[Bps-public-commit] rt-extension-rest2 branch, dev, updated. 365f37a142c2b83f61425d25072cf2b38901bf9e
Dustin Graves
dustin at bestpractical.com
Mon Aug 1 19:53:03 EDT 2016
The branch, dev has been updated
via 365f37a142c2b83f61425d25072cf2b38901bf9e (commit)
via f93601f6e74f9512c2330bcbb18254e610ffc508 (commit)
via 9d502af0b6448a49df9f84b32591ba2aa620cab3 (commit)
via 587abbe7d3549e1e8965dd7ca33d207117a5ceee (commit)
from 5061966e7b20f35203e08cc5a5db6b725645b9b5 (commit)
Summary of changes:
t/acceptance/main.t | 7 ++-
t/acceptance/not_found.t | 3 +-
t/acceptance/tickets.t | 117 +++++++++++++++++++++++++--------------
t/lib/RT/Extension/REST2/Test.pm | 25 ++++++++-
4 files changed, 106 insertions(+), 46 deletions(-)
- Log -----------------------------------------------------------------
commit 587abbe7d3549e1e8965dd7ca33d207117a5ceee
Author: Dustin Graves <dustin at bestpractical.com>
Date: Mon Aug 1 21:41:39 2016 +0000
instead of using root user in tests, use a new user so we can test permissions without messing with root
diff --git a/t/acceptance/tickets.t b/t/acceptance/tickets.t
index b06ba09..c8b4f12 100644
--- a/t/acceptance/tickets.t
+++ b/t/acceptance/tickets.t
@@ -90,13 +90,13 @@ TODO : {
is($owner->{'type'}, 'user');
like($owner->{'_url'}, qr{/user/Nobody});
my $creator = $data->{'Creator'};
- is($creator->{'id'}, 'root');
+ is($creator->{'id'}, 'test');
is($creator->{'type'}, 'user');
- like($creator->{'_url'}, qr{/user/root});
+ like($creator->{'_url'}, qr{/user/test});
my $updated_by = $data->{'LastUpdatedBy'};
- is($updated_by->{'id'}, 'root');
+ is($updated_by->{'id'}, 'test');
is($updated_by->{'type'}, 'user');
- like($updated_by->{'_url'}, qr{/user/root});
+ like($updated_by->{'_url'}, qr{/user/test});
}
{
diff --git a/t/lib/RT/Extension/REST2/Test.pm b/t/lib/RT/Extension/REST2/Test.pm
index 16abb5d..943747c 100644
--- a/t/lib/RT/Extension/REST2/Test.pm
+++ b/t/lib/RT/Extension/REST2/Test.pm
@@ -6,6 +6,7 @@ use base 'RT::Test';
use RT::Extension::REST2;
use Test::WWW::Mechanize::PSGI;
+use RT::User;
sub mech {
my $mech = Test::WWW::Mechanize::PSGI->new(
@@ -13,6 +14,29 @@ sub mech {
);
}
-sub authorization_header { return 'Basic cm9vdDpwYXNzd29yZA==' }
+{
+ my $u;
+
+ sub authorization_header {
+ $u = _create_user() unless ($u && $u->id);
+ return 'Basic dGVzdDpwYXNzd29yZA==';
+ }
+
+ sub user {
+ $u = _create_user() unless ($u && $u->id);
+ return $u;
+ }
+
+ sub _create_user {
+ my $u = RT::User->new( RT->SystemUser );
+ $u->Create(
+ Name => 'test',
+ Password => 'password',
+ Privileged => 1,
+ );
+ $u->PrincipalObj->GrantRight( Right => 'SuperUser' );
+ return $u;
+ }
+}
1;
commit 9d502af0b6448a49df9f84b32591ba2aa620cab3
Author: Dustin Graves <dustin at bestpractical.com>
Date: Mon Aug 1 21:59:38 2016 +0000
remove wallace at reis.me email address from tests
diff --git a/t/acceptance/tickets.t b/t/acceptance/tickets.t
index c8b4f12..d435a00 100644
--- a/t/acceptance/tickets.t
+++ b/t/acceptance/tickets.t
@@ -34,7 +34,7 @@ TODO : {
{
my $payload = $json->encode({
Subject => 'Ticket creation using REST',
- From => 'wallace at reis.me',
+ From => 'test at bestpractical.com',
});
ok(my $res = $mech->post(
$rest_base_path . '/ticket',
@@ -51,7 +51,7 @@ TODO : {
{
my $payload = $json->encode({
Subject => 'Ticket creation using REST',
- From => 'wallace at reis.me',
+ From => 'test at bestpractical.com',
To => 'rt at localhost',
Queue => 'General',
Content => 'Testing ticket creation using REST API.',
commit f93601f6e74f9512c2330bcbb18254e610ffc508
Author: Dustin Graves <dustin at bestpractical.com>
Date: Mon Aug 1 23:00:38 2016 +0000
add comments to test sections and some formatting changes
diff --git a/t/acceptance/main.t b/t/acceptance/main.t
index efbe587..1484fe6 100644
--- a/t/acceptance/main.t
+++ b/t/acceptance/main.t
@@ -10,17 +10,19 @@ my $mech = RT::Extension::REST2::Test->mech;
my $rest_base_path = '/REST/2.0';
my $json = JSON->new->utf8;
+# Unauthorized without Basic Auth
{
ok(my $res = $mech->get($rest_base_path), "GET $rest_base_path");
is($res->code, 401, 'Unauthorized');
like($res->header('content-type'), qr{application/json});
ok(my $data = try { $json->decode($res->content) });
- is($data->{'message'}, 'Unauthorized');
+ is($data->{message}, 'Unauthorized');
like($res->header('www-authenticate'), qr/example\.com\s+REST\s+API/);
}
my $auth = RT::Extension::REST2::Test->authorization_header;
+# Documentation on Root Path
{
foreach my $path (($rest_base_path, "${rest_base_path}/")) {
$mech->get_ok($path, ['Authorization' => $auth]);
@@ -40,6 +42,7 @@ my $auth = RT::Extension::REST2::Test->authorization_header;
}
}
+# Allowed Methods
{
ok(my $res = $mech->post(
$rest_base_path, { param => 'value' }, 'Authorization' => $auth
@@ -48,7 +51,7 @@ my $auth = RT::Extension::REST2::Test->authorization_header;
like($res->header('allow'), qr/GET|HEAD|OPTIONS/);
like($res->header('content-type'), qr{application/json});
ok(my $data = try { $json->decode($res->content) });
- is($data->{'message'}, 'Method Not Allowed');
+ is($data->{message}, 'Method Not Allowed');
}
done_testing;
diff --git a/t/acceptance/not_found.t b/t/acceptance/not_found.t
index 560727f..614b936 100644
--- a/t/acceptance/not_found.t
+++ b/t/acceptance/not_found.t
@@ -16,9 +16,10 @@ sub check_404 {
is($res->code, 404);
like($res->header('content-type'), qr{application/json});
ok(my $data = try { $json->decode($res->content) });
- is($data->{'message'}, 'Not Found');
+ is($data->{message}, 'Not Found');
}
+# Check Proper 404 Response
{
for (qw[/foobar /foo /index.html /ticket.do/1 /1/1]) {
my $path = $rest_base_path . $_;
diff --git a/t/acceptance/tickets.t b/t/acceptance/tickets.t
index d435a00..c0fad4b 100644
--- a/t/acceptance/tickets.t
+++ b/t/acceptance/tickets.t
@@ -10,6 +10,7 @@ my $auth = RT::Extension::REST2::Test->authorization_header;
my $rest_base_path = '/REST/2.0';
my $json = JSON->new->utf8;
+# Empty DB
{
ok(my $res = $mech->get(
$rest_base_path . '/tickets?query=id>0', 'Authorization' => $auth
@@ -17,9 +18,10 @@ my $json = JSON->new->utf8;
is($res->code, 404, 'DB empty, so no tickets found');
like($res->header('content-type'), qr{application/json});
ok(my $data = $json->decode($res->content));
- is($data->{'message'}, 'No tickets found');
+ is($data->{message}, 'No tickets found');
}
+# Parameter Validation
TODO : {
local $TODO = 'Missing param validation';
ok(my $res = $mech->post(
@@ -28,9 +30,10 @@ TODO : {
is($res->code, 400);
like($res->header('content-type'), qr{application/json});
ok(my $data = $json->decode($res->content));
- is($data->{'message'}, 'Missing required params');
+ is($data->{message}, 'Missing required params');
}
+# Missing Queue
{
my $payload = $json->encode({
Subject => 'Ticket creation using REST',
@@ -45,72 +48,77 @@ TODO : {
is($res->code, 400);
like($res->header('content-type'), qr{application/json});
ok(my $data = $json->decode($res->content));
- is($data->{'message'}, 'Could not create ticket. Queue not set');
+ is($data->{message}, 'Could not create ticket. Queue not set');
}
+# Ticket Creation
+my ($ticket_url, $ticket_id);
{
my $payload = $json->encode({
Subject => 'Ticket creation using REST',
- From => 'test at bestpractical.com',
- To => 'rt at localhost',
- Queue => 'General',
+ From => 'test at bestpractical.com',
+ To => 'rt at localhost',
+ Queue => 'General',
Content => 'Testing ticket creation using REST API.',
});
- ok(my $res = $mech->post(
- $rest_base_path . '/ticket',
- Content => $payload,
- 'Content-Type' => 'application/json; charset=utf-8',
+ ok(my $res = $mech->post( $rest_base_path . '/ticket',
+ 'Content' => $payload,
+ 'Content-Type' => 'application/json; charset=utf-8',
'Authorization' => $auth
));
is($res->code, 201);
like($res->header('content-type'), qr{application/json});
- my $new_ticket_url = $res->header('location');
- ok(my $ticket_id = $new_ticket_url =~ qr[/ticket/(\d+)]);
+ $ticket_url = $res->header('location');
+ ok($ticket_id = $ticket_url =~ qr[/ticket/(\d+)]);
+}
- $mech->get_ok($rest_base_path . $new_ticket_url,
- ['Authorization' => $auth]
+# Ticket Display
+{
+ $mech->get_ok(
+ $rest_base_path . $ticket_url, [Authorization => $auth]
);
- $res = $mech->res;
+ my $res = $mech->res;
like($res->header('content-type'), qr{application/json});
ok(my $data = $json->decode($res->content));
- is($data->{'id'}, $ticket_id);
- is($data->{'Type'}, 'ticket');
- is($data->{'Status'}, 'new');
- is($data->{'Subject'}, 'Ticket creation using REST');
- like($data->{'_url'}, qr[/ticket/$ticket_id]);
+ is($data->{id}, $ticket_id);
+ is($data->{Type}, 'ticket');
+ is($data->{Status}, 'new');
+ is($data->{Subject}, 'Ticket creation using REST');
+ like($data->{_url}, qr[/ticket/$ticket_id]);
ok(exists $data->{$_}) for qw(AdminCc TimeEstimated Started Cc
LastUpdated TimeWorked Resolved
Created Due Priority EffectiveId);
- my $queue = $data->{'Queue'};
- is($queue->{'id'}, 1);
- is($queue->{'type'}, 'queue');
- like($queue->{'_url'}, qr{/queue/1});
- my $owner = $data->{'Owner'};
- is($owner->{'id'}, 'Nobody');
- is($owner->{'type'}, 'user');
- like($owner->{'_url'}, qr{/user/Nobody});
- my $creator = $data->{'Creator'};
- is($creator->{'id'}, 'test');
- is($creator->{'type'}, 'user');
- like($creator->{'_url'}, qr{/user/test});
- my $updated_by = $data->{'LastUpdatedBy'};
- is($updated_by->{'id'}, 'test');
- is($updated_by->{'type'}, 'user');
- like($updated_by->{'_url'}, qr{/user/test});
+ my $queue = $data->{Queue};
+ is($queue->{id}, 1);
+ is($queue->{type}, 'queue');
+ like($queue->{_url}, qr{/queue/1});
+ my $owner = $data->{Owner};
+ is($owner->{id}, 'Nobody');
+ is($owner->{type}, 'user');
+ like($owner->{_url}, qr{/user/Nobody});
+ my $creator = $data->{Creator};
+ is($creator->{id}, 'test');
+ is($creator->{type}, 'user');
+ like($creator->{_url}, qr{/user/test});
+ my $updated_by = $data->{LastUpdatedBy};
+ is($updated_by->{id}, 'test');
+ is($updated_by->{type}, 'user');
+ like($updated_by->{_url}, qr{/user/test});
}
+# Ticket Search
{
$mech->get_ok(
- $rest_base_path . '/tickets?query=id>0', ['Authorization' => $auth]
+ $rest_base_path . '/tickets?query=id>0', [Authorization => $auth]
);
my $res = $mech->res;
like($res->header('content-type'), qr{application/json});
ok(my $data = $json->decode($res->content));
- is($data->{'count'}, 1);
- is($data->{'page'}, 1);
- is($data->{'per_page'}, 20);
- is($data->{'total'}, 1);
- is(scalar @{$data->{'items'}}, $data->{'count'});
+ is($data->{count}, 1);
+ is($data->{page}, 1);
+ is($data->{per_page}, 20);
+ is($data->{total}, 1);
+ is(scalar @{$data->{items}}, $data->{count});
}
done_testing;
commit 365f37a142c2b83f61425d25072cf2b38901bf9e
Author: Dustin Graves <dustin at bestpractical.com>
Date: Mon Aug 1 23:49:53 2016 +0000
remove SuperUser from test user and add CreateTicket/ShowTicket tests
diff --git a/t/acceptance/tickets.t b/t/acceptance/tickets.t
index c0fad4b..23459e0 100644
--- a/t/acceptance/tickets.t
+++ b/t/acceptance/tickets.t
@@ -9,6 +9,7 @@ my $mech = RT::Extension::REST2::Test->mech;
my $auth = RT::Extension::REST2::Test->authorization_header;
my $rest_base_path = '/REST/2.0';
my $json = JSON->new->utf8;
+my $user = RT::Extension::REST2::Test->user;
# Empty DB
{
@@ -61,12 +62,25 @@ my ($ticket_url, $ticket_id);
Queue => 'General',
Content => 'Testing ticket creation using REST API.',
});
+
+ # Rights Test - No CreateTicket
ok(my $res = $mech->post( $rest_base_path . '/ticket',
'Content' => $payload,
'Content-Type' => 'application/json; charset=utf-8',
'Authorization' => $auth
));
+ # TODO: This should return 403
+ is($res->code, 400);
+
+ # Rights Test - With CreateTicket
+ $user->PrincipalObj->GrantRight( Right => 'CreateTicket' );
+ ok($res = $mech->post( $rest_base_path . '/ticket',
+ 'Content' => $payload,
+ 'Content-Type' => 'application/json; charset=utf-8',
+ 'Authorization' => $auth
+ ));
is($res->code, 201);
+
like($res->header('content-type'), qr{application/json});
$ticket_url = $res->header('location');
ok($ticket_id = $ticket_url =~ qr[/ticket/(\d+)]);
@@ -74,10 +88,21 @@ my ($ticket_url, $ticket_id);
# Ticket Display
{
+ # Rights Test - No ShowTicket
+ $mech->get(
+ $rest_base_path . $ticket_url, 'Authorization' => $auth
+ );
+ my $res = $mech->res;
+ is($res->code, 403);
+
+ # Rights Test - With ShowTicket
+ $user->PrincipalObj->GrantRight( Right => 'ShowTicket' );
$mech->get_ok(
$rest_base_path . $ticket_url, [Authorization => $auth]
);
- my $res = $mech->res;
+ $res = $mech->res;
+ is($res->code, 200);
+
like($res->header('content-type'), qr{application/json});
ok(my $data = $json->decode($res->content));
is($data->{id}, $ticket_id);
diff --git a/t/lib/RT/Extension/REST2/Test.pm b/t/lib/RT/Extension/REST2/Test.pm
index 943747c..21da8cf 100644
--- a/t/lib/RT/Extension/REST2/Test.pm
+++ b/t/lib/RT/Extension/REST2/Test.pm
@@ -34,7 +34,6 @@ sub mech {
Password => 'password',
Privileged => 1,
);
- $u->PrincipalObj->GrantRight( Right => 'SuperUser' );
return $u;
}
}
-----------------------------------------------------------------------
More information about the Bps-public-commit
mailing list