From 3d6cb1435cdf0fa0049c52f7701014bdcde67125 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Sat, 27 Nov 2010 16:37:15 +0000 Subject: [PATCH] Accept key auth for ProjectsController#destroy (#6841). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4443 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/projects_controller.rb | 2 +- test/integration/api_test/projects_test.rb | 22 ++++++++++++++-------- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 3bedd2c78..9a4a35b06 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -24,7 +24,7 @@ class ProjectsController < ApplicationController before_filter :authorize, :except => [ :index, :list, :new, :create, :copy, :archive, :unarchive, :destroy] before_filter :authorize_global, :only => [:new, :create] before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy ] - accept_key_auth :index, :create, :update + accept_key_auth :index, :create, :update, :destroy after_filter :only => [:create, :edit, :update, :archive, :unarchive, :destroy] do |controller| if controller.request.post? diff --git a/test/integration/api_test/projects_test.rb b/test/integration/api_test/projects_test.rb index c2ffa6920..cdac77ef9 100644 --- a/test/integration/api_test/projects_test.rb +++ b/test/integration/api_test/projects_test.rb @@ -31,7 +31,7 @@ class ApiTest::ProjectsTest < ActionController::IntegrationTest assert_response :success assert_equal 'application/xml', @response.content_type end - + def test_show get '/projects/1.xml' assert_response :success @@ -104,14 +104,20 @@ class ApiTest::ProjectsTest < ActionController::IntegrationTest assert_equal 'application/xml', @response.content_type assert_tag :errors, :child => {:tag => 'error', :content => "Name can't be blank"} end - - def test_destroy - assert_difference 'Project.count', -1 do - delete '/projects/2.xml', {}, :authorization => credentials('admin') + + context "DELETE /projects/2.xml" do + should_allow_api_authentication(:delete, + '/projects/2.xml', + {}, + {:success_code => :ok}) + + should "delete the project" do + assert_difference('Project.count',-1) do + delete '/projects/2.xml', {}, :authorization => credentials('admin') + end + assert_response :ok + assert_nil Project.find_by_id(2) end - assert_response :ok - assert_equal 'application/xml', @response.content_type - assert_nil Project.find_by_id(2) end def credentials(user, password=nil)