Allow key authentication when updating issues (with tests) #6447

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4366 e93f8b46-1217-0410-a6f0-8f06a7374b81
GregMefford · Nov 5, 2010 · 7d934c9 · 7d934c9
1 parent 4b1dd33
commit 7d934c9
Show file tree

Hide file tree

Showing 3 changed files with 77 additions and 56 deletions.
diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
@@ -27,7 +27,7 @@ class IssuesController < ApplicationController
   before_filter :find_optional_project, :only => [:index]
   before_filter :check_for_default_issue_status, :only => [:new, :create]
   before_filter :build_new_issue_from_params, :only => [:new, :create]
-  accept_key_auth :index, :show, :create
+  accept_key_auth :index, :show, :create, :update
 
   rescue_from Query::StatementInvalid, :with => :query_statement_invalid
 

diff --git a/test/integration/api_test/issues_test.rb b/test/integration/api_test/issues_test.rb
@@ -160,120 +160,141 @@ def setup
     end
   end
 
-  context "PUT /issues/1.xml" do
+  # Issue 6 is on a private project
+  context "PUT /issues/6.xml" do
     setup do
-      @issue_count = Issue.count
-      @journal_count = Journal.count
-      @attributes = {:subject => 'API update', :notes => 'A new note'}
-
-      put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith')
+      @parameters = {:issue => {:subject => 'API update', :notes => 'A new note'}}
+      @headers = { :authorization => credentials('jsmith') }
     end
 
-    should_respond_with :ok
-    should_respond_with_content_type 'application/xml'
+    should_allow_api_authentication(:put,
+                                    '/issues/6.xml',
+                                    {:issue => {:subject => 'API update', :notes => 'A new note'}},
+                                    {:success_code => :ok})
 
     should "not create a new issue" do
-      assert_equal Issue.count, @issue_count
+      assert_no_difference('Issue.count') do
+        put '/issues/6.xml', @parameters, @headers
+      end
     end
 
     should "create a new journal" do
-      assert_equal Journal.count, @journal_count + 1
+      assert_difference('Journal.count') do
+        put '/issues/6.xml', @parameters, @headers
+      end
     end
 
     should "add the note to the journal" do
+      put '/issues/6.xml', @parameters, @headers
+
       journal = Journal.last
       assert_equal "A new note", journal.notes
     end
 
     should "update the issue" do
-      issue = Issue.find(1)
-      @attributes.each do |attribute, value|
-        assert_equal value, issue.send(attribute) unless attribute == :notes
-      end
+      put '/issues/6.xml', @parameters, @headers
+
+      issue = Issue.find(6)
+      assert_equal "API update", issue.subject
     end
 
   end
 
-  context "PUT /issues/1.xml with failed update" do
+  context "PUT /issues/6.xml with failed update" do
     setup do
-      @attributes = {:subject => ''}
-      @issue_count = Issue.count
-      @journal_count = Journal.count
-
-      put '/issues/1.xml', {:issue => @attributes}, :authorization => credentials('jsmith')
+      @parameters = {:issue => {:subject => ''}}
+      @headers = { :authorization => credentials('jsmith') }
     end
-
-    should_respond_with :unprocessable_entity
-    should_respond_with_content_type 'application/xml'
-
+
+    should_allow_api_authentication(:put,
+                                    '/issues/6.xml',
+                                    {:issue => {:subject => ''}}, # Missing subject should fail
+                                    {:success_code => :unprocessable_entity})
+
     should "not create a new issue" do
-      assert_equal Issue.count, @issue_count
+      assert_no_difference('Issue.count') do
+        put '/issues/6.xml', @parameters, @headers
+      end
     end
 
     should "not create a new journal" do
-      assert_equal Journal.count, @journal_count
+      assert_no_difference('Journal.count') do
+        put '/issues/6.xml', @parameters, @headers
+      end
     end
 
     should "have an errors tag" do
+      put '/issues/6.xml', @parameters, @headers
+
       assert_tag :errors, :child => {:tag => 'error', :content => "Subject can't be blank"}
     end
   end
 
-  context "PUT /issues/1.json" do
+  context "PUT /issues/6.json" do
     setup do
-      @issue_count = Issue.count
-      @journal_count = Journal.count
-      @attributes = {:subject => 'API update', :notes => 'A new note'}
-
-      put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith')
+      @parameters = {:issue => {:subject => 'API update', :notes => 'A new note'}}
+      @headers = { :authorization => credentials('jsmith') }
     end
 
-    should_respond_with :ok
-    should_respond_with_content_type 'application/json'
+    should_allow_api_authentication(:put,
+                                    '/issues/6.json',
+                                    {:issue => {:subject => 'API update', :notes => 'A new note'}},
+                                    {:success_code => :ok})
 
     should "not create a new issue" do
-      assert_equal Issue.count, @issue_count
+      assert_no_difference('Issue.count') do
+        put '/issues/6.json', @parameters, @headers
+      end
     end
 
     should "create a new journal" do
-      assert_equal Journal.count, @journal_count + 1
+      assert_difference('Journal.count') do
+        put '/issues/6.json', @parameters, @headers
+      end
     end
 
     should "add the note to the journal" do
+      put '/issues/6.json', @parameters, @headers
+
       journal = Journal.last
       assert_equal "A new note", journal.notes
     end
 
     should "update the issue" do
-      issue = Issue.find(1)
-      @attributes.each do |attribute, value|
-        assert_equal value, issue.send(attribute) unless attribute == :notes
-      end
+      put '/issues/6.json', @parameters, @headers
+
+      issue = Issue.find(6)
+      assert_equal "API update", issue.subject
     end
-
+    
   end
 
-  context "PUT /issues/1.json with failed update" do
+  context "PUT /issues/6.json with failed update" do
     setup do
-      @attributes = {:subject => ''}
-      @issue_count = Issue.count
-      @journal_count = Journal.count
-
-      put '/issues/1.json', {:issue => @attributes}, :authorization => credentials('jsmith')
+      @parameters = {:issue => {:subject => ''}}
+      @headers = { :authorization => credentials('jsmith') }
     end
-
-    should_respond_with :unprocessable_entity
-    should_respond_with_content_type 'application/json'
-
+
+    should_allow_api_authentication(:put,
+                                    '/issues/6.json',
+                                    {:issue => {:subject => ''}}, # Missing subject should fail
+                                    {:success_code => :unprocessable_entity})
+
     should "not create a new issue" do
-      assert_equal Issue.count, @issue_count
+      assert_no_difference('Issue.count') do
+        put '/issues/6.json', @parameters, @headers
+      end
     end
 
     should "not create a new journal" do
-      assert_equal Journal.count, @journal_count
+      assert_no_difference('Journal.count') do
+        put '/issues/6.json', @parameters, @headers
+      end
     end
 
     should "have an errors attribute" do
+      put '/issues/6.json', @parameters, @headers
+
       json = ActiveSupport::JSON.decode(response.body)
       assert_equal "can't be blank", json.first['subject']
     end

diff --git a/test/test_helper.rb b/test/test_helper.rb
@@ -401,8 +401,8 @@ def self.should_be_a_valid_response_string_based_on_url(url)
 
   # Checks that the response is a valid JSON string
   def self.should_be_a_valid_json_string
-    should "be a valid JSON string" do
-      assert ActiveSupport::JSON.decode(response.body)
+    should "be a valid JSON string (or empty)" do
+      assert (response.body.blank? || ActiveSupport::JSON.decode(response.body))
     end
   end