api tokens: allow for special api tokens that work like session tokens but are configured in the static config, to be used for infrastructure monitoring.

author: elijah <elijah@riseup.net> 2016-03-20 01:13:24 -0700
committer: elijah <elijah@riseup.net> 2016-03-28 16:03:54 -0700
commit: c63791c7ffacb7c6cfc685e2654ffe66f0a6b185 (patch)
tree: be68b1c5906d06f2669e102d99ea6ca02b7d2856 /test/unit
parent: ef5f9636863a8bddb704714027c6540dc5a0b781 (diff)
1 files changed, 28 insertions, 0 deletions
diff --git a/test/unit/api_token_test.rb b/test/unit/api_token_test.rb
new file mode 100644
index 0000000..55d7507
--- /dev/null
+++ b/test/unit/api_token_test.rb
@@ -0,0 +1,28 @@
+require_relative '../test_helper'
+
+class ApiTokenTest < ActiveSupport::TestCase
+
+  setup do
+  end
+
+  test "api token only authenticates ApiUser" do
+    token_string = APP_CONFIG['api_tokens']['test']
+    assert !token_string.nil?
+    assert !token_string.empty?
+    token = ApiToken.find_by_token(token_string)
+    user = token.authenticate
+    assert user, 'api token should authenticate'
+    assert user.is_a?(ApiUser), 'api token should return api user'
+    assert user.is_test?, 'api test token should return test user'
+    assert !user.is_admin?, 'api test token should not return admin user'
+  end
+
+  test "invalid api tokens can't authenticate" do
+    assert_nil ApiToken.find_by_token("not a token")
+    with_config({"api_tokens" => {"test" => ""}}) do
+      assert_equal "", APP_CONFIG['api_tokens']['test']
+      assert_nil ApiToken.find_by_token("")
+    end
+  end
+
+end
+\ No newline at end of file
author	elijah <elijah@riseup.net>	2016-03-20 01:13:24 -0700
committer	elijah <elijah@riseup.net>	2016-03-28 16:03:54 -0700
commit	c63791c7ffacb7c6cfc685e2654ffe66f0a6b185 (patch)
tree	be68b1c5906d06f2669e102d99ea6ca02b7d2856 /test/unit
parent	ef5f9636863a8bddb704714027c6540dc5a0b781 (diff)