4 class UserPreferencesControllerTest < ActionDispatch::IntegrationTest
6 # test all routes which lead to this controller
9 { :path => "/api/0.6/user/preferences", :method => :get },
10 { :controller => "api/user_preferences", :action => "index" }
13 { :path => "/api/0.6/user/preferences", :method => :put },
14 { :controller => "api/user_preferences", :action => "update_all" }
17 { :path => "/api/0.6/user/preferences/key", :method => :get },
18 { :controller => "api/user_preferences", :action => "show", :preference_key => "key" }
21 { :path => "/api/0.6/user/preferences/key", :method => :put },
22 { :controller => "api/user_preferences", :action => "update", :preference_key => "key" }
25 { :path => "/api/0.6/user/preferences/key", :method => :delete },
26 { :controller => "api/user_preferences", :action => "destroy", :preference_key => "key" }
31 # test showing all preferences
33 # first try without auth
34 get user_preferences_path
35 assert_response :unauthorized, "should be authenticated"
37 # authenticate as a user with no preferences
38 auth_header = basic_authorization_header create(:user).email, "test"
41 get user_preferences_path, :headers => auth_header
42 assert_select "osm" do
43 assert_select "preferences", :count => 1 do
44 assert_select "preference", :count => 0
48 # authenticate as a user with preferences
50 user_preference = create(:user_preference, :user => user)
51 user_preference2 = create(:user_preference, :user => user)
52 auth_header = basic_authorization_header user.email, "test"
55 get user_preferences_path, :headers => auth_header
56 assert_response :success
57 assert_equal "application/xml", @response.media_type
58 assert_select "osm" do
59 assert_select "preferences", :count => 1 do
60 assert_select "preference", :count => 2
61 assert_select "preference[k=\"#{user_preference.k}\"][v=\"#{user_preference.v}\"]", :count => 1
62 assert_select "preference[k=\"#{user_preference2.k}\"][v=\"#{user_preference2.v}\"]", :count => 1
67 get user_preferences_path(:format => "json"), :headers => auth_header
68 assert_response :success
69 assert_equal "application/json", @response.media_type
71 js = ActiveSupport::JSON.decode(@response.body)
73 assert_equal 2, js["preferences"].count
77 # test showing one preference
80 create(:user_preference, :user => user, :k => "key", :v => "value")
82 # try a read without auth
83 get user_preference_path(:preference_key => "key")
84 assert_response :unauthorized, "should be authenticated"
86 # authenticate as a user with preferences
87 auth_header = basic_authorization_header user.email, "test"
90 get user_preference_path(:preference_key => "key"), :headers => auth_header
91 assert_response :success
92 assert_equal "text/plain", @response.media_type
93 assert_equal "value", @response.body
95 # try the read again for a non-existent key
96 get user_preference_path(:preference_key => "unknown_key"), :headers => auth_header
97 assert_response :not_found
101 # test bulk update action
104 create(:user_preference, :user => user, :k => "key", :v => "value")
105 create(:user_preference, :user => user, :k => "some_key", :v => "some_value")
107 # try a put without auth
108 assert_no_difference "UserPreference.count" do
109 put user_preferences_path, :params => "<osm><preferences><preference k='key' v='new_value'/><preference k='new_key' v='value'/></preferences></osm>"
111 assert_response :unauthorized, "should be authenticated"
112 assert_equal "value", UserPreference.find([user.id, "key"]).v
113 assert_equal "some_value", UserPreference.find([user.id, "some_key"]).v
114 assert_raises ActiveRecord::RecordNotFound do
115 UserPreference.find([user.id, "new_key"])
118 # authenticate as a user with preferences
119 auth_header = basic_authorization_header user.email, "test"
122 assert_no_difference "UserPreference.count" do
123 put user_preferences_path, :params => "<osm><preferences><preference k='key' v='new_value'/><preference k='new_key' v='value'/></preferences></osm>", :headers => auth_header
125 assert_response :success
126 assert_equal "text/plain", @response.media_type
127 assert_equal "", @response.body
128 assert_equal "new_value", UserPreference.find([user.id, "key"]).v
129 assert_equal "value", UserPreference.find([user.id, "new_key"]).v
130 assert_raises ActiveRecord::RecordNotFound do
131 UserPreference.find([user.id, "some_key"])
134 # try a put with duplicate keys
135 assert_no_difference "UserPreference.count" do
136 put user_preferences_path, :params => "<osm><preferences><preference k='key' v='value'/><preference k='key' v='newer_value'/></preferences></osm>", :headers => auth_header
138 assert_response :bad_request
139 assert_equal "text/plain", @response.media_type
140 assert_equal "Duplicate preferences with key key", @response.body
141 assert_equal "new_value", UserPreference.find([user.id, "key"]).v
143 # try a put with invalid content
144 assert_no_difference "UserPreference.count" do
145 put user_preferences_path, :params => "nonsense", :headers => auth_header
147 assert_response :bad_request
154 create(:user_preference, :user => user)
156 # try a put without auth
157 assert_no_difference "UserPreference.count" do
158 put user_preference_path(:preference_key => "new_key"), :params => "new_value"
160 assert_response :unauthorized, "should be authenticated"
161 assert_raises ActiveRecord::RecordNotFound do
162 UserPreference.find([user.id, "new_key"])
165 # authenticate as a user with preferences
166 auth_header = basic_authorization_header user.email, "test"
168 # try adding a new preference
169 assert_difference "UserPreference.count", 1 do
170 put user_preference_path(:preference_key => "new_key"), :params => "new_value", :headers => auth_header
172 assert_response :success
173 assert_equal "text/plain", @response.media_type
174 assert_equal "", @response.body
175 assert_equal "new_value", UserPreference.find([user.id, "new_key"]).v
177 # try changing the value of a preference
178 assert_no_difference "UserPreference.count" do
179 put user_preference_path(:preference_key => "new_key"), :params => "newer_value", :headers => auth_header
181 assert_response :success
182 assert_equal "text/plain", @response.media_type
183 assert_equal "", @response.body
184 assert_equal "newer_value", UserPreference.find([user.id, "new_key"]).v
188 # test destroy action
191 create(:user_preference, :user => user, :k => "key", :v => "value")
193 # try a delete without auth
194 assert_no_difference "UserPreference.count" do
195 delete user_preference_path(:preference_key => "key")
197 assert_response :unauthorized, "should be authenticated"
198 assert_equal "value", UserPreference.find([user.id, "key"]).v
200 # authenticate as a user with preferences
201 auth_header = basic_authorization_header user.email, "test"
203 # try the delete again
204 assert_difference "UserPreference.count", -1 do
205 delete user_preference_path(:preference_key => "key"), :headers => auth_header
207 assert_response :success
208 assert_equal "text/plain", @response.media_type
209 assert_equal "", @response.body
210 assert_raises ActiveRecord::RecordNotFound do
211 UserPreference.find([user.id, "key"])
214 # try the delete again for the same key
215 assert_no_difference "UserPreference.count" do
216 delete user_preference_path(:preference_key => "key"), :headers => auth_header
218 assert_response :not_found
219 assert_raises ActiveRecord::RecordNotFound do
220 UserPreference.find([user.id, "key"])
224 # Ensure that a valid access token with correct capabilities can be used to
226 def test_show_using_token
228 token = create(:access_token, :user => user, :allow_read_prefs => true)
229 create(:user_preference, :user => user, :k => "key", :v => "value")
231 signed_get user_preference_path(:preference_key => "key"), :oauth => { :token => token }
232 assert_response :success
235 # Ensure that a valid access token with incorrect capabilities can't be used
236 # to read preferences even, though the owner of that token could read them
238 def test_show_using_token_fail
240 token = create(:access_token, :user => user, :allow_read_prefs => false)
241 create(:user_preference, :user => user, :k => "key", :v => "value")
243 signed_get user_preference_path(:preference_key => "key"), :oauth => { :token => token }
244 assert_response :forbidden