diff options
Diffstat (limited to 'spec/controllers')
26 files changed, 222 insertions, 713 deletions
diff --git a/spec/controllers/about_controller_spec.rb b/spec/controllers/about_controller_spec.rb index 03dddd8c1..97143ec43 100644 --- a/spec/controllers/about_controller_spec.rb +++ b/spec/controllers/about_controller_spec.rb @@ -8,44 +8,8 @@ RSpec.describe AboutController, type: :controller do get :show end - it 'assigns @instance_presenter' do - expect(assigns(:instance_presenter)).to be_kind_of InstancePresenter - end - - it 'returns http success' do - expect(response).to have_http_status(200) - end - end - - describe 'GET #more' do - before do - get :more - end - - it 'assigns @instance_presenter' do - expect(assigns(:instance_presenter)).to be_kind_of InstancePresenter - end - it 'returns http success' do expect(response).to have_http_status(200) end end - - describe 'GET #terms' do - before do - get :terms - end - - it 'returns http success' do - expect(response).to have_http_status(200) - end - end - - describe 'helper_method :new_user' do - it 'returns a new User' do - user = @controller.view_context.new_user - expect(user).to be_kind_of User - expect(user.account).to be_kind_of Account - end - end end diff --git a/spec/controllers/account_follow_controller_spec.rb b/spec/controllers/account_follow_controller_spec.rb deleted file mode 100644 index d33cd0499..000000000 --- a/spec/controllers/account_follow_controller_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'rails_helper' - -describe AccountFollowController do - render_views - - let(:user) { Fabricate(:user) } - let(:alice) { Fabricate(:account, username: 'alice') } - - describe 'POST #create' do - let(:service) { double } - - subject { post :create, params: { account_username: alice.username } } - - before do - allow(FollowService).to receive(:new).and_return(service) - allow(service).to receive(:call) - end - - context 'when account is permanently suspended' do - before do - alice.suspend! - alice.deletion_request.destroy - subject - end - - it 'returns http gone' do - expect(response).to have_http_status(410) - end - end - - context 'when account is temporarily suspended' do - before do - alice.suspend! - subject - end - - it 'returns http forbidden' do - expect(response).to have_http_status(403) - end - end - - context 'when signed out' do - before do - subject - end - - it 'does not follow' do - expect(FollowService).not_to receive(:new) - end - end - - context 'when signed in' do - before do - sign_in(user) - subject - end - - it 'redirects to account path' do - expect(service).to have_received(:call).with(user.account, alice, with_rate_limit: true) - expect(response).to redirect_to(account_path(alice)) - end - end - end -end diff --git a/spec/controllers/account_unfollow_controller_spec.rb b/spec/controllers/account_unfollow_controller_spec.rb deleted file mode 100644 index a11f7aa68..000000000 --- a/spec/controllers/account_unfollow_controller_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'rails_helper' - -describe AccountUnfollowController do - render_views - - let(:user) { Fabricate(:user) } - let(:alice) { Fabricate(:account, username: 'alice') } - - describe 'POST #create' do - let(:service) { double } - - subject { post :create, params: { account_username: alice.username } } - - before do - allow(UnfollowService).to receive(:new).and_return(service) - allow(service).to receive(:call) - end - - context 'when account is permanently suspended' do - before do - alice.suspend! - alice.deletion_request.destroy - subject - end - - it 'returns http gone' do - expect(response).to have_http_status(410) - end - end - - context 'when account is temporarily suspended' do - before do - alice.suspend! - subject - end - - it 'returns http forbidden' do - expect(response).to have_http_status(403) - end - end - - context 'when signed out' do - before do - subject - end - - it 'does not unfollow' do - expect(UnfollowService).not_to receive(:new) - end - end - - context 'when signed in' do - before do - sign_in(user) - subject - end - - it 'redirects to account path' do - expect(service).to have_received(:call).with(user.account, alice) - expect(response).to redirect_to(account_path(alice)) - end - end - end -end diff --git a/spec/controllers/accounts_controller_spec.rb b/spec/controllers/accounts_controller_spec.rb index 662a89927..defa8b2d3 100644 --- a/spec/controllers/accounts_controller_spec.rb +++ b/spec/controllers/accounts_controller_spec.rb @@ -99,100 +99,6 @@ RSpec.describe AccountsController, type: :controller do end it_behaves_like 'common response characteristics' - - it 'renders public status' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status)) - end - - it 'renders self-reply' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status_self_reply)) - end - - it 'renders status with media' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status_media)) - end - - it 'renders reblog' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status_reblog.reblog)) - end - - it 'renders pinned status' do - expect(response.body).to include(I18n.t('stream_entries.pinned')) - end - - it 'does not render private status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_private)) - end - - it 'does not render direct status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_direct)) - end - - it 'does not render reply to someone else' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_reply)) - end - end - - context 'when signed-in' do - let(:user) { Fabricate(:user) } - - before do - sign_in(user) - end - - context 'when user follows account' do - before do - user.account.follow!(account) - get :show, params: { username: account.username, format: format } - end - - it 'does not render private status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_private)) - end - end - - context 'when user is blocked' do - before do - account.block!(user.account) - get :show, params: { username: account.username, format: format } - end - - it 'renders unavailable message' do - expect(response.body).to include(I18n.t('accounts.unavailable')) - end - - it 'does not render public status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status)) - end - - it 'does not render self-reply' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_self_reply)) - end - - it 'does not render status with media' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_media)) - end - - it 'does not render reblog' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_reblog.reblog)) - end - - it 'does not render pinned status' do - expect(response.body).to_not include(I18n.t('stream_entries.pinned')) - end - - it 'does not render private status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_private)) - end - - it 'does not render direct status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_direct)) - end - - it 'does not render reply to someone else' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_reply)) - end - end end context 'with replies' do @@ -202,38 +108,6 @@ RSpec.describe AccountsController, type: :controller do end it_behaves_like 'common response characteristics' - - it 'renders public status' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status)) - end - - it 'renders self-reply' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status_self_reply)) - end - - it 'renders status with media' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status_media)) - end - - it 'renders reblog' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status_reblog.reblog)) - end - - it 'does not render pinned status' do - expect(response.body).to_not include(I18n.t('stream_entries.pinned')) - end - - it 'does not render private status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_private)) - end - - it 'does not render direct status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_direct)) - end - - it 'renders reply to someone else' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status_reply)) - end end context 'with media' do @@ -243,38 +117,6 @@ RSpec.describe AccountsController, type: :controller do end it_behaves_like 'common response characteristics' - - it 'does not render public status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status)) - end - - it 'does not render self-reply' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_self_reply)) - end - - it 'renders status with media' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status_media)) - end - - it 'does not render reblog' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_reblog.reblog)) - end - - it 'does not render pinned status' do - expect(response.body).to_not include(I18n.t('stream_entries.pinned')) - end - - it 'does not render private status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_private)) - end - - it 'does not render direct status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_direct)) - end - - it 'does not render reply to someone else' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_reply)) - end end context 'with tag' do @@ -289,42 +131,6 @@ RSpec.describe AccountsController, type: :controller do end it_behaves_like 'common response characteristics' - - it 'does not render public status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status)) - end - - it 'does not render self-reply' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_self_reply)) - end - - it 'does not render status with media' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_media)) - end - - it 'does not render reblog' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_reblog.reblog)) - end - - it 'does not render pinned status' do - expect(response.body).to_not include(I18n.t('stream_entries.pinned')) - end - - it 'does not render private status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_private)) - end - - it 'does not render direct status' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_direct)) - end - - it 'does not render reply to someone else' do - expect(response.body).to_not include(ActivityPub::TagManager.instance.url_for(status_reply)) - end - - it 'renders status with tag' do - expect(response.body).to include(ActivityPub::TagManager.instance.url_for(status_tag)) - end end end @@ -420,7 +226,7 @@ RSpec.describe AccountsController, type: :controller do let(:remote_account) { Fabricate(:account, domain: 'example.com') } before do - allow(controller).to receive(:signed_request_account).and_return(remote_account) + allow(controller).to receive(:signed_request_actor).and_return(remote_account) get :show, params: { username: account.username, format: format } end diff --git a/spec/controllers/activitypub/collections_controller_spec.rb b/spec/controllers/activitypub/collections_controller_spec.rb index 4d87f80ce..f78d9abbf 100644 --- a/spec/controllers/activitypub/collections_controller_spec.rb +++ b/spec/controllers/activitypub/collections_controller_spec.rb @@ -24,7 +24,7 @@ RSpec.describe ActivityPub::CollectionsController, type: :controller do end before do - allow(controller).to receive(:signed_request_account).and_return(remote_account) + allow(controller).to receive(:signed_request_actor).and_return(remote_account) Fabricate(:status_pin, account: account) Fabricate(:status_pin, account: account) diff --git a/spec/controllers/activitypub/followers_synchronizations_controller_spec.rb b/spec/controllers/activitypub/followers_synchronizations_controller_spec.rb index e233bd560..c19bb8cae 100644 --- a/spec/controllers/activitypub/followers_synchronizations_controller_spec.rb +++ b/spec/controllers/activitypub/followers_synchronizations_controller_spec.rb @@ -15,7 +15,7 @@ RSpec.describe ActivityPub::FollowersSynchronizationsController, type: :controll end before do - allow(controller).to receive(:signed_request_account).and_return(remote_account) + allow(controller).to receive(:signed_request_actor).and_return(remote_account) end describe 'GET #show' do diff --git a/spec/controllers/activitypub/inboxes_controller_spec.rb b/spec/controllers/activitypub/inboxes_controller_spec.rb index 973ad83bb..2f023197b 100644 --- a/spec/controllers/activitypub/inboxes_controller_spec.rb +++ b/spec/controllers/activitypub/inboxes_controller_spec.rb @@ -6,7 +6,7 @@ RSpec.describe ActivityPub::InboxesController, type: :controller do let(:remote_account) { nil } before do - allow(controller).to receive(:signed_request_account).and_return(remote_account) + allow(controller).to receive(:signed_request_actor).and_return(remote_account) end describe 'POST #create' do diff --git a/spec/controllers/activitypub/outboxes_controller_spec.rb b/spec/controllers/activitypub/outboxes_controller_spec.rb index 04f036447..74bf46a5e 100644 --- a/spec/controllers/activitypub/outboxes_controller_spec.rb +++ b/spec/controllers/activitypub/outboxes_controller_spec.rb @@ -28,7 +28,7 @@ RSpec.describe ActivityPub::OutboxesController, type: :controller do end before do - allow(controller).to receive(:signed_request_account).and_return(remote_account) + allow(controller).to receive(:signed_request_actor).and_return(remote_account) end describe 'GET #show' do diff --git a/spec/controllers/activitypub/replies_controller_spec.rb b/spec/controllers/activitypub/replies_controller_spec.rb index a35957f24..aee1a8b1a 100644 --- a/spec/controllers/activitypub/replies_controller_spec.rb +++ b/spec/controllers/activitypub/replies_controller_spec.rb @@ -168,7 +168,7 @@ RSpec.describe ActivityPub::RepliesController, type: :controller do before do stub_const 'ActivityPub::RepliesController::DESCENDANTS_LIMIT', 5 - allow(controller).to receive(:signed_request_account).and_return(remote_querier) + allow(controller).to receive(:signed_request_actor).and_return(remote_querier) Fabricate(:status, thread: status, visibility: :public) Fabricate(:status, thread: status, visibility: :public) diff --git a/spec/controllers/admin/action_logs_controller_spec.rb b/spec/controllers/admin/action_logs_controller_spec.rb index c1957258f..7cd8cdf46 100644 --- a/spec/controllers/admin/action_logs_controller_spec.rb +++ b/spec/controllers/admin/action_logs_controller_spec.rb @@ -3,6 +3,19 @@ require 'rails_helper' describe Admin::ActionLogsController, type: :controller do + render_views + + # Action logs typically cause issues when their targets are not in the database + let!(:account) { Fabricate(:account) } + + let!(:orphaned_logs) do + %w( + Account User UserRole Report DomainBlock DomainAllow + EmailDomainBlock UnavailableDomain Status AccountWarning + Announcement IpBlock Instance CustomEmoji CanonicalEmailBlock Appeal + ).map { |type| Admin::ActionLog.new(account: account, action: 'destroy', target_type: type, target_id: 1312).save! } + end + describe 'GET #index' do it 'returns 200' do sign_in Fabricate(:user, role: UserRole.find_by(name: 'Admin')) diff --git a/spec/controllers/admin/settings/branding_controller_spec.rb b/spec/controllers/admin/settings/branding_controller_spec.rb new file mode 100644 index 000000000..ee1c441bc --- /dev/null +++ b/spec/controllers/admin/settings/branding_controller_spec.rb @@ -0,0 +1,53 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe Admin::Settings::BrandingController, type: :controller do + render_views + + describe 'When signed in as an admin' do + before do + sign_in Fabricate(:user, role: UserRole.find_by(name: 'Admin')), scope: :user + end + + describe 'GET #show' do + it 'returns http success' do + get :show + + expect(response).to have_http_status(200) + end + end + + describe 'PUT #update' do + before do + allow_any_instance_of(Form::AdminSettings).to receive(:valid?).and_return(true) + end + + around do |example| + before = Setting.site_short_description + Setting.site_short_description = nil + example.run + Setting.site_short_description = before + Setting.new_setting_key = nil + end + + it 'cannot create a setting value for a non-admin key' do + expect(Setting.new_setting_key).to be_blank + + patch :update, params: { form_admin_settings: { new_setting_key: 'New key value' } } + + expect(response).to redirect_to(admin_settings_branding_path) + expect(Setting.new_setting_key).to be_nil + end + + it 'creates a settings value that didnt exist before for eligible key' do + expect(Setting.site_short_description).to be_blank + + patch :update, params: { form_admin_settings: { site_short_description: 'New key value' } } + + expect(response).to redirect_to(admin_settings_branding_path) + expect(Setting.site_short_description).to eq 'New key value' + end + end + end +end diff --git a/spec/controllers/admin/settings_controller_spec.rb b/spec/controllers/admin/settings_controller_spec.rb deleted file mode 100644 index 46749f76c..000000000 --- a/spec/controllers/admin/settings_controller_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -# frozen_string_literal: true - -require 'rails_helper' - -RSpec.describe Admin::SettingsController, type: :controller do - render_views - - describe 'When signed in as an admin' do - before do - sign_in Fabricate(:user, role: UserRole.find_by(name: 'Admin')), scope: :user - end - - describe 'GET #edit' do - it 'returns http success' do - get :edit - - expect(response).to have_http_status(200) - end - end - - describe 'PUT #update' do - before do - allow_any_instance_of(Form::AdminSettings).to receive(:valid?).and_return(true) - end - - describe 'for a record that doesnt exist' do - around do |example| - before = Setting.site_extended_description - Setting.site_extended_description = nil - example.run - Setting.site_extended_description = before - Setting.new_setting_key = nil - end - - it 'cannot create a setting value for a non-admin key' do - expect(Setting.new_setting_key).to be_blank - - patch :update, params: { form_admin_settings: { new_setting_key: 'New key value' } } - - expect(response).to redirect_to(edit_admin_settings_path) - expect(Setting.new_setting_key).to be_nil - end - - it 'creates a settings value that didnt exist before for eligible key' do - expect(Setting.site_extended_description).to be_blank - - patch :update, params: { form_admin_settings: { site_extended_description: 'New key value' } } - - expect(response).to redirect_to(edit_admin_settings_path) - expect(Setting.site_extended_description).to eq 'New key value' - end - end - - context do - around do |example| - site_title = Setting.site_title - example.run - Setting.site_title = site_title - end - - it 'updates a settings value' do - Setting.site_title = 'Original' - patch :update, params: { form_admin_settings: { site_title: 'New title' } } - - expect(response).to redirect_to(edit_admin_settings_path) - expect(Setting.site_title).to eq 'New title' - end - end - end - end -end diff --git a/spec/controllers/api/v1/accounts_controller_spec.rb b/spec/controllers/api/v1/accounts_controller_spec.rb index 5d5c245c5..d6bbcefd7 100644 --- a/spec/controllers/api/v1/accounts_controller_spec.rb +++ b/spec/controllers/api/v1/accounts_controller_spec.rb @@ -145,6 +145,17 @@ RSpec.describe Api::V1::AccountsController, type: :controller do expect(json[:showing_reblogs]).to be false expect(json[:notifying]).to be true end + + it 'changes languages option' do + post :follow, params: { id: other_account.id, languages: %w(en es) } + + json = body_as_json + + expect(json[:following]).to be true + expect(json[:showing_reblogs]).to be false + expect(json[:notifying]).to be false + expect(json[:languages]).to match_array %w(en es) + end end end diff --git a/spec/controllers/api/v1/admin/account_actions_controller_spec.rb b/spec/controllers/api/v1/admin/account_actions_controller_spec.rb index 199395f55..462c2cfa9 100644 --- a/spec/controllers/api/v1/admin/account_actions_controller_spec.rb +++ b/spec/controllers/api/v1/admin/account_actions_controller_spec.rb @@ -30,28 +30,40 @@ RSpec.describe Api::V1::Admin::AccountActionsController, type: :controller do end describe 'POST #create' do - before do - post :create, params: { account_id: account.id, type: 'disable' } - end + context do + before do + post :create, params: { account_id: account.id, type: 'disable' } + end - it_behaves_like 'forbidden for wrong scope', 'write:statuses' - it_behaves_like 'forbidden for wrong role', '' + it_behaves_like 'forbidden for wrong scope', 'write:statuses' + it_behaves_like 'forbidden for wrong role', '' - it 'returns http success' do - expect(response).to have_http_status(200) - end + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'performs action against account' do + expect(account.reload.user_disabled?).to be true + end + + it 'logs action' do + log_item = Admin::ActionLog.last - it 'performs action against account' do - expect(account.reload.user_disabled?).to be true + expect(log_item).to_not be_nil + expect(log_item.action).to eq :disable + expect(log_item.account_id).to eq user.account_id + expect(log_item.target_id).to eq account.user.id + end end - it 'logs action' do - log_item = Admin::ActionLog.last + context 'with no type' do + before do + post :create, params: { account_id: account.id } + end - expect(log_item).to_not be_nil - expect(log_item.action).to eq :disable - expect(log_item.account_id).to eq user.account_id - expect(log_item.target_id).to eq account.user.id + it 'returns http unprocessable entity' do + expect(response).to have_http_status(422) + end end end end diff --git a/spec/controllers/api/v2/search_controller_spec.rb b/spec/controllers/api/v2/search_controller_spec.rb index fa20e1e51..d417ea58c 100644 --- a/spec/controllers/api/v2/search_controller_spec.rb +++ b/spec/controllers/api/v2/search_controller_spec.rb @@ -5,18 +5,64 @@ require 'rails_helper' RSpec.describe Api::V2::SearchController, type: :controller do render_views - let(:user) { Fabricate(:user) } - let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read:search') } + context 'with token' do + let(:user) { Fabricate(:user) } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read:search') } - before do - allow(controller).to receive(:doorkeeper_token) { token } + before do + allow(controller).to receive(:doorkeeper_token) { token } + end + + describe 'GET #index' do + before do + get :index, params: { q: 'test' } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + end end - describe 'GET #index' do - it 'returns http success' do - get :index, params: { q: 'test' } + context 'without token' do + describe 'GET #index' do + let(:search_params) {} + + before do + get :index, params: search_params + end + + context 'with a `q` shorter than 5 characters' do + let(:search_params) { { q: 'test' } } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + end + + context 'with a `q` equal to or longer than 5 characters' do + let(:search_params) { { q: 'test1' } } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + context 'with truthy `resolve`' do + let(:search_params) { { q: 'test1', resolve: '1' } } + + it 'returns http unauthorized' do + expect(response).to have_http_status(401) + end + end + + context 'with `offset`' do + let(:search_params) { { q: 'test1', offset: 1 } } - expect(response).to have_http_status(200) + it 'returns http unauthorized' do + expect(response).to have_http_status(401) + end + end + end end end end diff --git a/spec/controllers/authorize_interactions_controller_spec.rb b/spec/controllers/authorize_interactions_controller_spec.rb index 99f3f6ffc..44f52df69 100644 --- a/spec/controllers/authorize_interactions_controller_spec.rb +++ b/spec/controllers/authorize_interactions_controller_spec.rb @@ -39,7 +39,7 @@ describe AuthorizeInteractionsController do end it 'sets resource from url' do - account = Account.new + account = Fabricate(:account) service = double allow(ResolveURLService).to receive(:new).and_return(service) allow(service).to receive(:call).with('http://example.com').and_return(account) @@ -51,7 +51,7 @@ describe AuthorizeInteractionsController do end it 'sets resource from acct uri' do - account = Account.new + account = Fabricate(:account) service = double allow(ResolveAccountService).to receive(:new).and_return(service) allow(service).to receive(:call).with('found@hostname').and_return(account) diff --git a/spec/controllers/concerns/signature_verification_spec.rb b/spec/controllers/concerns/signature_verification_spec.rb index 05fb1445b..6e73643b4 100644 --- a/spec/controllers/concerns/signature_verification_spec.rb +++ b/spec/controllers/concerns/signature_verification_spec.rb @@ -3,6 +3,16 @@ require 'rails_helper' describe ApplicationController, type: :controller do + class WrappedActor + attr_reader :wrapped_account + + def initialize(wrapped_account) + @wrapped_account = wrapped_account + end + + delegate :uri, :keypair, to: :wrapped_account + end + controller do include SignatureVerification @@ -73,6 +83,41 @@ describe ApplicationController, type: :controller do end end + context 'with a valid actor that is not an Account' do + let(:actor) { WrappedActor.new(author) } + + before do + get :success + + fake_request = Request.new(:get, request.url) + fake_request.on_behalf_of(author) + + request.headers.merge!(fake_request.headers) + + allow(ActivityPub::TagManager.instance).to receive(:uri_to_actor).with(anything) do + actor + end + end + + describe '#signed_request?' do + it 'returns true' do + expect(controller.signed_request?).to be true + end + end + + describe '#signed_request_account' do + it 'returns nil' do + expect(controller.signed_request_account).to be_nil + end + end + + describe '#signed_request_actor' do + it 'returns the expected actor' do + expect(controller.signed_request_actor).to eq actor + end + end + end + context 'with request older than a day' do before do get :success diff --git a/spec/controllers/follower_accounts_controller_spec.rb b/spec/controllers/follower_accounts_controller_spec.rb index 4d2a6e01a..ab2e82e85 100644 --- a/spec/controllers/follower_accounts_controller_spec.rb +++ b/spec/controllers/follower_accounts_controller_spec.rb @@ -34,27 +34,6 @@ describe FollowerAccountsController do expect(response).to have_http_status(403) end end - - it 'assigns follows' do - expect(response).to have_http_status(200) - - assigned = assigns(:follows).to_a - expect(assigned.size).to eq 2 - expect(assigned[0]).to eq follow1 - expect(assigned[1]).to eq follow0 - end - - it 'does not assign blocked users' do - user = Fabricate(:user) - user.account.block!(follower0) - sign_in(user) - - expect(response).to have_http_status(200) - - assigned = assigns(:follows).to_a - expect(assigned.size).to eq 1 - expect(assigned[0]).to eq follow1 - end end context 'when format is json' do diff --git a/spec/controllers/following_accounts_controller_spec.rb b/spec/controllers/following_accounts_controller_spec.rb index bb6d221ca..e43dbf882 100644 --- a/spec/controllers/following_accounts_controller_spec.rb +++ b/spec/controllers/following_accounts_controller_spec.rb @@ -34,27 +34,6 @@ describe FollowingAccountsController do expect(response).to have_http_status(403) end end - - it 'assigns follows' do - expect(response).to have_http_status(200) - - assigned = assigns(:follows).to_a - expect(assigned.size).to eq 2 - expect(assigned[0]).to eq follow1 - expect(assigned[1]).to eq follow0 - end - - it 'does not assign blocked users' do - user = Fabricate(:user) - user.account.block!(followee0) - sign_in(user) - - expect(response).to have_http_status(200) - - assigned = assigns(:follows).to_a - expect(assigned.size).to eq 1 - expect(assigned[0]).to eq follow1 - end end context 'when format is json' do diff --git a/spec/controllers/home_controller_spec.rb b/spec/controllers/home_controller_spec.rb index 70c5c42c5..d845ae01d 100644 --- a/spec/controllers/home_controller_spec.rb +++ b/spec/controllers/home_controller_spec.rb @@ -7,27 +7,21 @@ RSpec.describe HomeController, type: :controller do subject { get :index } context 'when not signed in' do - context 'when requested path is tag timeline' do - it 'redirects to the tag\'s permalink' do - @request.path = '/web/timelines/tag/name' - is_expected.to redirect_to '/tags/name' - end - end - - it 'redirects to about page' do + it 'returns http success' do @request.path = '/' - is_expected.to redirect_to(about_path) + is_expected.to have_http_status(:success) end end context 'when signed in' do let(:user) { Fabricate(:user) } - before { sign_in(user) } + before do + sign_in(user) + end - it 'assigns @body_classes' do - subject - expect(assigns(:body_classes)).to eq 'app-body' + it 'returns http success' do + is_expected.to have_http_status(:success) end end end diff --git a/spec/controllers/remote_follow_controller_spec.rb b/spec/controllers/remote_follow_controller_spec.rb deleted file mode 100644 index 01d43f48c..000000000 --- a/spec/controllers/remote_follow_controller_spec.rb +++ /dev/null @@ -1,135 +0,0 @@ -# frozen_string_literal: true - -require 'rails_helper' - -describe RemoteFollowController do - render_views - - describe '#new' do - it 'returns success when session is empty' do - account = Fabricate(:account) - get :new, params: { account_username: account.to_param } - - expect(response).to have_http_status(200) - expect(response).to render_template(:new) - expect(assigns(:remote_follow).acct).to be_nil - end - - it 'populates the remote follow with session data when session exists' do - session[:remote_follow] = 'user@example.com' - account = Fabricate(:account) - get :new, params: { account_username: account.to_param } - - expect(response).to have_http_status(200) - expect(response).to render_template(:new) - expect(assigns(:remote_follow).acct).to eq 'user@example.com' - end - end - - describe '#create' do - before do - @account = Fabricate(:account, username: 'test_user') - end - - context 'with a valid acct' do - context 'when webfinger values are wrong' do - it 'renders new when redirect url is nil' do - resource_with_nil_link = double(link: nil) - allow_any_instance_of(WebfingerHelper).to receive(:webfinger!).with('acct:user@example.com').and_return(resource_with_nil_link) - post :create, params: { account_username: @account.to_param, remote_follow: { acct: 'user@example.com' } } - - expect(response).to render_template(:new) - expect(response.body).to include(I18n.t('remote_follow.missing_resource')) - end - - it 'renders new when template is nil' do - resource_with_link = double(link: nil) - allow_any_instance_of(WebfingerHelper).to receive(:webfinger!).with('acct:user@example.com').and_return(resource_with_link) - post :create, params: { account_username: @account.to_param, remote_follow: { acct: 'user@example.com' } } - - expect(response).to render_template(:new) - expect(response.body).to include(I18n.t('remote_follow.missing_resource')) - end - end - - context 'when webfinger values are good' do - before do - resource_with_link = double(link: 'http://example.com/follow_me?acct={uri}') - allow_any_instance_of(WebfingerHelper).to receive(:webfinger!).with('acct:user@example.com').and_return(resource_with_link) - post :create, params: { account_username: @account.to_param, remote_follow: { acct: 'user@example.com' } } - end - - it 'saves the session' do - expect(session[:remote_follow]).to eq 'user@example.com' - end - - it 'redirects to the remote location' do - expect(response).to redirect_to("http://example.com/follow_me?acct=https%3A%2F%2F#{Rails.configuration.x.local_domain}%2Fusers%2Ftest_user") - end - end - end - - context 'with an invalid acct' do - it 'renders new when acct is missing' do - post :create, params: { account_username: @account.to_param, remote_follow: { acct: '' } } - - expect(response).to render_template(:new) - end - - it 'renders new with error when webfinger fails' do - allow_any_instance_of(WebfingerHelper).to receive(:webfinger!).with('acct:user@example.com').and_raise(Webfinger::Error) - post :create, params: { account_username: @account.to_param, remote_follow: { acct: 'user@example.com' } } - - expect(response).to render_template(:new) - expect(response.body).to include(I18n.t('remote_follow.missing_resource')) - end - - it 'renders new when occur HTTP::ConnectionError' do - allow_any_instance_of(WebfingerHelper).to receive(:webfinger!).with('acct:user@unknown').and_raise(HTTP::ConnectionError) - post :create, params: { account_username: @account.to_param, remote_follow: { acct: 'user@unknown' } } - - expect(response).to render_template(:new) - expect(response.body).to include(I18n.t('remote_follow.missing_resource')) - end - end - end - - context 'with a permanently suspended account' do - before do - @account = Fabricate(:account) - @account.suspend! - @account.deletion_request.destroy - end - - it 'returns http gone on GET to #new' do - get :new, params: { account_username: @account.to_param } - - expect(response).to have_http_status(410) - end - - it 'returns http gone on POST to #create' do - post :create, params: { account_username: @account.to_param } - - expect(response).to have_http_status(410) - end - end - - context 'with a temporarily suspended account' do - before do - @account = Fabricate(:account) - @account.suspend! - end - - it 'returns http forbidden on GET to #new' do - get :new, params: { account_username: @account.to_param } - - expect(response).to have_http_status(403) - end - - it 'returns http forbidden on POST to #create' do - post :create, params: { account_username: @account.to_param } - - expect(response).to have_http_status(403) - end - end -end diff --git a/spec/controllers/remote_interaction_controller_spec.rb b/spec/controllers/remote_interaction_controller_spec.rb deleted file mode 100644 index bb0074b11..000000000 --- a/spec/controllers/remote_interaction_controller_spec.rb +++ /dev/null @@ -1,39 +0,0 @@ -# frozen_string_literal: true - -require 'rails_helper' - -describe RemoteInteractionController, type: :controller do - render_views - - let(:status) { Fabricate(:status) } - - describe 'GET #new' do - it 'returns 200' do - get :new, params: { id: status.id } - expect(response).to have_http_status(200) - end - end - - describe 'POST #create' do - context '@remote_follow is valid' do - it 'returns 302' do - allow_any_instance_of(RemoteFollow).to receive(:valid?) { true } - allow_any_instance_of(RemoteFollow).to receive(:addressable_template) do - Addressable::Template.new('https://hoge.com') - end - - post :create, params: { id: status.id, remote_follow: { acct: '@hoge' } } - expect(response).to have_http_status(302) - end - end - - context '@remote_follow is invalid' do - it 'returns 200' do - allow_any_instance_of(RemoteFollow).to receive(:valid?) { false } - post :create, params: { id: status.id, remote_follow: { acct: '@hoge' } } - - expect(response).to have_http_status(200) - end - end - end -end diff --git a/spec/controllers/settings/deletes_controller_spec.rb b/spec/controllers/settings/deletes_controller_spec.rb index cd36ecc35..a94dc042a 100644 --- a/spec/controllers/settings/deletes_controller_spec.rb +++ b/spec/controllers/settings/deletes_controller_spec.rb @@ -81,20 +81,6 @@ describe Settings::DeletesController do expect(response).to redirect_to settings_delete_path end end - - context 'when account deletions are disabled' do - around do |example| - open_deletion = Setting.open_deletion - example.run - Setting.open_deletion = open_deletion - end - - it 'redirects' do - Setting.open_deletion = false - delete :destroy - expect(response).to redirect_to root_path - end - end end context 'when not signed in' do diff --git a/spec/controllers/settings/exports/following_accounts_controller_spec.rb b/spec/controllers/settings/exports/following_accounts_controller_spec.rb index 78858e772..bfe010555 100644 --- a/spec/controllers/settings/exports/following_accounts_controller_spec.rb +++ b/spec/controllers/settings/exports/following_accounts_controller_spec.rb @@ -11,7 +11,7 @@ describe Settings::Exports::FollowingAccountsController do sign_in user, scope: :user get :index, format: :csv - expect(response.body).to eq "Account address,Show boosts\nusername@domain,true\n" + expect(response.body).to eq "Account address,Show boosts,Notify on new posts,Languages\nusername@domain,true,false,\n" end end end diff --git a/spec/controllers/statuses_controller_spec.rb b/spec/controllers/statuses_controller_spec.rb index 05fae67fa..6ed5d4bbb 100644 --- a/spec/controllers/statuses_controller_spec.rb +++ b/spec/controllers/statuses_controller_spec.rb @@ -426,7 +426,7 @@ describe StatusesController do let(:remote_account) { Fabricate(:account, domain: 'example.com') } before do - allow(controller).to receive(:signed_request_account).and_return(remote_account) + allow(controller).to receive(:signed_request_actor).and_return(remote_account) end context 'when account blocks account' do diff --git a/spec/controllers/tags_controller_spec.rb b/spec/controllers/tags_controller_spec.rb index 69def90cf..547bcfb39 100644 --- a/spec/controllers/tags_controller_spec.rb +++ b/spec/controllers/tags_controller_spec.rb @@ -14,17 +14,11 @@ RSpec.describe TagsController, type: :controller do get :show, params: { id: 'test', max_id: late.id } expect(response).to have_http_status(200) end - - it 'renders application layout' do - get :show, params: { id: 'test', max_id: late.id } - expect(response).to render_template layout: 'public' - end end context 'when tag does not exist' do - it 'returns http missing for non-existent tag' do + it 'returns http not found' do get :show, params: { id: 'none' } - expect(response).to have_http_status(404) end end |