Merge remote-tracking branch 'upstream/master'

spec/controllers/admin/domain_blocks_controller_spec.rb

@@ -8,17 +8,30 @@ RSpec.describe Admin::DomainBlocksController, type: :controller do
   end
 
   describe 'GET #index' do
-    it 'returns http success' do
-      get :index
+    around do |example|
+      default_per_page = DomainBlock.default_per_page
+      DomainBlock.paginates_per 1
+      example.run
+      DomainBlock.paginates_per default_per_page
+    end
 
+    it 'renders domain blocks' do
+      2.times { Fabricate(:domain_block) }
+
+      get :index, params: { page: 2 }
+
+      assigned = assigns(:domain_blocks)
+      expect(assigned.count).to eq 1
+      expect(assigned.klass).to be DomainBlock
       expect(response).to have_http_status(:success)
     end
   end
 
   describe 'GET #new' do
-    it 'returns http success' do
+    it 'assigns a new domain block' do
       get :new
 
+      expect(assigns(:domain_block)).to be_instance_of(DomainBlock)
       expect(response).to have_http_status(:success)
     end
   end
@@ -33,13 +46,25 @@ RSpec.describe Admin::DomainBlocksController, type: :controller do
   end
 
   describe 'POST #create' do
-    it 'blocks the domain' do
+    it 'blocks the domain when succeeded to save' do
       allow(DomainBlockWorker).to receive(:perform_async).and_return(true)
+
       post :create, params: { domain_block: { domain: 'example.com', severity: 'silence' } }
 
       expect(DomainBlockWorker).to have_received(:perform_async)
+      expect(flash[:notice]).to eq I18n.t('admin.domain_blocks.created_msg')
       expect(response).to redirect_to(admin_domain_blocks_path)
     end
+
+    it 'renders new when failed to save' do
+      Fabricate(:domain_block, domain: 'example.com')
+      allow(DomainBlockWorker).to receive(:perform_async).and_return(true)
+
+      post :create, params: { domain_block: { domain: 'example.com', severity: 'silence' } }
+
+      expect(DomainBlockWorker).not_to have_received(:perform_async)
+      expect(response).to render_template :new
+    end
   end
 
   describe 'DELETE #destroy' do
@@ -50,6 +75,7 @@ RSpec.describe Admin::DomainBlocksController, type: :controller do
       delete :destroy, params: { id: domain_block.id, domain_block: { retroactive: '1' } }
 
       expect(service).to have_received(:call).with(domain_block, true)
+      expect(flash[:notice]).to eq I18n.t('admin.domain_blocks.destroyed_msg')
       expect(response).to redirect_to(admin_domain_blocks_path)
     end
   end

spec/controllers/api/v1/reports_controller_spec.rb

@@ -21,12 +21,21 @@ RSpec.describe Api::V1::ReportsController, type: :controller do
   end
 
   describe 'POST #create' do
-    it 'creates a report' do
-      status = Fabricate(:status)
-      post :create, params: { status_ids: [status.id], account_id: status.account.id, comment: 'reasons' }
+    let!(:status) { Fabricate(:status) }
+    let!(:admin)  { Fabricate(:user, admin: true) }
 
+    before do
+      allow(AdminMailer).to receive(:new_report).and_return(double('email', deliver_later: nil))
+      post :create, params: { status_ids: [status.id], account_id: status.account.id, comment: 'reasons' }
+    end
+
+    it 'creates a report' do
       expect(status.reload.account.targeted_reports).not_to be_empty
       expect(response).to have_http_status(:success)
     end
+
+    it 'sends e-mails to admins' do
+      expect(AdminMailer).to have_received(:new_report).with(admin.account, Report)
+    end
   end
 end

spec/controllers/auth/registrations_controller_spec.rb

@@ -3,37 +3,110 @@ require 'rails_helper'
 RSpec.describe Auth::RegistrationsController, type: :controller do
   render_views
 
+  shared_examples 'checks for enabled registrations' do |path|
+    around do |example|
+      open_registrations = Setting.open_registrations
+      example.run
+      Setting.open_registrations = open_registrations
+    end
+
+    it 'redirects if it is in single user mode while it is open for registration' do
+      Fabricate(:account)
+      Setting.open_registrations = true
+      expect(Rails.configuration.x).to receive(:single_user_mode).and_return(true)
+
+      get path
+
+      expect(response).to redirect_to '/'
+    end
+
+    it 'redirects if it is not open for registration while it is not in single user mode' do
+      Setting.open_registrations = false
+      expect(Rails.configuration.x).to receive(:single_user_mode).and_return(false)
+
+      get path
+
+      expect(response).to redirect_to '/'
+    end
+  end
+
+  describe 'GET #edit' do
+    it 'returns http success' do
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      sign_in(Fabricate(:user))
+      get :edit
+      expect(response).to have_http_status(:success)
+    end
+  end
+
+  describe 'GET #update' do
+    it 'returns http success' do
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      sign_in(Fabricate(:user), scope: :user)
+      post :update
+      expect(response).to have_http_status(:success)
+    end
+  end
+
   describe 'GET #new' do
     before do
-      Setting.open_registrations = true
       request.env["devise.mapping"] = Devise.mappings[:user]
     end
 
-    it 'returns http success' do
-      get :new
-      expect(response).to have_http_status(:success)
+    context do
+      around do |example|
+        open_registrations = Setting.open_registrations
+        example.run
+        Setting.open_registrations = open_registrations
+      end
+
+      it 'returns http success' do
+        Setting.open_registrations = true
+        get :new
+        expect(response).to have_http_status(:success)
+      end
     end
+
+    include_examples 'checks for enabled registrations', :new
   end
 
   describe 'POST #create' do
     let(:accept_language) { Rails.application.config.i18n.available_locales.sample.to_s }
 
-    before do
-      Setting.open_registrations = true
-      request.env["devise.mapping"] = Devise.mappings[:user]
-      request.headers["Accept-Language"] = accept_language
-      post :create, params: { user: { account_attributes: { username: 'test' }, email: 'test@example.com', password: '12345678', password_confirmation: '12345678' } }
+    before { request.env["devise.mapping"] = Devise.mappings[:user] }
+
+    context do
+      around do |example|
+        open_registrations = Setting.open_registrations
+        example.run
+        Setting.open_registrations = open_registrations
+      end
+
+      subject do
+        Setting.open_registrations = true
+        request.headers["Accept-Language"] = accept_language
+        post :create, params: { user: { account_attributes: { username: 'test' }, email: 'test@example.com', password: '12345678', password_confirmation: '12345678' } }
+      end
+
+      it 'redirects to login page' do
+        subject
+        expect(response).to redirect_to new_user_session_path
+      end
+
+      it 'creates user' do
+        subject
+        user = User.find_by(email: 'test@example.com')
+        expect(user).to_not be_nil
+        expect(user.locale).to eq(accept_language)
+      end
     end
 
-    it 'redirects to login page' do
-      expect(response).to redirect_to new_user_session_path
+    it 'does nothing if user already exists' do
+      Fabricate(:user, account: Fabricate(:account, username: 'test'))
+      subject
     end
 
-    it 'creates user' do
-      user = User.find_by(email: 'test@example.com')
-      expect(user).to_not be_nil
-      expect(user.locale).to eq(accept_language)
-    end
+    include_examples 'checks for enabled registrations', :create
   end
 
   describe 'DELETE #destroy' do

spec/controllers/settings/two_factor_authentications_controller_spec.rb

@@ -79,13 +79,41 @@ describe Settings::TwoFactorAuthenticationsController do
       user.update(otp_required_for_login: true)
     end
 
-    it 'turns off otp requirement if signed in' do
-      sign_in user, scope: :user
-      post :destroy
+    context 'when signed in' do
+      before do
+        sign_in user, scope: :user
+      end
 
-      expect(response).to redirect_to(settings_two_factor_authentication_path)
-      user.reload
-      expect(user.otp_required_for_login).to eq(false)
+      it 'turns off otp requirement with correct code' do
+        expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, arg|
+          expect(value).to eq user
+          expect(arg).to eq '123456'
+          true
+        end
+
+        post :destroy, params: { form_two_factor_confirmation: { code: '123456' } }
+
+        expect(response).to redirect_to(settings_two_factor_authentication_path)
+        user.reload
+        expect(user.otp_required_for_login).to eq(false)
+      end
+
+      it 'does not turn off otp if code is incorrect' do
+        expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, arg|
+          expect(value).to eq user
+          expect(arg).to eq '057772'
+          false
+        end
+
+        post :destroy, params: { form_two_factor_confirmation: { code: '057772' } }
+
+        user.reload
+        expect(user.otp_required_for_login).to eq(true)
+      end
+
+      it 'raises ActionController::ParameterMissing if code is missing' do
+        expect { post :destroy }.to raise_error(ActionController::ParameterMissing)
+      end
     end
 
     it 'redirects if not signed in' do

spec/fabricators/domain_block_fabricator.rb

@@ -1,3 +1,3 @@
 Fabricator(:domain_block) do
-  domain "example.com"
+  domain { sequence(:domain) { |i| "#{i}#{Faker::Internet.domain_name}" } }
 end

spec/rails_helper.rb

@@ -23,7 +23,7 @@ Devise::Test::ControllerHelpers.module_eval do
     original_sign_in(resource, scope: scope)
 
     SessionActivation.deactivate warden.raw_session["auth_id"]
-    warden.raw_session["auth_id"] = resource.activate_session
+    warden.raw_session["auth_id"] = resource.activate_session(warden.request)
   end
 end