[Bps-public-commit] rt-extension-rest2 branch, master, updated. 37d8be7cf9551eef657232e55099c6112ffd8006
Shawn Moore
shawn at bestpractical.com
Tue Dec 13 13:00:30 EST 2016
The branch, master has been updated
via 37d8be7cf9551eef657232e55099c6112ffd8006 (commit)
via d51360eaceb9ff5a45a2e630cdd20092fbb550d5 (commit)
via a70b180bbe8cd513f76e85ca3fbdc2aaccfb208e (commit)
via 1ca8448a17db9b86615d46e7648fd15bb544865b (commit)
via 2c9abfb0fcbbb2e6d2ed2d746da26a028ac5e6f0 (commit)
from 4a378e48e58a59e0aec26b4e2bbfd1cf9e76d01b (commit)
Summary of changes:
lib/RT/Extension/REST2/Resource/Ticket.pm | 6 ++
t/main.t | 57 -------------
t/not_found.t | 38 ++-------
t/root.t | 58 +++++++++++++
t/tickets.t | 134 ++++++++++++++----------------
5 files changed, 135 insertions(+), 158 deletions(-)
delete mode 100644 t/main.t
create mode 100644 t/root.t
- Log -----------------------------------------------------------------
commit 2c9abfb0fcbbb2e6d2ed2d746da26a028ac5e6f0
Author: Shawn M Moore <shawn at bestpractical.com>
Date: Tue Dec 13 17:22:51 2016 +0000
Clarify t/main.t (and rename it to t/root.t)
It's only testing the root (/) endpoint, so "main" is a bit misleading
diff --git a/t/main.t b/t/main.t
deleted file mode 100644
index 1484fe6..0000000
--- a/t/main.t
+++ /dev/null
@@ -1,57 +0,0 @@
-use strict;
-use warnings;
-use lib 't/lib';
-use RT::Extension::REST2::Test tests => undef;
-use JSON;
-use Try::Tiny;
-
-my $mech = RT::Extension::REST2::Test->mech;
-
-my $rest_base_path = '/REST/2.0';
-my $json = JSON->new->utf8;
-
-# Unauthorized without Basic Auth
-{
- ok(my $res = $mech->get($rest_base_path), "GET $rest_base_path");
- is($res->code, 401, 'Unauthorized');
- like($res->header('content-type'), qr{application/json});
- ok(my $data = try { $json->decode($res->content) });
- is($data->{message}, 'Unauthorized');
- like($res->header('www-authenticate'), qr/example\.com\s+REST\s+API/);
-}
-
-my $auth = RT::Extension::REST2::Test->authorization_header;
-
-# Documentation on Root Path
-{
- foreach my $path (($rest_base_path, "${rest_base_path}/")) {
- $mech->get_ok($path, ['Authorization' => $auth]);
- my $res = $mech->response;
- like($res->header('content-type'), qr{text/html});
- my $content = $res->content;
- # this is a temp solution as for main doc
- # TODO: write an end user aimed documentation
- like($content, qr/RT\-Extension\-REST2/);
- like($content, qr/NAME/);
- like($content, qr/INSTALLATION/);
- like($content, qr/USAGE/);
-
- ok($res = $mech->head($path, 'Authorization' => $auth),
- "HEAD $path");
- is($res->code, 200);
- }
-}
-
-# Allowed Methods
-{
- ok(my $res = $mech->post(
- $rest_base_path, { param => 'value' }, 'Authorization' => $auth
- ), "POST $rest_base_path");
- is($res->code, 405);
- like($res->header('allow'), qr/GET|HEAD|OPTIONS/);
- like($res->header('content-type'), qr{application/json});
- ok(my $data = try { $json->decode($res->content) });
- is($data->{message}, 'Method Not Allowed');
-}
-
-done_testing;
diff --git a/t/root.t b/t/root.t
new file mode 100644
index 0000000..214f366
--- /dev/null
+++ b/t/root.t
@@ -0,0 +1,58 @@
+use strict;
+use warnings;
+use lib 't/lib';
+use RT::Extension::REST2::Test tests => undef;
+use JSON;
+
+my $mech = RT::Extension::REST2::Test->mech;
+
+my $rest_base_path = '/REST/2.0';
+my $json = JSON->new->utf8;
+
+# Unauthorized without Basic Auth
+{
+ my $res = $mech->get($rest_base_path);
+ is($res->code, 401, 'Unauthorized');
+ is($res->header('content-type'), 'application/json; charset=utf-8');
+ is($res->header('www-authenticate'), 'Basic realm="example.com REST API"');
+ my $content = $json->decode($res->content);
+ is($content->{message}, 'Unauthorized');
+}
+
+my $auth = RT::Extension::REST2::Test->authorization_header;
+
+# Documentation on Root Path
+{
+ for my $path ($rest_base_path, "$rest_base_path/") {
+ my $res = $mech->get($path, 'Authorization' => $auth);
+ is($res->code, 200);
+ is($res->header('content-type'), 'text/html; charset=utf-8');
+
+ # this is a temp solution as for main doc
+ # TODO: write an end user aimed documentation
+ $mech->content_like(qr/RT\-Extension\-REST2/);
+ $mech->content_like(qr/NAME/);
+ $mech->content_like(qr/INSTALLATION/);
+ $mech->content_like(qr/USAGE/);
+
+ $res = $mech->head($path, 'Authorization' => $auth);
+ is($res->code, 200);
+ is($res->header('content-type'), 'text/html; charset=utf-8');
+ }
+}
+
+# Allowed Methods
+{
+ my $res = $mech->post(
+ $rest_base_path,
+ { param => 'value' },
+ 'Authorization' => $auth,
+ );
+ is($res->code, 405);
+ is($res->header('allow'), 'GET,HEAD,OPTIONS');
+ is($res->header('content-type'), 'application/json; charset=utf-8');
+ my $content = $json->decode($res->content);
+ is($content->{message}, 'Method Not Allowed');
+}
+
+done_testing;
commit 1ca8448a17db9b86615d46e7648fd15bb544865b
Author: Shawn M Moore <shawn at bestpractical.com>
Date: Tue Dec 13 17:27:59 2016 +0000
Clarify 404 tests
diff --git a/t/not_found.t b/t/not_found.t
index 614b936..a152b2d 100644
--- a/t/not_found.t
+++ b/t/not_found.t
@@ -3,49 +3,27 @@ use warnings;
use lib 't/lib';
use RT::Extension::REST2::Test tests => undef;
use JSON;
-use Try::Tiny;
my $mech = RT::Extension::REST2::Test->mech;
-
my $auth = RT::Extension::REST2::Test->authorization_header;
my $rest_base_path = '/REST/2.0';
my $json = JSON->new->utf8;
-sub check_404 {
+sub is_404 {
+ local $Test::Builder::Level = $Test::Builder::Level + 1;
my $res = shift;
is($res->code, 404);
- like($res->header('content-type'), qr{application/json});
- ok(my $data = try { $json->decode($res->content) });
- is($data->{message}, 'Not Found');
+ is($res->header('content-type'), 'application/json; charset=utf-8');
+ my $content = $json->decode($res->content);
+ is($content->{message}, 'Not Found');
}
-# Check Proper 404 Response
+# Proper 404 Response
{
for (qw[/foobar /foo /index.html /ticket.do/1 /1/1]) {
my $path = $rest_base_path . $_;
- ok(my $res = $mech->get($path, 'Authorization' => $auth),
- "GET $path");
- check_404($res);
-
- ok($res = $mech->post(
- $path, { param => 'value' }, 'Authorization' => $auth
- ), "POST $path");
- check_404($res);
- }
-}
-
-TODO : {
- local $TODO = 'Merge endpoints';
- for (qw[/ticket /queue /user]) { # should be changed to the plural form
- my $path = $rest_base_path . $_;
- ok(my $res = $mech->get($path, 'Authorization' => $auth),
- "GET $path");
- check_404($res);
-
- ok($res = $mech->post(
- $path, { param => 'value' }, 'Authorization' => $auth
- ), "POST $path");
- check_404($res);
+ is_404($mech->get($path, 'Authorization' => $auth));
+ is_404($mech->post($path, { param => 'value' }, 'Authorization' => $auth));
}
}
commit a70b180bbe8cd513f76e85ca3fbdc2aaccfb208e
Author: Shawn M Moore <shawn at bestpractical.com>
Date: Tue Dec 13 17:46:12 2016 +0000
Fix failing test due to warning in t/tickets.t
$ticket->CurrentUserCanSee with no arguments generates a warning,
so have the Ticket resource check ShowTicket directly
diff --git a/lib/RT/Extension/REST2/Resource/Ticket.pm b/lib/RT/Extension/REST2/Resource/Ticket.pm
index 6995ffc..8ea6370 100644
--- a/lib/RT/Extension/REST2/Resource/Ticket.pm
+++ b/lib/RT/Extension/REST2/Resource/Ticket.pm
@@ -17,6 +17,12 @@ sub create_record {
return ($ok, $msg);
}
+sub forbidden {
+ my $self = shift;
+ return 0 unless $self->record->id;
+ return !$self->record->CurrentUserHasRight('ShowTicket');
+}
+
__PACKAGE__->meta->make_immutable;
1;
commit d51360eaceb9ff5a45a2e630cdd20092fbb550d5
Author: Shawn M Moore <shawn at bestpractical.com>
Date: Tue Dec 13 17:50:45 2016 +0000
Remove parameter validation todo tests
This is basically the same as the following test for lack of queue,
except that it fails due to unrelated reasons (providing an invalid
content-type)
diff --git a/t/tickets.t b/t/tickets.t
index 663afcf..a5cfdc8 100644
--- a/t/tickets.t
+++ b/t/tickets.t
@@ -21,18 +21,6 @@ my $user = RT::Extension::REST2::Test->user;
is($data->{count}, 0);
}
-# Parameter Validation
-TODO : {
- local $TODO = 'Missing param validation';
- ok(my $res = $mech->post(
- $rest_base_path . '/ticket', {}, 'Authorization' => $auth
- ));
- is($res->code, 400);
- like($res->header('content-type'), qr{application/json});
- ok(my $data = $json->decode($res->content));
- is($data->{message}, 'Missing required params');
-}
-
# Missing Queue
{
my $payload = $json->encode({
commit 37d8be7cf9551eef657232e55099c6112ffd8006
Author: Shawn M Moore <shawn at bestpractical.com>
Date: Tue Dec 13 18:00:23 2016 +0000
Simplify and clarify tickets tests
diff --git a/t/tickets.t b/t/tickets.t
index a5cfdc8..7519af1 100644
--- a/t/tickets.t
+++ b/t/tickets.t
@@ -13,30 +13,29 @@ my $user = RT::Extension::REST2::Test->user;
# Empty DB
{
- ok(my $res = $mech->get(
- $rest_base_path . '/tickets?query=id>0', 'Authorization' => $auth
- ));
- like($res->header('content-type'), qr{application/json});
- ok(my $data = $json->decode($res->content));
- is($data->{count}, 0);
+ my $res = $mech->get("$rest_base_path/tickets?query=id>0",
+ 'Authorization' => $auth,
+ );
+ is($res->header('content-type'), 'application/json; charset="utf-8"');
+ my $content = $json->decode($res->content);
+ is($content->{count}, 0);
}
# Missing Queue
{
my $payload = $json->encode({
Subject => 'Ticket creation using REST',
- From => 'test at bestpractical.com',
+ From => 'test at bestpractical.com',
});
- ok(my $res = $mech->post(
- $rest_base_path . '/ticket',
- Content => $payload,
- 'Content-Type' => 'application/json; charset=utf-8',
- 'Authorization' => $auth
- ));
+ my $res = $mech->post("$rest_base_path/ticket",
+ Content => $payload,
+ 'Content-Type' => 'application/json; charset=utf-8',
+ 'Authorization' => $auth,
+ );
is($res->code, 400);
- like($res->header('content-type'), qr{application/json});
- ok(my $data = $json->decode($res->content));
- is($data->{message}, 'Could not create ticket. Queue not set');
+ is($res->header('content-type'), 'application/json; charset=utf-8');
+ my $content = $json->decode($res->content);
+ is($content->{message}, 'Could not create ticket. Queue not set');
}
# Ticket Creation
@@ -51,86 +50,91 @@ my ($ticket_url, $ticket_id);
});
# Rights Test - No CreateTicket
- ok(my $res = $mech->post( $rest_base_path . '/ticket',
+ my $res = $mech->post("$rest_base_path/ticket",
'Content' => $payload,
'Content-Type' => 'application/json; charset=utf-8',
- 'Authorization' => $auth
- ));
+ 'Authorization' => $auth,
+ );
# TODO: This should return 403
is($res->code, 400);
# Rights Test - With CreateTicket
$user->PrincipalObj->GrantRight( Right => 'CreateTicket' );
- ok($res = $mech->post( $rest_base_path . '/ticket',
+ $res = $mech->post("$rest_base_path/ticket",
'Content' => $payload,
'Content-Type' => 'application/json; charset=utf-8',
- 'Authorization' => $auth
- ));
+ 'Authorization' => $auth,
+ );
is($res->code, 201);
- like($res->header('content-type'), qr{application/json});
- $ticket_url = $res->header('location');
+ is($res->header('content-type'), 'application/json; charset="utf-8"');
+ ok($ticket_url = $res->header('location'));
ok($ticket_id = $ticket_url =~ qr[/ticket/(\d+)]);
}
# Ticket Display
{
# Rights Test - No ShowTicket
- $mech->get(
- $ticket_url, 'Authorization' => $auth
+ my $res = $mech->get($ticket_url,
+ 'Authorization' => $auth,
);
- my $res = $mech->res;
is($res->code, 403);
+}
- # Rights Test - With ShowTicket
+# Rights Test - With ShowTicket
+{
$user->PrincipalObj->GrantRight( Right => 'ShowTicket' );
- $mech->get_ok(
- $ticket_url, [Authorization => $auth]
+
+ my $res = $mech->get($ticket_url,
+ 'Authorization' => $auth,
);
- $res = $mech->res;
is($res->code, 200);
- like($res->header('content-type'), qr{application/json});
- ok(my $data = $json->decode($res->content));
- is($data->{id}, $ticket_id);
- is($data->{Type}, 'ticket');
- is($data->{Status}, 'new');
- is($data->{Subject}, 'Ticket creation using REST');
- like($data->{_url}, qr[/ticket/$ticket_id]);
- ok(exists $data->{$_}) for qw(AdminCc TimeEstimated Started Cc
- LastUpdated TimeWorked Resolved
- Created Due Priority EffectiveId);
- my $queue = $data->{Queue};
+ is($res->header('content-type'), 'application/json; charset="utf-8"');
+ my $content = $json->decode($res->content);
+ is($content->{id}, $ticket_id);
+ is($content->{Type}, 'ticket');
+ is($content->{Status}, 'new');
+ is($content->{Subject}, 'Ticket creation using REST');
+ like($content->{_url}, qr[$rest_base_path/ticket/$ticket_id$]);
+ ok(exists $content->{$_}) for qw(AdminCc TimeEstimated Started Cc
+ LastUpdated TimeWorked Resolved
+ Created Due Priority EffectiveId);
+
+ my $queue = $content->{Queue};
is($queue->{id}, 1);
is($queue->{type}, 'queue');
- like($queue->{_url}, qr{/queue/1});
- my $owner = $data->{Owner};
+ like($queue->{_url}, qr{$rest_base_path/queue/1$});
+
+ my $owner = $content->{Owner};
is($owner->{id}, 'Nobody');
is($owner->{type}, 'user');
- like($owner->{_url}, qr{/user/Nobody});
- my $creator = $data->{Creator};
+ like($owner->{_url}, qr{$rest_base_path/user/Nobody$});
+
+ my $creator = $content->{Creator};
is($creator->{id}, 'test');
is($creator->{type}, 'user');
- like($creator->{_url}, qr{/user/test});
- my $updated_by = $data->{LastUpdatedBy};
+ like($creator->{_url}, qr{$rest_base_path/user/test$});
+
+ my $updated_by = $content->{LastUpdatedBy};
is($updated_by->{id}, 'test');
is($updated_by->{type}, 'user');
- like($updated_by->{_url}, qr{/user/test});
+ like($updated_by->{_url}, qr{$rest_base_path/user/test$});
}
# Ticket Search
{
- $mech->get_ok(
- $rest_base_path . '/tickets?query=id>0', [Authorization => $auth]
+ my $res = $mech->get("$rest_base_path/tickets?query=id>0",
+ 'Authorization' => $auth,
);
- my $res = $mech->res;
- like($res->header('content-type'), qr{application/json});
- ok(my $data = $json->decode($res->content));
- is($data->{count}, 1);
- is($data->{page}, 1);
- is($data->{per_page}, 20);
- is($data->{total}, 1);
- is(scalar @{$data->{items}}, $data->{count});
+ is($res->code, 200);
+ is($res->header('content-type'), 'application/json; charset="utf-8"');
+ my $content = $json->decode($res->content);
+ is($content->{count}, 1);
+ is($content->{page}, 1);
+ is($content->{per_page}, 20);
+ is($content->{total}, 1);
+ is(scalar @{$content->{items}}, 1);
}
done_testing;
-----------------------------------------------------------------------
More information about the Bps-public-commit
mailing list