85 lines
2.9 KiB
Ruby
85 lines
2.9 KiB
Ruby
require 'spec_helper_min'
|
|
require 'support/helpers'
|
|
|
|
describe Carto::Api::Public::UsersController do
|
|
include Warden::Test::Helpers
|
|
include HelperMethods
|
|
|
|
before(:all) do
|
|
@user = FactoryGirl.create(:valid_user)
|
|
@org = FactoryGirl.create(:organization_with_users)
|
|
@org_user = FactoryGirl.create(:valid_user, name: 'wa', last_name: 'dus', organization: @org)
|
|
end
|
|
|
|
before(:each) do
|
|
host! "#{@user.username}.localhost.lan"
|
|
end
|
|
|
|
after(:all) do
|
|
@user.destroy
|
|
@org_user.destroy
|
|
@org.destroy
|
|
end
|
|
|
|
describe '#me_public' do
|
|
it 'works with master api_key' do
|
|
get_json api_v4_users_me_url(api_key: @user.api_key) do |response|
|
|
expect(response.status).to eq(200)
|
|
expect(response.body[:username]).to eq(@user.username)
|
|
end
|
|
end
|
|
|
|
it 'works with regular api_key' do
|
|
api_key = FactoryGirl.create(:oauth_api_key, user_id: @user.id)
|
|
|
|
get_json api_v4_users_me_url(api_key: api_key.token) do |response|
|
|
expect(response.status).to eq(200)
|
|
expect(response.body[:username]).to eq(@user.username)
|
|
end
|
|
end
|
|
|
|
it 'return 401 without api_key' do
|
|
get_json api_v4_users_me_url do |response|
|
|
expect(response.status).to eq(401)
|
|
end
|
|
end
|
|
|
|
it 'return 401 with cookie auth' do
|
|
login_as(@user, scope: @user.username)
|
|
get_json api_v4_users_me_url do |response|
|
|
expect(response.status).to eq(401)
|
|
end
|
|
end
|
|
|
|
it 'returns user public profile with user:profile grants' do
|
|
host! "#{@org_user.username}.localhost.lan"
|
|
api_key = FactoryGirl.create(:oauth_api_key_user_profile_grant, user_id: @org_user.id)
|
|
|
|
get_json api_v4_users_me_url(api_key: api_key.token) do |response|
|
|
expect(response.status).to eq(200)
|
|
expect(response.body[:username]).to eq(@org_user.username)
|
|
expect(response.body[:organization][:name]).to eq(@org_user.organization.name)
|
|
expect(response.body[:first_name]).to eq(@org_user.name)
|
|
expect(response.body[:last_name]).to eq(@org_user.last_name)
|
|
expect(response.body[:avatar_url]).to eq(@org_user.avatar_url)
|
|
expect(response.body[:organization][:owner][:username]).to eq(@org_user.organization.owner.username)
|
|
end
|
|
end
|
|
|
|
it 'does not return user public profile without user:profile grants' do
|
|
host! "#{@org_user.username}.localhost.lan"
|
|
api_key = FactoryGirl.create(:oauth_api_key, user_id: @org_user.id)
|
|
|
|
get_json api_v4_users_me_url(api_key: api_key.token) do |response|
|
|
expect(response.status).to eq(200)
|
|
expect(response.body[:username]).to eq(@org_user.username)
|
|
expect(response.body[:organization][:name]).to eq(@org_user.organization.name)
|
|
expect(response.body[:first_name]).to be_nil
|
|
expect(response.body[:last_name]).to be_nil
|
|
expect(response.body[:avatar_url]).to be_nil
|
|
expect(response.body[:organization][:owner]).to be_nil
|
|
end
|
|
end
|
|
end
|
|
end
|