]> git.openstreetmap.org Git - rails.git/blob - test/controllers/oauth2_applications_controller_test.rb
No need as that's the default behaviour
[rails.git] / test / controllers / oauth2_applications_controller_test.rb
1 # frozen_string_literal: true
2
3 require "test_helper"
4
5 class Oauth2ApplicationsControllerTest < ActionDispatch::IntegrationTest
6   ##
7   # test all routes which lead to this controller
8   def test_routes
9     assert_routing(
10       { :path => "/oauth2/applications", :method => :get },
11       { :controller => "oauth2_applications", :action => "index" }
12     )
13     assert_routing(
14       { :path => "/oauth2/applications", :method => :post },
15       { :controller => "oauth2_applications", :action => "create" }
16     )
17     assert_routing(
18       { :path => "/oauth2/applications/new", :method => :get },
19       { :controller => "oauth2_applications", :action => "new" }
20     )
21     assert_routing(
22       { :path => "/oauth2/applications/1/edit", :method => :get },
23       { :controller => "oauth2_applications", :action => "edit", :id => "1" }
24     )
25     assert_routing(
26       { :path => "/oauth2/applications/1", :method => :get },
27       { :controller => "oauth2_applications", :action => "show", :id => "1" }
28     )
29     assert_routing(
30       { :path => "/oauth2/applications/1", :method => :patch },
31       { :controller => "oauth2_applications", :action => "update", :id => "1" }
32     )
33     assert_routing(
34       { :path => "/oauth2/applications/1", :method => :put },
35       { :controller => "oauth2_applications", :action => "update", :id => "1" }
36     )
37     assert_routing(
38       { :path => "/oauth2/applications/1", :method => :delete },
39       { :controller => "oauth2_applications", :action => "destroy", :id => "1" }
40     )
41   end
42
43   def test_index
44     user = create(:user)
45     create_list(:oauth_application, 2, :owner => user)
46
47     get oauth_applications_path
48     assert_redirected_to login_path(:referer => oauth_applications_path)
49
50     session_for(user)
51
52     get oauth_applications_path
53     assert_response :success
54     assert_template "oauth2_applications/index"
55     assert_select "tbody tr", 2
56   end
57
58   def test_index_with_moderator_app
59     user = create(:user)
60     create(:oauth_application, :owner => user, :scopes => "write_redactions")
61
62     session_for(user)
63
64     get oauth_applications_path
65     assert_response :success
66   end
67
68   def test_new
69     user = create(:user)
70
71     get new_oauth_application_path
72     assert_redirected_to login_path(:referer => new_oauth_application_path)
73
74     session_for(user)
75
76     get new_oauth_application_path
77     assert_response :success
78     assert_template "oauth2_applications/new"
79     assert_select "#content form", 1 do
80       assert_select "input#oauth2_application_name", 1
81       assert_select "textarea#oauth2_application_redirect_uri", 1
82       assert_select "input#oauth2_application_confidential", 1
83       Oauth.scopes.each do |scope|
84         assert_select "input#oauth2_application_scopes_#{scope.name}", 1
85       end
86     end
87   end
88
89   def test_create
90     user = create(:user)
91
92     assert_difference "Doorkeeper::Application.count", 0 do
93       post oauth_applications_path
94     end
95     assert_response :forbidden
96
97     session_for(user)
98
99     assert_difference "Doorkeeper::Application.count", 0 do
100       post oauth_applications_path(:oauth2_application => {
101                                      :name => "Test Application"
102                                    })
103     end
104     assert_response :success
105     assert_template "oauth2_applications/new"
106
107     assert_difference "Doorkeeper::Application.count", 0 do
108       post oauth_applications_path(:oauth2_application => {
109                                      :name => "Test Application",
110                                      :redirect_uri => "https://test.example.com/",
111                                      :scopes => ["bad_scope"]
112                                    })
113     end
114     assert_response :success
115     assert_template "oauth2_applications/new"
116
117     assert_difference "Doorkeeper::Application.count", 1 do
118       post oauth_applications_path(:oauth2_application => {
119                                      :name => "Test Application",
120                                      :redirect_uri => "https://test.example.com/",
121                                      :scopes => ["read_prefs"]
122                                    })
123     end
124     assert_redirected_to oauth_application_path(:id => Doorkeeper::Application.find_by(:name => "Test Application").id)
125   end
126
127   def test_create_privileged
128     session_for(create(:user))
129
130     assert_difference "Doorkeeper::Application.count", 0 do
131       post oauth_applications_path(:oauth2_application => {
132                                      :name => "Test Application",
133                                      :redirect_uri => "https://test.example.com/",
134                                      :scopes => ["read_email"]
135                                    })
136     end
137     assert_response :success
138     assert_template "oauth2_applications/new"
139
140     session_for(create(:administrator_user))
141
142     assert_difference "Doorkeeper::Application.count", 1 do
143       post oauth_applications_path(:oauth2_application => {
144                                      :name => "Test Application",
145                                      :redirect_uri => "https://test.example.com/",
146                                      :scopes => ["read_email"]
147                                    })
148     end
149     assert_redirected_to oauth_application_path(:id => Doorkeeper::Application.find_by(:name => "Test Application").id)
150   end
151
152   def test_show
153     user = create(:user)
154     client = create(:oauth_application, :owner => user)
155     other_client = create(:oauth_application)
156
157     get oauth_application_path(:id => client)
158     assert_redirected_to login_path(:referer => oauth_application_path(:id => client.id))
159
160     session_for(user)
161
162     get oauth_application_path(:id => other_client)
163     assert_response :not_found
164     assert_template "oauth2_applications/not_found"
165
166     get oauth_application_path(:id => client)
167     assert_response :success
168     assert_template "oauth2_applications/show"
169   end
170
171   def test_edit
172     user = create(:user)
173     client = create(:oauth_application, :owner => user)
174     other_client = create(:oauth_application)
175
176     get edit_oauth_application_path(:id => client)
177     assert_redirected_to login_path(:referer => edit_oauth_application_path(:id => client.id))
178
179     session_for(user)
180
181     get edit_oauth_application_path(:id => other_client)
182     assert_response :not_found
183     assert_template "oauth2_applications/not_found"
184
185     get edit_oauth_application_path(:id => client)
186     assert_response :success
187     assert_template "oauth2_applications/edit"
188     assert_select "#content form", 1 do
189       assert_select "input#oauth2_application_name", 1
190       assert_select "textarea#oauth2_application_redirect_uri", 1
191       assert_select "input#oauth2_application_confidential", 1
192       Oauth.scopes.each do |scope|
193         assert_select "input#oauth2_application_scopes_#{scope.name}", 1
194       end
195     end
196   end
197
198   def test_update
199     user = create(:user)
200     client = create(:oauth_application, :owner => user)
201     other_client = create(:oauth_application)
202
203     put oauth_application_path(:id => client)
204     assert_response :forbidden
205
206     session_for(user)
207
208     put oauth_application_path(:id => other_client)
209     assert_response :not_found
210     assert_template "oauth2_applications/not_found"
211
212     put oauth_application_path(:id => client,
213                                :oauth2_application => {
214                                  :name => "New Name",
215                                  :redirect_uri => nil
216                                })
217     assert_response :success
218     assert_template "oauth2_applications/edit"
219
220     put oauth_application_path(:id => client,
221                                :oauth2_application => {
222                                  :name => "New Name",
223                                  :redirect_uri => "https://new.example.com/url"
224                                })
225     assert_redirected_to oauth_application_path(:id => client.id)
226   end
227
228   def test_destroy
229     user = create(:user)
230     client = create(:oauth_application, :owner => user)
231     other_client = create(:oauth_application)
232
233     assert_difference "Doorkeeper::Application.count", 0 do
234       delete oauth_application_path(:id => client)
235     end
236     assert_response :forbidden
237
238     session_for(user)
239
240     assert_difference "Doorkeeper::Application.count", 0 do
241       delete oauth_application_path(:id => other_client)
242     end
243     assert_response :not_found
244     assert_template "oauth2_applications/not_found"
245
246     assert_difference "Doorkeeper::Application.count", -1 do
247       delete oauth_application_path(:id => client)
248     end
249     assert_redirected_to oauth_applications_path
250   end
251 end