From 40c7f3e830538951862dc73074d1045a82395ab0 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Sun, 30 Oct 2022 02:44:32 +0200
Subject: Fix account action type validation (#19476)

* Fix account action type validation

Fix #19143

* Fix #19145

* Fix code style issues
---
 .../v1/admin/account_actions_controller_spec.rb    | 44 ++++++++++++++--------
 1 file changed, 28 insertions(+), 16 deletions(-)

(limited to 'spec')

diff --git a/spec/controllers/api/v1/admin/account_actions_controller_spec.rb b/spec/controllers/api/v1/admin/account_actions_controller_spec.rb
index 199395f55..462c2cfa9 100644
--- a/spec/controllers/api/v1/admin/account_actions_controller_spec.rb
+++ b/spec/controllers/api/v1/admin/account_actions_controller_spec.rb
@@ -30,28 +30,40 @@ RSpec.describe Api::V1::Admin::AccountActionsController, type: :controller do
   end
 
   describe 'POST #create' do
-    before do
-      post :create, params: { account_id: account.id, type: 'disable' }
-    end
+    context do
+      before do
+        post :create, params: { account_id: account.id, type: 'disable' }
+      end
 
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
+      it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+      it_behaves_like 'forbidden for wrong role', ''
 
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
+      it 'returns http success' do
+        expect(response).to have_http_status(200)
+      end
+
+      it 'performs action against account' do
+        expect(account.reload.user_disabled?).to be true
+      end
+
+      it 'logs action' do
+        log_item = Admin::ActionLog.last
 
-    it 'performs action against account' do
-      expect(account.reload.user_disabled?).to be true
+        expect(log_item).to_not be_nil
+        expect(log_item.action).to eq :disable
+        expect(log_item.account_id).to eq user.account_id
+        expect(log_item.target_id).to eq account.user.id
+      end
     end
 
-    it 'logs action' do
-      log_item = Admin::ActionLog.last
+    context 'with no type' do
+      before do
+        post :create, params: { account_id: account.id }
+      end
 
-      expect(log_item).to_not be_nil
-      expect(log_item.action).to eq :disable
-      expect(log_item.account_id).to eq user.account_id
-      expect(log_item.target_id).to eq account.user.id
+      it 'returns http unprocessable entity' do
+        expect(response).to have_http_status(422)
+      end
     end
   end
 end
-- 
cgit