5 class ClosesControllerTest < ActionDispatch::IntegrationTest
7 # test all routes which lead to this controller
10 { :path => "/api/0.6/changeset/1/close", :method => :put },
11 { :controller => "api/changesets/closes", :action => "update", :changeset_id => "1" }
15 def test_update_when_unauthorized
16 changeset = create(:changeset)
18 put api_changeset_close_path(changeset)
20 assert_response :unauthorized
21 assert_predicate changeset.reload, :open?
24 def test_update_by_private_user
25 user = create(:user, :data_public => false)
26 changeset = create(:changeset, :user => user)
27 auth_header = bearer_authorization_header user
29 put api_changeset_close_path(changeset), :headers => auth_header
31 assert_require_public_data
32 assert_predicate changeset.reload, :open?
35 def test_update_by_changeset_creator
37 changeset = create(:changeset, :user => user)
38 auth_header = bearer_authorization_header user
40 put api_changeset_close_path(changeset), :headers => auth_header
42 assert_response :success
43 assert_not_predicate changeset.reload, :open?
47 # test that a different user can't close another user's changeset
48 def test_update_invalid
50 changeset = create(:changeset)
52 auth_header = bearer_authorization_header user
54 put api_changeset_close_path(changeset), :headers => auth_header
55 assert_response :conflict
56 assert_equal "The user doesn't own that changeset", @response.body
60 # test that you can't close using another method
61 def test_update_method_invalid
63 changeset = create(:changeset, :user => user)
65 auth_header = bearer_authorization_header user
67 get api_changeset_close_path(changeset), :headers => auth_header
68 assert_response :not_found
69 assert_template "rescues/routing_error"
71 post api_changeset_close_path(changeset), :headers => auth_header
72 assert_response :not_found
73 assert_template "rescues/routing_error"
77 # check that you can't close a changeset that isn't found
78 def test_update_not_found
79 cs_ids = [0, -132, "123"]
81 # First try to do it with no auth
83 put api_changeset_close_path(id)
84 assert_response :unauthorized, "Shouldn't be able close the non-existant changeset #{id}, when not authorized"
85 rescue ActionController::UrlGenerationError => e
86 assert_match(/No route matches/, e.to_s)
90 auth_header = bearer_authorization_header
92 put api_changeset_close_path(id), :headers => auth_header
93 assert_response :not_found, "The changeset #{id} doesn't exist, so can't be closed"
94 rescue ActionController::UrlGenerationError => e
95 assert_match(/No route matches/, e.to_s)