with_content_type :xml
+        should "include_www_authenticate_header" do
+          assert @controller.response.headers.has_key?('WWW-Authenticate')
+        end
+      end
+    end
+
+    context "in :json format" do
+      context "with a valid HTTP authentication" do
+        setup do
+          @user = User.generate_with_protected!(:password => 'my_password', :password_confirmation => 'my_password')
+          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'my_password')
+          get "/news.json", nil, :authorization => @authorization
+        end
+        
+        should_respond_with :success
+        should_respond_with_content_type :json
+        should "login as the user" do
+          assert_equal @user, User.current
+        end
+      end
+
+      context "with an invalid HTTP authentication" do
+        setup do
+          @user = User.generate_with_protected!
+          @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@user.login, 'wrong_password')
+          get "/news.json", nil, :authorization => @authorization
+        end
+        
+        should_respond_with :unauthorized
+        should_respond_with_content_type :json
+        should "not login as the user" do
+          assert_equal User.anonymous, User.current
+        end
+      end
+    end
+    
+    context "without credentials" do
+      setup do
+        get "/projects/onlinestore/news.json"
+      end
+
+      should_respond_with :unauthorized
+      should_respond_with_content_type :json
+      should "include_www_authenticate_header" do
+        assert @controller.response.headers.has_key?('WWW-Authenticate')
+      end
+    end
+  end
+end