X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/dc2a2c8ebd1a11e4a64555fda22c6859a51defff..93fb360a08e388997e402faa6d5804580b11b1c5:/test/integration/oauth_test.rb

diff --git a/test/integration/oauth_test.rb b/test/integration/oauth_test.rb
index 9bbe2c2a9..0d6d30016 100644
--- a/test/integration/oauth_test.rb
+++ b/test/integration/oauth_test.rb
@@ -2,6 +2,7 @@ require "test_helper"
 
 class OAuthTest < ActionDispatch::IntegrationTest
   fixtures :users, :client_applications, :gpx_files
+  set_fixture_class :gpx_files => Trace
 
   include OAuth::Helper
 
@@ -48,6 +49,9 @@ class OAuthTest < ActionDispatch::IntegrationTest
     signed_get "/api/0.6/user/preferences", :consumer => client, :token => token
     assert_response :success
 
+    signed_get "/api/0.6/gpx/2", :consumer => client, :token => token
+    assert_response :forbidden
+
     post "/oauth/revoke", :token => token.token
     assert_redirected_to oauth_clients_url(token.user.display_name)
     token = OauthToken.find_by_token(token.token)
@@ -93,6 +97,9 @@ class OAuthTest < ActionDispatch::IntegrationTest
     signed_get "/api/0.6/gpx/2", :consumer => client, :token => token
     assert_response :success
 
+    signed_get "/api/0.6/user/details", :consumer => client, :token => token
+    assert_response :forbidden
+
     post "/oauth/revoke", :token => token.token
     assert_redirected_to oauth_clients_url(token.user.display_name)
     token = OauthToken.find_by_token(token.token)
@@ -145,6 +152,9 @@ class OAuthTest < ActionDispatch::IntegrationTest
     signed_get "/api/0.6/user/preferences", :consumer => client, :token => token
     assert_response :success
 
+    signed_get "/api/0.6/gpx/2", :consumer => client, :token => token
+    assert_response :forbidden
+
     post "/oauth/revoke", :token => token.token
     assert_redirected_to oauth_clients_url(token.user.display_name)
     token = OauthToken.find_by_token(token.token)
@@ -203,6 +213,9 @@ class OAuthTest < ActionDispatch::IntegrationTest
     signed_get "/api/0.6/user/preferences", :consumer => client, :token => token
     assert_response :success
 
+    signed_get "/api/0.6/gpx/2", :consumer => client, :token => token
+    assert_response :forbidden
+
     post "/oauth/revoke", :token => token.token
     assert_redirected_to oauth_clients_url(token.user.display_name)
     token = OauthToken.find_by_token(token.token)
@@ -254,6 +267,9 @@ class OAuthTest < ActionDispatch::IntegrationTest
     signed_get "/api/0.6/gpx/2", :consumer => client, :token => token
     assert_response :success
 
+    signed_get "/api/0.6/user/details", :consumer => client, :token => token
+    assert_response :forbidden
+
     post "/oauth/revoke", :token => token.token
     assert_redirected_to oauth_clients_url(token.user.display_name)
     token = OauthToken.find_by_token(token.token)
@@ -314,6 +330,9 @@ class OAuthTest < ActionDispatch::IntegrationTest
     signed_get "/api/0.6/user/preferences", :consumer => client, :token => token
     assert_response :success
 
+    signed_get "/api/0.6/gpx/2", :consumer => client, :token => token
+    assert_response :forbidden
+
     post "/oauth/revoke", :token => token.token
     assert_redirected_to oauth_clients_url(token.user.display_name)
     token = OauthToken.find_by_token(token.token)