From 24cafd73a2b644025e9aeaadf4fed46dd3ecea4d Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Sat, 18 Nov 2017 00:16:48 +0100
Subject: Lists (#5703)

* Add structure for lists

* Add list timeline streaming API

* Add list APIs, bind list-account relation to follow relation

* Add API for adding/removing accounts from lists

* Add pagination to lists API

* Add pagination to list accounts API

* Adjust scopes for new APIs

- Creating and modifying lists merely requires "write" scope
- Fetching information about lists merely requires "read" scope

* Add test for wrong user context on list timeline

* Clean up tests
---
 .../api/v1/timelines/list_controller_spec.rb       | 56 ++++++++++++++++++++++
 .../api/v1/timelines/tag_controller_spec.rb        |  2 +-
 2 files changed, 57 insertions(+), 1 deletion(-)
 create mode 100644 spec/controllers/api/v1/timelines/list_controller_spec.rb

(limited to 'spec/controllers/api/v1/timelines')

diff --git a/spec/controllers/api/v1/timelines/list_controller_spec.rb b/spec/controllers/api/v1/timelines/list_controller_spec.rb
new file mode 100644
index 000000000..07eba955a
--- /dev/null
+++ b/spec/controllers/api/v1/timelines/list_controller_spec.rb
@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe Api::V1::Timelines::ListController do
+  render_views
+
+  let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
+  let(:list) { Fabricate(:list, account: user.account) }
+
+  before do
+    allow(controller).to receive(:doorkeeper_token) { token }
+  end
+
+  context 'with a user context' do
+    let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') }
+
+    describe 'GET #show' do
+      before do
+        follow = Fabricate(:follow, account: user.account)
+        list.accounts << follow.target_account
+        PostStatusService.new.call(follow.target_account, 'New status for user home timeline.')
+      end
+
+      it 'returns http success' do
+        get :show, params: { id: list.id }
+        expect(response).to have_http_status(:success)
+      end
+    end
+  end
+
+  context 'with the wrong user context' do
+    let(:other_user) { Fabricate(:user, account: Fabricate(:account, username: 'bob')) }
+    let(:token)      { Fabricate(:accessible_access_token, resource_owner_id: other_user.id, scopes: 'read') }
+
+    describe 'GET #show' do
+      it 'returns http not found' do
+        get :show, params: { id: list.id }
+        expect(response).to have_http_status(:not_found)
+      end
+    end
+  end
+
+  context 'without a user context' do
+    let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil, scopes: 'read') }
+
+    describe 'GET #show' do
+      it 'returns http unprocessable entity' do
+        get :show, params: { id: list.id }
+
+        expect(response).to have_http_status(:unprocessable_entity)
+        expect(response.headers['Link']).to be_nil
+      end
+    end
+  end
+end
diff --git a/spec/controllers/api/v1/timelines/tag_controller_spec.rb b/spec/controllers/api/v1/timelines/tag_controller_spec.rb
index 74de1e81f..6c66ee58e 100644
--- a/spec/controllers/api/v1/timelines/tag_controller_spec.rb
+++ b/spec/controllers/api/v1/timelines/tag_controller_spec.rb
@@ -5,7 +5,7 @@ require 'rails_helper'
 describe Api::V1::Timelines::TagController do
   render_views
 
-  let(:user)  { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
+  let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
 
   before do
     allow(controller).to receive(:doorkeeper_token) { token }
-- 
cgit