Skip to content

O
OHR Support
Commit 7d934c98 authored by Eric Davis's avatar Eric Davis
Browse files
Options

Allow key authentication when updating issues (with tests) #6447 

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4366 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent 4b1dd334
Hide whitespace changes
Inline Side-by-side
Showing with 77 additions and 56 deletions
app/controllers/issues_controller.rb
View file @ 7d934c98
...@@ -27,7 +27,7 @@ class IssuesController < ApplicationController ...@@ -27,7 +27,7 @@ class IssuesController < ApplicationController
before_filter :find_optional_project, :only => [:index] before_filter :find_optional_project, :only => [:index]
before_filter :check_for_default_issue_status, :only => [:new, :create] before_filter :check_for_default_issue_status, :only => [:new, :create]
before_filter :build_new_issue_from_params, :only => [:new, :create] before_filter :build_new_issue_from_params, :only => [:new, :create]
accept_key_auth :index, :show, :create accept_key_auth :index, :show, :create, :update
rescue_from Query::StatementInvalid, :with => :query_statement_invalid rescue_from Query::StatementInvalid, :with => :query_statement_invalid
......
test/integration/api_test/issues_test.rb
View file @ 7d934c98
...@@ -160,120 +160,141 @@ class ApiTest::IssuesTest < ActionController::IntegrationTest ...@@ -160,120 +160,141 @@ class ApiTest::IssuesTest < ActionController::IntegrationTest
end end
end end
context "PUT /issues/1.xml" do # Issue 6 is on a private project
context "PUT /issues/6.xml" do
setup do setup do
@issue_count = Issue.count @parameters = {:issue => {:subject => 'API update', :notes => 'A new note'}}
@journal_count = Journal.count @headers = { :authorization => credentials('jsmith') }
@attributes = {:subject => 'API update', :notes => 'A new note'}
put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith')
end end
should_respond_with :ok should_allow_api_authentication(:put,
should_respond_with_content_type 'application/xml' '/issues/6.xml',
{:issue => {:subject => 'API update', :notes => 'A new note'}},
{:success_code => :ok})
should "not create a new issue" do should "not create a new issue" do
assert_equal Issue.count, @issue_count assert_no_difference('Issue.count') do
put '/issues/6.xml', @parameters, @headers
end
end end
should "create a new journal" do should "create a new journal" do
assert_equal Journal.count, @journal_count + 1 assert_difference('Journal.count') do
put '/issues/6.xml', @parameters, @headers
end
end end
should "add the note to the journal" do should "add the note to the journal" do
put '/issues/6.xml', @parameters, @headers
journal = Journal.last journal = Journal.last
assert_equal "A new note", journal.notes assert_equal "A new note", journal.notes
end end
should "update the issue" do should "update the issue" do
issue = Issue.find(1) put '/issues/6.xml', @parameters, @headers
@attributes.each do |attribute, value|
assert_equal value, issue.send(attribute) unless attribute == :notes issue = Issue.find(6)
end assert_equal "API update", issue.subject
end end
end end
context "PUT /issues/1.xml with failed update" do context "PUT /issues/6.xml with failed update" do
setup do setup do
@attributes = {:subject => ''} @parameters = {:issue => {:subject => ''}}
@issue_count = Issue.count @headers = { :authorization => credentials('jsmith') }
@journal_count = Journal.count
put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith')
end end
should_respond_with :unprocessable_entity should_allow_api_authentication(:put,
should_respond_with_content_type 'application/xml' '/issues/6.xml',
{:issue => {:subject => ''}}, # Missing subject should fail
{:success_code => :unprocessable_entity})
should "not create a new issue" do should "not create a new issue" do
assert_equal Issue.count, @issue_count assert_no_difference('Issue.count') do
put '/issues/6.xml', @parameters, @headers
end
end end
should "not create a new journal" do should "not create a new journal" do
assert_equal Journal.count, @journal_count assert_no_difference('Journal.count') do
put '/issues/6.xml', @parameters, @headers
end
end end
should "have an errors tag" do should "have an errors tag" do
put '/issues/6.xml', @parameters, @headers
assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"} assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"}
end end
end end
context "PUT /issues/1.json" do context "PUT /issues/6.json" do
setup do setup do
@issue_count = Issue.count @parameters = {:issue => {:subject => 'API update', :notes => 'A new note'}}
@journal_count = Journal.count @headers = { :authorization => credentials('jsmith') }
@attributes = {:subject => 'API update', :notes => 'A new note'}
put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith')
end end
should_respond_with :ok should_allow_api_authentication(:put,
should_respond_with_content_type 'application/json' '/issues/6.json',
{:issue => {:subject => 'API update', :notes => 'A new note'}},
{:success_code => :ok})
should "not create a new issue" do should "not create a new issue" do
assert_equal Issue.count, @issue_count assert_no_difference('Issue.count') do
put '/issues/6.json', @parameters, @headers
end
end end
should "create a new journal" do should "create a new journal" do
assert_equal Journal.count, @journal_count + 1 assert_difference('Journal.count') do
put '/issues/6.json', @parameters, @headers
end
end end
should "add the note to the journal" do should "add the note to the journal" do
put '/issues/6.json', @parameters, @headers
journal = Journal.last journal = Journal.last
assert_equal "A new note", journal.notes assert_equal "A new note", journal.notes
end end
should "update the issue" do should "update the issue" do
issue = Issue.find(1) put '/issues/6.json', @parameters, @headers
@attributes.each do |attribute, value|
assert_equal value, issue.send(attribute) unless attribute == :notes issue = Issue.find(6)
end assert_equal "API update", issue.subject
end end
end end
context "PUT /issues/1.json with failed update" do context "PUT /issues/6.json with failed update" do
setup do setup do
@attributes = {:subject => ''} @parameters = {:issue => {:subject => ''}}
@issue_count = Issue.count @headers = { :authorization => credentials('jsmith') }
@journal_count = Journal.count
put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith')
end end
should_respond_with :unprocessable_entity should_allow_api_authentication(:put,
should_respond_with_content_type 'application/json' '/issues/6.json',
{:issue => {:subject => ''}}, # Missing subject should fail
{:success_code => :unprocessable_entity})
should "not create a new issue" do should "not create a new issue" do
assert_equal Issue.count, @issue_count assert_no_difference('Issue.count') do
put '/issues/6.json', @parameters, @headers
end
end end
should "not create a new journal" do should "not create a new journal" do
assert_equal Journal.count, @journal_count assert_no_difference('Journal.count') do
put '/issues/6.json', @parameters, @headers
end
end end
should "have an errors attribute" do should "have an errors attribute" do
put '/issues/6.json', @parameters, @headers
json = ActiveSupport::JSON.decode(response.body) json = ActiveSupport::JSON.decode(response.body)
assert_equal "can't be blank", json.first['subject'] assert_equal "can't be blank", json.first['subject']
end end
......
test/test_helper.rb
View file @ 7d934c98
...@@ -401,8 +401,8 @@ class ActiveSupport::TestCase ...@@ -401,8 +401,8 @@ class ActiveSupport::TestCase
# Checks that the response is a valid JSON string # Checks that the response is a valid JSON string
def self.should_be_a_valid_json_string def self.should_be_a_valid_json_string
should "be a valid JSON string" do should "be a valid JSON string (or empty)" do
assert ActiveSupport::JSON.decode(response.body) assert (response.body.blank? || ActiveSupport::JSON.decode(response.body))
end end
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment