summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2016-03-20 01:13:24 -0700
committerelijah <elijah@riseup.net>2016-03-28 16:03:54 -0700
commitc63791c7ffacb7c6cfc685e2654ffe66f0a6b185 (patch)
treebe68b1c5906d06f2669e102d99ea6ca02b7d2856 /test
parentef5f9636863a8bddb704714027c6540dc5a0b781 (diff)
api tokens: allow for special api tokens that work like session tokens but are configured in the static config, to be used for infrastructure monitoring.
Diffstat (limited to 'test')
-rw-r--r--test/integration/api/token_test.rb3
-rw-r--r--test/unit/api_token_test.rb28
2 files changed, 30 insertions, 1 deletions
diff --git a/test/integration/api/token_test.rb b/test/integration/api/token_test.rb
index ad3ac22..dafbfb7 100644
--- a/test/integration/api/token_test.rb
+++ b/test/integration/api/token_test.rb
@@ -1,4 +1,4 @@
-require 'test_helper'
+require_relative '../../test_helper'
require_relative 'srp_test'
class TokenTest < SrpTest
@@ -12,4 +12,5 @@ class TokenTest < SrpTest
token = server_auth['token']
assert Token.find(Digest::SHA512.hexdigest(token))
end
+
end
diff --git a/test/unit/api_token_test.rb b/test/unit/api_token_test.rb
new file mode 100644
index 0000000..55d7507
--- /dev/null
+++ b/test/unit/api_token_test.rb
@@ -0,0 +1,28 @@
+require_relative '../test_helper'
+
+class ApiTokenTest < ActiveSupport::TestCase
+
+ setup do
+ end
+
+ test "api token only authenticates ApiUser" do
+ token_string = APP_CONFIG['api_tokens']['test']
+ assert !token_string.nil?
+ assert !token_string.empty?
+ token = ApiToken.find_by_token(token_string)
+ user = token.authenticate
+ assert user, 'api token should authenticate'
+ assert user.is_a?(ApiUser), 'api token should return api user'
+ assert user.is_test?, 'api test token should return test user'
+ assert !user.is_admin?, 'api test token should not return admin user'
+ end
+
+ test "invalid api tokens can't authenticate" do
+ assert_nil ApiToken.find_by_token("not a token")
+ with_config({"api_tokens" => {"test" => ""}}) do
+ assert_equal "", APP_CONFIG['api_tokens']['test']
+ assert_nil ApiToken.find_by_token("")
+ end
+ end
+
+end \ No newline at end of file