about summary refs log tree commit diff
path: root/spec
diff options
context:
space:
mode:
Diffstat (limited to 'spec')
-rw-r--r--spec/controllers/admin/accounts_controller_spec.rb224
-rw-r--r--spec/controllers/intents_controller_spec.rb50
-rw-r--r--spec/services/after_block_domain_from_account_service_spec.rb25
-rw-r--r--spec/services/block_domain_from_account_service_spec.rb19
4 files changed, 294 insertions, 24 deletions
diff --git a/spec/controllers/admin/accounts_controller_spec.rb b/spec/controllers/admin/accounts_controller_spec.rb
index ff9dbbfb8..197e019fe 100644
--- a/spec/controllers/admin/accounts_controller_spec.rb
+++ b/spec/controllers/admin/accounts_controller_spec.rb
@@ -3,13 +3,11 @@ require 'rails_helper'
 RSpec.describe Admin::AccountsController, type: :controller do
   render_views
 
-  let(:user) { Fabricate(:user, admin: true) }
-
-  before do
-    sign_in user, scope: :user
-  end
+  before { sign_in current_user, scope: :user }
 
   describe 'GET #index' do
+    let(:current_user) { Fabricate(:user, admin: true) }
+
     around do |example|
       default_per_page = Account.default_per_page
       Account.paginates_per 1
@@ -68,6 +66,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
   end
 
   describe 'GET #show' do
+    let(:current_user) { Fabricate(:user, admin: true) }
     let(:account) { Fabricate(:account, username: 'bob') }
 
     it 'returns http success' do
@@ -75,4 +74,219 @@ RSpec.describe Admin::AccountsController, type: :controller do
       expect(response).to have_http_status(200)
     end
   end
+
+
+  describe 'POST #subscribe' do
+    subject { post :subscribe, params: { id: account.id } }
+
+    let(:current_user) { Fabricate(:user, admin: admin) }
+    let(:account) { Fabricate(:account) }
+
+    context 'when user is admin' do
+      let(:admin) { true }
+
+      it { is_expected.to redirect_to admin_account_path(account.id) }
+    end
+
+    context 'when user is not admin' do
+      let(:admin) { false }
+
+      it { is_expected.to have_http_status :forbidden }
+    end
+  end
+
+  describe 'POST #unsubscribe' do
+    subject { post :unsubscribe, params: { id: account.id } }
+
+    let(:current_user) { Fabricate(:user, admin: admin) }
+    let(:account) { Fabricate(:account) }
+
+    context 'when user is admin' do
+      let(:admin) { true }
+
+      it { is_expected.to redirect_to admin_account_path(account.id) }
+    end
+
+    context 'when user is not admin' do
+      let(:admin) { false }
+
+      it { is_expected.to have_http_status :forbidden }
+    end
+  end
+
+  describe 'POST #memorialize' do
+    subject { post :memorialize, params: { id: account.id } }
+
+    let(:current_user) { Fabricate(:user, admin: current_user_admin) }
+    let(:account) { Fabricate(:account, user: user) }
+    let(:user) { Fabricate(:user, admin: target_user_admin) }
+
+    context 'when user is admin' do
+      let(:current_user_admin) { true }
+
+      context 'when target user is admin' do
+        let(:target_user_admin) { true }
+
+        it 'fails to memorialize account' do
+          is_expected.to have_http_status :forbidden
+          expect(account.reload).not_to be_memorial
+        end
+      end
+
+      context 'when target user is not admin' do
+        let(:target_user_admin) { false }
+
+        it 'succeeds in memorializing account' do
+          is_expected.to redirect_to admin_account_path(account.id)
+          expect(account.reload).to be_memorial
+        end
+      end
+    end
+
+    context 'when user is not admin' do
+      let(:current_user_admin) { false }
+
+      context 'when target user is admin' do
+        let(:target_user_admin) { true }
+
+        it 'fails to memorialize account' do
+          is_expected.to have_http_status :forbidden
+          expect(account.reload).not_to be_memorial
+        end
+      end
+
+      context 'when target user is not admin' do
+        let(:target_user_admin) { false }
+
+        it 'fails to memorialize account' do
+          is_expected.to have_http_status :forbidden
+          expect(account.reload).not_to be_memorial
+        end
+      end
+    end
+  end
+
+  describe 'POST #enable' do
+    subject { post :enable, params: { id: account.id } }
+
+    let(:current_user) { Fabricate(:user, admin: admin) }
+    let(:account) { Fabricate(:account, user: user) }
+    let(:user) { Fabricate(:user, disabled: true) }
+
+    context 'when user is admin' do
+      let(:admin) { true }
+
+      it 'succeeds in enabling account' do
+        is_expected.to redirect_to admin_account_path(account.id)
+        expect(user.reload).not_to be_disabled
+      end
+    end
+
+    context 'when user is not admin' do
+      let(:admin) { false }
+
+      it 'fails to enable account' do
+        is_expected.to have_http_status :forbidden
+        expect(user.reload).to be_disabled
+      end
+    end
+  end
+
+  describe 'POST #disable' do
+    subject { post :disable, params: { id: account.id } }
+
+    let(:current_user) { Fabricate(:user, admin: current_user_admin) }
+    let(:account) { Fabricate(:account, user: user) }
+    let(:user) { Fabricate(:user, disabled: false, admin: target_user_admin) }
+
+    context 'when user is admin' do
+      let(:current_user_admin) { true }
+
+      context 'when target user is admin' do
+        let(:target_user_admin) { true }
+
+        it 'fails to disable account' do
+          is_expected.to have_http_status :forbidden
+          expect(user.reload).not_to be_disabled
+        end
+      end
+
+      context 'when target user is not admin' do
+        let(:target_user_admin) { false }
+
+        it 'succeeds in disabling account' do
+          is_expected.to redirect_to admin_account_path(account.id)
+          expect(user.reload).to be_disabled
+        end
+      end
+    end
+
+    context 'when user is not admin' do
+      let(:current_user_admin) { false }
+
+      context 'when target user is admin' do
+        let(:target_user_admin) { true }
+
+        it 'fails to disable account' do
+          is_expected.to have_http_status :forbidden
+          expect(user.reload).not_to be_disabled
+        end
+      end
+
+      context 'when target user is not admin' do
+        let(:target_user_admin) { false }
+
+        it 'fails to disable account' do
+          is_expected.to have_http_status :forbidden
+          expect(user.reload).not_to be_disabled
+        end
+      end
+    end
+  end
+
+  describe 'POST #redownload' do
+    subject { post :redownload, params: { id: account.id } }
+
+    let(:current_user) { Fabricate(:user, admin: admin) }
+    let(:account) { Fabricate(:account) }
+
+    context 'when user is admin' do
+      let(:admin) { true }
+
+      it 'succeeds in redownloadin' do
+        is_expected.to redirect_to admin_account_path(account.id)
+      end
+    end
+
+    context 'when user is not admin' do
+      let(:admin) { false }
+
+      it 'fails to redownload' do
+        is_expected.to have_http_status :forbidden
+      end
+    end
+  end
+
+  describe 'POST #remove_avatar' do
+    subject { post :remove_avatar, params: { id: account.id } }
+
+    let(:current_user) { Fabricate(:user, admin: admin) }
+    let(:account) { Fabricate(:account) }
+
+    context 'when user is admin' do
+      let(:admin) { true }
+
+      it 'succeeds in removing avatar' do
+        is_expected.to redirect_to admin_account_path(account.id)
+      end
+    end
+
+    context 'when user is not admin' do
+      let(:admin) { false }
+
+      it 'fails to remove avatar' do
+        is_expected.to have_http_status :forbidden
+      end
+    end
+  end
 end
diff --git a/spec/controllers/intents_controller_spec.rb b/spec/controllers/intents_controller_spec.rb
new file mode 100644
index 000000000..3dde7f835
--- /dev/null
+++ b/spec/controllers/intents_controller_spec.rb
@@ -0,0 +1,50 @@
+require 'rails_helper'
+
+RSpec.describe IntentsController, type: :controller do
+  render_views
+
+  let(:user) { Fabricate(:user) }
+  before { sign_in user, scope: :user }
+
+  describe 'GET #show' do
+    subject { get :show, params: { uri: uri } }
+
+    context 'when schema is web+mastodon' do
+      context 'when host is follow' do
+        let(:uri) { 'web+mastodon://follow?uri=test' }
+
+        it { is_expected.to redirect_to authorize_follow_path(acct: 'test') }
+      end
+
+      context 'when host is share' do
+        let(:uri) { 'web+mastodon://share?text=test' }
+
+        it { is_expected.to redirect_to share_path(text: 'test') }
+      end
+
+      context 'when host is none of the above' do
+        let(:uri) { 'web+mastodon://test' }
+
+        it { is_expected.to have_http_status 404 }
+      end
+    end
+
+    context 'when schema is not web+mastodon' do
+      let(:uri) { 'api+mastodon://test.com' }
+
+      it { is_expected.to have_http_status 404 }
+    end
+
+    context 'when uri param is blank' do
+      let(:uri) { '' }
+
+      it { is_expected.to have_http_status 404 }
+    end
+
+    context 'when uri is invalid' do
+      let(:uri) { 'invalid uri://test.com' }
+
+      it { is_expected.to have_http_status 404 }
+    end
+  end
+end
diff --git a/spec/services/after_block_domain_from_account_service_spec.rb b/spec/services/after_block_domain_from_account_service_spec.rb
new file mode 100644
index 000000000..006e3f4d2
--- /dev/null
+++ b/spec/services/after_block_domain_from_account_service_spec.rb
@@ -0,0 +1,25 @@
+require 'rails_helper'
+
+RSpec.describe AfterBlockDomainFromAccountService, type: :service do
+  let!(:wolf) { Fabricate(:account, username: 'wolf', domain: 'evil.org', inbox_url: 'https://evil.org/inbox', protocol: :activitypub) }
+  let!(:alice) { Fabricate(:account, username: 'alice') }
+
+  subject { AfterBlockDomainFromAccountService.new }
+
+  before do
+    stub_jsonld_contexts!
+    allow(ActivityPub::DeliveryWorker).to receive(:perform_async)
+  end
+
+  it 'purge followers from blocked domain' do
+    wolf.follow!(alice)
+    subject.call(alice, 'evil.org')
+    expect(wolf.following?(alice)).to be false
+  end
+
+  it 'sends Reject->Follow to followers from blocked domain' do
+    wolf.follow!(alice)
+    subject.call(alice, 'evil.org')
+    expect(ActivityPub::DeliveryWorker).to have_received(:perform_async).once
+  end
+end
diff --git a/spec/services/block_domain_from_account_service_spec.rb b/spec/services/block_domain_from_account_service_spec.rb
deleted file mode 100644
index 365c0a4ad..000000000
--- a/spec/services/block_domain_from_account_service_spec.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-require 'rails_helper'
-
-RSpec.describe BlockDomainFromAccountService, type: :service do
-  let!(:wolf) { Fabricate(:account, username: 'wolf', domain: 'evil.org') }
-  let!(:alice) { Fabricate(:account, username: 'alice') }
-
-  subject { BlockDomainFromAccountService.new }
-
-  it 'creates domain block' do
-    subject.call(alice, 'evil.org')
-    expect(alice.domain_blocking?('evil.org')).to be true
-  end
-
-  it 'purge followers from blocked domain' do
-    wolf.follow!(alice)
-    subject.call(alice, 'evil.org')
-    expect(wolf.following?(alice)).to be false
-  end
-end