2019-04-30 08:27:42 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2022-07-28 10:27:38 +08:00
|
|
|
RSpec.describe Admin::ScreenedEmailsController do
|
2023-11-10 06:47:59 +08:00
|
|
|
fab!(:admin)
|
|
|
|
fab!(:moderator)
|
|
|
|
fab!(:user)
|
|
|
|
fab!(:screened_email)
|
2013-08-02 09:30:13 +08:00
|
|
|
|
2018-06-11 12:33:54 +08:00
|
|
|
describe "#index" do
|
2022-11-03 11:42:44 +08:00
|
|
|
shared_examples "screened emails accessible" do
|
|
|
|
it "returns screened emails" do
|
|
|
|
get "/admin/logs/screened_emails.json"
|
|
|
|
|
|
|
|
expect(response.status).to eq(200)
|
|
|
|
json = response.parsed_body
|
|
|
|
expect(json.size).to eq(1)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "when logged in as an admin" do
|
|
|
|
before { sign_in(admin) }
|
|
|
|
|
|
|
|
include_examples "screened emails accessible"
|
|
|
|
end
|
|
|
|
|
2024-11-13 11:04:20 +08:00
|
|
|
context "when logged in as a moderator and has permission to view emails" do
|
|
|
|
before do
|
|
|
|
sign_in(moderator)
|
|
|
|
SiteSetting.moderators_view_emails = true
|
|
|
|
end
|
2022-11-03 11:42:44 +08:00
|
|
|
|
|
|
|
include_examples "screened emails accessible"
|
|
|
|
end
|
|
|
|
|
|
|
|
context "when logged in as a non-staff user" do
|
|
|
|
before { sign_in(user) }
|
|
|
|
|
|
|
|
it "denies access with a 404 response" do
|
|
|
|
get "/admin/logs/screened_emails.json"
|
|
|
|
|
|
|
|
expect(response.status).to eq(404)
|
|
|
|
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
|
|
|
|
end
|
2013-08-02 09:30:13 +08:00
|
|
|
end
|
2024-11-13 11:04:20 +08:00
|
|
|
|
|
|
|
context "when logged in as a moderator but no permission to view emails" do
|
|
|
|
before { sign_in(moderator) }
|
|
|
|
|
|
|
|
it "denies access with a 403 response" do
|
|
|
|
get "/admin/logs/screened_emails.json"
|
|
|
|
|
|
|
|
expect(response.status).to eq(403)
|
|
|
|
expect(response.parsed_body["errors"]).to include(I18n.t("invalid_access"))
|
|
|
|
end
|
|
|
|
end
|
2022-11-03 11:42:44 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
describe "#destroy" do
|
|
|
|
shared_examples "screened email deletion possible" do
|
|
|
|
it "deletes screened email" do
|
|
|
|
expect do delete "/admin/logs/screened_emails/#{screened_email.id}.json" end.to change {
|
|
|
|
ScreenedEmail.count
|
|
|
|
}.by(-1)
|
|
|
|
|
|
|
|
expect(response.status).to eq(200)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "when logged in as an admin" do
|
|
|
|
before { sign_in(admin) }
|
|
|
|
|
|
|
|
include_examples "screened email deletion possible"
|
|
|
|
end
|
|
|
|
|
2024-11-13 11:04:20 +08:00
|
|
|
context "when logged in as a moderator and has permission to view emails" do
|
|
|
|
before do
|
|
|
|
sign_in(moderator)
|
|
|
|
SiteSetting.moderators_view_emails = true
|
|
|
|
end
|
2022-11-03 11:42:44 +08:00
|
|
|
|
|
|
|
include_examples "screened email deletion possible"
|
|
|
|
end
|
|
|
|
|
|
|
|
context "when logged in as a non-staff user" do
|
|
|
|
before { sign_in(user) }
|
|
|
|
|
|
|
|
it "prevents deletion with a 404 response" do
|
|
|
|
delete "/admin/logs/screened_emails/#{screened_email.id}.json"
|
2013-08-02 09:30:13 +08:00
|
|
|
|
2022-11-03 11:42:44 +08:00
|
|
|
expect(response.status).to eq(404)
|
|
|
|
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
|
|
|
|
end
|
2013-08-02 09:30:13 +08:00
|
|
|
end
|
2024-11-13 11:04:20 +08:00
|
|
|
|
|
|
|
context "when logged in as a moderator but no permission to view emails" do
|
|
|
|
before { sign_in(moderator) }
|
|
|
|
|
|
|
|
it "prevents deletion with a 403 response" do
|
|
|
|
delete "/admin/logs/screened_emails/#{screened_email.id}.json"
|
|
|
|
|
|
|
|
expect(response.status).to eq(403)
|
|
|
|
expect(response.parsed_body["errors"]).to include(I18n.t("invalid_access"))
|
|
|
|
end
|
|
|
|
end
|
2013-08-02 09:30:13 +08:00
|
|
|
end
|
|
|
|
end
|