summaryrefslogtreecommitdiff
path: root/test/functional/v1
diff options
context:
space:
mode:
authorAzul <azul@riseup.net>2016-05-01 10:55:33 -0300
committerAzul <azul@riseup.net>2016-05-18 20:07:41 +0200
commite05a1b0f5ae40a2aa17976b3009cd563b8e4660a (patch)
tree77774fd7e70211febaf3a15c6e3b3e7340843c11 /test/functional/v1
parenta1b494e334406660a1f49fb7de9b043493809640 (diff)
api: allow version bumping - bump to 2
Diffstat (limited to 'test/functional/v1')
-rw-r--r--test/functional/v1/certs_controller_test.rb60
-rw-r--r--test/functional/v1/identities_controller_test.rb24
-rw-r--r--test/functional/v1/messages_controller_test.rb99
-rw-r--r--test/functional/v1/services_controller_test.rb28
-rw-r--r--test/functional/v1/sessions_controller_test.rb62
-rw-r--r--test/functional/v1/smtp_certs_controller_test.rb43
-rw-r--r--test/functional/v1/users_controller_test.rb135
7 files changed, 0 insertions, 451 deletions
diff --git a/test/functional/v1/certs_controller_test.rb b/test/functional/v1/certs_controller_test.rb
deleted file mode 100644
index 04c1c86..0000000
--- a/test/functional/v1/certs_controller_test.rb
+++ /dev/null
@@ -1,60 +0,0 @@
-require_relative '../../test_helper'
-
-class V1::CertsControllerTest < ActionController::TestCase
-
- test "create unlimited cert without login" do
- with_config allow_anonymous_certs: true do
- cert = expect_cert('UNLIMITED')
- post :create
- assert_response :success
- assert_equal cert.to_s, @response.body
- end
- end
-
- test "create limited cert" do
- with_config allow_limited_certs: true do
- login
- cert = expect_cert('LIMITED')
- post :create
- assert_response :success
- assert_equal cert.to_s, @response.body
- end
- end
-
- test "fail to create cert when disabled" do
- login :enabled? => false
- post :create
- assert_access_denied
- end
-
- test "create unlimited cert" do
- login effective_service_level: ServiceLevel.new(id: 2)
- cert = expect_cert('UNLIMITED')
- post :create
- assert_response :success
- assert_equal cert.to_s, @response.body
- end
-
- test "GET still works as an alias" do
- login effective_service_level: ServiceLevel.new(id: 2)
- cert = expect_cert('UNLIMITED')
- get :show
- assert_response :success
- assert_equal cert.to_s, @response.body
- end
-
- test "redirect if no eip service offered" do
- post :create
- assert_response :redirect
- end
-
- protected
-
- def expect_cert(prefix)
- cert = stub :to_s => "#{prefix.downcase} cert"
- ClientCertificate.expects(:new).
- with(:prefix => prefix).
- returns(cert)
- return cert
- end
-end
diff --git a/test/functional/v1/identities_controller_test.rb b/test/functional/v1/identities_controller_test.rb
deleted file mode 100644
index 6410c44..0000000
--- a/test/functional/v1/identities_controller_test.rb
+++ /dev/null
@@ -1,24 +0,0 @@
-require_relative '../../test_helper'
-
-class V1::IdentitiesControllerTest < ActionController::TestCase
-
- test "api monitor can fetch identity" do
- monitor_auth do
- identity = FactoryGirl.create :identity
- get :show, :id => identity.address, :format => 'json'
- assert_response :success
- assert_equal identity, assigns(:identity)
-
- get :show, :id => "blahblahblah", :format => 'json'
- assert_response :not_found
- end
- end
-
-
- test "anonymous cannot fetch identity" do
- identity = FactoryGirl.create :identity
- get :show, :id => identity.address, :format => 'json'
- assert_response :forbidden
- end
-
-end
diff --git a/test/functional/v1/messages_controller_test.rb b/test/functional/v1/messages_controller_test.rb
deleted file mode 100644
index f37cca0..0000000
--- a/test/functional/v1/messages_controller_test.rb
+++ /dev/null
@@ -1,99 +0,0 @@
-require 'test_helper'
-
-class V1::MessagesControllerTest < ActionController::TestCase
-
- setup do
- @user = FactoryGirl.build(:user)
- @user.save
- end
-
- # NOTE: the available languages for test are :en and :de
- # so :es will result in english response.
-
- test "get the motd" do
- with_config("customization_directory" => Rails.root+'test/files') do
- login @user
- get :index, :locale => 'es'
- body = JSON.parse(response.body)
- message1 = "<p>\"This\" is a <strong>very</strong> fine message. <a href=\"https://bitmask.net\">https://bitmask.net</a></p>\n"
- assert_equal 2, body.size, 'there should be two messages'
- assert_equal message1, body.first["text"], 'first message text should match files/motd/1.en.md'
- end
- end
-
- test "get localized motd" do
- with_config("customization_directory" => Rails.root+'test/files') do
- login @user
- get :index, :locale => 'de'
- body = JSON.parse(response.body)
- message1 = "<p>Dies ist eine sehr feine Nachricht. <a href=\"https://bitmask.net\">https://bitmask.net</a></p>\n"
- assert_equal message1, body.first["text"], 'first message text should match files/motd/1.de.md'
- end
- end
-
- test "get empty motd" do
- login @user
- get :index
- assert_equal "[]", response.body, "motd response should be empty if no motd directory exists"
- end
-
- ##
- ## For now, only the static file MOTD is supported, not messages in the db.
- ## so, this is disabled:
- ##
-=begin
- setup do
- InviteCodeValidator.any_instance.stubs(:validate)
- @user = FactoryGirl.build(:user)
- @user.save
- @message = Message.new(:text => 'a test message')
- @message.user_ids_to_show << @user.id
- @message.save
- end
-
- teardown do
- @message.destroy
- @user.destroy
- end
-
- test "get messages for user" do
- login @user
- get :index
- assert response.body.include? @message.text
- assert response.body.include? @message.id
- end
-
- test "mark message read for user" do
- login @user
- assert @message.user_ids_to_show.include?(@user.id)
- assert !@message.user_ids_have_shown.include?(@user.id)
- put :update, :id => @message.id
- @message.reload
- assert !@message.user_ids_to_show.include?(@user.id)
- assert @message.user_ids_have_shown.include?(@user.id)
- assert_success :marked_as_read
- end
-
- test "do not get seen messages" do
- login @user
- put :update, :id => @message.id
- @message.reload
- get :index
- assert !(response.body.include? @message.text)
- assert !(response.body.include? @message.id)
- end
-
-
- test "mark read responds even with bad inputs" do
- login @user
- put :update, :id => 'more nonsense'
- assert_not_found
- end
-
- test "fails if not authenticated" do
- get :index, :format => :json
- assert_login_required
- end
-=end
-
-end
diff --git a/test/functional/v1/services_controller_test.rb b/test/functional/v1/services_controller_test.rb
deleted file mode 100644
index 039eb27..0000000
--- a/test/functional/v1/services_controller_test.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-require 'test_helper'
-
-class V1::ServicesControllerTest < ActionController::TestCase
-
- test "anonymous user gets login required service info" do
- get :show, format: :json
- assert_json_response error: 'not_authorized_login',
- message: 'Please log in to perform that action.'
- end
-
- test "anonymous user gets vpn service info" do
- with_config allow_anonymous_certs: true do
- get :show, format: :json
- assert_json_response name: 'anonymous',
- eip_rate_limit: false,
- description: 'anonymous access to the VPN'
- end
- end
-
- test "user can see their service info" do
- login
- get :show, format: :json
- default_level = APP_CONFIG[:default_service_level]
- assert_json_response APP_CONFIG[:service_levels][default_level]
- end
-
-end
-
diff --git a/test/functional/v1/sessions_controller_test.rb b/test/functional/v1/sessions_controller_test.rb
deleted file mode 100644
index 8bb6acd..0000000
--- a/test/functional/v1/sessions_controller_test.rb
+++ /dev/null
@@ -1,62 +0,0 @@
-require 'test_helper'
-
-# This is a simple controller unit test.
-# We're stubbing out both warden and srp.
-# There's an integration test testing the full rack stack and srp
-class V1::SessionsControllerTest < ActionController::TestCase
-
- setup do
- @request.env['HTTP_HOST'] = 'api.lvh.me'
- @user = stub_record :user, {}, true
- @client_hex = 'a123'
- end
-
- test "renders json" do
- get :new, :format => :json
- assert_response :success
- assert_json_error nil
- end
-
- test "renders warden errors" do
- request.env['warden.options'] = {attempted_path: 'path/to/controller'}
- strategy = stub :message => {:field => :translate_me}
- request.env['warden'].stubs(:winning_strategy).returns(strategy)
- I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub")
- get :new, :format => :json
- assert_response 422
- assert_json_error :field => "translation stub"
- end
-
- # Warden takes care of parsing the params and
- # rendering the response. So not much to test here.
- test "should perform handshake" do
- request.env['warden'].expects(:authenticate!)
- # make sure we don't get a template missing error:
- @controller.stubs(:render)
- post :create, :login => @user.login, 'A' => @client_hex
- end
-
- test "should authenticate" do
- request.env['warden'].expects(:authenticate!)
- @controller.stubs(:current_user).returns(@user)
- handshake = stub(:to_hash => {h: "ash"})
- session[:handshake] = handshake
-
- post :update, :id => @user.login, :client_auth => @client_hex
-
- assert_nil session[:handshake]
- assert_response :success
- assert json_response.keys.include?("id")
- assert json_response.keys.include?("token")
- assert token = Token.find_by_token(json_response['token'])
- assert_equal @user.id, token.user_id
- end
-
- test "destroy should logout" do
- login
- expect_logout
- delete :destroy
- assert_response 204
- end
-
-end
diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb
deleted file mode 100644
index 1b03995..0000000
--- a/test/functional/v1/smtp_certs_controller_test.rb
+++ /dev/null
@@ -1,43 +0,0 @@
-require 'test_helper'
-
-class V1::SmtpCertsControllerTest < ActionController::TestCase
-
- test "no smtp cert without login" do
- with_config allow_anonymous_certs: true do
- post :create
- assert_login_required
- end
- end
-
- test "require service level with email" do
- login
- post :create
- assert_access_denied
- end
-
- test "send cert with username" do
- login effective_service_level: ServiceLevel.new(id: 2)
- cert = expect_cert(@current_user.email_address)
- cert.expects(:fingerprint).returns('fingerprint')
- post :create
- assert_response :success
- assert_equal cert.to_s, @response.body
- end
-
- test "fail to create cert when disabled" do
- login :enabled? => false
- post :create
- assert_access_denied
- end
-
- protected
-
- def expect_cert(email)
- cert = stub to_s: "#{email.downcase} cert",
- expiry: 1.month.from_now.utc.at_midnight
- ClientCertificate.expects(:new).
- with(:common_name => email).
- returns(cert)
- return cert
- end
-end
diff --git a/test/functional/v1/users_controller_test.rb b/test/functional/v1/users_controller_test.rb
deleted file mode 100644
index 3f7bad3..0000000
--- a/test/functional/v1/users_controller_test.rb
+++ /dev/null
@@ -1,135 +0,0 @@
-require_relative '../../test_helper'
-
-class V1::UsersControllerTest < ActionController::TestCase
-
- test "user can change settings" do
- user = find_record :user
- changed_attribs = record_attributes_for :user_with_settings
- account_settings = stub
- account_settings.expects(:update).with(changed_attribs)
- Account.expects(:new).with(user).returns(account_settings)
-
- login user
- put :update, :user => changed_attribs, :id => user.id, :format => :json
-
- assert_equal user, assigns[:user]
- assert_response 204
- assert @response.body.blank?, "Response should be blank"
- end
-
- test "admin can update user" do
- user = find_record :user
- changed_attribs = record_attributes_for :user_with_settings
- account_settings = stub
- account_settings.expects(:update).with(changed_attribs)
- Account.expects(:new).with(user).returns(account_settings)
-
- login :is_admin? => true
- put :update, :user => changed_attribs, :id => user.id, :format => :json
-
- assert_equal user, assigns[:user]
- assert_response 204
- end
-
- test "user cannot update other user" do
- user = find_record :user
- login
- put :update, id: user.id,
- user: record_attributes_for(:user_with_settings),
- :format => :json
- assert_access_denied
- end
-
- test "should create new user" do
- user_attribs = record_attributes_for :user
- user = User.new(user_attribs)
- Account.expects(:create).with(user_attribs).returns(user)
-
- post :create, :user => user_attribs, :format => :json
-
- assert_nil session[:user_id]
- assert_json_response user
- assert_response :success
- end
-
- test "should redirect to signup form on failed attempt" do
- user_attribs = record_attributes_for :user
- user_attribs.slice!('login')
- user = User.new(user_attribs)
- assert !user.valid?
- Account.expects(:create).with(user_attribs).returns(user)
-
- post :create, :user => user_attribs, :format => :json
-
- assert_json_error user.errors.messages
- assert_response 422
- end
-
- test "admin can autocomplete users" do
- login :is_admin? => true
- get :index, :query => 'a', :format => :json
-
- assert_response :success
- assert assigns(:users)
- end
-
- test "create returns forbidden if registration is closed" do
- user_attribs = record_attributes_for :user
- with_config(allow_registration: false) do
- post :create, :user => user_attribs, :format => :json
- assert_response :forbidden
- end
- end
-
- test "admin can show user" do
- user = FactoryGirl.create :user
- login :is_admin? => true
- get :show, :id => 0, :login => user.login, :format => :json
- assert_response :success
- assert_json_response user
- get :show, :id => user.id, :format => :json
- assert_response :success
- assert_json_response user
- get :show, :id => "0", :format => :json
- assert_response :not_found
- end
-
- test "normal users cannot show user" do
- user = find_record :user
- login
- get :show, :id => 0, :login => user.login, :format => :json
- assert_access_denied
- end
-
- test "api monitor auth can create and destroy test users" do
- # should work even with registration off and/or invites required
- with_config(allow_registration: false, invite_required: true) do
- monitor_auth do
- user_attribs = record_attributes_for :test_user
- post :create, :user => user_attribs, :format => :json
- assert_response :success
- delete :destroy, :id => assigns(:user).id, :format => :json
- assert_response :success
- end
- end
- end
-
- test "api monitor auth cannot create normal users" do
- monitor_auth do
- user_attribs = record_attributes_for :user
- post :create, :user => user_attribs, :format => :json
- assert_response :forbidden
- end
- end
-
- test "api monitor auth cannot delete normal users" do
- post :create, :user => record_attributes_for(:user), :format => :json
- assert_response :success
- normal_user_id = assigns(:user).id
- monitor_auth do
- delete :destroy, :id => normal_user_id, :format => :json
- assert_response :forbidden
- end
- end
-
-end