From 277f84941c8f240a0178d153d31f138f566238b3 Mon Sep 17 00:00:00 2001 From: Hagen Schink Date: Thu, 6 Feb 2014 14:13:25 +0100 Subject: [PATCH 1/2] Adds specs --- .../controllers/api/v2/authentication_spec.rb | 18 +++++ .../v2/authentication/index_api_json_spec.rb | 69 +++++++++++++++++++ .../v2/authentication/index_api_xml_spec.rb | 57 +++++++++++++++ 3 files changed, 144 insertions(+) create mode 100644 spec/views/api/v2/authentication/index_api_json_spec.rb create mode 100644 spec/views/api/v2/authentication/index_api_xml_spec.rb diff --git a/spec/controllers/api/v2/authentication_spec.rb b/spec/controllers/api/v2/authentication_spec.rb index 92b1ecf18f..ff6537d2eb 100644 --- a/spec/controllers/api/v2/authentication_spec.rb +++ b/spec/controllers/api/v2/authentication_spec.rb @@ -35,6 +35,24 @@ describe Api::V2::AuthenticationController do end it_should_behave_like "a controller action with require_login" + + describe 'authorization data' do + let(:user) { FactoryGirl.create(:user) } + + before do + User.stub(:current).and_return(user) + + fetch + end + + subject { assigns(:authorization) } + + it { expect(subject).not_to be_nil } + + it { expect(subject.authorized).to be_true } + + it { expect(subject.authorized_user_id).to eq(user.id) } + end end describe "session" do diff --git a/spec/views/api/v2/authentication/index_api_json_spec.rb b/spec/views/api/v2/authentication/index_api_json_spec.rb new file mode 100644 index 0000000000..0eae4528eb --- /dev/null +++ b/spec/views/api/v2/authentication/index_api_json_spec.rb @@ -0,0 +1,69 @@ +#-- copyright +# OpenProject is a project management system. +# Copyright (C) 2012-2013 the OpenProject Foundation (OPF) +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License version 3. +# +# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: +# Copyright (C) 2006-2013 Jean-Philippe Lang +# Copyright (C) 2010-2013 the ChiliProject Team +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# See doc/COPYRIGHT.rdoc for more details. +#++ + +require File.expand_path('../../../../../spec_helper', __FILE__) + +describe 'api/v2/authentication/index.api.rabl' do + before { params[:format] = 'json' } + + shared_examples_for 'valid authentication' do + it { expect(subject).to have_json_path('authorization') } + + it { expect(subject).to have_json_size(2).at_path('authorization') } + + it { expect(subject).to be_json_eql(content).at_path('authorization') } + end + + describe 'authentication state' do + before do + assign(:authorization, Api::V2::AuthenticationController::AuthorizationData.new(true, nil)) + + render + end + + subject { response.body } + + it_behaves_like 'valid authentication' do + let(:content) { %({"authorized": true, "authorized_user_id":null}) } + end + end + + describe 'authenticated user' do + before do + assign(:authorization, Api::V2::AuthenticationController::AuthorizationData.new(nil, 12345)) + + render + end + + subject { response.body } + + it_behaves_like 'valid authentication' do + let(:content) { %({"authorized":null, "authorized_user_id": 12345}) } + end + end +end diff --git a/spec/views/api/v2/authentication/index_api_xml_spec.rb b/spec/views/api/v2/authentication/index_api_xml_spec.rb new file mode 100644 index 0000000000..eaf186b0c1 --- /dev/null +++ b/spec/views/api/v2/authentication/index_api_xml_spec.rb @@ -0,0 +1,57 @@ +#-- copyright +# OpenProject is a project management system. +# Copyright (C) 2012-2013 the OpenProject Foundation (OPF) +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License version 3. +# +# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: +# Copyright (C) 2006-2013 Jean-Philippe Lang +# Copyright (C) 2010-2013 the ChiliProject Team +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# See doc/COPYRIGHT.rdoc for more details. +#++ + +require File.expand_path('../../../../../spec_helper', __FILE__) + +describe 'api/v2/authentication/index.api.rabl' do + before { params[:format] = 'xml' } + + describe 'authentication state' do + before do + assign(:authorization, Api::V2::AuthenticationController::AuthorizationData.new(true, nil)) + + render + end + + subject { response.body } + + it { expect(subject).to have_selector('authorization authorized', text: true) } + end + + describe 'authenticated user' do + before do + assign(:authorization, Api::V2::AuthenticationController::AuthorizationData.new(nil, 12345)) + + render + end + + subject { response.body } + + it { expect(subject).to have_selector('authorization authorized_user_id', text: 12345) } + end +end From 61d5c6fe51a4b47e58ae7c6730be006af093f2c7 Mon Sep 17 00:00:00 2001 From: Hagen Schink Date: Thu, 6 Feb 2014 14:13:36 +0100 Subject: [PATCH 2/2] Makes user id of authenticated user available --- app/controllers/api/v2/authentication_controller.rb | 4 ++++ app/views/api/v2/authentication/index.api.rabl | 6 ++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/app/controllers/api/v2/authentication_controller.rb b/app/controllers/api/v2/authentication_controller.rb index e86c3f4ffe..66f03fafdc 100644 --- a/app/controllers/api/v2/authentication_controller.rb +++ b/app/controllers/api/v2/authentication_controller.rb @@ -35,7 +35,11 @@ module Api unloadable + AuthorizationData = Struct.new(:authorized, :authorized_user_id) + def index + @authorization = AuthorizationData.new(true, User.current.id) + respond_to do |format| format.api end diff --git a/app/views/api/v2/authentication/index.api.rabl b/app/views/api/v2/authentication/index.api.rabl index dd4ecd7e09..633f44f453 100644 --- a/app/views/api/v2/authentication/index.api.rabl +++ b/app/views/api/v2/authentication/index.api.rabl @@ -25,7 +25,5 @@ # # See doc/COPYRIGHT.rdoc for more details. #++ -object :none -node :authorization do - {authorized: true} -end +object @authorization => :authorization +attributes :authorized, :authorized_user_id