Add tests for OAuth2

tomhughes · Apr 22, 2021 · fa59906 · fa59906
1 parent 94509a5
commit fa59906
Show file tree

Hide file tree

Showing 8 changed files with 667 additions and 0 deletions.
diff --git a/test/controllers/oauth2_applications_controller_test.rb b/test/controllers/oauth2_applications_controller_test.rb
@@ -0,0 +1,221 @@
+require "test_helper"
+
+class Oauth2ApplicationsControllerTest < ActionDispatch::IntegrationTest
+  ##
+  # test all routes which lead to this controller
+  def test_routes
+    assert_routing(
+      { :path => "/oauth2/applications", :method => :get },
+      { :controller => "oauth2_applications", :action => "index" }
+    )
+    assert_routing(
+      { :path => "/oauth2/applications", :method => :post },
+      { :controller => "oauth2_applications", :action => "create" }
+    )
+    assert_routing(
+      { :path => "/oauth2/applications/new", :method => :get },
+      { :controller => "oauth2_applications", :action => "new" }
+    )
+    assert_routing(
+      { :path => "/oauth2/applications/1/edit", :method => :get },
+      { :controller => "oauth2_applications", :action => "edit", :id => "1" }
+    )
+    assert_routing(
+      { :path => "/oauth2/applications/1", :method => :get },
+      { :controller => "oauth2_applications", :action => "show", :id => "1" }
+    )
+    assert_routing(
+      { :path => "/oauth2/applications/1", :method => :patch },
+      { :controller => "oauth2_applications", :action => "update", :id => "1" }
+    )
+    assert_routing(
+      { :path => "/oauth2/applications/1", :method => :put },
+      { :controller => "oauth2_applications", :action => "update", :id => "1" }
+    )
+    assert_routing(
+      { :path => "/oauth2/applications/1", :method => :delete },
+      { :controller => "oauth2_applications", :action => "destroy", :id => "1" }
+    )
+  end
+
+  def test_index
+    user = create(:user)
+    create_list(:oauth_application, 2, :owner => user)
+
+    get oauth_applications_path
+    assert_response :redirect
+    assert_redirected_to login_path(:referer => oauth_applications_path)
+
+    session_for(user)
+
+    get oauth_applications_path
+    assert_response :success
+    assert_template "oauth2_applications/index"
+    assert_select "tr", 2
+  end
+
+  def test_new
+    user = create(:user)
+
+    get new_oauth_application_path
+    assert_response :redirect
+    assert_redirected_to login_path(:referer => new_oauth_application_path)
+
+    session_for(user)
+
+    get new_oauth_application_path
+    assert_response :success
+    assert_template "oauth2_applications/new"
+    assert_select "form", 1 do
+      assert_select "input#doorkeeper_application_name", 1
+      assert_select "textarea#doorkeeper_application_redirect_uri", 1
+      assert_select "input#doorkeeper_application_confidential", 1
+      Oauth.scopes.each do |scope|
+        assert_select "input#doorkeeper_application_scopes_#{scope.name}", 1
+      end
+    end
+  end
+
+  def test_create
+    user = create(:user)
+
+    assert_difference "Doorkeeper::Application.count", 0 do
+      post oauth_applications_path
+    end
+    assert_response :forbidden
+
+    session_for(user)
+
+    assert_difference "Doorkeeper::Application.count", 0 do
+      post oauth_applications_path(:doorkeeper_application => {
+                                     :name => "Test Application"
+                                   })
+    end
+    assert_response :success
+    assert_template "oauth2_applications/new"
+
+    assert_difference "Doorkeeper::Application.count", 0 do
+      post oauth_applications_path(:doorkeeper_application => {
+                                     :name => "Test Application",
+                                     :redirect_uri => "https://test.example.com/",
+                                     :scopes => ["bad_scope"]
+                                   })
+    end
+    assert_response :success
+    assert_template "oauth2_applications/new"
+
+    assert_difference "Doorkeeper::Application.count", 1 do
+      post oauth_applications_path(:doorkeeper_application => {
+                                     :name => "Test Application",
+                                     :redirect_uri => "https://test.example.com/",
+                                     :scopes => ["read_prefs"]
+                                   })
+    end
+    assert_response :redirect
+    assert_redirected_to oauth_application_path(:id => Doorkeeper::Application.find_by(:name => "Test Application").id)
+  end
+
+  def test_show
+    user = create(:user)
+    client = create(:oauth_application, :owner => user)
+    other_client = create(:oauth_application)
+
+    get oauth_application_path(:id => client)
+    assert_response :redirect
+    assert_redirected_to login_path(:referer => oauth_application_path(:id => client.id))
+
+    session_for(user)
+
+    get oauth_application_path(:id => other_client)
+    assert_response :not_found
+    assert_template "oauth2_applications/not_found"
+
+    get oauth_application_path(:id => client)
+    assert_response :success
+    assert_template "oauth2_applications/show"
+  end
+
+  def test_edit
+    user = create(:user)
+    client = create(:oauth_application, :owner => user)
+    other_client = create(:oauth_application)
+
+    get edit_oauth_application_path(:id => client)
+    assert_response :redirect
+    assert_redirected_to login_path(:referer => edit_oauth_application_path(:id => client.id))
+
+    session_for(user)
+
+    get edit_oauth_application_path(:id => other_client)
+    assert_response :not_found
+    assert_template "oauth2_applications/not_found"
+
+    get edit_oauth_application_path(:id => client)
+    assert_response :success
+    assert_template "oauth2_applications/edit"
+    assert_select "form", 1 do
+      assert_select "input#doorkeeper_application_name", 1
+      assert_select "textarea#doorkeeper_application_redirect_uri", 1
+      assert_select "input#doorkeeper_application_confidential", 1
+      Oauth.scopes.each do |scope|
+        assert_select "input#doorkeeper_application_scopes_#{scope.name}", 1
+      end
+    end
+  end
+
+  def test_update
+    user = create(:user)
+    client = create(:oauth_application, :owner => user)
+    other_client = create(:oauth_application)
+
+    put oauth_application_path(:id => client)
+    assert_response :forbidden
+
+    session_for(user)
+
+    put oauth_application_path(:id => other_client)
+    assert_response :not_found
+    assert_template "oauth2_applications/not_found"
+
+    put oauth_application_path(:id => client,
+                               :doorkeeper_application => {
+                                 :name => "New Name",
+                                 :redirect_uri => nil
+                               })
+    assert_response :success
+    assert_template "oauth2_applications/edit"
+
+    put oauth_application_path(:id => client,
+                               :doorkeeper_application => {
+                                 :name => "New Name",
+                                 :redirect_uri => "https://new.example.com/url"
+                               })
+    assert_response :redirect
+    assert_redirected_to oauth_application_path(:id => client.id)
+  end
+
+  def test_destroy
+    user = create(:user)
+    client = create(:oauth_application, :owner => user)
+    other_client = create(:oauth_application)
+
+    assert_difference "Doorkeeper::Application.count", 0 do
+      delete oauth_application_path(:id => client)
+    end
+    assert_response :forbidden
+
+    session_for(user)
+
+    assert_difference "Doorkeeper::Application.count", 0 do
+      delete oauth_application_path(:id => other_client)
+    end
+    assert_response :not_found
+    assert_template "oauth2_applications/not_found"
+
+    assert_difference "Doorkeeper::Application.count", -1 do
+      delete oauth_application_path(:id => client)
+    end
+    assert_response :redirect
+    assert_redirected_to oauth_applications_path
+  end
+end