4 class PermissionsControllerTest < ActionDispatch::IntegrationTest
6 # test all routes which lead to this controller
9 { :path => "/api/0.6/permissions", :method => :get },
10 { :controller => "api/permissions", :action => "show" }
14 def test_permissions_anonymous
16 assert_response :success
17 assert_select "osm > permissions", :count => 1 do
18 assert_select "permission", :count => 0
22 def test_permissions_basic_auth
23 auth_header = basic_authorization_header create(:user).email, "test"
24 get permissions_path, :headers => auth_header
25 assert_response :success
26 assert_select "osm > permissions", :count => 1 do
27 assert_select "permission", :count => ClientApplication.all_permissions.size
28 ClientApplication.all_permissions.each do |p|
29 assert_select "permission[name='#{p}']", :count => 1
34 def test_permissions_oauth1
35 token = create(:access_token,
36 :allow_read_prefs => true,
37 :allow_write_api => true,
38 :allow_read_gpx => false)
39 signed_get permissions_path, :oauth => { :token => token }
40 assert_response :success
41 assert_select "osm > permissions", :count => 1 do
42 assert_select "permission", :count => 2
43 assert_select "permission[name='allow_read_prefs']", :count => 1
44 assert_select "permission[name='allow_write_api']", :count => 1
45 assert_select "permission[name='allow_read_gpx']", :count => 0
49 def test_permissions_oauth2
51 token = create(:oauth_access_token,
52 :resource_owner_id => user.id,
53 :scopes => %w[read_prefs write_api])
54 get permissions_path, :headers => bearer_authorization_header(token.token)
55 assert_response :success
56 assert_select "osm > permissions", :count => 1 do
57 assert_select "permission", :count => 2
58 assert_select "permission[name='allow_read_prefs']", :count => 1
59 assert_select "permission[name='allow_write_api']", :count => 1
60 assert_select "permission[name='allow_read_gpx']", :count => 0
projects / rails.git / blob