about summary refs log tree commit diff
path: root/spec
diff options
context:
space:
mode:
Diffstat (limited to 'spec')
-rw-r--r--spec/controllers/admin/base_controller_spec.rb19
-rw-r--r--spec/controllers/admin/reports_controller_spec.rb40
-rw-r--r--spec/controllers/application_controller_spec.rb42
3 files changed, 90 insertions, 11 deletions
diff --git a/spec/controllers/admin/base_controller_spec.rb b/spec/controllers/admin/base_controller_spec.rb
index 2b60e7e92..9ac833623 100644
--- a/spec/controllers/admin/base_controller_spec.rb
+++ b/spec/controllers/admin/base_controller_spec.rb
@@ -9,18 +9,25 @@ describe Admin::BaseController, type: :controller do
     end
   end
 
-  it 'renders admin layout' do
+  it 'requires administrator or moderator' do
     routes.draw { get 'success' => 'admin/base#success' }
-    sign_in(Fabricate(:user, admin: true))
+    sign_in(Fabricate(:user, admin: false, moderator: false))
     get :success
-    expect(response).to render_template layout: 'admin'
+
+    expect(response).to have_http_status(:forbidden)
   end
 
-  it 'requires administrator' do
+  it 'renders admin layout as a moderator' do
     routes.draw { get 'success' => 'admin/base#success' }
-    sign_in(Fabricate(:user, admin: false))
+    sign_in(Fabricate(:user, moderator: true))
     get :success
+    expect(response).to render_template layout: 'admin'
+  end
 
-    expect(response).to redirect_to('/')
+  it 'renders admin layout as an admin' do
+    routes.draw { get 'success' => 'admin/base#success' }
+    sign_in(Fabricate(:user, admin: true))
+    get :success
+    expect(response).to render_template layout: 'admin'
   end
 end
diff --git a/spec/controllers/admin/reports_controller_spec.rb b/spec/controllers/admin/reports_controller_spec.rb
index 71a185147..9be298df6 100644
--- a/spec/controllers/admin/reports_controller_spec.rb
+++ b/spec/controllers/admin/reports_controller_spec.rb
@@ -61,7 +61,7 @@ describe Admin::ReportsController do
         report = Fabricate(:report)
 
         put :update, params: { id: report, outcome: 'resolve' }
-        expect(response).to redirect_to(admin_report_path(report))
+        expect(response).to redirect_to(admin_reports_path)
         report.reload
         expect(report.action_taken_by_account).to eq user.account
         expect(report.action_taken).to eq true
@@ -74,7 +74,7 @@ describe Admin::ReportsController do
         allow(Admin::SuspensionWorker).to receive(:perform_async)
 
         put :update, params: { id: report, outcome: 'suspend' }
-        expect(response).to redirect_to(admin_report_path(report))
+        expect(response).to redirect_to(admin_reports_path)
         report.reload
         expect(report.action_taken_by_account).to eq user.account
         expect(report.action_taken).to eq true
@@ -88,12 +88,46 @@ describe Admin::ReportsController do
         report = Fabricate(:report)
 
         put :update, params: { id: report, outcome: 'silence' }
-        expect(response).to redirect_to(admin_report_path(report))
+        expect(response).to redirect_to(admin_reports_path)
         report.reload
         expect(report.action_taken_by_account).to eq user.account
         expect(report.action_taken).to eq true
         expect(report.target_account).to be_silenced
       end
     end
+
+    describe 'with an outsome of `reopen`' do
+      it 'reopens the report' do
+        report = Fabricate(:report)
+
+        put :update, params: { id: report, outcome: 'reopen' }
+        expect(response).to redirect_to(admin_report_path(report))
+        report.reload
+        expect(report.action_taken_by_account).to eq nil
+        expect(report.action_taken).to eq false
+      end
+    end
+
+    describe 'with an outsome of `assign_to_self`' do
+      it 'reopens the report' do
+        report = Fabricate(:report)
+
+        put :update, params: { id: report, outcome: 'assign_to_self' }
+        expect(response).to redirect_to(admin_report_path(report))
+        report.reload
+        expect(report.assigned_account).to eq user.account
+      end
+    end
+
+    describe 'with an outsome of `unassign`' do
+      it 'reopens the report' do
+        report = Fabricate(:report)
+
+        put :update, params: { id: report, outcome: 'unassign' }
+        expect(response).to redirect_to(admin_report_path(report))
+        report.reload
+        expect(report.assigned_account).to eq nil
+      end
+    end
   end
 end
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
index 51c0e3c70..3e4d27e05 100644
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@@ -181,10 +181,48 @@ describe ApplicationController, type: :controller do
       routes.draw { get 'sucesss' => 'anonymous#sucesss' }
     end
 
-    it 'redirects to root path if current user is not admin' do
+    it 'returns a 403 if current user is not admin' do
       sign_in(Fabricate(:user, admin: false))
       get 'sucesss'
-      expect(response).to redirect_to('/')
+      expect(response).to have_http_status(403)
+    end
+
+    it 'returns a 403 if current user is only a moderator' do
+      sign_in(Fabricate(:user, moderator: true))
+      get 'sucesss'
+      expect(response).to have_http_status(403)
+    end
+
+    it 'does nothing if current user is admin' do
+      sign_in(Fabricate(:user, admin: true))
+      get 'sucesss'
+      expect(response).to have_http_status(200)
+    end
+  end
+
+  describe 'require_staff!' do
+    controller do
+      before_action :require_staff!
+
+      def sucesss
+        head 200
+      end
+    end
+
+    before do
+      routes.draw { get 'sucesss' => 'anonymous#sucesss' }
+    end
+
+    it 'returns a 403 if current user is not admin or moderator' do
+      sign_in(Fabricate(:user, admin: false, moderator: false))
+      get 'sucesss'
+      expect(response).to have_http_status(403)
+    end
+
+    it 'does nothing if current user is moderator' do
+      sign_in(Fabricate(:user, moderator: true))
+      get 'sucesss'
+      expect(response).to have_http_status(200)
     end
 
     it 'does nothing if current user is admin' do