Redmine 4.1.1
This commit is contained in:
parent
33e7b881a5
commit
3d976f1b3b
1593 changed files with 36180 additions and 19489 deletions
|
|
@ -1,5 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
# Redmine - project management software
|
||||
# Copyright (C) 2006-2017 Jean-Philippe Lang
|
||||
# Copyright (C) 2006-2019 Jean-Philippe Lang
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License
|
||||
|
|
@ -20,10 +22,13 @@ require File.expand_path('../../../test_helper', __FILE__)
|
|||
class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
||||
fixtures :users
|
||||
|
||||
def teardown
|
||||
User.current = nil
|
||||
end
|
||||
|
||||
def test_api_should_deny_without_credentials
|
||||
get '/users/current.xml'
|
||||
assert_response 401
|
||||
assert_equal User.anonymous, User.current
|
||||
assert response.headers.has_key?('WWW-Authenticate')
|
||||
end
|
||||
|
||||
|
|
@ -33,7 +38,6 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
end
|
||||
get '/users/current.xml', :headers => credentials(user.login, 'my_password')
|
||||
assert_response 200
|
||||
assert_equal user, User.current
|
||||
end
|
||||
|
||||
def test_api_should_deny_http_basic_auth_using_username_and_wrong_password
|
||||
|
|
@ -42,7 +46,6 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
end
|
||||
get '/users/current.xml', :headers => credentials(user.login, 'wrong_password')
|
||||
assert_response 401
|
||||
assert_equal User.anonymous, User.current
|
||||
end
|
||||
|
||||
def test_api_should_accept_http_basic_auth_using_api_key
|
||||
|
|
@ -50,7 +53,6 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
token = Token.create!(:user => user, :action => 'api')
|
||||
get '/users/current.xml', :headers => credentials(token.value, 'X')
|
||||
assert_response 200
|
||||
assert_equal user, User.current
|
||||
end
|
||||
|
||||
def test_api_should_deny_http_basic_auth_using_wrong_api_key
|
||||
|
|
@ -58,7 +60,6 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
token = Token.create!(:user => user, :action => 'feeds') # not the API key
|
||||
get '/users/current.xml', :headers => credentials(token.value, 'X')
|
||||
assert_response 401
|
||||
assert_equal User.anonymous, User.current
|
||||
end
|
||||
|
||||
def test_api_should_accept_auth_using_api_key_as_parameter
|
||||
|
|
@ -66,7 +67,6 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
token = Token.create!(:user => user, :action => 'api')
|
||||
get "/users/current.xml?key=#{token.value}"
|
||||
assert_response 200
|
||||
assert_equal user, User.current
|
||||
end
|
||||
|
||||
def test_api_should_deny_auth_using_wrong_api_key_as_parameter
|
||||
|
|
@ -74,7 +74,6 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
token = Token.create!(:user => user, :action => 'feeds') # not the API key
|
||||
get "/users/current.xml?key=#{token.value}"
|
||||
assert_response 401
|
||||
assert_equal User.anonymous, User.current
|
||||
end
|
||||
|
||||
def test_api_should_accept_auth_using_api_key_as_request_header
|
||||
|
|
@ -82,7 +81,6 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
token = Token.create!(:user => user, :action => 'api')
|
||||
get "/users/current.xml", :headers => {'X-Redmine-API-Key' => token.value.to_s}
|
||||
assert_response 200
|
||||
assert_equal user, User.current
|
||||
end
|
||||
|
||||
def test_api_should_deny_auth_using_wrong_api_key_as_request_header
|
||||
|
|
@ -90,7 +88,6 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
token = Token.create!(:user => user, :action => 'feeds') # not the API key
|
||||
get "/users/current.xml", :headers => {'X-Redmine-API-Key' => token.value.to_s}
|
||||
assert_response 401
|
||||
assert_equal User.anonymous, User.current
|
||||
end
|
||||
|
||||
def test_api_should_trigger_basic_http_auth_with_basic_authorization_header
|
||||
|
|
@ -106,7 +103,7 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
end
|
||||
|
||||
def test_invalid_utf8_credentials_should_not_trigger_an_error
|
||||
invalid_utf8 = "\x82".force_encoding('UTF-8')
|
||||
invalid_utf8 = "\x82"
|
||||
assert !invalid_utf8.valid_encoding?
|
||||
assert_nothing_raised do
|
||||
get '/users/current.xml', :headers => credentials(invalid_utf8, "foo")
|
||||
|
|
@ -130,7 +127,6 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
get '/users/current', :headers => {'X-Redmine-API-Key' => user.api_key, 'X-Redmine-Switch-User' => su.login}
|
||||
assert_response :success
|
||||
assert_select 'h2', :text => su.name
|
||||
assert_equal su, User.current
|
||||
end
|
||||
|
||||
def test_api_should_respond_with_412_when_trying_to_switch_to_a_invalid_user
|
||||
|
|
@ -153,6 +149,5 @@ class Redmine::ApiTest::AuthenticationTest < Redmine::ApiTest::Base
|
|||
get '/users/current', :headers => {'X-Redmine-API-Key' => user.api_key, 'X-Redmine-Switch-User' => su.login}
|
||||
assert_response :success
|
||||
assert_select 'h2', :text => user.name
|
||||
assert_equal user, User.current
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue