diff options
author | Raphael Sofaer <raphael@joindiaspora.com> | 2011-06-27 23:31:47 +0400 |
---|---|---|
committer | Raphael Sofaer <raphael@joindiaspora.com> | 2011-06-27 23:31:47 +0400 |
commit | 17917528f62147c51d908b97ab24e0c47d44d807 (patch) | |
tree | 2997dafc9344b997403e46d7034905c8f09ccf84 /spec/integration/activity_streams | |
parent | 54ef22b83ebe141e00b5136a837c08a9a6c21cf3 (diff) |
IZ, RS, Move AS::Photo controller spec into integration so that rack middleware is run. Make auth failure return 401 rather than 302.
Diffstat (limited to 'spec/integration/activity_streams')
-rw-r--r-- | spec/integration/activity_streams/photos_controller_spec.rb | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/spec/integration/activity_streams/photos_controller_spec.rb b/spec/integration/activity_streams/photos_controller_spec.rb new file mode 100644 index 000000000..e95a3ae4e --- /dev/null +++ b/spec/integration/activity_streams/photos_controller_spec.rb @@ -0,0 +1,58 @@ +require 'spec_helper' + +describe ActivityStreams::PhotosController do + describe '#create' do + before do + @json = JSON.parse <<JSON + { + "activity": { + "actor": { + "url":"http://cubbi.es/daniel", + "displayName":"daniel", + "objectType":"person" + }, + "published":"2011-05-19T18:12:23Z", + "verb":"save", + "object": { + "objectType":"photo", + "url":"http://i658.photobucket.com/albums/uu308/R3b3lAp3/Swagger_dog.jpg", + "id":"http://i658.photobucket.com/albums/uu308/R3b3lAp3/Swagger_dog.jpg", + "image": { + "url":"http://i658.photobucket.com/albums/uu308/R3b3lAp3/Swagger_dog.jpg", + "width":637, + "height":469 + } + }, + "provider": { + "url":"http://cubbi.es/", + "displayName":"Cubbi.es" + } + } + } +JSON + @url = activity_streams_photos_path + end + it 'allows oauth authentication' do + token = Factory(:oauth_access_token) + post @url, @json.merge!(:oauth_token => token.access_token) + response.should be_success + end + + it 'denies an invalid oauth token' do + post @url, @json.merge!(:oauth_token => "aoijgosidjg") + response.status.should == 401 + response.body.should be_empty + end + + it 'allows token authentication' do + bob.reset_authentication_token! + post @url, @json.merge!(:auth_token => bob.authentication_token) + response.should be_success + end + + it 'correctly denies an invalid token' do + post @url, @json.merge!(:auth_token => "iudsfghpsdifugh") + response.status.should == 401 + end + end +end |