diff options
Diffstat (limited to 'spec')
4 files changed, 294 insertions, 24 deletions
diff --git a/spec/controllers/admin/accounts_controller_spec.rb b/spec/controllers/admin/accounts_controller_spec.rb index ff9dbbfb8..197e019fe 100644 --- a/spec/controllers/admin/accounts_controller_spec.rb +++ b/spec/controllers/admin/accounts_controller_spec.rb @@ -3,13 +3,11 @@ require 'rails_helper' RSpec.describe Admin::AccountsController, type: :controller do render_views - let(:user) { Fabricate(:user, admin: true) } - - before do - sign_in user, scope: :user - end + before { sign_in current_user, scope: :user } describe 'GET #index' do + let(:current_user) { Fabricate(:user, admin: true) } + around do |example| default_per_page = Account.default_per_page Account.paginates_per 1 @@ -68,6 +66,7 @@ RSpec.describe Admin::AccountsController, type: :controller do end describe 'GET #show' do + let(:current_user) { Fabricate(:user, admin: true) } let(:account) { Fabricate(:account, username: 'bob') } it 'returns http success' do @@ -75,4 +74,219 @@ RSpec.describe Admin::AccountsController, type: :controller do expect(response).to have_http_status(200) end end + + + describe 'POST #subscribe' do + subject { post :subscribe, params: { id: account.id } } + + let(:current_user) { Fabricate(:user, admin: admin) } + let(:account) { Fabricate(:account) } + + context 'when user is admin' do + let(:admin) { true } + + it { is_expected.to redirect_to admin_account_path(account.id) } + end + + context 'when user is not admin' do + let(:admin) { false } + + it { is_expected.to have_http_status :forbidden } + end + end + + describe 'POST #unsubscribe' do + subject { post :unsubscribe, params: { id: account.id } } + + let(:current_user) { Fabricate(:user, admin: admin) } + let(:account) { Fabricate(:account) } + + context 'when user is admin' do + let(:admin) { true } + + it { is_expected.to redirect_to admin_account_path(account.id) } + end + + context 'when user is not admin' do + let(:admin) { false } + + it { is_expected.to have_http_status :forbidden } + end + end + + describe 'POST #memorialize' do + subject { post :memorialize, params: { id: account.id } } + + let(:current_user) { Fabricate(:user, admin: current_user_admin) } + let(:account) { Fabricate(:account, user: user) } + let(:user) { Fabricate(:user, admin: target_user_admin) } + + context 'when user is admin' do + let(:current_user_admin) { true } + + context 'when target user is admin' do + let(:target_user_admin) { true } + + it 'fails to memorialize account' do + is_expected.to have_http_status :forbidden + expect(account.reload).not_to be_memorial + end + end + + context 'when target user is not admin' do + let(:target_user_admin) { false } + + it 'succeeds in memorializing account' do + is_expected.to redirect_to admin_account_path(account.id) + expect(account.reload).to be_memorial + end + end + end + + context 'when user is not admin' do + let(:current_user_admin) { false } + + context 'when target user is admin' do + let(:target_user_admin) { true } + + it 'fails to memorialize account' do + is_expected.to have_http_status :forbidden + expect(account.reload).not_to be_memorial + end + end + + context 'when target user is not admin' do + let(:target_user_admin) { false } + + it 'fails to memorialize account' do + is_expected.to have_http_status :forbidden + expect(account.reload).not_to be_memorial + end + end + end + end + + describe 'POST #enable' do + subject { post :enable, params: { id: account.id } } + + let(:current_user) { Fabricate(:user, admin: admin) } + let(:account) { Fabricate(:account, user: user) } + let(:user) { Fabricate(:user, disabled: true) } + + context 'when user is admin' do + let(:admin) { true } + + it 'succeeds in enabling account' do + is_expected.to redirect_to admin_account_path(account.id) + expect(user.reload).not_to be_disabled + end + end + + context 'when user is not admin' do + let(:admin) { false } + + it 'fails to enable account' do + is_expected.to have_http_status :forbidden + expect(user.reload).to be_disabled + end + end + end + + describe 'POST #disable' do + subject { post :disable, params: { id: account.id } } + + let(:current_user) { Fabricate(:user, admin: current_user_admin) } + let(:account) { Fabricate(:account, user: user) } + let(:user) { Fabricate(:user, disabled: false, admin: target_user_admin) } + + context 'when user is admin' do + let(:current_user_admin) { true } + + context 'when target user is admin' do + let(:target_user_admin) { true } + + it 'fails to disable account' do + is_expected.to have_http_status :forbidden + expect(user.reload).not_to be_disabled + end + end + + context 'when target user is not admin' do + let(:target_user_admin) { false } + + it 'succeeds in disabling account' do + is_expected.to redirect_to admin_account_path(account.id) + expect(user.reload).to be_disabled + end + end + end + + context 'when user is not admin' do + let(:current_user_admin) { false } + + context 'when target user is admin' do + let(:target_user_admin) { true } + + it 'fails to disable account' do + is_expected.to have_http_status :forbidden + expect(user.reload).not_to be_disabled + end + end + + context 'when target user is not admin' do + let(:target_user_admin) { false } + + it 'fails to disable account' do + is_expected.to have_http_status :forbidden + expect(user.reload).not_to be_disabled + end + end + end + end + + describe 'POST #redownload' do + subject { post :redownload, params: { id: account.id } } + + let(:current_user) { Fabricate(:user, admin: admin) } + let(:account) { Fabricate(:account) } + + context 'when user is admin' do + let(:admin) { true } + + it 'succeeds in redownloadin' do + is_expected.to redirect_to admin_account_path(account.id) + end + end + + context 'when user is not admin' do + let(:admin) { false } + + it 'fails to redownload' do + is_expected.to have_http_status :forbidden + end + end + end + + describe 'POST #remove_avatar' do + subject { post :remove_avatar, params: { id: account.id } } + + let(:current_user) { Fabricate(:user, admin: admin) } + let(:account) { Fabricate(:account) } + + context 'when user is admin' do + let(:admin) { true } + + it 'succeeds in removing avatar' do + is_expected.to redirect_to admin_account_path(account.id) + end + end + + context 'when user is not admin' do + let(:admin) { false } + + it 'fails to remove avatar' do + is_expected.to have_http_status :forbidden + end + end + end end diff --git a/spec/controllers/intents_controller_spec.rb b/spec/controllers/intents_controller_spec.rb new file mode 100644 index 000000000..3dde7f835 --- /dev/null +++ b/spec/controllers/intents_controller_spec.rb @@ -0,0 +1,50 @@ +require 'rails_helper' + +RSpec.describe IntentsController, type: :controller do + render_views + + let(:user) { Fabricate(:user) } + before { sign_in user, scope: :user } + + describe 'GET #show' do + subject { get :show, params: { uri: uri } } + + context 'when schema is web+mastodon' do + context 'when host is follow' do + let(:uri) { 'web+mastodon://follow?uri=test' } + + it { is_expected.to redirect_to authorize_follow_path(acct: 'test') } + end + + context 'when host is share' do + let(:uri) { 'web+mastodon://share?text=test' } + + it { is_expected.to redirect_to share_path(text: 'test') } + end + + context 'when host is none of the above' do + let(:uri) { 'web+mastodon://test' } + + it { is_expected.to have_http_status 404 } + end + end + + context 'when schema is not web+mastodon' do + let(:uri) { 'api+mastodon://test.com' } + + it { is_expected.to have_http_status 404 } + end + + context 'when uri param is blank' do + let(:uri) { '' } + + it { is_expected.to have_http_status 404 } + end + + context 'when uri is invalid' do + let(:uri) { 'invalid uri://test.com' } + + it { is_expected.to have_http_status 404 } + end + end +end diff --git a/spec/services/after_block_domain_from_account_service_spec.rb b/spec/services/after_block_domain_from_account_service_spec.rb new file mode 100644 index 000000000..006e3f4d2 --- /dev/null +++ b/spec/services/after_block_domain_from_account_service_spec.rb @@ -0,0 +1,25 @@ +require 'rails_helper' + +RSpec.describe AfterBlockDomainFromAccountService, type: :service do + let!(:wolf) { Fabricate(:account, username: 'wolf', domain: 'evil.org', inbox_url: 'https://evil.org/inbox', protocol: :activitypub) } + let!(:alice) { Fabricate(:account, username: 'alice') } + + subject { AfterBlockDomainFromAccountService.new } + + before do + stub_jsonld_contexts! + allow(ActivityPub::DeliveryWorker).to receive(:perform_async) + end + + it 'purge followers from blocked domain' do + wolf.follow!(alice) + subject.call(alice, 'evil.org') + expect(wolf.following?(alice)).to be false + end + + it 'sends Reject->Follow to followers from blocked domain' do + wolf.follow!(alice) + subject.call(alice, 'evil.org') + expect(ActivityPub::DeliveryWorker).to have_received(:perform_async).once + end +end diff --git a/spec/services/block_domain_from_account_service_spec.rb b/spec/services/block_domain_from_account_service_spec.rb deleted file mode 100644 index 365c0a4ad..000000000 --- a/spec/services/block_domain_from_account_service_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'rails_helper' - -RSpec.describe BlockDomainFromAccountService, type: :service do - let!(:wolf) { Fabricate(:account, username: 'wolf', domain: 'evil.org') } - let!(:alice) { Fabricate(:account, username: 'alice') } - - subject { BlockDomainFromAccountService.new } - - it 'creates domain block' do - subject.call(alice, 'evil.org') - expect(alice.domain_blocking?('evil.org')).to be true - end - - it 'purge followers from blocked domain' do - wolf.follow!(alice) - subject.call(alice, 'evil.org') - expect(wolf.following?(alice)).to be false - end -end |