summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzul <azul@riseup.net>2016-05-18 21:00:42 +0200
committerAzul <azul@riseup.net>2016-05-20 16:35:55 +0200
commite542a3056c27fd662ef767b6720861035f6dbb1c (patch)
tree45d0d16069a7820a58583423956c8cc4f5f64819
parent83f59164fc069f2593cf6babbc18638d9a68c9a3 (diff)
api: set defaults for version in routes
This way we do not need to specify it all the times. In the functional tests defaults do not get added automatically. Introduced api_{get,put,post,delete} to add format and version default. One to two functional tests failing, everything else passes.
-rw-r--r--config/routes.rb2
-rw-r--r--test/functional/api/certs_controller_test.rb16
-rw-r--r--test/functional/api/identities_controller_test.rb8
-rw-r--r--test/functional/api/messages_controller_test.rb14
-rw-r--r--test/functional/api/services_controller_test.rb8
-rw-r--r--test/functional/api/sessions_controller_test.rb12
-rw-r--r--test/functional/api/smtp_certs_controller_test.rb10
-rw-r--r--test/functional/api/token_auth_test.rb8
-rw-r--r--test/functional/api/users_controller_test.rb38
-rw-r--r--test/support/api_controller_test.rb29
10 files changed, 87 insertions, 58 deletions
diff --git a/config/routes.rb b/config/routes.rb
index a1a5b3c..7fbedf2 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -26,7 +26,7 @@ LeapWeb::Application.routes.draw do
namespace "api", { module: "api",
path: "/:version/",
- defaults: {format: 'json'},
+ defaults: {version: '2', format: 'json'},
:constraints => { :id => /[^\/]+(?=\.json\z)|[^\/]+/, :version => /[12]/ }
} do
resources :sessions, :only => [:new, :create, :update]
diff --git a/test/functional/api/certs_controller_test.rb b/test/functional/api/certs_controller_test.rb
index 137ed92..f23b4c8 100644
--- a/test/functional/api/certs_controller_test.rb
+++ b/test/functional/api/certs_controller_test.rb
@@ -1,11 +1,11 @@
-require_relative '../../test_helper'
+require 'test_helper'
-class Api::CertsControllerTest < ActionController::TestCase
+class Api::CertsControllerTest < ApiControllerTest
test "create unlimited cert without login" do
with_config allow_anonymous_certs: true do
cert = expect_cert('UNLIMITED')
- post :create
+ api_post :create
assert_response :success
assert_equal cert.to_s, @response.body
end
@@ -15,7 +15,7 @@ class Api::CertsControllerTest < ActionController::TestCase
with_config allow_limited_certs: true do
login
cert = expect_cert('LIMITED')
- post :create
+ api_post :create
assert_response :success
assert_equal cert.to_s, @response.body
end
@@ -23,14 +23,14 @@ class Api::CertsControllerTest < ActionController::TestCase
test "fail to create cert when disabled" do
login :enabled? => false
- post :create
+ api_post :create
assert_access_denied
end
test "create unlimited cert" do
login effective_service_level: ServiceLevel.new(id: 2)
cert = expect_cert('UNLIMITED')
- post :create
+ api_post :create
assert_response :success
assert_equal cert.to_s, @response.body
end
@@ -38,13 +38,13 @@ class Api::CertsControllerTest < ActionController::TestCase
test "GET still works as an alias" do
login effective_service_level: ServiceLevel.new(id: 2)
cert = expect_cert('UNLIMITED')
- get :show
+ api_get :show
assert_response :success
assert_equal cert.to_s, @response.body
end
test "redirect if no eip service offered" do
- post :create
+ api_post :create
assert_response :redirect
end
diff --git a/test/functional/api/identities_controller_test.rb b/test/functional/api/identities_controller_test.rb
index e803ee7..57345c8 100644
--- a/test/functional/api/identities_controller_test.rb
+++ b/test/functional/api/identities_controller_test.rb
@@ -1,15 +1,15 @@
require_relative '../../test_helper'
-class Api::IdentitiesControllerTest < ActionController::TestCase
+class Api::IdentitiesControllerTest < ApiControllerTest
test "api monitor can fetch identity" do
monitor_auth do
identity = FactoryGirl.create :identity
- get :show, :id => identity.address, :format => 'json'
+ api_get :show, :id => identity.address, :format => 'json'
assert_response :success
assert_equal identity, assigns(:identity)
- get :show, :id => "blahblahblah", :format => 'json'
+ api_get :show, :id => "blahblahblah", :format => 'json'
assert_response :not_found
end
end
@@ -17,7 +17,7 @@ class Api::IdentitiesControllerTest < ActionController::TestCase
test "anonymous cannot fetch identity" do
identity = FactoryGirl.create :identity
- get :show, :id => identity.address, :format => 'json'
+ api_get :show, :id => identity.address, :format => 'json'
assert_response :forbidden
end
diff --git a/test/functional/api/messages_controller_test.rb b/test/functional/api/messages_controller_test.rb
index 01641d4..e586980 100644
--- a/test/functional/api/messages_controller_test.rb
+++ b/test/functional/api/messages_controller_test.rb
@@ -1,6 +1,6 @@
require 'test_helper'
-class Api::MessagesControllerTest < ActionController::TestCase
+class Api::MessagesControllerTest < ApiControllerTest
setup do
@user = FactoryGirl.build(:user)
@@ -13,7 +13,7 @@ class Api::MessagesControllerTest < ActionController::TestCase
test "get the motd" do
with_config("customization_directory" => Rails.root+'test/files') do
login @user
- get :index, :locale => 'es'
+ api_get :index, :locale => 'es'
body = JSON.parse(response.body)
message1 = "<p>\"This\" is a <strong>very</strong> fine message. <a href=\"https://bitmask.net\">https://bitmask.net</a></p>\n"
assert_equal 2, body.size, 'there should be two messages'
@@ -24,7 +24,7 @@ class Api::MessagesControllerTest < ActionController::TestCase
test "get localized motd" do
with_config("customization_directory" => Rails.root+'test/files') do
login @user
- get :index, :locale => 'de'
+ api_get :index, :locale => 'de'
body = JSON.parse(response.body)
message1 = "<p>Dies ist eine sehr feine Nachricht. <a href=\"https://bitmask.net\">https://bitmask.net</a></p>\n"
assert_equal message1, body.first["text"], 'first message text should match files/motd/1.de.md'
@@ -33,7 +33,7 @@ class Api::MessagesControllerTest < ActionController::TestCase
test "get empty motd" do
login @user
- get :index
+ api_get :index
assert_equal "[]", response.body, "motd response should be empty if no motd directory exists"
end
@@ -58,7 +58,7 @@ class Api::MessagesControllerTest < ActionController::TestCase
test "get messages for user" do
login @user
- get :index
+ api_get :index
assert response.body.include? @message.text
assert response.body.include? @message.id
end
@@ -78,7 +78,7 @@ class Api::MessagesControllerTest < ActionController::TestCase
login @user
put :update, :id => @message.id
@message.reload
- get :index
+ api_get :index
assert !(response.body.include? @message.text)
assert !(response.body.include? @message.id)
end
@@ -91,7 +91,7 @@ class Api::MessagesControllerTest < ActionController::TestCase
end
test "fails if not authenticated" do
- get :index, :format => :json
+ api_get :index, :format => :json
assert_login_required
end
=end
diff --git a/test/functional/api/services_controller_test.rb b/test/functional/api/services_controller_test.rb
index b1dc9f3..cb85edf 100644
--- a/test/functional/api/services_controller_test.rb
+++ b/test/functional/api/services_controller_test.rb
@@ -1,16 +1,16 @@
require 'test_helper'
-class Api::ServicesControllerTest < ActionController::TestCase
+class Api::ServicesControllerTest < ApiControllerTest
test "anonymous user gets login required service info" do
- get :show, format: :json
+ api_get :show, format: :json
assert_json_response error: 'not_authorized_login',
message: 'Please log in to perform that action.'
end
test "anonymous user gets vpn service info" do
with_config allow_anonymous_certs: true do
- get :show, format: :json
+ api_get :show, format: :json
assert_json_response name: 'anonymous',
eip_rate_limit: false,
description: 'anonymous access to the VPN'
@@ -19,7 +19,7 @@ class Api::ServicesControllerTest < ActionController::TestCase
test "user can see their service info" do
login
- get :show, format: :json
+ api_get :show, format: :json
default_level = APP_CONFIG[:default_service_level]
assert_json_response APP_CONFIG[:service_levels][default_level]
end
diff --git a/test/functional/api/sessions_controller_test.rb b/test/functional/api/sessions_controller_test.rb
index 0633578..03a1ef9 100644
--- a/test/functional/api/sessions_controller_test.rb
+++ b/test/functional/api/sessions_controller_test.rb
@@ -3,7 +3,7 @@ require 'test_helper'
# This is a simple controller unit test.
# We're stubbing out both warden and srp.
# There's an integration test testing the full rack stack and srp
-class Api::SessionsControllerTest < ActionController::TestCase
+class Api::SessionsControllerTest < ApiControllerTest
setup do
@request.env['HTTP_HOST'] = 'api.lvh.me'
@@ -12,7 +12,7 @@ class Api::SessionsControllerTest < ActionController::TestCase
end
test "renders json" do
- get :new, :format => :json
+ api_get :new, :format => :json
assert_response :success
assert_json_error nil
end
@@ -22,7 +22,7 @@ class Api::SessionsControllerTest < ActionController::TestCase
strategy = stub :message => {:field => :translate_me}
request.env['warden'].stubs(:winning_strategy).returns(strategy)
I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub")
- get :new, :format => :json
+ api_get :new, :format => :json
assert_response 422
assert_json_error :field => "translation stub"
end
@@ -33,7 +33,7 @@ class Api::SessionsControllerTest < ActionController::TestCase
request.env['warden'].expects(:authenticate!)
# make sure we don't get a template missing error:
@controller.stubs(:render)
- post :create, :login => @user.login, 'A' => @client_hex
+ api_post :create, :login => @user.login, 'A' => @client_hex
end
test "should authenticate" do
@@ -42,7 +42,7 @@ class Api::SessionsControllerTest < ActionController::TestCase
handshake = stub(:to_hash => {h: "ash"})
session[:handshake] = handshake
- post :update, :id => @user.login, :client_auth => @client_hex
+ api_post :update, :id => @user.login, :client_auth => @client_hex
assert_nil session[:handshake]
assert_response :success
@@ -55,7 +55,7 @@ class Api::SessionsControllerTest < ActionController::TestCase
test "destroy should logout" do
login
expect_logout
- delete :destroy
+ api_delete :destroy
assert_response 204
end
diff --git a/test/functional/api/smtp_certs_controller_test.rb b/test/functional/api/smtp_certs_controller_test.rb
index 2142675..393f090 100644
--- a/test/functional/api/smtp_certs_controller_test.rb
+++ b/test/functional/api/smtp_certs_controller_test.rb
@@ -1,17 +1,17 @@
require 'test_helper'
-class Api::SmtpCertsControllerTest < ActionController::TestCase
+class Api::SmtpCertsControllerTest < ApiControllerTest
test "no smtp cert without login" do
with_config allow_anonymous_certs: true do
- post :create
+ api_post :create
assert_login_required
end
end
test "require service level with email" do
login
- post :create
+ api_post :create
assert_access_denied
end
@@ -19,14 +19,14 @@ class Api::SmtpCertsControllerTest < ActionController::TestCase
login effective_service_level: ServiceLevel.new(id: 2)
cert = expect_cert(@current_user.email_address)
cert.expects(:fingerprint).returns('fingerprint')
- post :create
+ api_post :create
assert_response :success
assert_equal cert.to_s, @response.body
end
test "fail to create cert when disabled" do
login :enabled? => false
- post :create
+ api_post :create
assert_access_denied
end
diff --git a/test/functional/api/token_auth_test.rb b/test/functional/api/token_auth_test.rb
index 17a4775..c7f91c7 100644
--- a/test/functional/api/token_auth_test.rb
+++ b/test/functional/api/token_auth_test.rb
@@ -5,13 +5,13 @@
require 'test_helper'
-class Api::TokenAuthTest < ActionController::TestCase
+class Api::TokenAuthTest < ApiControllerTest
tests Api::ConfigsController
def test_login_via_api_token
with_config(:allow_anonymous_certs => false) do
monitor_auth do
- get :index
+ api_get :index
assert assigns(:token), 'should have authenticated via api token'
assert assigns(:token).is_a? ApiToken
assert @controller.send(:current_user).is_a? ApiMonitorUser
@@ -26,10 +26,10 @@ class Api::TokenAuthTest < ActionController::TestCase
with_config(new_config) do
monitor_auth do
request.env['REMOTE_ADDR'] = "1.1.1.1"
- get :index
+ api_get :index
assert_nil assigns(:token), "should not be able to auth with api token when ip restriction doesn't allow it"
request.env['REMOTE_ADDR'] = allowed
- get :index
+ api_get :index
assert assigns(:token), "should have authenticated via api token"
end
end
diff --git a/test/functional/api/users_controller_test.rb b/test/functional/api/users_controller_test.rb
index bc2e312..32afd0a 100644
--- a/test/functional/api/users_controller_test.rb
+++ b/test/functional/api/users_controller_test.rb
@@ -1,6 +1,6 @@
-require_relative '../../test_helper'
+require 'test_helper'
-class Api::UsersControllerTest < ActionController::TestCase
+class Api::UsersControllerTest < ApiControllerTest
test "user can change settings" do
user = find_record :user
@@ -10,7 +10,7 @@ class Api::UsersControllerTest < ActionController::TestCase
Account.expects(:new).with(user).returns(account_settings)
login user
- put :update, :user => changed_attribs, :id => user.id, :format => :json
+ api_put :update, :user => changed_attribs, :id => user.id, :format => :json
assert_equal user, assigns[:user]
assert_response 204
@@ -25,7 +25,7 @@ class Api::UsersControllerTest < ActionController::TestCase
Account.expects(:new).with(user).returns(account_settings)
login :is_admin? => true
- put :update, :user => changed_attribs, :id => user.id, :format => :json
+ api_put :update, :user => changed_attribs, :id => user.id, :format => :json
assert_equal user, assigns[:user]
assert_response 204
@@ -34,7 +34,7 @@ class Api::UsersControllerTest < ActionController::TestCase
test "user cannot update other user" do
user = find_record :user
login
- put :update, id: user.id,
+ api_put :update, id: user.id,
user: record_attributes_for(:user_with_settings),
:format => :json
assert_access_denied
@@ -45,7 +45,7 @@ class Api::UsersControllerTest < ActionController::TestCase
user = User.new(user_attribs)
Account.expects(:create).with(user_attribs).returns(user)
- post :create, :user => user_attribs, :format => :json
+ api_post :create, :user => user_attribs, :format => :json
assert_nil session[:user_id]
assert_json_response user
@@ -59,7 +59,7 @@ class Api::UsersControllerTest < ActionController::TestCase
assert !user.valid?
Account.expects(:create).with(user_attribs).returns(user)
- post :create, :user => user_attribs, :format => :json
+ api_post :create, :user => user_attribs, :format => :json
assert_json_error user.errors.messages
assert_response 422
@@ -67,7 +67,7 @@ class Api::UsersControllerTest < ActionController::TestCase
test "admin can autocomplete users" do
login :is_admin? => true
- get :index, :query => 'a', :format => :json
+ api_get :index, :query => 'a', :format => :json
assert_response :success
assert assigns(:users)
@@ -76,7 +76,7 @@ class Api::UsersControllerTest < ActionController::TestCase
test "create returns forbidden if registration is closed" do
user_attribs = record_attributes_for :user
with_config(allow_registration: false) do
- post :create, :user => user_attribs, :format => :json
+ api_post :create, :user => user_attribs, :format => :json
assert_response :forbidden
end
end
@@ -84,20 +84,20 @@ class Api::UsersControllerTest < ActionController::TestCase
test "admin can show user" do
user = FactoryGirl.create :user
login :is_admin? => true
- get :show, :id => 0, :login => user.login, :format => :json
+ api_get :show, :id => 0, :login => user.login, :format => :json
assert_response :success
assert_json_response user
- get :show, :id => user.id, :format => :json
+ api_get :show, :id => user.id, :format => :json
assert_response :success
assert_json_response user
- get :show, :id => "0", :format => :json
+ api_get :show, :id => "0", :format => :json
assert_response :not_found
end
test "normal users cannot show user" do
user = find_record :user
login
- get :show, :id => 0, :login => user.login, :format => :json
+ api_get :show, :id => 0, :login => user.login, :format => :json
assert_access_denied
end
@@ -106,9 +106,9 @@ class Api::UsersControllerTest < ActionController::TestCase
with_config(allow_registration: false, invite_required: true) do
monitor_auth do
user_attribs = record_attributes_for :test_user
- post :create, :user => user_attribs, :format => :json
+ api_post :create, :user => user_attribs, :format => :json
assert_response :success
- delete :destroy, :id => assigns(:user).id, :format => :json
+ api_delete :destroy, :id => assigns(:user).id, :format => :json
assert_response :success
end
end
@@ -117,17 +117,17 @@ class Api::UsersControllerTest < ActionController::TestCase
test "api monitor auth cannot create normal users" do
monitor_auth do
user_attribs = record_attributes_for :user
- post :create, :user => user_attribs, :format => :json
+ api_post :create, :user => user_attribs, :format => :json
assert_response :forbidden
end
end
- test "api monitor auth cannot delete normal users" do
- post :create, :user => record_attributes_for(:user), :format => :json
+ test "api monitor auth cannot api_delete normal users" do
+ api_post :create, :user => record_attributes_for(:user), :format => :json
assert_response :success
normal_user_id = assigns(:user).id
monitor_auth do
- delete :destroy, :id => normal_user_id, :format => :json
+ api_delete :destroy, :id => normal_user_id, :format => :json
assert_response :forbidden
end
end
diff --git a/test/support/api_controller_test.rb b/test/support/api_controller_test.rb
new file mode 100644
index 0000000..06cb46a
--- /dev/null
+++ b/test/support/api_controller_test.rb
@@ -0,0 +1,29 @@
+class ApiControllerTest < ActionController::TestCase
+
+ def api_get(*args)
+ get *add_api_defaults(args)
+ end
+
+ def api_post(*args)
+ post *add_api_defaults(args)
+ end
+
+ def api_delete(*args)
+ delete *add_api_defaults(args)
+ end
+
+ def api_put(*args)
+ put *add_api_defaults(args)
+ end
+
+ def add_api_defaults(args)
+ add_defaults args, version: '2'
+ end
+
+ def add_defaults(args, defaults)
+ opts = args.extract_options!
+ opts.reverse_merge! defaults
+ args << opts
+ args
+ end
+end