diff options
author | Azul <azul@riseup.net> | 2016-05-01 10:55:33 -0300 |
---|---|---|
committer | Azul <azul@riseup.net> | 2016-05-18 20:07:41 +0200 |
commit | e05a1b0f5ae40a2aa17976b3009cd563b8e4660a (patch) | |
tree | 77774fd7e70211febaf3a15c6e3b3e7340843c11 /test/functional/v1 | |
parent | a1b494e334406660a1f49fb7de9b043493809640 (diff) |
api: allow version bumping - bump to 2
Diffstat (limited to 'test/functional/v1')
-rw-r--r-- | test/functional/v1/certs_controller_test.rb | 60 | ||||
-rw-r--r-- | test/functional/v1/identities_controller_test.rb | 24 | ||||
-rw-r--r-- | test/functional/v1/messages_controller_test.rb | 99 | ||||
-rw-r--r-- | test/functional/v1/services_controller_test.rb | 28 | ||||
-rw-r--r-- | test/functional/v1/sessions_controller_test.rb | 62 | ||||
-rw-r--r-- | test/functional/v1/smtp_certs_controller_test.rb | 43 | ||||
-rw-r--r-- | test/functional/v1/users_controller_test.rb | 135 |
7 files changed, 0 insertions, 451 deletions
diff --git a/test/functional/v1/certs_controller_test.rb b/test/functional/v1/certs_controller_test.rb deleted file mode 100644 index 04c1c86..0000000 --- a/test/functional/v1/certs_controller_test.rb +++ /dev/null @@ -1,60 +0,0 @@ -require_relative '../../test_helper' - -class V1::CertsControllerTest < ActionController::TestCase - - test "create unlimited cert without login" do - with_config allow_anonymous_certs: true do - cert = expect_cert('UNLIMITED') - post :create - assert_response :success - assert_equal cert.to_s, @response.body - end - end - - test "create limited cert" do - with_config allow_limited_certs: true do - login - cert = expect_cert('LIMITED') - post :create - assert_response :success - assert_equal cert.to_s, @response.body - end - end - - test "fail to create cert when disabled" do - login :enabled? => false - post :create - assert_access_denied - end - - test "create unlimited cert" do - login effective_service_level: ServiceLevel.new(id: 2) - cert = expect_cert('UNLIMITED') - post :create - assert_response :success - assert_equal cert.to_s, @response.body - end - - test "GET still works as an alias" do - login effective_service_level: ServiceLevel.new(id: 2) - cert = expect_cert('UNLIMITED') - get :show - assert_response :success - assert_equal cert.to_s, @response.body - end - - test "redirect if no eip service offered" do - post :create - assert_response :redirect - end - - protected - - def expect_cert(prefix) - cert = stub :to_s => "#{prefix.downcase} cert" - ClientCertificate.expects(:new). - with(:prefix => prefix). - returns(cert) - return cert - end -end diff --git a/test/functional/v1/identities_controller_test.rb b/test/functional/v1/identities_controller_test.rb deleted file mode 100644 index 6410c44..0000000 --- a/test/functional/v1/identities_controller_test.rb +++ /dev/null @@ -1,24 +0,0 @@ -require_relative '../../test_helper' - -class V1::IdentitiesControllerTest < ActionController::TestCase - - test "api monitor can fetch identity" do - monitor_auth do - identity = FactoryGirl.create :identity - get :show, :id => identity.address, :format => 'json' - assert_response :success - assert_equal identity, assigns(:identity) - - get :show, :id => "blahblahblah", :format => 'json' - assert_response :not_found - end - end - - - test "anonymous cannot fetch identity" do - identity = FactoryGirl.create :identity - get :show, :id => identity.address, :format => 'json' - assert_response :forbidden - end - -end diff --git a/test/functional/v1/messages_controller_test.rb b/test/functional/v1/messages_controller_test.rb deleted file mode 100644 index f37cca0..0000000 --- a/test/functional/v1/messages_controller_test.rb +++ /dev/null @@ -1,99 +0,0 @@ -require 'test_helper' - -class V1::MessagesControllerTest < ActionController::TestCase - - setup do - @user = FactoryGirl.build(:user) - @user.save - end - - # NOTE: the available languages for test are :en and :de - # so :es will result in english response. - - test "get the motd" do - with_config("customization_directory" => Rails.root+'test/files') do - login @user - get :index, :locale => 'es' - body = JSON.parse(response.body) - message1 = "<p>\"This\" is a <strong>very</strong> fine message. <a href=\"https://bitmask.net\">https://bitmask.net</a></p>\n" - assert_equal 2, body.size, 'there should be two messages' - assert_equal message1, body.first["text"], 'first message text should match files/motd/1.en.md' - end - end - - test "get localized motd" do - with_config("customization_directory" => Rails.root+'test/files') do - login @user - get :index, :locale => 'de' - body = JSON.parse(response.body) - message1 = "<p>Dies ist eine sehr feine Nachricht. <a href=\"https://bitmask.net\">https://bitmask.net</a></p>\n" - assert_equal message1, body.first["text"], 'first message text should match files/motd/1.de.md' - end - end - - test "get empty motd" do - login @user - get :index - assert_equal "[]", response.body, "motd response should be empty if no motd directory exists" - end - - ## - ## For now, only the static file MOTD is supported, not messages in the db. - ## so, this is disabled: - ## -=begin - setup do - InviteCodeValidator.any_instance.stubs(:validate) - @user = FactoryGirl.build(:user) - @user.save - @message = Message.new(:text => 'a test message') - @message.user_ids_to_show << @user.id - @message.save - end - - teardown do - @message.destroy - @user.destroy - end - - test "get messages for user" do - login @user - get :index - assert response.body.include? @message.text - assert response.body.include? @message.id - end - - test "mark message read for user" do - login @user - assert @message.user_ids_to_show.include?(@user.id) - assert !@message.user_ids_have_shown.include?(@user.id) - put :update, :id => @message.id - @message.reload - assert !@message.user_ids_to_show.include?(@user.id) - assert @message.user_ids_have_shown.include?(@user.id) - assert_success :marked_as_read - end - - test "do not get seen messages" do - login @user - put :update, :id => @message.id - @message.reload - get :index - assert !(response.body.include? @message.text) - assert !(response.body.include? @message.id) - end - - - test "mark read responds even with bad inputs" do - login @user - put :update, :id => 'more nonsense' - assert_not_found - end - - test "fails if not authenticated" do - get :index, :format => :json - assert_login_required - end -=end - -end diff --git a/test/functional/v1/services_controller_test.rb b/test/functional/v1/services_controller_test.rb deleted file mode 100644 index 039eb27..0000000 --- a/test/functional/v1/services_controller_test.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'test_helper' - -class V1::ServicesControllerTest < ActionController::TestCase - - test "anonymous user gets login required service info" do - get :show, format: :json - assert_json_response error: 'not_authorized_login', - message: 'Please log in to perform that action.' - end - - test "anonymous user gets vpn service info" do - with_config allow_anonymous_certs: true do - get :show, format: :json - assert_json_response name: 'anonymous', - eip_rate_limit: false, - description: 'anonymous access to the VPN' - end - end - - test "user can see their service info" do - login - get :show, format: :json - default_level = APP_CONFIG[:default_service_level] - assert_json_response APP_CONFIG[:service_levels][default_level] - end - -end - diff --git a/test/functional/v1/sessions_controller_test.rb b/test/functional/v1/sessions_controller_test.rb deleted file mode 100644 index 8bb6acd..0000000 --- a/test/functional/v1/sessions_controller_test.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'test_helper' - -# This is a simple controller unit test. -# We're stubbing out both warden and srp. -# There's an integration test testing the full rack stack and srp -class V1::SessionsControllerTest < ActionController::TestCase - - setup do - @request.env['HTTP_HOST'] = 'api.lvh.me' - @user = stub_record :user, {}, true - @client_hex = 'a123' - end - - test "renders json" do - get :new, :format => :json - assert_response :success - assert_json_error nil - end - - test "renders warden errors" do - request.env['warden.options'] = {attempted_path: 'path/to/controller'} - strategy = stub :message => {:field => :translate_me} - request.env['warden'].stubs(:winning_strategy).returns(strategy) - I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub") - get :new, :format => :json - assert_response 422 - assert_json_error :field => "translation stub" - end - - # Warden takes care of parsing the params and - # rendering the response. So not much to test here. - test "should perform handshake" do - request.env['warden'].expects(:authenticate!) - # make sure we don't get a template missing error: - @controller.stubs(:render) - post :create, :login => @user.login, 'A' => @client_hex - end - - test "should authenticate" do - request.env['warden'].expects(:authenticate!) - @controller.stubs(:current_user).returns(@user) - handshake = stub(:to_hash => {h: "ash"}) - session[:handshake] = handshake - - post :update, :id => @user.login, :client_auth => @client_hex - - assert_nil session[:handshake] - assert_response :success - assert json_response.keys.include?("id") - assert json_response.keys.include?("token") - assert token = Token.find_by_token(json_response['token']) - assert_equal @user.id, token.user_id - end - - test "destroy should logout" do - login - expect_logout - delete :destroy - assert_response 204 - end - -end diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb deleted file mode 100644 index 1b03995..0000000 --- a/test/functional/v1/smtp_certs_controller_test.rb +++ /dev/null @@ -1,43 +0,0 @@ -require 'test_helper' - -class V1::SmtpCertsControllerTest < ActionController::TestCase - - test "no smtp cert without login" do - with_config allow_anonymous_certs: true do - post :create - assert_login_required - end - end - - test "require service level with email" do - login - post :create - assert_access_denied - end - - test "send cert with username" do - login effective_service_level: ServiceLevel.new(id: 2) - cert = expect_cert(@current_user.email_address) - cert.expects(:fingerprint).returns('fingerprint') - post :create - assert_response :success - assert_equal cert.to_s, @response.body - end - - test "fail to create cert when disabled" do - login :enabled? => false - post :create - assert_access_denied - end - - protected - - def expect_cert(email) - cert = stub to_s: "#{email.downcase} cert", - expiry: 1.month.from_now.utc.at_midnight - ClientCertificate.expects(:new). - with(:common_name => email). - returns(cert) - return cert - end -end diff --git a/test/functional/v1/users_controller_test.rb b/test/functional/v1/users_controller_test.rb deleted file mode 100644 index 3f7bad3..0000000 --- a/test/functional/v1/users_controller_test.rb +++ /dev/null @@ -1,135 +0,0 @@ -require_relative '../../test_helper' - -class V1::UsersControllerTest < ActionController::TestCase - - test "user can change settings" do - user = find_record :user - changed_attribs = record_attributes_for :user_with_settings - account_settings = stub - account_settings.expects(:update).with(changed_attribs) - Account.expects(:new).with(user).returns(account_settings) - - login user - put :update, :user => changed_attribs, :id => user.id, :format => :json - - assert_equal user, assigns[:user] - assert_response 204 - assert @response.body.blank?, "Response should be blank" - end - - test "admin can update user" do - user = find_record :user - changed_attribs = record_attributes_for :user_with_settings - account_settings = stub - account_settings.expects(:update).with(changed_attribs) - Account.expects(:new).with(user).returns(account_settings) - - login :is_admin? => true - put :update, :user => changed_attribs, :id => user.id, :format => :json - - assert_equal user, assigns[:user] - assert_response 204 - end - - test "user cannot update other user" do - user = find_record :user - login - put :update, id: user.id, - user: record_attributes_for(:user_with_settings), - :format => :json - assert_access_denied - end - - test "should create new user" do - user_attribs = record_attributes_for :user - user = User.new(user_attribs) - Account.expects(:create).with(user_attribs).returns(user) - - post :create, :user => user_attribs, :format => :json - - assert_nil session[:user_id] - assert_json_response user - assert_response :success - end - - test "should redirect to signup form on failed attempt" do - user_attribs = record_attributes_for :user - user_attribs.slice!('login') - user = User.new(user_attribs) - assert !user.valid? - Account.expects(:create).with(user_attribs).returns(user) - - post :create, :user => user_attribs, :format => :json - - assert_json_error user.errors.messages - assert_response 422 - end - - test "admin can autocomplete users" do - login :is_admin? => true - get :index, :query => 'a', :format => :json - - assert_response :success - assert assigns(:users) - end - - test "create returns forbidden if registration is closed" do - user_attribs = record_attributes_for :user - with_config(allow_registration: false) do - post :create, :user => user_attribs, :format => :json - assert_response :forbidden - end - end - - test "admin can show user" do - user = FactoryGirl.create :user - login :is_admin? => true - get :show, :id => 0, :login => user.login, :format => :json - assert_response :success - assert_json_response user - get :show, :id => user.id, :format => :json - assert_response :success - assert_json_response user - get :show, :id => "0", :format => :json - assert_response :not_found - end - - test "normal users cannot show user" do - user = find_record :user - login - get :show, :id => 0, :login => user.login, :format => :json - assert_access_denied - end - - test "api monitor auth can create and destroy test users" do - # should work even with registration off and/or invites required - with_config(allow_registration: false, invite_required: true) do - monitor_auth do - user_attribs = record_attributes_for :test_user - post :create, :user => user_attribs, :format => :json - assert_response :success - delete :destroy, :id => assigns(:user).id, :format => :json - assert_response :success - end - end - end - - test "api monitor auth cannot create normal users" do - monitor_auth do - user_attribs = record_attributes_for :user - post :create, :user => user_attribs, :format => :json - assert_response :forbidden - end - end - - test "api monitor auth cannot delete normal users" do - post :create, :user => record_attributes_for(:user), :format => :json - assert_response :success - normal_user_id = assigns(:user).id - monitor_auth do - delete :destroy, :id => normal_user_id, :format => :json - assert_response :forbidden - end - end - -end |