discourse/spec/controllers/application_controller_spec.rb

40 lines
1.3 KiB
Ruby
Raw Normal View History

2013-03-25 20:04:28 -05:00
require 'spec_helper'
2013-04-29 19:34:19 -05:00
describe 'api' do
before do
2013-03-25 20:04:28 -05:00
fake_key = SecureRandom.hex(32)
SiteSetting.stubs(:api_key).returns(fake_key)
end
describe PostsController do
let(:user) do
Fabricate(:user)
end
2013-04-29 19:34:19 -05:00
let(:post) do
2013-03-25 20:04:28 -05:00
Fabricate(:post)
end
2013-04-29 19:34:19 -05:00
2013-03-25 20:04:28 -05:00
# choosing an arbitrarily easy to mock trusted activity
it 'allows users with api key to bookmark posts' do
2013-04-29 19:34:19 -05:00
PostAction.expects(:act).with(user, post, PostActionType.types[:bookmark]).once
put :bookmark, bookmarked: "true", post_id: post.id, api_key: SiteSetting.api_key, api_username: user.username, format: :json
2013-03-25 20:04:28 -05:00
end
it 'disallows phonies to bookmark posts' do
2013-04-29 19:34:19 -05:00
PostAction.expects(:act).with(user, post, PostActionType.types[:bookmark]).never
lambda do
put :bookmark, bookmarked: "true", post_id: post.id, api_key: SecureRandom.hex(32), api_username: user.username, format: :json
2013-03-25 20:04:28 -05:00
end.should raise_error Discourse::NotLoggedIn
end
2013-04-29 19:34:19 -05:00
2013-03-25 20:04:28 -05:00
it 'disallows blank api' do
SiteSetting.stubs(:api_key).returns("")
2013-04-29 19:34:19 -05:00
PostAction.expects(:act).with(user, post, PostActionType.types[:bookmark]).never
lambda do
put :bookmark, bookmarked: "true", post_id: post.id, api_key: "", api_username: user.username, format: :json
2013-03-25 20:04:28 -05:00
end.should raise_error Discourse::NotLoggedIn
end
end
end