X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/85b0098b1c694de2859ac2aa4b864a6cb947c916..942e62117ff7f12d40618a94ea3f4e86f8cb25af:/test/controllers/user_controller_test.rb diff --git a/test/controllers/user_controller_test.rb b/test/controllers/user_controller_test.rb index 1404fc795..d3cf5ef13 100644 --- a/test/controllers/user_controller_test.rb +++ b/test/controllers/user_controller_test.rb @@ -20,6 +20,10 @@ class UserControllerTest < ActionController::TestCase { :path => "/api/0.6/user/gpx_files", :method => :get }, { :controller => "user", :action => "api_gpx_files" } ) + assert_routing( + { :path => "/api/0.6/users", :method => :get }, + { :controller => "user", :action => "api_users" } + ) assert_routing( { :path => "/login", :method => :get }, @@ -567,7 +571,7 @@ class UserControllerTest < ActionController::TestCase stub_gravatar_request(user.new_email, 200) confirm_string = user.tokens.create.token # precondition gravatar should be turned off - assert !user.image_use_gravatar + assert_not user.image_use_gravatar post :confirm_email, :params => { :confirm_string => confirm_string } assert_response :redirect assert_redirected_to :action => :account, :display_name => user.display_name @@ -588,7 +592,7 @@ class UserControllerTest < ActionController::TestCase assert_redirected_to :action => :account, :display_name => user.display_name assert_match /Confirmed your change of email address/, flash[:notice] # gravatar use should now be disabled - assert !User.find(user.id).image_use_gravatar + assert_not User.find(user.id).image_use_gravatar end def test_terms_new_user @@ -749,6 +753,12 @@ class UserControllerTest < ActionController::TestCase assert_response :success assert_template :reset_password + # Test that errors are reported for erroneous submissions + post :reset_password, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "different_password" } } + assert_response :success + assert_template :reset_password + assert_select "div#errorExplanation" + # Test setting a new password post :reset_password, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "new_password" } } assert_response :redirect @@ -772,7 +782,7 @@ class UserControllerTest < ActionController::TestCase # you are not logged in get :account, :params => { :display_name => user.display_name } assert_response :redirect - assert_redirected_to :controller => :user, :action => "login", :referer => "/user/#{URI.encode(user.display_name)}/account" + assert_redirected_to :controller => :user, :action => "login", :referer => "/user/#{ERB::Util.u(user.display_name)}/account" # Make sure that you are blocked when not logged in as the right user get :account, :params => { :display_name => user.display_name }, :session => { :user => create(:user) } @@ -785,7 +795,7 @@ class UserControllerTest < ActionController::TestCase assert_select "form#accountForm" do |form| assert_equal "post", form.attr("method").to_s assert_select "input[name='_method']", false - assert_equal "/user/#{URI.encode(user.display_name)}/account", form.attr("action").to_s + assert_equal "/user/#{ERB::Util.u(user.display_name)}/account", form.attr("action").to_s end # Updating the description should work @@ -853,7 +863,7 @@ class UserControllerTest < ActionController::TestCase # Adding external authentication should redirect to the auth provider post :account, :params => { :display_name => user.display_name, :user => user.attributes.merge(:auth_provider => "openid", :auth_uid => "gmail.com") }, :session => { :user => user } assert_response :redirect - assert_redirected_to auth_path(:provider => "openid", :openid_url => "https://www.google.com/accounts/o8/id", :origin => "/user/#{URI.encode(user.display_name)}/account") + assert_redirected_to auth_path(:provider => "openid", :openid_url => "https://www.google.com/accounts/o8/id", :origin => "/user/#{ERB::Util.u(user.display_name)}/account") # Changing name to one that exists should fail new_attributes = user.attributes.dup.merge(:display_name => create(:user).display_name) @@ -935,14 +945,14 @@ class UserControllerTest < ActionController::TestCase get :view, :params => { :display_name => user.display_name } assert_response :success assert_select "div#userinformation" do - assert_select "a[href^='/user/#{URI.encode(user.display_name)}/history']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/traces']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary/comments']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/account']", 0 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks']", 0 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks_by']", 0 - assert_select "a[href='/blocks/new/#{URI.encode(user.display_name)}']", 0 + assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/traces']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 0 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0 + assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 0 end # Test a user who has been blocked @@ -951,14 +961,14 @@ class UserControllerTest < ActionController::TestCase get :view, :params => { :display_name => blocked_user.display_name } assert_response :success assert_select "div#userinformation" do - assert_select "a[href^='/user/#{URI.encode(blocked_user.display_name)}/history']", 1 - assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/traces']", 1 - assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/diary']", 1 - assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/diary/comments']", 1 - assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/account']", 0 - assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/blocks']", 1 - assert_select "a[href='/user/#{URI.encode(blocked_user.display_name)}/blocks_by']", 0 - assert_select "a[href='/blocks/new/#{URI.encode(blocked_user.display_name)}']", 0 + assert_select "a[href^='/user/#{ERB::Util.u(blocked_user.display_name)}/history']", 1 + assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/traces']", 1 + assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/diary']", 1 + assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/diary/comments']", 1 + assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/account']", 0 + assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/blocks']", 1 + assert_select "a[href='/user/#{ERB::Util.u(blocked_user.display_name)}/blocks_by']", 0 + assert_select "a[href='/blocks/new/#{ERB::Util.u(blocked_user.display_name)}']", 0 end # Test a moderator who has applied blocks @@ -967,14 +977,14 @@ class UserControllerTest < ActionController::TestCase get :view, :params => { :display_name => moderator_user.display_name } assert_response :success assert_select "div#userinformation" do - assert_select "a[href^='/user/#{URI.encode(moderator_user.display_name)}/history']", 1 - assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/traces']", 1 - assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/diary']", 1 - assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/diary/comments']", 1 - assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/account']", 0 - assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/blocks']", 0 - assert_select "a[href='/user/#{URI.encode(moderator_user.display_name)}/blocks_by']", 1 - assert_select "a[href='/blocks/new/#{URI.encode(moderator_user.display_name)}']", 0 + assert_select "a[href^='/user/#{ERB::Util.u(moderator_user.display_name)}/history']", 1 + assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/traces']", 1 + assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/diary']", 1 + assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/diary/comments']", 1 + assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/account']", 0 + assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/blocks']", 0 + assert_select "a[href='/user/#{ERB::Util.u(moderator_user.display_name)}/blocks_by']", 1 + assert_select "a[href='/blocks/new/#{ERB::Util.u(moderator_user.display_name)}']", 0 end # Login as a normal user @@ -984,14 +994,14 @@ class UserControllerTest < ActionController::TestCase get :view, :params => { :display_name => user.display_name } assert_response :success assert_select "div#userinformation" do - assert_select "a[href^='/user/#{URI.encode(user.display_name)}/history']", 1 + assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1 assert_select "a[href='/traces/mine']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary/comments']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/account']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks']", 0 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks_by']", 0 - assert_select "a[href='/blocks/new/#{URI.encode(user.display_name)}']", 0 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0 + assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 0 end # Login as a moderator @@ -1001,14 +1011,14 @@ class UserControllerTest < ActionController::TestCase get :view, :params => { :display_name => user.display_name } assert_response :success assert_select "div#userinformation" do - assert_select "a[href^='/user/#{URI.encode(user.display_name)}/history']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/traces']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/diary/comments']", 1 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/account']", 0 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks']", 0 - assert_select "a[href='/user/#{URI.encode(user.display_name)}/blocks_by']", 0 - assert_select "a[href='/blocks/new/#{URI.encode(user.display_name)}']", 1 + assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/traces']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/diary/comments']", 1 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/account']", 0 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks']", 0 + assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/blocks_by']", 0 + assert_select "a[href='/blocks/new/#{ERB::Util.u(user.display_name)}']", 1 end end @@ -1140,6 +1150,48 @@ class UserControllerTest < ActionController::TestCase end end + def test_api_users + user1 = create(:user, :description => "test1", :terms_agreed => Date.yesterday) + user2 = create(:user, :description => "test2", :terms_agreed => Date.yesterday) + user3 = create(:user, :description => "test3", :terms_agreed => Date.yesterday) + + get :api_users, :params => { :users => user1.id } + assert_response :success + assert_equal "text/xml", response.content_type + assert_select "user", :count => 1 do + assert_select "user[id='#{user1.id}']", :count => 1 + assert_select "user[id='#{user2.id}']", :count => 0 + assert_select "user[id='#{user3.id}']", :count => 0 + end + + get :api_users, :params => { :users => user2.id } + assert_response :success + assert_equal "text/xml", response.content_type + assert_select "user", :count => 1 do + assert_select "user[id='#{user1.id}']", :count => 0 + assert_select "user[id='#{user2.id}']", :count => 1 + assert_select "user[id='#{user3.id}']", :count => 0 + end + + get :api_users, :params => { :users => "#{user1.id},#{user3.id}" } + assert_response :success + assert_equal "text/xml", response.content_type + assert_select "user", :count => 2 do + assert_select "user[id='#{user1.id}']", :count => 1 + assert_select "user[id='#{user2.id}']", :count => 0 + assert_select "user[id='#{user3.id}']", :count => 1 + end + + get :api_users, :params => { :users => create(:user, :suspended).id } + assert_response :not_found + + get :api_users, :params => { :users => create(:user, :deleted).id } + assert_response :not_found + + get :api_users, :params => { :users => 0 } + assert_response :not_found + end + def test_api_gpx_files user = create(:user) trace1 = create(:trace, :user => user) do |trace|