+ test "requesting to the API server includes client_session_id param" do
+ use_token :active do
+ fixture = api_fixture("collections")["foo_collection_in_aproject"]
+ c = Collection.find(fixture['uuid'])
+
+ got_query = nil
+ stub_api_calls
+ stub_api_client.expects(:post).with do |url, query, opts={}|
+ got_query = query
+ true
+ end.returns fake_api_response('{}', 200, {})
+ c.name = "name change for testing"
+ c.save
+
+ assert_includes got_query, 'client_session_id'
+ assert_match /\d{10}-\d{9}/, got_query['client_session_id']
+ end
+ end
+
+ [".navbar .login-menu a",
+ ".navbar .login-menu .dropdown-menu a"
+ ].each do |css_selector|
+ test "login link at #{css_selector.inspect} includes return_to param" do
+ # Without an anonymous token, we're immediately redirected to login.
+ Rails.configuration.anonymous_user_token =
+ api_fixture("api_client_authorizations", "anonymous", "api_token")
+ @controller = ProjectsController.new
+ test_uuid = "zzzzz-j7d0g-zzzzzzzzzzzzzzz"
+ get(:show, {id: test_uuid})
+ login_link = css_select(css_selector).first
+ assert_not_nil(login_link, "failed to select login link")
+ login_href = URI.unescape(login_link.attributes["href"])
+ # The parameter needs to include the full URL to work.
+ assert_includes(login_href, "://")
+ assert_match(/[\?&]return_to=[^&]*\/projects\/#{test_uuid}(&|$)/,
+ login_href)
+ end
+ end
+