From 11e6db89380142ada9638d02614beea2952d9b86 Mon Sep 17 00:00:00 2001
From: John Christopher Anderson <jchris@apache.org>
Date: Sat, 27 Jun 2009 13:36:29 +0000
Subject: A /_whoami handler to provide client apps with access to the active
 userCtx for their session. Thanks to the CouchDB University students and janl
 for helping to implement this.

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@788971 13f79535-47bb-0310-9956-ffa450edef68
---
 share/www/script/test/security_validation.js | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'share')

diff --git a/share/www/script/test/security_validation.js b/share/www/script/test/security_validation.js
index a41d8d70..1c185c01 100644
--- a/share/www/script/test/security_validation.js
+++ b/share/www/script/test/security_validation.js
@@ -60,6 +60,11 @@ couchTests.security_validation = function(debug) {
         T(wrongPasswordDb.last_req.status == 401);
       }
 
+      // test force_login=true. 
+      var resp = wrongPasswordDb.request("GET", "/_whoami?force_login=true");    
+      var err = JSON.parse(resp.responseText);
+      T(err.error == "unauthorized");
+      T(resp.status == 401);
 
       // Create the design doc that will run custom validation code
       var designDoc = {
@@ -99,6 +104,14 @@ couchTests.security_validation = function(debug) {
 
       T(userDb.save(designDoc).ok);
 
+      // test the _whoami endpoint
+      var resp = userDb.request("GET", "/_whoami");
+      var user = JSON.parse(resp.responseText)
+      T(user.name == "Damien Katz");
+      // test that the roles are listed properly
+      TEquals(user.roles, []);
+      
+
       // update the document
       var doc = userDb.open("testdoc");
       doc.foo=2;
-- 
cgit v1.2.3