X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/2b06961ce3702c2ddcbcd56cce005504ce2dffb3..f0bacf837d2deeabfc9db11de89d7aa238f0b63a:/test/controllers/trace_controller_test.rb

diff --git a/test/controllers/trace_controller_test.rb b/test/controllers/trace_controller_test.rb
index 908e4c89b..9821352e1 100644
--- a/test/controllers/trace_controller_test.rb
+++ b/test/controllers/trace_controller_test.rb
@@ -157,10 +157,6 @@ class TraceControllerTest < ActionController::TestCase
       { :path => "/trace/1/edit", :method => :post },
       { :controller => "trace", :action => "edit", :id => "1" }
     )
-    assert_routing(
-      { :path => "/trace/1/edit", :method => :patch },
-      { :controller => "trace", :action => "edit", :id => "1" }
-    )
     assert_routing(
       { :path => "/trace/1/delete", :method => :post },
       { :controller => "trace", :action => "delete", :id => "1" }
@@ -322,17 +318,12 @@ class TraceControllerTest < ActionController::TestCase
   def test_view_not_found
     deleted_trace_file = create(:trace, :deleted)
 
-    # First with no auth
-    get :view, :display_name => deleted_trace_file.user.display_name, :id => 0
+    # First with a trace that has never existed
+    get :view, :display_name => create(:user).display_name, :id => 0
     assert_response :redirect
     assert_redirected_to :action => :list
 
-    # Now with some other user
-    get :view, { :display_name => deleted_trace_file.user.display_name, :id => 0 }, { :user => create(:user) }
-    assert_response :redirect
-    assert_redirected_to :action => :list
-
-    # And finally we should not be able to view a deleted trace
+    # Now with a trace that has been deleted
     get :view, { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, { :user => deleted_trace_file.user }
     assert_response :redirect
     assert_redirected_to :action => :list
@@ -393,12 +384,8 @@ class TraceControllerTest < ActionController::TestCase
   def test_data_not_found
     deleted_trace_file = create(:trace, :deleted)
 
-    # First with no auth and a trace that has never existed
-    get :data, :display_name => deleted_trace_file.user.display_name, :id => 0
-    assert_response :not_found
-
-    # Now with a trace that has never existed
-    get :data, { :display_name => deleted_trace_file.user.display_name, :id => 0 }, { :user => deleted_trace_file.user }
+    # First with a trace that has never existed
+    get :data, :display_name => create(:user).display_name, :id => 0
     assert_response :not_found
 
     # Now with a trace that has been deleted
@@ -442,16 +429,13 @@ class TraceControllerTest < ActionController::TestCase
 
   # Test downloading the picture for a trace that doesn't exist
   def test_picture_not_found
-    # First with no auth, which should work since the trace is public
-    get :picture, :display_name => create(:user).display_name, :id => 0
-    assert_response :not_found
+    deleted_trace_file = create(:trace, :deleted)
 
-    # Now with some other user, which should work since the trace is public
-    get :picture, { :display_name => create(:user).display_name, :id => 0 }, { :user => create(:user) }
+    # First with a trace that has never existed
+    get :picture, :display_name => create(:user).display_name, :id => 0
     assert_response :not_found
 
-    # And finally we should not be able to do it with a deleted trace
-    deleted_trace_file = create(:trace, :deleted)
+    # Now with a trace that has been deleted
     get :picture, { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, { :user => deleted_trace_file.user }
     assert_response :not_found
   end
@@ -492,16 +476,13 @@ class TraceControllerTest < ActionController::TestCase
 
   # Test downloading the icon for a trace that doesn't exist
   def test_icon_not_found
-    # First with no auth
-    get :icon, :display_name => create(:user).display_name, :id => 0
-    assert_response :not_found
+    deleted_trace_file = create(:trace, :deleted)
 
-    # Now with some other user
-    get :icon, { :display_name => create(:user).display_name, :id => 0 }, { :user => create(:user) }
+    # First with a trace that has never existed
+    get :icon, :display_name => create(:user).display_name, :id => 0
     assert_response :not_found
 
-    # And finally we should not be able to do it with a deleted trace
-    deleted_trace_file = create(:trace, :deleted)
+    # Now with a trace that has been deleted
     get :icon, { :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id }, { :user => deleted_trace_file.user }
     assert_response :not_found
   end
@@ -744,17 +725,17 @@ class TraceControllerTest < ActionController::TestCase
     public_trace_file = create(:trace, :visibility => "public", :fixture => "a")
 
     # First with no auth
-    get :api_data, :display_name => public_trace_file.user.display_name, :id => public_trace_file.id
+    get :api_data, :id => public_trace_file.id
     assert_response :unauthorized
 
     # Now with some other user, which should work since the trace is public
     basic_authorization(create(:user).display_name, "test")
-    get :api_data, :display_name => public_trace_file.user.display_name, :id => public_trace_file.id
+    get :api_data, :id => public_trace_file.id
     check_trace_data public_trace_file
 
     # And finally we should be able to do it with the owner of the trace
     basic_authorization(public_trace_file.user.display_name, "test")
-    get :api_data, :display_name => public_trace_file.user.display_name, :id => public_trace_file.id
+    get :api_data, :id => public_trace_file.id
     check_trace_data public_trace_file
   end
 
@@ -766,15 +747,15 @@ class TraceControllerTest < ActionController::TestCase
     basic_authorization(identifiable_trace_file.user.display_name, "test")
 
     # First get the data as is
-    get :api_data, :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id
+    get :api_data, :id => identifiable_trace_file.id
     check_trace_data identifiable_trace_file, "application/x-gzip", "gpx.gz"
 
     # Now ask explicitly for XML format
-    get :api_data, :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "xml"
+    get :api_data, :id => identifiable_trace_file.id, :format => "xml"
     check_trace_data identifiable_trace_file, "application/xml", "xml"
 
     # Now ask explicitly for GPX format
-    get :api_data, :display_name => identifiable_trace_file.user.display_name, :id => identifiable_trace_file.id, :format => "gpx"
+    get :api_data, :id => identifiable_trace_file.id, :format => "gpx"
     check_trace_data identifiable_trace_file
   end
 
@@ -783,35 +764,36 @@ class TraceControllerTest < ActionController::TestCase
     anon_trace_file = create(:trace, :visibility => "private", :fixture => "b")
 
     # First with no auth
-    get :api_data, :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id
+    get :api_data, :id => anon_trace_file.id
     assert_response :unauthorized
 
     # Now with some other user, which shouldn't work since the trace is anon
     basic_authorization(create(:user).display_name, "test")
-    get :api_data, :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id
+    get :api_data, :id => anon_trace_file.id
     assert_response :forbidden
 
     # And finally we should be able to do it with the owner of the trace
     basic_authorization(anon_trace_file.user.display_name, "test")
-    get :api_data, :display_name => anon_trace_file.user.display_name, :id => anon_trace_file.id
+    get :api_data, :id => anon_trace_file.id
     check_trace_data anon_trace_file
   end
 
   # Test downloading a trace that doesn't exist through the api
   def test_api_data_not_found
-    # First with no auth
-    get :api_data, :display_name => create(:user).display_name, :id => 0
+    deleted_trace_file = create(:trace, :deleted)
+
+    # Try first with no auth, as it should require it
+    get :api_data, :id => 0
     assert_response :unauthorized
 
-    # Now with a trace that has never existed
+    # Login, and try again
     basic_authorization(create(:user).display_name, "test")
-    get :api_data, :display_name => create(:user).display_name, :id => 0
+    get :api_data, :id => 0
     assert_response :not_found
 
-    # Now with a trace that has been deleted
-    deleted_trace_file = create(:trace, :deleted)
+    # Now try a trace which did exist but has been deleted
     basic_authorization(deleted_trace_file.user.display_name, "test")
-    get :api_data, :display_name => deleted_trace_file.user.display_name, :id => deleted_trace_file.id
+    get :api_data, :id => deleted_trace_file.id
     assert_response :not_found
   end