{ :path => "/api/0.6/permissions", :method => :get },
{ :controller => "api/permissions", :action => "show" }
)
+ assert_routing(
+ { :path => "/api/0.6/permissions.json", :method => :get },
+ { :controller => "api/permissions", :action => "show", :format => "json" }
+ )
end
def test_permissions_anonymous
assert_select "osm > permissions", :count => 1 do
assert_select "permission", :count => 0
end
+
+ # Test json
+ get permissions_path(:format => "json")
+ assert_response :success
+ assert_equal "application/json", @response.media_type
+
+ js = ActiveSupport::JSON.decode(@response.body)
+ assert_not_nil js
+ assert_equal 0, js["permissions"].count
end
def test_permissions_basic_auth
assert_select "permission[name='#{p}']", :count => 1
end
end
+
+ # Test json
+ get permissions_path(:format => "json"), :headers => auth_header
+ assert_response :success
+ assert_equal "application/json", @response.media_type
+
+ js = ActiveSupport::JSON.decode(@response.body)
+ assert_not_nil js
+ assert_equal ClientApplication.all_permissions.size, js["permissions"].count
+ ClientApplication.all_permissions.each do |p|
+ assert_includes js["permissions"], p.to_s
+ end
end
- def test_permissions_oauth
+ def test_permissions_oauth1
token = create(:access_token,
:allow_read_prefs => true,
:allow_write_api => true,
assert_select "permission[name='allow_read_gpx']", :count => 0
end
end
+
+ def test_permissions_oauth2
+ user = create(:user)
+ token = create(:oauth_access_token,
+ :resource_owner_id => user.id,
+ :scopes => %w[read_prefs write_api])
+ get permissions_path, :headers => bearer_authorization_header(token.token)
+ assert_response :success
+ assert_select "osm > permissions", :count => 1 do
+ assert_select "permission", :count => 2
+ assert_select "permission[name='allow_read_prefs']", :count => 1
+ assert_select "permission[name='allow_write_api']", :count => 1
+ assert_select "permission[name='allow_read_gpx']", :count => 0
+ end
+ end
end
end
projects / rails.git / blobdiff