Merge pull request #176 from azul/feature/api-authenticated-configs

API: Authenticated access to config settings

3 files changed, 23 insertions, 26 deletions

diff --git a/test/support/assert_responses.rb b/test/support/assert_responses.rb
index 19c2768..1c9d49d 100644
--- a/test/support/assert_responses.rb
+++ b/test/support/assert_responses.rb
@@ -55,6 +55,25 @@ module AssertResponses
       get_response.headers["Content-Disposition"]
   end
 
+  def assert_login_required
+    assert_error_response :not_authorized_login, :unauthorized
+  end
+
+  def assert_access_denied
+    assert_error_response :not_authorized, :forbidden
+  end
+
+  def assert_error_response(key, status=nil)
+    message = I18n.t(key)
+    if content_type == 'application/json'
+      status ||= :unprocessable_entity
+      assert_json_response('error' => key.to_s, 'message' => message)
+      assert_response status
+    else
+      assert_equal({:alert => message}, flash.to_hash)
+    end
+  end
+
 end
 
 class ::ActionController::TestCase
diff --git a/test/support/auth_test_helper.rb b/test/support/auth_test_helper.rb
index 38c2ea1..7af3341 100644
--- a/test/support/auth_test_helper.rb
+++ b/test/support/auth_test_helper.rb
@@ -19,27 +19,9 @@ module AuthTestHelper
     return @current_user
   end
 
-  def assert_login_required
-    assert_access_denied(true, false)
-  end
-
-  def assert_access_denied(denied = true, logged_in = true)
-    if denied
-      if @response.content_type == 'application/json'
-        assert_json_response('error' => I18n.t(:not_authorized))
-        assert_response :unprocessable_entity
-      else
-        if logged_in
-          assert_equal({:alert => I18n.t(:not_authorized)}, flash.to_hash)
-          assert_redirected_to home_url
-        else
-          assert_equal({:alert => I18n.t(:not_authorized_login)}, flash.to_hash)
-          assert_redirected_to login_url
-        end
-      end
-    else
-      assert flash[:alert].blank?
-    end
+  def assert_access_granted
+    assert flash[:alert].blank?,
+      "expected to have access but there was a flash alert"
   end
 
   def expect_logout
diff --git a/test/support/rack_test.rb b/test/support/rack_test.rb
index 806339a..2c9fa9a 100644
--- a/test/support/rack_test.rb
+++ b/test/support/rack_test.rb
@@ -3,6 +3,7 @@ require_relative 'assert_responses'
 class RackTest < ActiveSupport::TestCase
   include Rack::Test::Methods
   include Warden::Test::Helpers
+  include AssertResponses
 
   CONFIG_RU = (Rails.root + 'config.ru').to_s
   OUTER_APP = Rack::Builder.parse_file(CONFIG_RU).first
@@ -11,11 +12,6 @@ class RackTest < ActiveSupport::TestCase
     OUTER_APP
   end
 
-  def assert_access_denied
-    assert_json_response('error' => I18n.t(:not_authorized))
-    assert_response :unprocessable_entity
-  end
-
   # inspired by rails 4
   # -> actionpack/lib/action_dispatch/testing/assertions/response.rb
   def assert_response(type, message = nil)