Merge commit '39110d1d0af5e3d9cf452ae47496a52797249fd0' into glitch-soc/merge-upstream
This commit is contained in:
Claire
@ -48,25 +48,32 @@ describe Api::V1::Accounts::RelationshipsController do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns JSON with correct data' do
|
||||
json = body_as_json
|
||||
context 'when there is returned JSON data' do
|
||||
let(:json) { body_as_json }
|
||||
|
||||
expect(json).to be_a Enumerable
|
||||
expect(json.first[:id]).to eq simon.id.to_s
|
||||
expect(json.first[:following]).to be true
|
||||
expect(json.first[:showing_reblogs]).to be true
|
||||
expect(json.first[:followed_by]).to be false
|
||||
expect(json.first[:muting]).to be false
|
||||
expect(json.first[:requested]).to be false
|
||||
expect(json.first[:domain_blocking]).to be false
|
||||
it 'returns an enumerable json' do
|
||||
expect(json).to be_a Enumerable
|
||||
end
|
||||
|
||||
expect(json.second[:id]).to eq lewis.id.to_s
|
||||
expect(json.second[:following]).to be false
|
||||
expect(json.second[:showing_reblogs]).to be false
|
||||
expect(json.second[:followed_by]).to be true
|
||||
expect(json.second[:muting]).to be false
|
||||
expect(json.second[:requested]).to be false
|
||||
expect(json.second[:domain_blocking]).to be false
|
||||
it 'returns a correct first element' do
|
||||
expect(json.first[:id]).to eq simon.id.to_s
|
||||
expect(json.first[:following]).to be true
|
||||
expect(json.first[:showing_reblogs]).to be true
|
||||
expect(json.first[:followed_by]).to be false
|
||||
expect(json.first[:muting]).to be false
|
||||
expect(json.first[:requested]).to be false
|
||||
expect(json.first[:domain_blocking]).to be false
|
||||
end
|
||||
|
||||
it 'returns a correct second element' do
|
||||
expect(json.second[:id]).to eq lewis.id.to_s
|
||||
expect(json.second[:following]).to be false
|
||||
expect(json.second[:showing_reblogs]).to be false
|
||||
expect(json.second[:followed_by]).to be true
|
||||
expect(json.second[:muting]).to be false
|
||||
expect(json.second[:requested]).to be false
|
||||
expect(json.second[:domain_blocking]).to be false
|
||||
end
|
||||
end
|
||||
|
||||
it 'returns JSON with correct data on cached requests too' do
|
||||
|
||||
@ -55,20 +55,6 @@ RSpec.describe Api::V1::AccountsController do
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #show' do
|
||||
let(:scopes) { 'read:accounts' }
|
||||
|
||||
before do
|
||||
get :show, params: { id: user.account.id }
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
end
|
||||
|
||||
describe 'POST #follow' do
|
||||
let(:scopes) { 'write:follows' }
|
||||
let(:other_account) { Fabricate(:account, username: 'bob', locked: locked) }
|
||||
|
||||
@ -1,358 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe Api::V1::Admin::CanonicalEmailBlocksController do
|
||||
render_views
|
||||
|
||||
let(:role) { UserRole.find_by(name: 'Admin') }
|
||||
let(:user) { Fabricate(:user, role: role) }
|
||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
|
||||
let(:scopes) { 'admin:read:canonical_email_blocks admin:write:canonical_email_blocks' }
|
||||
|
||||
before do
|
||||
allow(controller).to receive(:doorkeeper_token) { token }
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong scope' do |wrong_scope|
|
||||
let(:scopes) { wrong_scope }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong role' do |wrong_role|
|
||||
let(:role) { UserRole.find_by(name: wrong_role) }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #index' do
|
||||
context 'with wrong scope' do
|
||||
before do
|
||||
get :index
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'read:statuses'
|
||||
end
|
||||
|
||||
context 'with wrong role' do
|
||||
before do
|
||||
get :index
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
get :index
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
context 'when there is no canonical email block' do
|
||||
it 'returns an empty list' do
|
||||
get :index
|
||||
|
||||
body = body_as_json
|
||||
|
||||
expect(body).to be_empty
|
||||
end
|
||||
end
|
||||
|
||||
context 'when there are canonical email blocks' do
|
||||
let!(:canonical_email_blocks) { Fabricate.times(5, :canonical_email_block) }
|
||||
let(:expected_email_hashes) { canonical_email_blocks.pluck(:canonical_email_hash) }
|
||||
|
||||
it 'returns the correct canonical email hashes' do
|
||||
get :index
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json.pluck(:canonical_email_hash)).to match_array(expected_email_hashes)
|
||||
end
|
||||
|
||||
context 'with limit param' do
|
||||
let(:params) { { limit: 2 } }
|
||||
|
||||
it 'returns only the requested number of canonical email blocks' do
|
||||
get :index, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json.size).to eq(params[:limit])
|
||||
end
|
||||
end
|
||||
|
||||
context 'with since_id param' do
|
||||
let(:params) { { since_id: canonical_email_blocks[1].id } }
|
||||
|
||||
it 'returns only the canonical email blocks after since_id' do
|
||||
get :index, params: params
|
||||
|
||||
canonical_email_blocks_ids = canonical_email_blocks.pluck(:id).map(&:to_s)
|
||||
json = body_as_json
|
||||
|
||||
expect(json.pluck(:id)).to match_array(canonical_email_blocks_ids[2..])
|
||||
end
|
||||
end
|
||||
|
||||
context 'with max_id param' do
|
||||
let(:params) { { max_id: canonical_email_blocks[3].id } }
|
||||
|
||||
it 'returns only the canonical email blocks before max_id' do
|
||||
get :index, params: params
|
||||
|
||||
canonical_email_blocks_ids = canonical_email_blocks.pluck(:id).map(&:to_s)
|
||||
json = body_as_json
|
||||
|
||||
expect(json.pluck(:id)).to match_array(canonical_email_blocks_ids[..2])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #show' do
|
||||
let!(:canonical_email_block) { Fabricate(:canonical_email_block) }
|
||||
let(:params) { { id: canonical_email_block.id } }
|
||||
|
||||
context 'with wrong scope' do
|
||||
before do
|
||||
get :show, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'read:statuses'
|
||||
end
|
||||
|
||||
context 'with wrong role' do
|
||||
before do
|
||||
get :show, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
end
|
||||
|
||||
context 'when canonical email block exists' do
|
||||
it 'returns http success' do
|
||||
get :show, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns canonical email block data correctly' do
|
||||
get :show, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json[:id]).to eq(canonical_email_block.id.to_s)
|
||||
expect(json[:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when canonical block does not exist' do
|
||||
it 'returns http not found' do
|
||||
get :show, params: { id: 0 }
|
||||
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #test' do
|
||||
context 'with wrong scope' do
|
||||
before do
|
||||
post :test
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'read:statuses'
|
||||
end
|
||||
|
||||
context 'with wrong role' do
|
||||
before do
|
||||
post :test, params: { email: 'whatever@email.com' }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
end
|
||||
|
||||
context 'when required email is not provided' do
|
||||
it 'returns http bad request' do
|
||||
post :test
|
||||
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when required email is provided' do
|
||||
let(:params) { { email: 'example@email.com' } }
|
||||
|
||||
context 'when there is a matching canonical email block' do
|
||||
let!(:canonical_email_block) { CanonicalEmailBlock.create(params) }
|
||||
|
||||
it 'returns http success' do
|
||||
post :test, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns expected canonical email hash' do
|
||||
post :test, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json[0][:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when there is no matching canonical email block' do
|
||||
it 'returns http success' do
|
||||
post :test, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns an empty list' do
|
||||
post :test, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json).to be_empty
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #create' do
|
||||
let(:params) { { email: 'example@email.com' } }
|
||||
let(:canonical_email_block) { CanonicalEmailBlock.new(email: params[:email]) }
|
||||
|
||||
context 'with wrong scope' do
|
||||
before do
|
||||
post :create, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'read:statuses'
|
||||
end
|
||||
|
||||
context 'with wrong role' do
|
||||
before do
|
||||
post :create, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
post :create, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns canonical_email_hash correctly' do
|
||||
post :create, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json[:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
|
||||
end
|
||||
|
||||
context 'when required email param is not provided' do
|
||||
it 'returns http unprocessable entity' do
|
||||
post :create
|
||||
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when canonical_email_hash param is provided instead of email' do
|
||||
let(:params) { { canonical_email_hash: 'dd501ce4e6b08698f19df96f2f15737e48a75660b1fa79b6ff58ea25ee4851a4' } }
|
||||
|
||||
it 'returns http success' do
|
||||
post :create, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns correct canonical_email_hash' do
|
||||
post :create, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json[:canonical_email_hash]).to eq(params[:canonical_email_hash])
|
||||
end
|
||||
end
|
||||
|
||||
context 'when both email and canonical_email_hash params are provided' do
|
||||
let(:params) { { email: 'example@email.com', canonical_email_hash: 'dd501ce4e6b08698f19df96f2f15737e48a75660b1fa79b6ff58ea25ee4851a4' } }
|
||||
|
||||
it 'returns http success' do
|
||||
post :create, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'ignores canonical_email_hash param' do
|
||||
post :create, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json[:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when canonical email was already blocked' do
|
||||
before do
|
||||
canonical_email_block.save
|
||||
end
|
||||
|
||||
it 'returns http unprocessable entity' do
|
||||
post :create, params: params
|
||||
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'DELETE #destroy' do
|
||||
let!(:canonical_email_block) { Fabricate(:canonical_email_block) }
|
||||
let(:params) { { id: canonical_email_block.id } }
|
||||
|
||||
context 'with wrong scope' do
|
||||
before do
|
||||
delete :destroy, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'read:statuses'
|
||||
end
|
||||
|
||||
context 'with wrong role' do
|
||||
before do
|
||||
delete :destroy, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
delete :destroy, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
context 'when canonical email block is not found' do
|
||||
it 'returns http not found' do
|
||||
delete :destroy, params: { id: 0 }
|
||||
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@ -1,140 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
RSpec.describe Api::V1::Admin::DomainAllowsController do
|
||||
render_views
|
||||
|
||||
let(:role) { UserRole.find_by(name: 'Admin') }
|
||||
let(:user) { Fabricate(:user, role: role) }
|
||||
let(:scopes) { 'admin:read admin:write' }
|
||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
|
||||
|
||||
before do
|
||||
allow(controller).to receive(:doorkeeper_token) { token }
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong scope' do |wrong_scope|
|
||||
let(:scopes) { wrong_scope }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong role' do |wrong_role|
|
||||
let(:role) { UserRole.find_by(name: wrong_role) }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #index' do
|
||||
let!(:domain_allow) { Fabricate(:domain_allow) }
|
||||
|
||||
before do
|
||||
get :index
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns the expected domain allows' do
|
||||
json = body_as_json
|
||||
expect(json.length).to eq 1
|
||||
expect(json[0][:id].to_i).to eq domain_allow.id
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #show' do
|
||||
let!(:domain_allow) { Fabricate(:domain_allow) }
|
||||
|
||||
before do
|
||||
get :show, params: { id: domain_allow.id }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns expected domain name' do
|
||||
json = body_as_json
|
||||
expect(json[:domain]).to eq domain_allow.domain
|
||||
end
|
||||
end
|
||||
|
||||
describe 'DELETE #destroy' do
|
||||
let!(:domain_allow) { Fabricate(:domain_allow) }
|
||||
|
||||
before do
|
||||
delete :destroy, params: { id: domain_allow.id }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'deletes the block' do
|
||||
expect(DomainAllow.find_by(id: domain_allow.id)).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #create' do
|
||||
let!(:domain_allow) { Fabricate(:domain_allow, domain: 'example.com') }
|
||||
|
||||
context 'with a valid domain' do
|
||||
before do
|
||||
post :create, params: { domain: 'foo.bar.com' }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns expected domain name' do
|
||||
json = body_as_json
|
||||
expect(json[:domain]).to eq 'foo.bar.com'
|
||||
end
|
||||
|
||||
it 'creates a domain block' do
|
||||
expect(DomainAllow.find_by(domain: 'foo.bar.com')).to_not be_nil
|
||||
end
|
||||
end
|
||||
|
||||
context 'with invalid domain name' do
|
||||
before do
|
||||
post :create, params: { domain: 'foo bar' }
|
||||
end
|
||||
|
||||
it 'returns http unprocessable entity' do
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when domain name is not specified' do
|
||||
it 'returns http unprocessable entity' do
|
||||
post :create
|
||||
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@ -1,180 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
RSpec.describe Api::V1::Admin::DomainBlocksController do
|
||||
render_views
|
||||
|
||||
let(:role) { UserRole.find_by(name: 'Admin') }
|
||||
let(:user) { Fabricate(:user, role: role) }
|
||||
let(:scopes) { 'admin:read admin:write' }
|
||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
|
||||
|
||||
before do
|
||||
allow(controller).to receive(:doorkeeper_token) { token }
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong scope' do |wrong_scope|
|
||||
let(:scopes) { wrong_scope }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong role' do |wrong_role|
|
||||
let(:role) { UserRole.find_by(name: wrong_role) }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #index' do
|
||||
let!(:block) { Fabricate(:domain_block) }
|
||||
|
||||
before do
|
||||
get :index
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns the expected domain blocks' do
|
||||
json = body_as_json
|
||||
expect(json.length).to eq 1
|
||||
expect(json[0][:id].to_i).to eq block.id
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #show' do
|
||||
let!(:block) { Fabricate(:domain_block) }
|
||||
|
||||
before do
|
||||
get :show, params: { id: block.id }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns expected domain name' do
|
||||
json = body_as_json
|
||||
expect(json[:domain]).to eq block.domain
|
||||
end
|
||||
end
|
||||
|
||||
describe 'PUT #update' do
|
||||
let!(:remote_account) { Fabricate(:account, domain: 'example.com') }
|
||||
let(:subject) do
|
||||
post :update, params: { id: domain_block.id, domain: 'example.com', severity: new_severity }
|
||||
end
|
||||
let(:domain_block) { Fabricate(:domain_block, domain: 'example.com', severity: original_severity) }
|
||||
|
||||
before do
|
||||
BlockDomainService.new.call(domain_block)
|
||||
end
|
||||
|
||||
context 'when downgrading a domain suspension to silence' do
|
||||
let(:original_severity) { 'suspend' }
|
||||
let(:new_severity) { 'silence' }
|
||||
|
||||
it 'changes the block severity' do
|
||||
expect { subject }.to change { domain_block.reload.severity }.from('suspend').to('silence')
|
||||
end
|
||||
|
||||
it 'undoes individual suspensions' do
|
||||
expect { subject }.to change { remote_account.reload.suspended? }.from(true).to(false)
|
||||
end
|
||||
|
||||
it 'performs individual silences' do
|
||||
expect { subject }.to change { remote_account.reload.silenced? }.from(false).to(true)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when upgrading a domain silence to suspend' do
|
||||
let(:original_severity) { 'silence' }
|
||||
let(:new_severity) { 'suspend' }
|
||||
|
||||
it 'changes the block severity' do
|
||||
expect { subject }.to change { domain_block.reload.severity }.from('silence').to('suspend')
|
||||
end
|
||||
|
||||
it 'undoes individual silences' do
|
||||
expect { subject }.to change { remote_account.reload.silenced? }.from(true).to(false)
|
||||
end
|
||||
|
||||
it 'performs individual suspends' do
|
||||
expect { subject }.to change { remote_account.reload.suspended? }.from(false).to(true)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'DELETE #destroy' do
|
||||
let!(:block) { Fabricate(:domain_block) }
|
||||
|
||||
before do
|
||||
delete :destroy, params: { id: block.id }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'deletes the block' do
|
||||
expect(DomainBlock.find_by(id: block.id)).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #create' do
|
||||
let(:existing_block_domain) { 'example.com' }
|
||||
let!(:block) { Fabricate(:domain_block, domain: existing_block_domain, severity: :suspend) }
|
||||
|
||||
before do
|
||||
post :create, params: { domain: 'foo.bar.com', severity: :silence }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns expected domain name' do
|
||||
json = body_as_json
|
||||
expect(json[:domain]).to eq 'foo.bar.com'
|
||||
end
|
||||
|
||||
it 'creates a domain block' do
|
||||
expect(DomainBlock.find_by(domain: 'foo.bar.com')).to_not be_nil
|
||||
end
|
||||
|
||||
context 'when a stricter domain block already exists' do
|
||||
let(:existing_block_domain) { 'bar.com' }
|
||||
|
||||
it 'returns http unprocessable entity' do
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
|
||||
it 'renders existing domain block in error' do
|
||||
json = body_as_json
|
||||
expect(json[:existing_domain_block][:domain]).to eq existing_block_domain
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@ -1,309 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe Api::V1::Admin::IpBlocksController do
|
||||
render_views
|
||||
|
||||
let(:role) { UserRole.find_by(name: 'Admin') }
|
||||
let(:user) { Fabricate(:user, role: role) }
|
||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
|
||||
let(:scopes) { 'admin:read:ip_blocks admin:write:ip_blocks' }
|
||||
|
||||
before do
|
||||
allow(controller).to receive(:doorkeeper_token) { token }
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong scope' do |wrong_scope|
|
||||
let(:scopes) { wrong_scope }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong role' do |wrong_role|
|
||||
let(:role) { UserRole.find_by(name: wrong_role) }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #index' do
|
||||
context 'with wrong scope' do
|
||||
before do
|
||||
get :index
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'admin:write:ip_blocks'
|
||||
end
|
||||
|
||||
context 'with wrong role' do
|
||||
before do
|
||||
get :index
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
get :index
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
context 'when there is no ip block' do
|
||||
it 'returns an empty body' do
|
||||
get :index
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json).to be_empty
|
||||
end
|
||||
end
|
||||
|
||||
context 'when there are ip blocks' do
|
||||
let!(:ip_blocks) do
|
||||
[
|
||||
IpBlock.create(ip: '192.0.2.0/24', severity: :no_access),
|
||||
IpBlock.create(ip: '172.16.0.1', severity: :sign_up_requires_approval, comment: 'Spam'),
|
||||
IpBlock.create(ip: '2001:0db8::/32', severity: :sign_up_block, expires_in: 10.days),
|
||||
]
|
||||
end
|
||||
let(:expected_response) do
|
||||
ip_blocks.map do |ip_block|
|
||||
{
|
||||
id: ip_block.id.to_s,
|
||||
ip: ip_block.ip,
|
||||
severity: ip_block.severity.to_s,
|
||||
comment: ip_block.comment,
|
||||
created_at: ip_block.created_at.strftime('%Y-%m-%dT%H:%M:%S.%LZ'),
|
||||
expires_at: ip_block.expires_at&.strftime('%Y-%m-%dT%H:%M:%S.%LZ'),
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
it 'returns the correct blocked ips' do
|
||||
get :index
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json).to match_array(expected_response)
|
||||
end
|
||||
|
||||
context 'with limit param' do
|
||||
let(:params) { { limit: 2 } }
|
||||
|
||||
it 'returns only the requested number of ip blocks' do
|
||||
get :index, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json.size).to eq(params[:limit])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #show' do
|
||||
let!(:ip_block) { IpBlock.create(ip: '192.0.2.0/24', severity: :no_access) }
|
||||
let(:params) { { id: ip_block.id } }
|
||||
|
||||
context 'with wrong scope' do
|
||||
before do
|
||||
get :show, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'admin:write:ip_blocks'
|
||||
end
|
||||
|
||||
context 'with wrong role' do
|
||||
before do
|
||||
get :show, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
get :show, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns the correct ip block' do
|
||||
get :show, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json[:ip]).to eq("#{ip_block.ip}/#{ip_block.ip.prefix}")
|
||||
expect(json[:severity]).to eq(ip_block.severity.to_s)
|
||||
end
|
||||
|
||||
context 'when ip block does not exist' do
|
||||
it 'returns http not found' do
|
||||
get :show, params: { id: 0 }
|
||||
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #create' do
|
||||
let(:params) { { ip: '151.0.32.55', severity: 'no_access', comment: 'Spam' } }
|
||||
|
||||
context 'with wrong scope' do
|
||||
before do
|
||||
post :create, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'admin:read:ip_blocks'
|
||||
end
|
||||
|
||||
context 'with wrong role' do
|
||||
before do
|
||||
post :create, params: params
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
it_behaves_like 'forbidden for wrong role', 'Moderator'
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
post :create, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns the correct ip block' do
|
||||
post :create, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json[:ip]).to eq("#{params[:ip]}/32")
|
||||
expect(json[:severity]).to eq(params[:severity])
|
||||
expect(json[:comment]).to eq(params[:comment])
|
||||
end
|
||||
|
||||
context 'when ip is not provided' do
|
||||
let(:params) { { ip: '', severity: 'no_access' } }
|
||||
|
||||
it 'returns http unprocessable entity' do
|
||||
post :create, params: params
|
||||
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when severity is not provided' do
|
||||
let(:params) { { ip: '173.65.23.1', severity: '' } }
|
||||
|
||||
it 'returns http unprocessable entity' do
|
||||
post :create, params: params
|
||||
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when provided ip is already blocked' do
|
||||
before do
|
||||
IpBlock.create(params)
|
||||
end
|
||||
|
||||
it 'returns http unprocessable entity' do
|
||||
post :create, params: params
|
||||
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when provided ip address is invalid' do
|
||||
let(:params) { { ip: '520.13.54.120', severity: 'no_access' } }
|
||||
|
||||
it 'returns http unprocessable entity' do
|
||||
post :create, params: params
|
||||
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'PUT #update' do
|
||||
context 'when ip block exists' do
|
||||
let!(:ip_block) { IpBlock.create(ip: '185.200.13.3', severity: 'no_access', comment: 'Spam', expires_in: 48.hours) }
|
||||
let(:params) { { id: ip_block.id, severity: 'sign_up_requires_approval', comment: 'Decreasing severity' } }
|
||||
|
||||
it 'returns http success' do
|
||||
put :update, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns the correct ip block' do
|
||||
put :update, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json).to match(hash_including({
|
||||
ip: "#{ip_block.ip}/#{ip_block.ip.prefix}",
|
||||
severity: 'sign_up_requires_approval',
|
||||
comment: 'Decreasing severity',
|
||||
}))
|
||||
end
|
||||
|
||||
it 'updates the severity correctly' do
|
||||
expect { put :update, params: params }.to change { ip_block.reload.severity }.from('no_access').to('sign_up_requires_approval')
|
||||
end
|
||||
|
||||
it 'updates the comment correctly' do
|
||||
expect { put :update, params: params }.to change { ip_block.reload.comment }.from('Spam').to('Decreasing severity')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when ip block does not exist' do
|
||||
it 'returns http not found' do
|
||||
put :update, params: { id: 0 }
|
||||
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'DELETE #destroy' do
|
||||
context 'when ip block exists' do
|
||||
let!(:ip_block) { IpBlock.create(ip: '185.200.13.3', severity: 'no_access') }
|
||||
let(:params) { { id: ip_block.id } }
|
||||
|
||||
it 'returns http success' do
|
||||
delete :destroy, params: params
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'returns an empty body' do
|
||||
delete :destroy, params: params
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json).to be_empty
|
||||
end
|
||||
|
||||
it 'deletes the ip block' do
|
||||
delete :destroy, params: params
|
||||
|
||||
expect(IpBlock.find_by(id: ip_block.id)).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
context 'when ip block does not exist' do
|
||||
it 'returns http not found' do
|
||||
delete :destroy, params: { id: 0 }
|
||||
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@ -1,111 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
RSpec.describe Api::V1::Admin::ReportsController do
|
||||
render_views
|
||||
|
||||
let(:role) { UserRole.find_by(name: 'Moderator') }
|
||||
let(:user) { Fabricate(:user, role: role) }
|
||||
let(:scopes) { 'admin:read admin:write' }
|
||||
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
|
||||
let(:report) { Fabricate(:report) }
|
||||
|
||||
before do
|
||||
allow(controller).to receive(:doorkeeper_token) { token }
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong scope' do |wrong_scope|
|
||||
let(:scopes) { wrong_scope }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'forbidden for wrong role' do |wrong_role|
|
||||
let(:role) { UserRole.find_by(name: wrong_role) }
|
||||
|
||||
it 'returns http forbidden' do
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #index' do
|
||||
before do
|
||||
get :index
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #show' do
|
||||
before do
|
||||
get :show, params: { id: report.id }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #resolve' do
|
||||
before do
|
||||
post :resolve, params: { id: report.id }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #reopen' do
|
||||
before do
|
||||
post :reopen, params: { id: report.id }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #assign_to_self' do
|
||||
before do
|
||||
post :assign_to_self, params: { id: report.id }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #unassign' do
|
||||
before do
|
||||
post :unassign, params: { id: report.id }
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
||||
it_behaves_like 'forbidden for wrong role', ''
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
end
|
||||
end
|
||||
@ -56,18 +56,11 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
|
||||
end
|
||||
|
||||
describe 'when creation succeeds' do
|
||||
let!(:otp_backup_codes) { user.generate_otp_backup_codes! }
|
||||
|
||||
it 'renders page with success' do
|
||||
otp_backup_codes = user.generate_otp_backup_codes!
|
||||
expect_any_instance_of(User).to receive(:generate_otp_backup_codes!) do |value|
|
||||
expect(value).to eq user
|
||||
otp_backup_codes
|
||||
end
|
||||
expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, code, options|
|
||||
expect(value).to eq user
|
||||
expect(code).to eq '123456'
|
||||
expect(options).to eq({ otp_secret: 'thisisasecretforthespecofnewview' })
|
||||
true
|
||||
end
|
||||
prepare_user_otp_generation
|
||||
prepare_user_otp_consumption
|
||||
|
||||
expect do
|
||||
post :create,
|
||||
@ -80,6 +73,22 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response).to render_template('settings/two_factor_authentication/recovery_codes/index')
|
||||
end
|
||||
|
||||
def prepare_user_otp_generation
|
||||
expect_any_instance_of(User).to receive(:generate_otp_backup_codes!) do |value|
|
||||
expect(value).to eq user
|
||||
otp_backup_codes
|
||||
end
|
||||
end
|
||||
|
||||
def prepare_user_otp_consumption
|
||||
expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, code, options|
|
||||
expect(value).to eq user
|
||||
expect(code).to eq '123456'
|
||||
expect(options).to eq({ otp_secret: 'thisisasecretforthespecofnewview' })
|
||||
true
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'when creation fails' do
|
||||
|
||||
Reference in New Issue
Block a user