diff options
Diffstat (limited to 'spec/controllers/api/v1')
27 files changed, 97 insertions, 39 deletions
diff --git a/spec/controllers/api/v1/accounts/credentials_controller_spec.rb b/spec/controllers/api/v1/accounts/credentials_controller_spec.rb index 7bcf9fe0e..3f655c7b2 100644 --- a/spec/controllers/api/v1/accounts/credentials_controller_spec.rb +++ b/spec/controllers/api/v1/accounts/credentials_controller_spec.rb @@ -4,7 +4,7 @@ describe Api::V1::Accounts::CredentialsController do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write') } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/accounts/follower_accounts_controller_spec.rb b/spec/controllers/api/v1/accounts/follower_accounts_controller_spec.rb index 171852c75..33982cb8f 100644 --- a/spec/controllers/api/v1/accounts/follower_accounts_controller_spec.rb +++ b/spec/controllers/api/v1/accounts/follower_accounts_controller_spec.rb @@ -4,7 +4,7 @@ describe Api::V1::Accounts::FollowerAccountsController do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') } before do Fabricate(:follow, target_account: user.account) diff --git a/spec/controllers/api/v1/accounts/following_accounts_controller_spec.rb b/spec/controllers/api/v1/accounts/following_accounts_controller_spec.rb index a4cad9163..e22f54a31 100644 --- a/spec/controllers/api/v1/accounts/following_accounts_controller_spec.rb +++ b/spec/controllers/api/v1/accounts/following_accounts_controller_spec.rb @@ -4,7 +4,7 @@ describe Api::V1::Accounts::FollowingAccountsController do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') } before do Fabricate(:follow, account: user.account) diff --git a/spec/controllers/api/v1/accounts/relationships_controller_spec.rb b/spec/controllers/api/v1/accounts/relationships_controller_spec.rb index e281afcb9..3a9607317 100644 --- a/spec/controllers/api/v1/accounts/relationships_controller_spec.rb +++ b/spec/controllers/api/v1/accounts/relationships_controller_spec.rb @@ -4,7 +4,7 @@ describe Api::V1::Accounts::RelationshipsController do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/accounts/search_controller_spec.rb b/spec/controllers/api/v1/accounts/search_controller_spec.rb index 40c82437d..42cc3f64d 100644 --- a/spec/controllers/api/v1/accounts/search_controller_spec.rb +++ b/spec/controllers/api/v1/accounts/search_controller_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Api::V1::Accounts::SearchController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/accounts/statuses_controller_spec.rb b/spec/controllers/api/v1/accounts/statuses_controller_spec.rb index 55cb5bcc2..8b4fd6a5b 100644 --- a/spec/controllers/api/v1/accounts/statuses_controller_spec.rb +++ b/spec/controllers/api/v1/accounts/statuses_controller_spec.rb @@ -4,7 +4,7 @@ describe Api::V1::Accounts::StatusesController do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/accounts_controller_spec.rb b/spec/controllers/api/v1/accounts_controller_spec.rb index 216a9cb3b..c13509e7b 100644 --- a/spec/controllers/api/v1/accounts_controller_spec.rb +++ b/spec/controllers/api/v1/accounts_controller_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Api::V1::AccountsController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'follow read') } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/blocks_controller_spec.rb b/spec/controllers/api/v1/blocks_controller_spec.rb index 4fd968b27..f25a7e878 100644 --- a/spec/controllers/api/v1/blocks_controller_spec.rb +++ b/spec/controllers/api/v1/blocks_controller_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Api::V1::BlocksController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'follow') } before do Fabricate(:block, account: user.account) diff --git a/spec/controllers/api/v1/domain_blocks_controller_spec.rb b/spec/controllers/api/v1/domain_blocks_controller_spec.rb index ff5c5f330..3713931dc 100644 --- a/spec/controllers/api/v1/domain_blocks_controller_spec.rb +++ b/spec/controllers/api/v1/domain_blocks_controller_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Api::V1::DomainBlocksController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'follow') } before do user.account.block_domain!('example.com') diff --git a/spec/controllers/api/v1/favourites_controller_spec.rb b/spec/controllers/api/v1/favourites_controller_spec.rb index 062e91adc..3de045377 100644 --- a/spec/controllers/api/v1/favourites_controller_spec.rb +++ b/spec/controllers/api/v1/favourites_controller_spec.rb @@ -3,19 +3,77 @@ require 'rails_helper' RSpec.describe Api::V1::FavouritesController, type: :controller do render_views - let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } - - before do - Fabricate(:favourite, account: user.account) - allow(controller).to receive(:doorkeeper_token) { token } - end + let(:user) { Fabricate(:user) } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') } describe 'GET #index' do - it 'returns http success' do - get :index, params: { limit: 1 } + context 'without token' do + it 'returns http unauthorized' do + get :index + expect(response).to have_http_status :unauthorized + end + end + + context 'with token' do + context 'without read scope' do + before do + allow(controller).to receive(:doorkeeper_token) do + Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: '') + end + end + + it 'returns http forbidden' do + get :index + expect(response).to have_http_status :forbidden + end + end + + context 'without valid resource owner' do + before do + token = Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') + user.destroy! + + allow(controller).to receive(:doorkeeper_token) { token } + end + + it 'returns http unprocessable entity' do + get :index + expect(response).to have_http_status :unprocessable_entity + end + end + + context 'with read scope and valid resource owner' do + before do + allow(controller).to receive(:doorkeeper_token) do + Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') + end + end + + it 'shows favourites owned by the user' do + favourite_by_user = Fabricate(:favourite, account: user.account) + favourite_by_others = Fabricate(:favourite) + + get :index + + expect(assigns(:statuses)).to match_array [favourite_by_user.status] + end + + it 'adds pagination headers if necessary' do + favourite = Fabricate(:favourite, account: user.account) + + get :index, params: { limit: 1 } + + expect(response.headers['Link'].find_link(['rel', 'next']).href).to eq "http://test.host/api/v1/favourites?limit=1&max_id=#{favourite.id}" + expect(response.headers['Link'].find_link(['rel', 'prev']).href).to eq "http://test.host/api/v1/favourites?limit=1&since_id=#{favourite.id}" + end + + it 'does not add pagination headers if not necessary' do + get :index - expect(response).to have_http_status(:success) + expect(response.headers['Link'].find_link(['rel', 'next'])).to eq nil + expect(response.headers['Link'].find_link(['rel', 'prev'])).to eq nil + end + end end end end diff --git a/spec/controllers/api/v1/follow_requests_controller_spec.rb b/spec/controllers/api/v1/follow_requests_controller_spec.rb index d455a0255..51df006a2 100644 --- a/spec/controllers/api/v1/follow_requests_controller_spec.rb +++ b/spec/controllers/api/v1/follow_requests_controller_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Api::V1::FollowRequestsController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice', locked: true)) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'follow') } let(:follower) { Fabricate(:account, username: 'bob') } before do diff --git a/spec/controllers/api/v1/follows_controller_spec.rb b/spec/controllers/api/v1/follows_controller_spec.rb index cc4958ab5..b5e1d16dd 100644 --- a/spec/controllers/api/v1/follows_controller_spec.rb +++ b/spec/controllers/api/v1/follows_controller_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Api::V1::FollowsController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'follow') } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/instances_controller_spec.rb b/spec/controllers/api/v1/instances_controller_spec.rb index 544f3d28f..eba233b05 100644 --- a/spec/controllers/api/v1/instances_controller_spec.rb +++ b/spec/controllers/api/v1/instances_controller_spec.rb @@ -6,7 +6,7 @@ RSpec.describe Api::V1::InstancesController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id) } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/media_controller_spec.rb b/spec/controllers/api/v1/media_controller_spec.rb index 00dcac95d..6bad3f05d 100644 --- a/spec/controllers/api/v1/media_controller_spec.rb +++ b/spec/controllers/api/v1/media_controller_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Api::V1::MediaController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write') } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/mutes_controller_spec.rb b/spec/controllers/api/v1/mutes_controller_spec.rb index 85aad4384..3e6fa887b 100644 --- a/spec/controllers/api/v1/mutes_controller_spec.rb +++ b/spec/controllers/api/v1/mutes_controller_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Api::V1::MutesController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'follow') } before do Fabricate(:mute, account: user.account) diff --git a/spec/controllers/api/v1/notifications_controller_spec.rb b/spec/controllers/api/v1/notifications_controller_spec.rb index e06230913..f493d0d38 100644 --- a/spec/controllers/api/v1/notifications_controller_spec.rb +++ b/spec/controllers/api/v1/notifications_controller_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Api::V1::NotificationsController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') } let(:other) { Fabricate(:user, account: Fabricate(:account, username: 'bob')) } before do diff --git a/spec/controllers/api/v1/reports_controller_spec.rb b/spec/controllers/api/v1/reports_controller_spec.rb index 471ea4e0b..1eb5a4353 100644 --- a/spec/controllers/api/v1/reports_controller_spec.rb +++ b/spec/controllers/api/v1/reports_controller_spec.rb @@ -6,7 +6,7 @@ RSpec.describe Api::V1::ReportsController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read write') } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/search_controller_spec.rb b/spec/controllers/api/v1/search_controller_spec.rb index 4d22ddc98..ff0c254b1 100644 --- a/spec/controllers/api/v1/search_controller_spec.rb +++ b/spec/controllers/api/v1/search_controller_spec.rb @@ -6,7 +6,7 @@ RSpec.describe Api::V1::SearchController, type: :controller do render_views let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') } before do allow(controller).to receive(:doorkeeper_token) { token } diff --git a/spec/controllers/api/v1/statuses/favourited_by_accounts_controller_spec.rb b/spec/controllers/api/v1/statuses/favourited_by_accounts_controller_spec.rb index 1acb990a0..556731d57 100644 --- a/spec/controllers/api/v1/statuses/favourited_by_accounts_controller_spec.rb +++ b/spec/controllers/api/v1/statuses/favourited_by_accounts_controller_spec.rb @@ -5,7 +5,7 @@ RSpec.describe Api::V1::Statuses::FavouritedByAccountsController, type: :control let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') } - let(:token) { double acceptable?: true, resource_owner_id: user.id, application: app } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, application: app) } context 'with an oauth token' do before do diff --git a/spec/controllers/api/v1/statuses/favourites_controller_spec.rb b/spec/controllers/api/v1/statuses/favourites_controller_spec.rb index eb77072d2..2a029230d 100644 --- a/spec/controllers/api/v1/statuses/favourites_controller_spec.rb +++ b/spec/controllers/api/v1/statuses/favourites_controller_spec.rb @@ -7,7 +7,7 @@ describe Api::V1::Statuses::FavouritesController do let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') } - let(:token) { double acceptable?: true, resource_owner_id: user.id, application: app } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write', application: app) } context 'with an oauth token' do before do diff --git a/spec/controllers/api/v1/statuses/mutes_controller_spec.rb b/spec/controllers/api/v1/statuses/mutes_controller_spec.rb index 1f8c29e3d..54c594e92 100644 --- a/spec/controllers/api/v1/statuses/mutes_controller_spec.rb +++ b/spec/controllers/api/v1/statuses/mutes_controller_spec.rb @@ -7,7 +7,7 @@ describe Api::V1::Statuses::MutesController do let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') } - let(:token) { double acceptable?: true, resource_owner_id: user.id, application: app } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write', application: app) } context 'with an oauth token' do before do diff --git a/spec/controllers/api/v1/statuses/reblogged_by_accounts_controller_spec.rb b/spec/controllers/api/v1/statuses/reblogged_by_accounts_controller_spec.rb index c5624023f..ba022a96e 100644 --- a/spec/controllers/api/v1/statuses/reblogged_by_accounts_controller_spec.rb +++ b/spec/controllers/api/v1/statuses/reblogged_by_accounts_controller_spec.rb @@ -5,7 +5,7 @@ RSpec.describe Api::V1::Statuses::RebloggedByAccountsController, type: :controll let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') } - let(:token) { double acceptable?: true, resource_owner_id: user.id, application: app } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, application: app) } context 'with an oauth token' do before do diff --git a/spec/controllers/api/v1/statuses/reblogs_controller_spec.rb b/spec/controllers/api/v1/statuses/reblogs_controller_spec.rb index 36c323736..d6d36c1b2 100644 --- a/spec/controllers/api/v1/statuses/reblogs_controller_spec.rb +++ b/spec/controllers/api/v1/statuses/reblogs_controller_spec.rb @@ -7,7 +7,7 @@ describe Api::V1::Statuses::ReblogsController do let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') } - let(:token) { double acceptable?: true, resource_owner_id: user.id, application: app } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write', application: app) } context 'with an oauth token' do before do diff --git a/spec/controllers/api/v1/statuses_controller_spec.rb b/spec/controllers/api/v1/statuses_controller_spec.rb index 3d65180ab..a36265395 100644 --- a/spec/controllers/api/v1/statuses_controller_spec.rb +++ b/spec/controllers/api/v1/statuses_controller_spec.rb @@ -5,7 +5,7 @@ RSpec.describe Api::V1::StatusesController, type: :controller do let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') } - let(:token) { double acceptable?: true, resource_owner_id: user.id, application: app } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, application: app, scopes: 'write') } context 'with an oauth token' do before do diff --git a/spec/controllers/api/v1/timelines/home_controller_spec.rb b/spec/controllers/api/v1/timelines/home_controller_spec.rb index faa6c60ce..4d4523520 100644 --- a/spec/controllers/api/v1/timelines/home_controller_spec.rb +++ b/spec/controllers/api/v1/timelines/home_controller_spec.rb @@ -12,7 +12,7 @@ describe Api::V1::Timelines::HomeController do end context 'with a user context' do - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') } describe 'GET #show' do before do @@ -30,7 +30,7 @@ describe Api::V1::Timelines::HomeController do end context 'without a user context' do - let(:token) { double acceptable?: true, resource_owner_id: nil } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil, scopes: 'read') } describe 'GET #show' do it 'returns http unprocessable entity' do diff --git a/spec/controllers/api/v1/timelines/public_controller_spec.rb b/spec/controllers/api/v1/timelines/public_controller_spec.rb index 353ab9bc2..3acf2e267 100644 --- a/spec/controllers/api/v1/timelines/public_controller_spec.rb +++ b/spec/controllers/api/v1/timelines/public_controller_spec.rb @@ -12,7 +12,7 @@ describe Api::V1::Timelines::PublicController do end context 'with a user context' do - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id) } describe 'GET #show' do before do @@ -42,7 +42,7 @@ describe Api::V1::Timelines::PublicController do end context 'without a user context' do - let(:token) { double acceptable?: true, resource_owner_id: nil } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil) } describe 'GET #show' do it 'returns http success' do diff --git a/spec/controllers/api/v1/timelines/tag_controller_spec.rb b/spec/controllers/api/v1/timelines/tag_controller_spec.rb index f743f0cde..74de1e81f 100644 --- a/spec/controllers/api/v1/timelines/tag_controller_spec.rb +++ b/spec/controllers/api/v1/timelines/tag_controller_spec.rb @@ -12,7 +12,7 @@ describe Api::V1::Timelines::TagController do end context 'with a user context' do - let(:token) { double acceptable?: true, resource_owner_id: user.id } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id) } describe 'GET #show' do before do @@ -28,7 +28,7 @@ describe Api::V1::Timelines::TagController do end context 'without a user context' do - let(:token) { double acceptable?: true, resource_owner_id: nil } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil) } describe 'GET #show' do it 'returns http success' do |