diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2019-06-20 02:52:34 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-06-20 02:52:34 +0200 |
| commit | 7696f77245c2302787d239da50248385b3292a5e (patch) | |
| tree | 81db43f660c382679cc7a834d0be06c0218592a8 /spec/controllers/api/v1/admin/account_actions_controller_spec.rb | |
| parent | 33144e132d28f5b820ae12e4b8e4fb34ca47b1d6 (diff) | |
Add moderation API (#9387)
Fix #8580 Fix #7143
Diffstat (limited to 'spec/controllers/api/v1/admin/account_actions_controller_spec.rb')
| -rw-r--r-- | spec/controllers/api/v1/admin/account_actions_controller_spec.rb | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/spec/controllers/api/v1/admin/account_actions_controller_spec.rb b/spec/controllers/api/v1/admin/account_actions_controller_spec.rb new file mode 100644 index 000000000..a5a8f4bb0 --- /dev/null +++ b/spec/controllers/api/v1/admin/account_actions_controller_spec.rb @@ -0,0 +1,57 @@ +require 'rails_helper' + +RSpec.describe Api::V1::Admin::AccountActionsController, type: :controller do + render_views + + let(:role) { 'moderator' } + let(:user) { Fabricate(:user, role: role, account: Fabricate(:account, username: 'alice')) } + let(:scopes) { 'admin:read admin:write' } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) } + let(:account) { Fabricate(:user).account } + + before do + allow(controller).to receive(:doorkeeper_token) { token } + end + + shared_examples 'forbidden for wrong scope' do |wrong_scope| + let(:scopes) { wrong_scope } + + it 'returns http forbidden' do + expect(response).to have_http_status(403) + end + end + + shared_examples 'forbidden for wrong role' do |wrong_role| + let(:role) { wrong_role } + + it 'returns http forbidden' do + expect(response).to have_http_status(403) + end + end + + describe 'POST #create' do + before do + post :create, params: { account_id: account.id, type: 'disable' } + end + + it_behaves_like 'forbidden for wrong scope', 'write:statuses' + it_behaves_like 'forbidden for wrong role', 'user' + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'performs action against account' do + expect(account.reload.user_disabled?).to be true + end + + it 'logs action' do + log_item = Admin::ActionLog.last + + expect(log_item).to_not be_nil + expect(log_item.action).to eq :disable + expect(log_item.account_id).to eq user.account_id + expect(log_item.target_id).to eq account.user.id + end + end +end |