2015-10-11 17:41:23 +08:00
require 'rails_helper'
2013-02-06 03:16:51 +08:00
2014-02-20 00:41:17 +08:00
shared_examples 'finding and showing post' do
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user ) }
2013-02-06 03:16:51 +08:00
2014-02-20 00:41:17 +08:00
it 'ensures the user can see the post' do
Guardian . any_instance . expects ( :can_see? ) . with ( post ) . returns ( false )
2017-08-31 12:06:56 +08:00
get action , params : params , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2013-04-24 16:05:35 +08:00
end
2014-02-20 00:41:17 +08:00
it 'succeeds' do
2017-08-31 12:06:56 +08:00
get action , params : params , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-02-20 00:41:17 +08:00
end
2013-02-06 03:16:51 +08:00
2014-02-20 00:41:17 +08:00
context " deleted post " do
before do
post . trash! ( user )
end
it " can't find deleted posts as an anonymous user " do
2017-08-31 12:06:56 +08:00
get action , params : params , format : :json
2015-01-10 01:04:02 +08:00
expect ( response . status ) . to eq ( 404 )
2013-02-06 03:16:51 +08:00
end
2014-02-20 00:41:17 +08:00
it " can't find deleted posts as a regular user " do
log_in ( :user )
2017-08-31 12:06:56 +08:00
get action , params : params , format : :json
2015-01-10 01:04:02 +08:00
expect ( response . status ) . to eq ( 404 )
2013-02-06 03:16:51 +08:00
end
2014-02-20 00:41:17 +08:00
it " can find posts as a moderator " do
log_in ( :moderator )
2017-08-31 12:06:56 +08:00
get action , params : params , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-02-20 00:41:17 +08:00
end
2014-08-08 01:12:35 +08:00
it " can find posts as a admin " do
log_in ( :admin )
2017-08-31 12:06:56 +08:00
get action , params : params , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-08-08 01:12:35 +08:00
end
2014-02-20 00:41:17 +08:00
end
end
2013-02-09 06:49:15 +08:00
2014-02-25 01:14:35 +08:00
shared_examples 'action requires login' do | method , action , params |
it 'raises an exception when not logged in' do
2017-08-31 12:06:56 +08:00
expect do
options = { format : :json }
options . merge! ( params : params ) if params
self . public_send ( method , action , options )
end . to raise_error ( Discourse :: NotLoggedIn )
2014-02-25 01:14:35 +08:00
end
end
2014-02-20 00:41:17 +08:00
describe PostsController do
2013-02-09 06:49:15 +08:00
2015-10-16 19:44:48 +08:00
describe 'latest' do
let ( :user ) { log_in }
2016-03-21 18:22:36 +08:00
let! ( :public_topic ) { Fabricate ( :topic ) }
let! ( :post ) { Fabricate ( :post , user : user , topic : public_topic ) }
let! ( :private_topic ) { Fabricate ( :topic , archetype : Archetype . private_message , category : nil ) }
let! ( :private_post ) { Fabricate ( :post , user : user , topic : private_topic ) }
2015-10-16 19:44:48 +08:00
let! ( :topicless_post ) { Fabricate ( :post , user : user , raw : '<p>Car 54, where are you?</p>' ) }
2016-03-21 18:22:36 +08:00
context " public posts " do
before do
topicless_post . update topic_id : - 100
end
2015-10-16 19:44:48 +08:00
2016-03-21 18:22:36 +08:00
it 'returns public posts with topic for json' do
2017-08-31 12:06:56 +08:00
get :latest , params : { id : " latest_posts " } , format : :json
2016-03-21 18:22:36 +08:00
expect ( response ) . to be_success
json = :: JSON . parse ( response . body )
post_ids = json [ 'latest_posts' ] . map { | p | p [ 'id' ] }
expect ( post_ids ) . to include post . id
expect ( post_ids ) . to_not include private_post . id
expect ( post_ids ) . to_not include topicless_post . id
end
2015-10-16 19:44:48 +08:00
end
2016-03-21 18:22:36 +08:00
context 'private posts' do
before do
Guardian . any_instance . expects ( :can_see? ) . with ( private_post ) . returns ( true )
end
it 'returns private posts for json' do
2017-08-31 12:06:56 +08:00
get :latest , params : { id : " private_posts " } , format : :json
2016-03-21 18:22:36 +08:00
expect ( response ) . to be_success
json = :: JSON . parse ( response . body )
post_ids = json [ 'private_posts' ] . map { | p | p [ 'id' ] }
expect ( post_ids ) . to include private_post . id
expect ( post_ids ) . to_not include post . id
end
2016-03-31 21:10:50 +08:00
end
end
2014-06-21 05:06:44 +08:00
describe 'cooked' do
before do
post = Post . new ( cooked : 'wat' )
PostsController . any_instance . expects ( :find_post_from_params ) . returns ( post )
end
it 'returns the cooked conent' do
2017-08-31 12:06:56 +08:00
get :cooked , params : { id : 1234 } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-06-21 05:06:44 +08:00
json = :: JSON . parse ( response . body )
2015-01-10 01:04:02 +08:00
expect ( json ) . to be_present
expect ( json [ 'cooked' ] ) . to eq ( 'wat' )
2014-06-21 05:06:44 +08:00
end
end
2014-10-19 01:02:01 +08:00
describe 'raw_email' do
include_examples " action requires login " , :get , :raw_email , id : 2
describe " when logged in " do
2014-11-12 21:49:42 +08:00
let ( :user ) { log_in }
2016-08-02 05:55:22 +08:00
let ( :post ) { Fabricate ( :post , deleted_at : 2 . hours . ago , user : user , raw_email : 'email_content' ) }
2014-10-19 01:02:01 +08:00
it " raises an error if the user doesn't have permission to view raw email " do
Guardian . any_instance . expects ( :can_view_raw_email? ) . returns ( false )
2017-08-31 12:06:56 +08:00
get :raw_email , params : { id : post . id } , format : :json
2014-10-19 01:02:01 +08:00
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2014-10-19 01:02:01 +08:00
end
it " can view raw email " do
Guardian . any_instance . expects ( :can_view_raw_email? ) . returns ( true )
2017-08-31 12:06:56 +08:00
get :raw_email , params : { id : post . id } , format : :json
2014-10-19 01:02:01 +08:00
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-10-19 01:02:01 +08:00
json = :: JSON . parse ( response . body )
2015-01-10 01:04:02 +08:00
expect ( json [ 'raw_email' ] ) . to eq ( 'email_content' )
2014-10-19 01:02:01 +08:00
end
end
end
2014-02-20 00:41:17 +08:00
describe 'show' do
include_examples 'finding and showing post' do
let ( :action ) { :show }
2017-07-28 09:20:09 +08:00
let ( :params ) { { id : post . id } }
2014-02-20 00:41:17 +08:00
end
2014-04-24 10:42:04 +08:00
it 'gets all the expected fields' do
# non fabricated test
new_post = create_post
2017-08-31 12:06:56 +08:00
get :show , params : { id : new_post . id } , format : :json
2014-04-24 10:42:04 +08:00
parsed = JSON . parse ( response . body )
2015-01-10 01:04:02 +08:00
expect ( parsed [ " topic_slug " ] ) . to eq ( new_post . topic . slug )
expect ( parsed [ " moderator " ] ) . to eq ( false )
expect ( parsed [ " username " ] ) . to eq ( new_post . user . username )
expect ( parsed [ " cooked " ] ) . to eq ( new_post . cooked )
2014-04-24 10:42:04 +08:00
end
2014-02-20 00:41:17 +08:00
end
2013-02-09 06:49:15 +08:00
2014-02-20 00:41:17 +08:00
describe 'by_number' do
include_examples 'finding and showing post' do
let ( :action ) { :by_number }
2017-07-28 09:20:09 +08:00
let ( :params ) { { topic_id : post . topic_id , post_number : post . post_number } }
2013-02-09 06:49:15 +08:00
end
2013-08-07 05:42:36 +08:00
end
describe 'reply_history' do
2014-02-21 00:38:13 +08:00
include_examples 'finding and showing post' do
let ( :action ) { :reply_history }
2017-07-28 09:20:09 +08:00
let ( :params ) { { id : post . id } }
2013-08-07 05:42:36 +08:00
end
2013-02-09 06:49:15 +08:00
2014-02-21 00:38:13 +08:00
it 'asks post for reply history' do
2013-08-07 05:42:36 +08:00
Post . any_instance . expects ( :reply_history )
2017-08-31 12:06:56 +08:00
get :reply_history , params : { id : post . id } , format : :json
2014-02-21 00:38:13 +08:00
end
end
describe 'replies' do
include_examples 'finding and showing post' do
let ( :action ) { :replies }
2017-07-28 09:20:09 +08:00
let ( :params ) { { post_id : post . id } }
2014-02-21 00:38:13 +08:00
end
it 'asks post for replies' do
2015-09-25 08:15:58 +08:00
p1 = Fabricate ( :post )
2017-08-31 12:06:56 +08:00
get :replies , params : { post_id : p1 . id } , format : :json
2015-09-25 08:15:58 +08:00
expect ( response . status ) . to eq ( 200 )
2013-08-07 05:42:36 +08:00
end
2013-02-06 03:16:51 +08:00
end
describe 'delete a post' do
2014-02-25 01:14:35 +08:00
include_examples 'action requires login' , :delete , :destroy , id : 123
2013-02-06 03:16:51 +08:00
describe 'when logged in' do
2013-02-08 04:12:55 +08:00
let ( :user ) { log_in ( :moderator ) }
let ( :post ) { Fabricate ( :post , user : user , post_number : 2 ) }
2013-02-06 03:16:51 +08:00
2014-02-19 00:19:38 +08:00
it 'does not allow to destroy when edit time limit expired' do
Guardian . any_instance . stubs ( :can_delete_post? ) . with ( post ) . returns ( false )
Post . any_instance . stubs ( :edit_time_limit_expired? ) . returns ( true )
2017-08-31 12:06:56 +08:00
delete :destroy , params : { id : post . id } , format : :json
2014-02-19 00:19:38 +08:00
2015-01-10 01:04:02 +08:00
expect ( response . status ) . to eq ( 422 )
expect ( JSON . parse ( response . body ) [ 'errors' ] ) . to include ( I18n . t ( 'too_late_to_edit' ) )
2014-02-19 00:19:38 +08:00
end
2013-02-06 03:16:51 +08:00
it " raises an error when the user doesn't have permission to see the post " do
Guardian . any_instance . expects ( :can_delete? ) . with ( post ) . returns ( false )
2017-08-31 12:06:56 +08:00
delete :destroy , params : { id : post . id } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2013-02-06 03:16:51 +08:00
end
2013-03-19 05:52:29 +08:00
it " uses a PostDestroyer " do
destroyer = mock
2014-10-01 23:40:13 +08:00
PostDestroyer . expects ( :new ) . returns ( destroyer )
2013-03-19 05:52:29 +08:00
destroyer . expects ( :destroy )
2017-08-31 12:06:56 +08:00
delete :destroy , params : { id : post . id } , format : :json
2013-02-06 03:16:51 +08:00
end
2013-02-08 04:12:55 +08:00
end
end
describe 'recover a post' do
2014-02-25 01:14:35 +08:00
include_examples 'action requires login' , :put , :recover , post_id : 123
2013-02-08 04:12:55 +08:00
describe 'when logged in' do
let ( :user ) { log_in ( :moderator ) }
let ( :post ) { Fabricate ( :post , user : user , post_number : 2 ) }
it " raises an error when the user doesn't have permission to see the post " do
Guardian . any_instance . expects ( :can_recover_post? ) . with ( post ) . returns ( false )
2017-08-31 12:06:56 +08:00
put :recover , params : { post_id : post . id } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2013-02-08 04:12:55 +08:00
end
2013-07-22 15:48:24 +08:00
it " recovers a post correctly " do
topic_id = create_post . topic_id
post = create_post ( topic_id : topic_id )
PostDestroyer . new ( user , post ) . destroy
2017-08-31 12:06:56 +08:00
put :recover , params : { post_id : post . id } , format : :json
2013-07-22 15:48:24 +08:00
post . reload
2015-01-10 01:04:02 +08:00
expect ( post . deleted_at ) . to eq ( nil )
2013-02-06 03:16:51 +08:00
end
end
end
describe 'destroy_many' do
2014-02-25 01:14:35 +08:00
include_examples 'action requires login' , :delete , :destroy_many , post_ids : [ 123 , 345 ]
2013-02-06 03:16:51 +08:00
describe 'when logged in' do
let! ( :poster ) { log_in ( :moderator ) }
let! ( :post1 ) { Fabricate ( :post , user : poster , post_number : 2 ) }
2013-09-04 23:53:00 +08:00
let! ( :post2 ) { Fabricate ( :post , topic_id : post1 . topic_id , user : poster , post_number : 3 , reply_to_post_number : post1 . post_number ) }
2013-02-06 03:16:51 +08:00
it " raises invalid parameters no post_ids " do
2017-08-31 12:06:56 +08:00
expect do
delete :destroy_many , format : :json
end . to raise_error ( ActionController :: ParameterMissing )
2013-02-06 03:16:51 +08:00
end
it " raises invalid parameters with missing ids " do
2017-08-31 12:06:56 +08:00
expect do
delete :destroy_many , params : { post_ids : [ 12345 ] } , format : :json
end . to raise_error ( Discourse :: InvalidParameters )
2013-02-06 03:16:51 +08:00
end
it " raises an error when the user doesn't have permission to delete the posts " do
Guardian . any_instance . expects ( :can_delete? ) . with ( instance_of ( Post ) ) . returns ( false )
2017-08-31 12:06:56 +08:00
delete :destroy_many , params : { post_ids : [ post1 . id , post2 . id ] } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2013-02-06 03:16:51 +08:00
end
it " deletes the post " do
2013-09-05 08:50:58 +08:00
PostDestroyer . any_instance . expects ( :destroy ) . twice
2017-08-31 12:06:56 +08:00
delete :destroy_many , params : { post_ids : [ post1 . id , post2 . id ] } , format : :json
2013-02-06 03:16:51 +08:00
end
it " updates the highest read data for the forum " do
2013-09-05 08:50:58 +08:00
Topic . expects ( :reset_highest ) . twice
2017-08-31 12:06:56 +08:00
delete :destroy_many , params : { post_ids : [ post1 . id , post2 . id ] } , format : :json
2013-02-06 03:16:51 +08:00
end
2013-09-04 23:53:00 +08:00
describe " can delete replies " do
before do
PostReply . create ( post_id : post1 . id , reply_id : post2 . id )
end
it " deletes the post and the reply to it " do
2013-09-05 08:50:58 +08:00
PostDestroyer . any_instance . expects ( :destroy ) . twice
2017-08-31 12:06:56 +08:00
delete :destroy_many ,
params : { post_ids : [ post1 . id ] , reply_post_ids : [ post1 . id ] } ,
format : :json
2013-09-04 23:53:00 +08:00
end
end
2013-02-06 03:16:51 +08:00
end
end
describe 'edit a post' do
2014-02-25 01:14:35 +08:00
include_examples 'action requires login' , :put , :update , id : 2
2013-02-06 03:16:51 +08:00
2015-11-14 00:35:04 +08:00
let ( :post ) { Fabricate ( :post , user : logged_in_as ) }
let ( :update_params ) do
{
id : post . id ,
post : { raw : 'edited body' , edit_reason : 'typo' } ,
2017-07-28 09:20:09 +08:00
image_sizes : { 'http://image.com/image.jpg' = > { 'width' = > 123 , 'height' = > 456 } } ,
2015-11-14 00:35:04 +08:00
}
end
let ( :moderator ) { Fabricate ( :moderator ) }
2013-02-06 03:16:51 +08:00
2015-11-14 00:35:04 +08:00
describe 'when logged in as a regular user' do
let ( :logged_in_as ) { log_in }
2013-02-06 03:16:51 +08:00
2014-02-19 00:19:38 +08:00
it 'does not allow to update when edit time limit expired' do
Guardian . any_instance . stubs ( :can_edit? ) . with ( post ) . returns ( false )
Post . any_instance . stubs ( :edit_time_limit_expired? ) . returns ( true )
2017-08-31 12:06:56 +08:00
put :update , params : update_params , format : :json
2014-02-19 00:19:38 +08:00
2015-01-10 01:04:02 +08:00
expect ( response . status ) . to eq ( 422 )
expect ( JSON . parse ( response . body ) [ 'errors' ] ) . to include ( I18n . t ( 'too_late_to_edit' ) )
2014-02-19 00:19:38 +08:00
end
2013-02-06 03:16:51 +08:00
it 'passes the image sizes through' do
Post . any_instance . expects ( :image_sizes = )
2017-08-31 12:06:56 +08:00
put :update , params : update_params , format : :json
2013-02-06 03:16:51 +08:00
end
2013-11-16 06:28:16 +08:00
it 'passes the edit reason through' do
Post . any_instance . expects ( :edit_reason = )
2017-08-31 12:06:56 +08:00
put :update , params : update_params , format : :json
2013-11-16 06:28:16 +08:00
end
2013-02-06 03:16:51 +08:00
it " raises an error when the post parameter is missing " do
update_params . delete ( :post )
2015-01-10 01:04:02 +08:00
expect {
2017-08-31 12:06:56 +08:00
put :update , params : update_params , format : :json
2015-01-10 01:04:02 +08:00
} . to raise_error ( ActionController :: ParameterMissing )
2013-02-06 03:16:51 +08:00
end
it " raises an error when the user doesn't have permission to see the post " do
2014-01-07 23:32:09 +08:00
Guardian . any_instance . expects ( :can_edit? ) . with ( post ) . at_least_once . returns ( false )
2017-08-31 12:06:56 +08:00
put :update , params : update_params , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2013-02-06 03:16:51 +08:00
end
it " calls revise with valid parameters " do
2015-07-29 04:58:56 +08:00
PostRevisor . any_instance . expects ( :revise! ) . with ( post . user , { raw : 'edited body' , edit_reason : 'typo' } , anything )
2017-08-31 12:06:56 +08:00
put :update , params : update_params , format : :json
2013-02-06 03:16:51 +08:00
end
it " extracts links from the new body " do
2016-04-12 10:28:18 +08:00
param = update_params
2017-07-28 09:20:09 +08:00
param [ :post ] [ :raw ] = 'I just visited this https://google.com so many cool links'
2016-04-12 10:28:18 +08:00
2017-08-31 12:06:56 +08:00
put :update , params : param , format : :json
2016-04-12 10:28:18 +08:00
expect ( response ) . to be_success
expect ( TopicLink . count ) . to eq ( 1 )
2013-02-06 03:16:51 +08:00
end
2015-11-14 00:35:04 +08:00
it " doesn't allow updating of deleted posts " do
first_post = post . topic . ordered_posts . first
PostDestroyer . new ( moderator , first_post ) . destroy
2017-08-31 12:06:56 +08:00
put :update , params : update_params , format : :json
2015-11-14 00:35:04 +08:00
expect ( response ) . not_to be_success
end
end
describe " when logged in as staff " do
let ( :logged_in_as ) { log_in ( :moderator ) }
it " supports updating posts in deleted topics " do
first_post = post . topic . ordered_posts . first
PostDestroyer . new ( moderator , first_post ) . destroy
2017-08-31 12:06:56 +08:00
put :update , params : update_params , format : :json
2015-11-14 00:35:04 +08:00
expect ( response ) . to be_success
post . reload
expect ( post . raw ) . to eq ( 'edited body' )
end
2013-02-06 03:16:51 +08:00
end
end
describe 'bookmark a post' do
2014-02-25 01:14:35 +08:00
include_examples 'action requires login' , :put , :bookmark , post_id : 2
2013-02-06 03:16:51 +08:00
describe 'when logged in' do
2017-03-08 11:49:39 +08:00
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user ) }
2016-12-21 12:01:26 +08:00
let ( :private_message ) { Fabricate ( :private_message_post ) }
2013-02-06 03:16:51 +08:00
it " raises an error if the user doesn't have permission to see the post " do
2016-12-21 12:01:26 +08:00
post
2017-08-31 12:06:56 +08:00
put :bookmark ,
params : { post_id : private_message . id , bookmarked : 'true' } ,
format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2013-02-06 03:16:51 +08:00
end
it 'creates a bookmark' do
2017-08-31 12:06:56 +08:00
put :bookmark ,
params : { post_id : post . id , bookmarked : 'true' } ,
format : :json
2017-03-08 11:49:39 +08:00
2017-07-28 09:20:09 +08:00
post_action = PostAction . find_by ( user : user , post : post )
2017-03-08 11:49:39 +08:00
expect ( post_action . post_action_type_id ) . to eq ( PostActionType . types [ :bookmark ] )
2013-02-06 03:16:51 +08:00
end
2017-03-08 11:49:39 +08:00
context " removing a bookmark " do
let ( :post_action ) { PostAction . act ( user , post , PostActionType . types [ :bookmark ] ) }
let ( :admin ) { Fabricate ( :admin ) }
2017-04-27 17:29:31 +08:00
it " returns the right response when post is not bookmarked " do
2017-08-31 12:06:56 +08:00
put :bookmark ,
params : { post_id : Fabricate ( :post , user : user ) . id } ,
format : :json
2017-04-27 17:29:31 +08:00
expect ( response . status ) . to eq ( 404 )
end
2017-03-08 11:49:39 +08:00
it 'should be able to remove a bookmark' do
post_action
2017-08-31 12:06:56 +08:00
put :bookmark , params : { post_id : post . id } , format : :json
2017-03-08 11:49:39 +08:00
expect ( PostAction . find_by ( id : post_action . id ) ) . to eq ( nil )
end
describe " when user doesn't have permission to see bookmarked post " do
it " should still be able to remove a bookmark " do
post_action
post = post_action . post
topic = post . topic
topic . convert_to_private_message ( admin )
topic . remove_allowed_user ( admin , user . username )
expect ( Guardian . new ( user ) . can_see_post? ( post . reload ) ) . to eq ( false )
2017-08-31 12:06:56 +08:00
put :bookmark , params : { post_id : post . id } , format : :json
2017-03-08 11:49:39 +08:00
expect ( PostAction . find_by ( id : post_action . id ) ) . to eq ( nil )
end
end
2017-05-19 12:24:49 +08:00
describe " when post has been deleted " do
it " should still be able to remove a bookmark " do
post = post_action . post
post . trash!
2017-08-31 12:06:56 +08:00
put :bookmark , params : { post_id : post . id } , format : :json
2017-05-19 12:24:49 +08:00
expect ( PostAction . find_by ( id : post_action . id ) ) . to eq ( nil )
end
end
2013-02-06 03:16:51 +08:00
end
end
end
2014-05-13 20:53:11 +08:00
describe " wiki " do
include_examples " action requires login " , :put , :wiki , post_id : 2
describe " when logged in " do
2017-07-28 09:20:09 +08:00
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user ) }
2014-05-13 20:53:11 +08:00
2014-09-11 22:04:40 +08:00
it " raises an error if the user doesn't have permission to wiki the post " do
2016-01-11 23:26:00 +08:00
Guardian . any_instance . expects ( :can_wiki? ) . with ( post ) . returns ( false )
2014-05-13 20:53:11 +08:00
2017-08-31 12:06:56 +08:00
put :wiki ,
params : { post_id : post . id , wiki : 'true' } ,
format : :json
2014-05-13 20:53:11 +08:00
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2014-05-13 20:53:11 +08:00
end
2017-01-25 13:34:55 +08:00
it " toggle wiki status should create a new version " do
2017-08-17 20:10:57 +08:00
_admin = log_in ( :admin )
2017-01-20 14:37:22 +08:00
another_user = Fabricate ( :user )
another_post = Fabricate ( :post , user : another_user )
2017-08-31 12:06:56 +08:00
expect do
put :wiki ,
params : { post_id : another_post . id , wiki : 'true' } ,
format : :json
end . to change { another_post . reload . version } . by ( 1 )
2017-01-25 13:34:55 +08:00
2017-08-31 12:06:56 +08:00
expect do
put :wiki ,
params : { post_id : another_post . id , wiki : 'false' } ,
format : :json
end . to change { another_post . reload . version } . by ( - 1 )
2017-01-20 14:37:22 +08:00
2017-08-17 20:10:57 +08:00
_another_admin = log_in ( :admin )
2017-01-20 14:37:22 +08:00
2017-08-31 12:06:56 +08:00
expect do
put :wiki ,
params : { post_id : another_post . id , wiki : 'true' } ,
format : :json
end . to change { another_post . reload . version } . by ( 1 )
2017-01-20 14:37:22 +08:00
end
2014-05-13 20:53:11 +08:00
it " can wiki a post " do
2016-01-11 23:26:00 +08:00
Guardian . any_instance . expects ( :can_wiki? ) . with ( post ) . returns ( true )
2014-05-13 20:53:11 +08:00
2017-08-31 12:06:56 +08:00
put :wiki , params : { post_id : post . id , wiki : 'true' } , format : :json
2014-05-13 20:53:11 +08:00
post . reload
2015-01-10 01:04:02 +08:00
expect ( post . wiki ) . to eq ( true )
2014-05-13 20:53:11 +08:00
end
it " can unwiki a post " do
wikied_post = Fabricate ( :post , user : user , wiki : true )
2016-01-11 23:26:00 +08:00
Guardian . any_instance . expects ( :can_wiki? ) . with ( wikied_post ) . returns ( true )
2014-05-13 20:53:11 +08:00
2017-08-31 12:06:56 +08:00
put :wiki , params : { post_id : wikied_post . id , wiki : 'false' } , format : :json
2014-05-13 20:53:11 +08:00
wikied_post . reload
2015-01-10 01:04:02 +08:00
expect ( wikied_post . wiki ) . to eq ( false )
2014-05-13 20:53:11 +08:00
end
end
end
2014-09-11 22:04:40 +08:00
describe " post_type " do
include_examples " action requires login " , :put , :post_type , post_id : 2
describe " when logged in " do
2017-07-28 09:20:09 +08:00
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user ) }
2014-09-11 22:04:40 +08:00
it " raises an error if the user doesn't have permission to change the post type " do
Guardian . any_instance . expects ( :can_change_post_type? ) . returns ( false )
2017-08-31 12:06:56 +08:00
put :post_type , params : { post_id : post . id , post_type : 2 } , format : :json
2014-09-11 22:04:40 +08:00
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2014-09-11 22:04:40 +08:00
end
it " can change the post type " do
Guardian . any_instance . expects ( :can_change_post_type? ) . returns ( true )
2017-08-31 12:06:56 +08:00
put :post_type , params : { post_id : post . id , post_type : 2 } , format : :json
2014-09-11 22:04:40 +08:00
post . reload
2015-01-10 01:04:02 +08:00
expect ( post . post_type ) . to eq ( 2 )
2014-09-11 22:04:40 +08:00
end
end
end
describe " rebake " do
include_examples " action requires login " , :put , :rebake , post_id : 2
describe " when logged in " do
2017-07-28 09:20:09 +08:00
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user ) }
2014-09-11 22:04:40 +08:00
it " raises an error if the user doesn't have permission to rebake the post " do
Guardian . any_instance . expects ( :can_rebake? ) . returns ( false )
2017-08-31 12:06:56 +08:00
put :rebake , params : { post_id : post . id } , format : :json
2014-09-11 22:04:40 +08:00
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2014-09-11 22:04:40 +08:00
end
it " can rebake the post " do
Guardian . any_instance . expects ( :can_rebake? ) . returns ( true )
2017-08-31 12:06:56 +08:00
put :rebake , params : { post_id : post . id } , format : :json
2014-09-11 22:04:40 +08:00
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-09-11 22:04:40 +08:00
end
end
end
2013-02-06 03:16:51 +08:00
describe 'creating a post' do
2015-08-04 08:55:59 +08:00
before do
SiteSetting . min_first_post_typing_time = 0
end
2014-02-25 01:14:35 +08:00
include_examples 'action requires login' , :post , :create
2013-02-06 03:16:51 +08:00
2014-07-14 13:59:58 +08:00
context 'api' do
2015-04-01 00:58:56 +08:00
it 'memoizes duplicate requests' do
2014-07-14 13:59:58 +08:00
raw = " this is a test post 123 #{ SecureRandom . hash } "
title = " this is a title #{ SecureRandom . hash } "
user = Fabricate ( :user )
master_key = ApiKey . create_master_key . key
2017-08-31 12:06:56 +08:00
post :create , params : {
api_username : user . username ,
api_key : master_key ,
raw : raw ,
title : title ,
wpid : 1
} , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-07-14 13:59:58 +08:00
original = response . body
2017-08-31 12:06:56 +08:00
post :create , params : {
api_username : user . username_lower ,
api_key : master_key ,
raw : raw ,
title : title ,
wpid : 2
} , format : :json
2014-07-14 13:59:58 +08:00
2017-08-31 12:06:56 +08:00
expect ( response ) . to be_success
2015-01-10 01:04:02 +08:00
expect ( response . body ) . to eq ( original )
2014-07-14 13:59:58 +08:00
end
2017-08-17 19:53:04 +08:00
it 'allows to create posts in import_mode' do
NotificationEmailer . enable
2017-08-31 12:06:56 +08:00
post_1 = Fabricate ( :post )
2017-08-17 19:53:04 +08:00
user = Fabricate ( :user )
master_key = ApiKey . create_master_key . key
2017-08-31 12:06:56 +08:00
post :create , params : {
2017-08-17 20:10:57 +08:00
api_username : user . username ,
api_key : master_key ,
raw : 'this is test reply 1' ,
2017-08-31 12:06:56 +08:00
topic_id : post_1 . topic . id ,
2017-08-17 20:10:57 +08:00
reply_to_post_number : 1
2017-08-31 12:06:56 +08:00
} , format : :json
2017-08-17 20:10:57 +08:00
2017-08-17 19:53:04 +08:00
expect ( response ) . to be_success
2017-08-31 12:06:56 +08:00
expect ( post_1 . topic . user . notifications . count ) . to eq ( 1 )
post_1 . topic . user . notifications . destroy_all
2017-08-17 19:53:04 +08:00
2017-08-31 12:06:56 +08:00
post :create , params : {
2017-08-17 20:10:57 +08:00
api_username : user . username ,
api_key : master_key ,
raw : 'this is test reply 2' ,
2017-08-31 12:06:56 +08:00
topic_id : post_1 . topic . id ,
2017-08-17 20:10:57 +08:00
reply_to_post_number : 1 ,
import_mode : true
2017-08-31 12:06:56 +08:00
} , format : :json
2017-08-17 20:10:57 +08:00
2017-08-17 19:53:04 +08:00
expect ( response ) . to be_success
2017-08-31 12:06:56 +08:00
expect ( post_1 . topic . user . notifications . count ) . to eq ( 0 )
2017-08-17 19:53:04 +08:00
2017-08-31 12:06:56 +08:00
post :create , params : {
2017-08-17 20:10:57 +08:00
api_username : user . username ,
api_key : master_key ,
raw : 'this is test reply 3' ,
2017-08-31 12:06:56 +08:00
topic_id : post_1 . topic . id ,
2017-08-17 20:10:57 +08:00
reply_to_post_number : 1 ,
import_mode : false
2017-08-31 12:06:56 +08:00
}
2017-08-17 20:10:57 +08:00
2017-08-17 19:53:04 +08:00
expect ( response ) . to be_success
2017-08-31 12:06:56 +08:00
expect ( post_1 . topic . user . notifications . count ) . to eq ( 1 )
2017-08-17 19:53:04 +08:00
end
2014-07-14 13:59:58 +08:00
end
2013-02-06 03:16:51 +08:00
describe 'when logged in' do
let! ( :user ) { log_in }
2014-09-08 23:11:56 +08:00
let ( :moderator ) { log_in ( :moderator ) }
2013-02-06 03:16:51 +08:00
let ( :new_post ) { Fabricate . build ( :post , user : user ) }
2016-09-13 00:26:49 +08:00
context " fast typing " do
before do
SiteSetting . min_first_post_typing_time = 3000
2017-11-11 01:18:08 +08:00
SiteSetting . auto_silence_fast_typers_max_trust_level = 1
2016-09-13 00:26:49 +08:00
end
2015-08-04 08:55:59 +08:00
2016-09-13 00:26:49 +08:00
it 'queues the post if min_first_post_typing_time is not met' do
2017-08-31 12:06:56 +08:00
post :create , params : {
raw : 'this is the test content' ,
title : 'this is the test title for the topic'
} , format : :json
2015-08-04 08:55:59 +08:00
2016-09-13 00:26:49 +08:00
expect ( response ) . to be_success
parsed = :: JSON . parse ( response . body )
2015-08-04 08:55:59 +08:00
2016-09-13 00:26:49 +08:00
expect ( parsed [ " action " ] ) . to eq ( " enqueued " )
2015-08-04 08:55:59 +08:00
2016-09-13 00:26:49 +08:00
user . reload
2017-11-14 02:41:36 +08:00
expect ( user ) . to be_silenced
2015-08-04 10:06:07 +08:00
2016-09-13 00:26:49 +08:00
qp = QueuedPost . first
2015-08-04 10:56:20 +08:00
2016-09-13 00:26:49 +08:00
mod = Fabricate ( :moderator )
qp . approve! ( mod )
2015-08-04 10:56:20 +08:00
2016-09-13 00:26:49 +08:00
user . reload
2017-11-14 02:41:36 +08:00
expect ( user ) . not_to be_silenced
2016-09-13 00:26:49 +08:00
end
2016-09-10 00:15:56 +08:00
2016-09-13 00:26:49 +08:00
it " doesn't enqueue replies when the topic is closed " do
topic = Fabricate ( :closed_topic )
2015-08-04 10:56:20 +08:00
2017-08-31 12:06:56 +08:00
post :create , params : {
raw : 'this is the test content' ,
title : 'this is the test title for the topic' ,
topic_id : topic . id
} , format : :json
2016-09-10 00:15:56 +08:00
2016-09-13 00:26:49 +08:00
expect ( response ) . not_to be_success
parsed = :: JSON . parse ( response . body )
expect ( parsed [ " action " ] ) . not_to eq ( " enqueued " )
end
2016-09-10 00:15:56 +08:00
2016-09-13 00:26:49 +08:00
it " doesn't enqueue replies when the post is too long " do
SiteSetting . max_post_length = 10
2017-08-31 12:06:56 +08:00
post :create , params : {
raw : 'this is the test content' ,
title : 'this is the test title for the topic'
} , format : :json
2016-09-13 00:26:49 +08:00
expect ( response ) . not_to be_success
parsed = :: JSON . parse ( response . body )
expect ( parsed [ " action " ] ) . not_to eq ( " enqueued " )
end
2015-08-04 08:55:59 +08:00
end
2017-11-11 01:18:08 +08:00
it 'silences correctly based on auto_silence_first_post_regex' do
SiteSetting . auto_silence_first_post_regex = " I love candy|i eat s[1-5] "
2015-08-05 11:08:21 +08:00
2017-08-31 12:06:56 +08:00
post :create , params : {
raw : 'this is the test content' ,
title : 'when I eat s3 sometimes when not looking'
} , format : :json
2015-08-05 11:08:21 +08:00
expect ( response ) . to be_success
parsed = :: JSON . parse ( response . body )
expect ( parsed [ " action " ] ) . to eq ( " enqueued " )
user . reload
2017-11-14 02:41:36 +08:00
expect ( user ) . to be_silenced
2015-08-05 11:08:21 +08:00
end
2015-12-02 12:49:43 +08:00
it " can send a message to a group " do
2017-08-29 00:32:08 +08:00
group = Group . create ( name : 'test_group' , messageable_level : Group :: ALIAS_LEVELS [ :nobody ] )
2015-12-02 12:49:43 +08:00
user1 = Fabricate ( :user )
group . add ( user1 )
2017-08-31 12:06:56 +08:00
post :create , params : {
raw : 'I can haz a test' ,
title : 'I loves my test' ,
target_usernames : group . name ,
archetype : Archetype . private_message
} , format : :json
2015-12-02 12:49:43 +08:00
expect ( response ) . not_to be_success
# allow pm to this group
2017-08-29 00:32:08 +08:00
group . update_columns ( messageable_level : Group :: ALIAS_LEVELS [ :everyone ] )
2015-12-02 12:49:43 +08:00
2017-08-31 12:06:56 +08:00
post :create , params : {
raw : 'I can haz a test' ,
title : 'I loves my test' ,
target_usernames : group . name ,
archetype : Archetype . private_message
} , format : :json
2015-12-02 12:49:43 +08:00
expect ( response ) . to be_success
parsed = :: JSON . parse ( response . body )
post = Post . find ( parsed [ 'id' ] )
expect ( post . topic . topic_allowed_users . length ) . to eq ( 1 )
expect ( post . topic . topic_allowed_groups . length ) . to eq ( 1 )
end
2015-04-01 00:58:56 +08:00
it " returns the nested post with a param " do
2017-08-31 12:06:56 +08:00
post :create , params : {
raw : 'this is the test content' ,
title : 'this is the test title for the topic' ,
nested_post : true
} , format : :json
2015-01-30 01:37:39 +08:00
expect ( response ) . to be_success
2015-04-01 00:58:56 +08:00
parsed = :: JSON . parse ( response . body )
expect ( parsed [ 'post' ] ) . to be_present
expect ( parsed [ 'post' ] [ 'cooked' ] ) . to be_present
2013-02-06 03:16:51 +08:00
end
2013-07-29 10:25:19 +08:00
it 'protects against dupes' do
2014-07-14 13:59:58 +08:00
raw = " this is a test post 123 #{ SecureRandom . hash } "
title = " this is a title #{ SecureRandom . hash } "
2013-07-29 10:25:19 +08:00
2017-08-31 12:06:56 +08:00
post :create , params : { raw : raw , title : title , wpid : 1 } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2013-07-29 10:25:19 +08:00
2017-08-31 12:06:56 +08:00
post :create , params : { raw : raw , title : title , wpid : 2 } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . not_to be_success
2013-07-29 10:25:19 +08:00
end
2013-05-11 04:58:23 +08:00
context " errors " do
2017-07-28 09:20:09 +08:00
let ( :post_with_errors ) { Fabricate . build ( :post , user : user ) }
2013-05-11 04:58:23 +08:00
before do
post_with_errors . errors . add ( :base , I18n . t ( :spamming_host ) )
PostCreator . any_instance . stubs ( :errors ) . returns ( post_with_errors . errors )
PostCreator . any_instance . expects ( :create ) . returns ( post_with_errors )
end
it " does not succeed " do
2017-08-31 12:06:56 +08:00
post :create , params : { raw : 'test' } , format : :json
2013-05-11 04:58:23 +08:00
User . any_instance . expects ( :flag_linked_posts_as_spam ) . never
2015-01-10 01:04:02 +08:00
expect ( response ) . not_to be_success
2013-05-11 04:58:23 +08:00
end
it " it triggers flag_linked_posts_as_spam when the post creator returns spam " do
PostCreator . any_instance . expects ( :spam? ) . returns ( true )
User . any_instance . expects ( :flag_linked_posts_as_spam )
2017-08-31 12:06:56 +08:00
post :create , params : { raw : 'test' } , format : :json
2013-02-06 03:16:51 +08:00
end
end
end
end
2014-02-05 03:05:50 +08:00
describe " revisions " do
2014-10-28 05:06:43 +08:00
let ( :post ) { Fabricate ( :post , version : 2 ) }
let ( :post_revision ) { Fabricate ( :post_revision , post : post ) }
2014-02-05 03:05:50 +08:00
it " throws an exception when revision is < 2 " do
expect {
2017-08-31 12:06:56 +08:00
get :revisions , params : {
post_id : post_revision . post_id , revision : 1
} , format : :json
2014-02-05 03:05:50 +08:00
} . to raise_error ( Discourse :: InvalidParameters )
end
context " when edit history is not visible to the public " do
2017-07-07 14:09:14 +08:00
before { SiteSetting . edit_history_visible_to_public = false }
2014-02-05 03:05:50 +08:00
2014-03-13 22:47:37 +08:00
it " ensures anonymous cannot see the revisions " do
2017-08-31 12:06:56 +08:00
get :revisions , params : {
post_id : post_revision . post_id , revision : post_revision . number
} , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2014-03-13 22:47:37 +08:00
end
it " ensures regular user cannot see the revisions " do
2015-09-23 01:32:19 +08:00
log_in ( :user )
2017-08-31 12:06:56 +08:00
get :revisions , params : {
post_id : post_revision . post_id , revision : post_revision . number
} , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2014-02-05 03:05:50 +08:00
end
it " ensures staff can see the revisions " do
log_in ( :admin )
2017-08-31 12:06:56 +08:00
get :revisions , params : {
post_id : post_revision . post_id , revision : post_revision . number
} , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-02-05 03:05:50 +08:00
end
it " ensures poster can see the revisions " do
user = log_in ( :active_user )
2014-10-28 05:06:43 +08:00
post = Fabricate ( :post , user : user , version : 3 )
2014-03-13 22:47:37 +08:00
pr = Fabricate ( :post_revision , user : user , post : post )
2017-08-31 12:06:56 +08:00
get :revisions , params : {
post_id : pr . post_id , revision : pr . number
} , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-02-05 03:05:50 +08:00
end
2014-03-13 22:47:37 +08:00
it " ensures trust level 4 can see the revisions " do
2014-09-05 14:52:40 +08:00
log_in ( :trust_level_4 )
2017-08-31 12:06:56 +08:00
get :revisions , params : {
post_id : post_revision . post_id , revision : post_revision . number
} , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-03-13 22:47:37 +08:00
end
2014-02-05 03:05:50 +08:00
end
context " when edit history is visible to everyone " do
2017-07-07 14:09:14 +08:00
before { SiteSetting . edit_history_visible_to_public = true }
2014-02-05 03:05:50 +08:00
it " ensures anyone can see the revisions " do
2017-08-31 12:06:56 +08:00
get :revisions , params : {
post_id : post_revision . post_id , revision : post_revision . number
} , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-02-05 03:05:50 +08:00
end
end
context " deleted post " do
let ( :admin ) { log_in ( :admin ) }
2014-10-28 05:06:43 +08:00
let ( :deleted_post ) { Fabricate ( :post , user : admin , version : 3 ) }
2014-02-05 03:05:50 +08:00
let ( :deleted_post_revision ) { Fabricate ( :post_revision , user : admin , post : deleted_post ) }
before { deleted_post . trash! ( admin ) }
it " also work on deleted post " do
2017-08-31 12:06:56 +08:00
get :revisions , params : {
post_id : deleted_post_revision . post_id , revision : deleted_post_revision . number
} , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-02-05 03:05:50 +08:00
end
end
2014-05-12 22:30:10 +08:00
context " deleted topic " do
let ( :admin ) { log_in ( :admin ) }
let ( :deleted_topic ) { Fabricate ( :topic , user : admin ) }
2014-10-28 05:06:43 +08:00
let ( :post ) { Fabricate ( :post , user : admin , topic : deleted_topic , version : 3 ) }
2014-05-12 22:30:10 +08:00
let ( :post_revision ) { Fabricate ( :post_revision , user : admin , post : post ) }
before { deleted_topic . trash! ( admin ) }
it " also work on deleted topic " do
2017-08-31 12:06:56 +08:00
get :revisions , params : {
post_id : post_revision . post_id , revision : post_revision . number
}
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-05-12 22:30:10 +08:00
end
end
2014-02-05 03:05:50 +08:00
end
2016-03-09 23:40:49 +08:00
describe 'revert post to a specific revision' do
include_examples 'action requires login' , :put , :revert , post_id : 123 , revision : 2
let ( :post ) { Fabricate ( :post , user : logged_in_as , raw : " Lorem ipsum dolor sit amet, cu nam libris tractatos, ancillae senserit ius ex " ) }
2017-07-28 09:20:09 +08:00
let ( :post_revision ) { Fabricate ( :post_revision , post : post , modifications : { " raw " = > [ " this is original post body. " , " this is edited post body. " ] } ) }
let ( :blank_post_revision ) { Fabricate ( :post_revision , post : post , modifications : { " edit_reason " = > [ " edit reason # 1 " , " edit reason # 2 " ] } ) }
let ( :same_post_revision ) { Fabricate ( :post_revision , post : post , modifications : { " raw " = > [ " Lorem ipsum dolor sit amet, cu nam libris tractatos, ancillae senserit ius ex " , " this is edited post body. " ] } ) }
2016-03-09 23:40:49 +08:00
let ( :revert_params ) do
{
post_id : post . id ,
revision : post_revision . number
}
end
let ( :moderator ) { Fabricate ( :moderator ) }
describe 'when logged in as a regular user' do
let ( :logged_in_as ) { log_in }
it " does not work " do
2017-08-31 12:06:56 +08:00
put :revert , params : revert_params , format : :json
2016-03-09 23:40:49 +08:00
expect ( response ) . to_not be_success
end
end
describe " when logged in as staff " do
let ( :logged_in_as ) { log_in ( :moderator ) }
it " throws an exception when revision is < 2 " do
expect {
2017-08-31 12:06:56 +08:00
put :revert , params : { post_id : post . id , revision : 1 } , format : :json
2016-03-09 23:40:49 +08:00
} . to raise_error ( Discourse :: InvalidParameters )
end
it " fails when post_revision record is not found " do
2017-08-31 12:06:56 +08:00
put :revert , params : {
post_id : post . id , revision : post_revision . number + 1
} , format : :json
2016-03-09 23:40:49 +08:00
expect ( response ) . to_not be_success
end
it " fails when post record is not found " do
2017-08-31 12:06:56 +08:00
put :revert , params : {
post_id : post . id + 1 , revision : post_revision . number
} , format : :json
2016-03-09 23:40:49 +08:00
expect ( response ) . to_not be_success
end
it " fails when revision is blank " do
2017-08-31 12:06:56 +08:00
put :revert , params : {
post_id : post . id , revision : blank_post_revision . number
} , format : :json
2016-03-09 23:40:49 +08:00
expect ( response . status ) . to eq ( 422 )
expect ( JSON . parse ( response . body ) [ 'errors' ] ) . to include ( I18n . t ( 'revert_version_same' ) )
end
it " fails when revised version is same as current version " do
2017-08-31 12:06:56 +08:00
put :revert , params : {
post_id : post . id , revision : same_post_revision . number
} , format : :json
2016-03-09 23:40:49 +08:00
expect ( response . status ) . to eq ( 422 )
expect ( JSON . parse ( response . body ) [ 'errors' ] ) . to include ( I18n . t ( 'revert_version_same' ) )
end
it " works! " do
2017-08-31 12:06:56 +08:00
put :revert , params : revert_params , format : :json
2016-03-09 23:40:49 +08:00
expect ( response ) . to be_success
end
it " supports reverting posts in deleted topics " do
first_post = post . topic . ordered_posts . first
PostDestroyer . new ( moderator , first_post ) . destroy
2017-08-31 12:06:56 +08:00
put :revert , params : revert_params , format : :json
2016-03-09 23:40:49 +08:00
expect ( response ) . to be_success
end
end
end
2014-04-03 23:30:43 +08:00
describe 'expandable embedded posts' do
let ( :post ) { Fabricate ( :post ) }
it " raises an error when you can't see the post " do
Guardian . any_instance . expects ( :can_see? ) . with ( post ) . returns ( false )
2017-08-31 12:06:56 +08:00
get :expand_embed , params : { id : post . id } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . not_to be_success
2014-04-03 23:30:43 +08:00
end
it " retrieves the body when you can see the post " do
Guardian . any_instance . expects ( :can_see? ) . with ( post ) . returns ( true )
TopicEmbed . expects ( :expanded_for ) . with ( post ) . returns ( " full content " )
2017-08-31 12:06:56 +08:00
get :expand_embed , params : { id : post . id } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
expect ( :: JSON . parse ( response . body ) [ 'cooked' ] ) . to eq ( " full content " )
2014-04-03 23:30:43 +08:00
end
end
2014-07-17 03:04:55 +08:00
describe " flagged posts " do
include_examples " action requires login " , :get , :flagged_posts , username : " system "
describe " when logged in " do
before { log_in }
it " raises an error if the user doesn't have permission to see the flagged posts " do
Guardian . any_instance . expects ( :can_see_flagged_posts? ) . returns ( false )
2017-08-31 12:06:56 +08:00
get :flagged_posts , params : { username : " system " } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2014-07-17 03:04:55 +08:00
end
it " can see the flagged posts when authorized " do
Guardian . any_instance . expects ( :can_see_flagged_posts? ) . returns ( true )
2017-08-31 12:06:56 +08:00
get :flagged_posts , params : { username : " system " } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-07-17 03:04:55 +08:00
end
2014-10-09 22:10:16 +08:00
it " only shows agreed and deferred flags " do
user = Fabricate ( :user )
post_agreed = create_post ( user : user )
post_deferred = create_post ( user : user )
post_disagreed = create_post ( user : user )
moderator = Fabricate ( :moderator )
PostAction . act ( moderator , post_agreed , PostActionType . types [ :spam ] )
PostAction . act ( moderator , post_deferred , PostActionType . types [ :off_topic ] )
PostAction . act ( moderator , post_disagreed , PostActionType . types [ :inappropriate ] )
admin = Fabricate ( :admin )
PostAction . agree_flags! ( post_agreed , admin )
PostAction . defer_flags! ( post_deferred , admin )
PostAction . clear_flags! ( post_disagreed , admin )
Guardian . any_instance . expects ( :can_see_flagged_posts? ) . returns ( true )
2017-08-31 12:06:56 +08:00
get :flagged_posts , params : { username : user . username } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-10-09 22:10:16 +08:00
2015-01-10 01:04:02 +08:00
expect ( JSON . parse ( response . body ) . length ) . to eq ( 2 )
2014-10-09 22:10:16 +08:00
end
2014-07-17 03:04:55 +08:00
end
end
describe " deleted posts " do
include_examples " action requires login " , :get , :deleted_posts , username : " system "
describe " when logged in " do
before { log_in }
it " raises an error if the user doesn't have permission to see the deleted posts " do
Guardian . any_instance . expects ( :can_see_deleted_posts? ) . returns ( false )
2017-08-31 12:06:56 +08:00
get :deleted_posts , params : { username : " system " } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_forbidden
2014-07-17 03:04:55 +08:00
end
it " can see the deleted posts when authorized " do
Guardian . any_instance . expects ( :can_see_deleted_posts? ) . returns ( true )
2017-08-31 12:06:56 +08:00
get :deleted_posts , params : { username : " system " } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-07-17 03:04:55 +08:00
end
2015-04-13 23:48:31 +08:00
it " doesn't return secured categories for moderators if they don't have access " do
user = Fabricate ( :user )
admin = Fabricate ( :admin )
2015-09-23 01:32:19 +08:00
Fabricate ( :moderator )
2015-04-13 23:48:31 +08:00
group = Fabricate ( :group )
2015-11-09 21:52:04 +08:00
group . add_owner ( user )
2015-04-13 23:48:31 +08:00
secured_category = Fabricate ( :private_category , group : group )
secured_post = create_post ( user : user , category : secured_category )
PostDestroyer . new ( admin , secured_post ) . destroy
log_in ( :moderator )
2017-08-31 12:06:56 +08:00
get :deleted_posts , params : { username : user . username } , format : :json
2015-04-13 23:48:31 +08:00
expect ( response ) . to be_success
data = JSON . parse ( response . body )
expect ( data . length ) . to eq ( 0 )
end
it " doesn't return PMs for moderators " do
user = Fabricate ( :user )
admin = Fabricate ( :admin )
2015-09-23 01:32:19 +08:00
Fabricate ( :moderator )
2015-04-13 23:48:31 +08:00
pm_post = create_post ( user : user , archetype : 'private_message' , target_usernames : [ admin . username ] )
PostDestroyer . new ( admin , pm_post ) . destroy
log_in ( :moderator )
2017-08-31 12:06:56 +08:00
get :deleted_posts , params : { username : user . username } , format : :json
2015-04-13 23:48:31 +08:00
expect ( response ) . to be_success
data = JSON . parse ( response . body )
expect ( data . length ) . to eq ( 0 )
end
2014-10-09 22:10:16 +08:00
it " only shows posts deleted by other users " do
user = Fabricate ( :user )
admin = Fabricate ( :admin )
2015-09-23 01:32:19 +08:00
create_post ( user : user )
2014-10-09 22:10:16 +08:00
post_deleted_by_user = create_post ( user : user )
post_deleted_by_admin = create_post ( user : user )
PostDestroyer . new ( user , post_deleted_by_user ) . destroy
PostDestroyer . new ( admin , post_deleted_by_admin ) . destroy
Guardian . any_instance . expects ( :can_see_deleted_posts? ) . returns ( true )
2017-08-31 12:06:56 +08:00
get :deleted_posts , params : { username : user . username } , format : :json
2015-01-10 01:04:02 +08:00
expect ( response ) . to be_success
2014-10-09 22:10:16 +08:00
data = JSON . parse ( response . body )
2015-01-10 01:04:02 +08:00
expect ( data . length ) . to eq ( 1 )
expect ( data [ 0 ] [ " id " ] ) . to eq ( post_deleted_by_admin . id )
expect ( data [ 0 ] [ " deleted_by " ] [ " id " ] ) . to eq ( admin . id )
2014-10-09 22:10:16 +08:00
end
2014-07-17 03:04:55 +08:00
end
end
2015-01-06 00:02:32 +08:00
describe " view raw " do
describe " by ID " do
it " can be viewed by anonymous " do
post = Fabricate ( :post , raw : " 123456789 " )
2017-08-31 12:06:56 +08:00
get :markdown_id , params : { id : post . id } , format : :json
2015-04-25 23:18:35 +08:00
expect ( response ) . to be_success
expect ( response . body ) . to eq ( " 123456789 " )
2015-01-06 00:02:32 +08:00
end
end
describe " by post number " do
it " can be viewed by anonymous " do
topic = Fabricate ( :topic )
post = Fabricate ( :post , topic : topic , post_number : 1 , raw : " 123456789 " )
post . save
2017-08-31 12:06:56 +08:00
get :markdown_num , params : { topic_id : topic . id , post_number : 1 } , format : :json
2015-04-25 23:18:35 +08:00
expect ( response ) . to be_success
expect ( response . body ) . to eq ( " 123456789 " )
2015-01-06 00:02:32 +08:00
end
end
end
2015-02-05 03:49:05 +08:00
describe " short link " do
let ( :topic ) { Fabricate ( :topic ) }
let ( :post ) { Fabricate ( :post , topic : topic ) }
it " redirects to the topic " do
2017-08-31 12:06:56 +08:00
get :short_link , params : { post_id : post . id } , format : :json
2015-04-25 23:18:35 +08:00
expect ( response ) . to be_redirect
2015-02-05 03:49:05 +08:00
end
it " returns a 403 when access is denied " do
Guardian . any_instance . stubs ( :can_see? ) . returns ( false )
2017-08-31 12:06:56 +08:00
get :short_link , params : { post_id : post . id } , format : :json
2015-04-25 23:18:35 +08:00
expect ( response ) . to be_forbidden
2015-02-05 03:49:05 +08:00
end
end
2013-02-06 03:16:51 +08:00
end