discourse/spec/requests/admin/config/site_settings_controller_spec.rb

# frozen_string_literal: true

RSpec.describe Admin::SiteSettingsController do
  fab!(:admin)
  fab!(:user)

  describe "#index" do
    context "when not logged in" do
      it "returns 404" do
        get "/admin/config/site_settings.json"
        expect(response.status).to eq(404)
      end
    end

    context "when not admin" do
      before { sign_in(user) }

      it "returns 404" do
        get "/admin/config/site_settings.json"
        expect(response.status).to eq(404)
      end
    end

    context "when logged in as admin" do
      before { sign_in(admin) }

      it "returns 400 when no filter_names are provided" do
        get "/admin/config/site_settings.json"
        expect(response.status).to eq(400)
      end

      it "includes only certain allowed hidden settings" do
        get "/admin/config/site_settings.json",
            params: {
              filter_names: [
                Admin::Config::SiteSettingsController::ADMIN_CONFIG_AREA_ALLOWLISTED_HIDDEN_SETTINGS,
              ],
            }
        expect(
          response.parsed_body["site_settings"].find do |s|
            s["setting"] ==
              Admin::Config::SiteSettingsController::ADMIN_CONFIG_AREA_ALLOWLISTED_HIDDEN_SETTINGS.first.to_s
          end,
        ).to be_present
        get "/admin/config/site_settings.json", params: { filter_names: ["set_locale_from_cookie"] }
        expect(
          response.parsed_body["site_settings"].find do |s|
            s["setting"] == "set_locale_from_cookie"
          end,
        ).to be_nil
      end

      it "returns site settings by exact name" do
        get "/admin/config/site_settings.json",
            params: {
              filter_names: %w[site_description enforce_second_factor],
            }
        expect(response.status).to eq(200)
        expect(response.parsed_body["site_settings"].map { |s| s["setting"] }).to match_array(
          %w[site_description enforce_second_factor],
        )
      end
    end
  end
end
DEV: Move config area site setting fetch into new controller (#28136) Followup 4aea12fdcb21216a528451c0f8803e02dff24998 In certain config areas (like About) we want to be able to fetch specific site settings by name. In this case, sometimes we need to be able to fetch hidden settings, in cases where a config area is still experimental. Splitting out a different endpoint for this purpose allows us to be stricter with what we return for config areas without affecting the main site settings UI, revealing hidden settings before they are ready. 2024-07-30 13:41:28 +08:00			`# frozen_string_literal: true`

			`RSpec.describe Admin::SiteSettingsController do`
			`fab!(:admin)`
			`fab!(:user)`

			`describe "#index" do`
			`context "when not logged in" do`
			`it "returns 404" do`
			`get "/admin/config/site_settings.json"`
			`expect(response.status).to eq(404)`
			`end`
			`end`

			`context "when not admin" do`
			`before { sign_in(user) }`

			`it "returns 404" do`
			`get "/admin/config/site_settings.json"`
			`expect(response.status).to eq(404)`
			`end`
			`end`

			`context "when logged in as admin" do`
			`before { sign_in(admin) }`

			`it "returns 400 when no filter_names are provided" do`
			`get "/admin/config/site_settings.json"`
			`expect(response.status).to eq(400)`
			`end`

			`it "includes only certain allowed hidden settings" do`
			`get "/admin/config/site_settings.json",`
			`params: {`
			`filter_names: [`
			`Admin::Config::SiteSettingsController::ADMIN_CONFIG_AREA_ALLOWLISTED_HIDDEN_SETTINGS,`
			`],`
			`}`
			`expect(`
			`response.parsed_body["site_settings"].find do \|s\|`
			`s["setting"] ==`
			`Admin::Config::SiteSettingsController::ADMIN_CONFIG_AREA_ALLOWLISTED_HIDDEN_SETTINGS.first.to_s`
			`end,`
			`).to be_present`
			`get "/admin/config/site_settings.json", params: { filter_names: ["set_locale_from_cookie"] }`
			`expect(`
			`response.parsed_body["site_settings"].find do \|s\|`
			`s["setting"] == "set_locale_from_cookie"`
			`end,`
			`).to be_nil`
			`end`

			`it "returns site settings by exact name" do`
			`get "/admin/config/site_settings.json",`
			`params: {`
			`filter_names: %w[site_description enforce_second_factor],`
			`}`
			`expect(response.status).to eq(200)`
			`expect(response.parsed_body["site_settings"].map { \|s\| s["setting"] }).to match_array(`
			`%w[site_description enforce_second_factor],`
			`)`
			`end`
			`end`
			`end`
			`end`