From 71dcf3f4e5d423b78b47f675297fc98b28ef3442 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 15 May 2014 11:17:47 +0200 Subject: SmtpCertsController, routes and tests --- test/functional/v1/smtp_certs_controller_test.rb | 35 ++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 test/functional/v1/smtp_certs_controller_test.rb (limited to 'test/functional') diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb new file mode 100644 index 0000000..f9ba26f --- /dev/null +++ b/test/functional/v1/smtp_certs_controller_test.rb @@ -0,0 +1,35 @@ +require 'test_helper' + +class V1::SmtpCertsControllerTest < ActionController::TestCase + + test "no smtp cert without login" do + with_config allow_anonymous_certs: true do + get :show, format: 'json' + assert_access_denied + end + end + + test "require service level with email" do + login + get :show + assert_access_denied + end + + test "send cert with username" do + login effective_service_level: ServiceLevel.new(id: 2) + cert = expect_cert(@current_user.email_address) + get :show + assert_response :success + assert_equal cert.to_s, @response.body + end + + protected + + def expect_cert(prefix) + cert = stub :to_s => "#{prefix.downcase} cert" + ClientCertificate.expects(:new). + with(:prefix => prefix). + returns(cert) + return cert + end +end -- cgit v1.2.3 From e8ba98df64cb537e85de8624c0ebb08c4135ccca Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 19 May 2014 14:50:16 +0200 Subject: minor: fix tests --- test/functional/v1/smtp_certs_controller_test.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'test/functional') diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb index f9ba26f..169f414 100644 --- a/test/functional/v1/smtp_certs_controller_test.rb +++ b/test/functional/v1/smtp_certs_controller_test.rb @@ -18,6 +18,7 @@ class V1::SmtpCertsControllerTest < ActionController::TestCase test "send cert with username" do login effective_service_level: ServiceLevel.new(id: 2) cert = expect_cert(@current_user.email_address) + cert.expects(:fingerprint).returns('fingerprint') get :show assert_response :success assert_equal cert.to_s, @response.body -- cgit v1.2.3 From 00d5adc90ccadc7f4a2a0d54a5a31a1ad02f05be Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 May 2014 09:31:36 +0200 Subject: change from GET to POST for certs We create them. let's reflect that in the verb. --- test/functional/v1/certs_controller_test.rb | 20 ++++++++++++++------ test/functional/v1/smtp_certs_controller_test.rb | 6 +++--- 2 files changed, 17 insertions(+), 9 deletions(-) (limited to 'test/functional') diff --git a/test/functional/v1/certs_controller_test.rb b/test/functional/v1/certs_controller_test.rb index fb8e9c4..ec34b01 100644 --- a/test/functional/v1/certs_controller_test.rb +++ b/test/functional/v1/certs_controller_test.rb @@ -2,26 +2,34 @@ require 'test_helper' class V1::CertsControllerTest < ActionController::TestCase - test "send unlimited cert without login" do + test "create unlimited cert without login" do with_config allow_anonymous_certs: true do cert = expect_cert('UNLIMITED') - get :show + post :create assert_response :success assert_equal cert.to_s, @response.body end end - test "send limited cert" do + test "create limited cert" do with_config allow_limited_certs: true do login cert = expect_cert('LIMITED') - get :show + post :create assert_response :success assert_equal cert.to_s, @response.body end end - test "send unlimited cert" do + test "create unlimited cert" do + login effective_service_level: ServiceLevel.new(id: 2) + cert = expect_cert('UNLIMITED') + post :create + assert_response :success + assert_equal cert.to_s, @response.body + end + + test "GET still works as an alias" do login effective_service_level: ServiceLevel.new(id: 2) cert = expect_cert('UNLIMITED') get :show @@ -30,7 +38,7 @@ class V1::CertsControllerTest < ActionController::TestCase end test "redirect if no eip service offered" do - get :show + post :create assert_response :redirect end diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb index 169f414..ae1a214 100644 --- a/test/functional/v1/smtp_certs_controller_test.rb +++ b/test/functional/v1/smtp_certs_controller_test.rb @@ -4,14 +4,14 @@ class V1::SmtpCertsControllerTest < ActionController::TestCase test "no smtp cert without login" do with_config allow_anonymous_certs: true do - get :show, format: 'json' + post :create assert_access_denied end end test "require service level with email" do login - get :show + post :create assert_access_denied end @@ -19,7 +19,7 @@ class V1::SmtpCertsControllerTest < ActionController::TestCase login effective_service_level: ServiceLevel.new(id: 2) cert = expect_cert(@current_user.email_address) cert.expects(:fingerprint).returns('fingerprint') - get :show + post :create assert_response :success assert_equal cert.to_s, @response.body end -- cgit v1.2.3 From f221e5313fe54a2efa127b547916c7c812110449 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 May 2014 09:56:11 +0200 Subject: fix test to require login --- test/functional/v1/smtp_certs_controller_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/functional') diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb index ae1a214..9281ae6 100644 --- a/test/functional/v1/smtp_certs_controller_test.rb +++ b/test/functional/v1/smtp_certs_controller_test.rb @@ -5,7 +5,7 @@ class V1::SmtpCertsControllerTest < ActionController::TestCase test "no smtp cert without login" do with_config allow_anonymous_certs: true do post :create - assert_access_denied + assert_login_required end end -- cgit v1.2.3 From 5764daae090227bf4c5967900b708392c967be47 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 1 May 2014 10:45:57 +0200 Subject: hash token with sha512 against timing attacs #3398 --- test/functional/test_helpers_test.rb | 2 +- test/functional/v1/sessions_controller_test.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'test/functional') diff --git a/test/functional/test_helpers_test.rb b/test/functional/test_helpers_test.rb index 845e516..ca85482 100644 --- a/test/functional/test_helpers_test.rb +++ b/test/functional/test_helpers_test.rb @@ -27,7 +27,7 @@ class TestHelpersTest < ActionController::TestCase def test_login_adds_token_header login token_present = @controller.authenticate_with_http_token do |token, options| - assert_equal @token.id, token + assert_equal @token.to_s, token end # authenticate_with_http_token just returns nil and does not # execute the block if there is no token. So we have to also diff --git a/test/functional/v1/sessions_controller_test.rb b/test/functional/v1/sessions_controller_test.rb index df0d681..8bb6acd 100644 --- a/test/functional/v1/sessions_controller_test.rb +++ b/test/functional/v1/sessions_controller_test.rb @@ -48,7 +48,7 @@ class V1::SessionsControllerTest < ActionController::TestCase assert_response :success assert json_response.keys.include?("id") assert json_response.keys.include?("token") - assert token = Token.find(json_response['token']) + assert token = Token.find_by_token(json_response['token']) assert_equal @user.id, token.user_id end -- cgit v1.2.3