diff options
author | Azul <azul@riseup.net> | 2016-05-03 09:01:18 -0300 |
---|---|---|
committer | Azul <azul@riseup.net> | 2016-05-03 09:01:18 -0300 |
commit | a7718c19ab96648e37063c05bffe21bc2c315325 (patch) | |
tree | 23a0bf0516d7586130b155e51daa5f328b10d878 /test/functional/configs_controller_with_static_tokens_test.rb | |
parent | c9f24739664e9d4f7bcdafa87c7d53a5f339cbae (diff) |
fix type mismatch TokenAuthTest
rails 4 mixes model, controller and integration tests. So lets
give this one a better name
Diffstat (limited to 'test/functional/configs_controller_with_static_tokens_test.rb')
-rw-r--r-- | test/functional/configs_controller_with_static_tokens_test.rb | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/test/functional/configs_controller_with_static_tokens_test.rb b/test/functional/configs_controller_with_static_tokens_test.rb new file mode 100644 index 0000000..79739fe --- /dev/null +++ b/test/functional/configs_controller_with_static_tokens_test.rb @@ -0,0 +1,40 @@ +# +# tests for authenticating an admin or monitor user +# via static configured tokens. +# + +require 'test_helper' + +class ConfigsControllerWithStaticTokensTest < ActionController::TestCase + tests V1::ConfigsController + + def test_login_via_api_token + with_config(:allow_anonymous_certs => false) do + monitor_auth do + get :index + assert assigns(:token), 'should have authenticated via api token' + assert assigns(:token).is_a? ApiToken + assert @controller.send(:current_user).is_a? ApiMonitorUser + end + end + end + + def test_fail_api_auth_when_ip_not_allowed + with_config(:allow_anonymous_certs => false) do + allowed = "99.99.99.99" + new_config = {api_tokens: APP_CONFIG["api_tokens"].merge(allowed_ips: [allowed])} + with_config(new_config) do + monitor_auth do + request.env['REMOTE_ADDR'] = "1.1.1.1" + get :index + assert_nil assigns(:token), "should not be able to auth with api token when ip restriction doesn't allow it" + request.env['REMOTE_ADDR'] = allowed + get :index + assert assigns(:token), "should have authenticated via api token" + end + end + end + end + +end + |