[Jifty-commit] r5167 - in jifty/trunk: . t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth
Jifty commits
jifty-commit at lists.jifty.org
Tue Feb 26 03:36:02 EST 2008
Author: sartak
Date: Tue Feb 26 03:35:55 2008
New Revision: 5167
Added:
jifty/trunk/t/TestApp-Plugin-OAuth/t/07-read-write.t
Modified:
jifty/trunk/ (props changed)
jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
jifty/trunk/t/TestApp-Plugin-OAuth/t/06-read-only.t
Log:
r52027 at onn: sartak | 2008-02-26 03:11:20 -0500
Ensure that giving OAuth consumers write access works
Modified: jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm (original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm Tue Feb 26 03:35:55 2008
@@ -23,6 +23,7 @@
our $token_obj;
our $server;
our $URL;
+our $can_write;
sub setup {
my $class = shift;
@@ -245,7 +246,12 @@
::fail($error), return if $error;
my $name = $token_obj->consumer->name;
- $umech->content_contains("Allowing $name to read your data for 1 hour.");
+ if ($can_write) {
+ $umech->content_contains("Allowing $name to read and write your data for 1 hour.");
+ }
+ else {
+ $umech->content_contains("Allowing $name to read your data for 1 hour.");
+ }
}
sub deny_ok {
@@ -273,8 +279,10 @@
or return "Content did not much qr/If you trust this application/";
my $moniker = $umech->moniker_for('TestApp::Plugin::OAuth::Action::AuthorizeRequestToken')
or return "Unable to find moniker for AuthorizeRequestToken";
- $umech->fill_in_action($moniker, token => $token)
- or return "Unable to fill in the AuthorizeRequestToken action";
+ $umech->fill_in_action($moniker,
+ token => $token,
+ can_write => $can_write,
+ ) or return "Unable to fill in the AuthorizeRequestToken action";
$umech->click_button(value => $which_button)
or return "Unable to click $which_button button";
return;
Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/06-read-only.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/06-read-only.t (original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/06-read-only.t Tue Feb 26 03:35:55 2008
@@ -82,24 +82,6 @@
);
$cmech->content_contains("You Zer", "REST GET works while OAuthed");
# }}}
-# REST DELETE {{{
-response_is(
- url => "/=/model/User/id/$uid.yml!DELETE",
- code => 200,
- testname => "200 - protected resource request",
- consumer_secret => 'bar',
- oauth_consumer_key => 'foo',
- oauth_signature_method => 'PLAINTEXT',
- oauth_token => $token_obj->token,
- token_secret => $token_obj->secret,
-);
-
-$cmech->content_like(qr/failure: 1/, "failed to delete");
-
-my $user_copy = TestApp::Plugin::OAuth::Model::User->new(current_user => Jifty::CurrentUser->superuser);
-$user_copy->load($uid);
-is($user_copy->name, "You Zer", "REST DELETE doesn't work while the consumer has no write access");
-# }}}
# REST POST {{{
response_is(
url => "/=/model/Favorite.yml",
@@ -134,3 +116,21 @@
is($favorites->count, 1, "favorite created");
is($favorites->first->thing, 'more tests', "correct argument");
# }}}
+# REST DELETE {{{
+response_is(
+ url => "/=/model/User/id/$uid.yml!DELETE",
+ code => 200,
+ testname => "200 - protected resource request",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+ oauth_token => $token_obj->token,
+ token_secret => $token_obj->secret,
+);
+
+$cmech->content_like(qr/failure: 1/, "failed to delete");
+
+my $user_copy = TestApp::Plugin::OAuth::Model::User->new(current_user => Jifty::CurrentUser->superuser);
+$user_copy->load($uid);
+is($user_copy->name, "You Zer", "REST DELETE doesn't work while the consumer has no write access");
+# }}}
Added: jifty/trunk/t/TestApp-Plugin-OAuth/t/07-read-write.t
==============================================================================
--- (empty file)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/07-read-write.t Tue Feb 26 03:35:55 2008
@@ -0,0 +1,142 @@
+#!/usr/bin/env perl
+use warnings;
+use strict;
+
+use Test::More;
+BEGIN {
+ if (eval { require Net::OAuth::Request; require Crypt::OpenSSL::RSA; 1 }) {
+ plan tests => 28;
+ }
+ else {
+ plan skip_all => "Net::OAuth or Crypt::OpenSSL::RSA isn't installed";
+ }
+}
+
+use lib 't/lib';
+use Jifty::SubTest;
+
+use TestApp::Plugin::OAuth::Test;
+
+use Jifty::Test::WWW::Mechanize;
+
+# setup {{{
+# create two consumers {{{
+my $consumer = Jifty::Plugin::OAuth::Model::Consumer->new(current_user => Jifty::CurrentUser->superuser);
+my ($ok, $msg) = $consumer->create(
+ consumer_key => 'foo',
+ secret => 'bar',
+ name => 'FooBar Industries',
+ url => 'http://foo.bar.example.com',
+ rsa_key => $pubkey,
+);
+ok($ok, $msg);
+
+my $rsaless = Jifty::Plugin::OAuth::Model::Consumer->new(current_user => Jifty::CurrentUser->superuser);
+($ok, $msg) = $rsaless->create(
+ consumer_key => 'foo2',
+ secret => 'bar2',
+ name => 'Backwater.org',
+ url => 'http://backwater.org',
+);
+ok($ok, $msg);
+# }}}
+# create user and log in {{{
+my $u = TestApp::Plugin::OAuth::Model::User->new(current_user => TestApp::Plugin::OAuth::CurrentUser->superuser);
+$u->create( name => 'You Zer', email => 'youzer at example.com', password => 'secret', email_confirmed => 1);
+my $uid = $u->id;
+ok($uid, "New user has valid id set");
+
+$umech->get_ok($URL . '/login');
+$umech->fill_in_action_ok($umech->moniker_for('TestApp::Plugin::OAuth::Action::Login'), email => 'youzer at example.com', password => 'secret');
+$umech->submit;
+$umech->content_contains('Logout');
+# }}}
+# }}}
+# make sure we're not logged in {{{
+response_is(
+ url => '/nuke/the/whales',
+ code => 200,
+ testname => "200 - protected resource request",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+ oauth_token => 'please',
+ token_secret => 'letmein',
+);
+$cmech->content_contains("Login with a password", "redirected to login");
+$cmech->content_lacks("Press the shiny red button", "did NOT get to a protected page");
+# }}}}
+# REST GET {{{
+do {
+ local $TestApp::Plugin::OAuth::Test::can_write = 1;
+ get_access_token();
+};
+
+response_is(
+ url => "/=/model/User/id/$uid.yml",
+ code => 200,
+ method => 'GET',
+ testname => "200 - protected resource request",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+ oauth_token => $token_obj->token,
+ token_secret => $token_obj->secret,
+);
+$cmech->content_contains("You Zer", "REST GET works while OAuthed");
+# }}}
+# REST POST {{{
+response_is(
+ url => "/=/model/Favorite.yml",
+ thing => 'tests',
+ code => 200,
+ testname => "200 - protected resource request",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+ oauth_token => $token_obj->token,
+ token_secret => $token_obj->secret,
+);
+
+$cmech->content_unlike(qr/failure: 1/, "created");
+
+my $favorites = TestApp::Plugin::OAuth::Model::FavoriteCollection->new(
+ current_user => Jifty::CurrentUser->superuser,
+);
+$favorites->unlimit;
+is($favorites->count, 1, "no favorites found");
+is($favorites->first->thing, 'tests', "correct argument");
+# }}}
+# user REST POST {{{
+$umech->post("$URL/=/model/Favorite.yml",
+ { thing => 'more tests' },
+);
+$umech->content_contains("success: 1", "created a favorite");
+
+$favorites = TestApp::Plugin::OAuth::Model::FavoriteCollection->new(
+ current_user => Jifty::CurrentUser->superuser,
+);
+$favorites->unlimit;
+is($favorites->count, 2, "favorite created");
+# }}}
+# REST DELETE {{{
+response_is(
+ url => "/=/model/User/id/$uid.yml!DELETE",
+ code => 200,
+ testname => "200 - protected resource request",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+ oauth_token => $token_obj->token,
+ token_secret => $token_obj->secret,
+);
+
+$cmech->content_unlike(qr/failure: 1/, "failed to delete");
+
+Jifty::Record->flush_cache if Jifty::Record->can('flush_cache');
+
+my $user_copy = TestApp::Plugin::OAuth::Model::User->new(current_user => Jifty::CurrentUser->superuser);
+$user_copy->load($uid);
+is($user_copy->name, undef, "REST DELETE works while consumer has write access");
+# }}}
+
More information about the Jifty-commit
mailing list