[false, api_fixture('api_client_authorizations')['anonymous']['api_token']].
each do |anon_conf|
- test "trying to get from Keep with an unscoped reader token prompts login (anon_configured=#{anon_conf})" do
+ test "download a file using a reader token with insufficient scope (anon_conf=#{!!anon_conf})" do
Rails.configuration.anonymous_user_token = anon_conf
params = collection_params(:foo_file, 'foo')
params[:reader_token] =
api_fixture('api_client_authorizations')['active_noscope']['api_token']
get(:show_file, params)
- assert_response :redirect
+ if anon_conf
+ # Some files can be shown without a valid token, but not this one.
+ assert_response 404
+ else
+ # No files will ever be shown without a valid token. You
+ # should log in and try again.
+ assert_response :redirect
+ end
end
end