X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/6e5240e1987a429e29d230e811af9176772a8228..15b104f4ff4614aa78c01180b6a9b89dd5a1400f:/test/controllers/way_controller_test.rb?ds=sidebyside diff --git a/test/controllers/way_controller_test.rb b/test/controllers/way_controller_test.rb index 93994aa69..285efe269 100644 --- a/test/controllers/way_controller_test.rb +++ b/test/controllers/way_controller_test.rb @@ -2,8 +2,6 @@ require "test_helper" require "way_controller" class WayControllerTest < ActionController::TestCase - api_fixtures - ## # test all routes which lead to this controller def test_routes @@ -39,15 +37,15 @@ class WayControllerTest < ActionController::TestCase def test_read # check that a visible way is returned properly - get :read, :id => create(:way).id + get :read, :params => { :id => create(:way).id } assert_response :success # check that an invisible way is not returned - get :read, :id => create(:way, :deleted).id + get :read, :params => { :id => create(:way, :deleted).id } assert_response :gone # check chat a non-existent way is not returned - get :read, :id => 0 + get :read, :params => { :id => 0 } assert_response :not_found end @@ -55,7 +53,7 @@ class WayControllerTest < ActionController::TestCase # check the "full" mode def test_full Way.all.each do |way| - get :full, :id => way.id + get :full, :params => { :id => way.id } # full call should say "gone" for non-visible ways... unless way.visible @@ -82,27 +80,32 @@ class WayControllerTest < ActionController::TestCase ## # test fetching multiple ways def test_ways + way1 = create(:way) + way2 = create(:way, :deleted) + way3 = create(:way) + way4 = create(:way) + # check error when no parameter provided get :ways assert_response :bad_request # check error when no parameter value provided - get :ways, :ways => "" + get :ways, :params => { :ways => "" } assert_response :bad_request # test a working call - get :ways, :ways => "1,2,4,6" + get :ways, :params => { :ways => "#{way1.id},#{way2.id},#{way3.id},#{way4.id}" } assert_response :success assert_select "osm" do assert_select "way", :count => 4 - assert_select "way[id='1'][visible='true']", :count => 1 - assert_select "way[id='2'][visible='false']", :count => 1 - assert_select "way[id='4'][visible='true']", :count => 1 - assert_select "way[id='6'][visible='true']", :count => 1 + assert_select "way[id='#{way1.id}'][visible='true']", :count => 1 + assert_select "way[id='#{way2.id}'][visible='false']", :count => 1 + assert_select "way[id='#{way3.id}'][visible='true']", :count => 1 + assert_select "way[id='#{way4.id}'][visible='true']", :count => 1 end # check error when a non-existent way is included - get :ways, :ways => "1,2,4,6,400" + get :ways, :params => { :ways => "#{way1.id},#{way2.id},#{way3.id},#{way4.id},400" } assert_response :not_found end @@ -125,8 +128,8 @@ class WayControllerTest < ActionController::TestCase changeset_id = private_changeset.id # create a way with pre-existing nodes - content "" + - "" + + content "" \ + "" \ "" put :create # hope for failure @@ -140,8 +143,8 @@ class WayControllerTest < ActionController::TestCase changeset_id = changeset.id # create a way with pre-existing nodes - content "" + - "" + + content "" \ + "" \ "" put :create # hope for success @@ -185,7 +188,7 @@ class WayControllerTest < ActionController::TestCase # use the first user's open changeset # create a way with non-existing node - content "" + + content "" \ "" put :create # expect failure @@ -193,7 +196,7 @@ class WayControllerTest < ActionController::TestCase "way upload with invalid node using a private user did not return 'forbidden'" # create a way with no nodes - content "" + + content "" \ "" put :create # expect failure @@ -201,7 +204,7 @@ class WayControllerTest < ActionController::TestCase "way upload with no node using a private userdid not return 'forbidden'" # create a way inside a closed changeset - content "" + + content "" \ "" put :create # expect failure @@ -213,7 +216,7 @@ class WayControllerTest < ActionController::TestCase # use the first user's open changeset # create a way with non-existing node - content "" + + content "" \ "" put :create # expect failure @@ -222,7 +225,7 @@ class WayControllerTest < ActionController::TestCase assert_equal "Precondition failed: Way requires the nodes with id in (0), which either do not exist, or are not visible.", @response.body # create a way with no nodes - content "" + + content "" \ "" put :create # expect failure @@ -231,7 +234,7 @@ class WayControllerTest < ActionController::TestCase assert_equal "Precondition failed: Cannot create way: data is invalid.", @response.body # create a way inside a closed changeset - content "" + + content "" \ "" put :create # expect failure @@ -239,9 +242,9 @@ class WayControllerTest < ActionController::TestCase "way upload to closed changeset did not return 'conflict'" # create a way with a tag which is too long - content "" + - "" + - "" + + content "" \ + "" \ + "" \ "" put :create # expect failure @@ -271,34 +274,34 @@ class WayControllerTest < ActionController::TestCase relation = relation_member.relation # first try to delete way without auth - delete :delete, :id => way.id + delete :delete, :params => { :id => way.id } assert_response :unauthorized # now set auth using the private user - basic_authorization(private_user.email, "test") + basic_authorization private_user.email, "test" # this shouldn't work as with the 0.6 api we need pay load to delete - delete :delete, :id => private_way.id + delete :delete, :params => { :id => private_way.id } assert_response :forbidden # Now try without having a changeset content "" - delete :delete, :id => private_way.id + delete :delete, :params => { :id => private_way.id } assert_response :forbidden # try to delete with an invalid (closed) changeset content update_changeset(private_way.to_xml, private_closed_changeset.id) - delete :delete, :id => private_way.id + delete :delete, :params => { :id => private_way.id } assert_response :forbidden # try to delete with an invalid (non-existent) changeset content update_changeset(private_way.to_xml, 0) - delete :delete, :id => private_way.id + delete :delete, :params => { :id => private_way.id } assert_response :forbidden # Now try with a valid changeset content private_way.to_xml - delete :delete, :id => private_way.id + delete :delete, :params => { :id => private_way.id } assert_response :forbidden # check the returned value - should be the new version number @@ -309,45 +312,45 @@ class WayControllerTest < ActionController::TestCase # this won't work since the way is already deleted content private_deleted_way.to_xml - delete :delete, :id => private_deleted_way.id + delete :delete, :params => { :id => private_deleted_way.id } assert_response :forbidden # this shouldn't work as the way is used in a relation content private_used_way.to_xml - delete :delete, :id => private_used_way.id + delete :delete, :params => { :id => private_used_way.id } assert_response :forbidden, "shouldn't be able to delete a way used in a relation (#{@response.body}), when done by a private user" # this won't work since the way never existed - delete :delete, :id => 0 + delete :delete, :params => { :id => 0 } assert_response :forbidden ### Now check with a public user # now set auth - basic_authorization(user.email, "test") + basic_authorization user.email, "test" # this shouldn't work as with the 0.6 api we need pay load to delete - delete :delete, :id => way.id + delete :delete, :params => { :id => way.id } assert_response :bad_request # Now try without having a changeset content "" - delete :delete, :id => way.id + delete :delete, :params => { :id => way.id } assert_response :bad_request # try to delete with an invalid (closed) changeset content update_changeset(way.to_xml, closed_changeset.id) - delete :delete, :id => way.id + delete :delete, :params => { :id => way.id } assert_response :conflict # try to delete with an invalid (non-existent) changeset content update_changeset(way.to_xml, 0) - delete :delete, :id => way.id + delete :delete, :params => { :id => way.id } assert_response :conflict # Now try with a valid changeset content way.to_xml - delete :delete, :id => way.id + delete :delete, :params => { :id => way.id } assert_response :success # check the returned value - should be the new version number @@ -358,18 +361,18 @@ class WayControllerTest < ActionController::TestCase # this won't work since the way is already deleted content deleted_way.to_xml - delete :delete, :id => deleted_way.id + delete :delete, :params => { :id => deleted_way.id } assert_response :gone # this shouldn't work as the way is used in a relation content used_way.to_xml - delete :delete, :id => used_way.id + delete :delete, :params => { :id => used_way.id } assert_response :precondition_failed, "shouldn't be able to delete a way used in a relation (#{@response.body})" assert_equal "Precondition failed: Way #{used_way.id} is still used by relations #{relation.id}.", @response.body # this won't work since the way never existed - delete :delete, :id => 0 + delete :delete, :params => { :id => 0 } assert_response :not_found end @@ -388,78 +391,78 @@ class WayControllerTest < ActionController::TestCase ## First test with no user credentials # try and update a way without authorisation content way.to_xml - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :unauthorized ## Second test with the private user # setup auth - basic_authorization(private_user.email, "test") + basic_authorization private_user.email, "test" ## trying to break changesets # try and update in someone else's changeset content update_changeset(private_way.to_xml, create(:changeset).id) - put :update, :id => private_way.id + put :update, :params => { :id => private_way.id } assert_require_public_data "update with other user's changeset should be forbidden when date isn't public" # try and update in a closed changeset content update_changeset(private_way.to_xml, - create(:changeset, :closed, :user => private_user)) - put :update, :id => private_way.id + create(:changeset, :closed, :user => private_user).id) + put :update, :params => { :id => private_way.id } assert_require_public_data "update with closed changeset should be forbidden, when data isn't public" # try and update in a non-existant changeset content update_changeset(private_way.to_xml, 0) - put :update, :id => private_way.id + put :update, :params => { :id => private_way.id } assert_require_public_data("update with changeset=0 should be forbidden, when data isn't public") ## try and submit invalid updates content xml_replace_node(private_way.to_xml, node.id, 9999) - put :update, :id => private_way.id + put :update, :params => { :id => private_way.id } assert_require_public_data "way with non-existent node should be forbidden, when data isn't public" content xml_replace_node(private_way.to_xml, node.id, create(:node, :deleted).id) - put :update, :id => private_way.id + put :update, :params => { :id => private_way.id } assert_require_public_data "way with deleted node should be forbidden, when data isn't public" ## finally, produce a good request which will still not work content private_way.to_xml - put :update, :id => private_way.id + put :update, :params => { :id => private_way.id } assert_require_public_data "should have failed with a forbidden when data isn't public" ## Finally test with the public user # setup auth - basic_authorization(user.email, "test") + basic_authorization user.email, "test" ## trying to break changesets # try and update in someone else's changeset content update_changeset(way.to_xml, create(:changeset).id) - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :conflict, "update with other user's changeset should be rejected" # try and update in a closed changeset content update_changeset(way.to_xml, - changesets(:normal_user_closed_change).id) - put :update, :id => way.id + create(:changeset, :closed, :user => user).id) + put :update, :params => { :id => way.id } assert_response :conflict, "update with closed changeset should be rejected" # try and update in a non-existant changeset content update_changeset(way.to_xml, 0) - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :conflict, "update with changeset=0 should be rejected" ## try and submit invalid updates content xml_replace_node(way.to_xml, node.id, 9999) - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :precondition_failed, "way with non-existent node should be rejected" content xml_replace_node(way.to_xml, node.id, create(:node, :deleted).id) - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :precondition_failed, "way with deleted node should be rejected" ## next, attack the versioning @@ -468,37 +471,37 @@ class WayControllerTest < ActionController::TestCase # try and submit a version behind content xml_attr_rewrite(way.to_xml, "version", current_way_version - 1) - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :conflict, "should have failed on old version number" # try and submit a version ahead content xml_attr_rewrite(way.to_xml, "version", current_way_version + 1) - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :conflict, "should have failed on skipped version number" # try and submit total crap in the version field content xml_attr_rewrite(way.to_xml, "version", "p1r4t3s!") - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :conflict, "should not be able to put 'p1r4at3s!' in the version field" ## try an update with the wrong ID content create(:way).to_xml - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :bad_request, "should not be able to update a way with a different ID from the XML" ## try an update with a minimal valid XML doc which isn't a well-formed OSM doc. content "" - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :bad_request, "should not be able to update a way with non-OSM XML doc." ## finally, produce a good request which should work content way.to_xml - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :success, "a valid update request failed" end @@ -516,7 +519,7 @@ class WayControllerTest < ActionController::TestCase ## Try with the non-public user # setup auth - basic_authorization(private_user.email, "test") + basic_authorization private_user.email, "test" # add an identical tag to the way tag_xml = XML::Node.new("tag") @@ -529,13 +532,13 @@ class WayControllerTest < ActionController::TestCase # try and upload it content way_xml - put :update, :id => private_way.id + put :update, :params => { :id => private_way.id } assert_response :forbidden, "adding a duplicate tag to a way for a non-public should fail with 'forbidden'" ## Now try with the public user # setup auth - basic_authorization(user.email, "test") + basic_authorization user.email, "test" # add an identical tag to the way tag_xml = XML::Node.new("tag") @@ -548,7 +551,7 @@ class WayControllerTest < ActionController::TestCase # try and upload it content way_xml - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :success, "adding a new tag to a way should succeed" assert_equal way.version + 1, @response.body.to_i @@ -566,7 +569,7 @@ class WayControllerTest < ActionController::TestCase ## Try with the non-public user # setup auth - basic_authorization(private_user.email, "test") + basic_authorization private_user.email, "test" # add an identical tag to the way tag_xml = XML::Node.new("tag") @@ -579,13 +582,13 @@ class WayControllerTest < ActionController::TestCase # try and upload it content way_xml - put :update, :id => private_way.id + put :update, :params => { :id => private_way.id } assert_response :forbidden, "adding a duplicate tag to a way for a non-public should fail with 'forbidden'" ## Now try with the public user # setup auth - basic_authorization(user.email, "test") + basic_authorization user.email, "test" # add an identical tag to the way tag_xml = XML::Node.new("tag") @@ -598,7 +601,7 @@ class WayControllerTest < ActionController::TestCase # try and upload it content way_xml - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :bad_request, "adding a duplicate tag to a way should fail with 'bad request'" assert_equal "Element way/#{way.id} has duplicate tags with key #{existing_tag.k}", @response.body @@ -614,7 +617,7 @@ class WayControllerTest < ActionController::TestCase ## First test with the non-public user so should be rejected # setup auth - basic_authorization(private_user.email, "test") + basic_authorization private_user.email, "test" # create duplicate tag tag_xml = XML::Node.new("tag") @@ -629,13 +632,13 @@ class WayControllerTest < ActionController::TestCase # try and upload it content way_xml - put :update, :id => private_way.id + put :update, :params => { :id => private_way.id } assert_response :forbidden, "adding new duplicate tags to a way using a non-public user should fail with 'forbidden'" ## Now test with the public user # setup auth - basic_authorization(user.email, "test") + basic_authorization user.email, "test" # create duplicate tag tag_xml = XML::Node.new("tag") @@ -650,7 +653,7 @@ class WayControllerTest < ActionController::TestCase # try and upload it content way_xml - put :update, :id => way.id + put :update, :params => { :id => way.id } assert_response :bad_request, "adding new duplicate tags to a way should fail with 'bad request'" assert_equal "Element way/#{way.id} has duplicate tags with key i_am_a_duplicate", @response.body @@ -668,7 +671,7 @@ class WayControllerTest < ActionController::TestCase ## First make sure that you can't with a non-public user # setup auth - basic_authorization(private_user.email, "test") + basic_authorization private_user.email, "test" # add the tag into the existing xml way_str = "" @@ -684,7 +687,7 @@ class WayControllerTest < ActionController::TestCase ## Now do it with a public user # setup auth - basic_authorization(user.email, "test") + basic_authorization user.email, "test" # add the tag into the existing xml way_str = "" @@ -716,7 +719,7 @@ class WayControllerTest < ActionController::TestCase _way3_v2 = create(:old_way, :current_way => way3_v1.current_way, :version => 2) create(:old_way_node, :old_way => way3_v1, :node => node) - get :ways_for_node, :id => node.id + get :ways_for_node, :params => { :id => node.id } assert_response :success ways_xml = XML::Parser.string(@response.body).parse assert_not_nil ways_xml, "failed to parse ways_for_node response"