1 files changed, 66 insertions, 0 deletions

diff --git a/test/functional/api/certs_controller_test.rb b/test/functional/api/certs_controller_test.rb
new file mode 100644
index 0000000..25ceb8e
--- /dev/null
+++ b/test/functional/api/certs_controller_test.rb
@@ -0,0 +1,66 @@
+require 'test_helper'
+
+class Api::CertsControllerTest < ApiControllerTest
+
+  test "create unlimited cert without login" do
+    with_config allow_anonymous_certs: true do
+      cert = expect_cert('UNLIMITED')
+      api_post :create
+      assert_response :success
+      assert_equal cert.to_s, @response.body
+    end
+  end
+
+  test "create limited cert" do
+    with_config allow_limited_certs: true do
+      login
+      cert = expect_cert('LIMITED')
+      api_post :create
+      assert_response :success
+      assert_equal cert.to_s, @response.body
+    end
+  end
+
+  test "fail to create cert when disabled" do
+    login :enabled? => false
+    api_post :create
+    assert_access_denied
+  end
+
+  test "create unlimited cert" do
+    login effective_service_level: ServiceLevel.new(id: 2)
+    cert = expect_cert('UNLIMITED')
+    api_post :create
+    assert_response :success
+    assert_equal cert.to_s, @response.body
+  end
+
+  test "GET still works as an alias" do
+    login effective_service_level: ServiceLevel.new(id: 2)
+    cert = expect_cert('UNLIMITED')
+    api_get :show
+    assert_response :success
+    assert_equal cert.to_s, @response.body
+  end
+
+  test "redirect if no eip service offered" do
+    api_post :create
+    assert_response :redirect
+  end
+
+  protected
+
+  def expect_cert(prefix)
+    cert = stub :to_s => "#{prefix.downcase} cert"
+    ClientCertificate.expects(:new).
+      with(:prefix => prefix).
+      returns(cert)
+    return cert
+  end
+
+  # overwrite defaults from ApiController because we don't do json here.
+  def add_api_defaults(args)
+    add_defaults args, version: '2'
+  end
+
+end