From 30dc4fec998183f8dc077a6503fed993e9e08b9e Mon Sep 17 00:00:00 2001 From: Eric Davis Date: Wed, 3 Nov 2010 16:48:23 +0000 Subject: [PATCH] Refactor: convert API key tests using HTTP Basic to a shoulda macro git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4363 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- .../http_basic_login_with_api_token_test.rb | 61 +------------------ test/test_helper.rb | 39 ++++++++++++ 2 files changed, 41 insertions(+), 59 deletions(-) diff --git a/test/integration/api_test/http_basic_login_with_api_token_test.rb b/test/integration/api_test/http_basic_login_with_api_token_test.rb index 0d0d5bd0c..42c0be287 100644 --- a/test/integration/api_test/http_basic_login_with_api_token_test.rb +++ b/test/integration/api_test/http_basic_login_with_api_token_test.rb @@ -17,68 +17,11 @@ class ApiTest::HttpBasicLoginWithApiTokenTest < ActionController::IntegrationTes context "get /news" do context "in :xml format" do - context "with a valid HTTP authentication using the API token" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') - get "/news.xml", nil, :authorization => @authorization - end - - should_respond_with :success - should_respond_with_content_type :xml - should "login as the user" do - assert_equal @user, User.current - end - end - - context "with an invalid HTTP authentication" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'feeds') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') - get "/news.xml", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :xml - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end + should_allow_http_basic_auth_with_key(:get, "/news.xml") end context "in :json format" do - context "with a valid HTTP authentication" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'api') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter') - get "/news.json", nil, :authorization => @authorization - end - - should_respond_with :success - should_respond_with_content_type :json - should "login as the user" do - assert_equal @user, User.current - end - end - - context "with an invalid HTTP authentication" do - setup do - @user = User.generate_with_protected! - @token = Token.generate!(:user => @user, :action => 'feeds') - @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'DoesNotMatter') - get "/news.json", nil, :authorization => @authorization - end - - should_respond_with :unauthorized - should_respond_with_content_type :json - should "not login as the user" do - assert_equal User.anonymous, User.current - end - end + should_allow_http_basic_auth_with_key(:get, "/news.json") end - end end diff --git a/test/test_helper.rb b/test/test_helper.rb index 285ef2fd9..18d8fd8f1 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -236,6 +236,45 @@ class ActiveSupport::TestCase end + # Test that a request allows the API key with HTTP BASIC + # + # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete) + # @param [String] url the request url + # @param [optional, Hash] parameters additional request parameters + def self.should_allow_http_basic_auth_with_key(http_method, url, parameters={}) + context "should allow http basic auth with a key for #{http_method} #{url}" do + context "with a valid HTTP authentication using the API token" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'api') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') + send(http_method, url, parameters, {:authorization => @authorization}) + end + + should_respond_with :success + should_respond_with_content_type_based_on_url(url) + should "login as the user" do + assert_equal @user, User.current + end + end + + context "with an invalid HTTP authentication" do + setup do + @user = User.generate_with_protected! + @token = Token.generate!(:user => @user, :action => 'feeds') + @authorization = ActionController::HttpAuthentication::Basic.encode_credentials(@token.value, 'X') + send(http_method, url, parameters, {:authorization => @authorization}) + end + + should_respond_with :unauthorized + should_respond_with_content_type_based_on_url(url) + should "not login as the user" do + assert_equal User.anonymous, User.current + end + end + end + end + # Test that a request allows full key authentication # # @param [Symbol] http_method the HTTP method for request (:get, :post, :put, :delete)