|
|
|
@ -1372,15 +1372,24 @@ describe Carto::Api::VisualizationsController do
|
|
|
|
|
response['likes'].should eq nil
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns a specific error for password-protected visualizations' do
|
|
|
|
|
it 'returns a specific error for password-protected visualizations and required, public information' do
|
|
|
|
|
@visualization.privacy = Carto::Visualization::PRIVACY_PROTECTED
|
|
|
|
|
@visualization.password = 'wadus'
|
|
|
|
|
@visualization.save!
|
|
|
|
|
@visualization.user.update_attribute(:google_maps_key, 'waaaaadus')
|
|
|
|
|
|
|
|
|
|
expected_visualization_info = {
|
|
|
|
|
privacy: @visualization.privacy,
|
|
|
|
|
user: {
|
|
|
|
|
google_maps_query_string: @visualization.user.google_maps_query_string
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
get_json api_v1_visualizations_show_url(id: @visualization.id) do |response|
|
|
|
|
|
response.status.should eq 403
|
|
|
|
|
response.body[:errors].should eq "Visualization not viewable"
|
|
|
|
|
response.body[:errors_cause].should eq "privacy_password"
|
|
|
|
|
response.body[:visualization].should eq expected_visualization_info
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
@ -1551,6 +1560,7 @@ describe Carto::Api::VisualizationsController do
|
|
|
|
|
response.body[:description].should_not be_nil
|
|
|
|
|
|
|
|
|
|
# Optional information requiring parameters
|
|
|
|
|
response.body[:user].should eq nil
|
|
|
|
|
response.body[:liked].should eq nil
|
|
|
|
|
response.body[:likes].should eq 0
|
|
|
|
|
response.body[:stats].should be_empty
|
|
|
|
@ -1566,15 +1576,21 @@ describe Carto::Api::VisualizationsController do
|
|
|
|
|
show_likes: true,
|
|
|
|
|
show_permission: true,
|
|
|
|
|
show_auth_tokens: true,
|
|
|
|
|
show_stats: true
|
|
|
|
|
show_stats: true,
|
|
|
|
|
fetch_user: true,
|
|
|
|
|
show_user_basemaps: true
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
get_json url do |response|
|
|
|
|
|
response.status.should eq 200
|
|
|
|
|
response.body[:user].should_not be_nil
|
|
|
|
|
response.body[:liked].should eq false
|
|
|
|
|
response.body[:likes].should eq 0
|
|
|
|
|
response.body[:stats].should_not be_empty
|
|
|
|
|
|
|
|
|
|
response_user = response.body[:user]
|
|
|
|
|
response_user[:basemaps].should be_nil # Even if requested, because it's not public
|
|
|
|
|
|
|
|
|
|
permission = response.body[:permission]
|
|
|
|
|
permission.should_not eq nil
|
|
|
|
|
permission[:owner].should_not eq nil
|
|
|
|
@ -1590,6 +1606,23 @@ describe Carto::Api::VisualizationsController do
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'not only returns public information for authenticated requests' do
|
|
|
|
|
url = api_v1_visualizations_show_url(
|
|
|
|
|
id: @visualization.id,
|
|
|
|
|
fetch_user: true,
|
|
|
|
|
show_user_basemaps: true,
|
|
|
|
|
api_key: @visualization.user.api_key
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
get_json url do |response|
|
|
|
|
|
response.status.should eq 200
|
|
|
|
|
response.body[:user].should_not be_nil
|
|
|
|
|
|
|
|
|
|
response_user = response.body[:user]
|
|
|
|
|
response_user[:basemaps].should_not be_empty
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns auth_tokens for password protected visualizations if correct password is provided' do
|
|
|
|
|
password = 'wadus'
|
|
|
|
|
@visualization.privacy = Carto::Visualization::PRIVACY_PROTECTED
|
|
|
|
|