From: Tom Hughes Date: Sun, 8 Dec 2013 21:54:21 +0000 (+0000) Subject: Add functions tests for the oauth_clients controller X-Git-Tag: live~4515 X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/b93f79f5a07f71d5ae6cf4317de0fb114ce96628 Add functions tests for the oauth_clients controller --- diff --git a/app/controllers/oauth_clients_controller.rb b/app/controllers/oauth_clients_controller.rb index 32fbbdd62..320dab1b5 100644 --- a/app/controllers/oauth_clients_controller.rb +++ b/app/controllers/oauth_clients_controller.rb @@ -33,6 +33,9 @@ class OauthClientsController < ApplicationController def edit @client_application = @user.client_applications.find(params[:id]) + rescue ActiveRecord::RecordNotFound + @type = "client application" + render :action => "not_found", :status => :not_found end def update @@ -43,6 +46,9 @@ class OauthClientsController < ApplicationController else render :action => "edit" end + rescue ActiveRecord::RecordNotFound + @type = "client application" + render :action => "not_found", :status => :not_found end def destroy @@ -50,6 +56,9 @@ class OauthClientsController < ApplicationController @client_application.destroy flash[:notice] = t'oauth_clients.destroy.flash' redirect_to :action => "index" + rescue ActiveRecord::RecordNotFound + @type = "client application" + render :action => "not_found", :status => :not_found end private def application_params diff --git a/test/fixtures/client_applications.yml b/test/fixtures/client_applications.yml index e8087eb98..2da7a9df8 100644 --- a/test/fixtures/client_applications.yml +++ b/test/fixtures/client_applications.yml @@ -31,3 +31,18 @@ oauth_desktop_app: allow_write_api: true allow_read_gpx: true allow_write_gpx: false + +normal_user_app: + name: Some OAuth Desktop App + created_at: "2009-05-21 00:00:00" + support_url: http://some.desktop.app.org/support + updated_at: "2009-05-21 00:00:00" + user_id: 1 + secret: jgYx43yx1FAMQbG6T0qZhvvFsKEf6Pgd5XfHr5kFgv4 + key: N6KVhfeaT626fhBt9aCMeA + allow_read_prefs: true + allow_write_prefs: false + allow_write_diary: false + allow_write_api: true + allow_read_gpx: true + allow_write_gpx: false diff --git a/test/functional/oauth_clients_controller_test.rb b/test/functional/oauth_clients_controller_test.rb index 64a1e4e72..77f07b288 100644 --- a/test/functional/oauth_clients_controller_test.rb +++ b/test/functional/oauth_clients_controller_test.rb @@ -1,6 +1,8 @@ require File.dirname(__FILE__) + '/../test_helper' class OauthClientsControllerTest < ActionController::TestCase + fixtures :users, :client_applications + ## # test all routes which lead to this controller def test_routes @@ -33,4 +35,177 @@ class OauthClientsControllerTest < ActionController::TestCase { :controller => "oauth_clients", :action => "destroy", :display_name => "username", :id => "1" } ) end + + def test_index + user = users(:public_user) + + get :index, { :display_name => user.display_name } + assert_response :redirect + assert_redirected_to login_path(:referer => oauth_clients_path(:display_name => user.display_name)) + + get :index, { :display_name => user.display_name }, { :user => user } + assert_response :success + assert_template "index" + assert_select "div.client_application", 2 + end + + def test_new + user = users(:public_user) + + get :new, { :display_name => user.display_name } + assert_response :redirect + assert_redirected_to login_path(:referer => new_oauth_client_path(:display_name => user.display_name)) + + get :new, { :display_name => user.display_name }, { :user => user } + assert_response :success + assert_template "new" + assert_select "form", 1 do + assert_select "input#client_application_name", 1 + assert_select "input#client_application_url", 1 + assert_select "input#client_application_callback_url", 1 + assert_select "input#client_application_support_url", 1 + ClientApplication.all_permissions.each do |perm| + assert_select "input#client_application_#{perm}", 1 + end + end + end + + def test_create + user = users(:public_user) + + assert_difference "ClientApplication.count", 0 do + post :create, { :display_name => user.display_name } + end + assert_response :forbidden + + assert_difference "ClientApplication.count", 0 do + post :create, { + :display_name => user.display_name, + :client_application => { + :name => "Test Application" + } + }, { + :user => user + } + end + assert_response :success + assert_template "new" + + assert_difference "ClientApplication.count", 1 do + post :create, { + :display_name => user.display_name, + :client_application => { + :name => "Test Application", + :url => "http://test.example.com/" + } + }, { + :user => user + } + end + assert_response :redirect + assert_redirected_to oauth_client_path(:id => ClientApplication.find_by_name("Test Application").id) + end + + def test_show + user = users(:public_user) + client = client_applications(:oauth_web_app) + + get :show, { :display_name => user.display_name, :id => client.id } + assert_response :redirect + assert_redirected_to login_path(:referer => oauth_client_path(:display_name => user.display_name, :id => client.id)) + + get :show, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user } + assert_response :not_found + assert_template "not_found" + + get :show, { :display_name => user.display_name, :id => client.id }, { :user => user } + assert_response :success + assert_template "show" + end + + def test_edit + user = users(:public_user) + client = client_applications(:oauth_web_app) + + get :edit, { :display_name => user.display_name, :id => client.id } + assert_response :redirect + assert_redirected_to login_path(:referer => edit_oauth_client_path(:display_name => user.display_name, :id => client.id)) + + get :edit, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user } + assert_response :not_found + assert_template "not_found" + + get :edit, { :display_name => user.display_name, :id => client.id }, { :user => user } + assert_response :success + assert_template "edit" + assert_select "form", 1 do + assert_select "input#client_application_name", 1 + assert_select "input#client_application_url", 1 + assert_select "input#client_application_callback_url", 1 + assert_select "input#client_application_support_url", 1 + ClientApplication.all_permissions.each do |perm| + assert_select "input#client_application_#{perm}", 1 + end + end + end + + def test_update + user = users(:public_user) + client = client_applications(:oauth_web_app) + + put :update, { :display_name => user.display_name, :id => client.id } + assert_response :forbidden + + put :update, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user } + assert_response :not_found + assert_template "not_found" + + put :update, { + :display_name => user.display_name, + :id => client.id, + :client_application => { + :name => "New Name", + :url => nil + } + }, { + :user => user + } + assert_response :success + assert_template "edit" + + put :update, { + :display_name => user.display_name, + :id => client.id, + :client_application => { + :name => "New Name", + :url => "http://new.example.com/url" + } + }, { + :user => user + } + assert_response :redirect + assert_redirected_to oauth_client_path(:id => client.id) + end + + def test_destroy + user = users(:public_user) + client = client_applications(:oauth_web_app) + + assert_difference "ClientApplication.count", 0 do + delete :destroy, { :display_name => user.display_name, :id => client.id } + end + assert_response :forbidden + + assert_difference "ClientApplication.count", 0 do + delete :destroy, { :display_name => user.display_name, :id => client_applications(:normal_user_app).id }, { :user => user } + end + assert_response :not_found + assert_template "not_found" + + assert_difference "ClientApplication.count", -1 do + delete :destroy, { :display_name => user.display_name, :id => client.id }, { :user => user } + end + assert_response :redirect + assert_redirected_to oauth_clients_path(:display_name => user.display_name) + end end