X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/38e94c6baa987fe85b03bd92019326b275b35815..d10931effaabdbdd063029394981a26893a47db5:/test/functional/relation_controller_test.rb
diff --git a/test/functional/relation_controller_test.rb b/test/functional/relation_controller_test.rb
index 4baf810fe..dc7c64de2 100644
--- a/test/functional/relation_controller_test.rb
+++ b/test/functional/relation_controller_test.rb
@@ -77,11 +77,63 @@ class RelationControllerTest < ActionController::TestCase
# -------------------------------------
def test_create
- basic_authorization "test@openstreetmap.org", "test"
+ basic_authorization users(:normal_user).email, "test"
# put the relation in a dummy fixture changset
changeset_id = changesets(:normal_user_first_change).id
+ # create an relation without members
+ content ""
+ put :create
+ # hope for forbidden, due to user
+ assert_response :forbidden,
+ "relation upload should have failed with forbidden"
+
+ ###
+ # create an relation with a node as member
+ # This time try with a role attribute in the relation
+ nid = current_nodes(:used_node_1).id
+ content "" +
+ "" +
+ ""
+ put :create
+ # hope for forbidden due to user
+ assert_response :forbidden,
+ "relation upload did not return forbidden status"
+
+ ###
+ # create an relation with a node as member, this time test that we don't
+ # need a role attribute to be included
+ nid = current_nodes(:used_node_1).id
+ content "" +
+ ""+
+ ""
+ put :create
+ # hope for forbidden due to user
+ assert_response :forbidden,
+ "relation upload did not return forbidden status"
+
+ ###
+ # create an relation with a way and a node as members
+ nid = current_nodes(:used_node_1).id
+ wid = current_ways(:used_way).id
+ content "" +
+ "" +
+ "" +
+ ""
+ put :create
+ # hope for forbidden, due to user
+ assert_response :forbidden,
+ "relation upload did not return success status"
+
+
+
+ ## Now try with the public user
+ basic_authorization users(:public_user).email, "test"
+
+ # put the relation in a dummy fixture changset
+ changeset_id = changesets(:public_user_first_change).id
+
# create an relation without members
content ""
put :create
@@ -100,7 +152,7 @@ class RelationControllerTest < ActionController::TestCase
"saved relation does not contain exactly one tag"
assert_equal changeset_id, checkrelation.changeset.id,
"saved relation does not belong in the changeset it was assigned to"
- assert_equal users(:normal_user).id, checkrelation.changeset.user_id,
+ assert_equal users(:public_user).id, checkrelation.changeset.user_id,
"saved relation does not belong to user that created it"
assert_equal true, checkrelation.visible,
"saved relation is not visible"
@@ -132,7 +184,7 @@ class RelationControllerTest < ActionController::TestCase
"saved relation does not contain exactly one tag"
assert_equal changeset_id, checkrelation.changeset.id,
"saved relation does not belong in the changeset it was assigned to"
- assert_equal users(:normal_user).id, checkrelation.changeset.user_id,
+ assert_equal users(:public_user).id, checkrelation.changeset.user_id,
"saved relation does not belong to user that created it"
assert_equal true, checkrelation.visible,
"saved relation is not visible"
@@ -165,7 +217,7 @@ class RelationControllerTest < ActionController::TestCase
"saved relation does not contain exactly one tag"
assert_equal changeset_id, checkrelation.changeset.id,
"saved relation does not belong in the changeset it was assigned to"
- assert_equal users(:normal_user).id, checkrelation.changeset.user_id,
+ assert_equal users(:public_user).id, checkrelation.changeset.user_id,
"saved relation does not belong to user that created it"
assert_equal true, checkrelation.visible,
"saved relation is not visible"
@@ -198,7 +250,7 @@ class RelationControllerTest < ActionController::TestCase
"saved relation does not contain exactly one tag"
assert_equal changeset_id, checkrelation.changeset.id,
"saved relation does not belong in the changeset it was assigned to"
- assert_equal users(:normal_user).id, checkrelation.changeset.user_id,
+ assert_equal users(:public_user).id, checkrelation.changeset.user_id,
"saved relation does not belong to user that created it"
assert_equal true, checkrelation.visible,
"saved relation is not visible"
@@ -217,6 +269,7 @@ class RelationControllerTest < ActionController::TestCase
# happen to the correct tables and the API gives sensible results.
# this is to test a case that gregory marler noticed and posted to
# josm-dev.
+ ## FIXME Move this to an integration test
def test_update_relation_tags
basic_authorization "test@example.com", "test"
rel_id = current_relations(:multi_tag_relation).id
@@ -247,7 +300,7 @@ class RelationControllerTest < ActionController::TestCase
# and the API gives sensible results. this is to test a case that
# gregory marler noticed and posted to josm-dev.
def test_update_relation_tags_via_upload
- basic_authorization "test@example.com", "test"
+ basic_authorization users(:public_user).email, "test"
rel_id = current_relations(:multi_tag_relation).id
cs_id = changesets(:public_user_first_change).id
@@ -275,10 +328,10 @@ class RelationControllerTest < ActionController::TestCase
# -------------------------------------
def test_create_invalid
- basic_authorization "test@openstreetmap.org", "test"
+ basic_authorization users(:public_user).email, "test"
# put the relation in a dummy fixture changset
- changeset_id = changesets(:normal_user_first_change).id
+ changeset_id = changesets(:public_user_first_change).id
# create a relation with non-existing node as member
content "" +
@@ -294,10 +347,10 @@ class RelationControllerTest < ActionController::TestCase
# Test creating a relation, with some invalid XML
# -------------------------------------
def test_create_invalid_xml
- basic_authorization "test@openstreetmap.org", "test"
+ basic_authorization users(:public_user).email, "test"
# put the relation in a dummy fixture changeset that works
- changeset_id = changesets(:normal_user_first_change).id
+ changeset_id = changesets(:public_user_first_change).id
# create some xml that should return an error
content "" +
@@ -316,11 +369,12 @@ class RelationControllerTest < ActionController::TestCase
# -------------------------------------
def test_delete
- # first try to delete relation without auth
+ ## First try to delete relation without auth
delete :delete, :id => current_relations(:visible_relation).id
assert_response :unauthorized
- ## First try with the private user, to make sure that you get a forbidden
+
+ ## Then try with the private user, to make sure that you get a forbidden
basic_authorization(users(:normal_user).email, "test")
# this shouldn't work, as we should need the payload...
@@ -370,7 +424,7 @@ class RelationControllerTest < ActionController::TestCase
- # now set auth for the private user
+ ## now set auth for the public user
basic_authorization(users(:public_user).email, "test");
# this shouldn't work, as we should need the payload...
@@ -426,6 +480,11 @@ class RelationControllerTest < ActionController::TestCase
content(relations(:invisible_relation).to_xml)
delete :delete, :id => current_relations(:invisible_relation).id
assert_response :gone
+
+ # Public visible relation needs to be deleted
+ content(relations(:public_visible_relation).to_xml)
+ delete :delete, :id => current_relations(:public_visible_relation).id
+ assert_response :success
# this works now because the relation which was using this one
# has been deleted.